Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2023-28120 (GCVE-0-2023-28120)
Vulnerability from cvelistv5
Published
2025-01-09 00:33
Modified
2025-01-09 21:46
Severity ?
VLAI Severity ?
EPSS score ?
Summary
There is a vulnerability in ActiveSupport if the new bytesplice method is called on a SafeBuffer with untrusted user input.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Rails | ActiveSupport |
Version: 7.0.4.3 < 7.0.4.3 Version: 6.1.7.3 < 6.1.7.3 |
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2023-28120",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-09T21:44:02.886065Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-09T21:46:38.220Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "ActiveSupport",
"vendor": "Rails",
"versions": [
{
"lessThan": "7.0.4.3",
"status": "affected",
"version": "7.0.4.3",
"versionType": "custom"
},
{
"lessThan": "6.1.7.3",
"status": "affected",
"version": "6.1.7.3",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "There is a vulnerability in ActiveSupport if the new bytesplice method is called on a SafeBuffer with untrusted user input."
}
],
"providerMetadata": {
"dateUpdated": "2025-01-09T00:33:47.658Z",
"orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"shortName": "hackerone"
},
"references": [
{
"url": "https://discuss.rubyonrails.org/t/cve-2023-28120-possible-xss-security-vulnerability-in-safebuffer-bytesplice/82469"
},
{
"url": "https://github.com/rails/rails/commit/3cf23c3f891e2e81c977ea4ab83b62bc2a444b70"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UPV6PVCX4VDJHLFFT42EXBBSGAWZICOW/"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZE5W4MH6IE4DV7GELDK6ISCSTFLHKSYO/"
},
{
"url": "https://security.netapp.com/advisory/ntap-20240202-0006/"
},
{
"url": "https://www.debian.org/security/2023/dsa-5389"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"assignerShortName": "hackerone",
"cveId": "CVE-2023-28120",
"datePublished": "2025-01-09T00:33:47.658Z",
"dateReserved": "2023-03-10T19:36:27.051Z",
"dateUpdated": "2025-01-09T21:46:38.220Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2023-28120\",\"sourceIdentifier\":\"support@hackerone.com\",\"published\":\"2025-01-09T01:15:07.637\",\"lastModified\":\"2025-01-09T22:15:26.470\",\"vulnStatus\":\"Awaiting Analysis\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"There is a vulnerability in ActiveSupport if the new bytesplice method is called on a SafeBuffer with untrusted user input.\"},{\"lang\":\"es\",\"value\":\"Existe una vulnerabilidad en ActiveSupport si se llama al nuevo m\u00e9todo bytesplice en un SafeBuffer con una entrada de usuario no confiable.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N\",\"baseScore\":5.3,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"LOW\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":3.9,\"impactScore\":1.4}]},\"weaknesses\":[{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-79\"}]}],\"references\":[{\"url\":\"https://discuss.rubyonrails.org/t/cve-2023-28120-possible-xss-security-vulnerability-in-safebuffer-bytesplice/82469\",\"source\":\"support@hackerone.com\"},{\"url\":\"https://github.com/rails/rails/commit/3cf23c3f891e2e81c977ea4ab83b62bc2a444b70\",\"source\":\"support@hackerone.com\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UPV6PVCX4VDJHLFFT42EXBBSGAWZICOW/\",\"source\":\"support@hackerone.com\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZE5W4MH6IE4DV7GELDK6ISCSTFLHKSYO/\",\"source\":\"support@hackerone.com\"},{\"url\":\"https://security.netapp.com/advisory/ntap-20240202-0006/\",\"source\":\"support@hackerone.com\"},{\"url\":\"https://www.debian.org/security/2023/dsa-5389\",\"source\":\"support@hackerone.com\"}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 5.3, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"MEDIUM\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N\", \"integrityImpact\": \"LOW\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"NONE\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"NONE\"}}, {\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2023-28120\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-01-09T21:44:02.886065Z\"}}}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-79\", \"description\": \"CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)\"}]}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-01-09T21:46:31.379Z\"}}], \"cna\": {\"affected\": [{\"vendor\": \"Rails\", \"product\": \"ActiveSupport\", \"versions\": [{\"status\": \"affected\", \"version\": \"7.0.4.3\", \"lessThan\": \"7.0.4.3\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"6.1.7.3\", \"lessThan\": \"6.1.7.3\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unaffected\"}], \"references\": [{\"url\": \"https://discuss.rubyonrails.org/t/cve-2023-28120-possible-xss-security-vulnerability-in-safebuffer-bytesplice/82469\"}, {\"url\": \"https://github.com/rails/rails/commit/3cf23c3f891e2e81c977ea4ab83b62bc2a444b70\"}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UPV6PVCX4VDJHLFFT42EXBBSGAWZICOW/\"}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZE5W4MH6IE4DV7GELDK6ISCSTFLHKSYO/\"}, {\"url\": \"https://security.netapp.com/advisory/ntap-20240202-0006/\"}, {\"url\": \"https://www.debian.org/security/2023/dsa-5389\"}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"There is a vulnerability in ActiveSupport if the new bytesplice method is called on a SafeBuffer with untrusted user input.\"}], \"providerMetadata\": {\"orgId\": \"36234546-b8fa-4601-9d6f-f4e334aa8ea1\", \"shortName\": \"hackerone\", \"dateUpdated\": \"2025-01-09T00:33:47.658Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2023-28120\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-01-09T21:46:38.220Z\", \"dateReserved\": \"2023-03-10T19:36:27.051Z\", \"assignerOrgId\": \"36234546-b8fa-4601-9d6f-f4e334aa8ea1\", \"datePublished\": \"2025-01-09T00:33:47.658Z\", \"assignerShortName\": \"hackerone\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
}
}
suse-su-2023:2304-1
Vulnerability from csaf_suse
Published
2023-05-25 13:58
Modified
2023-05-25 13:58
Summary
Security update for rmt-server
Notes
Title of the patch
Security update for rmt-server
Description of the patch
This update for rmt-server fixes the following issues:
Updated to version 2.13:
- CVE-2023-28120: Fixed a potential XSS issue in an embedded
dependency (bsc#1209507).
- CVE-2023-27530: Fixed a denial of service issue in multipart request
parsing (bsc#1209096).
Non-security fixes:
- Fixed transactional update on GCE (bsc#1211398).
- Use HTTPS in rmt-client-setup-res (bsc#1209825).
- Various build fixes (bsc#1207670, bsc#1203171, bsc#1206593,
bsc#1202053).
Patchnames
SUSE-2023-2304,SUSE-SLE-Module-Public-Cloud-15-SP1-2023-2304,SUSE-SLE-Product-HPC-15-SP1-LTSS-2023-2304,SUSE-SLE-Product-SLES-15-SP1-LTSS-2023-2304,SUSE-SLE-Product-SLES_SAP-15-SP1-2023-2304
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for rmt-server",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for rmt-server fixes the following issues:\n\nUpdated to version 2.13:\n\n- CVE-2023-28120: Fixed a potential XSS issue in an embedded\n dependency (bsc#1209507).\n- CVE-2023-27530: Fixed a denial of service issue in multipart request\n parsing (bsc#1209096).\n\nNon-security fixes:\n\n- Fixed transactional update on GCE (bsc#1211398).\n- Use HTTPS in rmt-client-setup-res (bsc#1209825).\n- Various build fixes (bsc#1207670, bsc#1203171, bsc#1206593,\n bsc#1202053).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2023-2304,SUSE-SLE-Module-Public-Cloud-15-SP1-2023-2304,SUSE-SLE-Product-HPC-15-SP1-LTSS-2023-2304,SUSE-SLE-Product-SLES-15-SP1-LTSS-2023-2304,SUSE-SLE-Product-SLES_SAP-15-SP1-2023-2304",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2023_2304-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2023:2304-1",
"url": "https://www.suse.com/support/update/announcement/2023/suse-su-20232304-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2023:2304-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2023-May/015002.html"
},
{
"category": "self",
"summary": "SUSE Bug 1202053",
"url": "https://bugzilla.suse.com/1202053"
},
{
"category": "self",
"summary": "SUSE Bug 1203171",
"url": "https://bugzilla.suse.com/1203171"
},
{
"category": "self",
"summary": "SUSE Bug 1206593",
"url": "https://bugzilla.suse.com/1206593"
},
{
"category": "self",
"summary": "SUSE Bug 1207670",
"url": "https://bugzilla.suse.com/1207670"
},
{
"category": "self",
"summary": "SUSE Bug 1209096",
"url": "https://bugzilla.suse.com/1209096"
},
{
"category": "self",
"summary": "SUSE Bug 1209507",
"url": "https://bugzilla.suse.com/1209507"
},
{
"category": "self",
"summary": "SUSE Bug 1209825",
"url": "https://bugzilla.suse.com/1209825"
},
{
"category": "self",
"summary": "SUSE Bug 1211398",
"url": "https://bugzilla.suse.com/1211398"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-27530 page",
"url": "https://www.suse.com/security/cve/CVE-2023-27530/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-28120 page",
"url": "https://www.suse.com/security/cve/CVE-2023-28120/"
}
],
"title": "Security update for rmt-server",
"tracking": {
"current_release_date": "2023-05-25T13:58:06Z",
"generator": {
"date": "2023-05-25T13:58:06Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2023:2304-1",
"initial_release_date": "2023-05-25T13:58:06Z",
"revision_history": [
{
"date": "2023-05-25T13:58:06Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "rmt-server-2.13-150100.3.45.1.aarch64",
"product": {
"name": "rmt-server-2.13-150100.3.45.1.aarch64",
"product_id": "rmt-server-2.13-150100.3.45.1.aarch64"
}
},
{
"category": "product_version",
"name": "rmt-server-config-2.13-150100.3.45.1.aarch64",
"product": {
"name": "rmt-server-config-2.13-150100.3.45.1.aarch64",
"product_id": "rmt-server-config-2.13-150100.3.45.1.aarch64"
}
},
{
"category": "product_version",
"name": "rmt-server-pubcloud-2.13-150100.3.45.1.aarch64",
"product": {
"name": "rmt-server-pubcloud-2.13-150100.3.45.1.aarch64",
"product_id": "rmt-server-pubcloud-2.13-150100.3.45.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "rmt-server-2.13-150100.3.45.1.ppc64le",
"product": {
"name": "rmt-server-2.13-150100.3.45.1.ppc64le",
"product_id": "rmt-server-2.13-150100.3.45.1.ppc64le"
}
},
{
"category": "product_version",
"name": "rmt-server-config-2.13-150100.3.45.1.ppc64le",
"product": {
"name": "rmt-server-config-2.13-150100.3.45.1.ppc64le",
"product_id": "rmt-server-config-2.13-150100.3.45.1.ppc64le"
}
},
{
"category": "product_version",
"name": "rmt-server-pubcloud-2.13-150100.3.45.1.ppc64le",
"product": {
"name": "rmt-server-pubcloud-2.13-150100.3.45.1.ppc64le",
"product_id": "rmt-server-pubcloud-2.13-150100.3.45.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "rmt-server-2.13-150100.3.45.1.s390x",
"product": {
"name": "rmt-server-2.13-150100.3.45.1.s390x",
"product_id": "rmt-server-2.13-150100.3.45.1.s390x"
}
},
{
"category": "product_version",
"name": "rmt-server-config-2.13-150100.3.45.1.s390x",
"product": {
"name": "rmt-server-config-2.13-150100.3.45.1.s390x",
"product_id": "rmt-server-config-2.13-150100.3.45.1.s390x"
}
},
{
"category": "product_version",
"name": "rmt-server-pubcloud-2.13-150100.3.45.1.s390x",
"product": {
"name": "rmt-server-pubcloud-2.13-150100.3.45.1.s390x",
"product_id": "rmt-server-pubcloud-2.13-150100.3.45.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "rmt-server-2.13-150100.3.45.1.x86_64",
"product": {
"name": "rmt-server-2.13-150100.3.45.1.x86_64",
"product_id": "rmt-server-2.13-150100.3.45.1.x86_64"
}
},
{
"category": "product_version",
"name": "rmt-server-config-2.13-150100.3.45.1.x86_64",
"product": {
"name": "rmt-server-config-2.13-150100.3.45.1.x86_64",
"product_id": "rmt-server-config-2.13-150100.3.45.1.x86_64"
}
},
{
"category": "product_version",
"name": "rmt-server-pubcloud-2.13-150100.3.45.1.x86_64",
"product": {
"name": "rmt-server-pubcloud-2.13-150100.3.45.1.x86_64",
"product_id": "rmt-server-pubcloud-2.13-150100.3.45.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Public Cloud 15 SP1",
"product": {
"name": "SUSE Linux Enterprise Module for Public Cloud 15 SP1",
"product_id": "SUSE Linux Enterprise Module for Public Cloud 15 SP1",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-public-cloud:15:sp1"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-ltss:15:sp1"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 15 SP1-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP1-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss:15:sp1"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP1",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP1",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:15:sp1"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "rmt-server-pubcloud-2.13-150100.3.45.1.aarch64 as component of SUSE Linux Enterprise Module for Public Cloud 15 SP1",
"product_id": "SUSE Linux Enterprise Module for Public Cloud 15 SP1:rmt-server-pubcloud-2.13-150100.3.45.1.aarch64"
},
"product_reference": "rmt-server-pubcloud-2.13-150100.3.45.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Public Cloud 15 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rmt-server-pubcloud-2.13-150100.3.45.1.ppc64le as component of SUSE Linux Enterprise Module for Public Cloud 15 SP1",
"product_id": "SUSE Linux Enterprise Module for Public Cloud 15 SP1:rmt-server-pubcloud-2.13-150100.3.45.1.ppc64le"
},
"product_reference": "rmt-server-pubcloud-2.13-150100.3.45.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Public Cloud 15 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rmt-server-pubcloud-2.13-150100.3.45.1.s390x as component of SUSE Linux Enterprise Module for Public Cloud 15 SP1",
"product_id": "SUSE Linux Enterprise Module for Public Cloud 15 SP1:rmt-server-pubcloud-2.13-150100.3.45.1.s390x"
},
"product_reference": "rmt-server-pubcloud-2.13-150100.3.45.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Public Cloud 15 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rmt-server-pubcloud-2.13-150100.3.45.1.x86_64 as component of SUSE Linux Enterprise Module for Public Cloud 15 SP1",
"product_id": "SUSE Linux Enterprise Module for Public Cloud 15 SP1:rmt-server-pubcloud-2.13-150100.3.45.1.x86_64"
},
"product_reference": "rmt-server-pubcloud-2.13-150100.3.45.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Public Cloud 15 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rmt-server-2.13-150100.3.45.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:rmt-server-2.13-150100.3.45.1.aarch64"
},
"product_reference": "rmt-server-2.13-150100.3.45.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rmt-server-2.13-150100.3.45.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:rmt-server-2.13-150100.3.45.1.x86_64"
},
"product_reference": "rmt-server-2.13-150100.3.45.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rmt-server-config-2.13-150100.3.45.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:rmt-server-config-2.13-150100.3.45.1.aarch64"
},
"product_reference": "rmt-server-config-2.13-150100.3.45.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rmt-server-config-2.13-150100.3.45.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:rmt-server-config-2.13-150100.3.45.1.x86_64"
},
"product_reference": "rmt-server-config-2.13-150100.3.45.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rmt-server-2.13-150100.3.45.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP1-LTSS:rmt-server-2.13-150100.3.45.1.aarch64"
},
"product_reference": "rmt-server-2.13-150100.3.45.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rmt-server-2.13-150100.3.45.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP1-LTSS:rmt-server-2.13-150100.3.45.1.ppc64le"
},
"product_reference": "rmt-server-2.13-150100.3.45.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rmt-server-2.13-150100.3.45.1.s390x as component of SUSE Linux Enterprise Server 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP1-LTSS:rmt-server-2.13-150100.3.45.1.s390x"
},
"product_reference": "rmt-server-2.13-150100.3.45.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rmt-server-2.13-150100.3.45.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP1-LTSS:rmt-server-2.13-150100.3.45.1.x86_64"
},
"product_reference": "rmt-server-2.13-150100.3.45.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rmt-server-config-2.13-150100.3.45.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP1-LTSS:rmt-server-config-2.13-150100.3.45.1.aarch64"
},
"product_reference": "rmt-server-config-2.13-150100.3.45.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rmt-server-config-2.13-150100.3.45.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP1-LTSS:rmt-server-config-2.13-150100.3.45.1.ppc64le"
},
"product_reference": "rmt-server-config-2.13-150100.3.45.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rmt-server-config-2.13-150100.3.45.1.s390x as component of SUSE Linux Enterprise Server 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP1-LTSS:rmt-server-config-2.13-150100.3.45.1.s390x"
},
"product_reference": "rmt-server-config-2.13-150100.3.45.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rmt-server-config-2.13-150100.3.45.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP1-LTSS:rmt-server-config-2.13-150100.3.45.1.x86_64"
},
"product_reference": "rmt-server-config-2.13-150100.3.45.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rmt-server-2.13-150100.3.45.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP1:rmt-server-2.13-150100.3.45.1.ppc64le"
},
"product_reference": "rmt-server-2.13-150100.3.45.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rmt-server-2.13-150100.3.45.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP1:rmt-server-2.13-150100.3.45.1.x86_64"
},
"product_reference": "rmt-server-2.13-150100.3.45.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rmt-server-config-2.13-150100.3.45.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP1:rmt-server-config-2.13-150100.3.45.1.ppc64le"
},
"product_reference": "rmt-server-config-2.13-150100.3.45.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rmt-server-config-2.13-150100.3.45.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP1:rmt-server-config-2.13-150100.3.45.1.x86_64"
},
"product_reference": "rmt-server-config-2.13-150100.3.45.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP1"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-27530",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-27530"
}
],
"notes": [
{
"category": "general",
"text": "A DoS vulnerability exists in Rack \u003cv3.0.4.2, \u003cv2.2.6.3, \u003cv2.1.4.3 and \u003cv2.0.9.3 within in the Multipart MIME parsing code in which could allow an attacker to craft requests that can be abuse to cause multipart parsing to take longer than expected.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:rmt-server-2.13-150100.3.45.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:rmt-server-2.13-150100.3.45.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:rmt-server-config-2.13-150100.3.45.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:rmt-server-config-2.13-150100.3.45.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP1:rmt-server-pubcloud-2.13-150100.3.45.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP1:rmt-server-pubcloud-2.13-150100.3.45.1.ppc64le",
"SUSE Linux Enterprise Module for Public Cloud 15 SP1:rmt-server-pubcloud-2.13-150100.3.45.1.s390x",
"SUSE Linux Enterprise Module for Public Cloud 15 SP1:rmt-server-pubcloud-2.13-150100.3.45.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:rmt-server-2.13-150100.3.45.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:rmt-server-2.13-150100.3.45.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:rmt-server-2.13-150100.3.45.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:rmt-server-2.13-150100.3.45.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:rmt-server-config-2.13-150100.3.45.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:rmt-server-config-2.13-150100.3.45.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:rmt-server-config-2.13-150100.3.45.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:rmt-server-config-2.13-150100.3.45.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:rmt-server-2.13-150100.3.45.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:rmt-server-2.13-150100.3.45.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:rmt-server-config-2.13-150100.3.45.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:rmt-server-config-2.13-150100.3.45.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-27530",
"url": "https://www.suse.com/security/cve/CVE-2023-27530"
},
{
"category": "external",
"summary": "SUSE Bug 1209095 for CVE-2023-27530",
"url": "https://bugzilla.suse.com/1209095"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:rmt-server-2.13-150100.3.45.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:rmt-server-2.13-150100.3.45.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:rmt-server-config-2.13-150100.3.45.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:rmt-server-config-2.13-150100.3.45.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP1:rmt-server-pubcloud-2.13-150100.3.45.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP1:rmt-server-pubcloud-2.13-150100.3.45.1.ppc64le",
"SUSE Linux Enterprise Module for Public Cloud 15 SP1:rmt-server-pubcloud-2.13-150100.3.45.1.s390x",
"SUSE Linux Enterprise Module for Public Cloud 15 SP1:rmt-server-pubcloud-2.13-150100.3.45.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:rmt-server-2.13-150100.3.45.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:rmt-server-2.13-150100.3.45.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:rmt-server-2.13-150100.3.45.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:rmt-server-2.13-150100.3.45.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:rmt-server-config-2.13-150100.3.45.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:rmt-server-config-2.13-150100.3.45.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:rmt-server-config-2.13-150100.3.45.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:rmt-server-config-2.13-150100.3.45.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:rmt-server-2.13-150100.3.45.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:rmt-server-2.13-150100.3.45.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:rmt-server-config-2.13-150100.3.45.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:rmt-server-config-2.13-150100.3.45.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:rmt-server-2.13-150100.3.45.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:rmt-server-2.13-150100.3.45.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:rmt-server-config-2.13-150100.3.45.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:rmt-server-config-2.13-150100.3.45.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP1:rmt-server-pubcloud-2.13-150100.3.45.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP1:rmt-server-pubcloud-2.13-150100.3.45.1.ppc64le",
"SUSE Linux Enterprise Module for Public Cloud 15 SP1:rmt-server-pubcloud-2.13-150100.3.45.1.s390x",
"SUSE Linux Enterprise Module for Public Cloud 15 SP1:rmt-server-pubcloud-2.13-150100.3.45.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:rmt-server-2.13-150100.3.45.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:rmt-server-2.13-150100.3.45.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:rmt-server-2.13-150100.3.45.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:rmt-server-2.13-150100.3.45.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:rmt-server-config-2.13-150100.3.45.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:rmt-server-config-2.13-150100.3.45.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:rmt-server-config-2.13-150100.3.45.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:rmt-server-config-2.13-150100.3.45.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:rmt-server-2.13-150100.3.45.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:rmt-server-2.13-150100.3.45.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:rmt-server-config-2.13-150100.3.45.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:rmt-server-config-2.13-150100.3.45.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-05-25T13:58:06Z",
"details": "important"
}
],
"title": "CVE-2023-27530"
},
{
"cve": "CVE-2023-28120",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-28120"
}
],
"notes": [
{
"category": "general",
"text": "There is a vulnerability in ActiveSupport if the new bytesplice method is called on a SafeBuffer with untrusted user input.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:rmt-server-2.13-150100.3.45.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:rmt-server-2.13-150100.3.45.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:rmt-server-config-2.13-150100.3.45.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:rmt-server-config-2.13-150100.3.45.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP1:rmt-server-pubcloud-2.13-150100.3.45.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP1:rmt-server-pubcloud-2.13-150100.3.45.1.ppc64le",
"SUSE Linux Enterprise Module for Public Cloud 15 SP1:rmt-server-pubcloud-2.13-150100.3.45.1.s390x",
"SUSE Linux Enterprise Module for Public Cloud 15 SP1:rmt-server-pubcloud-2.13-150100.3.45.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:rmt-server-2.13-150100.3.45.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:rmt-server-2.13-150100.3.45.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:rmt-server-2.13-150100.3.45.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:rmt-server-2.13-150100.3.45.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:rmt-server-config-2.13-150100.3.45.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:rmt-server-config-2.13-150100.3.45.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:rmt-server-config-2.13-150100.3.45.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:rmt-server-config-2.13-150100.3.45.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:rmt-server-2.13-150100.3.45.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:rmt-server-2.13-150100.3.45.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:rmt-server-config-2.13-150100.3.45.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:rmt-server-config-2.13-150100.3.45.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-28120",
"url": "https://www.suse.com/security/cve/CVE-2023-28120"
},
{
"category": "external",
"summary": "SUSE Bug 1209505 for CVE-2023-28120",
"url": "https://bugzilla.suse.com/1209505"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:rmt-server-2.13-150100.3.45.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:rmt-server-2.13-150100.3.45.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:rmt-server-config-2.13-150100.3.45.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:rmt-server-config-2.13-150100.3.45.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP1:rmt-server-pubcloud-2.13-150100.3.45.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP1:rmt-server-pubcloud-2.13-150100.3.45.1.ppc64le",
"SUSE Linux Enterprise Module for Public Cloud 15 SP1:rmt-server-pubcloud-2.13-150100.3.45.1.s390x",
"SUSE Linux Enterprise Module for Public Cloud 15 SP1:rmt-server-pubcloud-2.13-150100.3.45.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:rmt-server-2.13-150100.3.45.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:rmt-server-2.13-150100.3.45.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:rmt-server-2.13-150100.3.45.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:rmt-server-2.13-150100.3.45.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:rmt-server-config-2.13-150100.3.45.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:rmt-server-config-2.13-150100.3.45.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:rmt-server-config-2.13-150100.3.45.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:rmt-server-config-2.13-150100.3.45.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:rmt-server-2.13-150100.3.45.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:rmt-server-2.13-150100.3.45.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:rmt-server-config-2.13-150100.3.45.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:rmt-server-config-2.13-150100.3.45.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:rmt-server-2.13-150100.3.45.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:rmt-server-2.13-150100.3.45.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:rmt-server-config-2.13-150100.3.45.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:rmt-server-config-2.13-150100.3.45.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP1:rmt-server-pubcloud-2.13-150100.3.45.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP1:rmt-server-pubcloud-2.13-150100.3.45.1.ppc64le",
"SUSE Linux Enterprise Module for Public Cloud 15 SP1:rmt-server-pubcloud-2.13-150100.3.45.1.s390x",
"SUSE Linux Enterprise Module for Public Cloud 15 SP1:rmt-server-pubcloud-2.13-150100.3.45.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:rmt-server-2.13-150100.3.45.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:rmt-server-2.13-150100.3.45.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:rmt-server-2.13-150100.3.45.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:rmt-server-2.13-150100.3.45.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:rmt-server-config-2.13-150100.3.45.1.aarch64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:rmt-server-config-2.13-150100.3.45.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:rmt-server-config-2.13-150100.3.45.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:rmt-server-config-2.13-150100.3.45.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:rmt-server-2.13-150100.3.45.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:rmt-server-2.13-150100.3.45.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:rmt-server-config-2.13-150100.3.45.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:rmt-server-config-2.13-150100.3.45.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-05-25T13:58:06Z",
"details": "moderate"
}
],
"title": "CVE-2023-28120"
}
]
}
suse-su-2023:2781-1
Vulnerability from csaf_suse
Published
2023-07-04 11:09
Modified
2023-07-04 11:09
Summary
Security update for rmt-server
Notes
Title of the patch
Security update for rmt-server
Description of the patch
This update for rmt-server fixes the following issues:
Update to version 2.13:
- CVE-2023-28120: Fixed a possible XSS Security Vulnerability in bytesliced strings for html_safe (bsc#1209507).
- CVE-2023-27530: Fixed a DoS in multipart mime parsing (bsc#1209096).
- CVE-2022-31254: Fixed escalation vector bug from user _rmt to root in the packaging file (bsc#1204285).
Bug fixes:
- Handle X-Original-URI header, partial fix for (bsc#1211398)
- Force rmt-client-setup-res script to use https (bsc#1209825)
- Mark secrets.yml.key file as part of the rpm to allow seamless downgrades (bsc#1207670)
- Adding -f to the file move command when moving the mirrored directory to its final location (bsc#1203171)
- Fix %post install of pubcloud subpackage reload of nginx (bsc#1206593)
- Skip warnings regarding nokogiri libxml version mismatch (bsc#1202053)
- Add option to turn off system token support (bsc#1205089)
- Do not retry to import non-existing files in air-gapped mode (bsc#1204769)
Patchnames
SUSE-2023-2781,SUSE-SLE-Module-Public-Cloud-15-SP5-2023-2781,SUSE-SLE-Module-Server-Applications-15-SP5-2023-2781,openSUSE-SLE-15.5-2023-2781
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for rmt-server",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for rmt-server fixes the following issues:\n\nUpdate to version 2.13:\n\n- CVE-2023-28120: Fixed a possible XSS Security Vulnerability in bytesliced strings for html_safe (bsc#1209507).\n- CVE-2023-27530: Fixed a DoS in multipart mime parsing (bsc#1209096).\n- CVE-2022-31254: Fixed escalation vector bug from user _rmt to root in the packaging file (bsc#1204285).\n\nBug fixes:\n\n- Handle X-Original-URI header, partial fix for (bsc#1211398)\n- Force rmt-client-setup-res script to use https (bsc#1209825)\n- Mark secrets.yml.key file as part of the rpm to allow seamless downgrades (bsc#1207670)\n- Adding -f to the file move command when moving the mirrored directory to its final location (bsc#1203171) \n- Fix %post install of pubcloud subpackage reload of nginx (bsc#1206593)\n- Skip warnings regarding nokogiri libxml version mismatch (bsc#1202053)\n- Add option to turn off system token support (bsc#1205089)\n- Do not retry to import non-existing files in air-gapped mode (bsc#1204769)\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2023-2781,SUSE-SLE-Module-Public-Cloud-15-SP5-2023-2781,SUSE-SLE-Module-Server-Applications-15-SP5-2023-2781,openSUSE-SLE-15.5-2023-2781",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2023_2781-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2023:2781-1",
"url": "https://www.suse.com/support/update/announcement/2023/suse-su-20232781-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2023:2781-1",
"url": "https://lists.suse.com/pipermail/sle-updates/2023-July/030186.html"
},
{
"category": "self",
"summary": "SUSE Bug 1202053",
"url": "https://bugzilla.suse.com/1202053"
},
{
"category": "self",
"summary": "SUSE Bug 1203171",
"url": "https://bugzilla.suse.com/1203171"
},
{
"category": "self",
"summary": "SUSE Bug 1204285",
"url": "https://bugzilla.suse.com/1204285"
},
{
"category": "self",
"summary": "SUSE Bug 1204769",
"url": "https://bugzilla.suse.com/1204769"
},
{
"category": "self",
"summary": "SUSE Bug 1205089",
"url": "https://bugzilla.suse.com/1205089"
},
{
"category": "self",
"summary": "SUSE Bug 1206593",
"url": "https://bugzilla.suse.com/1206593"
},
{
"category": "self",
"summary": "SUSE Bug 1207670",
"url": "https://bugzilla.suse.com/1207670"
},
{
"category": "self",
"summary": "SUSE Bug 1209096",
"url": "https://bugzilla.suse.com/1209096"
},
{
"category": "self",
"summary": "SUSE Bug 1209507",
"url": "https://bugzilla.suse.com/1209507"
},
{
"category": "self",
"summary": "SUSE Bug 1209825",
"url": "https://bugzilla.suse.com/1209825"
},
{
"category": "self",
"summary": "SUSE Bug 1211398",
"url": "https://bugzilla.suse.com/1211398"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-31254 page",
"url": "https://www.suse.com/security/cve/CVE-2022-31254/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-27530 page",
"url": "https://www.suse.com/security/cve/CVE-2023-27530/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-28120 page",
"url": "https://www.suse.com/security/cve/CVE-2023-28120/"
}
],
"title": "Security update for rmt-server",
"tracking": {
"current_release_date": "2023-07-04T11:09:54Z",
"generator": {
"date": "2023-07-04T11:09:54Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2023:2781-1",
"initial_release_date": "2023-07-04T11:09:54Z",
"revision_history": [
{
"date": "2023-07-04T11:09:54Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "rmt-server-2.13-150500.3.3.1.aarch64",
"product": {
"name": "rmt-server-2.13-150500.3.3.1.aarch64",
"product_id": "rmt-server-2.13-150500.3.3.1.aarch64"
}
},
{
"category": "product_version",
"name": "rmt-server-config-2.13-150500.3.3.1.aarch64",
"product": {
"name": "rmt-server-config-2.13-150500.3.3.1.aarch64",
"product_id": "rmt-server-config-2.13-150500.3.3.1.aarch64"
}
},
{
"category": "product_version",
"name": "rmt-server-pubcloud-2.13-150500.3.3.1.aarch64",
"product": {
"name": "rmt-server-pubcloud-2.13-150500.3.3.1.aarch64",
"product_id": "rmt-server-pubcloud-2.13-150500.3.3.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "rmt-server-2.13-150500.3.3.1.ppc64le",
"product": {
"name": "rmt-server-2.13-150500.3.3.1.ppc64le",
"product_id": "rmt-server-2.13-150500.3.3.1.ppc64le"
}
},
{
"category": "product_version",
"name": "rmt-server-config-2.13-150500.3.3.1.ppc64le",
"product": {
"name": "rmt-server-config-2.13-150500.3.3.1.ppc64le",
"product_id": "rmt-server-config-2.13-150500.3.3.1.ppc64le"
}
},
{
"category": "product_version",
"name": "rmt-server-pubcloud-2.13-150500.3.3.1.ppc64le",
"product": {
"name": "rmt-server-pubcloud-2.13-150500.3.3.1.ppc64le",
"product_id": "rmt-server-pubcloud-2.13-150500.3.3.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "rmt-server-2.13-150500.3.3.1.s390x",
"product": {
"name": "rmt-server-2.13-150500.3.3.1.s390x",
"product_id": "rmt-server-2.13-150500.3.3.1.s390x"
}
},
{
"category": "product_version",
"name": "rmt-server-config-2.13-150500.3.3.1.s390x",
"product": {
"name": "rmt-server-config-2.13-150500.3.3.1.s390x",
"product_id": "rmt-server-config-2.13-150500.3.3.1.s390x"
}
},
{
"category": "product_version",
"name": "rmt-server-pubcloud-2.13-150500.3.3.1.s390x",
"product": {
"name": "rmt-server-pubcloud-2.13-150500.3.3.1.s390x",
"product_id": "rmt-server-pubcloud-2.13-150500.3.3.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "rmt-server-2.13-150500.3.3.1.x86_64",
"product": {
"name": "rmt-server-2.13-150500.3.3.1.x86_64",
"product_id": "rmt-server-2.13-150500.3.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "rmt-server-config-2.13-150500.3.3.1.x86_64",
"product": {
"name": "rmt-server-config-2.13-150500.3.3.1.x86_64",
"product_id": "rmt-server-config-2.13-150500.3.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "rmt-server-pubcloud-2.13-150500.3.3.1.x86_64",
"product": {
"name": "rmt-server-pubcloud-2.13-150500.3.3.1.x86_64",
"product_id": "rmt-server-pubcloud-2.13-150500.3.3.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Public Cloud 15 SP5",
"product": {
"name": "SUSE Linux Enterprise Module for Public Cloud 15 SP5",
"product_id": "SUSE Linux Enterprise Module for Public Cloud 15 SP5",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-public-cloud:15:sp5"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Server Applications 15 SP5",
"product": {
"name": "SUSE Linux Enterprise Module for Server Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Module for Server Applications 15 SP5",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-server-applications:15:sp5"
}
}
},
{
"category": "product_name",
"name": "openSUSE Leap 15.5",
"product": {
"name": "openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:leap:15.5"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "rmt-server-pubcloud-2.13-150500.3.3.1.aarch64 as component of SUSE Linux Enterprise Module for Public Cloud 15 SP5",
"product_id": "SUSE Linux Enterprise Module for Public Cloud 15 SP5:rmt-server-pubcloud-2.13-150500.3.3.1.aarch64"
},
"product_reference": "rmt-server-pubcloud-2.13-150500.3.3.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Public Cloud 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rmt-server-pubcloud-2.13-150500.3.3.1.ppc64le as component of SUSE Linux Enterprise Module for Public Cloud 15 SP5",
"product_id": "SUSE Linux Enterprise Module for Public Cloud 15 SP5:rmt-server-pubcloud-2.13-150500.3.3.1.ppc64le"
},
"product_reference": "rmt-server-pubcloud-2.13-150500.3.3.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Public Cloud 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rmt-server-pubcloud-2.13-150500.3.3.1.s390x as component of SUSE Linux Enterprise Module for Public Cloud 15 SP5",
"product_id": "SUSE Linux Enterprise Module for Public Cloud 15 SP5:rmt-server-pubcloud-2.13-150500.3.3.1.s390x"
},
"product_reference": "rmt-server-pubcloud-2.13-150500.3.3.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Public Cloud 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rmt-server-pubcloud-2.13-150500.3.3.1.x86_64 as component of SUSE Linux Enterprise Module for Public Cloud 15 SP5",
"product_id": "SUSE Linux Enterprise Module for Public Cloud 15 SP5:rmt-server-pubcloud-2.13-150500.3.3.1.x86_64"
},
"product_reference": "rmt-server-pubcloud-2.13-150500.3.3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Public Cloud 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rmt-server-2.13-150500.3.3.1.aarch64 as component of SUSE Linux Enterprise Module for Server Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Module for Server Applications 15 SP5:rmt-server-2.13-150500.3.3.1.aarch64"
},
"product_reference": "rmt-server-2.13-150500.3.3.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Server Applications 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rmt-server-2.13-150500.3.3.1.ppc64le as component of SUSE Linux Enterprise Module for Server Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Module for Server Applications 15 SP5:rmt-server-2.13-150500.3.3.1.ppc64le"
},
"product_reference": "rmt-server-2.13-150500.3.3.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Server Applications 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rmt-server-2.13-150500.3.3.1.s390x as component of SUSE Linux Enterprise Module for Server Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Module for Server Applications 15 SP5:rmt-server-2.13-150500.3.3.1.s390x"
},
"product_reference": "rmt-server-2.13-150500.3.3.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Server Applications 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rmt-server-2.13-150500.3.3.1.x86_64 as component of SUSE Linux Enterprise Module for Server Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Module for Server Applications 15 SP5:rmt-server-2.13-150500.3.3.1.x86_64"
},
"product_reference": "rmt-server-2.13-150500.3.3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Server Applications 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rmt-server-config-2.13-150500.3.3.1.aarch64 as component of SUSE Linux Enterprise Module for Server Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Module for Server Applications 15 SP5:rmt-server-config-2.13-150500.3.3.1.aarch64"
},
"product_reference": "rmt-server-config-2.13-150500.3.3.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Server Applications 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rmt-server-config-2.13-150500.3.3.1.ppc64le as component of SUSE Linux Enterprise Module for Server Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Module for Server Applications 15 SP5:rmt-server-config-2.13-150500.3.3.1.ppc64le"
},
"product_reference": "rmt-server-config-2.13-150500.3.3.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Server Applications 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rmt-server-config-2.13-150500.3.3.1.s390x as component of SUSE Linux Enterprise Module for Server Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Module for Server Applications 15 SP5:rmt-server-config-2.13-150500.3.3.1.s390x"
},
"product_reference": "rmt-server-config-2.13-150500.3.3.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Server Applications 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rmt-server-config-2.13-150500.3.3.1.x86_64 as component of SUSE Linux Enterprise Module for Server Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Module for Server Applications 15 SP5:rmt-server-config-2.13-150500.3.3.1.x86_64"
},
"product_reference": "rmt-server-config-2.13-150500.3.3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Server Applications 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rmt-server-2.13-150500.3.3.1.aarch64 as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:rmt-server-2.13-150500.3.3.1.aarch64"
},
"product_reference": "rmt-server-2.13-150500.3.3.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rmt-server-2.13-150500.3.3.1.ppc64le as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:rmt-server-2.13-150500.3.3.1.ppc64le"
},
"product_reference": "rmt-server-2.13-150500.3.3.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rmt-server-2.13-150500.3.3.1.s390x as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:rmt-server-2.13-150500.3.3.1.s390x"
},
"product_reference": "rmt-server-2.13-150500.3.3.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rmt-server-2.13-150500.3.3.1.x86_64 as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:rmt-server-2.13-150500.3.3.1.x86_64"
},
"product_reference": "rmt-server-2.13-150500.3.3.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rmt-server-config-2.13-150500.3.3.1.aarch64 as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:rmt-server-config-2.13-150500.3.3.1.aarch64"
},
"product_reference": "rmt-server-config-2.13-150500.3.3.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rmt-server-config-2.13-150500.3.3.1.ppc64le as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:rmt-server-config-2.13-150500.3.3.1.ppc64le"
},
"product_reference": "rmt-server-config-2.13-150500.3.3.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rmt-server-config-2.13-150500.3.3.1.s390x as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:rmt-server-config-2.13-150500.3.3.1.s390x"
},
"product_reference": "rmt-server-config-2.13-150500.3.3.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rmt-server-config-2.13-150500.3.3.1.x86_64 as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:rmt-server-config-2.13-150500.3.3.1.x86_64"
},
"product_reference": "rmt-server-config-2.13-150500.3.3.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rmt-server-pubcloud-2.13-150500.3.3.1.aarch64 as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:rmt-server-pubcloud-2.13-150500.3.3.1.aarch64"
},
"product_reference": "rmt-server-pubcloud-2.13-150500.3.3.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rmt-server-pubcloud-2.13-150500.3.3.1.ppc64le as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:rmt-server-pubcloud-2.13-150500.3.3.1.ppc64le"
},
"product_reference": "rmt-server-pubcloud-2.13-150500.3.3.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rmt-server-pubcloud-2.13-150500.3.3.1.s390x as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:rmt-server-pubcloud-2.13-150500.3.3.1.s390x"
},
"product_reference": "rmt-server-pubcloud-2.13-150500.3.3.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rmt-server-pubcloud-2.13-150500.3.3.1.x86_64 as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:rmt-server-pubcloud-2.13-150500.3.3.1.x86_64"
},
"product_reference": "rmt-server-pubcloud-2.13-150500.3.3.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.5"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-31254",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-31254"
}
],
"notes": [
{
"category": "general",
"text": "A Incorrect Default Permissions vulnerability in rmt-server-regsharing service of SUSE Linux Enterprise Server for SAP 15, SUSE Linux Enterprise Server for SAP 15-SP1, SUSE Manager Server 4.1; openSUSE Leap 15.3, openSUSE Leap 15.4 allows local attackers with access to the _rmt user to escalate to root. This issue affects: SUSE Linux Enterprise Server for SAP 15 rmt-server versions prior to 2.10. SUSE Linux Enterprise Server for SAP 15-SP1 rmt-server versions prior to 2.10. SUSE Manager Server 4.1 rmt-server versions prior to 2.10. openSUSE Leap 15.3 rmt-server versions prior to 2.10. openSUSE Leap 15.4 rmt-server versions prior to 2.10.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:rmt-server-pubcloud-2.13-150500.3.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:rmt-server-pubcloud-2.13-150500.3.3.1.ppc64le",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:rmt-server-pubcloud-2.13-150500.3.3.1.s390x",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:rmt-server-pubcloud-2.13-150500.3.3.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:rmt-server-2.13-150500.3.3.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:rmt-server-2.13-150500.3.3.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:rmt-server-2.13-150500.3.3.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:rmt-server-2.13-150500.3.3.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:rmt-server-config-2.13-150500.3.3.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:rmt-server-config-2.13-150500.3.3.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:rmt-server-config-2.13-150500.3.3.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:rmt-server-config-2.13-150500.3.3.1.x86_64",
"openSUSE Leap 15.5:rmt-server-2.13-150500.3.3.1.aarch64",
"openSUSE Leap 15.5:rmt-server-2.13-150500.3.3.1.ppc64le",
"openSUSE Leap 15.5:rmt-server-2.13-150500.3.3.1.s390x",
"openSUSE Leap 15.5:rmt-server-2.13-150500.3.3.1.x86_64",
"openSUSE Leap 15.5:rmt-server-config-2.13-150500.3.3.1.aarch64",
"openSUSE Leap 15.5:rmt-server-config-2.13-150500.3.3.1.ppc64le",
"openSUSE Leap 15.5:rmt-server-config-2.13-150500.3.3.1.s390x",
"openSUSE Leap 15.5:rmt-server-config-2.13-150500.3.3.1.x86_64",
"openSUSE Leap 15.5:rmt-server-pubcloud-2.13-150500.3.3.1.aarch64",
"openSUSE Leap 15.5:rmt-server-pubcloud-2.13-150500.3.3.1.ppc64le",
"openSUSE Leap 15.5:rmt-server-pubcloud-2.13-150500.3.3.1.s390x",
"openSUSE Leap 15.5:rmt-server-pubcloud-2.13-150500.3.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-31254",
"url": "https://www.suse.com/security/cve/CVE-2022-31254"
},
{
"category": "external",
"summary": "SUSE Bug 1204285 for CVE-2022-31254",
"url": "https://bugzilla.suse.com/1204285"
},
{
"category": "external",
"summary": "SUSE Bug 1207670 for CVE-2022-31254",
"url": "https://bugzilla.suse.com/1207670"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:rmt-server-pubcloud-2.13-150500.3.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:rmt-server-pubcloud-2.13-150500.3.3.1.ppc64le",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:rmt-server-pubcloud-2.13-150500.3.3.1.s390x",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:rmt-server-pubcloud-2.13-150500.3.3.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:rmt-server-2.13-150500.3.3.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:rmt-server-2.13-150500.3.3.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:rmt-server-2.13-150500.3.3.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:rmt-server-2.13-150500.3.3.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:rmt-server-config-2.13-150500.3.3.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:rmt-server-config-2.13-150500.3.3.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:rmt-server-config-2.13-150500.3.3.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:rmt-server-config-2.13-150500.3.3.1.x86_64",
"openSUSE Leap 15.5:rmt-server-2.13-150500.3.3.1.aarch64",
"openSUSE Leap 15.5:rmt-server-2.13-150500.3.3.1.ppc64le",
"openSUSE Leap 15.5:rmt-server-2.13-150500.3.3.1.s390x",
"openSUSE Leap 15.5:rmt-server-2.13-150500.3.3.1.x86_64",
"openSUSE Leap 15.5:rmt-server-config-2.13-150500.3.3.1.aarch64",
"openSUSE Leap 15.5:rmt-server-config-2.13-150500.3.3.1.ppc64le",
"openSUSE Leap 15.5:rmt-server-config-2.13-150500.3.3.1.s390x",
"openSUSE Leap 15.5:rmt-server-config-2.13-150500.3.3.1.x86_64",
"openSUSE Leap 15.5:rmt-server-pubcloud-2.13-150500.3.3.1.aarch64",
"openSUSE Leap 15.5:rmt-server-pubcloud-2.13-150500.3.3.1.ppc64le",
"openSUSE Leap 15.5:rmt-server-pubcloud-2.13-150500.3.3.1.s390x",
"openSUSE Leap 15.5:rmt-server-pubcloud-2.13-150500.3.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:rmt-server-pubcloud-2.13-150500.3.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:rmt-server-pubcloud-2.13-150500.3.3.1.ppc64le",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:rmt-server-pubcloud-2.13-150500.3.3.1.s390x",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:rmt-server-pubcloud-2.13-150500.3.3.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:rmt-server-2.13-150500.3.3.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:rmt-server-2.13-150500.3.3.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:rmt-server-2.13-150500.3.3.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:rmt-server-2.13-150500.3.3.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:rmt-server-config-2.13-150500.3.3.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:rmt-server-config-2.13-150500.3.3.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:rmt-server-config-2.13-150500.3.3.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:rmt-server-config-2.13-150500.3.3.1.x86_64",
"openSUSE Leap 15.5:rmt-server-2.13-150500.3.3.1.aarch64",
"openSUSE Leap 15.5:rmt-server-2.13-150500.3.3.1.ppc64le",
"openSUSE Leap 15.5:rmt-server-2.13-150500.3.3.1.s390x",
"openSUSE Leap 15.5:rmt-server-2.13-150500.3.3.1.x86_64",
"openSUSE Leap 15.5:rmt-server-config-2.13-150500.3.3.1.aarch64",
"openSUSE Leap 15.5:rmt-server-config-2.13-150500.3.3.1.ppc64le",
"openSUSE Leap 15.5:rmt-server-config-2.13-150500.3.3.1.s390x",
"openSUSE Leap 15.5:rmt-server-config-2.13-150500.3.3.1.x86_64",
"openSUSE Leap 15.5:rmt-server-pubcloud-2.13-150500.3.3.1.aarch64",
"openSUSE Leap 15.5:rmt-server-pubcloud-2.13-150500.3.3.1.ppc64le",
"openSUSE Leap 15.5:rmt-server-pubcloud-2.13-150500.3.3.1.s390x",
"openSUSE Leap 15.5:rmt-server-pubcloud-2.13-150500.3.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-07-04T11:09:54Z",
"details": "important"
}
],
"title": "CVE-2022-31254"
},
{
"cve": "CVE-2023-27530",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-27530"
}
],
"notes": [
{
"category": "general",
"text": "A DoS vulnerability exists in Rack \u003cv3.0.4.2, \u003cv2.2.6.3, \u003cv2.1.4.3 and \u003cv2.0.9.3 within in the Multipart MIME parsing code in which could allow an attacker to craft requests that can be abuse to cause multipart parsing to take longer than expected.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:rmt-server-pubcloud-2.13-150500.3.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:rmt-server-pubcloud-2.13-150500.3.3.1.ppc64le",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:rmt-server-pubcloud-2.13-150500.3.3.1.s390x",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:rmt-server-pubcloud-2.13-150500.3.3.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:rmt-server-2.13-150500.3.3.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:rmt-server-2.13-150500.3.3.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:rmt-server-2.13-150500.3.3.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:rmt-server-2.13-150500.3.3.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:rmt-server-config-2.13-150500.3.3.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:rmt-server-config-2.13-150500.3.3.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:rmt-server-config-2.13-150500.3.3.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:rmt-server-config-2.13-150500.3.3.1.x86_64",
"openSUSE Leap 15.5:rmt-server-2.13-150500.3.3.1.aarch64",
"openSUSE Leap 15.5:rmt-server-2.13-150500.3.3.1.ppc64le",
"openSUSE Leap 15.5:rmt-server-2.13-150500.3.3.1.s390x",
"openSUSE Leap 15.5:rmt-server-2.13-150500.3.3.1.x86_64",
"openSUSE Leap 15.5:rmt-server-config-2.13-150500.3.3.1.aarch64",
"openSUSE Leap 15.5:rmt-server-config-2.13-150500.3.3.1.ppc64le",
"openSUSE Leap 15.5:rmt-server-config-2.13-150500.3.3.1.s390x",
"openSUSE Leap 15.5:rmt-server-config-2.13-150500.3.3.1.x86_64",
"openSUSE Leap 15.5:rmt-server-pubcloud-2.13-150500.3.3.1.aarch64",
"openSUSE Leap 15.5:rmt-server-pubcloud-2.13-150500.3.3.1.ppc64le",
"openSUSE Leap 15.5:rmt-server-pubcloud-2.13-150500.3.3.1.s390x",
"openSUSE Leap 15.5:rmt-server-pubcloud-2.13-150500.3.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-27530",
"url": "https://www.suse.com/security/cve/CVE-2023-27530"
},
{
"category": "external",
"summary": "SUSE Bug 1209095 for CVE-2023-27530",
"url": "https://bugzilla.suse.com/1209095"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:rmt-server-pubcloud-2.13-150500.3.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:rmt-server-pubcloud-2.13-150500.3.3.1.ppc64le",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:rmt-server-pubcloud-2.13-150500.3.3.1.s390x",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:rmt-server-pubcloud-2.13-150500.3.3.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:rmt-server-2.13-150500.3.3.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:rmt-server-2.13-150500.3.3.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:rmt-server-2.13-150500.3.3.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:rmt-server-2.13-150500.3.3.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:rmt-server-config-2.13-150500.3.3.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:rmt-server-config-2.13-150500.3.3.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:rmt-server-config-2.13-150500.3.3.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:rmt-server-config-2.13-150500.3.3.1.x86_64",
"openSUSE Leap 15.5:rmt-server-2.13-150500.3.3.1.aarch64",
"openSUSE Leap 15.5:rmt-server-2.13-150500.3.3.1.ppc64le",
"openSUSE Leap 15.5:rmt-server-2.13-150500.3.3.1.s390x",
"openSUSE Leap 15.5:rmt-server-2.13-150500.3.3.1.x86_64",
"openSUSE Leap 15.5:rmt-server-config-2.13-150500.3.3.1.aarch64",
"openSUSE Leap 15.5:rmt-server-config-2.13-150500.3.3.1.ppc64le",
"openSUSE Leap 15.5:rmt-server-config-2.13-150500.3.3.1.s390x",
"openSUSE Leap 15.5:rmt-server-config-2.13-150500.3.3.1.x86_64",
"openSUSE Leap 15.5:rmt-server-pubcloud-2.13-150500.3.3.1.aarch64",
"openSUSE Leap 15.5:rmt-server-pubcloud-2.13-150500.3.3.1.ppc64le",
"openSUSE Leap 15.5:rmt-server-pubcloud-2.13-150500.3.3.1.s390x",
"openSUSE Leap 15.5:rmt-server-pubcloud-2.13-150500.3.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:rmt-server-pubcloud-2.13-150500.3.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:rmt-server-pubcloud-2.13-150500.3.3.1.ppc64le",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:rmt-server-pubcloud-2.13-150500.3.3.1.s390x",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:rmt-server-pubcloud-2.13-150500.3.3.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:rmt-server-2.13-150500.3.3.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:rmt-server-2.13-150500.3.3.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:rmt-server-2.13-150500.3.3.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:rmt-server-2.13-150500.3.3.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:rmt-server-config-2.13-150500.3.3.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:rmt-server-config-2.13-150500.3.3.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:rmt-server-config-2.13-150500.3.3.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:rmt-server-config-2.13-150500.3.3.1.x86_64",
"openSUSE Leap 15.5:rmt-server-2.13-150500.3.3.1.aarch64",
"openSUSE Leap 15.5:rmt-server-2.13-150500.3.3.1.ppc64le",
"openSUSE Leap 15.5:rmt-server-2.13-150500.3.3.1.s390x",
"openSUSE Leap 15.5:rmt-server-2.13-150500.3.3.1.x86_64",
"openSUSE Leap 15.5:rmt-server-config-2.13-150500.3.3.1.aarch64",
"openSUSE Leap 15.5:rmt-server-config-2.13-150500.3.3.1.ppc64le",
"openSUSE Leap 15.5:rmt-server-config-2.13-150500.3.3.1.s390x",
"openSUSE Leap 15.5:rmt-server-config-2.13-150500.3.3.1.x86_64",
"openSUSE Leap 15.5:rmt-server-pubcloud-2.13-150500.3.3.1.aarch64",
"openSUSE Leap 15.5:rmt-server-pubcloud-2.13-150500.3.3.1.ppc64le",
"openSUSE Leap 15.5:rmt-server-pubcloud-2.13-150500.3.3.1.s390x",
"openSUSE Leap 15.5:rmt-server-pubcloud-2.13-150500.3.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-07-04T11:09:54Z",
"details": "important"
}
],
"title": "CVE-2023-27530"
},
{
"cve": "CVE-2023-28120",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-28120"
}
],
"notes": [
{
"category": "general",
"text": "There is a vulnerability in ActiveSupport if the new bytesplice method is called on a SafeBuffer with untrusted user input.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:rmt-server-pubcloud-2.13-150500.3.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:rmt-server-pubcloud-2.13-150500.3.3.1.ppc64le",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:rmt-server-pubcloud-2.13-150500.3.3.1.s390x",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:rmt-server-pubcloud-2.13-150500.3.3.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:rmt-server-2.13-150500.3.3.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:rmt-server-2.13-150500.3.3.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:rmt-server-2.13-150500.3.3.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:rmt-server-2.13-150500.3.3.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:rmt-server-config-2.13-150500.3.3.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:rmt-server-config-2.13-150500.3.3.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:rmt-server-config-2.13-150500.3.3.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:rmt-server-config-2.13-150500.3.3.1.x86_64",
"openSUSE Leap 15.5:rmt-server-2.13-150500.3.3.1.aarch64",
"openSUSE Leap 15.5:rmt-server-2.13-150500.3.3.1.ppc64le",
"openSUSE Leap 15.5:rmt-server-2.13-150500.3.3.1.s390x",
"openSUSE Leap 15.5:rmt-server-2.13-150500.3.3.1.x86_64",
"openSUSE Leap 15.5:rmt-server-config-2.13-150500.3.3.1.aarch64",
"openSUSE Leap 15.5:rmt-server-config-2.13-150500.3.3.1.ppc64le",
"openSUSE Leap 15.5:rmt-server-config-2.13-150500.3.3.1.s390x",
"openSUSE Leap 15.5:rmt-server-config-2.13-150500.3.3.1.x86_64",
"openSUSE Leap 15.5:rmt-server-pubcloud-2.13-150500.3.3.1.aarch64",
"openSUSE Leap 15.5:rmt-server-pubcloud-2.13-150500.3.3.1.ppc64le",
"openSUSE Leap 15.5:rmt-server-pubcloud-2.13-150500.3.3.1.s390x",
"openSUSE Leap 15.5:rmt-server-pubcloud-2.13-150500.3.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-28120",
"url": "https://www.suse.com/security/cve/CVE-2023-28120"
},
{
"category": "external",
"summary": "SUSE Bug 1209505 for CVE-2023-28120",
"url": "https://bugzilla.suse.com/1209505"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:rmt-server-pubcloud-2.13-150500.3.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:rmt-server-pubcloud-2.13-150500.3.3.1.ppc64le",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:rmt-server-pubcloud-2.13-150500.3.3.1.s390x",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:rmt-server-pubcloud-2.13-150500.3.3.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:rmt-server-2.13-150500.3.3.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:rmt-server-2.13-150500.3.3.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:rmt-server-2.13-150500.3.3.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:rmt-server-2.13-150500.3.3.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:rmt-server-config-2.13-150500.3.3.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:rmt-server-config-2.13-150500.3.3.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:rmt-server-config-2.13-150500.3.3.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:rmt-server-config-2.13-150500.3.3.1.x86_64",
"openSUSE Leap 15.5:rmt-server-2.13-150500.3.3.1.aarch64",
"openSUSE Leap 15.5:rmt-server-2.13-150500.3.3.1.ppc64le",
"openSUSE Leap 15.5:rmt-server-2.13-150500.3.3.1.s390x",
"openSUSE Leap 15.5:rmt-server-2.13-150500.3.3.1.x86_64",
"openSUSE Leap 15.5:rmt-server-config-2.13-150500.3.3.1.aarch64",
"openSUSE Leap 15.5:rmt-server-config-2.13-150500.3.3.1.ppc64le",
"openSUSE Leap 15.5:rmt-server-config-2.13-150500.3.3.1.s390x",
"openSUSE Leap 15.5:rmt-server-config-2.13-150500.3.3.1.x86_64",
"openSUSE Leap 15.5:rmt-server-pubcloud-2.13-150500.3.3.1.aarch64",
"openSUSE Leap 15.5:rmt-server-pubcloud-2.13-150500.3.3.1.ppc64le",
"openSUSE Leap 15.5:rmt-server-pubcloud-2.13-150500.3.3.1.s390x",
"openSUSE Leap 15.5:rmt-server-pubcloud-2.13-150500.3.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:rmt-server-pubcloud-2.13-150500.3.3.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:rmt-server-pubcloud-2.13-150500.3.3.1.ppc64le",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:rmt-server-pubcloud-2.13-150500.3.3.1.s390x",
"SUSE Linux Enterprise Module for Public Cloud 15 SP5:rmt-server-pubcloud-2.13-150500.3.3.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:rmt-server-2.13-150500.3.3.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:rmt-server-2.13-150500.3.3.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:rmt-server-2.13-150500.3.3.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:rmt-server-2.13-150500.3.3.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:rmt-server-config-2.13-150500.3.3.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:rmt-server-config-2.13-150500.3.3.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:rmt-server-config-2.13-150500.3.3.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15 SP5:rmt-server-config-2.13-150500.3.3.1.x86_64",
"openSUSE Leap 15.5:rmt-server-2.13-150500.3.3.1.aarch64",
"openSUSE Leap 15.5:rmt-server-2.13-150500.3.3.1.ppc64le",
"openSUSE Leap 15.5:rmt-server-2.13-150500.3.3.1.s390x",
"openSUSE Leap 15.5:rmt-server-2.13-150500.3.3.1.x86_64",
"openSUSE Leap 15.5:rmt-server-config-2.13-150500.3.3.1.aarch64",
"openSUSE Leap 15.5:rmt-server-config-2.13-150500.3.3.1.ppc64le",
"openSUSE Leap 15.5:rmt-server-config-2.13-150500.3.3.1.s390x",
"openSUSE Leap 15.5:rmt-server-config-2.13-150500.3.3.1.x86_64",
"openSUSE Leap 15.5:rmt-server-pubcloud-2.13-150500.3.3.1.aarch64",
"openSUSE Leap 15.5:rmt-server-pubcloud-2.13-150500.3.3.1.ppc64le",
"openSUSE Leap 15.5:rmt-server-pubcloud-2.13-150500.3.3.1.s390x",
"openSUSE Leap 15.5:rmt-server-pubcloud-2.13-150500.3.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-07-04T11:09:54Z",
"details": "moderate"
}
],
"title": "CVE-2023-28120"
}
]
}
suse-su-2023:2294-1
Vulnerability from csaf_suse
Published
2023-05-25 07:55
Modified
2023-05-25 07:55
Summary
Security update for rmt-server
Notes
Title of the patch
Security update for rmt-server
Description of the patch
This update for rmt-server fixes the following issues:
Updated to version 2.13:
- CVE-2023-28120: Fixed a potential XSS issue in an embedded
dependency (bsc#1209507).
- CVE-2023-27530: Fixed a denial of service issue in multipart request
parsing (bsc#1209096).
Non-security fixes:
- Fixed transactional update on GCE (bsc#1211398).
- Use HTTPS in rmt-client-setup-res (bsc#1209825).
- Various build fixes (bsc#1207670, bsc#1203171, bsc#1206593,
bsc#1202053).
Patchnames
SUSE-2023-2294,SUSE-SLE-Module-Public-Cloud-15-SP2-2023-2294,SUSE-SLE-Product-HPC-15-SP2-LTSS-2023-2294,SUSE-SLE-Product-SLES-15-SP2-LTSS-2023-2294,SUSE-SLE-Product-SLES_SAP-15-SP2-2023-2294,SUSE-Storage-7-2023-2294
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for rmt-server",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for rmt-server fixes the following issues:\n\nUpdated to version 2.13:\n- CVE-2023-28120: Fixed a potential XSS issue in an embedded\n dependency (bsc#1209507).\n- CVE-2023-27530: Fixed a denial of service issue in multipart request\n parsing (bsc#1209096).\n\nNon-security fixes:\n- Fixed transactional update on GCE (bsc#1211398).\n- Use HTTPS in rmt-client-setup-res (bsc#1209825).\n- Various build fixes (bsc#1207670, bsc#1203171, bsc#1206593,\n bsc#1202053).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2023-2294,SUSE-SLE-Module-Public-Cloud-15-SP2-2023-2294,SUSE-SLE-Product-HPC-15-SP2-LTSS-2023-2294,SUSE-SLE-Product-SLES-15-SP2-LTSS-2023-2294,SUSE-SLE-Product-SLES_SAP-15-SP2-2023-2294,SUSE-Storage-7-2023-2294",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2023_2294-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2023:2294-1",
"url": "https://www.suse.com/support/update/announcement/2023/suse-su-20232294-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2023:2294-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2023-May/014984.html"
},
{
"category": "self",
"summary": "SUSE Bug 1202053",
"url": "https://bugzilla.suse.com/1202053"
},
{
"category": "self",
"summary": "SUSE Bug 1203171",
"url": "https://bugzilla.suse.com/1203171"
},
{
"category": "self",
"summary": "SUSE Bug 1206593",
"url": "https://bugzilla.suse.com/1206593"
},
{
"category": "self",
"summary": "SUSE Bug 1207670",
"url": "https://bugzilla.suse.com/1207670"
},
{
"category": "self",
"summary": "SUSE Bug 1209096",
"url": "https://bugzilla.suse.com/1209096"
},
{
"category": "self",
"summary": "SUSE Bug 1209507",
"url": "https://bugzilla.suse.com/1209507"
},
{
"category": "self",
"summary": "SUSE Bug 1209825",
"url": "https://bugzilla.suse.com/1209825"
},
{
"category": "self",
"summary": "SUSE Bug 1211398",
"url": "https://bugzilla.suse.com/1211398"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-27530 page",
"url": "https://www.suse.com/security/cve/CVE-2023-27530/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-28120 page",
"url": "https://www.suse.com/security/cve/CVE-2023-28120/"
}
],
"title": "Security update for rmt-server",
"tracking": {
"current_release_date": "2023-05-25T07:55:46Z",
"generator": {
"date": "2023-05-25T07:55:46Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2023:2294-1",
"initial_release_date": "2023-05-25T07:55:46Z",
"revision_history": [
{
"date": "2023-05-25T07:55:46Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "rmt-server-2.13-150200.3.32.1.aarch64",
"product": {
"name": "rmt-server-2.13-150200.3.32.1.aarch64",
"product_id": "rmt-server-2.13-150200.3.32.1.aarch64"
}
},
{
"category": "product_version",
"name": "rmt-server-config-2.13-150200.3.32.1.aarch64",
"product": {
"name": "rmt-server-config-2.13-150200.3.32.1.aarch64",
"product_id": "rmt-server-config-2.13-150200.3.32.1.aarch64"
}
},
{
"category": "product_version",
"name": "rmt-server-pubcloud-2.13-150200.3.32.1.aarch64",
"product": {
"name": "rmt-server-pubcloud-2.13-150200.3.32.1.aarch64",
"product_id": "rmt-server-pubcloud-2.13-150200.3.32.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "rmt-server-2.13-150200.3.32.1.ppc64le",
"product": {
"name": "rmt-server-2.13-150200.3.32.1.ppc64le",
"product_id": "rmt-server-2.13-150200.3.32.1.ppc64le"
}
},
{
"category": "product_version",
"name": "rmt-server-config-2.13-150200.3.32.1.ppc64le",
"product": {
"name": "rmt-server-config-2.13-150200.3.32.1.ppc64le",
"product_id": "rmt-server-config-2.13-150200.3.32.1.ppc64le"
}
},
{
"category": "product_version",
"name": "rmt-server-pubcloud-2.13-150200.3.32.1.ppc64le",
"product": {
"name": "rmt-server-pubcloud-2.13-150200.3.32.1.ppc64le",
"product_id": "rmt-server-pubcloud-2.13-150200.3.32.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "rmt-server-2.13-150200.3.32.1.s390x",
"product": {
"name": "rmt-server-2.13-150200.3.32.1.s390x",
"product_id": "rmt-server-2.13-150200.3.32.1.s390x"
}
},
{
"category": "product_version",
"name": "rmt-server-config-2.13-150200.3.32.1.s390x",
"product": {
"name": "rmt-server-config-2.13-150200.3.32.1.s390x",
"product_id": "rmt-server-config-2.13-150200.3.32.1.s390x"
}
},
{
"category": "product_version",
"name": "rmt-server-pubcloud-2.13-150200.3.32.1.s390x",
"product": {
"name": "rmt-server-pubcloud-2.13-150200.3.32.1.s390x",
"product_id": "rmt-server-pubcloud-2.13-150200.3.32.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "rmt-server-2.13-150200.3.32.1.x86_64",
"product": {
"name": "rmt-server-2.13-150200.3.32.1.x86_64",
"product_id": "rmt-server-2.13-150200.3.32.1.x86_64"
}
},
{
"category": "product_version",
"name": "rmt-server-config-2.13-150200.3.32.1.x86_64",
"product": {
"name": "rmt-server-config-2.13-150200.3.32.1.x86_64",
"product_id": "rmt-server-config-2.13-150200.3.32.1.x86_64"
}
},
{
"category": "product_version",
"name": "rmt-server-pubcloud-2.13-150200.3.32.1.x86_64",
"product": {
"name": "rmt-server-pubcloud-2.13-150200.3.32.1.x86_64",
"product_id": "rmt-server-pubcloud-2.13-150200.3.32.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Public Cloud 15 SP2",
"product": {
"name": "SUSE Linux Enterprise Module for Public Cloud 15 SP2",
"product_id": "SUSE Linux Enterprise Module for Public Cloud 15 SP2",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-public-cloud:15:sp2"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-ltss:15:sp2"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 15 SP2-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss:15:sp2"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP2",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP2",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:15:sp2"
}
}
},
{
"category": "product_name",
"name": "SUSE Enterprise Storage 7",
"product": {
"name": "SUSE Enterprise Storage 7",
"product_id": "SUSE Enterprise Storage 7",
"product_identification_helper": {
"cpe": "cpe:/o:suse:ses:7"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "rmt-server-pubcloud-2.13-150200.3.32.1.aarch64 as component of SUSE Linux Enterprise Module for Public Cloud 15 SP2",
"product_id": "SUSE Linux Enterprise Module for Public Cloud 15 SP2:rmt-server-pubcloud-2.13-150200.3.32.1.aarch64"
},
"product_reference": "rmt-server-pubcloud-2.13-150200.3.32.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Public Cloud 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rmt-server-pubcloud-2.13-150200.3.32.1.ppc64le as component of SUSE Linux Enterprise Module for Public Cloud 15 SP2",
"product_id": "SUSE Linux Enterprise Module for Public Cloud 15 SP2:rmt-server-pubcloud-2.13-150200.3.32.1.ppc64le"
},
"product_reference": "rmt-server-pubcloud-2.13-150200.3.32.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Public Cloud 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rmt-server-pubcloud-2.13-150200.3.32.1.s390x as component of SUSE Linux Enterprise Module for Public Cloud 15 SP2",
"product_id": "SUSE Linux Enterprise Module for Public Cloud 15 SP2:rmt-server-pubcloud-2.13-150200.3.32.1.s390x"
},
"product_reference": "rmt-server-pubcloud-2.13-150200.3.32.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Public Cloud 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rmt-server-pubcloud-2.13-150200.3.32.1.x86_64 as component of SUSE Linux Enterprise Module for Public Cloud 15 SP2",
"product_id": "SUSE Linux Enterprise Module for Public Cloud 15 SP2:rmt-server-pubcloud-2.13-150200.3.32.1.x86_64"
},
"product_reference": "rmt-server-pubcloud-2.13-150200.3.32.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Public Cloud 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rmt-server-2.13-150200.3.32.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:rmt-server-2.13-150200.3.32.1.aarch64"
},
"product_reference": "rmt-server-2.13-150200.3.32.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rmt-server-2.13-150200.3.32.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:rmt-server-2.13-150200.3.32.1.x86_64"
},
"product_reference": "rmt-server-2.13-150200.3.32.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rmt-server-config-2.13-150200.3.32.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:rmt-server-config-2.13-150200.3.32.1.aarch64"
},
"product_reference": "rmt-server-config-2.13-150200.3.32.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rmt-server-config-2.13-150200.3.32.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:rmt-server-config-2.13-150200.3.32.1.x86_64"
},
"product_reference": "rmt-server-config-2.13-150200.3.32.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rmt-server-2.13-150200.3.32.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS:rmt-server-2.13-150200.3.32.1.aarch64"
},
"product_reference": "rmt-server-2.13-150200.3.32.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rmt-server-2.13-150200.3.32.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS:rmt-server-2.13-150200.3.32.1.ppc64le"
},
"product_reference": "rmt-server-2.13-150200.3.32.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rmt-server-2.13-150200.3.32.1.s390x as component of SUSE Linux Enterprise Server 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS:rmt-server-2.13-150200.3.32.1.s390x"
},
"product_reference": "rmt-server-2.13-150200.3.32.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rmt-server-2.13-150200.3.32.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS:rmt-server-2.13-150200.3.32.1.x86_64"
},
"product_reference": "rmt-server-2.13-150200.3.32.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rmt-server-config-2.13-150200.3.32.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS:rmt-server-config-2.13-150200.3.32.1.aarch64"
},
"product_reference": "rmt-server-config-2.13-150200.3.32.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rmt-server-config-2.13-150200.3.32.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS:rmt-server-config-2.13-150200.3.32.1.ppc64le"
},
"product_reference": "rmt-server-config-2.13-150200.3.32.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rmt-server-config-2.13-150200.3.32.1.s390x as component of SUSE Linux Enterprise Server 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS:rmt-server-config-2.13-150200.3.32.1.s390x"
},
"product_reference": "rmt-server-config-2.13-150200.3.32.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rmt-server-config-2.13-150200.3.32.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS:rmt-server-config-2.13-150200.3.32.1.x86_64"
},
"product_reference": "rmt-server-config-2.13-150200.3.32.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rmt-server-2.13-150200.3.32.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP2:rmt-server-2.13-150200.3.32.1.ppc64le"
},
"product_reference": "rmt-server-2.13-150200.3.32.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rmt-server-2.13-150200.3.32.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP2:rmt-server-2.13-150200.3.32.1.x86_64"
},
"product_reference": "rmt-server-2.13-150200.3.32.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rmt-server-config-2.13-150200.3.32.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP2:rmt-server-config-2.13-150200.3.32.1.ppc64le"
},
"product_reference": "rmt-server-config-2.13-150200.3.32.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rmt-server-config-2.13-150200.3.32.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP2:rmt-server-config-2.13-150200.3.32.1.x86_64"
},
"product_reference": "rmt-server-config-2.13-150200.3.32.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rmt-server-2.13-150200.3.32.1.aarch64 as component of SUSE Enterprise Storage 7",
"product_id": "SUSE Enterprise Storage 7:rmt-server-2.13-150200.3.32.1.aarch64"
},
"product_reference": "rmt-server-2.13-150200.3.32.1.aarch64",
"relates_to_product_reference": "SUSE Enterprise Storage 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rmt-server-2.13-150200.3.32.1.x86_64 as component of SUSE Enterprise Storage 7",
"product_id": "SUSE Enterprise Storage 7:rmt-server-2.13-150200.3.32.1.x86_64"
},
"product_reference": "rmt-server-2.13-150200.3.32.1.x86_64",
"relates_to_product_reference": "SUSE Enterprise Storage 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rmt-server-config-2.13-150200.3.32.1.aarch64 as component of SUSE Enterprise Storage 7",
"product_id": "SUSE Enterprise Storage 7:rmt-server-config-2.13-150200.3.32.1.aarch64"
},
"product_reference": "rmt-server-config-2.13-150200.3.32.1.aarch64",
"relates_to_product_reference": "SUSE Enterprise Storage 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rmt-server-config-2.13-150200.3.32.1.x86_64 as component of SUSE Enterprise Storage 7",
"product_id": "SUSE Enterprise Storage 7:rmt-server-config-2.13-150200.3.32.1.x86_64"
},
"product_reference": "rmt-server-config-2.13-150200.3.32.1.x86_64",
"relates_to_product_reference": "SUSE Enterprise Storage 7"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-27530",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-27530"
}
],
"notes": [
{
"category": "general",
"text": "A DoS vulnerability exists in Rack \u003cv3.0.4.2, \u003cv2.2.6.3, \u003cv2.1.4.3 and \u003cv2.0.9.3 within in the Multipart MIME parsing code in which could allow an attacker to craft requests that can be abuse to cause multipart parsing to take longer than expected.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Enterprise Storage 7:rmt-server-2.13-150200.3.32.1.aarch64",
"SUSE Enterprise Storage 7:rmt-server-2.13-150200.3.32.1.x86_64",
"SUSE Enterprise Storage 7:rmt-server-config-2.13-150200.3.32.1.aarch64",
"SUSE Enterprise Storage 7:rmt-server-config-2.13-150200.3.32.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:rmt-server-2.13-150200.3.32.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:rmt-server-2.13-150200.3.32.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:rmt-server-config-2.13-150200.3.32.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:rmt-server-config-2.13-150200.3.32.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP2:rmt-server-pubcloud-2.13-150200.3.32.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP2:rmt-server-pubcloud-2.13-150200.3.32.1.ppc64le",
"SUSE Linux Enterprise Module for Public Cloud 15 SP2:rmt-server-pubcloud-2.13-150200.3.32.1.s390x",
"SUSE Linux Enterprise Module for Public Cloud 15 SP2:rmt-server-pubcloud-2.13-150200.3.32.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:rmt-server-2.13-150200.3.32.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:rmt-server-2.13-150200.3.32.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:rmt-server-2.13-150200.3.32.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:rmt-server-2.13-150200.3.32.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:rmt-server-config-2.13-150200.3.32.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:rmt-server-config-2.13-150200.3.32.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:rmt-server-config-2.13-150200.3.32.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:rmt-server-config-2.13-150200.3.32.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:rmt-server-2.13-150200.3.32.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:rmt-server-2.13-150200.3.32.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:rmt-server-config-2.13-150200.3.32.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:rmt-server-config-2.13-150200.3.32.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-27530",
"url": "https://www.suse.com/security/cve/CVE-2023-27530"
},
{
"category": "external",
"summary": "SUSE Bug 1209095 for CVE-2023-27530",
"url": "https://bugzilla.suse.com/1209095"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Enterprise Storage 7:rmt-server-2.13-150200.3.32.1.aarch64",
"SUSE Enterprise Storage 7:rmt-server-2.13-150200.3.32.1.x86_64",
"SUSE Enterprise Storage 7:rmt-server-config-2.13-150200.3.32.1.aarch64",
"SUSE Enterprise Storage 7:rmt-server-config-2.13-150200.3.32.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:rmt-server-2.13-150200.3.32.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:rmt-server-2.13-150200.3.32.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:rmt-server-config-2.13-150200.3.32.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:rmt-server-config-2.13-150200.3.32.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP2:rmt-server-pubcloud-2.13-150200.3.32.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP2:rmt-server-pubcloud-2.13-150200.3.32.1.ppc64le",
"SUSE Linux Enterprise Module for Public Cloud 15 SP2:rmt-server-pubcloud-2.13-150200.3.32.1.s390x",
"SUSE Linux Enterprise Module for Public Cloud 15 SP2:rmt-server-pubcloud-2.13-150200.3.32.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:rmt-server-2.13-150200.3.32.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:rmt-server-2.13-150200.3.32.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:rmt-server-2.13-150200.3.32.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:rmt-server-2.13-150200.3.32.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:rmt-server-config-2.13-150200.3.32.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:rmt-server-config-2.13-150200.3.32.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:rmt-server-config-2.13-150200.3.32.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:rmt-server-config-2.13-150200.3.32.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:rmt-server-2.13-150200.3.32.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:rmt-server-2.13-150200.3.32.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:rmt-server-config-2.13-150200.3.32.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:rmt-server-config-2.13-150200.3.32.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Enterprise Storage 7:rmt-server-2.13-150200.3.32.1.aarch64",
"SUSE Enterprise Storage 7:rmt-server-2.13-150200.3.32.1.x86_64",
"SUSE Enterprise Storage 7:rmt-server-config-2.13-150200.3.32.1.aarch64",
"SUSE Enterprise Storage 7:rmt-server-config-2.13-150200.3.32.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:rmt-server-2.13-150200.3.32.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:rmt-server-2.13-150200.3.32.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:rmt-server-config-2.13-150200.3.32.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:rmt-server-config-2.13-150200.3.32.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP2:rmt-server-pubcloud-2.13-150200.3.32.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP2:rmt-server-pubcloud-2.13-150200.3.32.1.ppc64le",
"SUSE Linux Enterprise Module for Public Cloud 15 SP2:rmt-server-pubcloud-2.13-150200.3.32.1.s390x",
"SUSE Linux Enterprise Module for Public Cloud 15 SP2:rmt-server-pubcloud-2.13-150200.3.32.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:rmt-server-2.13-150200.3.32.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:rmt-server-2.13-150200.3.32.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:rmt-server-2.13-150200.3.32.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:rmt-server-2.13-150200.3.32.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:rmt-server-config-2.13-150200.3.32.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:rmt-server-config-2.13-150200.3.32.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:rmt-server-config-2.13-150200.3.32.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:rmt-server-config-2.13-150200.3.32.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:rmt-server-2.13-150200.3.32.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:rmt-server-2.13-150200.3.32.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:rmt-server-config-2.13-150200.3.32.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:rmt-server-config-2.13-150200.3.32.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-05-25T07:55:46Z",
"details": "important"
}
],
"title": "CVE-2023-27530"
},
{
"cve": "CVE-2023-28120",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-28120"
}
],
"notes": [
{
"category": "general",
"text": "There is a vulnerability in ActiveSupport if the new bytesplice method is called on a SafeBuffer with untrusted user input.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Enterprise Storage 7:rmt-server-2.13-150200.3.32.1.aarch64",
"SUSE Enterprise Storage 7:rmt-server-2.13-150200.3.32.1.x86_64",
"SUSE Enterprise Storage 7:rmt-server-config-2.13-150200.3.32.1.aarch64",
"SUSE Enterprise Storage 7:rmt-server-config-2.13-150200.3.32.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:rmt-server-2.13-150200.3.32.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:rmt-server-2.13-150200.3.32.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:rmt-server-config-2.13-150200.3.32.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:rmt-server-config-2.13-150200.3.32.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP2:rmt-server-pubcloud-2.13-150200.3.32.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP2:rmt-server-pubcloud-2.13-150200.3.32.1.ppc64le",
"SUSE Linux Enterprise Module for Public Cloud 15 SP2:rmt-server-pubcloud-2.13-150200.3.32.1.s390x",
"SUSE Linux Enterprise Module for Public Cloud 15 SP2:rmt-server-pubcloud-2.13-150200.3.32.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:rmt-server-2.13-150200.3.32.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:rmt-server-2.13-150200.3.32.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:rmt-server-2.13-150200.3.32.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:rmt-server-2.13-150200.3.32.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:rmt-server-config-2.13-150200.3.32.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:rmt-server-config-2.13-150200.3.32.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:rmt-server-config-2.13-150200.3.32.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:rmt-server-config-2.13-150200.3.32.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:rmt-server-2.13-150200.3.32.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:rmt-server-2.13-150200.3.32.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:rmt-server-config-2.13-150200.3.32.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:rmt-server-config-2.13-150200.3.32.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-28120",
"url": "https://www.suse.com/security/cve/CVE-2023-28120"
},
{
"category": "external",
"summary": "SUSE Bug 1209505 for CVE-2023-28120",
"url": "https://bugzilla.suse.com/1209505"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Enterprise Storage 7:rmt-server-2.13-150200.3.32.1.aarch64",
"SUSE Enterprise Storage 7:rmt-server-2.13-150200.3.32.1.x86_64",
"SUSE Enterprise Storage 7:rmt-server-config-2.13-150200.3.32.1.aarch64",
"SUSE Enterprise Storage 7:rmt-server-config-2.13-150200.3.32.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:rmt-server-2.13-150200.3.32.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:rmt-server-2.13-150200.3.32.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:rmt-server-config-2.13-150200.3.32.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:rmt-server-config-2.13-150200.3.32.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP2:rmt-server-pubcloud-2.13-150200.3.32.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP2:rmt-server-pubcloud-2.13-150200.3.32.1.ppc64le",
"SUSE Linux Enterprise Module for Public Cloud 15 SP2:rmt-server-pubcloud-2.13-150200.3.32.1.s390x",
"SUSE Linux Enterprise Module for Public Cloud 15 SP2:rmt-server-pubcloud-2.13-150200.3.32.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:rmt-server-2.13-150200.3.32.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:rmt-server-2.13-150200.3.32.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:rmt-server-2.13-150200.3.32.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:rmt-server-2.13-150200.3.32.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:rmt-server-config-2.13-150200.3.32.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:rmt-server-config-2.13-150200.3.32.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:rmt-server-config-2.13-150200.3.32.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:rmt-server-config-2.13-150200.3.32.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:rmt-server-2.13-150200.3.32.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:rmt-server-2.13-150200.3.32.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:rmt-server-config-2.13-150200.3.32.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:rmt-server-config-2.13-150200.3.32.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Enterprise Storage 7:rmt-server-2.13-150200.3.32.1.aarch64",
"SUSE Enterprise Storage 7:rmt-server-2.13-150200.3.32.1.x86_64",
"SUSE Enterprise Storage 7:rmt-server-config-2.13-150200.3.32.1.aarch64",
"SUSE Enterprise Storage 7:rmt-server-config-2.13-150200.3.32.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:rmt-server-2.13-150200.3.32.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:rmt-server-2.13-150200.3.32.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:rmt-server-config-2.13-150200.3.32.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:rmt-server-config-2.13-150200.3.32.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP2:rmt-server-pubcloud-2.13-150200.3.32.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP2:rmt-server-pubcloud-2.13-150200.3.32.1.ppc64le",
"SUSE Linux Enterprise Module for Public Cloud 15 SP2:rmt-server-pubcloud-2.13-150200.3.32.1.s390x",
"SUSE Linux Enterprise Module for Public Cloud 15 SP2:rmt-server-pubcloud-2.13-150200.3.32.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:rmt-server-2.13-150200.3.32.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:rmt-server-2.13-150200.3.32.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:rmt-server-2.13-150200.3.32.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:rmt-server-2.13-150200.3.32.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:rmt-server-config-2.13-150200.3.32.1.aarch64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:rmt-server-config-2.13-150200.3.32.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:rmt-server-config-2.13-150200.3.32.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:rmt-server-config-2.13-150200.3.32.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:rmt-server-2.13-150200.3.32.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:rmt-server-2.13-150200.3.32.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:rmt-server-config-2.13-150200.3.32.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:rmt-server-config-2.13-150200.3.32.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-05-25T07:55:46Z",
"details": "moderate"
}
],
"title": "CVE-2023-28120"
}
]
}
suse-su-2023:2295-1
Vulnerability from csaf_suse
Published
2023-05-25 07:56
Modified
2023-05-25 07:56
Summary
Security update for rmt-server
Notes
Title of the patch
Security update for rmt-server
Description of the patch
This update for rmt-server fixes the following issues:
Updated to version 2.13:
- CVE-2023-28120: Fixed a potential XSS issue in an embedded
dependency (bsc#1209507).
- CVE-2023-27530: Fixed a denial of service issue in multipart request
parsing (bsc#1209096).
Non-security fixes:
- Fixed transactional update on GCE (bsc#1211398).
- Use HTTPS in rmt-client-setup-res (bsc#1209825).
- Various build fixes (bsc#1207670, bsc#1203171, bsc#1206593,
bsc#1202053).
Patchnames
SUSE-2023-2295,SUSE-SLE-Module-Public-Cloud-15-SP4-2023-2295,SUSE-SLE-Module-Server-Applications-15-SP4-2023-2295,openSUSE-SLE-15.4-2023-2295
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for rmt-server",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for rmt-server fixes the following issues:\n\nUpdated to version 2.13:\n\n- CVE-2023-28120: Fixed a potential XSS issue in an embedded\n dependency (bsc#1209507).\n- CVE-2023-27530: Fixed a denial of service issue in multipart request\n parsing (bsc#1209096).\n\nNon-security fixes:\n\n- Fixed transactional update on GCE (bsc#1211398).\n- Use HTTPS in rmt-client-setup-res (bsc#1209825).\n- Various build fixes (bsc#1207670, bsc#1203171, bsc#1206593,\n bsc#1202053).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2023-2295,SUSE-SLE-Module-Public-Cloud-15-SP4-2023-2295,SUSE-SLE-Module-Server-Applications-15-SP4-2023-2295,openSUSE-SLE-15.4-2023-2295",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2023_2295-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2023:2295-1",
"url": "https://www.suse.com/support/update/announcement/2023/suse-su-20232295-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2023:2295-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2023-May/014983.html"
},
{
"category": "self",
"summary": "SUSE Bug 1202053",
"url": "https://bugzilla.suse.com/1202053"
},
{
"category": "self",
"summary": "SUSE Bug 1203171",
"url": "https://bugzilla.suse.com/1203171"
},
{
"category": "self",
"summary": "SUSE Bug 1206593",
"url": "https://bugzilla.suse.com/1206593"
},
{
"category": "self",
"summary": "SUSE Bug 1207670",
"url": "https://bugzilla.suse.com/1207670"
},
{
"category": "self",
"summary": "SUSE Bug 1209096",
"url": "https://bugzilla.suse.com/1209096"
},
{
"category": "self",
"summary": "SUSE Bug 1209507",
"url": "https://bugzilla.suse.com/1209507"
},
{
"category": "self",
"summary": "SUSE Bug 1209825",
"url": "https://bugzilla.suse.com/1209825"
},
{
"category": "self",
"summary": "SUSE Bug 1211398",
"url": "https://bugzilla.suse.com/1211398"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-27530 page",
"url": "https://www.suse.com/security/cve/CVE-2023-27530/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-28120 page",
"url": "https://www.suse.com/security/cve/CVE-2023-28120/"
}
],
"title": "Security update for rmt-server",
"tracking": {
"current_release_date": "2023-05-25T07:56:07Z",
"generator": {
"date": "2023-05-25T07:56:07Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2023:2295-1",
"initial_release_date": "2023-05-25T07:56:07Z",
"revision_history": [
{
"date": "2023-05-25T07:56:07Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "rmt-server-2.13-150400.3.12.1.aarch64",
"product": {
"name": "rmt-server-2.13-150400.3.12.1.aarch64",
"product_id": "rmt-server-2.13-150400.3.12.1.aarch64"
}
},
{
"category": "product_version",
"name": "rmt-server-config-2.13-150400.3.12.1.aarch64",
"product": {
"name": "rmt-server-config-2.13-150400.3.12.1.aarch64",
"product_id": "rmt-server-config-2.13-150400.3.12.1.aarch64"
}
},
{
"category": "product_version",
"name": "rmt-server-pubcloud-2.13-150400.3.12.1.aarch64",
"product": {
"name": "rmt-server-pubcloud-2.13-150400.3.12.1.aarch64",
"product_id": "rmt-server-pubcloud-2.13-150400.3.12.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "rmt-server-2.13-150400.3.12.1.ppc64le",
"product": {
"name": "rmt-server-2.13-150400.3.12.1.ppc64le",
"product_id": "rmt-server-2.13-150400.3.12.1.ppc64le"
}
},
{
"category": "product_version",
"name": "rmt-server-config-2.13-150400.3.12.1.ppc64le",
"product": {
"name": "rmt-server-config-2.13-150400.3.12.1.ppc64le",
"product_id": "rmt-server-config-2.13-150400.3.12.1.ppc64le"
}
},
{
"category": "product_version",
"name": "rmt-server-pubcloud-2.13-150400.3.12.1.ppc64le",
"product": {
"name": "rmt-server-pubcloud-2.13-150400.3.12.1.ppc64le",
"product_id": "rmt-server-pubcloud-2.13-150400.3.12.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "rmt-server-2.13-150400.3.12.1.s390x",
"product": {
"name": "rmt-server-2.13-150400.3.12.1.s390x",
"product_id": "rmt-server-2.13-150400.3.12.1.s390x"
}
},
{
"category": "product_version",
"name": "rmt-server-config-2.13-150400.3.12.1.s390x",
"product": {
"name": "rmt-server-config-2.13-150400.3.12.1.s390x",
"product_id": "rmt-server-config-2.13-150400.3.12.1.s390x"
}
},
{
"category": "product_version",
"name": "rmt-server-pubcloud-2.13-150400.3.12.1.s390x",
"product": {
"name": "rmt-server-pubcloud-2.13-150400.3.12.1.s390x",
"product_id": "rmt-server-pubcloud-2.13-150400.3.12.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "rmt-server-2.13-150400.3.12.1.x86_64",
"product": {
"name": "rmt-server-2.13-150400.3.12.1.x86_64",
"product_id": "rmt-server-2.13-150400.3.12.1.x86_64"
}
},
{
"category": "product_version",
"name": "rmt-server-config-2.13-150400.3.12.1.x86_64",
"product": {
"name": "rmt-server-config-2.13-150400.3.12.1.x86_64",
"product_id": "rmt-server-config-2.13-150400.3.12.1.x86_64"
}
},
{
"category": "product_version",
"name": "rmt-server-pubcloud-2.13-150400.3.12.1.x86_64",
"product": {
"name": "rmt-server-pubcloud-2.13-150400.3.12.1.x86_64",
"product_id": "rmt-server-pubcloud-2.13-150400.3.12.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Public Cloud 15 SP4",
"product": {
"name": "SUSE Linux Enterprise Module for Public Cloud 15 SP4",
"product_id": "SUSE Linux Enterprise Module for Public Cloud 15 SP4",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-public-cloud:15:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Server Applications 15 SP4",
"product": {
"name": "SUSE Linux Enterprise Module for Server Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Module for Server Applications 15 SP4",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-server-applications:15:sp4"
}
}
},
{
"category": "product_name",
"name": "openSUSE Leap 15.4",
"product": {
"name": "openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:leap:15.4"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "rmt-server-pubcloud-2.13-150400.3.12.1.aarch64 as component of SUSE Linux Enterprise Module for Public Cloud 15 SP4",
"product_id": "SUSE Linux Enterprise Module for Public Cloud 15 SP4:rmt-server-pubcloud-2.13-150400.3.12.1.aarch64"
},
"product_reference": "rmt-server-pubcloud-2.13-150400.3.12.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Public Cloud 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rmt-server-pubcloud-2.13-150400.3.12.1.ppc64le as component of SUSE Linux Enterprise Module for Public Cloud 15 SP4",
"product_id": "SUSE Linux Enterprise Module for Public Cloud 15 SP4:rmt-server-pubcloud-2.13-150400.3.12.1.ppc64le"
},
"product_reference": "rmt-server-pubcloud-2.13-150400.3.12.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Public Cloud 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rmt-server-pubcloud-2.13-150400.3.12.1.s390x as component of SUSE Linux Enterprise Module for Public Cloud 15 SP4",
"product_id": "SUSE Linux Enterprise Module for Public Cloud 15 SP4:rmt-server-pubcloud-2.13-150400.3.12.1.s390x"
},
"product_reference": "rmt-server-pubcloud-2.13-150400.3.12.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Public Cloud 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rmt-server-pubcloud-2.13-150400.3.12.1.x86_64 as component of SUSE Linux Enterprise Module for Public Cloud 15 SP4",
"product_id": "SUSE Linux Enterprise Module for Public Cloud 15 SP4:rmt-server-pubcloud-2.13-150400.3.12.1.x86_64"
},
"product_reference": "rmt-server-pubcloud-2.13-150400.3.12.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Public Cloud 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rmt-server-2.13-150400.3.12.1.aarch64 as component of SUSE Linux Enterprise Module for Server Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Module for Server Applications 15 SP4:rmt-server-2.13-150400.3.12.1.aarch64"
},
"product_reference": "rmt-server-2.13-150400.3.12.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Server Applications 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rmt-server-2.13-150400.3.12.1.ppc64le as component of SUSE Linux Enterprise Module for Server Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Module for Server Applications 15 SP4:rmt-server-2.13-150400.3.12.1.ppc64le"
},
"product_reference": "rmt-server-2.13-150400.3.12.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Server Applications 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rmt-server-2.13-150400.3.12.1.s390x as component of SUSE Linux Enterprise Module for Server Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Module for Server Applications 15 SP4:rmt-server-2.13-150400.3.12.1.s390x"
},
"product_reference": "rmt-server-2.13-150400.3.12.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Server Applications 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rmt-server-2.13-150400.3.12.1.x86_64 as component of SUSE Linux Enterprise Module for Server Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Module for Server Applications 15 SP4:rmt-server-2.13-150400.3.12.1.x86_64"
},
"product_reference": "rmt-server-2.13-150400.3.12.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Server Applications 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rmt-server-config-2.13-150400.3.12.1.aarch64 as component of SUSE Linux Enterprise Module for Server Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Module for Server Applications 15 SP4:rmt-server-config-2.13-150400.3.12.1.aarch64"
},
"product_reference": "rmt-server-config-2.13-150400.3.12.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Server Applications 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rmt-server-config-2.13-150400.3.12.1.ppc64le as component of SUSE Linux Enterprise Module for Server Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Module for Server Applications 15 SP4:rmt-server-config-2.13-150400.3.12.1.ppc64le"
},
"product_reference": "rmt-server-config-2.13-150400.3.12.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Server Applications 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rmt-server-config-2.13-150400.3.12.1.s390x as component of SUSE Linux Enterprise Module for Server Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Module for Server Applications 15 SP4:rmt-server-config-2.13-150400.3.12.1.s390x"
},
"product_reference": "rmt-server-config-2.13-150400.3.12.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Server Applications 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rmt-server-config-2.13-150400.3.12.1.x86_64 as component of SUSE Linux Enterprise Module for Server Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Module for Server Applications 15 SP4:rmt-server-config-2.13-150400.3.12.1.x86_64"
},
"product_reference": "rmt-server-config-2.13-150400.3.12.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Server Applications 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rmt-server-2.13-150400.3.12.1.aarch64 as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:rmt-server-2.13-150400.3.12.1.aarch64"
},
"product_reference": "rmt-server-2.13-150400.3.12.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rmt-server-2.13-150400.3.12.1.ppc64le as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:rmt-server-2.13-150400.3.12.1.ppc64le"
},
"product_reference": "rmt-server-2.13-150400.3.12.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rmt-server-2.13-150400.3.12.1.s390x as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:rmt-server-2.13-150400.3.12.1.s390x"
},
"product_reference": "rmt-server-2.13-150400.3.12.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rmt-server-2.13-150400.3.12.1.x86_64 as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:rmt-server-2.13-150400.3.12.1.x86_64"
},
"product_reference": "rmt-server-2.13-150400.3.12.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rmt-server-config-2.13-150400.3.12.1.aarch64 as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:rmt-server-config-2.13-150400.3.12.1.aarch64"
},
"product_reference": "rmt-server-config-2.13-150400.3.12.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rmt-server-config-2.13-150400.3.12.1.ppc64le as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:rmt-server-config-2.13-150400.3.12.1.ppc64le"
},
"product_reference": "rmt-server-config-2.13-150400.3.12.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rmt-server-config-2.13-150400.3.12.1.s390x as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:rmt-server-config-2.13-150400.3.12.1.s390x"
},
"product_reference": "rmt-server-config-2.13-150400.3.12.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rmt-server-config-2.13-150400.3.12.1.x86_64 as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:rmt-server-config-2.13-150400.3.12.1.x86_64"
},
"product_reference": "rmt-server-config-2.13-150400.3.12.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rmt-server-pubcloud-2.13-150400.3.12.1.aarch64 as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:rmt-server-pubcloud-2.13-150400.3.12.1.aarch64"
},
"product_reference": "rmt-server-pubcloud-2.13-150400.3.12.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rmt-server-pubcloud-2.13-150400.3.12.1.ppc64le as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:rmt-server-pubcloud-2.13-150400.3.12.1.ppc64le"
},
"product_reference": "rmt-server-pubcloud-2.13-150400.3.12.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rmt-server-pubcloud-2.13-150400.3.12.1.s390x as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:rmt-server-pubcloud-2.13-150400.3.12.1.s390x"
},
"product_reference": "rmt-server-pubcloud-2.13-150400.3.12.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rmt-server-pubcloud-2.13-150400.3.12.1.x86_64 as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:rmt-server-pubcloud-2.13-150400.3.12.1.x86_64"
},
"product_reference": "rmt-server-pubcloud-2.13-150400.3.12.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.4"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-27530",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-27530"
}
],
"notes": [
{
"category": "general",
"text": "A DoS vulnerability exists in Rack \u003cv3.0.4.2, \u003cv2.2.6.3, \u003cv2.1.4.3 and \u003cv2.0.9.3 within in the Multipart MIME parsing code in which could allow an attacker to craft requests that can be abuse to cause multipart parsing to take longer than expected.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP4:rmt-server-pubcloud-2.13-150400.3.12.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP4:rmt-server-pubcloud-2.13-150400.3.12.1.ppc64le",
"SUSE Linux Enterprise Module for Public Cloud 15 SP4:rmt-server-pubcloud-2.13-150400.3.12.1.s390x",
"SUSE Linux Enterprise Module for Public Cloud 15 SP4:rmt-server-pubcloud-2.13-150400.3.12.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15 SP4:rmt-server-2.13-150400.3.12.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15 SP4:rmt-server-2.13-150400.3.12.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15 SP4:rmt-server-2.13-150400.3.12.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15 SP4:rmt-server-2.13-150400.3.12.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15 SP4:rmt-server-config-2.13-150400.3.12.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15 SP4:rmt-server-config-2.13-150400.3.12.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15 SP4:rmt-server-config-2.13-150400.3.12.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15 SP4:rmt-server-config-2.13-150400.3.12.1.x86_64",
"openSUSE Leap 15.4:rmt-server-2.13-150400.3.12.1.aarch64",
"openSUSE Leap 15.4:rmt-server-2.13-150400.3.12.1.ppc64le",
"openSUSE Leap 15.4:rmt-server-2.13-150400.3.12.1.s390x",
"openSUSE Leap 15.4:rmt-server-2.13-150400.3.12.1.x86_64",
"openSUSE Leap 15.4:rmt-server-config-2.13-150400.3.12.1.aarch64",
"openSUSE Leap 15.4:rmt-server-config-2.13-150400.3.12.1.ppc64le",
"openSUSE Leap 15.4:rmt-server-config-2.13-150400.3.12.1.s390x",
"openSUSE Leap 15.4:rmt-server-config-2.13-150400.3.12.1.x86_64",
"openSUSE Leap 15.4:rmt-server-pubcloud-2.13-150400.3.12.1.aarch64",
"openSUSE Leap 15.4:rmt-server-pubcloud-2.13-150400.3.12.1.ppc64le",
"openSUSE Leap 15.4:rmt-server-pubcloud-2.13-150400.3.12.1.s390x",
"openSUSE Leap 15.4:rmt-server-pubcloud-2.13-150400.3.12.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-27530",
"url": "https://www.suse.com/security/cve/CVE-2023-27530"
},
{
"category": "external",
"summary": "SUSE Bug 1209095 for CVE-2023-27530",
"url": "https://bugzilla.suse.com/1209095"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP4:rmt-server-pubcloud-2.13-150400.3.12.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP4:rmt-server-pubcloud-2.13-150400.3.12.1.ppc64le",
"SUSE Linux Enterprise Module for Public Cloud 15 SP4:rmt-server-pubcloud-2.13-150400.3.12.1.s390x",
"SUSE Linux Enterprise Module for Public Cloud 15 SP4:rmt-server-pubcloud-2.13-150400.3.12.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15 SP4:rmt-server-2.13-150400.3.12.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15 SP4:rmt-server-2.13-150400.3.12.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15 SP4:rmt-server-2.13-150400.3.12.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15 SP4:rmt-server-2.13-150400.3.12.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15 SP4:rmt-server-config-2.13-150400.3.12.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15 SP4:rmt-server-config-2.13-150400.3.12.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15 SP4:rmt-server-config-2.13-150400.3.12.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15 SP4:rmt-server-config-2.13-150400.3.12.1.x86_64",
"openSUSE Leap 15.4:rmt-server-2.13-150400.3.12.1.aarch64",
"openSUSE Leap 15.4:rmt-server-2.13-150400.3.12.1.ppc64le",
"openSUSE Leap 15.4:rmt-server-2.13-150400.3.12.1.s390x",
"openSUSE Leap 15.4:rmt-server-2.13-150400.3.12.1.x86_64",
"openSUSE Leap 15.4:rmt-server-config-2.13-150400.3.12.1.aarch64",
"openSUSE Leap 15.4:rmt-server-config-2.13-150400.3.12.1.ppc64le",
"openSUSE Leap 15.4:rmt-server-config-2.13-150400.3.12.1.s390x",
"openSUSE Leap 15.4:rmt-server-config-2.13-150400.3.12.1.x86_64",
"openSUSE Leap 15.4:rmt-server-pubcloud-2.13-150400.3.12.1.aarch64",
"openSUSE Leap 15.4:rmt-server-pubcloud-2.13-150400.3.12.1.ppc64le",
"openSUSE Leap 15.4:rmt-server-pubcloud-2.13-150400.3.12.1.s390x",
"openSUSE Leap 15.4:rmt-server-pubcloud-2.13-150400.3.12.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP4:rmt-server-pubcloud-2.13-150400.3.12.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP4:rmt-server-pubcloud-2.13-150400.3.12.1.ppc64le",
"SUSE Linux Enterprise Module for Public Cloud 15 SP4:rmt-server-pubcloud-2.13-150400.3.12.1.s390x",
"SUSE Linux Enterprise Module for Public Cloud 15 SP4:rmt-server-pubcloud-2.13-150400.3.12.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15 SP4:rmt-server-2.13-150400.3.12.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15 SP4:rmt-server-2.13-150400.3.12.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15 SP4:rmt-server-2.13-150400.3.12.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15 SP4:rmt-server-2.13-150400.3.12.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15 SP4:rmt-server-config-2.13-150400.3.12.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15 SP4:rmt-server-config-2.13-150400.3.12.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15 SP4:rmt-server-config-2.13-150400.3.12.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15 SP4:rmt-server-config-2.13-150400.3.12.1.x86_64",
"openSUSE Leap 15.4:rmt-server-2.13-150400.3.12.1.aarch64",
"openSUSE Leap 15.4:rmt-server-2.13-150400.3.12.1.ppc64le",
"openSUSE Leap 15.4:rmt-server-2.13-150400.3.12.1.s390x",
"openSUSE Leap 15.4:rmt-server-2.13-150400.3.12.1.x86_64",
"openSUSE Leap 15.4:rmt-server-config-2.13-150400.3.12.1.aarch64",
"openSUSE Leap 15.4:rmt-server-config-2.13-150400.3.12.1.ppc64le",
"openSUSE Leap 15.4:rmt-server-config-2.13-150400.3.12.1.s390x",
"openSUSE Leap 15.4:rmt-server-config-2.13-150400.3.12.1.x86_64",
"openSUSE Leap 15.4:rmt-server-pubcloud-2.13-150400.3.12.1.aarch64",
"openSUSE Leap 15.4:rmt-server-pubcloud-2.13-150400.3.12.1.ppc64le",
"openSUSE Leap 15.4:rmt-server-pubcloud-2.13-150400.3.12.1.s390x",
"openSUSE Leap 15.4:rmt-server-pubcloud-2.13-150400.3.12.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-05-25T07:56:07Z",
"details": "important"
}
],
"title": "CVE-2023-27530"
},
{
"cve": "CVE-2023-28120",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-28120"
}
],
"notes": [
{
"category": "general",
"text": "There is a vulnerability in ActiveSupport if the new bytesplice method is called on a SafeBuffer with untrusted user input.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP4:rmt-server-pubcloud-2.13-150400.3.12.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP4:rmt-server-pubcloud-2.13-150400.3.12.1.ppc64le",
"SUSE Linux Enterprise Module for Public Cloud 15 SP4:rmt-server-pubcloud-2.13-150400.3.12.1.s390x",
"SUSE Linux Enterprise Module for Public Cloud 15 SP4:rmt-server-pubcloud-2.13-150400.3.12.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15 SP4:rmt-server-2.13-150400.3.12.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15 SP4:rmt-server-2.13-150400.3.12.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15 SP4:rmt-server-2.13-150400.3.12.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15 SP4:rmt-server-2.13-150400.3.12.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15 SP4:rmt-server-config-2.13-150400.3.12.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15 SP4:rmt-server-config-2.13-150400.3.12.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15 SP4:rmt-server-config-2.13-150400.3.12.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15 SP4:rmt-server-config-2.13-150400.3.12.1.x86_64",
"openSUSE Leap 15.4:rmt-server-2.13-150400.3.12.1.aarch64",
"openSUSE Leap 15.4:rmt-server-2.13-150400.3.12.1.ppc64le",
"openSUSE Leap 15.4:rmt-server-2.13-150400.3.12.1.s390x",
"openSUSE Leap 15.4:rmt-server-2.13-150400.3.12.1.x86_64",
"openSUSE Leap 15.4:rmt-server-config-2.13-150400.3.12.1.aarch64",
"openSUSE Leap 15.4:rmt-server-config-2.13-150400.3.12.1.ppc64le",
"openSUSE Leap 15.4:rmt-server-config-2.13-150400.3.12.1.s390x",
"openSUSE Leap 15.4:rmt-server-config-2.13-150400.3.12.1.x86_64",
"openSUSE Leap 15.4:rmt-server-pubcloud-2.13-150400.3.12.1.aarch64",
"openSUSE Leap 15.4:rmt-server-pubcloud-2.13-150400.3.12.1.ppc64le",
"openSUSE Leap 15.4:rmt-server-pubcloud-2.13-150400.3.12.1.s390x",
"openSUSE Leap 15.4:rmt-server-pubcloud-2.13-150400.3.12.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-28120",
"url": "https://www.suse.com/security/cve/CVE-2023-28120"
},
{
"category": "external",
"summary": "SUSE Bug 1209505 for CVE-2023-28120",
"url": "https://bugzilla.suse.com/1209505"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP4:rmt-server-pubcloud-2.13-150400.3.12.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP4:rmt-server-pubcloud-2.13-150400.3.12.1.ppc64le",
"SUSE Linux Enterprise Module for Public Cloud 15 SP4:rmt-server-pubcloud-2.13-150400.3.12.1.s390x",
"SUSE Linux Enterprise Module for Public Cloud 15 SP4:rmt-server-pubcloud-2.13-150400.3.12.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15 SP4:rmt-server-2.13-150400.3.12.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15 SP4:rmt-server-2.13-150400.3.12.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15 SP4:rmt-server-2.13-150400.3.12.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15 SP4:rmt-server-2.13-150400.3.12.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15 SP4:rmt-server-config-2.13-150400.3.12.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15 SP4:rmt-server-config-2.13-150400.3.12.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15 SP4:rmt-server-config-2.13-150400.3.12.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15 SP4:rmt-server-config-2.13-150400.3.12.1.x86_64",
"openSUSE Leap 15.4:rmt-server-2.13-150400.3.12.1.aarch64",
"openSUSE Leap 15.4:rmt-server-2.13-150400.3.12.1.ppc64le",
"openSUSE Leap 15.4:rmt-server-2.13-150400.3.12.1.s390x",
"openSUSE Leap 15.4:rmt-server-2.13-150400.3.12.1.x86_64",
"openSUSE Leap 15.4:rmt-server-config-2.13-150400.3.12.1.aarch64",
"openSUSE Leap 15.4:rmt-server-config-2.13-150400.3.12.1.ppc64le",
"openSUSE Leap 15.4:rmt-server-config-2.13-150400.3.12.1.s390x",
"openSUSE Leap 15.4:rmt-server-config-2.13-150400.3.12.1.x86_64",
"openSUSE Leap 15.4:rmt-server-pubcloud-2.13-150400.3.12.1.aarch64",
"openSUSE Leap 15.4:rmt-server-pubcloud-2.13-150400.3.12.1.ppc64le",
"openSUSE Leap 15.4:rmt-server-pubcloud-2.13-150400.3.12.1.s390x",
"openSUSE Leap 15.4:rmt-server-pubcloud-2.13-150400.3.12.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP4:rmt-server-pubcloud-2.13-150400.3.12.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP4:rmt-server-pubcloud-2.13-150400.3.12.1.ppc64le",
"SUSE Linux Enterprise Module for Public Cloud 15 SP4:rmt-server-pubcloud-2.13-150400.3.12.1.s390x",
"SUSE Linux Enterprise Module for Public Cloud 15 SP4:rmt-server-pubcloud-2.13-150400.3.12.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15 SP4:rmt-server-2.13-150400.3.12.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15 SP4:rmt-server-2.13-150400.3.12.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15 SP4:rmt-server-2.13-150400.3.12.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15 SP4:rmt-server-2.13-150400.3.12.1.x86_64",
"SUSE Linux Enterprise Module for Server Applications 15 SP4:rmt-server-config-2.13-150400.3.12.1.aarch64",
"SUSE Linux Enterprise Module for Server Applications 15 SP4:rmt-server-config-2.13-150400.3.12.1.ppc64le",
"SUSE Linux Enterprise Module for Server Applications 15 SP4:rmt-server-config-2.13-150400.3.12.1.s390x",
"SUSE Linux Enterprise Module for Server Applications 15 SP4:rmt-server-config-2.13-150400.3.12.1.x86_64",
"openSUSE Leap 15.4:rmt-server-2.13-150400.3.12.1.aarch64",
"openSUSE Leap 15.4:rmt-server-2.13-150400.3.12.1.ppc64le",
"openSUSE Leap 15.4:rmt-server-2.13-150400.3.12.1.s390x",
"openSUSE Leap 15.4:rmt-server-2.13-150400.3.12.1.x86_64",
"openSUSE Leap 15.4:rmt-server-config-2.13-150400.3.12.1.aarch64",
"openSUSE Leap 15.4:rmt-server-config-2.13-150400.3.12.1.ppc64le",
"openSUSE Leap 15.4:rmt-server-config-2.13-150400.3.12.1.s390x",
"openSUSE Leap 15.4:rmt-server-config-2.13-150400.3.12.1.x86_64",
"openSUSE Leap 15.4:rmt-server-pubcloud-2.13-150400.3.12.1.aarch64",
"openSUSE Leap 15.4:rmt-server-pubcloud-2.13-150400.3.12.1.ppc64le",
"openSUSE Leap 15.4:rmt-server-pubcloud-2.13-150400.3.12.1.s390x",
"openSUSE Leap 15.4:rmt-server-pubcloud-2.13-150400.3.12.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-05-25T07:56:07Z",
"details": "moderate"
}
],
"title": "CVE-2023-28120"
}
]
}
suse-su-2023:2280-1
Vulnerability from csaf_suse
Published
2023-05-24 07:55
Modified
2023-05-24 07:55
Summary
Security update for rmt-server
Notes
Title of the patch
Security update for rmt-server
Description of the patch
This update for rmt-server fixes the following issues:
Updated to version 2.13:
- CVE-2023-28120: Fixed a potential XSS issue in an embedded
dependency (bsc#1209507).
- CVE-2023-27530: Fixed a denial of service issue in multipart request
parsing (bsc#1209096).
Non-security fixes:
- Fixed transactional update on GCE (bsc#1211398).
- Use HTTPS in rmt-client-setup-res (bsc#1209825).
- Various build fixes (bsc#1207670, bsc#1203171, bsc#1206593,
bsc#1202053).
Patchnames
SUSE-2023-2280,SUSE-SLE-Module-Public-Cloud-15-SP3-2023-2280,SUSE-SLE-Product-HPC-15-SP3-ESPOS-2023-2280,SUSE-SLE-Product-HPC-15-SP3-LTSS-2023-2280,SUSE-SLE-Product-RT-15-SP3-2023-2280,SUSE-SLE-Product-SLES-15-SP3-LTSS-2023-2280,SUSE-SLE-Product-SLES_SAP-15-SP3-2023-2280,SUSE-SLE-Product-SUSE-Manager-Proxy-4.2-2023-2280,SUSE-SLE-Product-SUSE-Manager-Server-4.2-2023-2280,SUSE-Storage-7.1-2023-2280
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for rmt-server",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for rmt-server fixes the following issues:\n\nUpdated to version 2.13:\n- CVE-2023-28120: Fixed a potential XSS issue in an embedded\n dependency (bsc#1209507).\n- CVE-2023-27530: Fixed a denial of service issue in multipart request\n parsing (bsc#1209096).\n\nNon-security fixes:\n- Fixed transactional update on GCE (bsc#1211398).\n- Use HTTPS in rmt-client-setup-res (bsc#1209825).\n- Various build fixes (bsc#1207670, bsc#1203171, bsc#1206593,\n bsc#1202053).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2023-2280,SUSE-SLE-Module-Public-Cloud-15-SP3-2023-2280,SUSE-SLE-Product-HPC-15-SP3-ESPOS-2023-2280,SUSE-SLE-Product-HPC-15-SP3-LTSS-2023-2280,SUSE-SLE-Product-RT-15-SP3-2023-2280,SUSE-SLE-Product-SLES-15-SP3-LTSS-2023-2280,SUSE-SLE-Product-SLES_SAP-15-SP3-2023-2280,SUSE-SLE-Product-SUSE-Manager-Proxy-4.2-2023-2280,SUSE-SLE-Product-SUSE-Manager-Server-4.2-2023-2280,SUSE-Storage-7.1-2023-2280",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2023_2280-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2023:2280-1",
"url": "https://www.suse.com/support/update/announcement/2023/suse-su-20232280-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2023:2280-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2023-May/014955.html"
},
{
"category": "self",
"summary": "SUSE Bug 1202053",
"url": "https://bugzilla.suse.com/1202053"
},
{
"category": "self",
"summary": "SUSE Bug 1203171",
"url": "https://bugzilla.suse.com/1203171"
},
{
"category": "self",
"summary": "SUSE Bug 1206593",
"url": "https://bugzilla.suse.com/1206593"
},
{
"category": "self",
"summary": "SUSE Bug 1207670",
"url": "https://bugzilla.suse.com/1207670"
},
{
"category": "self",
"summary": "SUSE Bug 1209096",
"url": "https://bugzilla.suse.com/1209096"
},
{
"category": "self",
"summary": "SUSE Bug 1209507",
"url": "https://bugzilla.suse.com/1209507"
},
{
"category": "self",
"summary": "SUSE Bug 1209825",
"url": "https://bugzilla.suse.com/1209825"
},
{
"category": "self",
"summary": "SUSE Bug 1211398",
"url": "https://bugzilla.suse.com/1211398"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-27530 page",
"url": "https://www.suse.com/security/cve/CVE-2023-27530/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-28120 page",
"url": "https://www.suse.com/security/cve/CVE-2023-28120/"
}
],
"title": "Security update for rmt-server",
"tracking": {
"current_release_date": "2023-05-24T07:55:54Z",
"generator": {
"date": "2023-05-24T07:55:54Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2023:2280-1",
"initial_release_date": "2023-05-24T07:55:54Z",
"revision_history": [
{
"date": "2023-05-24T07:55:54Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "rmt-server-2.13-150300.3.24.1.aarch64",
"product": {
"name": "rmt-server-2.13-150300.3.24.1.aarch64",
"product_id": "rmt-server-2.13-150300.3.24.1.aarch64"
}
},
{
"category": "product_version",
"name": "rmt-server-config-2.13-150300.3.24.1.aarch64",
"product": {
"name": "rmt-server-config-2.13-150300.3.24.1.aarch64",
"product_id": "rmt-server-config-2.13-150300.3.24.1.aarch64"
}
},
{
"category": "product_version",
"name": "rmt-server-pubcloud-2.13-150300.3.24.1.aarch64",
"product": {
"name": "rmt-server-pubcloud-2.13-150300.3.24.1.aarch64",
"product_id": "rmt-server-pubcloud-2.13-150300.3.24.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "rmt-server-2.13-150300.3.24.1.ppc64le",
"product": {
"name": "rmt-server-2.13-150300.3.24.1.ppc64le",
"product_id": "rmt-server-2.13-150300.3.24.1.ppc64le"
}
},
{
"category": "product_version",
"name": "rmt-server-config-2.13-150300.3.24.1.ppc64le",
"product": {
"name": "rmt-server-config-2.13-150300.3.24.1.ppc64le",
"product_id": "rmt-server-config-2.13-150300.3.24.1.ppc64le"
}
},
{
"category": "product_version",
"name": "rmt-server-pubcloud-2.13-150300.3.24.1.ppc64le",
"product": {
"name": "rmt-server-pubcloud-2.13-150300.3.24.1.ppc64le",
"product_id": "rmt-server-pubcloud-2.13-150300.3.24.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "rmt-server-2.13-150300.3.24.1.s390x",
"product": {
"name": "rmt-server-2.13-150300.3.24.1.s390x",
"product_id": "rmt-server-2.13-150300.3.24.1.s390x"
}
},
{
"category": "product_version",
"name": "rmt-server-config-2.13-150300.3.24.1.s390x",
"product": {
"name": "rmt-server-config-2.13-150300.3.24.1.s390x",
"product_id": "rmt-server-config-2.13-150300.3.24.1.s390x"
}
},
{
"category": "product_version",
"name": "rmt-server-pubcloud-2.13-150300.3.24.1.s390x",
"product": {
"name": "rmt-server-pubcloud-2.13-150300.3.24.1.s390x",
"product_id": "rmt-server-pubcloud-2.13-150300.3.24.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "rmt-server-2.13-150300.3.24.1.x86_64",
"product": {
"name": "rmt-server-2.13-150300.3.24.1.x86_64",
"product_id": "rmt-server-2.13-150300.3.24.1.x86_64"
}
},
{
"category": "product_version",
"name": "rmt-server-config-2.13-150300.3.24.1.x86_64",
"product": {
"name": "rmt-server-config-2.13-150300.3.24.1.x86_64",
"product_id": "rmt-server-config-2.13-150300.3.24.1.x86_64"
}
},
{
"category": "product_version",
"name": "rmt-server-pubcloud-2.13-150300.3.24.1.x86_64",
"product": {
"name": "rmt-server-pubcloud-2.13-150300.3.24.1.x86_64",
"product_id": "rmt-server-pubcloud-2.13-150300.3.24.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Public Cloud 15 SP3",
"product": {
"name": "SUSE Linux Enterprise Module for Public Cloud 15 SP3",
"product_id": "SUSE Linux Enterprise Module for Public Cloud 15 SP3",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-public-cloud:15:sp3"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-espos:15:sp3"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-ltss:15:sp3"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Real Time 15 SP3",
"product": {
"name": "SUSE Linux Enterprise Real Time 15 SP3",
"product_id": "SUSE Linux Enterprise Real Time 15 SP3",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_rt:15:sp3"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 15 SP3-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss:15:sp3"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP3",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP3",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:15:sp3"
}
}
},
{
"category": "product_name",
"name": "SUSE Manager Proxy 4.2",
"product": {
"name": "SUSE Manager Proxy 4.2",
"product_id": "SUSE Manager Proxy 4.2",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse-manager-proxy:4.2"
}
}
},
{
"category": "product_name",
"name": "SUSE Manager Server 4.2",
"product": {
"name": "SUSE Manager Server 4.2",
"product_id": "SUSE Manager Server 4.2",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse-manager-server:4.2"
}
}
},
{
"category": "product_name",
"name": "SUSE Enterprise Storage 7.1",
"product": {
"name": "SUSE Enterprise Storage 7.1",
"product_id": "SUSE Enterprise Storage 7.1",
"product_identification_helper": {
"cpe": "cpe:/o:suse:ses:7.1"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "rmt-server-pubcloud-2.13-150300.3.24.1.aarch64 as component of SUSE Linux Enterprise Module for Public Cloud 15 SP3",
"product_id": "SUSE Linux Enterprise Module for Public Cloud 15 SP3:rmt-server-pubcloud-2.13-150300.3.24.1.aarch64"
},
"product_reference": "rmt-server-pubcloud-2.13-150300.3.24.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Public Cloud 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rmt-server-pubcloud-2.13-150300.3.24.1.ppc64le as component of SUSE Linux Enterprise Module for Public Cloud 15 SP3",
"product_id": "SUSE Linux Enterprise Module for Public Cloud 15 SP3:rmt-server-pubcloud-2.13-150300.3.24.1.ppc64le"
},
"product_reference": "rmt-server-pubcloud-2.13-150300.3.24.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Public Cloud 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rmt-server-pubcloud-2.13-150300.3.24.1.s390x as component of SUSE Linux Enterprise Module for Public Cloud 15 SP3",
"product_id": "SUSE Linux Enterprise Module for Public Cloud 15 SP3:rmt-server-pubcloud-2.13-150300.3.24.1.s390x"
},
"product_reference": "rmt-server-pubcloud-2.13-150300.3.24.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Public Cloud 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rmt-server-pubcloud-2.13-150300.3.24.1.x86_64 as component of SUSE Linux Enterprise Module for Public Cloud 15 SP3",
"product_id": "SUSE Linux Enterprise Module for Public Cloud 15 SP3:rmt-server-pubcloud-2.13-150300.3.24.1.x86_64"
},
"product_reference": "rmt-server-pubcloud-2.13-150300.3.24.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Public Cloud 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rmt-server-2.13-150300.3.24.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:rmt-server-2.13-150300.3.24.1.aarch64"
},
"product_reference": "rmt-server-2.13-150300.3.24.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rmt-server-2.13-150300.3.24.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:rmt-server-2.13-150300.3.24.1.x86_64"
},
"product_reference": "rmt-server-2.13-150300.3.24.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rmt-server-config-2.13-150300.3.24.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:rmt-server-config-2.13-150300.3.24.1.aarch64"
},
"product_reference": "rmt-server-config-2.13-150300.3.24.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rmt-server-config-2.13-150300.3.24.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:rmt-server-config-2.13-150300.3.24.1.x86_64"
},
"product_reference": "rmt-server-config-2.13-150300.3.24.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rmt-server-2.13-150300.3.24.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:rmt-server-2.13-150300.3.24.1.aarch64"
},
"product_reference": "rmt-server-2.13-150300.3.24.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rmt-server-2.13-150300.3.24.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:rmt-server-2.13-150300.3.24.1.x86_64"
},
"product_reference": "rmt-server-2.13-150300.3.24.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rmt-server-config-2.13-150300.3.24.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:rmt-server-config-2.13-150300.3.24.1.aarch64"
},
"product_reference": "rmt-server-config-2.13-150300.3.24.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rmt-server-config-2.13-150300.3.24.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:rmt-server-config-2.13-150300.3.24.1.x86_64"
},
"product_reference": "rmt-server-config-2.13-150300.3.24.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rmt-server-2.13-150300.3.24.1.x86_64 as component of SUSE Linux Enterprise Real Time 15 SP3",
"product_id": "SUSE Linux Enterprise Real Time 15 SP3:rmt-server-2.13-150300.3.24.1.x86_64"
},
"product_reference": "rmt-server-2.13-150300.3.24.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Real Time 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rmt-server-config-2.13-150300.3.24.1.x86_64 as component of SUSE Linux Enterprise Real Time 15 SP3",
"product_id": "SUSE Linux Enterprise Real Time 15 SP3:rmt-server-config-2.13-150300.3.24.1.x86_64"
},
"product_reference": "rmt-server-config-2.13-150300.3.24.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Real Time 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rmt-server-2.13-150300.3.24.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:rmt-server-2.13-150300.3.24.1.aarch64"
},
"product_reference": "rmt-server-2.13-150300.3.24.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rmt-server-2.13-150300.3.24.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:rmt-server-2.13-150300.3.24.1.ppc64le"
},
"product_reference": "rmt-server-2.13-150300.3.24.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rmt-server-2.13-150300.3.24.1.s390x as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:rmt-server-2.13-150300.3.24.1.s390x"
},
"product_reference": "rmt-server-2.13-150300.3.24.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rmt-server-2.13-150300.3.24.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:rmt-server-2.13-150300.3.24.1.x86_64"
},
"product_reference": "rmt-server-2.13-150300.3.24.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rmt-server-config-2.13-150300.3.24.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:rmt-server-config-2.13-150300.3.24.1.aarch64"
},
"product_reference": "rmt-server-config-2.13-150300.3.24.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rmt-server-config-2.13-150300.3.24.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:rmt-server-config-2.13-150300.3.24.1.ppc64le"
},
"product_reference": "rmt-server-config-2.13-150300.3.24.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rmt-server-config-2.13-150300.3.24.1.s390x as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:rmt-server-config-2.13-150300.3.24.1.s390x"
},
"product_reference": "rmt-server-config-2.13-150300.3.24.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rmt-server-config-2.13-150300.3.24.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:rmt-server-config-2.13-150300.3.24.1.x86_64"
},
"product_reference": "rmt-server-config-2.13-150300.3.24.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rmt-server-2.13-150300.3.24.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP3:rmt-server-2.13-150300.3.24.1.ppc64le"
},
"product_reference": "rmt-server-2.13-150300.3.24.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rmt-server-2.13-150300.3.24.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP3:rmt-server-2.13-150300.3.24.1.x86_64"
},
"product_reference": "rmt-server-2.13-150300.3.24.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rmt-server-config-2.13-150300.3.24.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP3:rmt-server-config-2.13-150300.3.24.1.ppc64le"
},
"product_reference": "rmt-server-config-2.13-150300.3.24.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rmt-server-config-2.13-150300.3.24.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP3:rmt-server-config-2.13-150300.3.24.1.x86_64"
},
"product_reference": "rmt-server-config-2.13-150300.3.24.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rmt-server-2.13-150300.3.24.1.x86_64 as component of SUSE Manager Proxy 4.2",
"product_id": "SUSE Manager Proxy 4.2:rmt-server-2.13-150300.3.24.1.x86_64"
},
"product_reference": "rmt-server-2.13-150300.3.24.1.x86_64",
"relates_to_product_reference": "SUSE Manager Proxy 4.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rmt-server-config-2.13-150300.3.24.1.x86_64 as component of SUSE Manager Proxy 4.2",
"product_id": "SUSE Manager Proxy 4.2:rmt-server-config-2.13-150300.3.24.1.x86_64"
},
"product_reference": "rmt-server-config-2.13-150300.3.24.1.x86_64",
"relates_to_product_reference": "SUSE Manager Proxy 4.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rmt-server-2.13-150300.3.24.1.ppc64le as component of SUSE Manager Server 4.2",
"product_id": "SUSE Manager Server 4.2:rmt-server-2.13-150300.3.24.1.ppc64le"
},
"product_reference": "rmt-server-2.13-150300.3.24.1.ppc64le",
"relates_to_product_reference": "SUSE Manager Server 4.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rmt-server-2.13-150300.3.24.1.s390x as component of SUSE Manager Server 4.2",
"product_id": "SUSE Manager Server 4.2:rmt-server-2.13-150300.3.24.1.s390x"
},
"product_reference": "rmt-server-2.13-150300.3.24.1.s390x",
"relates_to_product_reference": "SUSE Manager Server 4.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rmt-server-2.13-150300.3.24.1.x86_64 as component of SUSE Manager Server 4.2",
"product_id": "SUSE Manager Server 4.2:rmt-server-2.13-150300.3.24.1.x86_64"
},
"product_reference": "rmt-server-2.13-150300.3.24.1.x86_64",
"relates_to_product_reference": "SUSE Manager Server 4.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rmt-server-config-2.13-150300.3.24.1.ppc64le as component of SUSE Manager Server 4.2",
"product_id": "SUSE Manager Server 4.2:rmt-server-config-2.13-150300.3.24.1.ppc64le"
},
"product_reference": "rmt-server-config-2.13-150300.3.24.1.ppc64le",
"relates_to_product_reference": "SUSE Manager Server 4.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rmt-server-config-2.13-150300.3.24.1.s390x as component of SUSE Manager Server 4.2",
"product_id": "SUSE Manager Server 4.2:rmt-server-config-2.13-150300.3.24.1.s390x"
},
"product_reference": "rmt-server-config-2.13-150300.3.24.1.s390x",
"relates_to_product_reference": "SUSE Manager Server 4.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rmt-server-config-2.13-150300.3.24.1.x86_64 as component of SUSE Manager Server 4.2",
"product_id": "SUSE Manager Server 4.2:rmt-server-config-2.13-150300.3.24.1.x86_64"
},
"product_reference": "rmt-server-config-2.13-150300.3.24.1.x86_64",
"relates_to_product_reference": "SUSE Manager Server 4.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rmt-server-2.13-150300.3.24.1.aarch64 as component of SUSE Enterprise Storage 7.1",
"product_id": "SUSE Enterprise Storage 7.1:rmt-server-2.13-150300.3.24.1.aarch64"
},
"product_reference": "rmt-server-2.13-150300.3.24.1.aarch64",
"relates_to_product_reference": "SUSE Enterprise Storage 7.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rmt-server-2.13-150300.3.24.1.x86_64 as component of SUSE Enterprise Storage 7.1",
"product_id": "SUSE Enterprise Storage 7.1:rmt-server-2.13-150300.3.24.1.x86_64"
},
"product_reference": "rmt-server-2.13-150300.3.24.1.x86_64",
"relates_to_product_reference": "SUSE Enterprise Storage 7.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rmt-server-config-2.13-150300.3.24.1.aarch64 as component of SUSE Enterprise Storage 7.1",
"product_id": "SUSE Enterprise Storage 7.1:rmt-server-config-2.13-150300.3.24.1.aarch64"
},
"product_reference": "rmt-server-config-2.13-150300.3.24.1.aarch64",
"relates_to_product_reference": "SUSE Enterprise Storage 7.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rmt-server-config-2.13-150300.3.24.1.x86_64 as component of SUSE Enterprise Storage 7.1",
"product_id": "SUSE Enterprise Storage 7.1:rmt-server-config-2.13-150300.3.24.1.x86_64"
},
"product_reference": "rmt-server-config-2.13-150300.3.24.1.x86_64",
"relates_to_product_reference": "SUSE Enterprise Storage 7.1"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-27530",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-27530"
}
],
"notes": [
{
"category": "general",
"text": "A DoS vulnerability exists in Rack \u003cv3.0.4.2, \u003cv2.2.6.3, \u003cv2.1.4.3 and \u003cv2.0.9.3 within in the Multipart MIME parsing code in which could allow an attacker to craft requests that can be abuse to cause multipart parsing to take longer than expected.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Enterprise Storage 7.1:rmt-server-2.13-150300.3.24.1.aarch64",
"SUSE Enterprise Storage 7.1:rmt-server-2.13-150300.3.24.1.x86_64",
"SUSE Enterprise Storage 7.1:rmt-server-config-2.13-150300.3.24.1.aarch64",
"SUSE Enterprise Storage 7.1:rmt-server-config-2.13-150300.3.24.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:rmt-server-2.13-150300.3.24.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:rmt-server-2.13-150300.3.24.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:rmt-server-config-2.13-150300.3.24.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:rmt-server-config-2.13-150300.3.24.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:rmt-server-2.13-150300.3.24.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:rmt-server-2.13-150300.3.24.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:rmt-server-config-2.13-150300.3.24.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:rmt-server-config-2.13-150300.3.24.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP3:rmt-server-pubcloud-2.13-150300.3.24.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP3:rmt-server-pubcloud-2.13-150300.3.24.1.ppc64le",
"SUSE Linux Enterprise Module for Public Cloud 15 SP3:rmt-server-pubcloud-2.13-150300.3.24.1.s390x",
"SUSE Linux Enterprise Module for Public Cloud 15 SP3:rmt-server-pubcloud-2.13-150300.3.24.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP3:rmt-server-2.13-150300.3.24.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP3:rmt-server-config-2.13-150300.3.24.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:rmt-server-2.13-150300.3.24.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:rmt-server-2.13-150300.3.24.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:rmt-server-2.13-150300.3.24.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:rmt-server-2.13-150300.3.24.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:rmt-server-config-2.13-150300.3.24.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:rmt-server-config-2.13-150300.3.24.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:rmt-server-config-2.13-150300.3.24.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:rmt-server-config-2.13-150300.3.24.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:rmt-server-2.13-150300.3.24.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:rmt-server-2.13-150300.3.24.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:rmt-server-config-2.13-150300.3.24.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:rmt-server-config-2.13-150300.3.24.1.x86_64",
"SUSE Manager Proxy 4.2:rmt-server-2.13-150300.3.24.1.x86_64",
"SUSE Manager Proxy 4.2:rmt-server-config-2.13-150300.3.24.1.x86_64",
"SUSE Manager Server 4.2:rmt-server-2.13-150300.3.24.1.ppc64le",
"SUSE Manager Server 4.2:rmt-server-2.13-150300.3.24.1.s390x",
"SUSE Manager Server 4.2:rmt-server-2.13-150300.3.24.1.x86_64",
"SUSE Manager Server 4.2:rmt-server-config-2.13-150300.3.24.1.ppc64le",
"SUSE Manager Server 4.2:rmt-server-config-2.13-150300.3.24.1.s390x",
"SUSE Manager Server 4.2:rmt-server-config-2.13-150300.3.24.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-27530",
"url": "https://www.suse.com/security/cve/CVE-2023-27530"
},
{
"category": "external",
"summary": "SUSE Bug 1209095 for CVE-2023-27530",
"url": "https://bugzilla.suse.com/1209095"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Enterprise Storage 7.1:rmt-server-2.13-150300.3.24.1.aarch64",
"SUSE Enterprise Storage 7.1:rmt-server-2.13-150300.3.24.1.x86_64",
"SUSE Enterprise Storage 7.1:rmt-server-config-2.13-150300.3.24.1.aarch64",
"SUSE Enterprise Storage 7.1:rmt-server-config-2.13-150300.3.24.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:rmt-server-2.13-150300.3.24.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:rmt-server-2.13-150300.3.24.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:rmt-server-config-2.13-150300.3.24.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:rmt-server-config-2.13-150300.3.24.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:rmt-server-2.13-150300.3.24.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:rmt-server-2.13-150300.3.24.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:rmt-server-config-2.13-150300.3.24.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:rmt-server-config-2.13-150300.3.24.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP3:rmt-server-pubcloud-2.13-150300.3.24.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP3:rmt-server-pubcloud-2.13-150300.3.24.1.ppc64le",
"SUSE Linux Enterprise Module for Public Cloud 15 SP3:rmt-server-pubcloud-2.13-150300.3.24.1.s390x",
"SUSE Linux Enterprise Module for Public Cloud 15 SP3:rmt-server-pubcloud-2.13-150300.3.24.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP3:rmt-server-2.13-150300.3.24.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP3:rmt-server-config-2.13-150300.3.24.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:rmt-server-2.13-150300.3.24.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:rmt-server-2.13-150300.3.24.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:rmt-server-2.13-150300.3.24.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:rmt-server-2.13-150300.3.24.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:rmt-server-config-2.13-150300.3.24.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:rmt-server-config-2.13-150300.3.24.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:rmt-server-config-2.13-150300.3.24.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:rmt-server-config-2.13-150300.3.24.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:rmt-server-2.13-150300.3.24.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:rmt-server-2.13-150300.3.24.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:rmt-server-config-2.13-150300.3.24.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:rmt-server-config-2.13-150300.3.24.1.x86_64",
"SUSE Manager Proxy 4.2:rmt-server-2.13-150300.3.24.1.x86_64",
"SUSE Manager Proxy 4.2:rmt-server-config-2.13-150300.3.24.1.x86_64",
"SUSE Manager Server 4.2:rmt-server-2.13-150300.3.24.1.ppc64le",
"SUSE Manager Server 4.2:rmt-server-2.13-150300.3.24.1.s390x",
"SUSE Manager Server 4.2:rmt-server-2.13-150300.3.24.1.x86_64",
"SUSE Manager Server 4.2:rmt-server-config-2.13-150300.3.24.1.ppc64le",
"SUSE Manager Server 4.2:rmt-server-config-2.13-150300.3.24.1.s390x",
"SUSE Manager Server 4.2:rmt-server-config-2.13-150300.3.24.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Enterprise Storage 7.1:rmt-server-2.13-150300.3.24.1.aarch64",
"SUSE Enterprise Storage 7.1:rmt-server-2.13-150300.3.24.1.x86_64",
"SUSE Enterprise Storage 7.1:rmt-server-config-2.13-150300.3.24.1.aarch64",
"SUSE Enterprise Storage 7.1:rmt-server-config-2.13-150300.3.24.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:rmt-server-2.13-150300.3.24.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:rmt-server-2.13-150300.3.24.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:rmt-server-config-2.13-150300.3.24.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:rmt-server-config-2.13-150300.3.24.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:rmt-server-2.13-150300.3.24.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:rmt-server-2.13-150300.3.24.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:rmt-server-config-2.13-150300.3.24.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:rmt-server-config-2.13-150300.3.24.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP3:rmt-server-pubcloud-2.13-150300.3.24.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP3:rmt-server-pubcloud-2.13-150300.3.24.1.ppc64le",
"SUSE Linux Enterprise Module for Public Cloud 15 SP3:rmt-server-pubcloud-2.13-150300.3.24.1.s390x",
"SUSE Linux Enterprise Module for Public Cloud 15 SP3:rmt-server-pubcloud-2.13-150300.3.24.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP3:rmt-server-2.13-150300.3.24.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP3:rmt-server-config-2.13-150300.3.24.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:rmt-server-2.13-150300.3.24.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:rmt-server-2.13-150300.3.24.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:rmt-server-2.13-150300.3.24.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:rmt-server-2.13-150300.3.24.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:rmt-server-config-2.13-150300.3.24.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:rmt-server-config-2.13-150300.3.24.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:rmt-server-config-2.13-150300.3.24.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:rmt-server-config-2.13-150300.3.24.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:rmt-server-2.13-150300.3.24.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:rmt-server-2.13-150300.3.24.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:rmt-server-config-2.13-150300.3.24.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:rmt-server-config-2.13-150300.3.24.1.x86_64",
"SUSE Manager Proxy 4.2:rmt-server-2.13-150300.3.24.1.x86_64",
"SUSE Manager Proxy 4.2:rmt-server-config-2.13-150300.3.24.1.x86_64",
"SUSE Manager Server 4.2:rmt-server-2.13-150300.3.24.1.ppc64le",
"SUSE Manager Server 4.2:rmt-server-2.13-150300.3.24.1.s390x",
"SUSE Manager Server 4.2:rmt-server-2.13-150300.3.24.1.x86_64",
"SUSE Manager Server 4.2:rmt-server-config-2.13-150300.3.24.1.ppc64le",
"SUSE Manager Server 4.2:rmt-server-config-2.13-150300.3.24.1.s390x",
"SUSE Manager Server 4.2:rmt-server-config-2.13-150300.3.24.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-05-24T07:55:54Z",
"details": "important"
}
],
"title": "CVE-2023-27530"
},
{
"cve": "CVE-2023-28120",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-28120"
}
],
"notes": [
{
"category": "general",
"text": "There is a vulnerability in ActiveSupport if the new bytesplice method is called on a SafeBuffer with untrusted user input.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Enterprise Storage 7.1:rmt-server-2.13-150300.3.24.1.aarch64",
"SUSE Enterprise Storage 7.1:rmt-server-2.13-150300.3.24.1.x86_64",
"SUSE Enterprise Storage 7.1:rmt-server-config-2.13-150300.3.24.1.aarch64",
"SUSE Enterprise Storage 7.1:rmt-server-config-2.13-150300.3.24.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:rmt-server-2.13-150300.3.24.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:rmt-server-2.13-150300.3.24.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:rmt-server-config-2.13-150300.3.24.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:rmt-server-config-2.13-150300.3.24.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:rmt-server-2.13-150300.3.24.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:rmt-server-2.13-150300.3.24.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:rmt-server-config-2.13-150300.3.24.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:rmt-server-config-2.13-150300.3.24.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP3:rmt-server-pubcloud-2.13-150300.3.24.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP3:rmt-server-pubcloud-2.13-150300.3.24.1.ppc64le",
"SUSE Linux Enterprise Module for Public Cloud 15 SP3:rmt-server-pubcloud-2.13-150300.3.24.1.s390x",
"SUSE Linux Enterprise Module for Public Cloud 15 SP3:rmt-server-pubcloud-2.13-150300.3.24.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP3:rmt-server-2.13-150300.3.24.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP3:rmt-server-config-2.13-150300.3.24.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:rmt-server-2.13-150300.3.24.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:rmt-server-2.13-150300.3.24.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:rmt-server-2.13-150300.3.24.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:rmt-server-2.13-150300.3.24.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:rmt-server-config-2.13-150300.3.24.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:rmt-server-config-2.13-150300.3.24.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:rmt-server-config-2.13-150300.3.24.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:rmt-server-config-2.13-150300.3.24.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:rmt-server-2.13-150300.3.24.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:rmt-server-2.13-150300.3.24.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:rmt-server-config-2.13-150300.3.24.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:rmt-server-config-2.13-150300.3.24.1.x86_64",
"SUSE Manager Proxy 4.2:rmt-server-2.13-150300.3.24.1.x86_64",
"SUSE Manager Proxy 4.2:rmt-server-config-2.13-150300.3.24.1.x86_64",
"SUSE Manager Server 4.2:rmt-server-2.13-150300.3.24.1.ppc64le",
"SUSE Manager Server 4.2:rmt-server-2.13-150300.3.24.1.s390x",
"SUSE Manager Server 4.2:rmt-server-2.13-150300.3.24.1.x86_64",
"SUSE Manager Server 4.2:rmt-server-config-2.13-150300.3.24.1.ppc64le",
"SUSE Manager Server 4.2:rmt-server-config-2.13-150300.3.24.1.s390x",
"SUSE Manager Server 4.2:rmt-server-config-2.13-150300.3.24.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-28120",
"url": "https://www.suse.com/security/cve/CVE-2023-28120"
},
{
"category": "external",
"summary": "SUSE Bug 1209505 for CVE-2023-28120",
"url": "https://bugzilla.suse.com/1209505"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Enterprise Storage 7.1:rmt-server-2.13-150300.3.24.1.aarch64",
"SUSE Enterprise Storage 7.1:rmt-server-2.13-150300.3.24.1.x86_64",
"SUSE Enterprise Storage 7.1:rmt-server-config-2.13-150300.3.24.1.aarch64",
"SUSE Enterprise Storage 7.1:rmt-server-config-2.13-150300.3.24.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:rmt-server-2.13-150300.3.24.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:rmt-server-2.13-150300.3.24.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:rmt-server-config-2.13-150300.3.24.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:rmt-server-config-2.13-150300.3.24.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:rmt-server-2.13-150300.3.24.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:rmt-server-2.13-150300.3.24.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:rmt-server-config-2.13-150300.3.24.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:rmt-server-config-2.13-150300.3.24.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP3:rmt-server-pubcloud-2.13-150300.3.24.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP3:rmt-server-pubcloud-2.13-150300.3.24.1.ppc64le",
"SUSE Linux Enterprise Module for Public Cloud 15 SP3:rmt-server-pubcloud-2.13-150300.3.24.1.s390x",
"SUSE Linux Enterprise Module for Public Cloud 15 SP3:rmt-server-pubcloud-2.13-150300.3.24.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP3:rmt-server-2.13-150300.3.24.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP3:rmt-server-config-2.13-150300.3.24.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:rmt-server-2.13-150300.3.24.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:rmt-server-2.13-150300.3.24.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:rmt-server-2.13-150300.3.24.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:rmt-server-2.13-150300.3.24.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:rmt-server-config-2.13-150300.3.24.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:rmt-server-config-2.13-150300.3.24.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:rmt-server-config-2.13-150300.3.24.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:rmt-server-config-2.13-150300.3.24.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:rmt-server-2.13-150300.3.24.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:rmt-server-2.13-150300.3.24.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:rmt-server-config-2.13-150300.3.24.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:rmt-server-config-2.13-150300.3.24.1.x86_64",
"SUSE Manager Proxy 4.2:rmt-server-2.13-150300.3.24.1.x86_64",
"SUSE Manager Proxy 4.2:rmt-server-config-2.13-150300.3.24.1.x86_64",
"SUSE Manager Server 4.2:rmt-server-2.13-150300.3.24.1.ppc64le",
"SUSE Manager Server 4.2:rmt-server-2.13-150300.3.24.1.s390x",
"SUSE Manager Server 4.2:rmt-server-2.13-150300.3.24.1.x86_64",
"SUSE Manager Server 4.2:rmt-server-config-2.13-150300.3.24.1.ppc64le",
"SUSE Manager Server 4.2:rmt-server-config-2.13-150300.3.24.1.s390x",
"SUSE Manager Server 4.2:rmt-server-config-2.13-150300.3.24.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Enterprise Storage 7.1:rmt-server-2.13-150300.3.24.1.aarch64",
"SUSE Enterprise Storage 7.1:rmt-server-2.13-150300.3.24.1.x86_64",
"SUSE Enterprise Storage 7.1:rmt-server-config-2.13-150300.3.24.1.aarch64",
"SUSE Enterprise Storage 7.1:rmt-server-config-2.13-150300.3.24.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:rmt-server-2.13-150300.3.24.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:rmt-server-2.13-150300.3.24.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:rmt-server-config-2.13-150300.3.24.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:rmt-server-config-2.13-150300.3.24.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:rmt-server-2.13-150300.3.24.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:rmt-server-2.13-150300.3.24.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:rmt-server-config-2.13-150300.3.24.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:rmt-server-config-2.13-150300.3.24.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP3:rmt-server-pubcloud-2.13-150300.3.24.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP3:rmt-server-pubcloud-2.13-150300.3.24.1.ppc64le",
"SUSE Linux Enterprise Module for Public Cloud 15 SP3:rmt-server-pubcloud-2.13-150300.3.24.1.s390x",
"SUSE Linux Enterprise Module for Public Cloud 15 SP3:rmt-server-pubcloud-2.13-150300.3.24.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP3:rmt-server-2.13-150300.3.24.1.x86_64",
"SUSE Linux Enterprise Real Time 15 SP3:rmt-server-config-2.13-150300.3.24.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:rmt-server-2.13-150300.3.24.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:rmt-server-2.13-150300.3.24.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:rmt-server-2.13-150300.3.24.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:rmt-server-2.13-150300.3.24.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:rmt-server-config-2.13-150300.3.24.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:rmt-server-config-2.13-150300.3.24.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:rmt-server-config-2.13-150300.3.24.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:rmt-server-config-2.13-150300.3.24.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:rmt-server-2.13-150300.3.24.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:rmt-server-2.13-150300.3.24.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:rmt-server-config-2.13-150300.3.24.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:rmt-server-config-2.13-150300.3.24.1.x86_64",
"SUSE Manager Proxy 4.2:rmt-server-2.13-150300.3.24.1.x86_64",
"SUSE Manager Proxy 4.2:rmt-server-config-2.13-150300.3.24.1.x86_64",
"SUSE Manager Server 4.2:rmt-server-2.13-150300.3.24.1.ppc64le",
"SUSE Manager Server 4.2:rmt-server-2.13-150300.3.24.1.s390x",
"SUSE Manager Server 4.2:rmt-server-2.13-150300.3.24.1.x86_64",
"SUSE Manager Server 4.2:rmt-server-config-2.13-150300.3.24.1.ppc64le",
"SUSE Manager Server 4.2:rmt-server-config-2.13-150300.3.24.1.s390x",
"SUSE Manager Server 4.2:rmt-server-config-2.13-150300.3.24.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-05-24T07:55:54Z",
"details": "moderate"
}
],
"title": "CVE-2023-28120"
}
]
}
rhsa-2023:3495
Vulnerability from csaf_redhat
Published
2023-06-12 19:08
Modified
2025-08-13 09:34
Summary
Red Hat Security Advisory: Logging Subsystem 5.7.2 - Red Hat OpenShift security update
Notes
Topic
Logging Subsystem 5.7.2 - Red Hat OpenShift
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Logging Subsystem 5.7.2 - Red Hat OpenShift
Security Fix(es):
* net/http, golang.org/x/net/http2: avoid quadratic complexity in HPACK decoding (CVE-2022-41723)
* rubygem-rack: denial of service in header parsing (CVE-2023-27539)
* rubygem-activesupport: Possible XSS in SafeBuffer#bytesplice (CVE-2023-28120)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Logging Subsystem 5.7.2 - Red Hat OpenShift\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Logging Subsystem 5.7.2 - Red Hat OpenShift\n\nSecurity Fix(es):\n\n* net/http, golang.org/x/net/http2: avoid quadratic complexity in HPACK decoding (CVE-2022-41723)\n\n* rubygem-rack: denial of service in header parsing (CVE-2023-27539)\n\n* rubygem-activesupport: Possible XSS in SafeBuffer#bytesplice (CVE-2023-28120)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2023:3495",
"url": "https://access.redhat.com/errata/RHSA-2023:3495"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "2178358",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2178358"
},
{
"category": "external",
"summary": "2179637",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2179637"
},
{
"category": "external",
"summary": "2179649",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2179649"
},
{
"category": "external",
"summary": "LOG-3314",
"url": "https://issues.redhat.com/browse/LOG-3314"
},
{
"category": "external",
"summary": "LOG-3316",
"url": "https://issues.redhat.com/browse/LOG-3316"
},
{
"category": "external",
"summary": "LOG-3330",
"url": "https://issues.redhat.com/browse/LOG-3330"
},
{
"category": "external",
"summary": "LOG-3445",
"url": "https://issues.redhat.com/browse/LOG-3445"
},
{
"category": "external",
"summary": "LOG-3749",
"url": "https://issues.redhat.com/browse/LOG-3749"
},
{
"category": "external",
"summary": "LOG-3784",
"url": "https://issues.redhat.com/browse/LOG-3784"
},
{
"category": "external",
"summary": "LOG-3827",
"url": "https://issues.redhat.com/browse/LOG-3827"
},
{
"category": "external",
"summary": "LOG-3878",
"url": "https://issues.redhat.com/browse/LOG-3878"
},
{
"category": "external",
"summary": "LOG-3945",
"url": "https://issues.redhat.com/browse/LOG-3945"
},
{
"category": "external",
"summary": "LOG-3997",
"url": "https://issues.redhat.com/browse/LOG-3997"
},
{
"category": "external",
"summary": "LOG-4011",
"url": "https://issues.redhat.com/browse/LOG-4011"
},
{
"category": "external",
"summary": "LOG-4019",
"url": "https://issues.redhat.com/browse/LOG-4019"
},
{
"category": "external",
"summary": "LOG-4049",
"url": "https://issues.redhat.com/browse/LOG-4049"
},
{
"category": "external",
"summary": "LOG-4052",
"url": "https://issues.redhat.com/browse/LOG-4052"
},
{
"category": "external",
"summary": "LOG-4098",
"url": "https://issues.redhat.com/browse/LOG-4098"
},
{
"category": "external",
"summary": "LOG-4151",
"url": "https://issues.redhat.com/browse/LOG-4151"
},
{
"category": "external",
"summary": "LOG-4163",
"url": "https://issues.redhat.com/browse/LOG-4163"
},
{
"category": "external",
"summary": "LOG-4185",
"url": "https://issues.redhat.com/browse/LOG-4185"
},
{
"category": "external",
"summary": "LOG-4218",
"url": "https://issues.redhat.com/browse/LOG-4218"
},
{
"category": "external",
"summary": "LOG-4219",
"url": "https://issues.redhat.com/browse/LOG-4219"
},
{
"category": "external",
"summary": "LOG-4220",
"url": "https://issues.redhat.com/browse/LOG-4220"
},
{
"category": "external",
"summary": "LOG-4221",
"url": "https://issues.redhat.com/browse/LOG-4221"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2023/rhsa-2023_3495.json"
}
],
"title": "Red Hat Security Advisory: Logging Subsystem 5.7.2 - Red Hat OpenShift security update",
"tracking": {
"current_release_date": "2025-08-13T09:34:30+00:00",
"generator": {
"date": "2025-08-13T09:34:30+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.6"
}
},
"id": "RHSA-2023:3495",
"initial_release_date": "2023-06-12T19:08:51+00:00",
"revision_history": [
{
"date": "2023-06-12T19:08:51+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2023-06-12T19:08:51+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-08-13T09:34:30+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "RHOL 5.7 for RHEL 8",
"product": {
"name": "RHOL 5.7 for RHEL 8",
"product_id": "8Base-RHOL-5.7",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:logging:5.7::el8"
}
}
}
],
"category": "product_family",
"name": "logging for Red Hat OpenShift"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-logging/cluster-logging-rhel8-operator@sha256:c127a5211070607bc6daaa404fb221a91134ee18261691041448fb18203e711b_amd64",
"product": {
"name": "openshift-logging/cluster-logging-rhel8-operator@sha256:c127a5211070607bc6daaa404fb221a91134ee18261691041448fb18203e711b_amd64",
"product_id": "openshift-logging/cluster-logging-rhel8-operator@sha256:c127a5211070607bc6daaa404fb221a91134ee18261691041448fb18203e711b_amd64",
"product_identification_helper": {
"purl": "pkg:oci/cluster-logging-rhel8-operator@sha256:c127a5211070607bc6daaa404fb221a91134ee18261691041448fb18203e711b?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/cluster-logging-rhel8-operator\u0026tag=v5.7.2-24"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/cluster-logging-operator-bundle@sha256:67922a4fa417673d97eca28344c77ba81d4f77cb1b86e1ca532b41a82b6f6520_amd64",
"product": {
"name": "openshift-logging/cluster-logging-operator-bundle@sha256:67922a4fa417673d97eca28344c77ba81d4f77cb1b86e1ca532b41a82b6f6520_amd64",
"product_id": "openshift-logging/cluster-logging-operator-bundle@sha256:67922a4fa417673d97eca28344c77ba81d4f77cb1b86e1ca532b41a82b6f6520_amd64",
"product_identification_helper": {
"purl": "pkg:oci/cluster-logging-operator-bundle@sha256:67922a4fa417673d97eca28344c77ba81d4f77cb1b86e1ca532b41a82b6f6520?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/cluster-logging-operator-bundle\u0026tag=v5.7.2-55"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch-rhel8-operator@sha256:61c30851d3d9f544c37c7616ec8a4ba34b7b37f3555960d0c8fa2be78f44947f_amd64",
"product": {
"name": "openshift-logging/elasticsearch-rhel8-operator@sha256:61c30851d3d9f544c37c7616ec8a4ba34b7b37f3555960d0c8fa2be78f44947f_amd64",
"product_id": "openshift-logging/elasticsearch-rhel8-operator@sha256:61c30851d3d9f544c37c7616ec8a4ba34b7b37f3555960d0c8fa2be78f44947f_amd64",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch-rhel8-operator@sha256:61c30851d3d9f544c37c7616ec8a4ba34b7b37f3555960d0c8fa2be78f44947f?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch-rhel8-operator\u0026tag=v5.7.2-5"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch-operator-bundle@sha256:f56e69a40c6f51da46fbaf3fd170f84e20a45bac6c77b3b6d16130ae7be62394_amd64",
"product": {
"name": "openshift-logging/elasticsearch-operator-bundle@sha256:f56e69a40c6f51da46fbaf3fd170f84e20a45bac6c77b3b6d16130ae7be62394_amd64",
"product_id": "openshift-logging/elasticsearch-operator-bundle@sha256:f56e69a40c6f51da46fbaf3fd170f84e20a45bac6c77b3b6d16130ae7be62394_amd64",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch-operator-bundle@sha256:f56e69a40c6f51da46fbaf3fd170f84e20a45bac6c77b3b6d16130ae7be62394?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch-operator-bundle\u0026tag=v5.7.2-15"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:38404132fe318e05f607c0e0ffb78baa25bb9477f53f40436b0cc50d21dd52bb_amd64",
"product": {
"name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:38404132fe318e05f607c0e0ffb78baa25bb9477f53f40436b0cc50d21dd52bb_amd64",
"product_id": "openshift-logging/elasticsearch-proxy-rhel8@sha256:38404132fe318e05f607c0e0ffb78baa25bb9477f53f40436b0cc50d21dd52bb_amd64",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch-proxy-rhel8@sha256:38404132fe318e05f607c0e0ffb78baa25bb9477f53f40436b0cc50d21dd52bb?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch-proxy-rhel8\u0026tag=v1.0.0-386"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/log-file-metric-exporter-rhel8@sha256:ad3988a61bd088e3303a28fa823b5a6377d823de2ab12e0b3e490c082077f7b5_amd64",
"product": {
"name": "openshift-logging/log-file-metric-exporter-rhel8@sha256:ad3988a61bd088e3303a28fa823b5a6377d823de2ab12e0b3e490c082077f7b5_amd64",
"product_id": "openshift-logging/log-file-metric-exporter-rhel8@sha256:ad3988a61bd088e3303a28fa823b5a6377d823de2ab12e0b3e490c082077f7b5_amd64",
"product_identification_helper": {
"purl": "pkg:oci/log-file-metric-exporter-rhel8@sha256:ad3988a61bd088e3303a28fa823b5a6377d823de2ab12e0b3e490c082077f7b5?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel8\u0026tag=v1.1.0-135"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/logging-curator5-rhel8@sha256:d65d8fba95e2313eb97a925c2d4f2a76d3616626c492803d19dcc3548753ecfa_amd64",
"product": {
"name": "openshift-logging/logging-curator5-rhel8@sha256:d65d8fba95e2313eb97a925c2d4f2a76d3616626c492803d19dcc3548753ecfa_amd64",
"product_id": "openshift-logging/logging-curator5-rhel8@sha256:d65d8fba95e2313eb97a925c2d4f2a76d3616626c492803d19dcc3548753ecfa_amd64",
"product_identification_helper": {
"purl": "pkg:oci/logging-curator5-rhel8@sha256:d65d8fba95e2313eb97a925c2d4f2a76d3616626c492803d19dcc3548753ecfa?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/logging-curator5-rhel8\u0026tag=v5.8.1-359"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch6-rhel8@sha256:611cef3b88e71c24f002e3a37de6883f54ca0e8eb9f8b60aff41ab2dcb249745_amd64",
"product": {
"name": "openshift-logging/elasticsearch6-rhel8@sha256:611cef3b88e71c24f002e3a37de6883f54ca0e8eb9f8b60aff41ab2dcb249745_amd64",
"product_id": "openshift-logging/elasticsearch6-rhel8@sha256:611cef3b88e71c24f002e3a37de6883f54ca0e8eb9f8b60aff41ab2dcb249745_amd64",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch6-rhel8@sha256:611cef3b88e71c24f002e3a37de6883f54ca0e8eb9f8b60aff41ab2dcb249745?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch6-rhel8\u0026tag=v6.8.1-326"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/eventrouter-rhel8@sha256:9a9fc94b921453a383a8e2503bb8ff4e1d5290a541d5819ea15b263f10589357_amd64",
"product": {
"name": "openshift-logging/eventrouter-rhel8@sha256:9a9fc94b921453a383a8e2503bb8ff4e1d5290a541d5819ea15b263f10589357_amd64",
"product_id": "openshift-logging/eventrouter-rhel8@sha256:9a9fc94b921453a383a8e2503bb8ff4e1d5290a541d5819ea15b263f10589357_amd64",
"product_identification_helper": {
"purl": "pkg:oci/eventrouter-rhel8@sha256:9a9fc94b921453a383a8e2503bb8ff4e1d5290a541d5819ea15b263f10589357?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/eventrouter-rhel8\u0026tag=v0.4.0-141"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/fluentd-rhel8@sha256:3d3d4d46d57443ea5aea72a711126ff46b217129f089864f027b1ed2b45e393c_amd64",
"product": {
"name": "openshift-logging/fluentd-rhel8@sha256:3d3d4d46d57443ea5aea72a711126ff46b217129f089864f027b1ed2b45e393c_amd64",
"product_id": "openshift-logging/fluentd-rhel8@sha256:3d3d4d46d57443ea5aea72a711126ff46b217129f089864f027b1ed2b45e393c_amd64",
"product_identification_helper": {
"purl": "pkg:oci/fluentd-rhel8@sha256:3d3d4d46d57443ea5aea72a711126ff46b217129f089864f027b1ed2b45e393c?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/fluentd-rhel8\u0026tag=v1.14.6-140"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/kibana6-rhel8@sha256:fc848aa0f5d0bd6c39b6d3056c21ae82839bcd627bd06312d7243b4e830d8aa2_amd64",
"product": {
"name": "openshift-logging/kibana6-rhel8@sha256:fc848aa0f5d0bd6c39b6d3056c21ae82839bcd627bd06312d7243b4e830d8aa2_amd64",
"product_id": "openshift-logging/kibana6-rhel8@sha256:fc848aa0f5d0bd6c39b6d3056c21ae82839bcd627bd06312d7243b4e830d8aa2_amd64",
"product_identification_helper": {
"purl": "pkg:oci/kibana6-rhel8@sha256:fc848aa0f5d0bd6c39b6d3056c21ae82839bcd627bd06312d7243b4e830d8aa2?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/kibana6-rhel8\u0026tag=v6.8.1-363"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/logging-loki-rhel8@sha256:63fffa75040e8322e895f230431f2cee966909d4afc2fef28f694f154c0cf888_amd64",
"product": {
"name": "openshift-logging/logging-loki-rhel8@sha256:63fffa75040e8322e895f230431f2cee966909d4afc2fef28f694f154c0cf888_amd64",
"product_id": "openshift-logging/logging-loki-rhel8@sha256:63fffa75040e8322e895f230431f2cee966909d4afc2fef28f694f154c0cf888_amd64",
"product_identification_helper": {
"purl": "pkg:oci/logging-loki-rhel8@sha256:63fffa75040e8322e895f230431f2cee966909d4afc2fef28f694f154c0cf888?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/logging-loki-rhel8\u0026tag=v2.8.0-18"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/vector-rhel8@sha256:b63c5ae18c8b759e5e093d92801563355d5b45b85c997a8c294096ef2596615d_amd64",
"product": {
"name": "openshift-logging/vector-rhel8@sha256:b63c5ae18c8b759e5e093d92801563355d5b45b85c997a8c294096ef2596615d_amd64",
"product_id": "openshift-logging/vector-rhel8@sha256:b63c5ae18c8b759e5e093d92801563355d5b45b85c997a8c294096ef2596615d_amd64",
"product_identification_helper": {
"purl": "pkg:oci/vector-rhel8@sha256:b63c5ae18c8b759e5e093d92801563355d5b45b85c997a8c294096ef2596615d?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/vector-rhel8\u0026tag=v0.21.0-94"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/logging-view-plugin-rhel8@sha256:cf64b884e6198327d0ed02a86971cd777a12591a3a6ad677703268d22f510bdd_amd64",
"product": {
"name": "openshift-logging/logging-view-plugin-rhel8@sha256:cf64b884e6198327d0ed02a86971cd777a12591a3a6ad677703268d22f510bdd_amd64",
"product_id": "openshift-logging/logging-view-plugin-rhel8@sha256:cf64b884e6198327d0ed02a86971cd777a12591a3a6ad677703268d22f510bdd_amd64",
"product_identification_helper": {
"purl": "pkg:oci/logging-view-plugin-rhel8@sha256:cf64b884e6198327d0ed02a86971cd777a12591a3a6ad677703268d22f510bdd?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/logging-view-plugin-rhel8\u0026tag=v5.7.2-5"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/loki-operator-bundle@sha256:5667ef8d640391c34ac20562b91a1f723005673d96e54a6ba1d178fa2fa73a32_amd64",
"product": {
"name": "openshift-logging/loki-operator-bundle@sha256:5667ef8d640391c34ac20562b91a1f723005673d96e54a6ba1d178fa2fa73a32_amd64",
"product_id": "openshift-logging/loki-operator-bundle@sha256:5667ef8d640391c34ac20562b91a1f723005673d96e54a6ba1d178fa2fa73a32_amd64",
"product_identification_helper": {
"purl": "pkg:oci/loki-operator-bundle@sha256:5667ef8d640391c34ac20562b91a1f723005673d96e54a6ba1d178fa2fa73a32?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/loki-operator-bundle\u0026tag=v5.7.2-32"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/loki-rhel8-operator@sha256:1861142f6d9581e572d3086037d5b8264906579df63e7b3ae91f70a3068842f8_amd64",
"product": {
"name": "openshift-logging/loki-rhel8-operator@sha256:1861142f6d9581e572d3086037d5b8264906579df63e7b3ae91f70a3068842f8_amd64",
"product_id": "openshift-logging/loki-rhel8-operator@sha256:1861142f6d9581e572d3086037d5b8264906579df63e7b3ae91f70a3068842f8_amd64",
"product_identification_helper": {
"purl": "pkg:oci/loki-rhel8-operator@sha256:1861142f6d9581e572d3086037d5b8264906579df63e7b3ae91f70a3068842f8?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/loki-rhel8-operator\u0026tag=v5.7.2-12"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/lokistack-gateway-rhel8@sha256:9d5bc7af72f5ef08b1b01f9d34da16ed47a6e65dd632cf369c5848c5e89bfb10_amd64",
"product": {
"name": "openshift-logging/lokistack-gateway-rhel8@sha256:9d5bc7af72f5ef08b1b01f9d34da16ed47a6e65dd632cf369c5848c5e89bfb10_amd64",
"product_id": "openshift-logging/lokistack-gateway-rhel8@sha256:9d5bc7af72f5ef08b1b01f9d34da16ed47a6e65dd632cf369c5848c5e89bfb10_amd64",
"product_identification_helper": {
"purl": "pkg:oci/lokistack-gateway-rhel8@sha256:9d5bc7af72f5ef08b1b01f9d34da16ed47a6e65dd632cf369c5848c5e89bfb10?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/lokistack-gateway-rhel8\u0026tag=v0.1.0-262"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/opa-openshift-rhel8@sha256:549c0984ba0cc9a54d01f44c2554da6574c16967c87e1a72e3f773802c76f63d_amd64",
"product": {
"name": "openshift-logging/opa-openshift-rhel8@sha256:549c0984ba0cc9a54d01f44c2554da6574c16967c87e1a72e3f773802c76f63d_amd64",
"product_id": "openshift-logging/opa-openshift-rhel8@sha256:549c0984ba0cc9a54d01f44c2554da6574c16967c87e1a72e3f773802c76f63d_amd64",
"product_identification_helper": {
"purl": "pkg:oci/opa-openshift-rhel8@sha256:549c0984ba0cc9a54d01f44c2554da6574c16967c87e1a72e3f773802c76f63d?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/opa-openshift-rhel8\u0026tag=v0.1.0-99"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-logging/cluster-logging-rhel8-operator@sha256:8619dafc0e4d978c2eb63e0dbb0389114bbf93c692dc1477ed776c40e589c677_arm64",
"product": {
"name": "openshift-logging/cluster-logging-rhel8-operator@sha256:8619dafc0e4d978c2eb63e0dbb0389114bbf93c692dc1477ed776c40e589c677_arm64",
"product_id": "openshift-logging/cluster-logging-rhel8-operator@sha256:8619dafc0e4d978c2eb63e0dbb0389114bbf93c692dc1477ed776c40e589c677_arm64",
"product_identification_helper": {
"purl": "pkg:oci/cluster-logging-rhel8-operator@sha256:8619dafc0e4d978c2eb63e0dbb0389114bbf93c692dc1477ed776c40e589c677?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging/cluster-logging-rhel8-operator\u0026tag=v5.7.2-24"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch-rhel8-operator@sha256:ab54ef61832141f7675d3dc8d59edf99c3cdd1125c74e222492949c180964452_arm64",
"product": {
"name": "openshift-logging/elasticsearch-rhel8-operator@sha256:ab54ef61832141f7675d3dc8d59edf99c3cdd1125c74e222492949c180964452_arm64",
"product_id": "openshift-logging/elasticsearch-rhel8-operator@sha256:ab54ef61832141f7675d3dc8d59edf99c3cdd1125c74e222492949c180964452_arm64",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch-rhel8-operator@sha256:ab54ef61832141f7675d3dc8d59edf99c3cdd1125c74e222492949c180964452?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch-rhel8-operator\u0026tag=v5.7.2-5"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:22a97db8a595aaa758027b30c7fd2cf3ea0ae6c4d0b70766f8124d8eb17b58c9_arm64",
"product": {
"name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:22a97db8a595aaa758027b30c7fd2cf3ea0ae6c4d0b70766f8124d8eb17b58c9_arm64",
"product_id": "openshift-logging/elasticsearch-proxy-rhel8@sha256:22a97db8a595aaa758027b30c7fd2cf3ea0ae6c4d0b70766f8124d8eb17b58c9_arm64",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch-proxy-rhel8@sha256:22a97db8a595aaa758027b30c7fd2cf3ea0ae6c4d0b70766f8124d8eb17b58c9?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch-proxy-rhel8\u0026tag=v1.0.0-386"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/log-file-metric-exporter-rhel8@sha256:92ff40e217abff467a201e45ebb11330d5352a29d7be3703048a865c7a7aa603_arm64",
"product": {
"name": "openshift-logging/log-file-metric-exporter-rhel8@sha256:92ff40e217abff467a201e45ebb11330d5352a29d7be3703048a865c7a7aa603_arm64",
"product_id": "openshift-logging/log-file-metric-exporter-rhel8@sha256:92ff40e217abff467a201e45ebb11330d5352a29d7be3703048a865c7a7aa603_arm64",
"product_identification_helper": {
"purl": "pkg:oci/log-file-metric-exporter-rhel8@sha256:92ff40e217abff467a201e45ebb11330d5352a29d7be3703048a865c7a7aa603?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel8\u0026tag=v1.1.0-135"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/logging-curator5-rhel8@sha256:d3df7e62f2b1893b4f4879b91531b92652547aa4453fd1bfdc9558ff5a720a84_arm64",
"product": {
"name": "openshift-logging/logging-curator5-rhel8@sha256:d3df7e62f2b1893b4f4879b91531b92652547aa4453fd1bfdc9558ff5a720a84_arm64",
"product_id": "openshift-logging/logging-curator5-rhel8@sha256:d3df7e62f2b1893b4f4879b91531b92652547aa4453fd1bfdc9558ff5a720a84_arm64",
"product_identification_helper": {
"purl": "pkg:oci/logging-curator5-rhel8@sha256:d3df7e62f2b1893b4f4879b91531b92652547aa4453fd1bfdc9558ff5a720a84?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging/logging-curator5-rhel8\u0026tag=v5.8.1-359"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch6-rhel8@sha256:9c28c1ef4a26ab31a9de8941b22705cea8e85918df5e9997cd07ede5bd04e512_arm64",
"product": {
"name": "openshift-logging/elasticsearch6-rhel8@sha256:9c28c1ef4a26ab31a9de8941b22705cea8e85918df5e9997cd07ede5bd04e512_arm64",
"product_id": "openshift-logging/elasticsearch6-rhel8@sha256:9c28c1ef4a26ab31a9de8941b22705cea8e85918df5e9997cd07ede5bd04e512_arm64",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch6-rhel8@sha256:9c28c1ef4a26ab31a9de8941b22705cea8e85918df5e9997cd07ede5bd04e512?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch6-rhel8\u0026tag=v6.8.1-326"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/eventrouter-rhel8@sha256:62134203e3d02a92b4ea0f0f6b96a4046806c655f9b8358de7576a57624a7574_arm64",
"product": {
"name": "openshift-logging/eventrouter-rhel8@sha256:62134203e3d02a92b4ea0f0f6b96a4046806c655f9b8358de7576a57624a7574_arm64",
"product_id": "openshift-logging/eventrouter-rhel8@sha256:62134203e3d02a92b4ea0f0f6b96a4046806c655f9b8358de7576a57624a7574_arm64",
"product_identification_helper": {
"purl": "pkg:oci/eventrouter-rhel8@sha256:62134203e3d02a92b4ea0f0f6b96a4046806c655f9b8358de7576a57624a7574?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging/eventrouter-rhel8\u0026tag=v0.4.0-141"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/fluentd-rhel8@sha256:c082515ff5bcaaf305b24d24b488b2d91627894872b2f2074f7bfa64e0baf313_arm64",
"product": {
"name": "openshift-logging/fluentd-rhel8@sha256:c082515ff5bcaaf305b24d24b488b2d91627894872b2f2074f7bfa64e0baf313_arm64",
"product_id": "openshift-logging/fluentd-rhel8@sha256:c082515ff5bcaaf305b24d24b488b2d91627894872b2f2074f7bfa64e0baf313_arm64",
"product_identification_helper": {
"purl": "pkg:oci/fluentd-rhel8@sha256:c082515ff5bcaaf305b24d24b488b2d91627894872b2f2074f7bfa64e0baf313?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging/fluentd-rhel8\u0026tag=v1.14.6-140"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/kibana6-rhel8@sha256:77a3146e462f9291ea13d13fea97c74b2d59fe84f3dbfc33aafc08837fe5baba_arm64",
"product": {
"name": "openshift-logging/kibana6-rhel8@sha256:77a3146e462f9291ea13d13fea97c74b2d59fe84f3dbfc33aafc08837fe5baba_arm64",
"product_id": "openshift-logging/kibana6-rhel8@sha256:77a3146e462f9291ea13d13fea97c74b2d59fe84f3dbfc33aafc08837fe5baba_arm64",
"product_identification_helper": {
"purl": "pkg:oci/kibana6-rhel8@sha256:77a3146e462f9291ea13d13fea97c74b2d59fe84f3dbfc33aafc08837fe5baba?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging/kibana6-rhel8\u0026tag=v6.8.1-363"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/logging-loki-rhel8@sha256:16c8e2bf0d537e9a787f2250203f9deae1b5f0f0b28e0520ddf6bf9b9c2e04d7_arm64",
"product": {
"name": "openshift-logging/logging-loki-rhel8@sha256:16c8e2bf0d537e9a787f2250203f9deae1b5f0f0b28e0520ddf6bf9b9c2e04d7_arm64",
"product_id": "openshift-logging/logging-loki-rhel8@sha256:16c8e2bf0d537e9a787f2250203f9deae1b5f0f0b28e0520ddf6bf9b9c2e04d7_arm64",
"product_identification_helper": {
"purl": "pkg:oci/logging-loki-rhel8@sha256:16c8e2bf0d537e9a787f2250203f9deae1b5f0f0b28e0520ddf6bf9b9c2e04d7?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging/logging-loki-rhel8\u0026tag=v2.8.0-18"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/vector-rhel8@sha256:30e6149c0c834f785066f790655e67d17cb71ed68aa79dd7e4f2b7e3b8db8aa3_arm64",
"product": {
"name": "openshift-logging/vector-rhel8@sha256:30e6149c0c834f785066f790655e67d17cb71ed68aa79dd7e4f2b7e3b8db8aa3_arm64",
"product_id": "openshift-logging/vector-rhel8@sha256:30e6149c0c834f785066f790655e67d17cb71ed68aa79dd7e4f2b7e3b8db8aa3_arm64",
"product_identification_helper": {
"purl": "pkg:oci/vector-rhel8@sha256:30e6149c0c834f785066f790655e67d17cb71ed68aa79dd7e4f2b7e3b8db8aa3?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging/vector-rhel8\u0026tag=v0.21.0-94"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/logging-view-plugin-rhel8@sha256:50742d41afd16c553729523d8e5e5a6640a2bb9d2d01eb4d18051456bdb422f7_arm64",
"product": {
"name": "openshift-logging/logging-view-plugin-rhel8@sha256:50742d41afd16c553729523d8e5e5a6640a2bb9d2d01eb4d18051456bdb422f7_arm64",
"product_id": "openshift-logging/logging-view-plugin-rhel8@sha256:50742d41afd16c553729523d8e5e5a6640a2bb9d2d01eb4d18051456bdb422f7_arm64",
"product_identification_helper": {
"purl": "pkg:oci/logging-view-plugin-rhel8@sha256:50742d41afd16c553729523d8e5e5a6640a2bb9d2d01eb4d18051456bdb422f7?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging/logging-view-plugin-rhel8\u0026tag=v5.7.2-5"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/loki-rhel8-operator@sha256:0f762d2a6e7e98b8d1a35df4a3d81677507dd2aea8a7c413aaa268bef2fbbe56_arm64",
"product": {
"name": "openshift-logging/loki-rhel8-operator@sha256:0f762d2a6e7e98b8d1a35df4a3d81677507dd2aea8a7c413aaa268bef2fbbe56_arm64",
"product_id": "openshift-logging/loki-rhel8-operator@sha256:0f762d2a6e7e98b8d1a35df4a3d81677507dd2aea8a7c413aaa268bef2fbbe56_arm64",
"product_identification_helper": {
"purl": "pkg:oci/loki-rhel8-operator@sha256:0f762d2a6e7e98b8d1a35df4a3d81677507dd2aea8a7c413aaa268bef2fbbe56?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging/loki-rhel8-operator\u0026tag=v5.7.2-12"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/lokistack-gateway-rhel8@sha256:59113b0585d5f2ad0e2c61220ec3ead6192e14868f6dd9c143af5d13e6235565_arm64",
"product": {
"name": "openshift-logging/lokistack-gateway-rhel8@sha256:59113b0585d5f2ad0e2c61220ec3ead6192e14868f6dd9c143af5d13e6235565_arm64",
"product_id": "openshift-logging/lokistack-gateway-rhel8@sha256:59113b0585d5f2ad0e2c61220ec3ead6192e14868f6dd9c143af5d13e6235565_arm64",
"product_identification_helper": {
"purl": "pkg:oci/lokistack-gateway-rhel8@sha256:59113b0585d5f2ad0e2c61220ec3ead6192e14868f6dd9c143af5d13e6235565?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging/lokistack-gateway-rhel8\u0026tag=v0.1.0-262"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/opa-openshift-rhel8@sha256:456a76e7ef5687b45ade9360670c2e3793d38cbca5e132763850a7cfd0861811_arm64",
"product": {
"name": "openshift-logging/opa-openshift-rhel8@sha256:456a76e7ef5687b45ade9360670c2e3793d38cbca5e132763850a7cfd0861811_arm64",
"product_id": "openshift-logging/opa-openshift-rhel8@sha256:456a76e7ef5687b45ade9360670c2e3793d38cbca5e132763850a7cfd0861811_arm64",
"product_identification_helper": {
"purl": "pkg:oci/opa-openshift-rhel8@sha256:456a76e7ef5687b45ade9360670c2e3793d38cbca5e132763850a7cfd0861811?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging/opa-openshift-rhel8\u0026tag=v0.1.0-99"
}
}
}
],
"category": "architecture",
"name": "arm64"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-logging/cluster-logging-rhel8-operator@sha256:ae56b7bb5f88e54739e103c16b57eb776661c8942d0d58dae683f33dc839191a_ppc64le",
"product": {
"name": "openshift-logging/cluster-logging-rhel8-operator@sha256:ae56b7bb5f88e54739e103c16b57eb776661c8942d0d58dae683f33dc839191a_ppc64le",
"product_id": "openshift-logging/cluster-logging-rhel8-operator@sha256:ae56b7bb5f88e54739e103c16b57eb776661c8942d0d58dae683f33dc839191a_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/cluster-logging-rhel8-operator@sha256:ae56b7bb5f88e54739e103c16b57eb776661c8942d0d58dae683f33dc839191a?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/cluster-logging-rhel8-operator\u0026tag=v5.7.2-24"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch-rhel8-operator@sha256:5aaa60e772fd3f47d7b12d12c2eb55176803175656f834c48ed5003bf6c80600_ppc64le",
"product": {
"name": "openshift-logging/elasticsearch-rhel8-operator@sha256:5aaa60e772fd3f47d7b12d12c2eb55176803175656f834c48ed5003bf6c80600_ppc64le",
"product_id": "openshift-logging/elasticsearch-rhel8-operator@sha256:5aaa60e772fd3f47d7b12d12c2eb55176803175656f834c48ed5003bf6c80600_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch-rhel8-operator@sha256:5aaa60e772fd3f47d7b12d12c2eb55176803175656f834c48ed5003bf6c80600?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch-rhel8-operator\u0026tag=v5.7.2-5"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:0abd84da4fd5bf4f2657c0a7ba2f8fd8b878c15121fccbe8fb5f461b2ea5a9b3_ppc64le",
"product": {
"name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:0abd84da4fd5bf4f2657c0a7ba2f8fd8b878c15121fccbe8fb5f461b2ea5a9b3_ppc64le",
"product_id": "openshift-logging/elasticsearch-proxy-rhel8@sha256:0abd84da4fd5bf4f2657c0a7ba2f8fd8b878c15121fccbe8fb5f461b2ea5a9b3_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch-proxy-rhel8@sha256:0abd84da4fd5bf4f2657c0a7ba2f8fd8b878c15121fccbe8fb5f461b2ea5a9b3?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch-proxy-rhel8\u0026tag=v1.0.0-386"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/log-file-metric-exporter-rhel8@sha256:d5b2f702c19854620778f1a99c07e18c94ad2fd510b8484d2ac53c6ae8c0a8e2_ppc64le",
"product": {
"name": "openshift-logging/log-file-metric-exporter-rhel8@sha256:d5b2f702c19854620778f1a99c07e18c94ad2fd510b8484d2ac53c6ae8c0a8e2_ppc64le",
"product_id": "openshift-logging/log-file-metric-exporter-rhel8@sha256:d5b2f702c19854620778f1a99c07e18c94ad2fd510b8484d2ac53c6ae8c0a8e2_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/log-file-metric-exporter-rhel8@sha256:d5b2f702c19854620778f1a99c07e18c94ad2fd510b8484d2ac53c6ae8c0a8e2?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel8\u0026tag=v1.1.0-135"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/logging-curator5-rhel8@sha256:12c1aafdb570d4a58c89d12d50dc129ee6f1eeb2a67d3e05a2a23d96d7d17d9c_ppc64le",
"product": {
"name": "openshift-logging/logging-curator5-rhel8@sha256:12c1aafdb570d4a58c89d12d50dc129ee6f1eeb2a67d3e05a2a23d96d7d17d9c_ppc64le",
"product_id": "openshift-logging/logging-curator5-rhel8@sha256:12c1aafdb570d4a58c89d12d50dc129ee6f1eeb2a67d3e05a2a23d96d7d17d9c_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/logging-curator5-rhel8@sha256:12c1aafdb570d4a58c89d12d50dc129ee6f1eeb2a67d3e05a2a23d96d7d17d9c?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/logging-curator5-rhel8\u0026tag=v5.8.1-359"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch6-rhel8@sha256:4685b2792af31c22d64220aaf7693e121826fdc2d8acd5be7bd0557995b8dea0_ppc64le",
"product": {
"name": "openshift-logging/elasticsearch6-rhel8@sha256:4685b2792af31c22d64220aaf7693e121826fdc2d8acd5be7bd0557995b8dea0_ppc64le",
"product_id": "openshift-logging/elasticsearch6-rhel8@sha256:4685b2792af31c22d64220aaf7693e121826fdc2d8acd5be7bd0557995b8dea0_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch6-rhel8@sha256:4685b2792af31c22d64220aaf7693e121826fdc2d8acd5be7bd0557995b8dea0?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch6-rhel8\u0026tag=v6.8.1-326"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/eventrouter-rhel8@sha256:f8ff9fda083e55a5113ba614c739d83d52ee3115429075d0eb03fea2e9d5d711_ppc64le",
"product": {
"name": "openshift-logging/eventrouter-rhel8@sha256:f8ff9fda083e55a5113ba614c739d83d52ee3115429075d0eb03fea2e9d5d711_ppc64le",
"product_id": "openshift-logging/eventrouter-rhel8@sha256:f8ff9fda083e55a5113ba614c739d83d52ee3115429075d0eb03fea2e9d5d711_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/eventrouter-rhel8@sha256:f8ff9fda083e55a5113ba614c739d83d52ee3115429075d0eb03fea2e9d5d711?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/eventrouter-rhel8\u0026tag=v0.4.0-141"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/fluentd-rhel8@sha256:5dd0468121013d75c3c5b5def726b6d71f66d2086defad6cc1d54015f057f956_ppc64le",
"product": {
"name": "openshift-logging/fluentd-rhel8@sha256:5dd0468121013d75c3c5b5def726b6d71f66d2086defad6cc1d54015f057f956_ppc64le",
"product_id": "openshift-logging/fluentd-rhel8@sha256:5dd0468121013d75c3c5b5def726b6d71f66d2086defad6cc1d54015f057f956_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/fluentd-rhel8@sha256:5dd0468121013d75c3c5b5def726b6d71f66d2086defad6cc1d54015f057f956?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/fluentd-rhel8\u0026tag=v1.14.6-140"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/kibana6-rhel8@sha256:c8dff12b758f72cb6096c83a9b0e4918efab24e41c60e3dd1db91b561a204a9f_ppc64le",
"product": {
"name": "openshift-logging/kibana6-rhel8@sha256:c8dff12b758f72cb6096c83a9b0e4918efab24e41c60e3dd1db91b561a204a9f_ppc64le",
"product_id": "openshift-logging/kibana6-rhel8@sha256:c8dff12b758f72cb6096c83a9b0e4918efab24e41c60e3dd1db91b561a204a9f_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/kibana6-rhel8@sha256:c8dff12b758f72cb6096c83a9b0e4918efab24e41c60e3dd1db91b561a204a9f?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/kibana6-rhel8\u0026tag=v6.8.1-363"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/logging-loki-rhel8@sha256:8b3fdd7f5b498336eff6881c742c59a2f6acdaaaf0ed80141d66170c19e6dfa7_ppc64le",
"product": {
"name": "openshift-logging/logging-loki-rhel8@sha256:8b3fdd7f5b498336eff6881c742c59a2f6acdaaaf0ed80141d66170c19e6dfa7_ppc64le",
"product_id": "openshift-logging/logging-loki-rhel8@sha256:8b3fdd7f5b498336eff6881c742c59a2f6acdaaaf0ed80141d66170c19e6dfa7_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/logging-loki-rhel8@sha256:8b3fdd7f5b498336eff6881c742c59a2f6acdaaaf0ed80141d66170c19e6dfa7?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/logging-loki-rhel8\u0026tag=v2.8.0-18"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/vector-rhel8@sha256:7f3f463d22450c505c9a2ac6cca844b2d8a6124379e10beeab2ec8381dad913e_ppc64le",
"product": {
"name": "openshift-logging/vector-rhel8@sha256:7f3f463d22450c505c9a2ac6cca844b2d8a6124379e10beeab2ec8381dad913e_ppc64le",
"product_id": "openshift-logging/vector-rhel8@sha256:7f3f463d22450c505c9a2ac6cca844b2d8a6124379e10beeab2ec8381dad913e_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/vector-rhel8@sha256:7f3f463d22450c505c9a2ac6cca844b2d8a6124379e10beeab2ec8381dad913e?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/vector-rhel8\u0026tag=v0.21.0-94"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/logging-view-plugin-rhel8@sha256:ef63d4524f60a38ec8b4ec306f94ac865397d2f1616cdad7ed11722c49b9565e_ppc64le",
"product": {
"name": "openshift-logging/logging-view-plugin-rhel8@sha256:ef63d4524f60a38ec8b4ec306f94ac865397d2f1616cdad7ed11722c49b9565e_ppc64le",
"product_id": "openshift-logging/logging-view-plugin-rhel8@sha256:ef63d4524f60a38ec8b4ec306f94ac865397d2f1616cdad7ed11722c49b9565e_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/logging-view-plugin-rhel8@sha256:ef63d4524f60a38ec8b4ec306f94ac865397d2f1616cdad7ed11722c49b9565e?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/logging-view-plugin-rhel8\u0026tag=v5.7.2-5"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/loki-rhel8-operator@sha256:214c8f4d86ff90cfddafa93dc1c3d5b3304bbfa35d3aec0b5aff30265f988f16_ppc64le",
"product": {
"name": "openshift-logging/loki-rhel8-operator@sha256:214c8f4d86ff90cfddafa93dc1c3d5b3304bbfa35d3aec0b5aff30265f988f16_ppc64le",
"product_id": "openshift-logging/loki-rhel8-operator@sha256:214c8f4d86ff90cfddafa93dc1c3d5b3304bbfa35d3aec0b5aff30265f988f16_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/loki-rhel8-operator@sha256:214c8f4d86ff90cfddafa93dc1c3d5b3304bbfa35d3aec0b5aff30265f988f16?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/loki-rhel8-operator\u0026tag=v5.7.2-12"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/lokistack-gateway-rhel8@sha256:0d9c0ccdf55842f06ed98efecba60e6614f764bb7e1dbe5861971e8ba8c80404_ppc64le",
"product": {
"name": "openshift-logging/lokistack-gateway-rhel8@sha256:0d9c0ccdf55842f06ed98efecba60e6614f764bb7e1dbe5861971e8ba8c80404_ppc64le",
"product_id": "openshift-logging/lokistack-gateway-rhel8@sha256:0d9c0ccdf55842f06ed98efecba60e6614f764bb7e1dbe5861971e8ba8c80404_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/lokistack-gateway-rhel8@sha256:0d9c0ccdf55842f06ed98efecba60e6614f764bb7e1dbe5861971e8ba8c80404?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/lokistack-gateway-rhel8\u0026tag=v0.1.0-262"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/opa-openshift-rhel8@sha256:9e5ca10fd6967fa319fcba97aed737c4bdbbad6fbe19e43bc86010e89132669f_ppc64le",
"product": {
"name": "openshift-logging/opa-openshift-rhel8@sha256:9e5ca10fd6967fa319fcba97aed737c4bdbbad6fbe19e43bc86010e89132669f_ppc64le",
"product_id": "openshift-logging/opa-openshift-rhel8@sha256:9e5ca10fd6967fa319fcba97aed737c4bdbbad6fbe19e43bc86010e89132669f_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/opa-openshift-rhel8@sha256:9e5ca10fd6967fa319fcba97aed737c4bdbbad6fbe19e43bc86010e89132669f?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/opa-openshift-rhel8\u0026tag=v0.1.0-99"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-logging/cluster-logging-rhel8-operator@sha256:60f75c6ae180291f7e8eae0dd9999f0c17a74863b20d23f45a675cb427cabcf8_s390x",
"product": {
"name": "openshift-logging/cluster-logging-rhel8-operator@sha256:60f75c6ae180291f7e8eae0dd9999f0c17a74863b20d23f45a675cb427cabcf8_s390x",
"product_id": "openshift-logging/cluster-logging-rhel8-operator@sha256:60f75c6ae180291f7e8eae0dd9999f0c17a74863b20d23f45a675cb427cabcf8_s390x",
"product_identification_helper": {
"purl": "pkg:oci/cluster-logging-rhel8-operator@sha256:60f75c6ae180291f7e8eae0dd9999f0c17a74863b20d23f45a675cb427cabcf8?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/cluster-logging-rhel8-operator\u0026tag=v5.7.2-24"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch-rhel8-operator@sha256:fa36283092c27cd60761703d1eee07b92358dfe1157273b51b37b583a6060b35_s390x",
"product": {
"name": "openshift-logging/elasticsearch-rhel8-operator@sha256:fa36283092c27cd60761703d1eee07b92358dfe1157273b51b37b583a6060b35_s390x",
"product_id": "openshift-logging/elasticsearch-rhel8-operator@sha256:fa36283092c27cd60761703d1eee07b92358dfe1157273b51b37b583a6060b35_s390x",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch-rhel8-operator@sha256:fa36283092c27cd60761703d1eee07b92358dfe1157273b51b37b583a6060b35?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch-rhel8-operator\u0026tag=v5.7.2-5"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:160985f4c009f8cce7b36c1142756f25ff2413937da194facc6bc85cb0863551_s390x",
"product": {
"name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:160985f4c009f8cce7b36c1142756f25ff2413937da194facc6bc85cb0863551_s390x",
"product_id": "openshift-logging/elasticsearch-proxy-rhel8@sha256:160985f4c009f8cce7b36c1142756f25ff2413937da194facc6bc85cb0863551_s390x",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch-proxy-rhel8@sha256:160985f4c009f8cce7b36c1142756f25ff2413937da194facc6bc85cb0863551?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch-proxy-rhel8\u0026tag=v1.0.0-386"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/log-file-metric-exporter-rhel8@sha256:cf228007b8ef6af94bee09d300d4c9917162041b08a91b0556e4083976050b5f_s390x",
"product": {
"name": "openshift-logging/log-file-metric-exporter-rhel8@sha256:cf228007b8ef6af94bee09d300d4c9917162041b08a91b0556e4083976050b5f_s390x",
"product_id": "openshift-logging/log-file-metric-exporter-rhel8@sha256:cf228007b8ef6af94bee09d300d4c9917162041b08a91b0556e4083976050b5f_s390x",
"product_identification_helper": {
"purl": "pkg:oci/log-file-metric-exporter-rhel8@sha256:cf228007b8ef6af94bee09d300d4c9917162041b08a91b0556e4083976050b5f?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel8\u0026tag=v1.1.0-135"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/logging-curator5-rhel8@sha256:5c0cf908612a36333722f5fed31e266a398db32739dd2e4f074428877b363c85_s390x",
"product": {
"name": "openshift-logging/logging-curator5-rhel8@sha256:5c0cf908612a36333722f5fed31e266a398db32739dd2e4f074428877b363c85_s390x",
"product_id": "openshift-logging/logging-curator5-rhel8@sha256:5c0cf908612a36333722f5fed31e266a398db32739dd2e4f074428877b363c85_s390x",
"product_identification_helper": {
"purl": "pkg:oci/logging-curator5-rhel8@sha256:5c0cf908612a36333722f5fed31e266a398db32739dd2e4f074428877b363c85?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/logging-curator5-rhel8\u0026tag=v5.8.1-359"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch6-rhel8@sha256:cc65e3adf0590cd58a073f351be36a2bc60ea1aa0183a0c9dcb9ae726830a078_s390x",
"product": {
"name": "openshift-logging/elasticsearch6-rhel8@sha256:cc65e3adf0590cd58a073f351be36a2bc60ea1aa0183a0c9dcb9ae726830a078_s390x",
"product_id": "openshift-logging/elasticsearch6-rhel8@sha256:cc65e3adf0590cd58a073f351be36a2bc60ea1aa0183a0c9dcb9ae726830a078_s390x",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch6-rhel8@sha256:cc65e3adf0590cd58a073f351be36a2bc60ea1aa0183a0c9dcb9ae726830a078?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch6-rhel8\u0026tag=v6.8.1-326"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/eventrouter-rhel8@sha256:05c5123b3c5757f6239327c7ee96d2ce9fecbeef1dc39feade38d9417941122d_s390x",
"product": {
"name": "openshift-logging/eventrouter-rhel8@sha256:05c5123b3c5757f6239327c7ee96d2ce9fecbeef1dc39feade38d9417941122d_s390x",
"product_id": "openshift-logging/eventrouter-rhel8@sha256:05c5123b3c5757f6239327c7ee96d2ce9fecbeef1dc39feade38d9417941122d_s390x",
"product_identification_helper": {
"purl": "pkg:oci/eventrouter-rhel8@sha256:05c5123b3c5757f6239327c7ee96d2ce9fecbeef1dc39feade38d9417941122d?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/eventrouter-rhel8\u0026tag=v0.4.0-141"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/fluentd-rhel8@sha256:9e35721ad22c9c67e6bd49f7978c495d72743ad43c21425cb97a57b5f6d03653_s390x",
"product": {
"name": "openshift-logging/fluentd-rhel8@sha256:9e35721ad22c9c67e6bd49f7978c495d72743ad43c21425cb97a57b5f6d03653_s390x",
"product_id": "openshift-logging/fluentd-rhel8@sha256:9e35721ad22c9c67e6bd49f7978c495d72743ad43c21425cb97a57b5f6d03653_s390x",
"product_identification_helper": {
"purl": "pkg:oci/fluentd-rhel8@sha256:9e35721ad22c9c67e6bd49f7978c495d72743ad43c21425cb97a57b5f6d03653?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/fluentd-rhel8\u0026tag=v1.14.6-140"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/kibana6-rhel8@sha256:be0b14bae5a4e42bb760ef93676153d2e9d0eaa72075b745df29ab519223a226_s390x",
"product": {
"name": "openshift-logging/kibana6-rhel8@sha256:be0b14bae5a4e42bb760ef93676153d2e9d0eaa72075b745df29ab519223a226_s390x",
"product_id": "openshift-logging/kibana6-rhel8@sha256:be0b14bae5a4e42bb760ef93676153d2e9d0eaa72075b745df29ab519223a226_s390x",
"product_identification_helper": {
"purl": "pkg:oci/kibana6-rhel8@sha256:be0b14bae5a4e42bb760ef93676153d2e9d0eaa72075b745df29ab519223a226?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/kibana6-rhel8\u0026tag=v6.8.1-363"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/logging-loki-rhel8@sha256:fcb11d3e6cc848ca774d353117c6a5c4770d455f8a64bce1223296d0afc298ef_s390x",
"product": {
"name": "openshift-logging/logging-loki-rhel8@sha256:fcb11d3e6cc848ca774d353117c6a5c4770d455f8a64bce1223296d0afc298ef_s390x",
"product_id": "openshift-logging/logging-loki-rhel8@sha256:fcb11d3e6cc848ca774d353117c6a5c4770d455f8a64bce1223296d0afc298ef_s390x",
"product_identification_helper": {
"purl": "pkg:oci/logging-loki-rhel8@sha256:fcb11d3e6cc848ca774d353117c6a5c4770d455f8a64bce1223296d0afc298ef?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/logging-loki-rhel8\u0026tag=v2.8.0-18"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/vector-rhel8@sha256:3c659bcf727aca2adff20087b41a5467cc52de825409df3468edb7e9c90fab41_s390x",
"product": {
"name": "openshift-logging/vector-rhel8@sha256:3c659bcf727aca2adff20087b41a5467cc52de825409df3468edb7e9c90fab41_s390x",
"product_id": "openshift-logging/vector-rhel8@sha256:3c659bcf727aca2adff20087b41a5467cc52de825409df3468edb7e9c90fab41_s390x",
"product_identification_helper": {
"purl": "pkg:oci/vector-rhel8@sha256:3c659bcf727aca2adff20087b41a5467cc52de825409df3468edb7e9c90fab41?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/vector-rhel8\u0026tag=v0.21.0-94"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/logging-view-plugin-rhel8@sha256:29aaf15b222d1204253f4f82f3e17015a3fe77b3106580628442316bc2b2d26e_s390x",
"product": {
"name": "openshift-logging/logging-view-plugin-rhel8@sha256:29aaf15b222d1204253f4f82f3e17015a3fe77b3106580628442316bc2b2d26e_s390x",
"product_id": "openshift-logging/logging-view-plugin-rhel8@sha256:29aaf15b222d1204253f4f82f3e17015a3fe77b3106580628442316bc2b2d26e_s390x",
"product_identification_helper": {
"purl": "pkg:oci/logging-view-plugin-rhel8@sha256:29aaf15b222d1204253f4f82f3e17015a3fe77b3106580628442316bc2b2d26e?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/logging-view-plugin-rhel8\u0026tag=v5.7.2-5"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/loki-rhel8-operator@sha256:62a71fd5ea0d3c6c26f06a56795ecca801f1a0ab570f08dfc44bd9b534775e58_s390x",
"product": {
"name": "openshift-logging/loki-rhel8-operator@sha256:62a71fd5ea0d3c6c26f06a56795ecca801f1a0ab570f08dfc44bd9b534775e58_s390x",
"product_id": "openshift-logging/loki-rhel8-operator@sha256:62a71fd5ea0d3c6c26f06a56795ecca801f1a0ab570f08dfc44bd9b534775e58_s390x",
"product_identification_helper": {
"purl": "pkg:oci/loki-rhel8-operator@sha256:62a71fd5ea0d3c6c26f06a56795ecca801f1a0ab570f08dfc44bd9b534775e58?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/loki-rhel8-operator\u0026tag=v5.7.2-12"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/lokistack-gateway-rhel8@sha256:b46f89c08df34b8ad7f2af805be0e005d9dfdfd94a0fbee6f5820200752ae11e_s390x",
"product": {
"name": "openshift-logging/lokistack-gateway-rhel8@sha256:b46f89c08df34b8ad7f2af805be0e005d9dfdfd94a0fbee6f5820200752ae11e_s390x",
"product_id": "openshift-logging/lokistack-gateway-rhel8@sha256:b46f89c08df34b8ad7f2af805be0e005d9dfdfd94a0fbee6f5820200752ae11e_s390x",
"product_identification_helper": {
"purl": "pkg:oci/lokistack-gateway-rhel8@sha256:b46f89c08df34b8ad7f2af805be0e005d9dfdfd94a0fbee6f5820200752ae11e?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/lokistack-gateway-rhel8\u0026tag=v0.1.0-262"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/opa-openshift-rhel8@sha256:543213dd4f0132d51e5823f4bb9ee450b90e85c10bb817475f03404a430c7706_s390x",
"product": {
"name": "openshift-logging/opa-openshift-rhel8@sha256:543213dd4f0132d51e5823f4bb9ee450b90e85c10bb817475f03404a430c7706_s390x",
"product_id": "openshift-logging/opa-openshift-rhel8@sha256:543213dd4f0132d51e5823f4bb9ee450b90e85c10bb817475f03404a430c7706_s390x",
"product_identification_helper": {
"purl": "pkg:oci/opa-openshift-rhel8@sha256:543213dd4f0132d51e5823f4bb9ee450b90e85c10bb817475f03404a430c7706?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/opa-openshift-rhel8\u0026tag=v0.1.0-99"
}
}
}
],
"category": "architecture",
"name": "s390x"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/cluster-logging-operator-bundle@sha256:67922a4fa417673d97eca28344c77ba81d4f77cb1b86e1ca532b41a82b6f6520_amd64 as a component of RHOL 5.7 for RHEL 8",
"product_id": "8Base-RHOL-5.7:openshift-logging/cluster-logging-operator-bundle@sha256:67922a4fa417673d97eca28344c77ba81d4f77cb1b86e1ca532b41a82b6f6520_amd64"
},
"product_reference": "openshift-logging/cluster-logging-operator-bundle@sha256:67922a4fa417673d97eca28344c77ba81d4f77cb1b86e1ca532b41a82b6f6520_amd64",
"relates_to_product_reference": "8Base-RHOL-5.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/cluster-logging-rhel8-operator@sha256:60f75c6ae180291f7e8eae0dd9999f0c17a74863b20d23f45a675cb427cabcf8_s390x as a component of RHOL 5.7 for RHEL 8",
"product_id": "8Base-RHOL-5.7:openshift-logging/cluster-logging-rhel8-operator@sha256:60f75c6ae180291f7e8eae0dd9999f0c17a74863b20d23f45a675cb427cabcf8_s390x"
},
"product_reference": "openshift-logging/cluster-logging-rhel8-operator@sha256:60f75c6ae180291f7e8eae0dd9999f0c17a74863b20d23f45a675cb427cabcf8_s390x",
"relates_to_product_reference": "8Base-RHOL-5.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/cluster-logging-rhel8-operator@sha256:8619dafc0e4d978c2eb63e0dbb0389114bbf93c692dc1477ed776c40e589c677_arm64 as a component of RHOL 5.7 for RHEL 8",
"product_id": "8Base-RHOL-5.7:openshift-logging/cluster-logging-rhel8-operator@sha256:8619dafc0e4d978c2eb63e0dbb0389114bbf93c692dc1477ed776c40e589c677_arm64"
},
"product_reference": "openshift-logging/cluster-logging-rhel8-operator@sha256:8619dafc0e4d978c2eb63e0dbb0389114bbf93c692dc1477ed776c40e589c677_arm64",
"relates_to_product_reference": "8Base-RHOL-5.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/cluster-logging-rhel8-operator@sha256:ae56b7bb5f88e54739e103c16b57eb776661c8942d0d58dae683f33dc839191a_ppc64le as a component of RHOL 5.7 for RHEL 8",
"product_id": "8Base-RHOL-5.7:openshift-logging/cluster-logging-rhel8-operator@sha256:ae56b7bb5f88e54739e103c16b57eb776661c8942d0d58dae683f33dc839191a_ppc64le"
},
"product_reference": "openshift-logging/cluster-logging-rhel8-operator@sha256:ae56b7bb5f88e54739e103c16b57eb776661c8942d0d58dae683f33dc839191a_ppc64le",
"relates_to_product_reference": "8Base-RHOL-5.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/cluster-logging-rhel8-operator@sha256:c127a5211070607bc6daaa404fb221a91134ee18261691041448fb18203e711b_amd64 as a component of RHOL 5.7 for RHEL 8",
"product_id": "8Base-RHOL-5.7:openshift-logging/cluster-logging-rhel8-operator@sha256:c127a5211070607bc6daaa404fb221a91134ee18261691041448fb18203e711b_amd64"
},
"product_reference": "openshift-logging/cluster-logging-rhel8-operator@sha256:c127a5211070607bc6daaa404fb221a91134ee18261691041448fb18203e711b_amd64",
"relates_to_product_reference": "8Base-RHOL-5.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch-operator-bundle@sha256:f56e69a40c6f51da46fbaf3fd170f84e20a45bac6c77b3b6d16130ae7be62394_amd64 as a component of RHOL 5.7 for RHEL 8",
"product_id": "8Base-RHOL-5.7:openshift-logging/elasticsearch-operator-bundle@sha256:f56e69a40c6f51da46fbaf3fd170f84e20a45bac6c77b3b6d16130ae7be62394_amd64"
},
"product_reference": "openshift-logging/elasticsearch-operator-bundle@sha256:f56e69a40c6f51da46fbaf3fd170f84e20a45bac6c77b3b6d16130ae7be62394_amd64",
"relates_to_product_reference": "8Base-RHOL-5.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:0abd84da4fd5bf4f2657c0a7ba2f8fd8b878c15121fccbe8fb5f461b2ea5a9b3_ppc64le as a component of RHOL 5.7 for RHEL 8",
"product_id": "8Base-RHOL-5.7:openshift-logging/elasticsearch-proxy-rhel8@sha256:0abd84da4fd5bf4f2657c0a7ba2f8fd8b878c15121fccbe8fb5f461b2ea5a9b3_ppc64le"
},
"product_reference": "openshift-logging/elasticsearch-proxy-rhel8@sha256:0abd84da4fd5bf4f2657c0a7ba2f8fd8b878c15121fccbe8fb5f461b2ea5a9b3_ppc64le",
"relates_to_product_reference": "8Base-RHOL-5.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:160985f4c009f8cce7b36c1142756f25ff2413937da194facc6bc85cb0863551_s390x as a component of RHOL 5.7 for RHEL 8",
"product_id": "8Base-RHOL-5.7:openshift-logging/elasticsearch-proxy-rhel8@sha256:160985f4c009f8cce7b36c1142756f25ff2413937da194facc6bc85cb0863551_s390x"
},
"product_reference": "openshift-logging/elasticsearch-proxy-rhel8@sha256:160985f4c009f8cce7b36c1142756f25ff2413937da194facc6bc85cb0863551_s390x",
"relates_to_product_reference": "8Base-RHOL-5.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:22a97db8a595aaa758027b30c7fd2cf3ea0ae6c4d0b70766f8124d8eb17b58c9_arm64 as a component of RHOL 5.7 for RHEL 8",
"product_id": "8Base-RHOL-5.7:openshift-logging/elasticsearch-proxy-rhel8@sha256:22a97db8a595aaa758027b30c7fd2cf3ea0ae6c4d0b70766f8124d8eb17b58c9_arm64"
},
"product_reference": "openshift-logging/elasticsearch-proxy-rhel8@sha256:22a97db8a595aaa758027b30c7fd2cf3ea0ae6c4d0b70766f8124d8eb17b58c9_arm64",
"relates_to_product_reference": "8Base-RHOL-5.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:38404132fe318e05f607c0e0ffb78baa25bb9477f53f40436b0cc50d21dd52bb_amd64 as a component of RHOL 5.7 for RHEL 8",
"product_id": "8Base-RHOL-5.7:openshift-logging/elasticsearch-proxy-rhel8@sha256:38404132fe318e05f607c0e0ffb78baa25bb9477f53f40436b0cc50d21dd52bb_amd64"
},
"product_reference": "openshift-logging/elasticsearch-proxy-rhel8@sha256:38404132fe318e05f607c0e0ffb78baa25bb9477f53f40436b0cc50d21dd52bb_amd64",
"relates_to_product_reference": "8Base-RHOL-5.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch-rhel8-operator@sha256:5aaa60e772fd3f47d7b12d12c2eb55176803175656f834c48ed5003bf6c80600_ppc64le as a component of RHOL 5.7 for RHEL 8",
"product_id": "8Base-RHOL-5.7:openshift-logging/elasticsearch-rhel8-operator@sha256:5aaa60e772fd3f47d7b12d12c2eb55176803175656f834c48ed5003bf6c80600_ppc64le"
},
"product_reference": "openshift-logging/elasticsearch-rhel8-operator@sha256:5aaa60e772fd3f47d7b12d12c2eb55176803175656f834c48ed5003bf6c80600_ppc64le",
"relates_to_product_reference": "8Base-RHOL-5.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch-rhel8-operator@sha256:61c30851d3d9f544c37c7616ec8a4ba34b7b37f3555960d0c8fa2be78f44947f_amd64 as a component of RHOL 5.7 for RHEL 8",
"product_id": "8Base-RHOL-5.7:openshift-logging/elasticsearch-rhel8-operator@sha256:61c30851d3d9f544c37c7616ec8a4ba34b7b37f3555960d0c8fa2be78f44947f_amd64"
},
"product_reference": "openshift-logging/elasticsearch-rhel8-operator@sha256:61c30851d3d9f544c37c7616ec8a4ba34b7b37f3555960d0c8fa2be78f44947f_amd64",
"relates_to_product_reference": "8Base-RHOL-5.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch-rhel8-operator@sha256:ab54ef61832141f7675d3dc8d59edf99c3cdd1125c74e222492949c180964452_arm64 as a component of RHOL 5.7 for RHEL 8",
"product_id": "8Base-RHOL-5.7:openshift-logging/elasticsearch-rhel8-operator@sha256:ab54ef61832141f7675d3dc8d59edf99c3cdd1125c74e222492949c180964452_arm64"
},
"product_reference": "openshift-logging/elasticsearch-rhel8-operator@sha256:ab54ef61832141f7675d3dc8d59edf99c3cdd1125c74e222492949c180964452_arm64",
"relates_to_product_reference": "8Base-RHOL-5.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch-rhel8-operator@sha256:fa36283092c27cd60761703d1eee07b92358dfe1157273b51b37b583a6060b35_s390x as a component of RHOL 5.7 for RHEL 8",
"product_id": "8Base-RHOL-5.7:openshift-logging/elasticsearch-rhel8-operator@sha256:fa36283092c27cd60761703d1eee07b92358dfe1157273b51b37b583a6060b35_s390x"
},
"product_reference": "openshift-logging/elasticsearch-rhel8-operator@sha256:fa36283092c27cd60761703d1eee07b92358dfe1157273b51b37b583a6060b35_s390x",
"relates_to_product_reference": "8Base-RHOL-5.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch6-rhel8@sha256:4685b2792af31c22d64220aaf7693e121826fdc2d8acd5be7bd0557995b8dea0_ppc64le as a component of RHOL 5.7 for RHEL 8",
"product_id": "8Base-RHOL-5.7:openshift-logging/elasticsearch6-rhel8@sha256:4685b2792af31c22d64220aaf7693e121826fdc2d8acd5be7bd0557995b8dea0_ppc64le"
},
"product_reference": "openshift-logging/elasticsearch6-rhel8@sha256:4685b2792af31c22d64220aaf7693e121826fdc2d8acd5be7bd0557995b8dea0_ppc64le",
"relates_to_product_reference": "8Base-RHOL-5.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch6-rhel8@sha256:611cef3b88e71c24f002e3a37de6883f54ca0e8eb9f8b60aff41ab2dcb249745_amd64 as a component of RHOL 5.7 for RHEL 8",
"product_id": "8Base-RHOL-5.7:openshift-logging/elasticsearch6-rhel8@sha256:611cef3b88e71c24f002e3a37de6883f54ca0e8eb9f8b60aff41ab2dcb249745_amd64"
},
"product_reference": "openshift-logging/elasticsearch6-rhel8@sha256:611cef3b88e71c24f002e3a37de6883f54ca0e8eb9f8b60aff41ab2dcb249745_amd64",
"relates_to_product_reference": "8Base-RHOL-5.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch6-rhel8@sha256:9c28c1ef4a26ab31a9de8941b22705cea8e85918df5e9997cd07ede5bd04e512_arm64 as a component of RHOL 5.7 for RHEL 8",
"product_id": "8Base-RHOL-5.7:openshift-logging/elasticsearch6-rhel8@sha256:9c28c1ef4a26ab31a9de8941b22705cea8e85918df5e9997cd07ede5bd04e512_arm64"
},
"product_reference": "openshift-logging/elasticsearch6-rhel8@sha256:9c28c1ef4a26ab31a9de8941b22705cea8e85918df5e9997cd07ede5bd04e512_arm64",
"relates_to_product_reference": "8Base-RHOL-5.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch6-rhel8@sha256:cc65e3adf0590cd58a073f351be36a2bc60ea1aa0183a0c9dcb9ae726830a078_s390x as a component of RHOL 5.7 for RHEL 8",
"product_id": "8Base-RHOL-5.7:openshift-logging/elasticsearch6-rhel8@sha256:cc65e3adf0590cd58a073f351be36a2bc60ea1aa0183a0c9dcb9ae726830a078_s390x"
},
"product_reference": "openshift-logging/elasticsearch6-rhel8@sha256:cc65e3adf0590cd58a073f351be36a2bc60ea1aa0183a0c9dcb9ae726830a078_s390x",
"relates_to_product_reference": "8Base-RHOL-5.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/eventrouter-rhel8@sha256:05c5123b3c5757f6239327c7ee96d2ce9fecbeef1dc39feade38d9417941122d_s390x as a component of RHOL 5.7 for RHEL 8",
"product_id": "8Base-RHOL-5.7:openshift-logging/eventrouter-rhel8@sha256:05c5123b3c5757f6239327c7ee96d2ce9fecbeef1dc39feade38d9417941122d_s390x"
},
"product_reference": "openshift-logging/eventrouter-rhel8@sha256:05c5123b3c5757f6239327c7ee96d2ce9fecbeef1dc39feade38d9417941122d_s390x",
"relates_to_product_reference": "8Base-RHOL-5.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/eventrouter-rhel8@sha256:62134203e3d02a92b4ea0f0f6b96a4046806c655f9b8358de7576a57624a7574_arm64 as a component of RHOL 5.7 for RHEL 8",
"product_id": "8Base-RHOL-5.7:openshift-logging/eventrouter-rhel8@sha256:62134203e3d02a92b4ea0f0f6b96a4046806c655f9b8358de7576a57624a7574_arm64"
},
"product_reference": "openshift-logging/eventrouter-rhel8@sha256:62134203e3d02a92b4ea0f0f6b96a4046806c655f9b8358de7576a57624a7574_arm64",
"relates_to_product_reference": "8Base-RHOL-5.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/eventrouter-rhel8@sha256:9a9fc94b921453a383a8e2503bb8ff4e1d5290a541d5819ea15b263f10589357_amd64 as a component of RHOL 5.7 for RHEL 8",
"product_id": "8Base-RHOL-5.7:openshift-logging/eventrouter-rhel8@sha256:9a9fc94b921453a383a8e2503bb8ff4e1d5290a541d5819ea15b263f10589357_amd64"
},
"product_reference": "openshift-logging/eventrouter-rhel8@sha256:9a9fc94b921453a383a8e2503bb8ff4e1d5290a541d5819ea15b263f10589357_amd64",
"relates_to_product_reference": "8Base-RHOL-5.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/eventrouter-rhel8@sha256:f8ff9fda083e55a5113ba614c739d83d52ee3115429075d0eb03fea2e9d5d711_ppc64le as a component of RHOL 5.7 for RHEL 8",
"product_id": "8Base-RHOL-5.7:openshift-logging/eventrouter-rhel8@sha256:f8ff9fda083e55a5113ba614c739d83d52ee3115429075d0eb03fea2e9d5d711_ppc64le"
},
"product_reference": "openshift-logging/eventrouter-rhel8@sha256:f8ff9fda083e55a5113ba614c739d83d52ee3115429075d0eb03fea2e9d5d711_ppc64le",
"relates_to_product_reference": "8Base-RHOL-5.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/fluentd-rhel8@sha256:3d3d4d46d57443ea5aea72a711126ff46b217129f089864f027b1ed2b45e393c_amd64 as a component of RHOL 5.7 for RHEL 8",
"product_id": "8Base-RHOL-5.7:openshift-logging/fluentd-rhel8@sha256:3d3d4d46d57443ea5aea72a711126ff46b217129f089864f027b1ed2b45e393c_amd64"
},
"product_reference": "openshift-logging/fluentd-rhel8@sha256:3d3d4d46d57443ea5aea72a711126ff46b217129f089864f027b1ed2b45e393c_amd64",
"relates_to_product_reference": "8Base-RHOL-5.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/fluentd-rhel8@sha256:5dd0468121013d75c3c5b5def726b6d71f66d2086defad6cc1d54015f057f956_ppc64le as a component of RHOL 5.7 for RHEL 8",
"product_id": "8Base-RHOL-5.7:openshift-logging/fluentd-rhel8@sha256:5dd0468121013d75c3c5b5def726b6d71f66d2086defad6cc1d54015f057f956_ppc64le"
},
"product_reference": "openshift-logging/fluentd-rhel8@sha256:5dd0468121013d75c3c5b5def726b6d71f66d2086defad6cc1d54015f057f956_ppc64le",
"relates_to_product_reference": "8Base-RHOL-5.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/fluentd-rhel8@sha256:9e35721ad22c9c67e6bd49f7978c495d72743ad43c21425cb97a57b5f6d03653_s390x as a component of RHOL 5.7 for RHEL 8",
"product_id": "8Base-RHOL-5.7:openshift-logging/fluentd-rhel8@sha256:9e35721ad22c9c67e6bd49f7978c495d72743ad43c21425cb97a57b5f6d03653_s390x"
},
"product_reference": "openshift-logging/fluentd-rhel8@sha256:9e35721ad22c9c67e6bd49f7978c495d72743ad43c21425cb97a57b5f6d03653_s390x",
"relates_to_product_reference": "8Base-RHOL-5.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/fluentd-rhel8@sha256:c082515ff5bcaaf305b24d24b488b2d91627894872b2f2074f7bfa64e0baf313_arm64 as a component of RHOL 5.7 for RHEL 8",
"product_id": "8Base-RHOL-5.7:openshift-logging/fluentd-rhel8@sha256:c082515ff5bcaaf305b24d24b488b2d91627894872b2f2074f7bfa64e0baf313_arm64"
},
"product_reference": "openshift-logging/fluentd-rhel8@sha256:c082515ff5bcaaf305b24d24b488b2d91627894872b2f2074f7bfa64e0baf313_arm64",
"relates_to_product_reference": "8Base-RHOL-5.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/kibana6-rhel8@sha256:77a3146e462f9291ea13d13fea97c74b2d59fe84f3dbfc33aafc08837fe5baba_arm64 as a component of RHOL 5.7 for RHEL 8",
"product_id": "8Base-RHOL-5.7:openshift-logging/kibana6-rhel8@sha256:77a3146e462f9291ea13d13fea97c74b2d59fe84f3dbfc33aafc08837fe5baba_arm64"
},
"product_reference": "openshift-logging/kibana6-rhel8@sha256:77a3146e462f9291ea13d13fea97c74b2d59fe84f3dbfc33aafc08837fe5baba_arm64",
"relates_to_product_reference": "8Base-RHOL-5.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/kibana6-rhel8@sha256:be0b14bae5a4e42bb760ef93676153d2e9d0eaa72075b745df29ab519223a226_s390x as a component of RHOL 5.7 for RHEL 8",
"product_id": "8Base-RHOL-5.7:openshift-logging/kibana6-rhel8@sha256:be0b14bae5a4e42bb760ef93676153d2e9d0eaa72075b745df29ab519223a226_s390x"
},
"product_reference": "openshift-logging/kibana6-rhel8@sha256:be0b14bae5a4e42bb760ef93676153d2e9d0eaa72075b745df29ab519223a226_s390x",
"relates_to_product_reference": "8Base-RHOL-5.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/kibana6-rhel8@sha256:c8dff12b758f72cb6096c83a9b0e4918efab24e41c60e3dd1db91b561a204a9f_ppc64le as a component of RHOL 5.7 for RHEL 8",
"product_id": "8Base-RHOL-5.7:openshift-logging/kibana6-rhel8@sha256:c8dff12b758f72cb6096c83a9b0e4918efab24e41c60e3dd1db91b561a204a9f_ppc64le"
},
"product_reference": "openshift-logging/kibana6-rhel8@sha256:c8dff12b758f72cb6096c83a9b0e4918efab24e41c60e3dd1db91b561a204a9f_ppc64le",
"relates_to_product_reference": "8Base-RHOL-5.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/kibana6-rhel8@sha256:fc848aa0f5d0bd6c39b6d3056c21ae82839bcd627bd06312d7243b4e830d8aa2_amd64 as a component of RHOL 5.7 for RHEL 8",
"product_id": "8Base-RHOL-5.7:openshift-logging/kibana6-rhel8@sha256:fc848aa0f5d0bd6c39b6d3056c21ae82839bcd627bd06312d7243b4e830d8aa2_amd64"
},
"product_reference": "openshift-logging/kibana6-rhel8@sha256:fc848aa0f5d0bd6c39b6d3056c21ae82839bcd627bd06312d7243b4e830d8aa2_amd64",
"relates_to_product_reference": "8Base-RHOL-5.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/log-file-metric-exporter-rhel8@sha256:92ff40e217abff467a201e45ebb11330d5352a29d7be3703048a865c7a7aa603_arm64 as a component of RHOL 5.7 for RHEL 8",
"product_id": "8Base-RHOL-5.7:openshift-logging/log-file-metric-exporter-rhel8@sha256:92ff40e217abff467a201e45ebb11330d5352a29d7be3703048a865c7a7aa603_arm64"
},
"product_reference": "openshift-logging/log-file-metric-exporter-rhel8@sha256:92ff40e217abff467a201e45ebb11330d5352a29d7be3703048a865c7a7aa603_arm64",
"relates_to_product_reference": "8Base-RHOL-5.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/log-file-metric-exporter-rhel8@sha256:ad3988a61bd088e3303a28fa823b5a6377d823de2ab12e0b3e490c082077f7b5_amd64 as a component of RHOL 5.7 for RHEL 8",
"product_id": "8Base-RHOL-5.7:openshift-logging/log-file-metric-exporter-rhel8@sha256:ad3988a61bd088e3303a28fa823b5a6377d823de2ab12e0b3e490c082077f7b5_amd64"
},
"product_reference": "openshift-logging/log-file-metric-exporter-rhel8@sha256:ad3988a61bd088e3303a28fa823b5a6377d823de2ab12e0b3e490c082077f7b5_amd64",
"relates_to_product_reference": "8Base-RHOL-5.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/log-file-metric-exporter-rhel8@sha256:cf228007b8ef6af94bee09d300d4c9917162041b08a91b0556e4083976050b5f_s390x as a component of RHOL 5.7 for RHEL 8",
"product_id": "8Base-RHOL-5.7:openshift-logging/log-file-metric-exporter-rhel8@sha256:cf228007b8ef6af94bee09d300d4c9917162041b08a91b0556e4083976050b5f_s390x"
},
"product_reference": "openshift-logging/log-file-metric-exporter-rhel8@sha256:cf228007b8ef6af94bee09d300d4c9917162041b08a91b0556e4083976050b5f_s390x",
"relates_to_product_reference": "8Base-RHOL-5.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/log-file-metric-exporter-rhel8@sha256:d5b2f702c19854620778f1a99c07e18c94ad2fd510b8484d2ac53c6ae8c0a8e2_ppc64le as a component of RHOL 5.7 for RHEL 8",
"product_id": "8Base-RHOL-5.7:openshift-logging/log-file-metric-exporter-rhel8@sha256:d5b2f702c19854620778f1a99c07e18c94ad2fd510b8484d2ac53c6ae8c0a8e2_ppc64le"
},
"product_reference": "openshift-logging/log-file-metric-exporter-rhel8@sha256:d5b2f702c19854620778f1a99c07e18c94ad2fd510b8484d2ac53c6ae8c0a8e2_ppc64le",
"relates_to_product_reference": "8Base-RHOL-5.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/logging-curator5-rhel8@sha256:12c1aafdb570d4a58c89d12d50dc129ee6f1eeb2a67d3e05a2a23d96d7d17d9c_ppc64le as a component of RHOL 5.7 for RHEL 8",
"product_id": "8Base-RHOL-5.7:openshift-logging/logging-curator5-rhel8@sha256:12c1aafdb570d4a58c89d12d50dc129ee6f1eeb2a67d3e05a2a23d96d7d17d9c_ppc64le"
},
"product_reference": "openshift-logging/logging-curator5-rhel8@sha256:12c1aafdb570d4a58c89d12d50dc129ee6f1eeb2a67d3e05a2a23d96d7d17d9c_ppc64le",
"relates_to_product_reference": "8Base-RHOL-5.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/logging-curator5-rhel8@sha256:5c0cf908612a36333722f5fed31e266a398db32739dd2e4f074428877b363c85_s390x as a component of RHOL 5.7 for RHEL 8",
"product_id": "8Base-RHOL-5.7:openshift-logging/logging-curator5-rhel8@sha256:5c0cf908612a36333722f5fed31e266a398db32739dd2e4f074428877b363c85_s390x"
},
"product_reference": "openshift-logging/logging-curator5-rhel8@sha256:5c0cf908612a36333722f5fed31e266a398db32739dd2e4f074428877b363c85_s390x",
"relates_to_product_reference": "8Base-RHOL-5.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/logging-curator5-rhel8@sha256:d3df7e62f2b1893b4f4879b91531b92652547aa4453fd1bfdc9558ff5a720a84_arm64 as a component of RHOL 5.7 for RHEL 8",
"product_id": "8Base-RHOL-5.7:openshift-logging/logging-curator5-rhel8@sha256:d3df7e62f2b1893b4f4879b91531b92652547aa4453fd1bfdc9558ff5a720a84_arm64"
},
"product_reference": "openshift-logging/logging-curator5-rhel8@sha256:d3df7e62f2b1893b4f4879b91531b92652547aa4453fd1bfdc9558ff5a720a84_arm64",
"relates_to_product_reference": "8Base-RHOL-5.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/logging-curator5-rhel8@sha256:d65d8fba95e2313eb97a925c2d4f2a76d3616626c492803d19dcc3548753ecfa_amd64 as a component of RHOL 5.7 for RHEL 8",
"product_id": "8Base-RHOL-5.7:openshift-logging/logging-curator5-rhel8@sha256:d65d8fba95e2313eb97a925c2d4f2a76d3616626c492803d19dcc3548753ecfa_amd64"
},
"product_reference": "openshift-logging/logging-curator5-rhel8@sha256:d65d8fba95e2313eb97a925c2d4f2a76d3616626c492803d19dcc3548753ecfa_amd64",
"relates_to_product_reference": "8Base-RHOL-5.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/logging-loki-rhel8@sha256:16c8e2bf0d537e9a787f2250203f9deae1b5f0f0b28e0520ddf6bf9b9c2e04d7_arm64 as a component of RHOL 5.7 for RHEL 8",
"product_id": "8Base-RHOL-5.7:openshift-logging/logging-loki-rhel8@sha256:16c8e2bf0d537e9a787f2250203f9deae1b5f0f0b28e0520ddf6bf9b9c2e04d7_arm64"
},
"product_reference": "openshift-logging/logging-loki-rhel8@sha256:16c8e2bf0d537e9a787f2250203f9deae1b5f0f0b28e0520ddf6bf9b9c2e04d7_arm64",
"relates_to_product_reference": "8Base-RHOL-5.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/logging-loki-rhel8@sha256:63fffa75040e8322e895f230431f2cee966909d4afc2fef28f694f154c0cf888_amd64 as a component of RHOL 5.7 for RHEL 8",
"product_id": "8Base-RHOL-5.7:openshift-logging/logging-loki-rhel8@sha256:63fffa75040e8322e895f230431f2cee966909d4afc2fef28f694f154c0cf888_amd64"
},
"product_reference": "openshift-logging/logging-loki-rhel8@sha256:63fffa75040e8322e895f230431f2cee966909d4afc2fef28f694f154c0cf888_amd64",
"relates_to_product_reference": "8Base-RHOL-5.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/logging-loki-rhel8@sha256:8b3fdd7f5b498336eff6881c742c59a2f6acdaaaf0ed80141d66170c19e6dfa7_ppc64le as a component of RHOL 5.7 for RHEL 8",
"product_id": "8Base-RHOL-5.7:openshift-logging/logging-loki-rhel8@sha256:8b3fdd7f5b498336eff6881c742c59a2f6acdaaaf0ed80141d66170c19e6dfa7_ppc64le"
},
"product_reference": "openshift-logging/logging-loki-rhel8@sha256:8b3fdd7f5b498336eff6881c742c59a2f6acdaaaf0ed80141d66170c19e6dfa7_ppc64le",
"relates_to_product_reference": "8Base-RHOL-5.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/logging-loki-rhel8@sha256:fcb11d3e6cc848ca774d353117c6a5c4770d455f8a64bce1223296d0afc298ef_s390x as a component of RHOL 5.7 for RHEL 8",
"product_id": "8Base-RHOL-5.7:openshift-logging/logging-loki-rhel8@sha256:fcb11d3e6cc848ca774d353117c6a5c4770d455f8a64bce1223296d0afc298ef_s390x"
},
"product_reference": "openshift-logging/logging-loki-rhel8@sha256:fcb11d3e6cc848ca774d353117c6a5c4770d455f8a64bce1223296d0afc298ef_s390x",
"relates_to_product_reference": "8Base-RHOL-5.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/logging-view-plugin-rhel8@sha256:29aaf15b222d1204253f4f82f3e17015a3fe77b3106580628442316bc2b2d26e_s390x as a component of RHOL 5.7 for RHEL 8",
"product_id": "8Base-RHOL-5.7:openshift-logging/logging-view-plugin-rhel8@sha256:29aaf15b222d1204253f4f82f3e17015a3fe77b3106580628442316bc2b2d26e_s390x"
},
"product_reference": "openshift-logging/logging-view-plugin-rhel8@sha256:29aaf15b222d1204253f4f82f3e17015a3fe77b3106580628442316bc2b2d26e_s390x",
"relates_to_product_reference": "8Base-RHOL-5.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/logging-view-plugin-rhel8@sha256:50742d41afd16c553729523d8e5e5a6640a2bb9d2d01eb4d18051456bdb422f7_arm64 as a component of RHOL 5.7 for RHEL 8",
"product_id": "8Base-RHOL-5.7:openshift-logging/logging-view-plugin-rhel8@sha256:50742d41afd16c553729523d8e5e5a6640a2bb9d2d01eb4d18051456bdb422f7_arm64"
},
"product_reference": "openshift-logging/logging-view-plugin-rhel8@sha256:50742d41afd16c553729523d8e5e5a6640a2bb9d2d01eb4d18051456bdb422f7_arm64",
"relates_to_product_reference": "8Base-RHOL-5.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/logging-view-plugin-rhel8@sha256:cf64b884e6198327d0ed02a86971cd777a12591a3a6ad677703268d22f510bdd_amd64 as a component of RHOL 5.7 for RHEL 8",
"product_id": "8Base-RHOL-5.7:openshift-logging/logging-view-plugin-rhel8@sha256:cf64b884e6198327d0ed02a86971cd777a12591a3a6ad677703268d22f510bdd_amd64"
},
"product_reference": "openshift-logging/logging-view-plugin-rhel8@sha256:cf64b884e6198327d0ed02a86971cd777a12591a3a6ad677703268d22f510bdd_amd64",
"relates_to_product_reference": "8Base-RHOL-5.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/logging-view-plugin-rhel8@sha256:ef63d4524f60a38ec8b4ec306f94ac865397d2f1616cdad7ed11722c49b9565e_ppc64le as a component of RHOL 5.7 for RHEL 8",
"product_id": "8Base-RHOL-5.7:openshift-logging/logging-view-plugin-rhel8@sha256:ef63d4524f60a38ec8b4ec306f94ac865397d2f1616cdad7ed11722c49b9565e_ppc64le"
},
"product_reference": "openshift-logging/logging-view-plugin-rhel8@sha256:ef63d4524f60a38ec8b4ec306f94ac865397d2f1616cdad7ed11722c49b9565e_ppc64le",
"relates_to_product_reference": "8Base-RHOL-5.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/loki-operator-bundle@sha256:5667ef8d640391c34ac20562b91a1f723005673d96e54a6ba1d178fa2fa73a32_amd64 as a component of RHOL 5.7 for RHEL 8",
"product_id": "8Base-RHOL-5.7:openshift-logging/loki-operator-bundle@sha256:5667ef8d640391c34ac20562b91a1f723005673d96e54a6ba1d178fa2fa73a32_amd64"
},
"product_reference": "openshift-logging/loki-operator-bundle@sha256:5667ef8d640391c34ac20562b91a1f723005673d96e54a6ba1d178fa2fa73a32_amd64",
"relates_to_product_reference": "8Base-RHOL-5.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/loki-rhel8-operator@sha256:0f762d2a6e7e98b8d1a35df4a3d81677507dd2aea8a7c413aaa268bef2fbbe56_arm64 as a component of RHOL 5.7 for RHEL 8",
"product_id": "8Base-RHOL-5.7:openshift-logging/loki-rhel8-operator@sha256:0f762d2a6e7e98b8d1a35df4a3d81677507dd2aea8a7c413aaa268bef2fbbe56_arm64"
},
"product_reference": "openshift-logging/loki-rhel8-operator@sha256:0f762d2a6e7e98b8d1a35df4a3d81677507dd2aea8a7c413aaa268bef2fbbe56_arm64",
"relates_to_product_reference": "8Base-RHOL-5.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/loki-rhel8-operator@sha256:1861142f6d9581e572d3086037d5b8264906579df63e7b3ae91f70a3068842f8_amd64 as a component of RHOL 5.7 for RHEL 8",
"product_id": "8Base-RHOL-5.7:openshift-logging/loki-rhel8-operator@sha256:1861142f6d9581e572d3086037d5b8264906579df63e7b3ae91f70a3068842f8_amd64"
},
"product_reference": "openshift-logging/loki-rhel8-operator@sha256:1861142f6d9581e572d3086037d5b8264906579df63e7b3ae91f70a3068842f8_amd64",
"relates_to_product_reference": "8Base-RHOL-5.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/loki-rhel8-operator@sha256:214c8f4d86ff90cfddafa93dc1c3d5b3304bbfa35d3aec0b5aff30265f988f16_ppc64le as a component of RHOL 5.7 for RHEL 8",
"product_id": "8Base-RHOL-5.7:openshift-logging/loki-rhel8-operator@sha256:214c8f4d86ff90cfddafa93dc1c3d5b3304bbfa35d3aec0b5aff30265f988f16_ppc64le"
},
"product_reference": "openshift-logging/loki-rhel8-operator@sha256:214c8f4d86ff90cfddafa93dc1c3d5b3304bbfa35d3aec0b5aff30265f988f16_ppc64le",
"relates_to_product_reference": "8Base-RHOL-5.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/loki-rhel8-operator@sha256:62a71fd5ea0d3c6c26f06a56795ecca801f1a0ab570f08dfc44bd9b534775e58_s390x as a component of RHOL 5.7 for RHEL 8",
"product_id": "8Base-RHOL-5.7:openshift-logging/loki-rhel8-operator@sha256:62a71fd5ea0d3c6c26f06a56795ecca801f1a0ab570f08dfc44bd9b534775e58_s390x"
},
"product_reference": "openshift-logging/loki-rhel8-operator@sha256:62a71fd5ea0d3c6c26f06a56795ecca801f1a0ab570f08dfc44bd9b534775e58_s390x",
"relates_to_product_reference": "8Base-RHOL-5.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/lokistack-gateway-rhel8@sha256:0d9c0ccdf55842f06ed98efecba60e6614f764bb7e1dbe5861971e8ba8c80404_ppc64le as a component of RHOL 5.7 for RHEL 8",
"product_id": "8Base-RHOL-5.7:openshift-logging/lokistack-gateway-rhel8@sha256:0d9c0ccdf55842f06ed98efecba60e6614f764bb7e1dbe5861971e8ba8c80404_ppc64le"
},
"product_reference": "openshift-logging/lokistack-gateway-rhel8@sha256:0d9c0ccdf55842f06ed98efecba60e6614f764bb7e1dbe5861971e8ba8c80404_ppc64le",
"relates_to_product_reference": "8Base-RHOL-5.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/lokistack-gateway-rhel8@sha256:59113b0585d5f2ad0e2c61220ec3ead6192e14868f6dd9c143af5d13e6235565_arm64 as a component of RHOL 5.7 for RHEL 8",
"product_id": "8Base-RHOL-5.7:openshift-logging/lokistack-gateway-rhel8@sha256:59113b0585d5f2ad0e2c61220ec3ead6192e14868f6dd9c143af5d13e6235565_arm64"
},
"product_reference": "openshift-logging/lokistack-gateway-rhel8@sha256:59113b0585d5f2ad0e2c61220ec3ead6192e14868f6dd9c143af5d13e6235565_arm64",
"relates_to_product_reference": "8Base-RHOL-5.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/lokistack-gateway-rhel8@sha256:9d5bc7af72f5ef08b1b01f9d34da16ed47a6e65dd632cf369c5848c5e89bfb10_amd64 as a component of RHOL 5.7 for RHEL 8",
"product_id": "8Base-RHOL-5.7:openshift-logging/lokistack-gateway-rhel8@sha256:9d5bc7af72f5ef08b1b01f9d34da16ed47a6e65dd632cf369c5848c5e89bfb10_amd64"
},
"product_reference": "openshift-logging/lokistack-gateway-rhel8@sha256:9d5bc7af72f5ef08b1b01f9d34da16ed47a6e65dd632cf369c5848c5e89bfb10_amd64",
"relates_to_product_reference": "8Base-RHOL-5.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/lokistack-gateway-rhel8@sha256:b46f89c08df34b8ad7f2af805be0e005d9dfdfd94a0fbee6f5820200752ae11e_s390x as a component of RHOL 5.7 for RHEL 8",
"product_id": "8Base-RHOL-5.7:openshift-logging/lokistack-gateway-rhel8@sha256:b46f89c08df34b8ad7f2af805be0e005d9dfdfd94a0fbee6f5820200752ae11e_s390x"
},
"product_reference": "openshift-logging/lokistack-gateway-rhel8@sha256:b46f89c08df34b8ad7f2af805be0e005d9dfdfd94a0fbee6f5820200752ae11e_s390x",
"relates_to_product_reference": "8Base-RHOL-5.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/opa-openshift-rhel8@sha256:456a76e7ef5687b45ade9360670c2e3793d38cbca5e132763850a7cfd0861811_arm64 as a component of RHOL 5.7 for RHEL 8",
"product_id": "8Base-RHOL-5.7:openshift-logging/opa-openshift-rhel8@sha256:456a76e7ef5687b45ade9360670c2e3793d38cbca5e132763850a7cfd0861811_arm64"
},
"product_reference": "openshift-logging/opa-openshift-rhel8@sha256:456a76e7ef5687b45ade9360670c2e3793d38cbca5e132763850a7cfd0861811_arm64",
"relates_to_product_reference": "8Base-RHOL-5.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/opa-openshift-rhel8@sha256:543213dd4f0132d51e5823f4bb9ee450b90e85c10bb817475f03404a430c7706_s390x as a component of RHOL 5.7 for RHEL 8",
"product_id": "8Base-RHOL-5.7:openshift-logging/opa-openshift-rhel8@sha256:543213dd4f0132d51e5823f4bb9ee450b90e85c10bb817475f03404a430c7706_s390x"
},
"product_reference": "openshift-logging/opa-openshift-rhel8@sha256:543213dd4f0132d51e5823f4bb9ee450b90e85c10bb817475f03404a430c7706_s390x",
"relates_to_product_reference": "8Base-RHOL-5.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/opa-openshift-rhel8@sha256:549c0984ba0cc9a54d01f44c2554da6574c16967c87e1a72e3f773802c76f63d_amd64 as a component of RHOL 5.7 for RHEL 8",
"product_id": "8Base-RHOL-5.7:openshift-logging/opa-openshift-rhel8@sha256:549c0984ba0cc9a54d01f44c2554da6574c16967c87e1a72e3f773802c76f63d_amd64"
},
"product_reference": "openshift-logging/opa-openshift-rhel8@sha256:549c0984ba0cc9a54d01f44c2554da6574c16967c87e1a72e3f773802c76f63d_amd64",
"relates_to_product_reference": "8Base-RHOL-5.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/opa-openshift-rhel8@sha256:9e5ca10fd6967fa319fcba97aed737c4bdbbad6fbe19e43bc86010e89132669f_ppc64le as a component of RHOL 5.7 for RHEL 8",
"product_id": "8Base-RHOL-5.7:openshift-logging/opa-openshift-rhel8@sha256:9e5ca10fd6967fa319fcba97aed737c4bdbbad6fbe19e43bc86010e89132669f_ppc64le"
},
"product_reference": "openshift-logging/opa-openshift-rhel8@sha256:9e5ca10fd6967fa319fcba97aed737c4bdbbad6fbe19e43bc86010e89132669f_ppc64le",
"relates_to_product_reference": "8Base-RHOL-5.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/vector-rhel8@sha256:30e6149c0c834f785066f790655e67d17cb71ed68aa79dd7e4f2b7e3b8db8aa3_arm64 as a component of RHOL 5.7 for RHEL 8",
"product_id": "8Base-RHOL-5.7:openshift-logging/vector-rhel8@sha256:30e6149c0c834f785066f790655e67d17cb71ed68aa79dd7e4f2b7e3b8db8aa3_arm64"
},
"product_reference": "openshift-logging/vector-rhel8@sha256:30e6149c0c834f785066f790655e67d17cb71ed68aa79dd7e4f2b7e3b8db8aa3_arm64",
"relates_to_product_reference": "8Base-RHOL-5.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/vector-rhel8@sha256:3c659bcf727aca2adff20087b41a5467cc52de825409df3468edb7e9c90fab41_s390x as a component of RHOL 5.7 for RHEL 8",
"product_id": "8Base-RHOL-5.7:openshift-logging/vector-rhel8@sha256:3c659bcf727aca2adff20087b41a5467cc52de825409df3468edb7e9c90fab41_s390x"
},
"product_reference": "openshift-logging/vector-rhel8@sha256:3c659bcf727aca2adff20087b41a5467cc52de825409df3468edb7e9c90fab41_s390x",
"relates_to_product_reference": "8Base-RHOL-5.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/vector-rhel8@sha256:7f3f463d22450c505c9a2ac6cca844b2d8a6124379e10beeab2ec8381dad913e_ppc64le as a component of RHOL 5.7 for RHEL 8",
"product_id": "8Base-RHOL-5.7:openshift-logging/vector-rhel8@sha256:7f3f463d22450c505c9a2ac6cca844b2d8a6124379e10beeab2ec8381dad913e_ppc64le"
},
"product_reference": "openshift-logging/vector-rhel8@sha256:7f3f463d22450c505c9a2ac6cca844b2d8a6124379e10beeab2ec8381dad913e_ppc64le",
"relates_to_product_reference": "8Base-RHOL-5.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/vector-rhel8@sha256:b63c5ae18c8b759e5e093d92801563355d5b45b85c997a8c294096ef2596615d_amd64 as a component of RHOL 5.7 for RHEL 8",
"product_id": "8Base-RHOL-5.7:openshift-logging/vector-rhel8@sha256:b63c5ae18c8b759e5e093d92801563355d5b45b85c997a8c294096ef2596615d_amd64"
},
"product_reference": "openshift-logging/vector-rhel8@sha256:b63c5ae18c8b759e5e093d92801563355d5b45b85c997a8c294096ef2596615d_amd64",
"relates_to_product_reference": "8Base-RHOL-5.7"
}
]
},
"vulnerabilities": [
{
"acknowledgments": [
{
"names": [
"Philippe Antoine"
],
"organization": "Catena Cyber"
}
],
"cve": "CVE-2022-41723",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2023-03-14T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHOL-5.7:openshift-logging/cluster-logging-operator-bundle@sha256:67922a4fa417673d97eca28344c77ba81d4f77cb1b86e1ca532b41a82b6f6520_amd64",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-operator-bundle@sha256:f56e69a40c6f51da46fbaf3fd170f84e20a45bac6c77b3b6d16130ae7be62394_amd64",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-proxy-rhel8@sha256:0abd84da4fd5bf4f2657c0a7ba2f8fd8b878c15121fccbe8fb5f461b2ea5a9b3_ppc64le",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-proxy-rhel8@sha256:160985f4c009f8cce7b36c1142756f25ff2413937da194facc6bc85cb0863551_s390x",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-proxy-rhel8@sha256:22a97db8a595aaa758027b30c7fd2cf3ea0ae6c4d0b70766f8124d8eb17b58c9_arm64",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-proxy-rhel8@sha256:38404132fe318e05f607c0e0ffb78baa25bb9477f53f40436b0cc50d21dd52bb_amd64",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-rhel8-operator@sha256:5aaa60e772fd3f47d7b12d12c2eb55176803175656f834c48ed5003bf6c80600_ppc64le",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-rhel8-operator@sha256:61c30851d3d9f544c37c7616ec8a4ba34b7b37f3555960d0c8fa2be78f44947f_amd64",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-rhel8-operator@sha256:ab54ef61832141f7675d3dc8d59edf99c3cdd1125c74e222492949c180964452_arm64",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-rhel8-operator@sha256:fa36283092c27cd60761703d1eee07b92358dfe1157273b51b37b583a6060b35_s390x",
"8Base-RHOL-5.7:openshift-logging/elasticsearch6-rhel8@sha256:4685b2792af31c22d64220aaf7693e121826fdc2d8acd5be7bd0557995b8dea0_ppc64le",
"8Base-RHOL-5.7:openshift-logging/elasticsearch6-rhel8@sha256:611cef3b88e71c24f002e3a37de6883f54ca0e8eb9f8b60aff41ab2dcb249745_amd64",
"8Base-RHOL-5.7:openshift-logging/elasticsearch6-rhel8@sha256:9c28c1ef4a26ab31a9de8941b22705cea8e85918df5e9997cd07ede5bd04e512_arm64",
"8Base-RHOL-5.7:openshift-logging/elasticsearch6-rhel8@sha256:cc65e3adf0590cd58a073f351be36a2bc60ea1aa0183a0c9dcb9ae726830a078_s390x",
"8Base-RHOL-5.7:openshift-logging/fluentd-rhel8@sha256:3d3d4d46d57443ea5aea72a711126ff46b217129f089864f027b1ed2b45e393c_amd64",
"8Base-RHOL-5.7:openshift-logging/fluentd-rhel8@sha256:5dd0468121013d75c3c5b5def726b6d71f66d2086defad6cc1d54015f057f956_ppc64le",
"8Base-RHOL-5.7:openshift-logging/fluentd-rhel8@sha256:9e35721ad22c9c67e6bd49f7978c495d72743ad43c21425cb97a57b5f6d03653_s390x",
"8Base-RHOL-5.7:openshift-logging/fluentd-rhel8@sha256:c082515ff5bcaaf305b24d24b488b2d91627894872b2f2074f7bfa64e0baf313_arm64",
"8Base-RHOL-5.7:openshift-logging/kibana6-rhel8@sha256:77a3146e462f9291ea13d13fea97c74b2d59fe84f3dbfc33aafc08837fe5baba_arm64",
"8Base-RHOL-5.7:openshift-logging/kibana6-rhel8@sha256:be0b14bae5a4e42bb760ef93676153d2e9d0eaa72075b745df29ab519223a226_s390x",
"8Base-RHOL-5.7:openshift-logging/kibana6-rhel8@sha256:c8dff12b758f72cb6096c83a9b0e4918efab24e41c60e3dd1db91b561a204a9f_ppc64le",
"8Base-RHOL-5.7:openshift-logging/kibana6-rhel8@sha256:fc848aa0f5d0bd6c39b6d3056c21ae82839bcd627bd06312d7243b4e830d8aa2_amd64",
"8Base-RHOL-5.7:openshift-logging/log-file-metric-exporter-rhel8@sha256:92ff40e217abff467a201e45ebb11330d5352a29d7be3703048a865c7a7aa603_arm64",
"8Base-RHOL-5.7:openshift-logging/log-file-metric-exporter-rhel8@sha256:ad3988a61bd088e3303a28fa823b5a6377d823de2ab12e0b3e490c082077f7b5_amd64",
"8Base-RHOL-5.7:openshift-logging/log-file-metric-exporter-rhel8@sha256:cf228007b8ef6af94bee09d300d4c9917162041b08a91b0556e4083976050b5f_s390x",
"8Base-RHOL-5.7:openshift-logging/log-file-metric-exporter-rhel8@sha256:d5b2f702c19854620778f1a99c07e18c94ad2fd510b8484d2ac53c6ae8c0a8e2_ppc64le",
"8Base-RHOL-5.7:openshift-logging/logging-curator5-rhel8@sha256:12c1aafdb570d4a58c89d12d50dc129ee6f1eeb2a67d3e05a2a23d96d7d17d9c_ppc64le",
"8Base-RHOL-5.7:openshift-logging/logging-curator5-rhel8@sha256:5c0cf908612a36333722f5fed31e266a398db32739dd2e4f074428877b363c85_s390x",
"8Base-RHOL-5.7:openshift-logging/logging-curator5-rhel8@sha256:d3df7e62f2b1893b4f4879b91531b92652547aa4453fd1bfdc9558ff5a720a84_arm64",
"8Base-RHOL-5.7:openshift-logging/logging-curator5-rhel8@sha256:d65d8fba95e2313eb97a925c2d4f2a76d3616626c492803d19dcc3548753ecfa_amd64",
"8Base-RHOL-5.7:openshift-logging/logging-loki-rhel8@sha256:16c8e2bf0d537e9a787f2250203f9deae1b5f0f0b28e0520ddf6bf9b9c2e04d7_arm64",
"8Base-RHOL-5.7:openshift-logging/logging-loki-rhel8@sha256:63fffa75040e8322e895f230431f2cee966909d4afc2fef28f694f154c0cf888_amd64",
"8Base-RHOL-5.7:openshift-logging/logging-loki-rhel8@sha256:8b3fdd7f5b498336eff6881c742c59a2f6acdaaaf0ed80141d66170c19e6dfa7_ppc64le",
"8Base-RHOL-5.7:openshift-logging/logging-loki-rhel8@sha256:fcb11d3e6cc848ca774d353117c6a5c4770d455f8a64bce1223296d0afc298ef_s390x",
"8Base-RHOL-5.7:openshift-logging/logging-view-plugin-rhel8@sha256:29aaf15b222d1204253f4f82f3e17015a3fe77b3106580628442316bc2b2d26e_s390x",
"8Base-RHOL-5.7:openshift-logging/logging-view-plugin-rhel8@sha256:50742d41afd16c553729523d8e5e5a6640a2bb9d2d01eb4d18051456bdb422f7_arm64",
"8Base-RHOL-5.7:openshift-logging/logging-view-plugin-rhel8@sha256:cf64b884e6198327d0ed02a86971cd777a12591a3a6ad677703268d22f510bdd_amd64",
"8Base-RHOL-5.7:openshift-logging/logging-view-plugin-rhel8@sha256:ef63d4524f60a38ec8b4ec306f94ac865397d2f1616cdad7ed11722c49b9565e_ppc64le",
"8Base-RHOL-5.7:openshift-logging/loki-operator-bundle@sha256:5667ef8d640391c34ac20562b91a1f723005673d96e54a6ba1d178fa2fa73a32_amd64",
"8Base-RHOL-5.7:openshift-logging/loki-rhel8-operator@sha256:0f762d2a6e7e98b8d1a35df4a3d81677507dd2aea8a7c413aaa268bef2fbbe56_arm64",
"8Base-RHOL-5.7:openshift-logging/loki-rhel8-operator@sha256:1861142f6d9581e572d3086037d5b8264906579df63e7b3ae91f70a3068842f8_amd64",
"8Base-RHOL-5.7:openshift-logging/loki-rhel8-operator@sha256:214c8f4d86ff90cfddafa93dc1c3d5b3304bbfa35d3aec0b5aff30265f988f16_ppc64le",
"8Base-RHOL-5.7:openshift-logging/loki-rhel8-operator@sha256:62a71fd5ea0d3c6c26f06a56795ecca801f1a0ab570f08dfc44bd9b534775e58_s390x",
"8Base-RHOL-5.7:openshift-logging/lokistack-gateway-rhel8@sha256:0d9c0ccdf55842f06ed98efecba60e6614f764bb7e1dbe5861971e8ba8c80404_ppc64le",
"8Base-RHOL-5.7:openshift-logging/lokistack-gateway-rhel8@sha256:59113b0585d5f2ad0e2c61220ec3ead6192e14868f6dd9c143af5d13e6235565_arm64",
"8Base-RHOL-5.7:openshift-logging/lokistack-gateway-rhel8@sha256:9d5bc7af72f5ef08b1b01f9d34da16ed47a6e65dd632cf369c5848c5e89bfb10_amd64",
"8Base-RHOL-5.7:openshift-logging/lokistack-gateway-rhel8@sha256:b46f89c08df34b8ad7f2af805be0e005d9dfdfd94a0fbee6f5820200752ae11e_s390x",
"8Base-RHOL-5.7:openshift-logging/opa-openshift-rhel8@sha256:456a76e7ef5687b45ade9360670c2e3793d38cbca5e132763850a7cfd0861811_arm64",
"8Base-RHOL-5.7:openshift-logging/opa-openshift-rhel8@sha256:543213dd4f0132d51e5823f4bb9ee450b90e85c10bb817475f03404a430c7706_s390x",
"8Base-RHOL-5.7:openshift-logging/opa-openshift-rhel8@sha256:549c0984ba0cc9a54d01f44c2554da6574c16967c87e1a72e3f773802c76f63d_amd64",
"8Base-RHOL-5.7:openshift-logging/opa-openshift-rhel8@sha256:9e5ca10fd6967fa319fcba97aed737c4bdbbad6fbe19e43bc86010e89132669f_ppc64le",
"8Base-RHOL-5.7:openshift-logging/vector-rhel8@sha256:30e6149c0c834f785066f790655e67d17cb71ed68aa79dd7e4f2b7e3b8db8aa3_arm64",
"8Base-RHOL-5.7:openshift-logging/vector-rhel8@sha256:3c659bcf727aca2adff20087b41a5467cc52de825409df3468edb7e9c90fab41_s390x",
"8Base-RHOL-5.7:openshift-logging/vector-rhel8@sha256:7f3f463d22450c505c9a2ac6cca844b2d8a6124379e10beeab2ec8381dad913e_ppc64le",
"8Base-RHOL-5.7:openshift-logging/vector-rhel8@sha256:b63c5ae18c8b759e5e093d92801563355d5b45b85c997a8c294096ef2596615d_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2178358"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in golang. A maliciously crafted HTTP/2 stream could cause excessive CPU consumption in the HPACK decoder, sufficient to cause a denial of service from a small number of requests.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang.org/x/net/http2: avoid quadratic complexity in HPACK decoding",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Within OpenShift Container Platform, the maximum impact of this vulnerability is a denial of service against an individual container so the impact could not cascade across the entire infrastructure, this vulnerability is rated Moderate impact.\n\nWithin regulated environments, a combination of the following controls acts as a significant barrier to successfully exploiting a CWE-400: Uncontrolled Resource Consumption vulnerability and therefore downgrades the severity of this particular CVE from Moderate to Low.\n\nRed Hat restricts access to all platform information by default, granting access only after successful hard token-based multi-factor authentication (MFA) and enforcing least privilege to ensure only authorized roles can execute or modify code. The environment employs malicious code protections, including IDS/IPS and antimalware tools to detect threats and monitor resource usage, helping prevent uncontrolled consumption that could lead to system failure. Additional safeguards, such as web application firewalls and load-balancing strategies, protect against resource exhaustion and performance degradation. Event logs are centrally collected, correlated, and analyzed to support monitoring, alerting, and retention, aiding in the detection of abnormal behavior and potential denial-of-service (DoS) conditions. Static code analysis and peer reviews enforce strong input validation and error handling, reducing the likelihood of input-based DoS attacks.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOL-5.7:openshift-logging/cluster-logging-rhel8-operator@sha256:60f75c6ae180291f7e8eae0dd9999f0c17a74863b20d23f45a675cb427cabcf8_s390x",
"8Base-RHOL-5.7:openshift-logging/cluster-logging-rhel8-operator@sha256:8619dafc0e4d978c2eb63e0dbb0389114bbf93c692dc1477ed776c40e589c677_arm64",
"8Base-RHOL-5.7:openshift-logging/cluster-logging-rhel8-operator@sha256:ae56b7bb5f88e54739e103c16b57eb776661c8942d0d58dae683f33dc839191a_ppc64le",
"8Base-RHOL-5.7:openshift-logging/cluster-logging-rhel8-operator@sha256:c127a5211070607bc6daaa404fb221a91134ee18261691041448fb18203e711b_amd64",
"8Base-RHOL-5.7:openshift-logging/eventrouter-rhel8@sha256:05c5123b3c5757f6239327c7ee96d2ce9fecbeef1dc39feade38d9417941122d_s390x",
"8Base-RHOL-5.7:openshift-logging/eventrouter-rhel8@sha256:62134203e3d02a92b4ea0f0f6b96a4046806c655f9b8358de7576a57624a7574_arm64",
"8Base-RHOL-5.7:openshift-logging/eventrouter-rhel8@sha256:9a9fc94b921453a383a8e2503bb8ff4e1d5290a541d5819ea15b263f10589357_amd64",
"8Base-RHOL-5.7:openshift-logging/eventrouter-rhel8@sha256:f8ff9fda083e55a5113ba614c739d83d52ee3115429075d0eb03fea2e9d5d711_ppc64le"
],
"known_not_affected": [
"8Base-RHOL-5.7:openshift-logging/cluster-logging-operator-bundle@sha256:67922a4fa417673d97eca28344c77ba81d4f77cb1b86e1ca532b41a82b6f6520_amd64",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-operator-bundle@sha256:f56e69a40c6f51da46fbaf3fd170f84e20a45bac6c77b3b6d16130ae7be62394_amd64",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-proxy-rhel8@sha256:0abd84da4fd5bf4f2657c0a7ba2f8fd8b878c15121fccbe8fb5f461b2ea5a9b3_ppc64le",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-proxy-rhel8@sha256:160985f4c009f8cce7b36c1142756f25ff2413937da194facc6bc85cb0863551_s390x",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-proxy-rhel8@sha256:22a97db8a595aaa758027b30c7fd2cf3ea0ae6c4d0b70766f8124d8eb17b58c9_arm64",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-proxy-rhel8@sha256:38404132fe318e05f607c0e0ffb78baa25bb9477f53f40436b0cc50d21dd52bb_amd64",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-rhel8-operator@sha256:5aaa60e772fd3f47d7b12d12c2eb55176803175656f834c48ed5003bf6c80600_ppc64le",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-rhel8-operator@sha256:61c30851d3d9f544c37c7616ec8a4ba34b7b37f3555960d0c8fa2be78f44947f_amd64",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-rhel8-operator@sha256:ab54ef61832141f7675d3dc8d59edf99c3cdd1125c74e222492949c180964452_arm64",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-rhel8-operator@sha256:fa36283092c27cd60761703d1eee07b92358dfe1157273b51b37b583a6060b35_s390x",
"8Base-RHOL-5.7:openshift-logging/elasticsearch6-rhel8@sha256:4685b2792af31c22d64220aaf7693e121826fdc2d8acd5be7bd0557995b8dea0_ppc64le",
"8Base-RHOL-5.7:openshift-logging/elasticsearch6-rhel8@sha256:611cef3b88e71c24f002e3a37de6883f54ca0e8eb9f8b60aff41ab2dcb249745_amd64",
"8Base-RHOL-5.7:openshift-logging/elasticsearch6-rhel8@sha256:9c28c1ef4a26ab31a9de8941b22705cea8e85918df5e9997cd07ede5bd04e512_arm64",
"8Base-RHOL-5.7:openshift-logging/elasticsearch6-rhel8@sha256:cc65e3adf0590cd58a073f351be36a2bc60ea1aa0183a0c9dcb9ae726830a078_s390x",
"8Base-RHOL-5.7:openshift-logging/fluentd-rhel8@sha256:3d3d4d46d57443ea5aea72a711126ff46b217129f089864f027b1ed2b45e393c_amd64",
"8Base-RHOL-5.7:openshift-logging/fluentd-rhel8@sha256:5dd0468121013d75c3c5b5def726b6d71f66d2086defad6cc1d54015f057f956_ppc64le",
"8Base-RHOL-5.7:openshift-logging/fluentd-rhel8@sha256:9e35721ad22c9c67e6bd49f7978c495d72743ad43c21425cb97a57b5f6d03653_s390x",
"8Base-RHOL-5.7:openshift-logging/fluentd-rhel8@sha256:c082515ff5bcaaf305b24d24b488b2d91627894872b2f2074f7bfa64e0baf313_arm64",
"8Base-RHOL-5.7:openshift-logging/kibana6-rhel8@sha256:77a3146e462f9291ea13d13fea97c74b2d59fe84f3dbfc33aafc08837fe5baba_arm64",
"8Base-RHOL-5.7:openshift-logging/kibana6-rhel8@sha256:be0b14bae5a4e42bb760ef93676153d2e9d0eaa72075b745df29ab519223a226_s390x",
"8Base-RHOL-5.7:openshift-logging/kibana6-rhel8@sha256:c8dff12b758f72cb6096c83a9b0e4918efab24e41c60e3dd1db91b561a204a9f_ppc64le",
"8Base-RHOL-5.7:openshift-logging/kibana6-rhel8@sha256:fc848aa0f5d0bd6c39b6d3056c21ae82839bcd627bd06312d7243b4e830d8aa2_amd64",
"8Base-RHOL-5.7:openshift-logging/log-file-metric-exporter-rhel8@sha256:92ff40e217abff467a201e45ebb11330d5352a29d7be3703048a865c7a7aa603_arm64",
"8Base-RHOL-5.7:openshift-logging/log-file-metric-exporter-rhel8@sha256:ad3988a61bd088e3303a28fa823b5a6377d823de2ab12e0b3e490c082077f7b5_amd64",
"8Base-RHOL-5.7:openshift-logging/log-file-metric-exporter-rhel8@sha256:cf228007b8ef6af94bee09d300d4c9917162041b08a91b0556e4083976050b5f_s390x",
"8Base-RHOL-5.7:openshift-logging/log-file-metric-exporter-rhel8@sha256:d5b2f702c19854620778f1a99c07e18c94ad2fd510b8484d2ac53c6ae8c0a8e2_ppc64le",
"8Base-RHOL-5.7:openshift-logging/logging-curator5-rhel8@sha256:12c1aafdb570d4a58c89d12d50dc129ee6f1eeb2a67d3e05a2a23d96d7d17d9c_ppc64le",
"8Base-RHOL-5.7:openshift-logging/logging-curator5-rhel8@sha256:5c0cf908612a36333722f5fed31e266a398db32739dd2e4f074428877b363c85_s390x",
"8Base-RHOL-5.7:openshift-logging/logging-curator5-rhel8@sha256:d3df7e62f2b1893b4f4879b91531b92652547aa4453fd1bfdc9558ff5a720a84_arm64",
"8Base-RHOL-5.7:openshift-logging/logging-curator5-rhel8@sha256:d65d8fba95e2313eb97a925c2d4f2a76d3616626c492803d19dcc3548753ecfa_amd64",
"8Base-RHOL-5.7:openshift-logging/logging-loki-rhel8@sha256:16c8e2bf0d537e9a787f2250203f9deae1b5f0f0b28e0520ddf6bf9b9c2e04d7_arm64",
"8Base-RHOL-5.7:openshift-logging/logging-loki-rhel8@sha256:63fffa75040e8322e895f230431f2cee966909d4afc2fef28f694f154c0cf888_amd64",
"8Base-RHOL-5.7:openshift-logging/logging-loki-rhel8@sha256:8b3fdd7f5b498336eff6881c742c59a2f6acdaaaf0ed80141d66170c19e6dfa7_ppc64le",
"8Base-RHOL-5.7:openshift-logging/logging-loki-rhel8@sha256:fcb11d3e6cc848ca774d353117c6a5c4770d455f8a64bce1223296d0afc298ef_s390x",
"8Base-RHOL-5.7:openshift-logging/logging-view-plugin-rhel8@sha256:29aaf15b222d1204253f4f82f3e17015a3fe77b3106580628442316bc2b2d26e_s390x",
"8Base-RHOL-5.7:openshift-logging/logging-view-plugin-rhel8@sha256:50742d41afd16c553729523d8e5e5a6640a2bb9d2d01eb4d18051456bdb422f7_arm64",
"8Base-RHOL-5.7:openshift-logging/logging-view-plugin-rhel8@sha256:cf64b884e6198327d0ed02a86971cd777a12591a3a6ad677703268d22f510bdd_amd64",
"8Base-RHOL-5.7:openshift-logging/logging-view-plugin-rhel8@sha256:ef63d4524f60a38ec8b4ec306f94ac865397d2f1616cdad7ed11722c49b9565e_ppc64le",
"8Base-RHOL-5.7:openshift-logging/loki-operator-bundle@sha256:5667ef8d640391c34ac20562b91a1f723005673d96e54a6ba1d178fa2fa73a32_amd64",
"8Base-RHOL-5.7:openshift-logging/loki-rhel8-operator@sha256:0f762d2a6e7e98b8d1a35df4a3d81677507dd2aea8a7c413aaa268bef2fbbe56_arm64",
"8Base-RHOL-5.7:openshift-logging/loki-rhel8-operator@sha256:1861142f6d9581e572d3086037d5b8264906579df63e7b3ae91f70a3068842f8_amd64",
"8Base-RHOL-5.7:openshift-logging/loki-rhel8-operator@sha256:214c8f4d86ff90cfddafa93dc1c3d5b3304bbfa35d3aec0b5aff30265f988f16_ppc64le",
"8Base-RHOL-5.7:openshift-logging/loki-rhel8-operator@sha256:62a71fd5ea0d3c6c26f06a56795ecca801f1a0ab570f08dfc44bd9b534775e58_s390x",
"8Base-RHOL-5.7:openshift-logging/lokistack-gateway-rhel8@sha256:0d9c0ccdf55842f06ed98efecba60e6614f764bb7e1dbe5861971e8ba8c80404_ppc64le",
"8Base-RHOL-5.7:openshift-logging/lokistack-gateway-rhel8@sha256:59113b0585d5f2ad0e2c61220ec3ead6192e14868f6dd9c143af5d13e6235565_arm64",
"8Base-RHOL-5.7:openshift-logging/lokistack-gateway-rhel8@sha256:9d5bc7af72f5ef08b1b01f9d34da16ed47a6e65dd632cf369c5848c5e89bfb10_amd64",
"8Base-RHOL-5.7:openshift-logging/lokistack-gateway-rhel8@sha256:b46f89c08df34b8ad7f2af805be0e005d9dfdfd94a0fbee6f5820200752ae11e_s390x",
"8Base-RHOL-5.7:openshift-logging/opa-openshift-rhel8@sha256:456a76e7ef5687b45ade9360670c2e3793d38cbca5e132763850a7cfd0861811_arm64",
"8Base-RHOL-5.7:openshift-logging/opa-openshift-rhel8@sha256:543213dd4f0132d51e5823f4bb9ee450b90e85c10bb817475f03404a430c7706_s390x",
"8Base-RHOL-5.7:openshift-logging/opa-openshift-rhel8@sha256:549c0984ba0cc9a54d01f44c2554da6574c16967c87e1a72e3f773802c76f63d_amd64",
"8Base-RHOL-5.7:openshift-logging/opa-openshift-rhel8@sha256:9e5ca10fd6967fa319fcba97aed737c4bdbbad6fbe19e43bc86010e89132669f_ppc64le",
"8Base-RHOL-5.7:openshift-logging/vector-rhel8@sha256:30e6149c0c834f785066f790655e67d17cb71ed68aa79dd7e4f2b7e3b8db8aa3_arm64",
"8Base-RHOL-5.7:openshift-logging/vector-rhel8@sha256:3c659bcf727aca2adff20087b41a5467cc52de825409df3468edb7e9c90fab41_s390x",
"8Base-RHOL-5.7:openshift-logging/vector-rhel8@sha256:7f3f463d22450c505c9a2ac6cca844b2d8a6124379e10beeab2ec8381dad913e_ppc64le",
"8Base-RHOL-5.7:openshift-logging/vector-rhel8@sha256:b63c5ae18c8b759e5e093d92801563355d5b45b85c997a8c294096ef2596615d_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-41723"
},
{
"category": "external",
"summary": "RHBZ#2178358",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2178358"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-41723",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41723"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-41723",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-41723"
},
{
"category": "external",
"summary": "https://github.com/advisories/GHSA-vvpx-j8f3-3w6h",
"url": "https://github.com/advisories/GHSA-vvpx-j8f3-3w6h"
},
{
"category": "external",
"summary": "https://go.dev/cl/468135",
"url": "https://go.dev/cl/468135"
},
{
"category": "external",
"summary": "https://go.dev/cl/468295",
"url": "https://go.dev/cl/468295"
},
{
"category": "external",
"summary": "https://go.dev/issue/57855",
"url": "https://go.dev/issue/57855"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/V0aBFqaFs_E",
"url": "https://groups.google.com/g/golang-announce/c/V0aBFqaFs_E"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2023-1571",
"url": "https://pkg.go.dev/vuln/GO-2023-1571"
},
{
"category": "external",
"summary": "https://vuln.go.dev/ID/GO-2023-1571.json",
"url": "https://vuln.go.dev/ID/GO-2023-1571.json"
}
],
"release_date": "2023-02-17T14:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-06-12T19:08:51+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHOL-5.7:openshift-logging/cluster-logging-rhel8-operator@sha256:60f75c6ae180291f7e8eae0dd9999f0c17a74863b20d23f45a675cb427cabcf8_s390x",
"8Base-RHOL-5.7:openshift-logging/cluster-logging-rhel8-operator@sha256:8619dafc0e4d978c2eb63e0dbb0389114bbf93c692dc1477ed776c40e589c677_arm64",
"8Base-RHOL-5.7:openshift-logging/cluster-logging-rhel8-operator@sha256:ae56b7bb5f88e54739e103c16b57eb776661c8942d0d58dae683f33dc839191a_ppc64le",
"8Base-RHOL-5.7:openshift-logging/cluster-logging-rhel8-operator@sha256:c127a5211070607bc6daaa404fb221a91134ee18261691041448fb18203e711b_amd64",
"8Base-RHOL-5.7:openshift-logging/eventrouter-rhel8@sha256:05c5123b3c5757f6239327c7ee96d2ce9fecbeef1dc39feade38d9417941122d_s390x",
"8Base-RHOL-5.7:openshift-logging/eventrouter-rhel8@sha256:62134203e3d02a92b4ea0f0f6b96a4046806c655f9b8358de7576a57624a7574_arm64",
"8Base-RHOL-5.7:openshift-logging/eventrouter-rhel8@sha256:9a9fc94b921453a383a8e2503bb8ff4e1d5290a541d5819ea15b263f10589357_amd64",
"8Base-RHOL-5.7:openshift-logging/eventrouter-rhel8@sha256:f8ff9fda083e55a5113ba614c739d83d52ee3115429075d0eb03fea2e9d5d711_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:3495"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RHOL-5.7:openshift-logging/cluster-logging-operator-bundle@sha256:67922a4fa417673d97eca28344c77ba81d4f77cb1b86e1ca532b41a82b6f6520_amd64",
"8Base-RHOL-5.7:openshift-logging/cluster-logging-rhel8-operator@sha256:60f75c6ae180291f7e8eae0dd9999f0c17a74863b20d23f45a675cb427cabcf8_s390x",
"8Base-RHOL-5.7:openshift-logging/cluster-logging-rhel8-operator@sha256:8619dafc0e4d978c2eb63e0dbb0389114bbf93c692dc1477ed776c40e589c677_arm64",
"8Base-RHOL-5.7:openshift-logging/cluster-logging-rhel8-operator@sha256:ae56b7bb5f88e54739e103c16b57eb776661c8942d0d58dae683f33dc839191a_ppc64le",
"8Base-RHOL-5.7:openshift-logging/cluster-logging-rhel8-operator@sha256:c127a5211070607bc6daaa404fb221a91134ee18261691041448fb18203e711b_amd64",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-operator-bundle@sha256:f56e69a40c6f51da46fbaf3fd170f84e20a45bac6c77b3b6d16130ae7be62394_amd64",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-proxy-rhel8@sha256:0abd84da4fd5bf4f2657c0a7ba2f8fd8b878c15121fccbe8fb5f461b2ea5a9b3_ppc64le",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-proxy-rhel8@sha256:160985f4c009f8cce7b36c1142756f25ff2413937da194facc6bc85cb0863551_s390x",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-proxy-rhel8@sha256:22a97db8a595aaa758027b30c7fd2cf3ea0ae6c4d0b70766f8124d8eb17b58c9_arm64",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-proxy-rhel8@sha256:38404132fe318e05f607c0e0ffb78baa25bb9477f53f40436b0cc50d21dd52bb_amd64",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-rhel8-operator@sha256:5aaa60e772fd3f47d7b12d12c2eb55176803175656f834c48ed5003bf6c80600_ppc64le",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-rhel8-operator@sha256:61c30851d3d9f544c37c7616ec8a4ba34b7b37f3555960d0c8fa2be78f44947f_amd64",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-rhel8-operator@sha256:ab54ef61832141f7675d3dc8d59edf99c3cdd1125c74e222492949c180964452_arm64",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-rhel8-operator@sha256:fa36283092c27cd60761703d1eee07b92358dfe1157273b51b37b583a6060b35_s390x",
"8Base-RHOL-5.7:openshift-logging/elasticsearch6-rhel8@sha256:4685b2792af31c22d64220aaf7693e121826fdc2d8acd5be7bd0557995b8dea0_ppc64le",
"8Base-RHOL-5.7:openshift-logging/elasticsearch6-rhel8@sha256:611cef3b88e71c24f002e3a37de6883f54ca0e8eb9f8b60aff41ab2dcb249745_amd64",
"8Base-RHOL-5.7:openshift-logging/elasticsearch6-rhel8@sha256:9c28c1ef4a26ab31a9de8941b22705cea8e85918df5e9997cd07ede5bd04e512_arm64",
"8Base-RHOL-5.7:openshift-logging/elasticsearch6-rhel8@sha256:cc65e3adf0590cd58a073f351be36a2bc60ea1aa0183a0c9dcb9ae726830a078_s390x",
"8Base-RHOL-5.7:openshift-logging/eventrouter-rhel8@sha256:05c5123b3c5757f6239327c7ee96d2ce9fecbeef1dc39feade38d9417941122d_s390x",
"8Base-RHOL-5.7:openshift-logging/eventrouter-rhel8@sha256:62134203e3d02a92b4ea0f0f6b96a4046806c655f9b8358de7576a57624a7574_arm64",
"8Base-RHOL-5.7:openshift-logging/eventrouter-rhel8@sha256:9a9fc94b921453a383a8e2503bb8ff4e1d5290a541d5819ea15b263f10589357_amd64",
"8Base-RHOL-5.7:openshift-logging/eventrouter-rhel8@sha256:f8ff9fda083e55a5113ba614c739d83d52ee3115429075d0eb03fea2e9d5d711_ppc64le",
"8Base-RHOL-5.7:openshift-logging/fluentd-rhel8@sha256:3d3d4d46d57443ea5aea72a711126ff46b217129f089864f027b1ed2b45e393c_amd64",
"8Base-RHOL-5.7:openshift-logging/fluentd-rhel8@sha256:5dd0468121013d75c3c5b5def726b6d71f66d2086defad6cc1d54015f057f956_ppc64le",
"8Base-RHOL-5.7:openshift-logging/fluentd-rhel8@sha256:9e35721ad22c9c67e6bd49f7978c495d72743ad43c21425cb97a57b5f6d03653_s390x",
"8Base-RHOL-5.7:openshift-logging/fluentd-rhel8@sha256:c082515ff5bcaaf305b24d24b488b2d91627894872b2f2074f7bfa64e0baf313_arm64",
"8Base-RHOL-5.7:openshift-logging/kibana6-rhel8@sha256:77a3146e462f9291ea13d13fea97c74b2d59fe84f3dbfc33aafc08837fe5baba_arm64",
"8Base-RHOL-5.7:openshift-logging/kibana6-rhel8@sha256:be0b14bae5a4e42bb760ef93676153d2e9d0eaa72075b745df29ab519223a226_s390x",
"8Base-RHOL-5.7:openshift-logging/kibana6-rhel8@sha256:c8dff12b758f72cb6096c83a9b0e4918efab24e41c60e3dd1db91b561a204a9f_ppc64le",
"8Base-RHOL-5.7:openshift-logging/kibana6-rhel8@sha256:fc848aa0f5d0bd6c39b6d3056c21ae82839bcd627bd06312d7243b4e830d8aa2_amd64",
"8Base-RHOL-5.7:openshift-logging/log-file-metric-exporter-rhel8@sha256:92ff40e217abff467a201e45ebb11330d5352a29d7be3703048a865c7a7aa603_arm64",
"8Base-RHOL-5.7:openshift-logging/log-file-metric-exporter-rhel8@sha256:ad3988a61bd088e3303a28fa823b5a6377d823de2ab12e0b3e490c082077f7b5_amd64",
"8Base-RHOL-5.7:openshift-logging/log-file-metric-exporter-rhel8@sha256:cf228007b8ef6af94bee09d300d4c9917162041b08a91b0556e4083976050b5f_s390x",
"8Base-RHOL-5.7:openshift-logging/log-file-metric-exporter-rhel8@sha256:d5b2f702c19854620778f1a99c07e18c94ad2fd510b8484d2ac53c6ae8c0a8e2_ppc64le",
"8Base-RHOL-5.7:openshift-logging/logging-curator5-rhel8@sha256:12c1aafdb570d4a58c89d12d50dc129ee6f1eeb2a67d3e05a2a23d96d7d17d9c_ppc64le",
"8Base-RHOL-5.7:openshift-logging/logging-curator5-rhel8@sha256:5c0cf908612a36333722f5fed31e266a398db32739dd2e4f074428877b363c85_s390x",
"8Base-RHOL-5.7:openshift-logging/logging-curator5-rhel8@sha256:d3df7e62f2b1893b4f4879b91531b92652547aa4453fd1bfdc9558ff5a720a84_arm64",
"8Base-RHOL-5.7:openshift-logging/logging-curator5-rhel8@sha256:d65d8fba95e2313eb97a925c2d4f2a76d3616626c492803d19dcc3548753ecfa_amd64",
"8Base-RHOL-5.7:openshift-logging/logging-loki-rhel8@sha256:16c8e2bf0d537e9a787f2250203f9deae1b5f0f0b28e0520ddf6bf9b9c2e04d7_arm64",
"8Base-RHOL-5.7:openshift-logging/logging-loki-rhel8@sha256:63fffa75040e8322e895f230431f2cee966909d4afc2fef28f694f154c0cf888_amd64",
"8Base-RHOL-5.7:openshift-logging/logging-loki-rhel8@sha256:8b3fdd7f5b498336eff6881c742c59a2f6acdaaaf0ed80141d66170c19e6dfa7_ppc64le",
"8Base-RHOL-5.7:openshift-logging/logging-loki-rhel8@sha256:fcb11d3e6cc848ca774d353117c6a5c4770d455f8a64bce1223296d0afc298ef_s390x",
"8Base-RHOL-5.7:openshift-logging/logging-view-plugin-rhel8@sha256:29aaf15b222d1204253f4f82f3e17015a3fe77b3106580628442316bc2b2d26e_s390x",
"8Base-RHOL-5.7:openshift-logging/logging-view-plugin-rhel8@sha256:50742d41afd16c553729523d8e5e5a6640a2bb9d2d01eb4d18051456bdb422f7_arm64",
"8Base-RHOL-5.7:openshift-logging/logging-view-plugin-rhel8@sha256:cf64b884e6198327d0ed02a86971cd777a12591a3a6ad677703268d22f510bdd_amd64",
"8Base-RHOL-5.7:openshift-logging/logging-view-plugin-rhel8@sha256:ef63d4524f60a38ec8b4ec306f94ac865397d2f1616cdad7ed11722c49b9565e_ppc64le",
"8Base-RHOL-5.7:openshift-logging/loki-operator-bundle@sha256:5667ef8d640391c34ac20562b91a1f723005673d96e54a6ba1d178fa2fa73a32_amd64",
"8Base-RHOL-5.7:openshift-logging/loki-rhel8-operator@sha256:0f762d2a6e7e98b8d1a35df4a3d81677507dd2aea8a7c413aaa268bef2fbbe56_arm64",
"8Base-RHOL-5.7:openshift-logging/loki-rhel8-operator@sha256:1861142f6d9581e572d3086037d5b8264906579df63e7b3ae91f70a3068842f8_amd64",
"8Base-RHOL-5.7:openshift-logging/loki-rhel8-operator@sha256:214c8f4d86ff90cfddafa93dc1c3d5b3304bbfa35d3aec0b5aff30265f988f16_ppc64le",
"8Base-RHOL-5.7:openshift-logging/loki-rhel8-operator@sha256:62a71fd5ea0d3c6c26f06a56795ecca801f1a0ab570f08dfc44bd9b534775e58_s390x",
"8Base-RHOL-5.7:openshift-logging/lokistack-gateway-rhel8@sha256:0d9c0ccdf55842f06ed98efecba60e6614f764bb7e1dbe5861971e8ba8c80404_ppc64le",
"8Base-RHOL-5.7:openshift-logging/lokistack-gateway-rhel8@sha256:59113b0585d5f2ad0e2c61220ec3ead6192e14868f6dd9c143af5d13e6235565_arm64",
"8Base-RHOL-5.7:openshift-logging/lokistack-gateway-rhel8@sha256:9d5bc7af72f5ef08b1b01f9d34da16ed47a6e65dd632cf369c5848c5e89bfb10_amd64",
"8Base-RHOL-5.7:openshift-logging/lokistack-gateway-rhel8@sha256:b46f89c08df34b8ad7f2af805be0e005d9dfdfd94a0fbee6f5820200752ae11e_s390x",
"8Base-RHOL-5.7:openshift-logging/opa-openshift-rhel8@sha256:456a76e7ef5687b45ade9360670c2e3793d38cbca5e132763850a7cfd0861811_arm64",
"8Base-RHOL-5.7:openshift-logging/opa-openshift-rhel8@sha256:543213dd4f0132d51e5823f4bb9ee450b90e85c10bb817475f03404a430c7706_s390x",
"8Base-RHOL-5.7:openshift-logging/opa-openshift-rhel8@sha256:549c0984ba0cc9a54d01f44c2554da6574c16967c87e1a72e3f773802c76f63d_amd64",
"8Base-RHOL-5.7:openshift-logging/opa-openshift-rhel8@sha256:9e5ca10fd6967fa319fcba97aed737c4bdbbad6fbe19e43bc86010e89132669f_ppc64le",
"8Base-RHOL-5.7:openshift-logging/vector-rhel8@sha256:30e6149c0c834f785066f790655e67d17cb71ed68aa79dd7e4f2b7e3b8db8aa3_arm64",
"8Base-RHOL-5.7:openshift-logging/vector-rhel8@sha256:3c659bcf727aca2adff20087b41a5467cc52de825409df3468edb7e9c90fab41_s390x",
"8Base-RHOL-5.7:openshift-logging/vector-rhel8@sha256:7f3f463d22450c505c9a2ac6cca844b2d8a6124379e10beeab2ec8381dad913e_ppc64le",
"8Base-RHOL-5.7:openshift-logging/vector-rhel8@sha256:b63c5ae18c8b759e5e093d92801563355d5b45b85c997a8c294096ef2596615d_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang.org/x/net/http2: avoid quadratic complexity in HPACK decoding"
},
{
"cve": "CVE-2023-27539",
"cwe": {
"id": "CWE-1333",
"name": "Inefficient Regular Expression Complexity"
},
"discovery_date": "2023-03-15T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHOL-5.7:openshift-logging/cluster-logging-operator-bundle@sha256:67922a4fa417673d97eca28344c77ba81d4f77cb1b86e1ca532b41a82b6f6520_amd64",
"8Base-RHOL-5.7:openshift-logging/cluster-logging-rhel8-operator@sha256:60f75c6ae180291f7e8eae0dd9999f0c17a74863b20d23f45a675cb427cabcf8_s390x",
"8Base-RHOL-5.7:openshift-logging/cluster-logging-rhel8-operator@sha256:8619dafc0e4d978c2eb63e0dbb0389114bbf93c692dc1477ed776c40e589c677_arm64",
"8Base-RHOL-5.7:openshift-logging/cluster-logging-rhel8-operator@sha256:ae56b7bb5f88e54739e103c16b57eb776661c8942d0d58dae683f33dc839191a_ppc64le",
"8Base-RHOL-5.7:openshift-logging/cluster-logging-rhel8-operator@sha256:c127a5211070607bc6daaa404fb221a91134ee18261691041448fb18203e711b_amd64",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-operator-bundle@sha256:f56e69a40c6f51da46fbaf3fd170f84e20a45bac6c77b3b6d16130ae7be62394_amd64",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-proxy-rhel8@sha256:0abd84da4fd5bf4f2657c0a7ba2f8fd8b878c15121fccbe8fb5f461b2ea5a9b3_ppc64le",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-proxy-rhel8@sha256:160985f4c009f8cce7b36c1142756f25ff2413937da194facc6bc85cb0863551_s390x",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-proxy-rhel8@sha256:22a97db8a595aaa758027b30c7fd2cf3ea0ae6c4d0b70766f8124d8eb17b58c9_arm64",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-proxy-rhel8@sha256:38404132fe318e05f607c0e0ffb78baa25bb9477f53f40436b0cc50d21dd52bb_amd64",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-rhel8-operator@sha256:5aaa60e772fd3f47d7b12d12c2eb55176803175656f834c48ed5003bf6c80600_ppc64le",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-rhel8-operator@sha256:61c30851d3d9f544c37c7616ec8a4ba34b7b37f3555960d0c8fa2be78f44947f_amd64",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-rhel8-operator@sha256:ab54ef61832141f7675d3dc8d59edf99c3cdd1125c74e222492949c180964452_arm64",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-rhel8-operator@sha256:fa36283092c27cd60761703d1eee07b92358dfe1157273b51b37b583a6060b35_s390x",
"8Base-RHOL-5.7:openshift-logging/elasticsearch6-rhel8@sha256:4685b2792af31c22d64220aaf7693e121826fdc2d8acd5be7bd0557995b8dea0_ppc64le",
"8Base-RHOL-5.7:openshift-logging/elasticsearch6-rhel8@sha256:611cef3b88e71c24f002e3a37de6883f54ca0e8eb9f8b60aff41ab2dcb249745_amd64",
"8Base-RHOL-5.7:openshift-logging/elasticsearch6-rhel8@sha256:9c28c1ef4a26ab31a9de8941b22705cea8e85918df5e9997cd07ede5bd04e512_arm64",
"8Base-RHOL-5.7:openshift-logging/elasticsearch6-rhel8@sha256:cc65e3adf0590cd58a073f351be36a2bc60ea1aa0183a0c9dcb9ae726830a078_s390x",
"8Base-RHOL-5.7:openshift-logging/eventrouter-rhel8@sha256:05c5123b3c5757f6239327c7ee96d2ce9fecbeef1dc39feade38d9417941122d_s390x",
"8Base-RHOL-5.7:openshift-logging/eventrouter-rhel8@sha256:62134203e3d02a92b4ea0f0f6b96a4046806c655f9b8358de7576a57624a7574_arm64",
"8Base-RHOL-5.7:openshift-logging/eventrouter-rhel8@sha256:9a9fc94b921453a383a8e2503bb8ff4e1d5290a541d5819ea15b263f10589357_amd64",
"8Base-RHOL-5.7:openshift-logging/eventrouter-rhel8@sha256:f8ff9fda083e55a5113ba614c739d83d52ee3115429075d0eb03fea2e9d5d711_ppc64le",
"8Base-RHOL-5.7:openshift-logging/kibana6-rhel8@sha256:77a3146e462f9291ea13d13fea97c74b2d59fe84f3dbfc33aafc08837fe5baba_arm64",
"8Base-RHOL-5.7:openshift-logging/kibana6-rhel8@sha256:be0b14bae5a4e42bb760ef93676153d2e9d0eaa72075b745df29ab519223a226_s390x",
"8Base-RHOL-5.7:openshift-logging/kibana6-rhel8@sha256:c8dff12b758f72cb6096c83a9b0e4918efab24e41c60e3dd1db91b561a204a9f_ppc64le",
"8Base-RHOL-5.7:openshift-logging/kibana6-rhel8@sha256:fc848aa0f5d0bd6c39b6d3056c21ae82839bcd627bd06312d7243b4e830d8aa2_amd64",
"8Base-RHOL-5.7:openshift-logging/log-file-metric-exporter-rhel8@sha256:92ff40e217abff467a201e45ebb11330d5352a29d7be3703048a865c7a7aa603_arm64",
"8Base-RHOL-5.7:openshift-logging/log-file-metric-exporter-rhel8@sha256:ad3988a61bd088e3303a28fa823b5a6377d823de2ab12e0b3e490c082077f7b5_amd64",
"8Base-RHOL-5.7:openshift-logging/log-file-metric-exporter-rhel8@sha256:cf228007b8ef6af94bee09d300d4c9917162041b08a91b0556e4083976050b5f_s390x",
"8Base-RHOL-5.7:openshift-logging/log-file-metric-exporter-rhel8@sha256:d5b2f702c19854620778f1a99c07e18c94ad2fd510b8484d2ac53c6ae8c0a8e2_ppc64le",
"8Base-RHOL-5.7:openshift-logging/logging-curator5-rhel8@sha256:12c1aafdb570d4a58c89d12d50dc129ee6f1eeb2a67d3e05a2a23d96d7d17d9c_ppc64le",
"8Base-RHOL-5.7:openshift-logging/logging-curator5-rhel8@sha256:5c0cf908612a36333722f5fed31e266a398db32739dd2e4f074428877b363c85_s390x",
"8Base-RHOL-5.7:openshift-logging/logging-curator5-rhel8@sha256:d3df7e62f2b1893b4f4879b91531b92652547aa4453fd1bfdc9558ff5a720a84_arm64",
"8Base-RHOL-5.7:openshift-logging/logging-curator5-rhel8@sha256:d65d8fba95e2313eb97a925c2d4f2a76d3616626c492803d19dcc3548753ecfa_amd64",
"8Base-RHOL-5.7:openshift-logging/logging-loki-rhel8@sha256:16c8e2bf0d537e9a787f2250203f9deae1b5f0f0b28e0520ddf6bf9b9c2e04d7_arm64",
"8Base-RHOL-5.7:openshift-logging/logging-loki-rhel8@sha256:63fffa75040e8322e895f230431f2cee966909d4afc2fef28f694f154c0cf888_amd64",
"8Base-RHOL-5.7:openshift-logging/logging-loki-rhel8@sha256:8b3fdd7f5b498336eff6881c742c59a2f6acdaaaf0ed80141d66170c19e6dfa7_ppc64le",
"8Base-RHOL-5.7:openshift-logging/logging-loki-rhel8@sha256:fcb11d3e6cc848ca774d353117c6a5c4770d455f8a64bce1223296d0afc298ef_s390x",
"8Base-RHOL-5.7:openshift-logging/logging-view-plugin-rhel8@sha256:29aaf15b222d1204253f4f82f3e17015a3fe77b3106580628442316bc2b2d26e_s390x",
"8Base-RHOL-5.7:openshift-logging/logging-view-plugin-rhel8@sha256:50742d41afd16c553729523d8e5e5a6640a2bb9d2d01eb4d18051456bdb422f7_arm64",
"8Base-RHOL-5.7:openshift-logging/logging-view-plugin-rhel8@sha256:cf64b884e6198327d0ed02a86971cd777a12591a3a6ad677703268d22f510bdd_amd64",
"8Base-RHOL-5.7:openshift-logging/logging-view-plugin-rhel8@sha256:ef63d4524f60a38ec8b4ec306f94ac865397d2f1616cdad7ed11722c49b9565e_ppc64le",
"8Base-RHOL-5.7:openshift-logging/loki-operator-bundle@sha256:5667ef8d640391c34ac20562b91a1f723005673d96e54a6ba1d178fa2fa73a32_amd64",
"8Base-RHOL-5.7:openshift-logging/loki-rhel8-operator@sha256:0f762d2a6e7e98b8d1a35df4a3d81677507dd2aea8a7c413aaa268bef2fbbe56_arm64",
"8Base-RHOL-5.7:openshift-logging/loki-rhel8-operator@sha256:1861142f6d9581e572d3086037d5b8264906579df63e7b3ae91f70a3068842f8_amd64",
"8Base-RHOL-5.7:openshift-logging/loki-rhel8-operator@sha256:214c8f4d86ff90cfddafa93dc1c3d5b3304bbfa35d3aec0b5aff30265f988f16_ppc64le",
"8Base-RHOL-5.7:openshift-logging/loki-rhel8-operator@sha256:62a71fd5ea0d3c6c26f06a56795ecca801f1a0ab570f08dfc44bd9b534775e58_s390x",
"8Base-RHOL-5.7:openshift-logging/lokistack-gateway-rhel8@sha256:0d9c0ccdf55842f06ed98efecba60e6614f764bb7e1dbe5861971e8ba8c80404_ppc64le",
"8Base-RHOL-5.7:openshift-logging/lokistack-gateway-rhel8@sha256:59113b0585d5f2ad0e2c61220ec3ead6192e14868f6dd9c143af5d13e6235565_arm64",
"8Base-RHOL-5.7:openshift-logging/lokistack-gateway-rhel8@sha256:9d5bc7af72f5ef08b1b01f9d34da16ed47a6e65dd632cf369c5848c5e89bfb10_amd64",
"8Base-RHOL-5.7:openshift-logging/lokistack-gateway-rhel8@sha256:b46f89c08df34b8ad7f2af805be0e005d9dfdfd94a0fbee6f5820200752ae11e_s390x",
"8Base-RHOL-5.7:openshift-logging/opa-openshift-rhel8@sha256:456a76e7ef5687b45ade9360670c2e3793d38cbca5e132763850a7cfd0861811_arm64",
"8Base-RHOL-5.7:openshift-logging/opa-openshift-rhel8@sha256:543213dd4f0132d51e5823f4bb9ee450b90e85c10bb817475f03404a430c7706_s390x",
"8Base-RHOL-5.7:openshift-logging/opa-openshift-rhel8@sha256:549c0984ba0cc9a54d01f44c2554da6574c16967c87e1a72e3f773802c76f63d_amd64",
"8Base-RHOL-5.7:openshift-logging/opa-openshift-rhel8@sha256:9e5ca10fd6967fa319fcba97aed737c4bdbbad6fbe19e43bc86010e89132669f_ppc64le",
"8Base-RHOL-5.7:openshift-logging/vector-rhel8@sha256:30e6149c0c834f785066f790655e67d17cb71ed68aa79dd7e4f2b7e3b8db8aa3_arm64",
"8Base-RHOL-5.7:openshift-logging/vector-rhel8@sha256:3c659bcf727aca2adff20087b41a5467cc52de825409df3468edb7e9c90fab41_s390x",
"8Base-RHOL-5.7:openshift-logging/vector-rhel8@sha256:7f3f463d22450c505c9a2ac6cca844b2d8a6124379e10beeab2ec8381dad913e_ppc64le",
"8Base-RHOL-5.7:openshift-logging/vector-rhel8@sha256:b63c5ae18c8b759e5e093d92801563355d5b45b85c997a8c294096ef2596615d_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2179649"
}
],
"notes": [
{
"category": "description",
"text": "A denial of service vulnerability was found in rubygem-rack in how it parses headers. A carefully crafted input can cause header parsing to take an unexpected amount of time, possibly resulting in a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "rubygem-rack: denial of service in header parsing",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOL-5.7:openshift-logging/fluentd-rhel8@sha256:3d3d4d46d57443ea5aea72a711126ff46b217129f089864f027b1ed2b45e393c_amd64",
"8Base-RHOL-5.7:openshift-logging/fluentd-rhel8@sha256:5dd0468121013d75c3c5b5def726b6d71f66d2086defad6cc1d54015f057f956_ppc64le",
"8Base-RHOL-5.7:openshift-logging/fluentd-rhel8@sha256:9e35721ad22c9c67e6bd49f7978c495d72743ad43c21425cb97a57b5f6d03653_s390x",
"8Base-RHOL-5.7:openshift-logging/fluentd-rhel8@sha256:c082515ff5bcaaf305b24d24b488b2d91627894872b2f2074f7bfa64e0baf313_arm64"
],
"known_not_affected": [
"8Base-RHOL-5.7:openshift-logging/cluster-logging-operator-bundle@sha256:67922a4fa417673d97eca28344c77ba81d4f77cb1b86e1ca532b41a82b6f6520_amd64",
"8Base-RHOL-5.7:openshift-logging/cluster-logging-rhel8-operator@sha256:60f75c6ae180291f7e8eae0dd9999f0c17a74863b20d23f45a675cb427cabcf8_s390x",
"8Base-RHOL-5.7:openshift-logging/cluster-logging-rhel8-operator@sha256:8619dafc0e4d978c2eb63e0dbb0389114bbf93c692dc1477ed776c40e589c677_arm64",
"8Base-RHOL-5.7:openshift-logging/cluster-logging-rhel8-operator@sha256:ae56b7bb5f88e54739e103c16b57eb776661c8942d0d58dae683f33dc839191a_ppc64le",
"8Base-RHOL-5.7:openshift-logging/cluster-logging-rhel8-operator@sha256:c127a5211070607bc6daaa404fb221a91134ee18261691041448fb18203e711b_amd64",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-operator-bundle@sha256:f56e69a40c6f51da46fbaf3fd170f84e20a45bac6c77b3b6d16130ae7be62394_amd64",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-proxy-rhel8@sha256:0abd84da4fd5bf4f2657c0a7ba2f8fd8b878c15121fccbe8fb5f461b2ea5a9b3_ppc64le",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-proxy-rhel8@sha256:160985f4c009f8cce7b36c1142756f25ff2413937da194facc6bc85cb0863551_s390x",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-proxy-rhel8@sha256:22a97db8a595aaa758027b30c7fd2cf3ea0ae6c4d0b70766f8124d8eb17b58c9_arm64",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-proxy-rhel8@sha256:38404132fe318e05f607c0e0ffb78baa25bb9477f53f40436b0cc50d21dd52bb_amd64",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-rhel8-operator@sha256:5aaa60e772fd3f47d7b12d12c2eb55176803175656f834c48ed5003bf6c80600_ppc64le",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-rhel8-operator@sha256:61c30851d3d9f544c37c7616ec8a4ba34b7b37f3555960d0c8fa2be78f44947f_amd64",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-rhel8-operator@sha256:ab54ef61832141f7675d3dc8d59edf99c3cdd1125c74e222492949c180964452_arm64",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-rhel8-operator@sha256:fa36283092c27cd60761703d1eee07b92358dfe1157273b51b37b583a6060b35_s390x",
"8Base-RHOL-5.7:openshift-logging/elasticsearch6-rhel8@sha256:4685b2792af31c22d64220aaf7693e121826fdc2d8acd5be7bd0557995b8dea0_ppc64le",
"8Base-RHOL-5.7:openshift-logging/elasticsearch6-rhel8@sha256:611cef3b88e71c24f002e3a37de6883f54ca0e8eb9f8b60aff41ab2dcb249745_amd64",
"8Base-RHOL-5.7:openshift-logging/elasticsearch6-rhel8@sha256:9c28c1ef4a26ab31a9de8941b22705cea8e85918df5e9997cd07ede5bd04e512_arm64",
"8Base-RHOL-5.7:openshift-logging/elasticsearch6-rhel8@sha256:cc65e3adf0590cd58a073f351be36a2bc60ea1aa0183a0c9dcb9ae726830a078_s390x",
"8Base-RHOL-5.7:openshift-logging/eventrouter-rhel8@sha256:05c5123b3c5757f6239327c7ee96d2ce9fecbeef1dc39feade38d9417941122d_s390x",
"8Base-RHOL-5.7:openshift-logging/eventrouter-rhel8@sha256:62134203e3d02a92b4ea0f0f6b96a4046806c655f9b8358de7576a57624a7574_arm64",
"8Base-RHOL-5.7:openshift-logging/eventrouter-rhel8@sha256:9a9fc94b921453a383a8e2503bb8ff4e1d5290a541d5819ea15b263f10589357_amd64",
"8Base-RHOL-5.7:openshift-logging/eventrouter-rhel8@sha256:f8ff9fda083e55a5113ba614c739d83d52ee3115429075d0eb03fea2e9d5d711_ppc64le",
"8Base-RHOL-5.7:openshift-logging/kibana6-rhel8@sha256:77a3146e462f9291ea13d13fea97c74b2d59fe84f3dbfc33aafc08837fe5baba_arm64",
"8Base-RHOL-5.7:openshift-logging/kibana6-rhel8@sha256:be0b14bae5a4e42bb760ef93676153d2e9d0eaa72075b745df29ab519223a226_s390x",
"8Base-RHOL-5.7:openshift-logging/kibana6-rhel8@sha256:c8dff12b758f72cb6096c83a9b0e4918efab24e41c60e3dd1db91b561a204a9f_ppc64le",
"8Base-RHOL-5.7:openshift-logging/kibana6-rhel8@sha256:fc848aa0f5d0bd6c39b6d3056c21ae82839bcd627bd06312d7243b4e830d8aa2_amd64",
"8Base-RHOL-5.7:openshift-logging/log-file-metric-exporter-rhel8@sha256:92ff40e217abff467a201e45ebb11330d5352a29d7be3703048a865c7a7aa603_arm64",
"8Base-RHOL-5.7:openshift-logging/log-file-metric-exporter-rhel8@sha256:ad3988a61bd088e3303a28fa823b5a6377d823de2ab12e0b3e490c082077f7b5_amd64",
"8Base-RHOL-5.7:openshift-logging/log-file-metric-exporter-rhel8@sha256:cf228007b8ef6af94bee09d300d4c9917162041b08a91b0556e4083976050b5f_s390x",
"8Base-RHOL-5.7:openshift-logging/log-file-metric-exporter-rhel8@sha256:d5b2f702c19854620778f1a99c07e18c94ad2fd510b8484d2ac53c6ae8c0a8e2_ppc64le",
"8Base-RHOL-5.7:openshift-logging/logging-curator5-rhel8@sha256:12c1aafdb570d4a58c89d12d50dc129ee6f1eeb2a67d3e05a2a23d96d7d17d9c_ppc64le",
"8Base-RHOL-5.7:openshift-logging/logging-curator5-rhel8@sha256:5c0cf908612a36333722f5fed31e266a398db32739dd2e4f074428877b363c85_s390x",
"8Base-RHOL-5.7:openshift-logging/logging-curator5-rhel8@sha256:d3df7e62f2b1893b4f4879b91531b92652547aa4453fd1bfdc9558ff5a720a84_arm64",
"8Base-RHOL-5.7:openshift-logging/logging-curator5-rhel8@sha256:d65d8fba95e2313eb97a925c2d4f2a76d3616626c492803d19dcc3548753ecfa_amd64",
"8Base-RHOL-5.7:openshift-logging/logging-loki-rhel8@sha256:16c8e2bf0d537e9a787f2250203f9deae1b5f0f0b28e0520ddf6bf9b9c2e04d7_arm64",
"8Base-RHOL-5.7:openshift-logging/logging-loki-rhel8@sha256:63fffa75040e8322e895f230431f2cee966909d4afc2fef28f694f154c0cf888_amd64",
"8Base-RHOL-5.7:openshift-logging/logging-loki-rhel8@sha256:8b3fdd7f5b498336eff6881c742c59a2f6acdaaaf0ed80141d66170c19e6dfa7_ppc64le",
"8Base-RHOL-5.7:openshift-logging/logging-loki-rhel8@sha256:fcb11d3e6cc848ca774d353117c6a5c4770d455f8a64bce1223296d0afc298ef_s390x",
"8Base-RHOL-5.7:openshift-logging/logging-view-plugin-rhel8@sha256:29aaf15b222d1204253f4f82f3e17015a3fe77b3106580628442316bc2b2d26e_s390x",
"8Base-RHOL-5.7:openshift-logging/logging-view-plugin-rhel8@sha256:50742d41afd16c553729523d8e5e5a6640a2bb9d2d01eb4d18051456bdb422f7_arm64",
"8Base-RHOL-5.7:openshift-logging/logging-view-plugin-rhel8@sha256:cf64b884e6198327d0ed02a86971cd777a12591a3a6ad677703268d22f510bdd_amd64",
"8Base-RHOL-5.7:openshift-logging/logging-view-plugin-rhel8@sha256:ef63d4524f60a38ec8b4ec306f94ac865397d2f1616cdad7ed11722c49b9565e_ppc64le",
"8Base-RHOL-5.7:openshift-logging/loki-operator-bundle@sha256:5667ef8d640391c34ac20562b91a1f723005673d96e54a6ba1d178fa2fa73a32_amd64",
"8Base-RHOL-5.7:openshift-logging/loki-rhel8-operator@sha256:0f762d2a6e7e98b8d1a35df4a3d81677507dd2aea8a7c413aaa268bef2fbbe56_arm64",
"8Base-RHOL-5.7:openshift-logging/loki-rhel8-operator@sha256:1861142f6d9581e572d3086037d5b8264906579df63e7b3ae91f70a3068842f8_amd64",
"8Base-RHOL-5.7:openshift-logging/loki-rhel8-operator@sha256:214c8f4d86ff90cfddafa93dc1c3d5b3304bbfa35d3aec0b5aff30265f988f16_ppc64le",
"8Base-RHOL-5.7:openshift-logging/loki-rhel8-operator@sha256:62a71fd5ea0d3c6c26f06a56795ecca801f1a0ab570f08dfc44bd9b534775e58_s390x",
"8Base-RHOL-5.7:openshift-logging/lokistack-gateway-rhel8@sha256:0d9c0ccdf55842f06ed98efecba60e6614f764bb7e1dbe5861971e8ba8c80404_ppc64le",
"8Base-RHOL-5.7:openshift-logging/lokistack-gateway-rhel8@sha256:59113b0585d5f2ad0e2c61220ec3ead6192e14868f6dd9c143af5d13e6235565_arm64",
"8Base-RHOL-5.7:openshift-logging/lokistack-gateway-rhel8@sha256:9d5bc7af72f5ef08b1b01f9d34da16ed47a6e65dd632cf369c5848c5e89bfb10_amd64",
"8Base-RHOL-5.7:openshift-logging/lokistack-gateway-rhel8@sha256:b46f89c08df34b8ad7f2af805be0e005d9dfdfd94a0fbee6f5820200752ae11e_s390x",
"8Base-RHOL-5.7:openshift-logging/opa-openshift-rhel8@sha256:456a76e7ef5687b45ade9360670c2e3793d38cbca5e132763850a7cfd0861811_arm64",
"8Base-RHOL-5.7:openshift-logging/opa-openshift-rhel8@sha256:543213dd4f0132d51e5823f4bb9ee450b90e85c10bb817475f03404a430c7706_s390x",
"8Base-RHOL-5.7:openshift-logging/opa-openshift-rhel8@sha256:549c0984ba0cc9a54d01f44c2554da6574c16967c87e1a72e3f773802c76f63d_amd64",
"8Base-RHOL-5.7:openshift-logging/opa-openshift-rhel8@sha256:9e5ca10fd6967fa319fcba97aed737c4bdbbad6fbe19e43bc86010e89132669f_ppc64le",
"8Base-RHOL-5.7:openshift-logging/vector-rhel8@sha256:30e6149c0c834f785066f790655e67d17cb71ed68aa79dd7e4f2b7e3b8db8aa3_arm64",
"8Base-RHOL-5.7:openshift-logging/vector-rhel8@sha256:3c659bcf727aca2adff20087b41a5467cc52de825409df3468edb7e9c90fab41_s390x",
"8Base-RHOL-5.7:openshift-logging/vector-rhel8@sha256:7f3f463d22450c505c9a2ac6cca844b2d8a6124379e10beeab2ec8381dad913e_ppc64le",
"8Base-RHOL-5.7:openshift-logging/vector-rhel8@sha256:b63c5ae18c8b759e5e093d92801563355d5b45b85c997a8c294096ef2596615d_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-27539"
},
{
"category": "external",
"summary": "RHBZ#2179649",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2179649"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-27539",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27539"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-27539",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-27539"
},
{
"category": "external",
"summary": "https://discuss.rubyonrails.org/t/cve-2023-27539-possible-denial-of-service-vulnerability-in-racks-header-parsing/82466",
"url": "https://discuss.rubyonrails.org/t/cve-2023-27539-possible-denial-of-service-vulnerability-in-racks-header-parsing/82466"
},
{
"category": "external",
"summary": "https://github.com/rubysec/ruby-advisory-db/blob/master/gems/rack/CVE-2023-27539.yml",
"url": "https://github.com/rubysec/ruby-advisory-db/blob/master/gems/rack/CVE-2023-27539.yml"
},
{
"category": "external",
"summary": "https://rubysec.com/advisories/CVE-2023-27539/",
"url": "https://rubysec.com/advisories/CVE-2023-27539/"
}
],
"release_date": "2023-03-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-06-12T19:08:51+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHOL-5.7:openshift-logging/fluentd-rhel8@sha256:3d3d4d46d57443ea5aea72a711126ff46b217129f089864f027b1ed2b45e393c_amd64",
"8Base-RHOL-5.7:openshift-logging/fluentd-rhel8@sha256:5dd0468121013d75c3c5b5def726b6d71f66d2086defad6cc1d54015f057f956_ppc64le",
"8Base-RHOL-5.7:openshift-logging/fluentd-rhel8@sha256:9e35721ad22c9c67e6bd49f7978c495d72743ad43c21425cb97a57b5f6d03653_s390x",
"8Base-RHOL-5.7:openshift-logging/fluentd-rhel8@sha256:c082515ff5bcaaf305b24d24b488b2d91627894872b2f2074f7bfa64e0baf313_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:3495"
},
{
"category": "workaround",
"details": "Setting Regexp.timeout in Ruby 3.2 is a possible workaround.",
"product_ids": [
"8Base-RHOL-5.7:openshift-logging/cluster-logging-operator-bundle@sha256:67922a4fa417673d97eca28344c77ba81d4f77cb1b86e1ca532b41a82b6f6520_amd64",
"8Base-RHOL-5.7:openshift-logging/cluster-logging-rhel8-operator@sha256:60f75c6ae180291f7e8eae0dd9999f0c17a74863b20d23f45a675cb427cabcf8_s390x",
"8Base-RHOL-5.7:openshift-logging/cluster-logging-rhel8-operator@sha256:8619dafc0e4d978c2eb63e0dbb0389114bbf93c692dc1477ed776c40e589c677_arm64",
"8Base-RHOL-5.7:openshift-logging/cluster-logging-rhel8-operator@sha256:ae56b7bb5f88e54739e103c16b57eb776661c8942d0d58dae683f33dc839191a_ppc64le",
"8Base-RHOL-5.7:openshift-logging/cluster-logging-rhel8-operator@sha256:c127a5211070607bc6daaa404fb221a91134ee18261691041448fb18203e711b_amd64",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-operator-bundle@sha256:f56e69a40c6f51da46fbaf3fd170f84e20a45bac6c77b3b6d16130ae7be62394_amd64",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-proxy-rhel8@sha256:0abd84da4fd5bf4f2657c0a7ba2f8fd8b878c15121fccbe8fb5f461b2ea5a9b3_ppc64le",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-proxy-rhel8@sha256:160985f4c009f8cce7b36c1142756f25ff2413937da194facc6bc85cb0863551_s390x",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-proxy-rhel8@sha256:22a97db8a595aaa758027b30c7fd2cf3ea0ae6c4d0b70766f8124d8eb17b58c9_arm64",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-proxy-rhel8@sha256:38404132fe318e05f607c0e0ffb78baa25bb9477f53f40436b0cc50d21dd52bb_amd64",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-rhel8-operator@sha256:5aaa60e772fd3f47d7b12d12c2eb55176803175656f834c48ed5003bf6c80600_ppc64le",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-rhel8-operator@sha256:61c30851d3d9f544c37c7616ec8a4ba34b7b37f3555960d0c8fa2be78f44947f_amd64",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-rhel8-operator@sha256:ab54ef61832141f7675d3dc8d59edf99c3cdd1125c74e222492949c180964452_arm64",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-rhel8-operator@sha256:fa36283092c27cd60761703d1eee07b92358dfe1157273b51b37b583a6060b35_s390x",
"8Base-RHOL-5.7:openshift-logging/elasticsearch6-rhel8@sha256:4685b2792af31c22d64220aaf7693e121826fdc2d8acd5be7bd0557995b8dea0_ppc64le",
"8Base-RHOL-5.7:openshift-logging/elasticsearch6-rhel8@sha256:611cef3b88e71c24f002e3a37de6883f54ca0e8eb9f8b60aff41ab2dcb249745_amd64",
"8Base-RHOL-5.7:openshift-logging/elasticsearch6-rhel8@sha256:9c28c1ef4a26ab31a9de8941b22705cea8e85918df5e9997cd07ede5bd04e512_arm64",
"8Base-RHOL-5.7:openshift-logging/elasticsearch6-rhel8@sha256:cc65e3adf0590cd58a073f351be36a2bc60ea1aa0183a0c9dcb9ae726830a078_s390x",
"8Base-RHOL-5.7:openshift-logging/eventrouter-rhel8@sha256:05c5123b3c5757f6239327c7ee96d2ce9fecbeef1dc39feade38d9417941122d_s390x",
"8Base-RHOL-5.7:openshift-logging/eventrouter-rhel8@sha256:62134203e3d02a92b4ea0f0f6b96a4046806c655f9b8358de7576a57624a7574_arm64",
"8Base-RHOL-5.7:openshift-logging/eventrouter-rhel8@sha256:9a9fc94b921453a383a8e2503bb8ff4e1d5290a541d5819ea15b263f10589357_amd64",
"8Base-RHOL-5.7:openshift-logging/eventrouter-rhel8@sha256:f8ff9fda083e55a5113ba614c739d83d52ee3115429075d0eb03fea2e9d5d711_ppc64le",
"8Base-RHOL-5.7:openshift-logging/fluentd-rhel8@sha256:3d3d4d46d57443ea5aea72a711126ff46b217129f089864f027b1ed2b45e393c_amd64",
"8Base-RHOL-5.7:openshift-logging/fluentd-rhel8@sha256:5dd0468121013d75c3c5b5def726b6d71f66d2086defad6cc1d54015f057f956_ppc64le",
"8Base-RHOL-5.7:openshift-logging/fluentd-rhel8@sha256:9e35721ad22c9c67e6bd49f7978c495d72743ad43c21425cb97a57b5f6d03653_s390x",
"8Base-RHOL-5.7:openshift-logging/fluentd-rhel8@sha256:c082515ff5bcaaf305b24d24b488b2d91627894872b2f2074f7bfa64e0baf313_arm64",
"8Base-RHOL-5.7:openshift-logging/kibana6-rhel8@sha256:77a3146e462f9291ea13d13fea97c74b2d59fe84f3dbfc33aafc08837fe5baba_arm64",
"8Base-RHOL-5.7:openshift-logging/kibana6-rhel8@sha256:be0b14bae5a4e42bb760ef93676153d2e9d0eaa72075b745df29ab519223a226_s390x",
"8Base-RHOL-5.7:openshift-logging/kibana6-rhel8@sha256:c8dff12b758f72cb6096c83a9b0e4918efab24e41c60e3dd1db91b561a204a9f_ppc64le",
"8Base-RHOL-5.7:openshift-logging/kibana6-rhel8@sha256:fc848aa0f5d0bd6c39b6d3056c21ae82839bcd627bd06312d7243b4e830d8aa2_amd64",
"8Base-RHOL-5.7:openshift-logging/log-file-metric-exporter-rhel8@sha256:92ff40e217abff467a201e45ebb11330d5352a29d7be3703048a865c7a7aa603_arm64",
"8Base-RHOL-5.7:openshift-logging/log-file-metric-exporter-rhel8@sha256:ad3988a61bd088e3303a28fa823b5a6377d823de2ab12e0b3e490c082077f7b5_amd64",
"8Base-RHOL-5.7:openshift-logging/log-file-metric-exporter-rhel8@sha256:cf228007b8ef6af94bee09d300d4c9917162041b08a91b0556e4083976050b5f_s390x",
"8Base-RHOL-5.7:openshift-logging/log-file-metric-exporter-rhel8@sha256:d5b2f702c19854620778f1a99c07e18c94ad2fd510b8484d2ac53c6ae8c0a8e2_ppc64le",
"8Base-RHOL-5.7:openshift-logging/logging-curator5-rhel8@sha256:12c1aafdb570d4a58c89d12d50dc129ee6f1eeb2a67d3e05a2a23d96d7d17d9c_ppc64le",
"8Base-RHOL-5.7:openshift-logging/logging-curator5-rhel8@sha256:5c0cf908612a36333722f5fed31e266a398db32739dd2e4f074428877b363c85_s390x",
"8Base-RHOL-5.7:openshift-logging/logging-curator5-rhel8@sha256:d3df7e62f2b1893b4f4879b91531b92652547aa4453fd1bfdc9558ff5a720a84_arm64",
"8Base-RHOL-5.7:openshift-logging/logging-curator5-rhel8@sha256:d65d8fba95e2313eb97a925c2d4f2a76d3616626c492803d19dcc3548753ecfa_amd64",
"8Base-RHOL-5.7:openshift-logging/logging-loki-rhel8@sha256:16c8e2bf0d537e9a787f2250203f9deae1b5f0f0b28e0520ddf6bf9b9c2e04d7_arm64",
"8Base-RHOL-5.7:openshift-logging/logging-loki-rhel8@sha256:63fffa75040e8322e895f230431f2cee966909d4afc2fef28f694f154c0cf888_amd64",
"8Base-RHOL-5.7:openshift-logging/logging-loki-rhel8@sha256:8b3fdd7f5b498336eff6881c742c59a2f6acdaaaf0ed80141d66170c19e6dfa7_ppc64le",
"8Base-RHOL-5.7:openshift-logging/logging-loki-rhel8@sha256:fcb11d3e6cc848ca774d353117c6a5c4770d455f8a64bce1223296d0afc298ef_s390x",
"8Base-RHOL-5.7:openshift-logging/logging-view-plugin-rhel8@sha256:29aaf15b222d1204253f4f82f3e17015a3fe77b3106580628442316bc2b2d26e_s390x",
"8Base-RHOL-5.7:openshift-logging/logging-view-plugin-rhel8@sha256:50742d41afd16c553729523d8e5e5a6640a2bb9d2d01eb4d18051456bdb422f7_arm64",
"8Base-RHOL-5.7:openshift-logging/logging-view-plugin-rhel8@sha256:cf64b884e6198327d0ed02a86971cd777a12591a3a6ad677703268d22f510bdd_amd64",
"8Base-RHOL-5.7:openshift-logging/logging-view-plugin-rhel8@sha256:ef63d4524f60a38ec8b4ec306f94ac865397d2f1616cdad7ed11722c49b9565e_ppc64le",
"8Base-RHOL-5.7:openshift-logging/loki-operator-bundle@sha256:5667ef8d640391c34ac20562b91a1f723005673d96e54a6ba1d178fa2fa73a32_amd64",
"8Base-RHOL-5.7:openshift-logging/loki-rhel8-operator@sha256:0f762d2a6e7e98b8d1a35df4a3d81677507dd2aea8a7c413aaa268bef2fbbe56_arm64",
"8Base-RHOL-5.7:openshift-logging/loki-rhel8-operator@sha256:1861142f6d9581e572d3086037d5b8264906579df63e7b3ae91f70a3068842f8_amd64",
"8Base-RHOL-5.7:openshift-logging/loki-rhel8-operator@sha256:214c8f4d86ff90cfddafa93dc1c3d5b3304bbfa35d3aec0b5aff30265f988f16_ppc64le",
"8Base-RHOL-5.7:openshift-logging/loki-rhel8-operator@sha256:62a71fd5ea0d3c6c26f06a56795ecca801f1a0ab570f08dfc44bd9b534775e58_s390x",
"8Base-RHOL-5.7:openshift-logging/lokistack-gateway-rhel8@sha256:0d9c0ccdf55842f06ed98efecba60e6614f764bb7e1dbe5861971e8ba8c80404_ppc64le",
"8Base-RHOL-5.7:openshift-logging/lokistack-gateway-rhel8@sha256:59113b0585d5f2ad0e2c61220ec3ead6192e14868f6dd9c143af5d13e6235565_arm64",
"8Base-RHOL-5.7:openshift-logging/lokistack-gateway-rhel8@sha256:9d5bc7af72f5ef08b1b01f9d34da16ed47a6e65dd632cf369c5848c5e89bfb10_amd64",
"8Base-RHOL-5.7:openshift-logging/lokistack-gateway-rhel8@sha256:b46f89c08df34b8ad7f2af805be0e005d9dfdfd94a0fbee6f5820200752ae11e_s390x",
"8Base-RHOL-5.7:openshift-logging/opa-openshift-rhel8@sha256:456a76e7ef5687b45ade9360670c2e3793d38cbca5e132763850a7cfd0861811_arm64",
"8Base-RHOL-5.7:openshift-logging/opa-openshift-rhel8@sha256:543213dd4f0132d51e5823f4bb9ee450b90e85c10bb817475f03404a430c7706_s390x",
"8Base-RHOL-5.7:openshift-logging/opa-openshift-rhel8@sha256:549c0984ba0cc9a54d01f44c2554da6574c16967c87e1a72e3f773802c76f63d_amd64",
"8Base-RHOL-5.7:openshift-logging/opa-openshift-rhel8@sha256:9e5ca10fd6967fa319fcba97aed737c4bdbbad6fbe19e43bc86010e89132669f_ppc64le",
"8Base-RHOL-5.7:openshift-logging/vector-rhel8@sha256:30e6149c0c834f785066f790655e67d17cb71ed68aa79dd7e4f2b7e3b8db8aa3_arm64",
"8Base-RHOL-5.7:openshift-logging/vector-rhel8@sha256:3c659bcf727aca2adff20087b41a5467cc52de825409df3468edb7e9c90fab41_s390x",
"8Base-RHOL-5.7:openshift-logging/vector-rhel8@sha256:7f3f463d22450c505c9a2ac6cca844b2d8a6124379e10beeab2ec8381dad913e_ppc64le",
"8Base-RHOL-5.7:openshift-logging/vector-rhel8@sha256:b63c5ae18c8b759e5e093d92801563355d5b45b85c997a8c294096ef2596615d_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"8Base-RHOL-5.7:openshift-logging/cluster-logging-operator-bundle@sha256:67922a4fa417673d97eca28344c77ba81d4f77cb1b86e1ca532b41a82b6f6520_amd64",
"8Base-RHOL-5.7:openshift-logging/cluster-logging-rhel8-operator@sha256:60f75c6ae180291f7e8eae0dd9999f0c17a74863b20d23f45a675cb427cabcf8_s390x",
"8Base-RHOL-5.7:openshift-logging/cluster-logging-rhel8-operator@sha256:8619dafc0e4d978c2eb63e0dbb0389114bbf93c692dc1477ed776c40e589c677_arm64",
"8Base-RHOL-5.7:openshift-logging/cluster-logging-rhel8-operator@sha256:ae56b7bb5f88e54739e103c16b57eb776661c8942d0d58dae683f33dc839191a_ppc64le",
"8Base-RHOL-5.7:openshift-logging/cluster-logging-rhel8-operator@sha256:c127a5211070607bc6daaa404fb221a91134ee18261691041448fb18203e711b_amd64",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-operator-bundle@sha256:f56e69a40c6f51da46fbaf3fd170f84e20a45bac6c77b3b6d16130ae7be62394_amd64",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-proxy-rhel8@sha256:0abd84da4fd5bf4f2657c0a7ba2f8fd8b878c15121fccbe8fb5f461b2ea5a9b3_ppc64le",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-proxy-rhel8@sha256:160985f4c009f8cce7b36c1142756f25ff2413937da194facc6bc85cb0863551_s390x",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-proxy-rhel8@sha256:22a97db8a595aaa758027b30c7fd2cf3ea0ae6c4d0b70766f8124d8eb17b58c9_arm64",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-proxy-rhel8@sha256:38404132fe318e05f607c0e0ffb78baa25bb9477f53f40436b0cc50d21dd52bb_amd64",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-rhel8-operator@sha256:5aaa60e772fd3f47d7b12d12c2eb55176803175656f834c48ed5003bf6c80600_ppc64le",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-rhel8-operator@sha256:61c30851d3d9f544c37c7616ec8a4ba34b7b37f3555960d0c8fa2be78f44947f_amd64",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-rhel8-operator@sha256:ab54ef61832141f7675d3dc8d59edf99c3cdd1125c74e222492949c180964452_arm64",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-rhel8-operator@sha256:fa36283092c27cd60761703d1eee07b92358dfe1157273b51b37b583a6060b35_s390x",
"8Base-RHOL-5.7:openshift-logging/elasticsearch6-rhel8@sha256:4685b2792af31c22d64220aaf7693e121826fdc2d8acd5be7bd0557995b8dea0_ppc64le",
"8Base-RHOL-5.7:openshift-logging/elasticsearch6-rhel8@sha256:611cef3b88e71c24f002e3a37de6883f54ca0e8eb9f8b60aff41ab2dcb249745_amd64",
"8Base-RHOL-5.7:openshift-logging/elasticsearch6-rhel8@sha256:9c28c1ef4a26ab31a9de8941b22705cea8e85918df5e9997cd07ede5bd04e512_arm64",
"8Base-RHOL-5.7:openshift-logging/elasticsearch6-rhel8@sha256:cc65e3adf0590cd58a073f351be36a2bc60ea1aa0183a0c9dcb9ae726830a078_s390x",
"8Base-RHOL-5.7:openshift-logging/eventrouter-rhel8@sha256:05c5123b3c5757f6239327c7ee96d2ce9fecbeef1dc39feade38d9417941122d_s390x",
"8Base-RHOL-5.7:openshift-logging/eventrouter-rhel8@sha256:62134203e3d02a92b4ea0f0f6b96a4046806c655f9b8358de7576a57624a7574_arm64",
"8Base-RHOL-5.7:openshift-logging/eventrouter-rhel8@sha256:9a9fc94b921453a383a8e2503bb8ff4e1d5290a541d5819ea15b263f10589357_amd64",
"8Base-RHOL-5.7:openshift-logging/eventrouter-rhel8@sha256:f8ff9fda083e55a5113ba614c739d83d52ee3115429075d0eb03fea2e9d5d711_ppc64le",
"8Base-RHOL-5.7:openshift-logging/fluentd-rhel8@sha256:3d3d4d46d57443ea5aea72a711126ff46b217129f089864f027b1ed2b45e393c_amd64",
"8Base-RHOL-5.7:openshift-logging/fluentd-rhel8@sha256:5dd0468121013d75c3c5b5def726b6d71f66d2086defad6cc1d54015f057f956_ppc64le",
"8Base-RHOL-5.7:openshift-logging/fluentd-rhel8@sha256:9e35721ad22c9c67e6bd49f7978c495d72743ad43c21425cb97a57b5f6d03653_s390x",
"8Base-RHOL-5.7:openshift-logging/fluentd-rhel8@sha256:c082515ff5bcaaf305b24d24b488b2d91627894872b2f2074f7bfa64e0baf313_arm64",
"8Base-RHOL-5.7:openshift-logging/kibana6-rhel8@sha256:77a3146e462f9291ea13d13fea97c74b2d59fe84f3dbfc33aafc08837fe5baba_arm64",
"8Base-RHOL-5.7:openshift-logging/kibana6-rhel8@sha256:be0b14bae5a4e42bb760ef93676153d2e9d0eaa72075b745df29ab519223a226_s390x",
"8Base-RHOL-5.7:openshift-logging/kibana6-rhel8@sha256:c8dff12b758f72cb6096c83a9b0e4918efab24e41c60e3dd1db91b561a204a9f_ppc64le",
"8Base-RHOL-5.7:openshift-logging/kibana6-rhel8@sha256:fc848aa0f5d0bd6c39b6d3056c21ae82839bcd627bd06312d7243b4e830d8aa2_amd64",
"8Base-RHOL-5.7:openshift-logging/log-file-metric-exporter-rhel8@sha256:92ff40e217abff467a201e45ebb11330d5352a29d7be3703048a865c7a7aa603_arm64",
"8Base-RHOL-5.7:openshift-logging/log-file-metric-exporter-rhel8@sha256:ad3988a61bd088e3303a28fa823b5a6377d823de2ab12e0b3e490c082077f7b5_amd64",
"8Base-RHOL-5.7:openshift-logging/log-file-metric-exporter-rhel8@sha256:cf228007b8ef6af94bee09d300d4c9917162041b08a91b0556e4083976050b5f_s390x",
"8Base-RHOL-5.7:openshift-logging/log-file-metric-exporter-rhel8@sha256:d5b2f702c19854620778f1a99c07e18c94ad2fd510b8484d2ac53c6ae8c0a8e2_ppc64le",
"8Base-RHOL-5.7:openshift-logging/logging-curator5-rhel8@sha256:12c1aafdb570d4a58c89d12d50dc129ee6f1eeb2a67d3e05a2a23d96d7d17d9c_ppc64le",
"8Base-RHOL-5.7:openshift-logging/logging-curator5-rhel8@sha256:5c0cf908612a36333722f5fed31e266a398db32739dd2e4f074428877b363c85_s390x",
"8Base-RHOL-5.7:openshift-logging/logging-curator5-rhel8@sha256:d3df7e62f2b1893b4f4879b91531b92652547aa4453fd1bfdc9558ff5a720a84_arm64",
"8Base-RHOL-5.7:openshift-logging/logging-curator5-rhel8@sha256:d65d8fba95e2313eb97a925c2d4f2a76d3616626c492803d19dcc3548753ecfa_amd64",
"8Base-RHOL-5.7:openshift-logging/logging-loki-rhel8@sha256:16c8e2bf0d537e9a787f2250203f9deae1b5f0f0b28e0520ddf6bf9b9c2e04d7_arm64",
"8Base-RHOL-5.7:openshift-logging/logging-loki-rhel8@sha256:63fffa75040e8322e895f230431f2cee966909d4afc2fef28f694f154c0cf888_amd64",
"8Base-RHOL-5.7:openshift-logging/logging-loki-rhel8@sha256:8b3fdd7f5b498336eff6881c742c59a2f6acdaaaf0ed80141d66170c19e6dfa7_ppc64le",
"8Base-RHOL-5.7:openshift-logging/logging-loki-rhel8@sha256:fcb11d3e6cc848ca774d353117c6a5c4770d455f8a64bce1223296d0afc298ef_s390x",
"8Base-RHOL-5.7:openshift-logging/logging-view-plugin-rhel8@sha256:29aaf15b222d1204253f4f82f3e17015a3fe77b3106580628442316bc2b2d26e_s390x",
"8Base-RHOL-5.7:openshift-logging/logging-view-plugin-rhel8@sha256:50742d41afd16c553729523d8e5e5a6640a2bb9d2d01eb4d18051456bdb422f7_arm64",
"8Base-RHOL-5.7:openshift-logging/logging-view-plugin-rhel8@sha256:cf64b884e6198327d0ed02a86971cd777a12591a3a6ad677703268d22f510bdd_amd64",
"8Base-RHOL-5.7:openshift-logging/logging-view-plugin-rhel8@sha256:ef63d4524f60a38ec8b4ec306f94ac865397d2f1616cdad7ed11722c49b9565e_ppc64le",
"8Base-RHOL-5.7:openshift-logging/loki-operator-bundle@sha256:5667ef8d640391c34ac20562b91a1f723005673d96e54a6ba1d178fa2fa73a32_amd64",
"8Base-RHOL-5.7:openshift-logging/loki-rhel8-operator@sha256:0f762d2a6e7e98b8d1a35df4a3d81677507dd2aea8a7c413aaa268bef2fbbe56_arm64",
"8Base-RHOL-5.7:openshift-logging/loki-rhel8-operator@sha256:1861142f6d9581e572d3086037d5b8264906579df63e7b3ae91f70a3068842f8_amd64",
"8Base-RHOL-5.7:openshift-logging/loki-rhel8-operator@sha256:214c8f4d86ff90cfddafa93dc1c3d5b3304bbfa35d3aec0b5aff30265f988f16_ppc64le",
"8Base-RHOL-5.7:openshift-logging/loki-rhel8-operator@sha256:62a71fd5ea0d3c6c26f06a56795ecca801f1a0ab570f08dfc44bd9b534775e58_s390x",
"8Base-RHOL-5.7:openshift-logging/lokistack-gateway-rhel8@sha256:0d9c0ccdf55842f06ed98efecba60e6614f764bb7e1dbe5861971e8ba8c80404_ppc64le",
"8Base-RHOL-5.7:openshift-logging/lokistack-gateway-rhel8@sha256:59113b0585d5f2ad0e2c61220ec3ead6192e14868f6dd9c143af5d13e6235565_arm64",
"8Base-RHOL-5.7:openshift-logging/lokistack-gateway-rhel8@sha256:9d5bc7af72f5ef08b1b01f9d34da16ed47a6e65dd632cf369c5848c5e89bfb10_amd64",
"8Base-RHOL-5.7:openshift-logging/lokistack-gateway-rhel8@sha256:b46f89c08df34b8ad7f2af805be0e005d9dfdfd94a0fbee6f5820200752ae11e_s390x",
"8Base-RHOL-5.7:openshift-logging/opa-openshift-rhel8@sha256:456a76e7ef5687b45ade9360670c2e3793d38cbca5e132763850a7cfd0861811_arm64",
"8Base-RHOL-5.7:openshift-logging/opa-openshift-rhel8@sha256:543213dd4f0132d51e5823f4bb9ee450b90e85c10bb817475f03404a430c7706_s390x",
"8Base-RHOL-5.7:openshift-logging/opa-openshift-rhel8@sha256:549c0984ba0cc9a54d01f44c2554da6574c16967c87e1a72e3f773802c76f63d_amd64",
"8Base-RHOL-5.7:openshift-logging/opa-openshift-rhel8@sha256:9e5ca10fd6967fa319fcba97aed737c4bdbbad6fbe19e43bc86010e89132669f_ppc64le",
"8Base-RHOL-5.7:openshift-logging/vector-rhel8@sha256:30e6149c0c834f785066f790655e67d17cb71ed68aa79dd7e4f2b7e3b8db8aa3_arm64",
"8Base-RHOL-5.7:openshift-logging/vector-rhel8@sha256:3c659bcf727aca2adff20087b41a5467cc52de825409df3468edb7e9c90fab41_s390x",
"8Base-RHOL-5.7:openshift-logging/vector-rhel8@sha256:7f3f463d22450c505c9a2ac6cca844b2d8a6124379e10beeab2ec8381dad913e_ppc64le",
"8Base-RHOL-5.7:openshift-logging/vector-rhel8@sha256:b63c5ae18c8b759e5e093d92801563355d5b45b85c997a8c294096ef2596615d_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "rubygem-rack: denial of service in header parsing"
},
{
"cve": "CVE-2023-28120",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2023-03-15T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHOL-5.7:openshift-logging/cluster-logging-operator-bundle@sha256:67922a4fa417673d97eca28344c77ba81d4f77cb1b86e1ca532b41a82b6f6520_amd64",
"8Base-RHOL-5.7:openshift-logging/cluster-logging-rhel8-operator@sha256:60f75c6ae180291f7e8eae0dd9999f0c17a74863b20d23f45a675cb427cabcf8_s390x",
"8Base-RHOL-5.7:openshift-logging/cluster-logging-rhel8-operator@sha256:8619dafc0e4d978c2eb63e0dbb0389114bbf93c692dc1477ed776c40e589c677_arm64",
"8Base-RHOL-5.7:openshift-logging/cluster-logging-rhel8-operator@sha256:ae56b7bb5f88e54739e103c16b57eb776661c8942d0d58dae683f33dc839191a_ppc64le",
"8Base-RHOL-5.7:openshift-logging/cluster-logging-rhel8-operator@sha256:c127a5211070607bc6daaa404fb221a91134ee18261691041448fb18203e711b_amd64",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-operator-bundle@sha256:f56e69a40c6f51da46fbaf3fd170f84e20a45bac6c77b3b6d16130ae7be62394_amd64",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-proxy-rhel8@sha256:0abd84da4fd5bf4f2657c0a7ba2f8fd8b878c15121fccbe8fb5f461b2ea5a9b3_ppc64le",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-proxy-rhel8@sha256:160985f4c009f8cce7b36c1142756f25ff2413937da194facc6bc85cb0863551_s390x",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-proxy-rhel8@sha256:22a97db8a595aaa758027b30c7fd2cf3ea0ae6c4d0b70766f8124d8eb17b58c9_arm64",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-proxy-rhel8@sha256:38404132fe318e05f607c0e0ffb78baa25bb9477f53f40436b0cc50d21dd52bb_amd64",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-rhel8-operator@sha256:5aaa60e772fd3f47d7b12d12c2eb55176803175656f834c48ed5003bf6c80600_ppc64le",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-rhel8-operator@sha256:61c30851d3d9f544c37c7616ec8a4ba34b7b37f3555960d0c8fa2be78f44947f_amd64",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-rhel8-operator@sha256:ab54ef61832141f7675d3dc8d59edf99c3cdd1125c74e222492949c180964452_arm64",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-rhel8-operator@sha256:fa36283092c27cd60761703d1eee07b92358dfe1157273b51b37b583a6060b35_s390x",
"8Base-RHOL-5.7:openshift-logging/elasticsearch6-rhel8@sha256:4685b2792af31c22d64220aaf7693e121826fdc2d8acd5be7bd0557995b8dea0_ppc64le",
"8Base-RHOL-5.7:openshift-logging/elasticsearch6-rhel8@sha256:611cef3b88e71c24f002e3a37de6883f54ca0e8eb9f8b60aff41ab2dcb249745_amd64",
"8Base-RHOL-5.7:openshift-logging/elasticsearch6-rhel8@sha256:9c28c1ef4a26ab31a9de8941b22705cea8e85918df5e9997cd07ede5bd04e512_arm64",
"8Base-RHOL-5.7:openshift-logging/elasticsearch6-rhel8@sha256:cc65e3adf0590cd58a073f351be36a2bc60ea1aa0183a0c9dcb9ae726830a078_s390x",
"8Base-RHOL-5.7:openshift-logging/eventrouter-rhel8@sha256:05c5123b3c5757f6239327c7ee96d2ce9fecbeef1dc39feade38d9417941122d_s390x",
"8Base-RHOL-5.7:openshift-logging/eventrouter-rhel8@sha256:62134203e3d02a92b4ea0f0f6b96a4046806c655f9b8358de7576a57624a7574_arm64",
"8Base-RHOL-5.7:openshift-logging/eventrouter-rhel8@sha256:9a9fc94b921453a383a8e2503bb8ff4e1d5290a541d5819ea15b263f10589357_amd64",
"8Base-RHOL-5.7:openshift-logging/eventrouter-rhel8@sha256:f8ff9fda083e55a5113ba614c739d83d52ee3115429075d0eb03fea2e9d5d711_ppc64le",
"8Base-RHOL-5.7:openshift-logging/kibana6-rhel8@sha256:77a3146e462f9291ea13d13fea97c74b2d59fe84f3dbfc33aafc08837fe5baba_arm64",
"8Base-RHOL-5.7:openshift-logging/kibana6-rhel8@sha256:be0b14bae5a4e42bb760ef93676153d2e9d0eaa72075b745df29ab519223a226_s390x",
"8Base-RHOL-5.7:openshift-logging/kibana6-rhel8@sha256:c8dff12b758f72cb6096c83a9b0e4918efab24e41c60e3dd1db91b561a204a9f_ppc64le",
"8Base-RHOL-5.7:openshift-logging/kibana6-rhel8@sha256:fc848aa0f5d0bd6c39b6d3056c21ae82839bcd627bd06312d7243b4e830d8aa2_amd64",
"8Base-RHOL-5.7:openshift-logging/log-file-metric-exporter-rhel8@sha256:92ff40e217abff467a201e45ebb11330d5352a29d7be3703048a865c7a7aa603_arm64",
"8Base-RHOL-5.7:openshift-logging/log-file-metric-exporter-rhel8@sha256:ad3988a61bd088e3303a28fa823b5a6377d823de2ab12e0b3e490c082077f7b5_amd64",
"8Base-RHOL-5.7:openshift-logging/log-file-metric-exporter-rhel8@sha256:cf228007b8ef6af94bee09d300d4c9917162041b08a91b0556e4083976050b5f_s390x",
"8Base-RHOL-5.7:openshift-logging/log-file-metric-exporter-rhel8@sha256:d5b2f702c19854620778f1a99c07e18c94ad2fd510b8484d2ac53c6ae8c0a8e2_ppc64le",
"8Base-RHOL-5.7:openshift-logging/logging-curator5-rhel8@sha256:12c1aafdb570d4a58c89d12d50dc129ee6f1eeb2a67d3e05a2a23d96d7d17d9c_ppc64le",
"8Base-RHOL-5.7:openshift-logging/logging-curator5-rhel8@sha256:5c0cf908612a36333722f5fed31e266a398db32739dd2e4f074428877b363c85_s390x",
"8Base-RHOL-5.7:openshift-logging/logging-curator5-rhel8@sha256:d3df7e62f2b1893b4f4879b91531b92652547aa4453fd1bfdc9558ff5a720a84_arm64",
"8Base-RHOL-5.7:openshift-logging/logging-curator5-rhel8@sha256:d65d8fba95e2313eb97a925c2d4f2a76d3616626c492803d19dcc3548753ecfa_amd64",
"8Base-RHOL-5.7:openshift-logging/logging-loki-rhel8@sha256:16c8e2bf0d537e9a787f2250203f9deae1b5f0f0b28e0520ddf6bf9b9c2e04d7_arm64",
"8Base-RHOL-5.7:openshift-logging/logging-loki-rhel8@sha256:63fffa75040e8322e895f230431f2cee966909d4afc2fef28f694f154c0cf888_amd64",
"8Base-RHOL-5.7:openshift-logging/logging-loki-rhel8@sha256:8b3fdd7f5b498336eff6881c742c59a2f6acdaaaf0ed80141d66170c19e6dfa7_ppc64le",
"8Base-RHOL-5.7:openshift-logging/logging-loki-rhel8@sha256:fcb11d3e6cc848ca774d353117c6a5c4770d455f8a64bce1223296d0afc298ef_s390x",
"8Base-RHOL-5.7:openshift-logging/logging-view-plugin-rhel8@sha256:29aaf15b222d1204253f4f82f3e17015a3fe77b3106580628442316bc2b2d26e_s390x",
"8Base-RHOL-5.7:openshift-logging/logging-view-plugin-rhel8@sha256:50742d41afd16c553729523d8e5e5a6640a2bb9d2d01eb4d18051456bdb422f7_arm64",
"8Base-RHOL-5.7:openshift-logging/logging-view-plugin-rhel8@sha256:cf64b884e6198327d0ed02a86971cd777a12591a3a6ad677703268d22f510bdd_amd64",
"8Base-RHOL-5.7:openshift-logging/logging-view-plugin-rhel8@sha256:ef63d4524f60a38ec8b4ec306f94ac865397d2f1616cdad7ed11722c49b9565e_ppc64le",
"8Base-RHOL-5.7:openshift-logging/loki-operator-bundle@sha256:5667ef8d640391c34ac20562b91a1f723005673d96e54a6ba1d178fa2fa73a32_amd64",
"8Base-RHOL-5.7:openshift-logging/loki-rhel8-operator@sha256:0f762d2a6e7e98b8d1a35df4a3d81677507dd2aea8a7c413aaa268bef2fbbe56_arm64",
"8Base-RHOL-5.7:openshift-logging/loki-rhel8-operator@sha256:1861142f6d9581e572d3086037d5b8264906579df63e7b3ae91f70a3068842f8_amd64",
"8Base-RHOL-5.7:openshift-logging/loki-rhel8-operator@sha256:214c8f4d86ff90cfddafa93dc1c3d5b3304bbfa35d3aec0b5aff30265f988f16_ppc64le",
"8Base-RHOL-5.7:openshift-logging/loki-rhel8-operator@sha256:62a71fd5ea0d3c6c26f06a56795ecca801f1a0ab570f08dfc44bd9b534775e58_s390x",
"8Base-RHOL-5.7:openshift-logging/lokistack-gateway-rhel8@sha256:0d9c0ccdf55842f06ed98efecba60e6614f764bb7e1dbe5861971e8ba8c80404_ppc64le",
"8Base-RHOL-5.7:openshift-logging/lokistack-gateway-rhel8@sha256:59113b0585d5f2ad0e2c61220ec3ead6192e14868f6dd9c143af5d13e6235565_arm64",
"8Base-RHOL-5.7:openshift-logging/lokistack-gateway-rhel8@sha256:9d5bc7af72f5ef08b1b01f9d34da16ed47a6e65dd632cf369c5848c5e89bfb10_amd64",
"8Base-RHOL-5.7:openshift-logging/lokistack-gateway-rhel8@sha256:b46f89c08df34b8ad7f2af805be0e005d9dfdfd94a0fbee6f5820200752ae11e_s390x",
"8Base-RHOL-5.7:openshift-logging/opa-openshift-rhel8@sha256:456a76e7ef5687b45ade9360670c2e3793d38cbca5e132763850a7cfd0861811_arm64",
"8Base-RHOL-5.7:openshift-logging/opa-openshift-rhel8@sha256:543213dd4f0132d51e5823f4bb9ee450b90e85c10bb817475f03404a430c7706_s390x",
"8Base-RHOL-5.7:openshift-logging/opa-openshift-rhel8@sha256:549c0984ba0cc9a54d01f44c2554da6574c16967c87e1a72e3f773802c76f63d_amd64",
"8Base-RHOL-5.7:openshift-logging/opa-openshift-rhel8@sha256:9e5ca10fd6967fa319fcba97aed737c4bdbbad6fbe19e43bc86010e89132669f_ppc64le",
"8Base-RHOL-5.7:openshift-logging/vector-rhel8@sha256:30e6149c0c834f785066f790655e67d17cb71ed68aa79dd7e4f2b7e3b8db8aa3_arm64",
"8Base-RHOL-5.7:openshift-logging/vector-rhel8@sha256:3c659bcf727aca2adff20087b41a5467cc52de825409df3468edb7e9c90fab41_s390x",
"8Base-RHOL-5.7:openshift-logging/vector-rhel8@sha256:7f3f463d22450c505c9a2ac6cca844b2d8a6124379e10beeab2ec8381dad913e_ppc64le",
"8Base-RHOL-5.7:openshift-logging/vector-rhel8@sha256:b63c5ae18c8b759e5e093d92801563355d5b45b85c997a8c294096ef2596615d_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2179637"
}
],
"notes": [
{
"category": "description",
"text": "A Cross-Site-Scripting vulnerability was found in rubygem ActiveSupport. If the new bytesplice method is called on a SafeBuffer with untrusted user input, malicious code could be executed.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "rubygem-activesupport: Possible XSS in SafeBuffer#bytesplice",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOL-5.7:openshift-logging/fluentd-rhel8@sha256:3d3d4d46d57443ea5aea72a711126ff46b217129f089864f027b1ed2b45e393c_amd64",
"8Base-RHOL-5.7:openshift-logging/fluentd-rhel8@sha256:5dd0468121013d75c3c5b5def726b6d71f66d2086defad6cc1d54015f057f956_ppc64le",
"8Base-RHOL-5.7:openshift-logging/fluentd-rhel8@sha256:9e35721ad22c9c67e6bd49f7978c495d72743ad43c21425cb97a57b5f6d03653_s390x",
"8Base-RHOL-5.7:openshift-logging/fluentd-rhel8@sha256:c082515ff5bcaaf305b24d24b488b2d91627894872b2f2074f7bfa64e0baf313_arm64"
],
"known_not_affected": [
"8Base-RHOL-5.7:openshift-logging/cluster-logging-operator-bundle@sha256:67922a4fa417673d97eca28344c77ba81d4f77cb1b86e1ca532b41a82b6f6520_amd64",
"8Base-RHOL-5.7:openshift-logging/cluster-logging-rhel8-operator@sha256:60f75c6ae180291f7e8eae0dd9999f0c17a74863b20d23f45a675cb427cabcf8_s390x",
"8Base-RHOL-5.7:openshift-logging/cluster-logging-rhel8-operator@sha256:8619dafc0e4d978c2eb63e0dbb0389114bbf93c692dc1477ed776c40e589c677_arm64",
"8Base-RHOL-5.7:openshift-logging/cluster-logging-rhel8-operator@sha256:ae56b7bb5f88e54739e103c16b57eb776661c8942d0d58dae683f33dc839191a_ppc64le",
"8Base-RHOL-5.7:openshift-logging/cluster-logging-rhel8-operator@sha256:c127a5211070607bc6daaa404fb221a91134ee18261691041448fb18203e711b_amd64",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-operator-bundle@sha256:f56e69a40c6f51da46fbaf3fd170f84e20a45bac6c77b3b6d16130ae7be62394_amd64",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-proxy-rhel8@sha256:0abd84da4fd5bf4f2657c0a7ba2f8fd8b878c15121fccbe8fb5f461b2ea5a9b3_ppc64le",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-proxy-rhel8@sha256:160985f4c009f8cce7b36c1142756f25ff2413937da194facc6bc85cb0863551_s390x",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-proxy-rhel8@sha256:22a97db8a595aaa758027b30c7fd2cf3ea0ae6c4d0b70766f8124d8eb17b58c9_arm64",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-proxy-rhel8@sha256:38404132fe318e05f607c0e0ffb78baa25bb9477f53f40436b0cc50d21dd52bb_amd64",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-rhel8-operator@sha256:5aaa60e772fd3f47d7b12d12c2eb55176803175656f834c48ed5003bf6c80600_ppc64le",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-rhel8-operator@sha256:61c30851d3d9f544c37c7616ec8a4ba34b7b37f3555960d0c8fa2be78f44947f_amd64",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-rhel8-operator@sha256:ab54ef61832141f7675d3dc8d59edf99c3cdd1125c74e222492949c180964452_arm64",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-rhel8-operator@sha256:fa36283092c27cd60761703d1eee07b92358dfe1157273b51b37b583a6060b35_s390x",
"8Base-RHOL-5.7:openshift-logging/elasticsearch6-rhel8@sha256:4685b2792af31c22d64220aaf7693e121826fdc2d8acd5be7bd0557995b8dea0_ppc64le",
"8Base-RHOL-5.7:openshift-logging/elasticsearch6-rhel8@sha256:611cef3b88e71c24f002e3a37de6883f54ca0e8eb9f8b60aff41ab2dcb249745_amd64",
"8Base-RHOL-5.7:openshift-logging/elasticsearch6-rhel8@sha256:9c28c1ef4a26ab31a9de8941b22705cea8e85918df5e9997cd07ede5bd04e512_arm64",
"8Base-RHOL-5.7:openshift-logging/elasticsearch6-rhel8@sha256:cc65e3adf0590cd58a073f351be36a2bc60ea1aa0183a0c9dcb9ae726830a078_s390x",
"8Base-RHOL-5.7:openshift-logging/eventrouter-rhel8@sha256:05c5123b3c5757f6239327c7ee96d2ce9fecbeef1dc39feade38d9417941122d_s390x",
"8Base-RHOL-5.7:openshift-logging/eventrouter-rhel8@sha256:62134203e3d02a92b4ea0f0f6b96a4046806c655f9b8358de7576a57624a7574_arm64",
"8Base-RHOL-5.7:openshift-logging/eventrouter-rhel8@sha256:9a9fc94b921453a383a8e2503bb8ff4e1d5290a541d5819ea15b263f10589357_amd64",
"8Base-RHOL-5.7:openshift-logging/eventrouter-rhel8@sha256:f8ff9fda083e55a5113ba614c739d83d52ee3115429075d0eb03fea2e9d5d711_ppc64le",
"8Base-RHOL-5.7:openshift-logging/kibana6-rhel8@sha256:77a3146e462f9291ea13d13fea97c74b2d59fe84f3dbfc33aafc08837fe5baba_arm64",
"8Base-RHOL-5.7:openshift-logging/kibana6-rhel8@sha256:be0b14bae5a4e42bb760ef93676153d2e9d0eaa72075b745df29ab519223a226_s390x",
"8Base-RHOL-5.7:openshift-logging/kibana6-rhel8@sha256:c8dff12b758f72cb6096c83a9b0e4918efab24e41c60e3dd1db91b561a204a9f_ppc64le",
"8Base-RHOL-5.7:openshift-logging/kibana6-rhel8@sha256:fc848aa0f5d0bd6c39b6d3056c21ae82839bcd627bd06312d7243b4e830d8aa2_amd64",
"8Base-RHOL-5.7:openshift-logging/log-file-metric-exporter-rhel8@sha256:92ff40e217abff467a201e45ebb11330d5352a29d7be3703048a865c7a7aa603_arm64",
"8Base-RHOL-5.7:openshift-logging/log-file-metric-exporter-rhel8@sha256:ad3988a61bd088e3303a28fa823b5a6377d823de2ab12e0b3e490c082077f7b5_amd64",
"8Base-RHOL-5.7:openshift-logging/log-file-metric-exporter-rhel8@sha256:cf228007b8ef6af94bee09d300d4c9917162041b08a91b0556e4083976050b5f_s390x",
"8Base-RHOL-5.7:openshift-logging/log-file-metric-exporter-rhel8@sha256:d5b2f702c19854620778f1a99c07e18c94ad2fd510b8484d2ac53c6ae8c0a8e2_ppc64le",
"8Base-RHOL-5.7:openshift-logging/logging-curator5-rhel8@sha256:12c1aafdb570d4a58c89d12d50dc129ee6f1eeb2a67d3e05a2a23d96d7d17d9c_ppc64le",
"8Base-RHOL-5.7:openshift-logging/logging-curator5-rhel8@sha256:5c0cf908612a36333722f5fed31e266a398db32739dd2e4f074428877b363c85_s390x",
"8Base-RHOL-5.7:openshift-logging/logging-curator5-rhel8@sha256:d3df7e62f2b1893b4f4879b91531b92652547aa4453fd1bfdc9558ff5a720a84_arm64",
"8Base-RHOL-5.7:openshift-logging/logging-curator5-rhel8@sha256:d65d8fba95e2313eb97a925c2d4f2a76d3616626c492803d19dcc3548753ecfa_amd64",
"8Base-RHOL-5.7:openshift-logging/logging-loki-rhel8@sha256:16c8e2bf0d537e9a787f2250203f9deae1b5f0f0b28e0520ddf6bf9b9c2e04d7_arm64",
"8Base-RHOL-5.7:openshift-logging/logging-loki-rhel8@sha256:63fffa75040e8322e895f230431f2cee966909d4afc2fef28f694f154c0cf888_amd64",
"8Base-RHOL-5.7:openshift-logging/logging-loki-rhel8@sha256:8b3fdd7f5b498336eff6881c742c59a2f6acdaaaf0ed80141d66170c19e6dfa7_ppc64le",
"8Base-RHOL-5.7:openshift-logging/logging-loki-rhel8@sha256:fcb11d3e6cc848ca774d353117c6a5c4770d455f8a64bce1223296d0afc298ef_s390x",
"8Base-RHOL-5.7:openshift-logging/logging-view-plugin-rhel8@sha256:29aaf15b222d1204253f4f82f3e17015a3fe77b3106580628442316bc2b2d26e_s390x",
"8Base-RHOL-5.7:openshift-logging/logging-view-plugin-rhel8@sha256:50742d41afd16c553729523d8e5e5a6640a2bb9d2d01eb4d18051456bdb422f7_arm64",
"8Base-RHOL-5.7:openshift-logging/logging-view-plugin-rhel8@sha256:cf64b884e6198327d0ed02a86971cd777a12591a3a6ad677703268d22f510bdd_amd64",
"8Base-RHOL-5.7:openshift-logging/logging-view-plugin-rhel8@sha256:ef63d4524f60a38ec8b4ec306f94ac865397d2f1616cdad7ed11722c49b9565e_ppc64le",
"8Base-RHOL-5.7:openshift-logging/loki-operator-bundle@sha256:5667ef8d640391c34ac20562b91a1f723005673d96e54a6ba1d178fa2fa73a32_amd64",
"8Base-RHOL-5.7:openshift-logging/loki-rhel8-operator@sha256:0f762d2a6e7e98b8d1a35df4a3d81677507dd2aea8a7c413aaa268bef2fbbe56_arm64",
"8Base-RHOL-5.7:openshift-logging/loki-rhel8-operator@sha256:1861142f6d9581e572d3086037d5b8264906579df63e7b3ae91f70a3068842f8_amd64",
"8Base-RHOL-5.7:openshift-logging/loki-rhel8-operator@sha256:214c8f4d86ff90cfddafa93dc1c3d5b3304bbfa35d3aec0b5aff30265f988f16_ppc64le",
"8Base-RHOL-5.7:openshift-logging/loki-rhel8-operator@sha256:62a71fd5ea0d3c6c26f06a56795ecca801f1a0ab570f08dfc44bd9b534775e58_s390x",
"8Base-RHOL-5.7:openshift-logging/lokistack-gateway-rhel8@sha256:0d9c0ccdf55842f06ed98efecba60e6614f764bb7e1dbe5861971e8ba8c80404_ppc64le",
"8Base-RHOL-5.7:openshift-logging/lokistack-gateway-rhel8@sha256:59113b0585d5f2ad0e2c61220ec3ead6192e14868f6dd9c143af5d13e6235565_arm64",
"8Base-RHOL-5.7:openshift-logging/lokistack-gateway-rhel8@sha256:9d5bc7af72f5ef08b1b01f9d34da16ed47a6e65dd632cf369c5848c5e89bfb10_amd64",
"8Base-RHOL-5.7:openshift-logging/lokistack-gateway-rhel8@sha256:b46f89c08df34b8ad7f2af805be0e005d9dfdfd94a0fbee6f5820200752ae11e_s390x",
"8Base-RHOL-5.7:openshift-logging/opa-openshift-rhel8@sha256:456a76e7ef5687b45ade9360670c2e3793d38cbca5e132763850a7cfd0861811_arm64",
"8Base-RHOL-5.7:openshift-logging/opa-openshift-rhel8@sha256:543213dd4f0132d51e5823f4bb9ee450b90e85c10bb817475f03404a430c7706_s390x",
"8Base-RHOL-5.7:openshift-logging/opa-openshift-rhel8@sha256:549c0984ba0cc9a54d01f44c2554da6574c16967c87e1a72e3f773802c76f63d_amd64",
"8Base-RHOL-5.7:openshift-logging/opa-openshift-rhel8@sha256:9e5ca10fd6967fa319fcba97aed737c4bdbbad6fbe19e43bc86010e89132669f_ppc64le",
"8Base-RHOL-5.7:openshift-logging/vector-rhel8@sha256:30e6149c0c834f785066f790655e67d17cb71ed68aa79dd7e4f2b7e3b8db8aa3_arm64",
"8Base-RHOL-5.7:openshift-logging/vector-rhel8@sha256:3c659bcf727aca2adff20087b41a5467cc52de825409df3468edb7e9c90fab41_s390x",
"8Base-RHOL-5.7:openshift-logging/vector-rhel8@sha256:7f3f463d22450c505c9a2ac6cca844b2d8a6124379e10beeab2ec8381dad913e_ppc64le",
"8Base-RHOL-5.7:openshift-logging/vector-rhel8@sha256:b63c5ae18c8b759e5e093d92801563355d5b45b85c997a8c294096ef2596615d_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-28120"
},
{
"category": "external",
"summary": "RHBZ#2179637",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2179637"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-28120",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28120"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-28120",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-28120"
},
{
"category": "external",
"summary": "https://github.com/rubysec/ruby-advisory-db/blob/master/gems/activesupport/CVE-2023-28120.yml",
"url": "https://github.com/rubysec/ruby-advisory-db/blob/master/gems/activesupport/CVE-2023-28120.yml"
}
],
"release_date": "2023-03-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-06-12T19:08:51+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHOL-5.7:openshift-logging/fluentd-rhel8@sha256:3d3d4d46d57443ea5aea72a711126ff46b217129f089864f027b1ed2b45e393c_amd64",
"8Base-RHOL-5.7:openshift-logging/fluentd-rhel8@sha256:5dd0468121013d75c3c5b5def726b6d71f66d2086defad6cc1d54015f057f956_ppc64le",
"8Base-RHOL-5.7:openshift-logging/fluentd-rhel8@sha256:9e35721ad22c9c67e6bd49f7978c495d72743ad43c21425cb97a57b5f6d03653_s390x",
"8Base-RHOL-5.7:openshift-logging/fluentd-rhel8@sha256:c082515ff5bcaaf305b24d24b488b2d91627894872b2f2074f7bfa64e0baf313_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:3495"
},
{
"category": "workaround",
"details": "Avoid calling bytesplice on a SafeBuffer (html_safe) string with untrusted user input.",
"product_ids": [
"8Base-RHOL-5.7:openshift-logging/cluster-logging-operator-bundle@sha256:67922a4fa417673d97eca28344c77ba81d4f77cb1b86e1ca532b41a82b6f6520_amd64",
"8Base-RHOL-5.7:openshift-logging/cluster-logging-rhel8-operator@sha256:60f75c6ae180291f7e8eae0dd9999f0c17a74863b20d23f45a675cb427cabcf8_s390x",
"8Base-RHOL-5.7:openshift-logging/cluster-logging-rhel8-operator@sha256:8619dafc0e4d978c2eb63e0dbb0389114bbf93c692dc1477ed776c40e589c677_arm64",
"8Base-RHOL-5.7:openshift-logging/cluster-logging-rhel8-operator@sha256:ae56b7bb5f88e54739e103c16b57eb776661c8942d0d58dae683f33dc839191a_ppc64le",
"8Base-RHOL-5.7:openshift-logging/cluster-logging-rhel8-operator@sha256:c127a5211070607bc6daaa404fb221a91134ee18261691041448fb18203e711b_amd64",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-operator-bundle@sha256:f56e69a40c6f51da46fbaf3fd170f84e20a45bac6c77b3b6d16130ae7be62394_amd64",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-proxy-rhel8@sha256:0abd84da4fd5bf4f2657c0a7ba2f8fd8b878c15121fccbe8fb5f461b2ea5a9b3_ppc64le",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-proxy-rhel8@sha256:160985f4c009f8cce7b36c1142756f25ff2413937da194facc6bc85cb0863551_s390x",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-proxy-rhel8@sha256:22a97db8a595aaa758027b30c7fd2cf3ea0ae6c4d0b70766f8124d8eb17b58c9_arm64",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-proxy-rhel8@sha256:38404132fe318e05f607c0e0ffb78baa25bb9477f53f40436b0cc50d21dd52bb_amd64",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-rhel8-operator@sha256:5aaa60e772fd3f47d7b12d12c2eb55176803175656f834c48ed5003bf6c80600_ppc64le",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-rhel8-operator@sha256:61c30851d3d9f544c37c7616ec8a4ba34b7b37f3555960d0c8fa2be78f44947f_amd64",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-rhel8-operator@sha256:ab54ef61832141f7675d3dc8d59edf99c3cdd1125c74e222492949c180964452_arm64",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-rhel8-operator@sha256:fa36283092c27cd60761703d1eee07b92358dfe1157273b51b37b583a6060b35_s390x",
"8Base-RHOL-5.7:openshift-logging/elasticsearch6-rhel8@sha256:4685b2792af31c22d64220aaf7693e121826fdc2d8acd5be7bd0557995b8dea0_ppc64le",
"8Base-RHOL-5.7:openshift-logging/elasticsearch6-rhel8@sha256:611cef3b88e71c24f002e3a37de6883f54ca0e8eb9f8b60aff41ab2dcb249745_amd64",
"8Base-RHOL-5.7:openshift-logging/elasticsearch6-rhel8@sha256:9c28c1ef4a26ab31a9de8941b22705cea8e85918df5e9997cd07ede5bd04e512_arm64",
"8Base-RHOL-5.7:openshift-logging/elasticsearch6-rhel8@sha256:cc65e3adf0590cd58a073f351be36a2bc60ea1aa0183a0c9dcb9ae726830a078_s390x",
"8Base-RHOL-5.7:openshift-logging/eventrouter-rhel8@sha256:05c5123b3c5757f6239327c7ee96d2ce9fecbeef1dc39feade38d9417941122d_s390x",
"8Base-RHOL-5.7:openshift-logging/eventrouter-rhel8@sha256:62134203e3d02a92b4ea0f0f6b96a4046806c655f9b8358de7576a57624a7574_arm64",
"8Base-RHOL-5.7:openshift-logging/eventrouter-rhel8@sha256:9a9fc94b921453a383a8e2503bb8ff4e1d5290a541d5819ea15b263f10589357_amd64",
"8Base-RHOL-5.7:openshift-logging/eventrouter-rhel8@sha256:f8ff9fda083e55a5113ba614c739d83d52ee3115429075d0eb03fea2e9d5d711_ppc64le",
"8Base-RHOL-5.7:openshift-logging/fluentd-rhel8@sha256:3d3d4d46d57443ea5aea72a711126ff46b217129f089864f027b1ed2b45e393c_amd64",
"8Base-RHOL-5.7:openshift-logging/fluentd-rhel8@sha256:5dd0468121013d75c3c5b5def726b6d71f66d2086defad6cc1d54015f057f956_ppc64le",
"8Base-RHOL-5.7:openshift-logging/fluentd-rhel8@sha256:9e35721ad22c9c67e6bd49f7978c495d72743ad43c21425cb97a57b5f6d03653_s390x",
"8Base-RHOL-5.7:openshift-logging/fluentd-rhel8@sha256:c082515ff5bcaaf305b24d24b488b2d91627894872b2f2074f7bfa64e0baf313_arm64",
"8Base-RHOL-5.7:openshift-logging/kibana6-rhel8@sha256:77a3146e462f9291ea13d13fea97c74b2d59fe84f3dbfc33aafc08837fe5baba_arm64",
"8Base-RHOL-5.7:openshift-logging/kibana6-rhel8@sha256:be0b14bae5a4e42bb760ef93676153d2e9d0eaa72075b745df29ab519223a226_s390x",
"8Base-RHOL-5.7:openshift-logging/kibana6-rhel8@sha256:c8dff12b758f72cb6096c83a9b0e4918efab24e41c60e3dd1db91b561a204a9f_ppc64le",
"8Base-RHOL-5.7:openshift-logging/kibana6-rhel8@sha256:fc848aa0f5d0bd6c39b6d3056c21ae82839bcd627bd06312d7243b4e830d8aa2_amd64",
"8Base-RHOL-5.7:openshift-logging/log-file-metric-exporter-rhel8@sha256:92ff40e217abff467a201e45ebb11330d5352a29d7be3703048a865c7a7aa603_arm64",
"8Base-RHOL-5.7:openshift-logging/log-file-metric-exporter-rhel8@sha256:ad3988a61bd088e3303a28fa823b5a6377d823de2ab12e0b3e490c082077f7b5_amd64",
"8Base-RHOL-5.7:openshift-logging/log-file-metric-exporter-rhel8@sha256:cf228007b8ef6af94bee09d300d4c9917162041b08a91b0556e4083976050b5f_s390x",
"8Base-RHOL-5.7:openshift-logging/log-file-metric-exporter-rhel8@sha256:d5b2f702c19854620778f1a99c07e18c94ad2fd510b8484d2ac53c6ae8c0a8e2_ppc64le",
"8Base-RHOL-5.7:openshift-logging/logging-curator5-rhel8@sha256:12c1aafdb570d4a58c89d12d50dc129ee6f1eeb2a67d3e05a2a23d96d7d17d9c_ppc64le",
"8Base-RHOL-5.7:openshift-logging/logging-curator5-rhel8@sha256:5c0cf908612a36333722f5fed31e266a398db32739dd2e4f074428877b363c85_s390x",
"8Base-RHOL-5.7:openshift-logging/logging-curator5-rhel8@sha256:d3df7e62f2b1893b4f4879b91531b92652547aa4453fd1bfdc9558ff5a720a84_arm64",
"8Base-RHOL-5.7:openshift-logging/logging-curator5-rhel8@sha256:d65d8fba95e2313eb97a925c2d4f2a76d3616626c492803d19dcc3548753ecfa_amd64",
"8Base-RHOL-5.7:openshift-logging/logging-loki-rhel8@sha256:16c8e2bf0d537e9a787f2250203f9deae1b5f0f0b28e0520ddf6bf9b9c2e04d7_arm64",
"8Base-RHOL-5.7:openshift-logging/logging-loki-rhel8@sha256:63fffa75040e8322e895f230431f2cee966909d4afc2fef28f694f154c0cf888_amd64",
"8Base-RHOL-5.7:openshift-logging/logging-loki-rhel8@sha256:8b3fdd7f5b498336eff6881c742c59a2f6acdaaaf0ed80141d66170c19e6dfa7_ppc64le",
"8Base-RHOL-5.7:openshift-logging/logging-loki-rhel8@sha256:fcb11d3e6cc848ca774d353117c6a5c4770d455f8a64bce1223296d0afc298ef_s390x",
"8Base-RHOL-5.7:openshift-logging/logging-view-plugin-rhel8@sha256:29aaf15b222d1204253f4f82f3e17015a3fe77b3106580628442316bc2b2d26e_s390x",
"8Base-RHOL-5.7:openshift-logging/logging-view-plugin-rhel8@sha256:50742d41afd16c553729523d8e5e5a6640a2bb9d2d01eb4d18051456bdb422f7_arm64",
"8Base-RHOL-5.7:openshift-logging/logging-view-plugin-rhel8@sha256:cf64b884e6198327d0ed02a86971cd777a12591a3a6ad677703268d22f510bdd_amd64",
"8Base-RHOL-5.7:openshift-logging/logging-view-plugin-rhel8@sha256:ef63d4524f60a38ec8b4ec306f94ac865397d2f1616cdad7ed11722c49b9565e_ppc64le",
"8Base-RHOL-5.7:openshift-logging/loki-operator-bundle@sha256:5667ef8d640391c34ac20562b91a1f723005673d96e54a6ba1d178fa2fa73a32_amd64",
"8Base-RHOL-5.7:openshift-logging/loki-rhel8-operator@sha256:0f762d2a6e7e98b8d1a35df4a3d81677507dd2aea8a7c413aaa268bef2fbbe56_arm64",
"8Base-RHOL-5.7:openshift-logging/loki-rhel8-operator@sha256:1861142f6d9581e572d3086037d5b8264906579df63e7b3ae91f70a3068842f8_amd64",
"8Base-RHOL-5.7:openshift-logging/loki-rhel8-operator@sha256:214c8f4d86ff90cfddafa93dc1c3d5b3304bbfa35d3aec0b5aff30265f988f16_ppc64le",
"8Base-RHOL-5.7:openshift-logging/loki-rhel8-operator@sha256:62a71fd5ea0d3c6c26f06a56795ecca801f1a0ab570f08dfc44bd9b534775e58_s390x",
"8Base-RHOL-5.7:openshift-logging/lokistack-gateway-rhel8@sha256:0d9c0ccdf55842f06ed98efecba60e6614f764bb7e1dbe5861971e8ba8c80404_ppc64le",
"8Base-RHOL-5.7:openshift-logging/lokistack-gateway-rhel8@sha256:59113b0585d5f2ad0e2c61220ec3ead6192e14868f6dd9c143af5d13e6235565_arm64",
"8Base-RHOL-5.7:openshift-logging/lokistack-gateway-rhel8@sha256:9d5bc7af72f5ef08b1b01f9d34da16ed47a6e65dd632cf369c5848c5e89bfb10_amd64",
"8Base-RHOL-5.7:openshift-logging/lokistack-gateway-rhel8@sha256:b46f89c08df34b8ad7f2af805be0e005d9dfdfd94a0fbee6f5820200752ae11e_s390x",
"8Base-RHOL-5.7:openshift-logging/opa-openshift-rhel8@sha256:456a76e7ef5687b45ade9360670c2e3793d38cbca5e132763850a7cfd0861811_arm64",
"8Base-RHOL-5.7:openshift-logging/opa-openshift-rhel8@sha256:543213dd4f0132d51e5823f4bb9ee450b90e85c10bb817475f03404a430c7706_s390x",
"8Base-RHOL-5.7:openshift-logging/opa-openshift-rhel8@sha256:549c0984ba0cc9a54d01f44c2554da6574c16967c87e1a72e3f773802c76f63d_amd64",
"8Base-RHOL-5.7:openshift-logging/opa-openshift-rhel8@sha256:9e5ca10fd6967fa319fcba97aed737c4bdbbad6fbe19e43bc86010e89132669f_ppc64le",
"8Base-RHOL-5.7:openshift-logging/vector-rhel8@sha256:30e6149c0c834f785066f790655e67d17cb71ed68aa79dd7e4f2b7e3b8db8aa3_arm64",
"8Base-RHOL-5.7:openshift-logging/vector-rhel8@sha256:3c659bcf727aca2adff20087b41a5467cc52de825409df3468edb7e9c90fab41_s390x",
"8Base-RHOL-5.7:openshift-logging/vector-rhel8@sha256:7f3f463d22450c505c9a2ac6cca844b2d8a6124379e10beeab2ec8381dad913e_ppc64le",
"8Base-RHOL-5.7:openshift-logging/vector-rhel8@sha256:b63c5ae18c8b759e5e093d92801563355d5b45b85c997a8c294096ef2596615d_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"8Base-RHOL-5.7:openshift-logging/cluster-logging-operator-bundle@sha256:67922a4fa417673d97eca28344c77ba81d4f77cb1b86e1ca532b41a82b6f6520_amd64",
"8Base-RHOL-5.7:openshift-logging/cluster-logging-rhel8-operator@sha256:60f75c6ae180291f7e8eae0dd9999f0c17a74863b20d23f45a675cb427cabcf8_s390x",
"8Base-RHOL-5.7:openshift-logging/cluster-logging-rhel8-operator@sha256:8619dafc0e4d978c2eb63e0dbb0389114bbf93c692dc1477ed776c40e589c677_arm64",
"8Base-RHOL-5.7:openshift-logging/cluster-logging-rhel8-operator@sha256:ae56b7bb5f88e54739e103c16b57eb776661c8942d0d58dae683f33dc839191a_ppc64le",
"8Base-RHOL-5.7:openshift-logging/cluster-logging-rhel8-operator@sha256:c127a5211070607bc6daaa404fb221a91134ee18261691041448fb18203e711b_amd64",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-operator-bundle@sha256:f56e69a40c6f51da46fbaf3fd170f84e20a45bac6c77b3b6d16130ae7be62394_amd64",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-proxy-rhel8@sha256:0abd84da4fd5bf4f2657c0a7ba2f8fd8b878c15121fccbe8fb5f461b2ea5a9b3_ppc64le",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-proxy-rhel8@sha256:160985f4c009f8cce7b36c1142756f25ff2413937da194facc6bc85cb0863551_s390x",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-proxy-rhel8@sha256:22a97db8a595aaa758027b30c7fd2cf3ea0ae6c4d0b70766f8124d8eb17b58c9_arm64",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-proxy-rhel8@sha256:38404132fe318e05f607c0e0ffb78baa25bb9477f53f40436b0cc50d21dd52bb_amd64",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-rhel8-operator@sha256:5aaa60e772fd3f47d7b12d12c2eb55176803175656f834c48ed5003bf6c80600_ppc64le",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-rhel8-operator@sha256:61c30851d3d9f544c37c7616ec8a4ba34b7b37f3555960d0c8fa2be78f44947f_amd64",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-rhel8-operator@sha256:ab54ef61832141f7675d3dc8d59edf99c3cdd1125c74e222492949c180964452_arm64",
"8Base-RHOL-5.7:openshift-logging/elasticsearch-rhel8-operator@sha256:fa36283092c27cd60761703d1eee07b92358dfe1157273b51b37b583a6060b35_s390x",
"8Base-RHOL-5.7:openshift-logging/elasticsearch6-rhel8@sha256:4685b2792af31c22d64220aaf7693e121826fdc2d8acd5be7bd0557995b8dea0_ppc64le",
"8Base-RHOL-5.7:openshift-logging/elasticsearch6-rhel8@sha256:611cef3b88e71c24f002e3a37de6883f54ca0e8eb9f8b60aff41ab2dcb249745_amd64",
"8Base-RHOL-5.7:openshift-logging/elasticsearch6-rhel8@sha256:9c28c1ef4a26ab31a9de8941b22705cea8e85918df5e9997cd07ede5bd04e512_arm64",
"8Base-RHOL-5.7:openshift-logging/elasticsearch6-rhel8@sha256:cc65e3adf0590cd58a073f351be36a2bc60ea1aa0183a0c9dcb9ae726830a078_s390x",
"8Base-RHOL-5.7:openshift-logging/eventrouter-rhel8@sha256:05c5123b3c5757f6239327c7ee96d2ce9fecbeef1dc39feade38d9417941122d_s390x",
"8Base-RHOL-5.7:openshift-logging/eventrouter-rhel8@sha256:62134203e3d02a92b4ea0f0f6b96a4046806c655f9b8358de7576a57624a7574_arm64",
"8Base-RHOL-5.7:openshift-logging/eventrouter-rhel8@sha256:9a9fc94b921453a383a8e2503bb8ff4e1d5290a541d5819ea15b263f10589357_amd64",
"8Base-RHOL-5.7:openshift-logging/eventrouter-rhel8@sha256:f8ff9fda083e55a5113ba614c739d83d52ee3115429075d0eb03fea2e9d5d711_ppc64le",
"8Base-RHOL-5.7:openshift-logging/fluentd-rhel8@sha256:3d3d4d46d57443ea5aea72a711126ff46b217129f089864f027b1ed2b45e393c_amd64",
"8Base-RHOL-5.7:openshift-logging/fluentd-rhel8@sha256:5dd0468121013d75c3c5b5def726b6d71f66d2086defad6cc1d54015f057f956_ppc64le",
"8Base-RHOL-5.7:openshift-logging/fluentd-rhel8@sha256:9e35721ad22c9c67e6bd49f7978c495d72743ad43c21425cb97a57b5f6d03653_s390x",
"8Base-RHOL-5.7:openshift-logging/fluentd-rhel8@sha256:c082515ff5bcaaf305b24d24b488b2d91627894872b2f2074f7bfa64e0baf313_arm64",
"8Base-RHOL-5.7:openshift-logging/kibana6-rhel8@sha256:77a3146e462f9291ea13d13fea97c74b2d59fe84f3dbfc33aafc08837fe5baba_arm64",
"8Base-RHOL-5.7:openshift-logging/kibana6-rhel8@sha256:be0b14bae5a4e42bb760ef93676153d2e9d0eaa72075b745df29ab519223a226_s390x",
"8Base-RHOL-5.7:openshift-logging/kibana6-rhel8@sha256:c8dff12b758f72cb6096c83a9b0e4918efab24e41c60e3dd1db91b561a204a9f_ppc64le",
"8Base-RHOL-5.7:openshift-logging/kibana6-rhel8@sha256:fc848aa0f5d0bd6c39b6d3056c21ae82839bcd627bd06312d7243b4e830d8aa2_amd64",
"8Base-RHOL-5.7:openshift-logging/log-file-metric-exporter-rhel8@sha256:92ff40e217abff467a201e45ebb11330d5352a29d7be3703048a865c7a7aa603_arm64",
"8Base-RHOL-5.7:openshift-logging/log-file-metric-exporter-rhel8@sha256:ad3988a61bd088e3303a28fa823b5a6377d823de2ab12e0b3e490c082077f7b5_amd64",
"8Base-RHOL-5.7:openshift-logging/log-file-metric-exporter-rhel8@sha256:cf228007b8ef6af94bee09d300d4c9917162041b08a91b0556e4083976050b5f_s390x",
"8Base-RHOL-5.7:openshift-logging/log-file-metric-exporter-rhel8@sha256:d5b2f702c19854620778f1a99c07e18c94ad2fd510b8484d2ac53c6ae8c0a8e2_ppc64le",
"8Base-RHOL-5.7:openshift-logging/logging-curator5-rhel8@sha256:12c1aafdb570d4a58c89d12d50dc129ee6f1eeb2a67d3e05a2a23d96d7d17d9c_ppc64le",
"8Base-RHOL-5.7:openshift-logging/logging-curator5-rhel8@sha256:5c0cf908612a36333722f5fed31e266a398db32739dd2e4f074428877b363c85_s390x",
"8Base-RHOL-5.7:openshift-logging/logging-curator5-rhel8@sha256:d3df7e62f2b1893b4f4879b91531b92652547aa4453fd1bfdc9558ff5a720a84_arm64",
"8Base-RHOL-5.7:openshift-logging/logging-curator5-rhel8@sha256:d65d8fba95e2313eb97a925c2d4f2a76d3616626c492803d19dcc3548753ecfa_amd64",
"8Base-RHOL-5.7:openshift-logging/logging-loki-rhel8@sha256:16c8e2bf0d537e9a787f2250203f9deae1b5f0f0b28e0520ddf6bf9b9c2e04d7_arm64",
"8Base-RHOL-5.7:openshift-logging/logging-loki-rhel8@sha256:63fffa75040e8322e895f230431f2cee966909d4afc2fef28f694f154c0cf888_amd64",
"8Base-RHOL-5.7:openshift-logging/logging-loki-rhel8@sha256:8b3fdd7f5b498336eff6881c742c59a2f6acdaaaf0ed80141d66170c19e6dfa7_ppc64le",
"8Base-RHOL-5.7:openshift-logging/logging-loki-rhel8@sha256:fcb11d3e6cc848ca774d353117c6a5c4770d455f8a64bce1223296d0afc298ef_s390x",
"8Base-RHOL-5.7:openshift-logging/logging-view-plugin-rhel8@sha256:29aaf15b222d1204253f4f82f3e17015a3fe77b3106580628442316bc2b2d26e_s390x",
"8Base-RHOL-5.7:openshift-logging/logging-view-plugin-rhel8@sha256:50742d41afd16c553729523d8e5e5a6640a2bb9d2d01eb4d18051456bdb422f7_arm64",
"8Base-RHOL-5.7:openshift-logging/logging-view-plugin-rhel8@sha256:cf64b884e6198327d0ed02a86971cd777a12591a3a6ad677703268d22f510bdd_amd64",
"8Base-RHOL-5.7:openshift-logging/logging-view-plugin-rhel8@sha256:ef63d4524f60a38ec8b4ec306f94ac865397d2f1616cdad7ed11722c49b9565e_ppc64le",
"8Base-RHOL-5.7:openshift-logging/loki-operator-bundle@sha256:5667ef8d640391c34ac20562b91a1f723005673d96e54a6ba1d178fa2fa73a32_amd64",
"8Base-RHOL-5.7:openshift-logging/loki-rhel8-operator@sha256:0f762d2a6e7e98b8d1a35df4a3d81677507dd2aea8a7c413aaa268bef2fbbe56_arm64",
"8Base-RHOL-5.7:openshift-logging/loki-rhel8-operator@sha256:1861142f6d9581e572d3086037d5b8264906579df63e7b3ae91f70a3068842f8_amd64",
"8Base-RHOL-5.7:openshift-logging/loki-rhel8-operator@sha256:214c8f4d86ff90cfddafa93dc1c3d5b3304bbfa35d3aec0b5aff30265f988f16_ppc64le",
"8Base-RHOL-5.7:openshift-logging/loki-rhel8-operator@sha256:62a71fd5ea0d3c6c26f06a56795ecca801f1a0ab570f08dfc44bd9b534775e58_s390x",
"8Base-RHOL-5.7:openshift-logging/lokistack-gateway-rhel8@sha256:0d9c0ccdf55842f06ed98efecba60e6614f764bb7e1dbe5861971e8ba8c80404_ppc64le",
"8Base-RHOL-5.7:openshift-logging/lokistack-gateway-rhel8@sha256:59113b0585d5f2ad0e2c61220ec3ead6192e14868f6dd9c143af5d13e6235565_arm64",
"8Base-RHOL-5.7:openshift-logging/lokistack-gateway-rhel8@sha256:9d5bc7af72f5ef08b1b01f9d34da16ed47a6e65dd632cf369c5848c5e89bfb10_amd64",
"8Base-RHOL-5.7:openshift-logging/lokistack-gateway-rhel8@sha256:b46f89c08df34b8ad7f2af805be0e005d9dfdfd94a0fbee6f5820200752ae11e_s390x",
"8Base-RHOL-5.7:openshift-logging/opa-openshift-rhel8@sha256:456a76e7ef5687b45ade9360670c2e3793d38cbca5e132763850a7cfd0861811_arm64",
"8Base-RHOL-5.7:openshift-logging/opa-openshift-rhel8@sha256:543213dd4f0132d51e5823f4bb9ee450b90e85c10bb817475f03404a430c7706_s390x",
"8Base-RHOL-5.7:openshift-logging/opa-openshift-rhel8@sha256:549c0984ba0cc9a54d01f44c2554da6574c16967c87e1a72e3f773802c76f63d_amd64",
"8Base-RHOL-5.7:openshift-logging/opa-openshift-rhel8@sha256:9e5ca10fd6967fa319fcba97aed737c4bdbbad6fbe19e43bc86010e89132669f_ppc64le",
"8Base-RHOL-5.7:openshift-logging/vector-rhel8@sha256:30e6149c0c834f785066f790655e67d17cb71ed68aa79dd7e4f2b7e3b8db8aa3_arm64",
"8Base-RHOL-5.7:openshift-logging/vector-rhel8@sha256:3c659bcf727aca2adff20087b41a5467cc52de825409df3468edb7e9c90fab41_s390x",
"8Base-RHOL-5.7:openshift-logging/vector-rhel8@sha256:7f3f463d22450c505c9a2ac6cca844b2d8a6124379e10beeab2ec8381dad913e_ppc64le",
"8Base-RHOL-5.7:openshift-logging/vector-rhel8@sha256:b63c5ae18c8b759e5e093d92801563355d5b45b85c997a8c294096ef2596615d_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "rubygem-activesupport: Possible XSS in SafeBuffer#bytesplice"
}
]
}
rhsa-2023:1953
Vulnerability from csaf_redhat
Published
2023-04-26 07:58
Modified
2025-08-04 08:10
Summary
Red Hat Security Advisory: Logging Subsystem 5.6.5 - Red Hat OpenShift security update
Notes
Topic
Logging Subsystem 5.6.5 - Red Hat OpenShift
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Logging Subsystem 5.6.5 - Red Hat OpenShift
Security Fix(es):
* rubygem-rack: denial of service in header parsing (CVE-2023-27539)
* rubygem-activesupport: Possible XSS in SafeBuffer#bytesplice (CVE-2023-28120)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Logging Subsystem 5.6.5 - Red Hat OpenShift\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Logging Subsystem 5.6.5 - Red Hat OpenShift\n\nSecurity Fix(es):\n\n* rubygem-rack: denial of service in header parsing (CVE-2023-27539)\n\n* rubygem-activesupport: Possible XSS in SafeBuffer#bytesplice (CVE-2023-28120)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2023:1953",
"url": "https://access.redhat.com/errata/RHSA-2023:1953"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "2179637",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2179637"
},
{
"category": "external",
"summary": "2179649",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2179649"
},
{
"category": "external",
"summary": "LOG-3419",
"url": "https://issues.redhat.com/browse/LOG-3419"
},
{
"category": "external",
"summary": "LOG-3480",
"url": "https://issues.redhat.com/browse/LOG-3480"
},
{
"category": "external",
"summary": "LOG-3583",
"url": "https://issues.redhat.com/browse/LOG-3583"
},
{
"category": "external",
"summary": "LOG-3750",
"url": "https://issues.redhat.com/browse/LOG-3750"
},
{
"category": "external",
"summary": "LOG-4008",
"url": "https://issues.redhat.com/browse/LOG-4008"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2023/rhsa-2023_1953.json"
}
],
"title": "Red Hat Security Advisory: Logging Subsystem 5.6.5 - Red Hat OpenShift security update",
"tracking": {
"current_release_date": "2025-08-04T08:10:22+00:00",
"generator": {
"date": "2025-08-04T08:10:22+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.6"
}
},
"id": "RHSA-2023:1953",
"initial_release_date": "2023-04-26T07:58:19+00:00",
"revision_history": [
{
"date": "2023-04-26T07:58:19+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2023-04-26T07:58:19+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-08-04T08:10:22+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "RHOL 5.6 for RHEL 8",
"product": {
"name": "RHOL 5.6 for RHEL 8",
"product_id": "8Base-RHOL-5.6",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:logging:5.6::el8"
}
}
}
],
"category": "product_family",
"name": "logging for Red Hat OpenShift"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-logging/cluster-logging-rhel8-operator@sha256:6f77858ae3de7f44cebede1ce239fd6d21e5299c22931e3500215f3d9190da1b_amd64",
"product": {
"name": "openshift-logging/cluster-logging-rhel8-operator@sha256:6f77858ae3de7f44cebede1ce239fd6d21e5299c22931e3500215f3d9190da1b_amd64",
"product_id": "openshift-logging/cluster-logging-rhel8-operator@sha256:6f77858ae3de7f44cebede1ce239fd6d21e5299c22931e3500215f3d9190da1b_amd64",
"product_identification_helper": {
"purl": "pkg:oci/cluster-logging-rhel8-operator@sha256:6f77858ae3de7f44cebede1ce239fd6d21e5299c22931e3500215f3d9190da1b?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/cluster-logging-rhel8-operator\u0026tag=v5.6.5-19"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/cluster-logging-operator-bundle@sha256:f1a9fce2a0474fffabc36e62b3208e333a2154b0c75b8674f0264c0e77faf011_amd64",
"product": {
"name": "openshift-logging/cluster-logging-operator-bundle@sha256:f1a9fce2a0474fffabc36e62b3208e333a2154b0c75b8674f0264c0e77faf011_amd64",
"product_id": "openshift-logging/cluster-logging-operator-bundle@sha256:f1a9fce2a0474fffabc36e62b3208e333a2154b0c75b8674f0264c0e77faf011_amd64",
"product_identification_helper": {
"purl": "pkg:oci/cluster-logging-operator-bundle@sha256:f1a9fce2a0474fffabc36e62b3208e333a2154b0c75b8674f0264c0e77faf011?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/cluster-logging-operator-bundle\u0026tag=v5.6.5-47"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch-rhel8-operator@sha256:507b0bd5d403d57e79bf0c92699d8a3b2d738c0cbb564384469134e7bd8735d2_amd64",
"product": {
"name": "openshift-logging/elasticsearch-rhel8-operator@sha256:507b0bd5d403d57e79bf0c92699d8a3b2d738c0cbb564384469134e7bd8735d2_amd64",
"product_id": "openshift-logging/elasticsearch-rhel8-operator@sha256:507b0bd5d403d57e79bf0c92699d8a3b2d738c0cbb564384469134e7bd8735d2_amd64",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch-rhel8-operator@sha256:507b0bd5d403d57e79bf0c92699d8a3b2d738c0cbb564384469134e7bd8735d2?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch-rhel8-operator\u0026tag=v5.6.5-6"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch-operator-bundle@sha256:afea2897dd74235fa62bf34821441819ed8edbee121a053e6001c046482b4573_amd64",
"product": {
"name": "openshift-logging/elasticsearch-operator-bundle@sha256:afea2897dd74235fa62bf34821441819ed8edbee121a053e6001c046482b4573_amd64",
"product_id": "openshift-logging/elasticsearch-operator-bundle@sha256:afea2897dd74235fa62bf34821441819ed8edbee121a053e6001c046482b4573_amd64",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch-operator-bundle@sha256:afea2897dd74235fa62bf34821441819ed8edbee121a053e6001c046482b4573?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch-operator-bundle\u0026tag=v5.6.5-37"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:45e20088c3ff0abfeeb0f7530278457eef2ff45122393c5bc75b126ad64dfcd3_amd64",
"product": {
"name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:45e20088c3ff0abfeeb0f7530278457eef2ff45122393c5bc75b126ad64dfcd3_amd64",
"product_id": "openshift-logging/elasticsearch-proxy-rhel8@sha256:45e20088c3ff0abfeeb0f7530278457eef2ff45122393c5bc75b126ad64dfcd3_amd64",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch-proxy-rhel8@sha256:45e20088c3ff0abfeeb0f7530278457eef2ff45122393c5bc75b126ad64dfcd3?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch-proxy-rhel8\u0026tag=v1.0.0-360"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/log-file-metric-exporter-rhel8@sha256:4929cd6fa0a37120dfa2361750d51138a223fd64116c96629e47cc3e5d1e971e_amd64",
"product": {
"name": "openshift-logging/log-file-metric-exporter-rhel8@sha256:4929cd6fa0a37120dfa2361750d51138a223fd64116c96629e47cc3e5d1e971e_amd64",
"product_id": "openshift-logging/log-file-metric-exporter-rhel8@sha256:4929cd6fa0a37120dfa2361750d51138a223fd64116c96629e47cc3e5d1e971e_amd64",
"product_identification_helper": {
"purl": "pkg:oci/log-file-metric-exporter-rhel8@sha256:4929cd6fa0a37120dfa2361750d51138a223fd64116c96629e47cc3e5d1e971e?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel8\u0026tag=v1.1.0-117"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/logging-curator5-rhel8@sha256:40e6c524006c8f7cb0ca212a4f4b19083df527da944dea762aac60e68d73ecf9_amd64",
"product": {
"name": "openshift-logging/logging-curator5-rhel8@sha256:40e6c524006c8f7cb0ca212a4f4b19083df527da944dea762aac60e68d73ecf9_amd64",
"product_id": "openshift-logging/logging-curator5-rhel8@sha256:40e6c524006c8f7cb0ca212a4f4b19083df527da944dea762aac60e68d73ecf9_amd64",
"product_identification_helper": {
"purl": "pkg:oci/logging-curator5-rhel8@sha256:40e6c524006c8f7cb0ca212a4f4b19083df527da944dea762aac60e68d73ecf9?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/logging-curator5-rhel8\u0026tag=v5.8.1-331"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch6-rhel8@sha256:9644f26adbc31d149e652189f5c7832608862fc3db31172d49b2c2ac69e06b62_amd64",
"product": {
"name": "openshift-logging/elasticsearch6-rhel8@sha256:9644f26adbc31d149e652189f5c7832608862fc3db31172d49b2c2ac69e06b62_amd64",
"product_id": "openshift-logging/elasticsearch6-rhel8@sha256:9644f26adbc31d149e652189f5c7832608862fc3db31172d49b2c2ac69e06b62_amd64",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch6-rhel8@sha256:9644f26adbc31d149e652189f5c7832608862fc3db31172d49b2c2ac69e06b62?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch6-rhel8\u0026tag=v6.8.1-313"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/eventrouter-rhel8@sha256:68a062de1e69875e3d6bd77ec356a50c12c228dbbc4a400bc940335c5b5e2a73_amd64",
"product": {
"name": "openshift-logging/eventrouter-rhel8@sha256:68a062de1e69875e3d6bd77ec356a50c12c228dbbc4a400bc940335c5b5e2a73_amd64",
"product_id": "openshift-logging/eventrouter-rhel8@sha256:68a062de1e69875e3d6bd77ec356a50c12c228dbbc4a400bc940335c5b5e2a73_amd64",
"product_identification_helper": {
"purl": "pkg:oci/eventrouter-rhel8@sha256:68a062de1e69875e3d6bd77ec356a50c12c228dbbc4a400bc940335c5b5e2a73?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/eventrouter-rhel8\u0026tag=v0.4.0-106"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/fluentd-rhel8@sha256:2fa5ad6177cfcda351c13e8478a4ab5c17a428aee75f089c8d0ca8a4505d3ba8_amd64",
"product": {
"name": "openshift-logging/fluentd-rhel8@sha256:2fa5ad6177cfcda351c13e8478a4ab5c17a428aee75f089c8d0ca8a4505d3ba8_amd64",
"product_id": "openshift-logging/fluentd-rhel8@sha256:2fa5ad6177cfcda351c13e8478a4ab5c17a428aee75f089c8d0ca8a4505d3ba8_amd64",
"product_identification_helper": {
"purl": "pkg:oci/fluentd-rhel8@sha256:2fa5ad6177cfcda351c13e8478a4ab5c17a428aee75f089c8d0ca8a4505d3ba8?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/fluentd-rhel8\u0026tag=v1.14.6-113"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/kibana6-rhel8@sha256:483fe327c1794582cf74e5b15821b647210eda732e8339a88ecafb183dfab479_amd64",
"product": {
"name": "openshift-logging/kibana6-rhel8@sha256:483fe327c1794582cf74e5b15821b647210eda732e8339a88ecafb183dfab479_amd64",
"product_id": "openshift-logging/kibana6-rhel8@sha256:483fe327c1794582cf74e5b15821b647210eda732e8339a88ecafb183dfab479_amd64",
"product_identification_helper": {
"purl": "pkg:oci/kibana6-rhel8@sha256:483fe327c1794582cf74e5b15821b647210eda732e8339a88ecafb183dfab479?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/kibana6-rhel8\u0026tag=v6.8.1-350"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/logging-loki-rhel8@sha256:9f0a0a82641750924a03fdb68e9755dc0e770f50826b44e8c79183b7706bf0c1_amd64",
"product": {
"name": "openshift-logging/logging-loki-rhel8@sha256:9f0a0a82641750924a03fdb68e9755dc0e770f50826b44e8c79183b7706bf0c1_amd64",
"product_id": "openshift-logging/logging-loki-rhel8@sha256:9f0a0a82641750924a03fdb68e9755dc0e770f50826b44e8c79183b7706bf0c1_amd64",
"product_identification_helper": {
"purl": "pkg:oci/logging-loki-rhel8@sha256:9f0a0a82641750924a03fdb68e9755dc0e770f50826b44e8c79183b7706bf0c1?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/logging-loki-rhel8\u0026tag=v2.7.4-6"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/vector-rhel8@sha256:f228c45422941ef7435f4337744e71844a6c843cb97f61ff74f3752ce5a9fda4_amd64",
"product": {
"name": "openshift-logging/vector-rhel8@sha256:f228c45422941ef7435f4337744e71844a6c843cb97f61ff74f3752ce5a9fda4_amd64",
"product_id": "openshift-logging/vector-rhel8@sha256:f228c45422941ef7435f4337744e71844a6c843cb97f61ff74f3752ce5a9fda4_amd64",
"product_identification_helper": {
"purl": "pkg:oci/vector-rhel8@sha256:f228c45422941ef7435f4337744e71844a6c843cb97f61ff74f3752ce5a9fda4?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/vector-rhel8\u0026tag=v0.21.0-77"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/logging-view-plugin-rhel8@sha256:4da268c6d5e321fb24493b008dea642438d0379ece7f990b1e5aea7116a8f03c_amd64",
"product": {
"name": "openshift-logging/logging-view-plugin-rhel8@sha256:4da268c6d5e321fb24493b008dea642438d0379ece7f990b1e5aea7116a8f03c_amd64",
"product_id": "openshift-logging/logging-view-plugin-rhel8@sha256:4da268c6d5e321fb24493b008dea642438d0379ece7f990b1e5aea7116a8f03c_amd64",
"product_identification_helper": {
"purl": "pkg:oci/logging-view-plugin-rhel8@sha256:4da268c6d5e321fb24493b008dea642438d0379ece7f990b1e5aea7116a8f03c?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/logging-view-plugin-rhel8\u0026tag=v5.6.5-5"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/loki-operator-bundle@sha256:474d77067fc0d2df2137c4009c9d1f9bc50084fa4d51818be405826bc55c0d96_amd64",
"product": {
"name": "openshift-logging/loki-operator-bundle@sha256:474d77067fc0d2df2137c4009c9d1f9bc50084fa4d51818be405826bc55c0d96_amd64",
"product_id": "openshift-logging/loki-operator-bundle@sha256:474d77067fc0d2df2137c4009c9d1f9bc50084fa4d51818be405826bc55c0d96_amd64",
"product_identification_helper": {
"purl": "pkg:oci/loki-operator-bundle@sha256:474d77067fc0d2df2137c4009c9d1f9bc50084fa4d51818be405826bc55c0d96?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/loki-operator-bundle\u0026tag=v5.6.5-37"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/loki-rhel8-operator@sha256:6f2b591a8b6421e72fde418c8b8a76a6de6d9b72e22a0a57d3096d5efa82343b_amd64",
"product": {
"name": "openshift-logging/loki-rhel8-operator@sha256:6f2b591a8b6421e72fde418c8b8a76a6de6d9b72e22a0a57d3096d5efa82343b_amd64",
"product_id": "openshift-logging/loki-rhel8-operator@sha256:6f2b591a8b6421e72fde418c8b8a76a6de6d9b72e22a0a57d3096d5efa82343b_amd64",
"product_identification_helper": {
"purl": "pkg:oci/loki-rhel8-operator@sha256:6f2b591a8b6421e72fde418c8b8a76a6de6d9b72e22a0a57d3096d5efa82343b?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/loki-rhel8-operator\u0026tag=v5.6.5-6"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/lokistack-gateway-rhel8@sha256:2de0f9cc91c4fb80cdcb672746f46e8cad9f87ba59b1136438f079b9db1f3158_amd64",
"product": {
"name": "openshift-logging/lokistack-gateway-rhel8@sha256:2de0f9cc91c4fb80cdcb672746f46e8cad9f87ba59b1136438f079b9db1f3158_amd64",
"product_id": "openshift-logging/lokistack-gateway-rhel8@sha256:2de0f9cc91c4fb80cdcb672746f46e8cad9f87ba59b1136438f079b9db1f3158_amd64",
"product_identification_helper": {
"purl": "pkg:oci/lokistack-gateway-rhel8@sha256:2de0f9cc91c4fb80cdcb672746f46e8cad9f87ba59b1136438f079b9db1f3158?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/lokistack-gateway-rhel8\u0026tag=v0.1.0-204"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/opa-openshift-rhel8@sha256:cb430fc37545c40db97f0b9f8b9b5fb8ec0f2ce9318c80850f81eef8019117b8_amd64",
"product": {
"name": "openshift-logging/opa-openshift-rhel8@sha256:cb430fc37545c40db97f0b9f8b9b5fb8ec0f2ce9318c80850f81eef8019117b8_amd64",
"product_id": "openshift-logging/opa-openshift-rhel8@sha256:cb430fc37545c40db97f0b9f8b9b5fb8ec0f2ce9318c80850f81eef8019117b8_amd64",
"product_identification_helper": {
"purl": "pkg:oci/opa-openshift-rhel8@sha256:cb430fc37545c40db97f0b9f8b9b5fb8ec0f2ce9318c80850f81eef8019117b8?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/opa-openshift-rhel8\u0026tag=v0.1.0-71"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-logging/cluster-logging-rhel8-operator@sha256:233b5898005aa4bb4aa50b8efc96ef2f02b455bbe59a399b85ed8f00d520f1c7_ppc64le",
"product": {
"name": "openshift-logging/cluster-logging-rhel8-operator@sha256:233b5898005aa4bb4aa50b8efc96ef2f02b455bbe59a399b85ed8f00d520f1c7_ppc64le",
"product_id": "openshift-logging/cluster-logging-rhel8-operator@sha256:233b5898005aa4bb4aa50b8efc96ef2f02b455bbe59a399b85ed8f00d520f1c7_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/cluster-logging-rhel8-operator@sha256:233b5898005aa4bb4aa50b8efc96ef2f02b455bbe59a399b85ed8f00d520f1c7?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/cluster-logging-rhel8-operator\u0026tag=v5.6.5-19"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch-rhel8-operator@sha256:d978206d2447c3517f8412fbdada672dd13c8baf76466ff972f5a347eeabfa99_ppc64le",
"product": {
"name": "openshift-logging/elasticsearch-rhel8-operator@sha256:d978206d2447c3517f8412fbdada672dd13c8baf76466ff972f5a347eeabfa99_ppc64le",
"product_id": "openshift-logging/elasticsearch-rhel8-operator@sha256:d978206d2447c3517f8412fbdada672dd13c8baf76466ff972f5a347eeabfa99_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch-rhel8-operator@sha256:d978206d2447c3517f8412fbdada672dd13c8baf76466ff972f5a347eeabfa99?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch-rhel8-operator\u0026tag=v5.6.5-6"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:7f85c4998d8ef0f27e1bfece2df91f3cab3489f7e5deced405ab4a3aae9b28a1_ppc64le",
"product": {
"name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:7f85c4998d8ef0f27e1bfece2df91f3cab3489f7e5deced405ab4a3aae9b28a1_ppc64le",
"product_id": "openshift-logging/elasticsearch-proxy-rhel8@sha256:7f85c4998d8ef0f27e1bfece2df91f3cab3489f7e5deced405ab4a3aae9b28a1_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch-proxy-rhel8@sha256:7f85c4998d8ef0f27e1bfece2df91f3cab3489f7e5deced405ab4a3aae9b28a1?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch-proxy-rhel8\u0026tag=v1.0.0-360"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/log-file-metric-exporter-rhel8@sha256:86f47139be2ec7ee5391f4d54f00d697126d3a0128b9a22bb93fd704c03fc4da_ppc64le",
"product": {
"name": "openshift-logging/log-file-metric-exporter-rhel8@sha256:86f47139be2ec7ee5391f4d54f00d697126d3a0128b9a22bb93fd704c03fc4da_ppc64le",
"product_id": "openshift-logging/log-file-metric-exporter-rhel8@sha256:86f47139be2ec7ee5391f4d54f00d697126d3a0128b9a22bb93fd704c03fc4da_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/log-file-metric-exporter-rhel8@sha256:86f47139be2ec7ee5391f4d54f00d697126d3a0128b9a22bb93fd704c03fc4da?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel8\u0026tag=v1.1.0-117"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/logging-curator5-rhel8@sha256:bfea82efdd8c0a2ffdec93e582394026ba6f4086ef039c51d293080232f9b2f1_ppc64le",
"product": {
"name": "openshift-logging/logging-curator5-rhel8@sha256:bfea82efdd8c0a2ffdec93e582394026ba6f4086ef039c51d293080232f9b2f1_ppc64le",
"product_id": "openshift-logging/logging-curator5-rhel8@sha256:bfea82efdd8c0a2ffdec93e582394026ba6f4086ef039c51d293080232f9b2f1_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/logging-curator5-rhel8@sha256:bfea82efdd8c0a2ffdec93e582394026ba6f4086ef039c51d293080232f9b2f1?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/logging-curator5-rhel8\u0026tag=v5.8.1-331"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch6-rhel8@sha256:175a6b8f6435fe3d1ca8db0b4e9398b09db9b502bf17dd7d309eaa84cada7df2_ppc64le",
"product": {
"name": "openshift-logging/elasticsearch6-rhel8@sha256:175a6b8f6435fe3d1ca8db0b4e9398b09db9b502bf17dd7d309eaa84cada7df2_ppc64le",
"product_id": "openshift-logging/elasticsearch6-rhel8@sha256:175a6b8f6435fe3d1ca8db0b4e9398b09db9b502bf17dd7d309eaa84cada7df2_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch6-rhel8@sha256:175a6b8f6435fe3d1ca8db0b4e9398b09db9b502bf17dd7d309eaa84cada7df2?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch6-rhel8\u0026tag=v6.8.1-313"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/eventrouter-rhel8@sha256:235deb07313141dd5934b92b19a95b7485e998242998f400a7a87affc0bf16aa_ppc64le",
"product": {
"name": "openshift-logging/eventrouter-rhel8@sha256:235deb07313141dd5934b92b19a95b7485e998242998f400a7a87affc0bf16aa_ppc64le",
"product_id": "openshift-logging/eventrouter-rhel8@sha256:235deb07313141dd5934b92b19a95b7485e998242998f400a7a87affc0bf16aa_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/eventrouter-rhel8@sha256:235deb07313141dd5934b92b19a95b7485e998242998f400a7a87affc0bf16aa?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/eventrouter-rhel8\u0026tag=v0.4.0-106"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/fluentd-rhel8@sha256:5c47d4c63b92680903171598e05db75edeafce751dc7548987804b72077ce550_ppc64le",
"product": {
"name": "openshift-logging/fluentd-rhel8@sha256:5c47d4c63b92680903171598e05db75edeafce751dc7548987804b72077ce550_ppc64le",
"product_id": "openshift-logging/fluentd-rhel8@sha256:5c47d4c63b92680903171598e05db75edeafce751dc7548987804b72077ce550_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/fluentd-rhel8@sha256:5c47d4c63b92680903171598e05db75edeafce751dc7548987804b72077ce550?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/fluentd-rhel8\u0026tag=v1.14.6-113"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/kibana6-rhel8@sha256:eabd2451a3668ddffacdce6d3b72863fc093a8ad22592f550a9009b021eb21ca_ppc64le",
"product": {
"name": "openshift-logging/kibana6-rhel8@sha256:eabd2451a3668ddffacdce6d3b72863fc093a8ad22592f550a9009b021eb21ca_ppc64le",
"product_id": "openshift-logging/kibana6-rhel8@sha256:eabd2451a3668ddffacdce6d3b72863fc093a8ad22592f550a9009b021eb21ca_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/kibana6-rhel8@sha256:eabd2451a3668ddffacdce6d3b72863fc093a8ad22592f550a9009b021eb21ca?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/kibana6-rhel8\u0026tag=v6.8.1-350"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/logging-loki-rhel8@sha256:55b64a6a5cb71c908a8962e7a757a064619c9f8aa0080fc584db92674a6d4ec7_ppc64le",
"product": {
"name": "openshift-logging/logging-loki-rhel8@sha256:55b64a6a5cb71c908a8962e7a757a064619c9f8aa0080fc584db92674a6d4ec7_ppc64le",
"product_id": "openshift-logging/logging-loki-rhel8@sha256:55b64a6a5cb71c908a8962e7a757a064619c9f8aa0080fc584db92674a6d4ec7_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/logging-loki-rhel8@sha256:55b64a6a5cb71c908a8962e7a757a064619c9f8aa0080fc584db92674a6d4ec7?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/logging-loki-rhel8\u0026tag=v2.7.4-6"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/vector-rhel8@sha256:17b0e15e92527bfb45aadbe13378b262a18bc06b568efeb16a1f2adcd0f31ec3_ppc64le",
"product": {
"name": "openshift-logging/vector-rhel8@sha256:17b0e15e92527bfb45aadbe13378b262a18bc06b568efeb16a1f2adcd0f31ec3_ppc64le",
"product_id": "openshift-logging/vector-rhel8@sha256:17b0e15e92527bfb45aadbe13378b262a18bc06b568efeb16a1f2adcd0f31ec3_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/vector-rhel8@sha256:17b0e15e92527bfb45aadbe13378b262a18bc06b568efeb16a1f2adcd0f31ec3?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/vector-rhel8\u0026tag=v0.21.0-77"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/logging-view-plugin-rhel8@sha256:a2d22864fa5c2350bb4d7eeea8396c645c2a8247d85de55069abf6c93e15eaff_ppc64le",
"product": {
"name": "openshift-logging/logging-view-plugin-rhel8@sha256:a2d22864fa5c2350bb4d7eeea8396c645c2a8247d85de55069abf6c93e15eaff_ppc64le",
"product_id": "openshift-logging/logging-view-plugin-rhel8@sha256:a2d22864fa5c2350bb4d7eeea8396c645c2a8247d85de55069abf6c93e15eaff_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/logging-view-plugin-rhel8@sha256:a2d22864fa5c2350bb4d7eeea8396c645c2a8247d85de55069abf6c93e15eaff?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/logging-view-plugin-rhel8\u0026tag=v5.6.5-5"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/loki-rhel8-operator@sha256:ab42c49b2bd600c500b226bc63349a7eef490f75d6dddf1812721a7579879e4f_ppc64le",
"product": {
"name": "openshift-logging/loki-rhel8-operator@sha256:ab42c49b2bd600c500b226bc63349a7eef490f75d6dddf1812721a7579879e4f_ppc64le",
"product_id": "openshift-logging/loki-rhel8-operator@sha256:ab42c49b2bd600c500b226bc63349a7eef490f75d6dddf1812721a7579879e4f_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/loki-rhel8-operator@sha256:ab42c49b2bd600c500b226bc63349a7eef490f75d6dddf1812721a7579879e4f?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/loki-rhel8-operator\u0026tag=v5.6.5-6"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/lokistack-gateway-rhel8@sha256:3041db16c26cdb4f8c88e1963ab535c170bd5dffa2b452ca3a08ce6e6d2a2500_ppc64le",
"product": {
"name": "openshift-logging/lokistack-gateway-rhel8@sha256:3041db16c26cdb4f8c88e1963ab535c170bd5dffa2b452ca3a08ce6e6d2a2500_ppc64le",
"product_id": "openshift-logging/lokistack-gateway-rhel8@sha256:3041db16c26cdb4f8c88e1963ab535c170bd5dffa2b452ca3a08ce6e6d2a2500_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/lokistack-gateway-rhel8@sha256:3041db16c26cdb4f8c88e1963ab535c170bd5dffa2b452ca3a08ce6e6d2a2500?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/lokistack-gateway-rhel8\u0026tag=v0.1.0-204"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/opa-openshift-rhel8@sha256:511c75ee2a60bed854dc3708886a6d600625cde6b78849d0cbce3ceb1cceb068_ppc64le",
"product": {
"name": "openshift-logging/opa-openshift-rhel8@sha256:511c75ee2a60bed854dc3708886a6d600625cde6b78849d0cbce3ceb1cceb068_ppc64le",
"product_id": "openshift-logging/opa-openshift-rhel8@sha256:511c75ee2a60bed854dc3708886a6d600625cde6b78849d0cbce3ceb1cceb068_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/opa-openshift-rhel8@sha256:511c75ee2a60bed854dc3708886a6d600625cde6b78849d0cbce3ceb1cceb068?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/opa-openshift-rhel8\u0026tag=v0.1.0-71"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-logging/cluster-logging-rhel8-operator@sha256:731567ee7f2c91d248d3980a4fe5cf3e3b19c95ac028ebc4ba9051f940539546_arm64",
"product": {
"name": "openshift-logging/cluster-logging-rhel8-operator@sha256:731567ee7f2c91d248d3980a4fe5cf3e3b19c95ac028ebc4ba9051f940539546_arm64",
"product_id": "openshift-logging/cluster-logging-rhel8-operator@sha256:731567ee7f2c91d248d3980a4fe5cf3e3b19c95ac028ebc4ba9051f940539546_arm64",
"product_identification_helper": {
"purl": "pkg:oci/cluster-logging-rhel8-operator@sha256:731567ee7f2c91d248d3980a4fe5cf3e3b19c95ac028ebc4ba9051f940539546?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging/cluster-logging-rhel8-operator\u0026tag=v5.6.5-19"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch-rhel8-operator@sha256:f5a7733e18054f11629816d73507636fbf89c82dced718721b50aab18871a840_arm64",
"product": {
"name": "openshift-logging/elasticsearch-rhel8-operator@sha256:f5a7733e18054f11629816d73507636fbf89c82dced718721b50aab18871a840_arm64",
"product_id": "openshift-logging/elasticsearch-rhel8-operator@sha256:f5a7733e18054f11629816d73507636fbf89c82dced718721b50aab18871a840_arm64",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch-rhel8-operator@sha256:f5a7733e18054f11629816d73507636fbf89c82dced718721b50aab18871a840?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch-rhel8-operator\u0026tag=v5.6.5-6"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:e2f28dca1a754623359b704a29e3ef4fe31cdb4e5816ed8cb9cc931f62aa74e5_arm64",
"product": {
"name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:e2f28dca1a754623359b704a29e3ef4fe31cdb4e5816ed8cb9cc931f62aa74e5_arm64",
"product_id": "openshift-logging/elasticsearch-proxy-rhel8@sha256:e2f28dca1a754623359b704a29e3ef4fe31cdb4e5816ed8cb9cc931f62aa74e5_arm64",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch-proxy-rhel8@sha256:e2f28dca1a754623359b704a29e3ef4fe31cdb4e5816ed8cb9cc931f62aa74e5?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch-proxy-rhel8\u0026tag=v1.0.0-360"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/log-file-metric-exporter-rhel8@sha256:58e588e059f62fe7b26a7bcd4567ea8c6903e694df86ea708f9bbae149b598ff_arm64",
"product": {
"name": "openshift-logging/log-file-metric-exporter-rhel8@sha256:58e588e059f62fe7b26a7bcd4567ea8c6903e694df86ea708f9bbae149b598ff_arm64",
"product_id": "openshift-logging/log-file-metric-exporter-rhel8@sha256:58e588e059f62fe7b26a7bcd4567ea8c6903e694df86ea708f9bbae149b598ff_arm64",
"product_identification_helper": {
"purl": "pkg:oci/log-file-metric-exporter-rhel8@sha256:58e588e059f62fe7b26a7bcd4567ea8c6903e694df86ea708f9bbae149b598ff?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel8\u0026tag=v1.1.0-117"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/logging-curator5-rhel8@sha256:f6bcf32ebc3ba8f15ae1c4b2df8c8659187eba1b27f18b28bd5778530b407797_arm64",
"product": {
"name": "openshift-logging/logging-curator5-rhel8@sha256:f6bcf32ebc3ba8f15ae1c4b2df8c8659187eba1b27f18b28bd5778530b407797_arm64",
"product_id": "openshift-logging/logging-curator5-rhel8@sha256:f6bcf32ebc3ba8f15ae1c4b2df8c8659187eba1b27f18b28bd5778530b407797_arm64",
"product_identification_helper": {
"purl": "pkg:oci/logging-curator5-rhel8@sha256:f6bcf32ebc3ba8f15ae1c4b2df8c8659187eba1b27f18b28bd5778530b407797?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging/logging-curator5-rhel8\u0026tag=v5.8.1-331"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch6-rhel8@sha256:555f6e29451c73b5534f7c5f674a11bd46052fc9c4e0ab91c19c4f79acf799e9_arm64",
"product": {
"name": "openshift-logging/elasticsearch6-rhel8@sha256:555f6e29451c73b5534f7c5f674a11bd46052fc9c4e0ab91c19c4f79acf799e9_arm64",
"product_id": "openshift-logging/elasticsearch6-rhel8@sha256:555f6e29451c73b5534f7c5f674a11bd46052fc9c4e0ab91c19c4f79acf799e9_arm64",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch6-rhel8@sha256:555f6e29451c73b5534f7c5f674a11bd46052fc9c4e0ab91c19c4f79acf799e9?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch6-rhel8\u0026tag=v6.8.1-313"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/eventrouter-rhel8@sha256:0d97eb7ba68c74cec9b8cb5da3a0663c2645486f74b02261cb40276f3342d93b_arm64",
"product": {
"name": "openshift-logging/eventrouter-rhel8@sha256:0d97eb7ba68c74cec9b8cb5da3a0663c2645486f74b02261cb40276f3342d93b_arm64",
"product_id": "openshift-logging/eventrouter-rhel8@sha256:0d97eb7ba68c74cec9b8cb5da3a0663c2645486f74b02261cb40276f3342d93b_arm64",
"product_identification_helper": {
"purl": "pkg:oci/eventrouter-rhel8@sha256:0d97eb7ba68c74cec9b8cb5da3a0663c2645486f74b02261cb40276f3342d93b?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging/eventrouter-rhel8\u0026tag=v0.4.0-106"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/fluentd-rhel8@sha256:0322877e7e70debca22bac62e0d2a1f91cdebd4bf3bf96033b78e98d09bb2480_arm64",
"product": {
"name": "openshift-logging/fluentd-rhel8@sha256:0322877e7e70debca22bac62e0d2a1f91cdebd4bf3bf96033b78e98d09bb2480_arm64",
"product_id": "openshift-logging/fluentd-rhel8@sha256:0322877e7e70debca22bac62e0d2a1f91cdebd4bf3bf96033b78e98d09bb2480_arm64",
"product_identification_helper": {
"purl": "pkg:oci/fluentd-rhel8@sha256:0322877e7e70debca22bac62e0d2a1f91cdebd4bf3bf96033b78e98d09bb2480?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging/fluentd-rhel8\u0026tag=v1.14.6-113"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/kibana6-rhel8@sha256:3e0895b3567f900a8a0e39f8cf60280db2dbd057c9599e885a7de98e4e80b166_arm64",
"product": {
"name": "openshift-logging/kibana6-rhel8@sha256:3e0895b3567f900a8a0e39f8cf60280db2dbd057c9599e885a7de98e4e80b166_arm64",
"product_id": "openshift-logging/kibana6-rhel8@sha256:3e0895b3567f900a8a0e39f8cf60280db2dbd057c9599e885a7de98e4e80b166_arm64",
"product_identification_helper": {
"purl": "pkg:oci/kibana6-rhel8@sha256:3e0895b3567f900a8a0e39f8cf60280db2dbd057c9599e885a7de98e4e80b166?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging/kibana6-rhel8\u0026tag=v6.8.1-350"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/logging-loki-rhel8@sha256:e5d15c23b8c9c34be899041bcebd76a20054775dc841b2f807ee8b9a86f7d2f5_arm64",
"product": {
"name": "openshift-logging/logging-loki-rhel8@sha256:e5d15c23b8c9c34be899041bcebd76a20054775dc841b2f807ee8b9a86f7d2f5_arm64",
"product_id": "openshift-logging/logging-loki-rhel8@sha256:e5d15c23b8c9c34be899041bcebd76a20054775dc841b2f807ee8b9a86f7d2f5_arm64",
"product_identification_helper": {
"purl": "pkg:oci/logging-loki-rhel8@sha256:e5d15c23b8c9c34be899041bcebd76a20054775dc841b2f807ee8b9a86f7d2f5?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging/logging-loki-rhel8\u0026tag=v2.7.4-6"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/vector-rhel8@sha256:7e6849449e3c2550679720a0b8c21a8cfd0fc34fa95e9b729d2102c53996fb32_arm64",
"product": {
"name": "openshift-logging/vector-rhel8@sha256:7e6849449e3c2550679720a0b8c21a8cfd0fc34fa95e9b729d2102c53996fb32_arm64",
"product_id": "openshift-logging/vector-rhel8@sha256:7e6849449e3c2550679720a0b8c21a8cfd0fc34fa95e9b729d2102c53996fb32_arm64",
"product_identification_helper": {
"purl": "pkg:oci/vector-rhel8@sha256:7e6849449e3c2550679720a0b8c21a8cfd0fc34fa95e9b729d2102c53996fb32?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging/vector-rhel8\u0026tag=v0.21.0-77"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/logging-view-plugin-rhel8@sha256:94c42f3bbaa631c0f5fb3d45b547fc4f75a7fbe13960f98828f1aed709ba55f7_arm64",
"product": {
"name": "openshift-logging/logging-view-plugin-rhel8@sha256:94c42f3bbaa631c0f5fb3d45b547fc4f75a7fbe13960f98828f1aed709ba55f7_arm64",
"product_id": "openshift-logging/logging-view-plugin-rhel8@sha256:94c42f3bbaa631c0f5fb3d45b547fc4f75a7fbe13960f98828f1aed709ba55f7_arm64",
"product_identification_helper": {
"purl": "pkg:oci/logging-view-plugin-rhel8@sha256:94c42f3bbaa631c0f5fb3d45b547fc4f75a7fbe13960f98828f1aed709ba55f7?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging/logging-view-plugin-rhel8\u0026tag=v5.6.5-5"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/loki-rhel8-operator@sha256:655ba76eb2429aaa6676259d17144ff2961045a59bc02a0da1865d93f2f3abaa_arm64",
"product": {
"name": "openshift-logging/loki-rhel8-operator@sha256:655ba76eb2429aaa6676259d17144ff2961045a59bc02a0da1865d93f2f3abaa_arm64",
"product_id": "openshift-logging/loki-rhel8-operator@sha256:655ba76eb2429aaa6676259d17144ff2961045a59bc02a0da1865d93f2f3abaa_arm64",
"product_identification_helper": {
"purl": "pkg:oci/loki-rhel8-operator@sha256:655ba76eb2429aaa6676259d17144ff2961045a59bc02a0da1865d93f2f3abaa?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging/loki-rhel8-operator\u0026tag=v5.6.5-6"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/lokistack-gateway-rhel8@sha256:448bdb0b727d4c0e643aad3259022b895b71ea054d961eca211a905d1a38ecd0_arm64",
"product": {
"name": "openshift-logging/lokistack-gateway-rhel8@sha256:448bdb0b727d4c0e643aad3259022b895b71ea054d961eca211a905d1a38ecd0_arm64",
"product_id": "openshift-logging/lokistack-gateway-rhel8@sha256:448bdb0b727d4c0e643aad3259022b895b71ea054d961eca211a905d1a38ecd0_arm64",
"product_identification_helper": {
"purl": "pkg:oci/lokistack-gateway-rhel8@sha256:448bdb0b727d4c0e643aad3259022b895b71ea054d961eca211a905d1a38ecd0?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging/lokistack-gateway-rhel8\u0026tag=v0.1.0-204"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/opa-openshift-rhel8@sha256:dc23da77be96ddd671c80c3f8a21f78c0c7a930fbc4f9a0de8e80c435ef783d8_arm64",
"product": {
"name": "openshift-logging/opa-openshift-rhel8@sha256:dc23da77be96ddd671c80c3f8a21f78c0c7a930fbc4f9a0de8e80c435ef783d8_arm64",
"product_id": "openshift-logging/opa-openshift-rhel8@sha256:dc23da77be96ddd671c80c3f8a21f78c0c7a930fbc4f9a0de8e80c435ef783d8_arm64",
"product_identification_helper": {
"purl": "pkg:oci/opa-openshift-rhel8@sha256:dc23da77be96ddd671c80c3f8a21f78c0c7a930fbc4f9a0de8e80c435ef783d8?arch=arm64\u0026repository_url=registry.redhat.io/openshift-logging/opa-openshift-rhel8\u0026tag=v0.1.0-71"
}
}
}
],
"category": "architecture",
"name": "arm64"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-logging/cluster-logging-rhel8-operator@sha256:5faffa3624e95ae19104be20e2cb69ab9719ad5fbc12b8370618e7d89c497df5_s390x",
"product": {
"name": "openshift-logging/cluster-logging-rhel8-operator@sha256:5faffa3624e95ae19104be20e2cb69ab9719ad5fbc12b8370618e7d89c497df5_s390x",
"product_id": "openshift-logging/cluster-logging-rhel8-operator@sha256:5faffa3624e95ae19104be20e2cb69ab9719ad5fbc12b8370618e7d89c497df5_s390x",
"product_identification_helper": {
"purl": "pkg:oci/cluster-logging-rhel8-operator@sha256:5faffa3624e95ae19104be20e2cb69ab9719ad5fbc12b8370618e7d89c497df5?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/cluster-logging-rhel8-operator\u0026tag=v5.6.5-19"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch-rhel8-operator@sha256:53c81d3e6bcb29343e1cfe4c58abb02126fc968f3e2af4d21d0488190888a879_s390x",
"product": {
"name": "openshift-logging/elasticsearch-rhel8-operator@sha256:53c81d3e6bcb29343e1cfe4c58abb02126fc968f3e2af4d21d0488190888a879_s390x",
"product_id": "openshift-logging/elasticsearch-rhel8-operator@sha256:53c81d3e6bcb29343e1cfe4c58abb02126fc968f3e2af4d21d0488190888a879_s390x",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch-rhel8-operator@sha256:53c81d3e6bcb29343e1cfe4c58abb02126fc968f3e2af4d21d0488190888a879?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch-rhel8-operator\u0026tag=v5.6.5-6"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:3e6e31a25c940cd0b0376df0640648ff357c3842307ea1e4dda99bfc2d4d6fe7_s390x",
"product": {
"name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:3e6e31a25c940cd0b0376df0640648ff357c3842307ea1e4dda99bfc2d4d6fe7_s390x",
"product_id": "openshift-logging/elasticsearch-proxy-rhel8@sha256:3e6e31a25c940cd0b0376df0640648ff357c3842307ea1e4dda99bfc2d4d6fe7_s390x",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch-proxy-rhel8@sha256:3e6e31a25c940cd0b0376df0640648ff357c3842307ea1e4dda99bfc2d4d6fe7?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch-proxy-rhel8\u0026tag=v1.0.0-360"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/log-file-metric-exporter-rhel8@sha256:9034be9d22b0c2a9918fa79c37854b62099b32d32586380f455f435aa139ab86_s390x",
"product": {
"name": "openshift-logging/log-file-metric-exporter-rhel8@sha256:9034be9d22b0c2a9918fa79c37854b62099b32d32586380f455f435aa139ab86_s390x",
"product_id": "openshift-logging/log-file-metric-exporter-rhel8@sha256:9034be9d22b0c2a9918fa79c37854b62099b32d32586380f455f435aa139ab86_s390x",
"product_identification_helper": {
"purl": "pkg:oci/log-file-metric-exporter-rhel8@sha256:9034be9d22b0c2a9918fa79c37854b62099b32d32586380f455f435aa139ab86?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/log-file-metric-exporter-rhel8\u0026tag=v1.1.0-117"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/logging-curator5-rhel8@sha256:3c1728139dc88aa75ee088fe2d9e4917ca5062951cf5aa9d4ac69f42f4e6683c_s390x",
"product": {
"name": "openshift-logging/logging-curator5-rhel8@sha256:3c1728139dc88aa75ee088fe2d9e4917ca5062951cf5aa9d4ac69f42f4e6683c_s390x",
"product_id": "openshift-logging/logging-curator5-rhel8@sha256:3c1728139dc88aa75ee088fe2d9e4917ca5062951cf5aa9d4ac69f42f4e6683c_s390x",
"product_identification_helper": {
"purl": "pkg:oci/logging-curator5-rhel8@sha256:3c1728139dc88aa75ee088fe2d9e4917ca5062951cf5aa9d4ac69f42f4e6683c?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/logging-curator5-rhel8\u0026tag=v5.8.1-331"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch6-rhel8@sha256:6bfb202f2336441f522ae26f59a413d7fbda41b781ca4db46ff99ea89dd9ff8b_s390x",
"product": {
"name": "openshift-logging/elasticsearch6-rhel8@sha256:6bfb202f2336441f522ae26f59a413d7fbda41b781ca4db46ff99ea89dd9ff8b_s390x",
"product_id": "openshift-logging/elasticsearch6-rhel8@sha256:6bfb202f2336441f522ae26f59a413d7fbda41b781ca4db46ff99ea89dd9ff8b_s390x",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch6-rhel8@sha256:6bfb202f2336441f522ae26f59a413d7fbda41b781ca4db46ff99ea89dd9ff8b?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch6-rhel8\u0026tag=v6.8.1-313"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/eventrouter-rhel8@sha256:67be5df93f4215936f57cefd1e5e00645df41b83c0de38f1111b5ed7303acf4a_s390x",
"product": {
"name": "openshift-logging/eventrouter-rhel8@sha256:67be5df93f4215936f57cefd1e5e00645df41b83c0de38f1111b5ed7303acf4a_s390x",
"product_id": "openshift-logging/eventrouter-rhel8@sha256:67be5df93f4215936f57cefd1e5e00645df41b83c0de38f1111b5ed7303acf4a_s390x",
"product_identification_helper": {
"purl": "pkg:oci/eventrouter-rhel8@sha256:67be5df93f4215936f57cefd1e5e00645df41b83c0de38f1111b5ed7303acf4a?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/eventrouter-rhel8\u0026tag=v0.4.0-106"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/fluentd-rhel8@sha256:2e491ee9d43964cc53a8ebd1ac92507e9af6d8a39649594d5c4e991067d6ca99_s390x",
"product": {
"name": "openshift-logging/fluentd-rhel8@sha256:2e491ee9d43964cc53a8ebd1ac92507e9af6d8a39649594d5c4e991067d6ca99_s390x",
"product_id": "openshift-logging/fluentd-rhel8@sha256:2e491ee9d43964cc53a8ebd1ac92507e9af6d8a39649594d5c4e991067d6ca99_s390x",
"product_identification_helper": {
"purl": "pkg:oci/fluentd-rhel8@sha256:2e491ee9d43964cc53a8ebd1ac92507e9af6d8a39649594d5c4e991067d6ca99?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/fluentd-rhel8\u0026tag=v1.14.6-113"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/kibana6-rhel8@sha256:9ba17d38faba70354f5a890409189a12bf5e0d7aadfb4698fafb37e9cb8d6d00_s390x",
"product": {
"name": "openshift-logging/kibana6-rhel8@sha256:9ba17d38faba70354f5a890409189a12bf5e0d7aadfb4698fafb37e9cb8d6d00_s390x",
"product_id": "openshift-logging/kibana6-rhel8@sha256:9ba17d38faba70354f5a890409189a12bf5e0d7aadfb4698fafb37e9cb8d6d00_s390x",
"product_identification_helper": {
"purl": "pkg:oci/kibana6-rhel8@sha256:9ba17d38faba70354f5a890409189a12bf5e0d7aadfb4698fafb37e9cb8d6d00?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/kibana6-rhel8\u0026tag=v6.8.1-350"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/logging-loki-rhel8@sha256:3e02ee8dfb296ad9261512a268fe42744120e262b2915c50bdd094bd8cf9ca1f_s390x",
"product": {
"name": "openshift-logging/logging-loki-rhel8@sha256:3e02ee8dfb296ad9261512a268fe42744120e262b2915c50bdd094bd8cf9ca1f_s390x",
"product_id": "openshift-logging/logging-loki-rhel8@sha256:3e02ee8dfb296ad9261512a268fe42744120e262b2915c50bdd094bd8cf9ca1f_s390x",
"product_identification_helper": {
"purl": "pkg:oci/logging-loki-rhel8@sha256:3e02ee8dfb296ad9261512a268fe42744120e262b2915c50bdd094bd8cf9ca1f?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/logging-loki-rhel8\u0026tag=v2.7.4-6"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/vector-rhel8@sha256:658029bec140b359a87bb9266a88572550f589cbcbe0d7e5ce8c145ee33172cd_s390x",
"product": {
"name": "openshift-logging/vector-rhel8@sha256:658029bec140b359a87bb9266a88572550f589cbcbe0d7e5ce8c145ee33172cd_s390x",
"product_id": "openshift-logging/vector-rhel8@sha256:658029bec140b359a87bb9266a88572550f589cbcbe0d7e5ce8c145ee33172cd_s390x",
"product_identification_helper": {
"purl": "pkg:oci/vector-rhel8@sha256:658029bec140b359a87bb9266a88572550f589cbcbe0d7e5ce8c145ee33172cd?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/vector-rhel8\u0026tag=v0.21.0-77"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/logging-view-plugin-rhel8@sha256:149c2037d62c50230befb6873e2b3e4daba573adccc8049eb7677600a63cb936_s390x",
"product": {
"name": "openshift-logging/logging-view-plugin-rhel8@sha256:149c2037d62c50230befb6873e2b3e4daba573adccc8049eb7677600a63cb936_s390x",
"product_id": "openshift-logging/logging-view-plugin-rhel8@sha256:149c2037d62c50230befb6873e2b3e4daba573adccc8049eb7677600a63cb936_s390x",
"product_identification_helper": {
"purl": "pkg:oci/logging-view-plugin-rhel8@sha256:149c2037d62c50230befb6873e2b3e4daba573adccc8049eb7677600a63cb936?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/logging-view-plugin-rhel8\u0026tag=v5.6.5-5"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/loki-rhel8-operator@sha256:e8fcf0b219be91fa15ec5cc8f83d5874b9d0a3482dbd1e90a5e05878b6522596_s390x",
"product": {
"name": "openshift-logging/loki-rhel8-operator@sha256:e8fcf0b219be91fa15ec5cc8f83d5874b9d0a3482dbd1e90a5e05878b6522596_s390x",
"product_id": "openshift-logging/loki-rhel8-operator@sha256:e8fcf0b219be91fa15ec5cc8f83d5874b9d0a3482dbd1e90a5e05878b6522596_s390x",
"product_identification_helper": {
"purl": "pkg:oci/loki-rhel8-operator@sha256:e8fcf0b219be91fa15ec5cc8f83d5874b9d0a3482dbd1e90a5e05878b6522596?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/loki-rhel8-operator\u0026tag=v5.6.5-6"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/lokistack-gateway-rhel8@sha256:e40c1ed15366fa6e48141e69b66264f760cbd9a8919339c3817a90b5f1620bdb_s390x",
"product": {
"name": "openshift-logging/lokistack-gateway-rhel8@sha256:e40c1ed15366fa6e48141e69b66264f760cbd9a8919339c3817a90b5f1620bdb_s390x",
"product_id": "openshift-logging/lokistack-gateway-rhel8@sha256:e40c1ed15366fa6e48141e69b66264f760cbd9a8919339c3817a90b5f1620bdb_s390x",
"product_identification_helper": {
"purl": "pkg:oci/lokistack-gateway-rhel8@sha256:e40c1ed15366fa6e48141e69b66264f760cbd9a8919339c3817a90b5f1620bdb?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/lokistack-gateway-rhel8\u0026tag=v0.1.0-204"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/opa-openshift-rhel8@sha256:5167a7002dcedb6d27b137b7ff0958a8a4043706d4366ce6fff01bd49168685d_s390x",
"product": {
"name": "openshift-logging/opa-openshift-rhel8@sha256:5167a7002dcedb6d27b137b7ff0958a8a4043706d4366ce6fff01bd49168685d_s390x",
"product_id": "openshift-logging/opa-openshift-rhel8@sha256:5167a7002dcedb6d27b137b7ff0958a8a4043706d4366ce6fff01bd49168685d_s390x",
"product_identification_helper": {
"purl": "pkg:oci/opa-openshift-rhel8@sha256:5167a7002dcedb6d27b137b7ff0958a8a4043706d4366ce6fff01bd49168685d?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/opa-openshift-rhel8\u0026tag=v0.1.0-71"
}
}
}
],
"category": "architecture",
"name": "s390x"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/cluster-logging-operator-bundle@sha256:f1a9fce2a0474fffabc36e62b3208e333a2154b0c75b8674f0264c0e77faf011_amd64 as a component of RHOL 5.6 for RHEL 8",
"product_id": "8Base-RHOL-5.6:openshift-logging/cluster-logging-operator-bundle@sha256:f1a9fce2a0474fffabc36e62b3208e333a2154b0c75b8674f0264c0e77faf011_amd64"
},
"product_reference": "openshift-logging/cluster-logging-operator-bundle@sha256:f1a9fce2a0474fffabc36e62b3208e333a2154b0c75b8674f0264c0e77faf011_amd64",
"relates_to_product_reference": "8Base-RHOL-5.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/cluster-logging-rhel8-operator@sha256:233b5898005aa4bb4aa50b8efc96ef2f02b455bbe59a399b85ed8f00d520f1c7_ppc64le as a component of RHOL 5.6 for RHEL 8",
"product_id": "8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:233b5898005aa4bb4aa50b8efc96ef2f02b455bbe59a399b85ed8f00d520f1c7_ppc64le"
},
"product_reference": "openshift-logging/cluster-logging-rhel8-operator@sha256:233b5898005aa4bb4aa50b8efc96ef2f02b455bbe59a399b85ed8f00d520f1c7_ppc64le",
"relates_to_product_reference": "8Base-RHOL-5.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/cluster-logging-rhel8-operator@sha256:5faffa3624e95ae19104be20e2cb69ab9719ad5fbc12b8370618e7d89c497df5_s390x as a component of RHOL 5.6 for RHEL 8",
"product_id": "8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:5faffa3624e95ae19104be20e2cb69ab9719ad5fbc12b8370618e7d89c497df5_s390x"
},
"product_reference": "openshift-logging/cluster-logging-rhel8-operator@sha256:5faffa3624e95ae19104be20e2cb69ab9719ad5fbc12b8370618e7d89c497df5_s390x",
"relates_to_product_reference": "8Base-RHOL-5.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/cluster-logging-rhel8-operator@sha256:6f77858ae3de7f44cebede1ce239fd6d21e5299c22931e3500215f3d9190da1b_amd64 as a component of RHOL 5.6 for RHEL 8",
"product_id": "8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:6f77858ae3de7f44cebede1ce239fd6d21e5299c22931e3500215f3d9190da1b_amd64"
},
"product_reference": "openshift-logging/cluster-logging-rhel8-operator@sha256:6f77858ae3de7f44cebede1ce239fd6d21e5299c22931e3500215f3d9190da1b_amd64",
"relates_to_product_reference": "8Base-RHOL-5.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/cluster-logging-rhel8-operator@sha256:731567ee7f2c91d248d3980a4fe5cf3e3b19c95ac028ebc4ba9051f940539546_arm64 as a component of RHOL 5.6 for RHEL 8",
"product_id": "8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:731567ee7f2c91d248d3980a4fe5cf3e3b19c95ac028ebc4ba9051f940539546_arm64"
},
"product_reference": "openshift-logging/cluster-logging-rhel8-operator@sha256:731567ee7f2c91d248d3980a4fe5cf3e3b19c95ac028ebc4ba9051f940539546_arm64",
"relates_to_product_reference": "8Base-RHOL-5.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch-operator-bundle@sha256:afea2897dd74235fa62bf34821441819ed8edbee121a053e6001c046482b4573_amd64 as a component of RHOL 5.6 for RHEL 8",
"product_id": "8Base-RHOL-5.6:openshift-logging/elasticsearch-operator-bundle@sha256:afea2897dd74235fa62bf34821441819ed8edbee121a053e6001c046482b4573_amd64"
},
"product_reference": "openshift-logging/elasticsearch-operator-bundle@sha256:afea2897dd74235fa62bf34821441819ed8edbee121a053e6001c046482b4573_amd64",
"relates_to_product_reference": "8Base-RHOL-5.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:3e6e31a25c940cd0b0376df0640648ff357c3842307ea1e4dda99bfc2d4d6fe7_s390x as a component of RHOL 5.6 for RHEL 8",
"product_id": "8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:3e6e31a25c940cd0b0376df0640648ff357c3842307ea1e4dda99bfc2d4d6fe7_s390x"
},
"product_reference": "openshift-logging/elasticsearch-proxy-rhel8@sha256:3e6e31a25c940cd0b0376df0640648ff357c3842307ea1e4dda99bfc2d4d6fe7_s390x",
"relates_to_product_reference": "8Base-RHOL-5.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:45e20088c3ff0abfeeb0f7530278457eef2ff45122393c5bc75b126ad64dfcd3_amd64 as a component of RHOL 5.6 for RHEL 8",
"product_id": "8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:45e20088c3ff0abfeeb0f7530278457eef2ff45122393c5bc75b126ad64dfcd3_amd64"
},
"product_reference": "openshift-logging/elasticsearch-proxy-rhel8@sha256:45e20088c3ff0abfeeb0f7530278457eef2ff45122393c5bc75b126ad64dfcd3_amd64",
"relates_to_product_reference": "8Base-RHOL-5.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:7f85c4998d8ef0f27e1bfece2df91f3cab3489f7e5deced405ab4a3aae9b28a1_ppc64le as a component of RHOL 5.6 for RHEL 8",
"product_id": "8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:7f85c4998d8ef0f27e1bfece2df91f3cab3489f7e5deced405ab4a3aae9b28a1_ppc64le"
},
"product_reference": "openshift-logging/elasticsearch-proxy-rhel8@sha256:7f85c4998d8ef0f27e1bfece2df91f3cab3489f7e5deced405ab4a3aae9b28a1_ppc64le",
"relates_to_product_reference": "8Base-RHOL-5.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:e2f28dca1a754623359b704a29e3ef4fe31cdb4e5816ed8cb9cc931f62aa74e5_arm64 as a component of RHOL 5.6 for RHEL 8",
"product_id": "8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:e2f28dca1a754623359b704a29e3ef4fe31cdb4e5816ed8cb9cc931f62aa74e5_arm64"
},
"product_reference": "openshift-logging/elasticsearch-proxy-rhel8@sha256:e2f28dca1a754623359b704a29e3ef4fe31cdb4e5816ed8cb9cc931f62aa74e5_arm64",
"relates_to_product_reference": "8Base-RHOL-5.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch-rhel8-operator@sha256:507b0bd5d403d57e79bf0c92699d8a3b2d738c0cbb564384469134e7bd8735d2_amd64 as a component of RHOL 5.6 for RHEL 8",
"product_id": "8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:507b0bd5d403d57e79bf0c92699d8a3b2d738c0cbb564384469134e7bd8735d2_amd64"
},
"product_reference": "openshift-logging/elasticsearch-rhel8-operator@sha256:507b0bd5d403d57e79bf0c92699d8a3b2d738c0cbb564384469134e7bd8735d2_amd64",
"relates_to_product_reference": "8Base-RHOL-5.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch-rhel8-operator@sha256:53c81d3e6bcb29343e1cfe4c58abb02126fc968f3e2af4d21d0488190888a879_s390x as a component of RHOL 5.6 for RHEL 8",
"product_id": "8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:53c81d3e6bcb29343e1cfe4c58abb02126fc968f3e2af4d21d0488190888a879_s390x"
},
"product_reference": "openshift-logging/elasticsearch-rhel8-operator@sha256:53c81d3e6bcb29343e1cfe4c58abb02126fc968f3e2af4d21d0488190888a879_s390x",
"relates_to_product_reference": "8Base-RHOL-5.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch-rhel8-operator@sha256:d978206d2447c3517f8412fbdada672dd13c8baf76466ff972f5a347eeabfa99_ppc64le as a component of RHOL 5.6 for RHEL 8",
"product_id": "8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:d978206d2447c3517f8412fbdada672dd13c8baf76466ff972f5a347eeabfa99_ppc64le"
},
"product_reference": "openshift-logging/elasticsearch-rhel8-operator@sha256:d978206d2447c3517f8412fbdada672dd13c8baf76466ff972f5a347eeabfa99_ppc64le",
"relates_to_product_reference": "8Base-RHOL-5.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch-rhel8-operator@sha256:f5a7733e18054f11629816d73507636fbf89c82dced718721b50aab18871a840_arm64 as a component of RHOL 5.6 for RHEL 8",
"product_id": "8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:f5a7733e18054f11629816d73507636fbf89c82dced718721b50aab18871a840_arm64"
},
"product_reference": "openshift-logging/elasticsearch-rhel8-operator@sha256:f5a7733e18054f11629816d73507636fbf89c82dced718721b50aab18871a840_arm64",
"relates_to_product_reference": "8Base-RHOL-5.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch6-rhel8@sha256:175a6b8f6435fe3d1ca8db0b4e9398b09db9b502bf17dd7d309eaa84cada7df2_ppc64le as a component of RHOL 5.6 for RHEL 8",
"product_id": "8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:175a6b8f6435fe3d1ca8db0b4e9398b09db9b502bf17dd7d309eaa84cada7df2_ppc64le"
},
"product_reference": "openshift-logging/elasticsearch6-rhel8@sha256:175a6b8f6435fe3d1ca8db0b4e9398b09db9b502bf17dd7d309eaa84cada7df2_ppc64le",
"relates_to_product_reference": "8Base-RHOL-5.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch6-rhel8@sha256:555f6e29451c73b5534f7c5f674a11bd46052fc9c4e0ab91c19c4f79acf799e9_arm64 as a component of RHOL 5.6 for RHEL 8",
"product_id": "8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:555f6e29451c73b5534f7c5f674a11bd46052fc9c4e0ab91c19c4f79acf799e9_arm64"
},
"product_reference": "openshift-logging/elasticsearch6-rhel8@sha256:555f6e29451c73b5534f7c5f674a11bd46052fc9c4e0ab91c19c4f79acf799e9_arm64",
"relates_to_product_reference": "8Base-RHOL-5.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch6-rhel8@sha256:6bfb202f2336441f522ae26f59a413d7fbda41b781ca4db46ff99ea89dd9ff8b_s390x as a component of RHOL 5.6 for RHEL 8",
"product_id": "8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:6bfb202f2336441f522ae26f59a413d7fbda41b781ca4db46ff99ea89dd9ff8b_s390x"
},
"product_reference": "openshift-logging/elasticsearch6-rhel8@sha256:6bfb202f2336441f522ae26f59a413d7fbda41b781ca4db46ff99ea89dd9ff8b_s390x",
"relates_to_product_reference": "8Base-RHOL-5.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch6-rhel8@sha256:9644f26adbc31d149e652189f5c7832608862fc3db31172d49b2c2ac69e06b62_amd64 as a component of RHOL 5.6 for RHEL 8",
"product_id": "8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:9644f26adbc31d149e652189f5c7832608862fc3db31172d49b2c2ac69e06b62_amd64"
},
"product_reference": "openshift-logging/elasticsearch6-rhel8@sha256:9644f26adbc31d149e652189f5c7832608862fc3db31172d49b2c2ac69e06b62_amd64",
"relates_to_product_reference": "8Base-RHOL-5.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/eventrouter-rhel8@sha256:0d97eb7ba68c74cec9b8cb5da3a0663c2645486f74b02261cb40276f3342d93b_arm64 as a component of RHOL 5.6 for RHEL 8",
"product_id": "8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:0d97eb7ba68c74cec9b8cb5da3a0663c2645486f74b02261cb40276f3342d93b_arm64"
},
"product_reference": "openshift-logging/eventrouter-rhel8@sha256:0d97eb7ba68c74cec9b8cb5da3a0663c2645486f74b02261cb40276f3342d93b_arm64",
"relates_to_product_reference": "8Base-RHOL-5.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/eventrouter-rhel8@sha256:235deb07313141dd5934b92b19a95b7485e998242998f400a7a87affc0bf16aa_ppc64le as a component of RHOL 5.6 for RHEL 8",
"product_id": "8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:235deb07313141dd5934b92b19a95b7485e998242998f400a7a87affc0bf16aa_ppc64le"
},
"product_reference": "openshift-logging/eventrouter-rhel8@sha256:235deb07313141dd5934b92b19a95b7485e998242998f400a7a87affc0bf16aa_ppc64le",
"relates_to_product_reference": "8Base-RHOL-5.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/eventrouter-rhel8@sha256:67be5df93f4215936f57cefd1e5e00645df41b83c0de38f1111b5ed7303acf4a_s390x as a component of RHOL 5.6 for RHEL 8",
"product_id": "8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:67be5df93f4215936f57cefd1e5e00645df41b83c0de38f1111b5ed7303acf4a_s390x"
},
"product_reference": "openshift-logging/eventrouter-rhel8@sha256:67be5df93f4215936f57cefd1e5e00645df41b83c0de38f1111b5ed7303acf4a_s390x",
"relates_to_product_reference": "8Base-RHOL-5.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/eventrouter-rhel8@sha256:68a062de1e69875e3d6bd77ec356a50c12c228dbbc4a400bc940335c5b5e2a73_amd64 as a component of RHOL 5.6 for RHEL 8",
"product_id": "8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:68a062de1e69875e3d6bd77ec356a50c12c228dbbc4a400bc940335c5b5e2a73_amd64"
},
"product_reference": "openshift-logging/eventrouter-rhel8@sha256:68a062de1e69875e3d6bd77ec356a50c12c228dbbc4a400bc940335c5b5e2a73_amd64",
"relates_to_product_reference": "8Base-RHOL-5.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/fluentd-rhel8@sha256:0322877e7e70debca22bac62e0d2a1f91cdebd4bf3bf96033b78e98d09bb2480_arm64 as a component of RHOL 5.6 for RHEL 8",
"product_id": "8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:0322877e7e70debca22bac62e0d2a1f91cdebd4bf3bf96033b78e98d09bb2480_arm64"
},
"product_reference": "openshift-logging/fluentd-rhel8@sha256:0322877e7e70debca22bac62e0d2a1f91cdebd4bf3bf96033b78e98d09bb2480_arm64",
"relates_to_product_reference": "8Base-RHOL-5.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/fluentd-rhel8@sha256:2e491ee9d43964cc53a8ebd1ac92507e9af6d8a39649594d5c4e991067d6ca99_s390x as a component of RHOL 5.6 for RHEL 8",
"product_id": "8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:2e491ee9d43964cc53a8ebd1ac92507e9af6d8a39649594d5c4e991067d6ca99_s390x"
},
"product_reference": "openshift-logging/fluentd-rhel8@sha256:2e491ee9d43964cc53a8ebd1ac92507e9af6d8a39649594d5c4e991067d6ca99_s390x",
"relates_to_product_reference": "8Base-RHOL-5.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/fluentd-rhel8@sha256:2fa5ad6177cfcda351c13e8478a4ab5c17a428aee75f089c8d0ca8a4505d3ba8_amd64 as a component of RHOL 5.6 for RHEL 8",
"product_id": "8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:2fa5ad6177cfcda351c13e8478a4ab5c17a428aee75f089c8d0ca8a4505d3ba8_amd64"
},
"product_reference": "openshift-logging/fluentd-rhel8@sha256:2fa5ad6177cfcda351c13e8478a4ab5c17a428aee75f089c8d0ca8a4505d3ba8_amd64",
"relates_to_product_reference": "8Base-RHOL-5.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/fluentd-rhel8@sha256:5c47d4c63b92680903171598e05db75edeafce751dc7548987804b72077ce550_ppc64le as a component of RHOL 5.6 for RHEL 8",
"product_id": "8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:5c47d4c63b92680903171598e05db75edeafce751dc7548987804b72077ce550_ppc64le"
},
"product_reference": "openshift-logging/fluentd-rhel8@sha256:5c47d4c63b92680903171598e05db75edeafce751dc7548987804b72077ce550_ppc64le",
"relates_to_product_reference": "8Base-RHOL-5.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/kibana6-rhel8@sha256:3e0895b3567f900a8a0e39f8cf60280db2dbd057c9599e885a7de98e4e80b166_arm64 as a component of RHOL 5.6 for RHEL 8",
"product_id": "8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:3e0895b3567f900a8a0e39f8cf60280db2dbd057c9599e885a7de98e4e80b166_arm64"
},
"product_reference": "openshift-logging/kibana6-rhel8@sha256:3e0895b3567f900a8a0e39f8cf60280db2dbd057c9599e885a7de98e4e80b166_arm64",
"relates_to_product_reference": "8Base-RHOL-5.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/kibana6-rhel8@sha256:483fe327c1794582cf74e5b15821b647210eda732e8339a88ecafb183dfab479_amd64 as a component of RHOL 5.6 for RHEL 8",
"product_id": "8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:483fe327c1794582cf74e5b15821b647210eda732e8339a88ecafb183dfab479_amd64"
},
"product_reference": "openshift-logging/kibana6-rhel8@sha256:483fe327c1794582cf74e5b15821b647210eda732e8339a88ecafb183dfab479_amd64",
"relates_to_product_reference": "8Base-RHOL-5.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/kibana6-rhel8@sha256:9ba17d38faba70354f5a890409189a12bf5e0d7aadfb4698fafb37e9cb8d6d00_s390x as a component of RHOL 5.6 for RHEL 8",
"product_id": "8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:9ba17d38faba70354f5a890409189a12bf5e0d7aadfb4698fafb37e9cb8d6d00_s390x"
},
"product_reference": "openshift-logging/kibana6-rhel8@sha256:9ba17d38faba70354f5a890409189a12bf5e0d7aadfb4698fafb37e9cb8d6d00_s390x",
"relates_to_product_reference": "8Base-RHOL-5.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/kibana6-rhel8@sha256:eabd2451a3668ddffacdce6d3b72863fc093a8ad22592f550a9009b021eb21ca_ppc64le as a component of RHOL 5.6 for RHEL 8",
"product_id": "8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:eabd2451a3668ddffacdce6d3b72863fc093a8ad22592f550a9009b021eb21ca_ppc64le"
},
"product_reference": "openshift-logging/kibana6-rhel8@sha256:eabd2451a3668ddffacdce6d3b72863fc093a8ad22592f550a9009b021eb21ca_ppc64le",
"relates_to_product_reference": "8Base-RHOL-5.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/log-file-metric-exporter-rhel8@sha256:4929cd6fa0a37120dfa2361750d51138a223fd64116c96629e47cc3e5d1e971e_amd64 as a component of RHOL 5.6 for RHEL 8",
"product_id": "8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:4929cd6fa0a37120dfa2361750d51138a223fd64116c96629e47cc3e5d1e971e_amd64"
},
"product_reference": "openshift-logging/log-file-metric-exporter-rhel8@sha256:4929cd6fa0a37120dfa2361750d51138a223fd64116c96629e47cc3e5d1e971e_amd64",
"relates_to_product_reference": "8Base-RHOL-5.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/log-file-metric-exporter-rhel8@sha256:58e588e059f62fe7b26a7bcd4567ea8c6903e694df86ea708f9bbae149b598ff_arm64 as a component of RHOL 5.6 for RHEL 8",
"product_id": "8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:58e588e059f62fe7b26a7bcd4567ea8c6903e694df86ea708f9bbae149b598ff_arm64"
},
"product_reference": "openshift-logging/log-file-metric-exporter-rhel8@sha256:58e588e059f62fe7b26a7bcd4567ea8c6903e694df86ea708f9bbae149b598ff_arm64",
"relates_to_product_reference": "8Base-RHOL-5.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/log-file-metric-exporter-rhel8@sha256:86f47139be2ec7ee5391f4d54f00d697126d3a0128b9a22bb93fd704c03fc4da_ppc64le as a component of RHOL 5.6 for RHEL 8",
"product_id": "8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:86f47139be2ec7ee5391f4d54f00d697126d3a0128b9a22bb93fd704c03fc4da_ppc64le"
},
"product_reference": "openshift-logging/log-file-metric-exporter-rhel8@sha256:86f47139be2ec7ee5391f4d54f00d697126d3a0128b9a22bb93fd704c03fc4da_ppc64le",
"relates_to_product_reference": "8Base-RHOL-5.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/log-file-metric-exporter-rhel8@sha256:9034be9d22b0c2a9918fa79c37854b62099b32d32586380f455f435aa139ab86_s390x as a component of RHOL 5.6 for RHEL 8",
"product_id": "8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:9034be9d22b0c2a9918fa79c37854b62099b32d32586380f455f435aa139ab86_s390x"
},
"product_reference": "openshift-logging/log-file-metric-exporter-rhel8@sha256:9034be9d22b0c2a9918fa79c37854b62099b32d32586380f455f435aa139ab86_s390x",
"relates_to_product_reference": "8Base-RHOL-5.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/logging-curator5-rhel8@sha256:3c1728139dc88aa75ee088fe2d9e4917ca5062951cf5aa9d4ac69f42f4e6683c_s390x as a component of RHOL 5.6 for RHEL 8",
"product_id": "8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:3c1728139dc88aa75ee088fe2d9e4917ca5062951cf5aa9d4ac69f42f4e6683c_s390x"
},
"product_reference": "openshift-logging/logging-curator5-rhel8@sha256:3c1728139dc88aa75ee088fe2d9e4917ca5062951cf5aa9d4ac69f42f4e6683c_s390x",
"relates_to_product_reference": "8Base-RHOL-5.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/logging-curator5-rhel8@sha256:40e6c524006c8f7cb0ca212a4f4b19083df527da944dea762aac60e68d73ecf9_amd64 as a component of RHOL 5.6 for RHEL 8",
"product_id": "8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:40e6c524006c8f7cb0ca212a4f4b19083df527da944dea762aac60e68d73ecf9_amd64"
},
"product_reference": "openshift-logging/logging-curator5-rhel8@sha256:40e6c524006c8f7cb0ca212a4f4b19083df527da944dea762aac60e68d73ecf9_amd64",
"relates_to_product_reference": "8Base-RHOL-5.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/logging-curator5-rhel8@sha256:bfea82efdd8c0a2ffdec93e582394026ba6f4086ef039c51d293080232f9b2f1_ppc64le as a component of RHOL 5.6 for RHEL 8",
"product_id": "8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:bfea82efdd8c0a2ffdec93e582394026ba6f4086ef039c51d293080232f9b2f1_ppc64le"
},
"product_reference": "openshift-logging/logging-curator5-rhel8@sha256:bfea82efdd8c0a2ffdec93e582394026ba6f4086ef039c51d293080232f9b2f1_ppc64le",
"relates_to_product_reference": "8Base-RHOL-5.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/logging-curator5-rhel8@sha256:f6bcf32ebc3ba8f15ae1c4b2df8c8659187eba1b27f18b28bd5778530b407797_arm64 as a component of RHOL 5.6 for RHEL 8",
"product_id": "8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:f6bcf32ebc3ba8f15ae1c4b2df8c8659187eba1b27f18b28bd5778530b407797_arm64"
},
"product_reference": "openshift-logging/logging-curator5-rhel8@sha256:f6bcf32ebc3ba8f15ae1c4b2df8c8659187eba1b27f18b28bd5778530b407797_arm64",
"relates_to_product_reference": "8Base-RHOL-5.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/logging-loki-rhel8@sha256:3e02ee8dfb296ad9261512a268fe42744120e262b2915c50bdd094bd8cf9ca1f_s390x as a component of RHOL 5.6 for RHEL 8",
"product_id": "8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:3e02ee8dfb296ad9261512a268fe42744120e262b2915c50bdd094bd8cf9ca1f_s390x"
},
"product_reference": "openshift-logging/logging-loki-rhel8@sha256:3e02ee8dfb296ad9261512a268fe42744120e262b2915c50bdd094bd8cf9ca1f_s390x",
"relates_to_product_reference": "8Base-RHOL-5.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/logging-loki-rhel8@sha256:55b64a6a5cb71c908a8962e7a757a064619c9f8aa0080fc584db92674a6d4ec7_ppc64le as a component of RHOL 5.6 for RHEL 8",
"product_id": "8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:55b64a6a5cb71c908a8962e7a757a064619c9f8aa0080fc584db92674a6d4ec7_ppc64le"
},
"product_reference": "openshift-logging/logging-loki-rhel8@sha256:55b64a6a5cb71c908a8962e7a757a064619c9f8aa0080fc584db92674a6d4ec7_ppc64le",
"relates_to_product_reference": "8Base-RHOL-5.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/logging-loki-rhel8@sha256:9f0a0a82641750924a03fdb68e9755dc0e770f50826b44e8c79183b7706bf0c1_amd64 as a component of RHOL 5.6 for RHEL 8",
"product_id": "8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:9f0a0a82641750924a03fdb68e9755dc0e770f50826b44e8c79183b7706bf0c1_amd64"
},
"product_reference": "openshift-logging/logging-loki-rhel8@sha256:9f0a0a82641750924a03fdb68e9755dc0e770f50826b44e8c79183b7706bf0c1_amd64",
"relates_to_product_reference": "8Base-RHOL-5.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/logging-loki-rhel8@sha256:e5d15c23b8c9c34be899041bcebd76a20054775dc841b2f807ee8b9a86f7d2f5_arm64 as a component of RHOL 5.6 for RHEL 8",
"product_id": "8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:e5d15c23b8c9c34be899041bcebd76a20054775dc841b2f807ee8b9a86f7d2f5_arm64"
},
"product_reference": "openshift-logging/logging-loki-rhel8@sha256:e5d15c23b8c9c34be899041bcebd76a20054775dc841b2f807ee8b9a86f7d2f5_arm64",
"relates_to_product_reference": "8Base-RHOL-5.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/logging-view-plugin-rhel8@sha256:149c2037d62c50230befb6873e2b3e4daba573adccc8049eb7677600a63cb936_s390x as a component of RHOL 5.6 for RHEL 8",
"product_id": "8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:149c2037d62c50230befb6873e2b3e4daba573adccc8049eb7677600a63cb936_s390x"
},
"product_reference": "openshift-logging/logging-view-plugin-rhel8@sha256:149c2037d62c50230befb6873e2b3e4daba573adccc8049eb7677600a63cb936_s390x",
"relates_to_product_reference": "8Base-RHOL-5.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/logging-view-plugin-rhel8@sha256:4da268c6d5e321fb24493b008dea642438d0379ece7f990b1e5aea7116a8f03c_amd64 as a component of RHOL 5.6 for RHEL 8",
"product_id": "8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:4da268c6d5e321fb24493b008dea642438d0379ece7f990b1e5aea7116a8f03c_amd64"
},
"product_reference": "openshift-logging/logging-view-plugin-rhel8@sha256:4da268c6d5e321fb24493b008dea642438d0379ece7f990b1e5aea7116a8f03c_amd64",
"relates_to_product_reference": "8Base-RHOL-5.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/logging-view-plugin-rhel8@sha256:94c42f3bbaa631c0f5fb3d45b547fc4f75a7fbe13960f98828f1aed709ba55f7_arm64 as a component of RHOL 5.6 for RHEL 8",
"product_id": "8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:94c42f3bbaa631c0f5fb3d45b547fc4f75a7fbe13960f98828f1aed709ba55f7_arm64"
},
"product_reference": "openshift-logging/logging-view-plugin-rhel8@sha256:94c42f3bbaa631c0f5fb3d45b547fc4f75a7fbe13960f98828f1aed709ba55f7_arm64",
"relates_to_product_reference": "8Base-RHOL-5.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/logging-view-plugin-rhel8@sha256:a2d22864fa5c2350bb4d7eeea8396c645c2a8247d85de55069abf6c93e15eaff_ppc64le as a component of RHOL 5.6 for RHEL 8",
"product_id": "8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:a2d22864fa5c2350bb4d7eeea8396c645c2a8247d85de55069abf6c93e15eaff_ppc64le"
},
"product_reference": "openshift-logging/logging-view-plugin-rhel8@sha256:a2d22864fa5c2350bb4d7eeea8396c645c2a8247d85de55069abf6c93e15eaff_ppc64le",
"relates_to_product_reference": "8Base-RHOL-5.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/loki-operator-bundle@sha256:474d77067fc0d2df2137c4009c9d1f9bc50084fa4d51818be405826bc55c0d96_amd64 as a component of RHOL 5.6 for RHEL 8",
"product_id": "8Base-RHOL-5.6:openshift-logging/loki-operator-bundle@sha256:474d77067fc0d2df2137c4009c9d1f9bc50084fa4d51818be405826bc55c0d96_amd64"
},
"product_reference": "openshift-logging/loki-operator-bundle@sha256:474d77067fc0d2df2137c4009c9d1f9bc50084fa4d51818be405826bc55c0d96_amd64",
"relates_to_product_reference": "8Base-RHOL-5.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/loki-rhel8-operator@sha256:655ba76eb2429aaa6676259d17144ff2961045a59bc02a0da1865d93f2f3abaa_arm64 as a component of RHOL 5.6 for RHEL 8",
"product_id": "8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:655ba76eb2429aaa6676259d17144ff2961045a59bc02a0da1865d93f2f3abaa_arm64"
},
"product_reference": "openshift-logging/loki-rhel8-operator@sha256:655ba76eb2429aaa6676259d17144ff2961045a59bc02a0da1865d93f2f3abaa_arm64",
"relates_to_product_reference": "8Base-RHOL-5.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/loki-rhel8-operator@sha256:6f2b591a8b6421e72fde418c8b8a76a6de6d9b72e22a0a57d3096d5efa82343b_amd64 as a component of RHOL 5.6 for RHEL 8",
"product_id": "8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:6f2b591a8b6421e72fde418c8b8a76a6de6d9b72e22a0a57d3096d5efa82343b_amd64"
},
"product_reference": "openshift-logging/loki-rhel8-operator@sha256:6f2b591a8b6421e72fde418c8b8a76a6de6d9b72e22a0a57d3096d5efa82343b_amd64",
"relates_to_product_reference": "8Base-RHOL-5.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/loki-rhel8-operator@sha256:ab42c49b2bd600c500b226bc63349a7eef490f75d6dddf1812721a7579879e4f_ppc64le as a component of RHOL 5.6 for RHEL 8",
"product_id": "8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:ab42c49b2bd600c500b226bc63349a7eef490f75d6dddf1812721a7579879e4f_ppc64le"
},
"product_reference": "openshift-logging/loki-rhel8-operator@sha256:ab42c49b2bd600c500b226bc63349a7eef490f75d6dddf1812721a7579879e4f_ppc64le",
"relates_to_product_reference": "8Base-RHOL-5.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/loki-rhel8-operator@sha256:e8fcf0b219be91fa15ec5cc8f83d5874b9d0a3482dbd1e90a5e05878b6522596_s390x as a component of RHOL 5.6 for RHEL 8",
"product_id": "8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:e8fcf0b219be91fa15ec5cc8f83d5874b9d0a3482dbd1e90a5e05878b6522596_s390x"
},
"product_reference": "openshift-logging/loki-rhel8-operator@sha256:e8fcf0b219be91fa15ec5cc8f83d5874b9d0a3482dbd1e90a5e05878b6522596_s390x",
"relates_to_product_reference": "8Base-RHOL-5.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/lokistack-gateway-rhel8@sha256:2de0f9cc91c4fb80cdcb672746f46e8cad9f87ba59b1136438f079b9db1f3158_amd64 as a component of RHOL 5.6 for RHEL 8",
"product_id": "8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:2de0f9cc91c4fb80cdcb672746f46e8cad9f87ba59b1136438f079b9db1f3158_amd64"
},
"product_reference": "openshift-logging/lokistack-gateway-rhel8@sha256:2de0f9cc91c4fb80cdcb672746f46e8cad9f87ba59b1136438f079b9db1f3158_amd64",
"relates_to_product_reference": "8Base-RHOL-5.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/lokistack-gateway-rhel8@sha256:3041db16c26cdb4f8c88e1963ab535c170bd5dffa2b452ca3a08ce6e6d2a2500_ppc64le as a component of RHOL 5.6 for RHEL 8",
"product_id": "8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:3041db16c26cdb4f8c88e1963ab535c170bd5dffa2b452ca3a08ce6e6d2a2500_ppc64le"
},
"product_reference": "openshift-logging/lokistack-gateway-rhel8@sha256:3041db16c26cdb4f8c88e1963ab535c170bd5dffa2b452ca3a08ce6e6d2a2500_ppc64le",
"relates_to_product_reference": "8Base-RHOL-5.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/lokistack-gateway-rhel8@sha256:448bdb0b727d4c0e643aad3259022b895b71ea054d961eca211a905d1a38ecd0_arm64 as a component of RHOL 5.6 for RHEL 8",
"product_id": "8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:448bdb0b727d4c0e643aad3259022b895b71ea054d961eca211a905d1a38ecd0_arm64"
},
"product_reference": "openshift-logging/lokistack-gateway-rhel8@sha256:448bdb0b727d4c0e643aad3259022b895b71ea054d961eca211a905d1a38ecd0_arm64",
"relates_to_product_reference": "8Base-RHOL-5.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/lokistack-gateway-rhel8@sha256:e40c1ed15366fa6e48141e69b66264f760cbd9a8919339c3817a90b5f1620bdb_s390x as a component of RHOL 5.6 for RHEL 8",
"product_id": "8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:e40c1ed15366fa6e48141e69b66264f760cbd9a8919339c3817a90b5f1620bdb_s390x"
},
"product_reference": "openshift-logging/lokistack-gateway-rhel8@sha256:e40c1ed15366fa6e48141e69b66264f760cbd9a8919339c3817a90b5f1620bdb_s390x",
"relates_to_product_reference": "8Base-RHOL-5.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/opa-openshift-rhel8@sha256:511c75ee2a60bed854dc3708886a6d600625cde6b78849d0cbce3ceb1cceb068_ppc64le as a component of RHOL 5.6 for RHEL 8",
"product_id": "8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:511c75ee2a60bed854dc3708886a6d600625cde6b78849d0cbce3ceb1cceb068_ppc64le"
},
"product_reference": "openshift-logging/opa-openshift-rhel8@sha256:511c75ee2a60bed854dc3708886a6d600625cde6b78849d0cbce3ceb1cceb068_ppc64le",
"relates_to_product_reference": "8Base-RHOL-5.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/opa-openshift-rhel8@sha256:5167a7002dcedb6d27b137b7ff0958a8a4043706d4366ce6fff01bd49168685d_s390x as a component of RHOL 5.6 for RHEL 8",
"product_id": "8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:5167a7002dcedb6d27b137b7ff0958a8a4043706d4366ce6fff01bd49168685d_s390x"
},
"product_reference": "openshift-logging/opa-openshift-rhel8@sha256:5167a7002dcedb6d27b137b7ff0958a8a4043706d4366ce6fff01bd49168685d_s390x",
"relates_to_product_reference": "8Base-RHOL-5.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/opa-openshift-rhel8@sha256:cb430fc37545c40db97f0b9f8b9b5fb8ec0f2ce9318c80850f81eef8019117b8_amd64 as a component of RHOL 5.6 for RHEL 8",
"product_id": "8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:cb430fc37545c40db97f0b9f8b9b5fb8ec0f2ce9318c80850f81eef8019117b8_amd64"
},
"product_reference": "openshift-logging/opa-openshift-rhel8@sha256:cb430fc37545c40db97f0b9f8b9b5fb8ec0f2ce9318c80850f81eef8019117b8_amd64",
"relates_to_product_reference": "8Base-RHOL-5.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/opa-openshift-rhel8@sha256:dc23da77be96ddd671c80c3f8a21f78c0c7a930fbc4f9a0de8e80c435ef783d8_arm64 as a component of RHOL 5.6 for RHEL 8",
"product_id": "8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:dc23da77be96ddd671c80c3f8a21f78c0c7a930fbc4f9a0de8e80c435ef783d8_arm64"
},
"product_reference": "openshift-logging/opa-openshift-rhel8@sha256:dc23da77be96ddd671c80c3f8a21f78c0c7a930fbc4f9a0de8e80c435ef783d8_arm64",
"relates_to_product_reference": "8Base-RHOL-5.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/vector-rhel8@sha256:17b0e15e92527bfb45aadbe13378b262a18bc06b568efeb16a1f2adcd0f31ec3_ppc64le as a component of RHOL 5.6 for RHEL 8",
"product_id": "8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:17b0e15e92527bfb45aadbe13378b262a18bc06b568efeb16a1f2adcd0f31ec3_ppc64le"
},
"product_reference": "openshift-logging/vector-rhel8@sha256:17b0e15e92527bfb45aadbe13378b262a18bc06b568efeb16a1f2adcd0f31ec3_ppc64le",
"relates_to_product_reference": "8Base-RHOL-5.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/vector-rhel8@sha256:658029bec140b359a87bb9266a88572550f589cbcbe0d7e5ce8c145ee33172cd_s390x as a component of RHOL 5.6 for RHEL 8",
"product_id": "8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:658029bec140b359a87bb9266a88572550f589cbcbe0d7e5ce8c145ee33172cd_s390x"
},
"product_reference": "openshift-logging/vector-rhel8@sha256:658029bec140b359a87bb9266a88572550f589cbcbe0d7e5ce8c145ee33172cd_s390x",
"relates_to_product_reference": "8Base-RHOL-5.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/vector-rhel8@sha256:7e6849449e3c2550679720a0b8c21a8cfd0fc34fa95e9b729d2102c53996fb32_arm64 as a component of RHOL 5.6 for RHEL 8",
"product_id": "8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:7e6849449e3c2550679720a0b8c21a8cfd0fc34fa95e9b729d2102c53996fb32_arm64"
},
"product_reference": "openshift-logging/vector-rhel8@sha256:7e6849449e3c2550679720a0b8c21a8cfd0fc34fa95e9b729d2102c53996fb32_arm64",
"relates_to_product_reference": "8Base-RHOL-5.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/vector-rhel8@sha256:f228c45422941ef7435f4337744e71844a6c843cb97f61ff74f3752ce5a9fda4_amd64 as a component of RHOL 5.6 for RHEL 8",
"product_id": "8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:f228c45422941ef7435f4337744e71844a6c843cb97f61ff74f3752ce5a9fda4_amd64"
},
"product_reference": "openshift-logging/vector-rhel8@sha256:f228c45422941ef7435f4337744e71844a6c843cb97f61ff74f3752ce5a9fda4_amd64",
"relates_to_product_reference": "8Base-RHOL-5.6"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-27539",
"cwe": {
"id": "CWE-1333",
"name": "Inefficient Regular Expression Complexity"
},
"discovery_date": "2023-03-15T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHOL-5.6:openshift-logging/cluster-logging-operator-bundle@sha256:f1a9fce2a0474fffabc36e62b3208e333a2154b0c75b8674f0264c0e77faf011_amd64",
"8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:233b5898005aa4bb4aa50b8efc96ef2f02b455bbe59a399b85ed8f00d520f1c7_ppc64le",
"8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:5faffa3624e95ae19104be20e2cb69ab9719ad5fbc12b8370618e7d89c497df5_s390x",
"8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:6f77858ae3de7f44cebede1ce239fd6d21e5299c22931e3500215f3d9190da1b_amd64",
"8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:731567ee7f2c91d248d3980a4fe5cf3e3b19c95ac028ebc4ba9051f940539546_arm64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-operator-bundle@sha256:afea2897dd74235fa62bf34821441819ed8edbee121a053e6001c046482b4573_amd64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:3e6e31a25c940cd0b0376df0640648ff357c3842307ea1e4dda99bfc2d4d6fe7_s390x",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:45e20088c3ff0abfeeb0f7530278457eef2ff45122393c5bc75b126ad64dfcd3_amd64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:7f85c4998d8ef0f27e1bfece2df91f3cab3489f7e5deced405ab4a3aae9b28a1_ppc64le",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:e2f28dca1a754623359b704a29e3ef4fe31cdb4e5816ed8cb9cc931f62aa74e5_arm64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:507b0bd5d403d57e79bf0c92699d8a3b2d738c0cbb564384469134e7bd8735d2_amd64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:53c81d3e6bcb29343e1cfe4c58abb02126fc968f3e2af4d21d0488190888a879_s390x",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:d978206d2447c3517f8412fbdada672dd13c8baf76466ff972f5a347eeabfa99_ppc64le",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:f5a7733e18054f11629816d73507636fbf89c82dced718721b50aab18871a840_arm64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:175a6b8f6435fe3d1ca8db0b4e9398b09db9b502bf17dd7d309eaa84cada7df2_ppc64le",
"8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:555f6e29451c73b5534f7c5f674a11bd46052fc9c4e0ab91c19c4f79acf799e9_arm64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:6bfb202f2336441f522ae26f59a413d7fbda41b781ca4db46ff99ea89dd9ff8b_s390x",
"8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:9644f26adbc31d149e652189f5c7832608862fc3db31172d49b2c2ac69e06b62_amd64",
"8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:0d97eb7ba68c74cec9b8cb5da3a0663c2645486f74b02261cb40276f3342d93b_arm64",
"8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:235deb07313141dd5934b92b19a95b7485e998242998f400a7a87affc0bf16aa_ppc64le",
"8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:67be5df93f4215936f57cefd1e5e00645df41b83c0de38f1111b5ed7303acf4a_s390x",
"8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:68a062de1e69875e3d6bd77ec356a50c12c228dbbc4a400bc940335c5b5e2a73_amd64",
"8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:3e0895b3567f900a8a0e39f8cf60280db2dbd057c9599e885a7de98e4e80b166_arm64",
"8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:483fe327c1794582cf74e5b15821b647210eda732e8339a88ecafb183dfab479_amd64",
"8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:9ba17d38faba70354f5a890409189a12bf5e0d7aadfb4698fafb37e9cb8d6d00_s390x",
"8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:eabd2451a3668ddffacdce6d3b72863fc093a8ad22592f550a9009b021eb21ca_ppc64le",
"8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:4929cd6fa0a37120dfa2361750d51138a223fd64116c96629e47cc3e5d1e971e_amd64",
"8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:58e588e059f62fe7b26a7bcd4567ea8c6903e694df86ea708f9bbae149b598ff_arm64",
"8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:86f47139be2ec7ee5391f4d54f00d697126d3a0128b9a22bb93fd704c03fc4da_ppc64le",
"8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:9034be9d22b0c2a9918fa79c37854b62099b32d32586380f455f435aa139ab86_s390x",
"8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:3c1728139dc88aa75ee088fe2d9e4917ca5062951cf5aa9d4ac69f42f4e6683c_s390x",
"8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:40e6c524006c8f7cb0ca212a4f4b19083df527da944dea762aac60e68d73ecf9_amd64",
"8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:bfea82efdd8c0a2ffdec93e582394026ba6f4086ef039c51d293080232f9b2f1_ppc64le",
"8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:f6bcf32ebc3ba8f15ae1c4b2df8c8659187eba1b27f18b28bd5778530b407797_arm64",
"8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:3e02ee8dfb296ad9261512a268fe42744120e262b2915c50bdd094bd8cf9ca1f_s390x",
"8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:55b64a6a5cb71c908a8962e7a757a064619c9f8aa0080fc584db92674a6d4ec7_ppc64le",
"8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:9f0a0a82641750924a03fdb68e9755dc0e770f50826b44e8c79183b7706bf0c1_amd64",
"8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:e5d15c23b8c9c34be899041bcebd76a20054775dc841b2f807ee8b9a86f7d2f5_arm64",
"8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:149c2037d62c50230befb6873e2b3e4daba573adccc8049eb7677600a63cb936_s390x",
"8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:4da268c6d5e321fb24493b008dea642438d0379ece7f990b1e5aea7116a8f03c_amd64",
"8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:94c42f3bbaa631c0f5fb3d45b547fc4f75a7fbe13960f98828f1aed709ba55f7_arm64",
"8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:a2d22864fa5c2350bb4d7eeea8396c645c2a8247d85de55069abf6c93e15eaff_ppc64le",
"8Base-RHOL-5.6:openshift-logging/loki-operator-bundle@sha256:474d77067fc0d2df2137c4009c9d1f9bc50084fa4d51818be405826bc55c0d96_amd64",
"8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:655ba76eb2429aaa6676259d17144ff2961045a59bc02a0da1865d93f2f3abaa_arm64",
"8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:6f2b591a8b6421e72fde418c8b8a76a6de6d9b72e22a0a57d3096d5efa82343b_amd64",
"8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:ab42c49b2bd600c500b226bc63349a7eef490f75d6dddf1812721a7579879e4f_ppc64le",
"8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:e8fcf0b219be91fa15ec5cc8f83d5874b9d0a3482dbd1e90a5e05878b6522596_s390x",
"8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:2de0f9cc91c4fb80cdcb672746f46e8cad9f87ba59b1136438f079b9db1f3158_amd64",
"8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:3041db16c26cdb4f8c88e1963ab535c170bd5dffa2b452ca3a08ce6e6d2a2500_ppc64le",
"8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:448bdb0b727d4c0e643aad3259022b895b71ea054d961eca211a905d1a38ecd0_arm64",
"8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:e40c1ed15366fa6e48141e69b66264f760cbd9a8919339c3817a90b5f1620bdb_s390x",
"8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:511c75ee2a60bed854dc3708886a6d600625cde6b78849d0cbce3ceb1cceb068_ppc64le",
"8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:5167a7002dcedb6d27b137b7ff0958a8a4043706d4366ce6fff01bd49168685d_s390x",
"8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:cb430fc37545c40db97f0b9f8b9b5fb8ec0f2ce9318c80850f81eef8019117b8_amd64",
"8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:dc23da77be96ddd671c80c3f8a21f78c0c7a930fbc4f9a0de8e80c435ef783d8_arm64",
"8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:17b0e15e92527bfb45aadbe13378b262a18bc06b568efeb16a1f2adcd0f31ec3_ppc64le",
"8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:658029bec140b359a87bb9266a88572550f589cbcbe0d7e5ce8c145ee33172cd_s390x",
"8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:7e6849449e3c2550679720a0b8c21a8cfd0fc34fa95e9b729d2102c53996fb32_arm64",
"8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:f228c45422941ef7435f4337744e71844a6c843cb97f61ff74f3752ce5a9fda4_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2179649"
}
],
"notes": [
{
"category": "description",
"text": "A denial of service vulnerability was found in rubygem-rack in how it parses headers. A carefully crafted input can cause header parsing to take an unexpected amount of time, possibly resulting in a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "rubygem-rack: denial of service in header parsing",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:0322877e7e70debca22bac62e0d2a1f91cdebd4bf3bf96033b78e98d09bb2480_arm64",
"8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:2e491ee9d43964cc53a8ebd1ac92507e9af6d8a39649594d5c4e991067d6ca99_s390x",
"8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:2fa5ad6177cfcda351c13e8478a4ab5c17a428aee75f089c8d0ca8a4505d3ba8_amd64",
"8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:5c47d4c63b92680903171598e05db75edeafce751dc7548987804b72077ce550_ppc64le"
],
"known_not_affected": [
"8Base-RHOL-5.6:openshift-logging/cluster-logging-operator-bundle@sha256:f1a9fce2a0474fffabc36e62b3208e333a2154b0c75b8674f0264c0e77faf011_amd64",
"8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:233b5898005aa4bb4aa50b8efc96ef2f02b455bbe59a399b85ed8f00d520f1c7_ppc64le",
"8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:5faffa3624e95ae19104be20e2cb69ab9719ad5fbc12b8370618e7d89c497df5_s390x",
"8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:6f77858ae3de7f44cebede1ce239fd6d21e5299c22931e3500215f3d9190da1b_amd64",
"8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:731567ee7f2c91d248d3980a4fe5cf3e3b19c95ac028ebc4ba9051f940539546_arm64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-operator-bundle@sha256:afea2897dd74235fa62bf34821441819ed8edbee121a053e6001c046482b4573_amd64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:3e6e31a25c940cd0b0376df0640648ff357c3842307ea1e4dda99bfc2d4d6fe7_s390x",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:45e20088c3ff0abfeeb0f7530278457eef2ff45122393c5bc75b126ad64dfcd3_amd64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:7f85c4998d8ef0f27e1bfece2df91f3cab3489f7e5deced405ab4a3aae9b28a1_ppc64le",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:e2f28dca1a754623359b704a29e3ef4fe31cdb4e5816ed8cb9cc931f62aa74e5_arm64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:507b0bd5d403d57e79bf0c92699d8a3b2d738c0cbb564384469134e7bd8735d2_amd64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:53c81d3e6bcb29343e1cfe4c58abb02126fc968f3e2af4d21d0488190888a879_s390x",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:d978206d2447c3517f8412fbdada672dd13c8baf76466ff972f5a347eeabfa99_ppc64le",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:f5a7733e18054f11629816d73507636fbf89c82dced718721b50aab18871a840_arm64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:175a6b8f6435fe3d1ca8db0b4e9398b09db9b502bf17dd7d309eaa84cada7df2_ppc64le",
"8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:555f6e29451c73b5534f7c5f674a11bd46052fc9c4e0ab91c19c4f79acf799e9_arm64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:6bfb202f2336441f522ae26f59a413d7fbda41b781ca4db46ff99ea89dd9ff8b_s390x",
"8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:9644f26adbc31d149e652189f5c7832608862fc3db31172d49b2c2ac69e06b62_amd64",
"8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:0d97eb7ba68c74cec9b8cb5da3a0663c2645486f74b02261cb40276f3342d93b_arm64",
"8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:235deb07313141dd5934b92b19a95b7485e998242998f400a7a87affc0bf16aa_ppc64le",
"8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:67be5df93f4215936f57cefd1e5e00645df41b83c0de38f1111b5ed7303acf4a_s390x",
"8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:68a062de1e69875e3d6bd77ec356a50c12c228dbbc4a400bc940335c5b5e2a73_amd64",
"8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:3e0895b3567f900a8a0e39f8cf60280db2dbd057c9599e885a7de98e4e80b166_arm64",
"8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:483fe327c1794582cf74e5b15821b647210eda732e8339a88ecafb183dfab479_amd64",
"8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:9ba17d38faba70354f5a890409189a12bf5e0d7aadfb4698fafb37e9cb8d6d00_s390x",
"8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:eabd2451a3668ddffacdce6d3b72863fc093a8ad22592f550a9009b021eb21ca_ppc64le",
"8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:4929cd6fa0a37120dfa2361750d51138a223fd64116c96629e47cc3e5d1e971e_amd64",
"8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:58e588e059f62fe7b26a7bcd4567ea8c6903e694df86ea708f9bbae149b598ff_arm64",
"8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:86f47139be2ec7ee5391f4d54f00d697126d3a0128b9a22bb93fd704c03fc4da_ppc64le",
"8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:9034be9d22b0c2a9918fa79c37854b62099b32d32586380f455f435aa139ab86_s390x",
"8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:3c1728139dc88aa75ee088fe2d9e4917ca5062951cf5aa9d4ac69f42f4e6683c_s390x",
"8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:40e6c524006c8f7cb0ca212a4f4b19083df527da944dea762aac60e68d73ecf9_amd64",
"8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:bfea82efdd8c0a2ffdec93e582394026ba6f4086ef039c51d293080232f9b2f1_ppc64le",
"8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:f6bcf32ebc3ba8f15ae1c4b2df8c8659187eba1b27f18b28bd5778530b407797_arm64",
"8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:3e02ee8dfb296ad9261512a268fe42744120e262b2915c50bdd094bd8cf9ca1f_s390x",
"8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:55b64a6a5cb71c908a8962e7a757a064619c9f8aa0080fc584db92674a6d4ec7_ppc64le",
"8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:9f0a0a82641750924a03fdb68e9755dc0e770f50826b44e8c79183b7706bf0c1_amd64",
"8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:e5d15c23b8c9c34be899041bcebd76a20054775dc841b2f807ee8b9a86f7d2f5_arm64",
"8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:149c2037d62c50230befb6873e2b3e4daba573adccc8049eb7677600a63cb936_s390x",
"8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:4da268c6d5e321fb24493b008dea642438d0379ece7f990b1e5aea7116a8f03c_amd64",
"8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:94c42f3bbaa631c0f5fb3d45b547fc4f75a7fbe13960f98828f1aed709ba55f7_arm64",
"8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:a2d22864fa5c2350bb4d7eeea8396c645c2a8247d85de55069abf6c93e15eaff_ppc64le",
"8Base-RHOL-5.6:openshift-logging/loki-operator-bundle@sha256:474d77067fc0d2df2137c4009c9d1f9bc50084fa4d51818be405826bc55c0d96_amd64",
"8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:655ba76eb2429aaa6676259d17144ff2961045a59bc02a0da1865d93f2f3abaa_arm64",
"8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:6f2b591a8b6421e72fde418c8b8a76a6de6d9b72e22a0a57d3096d5efa82343b_amd64",
"8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:ab42c49b2bd600c500b226bc63349a7eef490f75d6dddf1812721a7579879e4f_ppc64le",
"8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:e8fcf0b219be91fa15ec5cc8f83d5874b9d0a3482dbd1e90a5e05878b6522596_s390x",
"8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:2de0f9cc91c4fb80cdcb672746f46e8cad9f87ba59b1136438f079b9db1f3158_amd64",
"8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:3041db16c26cdb4f8c88e1963ab535c170bd5dffa2b452ca3a08ce6e6d2a2500_ppc64le",
"8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:448bdb0b727d4c0e643aad3259022b895b71ea054d961eca211a905d1a38ecd0_arm64",
"8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:e40c1ed15366fa6e48141e69b66264f760cbd9a8919339c3817a90b5f1620bdb_s390x",
"8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:511c75ee2a60bed854dc3708886a6d600625cde6b78849d0cbce3ceb1cceb068_ppc64le",
"8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:5167a7002dcedb6d27b137b7ff0958a8a4043706d4366ce6fff01bd49168685d_s390x",
"8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:cb430fc37545c40db97f0b9f8b9b5fb8ec0f2ce9318c80850f81eef8019117b8_amd64",
"8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:dc23da77be96ddd671c80c3f8a21f78c0c7a930fbc4f9a0de8e80c435ef783d8_arm64",
"8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:17b0e15e92527bfb45aadbe13378b262a18bc06b568efeb16a1f2adcd0f31ec3_ppc64le",
"8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:658029bec140b359a87bb9266a88572550f589cbcbe0d7e5ce8c145ee33172cd_s390x",
"8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:7e6849449e3c2550679720a0b8c21a8cfd0fc34fa95e9b729d2102c53996fb32_arm64",
"8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:f228c45422941ef7435f4337744e71844a6c843cb97f61ff74f3752ce5a9fda4_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-27539"
},
{
"category": "external",
"summary": "RHBZ#2179649",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2179649"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-27539",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27539"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-27539",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-27539"
},
{
"category": "external",
"summary": "https://discuss.rubyonrails.org/t/cve-2023-27539-possible-denial-of-service-vulnerability-in-racks-header-parsing/82466",
"url": "https://discuss.rubyonrails.org/t/cve-2023-27539-possible-denial-of-service-vulnerability-in-racks-header-parsing/82466"
},
{
"category": "external",
"summary": "https://github.com/rubysec/ruby-advisory-db/blob/master/gems/rack/CVE-2023-27539.yml",
"url": "https://github.com/rubysec/ruby-advisory-db/blob/master/gems/rack/CVE-2023-27539.yml"
},
{
"category": "external",
"summary": "https://rubysec.com/advisories/CVE-2023-27539/",
"url": "https://rubysec.com/advisories/CVE-2023-27539/"
}
],
"release_date": "2023-03-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-04-26T07:58:19+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:0322877e7e70debca22bac62e0d2a1f91cdebd4bf3bf96033b78e98d09bb2480_arm64",
"8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:2e491ee9d43964cc53a8ebd1ac92507e9af6d8a39649594d5c4e991067d6ca99_s390x",
"8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:2fa5ad6177cfcda351c13e8478a4ab5c17a428aee75f089c8d0ca8a4505d3ba8_amd64",
"8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:5c47d4c63b92680903171598e05db75edeafce751dc7548987804b72077ce550_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1953"
},
{
"category": "workaround",
"details": "Setting Regexp.timeout in Ruby 3.2 is a possible workaround.",
"product_ids": [
"8Base-RHOL-5.6:openshift-logging/cluster-logging-operator-bundle@sha256:f1a9fce2a0474fffabc36e62b3208e333a2154b0c75b8674f0264c0e77faf011_amd64",
"8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:233b5898005aa4bb4aa50b8efc96ef2f02b455bbe59a399b85ed8f00d520f1c7_ppc64le",
"8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:5faffa3624e95ae19104be20e2cb69ab9719ad5fbc12b8370618e7d89c497df5_s390x",
"8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:6f77858ae3de7f44cebede1ce239fd6d21e5299c22931e3500215f3d9190da1b_amd64",
"8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:731567ee7f2c91d248d3980a4fe5cf3e3b19c95ac028ebc4ba9051f940539546_arm64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-operator-bundle@sha256:afea2897dd74235fa62bf34821441819ed8edbee121a053e6001c046482b4573_amd64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:3e6e31a25c940cd0b0376df0640648ff357c3842307ea1e4dda99bfc2d4d6fe7_s390x",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:45e20088c3ff0abfeeb0f7530278457eef2ff45122393c5bc75b126ad64dfcd3_amd64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:7f85c4998d8ef0f27e1bfece2df91f3cab3489f7e5deced405ab4a3aae9b28a1_ppc64le",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:e2f28dca1a754623359b704a29e3ef4fe31cdb4e5816ed8cb9cc931f62aa74e5_arm64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:507b0bd5d403d57e79bf0c92699d8a3b2d738c0cbb564384469134e7bd8735d2_amd64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:53c81d3e6bcb29343e1cfe4c58abb02126fc968f3e2af4d21d0488190888a879_s390x",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:d978206d2447c3517f8412fbdada672dd13c8baf76466ff972f5a347eeabfa99_ppc64le",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:f5a7733e18054f11629816d73507636fbf89c82dced718721b50aab18871a840_arm64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:175a6b8f6435fe3d1ca8db0b4e9398b09db9b502bf17dd7d309eaa84cada7df2_ppc64le",
"8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:555f6e29451c73b5534f7c5f674a11bd46052fc9c4e0ab91c19c4f79acf799e9_arm64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:6bfb202f2336441f522ae26f59a413d7fbda41b781ca4db46ff99ea89dd9ff8b_s390x",
"8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:9644f26adbc31d149e652189f5c7832608862fc3db31172d49b2c2ac69e06b62_amd64",
"8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:0d97eb7ba68c74cec9b8cb5da3a0663c2645486f74b02261cb40276f3342d93b_arm64",
"8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:235deb07313141dd5934b92b19a95b7485e998242998f400a7a87affc0bf16aa_ppc64le",
"8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:67be5df93f4215936f57cefd1e5e00645df41b83c0de38f1111b5ed7303acf4a_s390x",
"8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:68a062de1e69875e3d6bd77ec356a50c12c228dbbc4a400bc940335c5b5e2a73_amd64",
"8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:0322877e7e70debca22bac62e0d2a1f91cdebd4bf3bf96033b78e98d09bb2480_arm64",
"8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:2e491ee9d43964cc53a8ebd1ac92507e9af6d8a39649594d5c4e991067d6ca99_s390x",
"8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:2fa5ad6177cfcda351c13e8478a4ab5c17a428aee75f089c8d0ca8a4505d3ba8_amd64",
"8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:5c47d4c63b92680903171598e05db75edeafce751dc7548987804b72077ce550_ppc64le",
"8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:3e0895b3567f900a8a0e39f8cf60280db2dbd057c9599e885a7de98e4e80b166_arm64",
"8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:483fe327c1794582cf74e5b15821b647210eda732e8339a88ecafb183dfab479_amd64",
"8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:9ba17d38faba70354f5a890409189a12bf5e0d7aadfb4698fafb37e9cb8d6d00_s390x",
"8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:eabd2451a3668ddffacdce6d3b72863fc093a8ad22592f550a9009b021eb21ca_ppc64le",
"8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:4929cd6fa0a37120dfa2361750d51138a223fd64116c96629e47cc3e5d1e971e_amd64",
"8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:58e588e059f62fe7b26a7bcd4567ea8c6903e694df86ea708f9bbae149b598ff_arm64",
"8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:86f47139be2ec7ee5391f4d54f00d697126d3a0128b9a22bb93fd704c03fc4da_ppc64le",
"8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:9034be9d22b0c2a9918fa79c37854b62099b32d32586380f455f435aa139ab86_s390x",
"8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:3c1728139dc88aa75ee088fe2d9e4917ca5062951cf5aa9d4ac69f42f4e6683c_s390x",
"8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:40e6c524006c8f7cb0ca212a4f4b19083df527da944dea762aac60e68d73ecf9_amd64",
"8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:bfea82efdd8c0a2ffdec93e582394026ba6f4086ef039c51d293080232f9b2f1_ppc64le",
"8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:f6bcf32ebc3ba8f15ae1c4b2df8c8659187eba1b27f18b28bd5778530b407797_arm64",
"8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:3e02ee8dfb296ad9261512a268fe42744120e262b2915c50bdd094bd8cf9ca1f_s390x",
"8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:55b64a6a5cb71c908a8962e7a757a064619c9f8aa0080fc584db92674a6d4ec7_ppc64le",
"8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:9f0a0a82641750924a03fdb68e9755dc0e770f50826b44e8c79183b7706bf0c1_amd64",
"8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:e5d15c23b8c9c34be899041bcebd76a20054775dc841b2f807ee8b9a86f7d2f5_arm64",
"8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:149c2037d62c50230befb6873e2b3e4daba573adccc8049eb7677600a63cb936_s390x",
"8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:4da268c6d5e321fb24493b008dea642438d0379ece7f990b1e5aea7116a8f03c_amd64",
"8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:94c42f3bbaa631c0f5fb3d45b547fc4f75a7fbe13960f98828f1aed709ba55f7_arm64",
"8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:a2d22864fa5c2350bb4d7eeea8396c645c2a8247d85de55069abf6c93e15eaff_ppc64le",
"8Base-RHOL-5.6:openshift-logging/loki-operator-bundle@sha256:474d77067fc0d2df2137c4009c9d1f9bc50084fa4d51818be405826bc55c0d96_amd64",
"8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:655ba76eb2429aaa6676259d17144ff2961045a59bc02a0da1865d93f2f3abaa_arm64",
"8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:6f2b591a8b6421e72fde418c8b8a76a6de6d9b72e22a0a57d3096d5efa82343b_amd64",
"8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:ab42c49b2bd600c500b226bc63349a7eef490f75d6dddf1812721a7579879e4f_ppc64le",
"8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:e8fcf0b219be91fa15ec5cc8f83d5874b9d0a3482dbd1e90a5e05878b6522596_s390x",
"8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:2de0f9cc91c4fb80cdcb672746f46e8cad9f87ba59b1136438f079b9db1f3158_amd64",
"8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:3041db16c26cdb4f8c88e1963ab535c170bd5dffa2b452ca3a08ce6e6d2a2500_ppc64le",
"8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:448bdb0b727d4c0e643aad3259022b895b71ea054d961eca211a905d1a38ecd0_arm64",
"8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:e40c1ed15366fa6e48141e69b66264f760cbd9a8919339c3817a90b5f1620bdb_s390x",
"8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:511c75ee2a60bed854dc3708886a6d600625cde6b78849d0cbce3ceb1cceb068_ppc64le",
"8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:5167a7002dcedb6d27b137b7ff0958a8a4043706d4366ce6fff01bd49168685d_s390x",
"8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:cb430fc37545c40db97f0b9f8b9b5fb8ec0f2ce9318c80850f81eef8019117b8_amd64",
"8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:dc23da77be96ddd671c80c3f8a21f78c0c7a930fbc4f9a0de8e80c435ef783d8_arm64",
"8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:17b0e15e92527bfb45aadbe13378b262a18bc06b568efeb16a1f2adcd0f31ec3_ppc64le",
"8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:658029bec140b359a87bb9266a88572550f589cbcbe0d7e5ce8c145ee33172cd_s390x",
"8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:7e6849449e3c2550679720a0b8c21a8cfd0fc34fa95e9b729d2102c53996fb32_arm64",
"8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:f228c45422941ef7435f4337744e71844a6c843cb97f61ff74f3752ce5a9fda4_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"8Base-RHOL-5.6:openshift-logging/cluster-logging-operator-bundle@sha256:f1a9fce2a0474fffabc36e62b3208e333a2154b0c75b8674f0264c0e77faf011_amd64",
"8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:233b5898005aa4bb4aa50b8efc96ef2f02b455bbe59a399b85ed8f00d520f1c7_ppc64le",
"8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:5faffa3624e95ae19104be20e2cb69ab9719ad5fbc12b8370618e7d89c497df5_s390x",
"8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:6f77858ae3de7f44cebede1ce239fd6d21e5299c22931e3500215f3d9190da1b_amd64",
"8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:731567ee7f2c91d248d3980a4fe5cf3e3b19c95ac028ebc4ba9051f940539546_arm64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-operator-bundle@sha256:afea2897dd74235fa62bf34821441819ed8edbee121a053e6001c046482b4573_amd64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:3e6e31a25c940cd0b0376df0640648ff357c3842307ea1e4dda99bfc2d4d6fe7_s390x",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:45e20088c3ff0abfeeb0f7530278457eef2ff45122393c5bc75b126ad64dfcd3_amd64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:7f85c4998d8ef0f27e1bfece2df91f3cab3489f7e5deced405ab4a3aae9b28a1_ppc64le",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:e2f28dca1a754623359b704a29e3ef4fe31cdb4e5816ed8cb9cc931f62aa74e5_arm64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:507b0bd5d403d57e79bf0c92699d8a3b2d738c0cbb564384469134e7bd8735d2_amd64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:53c81d3e6bcb29343e1cfe4c58abb02126fc968f3e2af4d21d0488190888a879_s390x",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:d978206d2447c3517f8412fbdada672dd13c8baf76466ff972f5a347eeabfa99_ppc64le",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:f5a7733e18054f11629816d73507636fbf89c82dced718721b50aab18871a840_arm64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:175a6b8f6435fe3d1ca8db0b4e9398b09db9b502bf17dd7d309eaa84cada7df2_ppc64le",
"8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:555f6e29451c73b5534f7c5f674a11bd46052fc9c4e0ab91c19c4f79acf799e9_arm64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:6bfb202f2336441f522ae26f59a413d7fbda41b781ca4db46ff99ea89dd9ff8b_s390x",
"8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:9644f26adbc31d149e652189f5c7832608862fc3db31172d49b2c2ac69e06b62_amd64",
"8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:0d97eb7ba68c74cec9b8cb5da3a0663c2645486f74b02261cb40276f3342d93b_arm64",
"8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:235deb07313141dd5934b92b19a95b7485e998242998f400a7a87affc0bf16aa_ppc64le",
"8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:67be5df93f4215936f57cefd1e5e00645df41b83c0de38f1111b5ed7303acf4a_s390x",
"8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:68a062de1e69875e3d6bd77ec356a50c12c228dbbc4a400bc940335c5b5e2a73_amd64",
"8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:0322877e7e70debca22bac62e0d2a1f91cdebd4bf3bf96033b78e98d09bb2480_arm64",
"8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:2e491ee9d43964cc53a8ebd1ac92507e9af6d8a39649594d5c4e991067d6ca99_s390x",
"8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:2fa5ad6177cfcda351c13e8478a4ab5c17a428aee75f089c8d0ca8a4505d3ba8_amd64",
"8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:5c47d4c63b92680903171598e05db75edeafce751dc7548987804b72077ce550_ppc64le",
"8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:3e0895b3567f900a8a0e39f8cf60280db2dbd057c9599e885a7de98e4e80b166_arm64",
"8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:483fe327c1794582cf74e5b15821b647210eda732e8339a88ecafb183dfab479_amd64",
"8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:9ba17d38faba70354f5a890409189a12bf5e0d7aadfb4698fafb37e9cb8d6d00_s390x",
"8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:eabd2451a3668ddffacdce6d3b72863fc093a8ad22592f550a9009b021eb21ca_ppc64le",
"8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:4929cd6fa0a37120dfa2361750d51138a223fd64116c96629e47cc3e5d1e971e_amd64",
"8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:58e588e059f62fe7b26a7bcd4567ea8c6903e694df86ea708f9bbae149b598ff_arm64",
"8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:86f47139be2ec7ee5391f4d54f00d697126d3a0128b9a22bb93fd704c03fc4da_ppc64le",
"8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:9034be9d22b0c2a9918fa79c37854b62099b32d32586380f455f435aa139ab86_s390x",
"8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:3c1728139dc88aa75ee088fe2d9e4917ca5062951cf5aa9d4ac69f42f4e6683c_s390x",
"8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:40e6c524006c8f7cb0ca212a4f4b19083df527da944dea762aac60e68d73ecf9_amd64",
"8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:bfea82efdd8c0a2ffdec93e582394026ba6f4086ef039c51d293080232f9b2f1_ppc64le",
"8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:f6bcf32ebc3ba8f15ae1c4b2df8c8659187eba1b27f18b28bd5778530b407797_arm64",
"8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:3e02ee8dfb296ad9261512a268fe42744120e262b2915c50bdd094bd8cf9ca1f_s390x",
"8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:55b64a6a5cb71c908a8962e7a757a064619c9f8aa0080fc584db92674a6d4ec7_ppc64le",
"8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:9f0a0a82641750924a03fdb68e9755dc0e770f50826b44e8c79183b7706bf0c1_amd64",
"8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:e5d15c23b8c9c34be899041bcebd76a20054775dc841b2f807ee8b9a86f7d2f5_arm64",
"8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:149c2037d62c50230befb6873e2b3e4daba573adccc8049eb7677600a63cb936_s390x",
"8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:4da268c6d5e321fb24493b008dea642438d0379ece7f990b1e5aea7116a8f03c_amd64",
"8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:94c42f3bbaa631c0f5fb3d45b547fc4f75a7fbe13960f98828f1aed709ba55f7_arm64",
"8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:a2d22864fa5c2350bb4d7eeea8396c645c2a8247d85de55069abf6c93e15eaff_ppc64le",
"8Base-RHOL-5.6:openshift-logging/loki-operator-bundle@sha256:474d77067fc0d2df2137c4009c9d1f9bc50084fa4d51818be405826bc55c0d96_amd64",
"8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:655ba76eb2429aaa6676259d17144ff2961045a59bc02a0da1865d93f2f3abaa_arm64",
"8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:6f2b591a8b6421e72fde418c8b8a76a6de6d9b72e22a0a57d3096d5efa82343b_amd64",
"8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:ab42c49b2bd600c500b226bc63349a7eef490f75d6dddf1812721a7579879e4f_ppc64le",
"8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:e8fcf0b219be91fa15ec5cc8f83d5874b9d0a3482dbd1e90a5e05878b6522596_s390x",
"8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:2de0f9cc91c4fb80cdcb672746f46e8cad9f87ba59b1136438f079b9db1f3158_amd64",
"8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:3041db16c26cdb4f8c88e1963ab535c170bd5dffa2b452ca3a08ce6e6d2a2500_ppc64le",
"8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:448bdb0b727d4c0e643aad3259022b895b71ea054d961eca211a905d1a38ecd0_arm64",
"8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:e40c1ed15366fa6e48141e69b66264f760cbd9a8919339c3817a90b5f1620bdb_s390x",
"8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:511c75ee2a60bed854dc3708886a6d600625cde6b78849d0cbce3ceb1cceb068_ppc64le",
"8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:5167a7002dcedb6d27b137b7ff0958a8a4043706d4366ce6fff01bd49168685d_s390x",
"8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:cb430fc37545c40db97f0b9f8b9b5fb8ec0f2ce9318c80850f81eef8019117b8_amd64",
"8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:dc23da77be96ddd671c80c3f8a21f78c0c7a930fbc4f9a0de8e80c435ef783d8_arm64",
"8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:17b0e15e92527bfb45aadbe13378b262a18bc06b568efeb16a1f2adcd0f31ec3_ppc64le",
"8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:658029bec140b359a87bb9266a88572550f589cbcbe0d7e5ce8c145ee33172cd_s390x",
"8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:7e6849449e3c2550679720a0b8c21a8cfd0fc34fa95e9b729d2102c53996fb32_arm64",
"8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:f228c45422941ef7435f4337744e71844a6c843cb97f61ff74f3752ce5a9fda4_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "rubygem-rack: denial of service in header parsing"
},
{
"cve": "CVE-2023-28120",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2023-03-15T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHOL-5.6:openshift-logging/cluster-logging-operator-bundle@sha256:f1a9fce2a0474fffabc36e62b3208e333a2154b0c75b8674f0264c0e77faf011_amd64",
"8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:233b5898005aa4bb4aa50b8efc96ef2f02b455bbe59a399b85ed8f00d520f1c7_ppc64le",
"8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:5faffa3624e95ae19104be20e2cb69ab9719ad5fbc12b8370618e7d89c497df5_s390x",
"8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:6f77858ae3de7f44cebede1ce239fd6d21e5299c22931e3500215f3d9190da1b_amd64",
"8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:731567ee7f2c91d248d3980a4fe5cf3e3b19c95ac028ebc4ba9051f940539546_arm64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-operator-bundle@sha256:afea2897dd74235fa62bf34821441819ed8edbee121a053e6001c046482b4573_amd64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:3e6e31a25c940cd0b0376df0640648ff357c3842307ea1e4dda99bfc2d4d6fe7_s390x",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:45e20088c3ff0abfeeb0f7530278457eef2ff45122393c5bc75b126ad64dfcd3_amd64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:7f85c4998d8ef0f27e1bfece2df91f3cab3489f7e5deced405ab4a3aae9b28a1_ppc64le",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:e2f28dca1a754623359b704a29e3ef4fe31cdb4e5816ed8cb9cc931f62aa74e5_arm64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:507b0bd5d403d57e79bf0c92699d8a3b2d738c0cbb564384469134e7bd8735d2_amd64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:53c81d3e6bcb29343e1cfe4c58abb02126fc968f3e2af4d21d0488190888a879_s390x",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:d978206d2447c3517f8412fbdada672dd13c8baf76466ff972f5a347eeabfa99_ppc64le",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:f5a7733e18054f11629816d73507636fbf89c82dced718721b50aab18871a840_arm64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:175a6b8f6435fe3d1ca8db0b4e9398b09db9b502bf17dd7d309eaa84cada7df2_ppc64le",
"8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:555f6e29451c73b5534f7c5f674a11bd46052fc9c4e0ab91c19c4f79acf799e9_arm64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:6bfb202f2336441f522ae26f59a413d7fbda41b781ca4db46ff99ea89dd9ff8b_s390x",
"8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:9644f26adbc31d149e652189f5c7832608862fc3db31172d49b2c2ac69e06b62_amd64",
"8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:0d97eb7ba68c74cec9b8cb5da3a0663c2645486f74b02261cb40276f3342d93b_arm64",
"8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:235deb07313141dd5934b92b19a95b7485e998242998f400a7a87affc0bf16aa_ppc64le",
"8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:67be5df93f4215936f57cefd1e5e00645df41b83c0de38f1111b5ed7303acf4a_s390x",
"8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:68a062de1e69875e3d6bd77ec356a50c12c228dbbc4a400bc940335c5b5e2a73_amd64",
"8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:3e0895b3567f900a8a0e39f8cf60280db2dbd057c9599e885a7de98e4e80b166_arm64",
"8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:483fe327c1794582cf74e5b15821b647210eda732e8339a88ecafb183dfab479_amd64",
"8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:9ba17d38faba70354f5a890409189a12bf5e0d7aadfb4698fafb37e9cb8d6d00_s390x",
"8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:eabd2451a3668ddffacdce6d3b72863fc093a8ad22592f550a9009b021eb21ca_ppc64le",
"8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:4929cd6fa0a37120dfa2361750d51138a223fd64116c96629e47cc3e5d1e971e_amd64",
"8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:58e588e059f62fe7b26a7bcd4567ea8c6903e694df86ea708f9bbae149b598ff_arm64",
"8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:86f47139be2ec7ee5391f4d54f00d697126d3a0128b9a22bb93fd704c03fc4da_ppc64le",
"8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:9034be9d22b0c2a9918fa79c37854b62099b32d32586380f455f435aa139ab86_s390x",
"8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:3c1728139dc88aa75ee088fe2d9e4917ca5062951cf5aa9d4ac69f42f4e6683c_s390x",
"8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:40e6c524006c8f7cb0ca212a4f4b19083df527da944dea762aac60e68d73ecf9_amd64",
"8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:bfea82efdd8c0a2ffdec93e582394026ba6f4086ef039c51d293080232f9b2f1_ppc64le",
"8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:f6bcf32ebc3ba8f15ae1c4b2df8c8659187eba1b27f18b28bd5778530b407797_arm64",
"8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:3e02ee8dfb296ad9261512a268fe42744120e262b2915c50bdd094bd8cf9ca1f_s390x",
"8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:55b64a6a5cb71c908a8962e7a757a064619c9f8aa0080fc584db92674a6d4ec7_ppc64le",
"8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:9f0a0a82641750924a03fdb68e9755dc0e770f50826b44e8c79183b7706bf0c1_amd64",
"8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:e5d15c23b8c9c34be899041bcebd76a20054775dc841b2f807ee8b9a86f7d2f5_arm64",
"8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:149c2037d62c50230befb6873e2b3e4daba573adccc8049eb7677600a63cb936_s390x",
"8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:4da268c6d5e321fb24493b008dea642438d0379ece7f990b1e5aea7116a8f03c_amd64",
"8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:94c42f3bbaa631c0f5fb3d45b547fc4f75a7fbe13960f98828f1aed709ba55f7_arm64",
"8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:a2d22864fa5c2350bb4d7eeea8396c645c2a8247d85de55069abf6c93e15eaff_ppc64le",
"8Base-RHOL-5.6:openshift-logging/loki-operator-bundle@sha256:474d77067fc0d2df2137c4009c9d1f9bc50084fa4d51818be405826bc55c0d96_amd64",
"8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:655ba76eb2429aaa6676259d17144ff2961045a59bc02a0da1865d93f2f3abaa_arm64",
"8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:6f2b591a8b6421e72fde418c8b8a76a6de6d9b72e22a0a57d3096d5efa82343b_amd64",
"8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:ab42c49b2bd600c500b226bc63349a7eef490f75d6dddf1812721a7579879e4f_ppc64le",
"8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:e8fcf0b219be91fa15ec5cc8f83d5874b9d0a3482dbd1e90a5e05878b6522596_s390x",
"8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:2de0f9cc91c4fb80cdcb672746f46e8cad9f87ba59b1136438f079b9db1f3158_amd64",
"8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:3041db16c26cdb4f8c88e1963ab535c170bd5dffa2b452ca3a08ce6e6d2a2500_ppc64le",
"8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:448bdb0b727d4c0e643aad3259022b895b71ea054d961eca211a905d1a38ecd0_arm64",
"8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:e40c1ed15366fa6e48141e69b66264f760cbd9a8919339c3817a90b5f1620bdb_s390x",
"8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:511c75ee2a60bed854dc3708886a6d600625cde6b78849d0cbce3ceb1cceb068_ppc64le",
"8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:5167a7002dcedb6d27b137b7ff0958a8a4043706d4366ce6fff01bd49168685d_s390x",
"8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:cb430fc37545c40db97f0b9f8b9b5fb8ec0f2ce9318c80850f81eef8019117b8_amd64",
"8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:dc23da77be96ddd671c80c3f8a21f78c0c7a930fbc4f9a0de8e80c435ef783d8_arm64",
"8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:17b0e15e92527bfb45aadbe13378b262a18bc06b568efeb16a1f2adcd0f31ec3_ppc64le",
"8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:658029bec140b359a87bb9266a88572550f589cbcbe0d7e5ce8c145ee33172cd_s390x",
"8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:7e6849449e3c2550679720a0b8c21a8cfd0fc34fa95e9b729d2102c53996fb32_arm64",
"8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:f228c45422941ef7435f4337744e71844a6c843cb97f61ff74f3752ce5a9fda4_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2179637"
}
],
"notes": [
{
"category": "description",
"text": "A Cross-Site-Scripting vulnerability was found in rubygem ActiveSupport. If the new bytesplice method is called on a SafeBuffer with untrusted user input, malicious code could be executed.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "rubygem-activesupport: Possible XSS in SafeBuffer#bytesplice",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:0322877e7e70debca22bac62e0d2a1f91cdebd4bf3bf96033b78e98d09bb2480_arm64",
"8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:2e491ee9d43964cc53a8ebd1ac92507e9af6d8a39649594d5c4e991067d6ca99_s390x",
"8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:2fa5ad6177cfcda351c13e8478a4ab5c17a428aee75f089c8d0ca8a4505d3ba8_amd64",
"8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:5c47d4c63b92680903171598e05db75edeafce751dc7548987804b72077ce550_ppc64le"
],
"known_not_affected": [
"8Base-RHOL-5.6:openshift-logging/cluster-logging-operator-bundle@sha256:f1a9fce2a0474fffabc36e62b3208e333a2154b0c75b8674f0264c0e77faf011_amd64",
"8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:233b5898005aa4bb4aa50b8efc96ef2f02b455bbe59a399b85ed8f00d520f1c7_ppc64le",
"8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:5faffa3624e95ae19104be20e2cb69ab9719ad5fbc12b8370618e7d89c497df5_s390x",
"8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:6f77858ae3de7f44cebede1ce239fd6d21e5299c22931e3500215f3d9190da1b_amd64",
"8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:731567ee7f2c91d248d3980a4fe5cf3e3b19c95ac028ebc4ba9051f940539546_arm64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-operator-bundle@sha256:afea2897dd74235fa62bf34821441819ed8edbee121a053e6001c046482b4573_amd64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:3e6e31a25c940cd0b0376df0640648ff357c3842307ea1e4dda99bfc2d4d6fe7_s390x",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:45e20088c3ff0abfeeb0f7530278457eef2ff45122393c5bc75b126ad64dfcd3_amd64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:7f85c4998d8ef0f27e1bfece2df91f3cab3489f7e5deced405ab4a3aae9b28a1_ppc64le",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:e2f28dca1a754623359b704a29e3ef4fe31cdb4e5816ed8cb9cc931f62aa74e5_arm64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:507b0bd5d403d57e79bf0c92699d8a3b2d738c0cbb564384469134e7bd8735d2_amd64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:53c81d3e6bcb29343e1cfe4c58abb02126fc968f3e2af4d21d0488190888a879_s390x",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:d978206d2447c3517f8412fbdada672dd13c8baf76466ff972f5a347eeabfa99_ppc64le",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:f5a7733e18054f11629816d73507636fbf89c82dced718721b50aab18871a840_arm64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:175a6b8f6435fe3d1ca8db0b4e9398b09db9b502bf17dd7d309eaa84cada7df2_ppc64le",
"8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:555f6e29451c73b5534f7c5f674a11bd46052fc9c4e0ab91c19c4f79acf799e9_arm64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:6bfb202f2336441f522ae26f59a413d7fbda41b781ca4db46ff99ea89dd9ff8b_s390x",
"8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:9644f26adbc31d149e652189f5c7832608862fc3db31172d49b2c2ac69e06b62_amd64",
"8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:0d97eb7ba68c74cec9b8cb5da3a0663c2645486f74b02261cb40276f3342d93b_arm64",
"8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:235deb07313141dd5934b92b19a95b7485e998242998f400a7a87affc0bf16aa_ppc64le",
"8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:67be5df93f4215936f57cefd1e5e00645df41b83c0de38f1111b5ed7303acf4a_s390x",
"8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:68a062de1e69875e3d6bd77ec356a50c12c228dbbc4a400bc940335c5b5e2a73_amd64",
"8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:3e0895b3567f900a8a0e39f8cf60280db2dbd057c9599e885a7de98e4e80b166_arm64",
"8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:483fe327c1794582cf74e5b15821b647210eda732e8339a88ecafb183dfab479_amd64",
"8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:9ba17d38faba70354f5a890409189a12bf5e0d7aadfb4698fafb37e9cb8d6d00_s390x",
"8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:eabd2451a3668ddffacdce6d3b72863fc093a8ad22592f550a9009b021eb21ca_ppc64le",
"8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:4929cd6fa0a37120dfa2361750d51138a223fd64116c96629e47cc3e5d1e971e_amd64",
"8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:58e588e059f62fe7b26a7bcd4567ea8c6903e694df86ea708f9bbae149b598ff_arm64",
"8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:86f47139be2ec7ee5391f4d54f00d697126d3a0128b9a22bb93fd704c03fc4da_ppc64le",
"8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:9034be9d22b0c2a9918fa79c37854b62099b32d32586380f455f435aa139ab86_s390x",
"8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:3c1728139dc88aa75ee088fe2d9e4917ca5062951cf5aa9d4ac69f42f4e6683c_s390x",
"8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:40e6c524006c8f7cb0ca212a4f4b19083df527da944dea762aac60e68d73ecf9_amd64",
"8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:bfea82efdd8c0a2ffdec93e582394026ba6f4086ef039c51d293080232f9b2f1_ppc64le",
"8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:f6bcf32ebc3ba8f15ae1c4b2df8c8659187eba1b27f18b28bd5778530b407797_arm64",
"8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:3e02ee8dfb296ad9261512a268fe42744120e262b2915c50bdd094bd8cf9ca1f_s390x",
"8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:55b64a6a5cb71c908a8962e7a757a064619c9f8aa0080fc584db92674a6d4ec7_ppc64le",
"8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:9f0a0a82641750924a03fdb68e9755dc0e770f50826b44e8c79183b7706bf0c1_amd64",
"8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:e5d15c23b8c9c34be899041bcebd76a20054775dc841b2f807ee8b9a86f7d2f5_arm64",
"8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:149c2037d62c50230befb6873e2b3e4daba573adccc8049eb7677600a63cb936_s390x",
"8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:4da268c6d5e321fb24493b008dea642438d0379ece7f990b1e5aea7116a8f03c_amd64",
"8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:94c42f3bbaa631c0f5fb3d45b547fc4f75a7fbe13960f98828f1aed709ba55f7_arm64",
"8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:a2d22864fa5c2350bb4d7eeea8396c645c2a8247d85de55069abf6c93e15eaff_ppc64le",
"8Base-RHOL-5.6:openshift-logging/loki-operator-bundle@sha256:474d77067fc0d2df2137c4009c9d1f9bc50084fa4d51818be405826bc55c0d96_amd64",
"8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:655ba76eb2429aaa6676259d17144ff2961045a59bc02a0da1865d93f2f3abaa_arm64",
"8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:6f2b591a8b6421e72fde418c8b8a76a6de6d9b72e22a0a57d3096d5efa82343b_amd64",
"8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:ab42c49b2bd600c500b226bc63349a7eef490f75d6dddf1812721a7579879e4f_ppc64le",
"8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:e8fcf0b219be91fa15ec5cc8f83d5874b9d0a3482dbd1e90a5e05878b6522596_s390x",
"8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:2de0f9cc91c4fb80cdcb672746f46e8cad9f87ba59b1136438f079b9db1f3158_amd64",
"8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:3041db16c26cdb4f8c88e1963ab535c170bd5dffa2b452ca3a08ce6e6d2a2500_ppc64le",
"8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:448bdb0b727d4c0e643aad3259022b895b71ea054d961eca211a905d1a38ecd0_arm64",
"8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:e40c1ed15366fa6e48141e69b66264f760cbd9a8919339c3817a90b5f1620bdb_s390x",
"8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:511c75ee2a60bed854dc3708886a6d600625cde6b78849d0cbce3ceb1cceb068_ppc64le",
"8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:5167a7002dcedb6d27b137b7ff0958a8a4043706d4366ce6fff01bd49168685d_s390x",
"8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:cb430fc37545c40db97f0b9f8b9b5fb8ec0f2ce9318c80850f81eef8019117b8_amd64",
"8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:dc23da77be96ddd671c80c3f8a21f78c0c7a930fbc4f9a0de8e80c435ef783d8_arm64",
"8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:17b0e15e92527bfb45aadbe13378b262a18bc06b568efeb16a1f2adcd0f31ec3_ppc64le",
"8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:658029bec140b359a87bb9266a88572550f589cbcbe0d7e5ce8c145ee33172cd_s390x",
"8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:7e6849449e3c2550679720a0b8c21a8cfd0fc34fa95e9b729d2102c53996fb32_arm64",
"8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:f228c45422941ef7435f4337744e71844a6c843cb97f61ff74f3752ce5a9fda4_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-28120"
},
{
"category": "external",
"summary": "RHBZ#2179637",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2179637"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-28120",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28120"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-28120",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-28120"
},
{
"category": "external",
"summary": "https://github.com/rubysec/ruby-advisory-db/blob/master/gems/activesupport/CVE-2023-28120.yml",
"url": "https://github.com/rubysec/ruby-advisory-db/blob/master/gems/activesupport/CVE-2023-28120.yml"
}
],
"release_date": "2023-03-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-04-26T07:58:19+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:0322877e7e70debca22bac62e0d2a1f91cdebd4bf3bf96033b78e98d09bb2480_arm64",
"8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:2e491ee9d43964cc53a8ebd1ac92507e9af6d8a39649594d5c4e991067d6ca99_s390x",
"8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:2fa5ad6177cfcda351c13e8478a4ab5c17a428aee75f089c8d0ca8a4505d3ba8_amd64",
"8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:5c47d4c63b92680903171598e05db75edeafce751dc7548987804b72077ce550_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2023:1953"
},
{
"category": "workaround",
"details": "Avoid calling bytesplice on a SafeBuffer (html_safe) string with untrusted user input.",
"product_ids": [
"8Base-RHOL-5.6:openshift-logging/cluster-logging-operator-bundle@sha256:f1a9fce2a0474fffabc36e62b3208e333a2154b0c75b8674f0264c0e77faf011_amd64",
"8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:233b5898005aa4bb4aa50b8efc96ef2f02b455bbe59a399b85ed8f00d520f1c7_ppc64le",
"8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:5faffa3624e95ae19104be20e2cb69ab9719ad5fbc12b8370618e7d89c497df5_s390x",
"8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:6f77858ae3de7f44cebede1ce239fd6d21e5299c22931e3500215f3d9190da1b_amd64",
"8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:731567ee7f2c91d248d3980a4fe5cf3e3b19c95ac028ebc4ba9051f940539546_arm64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-operator-bundle@sha256:afea2897dd74235fa62bf34821441819ed8edbee121a053e6001c046482b4573_amd64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:3e6e31a25c940cd0b0376df0640648ff357c3842307ea1e4dda99bfc2d4d6fe7_s390x",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:45e20088c3ff0abfeeb0f7530278457eef2ff45122393c5bc75b126ad64dfcd3_amd64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:7f85c4998d8ef0f27e1bfece2df91f3cab3489f7e5deced405ab4a3aae9b28a1_ppc64le",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:e2f28dca1a754623359b704a29e3ef4fe31cdb4e5816ed8cb9cc931f62aa74e5_arm64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:507b0bd5d403d57e79bf0c92699d8a3b2d738c0cbb564384469134e7bd8735d2_amd64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:53c81d3e6bcb29343e1cfe4c58abb02126fc968f3e2af4d21d0488190888a879_s390x",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:d978206d2447c3517f8412fbdada672dd13c8baf76466ff972f5a347eeabfa99_ppc64le",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:f5a7733e18054f11629816d73507636fbf89c82dced718721b50aab18871a840_arm64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:175a6b8f6435fe3d1ca8db0b4e9398b09db9b502bf17dd7d309eaa84cada7df2_ppc64le",
"8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:555f6e29451c73b5534f7c5f674a11bd46052fc9c4e0ab91c19c4f79acf799e9_arm64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:6bfb202f2336441f522ae26f59a413d7fbda41b781ca4db46ff99ea89dd9ff8b_s390x",
"8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:9644f26adbc31d149e652189f5c7832608862fc3db31172d49b2c2ac69e06b62_amd64",
"8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:0d97eb7ba68c74cec9b8cb5da3a0663c2645486f74b02261cb40276f3342d93b_arm64",
"8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:235deb07313141dd5934b92b19a95b7485e998242998f400a7a87affc0bf16aa_ppc64le",
"8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:67be5df93f4215936f57cefd1e5e00645df41b83c0de38f1111b5ed7303acf4a_s390x",
"8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:68a062de1e69875e3d6bd77ec356a50c12c228dbbc4a400bc940335c5b5e2a73_amd64",
"8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:0322877e7e70debca22bac62e0d2a1f91cdebd4bf3bf96033b78e98d09bb2480_arm64",
"8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:2e491ee9d43964cc53a8ebd1ac92507e9af6d8a39649594d5c4e991067d6ca99_s390x",
"8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:2fa5ad6177cfcda351c13e8478a4ab5c17a428aee75f089c8d0ca8a4505d3ba8_amd64",
"8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:5c47d4c63b92680903171598e05db75edeafce751dc7548987804b72077ce550_ppc64le",
"8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:3e0895b3567f900a8a0e39f8cf60280db2dbd057c9599e885a7de98e4e80b166_arm64",
"8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:483fe327c1794582cf74e5b15821b647210eda732e8339a88ecafb183dfab479_amd64",
"8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:9ba17d38faba70354f5a890409189a12bf5e0d7aadfb4698fafb37e9cb8d6d00_s390x",
"8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:eabd2451a3668ddffacdce6d3b72863fc093a8ad22592f550a9009b021eb21ca_ppc64le",
"8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:4929cd6fa0a37120dfa2361750d51138a223fd64116c96629e47cc3e5d1e971e_amd64",
"8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:58e588e059f62fe7b26a7bcd4567ea8c6903e694df86ea708f9bbae149b598ff_arm64",
"8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:86f47139be2ec7ee5391f4d54f00d697126d3a0128b9a22bb93fd704c03fc4da_ppc64le",
"8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:9034be9d22b0c2a9918fa79c37854b62099b32d32586380f455f435aa139ab86_s390x",
"8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:3c1728139dc88aa75ee088fe2d9e4917ca5062951cf5aa9d4ac69f42f4e6683c_s390x",
"8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:40e6c524006c8f7cb0ca212a4f4b19083df527da944dea762aac60e68d73ecf9_amd64",
"8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:bfea82efdd8c0a2ffdec93e582394026ba6f4086ef039c51d293080232f9b2f1_ppc64le",
"8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:f6bcf32ebc3ba8f15ae1c4b2df8c8659187eba1b27f18b28bd5778530b407797_arm64",
"8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:3e02ee8dfb296ad9261512a268fe42744120e262b2915c50bdd094bd8cf9ca1f_s390x",
"8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:55b64a6a5cb71c908a8962e7a757a064619c9f8aa0080fc584db92674a6d4ec7_ppc64le",
"8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:9f0a0a82641750924a03fdb68e9755dc0e770f50826b44e8c79183b7706bf0c1_amd64",
"8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:e5d15c23b8c9c34be899041bcebd76a20054775dc841b2f807ee8b9a86f7d2f5_arm64",
"8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:149c2037d62c50230befb6873e2b3e4daba573adccc8049eb7677600a63cb936_s390x",
"8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:4da268c6d5e321fb24493b008dea642438d0379ece7f990b1e5aea7116a8f03c_amd64",
"8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:94c42f3bbaa631c0f5fb3d45b547fc4f75a7fbe13960f98828f1aed709ba55f7_arm64",
"8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:a2d22864fa5c2350bb4d7eeea8396c645c2a8247d85de55069abf6c93e15eaff_ppc64le",
"8Base-RHOL-5.6:openshift-logging/loki-operator-bundle@sha256:474d77067fc0d2df2137c4009c9d1f9bc50084fa4d51818be405826bc55c0d96_amd64",
"8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:655ba76eb2429aaa6676259d17144ff2961045a59bc02a0da1865d93f2f3abaa_arm64",
"8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:6f2b591a8b6421e72fde418c8b8a76a6de6d9b72e22a0a57d3096d5efa82343b_amd64",
"8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:ab42c49b2bd600c500b226bc63349a7eef490f75d6dddf1812721a7579879e4f_ppc64le",
"8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:e8fcf0b219be91fa15ec5cc8f83d5874b9d0a3482dbd1e90a5e05878b6522596_s390x",
"8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:2de0f9cc91c4fb80cdcb672746f46e8cad9f87ba59b1136438f079b9db1f3158_amd64",
"8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:3041db16c26cdb4f8c88e1963ab535c170bd5dffa2b452ca3a08ce6e6d2a2500_ppc64le",
"8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:448bdb0b727d4c0e643aad3259022b895b71ea054d961eca211a905d1a38ecd0_arm64",
"8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:e40c1ed15366fa6e48141e69b66264f760cbd9a8919339c3817a90b5f1620bdb_s390x",
"8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:511c75ee2a60bed854dc3708886a6d600625cde6b78849d0cbce3ceb1cceb068_ppc64le",
"8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:5167a7002dcedb6d27b137b7ff0958a8a4043706d4366ce6fff01bd49168685d_s390x",
"8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:cb430fc37545c40db97f0b9f8b9b5fb8ec0f2ce9318c80850f81eef8019117b8_amd64",
"8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:dc23da77be96ddd671c80c3f8a21f78c0c7a930fbc4f9a0de8e80c435ef783d8_arm64",
"8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:17b0e15e92527bfb45aadbe13378b262a18bc06b568efeb16a1f2adcd0f31ec3_ppc64le",
"8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:658029bec140b359a87bb9266a88572550f589cbcbe0d7e5ce8c145ee33172cd_s390x",
"8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:7e6849449e3c2550679720a0b8c21a8cfd0fc34fa95e9b729d2102c53996fb32_arm64",
"8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:f228c45422941ef7435f4337744e71844a6c843cb97f61ff74f3752ce5a9fda4_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"8Base-RHOL-5.6:openshift-logging/cluster-logging-operator-bundle@sha256:f1a9fce2a0474fffabc36e62b3208e333a2154b0c75b8674f0264c0e77faf011_amd64",
"8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:233b5898005aa4bb4aa50b8efc96ef2f02b455bbe59a399b85ed8f00d520f1c7_ppc64le",
"8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:5faffa3624e95ae19104be20e2cb69ab9719ad5fbc12b8370618e7d89c497df5_s390x",
"8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:6f77858ae3de7f44cebede1ce239fd6d21e5299c22931e3500215f3d9190da1b_amd64",
"8Base-RHOL-5.6:openshift-logging/cluster-logging-rhel8-operator@sha256:731567ee7f2c91d248d3980a4fe5cf3e3b19c95ac028ebc4ba9051f940539546_arm64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-operator-bundle@sha256:afea2897dd74235fa62bf34821441819ed8edbee121a053e6001c046482b4573_amd64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:3e6e31a25c940cd0b0376df0640648ff357c3842307ea1e4dda99bfc2d4d6fe7_s390x",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:45e20088c3ff0abfeeb0f7530278457eef2ff45122393c5bc75b126ad64dfcd3_amd64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:7f85c4998d8ef0f27e1bfece2df91f3cab3489f7e5deced405ab4a3aae9b28a1_ppc64le",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-proxy-rhel8@sha256:e2f28dca1a754623359b704a29e3ef4fe31cdb4e5816ed8cb9cc931f62aa74e5_arm64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:507b0bd5d403d57e79bf0c92699d8a3b2d738c0cbb564384469134e7bd8735d2_amd64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:53c81d3e6bcb29343e1cfe4c58abb02126fc968f3e2af4d21d0488190888a879_s390x",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:d978206d2447c3517f8412fbdada672dd13c8baf76466ff972f5a347eeabfa99_ppc64le",
"8Base-RHOL-5.6:openshift-logging/elasticsearch-rhel8-operator@sha256:f5a7733e18054f11629816d73507636fbf89c82dced718721b50aab18871a840_arm64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:175a6b8f6435fe3d1ca8db0b4e9398b09db9b502bf17dd7d309eaa84cada7df2_ppc64le",
"8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:555f6e29451c73b5534f7c5f674a11bd46052fc9c4e0ab91c19c4f79acf799e9_arm64",
"8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:6bfb202f2336441f522ae26f59a413d7fbda41b781ca4db46ff99ea89dd9ff8b_s390x",
"8Base-RHOL-5.6:openshift-logging/elasticsearch6-rhel8@sha256:9644f26adbc31d149e652189f5c7832608862fc3db31172d49b2c2ac69e06b62_amd64",
"8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:0d97eb7ba68c74cec9b8cb5da3a0663c2645486f74b02261cb40276f3342d93b_arm64",
"8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:235deb07313141dd5934b92b19a95b7485e998242998f400a7a87affc0bf16aa_ppc64le",
"8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:67be5df93f4215936f57cefd1e5e00645df41b83c0de38f1111b5ed7303acf4a_s390x",
"8Base-RHOL-5.6:openshift-logging/eventrouter-rhel8@sha256:68a062de1e69875e3d6bd77ec356a50c12c228dbbc4a400bc940335c5b5e2a73_amd64",
"8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:0322877e7e70debca22bac62e0d2a1f91cdebd4bf3bf96033b78e98d09bb2480_arm64",
"8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:2e491ee9d43964cc53a8ebd1ac92507e9af6d8a39649594d5c4e991067d6ca99_s390x",
"8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:2fa5ad6177cfcda351c13e8478a4ab5c17a428aee75f089c8d0ca8a4505d3ba8_amd64",
"8Base-RHOL-5.6:openshift-logging/fluentd-rhel8@sha256:5c47d4c63b92680903171598e05db75edeafce751dc7548987804b72077ce550_ppc64le",
"8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:3e0895b3567f900a8a0e39f8cf60280db2dbd057c9599e885a7de98e4e80b166_arm64",
"8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:483fe327c1794582cf74e5b15821b647210eda732e8339a88ecafb183dfab479_amd64",
"8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:9ba17d38faba70354f5a890409189a12bf5e0d7aadfb4698fafb37e9cb8d6d00_s390x",
"8Base-RHOL-5.6:openshift-logging/kibana6-rhel8@sha256:eabd2451a3668ddffacdce6d3b72863fc093a8ad22592f550a9009b021eb21ca_ppc64le",
"8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:4929cd6fa0a37120dfa2361750d51138a223fd64116c96629e47cc3e5d1e971e_amd64",
"8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:58e588e059f62fe7b26a7bcd4567ea8c6903e694df86ea708f9bbae149b598ff_arm64",
"8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:86f47139be2ec7ee5391f4d54f00d697126d3a0128b9a22bb93fd704c03fc4da_ppc64le",
"8Base-RHOL-5.6:openshift-logging/log-file-metric-exporter-rhel8@sha256:9034be9d22b0c2a9918fa79c37854b62099b32d32586380f455f435aa139ab86_s390x",
"8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:3c1728139dc88aa75ee088fe2d9e4917ca5062951cf5aa9d4ac69f42f4e6683c_s390x",
"8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:40e6c524006c8f7cb0ca212a4f4b19083df527da944dea762aac60e68d73ecf9_amd64",
"8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:bfea82efdd8c0a2ffdec93e582394026ba6f4086ef039c51d293080232f9b2f1_ppc64le",
"8Base-RHOL-5.6:openshift-logging/logging-curator5-rhel8@sha256:f6bcf32ebc3ba8f15ae1c4b2df8c8659187eba1b27f18b28bd5778530b407797_arm64",
"8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:3e02ee8dfb296ad9261512a268fe42744120e262b2915c50bdd094bd8cf9ca1f_s390x",
"8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:55b64a6a5cb71c908a8962e7a757a064619c9f8aa0080fc584db92674a6d4ec7_ppc64le",
"8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:9f0a0a82641750924a03fdb68e9755dc0e770f50826b44e8c79183b7706bf0c1_amd64",
"8Base-RHOL-5.6:openshift-logging/logging-loki-rhel8@sha256:e5d15c23b8c9c34be899041bcebd76a20054775dc841b2f807ee8b9a86f7d2f5_arm64",
"8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:149c2037d62c50230befb6873e2b3e4daba573adccc8049eb7677600a63cb936_s390x",
"8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:4da268c6d5e321fb24493b008dea642438d0379ece7f990b1e5aea7116a8f03c_amd64",
"8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:94c42f3bbaa631c0f5fb3d45b547fc4f75a7fbe13960f98828f1aed709ba55f7_arm64",
"8Base-RHOL-5.6:openshift-logging/logging-view-plugin-rhel8@sha256:a2d22864fa5c2350bb4d7eeea8396c645c2a8247d85de55069abf6c93e15eaff_ppc64le",
"8Base-RHOL-5.6:openshift-logging/loki-operator-bundle@sha256:474d77067fc0d2df2137c4009c9d1f9bc50084fa4d51818be405826bc55c0d96_amd64",
"8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:655ba76eb2429aaa6676259d17144ff2961045a59bc02a0da1865d93f2f3abaa_arm64",
"8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:6f2b591a8b6421e72fde418c8b8a76a6de6d9b72e22a0a57d3096d5efa82343b_amd64",
"8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:ab42c49b2bd600c500b226bc63349a7eef490f75d6dddf1812721a7579879e4f_ppc64le",
"8Base-RHOL-5.6:openshift-logging/loki-rhel8-operator@sha256:e8fcf0b219be91fa15ec5cc8f83d5874b9d0a3482dbd1e90a5e05878b6522596_s390x",
"8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:2de0f9cc91c4fb80cdcb672746f46e8cad9f87ba59b1136438f079b9db1f3158_amd64",
"8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:3041db16c26cdb4f8c88e1963ab535c170bd5dffa2b452ca3a08ce6e6d2a2500_ppc64le",
"8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:448bdb0b727d4c0e643aad3259022b895b71ea054d961eca211a905d1a38ecd0_arm64",
"8Base-RHOL-5.6:openshift-logging/lokistack-gateway-rhel8@sha256:e40c1ed15366fa6e48141e69b66264f760cbd9a8919339c3817a90b5f1620bdb_s390x",
"8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:511c75ee2a60bed854dc3708886a6d600625cde6b78849d0cbce3ceb1cceb068_ppc64le",
"8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:5167a7002dcedb6d27b137b7ff0958a8a4043706d4366ce6fff01bd49168685d_s390x",
"8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:cb430fc37545c40db97f0b9f8b9b5fb8ec0f2ce9318c80850f81eef8019117b8_amd64",
"8Base-RHOL-5.6:openshift-logging/opa-openshift-rhel8@sha256:dc23da77be96ddd671c80c3f8a21f78c0c7a930fbc4f9a0de8e80c435ef783d8_arm64",
"8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:17b0e15e92527bfb45aadbe13378b262a18bc06b568efeb16a1f2adcd0f31ec3_ppc64le",
"8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:658029bec140b359a87bb9266a88572550f589cbcbe0d7e5ce8c145ee33172cd_s390x",
"8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:7e6849449e3c2550679720a0b8c21a8cfd0fc34fa95e9b729d2102c53996fb32_arm64",
"8Base-RHOL-5.6:openshift-logging/vector-rhel8@sha256:f228c45422941ef7435f4337744e71844a6c843cb97f61ff74f3752ce5a9fda4_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "rubygem-activesupport: Possible XSS in SafeBuffer#bytesplice"
}
]
}
opensuse-su-2024:12886-1
Vulnerability from csaf_opensuse
Published
2024-06-15 00:00
Modified
2024-06-15 00:00
Summary
rmt-server-2.12-1.1 on GA media
Notes
Title of the patch
rmt-server-2.12-1.1 on GA media
Description of the patch
These are all security issues fixed in the rmt-server-2.12-1.1 package on the GA media of openSUSE Tumbleweed.
Patchnames
openSUSE-Tumbleweed-2024-12886
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "rmt-server-2.12-1.1 on GA media",
"title": "Title of the patch"
},
{
"category": "description",
"text": "These are all security issues fixed in the rmt-server-2.12-1.1 package on the GA media of openSUSE Tumbleweed.",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-Tumbleweed-2024-12886",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2024_12886-1.json"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-31254 page",
"url": "https://www.suse.com/security/cve/CVE-2022-31254/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-27530 page",
"url": "https://www.suse.com/security/cve/CVE-2023-27530/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-28120 page",
"url": "https://www.suse.com/security/cve/CVE-2023-28120/"
}
],
"title": "rmt-server-2.12-1.1 on GA media",
"tracking": {
"current_release_date": "2024-06-15T00:00:00Z",
"generator": {
"date": "2024-06-15T00:00:00Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2024:12886-1",
"initial_release_date": "2024-06-15T00:00:00Z",
"revision_history": [
{
"date": "2024-06-15T00:00:00Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "rmt-server-2.12-1.1.aarch64",
"product": {
"name": "rmt-server-2.12-1.1.aarch64",
"product_id": "rmt-server-2.12-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "rmt-server-config-2.12-1.1.aarch64",
"product": {
"name": "rmt-server-config-2.12-1.1.aarch64",
"product_id": "rmt-server-config-2.12-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "rmt-server-pubcloud-2.12-1.1.aarch64",
"product": {
"name": "rmt-server-pubcloud-2.12-1.1.aarch64",
"product_id": "rmt-server-pubcloud-2.12-1.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "rmt-server-2.12-1.1.ppc64le",
"product": {
"name": "rmt-server-2.12-1.1.ppc64le",
"product_id": "rmt-server-2.12-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "rmt-server-config-2.12-1.1.ppc64le",
"product": {
"name": "rmt-server-config-2.12-1.1.ppc64le",
"product_id": "rmt-server-config-2.12-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "rmt-server-pubcloud-2.12-1.1.ppc64le",
"product": {
"name": "rmt-server-pubcloud-2.12-1.1.ppc64le",
"product_id": "rmt-server-pubcloud-2.12-1.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "rmt-server-2.12-1.1.s390x",
"product": {
"name": "rmt-server-2.12-1.1.s390x",
"product_id": "rmt-server-2.12-1.1.s390x"
}
},
{
"category": "product_version",
"name": "rmt-server-config-2.12-1.1.s390x",
"product": {
"name": "rmt-server-config-2.12-1.1.s390x",
"product_id": "rmt-server-config-2.12-1.1.s390x"
}
},
{
"category": "product_version",
"name": "rmt-server-pubcloud-2.12-1.1.s390x",
"product": {
"name": "rmt-server-pubcloud-2.12-1.1.s390x",
"product_id": "rmt-server-pubcloud-2.12-1.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "rmt-server-2.12-1.1.x86_64",
"product": {
"name": "rmt-server-2.12-1.1.x86_64",
"product_id": "rmt-server-2.12-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "rmt-server-config-2.12-1.1.x86_64",
"product": {
"name": "rmt-server-config-2.12-1.1.x86_64",
"product_id": "rmt-server-config-2.12-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "rmt-server-pubcloud-2.12-1.1.x86_64",
"product": {
"name": "rmt-server-pubcloud-2.12-1.1.x86_64",
"product_id": "rmt-server-pubcloud-2.12-1.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Tumbleweed",
"product": {
"name": "openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:tumbleweed"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "rmt-server-2.12-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:rmt-server-2.12-1.1.aarch64"
},
"product_reference": "rmt-server-2.12-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rmt-server-2.12-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:rmt-server-2.12-1.1.ppc64le"
},
"product_reference": "rmt-server-2.12-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rmt-server-2.12-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:rmt-server-2.12-1.1.s390x"
},
"product_reference": "rmt-server-2.12-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rmt-server-2.12-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:rmt-server-2.12-1.1.x86_64"
},
"product_reference": "rmt-server-2.12-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rmt-server-config-2.12-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:rmt-server-config-2.12-1.1.aarch64"
},
"product_reference": "rmt-server-config-2.12-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rmt-server-config-2.12-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:rmt-server-config-2.12-1.1.ppc64le"
},
"product_reference": "rmt-server-config-2.12-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rmt-server-config-2.12-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:rmt-server-config-2.12-1.1.s390x"
},
"product_reference": "rmt-server-config-2.12-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rmt-server-config-2.12-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:rmt-server-config-2.12-1.1.x86_64"
},
"product_reference": "rmt-server-config-2.12-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rmt-server-pubcloud-2.12-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:rmt-server-pubcloud-2.12-1.1.aarch64"
},
"product_reference": "rmt-server-pubcloud-2.12-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rmt-server-pubcloud-2.12-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:rmt-server-pubcloud-2.12-1.1.ppc64le"
},
"product_reference": "rmt-server-pubcloud-2.12-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rmt-server-pubcloud-2.12-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:rmt-server-pubcloud-2.12-1.1.s390x"
},
"product_reference": "rmt-server-pubcloud-2.12-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rmt-server-pubcloud-2.12-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:rmt-server-pubcloud-2.12-1.1.x86_64"
},
"product_reference": "rmt-server-pubcloud-2.12-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-31254",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-31254"
}
],
"notes": [
{
"category": "general",
"text": "A Incorrect Default Permissions vulnerability in rmt-server-regsharing service of SUSE Linux Enterprise Server for SAP 15, SUSE Linux Enterprise Server for SAP 15-SP1, SUSE Manager Server 4.1; openSUSE Leap 15.3, openSUSE Leap 15.4 allows local attackers with access to the _rmt user to escalate to root. This issue affects: SUSE Linux Enterprise Server for SAP 15 rmt-server versions prior to 2.10. SUSE Linux Enterprise Server for SAP 15-SP1 rmt-server versions prior to 2.10. SUSE Manager Server 4.1 rmt-server versions prior to 2.10. openSUSE Leap 15.3 rmt-server versions prior to 2.10. openSUSE Leap 15.4 rmt-server versions prior to 2.10.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:rmt-server-2.12-1.1.aarch64",
"openSUSE Tumbleweed:rmt-server-2.12-1.1.ppc64le",
"openSUSE Tumbleweed:rmt-server-2.12-1.1.s390x",
"openSUSE Tumbleweed:rmt-server-2.12-1.1.x86_64",
"openSUSE Tumbleweed:rmt-server-config-2.12-1.1.aarch64",
"openSUSE Tumbleweed:rmt-server-config-2.12-1.1.ppc64le",
"openSUSE Tumbleweed:rmt-server-config-2.12-1.1.s390x",
"openSUSE Tumbleweed:rmt-server-config-2.12-1.1.x86_64",
"openSUSE Tumbleweed:rmt-server-pubcloud-2.12-1.1.aarch64",
"openSUSE Tumbleweed:rmt-server-pubcloud-2.12-1.1.ppc64le",
"openSUSE Tumbleweed:rmt-server-pubcloud-2.12-1.1.s390x",
"openSUSE Tumbleweed:rmt-server-pubcloud-2.12-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-31254",
"url": "https://www.suse.com/security/cve/CVE-2022-31254"
},
{
"category": "external",
"summary": "SUSE Bug 1204285 for CVE-2022-31254",
"url": "https://bugzilla.suse.com/1204285"
},
{
"category": "external",
"summary": "SUSE Bug 1207670 for CVE-2022-31254",
"url": "https://bugzilla.suse.com/1207670"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:rmt-server-2.12-1.1.aarch64",
"openSUSE Tumbleweed:rmt-server-2.12-1.1.ppc64le",
"openSUSE Tumbleweed:rmt-server-2.12-1.1.s390x",
"openSUSE Tumbleweed:rmt-server-2.12-1.1.x86_64",
"openSUSE Tumbleweed:rmt-server-config-2.12-1.1.aarch64",
"openSUSE Tumbleweed:rmt-server-config-2.12-1.1.ppc64le",
"openSUSE Tumbleweed:rmt-server-config-2.12-1.1.s390x",
"openSUSE Tumbleweed:rmt-server-config-2.12-1.1.x86_64",
"openSUSE Tumbleweed:rmt-server-pubcloud-2.12-1.1.aarch64",
"openSUSE Tumbleweed:rmt-server-pubcloud-2.12-1.1.ppc64le",
"openSUSE Tumbleweed:rmt-server-pubcloud-2.12-1.1.s390x",
"openSUSE Tumbleweed:rmt-server-pubcloud-2.12-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:rmt-server-2.12-1.1.aarch64",
"openSUSE Tumbleweed:rmt-server-2.12-1.1.ppc64le",
"openSUSE Tumbleweed:rmt-server-2.12-1.1.s390x",
"openSUSE Tumbleweed:rmt-server-2.12-1.1.x86_64",
"openSUSE Tumbleweed:rmt-server-config-2.12-1.1.aarch64",
"openSUSE Tumbleweed:rmt-server-config-2.12-1.1.ppc64le",
"openSUSE Tumbleweed:rmt-server-config-2.12-1.1.s390x",
"openSUSE Tumbleweed:rmt-server-config-2.12-1.1.x86_64",
"openSUSE Tumbleweed:rmt-server-pubcloud-2.12-1.1.aarch64",
"openSUSE Tumbleweed:rmt-server-pubcloud-2.12-1.1.ppc64le",
"openSUSE Tumbleweed:rmt-server-pubcloud-2.12-1.1.s390x",
"openSUSE Tumbleweed:rmt-server-pubcloud-2.12-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2022-31254"
},
{
"cve": "CVE-2023-27530",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-27530"
}
],
"notes": [
{
"category": "general",
"text": "A DoS vulnerability exists in Rack \u003cv3.0.4.2, \u003cv2.2.6.3, \u003cv2.1.4.3 and \u003cv2.0.9.3 within in the Multipart MIME parsing code in which could allow an attacker to craft requests that can be abuse to cause multipart parsing to take longer than expected.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:rmt-server-2.12-1.1.aarch64",
"openSUSE Tumbleweed:rmt-server-2.12-1.1.ppc64le",
"openSUSE Tumbleweed:rmt-server-2.12-1.1.s390x",
"openSUSE Tumbleweed:rmt-server-2.12-1.1.x86_64",
"openSUSE Tumbleweed:rmt-server-config-2.12-1.1.aarch64",
"openSUSE Tumbleweed:rmt-server-config-2.12-1.1.ppc64le",
"openSUSE Tumbleweed:rmt-server-config-2.12-1.1.s390x",
"openSUSE Tumbleweed:rmt-server-config-2.12-1.1.x86_64",
"openSUSE Tumbleweed:rmt-server-pubcloud-2.12-1.1.aarch64",
"openSUSE Tumbleweed:rmt-server-pubcloud-2.12-1.1.ppc64le",
"openSUSE Tumbleweed:rmt-server-pubcloud-2.12-1.1.s390x",
"openSUSE Tumbleweed:rmt-server-pubcloud-2.12-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-27530",
"url": "https://www.suse.com/security/cve/CVE-2023-27530"
},
{
"category": "external",
"summary": "SUSE Bug 1209095 for CVE-2023-27530",
"url": "https://bugzilla.suse.com/1209095"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:rmt-server-2.12-1.1.aarch64",
"openSUSE Tumbleweed:rmt-server-2.12-1.1.ppc64le",
"openSUSE Tumbleweed:rmt-server-2.12-1.1.s390x",
"openSUSE Tumbleweed:rmt-server-2.12-1.1.x86_64",
"openSUSE Tumbleweed:rmt-server-config-2.12-1.1.aarch64",
"openSUSE Tumbleweed:rmt-server-config-2.12-1.1.ppc64le",
"openSUSE Tumbleweed:rmt-server-config-2.12-1.1.s390x",
"openSUSE Tumbleweed:rmt-server-config-2.12-1.1.x86_64",
"openSUSE Tumbleweed:rmt-server-pubcloud-2.12-1.1.aarch64",
"openSUSE Tumbleweed:rmt-server-pubcloud-2.12-1.1.ppc64le",
"openSUSE Tumbleweed:rmt-server-pubcloud-2.12-1.1.s390x",
"openSUSE Tumbleweed:rmt-server-pubcloud-2.12-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:rmt-server-2.12-1.1.aarch64",
"openSUSE Tumbleweed:rmt-server-2.12-1.1.ppc64le",
"openSUSE Tumbleweed:rmt-server-2.12-1.1.s390x",
"openSUSE Tumbleweed:rmt-server-2.12-1.1.x86_64",
"openSUSE Tumbleweed:rmt-server-config-2.12-1.1.aarch64",
"openSUSE Tumbleweed:rmt-server-config-2.12-1.1.ppc64le",
"openSUSE Tumbleweed:rmt-server-config-2.12-1.1.s390x",
"openSUSE Tumbleweed:rmt-server-config-2.12-1.1.x86_64",
"openSUSE Tumbleweed:rmt-server-pubcloud-2.12-1.1.aarch64",
"openSUSE Tumbleweed:rmt-server-pubcloud-2.12-1.1.ppc64le",
"openSUSE Tumbleweed:rmt-server-pubcloud-2.12-1.1.s390x",
"openSUSE Tumbleweed:rmt-server-pubcloud-2.12-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2023-27530"
},
{
"cve": "CVE-2023-28120",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-28120"
}
],
"notes": [
{
"category": "general",
"text": "There is a vulnerability in ActiveSupport if the new bytesplice method is called on a SafeBuffer with untrusted user input.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:rmt-server-2.12-1.1.aarch64",
"openSUSE Tumbleweed:rmt-server-2.12-1.1.ppc64le",
"openSUSE Tumbleweed:rmt-server-2.12-1.1.s390x",
"openSUSE Tumbleweed:rmt-server-2.12-1.1.x86_64",
"openSUSE Tumbleweed:rmt-server-config-2.12-1.1.aarch64",
"openSUSE Tumbleweed:rmt-server-config-2.12-1.1.ppc64le",
"openSUSE Tumbleweed:rmt-server-config-2.12-1.1.s390x",
"openSUSE Tumbleweed:rmt-server-config-2.12-1.1.x86_64",
"openSUSE Tumbleweed:rmt-server-pubcloud-2.12-1.1.aarch64",
"openSUSE Tumbleweed:rmt-server-pubcloud-2.12-1.1.ppc64le",
"openSUSE Tumbleweed:rmt-server-pubcloud-2.12-1.1.s390x",
"openSUSE Tumbleweed:rmt-server-pubcloud-2.12-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-28120",
"url": "https://www.suse.com/security/cve/CVE-2023-28120"
},
{
"category": "external",
"summary": "SUSE Bug 1209505 for CVE-2023-28120",
"url": "https://bugzilla.suse.com/1209505"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:rmt-server-2.12-1.1.aarch64",
"openSUSE Tumbleweed:rmt-server-2.12-1.1.ppc64le",
"openSUSE Tumbleweed:rmt-server-2.12-1.1.s390x",
"openSUSE Tumbleweed:rmt-server-2.12-1.1.x86_64",
"openSUSE Tumbleweed:rmt-server-config-2.12-1.1.aarch64",
"openSUSE Tumbleweed:rmt-server-config-2.12-1.1.ppc64le",
"openSUSE Tumbleweed:rmt-server-config-2.12-1.1.s390x",
"openSUSE Tumbleweed:rmt-server-config-2.12-1.1.x86_64",
"openSUSE Tumbleweed:rmt-server-pubcloud-2.12-1.1.aarch64",
"openSUSE Tumbleweed:rmt-server-pubcloud-2.12-1.1.ppc64le",
"openSUSE Tumbleweed:rmt-server-pubcloud-2.12-1.1.s390x",
"openSUSE Tumbleweed:rmt-server-pubcloud-2.12-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:rmt-server-2.12-1.1.aarch64",
"openSUSE Tumbleweed:rmt-server-2.12-1.1.ppc64le",
"openSUSE Tumbleweed:rmt-server-2.12-1.1.s390x",
"openSUSE Tumbleweed:rmt-server-2.12-1.1.x86_64",
"openSUSE Tumbleweed:rmt-server-config-2.12-1.1.aarch64",
"openSUSE Tumbleweed:rmt-server-config-2.12-1.1.ppc64le",
"openSUSE Tumbleweed:rmt-server-config-2.12-1.1.s390x",
"openSUSE Tumbleweed:rmt-server-config-2.12-1.1.x86_64",
"openSUSE Tumbleweed:rmt-server-pubcloud-2.12-1.1.aarch64",
"openSUSE Tumbleweed:rmt-server-pubcloud-2.12-1.1.ppc64le",
"openSUSE Tumbleweed:rmt-server-pubcloud-2.12-1.1.s390x",
"openSUSE Tumbleweed:rmt-server-pubcloud-2.12-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2023-28120"
}
]
}
opensuse-su-2025:15114-1
Vulnerability from csaf_opensuse
Published
2025-05-17 00:00
Modified
2025-05-17 00:00
Summary
ruby3.4-rubygem-activesupport-7.0-7.0.8.6-1.3 on GA media
Notes
Title of the patch
ruby3.4-rubygem-activesupport-7.0-7.0.8.6-1.3 on GA media
Description of the patch
These are all security issues fixed in the ruby3.4-rubygem-activesupport-7.0-7.0.8.6-1.3 package on the GA media of openSUSE Tumbleweed.
Patchnames
openSUSE-Tumbleweed-2025-15114
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "ruby3.4-rubygem-activesupport-7.0-7.0.8.6-1.3 on GA media",
"title": "Title of the patch"
},
{
"category": "description",
"text": "These are all security issues fixed in the ruby3.4-rubygem-activesupport-7.0-7.0.8.6-1.3 package on the GA media of openSUSE Tumbleweed.",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-Tumbleweed-2025-15114",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2025_15114-1.json"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-22796 page",
"url": "https://www.suse.com/security/cve/CVE-2023-22796/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-28120 page",
"url": "https://www.suse.com/security/cve/CVE-2023-28120/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-38037 page",
"url": "https://www.suse.com/security/cve/CVE-2023-38037/"
}
],
"title": "ruby3.4-rubygem-activesupport-7.0-7.0.8.6-1.3 on GA media",
"tracking": {
"current_release_date": "2025-05-17T00:00:00Z",
"generator": {
"date": "2025-05-17T00:00:00Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2025:15114-1",
"initial_release_date": "2025-05-17T00:00:00Z",
"revision_history": [
{
"date": "2025-05-17T00:00:00Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "ruby3.4-rubygem-activesupport-7.0-7.0.8.6-1.3.aarch64",
"product": {
"name": "ruby3.4-rubygem-activesupport-7.0-7.0.8.6-1.3.aarch64",
"product_id": "ruby3.4-rubygem-activesupport-7.0-7.0.8.6-1.3.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "ruby3.4-rubygem-activesupport-7.0-7.0.8.6-1.3.ppc64le",
"product": {
"name": "ruby3.4-rubygem-activesupport-7.0-7.0.8.6-1.3.ppc64le",
"product_id": "ruby3.4-rubygem-activesupport-7.0-7.0.8.6-1.3.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "ruby3.4-rubygem-activesupport-7.0-7.0.8.6-1.3.s390x",
"product": {
"name": "ruby3.4-rubygem-activesupport-7.0-7.0.8.6-1.3.s390x",
"product_id": "ruby3.4-rubygem-activesupport-7.0-7.0.8.6-1.3.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "ruby3.4-rubygem-activesupport-7.0-7.0.8.6-1.3.x86_64",
"product": {
"name": "ruby3.4-rubygem-activesupport-7.0-7.0.8.6-1.3.x86_64",
"product_id": "ruby3.4-rubygem-activesupport-7.0-7.0.8.6-1.3.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Tumbleweed",
"product": {
"name": "openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:tumbleweed"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "ruby3.4-rubygem-activesupport-7.0-7.0.8.6-1.3.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:ruby3.4-rubygem-activesupport-7.0-7.0.8.6-1.3.aarch64"
},
"product_reference": "ruby3.4-rubygem-activesupport-7.0-7.0.8.6-1.3.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ruby3.4-rubygem-activesupport-7.0-7.0.8.6-1.3.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:ruby3.4-rubygem-activesupport-7.0-7.0.8.6-1.3.ppc64le"
},
"product_reference": "ruby3.4-rubygem-activesupport-7.0-7.0.8.6-1.3.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ruby3.4-rubygem-activesupport-7.0-7.0.8.6-1.3.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:ruby3.4-rubygem-activesupport-7.0-7.0.8.6-1.3.s390x"
},
"product_reference": "ruby3.4-rubygem-activesupport-7.0-7.0.8.6-1.3.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ruby3.4-rubygem-activesupport-7.0-7.0.8.6-1.3.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:ruby3.4-rubygem-activesupport-7.0-7.0.8.6-1.3.x86_64"
},
"product_reference": "ruby3.4-rubygem-activesupport-7.0-7.0.8.6-1.3.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-22796",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-22796"
}
],
"notes": [
{
"category": "general",
"text": "A regular expression based DoS vulnerability in Active Support \u003c6.1.7.1 and \u003c7.0.4.1. A specially crafted string passed to the underscore method can cause the regular expression engine to enter a state of catastrophic backtracking. This can cause the process to use large amounts of CPU and memory, leading to a possible DoS vulnerability.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:ruby3.4-rubygem-activesupport-7.0-7.0.8.6-1.3.aarch64",
"openSUSE Tumbleweed:ruby3.4-rubygem-activesupport-7.0-7.0.8.6-1.3.ppc64le",
"openSUSE Tumbleweed:ruby3.4-rubygem-activesupport-7.0-7.0.8.6-1.3.s390x",
"openSUSE Tumbleweed:ruby3.4-rubygem-activesupport-7.0-7.0.8.6-1.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-22796",
"url": "https://www.suse.com/security/cve/CVE-2023-22796"
},
{
"category": "external",
"summary": "SUSE Bug 1207454 for CVE-2023-22796",
"url": "https://bugzilla.suse.com/1207454"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:ruby3.4-rubygem-activesupport-7.0-7.0.8.6-1.3.aarch64",
"openSUSE Tumbleweed:ruby3.4-rubygem-activesupport-7.0-7.0.8.6-1.3.ppc64le",
"openSUSE Tumbleweed:ruby3.4-rubygem-activesupport-7.0-7.0.8.6-1.3.s390x",
"openSUSE Tumbleweed:ruby3.4-rubygem-activesupport-7.0-7.0.8.6-1.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:ruby3.4-rubygem-activesupport-7.0-7.0.8.6-1.3.aarch64",
"openSUSE Tumbleweed:ruby3.4-rubygem-activesupport-7.0-7.0.8.6-1.3.ppc64le",
"openSUSE Tumbleweed:ruby3.4-rubygem-activesupport-7.0-7.0.8.6-1.3.s390x",
"openSUSE Tumbleweed:ruby3.4-rubygem-activesupport-7.0-7.0.8.6-1.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-05-17T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2023-22796"
},
{
"cve": "CVE-2023-28120",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-28120"
}
],
"notes": [
{
"category": "general",
"text": "There is a vulnerability in ActiveSupport if the new bytesplice method is called on a SafeBuffer with untrusted user input.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:ruby3.4-rubygem-activesupport-7.0-7.0.8.6-1.3.aarch64",
"openSUSE Tumbleweed:ruby3.4-rubygem-activesupport-7.0-7.0.8.6-1.3.ppc64le",
"openSUSE Tumbleweed:ruby3.4-rubygem-activesupport-7.0-7.0.8.6-1.3.s390x",
"openSUSE Tumbleweed:ruby3.4-rubygem-activesupport-7.0-7.0.8.6-1.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-28120",
"url": "https://www.suse.com/security/cve/CVE-2023-28120"
},
{
"category": "external",
"summary": "SUSE Bug 1209505 for CVE-2023-28120",
"url": "https://bugzilla.suse.com/1209505"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:ruby3.4-rubygem-activesupport-7.0-7.0.8.6-1.3.aarch64",
"openSUSE Tumbleweed:ruby3.4-rubygem-activesupport-7.0-7.0.8.6-1.3.ppc64le",
"openSUSE Tumbleweed:ruby3.4-rubygem-activesupport-7.0-7.0.8.6-1.3.s390x",
"openSUSE Tumbleweed:ruby3.4-rubygem-activesupport-7.0-7.0.8.6-1.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:ruby3.4-rubygem-activesupport-7.0-7.0.8.6-1.3.aarch64",
"openSUSE Tumbleweed:ruby3.4-rubygem-activesupport-7.0-7.0.8.6-1.3.ppc64le",
"openSUSE Tumbleweed:ruby3.4-rubygem-activesupport-7.0-7.0.8.6-1.3.s390x",
"openSUSE Tumbleweed:ruby3.4-rubygem-activesupport-7.0-7.0.8.6-1.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-05-17T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2023-28120"
},
{
"cve": "CVE-2023-38037",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-38037"
}
],
"notes": [
{
"category": "general",
"text": "ActiveSupport::EncryptedFile writes contents that will be encrypted to a\r\ntemporary file. The temporary file\u0027s permissions are defaulted to the user\u0027s\r\ncurrent `umask` settings, meaning that it\u0027s possible for other users on the\r\nsame system to read the contents of the temporary file.\r\n\r\nAttackers that have access to the file system could possibly read the contents\r\nof this temporary file while a user is editing it.\r\n\r\nAll users running an affected release should either upgrade or use one of the\r\nworkarounds immediately.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:ruby3.4-rubygem-activesupport-7.0-7.0.8.6-1.3.aarch64",
"openSUSE Tumbleweed:ruby3.4-rubygem-activesupport-7.0-7.0.8.6-1.3.ppc64le",
"openSUSE Tumbleweed:ruby3.4-rubygem-activesupport-7.0-7.0.8.6-1.3.s390x",
"openSUSE Tumbleweed:ruby3.4-rubygem-activesupport-7.0-7.0.8.6-1.3.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-38037",
"url": "https://www.suse.com/security/cve/CVE-2023-38037"
},
{
"category": "external",
"summary": "SUSE Bug 1214807 for CVE-2023-38037",
"url": "https://bugzilla.suse.com/1214807"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:ruby3.4-rubygem-activesupport-7.0-7.0.8.6-1.3.aarch64",
"openSUSE Tumbleweed:ruby3.4-rubygem-activesupport-7.0-7.0.8.6-1.3.ppc64le",
"openSUSE Tumbleweed:ruby3.4-rubygem-activesupport-7.0-7.0.8.6-1.3.s390x",
"openSUSE Tumbleweed:ruby3.4-rubygem-activesupport-7.0-7.0.8.6-1.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-05-17T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2023-38037"
}
]
}
opensuse-su-2024:14071-1
Vulnerability from csaf_opensuse
Published
2024-06-24 00:00
Modified
2024-06-24 00:00
Summary
ruby3.3-rubygem-activesupport-7.0-7.0.8.4-1.1 on GA media
Notes
Title of the patch
ruby3.3-rubygem-activesupport-7.0-7.0.8.4-1.1 on GA media
Description of the patch
These are all security issues fixed in the ruby3.3-rubygem-activesupport-7.0-7.0.8.4-1.1 package on the GA media of openSUSE Tumbleweed.
Patchnames
openSUSE-Tumbleweed-2024-14071
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "ruby3.3-rubygem-activesupport-7.0-7.0.8.4-1.1 on GA media",
"title": "Title of the patch"
},
{
"category": "description",
"text": "These are all security issues fixed in the ruby3.3-rubygem-activesupport-7.0-7.0.8.4-1.1 package on the GA media of openSUSE Tumbleweed.",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-Tumbleweed-2024-14071",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2024_14071-1.json"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-22796 page",
"url": "https://www.suse.com/security/cve/CVE-2023-22796/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-28120 page",
"url": "https://www.suse.com/security/cve/CVE-2023-28120/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-38037 page",
"url": "https://www.suse.com/security/cve/CVE-2023-38037/"
}
],
"title": "ruby3.3-rubygem-activesupport-7.0-7.0.8.4-1.1 on GA media",
"tracking": {
"current_release_date": "2024-06-24T00:00:00Z",
"generator": {
"date": "2024-06-24T00:00:00Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2024:14071-1",
"initial_release_date": "2024-06-24T00:00:00Z",
"revision_history": [
{
"date": "2024-06-24T00:00:00Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "ruby3.3-rubygem-activesupport-7.0-7.0.8.4-1.1.aarch64",
"product": {
"name": "ruby3.3-rubygem-activesupport-7.0-7.0.8.4-1.1.aarch64",
"product_id": "ruby3.3-rubygem-activesupport-7.0-7.0.8.4-1.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "ruby3.3-rubygem-activesupport-7.0-7.0.8.4-1.1.ppc64le",
"product": {
"name": "ruby3.3-rubygem-activesupport-7.0-7.0.8.4-1.1.ppc64le",
"product_id": "ruby3.3-rubygem-activesupport-7.0-7.0.8.4-1.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "ruby3.3-rubygem-activesupport-7.0-7.0.8.4-1.1.s390x",
"product": {
"name": "ruby3.3-rubygem-activesupport-7.0-7.0.8.4-1.1.s390x",
"product_id": "ruby3.3-rubygem-activesupport-7.0-7.0.8.4-1.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "ruby3.3-rubygem-activesupport-7.0-7.0.8.4-1.1.x86_64",
"product": {
"name": "ruby3.3-rubygem-activesupport-7.0-7.0.8.4-1.1.x86_64",
"product_id": "ruby3.3-rubygem-activesupport-7.0-7.0.8.4-1.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Tumbleweed",
"product": {
"name": "openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:tumbleweed"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "ruby3.3-rubygem-activesupport-7.0-7.0.8.4-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:ruby3.3-rubygem-activesupport-7.0-7.0.8.4-1.1.aarch64"
},
"product_reference": "ruby3.3-rubygem-activesupport-7.0-7.0.8.4-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ruby3.3-rubygem-activesupport-7.0-7.0.8.4-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:ruby3.3-rubygem-activesupport-7.0-7.0.8.4-1.1.ppc64le"
},
"product_reference": "ruby3.3-rubygem-activesupport-7.0-7.0.8.4-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ruby3.3-rubygem-activesupport-7.0-7.0.8.4-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:ruby3.3-rubygem-activesupport-7.0-7.0.8.4-1.1.s390x"
},
"product_reference": "ruby3.3-rubygem-activesupport-7.0-7.0.8.4-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ruby3.3-rubygem-activesupport-7.0-7.0.8.4-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:ruby3.3-rubygem-activesupport-7.0-7.0.8.4-1.1.x86_64"
},
"product_reference": "ruby3.3-rubygem-activesupport-7.0-7.0.8.4-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-22796",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-22796"
}
],
"notes": [
{
"category": "general",
"text": "A regular expression based DoS vulnerability in Active Support \u003c6.1.7.1 and \u003c7.0.4.1. A specially crafted string passed to the underscore method can cause the regular expression engine to enter a state of catastrophic backtracking. This can cause the process to use large amounts of CPU and memory, leading to a possible DoS vulnerability.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:ruby3.3-rubygem-activesupport-7.0-7.0.8.4-1.1.aarch64",
"openSUSE Tumbleweed:ruby3.3-rubygem-activesupport-7.0-7.0.8.4-1.1.ppc64le",
"openSUSE Tumbleweed:ruby3.3-rubygem-activesupport-7.0-7.0.8.4-1.1.s390x",
"openSUSE Tumbleweed:ruby3.3-rubygem-activesupport-7.0-7.0.8.4-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-22796",
"url": "https://www.suse.com/security/cve/CVE-2023-22796"
},
{
"category": "external",
"summary": "SUSE Bug 1207454 for CVE-2023-22796",
"url": "https://bugzilla.suse.com/1207454"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:ruby3.3-rubygem-activesupport-7.0-7.0.8.4-1.1.aarch64",
"openSUSE Tumbleweed:ruby3.3-rubygem-activesupport-7.0-7.0.8.4-1.1.ppc64le",
"openSUSE Tumbleweed:ruby3.3-rubygem-activesupport-7.0-7.0.8.4-1.1.s390x",
"openSUSE Tumbleweed:ruby3.3-rubygem-activesupport-7.0-7.0.8.4-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:ruby3.3-rubygem-activesupport-7.0-7.0.8.4-1.1.aarch64",
"openSUSE Tumbleweed:ruby3.3-rubygem-activesupport-7.0-7.0.8.4-1.1.ppc64le",
"openSUSE Tumbleweed:ruby3.3-rubygem-activesupport-7.0-7.0.8.4-1.1.s390x",
"openSUSE Tumbleweed:ruby3.3-rubygem-activesupport-7.0-7.0.8.4-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-24T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2023-22796"
},
{
"cve": "CVE-2023-28120",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-28120"
}
],
"notes": [
{
"category": "general",
"text": "There is a vulnerability in ActiveSupport if the new bytesplice method is called on a SafeBuffer with untrusted user input.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:ruby3.3-rubygem-activesupport-7.0-7.0.8.4-1.1.aarch64",
"openSUSE Tumbleweed:ruby3.3-rubygem-activesupport-7.0-7.0.8.4-1.1.ppc64le",
"openSUSE Tumbleweed:ruby3.3-rubygem-activesupport-7.0-7.0.8.4-1.1.s390x",
"openSUSE Tumbleweed:ruby3.3-rubygem-activesupport-7.0-7.0.8.4-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-28120",
"url": "https://www.suse.com/security/cve/CVE-2023-28120"
},
{
"category": "external",
"summary": "SUSE Bug 1209505 for CVE-2023-28120",
"url": "https://bugzilla.suse.com/1209505"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:ruby3.3-rubygem-activesupport-7.0-7.0.8.4-1.1.aarch64",
"openSUSE Tumbleweed:ruby3.3-rubygem-activesupport-7.0-7.0.8.4-1.1.ppc64le",
"openSUSE Tumbleweed:ruby3.3-rubygem-activesupport-7.0-7.0.8.4-1.1.s390x",
"openSUSE Tumbleweed:ruby3.3-rubygem-activesupport-7.0-7.0.8.4-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:ruby3.3-rubygem-activesupport-7.0-7.0.8.4-1.1.aarch64",
"openSUSE Tumbleweed:ruby3.3-rubygem-activesupport-7.0-7.0.8.4-1.1.ppc64le",
"openSUSE Tumbleweed:ruby3.3-rubygem-activesupport-7.0-7.0.8.4-1.1.s390x",
"openSUSE Tumbleweed:ruby3.3-rubygem-activesupport-7.0-7.0.8.4-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-24T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2023-28120"
},
{
"cve": "CVE-2023-38037",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-38037"
}
],
"notes": [
{
"category": "general",
"text": "ActiveSupport::EncryptedFile writes contents that will be encrypted to a\r\ntemporary file. The temporary file\u0027s permissions are defaulted to the user\u0027s\r\ncurrent `umask` settings, meaning that it\u0027s possible for other users on the\r\nsame system to read the contents of the temporary file.\r\n\r\nAttackers that have access to the file system could possibly read the contents\r\nof this temporary file while a user is editing it.\r\n\r\nAll users running an affected release should either upgrade or use one of the\r\nworkarounds immediately.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:ruby3.3-rubygem-activesupport-7.0-7.0.8.4-1.1.aarch64",
"openSUSE Tumbleweed:ruby3.3-rubygem-activesupport-7.0-7.0.8.4-1.1.ppc64le",
"openSUSE Tumbleweed:ruby3.3-rubygem-activesupport-7.0-7.0.8.4-1.1.s390x",
"openSUSE Tumbleweed:ruby3.3-rubygem-activesupport-7.0-7.0.8.4-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-38037",
"url": "https://www.suse.com/security/cve/CVE-2023-38037"
},
{
"category": "external",
"summary": "SUSE Bug 1214807 for CVE-2023-38037",
"url": "https://bugzilla.suse.com/1214807"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:ruby3.3-rubygem-activesupport-7.0-7.0.8.4-1.1.aarch64",
"openSUSE Tumbleweed:ruby3.3-rubygem-activesupport-7.0-7.0.8.4-1.1.ppc64le",
"openSUSE Tumbleweed:ruby3.3-rubygem-activesupport-7.0-7.0.8.4-1.1.s390x",
"openSUSE Tumbleweed:ruby3.3-rubygem-activesupport-7.0-7.0.8.4-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-24T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2023-38037"
}
]
}
opensuse-su-2024:12804-1
Vulnerability from csaf_opensuse
Published
2024-06-15 00:00
Modified
2024-06-15 00:00
Summary
ruby3.1-rubygem-activesupport-7.0-7.0.4.3-1.1 on GA media
Notes
Title of the patch
ruby3.1-rubygem-activesupport-7.0-7.0.4.3-1.1 on GA media
Description of the patch
These are all security issues fixed in the ruby3.1-rubygem-activesupport-7.0-7.0.4.3-1.1 package on the GA media of openSUSE Tumbleweed.
Patchnames
openSUSE-Tumbleweed-2024-12804
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "ruby3.1-rubygem-activesupport-7.0-7.0.4.3-1.1 on GA media",
"title": "Title of the patch"
},
{
"category": "description",
"text": "These are all security issues fixed in the ruby3.1-rubygem-activesupport-7.0-7.0.4.3-1.1 package on the GA media of openSUSE Tumbleweed.",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-Tumbleweed-2024-12804",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2024_12804-1.json"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-28120 page",
"url": "https://www.suse.com/security/cve/CVE-2023-28120/"
}
],
"title": "ruby3.1-rubygem-activesupport-7.0-7.0.4.3-1.1 on GA media",
"tracking": {
"current_release_date": "2024-06-15T00:00:00Z",
"generator": {
"date": "2024-06-15T00:00:00Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2024:12804-1",
"initial_release_date": "2024-06-15T00:00:00Z",
"revision_history": [
{
"date": "2024-06-15T00:00:00Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "ruby3.1-rubygem-activesupport-7.0-7.0.4.3-1.1.aarch64",
"product": {
"name": "ruby3.1-rubygem-activesupport-7.0-7.0.4.3-1.1.aarch64",
"product_id": "ruby3.1-rubygem-activesupport-7.0-7.0.4.3-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "ruby3.2-rubygem-activesupport-7.0-7.0.4.3-1.1.aarch64",
"product": {
"name": "ruby3.2-rubygem-activesupport-7.0-7.0.4.3-1.1.aarch64",
"product_id": "ruby3.2-rubygem-activesupport-7.0-7.0.4.3-1.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "ruby3.1-rubygem-activesupport-7.0-7.0.4.3-1.1.ppc64le",
"product": {
"name": "ruby3.1-rubygem-activesupport-7.0-7.0.4.3-1.1.ppc64le",
"product_id": "ruby3.1-rubygem-activesupport-7.0-7.0.4.3-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "ruby3.2-rubygem-activesupport-7.0-7.0.4.3-1.1.ppc64le",
"product": {
"name": "ruby3.2-rubygem-activesupport-7.0-7.0.4.3-1.1.ppc64le",
"product_id": "ruby3.2-rubygem-activesupport-7.0-7.0.4.3-1.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "ruby3.1-rubygem-activesupport-7.0-7.0.4.3-1.1.s390x",
"product": {
"name": "ruby3.1-rubygem-activesupport-7.0-7.0.4.3-1.1.s390x",
"product_id": "ruby3.1-rubygem-activesupport-7.0-7.0.4.3-1.1.s390x"
}
},
{
"category": "product_version",
"name": "ruby3.2-rubygem-activesupport-7.0-7.0.4.3-1.1.s390x",
"product": {
"name": "ruby3.2-rubygem-activesupport-7.0-7.0.4.3-1.1.s390x",
"product_id": "ruby3.2-rubygem-activesupport-7.0-7.0.4.3-1.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "ruby3.1-rubygem-activesupport-7.0-7.0.4.3-1.1.x86_64",
"product": {
"name": "ruby3.1-rubygem-activesupport-7.0-7.0.4.3-1.1.x86_64",
"product_id": "ruby3.1-rubygem-activesupport-7.0-7.0.4.3-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "ruby3.2-rubygem-activesupport-7.0-7.0.4.3-1.1.x86_64",
"product": {
"name": "ruby3.2-rubygem-activesupport-7.0-7.0.4.3-1.1.x86_64",
"product_id": "ruby3.2-rubygem-activesupport-7.0-7.0.4.3-1.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Tumbleweed",
"product": {
"name": "openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:tumbleweed"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "ruby3.1-rubygem-activesupport-7.0-7.0.4.3-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:ruby3.1-rubygem-activesupport-7.0-7.0.4.3-1.1.aarch64"
},
"product_reference": "ruby3.1-rubygem-activesupport-7.0-7.0.4.3-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ruby3.1-rubygem-activesupport-7.0-7.0.4.3-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:ruby3.1-rubygem-activesupport-7.0-7.0.4.3-1.1.ppc64le"
},
"product_reference": "ruby3.1-rubygem-activesupport-7.0-7.0.4.3-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ruby3.1-rubygem-activesupport-7.0-7.0.4.3-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:ruby3.1-rubygem-activesupport-7.0-7.0.4.3-1.1.s390x"
},
"product_reference": "ruby3.1-rubygem-activesupport-7.0-7.0.4.3-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ruby3.1-rubygem-activesupport-7.0-7.0.4.3-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:ruby3.1-rubygem-activesupport-7.0-7.0.4.3-1.1.x86_64"
},
"product_reference": "ruby3.1-rubygem-activesupport-7.0-7.0.4.3-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ruby3.2-rubygem-activesupport-7.0-7.0.4.3-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:ruby3.2-rubygem-activesupport-7.0-7.0.4.3-1.1.aarch64"
},
"product_reference": "ruby3.2-rubygem-activesupport-7.0-7.0.4.3-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ruby3.2-rubygem-activesupport-7.0-7.0.4.3-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:ruby3.2-rubygem-activesupport-7.0-7.0.4.3-1.1.ppc64le"
},
"product_reference": "ruby3.2-rubygem-activesupport-7.0-7.0.4.3-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ruby3.2-rubygem-activesupport-7.0-7.0.4.3-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:ruby3.2-rubygem-activesupport-7.0-7.0.4.3-1.1.s390x"
},
"product_reference": "ruby3.2-rubygem-activesupport-7.0-7.0.4.3-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ruby3.2-rubygem-activesupport-7.0-7.0.4.3-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:ruby3.2-rubygem-activesupport-7.0-7.0.4.3-1.1.x86_64"
},
"product_reference": "ruby3.2-rubygem-activesupport-7.0-7.0.4.3-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-28120",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-28120"
}
],
"notes": [
{
"category": "general",
"text": "There is a vulnerability in ActiveSupport if the new bytesplice method is called on a SafeBuffer with untrusted user input.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:ruby3.1-rubygem-activesupport-7.0-7.0.4.3-1.1.aarch64",
"openSUSE Tumbleweed:ruby3.1-rubygem-activesupport-7.0-7.0.4.3-1.1.ppc64le",
"openSUSE Tumbleweed:ruby3.1-rubygem-activesupport-7.0-7.0.4.3-1.1.s390x",
"openSUSE Tumbleweed:ruby3.1-rubygem-activesupport-7.0-7.0.4.3-1.1.x86_64",
"openSUSE Tumbleweed:ruby3.2-rubygem-activesupport-7.0-7.0.4.3-1.1.aarch64",
"openSUSE Tumbleweed:ruby3.2-rubygem-activesupport-7.0-7.0.4.3-1.1.ppc64le",
"openSUSE Tumbleweed:ruby3.2-rubygem-activesupport-7.0-7.0.4.3-1.1.s390x",
"openSUSE Tumbleweed:ruby3.2-rubygem-activesupport-7.0-7.0.4.3-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-28120",
"url": "https://www.suse.com/security/cve/CVE-2023-28120"
},
{
"category": "external",
"summary": "SUSE Bug 1209505 for CVE-2023-28120",
"url": "https://bugzilla.suse.com/1209505"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:ruby3.1-rubygem-activesupport-7.0-7.0.4.3-1.1.aarch64",
"openSUSE Tumbleweed:ruby3.1-rubygem-activesupport-7.0-7.0.4.3-1.1.ppc64le",
"openSUSE Tumbleweed:ruby3.1-rubygem-activesupport-7.0-7.0.4.3-1.1.s390x",
"openSUSE Tumbleweed:ruby3.1-rubygem-activesupport-7.0-7.0.4.3-1.1.x86_64",
"openSUSE Tumbleweed:ruby3.2-rubygem-activesupport-7.0-7.0.4.3-1.1.aarch64",
"openSUSE Tumbleweed:ruby3.2-rubygem-activesupport-7.0-7.0.4.3-1.1.ppc64le",
"openSUSE Tumbleweed:ruby3.2-rubygem-activesupport-7.0-7.0.4.3-1.1.s390x",
"openSUSE Tumbleweed:ruby3.2-rubygem-activesupport-7.0-7.0.4.3-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:ruby3.1-rubygem-activesupport-7.0-7.0.4.3-1.1.aarch64",
"openSUSE Tumbleweed:ruby3.1-rubygem-activesupport-7.0-7.0.4.3-1.1.ppc64le",
"openSUSE Tumbleweed:ruby3.1-rubygem-activesupport-7.0-7.0.4.3-1.1.s390x",
"openSUSE Tumbleweed:ruby3.1-rubygem-activesupport-7.0-7.0.4.3-1.1.x86_64",
"openSUSE Tumbleweed:ruby3.2-rubygem-activesupport-7.0-7.0.4.3-1.1.aarch64",
"openSUSE Tumbleweed:ruby3.2-rubygem-activesupport-7.0-7.0.4.3-1.1.ppc64le",
"openSUSE Tumbleweed:ruby3.2-rubygem-activesupport-7.0-7.0.4.3-1.1.s390x",
"openSUSE Tumbleweed:ruby3.2-rubygem-activesupport-7.0-7.0.4.3-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2023-28120"
}
]
}
fkie_cve-2023-28120
Vulnerability from fkie_nvd
Published
2025-01-09 01:15
Modified
2025-01-09 22:15
Severity ?
Summary
There is a vulnerability in ActiveSupport if the new bytesplice method is called on a SafeBuffer with untrusted user input.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| support@hackerone.com | https://discuss.rubyonrails.org/t/cve-2023-28120-possible-xss-security-vulnerability-in-safebuffer-bytesplice/82469 | ||
| support@hackerone.com | https://github.com/rails/rails/commit/3cf23c3f891e2e81c977ea4ab83b62bc2a444b70 | ||
| support@hackerone.com | https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UPV6PVCX4VDJHLFFT42EXBBSGAWZICOW/ | ||
| support@hackerone.com | https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZE5W4MH6IE4DV7GELDK6ISCSTFLHKSYO/ | ||
| support@hackerone.com | https://security.netapp.com/advisory/ntap-20240202-0006/ | ||
| support@hackerone.com | https://www.debian.org/security/2023/dsa-5389 |
Impacted products
| Vendor | Product | Version |
|---|
{
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There is a vulnerability in ActiveSupport if the new bytesplice method is called on a SafeBuffer with untrusted user input."
},
{
"lang": "es",
"value": "Existe una vulnerabilidad en ActiveSupport si se llama al nuevo m\u00e9todo bytesplice en un SafeBuffer con una entrada de usuario no confiable."
}
],
"id": "CVE-2023-28120",
"lastModified": "2025-01-09T22:15:26.470",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4,
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
},
"published": "2025-01-09T01:15:07.637",
"references": [
{
"source": "support@hackerone.com",
"url": "https://discuss.rubyonrails.org/t/cve-2023-28120-possible-xss-security-vulnerability-in-safebuffer-bytesplice/82469"
},
{
"source": "support@hackerone.com",
"url": "https://github.com/rails/rails/commit/3cf23c3f891e2e81c977ea4ab83b62bc2a444b70"
},
{
"source": "support@hackerone.com",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UPV6PVCX4VDJHLFFT42EXBBSGAWZICOW/"
},
{
"source": "support@hackerone.com",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZE5W4MH6IE4DV7GELDK6ISCSTFLHKSYO/"
},
{
"source": "support@hackerone.com",
"url": "https://security.netapp.com/advisory/ntap-20240202-0006/"
},
{
"source": "support@hackerone.com",
"url": "https://www.debian.org/security/2023/dsa-5389"
}
],
"sourceIdentifier": "support@hackerone.com",
"vulnStatus": "Awaiting Analysis",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
}
gsd-2023-28120
Vulnerability from gsd
Modified
2023-03-13 00:00
Details
There is a vulnerability in ActiveSupport if the new bytesplice method is called on a SafeBuffer with untrusted user input.
This vulnerability has been assigned the CVE identifier CVE-2023-28120.
Versions Affected: All. Not affected: None Fixed Versions: 7.0.4.3, 6.1.7.3
# Impact
ActiveSupport uses the SafeBuffer string subclass to tag strings as html_safe after they have been sanitized.
When these strings are mutated, the tag is should be removed to mark them as no longer being html_safe.
Ruby 3.2 introduced a new bytesplice method which ActiveSupport did not yet understand to be a mutation.
Users on older versions of Ruby are likely unaffected.
All users running an affected release and using bytesplice should either upgrade or use one of the workarounds immediately.
# Workarounds
Avoid calling bytesplice on a SafeBuffer (html_safe) string with untrusted user input.
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2023-28120",
"id": "GSD-2023-28120"
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"affected": [
{
"package": {
"ecosystem": "RubyGems",
"name": "activesupport",
"purl": "pkg:gem/activesupport"
}
}
],
"aliases": [
"CVE-2023-28120",
"GHSA-pj73-v5mw-pm9j"
],
"details": "There is a vulnerability in ActiveSupport if the new bytesplice method is called on a SafeBuffer with untrusted user input.\nThis vulnerability has been assigned the CVE identifier CVE-2023-28120.\n\nVersions Affected: All. Not affected: None Fixed Versions: 7.0.4.3, 6.1.7.3\n\n# Impact\n\nActiveSupport uses the SafeBuffer string subclass to tag strings as html_safe after they have been sanitized.\nWhen these strings are mutated, the tag is should be removed to mark them as no longer being html_safe.\n\nRuby 3.2 introduced a new bytesplice method which ActiveSupport did not yet understand to be a mutation.\nUsers on older versions of Ruby are likely unaffected.\n\nAll users running an affected release and using bytesplice should either upgrade or use one of the workarounds immediately.\n\n# Workarounds\n\nAvoid calling bytesplice on a SafeBuffer (html_safe) string with untrusted user input.\n",
"id": "GSD-2023-28120",
"modified": "2023-03-13T00:00:00.000Z",
"published": "2023-03-13T00:00:00.000Z",
"references": [
{
"type": "WEB",
"url": "https://discuss.rubyonrails.org/t/cve-2023-28120-possible-xss-security-vulnerability-in-safebuffer-bytesplice/82469"
}
],
"schema_version": "1.4.0",
"summary": "Possible XSS Security Vulnerability in SafeBuffer#bytesplice"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2023-28120",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
},
"github.com/rubysec/ruby-advisory-db": {
"cve": "2023-28120",
"date": "2023-03-13",
"description": "There is a vulnerability in ActiveSupport if the new bytesplice method is called on a SafeBuffer with untrusted user input.\nThis vulnerability has been assigned the CVE identifier CVE-2023-28120.\n\nVersions Affected: All. Not affected: None Fixed Versions: 7.0.4.3, 6.1.7.3\n\n# Impact\n\nActiveSupport uses the SafeBuffer string subclass to tag strings as html_safe after they have been sanitized.\nWhen these strings are mutated, the tag is should be removed to mark them as no longer being html_safe.\n\nRuby 3.2 introduced a new bytesplice method which ActiveSupport did not yet understand to be a mutation.\nUsers on older versions of Ruby are likely unaffected.\n\nAll users running an affected release and using bytesplice should either upgrade or use one of the workarounds immediately.\n\n# Workarounds\n\nAvoid calling bytesplice on a SafeBuffer (html_safe) string with untrusted user input.\n",
"framework": "rails",
"gem": "activesupport",
"ghsa": "pj73-v5mw-pm9j",
"patched_versions": [
"~\u003e 6.1.7, \u003e= 6.1.7.3",
"\u003e= 7.0.4.3"
],
"title": "Possible XSS Security Vulnerability in SafeBuffer#bytesplice",
"url": "https://discuss.rubyonrails.org/t/cve-2023-28120-possible-xss-security-vulnerability-in-safebuffer-bytesplice/82469"
},
"gitlab.com": {
"advisories": [
{
"affected_range": "\u003c6.1.7.3||\u003e=7.0.0 \u003c7.0.4.3",
"affected_versions": "All versions before 6.1.7.3, all versions starting from 7.0.0 before 7.0.4.3",
"cwe_ids": [
"CWE-1035",
"CWE-937"
],
"date": "2023-03-15",
"description": "There is a vulnerability in ActiveSupport if the new bytesplice method is called on a SafeBuffer with untrusted user input.\nThis vulnerability has been assigned the CVE identifier CVE-2023-28120.\n\nVersions Affected: All. Not affected: None Fixed Versions: 7.0.4.3, 6.1.7.3\n\n# Impact\n\nActiveSupport uses the SafeBuffer string subclass to tag strings as html_safe after they have been sanitized.\nWhen these strings are mutated, the tag is should be removed to mark them as no longer being html_safe.\n\nRuby 3.2 introduced a new bytesplice method which ActiveSupport does not yet understand to be a mutation.\nUsers on older versions of Ruby are likely unaffected.\n\nAll users running an affected release and using bytesplice should either upgrade or use one of the workarounds immediately.\n\n# Workarounds\n\nAvoid calling bytesplice on a SafeBuffer (html_safe) string with untrusted user input.\n",
"fixed_versions": [
"6.1.7.3",
"7.0.4.3"
],
"identifier": "GMS-2023-765",
"identifiers": [
"GHSA-pj73-v5mw-pm9j",
"GMS-2023-765",
"CVE-2023-28120"
],
"not_impacted": "All versions starting from 6.1.7.3 before 7.0.0, all versions starting from 7.0.4.3",
"package_slug": "gem/activesupport",
"pubdate": "2023-03-15",
"solution": "Upgrade to versions 6.1.7.3, 7.0.4.3 or above.",
"title": "Possible XSS Security Vulnerability in SafeBuffer#bytesplice",
"urls": [
"https://nvd.nist.gov/vuln/detail/CVE-2023-28120",
"https://discuss.rubyonrails.org/t/cve-2023-28120-possible-xss-security-vulnerability-in-safebuffer-bytesplice/82469",
"https://github.com/rubysec/ruby-advisory-db/blob/master/gems/activesupport/CVE-2023-28120.yml",
"https://github.com/advisories/GHSA-pj73-v5mw-pm9j"
],
"uuid": "6ce441b7-9e7a-4876-bf3f-fea00887e42d"
}
]
}
}
}
wid-sec-w-2023-0632
Vulnerability from csaf_certbund
Published
2023-03-13 23:00
Modified
2025-07-16 22:00
Summary
Ruby on Rails: Mehrere Schwachstellen
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
Ruby on Rails ist ein in der Programmiersprache Ruby geschriebenes und quelloffenes Web Application Framework.
Angriff
Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in Ruby on Rails ausnutzen, um einen Cross-Site Scripting Angriff durchzuführen, unbekannte Auswirkungen zu verursachen oder einen Denial of Service Zustand herbeizuführen.
Betroffene Betriebssysteme
- Linux
- Sonstiges
- UNIX
- Windows
{
"document": {
"aggregate_severity": {
"text": "mittel"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Ruby on Rails ist ein in der Programmiersprache Ruby geschriebenes und quelloffenes Web Application Framework.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in Ruby on Rails ausnutzen, um einen Cross-Site Scripting Angriff durchzuf\u00fchren, unbekannte Auswirkungen zu verursachen oder einen Denial of Service Zustand herbeizuf\u00fchren.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Linux\n- Sonstiges\n- UNIX\n- Windows",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2023-0632 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2023/wid-sec-w-2023-0632.json"
},
{
"category": "self",
"summary": "WID-SEC-2023-0632 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-0632"
},
{
"category": "external",
"summary": "Ruby on Rails Security Advisory vom 2023-03-13",
"url": "https://discuss.rubyonrails.org/t/cve-2023-23913-dom-based-cross-site-scripting-in-rails-ujs-for-contenteditable-html-elements/82468"
},
{
"category": "external",
"summary": "Ruby on Rails Security Advisory vom 2023-03-13",
"url": "https://discuss.rubyonrails.org/t/cve-2023-27531-possible-deserialization-of-untrusted-data-vulnerability-in-kredis-json/82467"
},
{
"category": "external",
"summary": "Ruby on Rails Security Advisory vom 2023-03-13",
"url": "https://discuss.rubyonrails.org/t/cve-2023-27539-possible-denial-of-service-vulnerability-in-racks-header-parsing/82466"
},
{
"category": "external",
"summary": "Ruby on Rails Security Advisory vom 2023-03-13",
"url": "https://discuss.rubyonrails.org/t/cve-2023-28120-possible-xss-security-vulnerability-in-safebuffer-bytesplice/82469"
},
{
"category": "external",
"summary": "Fedora Security Advisory FEDORA-2023-7002AFBBB8 vom 2023-03-28",
"url": "https://bodhi.fedoraproject.org/updates/FEDORA-2023-7002afbbb8"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2023:1685-1 vom 2023-03-29",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2023-March/014232.html"
},
{
"category": "external",
"summary": "Debian Security Advisory DSA-5389 vom 2023-04-14",
"url": "https://lists.debian.org/debian-security-announce/2023/msg00079.html"
},
{
"category": "external",
"summary": "Debian Security Advisory DLA-3392 vom 2023-04-17",
"url": "https://lists.debian.org/debian-lts-announce/2023/04/msg00018.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2023:1869-1 vom 2023-04-17",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2023-April/014477.html"
},
{
"category": "external",
"summary": "Debian Security Advisory DLA-3392 vom 2023-04-17",
"url": "https://lists.debian.org/debian-lts-announce/2023/04/msg00017.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2023:1961 vom 2023-04-25",
"url": "https://access.redhat.com/errata/RHSA-2023:1961"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2023:1981 vom 2023-04-25",
"url": "https://access.redhat.com/errata/RHSA-2023:1981"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2023:1953 vom 2023-04-26",
"url": "https://access.redhat.com/errata/RHSA-2023:1953"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALAS-2023-2022 vom 2023-05-03",
"url": "https://alas.aws.amazon.com/AL2/ALAS-2023-2022.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2023:3082 vom 2023-05-16",
"url": "https://access.redhat.com/errata/RHSA-2023:3082"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2023:2280-1 vom 2023-05-24",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2023-May/014955.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2023:2295-1 vom 2023-05-25",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2023-May/014983.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2023:2294-1 vom 2023-05-25",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2023-May/014984.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2023:2304-1 vom 2023-05-25",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2023-May/015002.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2023:3403 vom 2023-05-31",
"url": "https://access.redhat.com/errata/RHSA-2023:3403"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2023:3495 vom 2023-06-13",
"url": "https://access.redhat.com/errata/RHSA-2023:3495"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2023:2781-1 vom 2023-07-04",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2023-July/015411.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2023:3813-1 vom 2023-09-27",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2023-September/016345.html"
},
{
"category": "external",
"summary": "Debian Security Advisory DSA-5530 vom 2023-10-22",
"url": "https://lists.debian.org/debian-security-announce/2023/msg00226.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2023:6818 vom 2023-11-09",
"url": "https://access.redhat.com/errata/RHSA-2023:6818"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-6905-1 vom 2024-07-23",
"url": "https://ubuntu.com/security/notices/USN-6905-1"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7036-1 vom 2024-09-26",
"url": "https://ubuntu.com/security/notices/USN-7036-1"
},
{
"category": "external",
"summary": "openSUSE Security Update OPENSUSE-SU-2025:14811-1 vom 2025-02-15",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/FLQ74D2IZAJC5KD6QXVUZAQ6O5LNAWZX/"
},
{
"category": "external",
"summary": "Fedora Security Advisory FEDORA-2025-203B7DB566 vom 2025-07-17",
"url": "https://bodhi.fedoraproject.org/updates/FEDORA-2025-203b7db566"
}
],
"source_lang": "en-US",
"title": "Ruby on Rails: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2025-07-16T22:00:00.000+00:00",
"generator": {
"date": "2025-07-17T06:27:15.159+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.4.0"
}
},
"id": "WID-SEC-W-2023-0632",
"initial_release_date": "2023-03-13T23:00:00.000+00:00",
"revision_history": [
{
"date": "2023-03-13T23:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
},
{
"date": "2023-03-28T22:00:00.000+00:00",
"number": "2",
"summary": "Neue Updates von Fedora aufgenommen"
},
{
"date": "2023-03-29T22:00:00.000+00:00",
"number": "3",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2023-04-16T22:00:00.000+00:00",
"number": "4",
"summary": "Neue Updates von Debian aufgenommen"
},
{
"date": "2023-04-17T22:00:00.000+00:00",
"number": "5",
"summary": "Neue Updates von Debian und SUSE aufgenommen"
},
{
"date": "2023-04-24T22:00:00.000+00:00",
"number": "6",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2023-04-26T22:00:00.000+00:00",
"number": "7",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2023-05-02T22:00:00.000+00:00",
"number": "8",
"summary": "Neue Updates von Amazon aufgenommen"
},
{
"date": "2023-05-16T22:00:00.000+00:00",
"number": "9",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2023-05-23T22:00:00.000+00:00",
"number": "10",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2023-05-24T22:00:00.000+00:00",
"number": "11",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2023-05-25T22:00:00.000+00:00",
"number": "12",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2023-05-31T22:00:00.000+00:00",
"number": "13",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2023-06-12T22:00:00.000+00:00",
"number": "14",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2023-07-04T22:00:00.000+00:00",
"number": "15",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2023-09-27T22:00:00.000+00:00",
"number": "16",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2023-10-22T22:00:00.000+00:00",
"number": "17",
"summary": "Neue Updates von Debian aufgenommen"
},
{
"date": "2023-11-08T23:00:00.000+00:00",
"number": "18",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2024-07-22T22:00:00.000+00:00",
"number": "19",
"summary": "Neue Updates von Ubuntu aufgenommen"
},
{
"date": "2024-09-25T22:00:00.000+00:00",
"number": "20",
"summary": "Neue Updates von Ubuntu aufgenommen"
},
{
"date": "2025-02-16T23:00:00.000+00:00",
"number": "21",
"summary": "Neue Updates von openSUSE aufgenommen"
},
{
"date": "2025-07-16T22:00:00.000+00:00",
"number": "22",
"summary": "Neue Updates von Fedora aufgenommen"
}
],
"status": "final",
"version": "22"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Amazon Linux 2",
"product": {
"name": "Amazon Linux 2",
"product_id": "398363",
"product_identification_helper": {
"cpe": "cpe:/o:amazon:linux_2:-"
}
}
}
],
"category": "vendor",
"name": "Amazon"
},
{
"branches": [
{
"category": "product_name",
"name": "Debian Linux",
"product": {
"name": "Debian Linux",
"product_id": "2951",
"product_identification_helper": {
"cpe": "cpe:/o:debian:debian_linux:-"
}
}
}
],
"category": "vendor",
"name": "Debian"
},
{
"branches": [
{
"category": "product_name",
"name": "Fedora Linux",
"product": {
"name": "Fedora Linux",
"product_id": "74185",
"product_identification_helper": {
"cpe": "cpe:/o:fedoraproject:fedora:-"
}
}
}
],
"category": "vendor",
"name": "Fedora"
},
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c6.1.7.3",
"product": {
"name": "Open Source Ruby on Rails \u003c6.1.7.3",
"product_id": "T026726"
}
},
{
"category": "product_version",
"name": "6.1.7.3",
"product": {
"name": "Open Source Ruby on Rails 6.1.7.3",
"product_id": "T026726-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:rubyonrails:ruby_on_rails:6.1.7.3"
}
}
},
{
"category": "product_version_range",
"name": "\u003c7.0.4.3",
"product": {
"name": "Open Source Ruby on Rails \u003c7.0.4.3",
"product_id": "T026727"
}
},
{
"category": "product_version",
"name": "7.0.4.3",
"product": {
"name": "Open Source Ruby on Rails 7.0.4.3",
"product_id": "T026727-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:rubyonrails:ruby_on_rails:7.0.4.3"
}
}
},
{
"category": "product_version_range",
"name": "\u003cKredis 1.3.0.1",
"product": {
"name": "Open Source Ruby on Rails \u003cKredis 1.3.0.1",
"product_id": "T026728"
}
},
{
"category": "product_version",
"name": "Kredis 1.3.0.1",
"product": {
"name": "Open Source Ruby on Rails Kredis 1.3.0.1",
"product_id": "T026728-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:rubyonrails:ruby_on_rails:kredis_1.3.0.1"
}
}
},
{
"category": "product_version_range",
"name": "\u003cRack 2.2.6.4",
"product": {
"name": "Open Source Ruby on Rails \u003cRack 2.2.6.4",
"product_id": "T026729"
}
},
{
"category": "product_version",
"name": "Rack 2.2.6.4",
"product": {
"name": "Open Source Ruby on Rails Rack 2.2.6.4",
"product_id": "T026729-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:rubyonrails:ruby_on_rails:rack_2.2.6.4"
}
}
},
{
"category": "product_version_range",
"name": "\u003cRack 3.0.6.1",
"product": {
"name": "Open Source Ruby on Rails \u003cRack 3.0.6.1",
"product_id": "T026730"
}
},
{
"category": "product_version",
"name": "Rack 3.0.6.1",
"product": {
"name": "Open Source Ruby on Rails Rack 3.0.6.1",
"product_id": "T026730-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:rubyonrails:ruby_on_rails:rack_3.0.6.1"
}
}
}
],
"category": "product_name",
"name": "Ruby on Rails"
}
],
"category": "vendor",
"name": "Open Source"
},
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux",
"product": {
"name": "Red Hat Enterprise Linux",
"product_id": "67646",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:-"
}
}
},
{
"branches": [
{
"category": "product_version",
"name": "Logging Subsystem 5.7.2",
"product": {
"name": "Red Hat OpenShift Logging Subsystem 5.7.2",
"product_id": "T028042",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift:logging_subsystem_5.7.2"
}
}
}
],
"category": "product_name",
"name": "OpenShift"
}
],
"category": "vendor",
"name": "Red Hat"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux",
"product": {
"name": "SUSE Linux",
"product_id": "T002207",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse_linux:-"
}
}
},
{
"category": "product_name",
"name": "SUSE openSUSE",
"product": {
"name": "SUSE openSUSE",
"product_id": "T027843",
"product_identification_helper": {
"cpe": "cpe:/o:suse:opensuse:-"
}
}
}
],
"category": "vendor",
"name": "SUSE"
},
{
"branches": [
{
"category": "product_name",
"name": "Ubuntu Linux",
"product": {
"name": "Ubuntu Linux",
"product_id": "T000126",
"product_identification_helper": {
"cpe": "cpe:/o:canonical:ubuntu_linux:-"
}
}
}
],
"category": "vendor",
"name": "Ubuntu"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-23913",
"product_status": {
"known_affected": [
"T028042",
"T026727",
"2951",
"T002207",
"67646",
"T026726",
"T000126",
"T027843",
"398363",
"74185"
]
},
"release_date": "2023-03-13T23:00:00.000+00:00",
"title": "CVE-2023-23913"
},
{
"cve": "CVE-2023-28120",
"product_status": {
"known_affected": [
"T028042",
"T026727",
"2951",
"T002207",
"67646",
"T026726",
"T000126",
"T027843",
"398363",
"74185"
]
},
"release_date": "2023-03-13T23:00:00.000+00:00",
"title": "CVE-2023-28120"
},
{
"cve": "CVE-2023-27531",
"product_status": {
"known_affected": [
"T028042",
"T026728",
"2951",
"T002207",
"67646",
"T000126",
"T027843",
"398363",
"74185"
]
},
"release_date": "2023-03-13T23:00:00.000+00:00",
"title": "CVE-2023-27531"
},
{
"cve": "CVE-2023-27539",
"product_status": {
"known_affected": [
"T026729",
"T028042",
"2951",
"T002207",
"67646",
"T000126",
"T027843",
"398363",
"T026730",
"74185"
]
},
"release_date": "2023-03-13T23:00:00.000+00:00",
"title": "CVE-2023-27539"
}
]
}
ghsa-pj73-v5mw-pm9j
Vulnerability from github
Published
2023-03-15 21:36
Modified
2025-01-10 18:32
Severity ?
VLAI Severity ?
Summary
Possible XSS Security Vulnerability in SafeBuffer#bytesplice
Details
There is a vulnerability in ActiveSupport if the new bytesplice method is called on a SafeBuffer with untrusted user input. This vulnerability has been assigned the CVE identifier CVE-2023-28120.
Versions Affected: All. Not affected: None Fixed Versions: 7.0.4.3, 6.1.7.3
Impact
ActiveSupport uses the SafeBuffer string subclass to tag strings as html_safe after they have been sanitized. When these strings are mutated, the tag is should be removed to mark them as no longer being html_safe.
Ruby 3.2 introduced a new bytesplice method which ActiveSupport did not yet understand to be a mutation. Users on older versions of Ruby are likely unaffected.
All users running an affected release and using bytesplice should either upgrade or use one of the workarounds immediately.
Workarounds
Avoid calling bytesplice on a SafeBuffer (html_safe) string with untrusted user input.
{
"affected": [
{
"package": {
"ecosystem": "RubyGems",
"name": "activesupport"
},
"ranges": [
{
"events": [
{
"introduced": "7.0.0"
},
{
"fixed": "7.0.4.3"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "RubyGems",
"name": "activesupport"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "6.1.7.3"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2023-28120"
],
"database_specific": {
"cwe_ids": [
"CWE-79"
],
"github_reviewed": true,
"github_reviewed_at": "2023-03-15T21:36:01Z",
"nvd_published_at": "2025-01-09T01:15:07Z",
"severity": "MODERATE"
},
"details": "There is a vulnerability in ActiveSupport if the new bytesplice method is called on a SafeBuffer with untrusted user input.\nThis vulnerability has been assigned the CVE identifier CVE-2023-28120.\n\nVersions Affected: All. Not affected: None Fixed Versions: 7.0.4.3, 6.1.7.3\n\n# Impact\n\nActiveSupport uses the SafeBuffer string subclass to tag strings as html_safe after they have been sanitized.\nWhen these strings are mutated, the tag is should be removed to mark them as no longer being html_safe.\n\nRuby 3.2 introduced a new bytesplice method which ActiveSupport did not yet understand to be a mutation.\nUsers on older versions of Ruby are likely unaffected.\n\nAll users running an affected release and using bytesplice should either upgrade or use one of the workarounds immediately.\n\n# Workarounds\n\nAvoid calling bytesplice on a SafeBuffer (html_safe) string with untrusted user input.\n",
"id": "GHSA-pj73-v5mw-pm9j",
"modified": "2025-01-10T18:32:43Z",
"published": "2023-03-15T21:36:01Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-28120"
},
{
"type": "WEB",
"url": "https://github.com/rails/rails/commit/3cf23c3f891e2e81c977ea4ab83b62bc2a444b70"
},
{
"type": "WEB",
"url": "https://discuss.rubyonrails.org/t/cve-2023-28120-possible-xss-security-vulnerability-in-safebuffer-bytesplice/82469"
},
{
"type": "WEB",
"url": "https://github.com/rubysec/ruby-advisory-db/blob/master/gems/activesupport/CVE-2023-28120.yml"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UPV6PVCX4VDJHLFFT42EXBBSGAWZICOW"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZE5W4MH6IE4DV7GELDK6ISCSTFLHKSYO"
},
{
"type": "WEB",
"url": "https://security.netapp.com/advisory/ntap-20240202-0006"
},
{
"type": "WEB",
"url": "https://www.debian.org/security/2023/dsa-5389"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"type": "CVSS_V3"
}
],
"summary": "Possible XSS Security Vulnerability in SafeBuffer#bytesplice"
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…