rhsa-2024:4626
Vulnerability from csaf_redhat
Published
2024-07-18 13:37
Modified
2025-08-13 15:17
Summary
Red Hat Security Advisory: Errata Advisory for Red Hat OpenShift GitOps v1.11.6 security update
Notes
Topic
An update is now available for Red Hat OpenShift GitOps v1.11.6. Red Hat
Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Errata Advisory for Red Hat OpenShift GitOps v1.11.6
Security Fix(es):
* openshift-gitops-argocd-container: golang-protobuf: encoding/protojson, internal/encoding/json: infinite loop in protojson.Unmarshal when unmarshaling certain forms of invalid JSON [gitops-1.11](CVE-2024-24786)
* openshift-gitops-argocd-container: helm: Missing YAML Content Leads To Panic [gitops-1.11](CVE-2024-26147)
* openshift-gitops-argocd-container: helm: Dependency management path traversal [gitops-1.11](CVE-2024-25620)
* Multiple CVEs in openshift-gitops-redis container
For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update is now available for Red Hat OpenShift GitOps v1.11.6. Red Hat\nProduct Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Errata Advisory for Red Hat OpenShift GitOps v1.11.6\n\nSecurity Fix(es):\n\n* openshift-gitops-argocd-container: golang-protobuf: encoding/protojson, internal/encoding/json: infinite loop in protojson.Unmarshal when unmarshaling certain forms of invalid JSON [gitops-1.11](CVE-2024-24786)\n\n* openshift-gitops-argocd-container: helm: Missing YAML Content Leads To Panic [gitops-1.11](CVE-2024-26147)\n\n* openshift-gitops-argocd-container: helm: Dependency management path traversal [gitops-1.11](CVE-2024-25620)\n\n* Multiple CVEs in openshift-gitops-redis container\n\nFor more details about the security issue(s), including the impact, a CVSS\nscore, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2024:4626",
"url": "https://access.redhat.com/errata/RHSA-2024:4626"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "2264336",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2264336"
},
{
"category": "external",
"summary": "2265440",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2265440"
},
{
"category": "external",
"summary": "2268046",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2268046"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_4626.json"
}
],
"title": "Red Hat Security Advisory: Errata Advisory for Red Hat OpenShift GitOps v1.11.6 security update",
"tracking": {
"current_release_date": "2025-08-13T15:17:14+00:00",
"generator": {
"date": "2025-08-13T15:17:14+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.6"
}
},
"id": "RHSA-2024:4626",
"initial_release_date": "2024-07-18T13:37:38+00:00",
"revision_history": [
{
"date": "2024-07-18T13:37:38+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2024-07-18T13:37:38+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-08-13T15:17:14+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat OpenShift GitOps 1.11",
"product": {
"name": "Red Hat OpenShift GitOps 1.11",
"product_id": "8Base-GitOps-1.11",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift_gitops:1.11::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenShift GitOps"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-gitops-1/argocd-rhel8@sha256:b2fbdc3c9926b23f7e8506ad6a7062e6ca326bb3b69984762f7e4f29b1f4f93c_amd64",
"product": {
"name": "openshift-gitops-1/argocd-rhel8@sha256:b2fbdc3c9926b23f7e8506ad6a7062e6ca326bb3b69984762f7e4f29b1f4f93c_amd64",
"product_id": "openshift-gitops-1/argocd-rhel8@sha256:b2fbdc3c9926b23f7e8506ad6a7062e6ca326bb3b69984762f7e4f29b1f4f93c_amd64",
"product_identification_helper": {
"purl": "pkg:oci/argocd-rhel8@sha256:b2fbdc3c9926b23f7e8506ad6a7062e6ca326bb3b69984762f7e4f29b1f4f93c?arch=amd64\u0026repository_url=registry.redhat.io/openshift-gitops-1/argocd-rhel8\u0026tag=v1.11.6-2"
}
}
},
{
"category": "product_version",
"name": "openshift-gitops-1/argo-rollouts-rhel8@sha256:93f63395cd0e2d8bd35e1d7d5187f65bdd8efc9b564c98a2e07ba875aa887da4_amd64",
"product": {
"name": "openshift-gitops-1/argo-rollouts-rhel8@sha256:93f63395cd0e2d8bd35e1d7d5187f65bdd8efc9b564c98a2e07ba875aa887da4_amd64",
"product_id": "openshift-gitops-1/argo-rollouts-rhel8@sha256:93f63395cd0e2d8bd35e1d7d5187f65bdd8efc9b564c98a2e07ba875aa887da4_amd64",
"product_identification_helper": {
"purl": "pkg:oci/argo-rollouts-rhel8@sha256:93f63395cd0e2d8bd35e1d7d5187f65bdd8efc9b564c98a2e07ba875aa887da4?arch=amd64\u0026repository_url=registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8\u0026tag=v1.11.6-2"
}
}
},
{
"category": "product_version",
"name": "openshift-gitops-1/console-plugin-rhel8@sha256:98de5f96397f94c776a44554da00e80fee544a424404b4b64e91c65f6e463c5d_amd64",
"product": {
"name": "openshift-gitops-1/console-plugin-rhel8@sha256:98de5f96397f94c776a44554da00e80fee544a424404b4b64e91c65f6e463c5d_amd64",
"product_id": "openshift-gitops-1/console-plugin-rhel8@sha256:98de5f96397f94c776a44554da00e80fee544a424404b4b64e91c65f6e463c5d_amd64",
"product_identification_helper": {
"purl": "pkg:oci/console-plugin-rhel8@sha256:98de5f96397f94c776a44554da00e80fee544a424404b4b64e91c65f6e463c5d?arch=amd64\u0026repository_url=registry.redhat.io/openshift-gitops-1/console-plugin-rhel8\u0026tag=v1.11.6-2"
}
}
},
{
"category": "product_version",
"name": "openshift-gitops-1/gitops-rhel8@sha256:92a28af94fa2f0f47d38e573068876760dd5b89a605c186bdcf4a1191391fe64_amd64",
"product": {
"name": "openshift-gitops-1/gitops-rhel8@sha256:92a28af94fa2f0f47d38e573068876760dd5b89a605c186bdcf4a1191391fe64_amd64",
"product_id": "openshift-gitops-1/gitops-rhel8@sha256:92a28af94fa2f0f47d38e573068876760dd5b89a605c186bdcf4a1191391fe64_amd64",
"product_identification_helper": {
"purl": "pkg:oci/gitops-rhel8@sha256:92a28af94fa2f0f47d38e573068876760dd5b89a605c186bdcf4a1191391fe64?arch=amd64\u0026repository_url=registry.redhat.io/openshift-gitops-1/gitops-rhel8\u0026tag=v1.11.6-2"
}
}
},
{
"category": "product_version",
"name": "openshift-gitops-1/dex-rhel8@sha256:c9f1b0a58cefffb1aaa5e0eeb5e26ad1b24612f8b45987133cdb7fb4a0a98f5e_amd64",
"product": {
"name": "openshift-gitops-1/dex-rhel8@sha256:c9f1b0a58cefffb1aaa5e0eeb5e26ad1b24612f8b45987133cdb7fb4a0a98f5e_amd64",
"product_id": "openshift-gitops-1/dex-rhel8@sha256:c9f1b0a58cefffb1aaa5e0eeb5e26ad1b24612f8b45987133cdb7fb4a0a98f5e_amd64",
"product_identification_helper": {
"purl": "pkg:oci/dex-rhel8@sha256:c9f1b0a58cefffb1aaa5e0eeb5e26ad1b24612f8b45987133cdb7fb4a0a98f5e?arch=amd64\u0026repository_url=registry.redhat.io/openshift-gitops-1/dex-rhel8\u0026tag=v1.11.6-2"
}
}
},
{
"category": "product_version",
"name": "openshift-gitops-1/kam-delivery-rhel8@sha256:2b017899750d3945e786f75a85c9b0876bb9ee637c9c10b3f269a5976120776c_amd64",
"product": {
"name": "openshift-gitops-1/kam-delivery-rhel8@sha256:2b017899750d3945e786f75a85c9b0876bb9ee637c9c10b3f269a5976120776c_amd64",
"product_id": "openshift-gitops-1/kam-delivery-rhel8@sha256:2b017899750d3945e786f75a85c9b0876bb9ee637c9c10b3f269a5976120776c_amd64",
"product_identification_helper": {
"purl": "pkg:oci/kam-delivery-rhel8@sha256:2b017899750d3945e786f75a85c9b0876bb9ee637c9c10b3f269a5976120776c?arch=amd64\u0026repository_url=registry.redhat.io/openshift-gitops-1/kam-delivery-rhel8\u0026tag=v1.11.6-2"
}
}
},
{
"category": "product_version",
"name": "openshift-gitops-1/must-gather-rhel8@sha256:c16fc42f75a4b260316ae29b0ede0417771c76b0313291a8fc54a5f2eb8cf68b_amd64",
"product": {
"name": "openshift-gitops-1/must-gather-rhel8@sha256:c16fc42f75a4b260316ae29b0ede0417771c76b0313291a8fc54a5f2eb8cf68b_amd64",
"product_id": "openshift-gitops-1/must-gather-rhel8@sha256:c16fc42f75a4b260316ae29b0ede0417771c76b0313291a8fc54a5f2eb8cf68b_amd64",
"product_identification_helper": {
"purl": "pkg:oci/must-gather-rhel8@sha256:c16fc42f75a4b260316ae29b0ede0417771c76b0313291a8fc54a5f2eb8cf68b?arch=amd64\u0026repository_url=registry.redhat.io/openshift-gitops-1/must-gather-rhel8\u0026tag=v1.11.6-2"
}
}
},
{
"category": "product_version",
"name": "openshift-gitops-1/gitops-operator-bundle@sha256:9357bd76c40ce6d7fdf72075b7a8c0fac132017390cdc3864768947b48347b94_amd64",
"product": {
"name": "openshift-gitops-1/gitops-operator-bundle@sha256:9357bd76c40ce6d7fdf72075b7a8c0fac132017390cdc3864768947b48347b94_amd64",
"product_id": "openshift-gitops-1/gitops-operator-bundle@sha256:9357bd76c40ce6d7fdf72075b7a8c0fac132017390cdc3864768947b48347b94_amd64",
"product_identification_helper": {
"purl": "pkg:oci/gitops-operator-bundle@sha256:9357bd76c40ce6d7fdf72075b7a8c0fac132017390cdc3864768947b48347b94?arch=amd64\u0026repository_url=registry.redhat.io/openshift-gitops-1/gitops-operator-bundle\u0026tag=v1.11.6-2"
}
}
},
{
"category": "product_version",
"name": "openshift-gitops-1/gitops-rhel8-operator@sha256:6bbc7f6e353d2d8cfcbcbb68472c97b6ff332c611780f645517a9d00937624f5_amd64",
"product": {
"name": "openshift-gitops-1/gitops-rhel8-operator@sha256:6bbc7f6e353d2d8cfcbcbb68472c97b6ff332c611780f645517a9d00937624f5_amd64",
"product_id": "openshift-gitops-1/gitops-rhel8-operator@sha256:6bbc7f6e353d2d8cfcbcbb68472c97b6ff332c611780f645517a9d00937624f5_amd64",
"product_identification_helper": {
"purl": "pkg:oci/gitops-rhel8-operator@sha256:6bbc7f6e353d2d8cfcbcbb68472c97b6ff332c611780f645517a9d00937624f5?arch=amd64\u0026repository_url=registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator\u0026tag=v1.11.6-2"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-gitops-1/argocd-rhel8@sha256:f10e4081655abf6e5c99ad32000fe98f06299cbe55434908d3161d072fde2c20_s390x",
"product": {
"name": "openshift-gitops-1/argocd-rhel8@sha256:f10e4081655abf6e5c99ad32000fe98f06299cbe55434908d3161d072fde2c20_s390x",
"product_id": "openshift-gitops-1/argocd-rhel8@sha256:f10e4081655abf6e5c99ad32000fe98f06299cbe55434908d3161d072fde2c20_s390x",
"product_identification_helper": {
"purl": "pkg:oci/argocd-rhel8@sha256:f10e4081655abf6e5c99ad32000fe98f06299cbe55434908d3161d072fde2c20?arch=s390x\u0026repository_url=registry.redhat.io/openshift-gitops-1/argocd-rhel8\u0026tag=v1.11.6-2"
}
}
},
{
"category": "product_version",
"name": "openshift-gitops-1/argo-rollouts-rhel8@sha256:f40c487b2922ed5b109a036996c3800fa24a8ab40579a8184bd08c0fa0a0a82b_s390x",
"product": {
"name": "openshift-gitops-1/argo-rollouts-rhel8@sha256:f40c487b2922ed5b109a036996c3800fa24a8ab40579a8184bd08c0fa0a0a82b_s390x",
"product_id": "openshift-gitops-1/argo-rollouts-rhel8@sha256:f40c487b2922ed5b109a036996c3800fa24a8ab40579a8184bd08c0fa0a0a82b_s390x",
"product_identification_helper": {
"purl": "pkg:oci/argo-rollouts-rhel8@sha256:f40c487b2922ed5b109a036996c3800fa24a8ab40579a8184bd08c0fa0a0a82b?arch=s390x\u0026repository_url=registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8\u0026tag=v1.11.6-2"
}
}
},
{
"category": "product_version",
"name": "openshift-gitops-1/console-plugin-rhel8@sha256:f9f4c3dc50ed732bd52ca77cd81adf56228772ace9792bbd8ac72714282db5ea_s390x",
"product": {
"name": "openshift-gitops-1/console-plugin-rhel8@sha256:f9f4c3dc50ed732bd52ca77cd81adf56228772ace9792bbd8ac72714282db5ea_s390x",
"product_id": "openshift-gitops-1/console-plugin-rhel8@sha256:f9f4c3dc50ed732bd52ca77cd81adf56228772ace9792bbd8ac72714282db5ea_s390x",
"product_identification_helper": {
"purl": "pkg:oci/console-plugin-rhel8@sha256:f9f4c3dc50ed732bd52ca77cd81adf56228772ace9792bbd8ac72714282db5ea?arch=s390x\u0026repository_url=registry.redhat.io/openshift-gitops-1/console-plugin-rhel8\u0026tag=v1.11.6-2"
}
}
},
{
"category": "product_version",
"name": "openshift-gitops-1/gitops-rhel8@sha256:59bf2f19376abfeae9afd2abcd3fab5594c1fd1b98d221b142cf992348347ea8_s390x",
"product": {
"name": "openshift-gitops-1/gitops-rhel8@sha256:59bf2f19376abfeae9afd2abcd3fab5594c1fd1b98d221b142cf992348347ea8_s390x",
"product_id": "openshift-gitops-1/gitops-rhel8@sha256:59bf2f19376abfeae9afd2abcd3fab5594c1fd1b98d221b142cf992348347ea8_s390x",
"product_identification_helper": {
"purl": "pkg:oci/gitops-rhel8@sha256:59bf2f19376abfeae9afd2abcd3fab5594c1fd1b98d221b142cf992348347ea8?arch=s390x\u0026repository_url=registry.redhat.io/openshift-gitops-1/gitops-rhel8\u0026tag=v1.11.6-2"
}
}
},
{
"category": "product_version",
"name": "openshift-gitops-1/dex-rhel8@sha256:a9f2a4c1d771f91ed46acd849a2957fb984eecf2036d9b9c84f72847e1079d78_s390x",
"product": {
"name": "openshift-gitops-1/dex-rhel8@sha256:a9f2a4c1d771f91ed46acd849a2957fb984eecf2036d9b9c84f72847e1079d78_s390x",
"product_id": "openshift-gitops-1/dex-rhel8@sha256:a9f2a4c1d771f91ed46acd849a2957fb984eecf2036d9b9c84f72847e1079d78_s390x",
"product_identification_helper": {
"purl": "pkg:oci/dex-rhel8@sha256:a9f2a4c1d771f91ed46acd849a2957fb984eecf2036d9b9c84f72847e1079d78?arch=s390x\u0026repository_url=registry.redhat.io/openshift-gitops-1/dex-rhel8\u0026tag=v1.11.6-2"
}
}
},
{
"category": "product_version",
"name": "openshift-gitops-1/kam-delivery-rhel8@sha256:fbfa33cb3c73a0052b46562926e617e078709d8275555e80537b86d75a50ad0d_s390x",
"product": {
"name": "openshift-gitops-1/kam-delivery-rhel8@sha256:fbfa33cb3c73a0052b46562926e617e078709d8275555e80537b86d75a50ad0d_s390x",
"product_id": "openshift-gitops-1/kam-delivery-rhel8@sha256:fbfa33cb3c73a0052b46562926e617e078709d8275555e80537b86d75a50ad0d_s390x",
"product_identification_helper": {
"purl": "pkg:oci/kam-delivery-rhel8@sha256:fbfa33cb3c73a0052b46562926e617e078709d8275555e80537b86d75a50ad0d?arch=s390x\u0026repository_url=registry.redhat.io/openshift-gitops-1/kam-delivery-rhel8\u0026tag=v1.11.6-2"
}
}
},
{
"category": "product_version",
"name": "openshift-gitops-1/must-gather-rhel8@sha256:64ac86cbd370d05a69c6c1cde6670ae8dc4dbc65ce416519a644237eecb195e0_s390x",
"product": {
"name": "openshift-gitops-1/must-gather-rhel8@sha256:64ac86cbd370d05a69c6c1cde6670ae8dc4dbc65ce416519a644237eecb195e0_s390x",
"product_id": "openshift-gitops-1/must-gather-rhel8@sha256:64ac86cbd370d05a69c6c1cde6670ae8dc4dbc65ce416519a644237eecb195e0_s390x",
"product_identification_helper": {
"purl": "pkg:oci/must-gather-rhel8@sha256:64ac86cbd370d05a69c6c1cde6670ae8dc4dbc65ce416519a644237eecb195e0?arch=s390x\u0026repository_url=registry.redhat.io/openshift-gitops-1/must-gather-rhel8\u0026tag=v1.11.6-2"
}
}
},
{
"category": "product_version",
"name": "openshift-gitops-1/gitops-rhel8-operator@sha256:eef33c6fff1da9580c3b7003ecb3db73dc0af398b98f37639edf2af9cd21d0ec_s390x",
"product": {
"name": "openshift-gitops-1/gitops-rhel8-operator@sha256:eef33c6fff1da9580c3b7003ecb3db73dc0af398b98f37639edf2af9cd21d0ec_s390x",
"product_id": "openshift-gitops-1/gitops-rhel8-operator@sha256:eef33c6fff1da9580c3b7003ecb3db73dc0af398b98f37639edf2af9cd21d0ec_s390x",
"product_identification_helper": {
"purl": "pkg:oci/gitops-rhel8-operator@sha256:eef33c6fff1da9580c3b7003ecb3db73dc0af398b98f37639edf2af9cd21d0ec?arch=s390x\u0026repository_url=registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator\u0026tag=v1.11.6-2"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-gitops-1/argocd-rhel8@sha256:95a36f983a5f2811f0fef486e90b84081d9dffeffe032be6cddeddfa4592e423_arm64",
"product": {
"name": "openshift-gitops-1/argocd-rhel8@sha256:95a36f983a5f2811f0fef486e90b84081d9dffeffe032be6cddeddfa4592e423_arm64",
"product_id": "openshift-gitops-1/argocd-rhel8@sha256:95a36f983a5f2811f0fef486e90b84081d9dffeffe032be6cddeddfa4592e423_arm64",
"product_identification_helper": {
"purl": "pkg:oci/argocd-rhel8@sha256:95a36f983a5f2811f0fef486e90b84081d9dffeffe032be6cddeddfa4592e423?arch=arm64\u0026repository_url=registry.redhat.io/openshift-gitops-1/argocd-rhel8\u0026tag=v1.11.6-2"
}
}
},
{
"category": "product_version",
"name": "openshift-gitops-1/argo-rollouts-rhel8@sha256:076add1204be36717a4f21320e25a1ef8f362b898a91860101e036585bd7e75e_arm64",
"product": {
"name": "openshift-gitops-1/argo-rollouts-rhel8@sha256:076add1204be36717a4f21320e25a1ef8f362b898a91860101e036585bd7e75e_arm64",
"product_id": "openshift-gitops-1/argo-rollouts-rhel8@sha256:076add1204be36717a4f21320e25a1ef8f362b898a91860101e036585bd7e75e_arm64",
"product_identification_helper": {
"purl": "pkg:oci/argo-rollouts-rhel8@sha256:076add1204be36717a4f21320e25a1ef8f362b898a91860101e036585bd7e75e?arch=arm64\u0026repository_url=registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8\u0026tag=v1.11.6-2"
}
}
},
{
"category": "product_version",
"name": "openshift-gitops-1/console-plugin-rhel8@sha256:f804b7d402d3cfb45223e011912711bdd79d792e87e96ee6e8738f41e2bdd545_arm64",
"product": {
"name": "openshift-gitops-1/console-plugin-rhel8@sha256:f804b7d402d3cfb45223e011912711bdd79d792e87e96ee6e8738f41e2bdd545_arm64",
"product_id": "openshift-gitops-1/console-plugin-rhel8@sha256:f804b7d402d3cfb45223e011912711bdd79d792e87e96ee6e8738f41e2bdd545_arm64",
"product_identification_helper": {
"purl": "pkg:oci/console-plugin-rhel8@sha256:f804b7d402d3cfb45223e011912711bdd79d792e87e96ee6e8738f41e2bdd545?arch=arm64\u0026repository_url=registry.redhat.io/openshift-gitops-1/console-plugin-rhel8\u0026tag=v1.11.6-2"
}
}
},
{
"category": "product_version",
"name": "openshift-gitops-1/gitops-rhel8@sha256:8a087169c5b03152752227249d862d824cd224bcd313e4894ad89a644f17c7d8_arm64",
"product": {
"name": "openshift-gitops-1/gitops-rhel8@sha256:8a087169c5b03152752227249d862d824cd224bcd313e4894ad89a644f17c7d8_arm64",
"product_id": "openshift-gitops-1/gitops-rhel8@sha256:8a087169c5b03152752227249d862d824cd224bcd313e4894ad89a644f17c7d8_arm64",
"product_identification_helper": {
"purl": "pkg:oci/gitops-rhel8@sha256:8a087169c5b03152752227249d862d824cd224bcd313e4894ad89a644f17c7d8?arch=arm64\u0026repository_url=registry.redhat.io/openshift-gitops-1/gitops-rhel8\u0026tag=v1.11.6-2"
}
}
},
{
"category": "product_version",
"name": "openshift-gitops-1/dex-rhel8@sha256:7a0eaaa28b1593222a089490bbe785519bad33dc1169982fbd54d3c971589409_arm64",
"product": {
"name": "openshift-gitops-1/dex-rhel8@sha256:7a0eaaa28b1593222a089490bbe785519bad33dc1169982fbd54d3c971589409_arm64",
"product_id": "openshift-gitops-1/dex-rhel8@sha256:7a0eaaa28b1593222a089490bbe785519bad33dc1169982fbd54d3c971589409_arm64",
"product_identification_helper": {
"purl": "pkg:oci/dex-rhel8@sha256:7a0eaaa28b1593222a089490bbe785519bad33dc1169982fbd54d3c971589409?arch=arm64\u0026repository_url=registry.redhat.io/openshift-gitops-1/dex-rhel8\u0026tag=v1.11.6-2"
}
}
},
{
"category": "product_version",
"name": "openshift-gitops-1/kam-delivery-rhel8@sha256:8078fdce62aaf915755f223a46f131cd683c4f52b1897300f2e51a164eec8e93_arm64",
"product": {
"name": "openshift-gitops-1/kam-delivery-rhel8@sha256:8078fdce62aaf915755f223a46f131cd683c4f52b1897300f2e51a164eec8e93_arm64",
"product_id": "openshift-gitops-1/kam-delivery-rhel8@sha256:8078fdce62aaf915755f223a46f131cd683c4f52b1897300f2e51a164eec8e93_arm64",
"product_identification_helper": {
"purl": "pkg:oci/kam-delivery-rhel8@sha256:8078fdce62aaf915755f223a46f131cd683c4f52b1897300f2e51a164eec8e93?arch=arm64\u0026repository_url=registry.redhat.io/openshift-gitops-1/kam-delivery-rhel8\u0026tag=v1.11.6-2"
}
}
},
{
"category": "product_version",
"name": "openshift-gitops-1/must-gather-rhel8@sha256:974db252e93173e2a2217fbff3c1a56aaa1411480a587a42d0c43275257d8809_arm64",
"product": {
"name": "openshift-gitops-1/must-gather-rhel8@sha256:974db252e93173e2a2217fbff3c1a56aaa1411480a587a42d0c43275257d8809_arm64",
"product_id": "openshift-gitops-1/must-gather-rhel8@sha256:974db252e93173e2a2217fbff3c1a56aaa1411480a587a42d0c43275257d8809_arm64",
"product_identification_helper": {
"purl": "pkg:oci/must-gather-rhel8@sha256:974db252e93173e2a2217fbff3c1a56aaa1411480a587a42d0c43275257d8809?arch=arm64\u0026repository_url=registry.redhat.io/openshift-gitops-1/must-gather-rhel8\u0026tag=v1.11.6-2"
}
}
},
{
"category": "product_version",
"name": "openshift-gitops-1/gitops-rhel8-operator@sha256:ec259fd03d43f8c71dd136baa7058e038adc172ac41d9a0bda72d89075a2faca_arm64",
"product": {
"name": "openshift-gitops-1/gitops-rhel8-operator@sha256:ec259fd03d43f8c71dd136baa7058e038adc172ac41d9a0bda72d89075a2faca_arm64",
"product_id": "openshift-gitops-1/gitops-rhel8-operator@sha256:ec259fd03d43f8c71dd136baa7058e038adc172ac41d9a0bda72d89075a2faca_arm64",
"product_identification_helper": {
"purl": "pkg:oci/gitops-rhel8-operator@sha256:ec259fd03d43f8c71dd136baa7058e038adc172ac41d9a0bda72d89075a2faca?arch=arm64\u0026repository_url=registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator\u0026tag=v1.11.6-2"
}
}
}
],
"category": "architecture",
"name": "arm64"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-gitops-1/argocd-rhel8@sha256:af69609ef177ee3cea8ef04a056df8a4a422dbc83a2631781589b61c1ed6dea6_ppc64le",
"product": {
"name": "openshift-gitops-1/argocd-rhel8@sha256:af69609ef177ee3cea8ef04a056df8a4a422dbc83a2631781589b61c1ed6dea6_ppc64le",
"product_id": "openshift-gitops-1/argocd-rhel8@sha256:af69609ef177ee3cea8ef04a056df8a4a422dbc83a2631781589b61c1ed6dea6_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/argocd-rhel8@sha256:af69609ef177ee3cea8ef04a056df8a4a422dbc83a2631781589b61c1ed6dea6?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-gitops-1/argocd-rhel8\u0026tag=v1.11.6-2"
}
}
},
{
"category": "product_version",
"name": "openshift-gitops-1/argo-rollouts-rhel8@sha256:9d59ac72c98079a9b29ed9a1ff5b39c49a804e28fb344112454c902000417090_ppc64le",
"product": {
"name": "openshift-gitops-1/argo-rollouts-rhel8@sha256:9d59ac72c98079a9b29ed9a1ff5b39c49a804e28fb344112454c902000417090_ppc64le",
"product_id": "openshift-gitops-1/argo-rollouts-rhel8@sha256:9d59ac72c98079a9b29ed9a1ff5b39c49a804e28fb344112454c902000417090_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/argo-rollouts-rhel8@sha256:9d59ac72c98079a9b29ed9a1ff5b39c49a804e28fb344112454c902000417090?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-gitops-1/argo-rollouts-rhel8\u0026tag=v1.11.6-2"
}
}
},
{
"category": "product_version",
"name": "openshift-gitops-1/console-plugin-rhel8@sha256:5beea6b8cdb9e06fb0fb7f92beaf02a9e9ba7b8794df8fc6eaa279c861c54c1f_ppc64le",
"product": {
"name": "openshift-gitops-1/console-plugin-rhel8@sha256:5beea6b8cdb9e06fb0fb7f92beaf02a9e9ba7b8794df8fc6eaa279c861c54c1f_ppc64le",
"product_id": "openshift-gitops-1/console-plugin-rhel8@sha256:5beea6b8cdb9e06fb0fb7f92beaf02a9e9ba7b8794df8fc6eaa279c861c54c1f_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/console-plugin-rhel8@sha256:5beea6b8cdb9e06fb0fb7f92beaf02a9e9ba7b8794df8fc6eaa279c861c54c1f?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-gitops-1/console-plugin-rhel8\u0026tag=v1.11.6-2"
}
}
},
{
"category": "product_version",
"name": "openshift-gitops-1/gitops-rhel8@sha256:9a5e3e6da074aff464456750cca74ca47a3ab7b635948ac4cb8eba77e91f5938_ppc64le",
"product": {
"name": "openshift-gitops-1/gitops-rhel8@sha256:9a5e3e6da074aff464456750cca74ca47a3ab7b635948ac4cb8eba77e91f5938_ppc64le",
"product_id": "openshift-gitops-1/gitops-rhel8@sha256:9a5e3e6da074aff464456750cca74ca47a3ab7b635948ac4cb8eba77e91f5938_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/gitops-rhel8@sha256:9a5e3e6da074aff464456750cca74ca47a3ab7b635948ac4cb8eba77e91f5938?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-gitops-1/gitops-rhel8\u0026tag=v1.11.6-2"
}
}
},
{
"category": "product_version",
"name": "openshift-gitops-1/dex-rhel8@sha256:82d2a3ab03d511f5751d154159e80170e47ee55789d6cfba9d9237d16a1c42fb_ppc64le",
"product": {
"name": "openshift-gitops-1/dex-rhel8@sha256:82d2a3ab03d511f5751d154159e80170e47ee55789d6cfba9d9237d16a1c42fb_ppc64le",
"product_id": "openshift-gitops-1/dex-rhel8@sha256:82d2a3ab03d511f5751d154159e80170e47ee55789d6cfba9d9237d16a1c42fb_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/dex-rhel8@sha256:82d2a3ab03d511f5751d154159e80170e47ee55789d6cfba9d9237d16a1c42fb?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-gitops-1/dex-rhel8\u0026tag=v1.11.6-2"
}
}
},
{
"category": "product_version",
"name": "openshift-gitops-1/kam-delivery-rhel8@sha256:6b4f257cf401049c9b8335a4c1f20ac8041a5e0d192279ead4fafbcd7e847e68_ppc64le",
"product": {
"name": "openshift-gitops-1/kam-delivery-rhel8@sha256:6b4f257cf401049c9b8335a4c1f20ac8041a5e0d192279ead4fafbcd7e847e68_ppc64le",
"product_id": "openshift-gitops-1/kam-delivery-rhel8@sha256:6b4f257cf401049c9b8335a4c1f20ac8041a5e0d192279ead4fafbcd7e847e68_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/kam-delivery-rhel8@sha256:6b4f257cf401049c9b8335a4c1f20ac8041a5e0d192279ead4fafbcd7e847e68?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-gitops-1/kam-delivery-rhel8\u0026tag=v1.11.6-2"
}
}
},
{
"category": "product_version",
"name": "openshift-gitops-1/must-gather-rhel8@sha256:bda0dc71e5e11fc3e30c3a1e164aecb9d0eacc5ce01b8b19a9d446d9a9271fd6_ppc64le",
"product": {
"name": "openshift-gitops-1/must-gather-rhel8@sha256:bda0dc71e5e11fc3e30c3a1e164aecb9d0eacc5ce01b8b19a9d446d9a9271fd6_ppc64le",
"product_id": "openshift-gitops-1/must-gather-rhel8@sha256:bda0dc71e5e11fc3e30c3a1e164aecb9d0eacc5ce01b8b19a9d446d9a9271fd6_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/must-gather-rhel8@sha256:bda0dc71e5e11fc3e30c3a1e164aecb9d0eacc5ce01b8b19a9d446d9a9271fd6?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-gitops-1/must-gather-rhel8\u0026tag=v1.11.6-2"
}
}
},
{
"category": "product_version",
"name": "openshift-gitops-1/gitops-rhel8-operator@sha256:8a0ff74e9378e2b1ba526b7bf4c7be033f22a4d4a4f40190a9e70b3306acf1be_ppc64le",
"product": {
"name": "openshift-gitops-1/gitops-rhel8-operator@sha256:8a0ff74e9378e2b1ba526b7bf4c7be033f22a4d4a4f40190a9e70b3306acf1be_ppc64le",
"product_id": "openshift-gitops-1/gitops-rhel8-operator@sha256:8a0ff74e9378e2b1ba526b7bf4c7be033f22a4d4a4f40190a9e70b3306acf1be_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/gitops-rhel8-operator@sha256:8a0ff74e9378e2b1ba526b7bf4c7be033f22a4d4a4f40190a9e70b3306acf1be?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-gitops-1/gitops-rhel8-operator\u0026tag=v1.11.6-2"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/argo-rollouts-rhel8@sha256:076add1204be36717a4f21320e25a1ef8f362b898a91860101e036585bd7e75e_arm64 as a component of Red Hat OpenShift GitOps 1.11",
"product_id": "8Base-GitOps-1.11:openshift-gitops-1/argo-rollouts-rhel8@sha256:076add1204be36717a4f21320e25a1ef8f362b898a91860101e036585bd7e75e_arm64"
},
"product_reference": "openshift-gitops-1/argo-rollouts-rhel8@sha256:076add1204be36717a4f21320e25a1ef8f362b898a91860101e036585bd7e75e_arm64",
"relates_to_product_reference": "8Base-GitOps-1.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/argo-rollouts-rhel8@sha256:93f63395cd0e2d8bd35e1d7d5187f65bdd8efc9b564c98a2e07ba875aa887da4_amd64 as a component of Red Hat OpenShift GitOps 1.11",
"product_id": "8Base-GitOps-1.11:openshift-gitops-1/argo-rollouts-rhel8@sha256:93f63395cd0e2d8bd35e1d7d5187f65bdd8efc9b564c98a2e07ba875aa887da4_amd64"
},
"product_reference": "openshift-gitops-1/argo-rollouts-rhel8@sha256:93f63395cd0e2d8bd35e1d7d5187f65bdd8efc9b564c98a2e07ba875aa887da4_amd64",
"relates_to_product_reference": "8Base-GitOps-1.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/argo-rollouts-rhel8@sha256:9d59ac72c98079a9b29ed9a1ff5b39c49a804e28fb344112454c902000417090_ppc64le as a component of Red Hat OpenShift GitOps 1.11",
"product_id": "8Base-GitOps-1.11:openshift-gitops-1/argo-rollouts-rhel8@sha256:9d59ac72c98079a9b29ed9a1ff5b39c49a804e28fb344112454c902000417090_ppc64le"
},
"product_reference": "openshift-gitops-1/argo-rollouts-rhel8@sha256:9d59ac72c98079a9b29ed9a1ff5b39c49a804e28fb344112454c902000417090_ppc64le",
"relates_to_product_reference": "8Base-GitOps-1.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/argo-rollouts-rhel8@sha256:f40c487b2922ed5b109a036996c3800fa24a8ab40579a8184bd08c0fa0a0a82b_s390x as a component of Red Hat OpenShift GitOps 1.11",
"product_id": "8Base-GitOps-1.11:openshift-gitops-1/argo-rollouts-rhel8@sha256:f40c487b2922ed5b109a036996c3800fa24a8ab40579a8184bd08c0fa0a0a82b_s390x"
},
"product_reference": "openshift-gitops-1/argo-rollouts-rhel8@sha256:f40c487b2922ed5b109a036996c3800fa24a8ab40579a8184bd08c0fa0a0a82b_s390x",
"relates_to_product_reference": "8Base-GitOps-1.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/argocd-rhel8@sha256:95a36f983a5f2811f0fef486e90b84081d9dffeffe032be6cddeddfa4592e423_arm64 as a component of Red Hat OpenShift GitOps 1.11",
"product_id": "8Base-GitOps-1.11:openshift-gitops-1/argocd-rhel8@sha256:95a36f983a5f2811f0fef486e90b84081d9dffeffe032be6cddeddfa4592e423_arm64"
},
"product_reference": "openshift-gitops-1/argocd-rhel8@sha256:95a36f983a5f2811f0fef486e90b84081d9dffeffe032be6cddeddfa4592e423_arm64",
"relates_to_product_reference": "8Base-GitOps-1.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/argocd-rhel8@sha256:af69609ef177ee3cea8ef04a056df8a4a422dbc83a2631781589b61c1ed6dea6_ppc64le as a component of Red Hat OpenShift GitOps 1.11",
"product_id": "8Base-GitOps-1.11:openshift-gitops-1/argocd-rhel8@sha256:af69609ef177ee3cea8ef04a056df8a4a422dbc83a2631781589b61c1ed6dea6_ppc64le"
},
"product_reference": "openshift-gitops-1/argocd-rhel8@sha256:af69609ef177ee3cea8ef04a056df8a4a422dbc83a2631781589b61c1ed6dea6_ppc64le",
"relates_to_product_reference": "8Base-GitOps-1.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/argocd-rhel8@sha256:b2fbdc3c9926b23f7e8506ad6a7062e6ca326bb3b69984762f7e4f29b1f4f93c_amd64 as a component of Red Hat OpenShift GitOps 1.11",
"product_id": "8Base-GitOps-1.11:openshift-gitops-1/argocd-rhel8@sha256:b2fbdc3c9926b23f7e8506ad6a7062e6ca326bb3b69984762f7e4f29b1f4f93c_amd64"
},
"product_reference": "openshift-gitops-1/argocd-rhel8@sha256:b2fbdc3c9926b23f7e8506ad6a7062e6ca326bb3b69984762f7e4f29b1f4f93c_amd64",
"relates_to_product_reference": "8Base-GitOps-1.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/argocd-rhel8@sha256:f10e4081655abf6e5c99ad32000fe98f06299cbe55434908d3161d072fde2c20_s390x as a component of Red Hat OpenShift GitOps 1.11",
"product_id": "8Base-GitOps-1.11:openshift-gitops-1/argocd-rhel8@sha256:f10e4081655abf6e5c99ad32000fe98f06299cbe55434908d3161d072fde2c20_s390x"
},
"product_reference": "openshift-gitops-1/argocd-rhel8@sha256:f10e4081655abf6e5c99ad32000fe98f06299cbe55434908d3161d072fde2c20_s390x",
"relates_to_product_reference": "8Base-GitOps-1.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/console-plugin-rhel8@sha256:5beea6b8cdb9e06fb0fb7f92beaf02a9e9ba7b8794df8fc6eaa279c861c54c1f_ppc64le as a component of Red Hat OpenShift GitOps 1.11",
"product_id": "8Base-GitOps-1.11:openshift-gitops-1/console-plugin-rhel8@sha256:5beea6b8cdb9e06fb0fb7f92beaf02a9e9ba7b8794df8fc6eaa279c861c54c1f_ppc64le"
},
"product_reference": "openshift-gitops-1/console-plugin-rhel8@sha256:5beea6b8cdb9e06fb0fb7f92beaf02a9e9ba7b8794df8fc6eaa279c861c54c1f_ppc64le",
"relates_to_product_reference": "8Base-GitOps-1.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/console-plugin-rhel8@sha256:98de5f96397f94c776a44554da00e80fee544a424404b4b64e91c65f6e463c5d_amd64 as a component of Red Hat OpenShift GitOps 1.11",
"product_id": "8Base-GitOps-1.11:openshift-gitops-1/console-plugin-rhel8@sha256:98de5f96397f94c776a44554da00e80fee544a424404b4b64e91c65f6e463c5d_amd64"
},
"product_reference": "openshift-gitops-1/console-plugin-rhel8@sha256:98de5f96397f94c776a44554da00e80fee544a424404b4b64e91c65f6e463c5d_amd64",
"relates_to_product_reference": "8Base-GitOps-1.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/console-plugin-rhel8@sha256:f804b7d402d3cfb45223e011912711bdd79d792e87e96ee6e8738f41e2bdd545_arm64 as a component of Red Hat OpenShift GitOps 1.11",
"product_id": "8Base-GitOps-1.11:openshift-gitops-1/console-plugin-rhel8@sha256:f804b7d402d3cfb45223e011912711bdd79d792e87e96ee6e8738f41e2bdd545_arm64"
},
"product_reference": "openshift-gitops-1/console-plugin-rhel8@sha256:f804b7d402d3cfb45223e011912711bdd79d792e87e96ee6e8738f41e2bdd545_arm64",
"relates_to_product_reference": "8Base-GitOps-1.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/console-plugin-rhel8@sha256:f9f4c3dc50ed732bd52ca77cd81adf56228772ace9792bbd8ac72714282db5ea_s390x as a component of Red Hat OpenShift GitOps 1.11",
"product_id": "8Base-GitOps-1.11:openshift-gitops-1/console-plugin-rhel8@sha256:f9f4c3dc50ed732bd52ca77cd81adf56228772ace9792bbd8ac72714282db5ea_s390x"
},
"product_reference": "openshift-gitops-1/console-plugin-rhel8@sha256:f9f4c3dc50ed732bd52ca77cd81adf56228772ace9792bbd8ac72714282db5ea_s390x",
"relates_to_product_reference": "8Base-GitOps-1.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/dex-rhel8@sha256:7a0eaaa28b1593222a089490bbe785519bad33dc1169982fbd54d3c971589409_arm64 as a component of Red Hat OpenShift GitOps 1.11",
"product_id": "8Base-GitOps-1.11:openshift-gitops-1/dex-rhel8@sha256:7a0eaaa28b1593222a089490bbe785519bad33dc1169982fbd54d3c971589409_arm64"
},
"product_reference": "openshift-gitops-1/dex-rhel8@sha256:7a0eaaa28b1593222a089490bbe785519bad33dc1169982fbd54d3c971589409_arm64",
"relates_to_product_reference": "8Base-GitOps-1.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/dex-rhel8@sha256:82d2a3ab03d511f5751d154159e80170e47ee55789d6cfba9d9237d16a1c42fb_ppc64le as a component of Red Hat OpenShift GitOps 1.11",
"product_id": "8Base-GitOps-1.11:openshift-gitops-1/dex-rhel8@sha256:82d2a3ab03d511f5751d154159e80170e47ee55789d6cfba9d9237d16a1c42fb_ppc64le"
},
"product_reference": "openshift-gitops-1/dex-rhel8@sha256:82d2a3ab03d511f5751d154159e80170e47ee55789d6cfba9d9237d16a1c42fb_ppc64le",
"relates_to_product_reference": "8Base-GitOps-1.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/dex-rhel8@sha256:a9f2a4c1d771f91ed46acd849a2957fb984eecf2036d9b9c84f72847e1079d78_s390x as a component of Red Hat OpenShift GitOps 1.11",
"product_id": "8Base-GitOps-1.11:openshift-gitops-1/dex-rhel8@sha256:a9f2a4c1d771f91ed46acd849a2957fb984eecf2036d9b9c84f72847e1079d78_s390x"
},
"product_reference": "openshift-gitops-1/dex-rhel8@sha256:a9f2a4c1d771f91ed46acd849a2957fb984eecf2036d9b9c84f72847e1079d78_s390x",
"relates_to_product_reference": "8Base-GitOps-1.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/dex-rhel8@sha256:c9f1b0a58cefffb1aaa5e0eeb5e26ad1b24612f8b45987133cdb7fb4a0a98f5e_amd64 as a component of Red Hat OpenShift GitOps 1.11",
"product_id": "8Base-GitOps-1.11:openshift-gitops-1/dex-rhel8@sha256:c9f1b0a58cefffb1aaa5e0eeb5e26ad1b24612f8b45987133cdb7fb4a0a98f5e_amd64"
},
"product_reference": "openshift-gitops-1/dex-rhel8@sha256:c9f1b0a58cefffb1aaa5e0eeb5e26ad1b24612f8b45987133cdb7fb4a0a98f5e_amd64",
"relates_to_product_reference": "8Base-GitOps-1.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/gitops-operator-bundle@sha256:9357bd76c40ce6d7fdf72075b7a8c0fac132017390cdc3864768947b48347b94_amd64 as a component of Red Hat OpenShift GitOps 1.11",
"product_id": "8Base-GitOps-1.11:openshift-gitops-1/gitops-operator-bundle@sha256:9357bd76c40ce6d7fdf72075b7a8c0fac132017390cdc3864768947b48347b94_amd64"
},
"product_reference": "openshift-gitops-1/gitops-operator-bundle@sha256:9357bd76c40ce6d7fdf72075b7a8c0fac132017390cdc3864768947b48347b94_amd64",
"relates_to_product_reference": "8Base-GitOps-1.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/gitops-rhel8-operator@sha256:6bbc7f6e353d2d8cfcbcbb68472c97b6ff332c611780f645517a9d00937624f5_amd64 as a component of Red Hat OpenShift GitOps 1.11",
"product_id": "8Base-GitOps-1.11:openshift-gitops-1/gitops-rhel8-operator@sha256:6bbc7f6e353d2d8cfcbcbb68472c97b6ff332c611780f645517a9d00937624f5_amd64"
},
"product_reference": "openshift-gitops-1/gitops-rhel8-operator@sha256:6bbc7f6e353d2d8cfcbcbb68472c97b6ff332c611780f645517a9d00937624f5_amd64",
"relates_to_product_reference": "8Base-GitOps-1.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/gitops-rhel8-operator@sha256:8a0ff74e9378e2b1ba526b7bf4c7be033f22a4d4a4f40190a9e70b3306acf1be_ppc64le as a component of Red Hat OpenShift GitOps 1.11",
"product_id": "8Base-GitOps-1.11:openshift-gitops-1/gitops-rhel8-operator@sha256:8a0ff74e9378e2b1ba526b7bf4c7be033f22a4d4a4f40190a9e70b3306acf1be_ppc64le"
},
"product_reference": "openshift-gitops-1/gitops-rhel8-operator@sha256:8a0ff74e9378e2b1ba526b7bf4c7be033f22a4d4a4f40190a9e70b3306acf1be_ppc64le",
"relates_to_product_reference": "8Base-GitOps-1.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/gitops-rhel8-operator@sha256:ec259fd03d43f8c71dd136baa7058e038adc172ac41d9a0bda72d89075a2faca_arm64 as a component of Red Hat OpenShift GitOps 1.11",
"product_id": "8Base-GitOps-1.11:openshift-gitops-1/gitops-rhel8-operator@sha256:ec259fd03d43f8c71dd136baa7058e038adc172ac41d9a0bda72d89075a2faca_arm64"
},
"product_reference": "openshift-gitops-1/gitops-rhel8-operator@sha256:ec259fd03d43f8c71dd136baa7058e038adc172ac41d9a0bda72d89075a2faca_arm64",
"relates_to_product_reference": "8Base-GitOps-1.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/gitops-rhel8-operator@sha256:eef33c6fff1da9580c3b7003ecb3db73dc0af398b98f37639edf2af9cd21d0ec_s390x as a component of Red Hat OpenShift GitOps 1.11",
"product_id": "8Base-GitOps-1.11:openshift-gitops-1/gitops-rhel8-operator@sha256:eef33c6fff1da9580c3b7003ecb3db73dc0af398b98f37639edf2af9cd21d0ec_s390x"
},
"product_reference": "openshift-gitops-1/gitops-rhel8-operator@sha256:eef33c6fff1da9580c3b7003ecb3db73dc0af398b98f37639edf2af9cd21d0ec_s390x",
"relates_to_product_reference": "8Base-GitOps-1.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/gitops-rhel8@sha256:59bf2f19376abfeae9afd2abcd3fab5594c1fd1b98d221b142cf992348347ea8_s390x as a component of Red Hat OpenShift GitOps 1.11",
"product_id": "8Base-GitOps-1.11:openshift-gitops-1/gitops-rhel8@sha256:59bf2f19376abfeae9afd2abcd3fab5594c1fd1b98d221b142cf992348347ea8_s390x"
},
"product_reference": "openshift-gitops-1/gitops-rhel8@sha256:59bf2f19376abfeae9afd2abcd3fab5594c1fd1b98d221b142cf992348347ea8_s390x",
"relates_to_product_reference": "8Base-GitOps-1.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/gitops-rhel8@sha256:8a087169c5b03152752227249d862d824cd224bcd313e4894ad89a644f17c7d8_arm64 as a component of Red Hat OpenShift GitOps 1.11",
"product_id": "8Base-GitOps-1.11:openshift-gitops-1/gitops-rhel8@sha256:8a087169c5b03152752227249d862d824cd224bcd313e4894ad89a644f17c7d8_arm64"
},
"product_reference": "openshift-gitops-1/gitops-rhel8@sha256:8a087169c5b03152752227249d862d824cd224bcd313e4894ad89a644f17c7d8_arm64",
"relates_to_product_reference": "8Base-GitOps-1.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/gitops-rhel8@sha256:92a28af94fa2f0f47d38e573068876760dd5b89a605c186bdcf4a1191391fe64_amd64 as a component of Red Hat OpenShift GitOps 1.11",
"product_id": "8Base-GitOps-1.11:openshift-gitops-1/gitops-rhel8@sha256:92a28af94fa2f0f47d38e573068876760dd5b89a605c186bdcf4a1191391fe64_amd64"
},
"product_reference": "openshift-gitops-1/gitops-rhel8@sha256:92a28af94fa2f0f47d38e573068876760dd5b89a605c186bdcf4a1191391fe64_amd64",
"relates_to_product_reference": "8Base-GitOps-1.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/gitops-rhel8@sha256:9a5e3e6da074aff464456750cca74ca47a3ab7b635948ac4cb8eba77e91f5938_ppc64le as a component of Red Hat OpenShift GitOps 1.11",
"product_id": "8Base-GitOps-1.11:openshift-gitops-1/gitops-rhel8@sha256:9a5e3e6da074aff464456750cca74ca47a3ab7b635948ac4cb8eba77e91f5938_ppc64le"
},
"product_reference": "openshift-gitops-1/gitops-rhel8@sha256:9a5e3e6da074aff464456750cca74ca47a3ab7b635948ac4cb8eba77e91f5938_ppc64le",
"relates_to_product_reference": "8Base-GitOps-1.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/kam-delivery-rhel8@sha256:2b017899750d3945e786f75a85c9b0876bb9ee637c9c10b3f269a5976120776c_amd64 as a component of Red Hat OpenShift GitOps 1.11",
"product_id": "8Base-GitOps-1.11:openshift-gitops-1/kam-delivery-rhel8@sha256:2b017899750d3945e786f75a85c9b0876bb9ee637c9c10b3f269a5976120776c_amd64"
},
"product_reference": "openshift-gitops-1/kam-delivery-rhel8@sha256:2b017899750d3945e786f75a85c9b0876bb9ee637c9c10b3f269a5976120776c_amd64",
"relates_to_product_reference": "8Base-GitOps-1.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/kam-delivery-rhel8@sha256:6b4f257cf401049c9b8335a4c1f20ac8041a5e0d192279ead4fafbcd7e847e68_ppc64le as a component of Red Hat OpenShift GitOps 1.11",
"product_id": "8Base-GitOps-1.11:openshift-gitops-1/kam-delivery-rhel8@sha256:6b4f257cf401049c9b8335a4c1f20ac8041a5e0d192279ead4fafbcd7e847e68_ppc64le"
},
"product_reference": "openshift-gitops-1/kam-delivery-rhel8@sha256:6b4f257cf401049c9b8335a4c1f20ac8041a5e0d192279ead4fafbcd7e847e68_ppc64le",
"relates_to_product_reference": "8Base-GitOps-1.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/kam-delivery-rhel8@sha256:8078fdce62aaf915755f223a46f131cd683c4f52b1897300f2e51a164eec8e93_arm64 as a component of Red Hat OpenShift GitOps 1.11",
"product_id": "8Base-GitOps-1.11:openshift-gitops-1/kam-delivery-rhel8@sha256:8078fdce62aaf915755f223a46f131cd683c4f52b1897300f2e51a164eec8e93_arm64"
},
"product_reference": "openshift-gitops-1/kam-delivery-rhel8@sha256:8078fdce62aaf915755f223a46f131cd683c4f52b1897300f2e51a164eec8e93_arm64",
"relates_to_product_reference": "8Base-GitOps-1.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/kam-delivery-rhel8@sha256:fbfa33cb3c73a0052b46562926e617e078709d8275555e80537b86d75a50ad0d_s390x as a component of Red Hat OpenShift GitOps 1.11",
"product_id": "8Base-GitOps-1.11:openshift-gitops-1/kam-delivery-rhel8@sha256:fbfa33cb3c73a0052b46562926e617e078709d8275555e80537b86d75a50ad0d_s390x"
},
"product_reference": "openshift-gitops-1/kam-delivery-rhel8@sha256:fbfa33cb3c73a0052b46562926e617e078709d8275555e80537b86d75a50ad0d_s390x",
"relates_to_product_reference": "8Base-GitOps-1.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/must-gather-rhel8@sha256:64ac86cbd370d05a69c6c1cde6670ae8dc4dbc65ce416519a644237eecb195e0_s390x as a component of Red Hat OpenShift GitOps 1.11",
"product_id": "8Base-GitOps-1.11:openshift-gitops-1/must-gather-rhel8@sha256:64ac86cbd370d05a69c6c1cde6670ae8dc4dbc65ce416519a644237eecb195e0_s390x"
},
"product_reference": "openshift-gitops-1/must-gather-rhel8@sha256:64ac86cbd370d05a69c6c1cde6670ae8dc4dbc65ce416519a644237eecb195e0_s390x",
"relates_to_product_reference": "8Base-GitOps-1.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/must-gather-rhel8@sha256:974db252e93173e2a2217fbff3c1a56aaa1411480a587a42d0c43275257d8809_arm64 as a component of Red Hat OpenShift GitOps 1.11",
"product_id": "8Base-GitOps-1.11:openshift-gitops-1/must-gather-rhel8@sha256:974db252e93173e2a2217fbff3c1a56aaa1411480a587a42d0c43275257d8809_arm64"
},
"product_reference": "openshift-gitops-1/must-gather-rhel8@sha256:974db252e93173e2a2217fbff3c1a56aaa1411480a587a42d0c43275257d8809_arm64",
"relates_to_product_reference": "8Base-GitOps-1.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/must-gather-rhel8@sha256:bda0dc71e5e11fc3e30c3a1e164aecb9d0eacc5ce01b8b19a9d446d9a9271fd6_ppc64le as a component of Red Hat OpenShift GitOps 1.11",
"product_id": "8Base-GitOps-1.11:openshift-gitops-1/must-gather-rhel8@sha256:bda0dc71e5e11fc3e30c3a1e164aecb9d0eacc5ce01b8b19a9d446d9a9271fd6_ppc64le"
},
"product_reference": "openshift-gitops-1/must-gather-rhel8@sha256:bda0dc71e5e11fc3e30c3a1e164aecb9d0eacc5ce01b8b19a9d446d9a9271fd6_ppc64le",
"relates_to_product_reference": "8Base-GitOps-1.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-gitops-1/must-gather-rhel8@sha256:c16fc42f75a4b260316ae29b0ede0417771c76b0313291a8fc54a5f2eb8cf68b_amd64 as a component of Red Hat OpenShift GitOps 1.11",
"product_id": "8Base-GitOps-1.11:openshift-gitops-1/must-gather-rhel8@sha256:c16fc42f75a4b260316ae29b0ede0417771c76b0313291a8fc54a5f2eb8cf68b_amd64"
},
"product_reference": "openshift-gitops-1/must-gather-rhel8@sha256:c16fc42f75a4b260316ae29b0ede0417771c76b0313291a8fc54a5f2eb8cf68b_amd64",
"relates_to_product_reference": "8Base-GitOps-1.11"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-24786",
"cwe": {
"id": "CWE-835",
"name": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)"
},
"discovery_date": "2024-03-06T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2268046"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Golang\u0027s protobuf module, where the unmarshal function can enter an infinite loop when processing certain invalid inputs. This issue occurs during unmarshaling into a message that includes a google.protobuf.Any or when the UnmarshalOptions.DiscardUnknown option is enabled. This flaw allows an attacker to craft malicious input tailored to trigger the identified flaw in the unmarshal function. By providing carefully constructed invalid inputs, they could potentially cause the function to enter an infinite loop, resulting in a denial of service condition or other unintended behaviors in the affected system.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang-protobuf: encoding/protojson, internal/encoding/json: infinite loop in protojson.Unmarshal when unmarshaling certain forms of invalid JSON",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Within regulated environments, a combination of the following controls acts as a significant barrier to successfully exploiting a CWE-835: Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027) vulnerability and therefore downgrades the severity of this particular CVE from Moderate to Low.\n\nThe platform enforces hardening guidelines to ensure the most restrictive setting needed for operational requirements. Event logs are collected and processed for centralization, correlation, analysis, monitoring, reporting, alerting, and retention. This process ensures that audit logs are generated for specific events involving sensitive information, enabling capabilities like excessive CPU usage, long execution times, or processes consuming abnormal amounts of memory. Static code analysis and peer code review techniques are used to execute robust input validation and error-handling mechanisms to ensure all user inputs are thoroughly validated, preventing infinite loops caused by malformed or unexpected input, such as unbounded user input or unexpected null values that cause loops to never terminate. In the event of successful exploitation, process isolation limits the effect of an infinite loop to a single process rather than allowing it to consume all system resources.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-GitOps-1.11:openshift-gitops-1/argo-rollouts-rhel8@sha256:076add1204be36717a4f21320e25a1ef8f362b898a91860101e036585bd7e75e_arm64",
"8Base-GitOps-1.11:openshift-gitops-1/argo-rollouts-rhel8@sha256:93f63395cd0e2d8bd35e1d7d5187f65bdd8efc9b564c98a2e07ba875aa887da4_amd64",
"8Base-GitOps-1.11:openshift-gitops-1/argo-rollouts-rhel8@sha256:9d59ac72c98079a9b29ed9a1ff5b39c49a804e28fb344112454c902000417090_ppc64le",
"8Base-GitOps-1.11:openshift-gitops-1/argo-rollouts-rhel8@sha256:f40c487b2922ed5b109a036996c3800fa24a8ab40579a8184bd08c0fa0a0a82b_s390x",
"8Base-GitOps-1.11:openshift-gitops-1/argocd-rhel8@sha256:95a36f983a5f2811f0fef486e90b84081d9dffeffe032be6cddeddfa4592e423_arm64",
"8Base-GitOps-1.11:openshift-gitops-1/argocd-rhel8@sha256:af69609ef177ee3cea8ef04a056df8a4a422dbc83a2631781589b61c1ed6dea6_ppc64le",
"8Base-GitOps-1.11:openshift-gitops-1/argocd-rhel8@sha256:b2fbdc3c9926b23f7e8506ad6a7062e6ca326bb3b69984762f7e4f29b1f4f93c_amd64",
"8Base-GitOps-1.11:openshift-gitops-1/argocd-rhel8@sha256:f10e4081655abf6e5c99ad32000fe98f06299cbe55434908d3161d072fde2c20_s390x",
"8Base-GitOps-1.11:openshift-gitops-1/console-plugin-rhel8@sha256:5beea6b8cdb9e06fb0fb7f92beaf02a9e9ba7b8794df8fc6eaa279c861c54c1f_ppc64le",
"8Base-GitOps-1.11:openshift-gitops-1/console-plugin-rhel8@sha256:98de5f96397f94c776a44554da00e80fee544a424404b4b64e91c65f6e463c5d_amd64",
"8Base-GitOps-1.11:openshift-gitops-1/console-plugin-rhel8@sha256:f804b7d402d3cfb45223e011912711bdd79d792e87e96ee6e8738f41e2bdd545_arm64",
"8Base-GitOps-1.11:openshift-gitops-1/console-plugin-rhel8@sha256:f9f4c3dc50ed732bd52ca77cd81adf56228772ace9792bbd8ac72714282db5ea_s390x",
"8Base-GitOps-1.11:openshift-gitops-1/dex-rhel8@sha256:7a0eaaa28b1593222a089490bbe785519bad33dc1169982fbd54d3c971589409_arm64",
"8Base-GitOps-1.11:openshift-gitops-1/dex-rhel8@sha256:82d2a3ab03d511f5751d154159e80170e47ee55789d6cfba9d9237d16a1c42fb_ppc64le",
"8Base-GitOps-1.11:openshift-gitops-1/dex-rhel8@sha256:a9f2a4c1d771f91ed46acd849a2957fb984eecf2036d9b9c84f72847e1079d78_s390x",
"8Base-GitOps-1.11:openshift-gitops-1/dex-rhel8@sha256:c9f1b0a58cefffb1aaa5e0eeb5e26ad1b24612f8b45987133cdb7fb4a0a98f5e_amd64",
"8Base-GitOps-1.11:openshift-gitops-1/gitops-operator-bundle@sha256:9357bd76c40ce6d7fdf72075b7a8c0fac132017390cdc3864768947b48347b94_amd64",
"8Base-GitOps-1.11:openshift-gitops-1/gitops-rhel8-operator@sha256:6bbc7f6e353d2d8cfcbcbb68472c97b6ff332c611780f645517a9d00937624f5_amd64",
"8Base-GitOps-1.11:openshift-gitops-1/gitops-rhel8-operator@sha256:8a0ff74e9378e2b1ba526b7bf4c7be033f22a4d4a4f40190a9e70b3306acf1be_ppc64le",
"8Base-GitOps-1.11:openshift-gitops-1/gitops-rhel8-operator@sha256:ec259fd03d43f8c71dd136baa7058e038adc172ac41d9a0bda72d89075a2faca_arm64",
"8Base-GitOps-1.11:openshift-gitops-1/gitops-rhel8-operator@sha256:eef33c6fff1da9580c3b7003ecb3db73dc0af398b98f37639edf2af9cd21d0ec_s390x",
"8Base-GitOps-1.11:openshift-gitops-1/gitops-rhel8@sha256:59bf2f19376abfeae9afd2abcd3fab5594c1fd1b98d221b142cf992348347ea8_s390x",
"8Base-GitOps-1.11:openshift-gitops-1/gitops-rhel8@sha256:8a087169c5b03152752227249d862d824cd224bcd313e4894ad89a644f17c7d8_arm64",
"8Base-GitOps-1.11:openshift-gitops-1/gitops-rhel8@sha256:92a28af94fa2f0f47d38e573068876760dd5b89a605c186bdcf4a1191391fe64_amd64",
"8Base-GitOps-1.11:openshift-gitops-1/gitops-rhel8@sha256:9a5e3e6da074aff464456750cca74ca47a3ab7b635948ac4cb8eba77e91f5938_ppc64le",
"8Base-GitOps-1.11:openshift-gitops-1/kam-delivery-rhel8@sha256:2b017899750d3945e786f75a85c9b0876bb9ee637c9c10b3f269a5976120776c_amd64",
"8Base-GitOps-1.11:openshift-gitops-1/kam-delivery-rhel8@sha256:6b4f257cf401049c9b8335a4c1f20ac8041a5e0d192279ead4fafbcd7e847e68_ppc64le",
"8Base-GitOps-1.11:openshift-gitops-1/kam-delivery-rhel8@sha256:8078fdce62aaf915755f223a46f131cd683c4f52b1897300f2e51a164eec8e93_arm64",
"8Base-GitOps-1.11:openshift-gitops-1/kam-delivery-rhel8@sha256:fbfa33cb3c73a0052b46562926e617e078709d8275555e80537b86d75a50ad0d_s390x",
"8Base-GitOps-1.11:openshift-gitops-1/must-gather-rhel8@sha256:64ac86cbd370d05a69c6c1cde6670ae8dc4dbc65ce416519a644237eecb195e0_s390x",
"8Base-GitOps-1.11:openshift-gitops-1/must-gather-rhel8@sha256:974db252e93173e2a2217fbff3c1a56aaa1411480a587a42d0c43275257d8809_arm64",
"8Base-GitOps-1.11:openshift-gitops-1/must-gather-rhel8@sha256:bda0dc71e5e11fc3e30c3a1e164aecb9d0eacc5ce01b8b19a9d446d9a9271fd6_ppc64le",
"8Base-GitOps-1.11:openshift-gitops-1/must-gather-rhel8@sha256:c16fc42f75a4b260316ae29b0ede0417771c76b0313291a8fc54a5f2eb8cf68b_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-24786"
},
{
"category": "external",
"summary": "RHBZ#2268046",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2268046"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-24786",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24786"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-24786",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-24786"
},
{
"category": "external",
"summary": "https://go.dev/cl/569356",
"url": "https://go.dev/cl/569356"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/ArQ6CDgtEjY/",
"url": "https://groups.google.com/g/golang-announce/c/ArQ6CDgtEjY/"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2024-2611",
"url": "https://pkg.go.dev/vuln/GO-2024-2611"
}
],
"release_date": "2024-03-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-07-18T13:37:38+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-GitOps-1.11:openshift-gitops-1/argo-rollouts-rhel8@sha256:076add1204be36717a4f21320e25a1ef8f362b898a91860101e036585bd7e75e_arm64",
"8Base-GitOps-1.11:openshift-gitops-1/argo-rollouts-rhel8@sha256:93f63395cd0e2d8bd35e1d7d5187f65bdd8efc9b564c98a2e07ba875aa887da4_amd64",
"8Base-GitOps-1.11:openshift-gitops-1/argo-rollouts-rhel8@sha256:9d59ac72c98079a9b29ed9a1ff5b39c49a804e28fb344112454c902000417090_ppc64le",
"8Base-GitOps-1.11:openshift-gitops-1/argo-rollouts-rhel8@sha256:f40c487b2922ed5b109a036996c3800fa24a8ab40579a8184bd08c0fa0a0a82b_s390x",
"8Base-GitOps-1.11:openshift-gitops-1/argocd-rhel8@sha256:95a36f983a5f2811f0fef486e90b84081d9dffeffe032be6cddeddfa4592e423_arm64",
"8Base-GitOps-1.11:openshift-gitops-1/argocd-rhel8@sha256:af69609ef177ee3cea8ef04a056df8a4a422dbc83a2631781589b61c1ed6dea6_ppc64le",
"8Base-GitOps-1.11:openshift-gitops-1/argocd-rhel8@sha256:b2fbdc3c9926b23f7e8506ad6a7062e6ca326bb3b69984762f7e4f29b1f4f93c_amd64",
"8Base-GitOps-1.11:openshift-gitops-1/argocd-rhel8@sha256:f10e4081655abf6e5c99ad32000fe98f06299cbe55434908d3161d072fde2c20_s390x",
"8Base-GitOps-1.11:openshift-gitops-1/console-plugin-rhel8@sha256:5beea6b8cdb9e06fb0fb7f92beaf02a9e9ba7b8794df8fc6eaa279c861c54c1f_ppc64le",
"8Base-GitOps-1.11:openshift-gitops-1/console-plugin-rhel8@sha256:98de5f96397f94c776a44554da00e80fee544a424404b4b64e91c65f6e463c5d_amd64",
"8Base-GitOps-1.11:openshift-gitops-1/console-plugin-rhel8@sha256:f804b7d402d3cfb45223e011912711bdd79d792e87e96ee6e8738f41e2bdd545_arm64",
"8Base-GitOps-1.11:openshift-gitops-1/console-plugin-rhel8@sha256:f9f4c3dc50ed732bd52ca77cd81adf56228772ace9792bbd8ac72714282db5ea_s390x",
"8Base-GitOps-1.11:openshift-gitops-1/dex-rhel8@sha256:7a0eaaa28b1593222a089490bbe785519bad33dc1169982fbd54d3c971589409_arm64",
"8Base-GitOps-1.11:openshift-gitops-1/dex-rhel8@sha256:82d2a3ab03d511f5751d154159e80170e47ee55789d6cfba9d9237d16a1c42fb_ppc64le",
"8Base-GitOps-1.11:openshift-gitops-1/dex-rhel8@sha256:a9f2a4c1d771f91ed46acd849a2957fb984eecf2036d9b9c84f72847e1079d78_s390x",
"8Base-GitOps-1.11:openshift-gitops-1/dex-rhel8@sha256:c9f1b0a58cefffb1aaa5e0eeb5e26ad1b24612f8b45987133cdb7fb4a0a98f5e_amd64",
"8Base-GitOps-1.11:openshift-gitops-1/gitops-operator-bundle@sha256:9357bd76c40ce6d7fdf72075b7a8c0fac132017390cdc3864768947b48347b94_amd64",
"8Base-GitOps-1.11:openshift-gitops-1/gitops-rhel8-operator@sha256:6bbc7f6e353d2d8cfcbcbb68472c97b6ff332c611780f645517a9d00937624f5_amd64",
"8Base-GitOps-1.11:openshift-gitops-1/gitops-rhel8-operator@sha256:8a0ff74e9378e2b1ba526b7bf4c7be033f22a4d4a4f40190a9e70b3306acf1be_ppc64le",
"8Base-GitOps-1.11:openshift-gitops-1/gitops-rhel8-operator@sha256:ec259fd03d43f8c71dd136baa7058e038adc172ac41d9a0bda72d89075a2faca_arm64",
"8Base-GitOps-1.11:openshift-gitops-1/gitops-rhel8-operator@sha256:eef33c6fff1da9580c3b7003ecb3db73dc0af398b98f37639edf2af9cd21d0ec_s390x",
"8Base-GitOps-1.11:openshift-gitops-1/gitops-rhel8@sha256:59bf2f19376abfeae9afd2abcd3fab5594c1fd1b98d221b142cf992348347ea8_s390x",
"8Base-GitOps-1.11:openshift-gitops-1/gitops-rhel8@sha256:8a087169c5b03152752227249d862d824cd224bcd313e4894ad89a644f17c7d8_arm64",
"8Base-GitOps-1.11:openshift-gitops-1/gitops-rhel8@sha256:92a28af94fa2f0f47d38e573068876760dd5b89a605c186bdcf4a1191391fe64_amd64",
"8Base-GitOps-1.11:openshift-gitops-1/gitops-rhel8@sha256:9a5e3e6da074aff464456750cca74ca47a3ab7b635948ac4cb8eba77e91f5938_ppc64le",
"8Base-GitOps-1.11:openshift-gitops-1/kam-delivery-rhel8@sha256:2b017899750d3945e786f75a85c9b0876bb9ee637c9c10b3f269a5976120776c_amd64",
"8Base-GitOps-1.11:openshift-gitops-1/kam-delivery-rhel8@sha256:6b4f257cf401049c9b8335a4c1f20ac8041a5e0d192279ead4fafbcd7e847e68_ppc64le",
"8Base-GitOps-1.11:openshift-gitops-1/kam-delivery-rhel8@sha256:8078fdce62aaf915755f223a46f131cd683c4f52b1897300f2e51a164eec8e93_arm64",
"8Base-GitOps-1.11:openshift-gitops-1/kam-delivery-rhel8@sha256:fbfa33cb3c73a0052b46562926e617e078709d8275555e80537b86d75a50ad0d_s390x",
"8Base-GitOps-1.11:openshift-gitops-1/must-gather-rhel8@sha256:64ac86cbd370d05a69c6c1cde6670ae8dc4dbc65ce416519a644237eecb195e0_s390x",
"8Base-GitOps-1.11:openshift-gitops-1/must-gather-rhel8@sha256:974db252e93173e2a2217fbff3c1a56aaa1411480a587a42d0c43275257d8809_arm64",
"8Base-GitOps-1.11:openshift-gitops-1/must-gather-rhel8@sha256:bda0dc71e5e11fc3e30c3a1e164aecb9d0eacc5ce01b8b19a9d446d9a9271fd6_ppc64le",
"8Base-GitOps-1.11:openshift-gitops-1/must-gather-rhel8@sha256:c16fc42f75a4b260316ae29b0ede0417771c76b0313291a8fc54a5f2eb8cf68b_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:4626"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-GitOps-1.11:openshift-gitops-1/argo-rollouts-rhel8@sha256:076add1204be36717a4f21320e25a1ef8f362b898a91860101e036585bd7e75e_arm64",
"8Base-GitOps-1.11:openshift-gitops-1/argo-rollouts-rhel8@sha256:93f63395cd0e2d8bd35e1d7d5187f65bdd8efc9b564c98a2e07ba875aa887da4_amd64",
"8Base-GitOps-1.11:openshift-gitops-1/argo-rollouts-rhel8@sha256:9d59ac72c98079a9b29ed9a1ff5b39c49a804e28fb344112454c902000417090_ppc64le",
"8Base-GitOps-1.11:openshift-gitops-1/argo-rollouts-rhel8@sha256:f40c487b2922ed5b109a036996c3800fa24a8ab40579a8184bd08c0fa0a0a82b_s390x",
"8Base-GitOps-1.11:openshift-gitops-1/argocd-rhel8@sha256:95a36f983a5f2811f0fef486e90b84081d9dffeffe032be6cddeddfa4592e423_arm64",
"8Base-GitOps-1.11:openshift-gitops-1/argocd-rhel8@sha256:af69609ef177ee3cea8ef04a056df8a4a422dbc83a2631781589b61c1ed6dea6_ppc64le",
"8Base-GitOps-1.11:openshift-gitops-1/argocd-rhel8@sha256:b2fbdc3c9926b23f7e8506ad6a7062e6ca326bb3b69984762f7e4f29b1f4f93c_amd64",
"8Base-GitOps-1.11:openshift-gitops-1/argocd-rhel8@sha256:f10e4081655abf6e5c99ad32000fe98f06299cbe55434908d3161d072fde2c20_s390x",
"8Base-GitOps-1.11:openshift-gitops-1/console-plugin-rhel8@sha256:5beea6b8cdb9e06fb0fb7f92beaf02a9e9ba7b8794df8fc6eaa279c861c54c1f_ppc64le",
"8Base-GitOps-1.11:openshift-gitops-1/console-plugin-rhel8@sha256:98de5f96397f94c776a44554da00e80fee544a424404b4b64e91c65f6e463c5d_amd64",
"8Base-GitOps-1.11:openshift-gitops-1/console-plugin-rhel8@sha256:f804b7d402d3cfb45223e011912711bdd79d792e87e96ee6e8738f41e2bdd545_arm64",
"8Base-GitOps-1.11:openshift-gitops-1/console-plugin-rhel8@sha256:f9f4c3dc50ed732bd52ca77cd81adf56228772ace9792bbd8ac72714282db5ea_s390x",
"8Base-GitOps-1.11:openshift-gitops-1/dex-rhel8@sha256:7a0eaaa28b1593222a089490bbe785519bad33dc1169982fbd54d3c971589409_arm64",
"8Base-GitOps-1.11:openshift-gitops-1/dex-rhel8@sha256:82d2a3ab03d511f5751d154159e80170e47ee55789d6cfba9d9237d16a1c42fb_ppc64le",
"8Base-GitOps-1.11:openshift-gitops-1/dex-rhel8@sha256:a9f2a4c1d771f91ed46acd849a2957fb984eecf2036d9b9c84f72847e1079d78_s390x",
"8Base-GitOps-1.11:openshift-gitops-1/dex-rhel8@sha256:c9f1b0a58cefffb1aaa5e0eeb5e26ad1b24612f8b45987133cdb7fb4a0a98f5e_amd64",
"8Base-GitOps-1.11:openshift-gitops-1/gitops-operator-bundle@sha256:9357bd76c40ce6d7fdf72075b7a8c0fac132017390cdc3864768947b48347b94_amd64",
"8Base-GitOps-1.11:openshift-gitops-1/gitops-rhel8-operator@sha256:6bbc7f6e353d2d8cfcbcbb68472c97b6ff332c611780f645517a9d00937624f5_amd64",
"8Base-GitOps-1.11:openshift-gitops-1/gitops-rhel8-operator@sha256:8a0ff74e9378e2b1ba526b7bf4c7be033f22a4d4a4f40190a9e70b3306acf1be_ppc64le",
"8Base-GitOps-1.11:openshift-gitops-1/gitops-rhel8-operator@sha256:ec259fd03d43f8c71dd136baa7058e038adc172ac41d9a0bda72d89075a2faca_arm64",
"8Base-GitOps-1.11:openshift-gitops-1/gitops-rhel8-operator@sha256:eef33c6fff1da9580c3b7003ecb3db73dc0af398b98f37639edf2af9cd21d0ec_s390x",
"8Base-GitOps-1.11:openshift-gitops-1/gitops-rhel8@sha256:59bf2f19376abfeae9afd2abcd3fab5594c1fd1b98d221b142cf992348347ea8_s390x",
"8Base-GitOps-1.11:openshift-gitops-1/gitops-rhel8@sha256:8a087169c5b03152752227249d862d824cd224bcd313e4894ad89a644f17c7d8_arm64",
"8Base-GitOps-1.11:openshift-gitops-1/gitops-rhel8@sha256:92a28af94fa2f0f47d38e573068876760dd5b89a605c186bdcf4a1191391fe64_amd64",
"8Base-GitOps-1.11:openshift-gitops-1/gitops-rhel8@sha256:9a5e3e6da074aff464456750cca74ca47a3ab7b635948ac4cb8eba77e91f5938_ppc64le",
"8Base-GitOps-1.11:openshift-gitops-1/kam-delivery-rhel8@sha256:2b017899750d3945e786f75a85c9b0876bb9ee637c9c10b3f269a5976120776c_amd64",
"8Base-GitOps-1.11:openshift-gitops-1/kam-delivery-rhel8@sha256:6b4f257cf401049c9b8335a4c1f20ac8041a5e0d192279ead4fafbcd7e847e68_ppc64le",
"8Base-GitOps-1.11:openshift-gitops-1/kam-delivery-rhel8@sha256:8078fdce62aaf915755f223a46f131cd683c4f52b1897300f2e51a164eec8e93_arm64",
"8Base-GitOps-1.11:openshift-gitops-1/kam-delivery-rhel8@sha256:fbfa33cb3c73a0052b46562926e617e078709d8275555e80537b86d75a50ad0d_s390x",
"8Base-GitOps-1.11:openshift-gitops-1/must-gather-rhel8@sha256:64ac86cbd370d05a69c6c1cde6670ae8dc4dbc65ce416519a644237eecb195e0_s390x",
"8Base-GitOps-1.11:openshift-gitops-1/must-gather-rhel8@sha256:974db252e93173e2a2217fbff3c1a56aaa1411480a587a42d0c43275257d8809_arm64",
"8Base-GitOps-1.11:openshift-gitops-1/must-gather-rhel8@sha256:bda0dc71e5e11fc3e30c3a1e164aecb9d0eacc5ce01b8b19a9d446d9a9271fd6_ppc64le",
"8Base-GitOps-1.11:openshift-gitops-1/must-gather-rhel8@sha256:c16fc42f75a4b260316ae29b0ede0417771c76b0313291a8fc54a5f2eb8cf68b_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-GitOps-1.11:openshift-gitops-1/argo-rollouts-rhel8@sha256:076add1204be36717a4f21320e25a1ef8f362b898a91860101e036585bd7e75e_arm64",
"8Base-GitOps-1.11:openshift-gitops-1/argo-rollouts-rhel8@sha256:93f63395cd0e2d8bd35e1d7d5187f65bdd8efc9b564c98a2e07ba875aa887da4_amd64",
"8Base-GitOps-1.11:openshift-gitops-1/argo-rollouts-rhel8@sha256:9d59ac72c98079a9b29ed9a1ff5b39c49a804e28fb344112454c902000417090_ppc64le",
"8Base-GitOps-1.11:openshift-gitops-1/argo-rollouts-rhel8@sha256:f40c487b2922ed5b109a036996c3800fa24a8ab40579a8184bd08c0fa0a0a82b_s390x",
"8Base-GitOps-1.11:openshift-gitops-1/argocd-rhel8@sha256:95a36f983a5f2811f0fef486e90b84081d9dffeffe032be6cddeddfa4592e423_arm64",
"8Base-GitOps-1.11:openshift-gitops-1/argocd-rhel8@sha256:af69609ef177ee3cea8ef04a056df8a4a422dbc83a2631781589b61c1ed6dea6_ppc64le",
"8Base-GitOps-1.11:openshift-gitops-1/argocd-rhel8@sha256:b2fbdc3c9926b23f7e8506ad6a7062e6ca326bb3b69984762f7e4f29b1f4f93c_amd64",
"8Base-GitOps-1.11:openshift-gitops-1/argocd-rhel8@sha256:f10e4081655abf6e5c99ad32000fe98f06299cbe55434908d3161d072fde2c20_s390x",
"8Base-GitOps-1.11:openshift-gitops-1/console-plugin-rhel8@sha256:5beea6b8cdb9e06fb0fb7f92beaf02a9e9ba7b8794df8fc6eaa279c861c54c1f_ppc64le",
"8Base-GitOps-1.11:openshift-gitops-1/console-plugin-rhel8@sha256:98de5f96397f94c776a44554da00e80fee544a424404b4b64e91c65f6e463c5d_amd64",
"8Base-GitOps-1.11:openshift-gitops-1/console-plugin-rhel8@sha256:f804b7d402d3cfb45223e011912711bdd79d792e87e96ee6e8738f41e2bdd545_arm64",
"8Base-GitOps-1.11:openshift-gitops-1/console-plugin-rhel8@sha256:f9f4c3dc50ed732bd52ca77cd81adf56228772ace9792bbd8ac72714282db5ea_s390x",
"8Base-GitOps-1.11:openshift-gitops-1/dex-rhel8@sha256:7a0eaaa28b1593222a089490bbe785519bad33dc1169982fbd54d3c971589409_arm64",
"8Base-GitOps-1.11:openshift-gitops-1/dex-rhel8@sha256:82d2a3ab03d511f5751d154159e80170e47ee55789d6cfba9d9237d16a1c42fb_ppc64le",
"8Base-GitOps-1.11:openshift-gitops-1/dex-rhel8@sha256:a9f2a4c1d771f91ed46acd849a2957fb984eecf2036d9b9c84f72847e1079d78_s390x",
"8Base-GitOps-1.11:openshift-gitops-1/dex-rhel8@sha256:c9f1b0a58cefffb1aaa5e0eeb5e26ad1b24612f8b45987133cdb7fb4a0a98f5e_amd64",
"8Base-GitOps-1.11:openshift-gitops-1/gitops-operator-bundle@sha256:9357bd76c40ce6d7fdf72075b7a8c0fac132017390cdc3864768947b48347b94_amd64",
"8Base-GitOps-1.11:openshift-gitops-1/gitops-rhel8-operator@sha256:6bbc7f6e353d2d8cfcbcbb68472c97b6ff332c611780f645517a9d00937624f5_amd64",
"8Base-GitOps-1.11:openshift-gitops-1/gitops-rhel8-operator@sha256:8a0ff74e9378e2b1ba526b7bf4c7be033f22a4d4a4f40190a9e70b3306acf1be_ppc64le",
"8Base-GitOps-1.11:openshift-gitops-1/gitops-rhel8-operator@sha256:ec259fd03d43f8c71dd136baa7058e038adc172ac41d9a0bda72d89075a2faca_arm64",
"8Base-GitOps-1.11:openshift-gitops-1/gitops-rhel8-operator@sha256:eef33c6fff1da9580c3b7003ecb3db73dc0af398b98f37639edf2af9cd21d0ec_s390x",
"8Base-GitOps-1.11:openshift-gitops-1/gitops-rhel8@sha256:59bf2f19376abfeae9afd2abcd3fab5594c1fd1b98d221b142cf992348347ea8_s390x",
"8Base-GitOps-1.11:openshift-gitops-1/gitops-rhel8@sha256:8a087169c5b03152752227249d862d824cd224bcd313e4894ad89a644f17c7d8_arm64",
"8Base-GitOps-1.11:openshift-gitops-1/gitops-rhel8@sha256:92a28af94fa2f0f47d38e573068876760dd5b89a605c186bdcf4a1191391fe64_amd64",
"8Base-GitOps-1.11:openshift-gitops-1/gitops-rhel8@sha256:9a5e3e6da074aff464456750cca74ca47a3ab7b635948ac4cb8eba77e91f5938_ppc64le",
"8Base-GitOps-1.11:openshift-gitops-1/kam-delivery-rhel8@sha256:2b017899750d3945e786f75a85c9b0876bb9ee637c9c10b3f269a5976120776c_amd64",
"8Base-GitOps-1.11:openshift-gitops-1/kam-delivery-rhel8@sha256:6b4f257cf401049c9b8335a4c1f20ac8041a5e0d192279ead4fafbcd7e847e68_ppc64le",
"8Base-GitOps-1.11:openshift-gitops-1/kam-delivery-rhel8@sha256:8078fdce62aaf915755f223a46f131cd683c4f52b1897300f2e51a164eec8e93_arm64",
"8Base-GitOps-1.11:openshift-gitops-1/kam-delivery-rhel8@sha256:fbfa33cb3c73a0052b46562926e617e078709d8275555e80537b86d75a50ad0d_s390x",
"8Base-GitOps-1.11:openshift-gitops-1/must-gather-rhel8@sha256:64ac86cbd370d05a69c6c1cde6670ae8dc4dbc65ce416519a644237eecb195e0_s390x",
"8Base-GitOps-1.11:openshift-gitops-1/must-gather-rhel8@sha256:974db252e93173e2a2217fbff3c1a56aaa1411480a587a42d0c43275257d8809_arm64",
"8Base-GitOps-1.11:openshift-gitops-1/must-gather-rhel8@sha256:bda0dc71e5e11fc3e30c3a1e164aecb9d0eacc5ce01b8b19a9d446d9a9271fd6_ppc64le",
"8Base-GitOps-1.11:openshift-gitops-1/must-gather-rhel8@sha256:c16fc42f75a4b260316ae29b0ede0417771c76b0313291a8fc54a5f2eb8cf68b_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang-protobuf: encoding/protojson, internal/encoding/json: infinite loop in protojson.Unmarshal when unmarshaling certain forms of invalid JSON"
},
{
"cve": "CVE-2024-25620",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"discovery_date": "2024-02-15T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2264336"
}
],
"notes": [
{
"category": "description",
"text": "A path traversal vulnerability was found in Helm when it saved a chart including download time. When either the Helm client or SDK is used to save a chart whose name is within the Chart.yaml file and includes a relative path change, the chart would be saved outside its expected directory based on the changes in the relative path. The validation and linting did not detect the path changes in the name.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "helm: Dependency management path traversal",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Within regulated environments, a combination of the following controls acts as a significant barrier to the successful exploitation of a CWE-22: Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027) vulnerability and therefore downgrades the severity of this particular CVE from Moderate to Low.\n\nInput validation enforces strict path constraints, rejecting directory traversal attempts or unauthorized file access. Runtime environments restrict code execution to predefined privilege levels, preventing escalation from traversal exploits. Configuration settings limit accessible directories and enforce execution boundaries to reduce the influence of user input on file system behavior. Application components are developed and validated against secure coding standards that explicitly prevent path manipulation, further minimizing exploitation risk.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-GitOps-1.11:openshift-gitops-1/argo-rollouts-rhel8@sha256:076add1204be36717a4f21320e25a1ef8f362b898a91860101e036585bd7e75e_arm64",
"8Base-GitOps-1.11:openshift-gitops-1/argo-rollouts-rhel8@sha256:93f63395cd0e2d8bd35e1d7d5187f65bdd8efc9b564c98a2e07ba875aa887da4_amd64",
"8Base-GitOps-1.11:openshift-gitops-1/argo-rollouts-rhel8@sha256:9d59ac72c98079a9b29ed9a1ff5b39c49a804e28fb344112454c902000417090_ppc64le",
"8Base-GitOps-1.11:openshift-gitops-1/argo-rollouts-rhel8@sha256:f40c487b2922ed5b109a036996c3800fa24a8ab40579a8184bd08c0fa0a0a82b_s390x",
"8Base-GitOps-1.11:openshift-gitops-1/argocd-rhel8@sha256:95a36f983a5f2811f0fef486e90b84081d9dffeffe032be6cddeddfa4592e423_arm64",
"8Base-GitOps-1.11:openshift-gitops-1/argocd-rhel8@sha256:af69609ef177ee3cea8ef04a056df8a4a422dbc83a2631781589b61c1ed6dea6_ppc64le",
"8Base-GitOps-1.11:openshift-gitops-1/argocd-rhel8@sha256:b2fbdc3c9926b23f7e8506ad6a7062e6ca326bb3b69984762f7e4f29b1f4f93c_amd64",
"8Base-GitOps-1.11:openshift-gitops-1/argocd-rhel8@sha256:f10e4081655abf6e5c99ad32000fe98f06299cbe55434908d3161d072fde2c20_s390x",
"8Base-GitOps-1.11:openshift-gitops-1/console-plugin-rhel8@sha256:5beea6b8cdb9e06fb0fb7f92beaf02a9e9ba7b8794df8fc6eaa279c861c54c1f_ppc64le",
"8Base-GitOps-1.11:openshift-gitops-1/console-plugin-rhel8@sha256:98de5f96397f94c776a44554da00e80fee544a424404b4b64e91c65f6e463c5d_amd64",
"8Base-GitOps-1.11:openshift-gitops-1/console-plugin-rhel8@sha256:f804b7d402d3cfb45223e011912711bdd79d792e87e96ee6e8738f41e2bdd545_arm64",
"8Base-GitOps-1.11:openshift-gitops-1/console-plugin-rhel8@sha256:f9f4c3dc50ed732bd52ca77cd81adf56228772ace9792bbd8ac72714282db5ea_s390x",
"8Base-GitOps-1.11:openshift-gitops-1/dex-rhel8@sha256:7a0eaaa28b1593222a089490bbe785519bad33dc1169982fbd54d3c971589409_arm64",
"8Base-GitOps-1.11:openshift-gitops-1/dex-rhel8@sha256:82d2a3ab03d511f5751d154159e80170e47ee55789d6cfba9d9237d16a1c42fb_ppc64le",
"8Base-GitOps-1.11:openshift-gitops-1/dex-rhel8@sha256:a9f2a4c1d771f91ed46acd849a2957fb984eecf2036d9b9c84f72847e1079d78_s390x",
"8Base-GitOps-1.11:openshift-gitops-1/dex-rhel8@sha256:c9f1b0a58cefffb1aaa5e0eeb5e26ad1b24612f8b45987133cdb7fb4a0a98f5e_amd64",
"8Base-GitOps-1.11:openshift-gitops-1/gitops-operator-bundle@sha256:9357bd76c40ce6d7fdf72075b7a8c0fac132017390cdc3864768947b48347b94_amd64",
"8Base-GitOps-1.11:openshift-gitops-1/gitops-rhel8-operator@sha256:6bbc7f6e353d2d8cfcbcbb68472c97b6ff332c611780f645517a9d00937624f5_amd64",
"8Base-GitOps-1.11:openshift-gitops-1/gitops-rhel8-operator@sha256:8a0ff74e9378e2b1ba526b7bf4c7be033f22a4d4a4f40190a9e70b3306acf1be_ppc64le",
"8Base-GitOps-1.11:openshift-gitops-1/gitops-rhel8-operator@sha256:ec259fd03d43f8c71dd136baa7058e038adc172ac41d9a0bda72d89075a2faca_arm64",
"8Base-GitOps-1.11:openshift-gitops-1/gitops-rhel8-operator@sha256:eef33c6fff1da9580c3b7003ecb3db73dc0af398b98f37639edf2af9cd21d0ec_s390x",
"8Base-GitOps-1.11:openshift-gitops-1/gitops-rhel8@sha256:59bf2f19376abfeae9afd2abcd3fab5594c1fd1b98d221b142cf992348347ea8_s390x",
"8Base-GitOps-1.11:openshift-gitops-1/gitops-rhel8@sha256:8a087169c5b03152752227249d862d824cd224bcd313e4894ad89a644f17c7d8_arm64",
"8Base-GitOps-1.11:openshift-gitops-1/gitops-rhel8@sha256:92a28af94fa2f0f47d38e573068876760dd5b89a605c186bdcf4a1191391fe64_amd64",
"8Base-GitOps-1.11:openshift-gitops-1/gitops-rhel8@sha256:9a5e3e6da074aff464456750cca74ca47a3ab7b635948ac4cb8eba77e91f5938_ppc64le",
"8Base-GitOps-1.11:openshift-gitops-1/kam-delivery-rhel8@sha256:2b017899750d3945e786f75a85c9b0876bb9ee637c9c10b3f269a5976120776c_amd64",
"8Base-GitOps-1.11:openshift-gitops-1/kam-delivery-rhel8@sha256:6b4f257cf401049c9b8335a4c1f20ac8041a5e0d192279ead4fafbcd7e847e68_ppc64le",
"8Base-GitOps-1.11:openshift-gitops-1/kam-delivery-rhel8@sha256:8078fdce62aaf915755f223a46f131cd683c4f52b1897300f2e51a164eec8e93_arm64",
"8Base-GitOps-1.11:openshift-gitops-1/kam-delivery-rhel8@sha256:fbfa33cb3c73a0052b46562926e617e078709d8275555e80537b86d75a50ad0d_s390x",
"8Base-GitOps-1.11:openshift-gitops-1/must-gather-rhel8@sha256:64ac86cbd370d05a69c6c1cde6670ae8dc4dbc65ce416519a644237eecb195e0_s390x",
"8Base-GitOps-1.11:openshift-gitops-1/must-gather-rhel8@sha256:974db252e93173e2a2217fbff3c1a56aaa1411480a587a42d0c43275257d8809_arm64",
"8Base-GitOps-1.11:openshift-gitops-1/must-gather-rhel8@sha256:bda0dc71e5e11fc3e30c3a1e164aecb9d0eacc5ce01b8b19a9d446d9a9271fd6_ppc64le",
"8Base-GitOps-1.11:openshift-gitops-1/must-gather-rhel8@sha256:c16fc42f75a4b260316ae29b0ede0417771c76b0313291a8fc54a5f2eb8cf68b_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-25620"
},
{
"category": "external",
"summary": "RHBZ#2264336",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2264336"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-25620",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-25620"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-25620",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-25620"
},
{
"category": "external",
"summary": "https://github.com/helm/helm/commit/0d0f91d1ce277b2c8766cdc4c7aa04dbafbf2503",
"url": "https://github.com/helm/helm/commit/0d0f91d1ce277b2c8766cdc4c7aa04dbafbf2503"
},
{
"category": "external",
"summary": "https://github.com/helm/helm/security/advisories/GHSA-v53g-5gjp-272r",
"url": "https://github.com/helm/helm/security/advisories/GHSA-v53g-5gjp-272r"
}
],
"release_date": "2024-02-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-07-18T13:37:38+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-GitOps-1.11:openshift-gitops-1/argo-rollouts-rhel8@sha256:076add1204be36717a4f21320e25a1ef8f362b898a91860101e036585bd7e75e_arm64",
"8Base-GitOps-1.11:openshift-gitops-1/argo-rollouts-rhel8@sha256:93f63395cd0e2d8bd35e1d7d5187f65bdd8efc9b564c98a2e07ba875aa887da4_amd64",
"8Base-GitOps-1.11:openshift-gitops-1/argo-rollouts-rhel8@sha256:9d59ac72c98079a9b29ed9a1ff5b39c49a804e28fb344112454c902000417090_ppc64le",
"8Base-GitOps-1.11:openshift-gitops-1/argo-rollouts-rhel8@sha256:f40c487b2922ed5b109a036996c3800fa24a8ab40579a8184bd08c0fa0a0a82b_s390x",
"8Base-GitOps-1.11:openshift-gitops-1/argocd-rhel8@sha256:95a36f983a5f2811f0fef486e90b84081d9dffeffe032be6cddeddfa4592e423_arm64",
"8Base-GitOps-1.11:openshift-gitops-1/argocd-rhel8@sha256:af69609ef177ee3cea8ef04a056df8a4a422dbc83a2631781589b61c1ed6dea6_ppc64le",
"8Base-GitOps-1.11:openshift-gitops-1/argocd-rhel8@sha256:b2fbdc3c9926b23f7e8506ad6a7062e6ca326bb3b69984762f7e4f29b1f4f93c_amd64",
"8Base-GitOps-1.11:openshift-gitops-1/argocd-rhel8@sha256:f10e4081655abf6e5c99ad32000fe98f06299cbe55434908d3161d072fde2c20_s390x",
"8Base-GitOps-1.11:openshift-gitops-1/console-plugin-rhel8@sha256:5beea6b8cdb9e06fb0fb7f92beaf02a9e9ba7b8794df8fc6eaa279c861c54c1f_ppc64le",
"8Base-GitOps-1.11:openshift-gitops-1/console-plugin-rhel8@sha256:98de5f96397f94c776a44554da00e80fee544a424404b4b64e91c65f6e463c5d_amd64",
"8Base-GitOps-1.11:openshift-gitops-1/console-plugin-rhel8@sha256:f804b7d402d3cfb45223e011912711bdd79d792e87e96ee6e8738f41e2bdd545_arm64",
"8Base-GitOps-1.11:openshift-gitops-1/console-plugin-rhel8@sha256:f9f4c3dc50ed732bd52ca77cd81adf56228772ace9792bbd8ac72714282db5ea_s390x",
"8Base-GitOps-1.11:openshift-gitops-1/dex-rhel8@sha256:7a0eaaa28b1593222a089490bbe785519bad33dc1169982fbd54d3c971589409_arm64",
"8Base-GitOps-1.11:openshift-gitops-1/dex-rhel8@sha256:82d2a3ab03d511f5751d154159e80170e47ee55789d6cfba9d9237d16a1c42fb_ppc64le",
"8Base-GitOps-1.11:openshift-gitops-1/dex-rhel8@sha256:a9f2a4c1d771f91ed46acd849a2957fb984eecf2036d9b9c84f72847e1079d78_s390x",
"8Base-GitOps-1.11:openshift-gitops-1/dex-rhel8@sha256:c9f1b0a58cefffb1aaa5e0eeb5e26ad1b24612f8b45987133cdb7fb4a0a98f5e_amd64",
"8Base-GitOps-1.11:openshift-gitops-1/gitops-operator-bundle@sha256:9357bd76c40ce6d7fdf72075b7a8c0fac132017390cdc3864768947b48347b94_amd64",
"8Base-GitOps-1.11:openshift-gitops-1/gitops-rhel8-operator@sha256:6bbc7f6e353d2d8cfcbcbb68472c97b6ff332c611780f645517a9d00937624f5_amd64",
"8Base-GitOps-1.11:openshift-gitops-1/gitops-rhel8-operator@sha256:8a0ff74e9378e2b1ba526b7bf4c7be033f22a4d4a4f40190a9e70b3306acf1be_ppc64le",
"8Base-GitOps-1.11:openshift-gitops-1/gitops-rhel8-operator@sha256:ec259fd03d43f8c71dd136baa7058e038adc172ac41d9a0bda72d89075a2faca_arm64",
"8Base-GitOps-1.11:openshift-gitops-1/gitops-rhel8-operator@sha256:eef33c6fff1da9580c3b7003ecb3db73dc0af398b98f37639edf2af9cd21d0ec_s390x",
"8Base-GitOps-1.11:openshift-gitops-1/gitops-rhel8@sha256:59bf2f19376abfeae9afd2abcd3fab5594c1fd1b98d221b142cf992348347ea8_s390x",
"8Base-GitOps-1.11:openshift-gitops-1/gitops-rhel8@sha256:8a087169c5b03152752227249d862d824cd224bcd313e4894ad89a644f17c7d8_arm64",
"8Base-GitOps-1.11:openshift-gitops-1/gitops-rhel8@sha256:92a28af94fa2f0f47d38e573068876760dd5b89a605c186bdcf4a1191391fe64_amd64",
"8Base-GitOps-1.11:openshift-gitops-1/gitops-rhel8@sha256:9a5e3e6da074aff464456750cca74ca47a3ab7b635948ac4cb8eba77e91f5938_ppc64le",
"8Base-GitOps-1.11:openshift-gitops-1/kam-delivery-rhel8@sha256:2b017899750d3945e786f75a85c9b0876bb9ee637c9c10b3f269a5976120776c_amd64",
"8Base-GitOps-1.11:openshift-gitops-1/kam-delivery-rhel8@sha256:6b4f257cf401049c9b8335a4c1f20ac8041a5e0d192279ead4fafbcd7e847e68_ppc64le",
"8Base-GitOps-1.11:openshift-gitops-1/kam-delivery-rhel8@sha256:8078fdce62aaf915755f223a46f131cd683c4f52b1897300f2e51a164eec8e93_arm64",
"8Base-GitOps-1.11:openshift-gitops-1/kam-delivery-rhel8@sha256:fbfa33cb3c73a0052b46562926e617e078709d8275555e80537b86d75a50ad0d_s390x",
"8Base-GitOps-1.11:openshift-gitops-1/must-gather-rhel8@sha256:64ac86cbd370d05a69c6c1cde6670ae8dc4dbc65ce416519a644237eecb195e0_s390x",
"8Base-GitOps-1.11:openshift-gitops-1/must-gather-rhel8@sha256:974db252e93173e2a2217fbff3c1a56aaa1411480a587a42d0c43275257d8809_arm64",
"8Base-GitOps-1.11:openshift-gitops-1/must-gather-rhel8@sha256:bda0dc71e5e11fc3e30c3a1e164aecb9d0eacc5ce01b8b19a9d446d9a9271fd6_ppc64le",
"8Base-GitOps-1.11:openshift-gitops-1/must-gather-rhel8@sha256:c16fc42f75a4b260316ae29b0ede0417771c76b0313291a8fc54a5f2eb8cf68b_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:4626"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"8Base-GitOps-1.11:openshift-gitops-1/argo-rollouts-rhel8@sha256:076add1204be36717a4f21320e25a1ef8f362b898a91860101e036585bd7e75e_arm64",
"8Base-GitOps-1.11:openshift-gitops-1/argo-rollouts-rhel8@sha256:93f63395cd0e2d8bd35e1d7d5187f65bdd8efc9b564c98a2e07ba875aa887da4_amd64",
"8Base-GitOps-1.11:openshift-gitops-1/argo-rollouts-rhel8@sha256:9d59ac72c98079a9b29ed9a1ff5b39c49a804e28fb344112454c902000417090_ppc64le",
"8Base-GitOps-1.11:openshift-gitops-1/argo-rollouts-rhel8@sha256:f40c487b2922ed5b109a036996c3800fa24a8ab40579a8184bd08c0fa0a0a82b_s390x",
"8Base-GitOps-1.11:openshift-gitops-1/argocd-rhel8@sha256:95a36f983a5f2811f0fef486e90b84081d9dffeffe032be6cddeddfa4592e423_arm64",
"8Base-GitOps-1.11:openshift-gitops-1/argocd-rhel8@sha256:af69609ef177ee3cea8ef04a056df8a4a422dbc83a2631781589b61c1ed6dea6_ppc64le",
"8Base-GitOps-1.11:openshift-gitops-1/argocd-rhel8@sha256:b2fbdc3c9926b23f7e8506ad6a7062e6ca326bb3b69984762f7e4f29b1f4f93c_amd64",
"8Base-GitOps-1.11:openshift-gitops-1/argocd-rhel8@sha256:f10e4081655abf6e5c99ad32000fe98f06299cbe55434908d3161d072fde2c20_s390x",
"8Base-GitOps-1.11:openshift-gitops-1/console-plugin-rhel8@sha256:5beea6b8cdb9e06fb0fb7f92beaf02a9e9ba7b8794df8fc6eaa279c861c54c1f_ppc64le",
"8Base-GitOps-1.11:openshift-gitops-1/console-plugin-rhel8@sha256:98de5f96397f94c776a44554da00e80fee544a424404b4b64e91c65f6e463c5d_amd64",
"8Base-GitOps-1.11:openshift-gitops-1/console-plugin-rhel8@sha256:f804b7d402d3cfb45223e011912711bdd79d792e87e96ee6e8738f41e2bdd545_arm64",
"8Base-GitOps-1.11:openshift-gitops-1/console-plugin-rhel8@sha256:f9f4c3dc50ed732bd52ca77cd81adf56228772ace9792bbd8ac72714282db5ea_s390x",
"8Base-GitOps-1.11:openshift-gitops-1/dex-rhel8@sha256:7a0eaaa28b1593222a089490bbe785519bad33dc1169982fbd54d3c971589409_arm64",
"8Base-GitOps-1.11:openshift-gitops-1/dex-rhel8@sha256:82d2a3ab03d511f5751d154159e80170e47ee55789d6cfba9d9237d16a1c42fb_ppc64le",
"8Base-GitOps-1.11:openshift-gitops-1/dex-rhel8@sha256:a9f2a4c1d771f91ed46acd849a2957fb984eecf2036d9b9c84f72847e1079d78_s390x",
"8Base-GitOps-1.11:openshift-gitops-1/dex-rhel8@sha256:c9f1b0a58cefffb1aaa5e0eeb5e26ad1b24612f8b45987133cdb7fb4a0a98f5e_amd64",
"8Base-GitOps-1.11:openshift-gitops-1/gitops-operator-bundle@sha256:9357bd76c40ce6d7fdf72075b7a8c0fac132017390cdc3864768947b48347b94_amd64",
"8Base-GitOps-1.11:openshift-gitops-1/gitops-rhel8-operator@sha256:6bbc7f6e353d2d8cfcbcbb68472c97b6ff332c611780f645517a9d00937624f5_amd64",
"8Base-GitOps-1.11:openshift-gitops-1/gitops-rhel8-operator@sha256:8a0ff74e9378e2b1ba526b7bf4c7be033f22a4d4a4f40190a9e70b3306acf1be_ppc64le",
"8Base-GitOps-1.11:openshift-gitops-1/gitops-rhel8-operator@sha256:ec259fd03d43f8c71dd136baa7058e038adc172ac41d9a0bda72d89075a2faca_arm64",
"8Base-GitOps-1.11:openshift-gitops-1/gitops-rhel8-operator@sha256:eef33c6fff1da9580c3b7003ecb3db73dc0af398b98f37639edf2af9cd21d0ec_s390x",
"8Base-GitOps-1.11:openshift-gitops-1/gitops-rhel8@sha256:59bf2f19376abfeae9afd2abcd3fab5594c1fd1b98d221b142cf992348347ea8_s390x",
"8Base-GitOps-1.11:openshift-gitops-1/gitops-rhel8@sha256:8a087169c5b03152752227249d862d824cd224bcd313e4894ad89a644f17c7d8_arm64",
"8Base-GitOps-1.11:openshift-gitops-1/gitops-rhel8@sha256:92a28af94fa2f0f47d38e573068876760dd5b89a605c186bdcf4a1191391fe64_amd64",
"8Base-GitOps-1.11:openshift-gitops-1/gitops-rhel8@sha256:9a5e3e6da074aff464456750cca74ca47a3ab7b635948ac4cb8eba77e91f5938_ppc64le",
"8Base-GitOps-1.11:openshift-gitops-1/kam-delivery-rhel8@sha256:2b017899750d3945e786f75a85c9b0876bb9ee637c9c10b3f269a5976120776c_amd64",
"8Base-GitOps-1.11:openshift-gitops-1/kam-delivery-rhel8@sha256:6b4f257cf401049c9b8335a4c1f20ac8041a5e0d192279ead4fafbcd7e847e68_ppc64le",
"8Base-GitOps-1.11:openshift-gitops-1/kam-delivery-rhel8@sha256:8078fdce62aaf915755f223a46f131cd683c4f52b1897300f2e51a164eec8e93_arm64",
"8Base-GitOps-1.11:openshift-gitops-1/kam-delivery-rhel8@sha256:fbfa33cb3c73a0052b46562926e617e078709d8275555e80537b86d75a50ad0d_s390x",
"8Base-GitOps-1.11:openshift-gitops-1/must-gather-rhel8@sha256:64ac86cbd370d05a69c6c1cde6670ae8dc4dbc65ce416519a644237eecb195e0_s390x",
"8Base-GitOps-1.11:openshift-gitops-1/must-gather-rhel8@sha256:974db252e93173e2a2217fbff3c1a56aaa1411480a587a42d0c43275257d8809_arm64",
"8Base-GitOps-1.11:openshift-gitops-1/must-gather-rhel8@sha256:bda0dc71e5e11fc3e30c3a1e164aecb9d0eacc5ce01b8b19a9d446d9a9271fd6_ppc64le",
"8Base-GitOps-1.11:openshift-gitops-1/must-gather-rhel8@sha256:c16fc42f75a4b260316ae29b0ede0417771c76b0313291a8fc54a5f2eb8cf68b_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "helm: Dependency management path traversal"
},
{
"cve": "CVE-2024-26147",
"cwe": {
"id": "CWE-457",
"name": "Use of Uninitialized Variable"
},
"discovery_date": "2024-02-21T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2265440"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in Helm. This flaw may lead to a panic when Helm parses index and plugin yaml files missing expected content, leading to a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "helm: Missing YAML Content Leads To Panic",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat rates this as Moderate since this would impact the Helm client and requires a malicious plugin to be in place, which can be removed.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-GitOps-1.11:openshift-gitops-1/argo-rollouts-rhel8@sha256:076add1204be36717a4f21320e25a1ef8f362b898a91860101e036585bd7e75e_arm64",
"8Base-GitOps-1.11:openshift-gitops-1/argo-rollouts-rhel8@sha256:93f63395cd0e2d8bd35e1d7d5187f65bdd8efc9b564c98a2e07ba875aa887da4_amd64",
"8Base-GitOps-1.11:openshift-gitops-1/argo-rollouts-rhel8@sha256:9d59ac72c98079a9b29ed9a1ff5b39c49a804e28fb344112454c902000417090_ppc64le",
"8Base-GitOps-1.11:openshift-gitops-1/argo-rollouts-rhel8@sha256:f40c487b2922ed5b109a036996c3800fa24a8ab40579a8184bd08c0fa0a0a82b_s390x",
"8Base-GitOps-1.11:openshift-gitops-1/argocd-rhel8@sha256:95a36f983a5f2811f0fef486e90b84081d9dffeffe032be6cddeddfa4592e423_arm64",
"8Base-GitOps-1.11:openshift-gitops-1/argocd-rhel8@sha256:af69609ef177ee3cea8ef04a056df8a4a422dbc83a2631781589b61c1ed6dea6_ppc64le",
"8Base-GitOps-1.11:openshift-gitops-1/argocd-rhel8@sha256:b2fbdc3c9926b23f7e8506ad6a7062e6ca326bb3b69984762f7e4f29b1f4f93c_amd64",
"8Base-GitOps-1.11:openshift-gitops-1/argocd-rhel8@sha256:f10e4081655abf6e5c99ad32000fe98f06299cbe55434908d3161d072fde2c20_s390x",
"8Base-GitOps-1.11:openshift-gitops-1/console-plugin-rhel8@sha256:5beea6b8cdb9e06fb0fb7f92beaf02a9e9ba7b8794df8fc6eaa279c861c54c1f_ppc64le",
"8Base-GitOps-1.11:openshift-gitops-1/console-plugin-rhel8@sha256:98de5f96397f94c776a44554da00e80fee544a424404b4b64e91c65f6e463c5d_amd64",
"8Base-GitOps-1.11:openshift-gitops-1/console-plugin-rhel8@sha256:f804b7d402d3cfb45223e011912711bdd79d792e87e96ee6e8738f41e2bdd545_arm64",
"8Base-GitOps-1.11:openshift-gitops-1/console-plugin-rhel8@sha256:f9f4c3dc50ed732bd52ca77cd81adf56228772ace9792bbd8ac72714282db5ea_s390x",
"8Base-GitOps-1.11:openshift-gitops-1/dex-rhel8@sha256:7a0eaaa28b1593222a089490bbe785519bad33dc1169982fbd54d3c971589409_arm64",
"8Base-GitOps-1.11:openshift-gitops-1/dex-rhel8@sha256:82d2a3ab03d511f5751d154159e80170e47ee55789d6cfba9d9237d16a1c42fb_ppc64le",
"8Base-GitOps-1.11:openshift-gitops-1/dex-rhel8@sha256:a9f2a4c1d771f91ed46acd849a2957fb984eecf2036d9b9c84f72847e1079d78_s390x",
"8Base-GitOps-1.11:openshift-gitops-1/dex-rhel8@sha256:c9f1b0a58cefffb1aaa5e0eeb5e26ad1b24612f8b45987133cdb7fb4a0a98f5e_amd64",
"8Base-GitOps-1.11:openshift-gitops-1/gitops-operator-bundle@sha256:9357bd76c40ce6d7fdf72075b7a8c0fac132017390cdc3864768947b48347b94_amd64",
"8Base-GitOps-1.11:openshift-gitops-1/gitops-rhel8-operator@sha256:6bbc7f6e353d2d8cfcbcbb68472c97b6ff332c611780f645517a9d00937624f5_amd64",
"8Base-GitOps-1.11:openshift-gitops-1/gitops-rhel8-operator@sha256:8a0ff74e9378e2b1ba526b7bf4c7be033f22a4d4a4f40190a9e70b3306acf1be_ppc64le",
"8Base-GitOps-1.11:openshift-gitops-1/gitops-rhel8-operator@sha256:ec259fd03d43f8c71dd136baa7058e038adc172ac41d9a0bda72d89075a2faca_arm64",
"8Base-GitOps-1.11:openshift-gitops-1/gitops-rhel8-operator@sha256:eef33c6fff1da9580c3b7003ecb3db73dc0af398b98f37639edf2af9cd21d0ec_s390x",
"8Base-GitOps-1.11:openshift-gitops-1/gitops-rhel8@sha256:59bf2f19376abfeae9afd2abcd3fab5594c1fd1b98d221b142cf992348347ea8_s390x",
"8Base-GitOps-1.11:openshift-gitops-1/gitops-rhel8@sha256:8a087169c5b03152752227249d862d824cd224bcd313e4894ad89a644f17c7d8_arm64",
"8Base-GitOps-1.11:openshift-gitops-1/gitops-rhel8@sha256:92a28af94fa2f0f47d38e573068876760dd5b89a605c186bdcf4a1191391fe64_amd64",
"8Base-GitOps-1.11:openshift-gitops-1/gitops-rhel8@sha256:9a5e3e6da074aff464456750cca74ca47a3ab7b635948ac4cb8eba77e91f5938_ppc64le",
"8Base-GitOps-1.11:openshift-gitops-1/kam-delivery-rhel8@sha256:2b017899750d3945e786f75a85c9b0876bb9ee637c9c10b3f269a5976120776c_amd64",
"8Base-GitOps-1.11:openshift-gitops-1/kam-delivery-rhel8@sha256:6b4f257cf401049c9b8335a4c1f20ac8041a5e0d192279ead4fafbcd7e847e68_ppc64le",
"8Base-GitOps-1.11:openshift-gitops-1/kam-delivery-rhel8@sha256:8078fdce62aaf915755f223a46f131cd683c4f52b1897300f2e51a164eec8e93_arm64",
"8Base-GitOps-1.11:openshift-gitops-1/kam-delivery-rhel8@sha256:fbfa33cb3c73a0052b46562926e617e078709d8275555e80537b86d75a50ad0d_s390x",
"8Base-GitOps-1.11:openshift-gitops-1/must-gather-rhel8@sha256:64ac86cbd370d05a69c6c1cde6670ae8dc4dbc65ce416519a644237eecb195e0_s390x",
"8Base-GitOps-1.11:openshift-gitops-1/must-gather-rhel8@sha256:974db252e93173e2a2217fbff3c1a56aaa1411480a587a42d0c43275257d8809_arm64",
"8Base-GitOps-1.11:openshift-gitops-1/must-gather-rhel8@sha256:bda0dc71e5e11fc3e30c3a1e164aecb9d0eacc5ce01b8b19a9d446d9a9271fd6_ppc64le",
"8Base-GitOps-1.11:openshift-gitops-1/must-gather-rhel8@sha256:c16fc42f75a4b260316ae29b0ede0417771c76b0313291a8fc54a5f2eb8cf68b_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-26147"
},
{
"category": "external",
"summary": "RHBZ#2265440",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2265440"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-26147",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26147"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-26147",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-26147"
},
{
"category": "external",
"summary": "https://github.com/helm/helm/security/advisories/GHSA-r53h-jv2g-vpx6",
"url": "https://github.com/helm/helm/security/advisories/GHSA-r53h-jv2g-vpx6"
}
],
"release_date": "2024-02-22T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-07-18T13:37:38+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-GitOps-1.11:openshift-gitops-1/argo-rollouts-rhel8@sha256:076add1204be36717a4f21320e25a1ef8f362b898a91860101e036585bd7e75e_arm64",
"8Base-GitOps-1.11:openshift-gitops-1/argo-rollouts-rhel8@sha256:93f63395cd0e2d8bd35e1d7d5187f65bdd8efc9b564c98a2e07ba875aa887da4_amd64",
"8Base-GitOps-1.11:openshift-gitops-1/argo-rollouts-rhel8@sha256:9d59ac72c98079a9b29ed9a1ff5b39c49a804e28fb344112454c902000417090_ppc64le",
"8Base-GitOps-1.11:openshift-gitops-1/argo-rollouts-rhel8@sha256:f40c487b2922ed5b109a036996c3800fa24a8ab40579a8184bd08c0fa0a0a82b_s390x",
"8Base-GitOps-1.11:openshift-gitops-1/argocd-rhel8@sha256:95a36f983a5f2811f0fef486e90b84081d9dffeffe032be6cddeddfa4592e423_arm64",
"8Base-GitOps-1.11:openshift-gitops-1/argocd-rhel8@sha256:af69609ef177ee3cea8ef04a056df8a4a422dbc83a2631781589b61c1ed6dea6_ppc64le",
"8Base-GitOps-1.11:openshift-gitops-1/argocd-rhel8@sha256:b2fbdc3c9926b23f7e8506ad6a7062e6ca326bb3b69984762f7e4f29b1f4f93c_amd64",
"8Base-GitOps-1.11:openshift-gitops-1/argocd-rhel8@sha256:f10e4081655abf6e5c99ad32000fe98f06299cbe55434908d3161d072fde2c20_s390x",
"8Base-GitOps-1.11:openshift-gitops-1/console-plugin-rhel8@sha256:5beea6b8cdb9e06fb0fb7f92beaf02a9e9ba7b8794df8fc6eaa279c861c54c1f_ppc64le",
"8Base-GitOps-1.11:openshift-gitops-1/console-plugin-rhel8@sha256:98de5f96397f94c776a44554da00e80fee544a424404b4b64e91c65f6e463c5d_amd64",
"8Base-GitOps-1.11:openshift-gitops-1/console-plugin-rhel8@sha256:f804b7d402d3cfb45223e011912711bdd79d792e87e96ee6e8738f41e2bdd545_arm64",
"8Base-GitOps-1.11:openshift-gitops-1/console-plugin-rhel8@sha256:f9f4c3dc50ed732bd52ca77cd81adf56228772ace9792bbd8ac72714282db5ea_s390x",
"8Base-GitOps-1.11:openshift-gitops-1/dex-rhel8@sha256:7a0eaaa28b1593222a089490bbe785519bad33dc1169982fbd54d3c971589409_arm64",
"8Base-GitOps-1.11:openshift-gitops-1/dex-rhel8@sha256:82d2a3ab03d511f5751d154159e80170e47ee55789d6cfba9d9237d16a1c42fb_ppc64le",
"8Base-GitOps-1.11:openshift-gitops-1/dex-rhel8@sha256:a9f2a4c1d771f91ed46acd849a2957fb984eecf2036d9b9c84f72847e1079d78_s390x",
"8Base-GitOps-1.11:openshift-gitops-1/dex-rhel8@sha256:c9f1b0a58cefffb1aaa5e0eeb5e26ad1b24612f8b45987133cdb7fb4a0a98f5e_amd64",
"8Base-GitOps-1.11:openshift-gitops-1/gitops-operator-bundle@sha256:9357bd76c40ce6d7fdf72075b7a8c0fac132017390cdc3864768947b48347b94_amd64",
"8Base-GitOps-1.11:openshift-gitops-1/gitops-rhel8-operator@sha256:6bbc7f6e353d2d8cfcbcbb68472c97b6ff332c611780f645517a9d00937624f5_amd64",
"8Base-GitOps-1.11:openshift-gitops-1/gitops-rhel8-operator@sha256:8a0ff74e9378e2b1ba526b7bf4c7be033f22a4d4a4f40190a9e70b3306acf1be_ppc64le",
"8Base-GitOps-1.11:openshift-gitops-1/gitops-rhel8-operator@sha256:ec259fd03d43f8c71dd136baa7058e038adc172ac41d9a0bda72d89075a2faca_arm64",
"8Base-GitOps-1.11:openshift-gitops-1/gitops-rhel8-operator@sha256:eef33c6fff1da9580c3b7003ecb3db73dc0af398b98f37639edf2af9cd21d0ec_s390x",
"8Base-GitOps-1.11:openshift-gitops-1/gitops-rhel8@sha256:59bf2f19376abfeae9afd2abcd3fab5594c1fd1b98d221b142cf992348347ea8_s390x",
"8Base-GitOps-1.11:openshift-gitops-1/gitops-rhel8@sha256:8a087169c5b03152752227249d862d824cd224bcd313e4894ad89a644f17c7d8_arm64",
"8Base-GitOps-1.11:openshift-gitops-1/gitops-rhel8@sha256:92a28af94fa2f0f47d38e573068876760dd5b89a605c186bdcf4a1191391fe64_amd64",
"8Base-GitOps-1.11:openshift-gitops-1/gitops-rhel8@sha256:9a5e3e6da074aff464456750cca74ca47a3ab7b635948ac4cb8eba77e91f5938_ppc64le",
"8Base-GitOps-1.11:openshift-gitops-1/kam-delivery-rhel8@sha256:2b017899750d3945e786f75a85c9b0876bb9ee637c9c10b3f269a5976120776c_amd64",
"8Base-GitOps-1.11:openshift-gitops-1/kam-delivery-rhel8@sha256:6b4f257cf401049c9b8335a4c1f20ac8041a5e0d192279ead4fafbcd7e847e68_ppc64le",
"8Base-GitOps-1.11:openshift-gitops-1/kam-delivery-rhel8@sha256:8078fdce62aaf915755f223a46f131cd683c4f52b1897300f2e51a164eec8e93_arm64",
"8Base-GitOps-1.11:openshift-gitops-1/kam-delivery-rhel8@sha256:fbfa33cb3c73a0052b46562926e617e078709d8275555e80537b86d75a50ad0d_s390x",
"8Base-GitOps-1.11:openshift-gitops-1/must-gather-rhel8@sha256:64ac86cbd370d05a69c6c1cde6670ae8dc4dbc65ce416519a644237eecb195e0_s390x",
"8Base-GitOps-1.11:openshift-gitops-1/must-gather-rhel8@sha256:974db252e93173e2a2217fbff3c1a56aaa1411480a587a42d0c43275257d8809_arm64",
"8Base-GitOps-1.11:openshift-gitops-1/must-gather-rhel8@sha256:bda0dc71e5e11fc3e30c3a1e164aecb9d0eacc5ce01b8b19a9d446d9a9271fd6_ppc64le",
"8Base-GitOps-1.11:openshift-gitops-1/must-gather-rhel8@sha256:c16fc42f75a4b260316ae29b0ede0417771c76b0313291a8fc54a5f2eb8cf68b_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:4626"
},
{
"category": "workaround",
"details": "If a malicious plugin has been added which is causing all Helm client commands to panic, the malicious plugin can be manually removed from the filesystem.\n\nIf using Helm SDK versions prior to 3.14.2, calls to affected functions can use recover to catch the panic.",
"product_ids": [
"8Base-GitOps-1.11:openshift-gitops-1/argo-rollouts-rhel8@sha256:076add1204be36717a4f21320e25a1ef8f362b898a91860101e036585bd7e75e_arm64",
"8Base-GitOps-1.11:openshift-gitops-1/argo-rollouts-rhel8@sha256:93f63395cd0e2d8bd35e1d7d5187f65bdd8efc9b564c98a2e07ba875aa887da4_amd64",
"8Base-GitOps-1.11:openshift-gitops-1/argo-rollouts-rhel8@sha256:9d59ac72c98079a9b29ed9a1ff5b39c49a804e28fb344112454c902000417090_ppc64le",
"8Base-GitOps-1.11:openshift-gitops-1/argo-rollouts-rhel8@sha256:f40c487b2922ed5b109a036996c3800fa24a8ab40579a8184bd08c0fa0a0a82b_s390x",
"8Base-GitOps-1.11:openshift-gitops-1/argocd-rhel8@sha256:95a36f983a5f2811f0fef486e90b84081d9dffeffe032be6cddeddfa4592e423_arm64",
"8Base-GitOps-1.11:openshift-gitops-1/argocd-rhel8@sha256:af69609ef177ee3cea8ef04a056df8a4a422dbc83a2631781589b61c1ed6dea6_ppc64le",
"8Base-GitOps-1.11:openshift-gitops-1/argocd-rhel8@sha256:b2fbdc3c9926b23f7e8506ad6a7062e6ca326bb3b69984762f7e4f29b1f4f93c_amd64",
"8Base-GitOps-1.11:openshift-gitops-1/argocd-rhel8@sha256:f10e4081655abf6e5c99ad32000fe98f06299cbe55434908d3161d072fde2c20_s390x",
"8Base-GitOps-1.11:openshift-gitops-1/console-plugin-rhel8@sha256:5beea6b8cdb9e06fb0fb7f92beaf02a9e9ba7b8794df8fc6eaa279c861c54c1f_ppc64le",
"8Base-GitOps-1.11:openshift-gitops-1/console-plugin-rhel8@sha256:98de5f96397f94c776a44554da00e80fee544a424404b4b64e91c65f6e463c5d_amd64",
"8Base-GitOps-1.11:openshift-gitops-1/console-plugin-rhel8@sha256:f804b7d402d3cfb45223e011912711bdd79d792e87e96ee6e8738f41e2bdd545_arm64",
"8Base-GitOps-1.11:openshift-gitops-1/console-plugin-rhel8@sha256:f9f4c3dc50ed732bd52ca77cd81adf56228772ace9792bbd8ac72714282db5ea_s390x",
"8Base-GitOps-1.11:openshift-gitops-1/dex-rhel8@sha256:7a0eaaa28b1593222a089490bbe785519bad33dc1169982fbd54d3c971589409_arm64",
"8Base-GitOps-1.11:openshift-gitops-1/dex-rhel8@sha256:82d2a3ab03d511f5751d154159e80170e47ee55789d6cfba9d9237d16a1c42fb_ppc64le",
"8Base-GitOps-1.11:openshift-gitops-1/dex-rhel8@sha256:a9f2a4c1d771f91ed46acd849a2957fb984eecf2036d9b9c84f72847e1079d78_s390x",
"8Base-GitOps-1.11:openshift-gitops-1/dex-rhel8@sha256:c9f1b0a58cefffb1aaa5e0eeb5e26ad1b24612f8b45987133cdb7fb4a0a98f5e_amd64",
"8Base-GitOps-1.11:openshift-gitops-1/gitops-operator-bundle@sha256:9357bd76c40ce6d7fdf72075b7a8c0fac132017390cdc3864768947b48347b94_amd64",
"8Base-GitOps-1.11:openshift-gitops-1/gitops-rhel8-operator@sha256:6bbc7f6e353d2d8cfcbcbb68472c97b6ff332c611780f645517a9d00937624f5_amd64",
"8Base-GitOps-1.11:openshift-gitops-1/gitops-rhel8-operator@sha256:8a0ff74e9378e2b1ba526b7bf4c7be033f22a4d4a4f40190a9e70b3306acf1be_ppc64le",
"8Base-GitOps-1.11:openshift-gitops-1/gitops-rhel8-operator@sha256:ec259fd03d43f8c71dd136baa7058e038adc172ac41d9a0bda72d89075a2faca_arm64",
"8Base-GitOps-1.11:openshift-gitops-1/gitops-rhel8-operator@sha256:eef33c6fff1da9580c3b7003ecb3db73dc0af398b98f37639edf2af9cd21d0ec_s390x",
"8Base-GitOps-1.11:openshift-gitops-1/gitops-rhel8@sha256:59bf2f19376abfeae9afd2abcd3fab5594c1fd1b98d221b142cf992348347ea8_s390x",
"8Base-GitOps-1.11:openshift-gitops-1/gitops-rhel8@sha256:8a087169c5b03152752227249d862d824cd224bcd313e4894ad89a644f17c7d8_arm64",
"8Base-GitOps-1.11:openshift-gitops-1/gitops-rhel8@sha256:92a28af94fa2f0f47d38e573068876760dd5b89a605c186bdcf4a1191391fe64_amd64",
"8Base-GitOps-1.11:openshift-gitops-1/gitops-rhel8@sha256:9a5e3e6da074aff464456750cca74ca47a3ab7b635948ac4cb8eba77e91f5938_ppc64le",
"8Base-GitOps-1.11:openshift-gitops-1/kam-delivery-rhel8@sha256:2b017899750d3945e786f75a85c9b0876bb9ee637c9c10b3f269a5976120776c_amd64",
"8Base-GitOps-1.11:openshift-gitops-1/kam-delivery-rhel8@sha256:6b4f257cf401049c9b8335a4c1f20ac8041a5e0d192279ead4fafbcd7e847e68_ppc64le",
"8Base-GitOps-1.11:openshift-gitops-1/kam-delivery-rhel8@sha256:8078fdce62aaf915755f223a46f131cd683c4f52b1897300f2e51a164eec8e93_arm64",
"8Base-GitOps-1.11:openshift-gitops-1/kam-delivery-rhel8@sha256:fbfa33cb3c73a0052b46562926e617e078709d8275555e80537b86d75a50ad0d_s390x",
"8Base-GitOps-1.11:openshift-gitops-1/must-gather-rhel8@sha256:64ac86cbd370d05a69c6c1cde6670ae8dc4dbc65ce416519a644237eecb195e0_s390x",
"8Base-GitOps-1.11:openshift-gitops-1/must-gather-rhel8@sha256:974db252e93173e2a2217fbff3c1a56aaa1411480a587a42d0c43275257d8809_arm64",
"8Base-GitOps-1.11:openshift-gitops-1/must-gather-rhel8@sha256:bda0dc71e5e11fc3e30c3a1e164aecb9d0eacc5ce01b8b19a9d446d9a9271fd6_ppc64le",
"8Base-GitOps-1.11:openshift-gitops-1/must-gather-rhel8@sha256:c16fc42f75a4b260316ae29b0ede0417771c76b0313291a8fc54a5f2eb8cf68b_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-GitOps-1.11:openshift-gitops-1/argo-rollouts-rhel8@sha256:076add1204be36717a4f21320e25a1ef8f362b898a91860101e036585bd7e75e_arm64",
"8Base-GitOps-1.11:openshift-gitops-1/argo-rollouts-rhel8@sha256:93f63395cd0e2d8bd35e1d7d5187f65bdd8efc9b564c98a2e07ba875aa887da4_amd64",
"8Base-GitOps-1.11:openshift-gitops-1/argo-rollouts-rhel8@sha256:9d59ac72c98079a9b29ed9a1ff5b39c49a804e28fb344112454c902000417090_ppc64le",
"8Base-GitOps-1.11:openshift-gitops-1/argo-rollouts-rhel8@sha256:f40c487b2922ed5b109a036996c3800fa24a8ab40579a8184bd08c0fa0a0a82b_s390x",
"8Base-GitOps-1.11:openshift-gitops-1/argocd-rhel8@sha256:95a36f983a5f2811f0fef486e90b84081d9dffeffe032be6cddeddfa4592e423_arm64",
"8Base-GitOps-1.11:openshift-gitops-1/argocd-rhel8@sha256:af69609ef177ee3cea8ef04a056df8a4a422dbc83a2631781589b61c1ed6dea6_ppc64le",
"8Base-GitOps-1.11:openshift-gitops-1/argocd-rhel8@sha256:b2fbdc3c9926b23f7e8506ad6a7062e6ca326bb3b69984762f7e4f29b1f4f93c_amd64",
"8Base-GitOps-1.11:openshift-gitops-1/argocd-rhel8@sha256:f10e4081655abf6e5c99ad32000fe98f06299cbe55434908d3161d072fde2c20_s390x",
"8Base-GitOps-1.11:openshift-gitops-1/console-plugin-rhel8@sha256:5beea6b8cdb9e06fb0fb7f92beaf02a9e9ba7b8794df8fc6eaa279c861c54c1f_ppc64le",
"8Base-GitOps-1.11:openshift-gitops-1/console-plugin-rhel8@sha256:98de5f96397f94c776a44554da00e80fee544a424404b4b64e91c65f6e463c5d_amd64",
"8Base-GitOps-1.11:openshift-gitops-1/console-plugin-rhel8@sha256:f804b7d402d3cfb45223e011912711bdd79d792e87e96ee6e8738f41e2bdd545_arm64",
"8Base-GitOps-1.11:openshift-gitops-1/console-plugin-rhel8@sha256:f9f4c3dc50ed732bd52ca77cd81adf56228772ace9792bbd8ac72714282db5ea_s390x",
"8Base-GitOps-1.11:openshift-gitops-1/dex-rhel8@sha256:7a0eaaa28b1593222a089490bbe785519bad33dc1169982fbd54d3c971589409_arm64",
"8Base-GitOps-1.11:openshift-gitops-1/dex-rhel8@sha256:82d2a3ab03d511f5751d154159e80170e47ee55789d6cfba9d9237d16a1c42fb_ppc64le",
"8Base-GitOps-1.11:openshift-gitops-1/dex-rhel8@sha256:a9f2a4c1d771f91ed46acd849a2957fb984eecf2036d9b9c84f72847e1079d78_s390x",
"8Base-GitOps-1.11:openshift-gitops-1/dex-rhel8@sha256:c9f1b0a58cefffb1aaa5e0eeb5e26ad1b24612f8b45987133cdb7fb4a0a98f5e_amd64",
"8Base-GitOps-1.11:openshift-gitops-1/gitops-operator-bundle@sha256:9357bd76c40ce6d7fdf72075b7a8c0fac132017390cdc3864768947b48347b94_amd64",
"8Base-GitOps-1.11:openshift-gitops-1/gitops-rhel8-operator@sha256:6bbc7f6e353d2d8cfcbcbb68472c97b6ff332c611780f645517a9d00937624f5_amd64",
"8Base-GitOps-1.11:openshift-gitops-1/gitops-rhel8-operator@sha256:8a0ff74e9378e2b1ba526b7bf4c7be033f22a4d4a4f40190a9e70b3306acf1be_ppc64le",
"8Base-GitOps-1.11:openshift-gitops-1/gitops-rhel8-operator@sha256:ec259fd03d43f8c71dd136baa7058e038adc172ac41d9a0bda72d89075a2faca_arm64",
"8Base-GitOps-1.11:openshift-gitops-1/gitops-rhel8-operator@sha256:eef33c6fff1da9580c3b7003ecb3db73dc0af398b98f37639edf2af9cd21d0ec_s390x",
"8Base-GitOps-1.11:openshift-gitops-1/gitops-rhel8@sha256:59bf2f19376abfeae9afd2abcd3fab5594c1fd1b98d221b142cf992348347ea8_s390x",
"8Base-GitOps-1.11:openshift-gitops-1/gitops-rhel8@sha256:8a087169c5b03152752227249d862d824cd224bcd313e4894ad89a644f17c7d8_arm64",
"8Base-GitOps-1.11:openshift-gitops-1/gitops-rhel8@sha256:92a28af94fa2f0f47d38e573068876760dd5b89a605c186bdcf4a1191391fe64_amd64",
"8Base-GitOps-1.11:openshift-gitops-1/gitops-rhel8@sha256:9a5e3e6da074aff464456750cca74ca47a3ab7b635948ac4cb8eba77e91f5938_ppc64le",
"8Base-GitOps-1.11:openshift-gitops-1/kam-delivery-rhel8@sha256:2b017899750d3945e786f75a85c9b0876bb9ee637c9c10b3f269a5976120776c_amd64",
"8Base-GitOps-1.11:openshift-gitops-1/kam-delivery-rhel8@sha256:6b4f257cf401049c9b8335a4c1f20ac8041a5e0d192279ead4fafbcd7e847e68_ppc64le",
"8Base-GitOps-1.11:openshift-gitops-1/kam-delivery-rhel8@sha256:8078fdce62aaf915755f223a46f131cd683c4f52b1897300f2e51a164eec8e93_arm64",
"8Base-GitOps-1.11:openshift-gitops-1/kam-delivery-rhel8@sha256:fbfa33cb3c73a0052b46562926e617e078709d8275555e80537b86d75a50ad0d_s390x",
"8Base-GitOps-1.11:openshift-gitops-1/must-gather-rhel8@sha256:64ac86cbd370d05a69c6c1cde6670ae8dc4dbc65ce416519a644237eecb195e0_s390x",
"8Base-GitOps-1.11:openshift-gitops-1/must-gather-rhel8@sha256:974db252e93173e2a2217fbff3c1a56aaa1411480a587a42d0c43275257d8809_arm64",
"8Base-GitOps-1.11:openshift-gitops-1/must-gather-rhel8@sha256:bda0dc71e5e11fc3e30c3a1e164aecb9d0eacc5ce01b8b19a9d446d9a9271fd6_ppc64le",
"8Base-GitOps-1.11:openshift-gitops-1/must-gather-rhel8@sha256:c16fc42f75a4b260316ae29b0ede0417771c76b0313291a8fc54a5f2eb8cf68b_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "helm: Missing YAML Content Leads To Panic"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…