rhsa-2025:11396
Vulnerability from csaf_redhat
Published
2025-07-18 15:51
Modified
2025-08-22 03:18
Summary
Red Hat Security Advisory: OpenShift API for Data Protection (OADP) 1.4.5 security and bug fix update
Notes
Topic
OpenShift API for Data Protection (OADP) 1.4.5 is now available.
Red Hat Product Security has rated this update as having a security impact
of Important. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available for each vulnerability
from the CVE link(s) in the References section.
Details
OpenShift API for Data Protection (OADP) enables you to back up and restore application resources, persistent volume data, and internal container images to external backup storage. OADP enables both file system-based and snapshot-based backups for persistent volumes.
Security Fix(es) from Bugzilla:
* golang.org/x/crypto/ssh: Misuse of ServerConfig.PublicKeyCallback may cause authorization bypass in golang.org/x/crypto (CVE-2024-45337)
* golang.org/x/net/html: Non-linear parsing of case-insensitive content in golang.org/x/net/html (CVE-2024-45338)
* go-git: argument injection via the URL field (CVE-2025-21613)
* golang.org/x/oauth2/jws: Unexpected memory consumption during token parsing in golang.org/x/oauth2/jws (CVE-2025-22868)
* golang.org/x/crypto/ssh: Denial of Service in the Key Exchange of golang.org/x/crypto/ssh (CVE-2025-22869)
* golang-jwt/jwt: jwt-go allows excessive memory allocation during header parsing (CVE-2025-30204)
* go-jose: Go JOSE's Parsing Vulnerable to Denial of Service (CVE-2025-27144)
* net/http: Request smuggling due to acceptance of invalid chunked data in net/http (CVE-2025-22871)
For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "OpenShift API for Data Protection (OADP) 1.4.5 is now available.\n\nRed Hat Product Security has rated this update as having a security impact\nof Important. A Common Vulnerability Scoring System (CVSS) base score,\nwhich gives a detailed severity rating, is available for each vulnerability\nfrom the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "OpenShift API for Data Protection (OADP) enables you to back up and restore application resources, persistent volume data, and internal container images to external backup storage. OADP enables both file system-based and snapshot-based backups for persistent volumes.\n\nSecurity Fix(es) from Bugzilla:\n\n* golang.org/x/crypto/ssh: Misuse of ServerConfig.PublicKeyCallback may cause authorization bypass in golang.org/x/crypto (CVE-2024-45337)\n\n* golang.org/x/net/html: Non-linear parsing of case-insensitive content in golang.org/x/net/html (CVE-2024-45338)\n\n* go-git: argument injection via the URL field (CVE-2025-21613)\n\n* golang.org/x/oauth2/jws: Unexpected memory consumption during token parsing in golang.org/x/oauth2/jws (CVE-2025-22868)\n\n* golang.org/x/crypto/ssh: Denial of Service in the Key Exchange of golang.org/x/crypto/ssh (CVE-2025-22869)\n\n* golang-jwt/jwt: jwt-go allows excessive memory allocation during header parsing (CVE-2025-30204)\n\n* go-jose: Go JOSE\u0027s Parsing Vulnerable to Denial of Service (CVE-2025-27144)\n\n* net/http: Request smuggling due to acceptance of invalid chunked data in net/http (CVE-2025-22871)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2025:11396",
"url": "https://access.redhat.com/errata/RHSA-2025:11396"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2331720",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2331720"
},
{
"category": "external",
"summary": "2333122",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2333122"
},
{
"category": "external",
"summary": "2335888",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2335888"
},
{
"category": "external",
"summary": "2347423",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2347423"
},
{
"category": "external",
"summary": "2348366",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2348366"
},
{
"category": "external",
"summary": "2348367",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2348367"
},
{
"category": "external",
"summary": "2354195",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2354195"
},
{
"category": "external",
"summary": "2358493",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2358493"
},
{
"category": "external",
"summary": "OADP-5904",
"url": "https://issues.redhat.com/browse/OADP-5904"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_11396.json"
}
],
"title": "Red Hat Security Advisory: OpenShift API for Data Protection (OADP) 1.4.5 security and bug fix update",
"tracking": {
"current_release_date": "2025-08-22T03:18:55+00:00",
"generator": {
"date": "2025-08-22T03:18:55+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.6"
}
},
"id": "RHSA-2025:11396",
"initial_release_date": "2025-07-18T15:51:18+00:00",
"revision_history": [
{
"date": "2025-07-18T15:51:18+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2025-07-18T15:51:18+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-08-22T03:18:55+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "9Base-OADP-1.4",
"product": {
"name": "9Base-OADP-1.4",
"product_id": "9Base-OADP-1.4",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift_api_data_protection:1.4::el9"
}
}
}
],
"category": "product_family",
"name": "OpenShift API for Data Protection"
},
{
"branches": [
{
"category": "product_version",
"name": "oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:475a27e370e023af9fc2698ce9b14a97cd0302d27f2bc52dc680bb63a82eb707_s390x",
"product": {
"name": "oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:475a27e370e023af9fc2698ce9b14a97cd0302d27f2bc52dc680bb63a82eb707_s390x",
"product_id": "oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:475a27e370e023af9fc2698ce9b14a97cd0302d27f2bc52dc680bb63a82eb707_s390x",
"product_identification_helper": {
"purl": "pkg:oci/oadp-kubevirt-velero-plugin-rhel9@sha256:475a27e370e023af9fc2698ce9b14a97cd0302d27f2bc52dc680bb63a82eb707?arch=s390x\u0026repository_url=registry.redhat.io/oadp/oadp-kubevirt-velero-plugin-rhel9\u0026tag=1.4.5-21"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-mustgather-rhel9@sha256:41f32fb3b6f3c1ed7be1f2580dd0fcc861c8240c8470b4e0346e0ba5bbb512b5_s390x",
"product": {
"name": "oadp/oadp-mustgather-rhel9@sha256:41f32fb3b6f3c1ed7be1f2580dd0fcc861c8240c8470b4e0346e0ba5bbb512b5_s390x",
"product_id": "oadp/oadp-mustgather-rhel9@sha256:41f32fb3b6f3c1ed7be1f2580dd0fcc861c8240c8470b4e0346e0ba5bbb512b5_s390x",
"product_identification_helper": {
"purl": "pkg:oci/oadp-mustgather-rhel9@sha256:41f32fb3b6f3c1ed7be1f2580dd0fcc861c8240c8470b4e0346e0ba5bbb512b5?arch=s390x\u0026repository_url=registry.redhat.io/oadp/oadp-mustgather-rhel9\u0026tag=1.4.5-34"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-operator-bundle@sha256:c06a0dc726d75fbed4c5f0ed5beb1abafdc2f85997d9d0b1dab41775b7ffe07d_s390x",
"product": {
"name": "oadp/oadp-operator-bundle@sha256:c06a0dc726d75fbed4c5f0ed5beb1abafdc2f85997d9d0b1dab41775b7ffe07d_s390x",
"product_id": "oadp/oadp-operator-bundle@sha256:c06a0dc726d75fbed4c5f0ed5beb1abafdc2f85997d9d0b1dab41775b7ffe07d_s390x",
"product_identification_helper": {
"purl": "pkg:oci/oadp-operator-bundle@sha256:c06a0dc726d75fbed4c5f0ed5beb1abafdc2f85997d9d0b1dab41775b7ffe07d?arch=s390x\u0026repository_url=registry.redhat.io/oadp/oadp-operator-bundle\u0026tag=1.4.5-34"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-rhel9-operator@sha256:a8b86cbc818be479fd560b85e129e917c2314c82070d39a0c1453d8f11631ec5_s390x",
"product": {
"name": "oadp/oadp-rhel9-operator@sha256:a8b86cbc818be479fd560b85e129e917c2314c82070d39a0c1453d8f11631ec5_s390x",
"product_id": "oadp/oadp-rhel9-operator@sha256:a8b86cbc818be479fd560b85e129e917c2314c82070d39a0c1453d8f11631ec5_s390x",
"product_identification_helper": {
"purl": "pkg:oci/oadp-rhel9-operator@sha256:a8b86cbc818be479fd560b85e129e917c2314c82070d39a0c1453d8f11631ec5?arch=s390x\u0026repository_url=registry.redhat.io/oadp/oadp-rhel9-operator\u0026tag=1.4.5-20"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-velero-rhel9@sha256:704acaaf95af349cb107ac6df2bfef5da3df3d5fc16f16c631b5e5f97492bcaf_s390x",
"product": {
"name": "oadp/oadp-velero-rhel9@sha256:704acaaf95af349cb107ac6df2bfef5da3df3d5fc16f16c631b5e5f97492bcaf_s390x",
"product_id": "oadp/oadp-velero-rhel9@sha256:704acaaf95af349cb107ac6df2bfef5da3df3d5fc16f16c631b5e5f97492bcaf_s390x",
"product_identification_helper": {
"purl": "pkg:oci/oadp-velero-rhel9@sha256:704acaaf95af349cb107ac6df2bfef5da3df3d5fc16f16c631b5e5f97492bcaf?arch=s390x\u0026repository_url=registry.redhat.io/oadp/oadp-velero-rhel9\u0026tag=1.4.5-20"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-velero-plugin-rhel9@sha256:d37ce4423a62897fa3ba2b59fe9bb3a4832088020ea089dd03b920a36179418f_s390x",
"product": {
"name": "oadp/oadp-velero-plugin-rhel9@sha256:d37ce4423a62897fa3ba2b59fe9bb3a4832088020ea089dd03b920a36179418f_s390x",
"product_id": "oadp/oadp-velero-plugin-rhel9@sha256:d37ce4423a62897fa3ba2b59fe9bb3a4832088020ea089dd03b920a36179418f_s390x",
"product_identification_helper": {
"purl": "pkg:oci/oadp-velero-plugin-rhel9@sha256:d37ce4423a62897fa3ba2b59fe9bb3a4832088020ea089dd03b920a36179418f?arch=s390x\u0026repository_url=registry.redhat.io/oadp/oadp-velero-plugin-rhel9\u0026tag=1.4.5-18"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-velero-plugin-for-aws-rhel9@sha256:e97dc347f843eab864efb81f939b425554e6db58cde788a942afd7b00ac470df_s390x",
"product": {
"name": "oadp/oadp-velero-plugin-for-aws-rhel9@sha256:e97dc347f843eab864efb81f939b425554e6db58cde788a942afd7b00ac470df_s390x",
"product_id": "oadp/oadp-velero-plugin-for-aws-rhel9@sha256:e97dc347f843eab864efb81f939b425554e6db58cde788a942afd7b00ac470df_s390x",
"product_identification_helper": {
"purl": "pkg:oci/oadp-velero-plugin-for-aws-rhel9@sha256:e97dc347f843eab864efb81f939b425554e6db58cde788a942afd7b00ac470df?arch=s390x\u0026repository_url=registry.redhat.io/oadp/oadp-velero-plugin-for-aws-rhel9\u0026tag=1.4.5-19"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:d9cc11a9154a89f84d66874f773225b6ac2b9a3342bd4d15cbb2ee8639c5f05f_s390x",
"product": {
"name": "oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:d9cc11a9154a89f84d66874f773225b6ac2b9a3342bd4d15cbb2ee8639c5f05f_s390x",
"product_id": "oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:d9cc11a9154a89f84d66874f773225b6ac2b9a3342bd4d15cbb2ee8639c5f05f_s390x",
"product_identification_helper": {
"purl": "pkg:oci/oadp-velero-plugin-for-gcp-rhel9@sha256:d9cc11a9154a89f84d66874f773225b6ac2b9a3342bd4d15cbb2ee8639c5f05f?arch=s390x\u0026repository_url=registry.redhat.io/oadp/oadp-velero-plugin-for-gcp-rhel9\u0026tag=1.4.5-18"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:cc1323f77941a5c0d4202ab96ca1643b6d06df4febf996de2ee82f43010e319c_s390x",
"product": {
"name": "oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:cc1323f77941a5c0d4202ab96ca1643b6d06df4febf996de2ee82f43010e319c_s390x",
"product_id": "oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:cc1323f77941a5c0d4202ab96ca1643b6d06df4febf996de2ee82f43010e319c_s390x",
"product_identification_helper": {
"purl": "pkg:oci/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:cc1323f77941a5c0d4202ab96ca1643b6d06df4febf996de2ee82f43010e319c?arch=s390x\u0026repository_url=registry.redhat.io/oadp/oadp-velero-plugin-for-legacy-aws-rhel9\u0026tag=1.4.5-17"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:18bfc85cc1a69536c266b0d168644406ccab9943aeb076a4e1a241655783a199_s390x",
"product": {
"name": "oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:18bfc85cc1a69536c266b0d168644406ccab9943aeb076a4e1a241655783a199_s390x",
"product_id": "oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:18bfc85cc1a69536c266b0d168644406ccab9943aeb076a4e1a241655783a199_s390x",
"product_identification_helper": {
"purl": "pkg:oci/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:18bfc85cc1a69536c266b0d168644406ccab9943aeb076a4e1a241655783a199?arch=s390x\u0026repository_url=registry.redhat.io/oadp/oadp-velero-plugin-for-microsoft-azure-rhel9\u0026tag=1.4.5-18"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-velero-restic-restore-helper-rhel9@sha256:ebe2f773be55633f5d78274d9b85c253cd97257e227f20a12f20f27722c56885_s390x",
"product": {
"name": "oadp/oadp-velero-restic-restore-helper-rhel9@sha256:ebe2f773be55633f5d78274d9b85c253cd97257e227f20a12f20f27722c56885_s390x",
"product_id": "oadp/oadp-velero-restic-restore-helper-rhel9@sha256:ebe2f773be55633f5d78274d9b85c253cd97257e227f20a12f20f27722c56885_s390x",
"product_identification_helper": {
"purl": "pkg:oci/oadp-velero-restic-restore-helper-rhel9@sha256:ebe2f773be55633f5d78274d9b85c253cd97257e227f20a12f20f27722c56885?arch=s390x\u0026repository_url=registry.redhat.io/oadp/oadp-velero-restic-restore-helper-rhel9\u0026tag=1.4.5-20"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:f78f207306aebfe90a9126218b77b64a088b68122f8805b5b69e47972e5d298a_arm64",
"product": {
"name": "oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:f78f207306aebfe90a9126218b77b64a088b68122f8805b5b69e47972e5d298a_arm64",
"product_id": "oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:f78f207306aebfe90a9126218b77b64a088b68122f8805b5b69e47972e5d298a_arm64",
"product_identification_helper": {
"purl": "pkg:oci/oadp-kubevirt-velero-plugin-rhel9@sha256:f78f207306aebfe90a9126218b77b64a088b68122f8805b5b69e47972e5d298a?arch=arm64\u0026repository_url=registry.redhat.io/oadp/oadp-kubevirt-velero-plugin-rhel9\u0026tag=1.4.5-21"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-mustgather-rhel9@sha256:abf07f4cad8f18537ccc2f162b25e11a5cae547c5f0db789f573ebc42a327041_arm64",
"product": {
"name": "oadp/oadp-mustgather-rhel9@sha256:abf07f4cad8f18537ccc2f162b25e11a5cae547c5f0db789f573ebc42a327041_arm64",
"product_id": "oadp/oadp-mustgather-rhel9@sha256:abf07f4cad8f18537ccc2f162b25e11a5cae547c5f0db789f573ebc42a327041_arm64",
"product_identification_helper": {
"purl": "pkg:oci/oadp-mustgather-rhel9@sha256:abf07f4cad8f18537ccc2f162b25e11a5cae547c5f0db789f573ebc42a327041?arch=arm64\u0026repository_url=registry.redhat.io/oadp/oadp-mustgather-rhel9\u0026tag=1.4.5-34"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-operator-bundle@sha256:7bbd1cb460a20aa568f543122ead86a7590827ed04166b82902cd68f60c67b4a_arm64",
"product": {
"name": "oadp/oadp-operator-bundle@sha256:7bbd1cb460a20aa568f543122ead86a7590827ed04166b82902cd68f60c67b4a_arm64",
"product_id": "oadp/oadp-operator-bundle@sha256:7bbd1cb460a20aa568f543122ead86a7590827ed04166b82902cd68f60c67b4a_arm64",
"product_identification_helper": {
"purl": "pkg:oci/oadp-operator-bundle@sha256:7bbd1cb460a20aa568f543122ead86a7590827ed04166b82902cd68f60c67b4a?arch=arm64\u0026repository_url=registry.redhat.io/oadp/oadp-operator-bundle\u0026tag=1.4.5-34"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-rhel9-operator@sha256:e4a7bd1b9aeae7350256a65fcb094cff2622e569ca8768df63d43682dff364d4_arm64",
"product": {
"name": "oadp/oadp-rhel9-operator@sha256:e4a7bd1b9aeae7350256a65fcb094cff2622e569ca8768df63d43682dff364d4_arm64",
"product_id": "oadp/oadp-rhel9-operator@sha256:e4a7bd1b9aeae7350256a65fcb094cff2622e569ca8768df63d43682dff364d4_arm64",
"product_identification_helper": {
"purl": "pkg:oci/oadp-rhel9-operator@sha256:e4a7bd1b9aeae7350256a65fcb094cff2622e569ca8768df63d43682dff364d4?arch=arm64\u0026repository_url=registry.redhat.io/oadp/oadp-rhel9-operator\u0026tag=1.4.5-20"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-velero-rhel9@sha256:8f28683c1b38621778de147f3f2329119f843e017d48a33de14fcadfc9f4384b_arm64",
"product": {
"name": "oadp/oadp-velero-rhel9@sha256:8f28683c1b38621778de147f3f2329119f843e017d48a33de14fcadfc9f4384b_arm64",
"product_id": "oadp/oadp-velero-rhel9@sha256:8f28683c1b38621778de147f3f2329119f843e017d48a33de14fcadfc9f4384b_arm64",
"product_identification_helper": {
"purl": "pkg:oci/oadp-velero-rhel9@sha256:8f28683c1b38621778de147f3f2329119f843e017d48a33de14fcadfc9f4384b?arch=arm64\u0026repository_url=registry.redhat.io/oadp/oadp-velero-rhel9\u0026tag=1.4.5-20"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-velero-plugin-rhel9@sha256:6fb517f7cba99c4db682a9e71e4afce78f0f6b2b6fed6ee83ee39e3883af72d1_arm64",
"product": {
"name": "oadp/oadp-velero-plugin-rhel9@sha256:6fb517f7cba99c4db682a9e71e4afce78f0f6b2b6fed6ee83ee39e3883af72d1_arm64",
"product_id": "oadp/oadp-velero-plugin-rhel9@sha256:6fb517f7cba99c4db682a9e71e4afce78f0f6b2b6fed6ee83ee39e3883af72d1_arm64",
"product_identification_helper": {
"purl": "pkg:oci/oadp-velero-plugin-rhel9@sha256:6fb517f7cba99c4db682a9e71e4afce78f0f6b2b6fed6ee83ee39e3883af72d1?arch=arm64\u0026repository_url=registry.redhat.io/oadp/oadp-velero-plugin-rhel9\u0026tag=1.4.5-18"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-velero-plugin-for-aws-rhel9@sha256:36a22693fd6d1d2721f2f6d579bc638d51ae3648766cc57118f6956cd10aba36_arm64",
"product": {
"name": "oadp/oadp-velero-plugin-for-aws-rhel9@sha256:36a22693fd6d1d2721f2f6d579bc638d51ae3648766cc57118f6956cd10aba36_arm64",
"product_id": "oadp/oadp-velero-plugin-for-aws-rhel9@sha256:36a22693fd6d1d2721f2f6d579bc638d51ae3648766cc57118f6956cd10aba36_arm64",
"product_identification_helper": {
"purl": "pkg:oci/oadp-velero-plugin-for-aws-rhel9@sha256:36a22693fd6d1d2721f2f6d579bc638d51ae3648766cc57118f6956cd10aba36?arch=arm64\u0026repository_url=registry.redhat.io/oadp/oadp-velero-plugin-for-aws-rhel9\u0026tag=1.4.5-19"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:6ab225df2a249068ce7f22d909916ee94e58abcbae8662d4df3f0e93e4b97eed_arm64",
"product": {
"name": "oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:6ab225df2a249068ce7f22d909916ee94e58abcbae8662d4df3f0e93e4b97eed_arm64",
"product_id": "oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:6ab225df2a249068ce7f22d909916ee94e58abcbae8662d4df3f0e93e4b97eed_arm64",
"product_identification_helper": {
"purl": "pkg:oci/oadp-velero-plugin-for-gcp-rhel9@sha256:6ab225df2a249068ce7f22d909916ee94e58abcbae8662d4df3f0e93e4b97eed?arch=arm64\u0026repository_url=registry.redhat.io/oadp/oadp-velero-plugin-for-gcp-rhel9\u0026tag=1.4.5-18"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:9f7b3d93c79057eaefd036c8aa06f392487a73c1dde9a5bdecac73610b42461d_arm64",
"product": {
"name": "oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:9f7b3d93c79057eaefd036c8aa06f392487a73c1dde9a5bdecac73610b42461d_arm64",
"product_id": "oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:9f7b3d93c79057eaefd036c8aa06f392487a73c1dde9a5bdecac73610b42461d_arm64",
"product_identification_helper": {
"purl": "pkg:oci/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:9f7b3d93c79057eaefd036c8aa06f392487a73c1dde9a5bdecac73610b42461d?arch=arm64\u0026repository_url=registry.redhat.io/oadp/oadp-velero-plugin-for-legacy-aws-rhel9\u0026tag=1.4.5-17"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:fb57f4b7e2df487e6a8d272168c88ccd2f9f9b4d06efe23cf271c900d84d66cc_arm64",
"product": {
"name": "oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:fb57f4b7e2df487e6a8d272168c88ccd2f9f9b4d06efe23cf271c900d84d66cc_arm64",
"product_id": "oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:fb57f4b7e2df487e6a8d272168c88ccd2f9f9b4d06efe23cf271c900d84d66cc_arm64",
"product_identification_helper": {
"purl": "pkg:oci/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:fb57f4b7e2df487e6a8d272168c88ccd2f9f9b4d06efe23cf271c900d84d66cc?arch=arm64\u0026repository_url=registry.redhat.io/oadp/oadp-velero-plugin-for-microsoft-azure-rhel9\u0026tag=1.4.5-18"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-velero-restic-restore-helper-rhel9@sha256:37a60c31f57eb012097db76db3682d1c98936c581f64fda05fd705805b34327d_arm64",
"product": {
"name": "oadp/oadp-velero-restic-restore-helper-rhel9@sha256:37a60c31f57eb012097db76db3682d1c98936c581f64fda05fd705805b34327d_arm64",
"product_id": "oadp/oadp-velero-restic-restore-helper-rhel9@sha256:37a60c31f57eb012097db76db3682d1c98936c581f64fda05fd705805b34327d_arm64",
"product_identification_helper": {
"purl": "pkg:oci/oadp-velero-restic-restore-helper-rhel9@sha256:37a60c31f57eb012097db76db3682d1c98936c581f64fda05fd705805b34327d?arch=arm64\u0026repository_url=registry.redhat.io/oadp/oadp-velero-restic-restore-helper-rhel9\u0026tag=1.4.5-20"
}
}
}
],
"category": "architecture",
"name": "arm64"
},
{
"branches": [
{
"category": "product_version",
"name": "oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:2bae3100587b970b7246ae28196982edc6b9dae145f4d8c812fc9d78bff20961_amd64",
"product": {
"name": "oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:2bae3100587b970b7246ae28196982edc6b9dae145f4d8c812fc9d78bff20961_amd64",
"product_id": "oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:2bae3100587b970b7246ae28196982edc6b9dae145f4d8c812fc9d78bff20961_amd64",
"product_identification_helper": {
"purl": "pkg:oci/oadp-kubevirt-velero-plugin-rhel9@sha256:2bae3100587b970b7246ae28196982edc6b9dae145f4d8c812fc9d78bff20961?arch=amd64\u0026repository_url=registry.redhat.io/oadp/oadp-kubevirt-velero-plugin-rhel9\u0026tag=1.4.5-21"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-mustgather-rhel9@sha256:a0dad19da75a825d5756e033590df8cdb5a6af0f55f906b9b1000d4c3adccd5a_amd64",
"product": {
"name": "oadp/oadp-mustgather-rhel9@sha256:a0dad19da75a825d5756e033590df8cdb5a6af0f55f906b9b1000d4c3adccd5a_amd64",
"product_id": "oadp/oadp-mustgather-rhel9@sha256:a0dad19da75a825d5756e033590df8cdb5a6af0f55f906b9b1000d4c3adccd5a_amd64",
"product_identification_helper": {
"purl": "pkg:oci/oadp-mustgather-rhel9@sha256:a0dad19da75a825d5756e033590df8cdb5a6af0f55f906b9b1000d4c3adccd5a?arch=amd64\u0026repository_url=registry.redhat.io/oadp/oadp-mustgather-rhel9\u0026tag=1.4.5-34"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-operator-bundle@sha256:7317ed83242340597b5cdde8ee314606ddd563d0067ee85c12eb21037e2feb99_amd64",
"product": {
"name": "oadp/oadp-operator-bundle@sha256:7317ed83242340597b5cdde8ee314606ddd563d0067ee85c12eb21037e2feb99_amd64",
"product_id": "oadp/oadp-operator-bundle@sha256:7317ed83242340597b5cdde8ee314606ddd563d0067ee85c12eb21037e2feb99_amd64",
"product_identification_helper": {
"purl": "pkg:oci/oadp-operator-bundle@sha256:7317ed83242340597b5cdde8ee314606ddd563d0067ee85c12eb21037e2feb99?arch=amd64\u0026repository_url=registry.redhat.io/oadp/oadp-operator-bundle\u0026tag=1.4.5-34"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-rhel9-operator@sha256:c64c81ccaa4d3ed1c2b333936b0a9aa111e4dde2de88af5780ebd83f3b29bad6_amd64",
"product": {
"name": "oadp/oadp-rhel9-operator@sha256:c64c81ccaa4d3ed1c2b333936b0a9aa111e4dde2de88af5780ebd83f3b29bad6_amd64",
"product_id": "oadp/oadp-rhel9-operator@sha256:c64c81ccaa4d3ed1c2b333936b0a9aa111e4dde2de88af5780ebd83f3b29bad6_amd64",
"product_identification_helper": {
"purl": "pkg:oci/oadp-rhel9-operator@sha256:c64c81ccaa4d3ed1c2b333936b0a9aa111e4dde2de88af5780ebd83f3b29bad6?arch=amd64\u0026repository_url=registry.redhat.io/oadp/oadp-rhel9-operator\u0026tag=1.4.5-20"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-velero-rhel9@sha256:6eb63751e7f228d3b91abd9927ca0fd84d73aa095bc76afd681340f85c36cd92_amd64",
"product": {
"name": "oadp/oadp-velero-rhel9@sha256:6eb63751e7f228d3b91abd9927ca0fd84d73aa095bc76afd681340f85c36cd92_amd64",
"product_id": "oadp/oadp-velero-rhel9@sha256:6eb63751e7f228d3b91abd9927ca0fd84d73aa095bc76afd681340f85c36cd92_amd64",
"product_identification_helper": {
"purl": "pkg:oci/oadp-velero-rhel9@sha256:6eb63751e7f228d3b91abd9927ca0fd84d73aa095bc76afd681340f85c36cd92?arch=amd64\u0026repository_url=registry.redhat.io/oadp/oadp-velero-rhel9\u0026tag=1.4.5-20"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-velero-plugin-rhel9@sha256:b76bf2f89b41f4f5a3fb696a3942f26eb1ffbdf5a0bc0d9611906dd1de177d16_amd64",
"product": {
"name": "oadp/oadp-velero-plugin-rhel9@sha256:b76bf2f89b41f4f5a3fb696a3942f26eb1ffbdf5a0bc0d9611906dd1de177d16_amd64",
"product_id": "oadp/oadp-velero-plugin-rhel9@sha256:b76bf2f89b41f4f5a3fb696a3942f26eb1ffbdf5a0bc0d9611906dd1de177d16_amd64",
"product_identification_helper": {
"purl": "pkg:oci/oadp-velero-plugin-rhel9@sha256:b76bf2f89b41f4f5a3fb696a3942f26eb1ffbdf5a0bc0d9611906dd1de177d16?arch=amd64\u0026repository_url=registry.redhat.io/oadp/oadp-velero-plugin-rhel9\u0026tag=1.4.5-18"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-velero-plugin-for-aws-rhel9@sha256:2cdd8800ab19ff52a6682d3a6477c745b09224998dd4d7c5882111496ae8ec09_amd64",
"product": {
"name": "oadp/oadp-velero-plugin-for-aws-rhel9@sha256:2cdd8800ab19ff52a6682d3a6477c745b09224998dd4d7c5882111496ae8ec09_amd64",
"product_id": "oadp/oadp-velero-plugin-for-aws-rhel9@sha256:2cdd8800ab19ff52a6682d3a6477c745b09224998dd4d7c5882111496ae8ec09_amd64",
"product_identification_helper": {
"purl": "pkg:oci/oadp-velero-plugin-for-aws-rhel9@sha256:2cdd8800ab19ff52a6682d3a6477c745b09224998dd4d7c5882111496ae8ec09?arch=amd64\u0026repository_url=registry.redhat.io/oadp/oadp-velero-plugin-for-aws-rhel9\u0026tag=1.4.5-19"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:d70161cdeb833ec007dfad5a7f1b1ff411a10fe054b9ede12f3d7879e201ee17_amd64",
"product": {
"name": "oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:d70161cdeb833ec007dfad5a7f1b1ff411a10fe054b9ede12f3d7879e201ee17_amd64",
"product_id": "oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:d70161cdeb833ec007dfad5a7f1b1ff411a10fe054b9ede12f3d7879e201ee17_amd64",
"product_identification_helper": {
"purl": "pkg:oci/oadp-velero-plugin-for-gcp-rhel9@sha256:d70161cdeb833ec007dfad5a7f1b1ff411a10fe054b9ede12f3d7879e201ee17?arch=amd64\u0026repository_url=registry.redhat.io/oadp/oadp-velero-plugin-for-gcp-rhel9\u0026tag=1.4.5-18"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:121c80f73d2739694de126801e5c9622584ddc61fad9d1953e56fc83439ce074_amd64",
"product": {
"name": "oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:121c80f73d2739694de126801e5c9622584ddc61fad9d1953e56fc83439ce074_amd64",
"product_id": "oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:121c80f73d2739694de126801e5c9622584ddc61fad9d1953e56fc83439ce074_amd64",
"product_identification_helper": {
"purl": "pkg:oci/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:121c80f73d2739694de126801e5c9622584ddc61fad9d1953e56fc83439ce074?arch=amd64\u0026repository_url=registry.redhat.io/oadp/oadp-velero-plugin-for-legacy-aws-rhel9\u0026tag=1.4.5-17"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:7d22ecdc5faffcf9073c2b08178363820dc74d6fed62d0974bb3df309be573cb_amd64",
"product": {
"name": "oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:7d22ecdc5faffcf9073c2b08178363820dc74d6fed62d0974bb3df309be573cb_amd64",
"product_id": "oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:7d22ecdc5faffcf9073c2b08178363820dc74d6fed62d0974bb3df309be573cb_amd64",
"product_identification_helper": {
"purl": "pkg:oci/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:7d22ecdc5faffcf9073c2b08178363820dc74d6fed62d0974bb3df309be573cb?arch=amd64\u0026repository_url=registry.redhat.io/oadp/oadp-velero-plugin-for-microsoft-azure-rhel9\u0026tag=1.4.5-18"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-velero-restic-restore-helper-rhel9@sha256:aaf2bfc6b4a84f6b56592cfaa63552bea96ac5c8283f883b0f810a4c00b5f469_amd64",
"product": {
"name": "oadp/oadp-velero-restic-restore-helper-rhel9@sha256:aaf2bfc6b4a84f6b56592cfaa63552bea96ac5c8283f883b0f810a4c00b5f469_amd64",
"product_id": "oadp/oadp-velero-restic-restore-helper-rhel9@sha256:aaf2bfc6b4a84f6b56592cfaa63552bea96ac5c8283f883b0f810a4c00b5f469_amd64",
"product_identification_helper": {
"purl": "pkg:oci/oadp-velero-restic-restore-helper-rhel9@sha256:aaf2bfc6b4a84f6b56592cfaa63552bea96ac5c8283f883b0f810a4c00b5f469?arch=amd64\u0026repository_url=registry.redhat.io/oadp/oadp-velero-restic-restore-helper-rhel9\u0026tag=1.4.5-20"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:e4699d011786df4d3b8481b0b79a41c6cf2450c28a96d983b506393734a24c3a_ppc64le",
"product": {
"name": "oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:e4699d011786df4d3b8481b0b79a41c6cf2450c28a96d983b506393734a24c3a_ppc64le",
"product_id": "oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:e4699d011786df4d3b8481b0b79a41c6cf2450c28a96d983b506393734a24c3a_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/oadp-kubevirt-velero-plugin-rhel9@sha256:e4699d011786df4d3b8481b0b79a41c6cf2450c28a96d983b506393734a24c3a?arch=ppc64le\u0026repository_url=registry.redhat.io/oadp/oadp-kubevirt-velero-plugin-rhel9\u0026tag=1.4.5-21"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-mustgather-rhel9@sha256:d9bcac4f030c419292e13e517baf606514dece94182328e9f54058508a5138f1_ppc64le",
"product": {
"name": "oadp/oadp-mustgather-rhel9@sha256:d9bcac4f030c419292e13e517baf606514dece94182328e9f54058508a5138f1_ppc64le",
"product_id": "oadp/oadp-mustgather-rhel9@sha256:d9bcac4f030c419292e13e517baf606514dece94182328e9f54058508a5138f1_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/oadp-mustgather-rhel9@sha256:d9bcac4f030c419292e13e517baf606514dece94182328e9f54058508a5138f1?arch=ppc64le\u0026repository_url=registry.redhat.io/oadp/oadp-mustgather-rhel9\u0026tag=1.4.5-34"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-operator-bundle@sha256:f05c810e2b1c445a5d997826f423b6759c11b188dd8781af5908c085d082ceac_ppc64le",
"product": {
"name": "oadp/oadp-operator-bundle@sha256:f05c810e2b1c445a5d997826f423b6759c11b188dd8781af5908c085d082ceac_ppc64le",
"product_id": "oadp/oadp-operator-bundle@sha256:f05c810e2b1c445a5d997826f423b6759c11b188dd8781af5908c085d082ceac_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/oadp-operator-bundle@sha256:f05c810e2b1c445a5d997826f423b6759c11b188dd8781af5908c085d082ceac?arch=ppc64le\u0026repository_url=registry.redhat.io/oadp/oadp-operator-bundle\u0026tag=1.4.5-34"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-rhel9-operator@sha256:a695cf5140b0b109ede8c718c7b5b720fbe3f92c033f999506d78e2341c01203_ppc64le",
"product": {
"name": "oadp/oadp-rhel9-operator@sha256:a695cf5140b0b109ede8c718c7b5b720fbe3f92c033f999506d78e2341c01203_ppc64le",
"product_id": "oadp/oadp-rhel9-operator@sha256:a695cf5140b0b109ede8c718c7b5b720fbe3f92c033f999506d78e2341c01203_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/oadp-rhel9-operator@sha256:a695cf5140b0b109ede8c718c7b5b720fbe3f92c033f999506d78e2341c01203?arch=ppc64le\u0026repository_url=registry.redhat.io/oadp/oadp-rhel9-operator\u0026tag=1.4.5-20"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-velero-rhel9@sha256:489b4765e3f7f9da000be488e6ee755f9e930ce2e0d688c39677fc964cd1ae3a_ppc64le",
"product": {
"name": "oadp/oadp-velero-rhel9@sha256:489b4765e3f7f9da000be488e6ee755f9e930ce2e0d688c39677fc964cd1ae3a_ppc64le",
"product_id": "oadp/oadp-velero-rhel9@sha256:489b4765e3f7f9da000be488e6ee755f9e930ce2e0d688c39677fc964cd1ae3a_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/oadp-velero-rhel9@sha256:489b4765e3f7f9da000be488e6ee755f9e930ce2e0d688c39677fc964cd1ae3a?arch=ppc64le\u0026repository_url=registry.redhat.io/oadp/oadp-velero-rhel9\u0026tag=1.4.5-20"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-velero-plugin-rhel9@sha256:7c3889900001f080690330f619d8e509e7005363a984eeb47221359b91166674_ppc64le",
"product": {
"name": "oadp/oadp-velero-plugin-rhel9@sha256:7c3889900001f080690330f619d8e509e7005363a984eeb47221359b91166674_ppc64le",
"product_id": "oadp/oadp-velero-plugin-rhel9@sha256:7c3889900001f080690330f619d8e509e7005363a984eeb47221359b91166674_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/oadp-velero-plugin-rhel9@sha256:7c3889900001f080690330f619d8e509e7005363a984eeb47221359b91166674?arch=ppc64le\u0026repository_url=registry.redhat.io/oadp/oadp-velero-plugin-rhel9\u0026tag=1.4.5-18"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-velero-plugin-for-aws-rhel9@sha256:969922831941453a7d0c16bbe908b3b3596493134e68e771bd49ed9460f38bf1_ppc64le",
"product": {
"name": "oadp/oadp-velero-plugin-for-aws-rhel9@sha256:969922831941453a7d0c16bbe908b3b3596493134e68e771bd49ed9460f38bf1_ppc64le",
"product_id": "oadp/oadp-velero-plugin-for-aws-rhel9@sha256:969922831941453a7d0c16bbe908b3b3596493134e68e771bd49ed9460f38bf1_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/oadp-velero-plugin-for-aws-rhel9@sha256:969922831941453a7d0c16bbe908b3b3596493134e68e771bd49ed9460f38bf1?arch=ppc64le\u0026repository_url=registry.redhat.io/oadp/oadp-velero-plugin-for-aws-rhel9\u0026tag=1.4.5-19"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:a654a342057e7f679a96a5f18069bf6568e9a9f59f9f1934bf02f346a73cfe25_ppc64le",
"product": {
"name": "oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:a654a342057e7f679a96a5f18069bf6568e9a9f59f9f1934bf02f346a73cfe25_ppc64le",
"product_id": "oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:a654a342057e7f679a96a5f18069bf6568e9a9f59f9f1934bf02f346a73cfe25_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/oadp-velero-plugin-for-gcp-rhel9@sha256:a654a342057e7f679a96a5f18069bf6568e9a9f59f9f1934bf02f346a73cfe25?arch=ppc64le\u0026repository_url=registry.redhat.io/oadp/oadp-velero-plugin-for-gcp-rhel9\u0026tag=1.4.5-18"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:1ead7c1b32cb4ff2ec3002142a2fa25dbde1cc99c9ab07742e06981055963716_ppc64le",
"product": {
"name": "oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:1ead7c1b32cb4ff2ec3002142a2fa25dbde1cc99c9ab07742e06981055963716_ppc64le",
"product_id": "oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:1ead7c1b32cb4ff2ec3002142a2fa25dbde1cc99c9ab07742e06981055963716_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:1ead7c1b32cb4ff2ec3002142a2fa25dbde1cc99c9ab07742e06981055963716?arch=ppc64le\u0026repository_url=registry.redhat.io/oadp/oadp-velero-plugin-for-legacy-aws-rhel9\u0026tag=1.4.5-17"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:6c8c1cee0d702a5917c16decf62950adddc5ad4b629492b50a2d3c860dad14c2_ppc64le",
"product": {
"name": "oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:6c8c1cee0d702a5917c16decf62950adddc5ad4b629492b50a2d3c860dad14c2_ppc64le",
"product_id": "oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:6c8c1cee0d702a5917c16decf62950adddc5ad4b629492b50a2d3c860dad14c2_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:6c8c1cee0d702a5917c16decf62950adddc5ad4b629492b50a2d3c860dad14c2?arch=ppc64le\u0026repository_url=registry.redhat.io/oadp/oadp-velero-plugin-for-microsoft-azure-rhel9\u0026tag=1.4.5-18"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-velero-restic-restore-helper-rhel9@sha256:8d42dac3bdfb6f30bbbb62f83b9a3847c56ee405474b543e51619735e1b6dea4_ppc64le",
"product": {
"name": "oadp/oadp-velero-restic-restore-helper-rhel9@sha256:8d42dac3bdfb6f30bbbb62f83b9a3847c56ee405474b543e51619735e1b6dea4_ppc64le",
"product_id": "oadp/oadp-velero-restic-restore-helper-rhel9@sha256:8d42dac3bdfb6f30bbbb62f83b9a3847c56ee405474b543e51619735e1b6dea4_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/oadp-velero-restic-restore-helper-rhel9@sha256:8d42dac3bdfb6f30bbbb62f83b9a3847c56ee405474b543e51619735e1b6dea4?arch=ppc64le\u0026repository_url=registry.redhat.io/oadp/oadp-velero-restic-restore-helper-rhel9\u0026tag=1.4.5-20"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:2bae3100587b970b7246ae28196982edc6b9dae145f4d8c812fc9d78bff20961_amd64 as a component of 9Base-OADP-1.4",
"product_id": "9Base-OADP-1.4:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:2bae3100587b970b7246ae28196982edc6b9dae145f4d8c812fc9d78bff20961_amd64"
},
"product_reference": "oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:2bae3100587b970b7246ae28196982edc6b9dae145f4d8c812fc9d78bff20961_amd64",
"relates_to_product_reference": "9Base-OADP-1.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:475a27e370e023af9fc2698ce9b14a97cd0302d27f2bc52dc680bb63a82eb707_s390x as a component of 9Base-OADP-1.4",
"product_id": "9Base-OADP-1.4:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:475a27e370e023af9fc2698ce9b14a97cd0302d27f2bc52dc680bb63a82eb707_s390x"
},
"product_reference": "oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:475a27e370e023af9fc2698ce9b14a97cd0302d27f2bc52dc680bb63a82eb707_s390x",
"relates_to_product_reference": "9Base-OADP-1.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:e4699d011786df4d3b8481b0b79a41c6cf2450c28a96d983b506393734a24c3a_ppc64le as a component of 9Base-OADP-1.4",
"product_id": "9Base-OADP-1.4:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:e4699d011786df4d3b8481b0b79a41c6cf2450c28a96d983b506393734a24c3a_ppc64le"
},
"product_reference": "oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:e4699d011786df4d3b8481b0b79a41c6cf2450c28a96d983b506393734a24c3a_ppc64le",
"relates_to_product_reference": "9Base-OADP-1.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:f78f207306aebfe90a9126218b77b64a088b68122f8805b5b69e47972e5d298a_arm64 as a component of 9Base-OADP-1.4",
"product_id": "9Base-OADP-1.4:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:f78f207306aebfe90a9126218b77b64a088b68122f8805b5b69e47972e5d298a_arm64"
},
"product_reference": "oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:f78f207306aebfe90a9126218b77b64a088b68122f8805b5b69e47972e5d298a_arm64",
"relates_to_product_reference": "9Base-OADP-1.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-mustgather-rhel9@sha256:41f32fb3b6f3c1ed7be1f2580dd0fcc861c8240c8470b4e0346e0ba5bbb512b5_s390x as a component of 9Base-OADP-1.4",
"product_id": "9Base-OADP-1.4:oadp/oadp-mustgather-rhel9@sha256:41f32fb3b6f3c1ed7be1f2580dd0fcc861c8240c8470b4e0346e0ba5bbb512b5_s390x"
},
"product_reference": "oadp/oadp-mustgather-rhel9@sha256:41f32fb3b6f3c1ed7be1f2580dd0fcc861c8240c8470b4e0346e0ba5bbb512b5_s390x",
"relates_to_product_reference": "9Base-OADP-1.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-mustgather-rhel9@sha256:a0dad19da75a825d5756e033590df8cdb5a6af0f55f906b9b1000d4c3adccd5a_amd64 as a component of 9Base-OADP-1.4",
"product_id": "9Base-OADP-1.4:oadp/oadp-mustgather-rhel9@sha256:a0dad19da75a825d5756e033590df8cdb5a6af0f55f906b9b1000d4c3adccd5a_amd64"
},
"product_reference": "oadp/oadp-mustgather-rhel9@sha256:a0dad19da75a825d5756e033590df8cdb5a6af0f55f906b9b1000d4c3adccd5a_amd64",
"relates_to_product_reference": "9Base-OADP-1.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-mustgather-rhel9@sha256:abf07f4cad8f18537ccc2f162b25e11a5cae547c5f0db789f573ebc42a327041_arm64 as a component of 9Base-OADP-1.4",
"product_id": "9Base-OADP-1.4:oadp/oadp-mustgather-rhel9@sha256:abf07f4cad8f18537ccc2f162b25e11a5cae547c5f0db789f573ebc42a327041_arm64"
},
"product_reference": "oadp/oadp-mustgather-rhel9@sha256:abf07f4cad8f18537ccc2f162b25e11a5cae547c5f0db789f573ebc42a327041_arm64",
"relates_to_product_reference": "9Base-OADP-1.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-mustgather-rhel9@sha256:d9bcac4f030c419292e13e517baf606514dece94182328e9f54058508a5138f1_ppc64le as a component of 9Base-OADP-1.4",
"product_id": "9Base-OADP-1.4:oadp/oadp-mustgather-rhel9@sha256:d9bcac4f030c419292e13e517baf606514dece94182328e9f54058508a5138f1_ppc64le"
},
"product_reference": "oadp/oadp-mustgather-rhel9@sha256:d9bcac4f030c419292e13e517baf606514dece94182328e9f54058508a5138f1_ppc64le",
"relates_to_product_reference": "9Base-OADP-1.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-operator-bundle@sha256:7317ed83242340597b5cdde8ee314606ddd563d0067ee85c12eb21037e2feb99_amd64 as a component of 9Base-OADP-1.4",
"product_id": "9Base-OADP-1.4:oadp/oadp-operator-bundle@sha256:7317ed83242340597b5cdde8ee314606ddd563d0067ee85c12eb21037e2feb99_amd64"
},
"product_reference": "oadp/oadp-operator-bundle@sha256:7317ed83242340597b5cdde8ee314606ddd563d0067ee85c12eb21037e2feb99_amd64",
"relates_to_product_reference": "9Base-OADP-1.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-operator-bundle@sha256:7bbd1cb460a20aa568f543122ead86a7590827ed04166b82902cd68f60c67b4a_arm64 as a component of 9Base-OADP-1.4",
"product_id": "9Base-OADP-1.4:oadp/oadp-operator-bundle@sha256:7bbd1cb460a20aa568f543122ead86a7590827ed04166b82902cd68f60c67b4a_arm64"
},
"product_reference": "oadp/oadp-operator-bundle@sha256:7bbd1cb460a20aa568f543122ead86a7590827ed04166b82902cd68f60c67b4a_arm64",
"relates_to_product_reference": "9Base-OADP-1.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-operator-bundle@sha256:c06a0dc726d75fbed4c5f0ed5beb1abafdc2f85997d9d0b1dab41775b7ffe07d_s390x as a component of 9Base-OADP-1.4",
"product_id": "9Base-OADP-1.4:oadp/oadp-operator-bundle@sha256:c06a0dc726d75fbed4c5f0ed5beb1abafdc2f85997d9d0b1dab41775b7ffe07d_s390x"
},
"product_reference": "oadp/oadp-operator-bundle@sha256:c06a0dc726d75fbed4c5f0ed5beb1abafdc2f85997d9d0b1dab41775b7ffe07d_s390x",
"relates_to_product_reference": "9Base-OADP-1.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-operator-bundle@sha256:f05c810e2b1c445a5d997826f423b6759c11b188dd8781af5908c085d082ceac_ppc64le as a component of 9Base-OADP-1.4",
"product_id": "9Base-OADP-1.4:oadp/oadp-operator-bundle@sha256:f05c810e2b1c445a5d997826f423b6759c11b188dd8781af5908c085d082ceac_ppc64le"
},
"product_reference": "oadp/oadp-operator-bundle@sha256:f05c810e2b1c445a5d997826f423b6759c11b188dd8781af5908c085d082ceac_ppc64le",
"relates_to_product_reference": "9Base-OADP-1.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-rhel9-operator@sha256:a695cf5140b0b109ede8c718c7b5b720fbe3f92c033f999506d78e2341c01203_ppc64le as a component of 9Base-OADP-1.4",
"product_id": "9Base-OADP-1.4:oadp/oadp-rhel9-operator@sha256:a695cf5140b0b109ede8c718c7b5b720fbe3f92c033f999506d78e2341c01203_ppc64le"
},
"product_reference": "oadp/oadp-rhel9-operator@sha256:a695cf5140b0b109ede8c718c7b5b720fbe3f92c033f999506d78e2341c01203_ppc64le",
"relates_to_product_reference": "9Base-OADP-1.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-rhel9-operator@sha256:a8b86cbc818be479fd560b85e129e917c2314c82070d39a0c1453d8f11631ec5_s390x as a component of 9Base-OADP-1.4",
"product_id": "9Base-OADP-1.4:oadp/oadp-rhel9-operator@sha256:a8b86cbc818be479fd560b85e129e917c2314c82070d39a0c1453d8f11631ec5_s390x"
},
"product_reference": "oadp/oadp-rhel9-operator@sha256:a8b86cbc818be479fd560b85e129e917c2314c82070d39a0c1453d8f11631ec5_s390x",
"relates_to_product_reference": "9Base-OADP-1.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-rhel9-operator@sha256:c64c81ccaa4d3ed1c2b333936b0a9aa111e4dde2de88af5780ebd83f3b29bad6_amd64 as a component of 9Base-OADP-1.4",
"product_id": "9Base-OADP-1.4:oadp/oadp-rhel9-operator@sha256:c64c81ccaa4d3ed1c2b333936b0a9aa111e4dde2de88af5780ebd83f3b29bad6_amd64"
},
"product_reference": "oadp/oadp-rhel9-operator@sha256:c64c81ccaa4d3ed1c2b333936b0a9aa111e4dde2de88af5780ebd83f3b29bad6_amd64",
"relates_to_product_reference": "9Base-OADP-1.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-rhel9-operator@sha256:e4a7bd1b9aeae7350256a65fcb094cff2622e569ca8768df63d43682dff364d4_arm64 as a component of 9Base-OADP-1.4",
"product_id": "9Base-OADP-1.4:oadp/oadp-rhel9-operator@sha256:e4a7bd1b9aeae7350256a65fcb094cff2622e569ca8768df63d43682dff364d4_arm64"
},
"product_reference": "oadp/oadp-rhel9-operator@sha256:e4a7bd1b9aeae7350256a65fcb094cff2622e569ca8768df63d43682dff364d4_arm64",
"relates_to_product_reference": "9Base-OADP-1.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-velero-plugin-for-aws-rhel9@sha256:2cdd8800ab19ff52a6682d3a6477c745b09224998dd4d7c5882111496ae8ec09_amd64 as a component of 9Base-OADP-1.4",
"product_id": "9Base-OADP-1.4:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:2cdd8800ab19ff52a6682d3a6477c745b09224998dd4d7c5882111496ae8ec09_amd64"
},
"product_reference": "oadp/oadp-velero-plugin-for-aws-rhel9@sha256:2cdd8800ab19ff52a6682d3a6477c745b09224998dd4d7c5882111496ae8ec09_amd64",
"relates_to_product_reference": "9Base-OADP-1.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-velero-plugin-for-aws-rhel9@sha256:36a22693fd6d1d2721f2f6d579bc638d51ae3648766cc57118f6956cd10aba36_arm64 as a component of 9Base-OADP-1.4",
"product_id": "9Base-OADP-1.4:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:36a22693fd6d1d2721f2f6d579bc638d51ae3648766cc57118f6956cd10aba36_arm64"
},
"product_reference": "oadp/oadp-velero-plugin-for-aws-rhel9@sha256:36a22693fd6d1d2721f2f6d579bc638d51ae3648766cc57118f6956cd10aba36_arm64",
"relates_to_product_reference": "9Base-OADP-1.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-velero-plugin-for-aws-rhel9@sha256:969922831941453a7d0c16bbe908b3b3596493134e68e771bd49ed9460f38bf1_ppc64le as a component of 9Base-OADP-1.4",
"product_id": "9Base-OADP-1.4:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:969922831941453a7d0c16bbe908b3b3596493134e68e771bd49ed9460f38bf1_ppc64le"
},
"product_reference": "oadp/oadp-velero-plugin-for-aws-rhel9@sha256:969922831941453a7d0c16bbe908b3b3596493134e68e771bd49ed9460f38bf1_ppc64le",
"relates_to_product_reference": "9Base-OADP-1.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-velero-plugin-for-aws-rhel9@sha256:e97dc347f843eab864efb81f939b425554e6db58cde788a942afd7b00ac470df_s390x as a component of 9Base-OADP-1.4",
"product_id": "9Base-OADP-1.4:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:e97dc347f843eab864efb81f939b425554e6db58cde788a942afd7b00ac470df_s390x"
},
"product_reference": "oadp/oadp-velero-plugin-for-aws-rhel9@sha256:e97dc347f843eab864efb81f939b425554e6db58cde788a942afd7b00ac470df_s390x",
"relates_to_product_reference": "9Base-OADP-1.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:6ab225df2a249068ce7f22d909916ee94e58abcbae8662d4df3f0e93e4b97eed_arm64 as a component of 9Base-OADP-1.4",
"product_id": "9Base-OADP-1.4:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:6ab225df2a249068ce7f22d909916ee94e58abcbae8662d4df3f0e93e4b97eed_arm64"
},
"product_reference": "oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:6ab225df2a249068ce7f22d909916ee94e58abcbae8662d4df3f0e93e4b97eed_arm64",
"relates_to_product_reference": "9Base-OADP-1.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:a654a342057e7f679a96a5f18069bf6568e9a9f59f9f1934bf02f346a73cfe25_ppc64le as a component of 9Base-OADP-1.4",
"product_id": "9Base-OADP-1.4:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:a654a342057e7f679a96a5f18069bf6568e9a9f59f9f1934bf02f346a73cfe25_ppc64le"
},
"product_reference": "oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:a654a342057e7f679a96a5f18069bf6568e9a9f59f9f1934bf02f346a73cfe25_ppc64le",
"relates_to_product_reference": "9Base-OADP-1.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:d70161cdeb833ec007dfad5a7f1b1ff411a10fe054b9ede12f3d7879e201ee17_amd64 as a component of 9Base-OADP-1.4",
"product_id": "9Base-OADP-1.4:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:d70161cdeb833ec007dfad5a7f1b1ff411a10fe054b9ede12f3d7879e201ee17_amd64"
},
"product_reference": "oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:d70161cdeb833ec007dfad5a7f1b1ff411a10fe054b9ede12f3d7879e201ee17_amd64",
"relates_to_product_reference": "9Base-OADP-1.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:d9cc11a9154a89f84d66874f773225b6ac2b9a3342bd4d15cbb2ee8639c5f05f_s390x as a component of 9Base-OADP-1.4",
"product_id": "9Base-OADP-1.4:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:d9cc11a9154a89f84d66874f773225b6ac2b9a3342bd4d15cbb2ee8639c5f05f_s390x"
},
"product_reference": "oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:d9cc11a9154a89f84d66874f773225b6ac2b9a3342bd4d15cbb2ee8639c5f05f_s390x",
"relates_to_product_reference": "9Base-OADP-1.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:121c80f73d2739694de126801e5c9622584ddc61fad9d1953e56fc83439ce074_amd64 as a component of 9Base-OADP-1.4",
"product_id": "9Base-OADP-1.4:oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:121c80f73d2739694de126801e5c9622584ddc61fad9d1953e56fc83439ce074_amd64"
},
"product_reference": "oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:121c80f73d2739694de126801e5c9622584ddc61fad9d1953e56fc83439ce074_amd64",
"relates_to_product_reference": "9Base-OADP-1.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:1ead7c1b32cb4ff2ec3002142a2fa25dbde1cc99c9ab07742e06981055963716_ppc64le as a component of 9Base-OADP-1.4",
"product_id": "9Base-OADP-1.4:oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:1ead7c1b32cb4ff2ec3002142a2fa25dbde1cc99c9ab07742e06981055963716_ppc64le"
},
"product_reference": "oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:1ead7c1b32cb4ff2ec3002142a2fa25dbde1cc99c9ab07742e06981055963716_ppc64le",
"relates_to_product_reference": "9Base-OADP-1.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:9f7b3d93c79057eaefd036c8aa06f392487a73c1dde9a5bdecac73610b42461d_arm64 as a component of 9Base-OADP-1.4",
"product_id": "9Base-OADP-1.4:oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:9f7b3d93c79057eaefd036c8aa06f392487a73c1dde9a5bdecac73610b42461d_arm64"
},
"product_reference": "oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:9f7b3d93c79057eaefd036c8aa06f392487a73c1dde9a5bdecac73610b42461d_arm64",
"relates_to_product_reference": "9Base-OADP-1.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:cc1323f77941a5c0d4202ab96ca1643b6d06df4febf996de2ee82f43010e319c_s390x as a component of 9Base-OADP-1.4",
"product_id": "9Base-OADP-1.4:oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:cc1323f77941a5c0d4202ab96ca1643b6d06df4febf996de2ee82f43010e319c_s390x"
},
"product_reference": "oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:cc1323f77941a5c0d4202ab96ca1643b6d06df4febf996de2ee82f43010e319c_s390x",
"relates_to_product_reference": "9Base-OADP-1.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:18bfc85cc1a69536c266b0d168644406ccab9943aeb076a4e1a241655783a199_s390x as a component of 9Base-OADP-1.4",
"product_id": "9Base-OADP-1.4:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:18bfc85cc1a69536c266b0d168644406ccab9943aeb076a4e1a241655783a199_s390x"
},
"product_reference": "oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:18bfc85cc1a69536c266b0d168644406ccab9943aeb076a4e1a241655783a199_s390x",
"relates_to_product_reference": "9Base-OADP-1.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:6c8c1cee0d702a5917c16decf62950adddc5ad4b629492b50a2d3c860dad14c2_ppc64le as a component of 9Base-OADP-1.4",
"product_id": "9Base-OADP-1.4:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:6c8c1cee0d702a5917c16decf62950adddc5ad4b629492b50a2d3c860dad14c2_ppc64le"
},
"product_reference": "oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:6c8c1cee0d702a5917c16decf62950adddc5ad4b629492b50a2d3c860dad14c2_ppc64le",
"relates_to_product_reference": "9Base-OADP-1.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:7d22ecdc5faffcf9073c2b08178363820dc74d6fed62d0974bb3df309be573cb_amd64 as a component of 9Base-OADP-1.4",
"product_id": "9Base-OADP-1.4:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:7d22ecdc5faffcf9073c2b08178363820dc74d6fed62d0974bb3df309be573cb_amd64"
},
"product_reference": "oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:7d22ecdc5faffcf9073c2b08178363820dc74d6fed62d0974bb3df309be573cb_amd64",
"relates_to_product_reference": "9Base-OADP-1.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:fb57f4b7e2df487e6a8d272168c88ccd2f9f9b4d06efe23cf271c900d84d66cc_arm64 as a component of 9Base-OADP-1.4",
"product_id": "9Base-OADP-1.4:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:fb57f4b7e2df487e6a8d272168c88ccd2f9f9b4d06efe23cf271c900d84d66cc_arm64"
},
"product_reference": "oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:fb57f4b7e2df487e6a8d272168c88ccd2f9f9b4d06efe23cf271c900d84d66cc_arm64",
"relates_to_product_reference": "9Base-OADP-1.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-velero-plugin-rhel9@sha256:6fb517f7cba99c4db682a9e71e4afce78f0f6b2b6fed6ee83ee39e3883af72d1_arm64 as a component of 9Base-OADP-1.4",
"product_id": "9Base-OADP-1.4:oadp/oadp-velero-plugin-rhel9@sha256:6fb517f7cba99c4db682a9e71e4afce78f0f6b2b6fed6ee83ee39e3883af72d1_arm64"
},
"product_reference": "oadp/oadp-velero-plugin-rhel9@sha256:6fb517f7cba99c4db682a9e71e4afce78f0f6b2b6fed6ee83ee39e3883af72d1_arm64",
"relates_to_product_reference": "9Base-OADP-1.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-velero-plugin-rhel9@sha256:7c3889900001f080690330f619d8e509e7005363a984eeb47221359b91166674_ppc64le as a component of 9Base-OADP-1.4",
"product_id": "9Base-OADP-1.4:oadp/oadp-velero-plugin-rhel9@sha256:7c3889900001f080690330f619d8e509e7005363a984eeb47221359b91166674_ppc64le"
},
"product_reference": "oadp/oadp-velero-plugin-rhel9@sha256:7c3889900001f080690330f619d8e509e7005363a984eeb47221359b91166674_ppc64le",
"relates_to_product_reference": "9Base-OADP-1.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-velero-plugin-rhel9@sha256:b76bf2f89b41f4f5a3fb696a3942f26eb1ffbdf5a0bc0d9611906dd1de177d16_amd64 as a component of 9Base-OADP-1.4",
"product_id": "9Base-OADP-1.4:oadp/oadp-velero-plugin-rhel9@sha256:b76bf2f89b41f4f5a3fb696a3942f26eb1ffbdf5a0bc0d9611906dd1de177d16_amd64"
},
"product_reference": "oadp/oadp-velero-plugin-rhel9@sha256:b76bf2f89b41f4f5a3fb696a3942f26eb1ffbdf5a0bc0d9611906dd1de177d16_amd64",
"relates_to_product_reference": "9Base-OADP-1.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-velero-plugin-rhel9@sha256:d37ce4423a62897fa3ba2b59fe9bb3a4832088020ea089dd03b920a36179418f_s390x as a component of 9Base-OADP-1.4",
"product_id": "9Base-OADP-1.4:oadp/oadp-velero-plugin-rhel9@sha256:d37ce4423a62897fa3ba2b59fe9bb3a4832088020ea089dd03b920a36179418f_s390x"
},
"product_reference": "oadp/oadp-velero-plugin-rhel9@sha256:d37ce4423a62897fa3ba2b59fe9bb3a4832088020ea089dd03b920a36179418f_s390x",
"relates_to_product_reference": "9Base-OADP-1.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-velero-restic-restore-helper-rhel9@sha256:37a60c31f57eb012097db76db3682d1c98936c581f64fda05fd705805b34327d_arm64 as a component of 9Base-OADP-1.4",
"product_id": "9Base-OADP-1.4:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:37a60c31f57eb012097db76db3682d1c98936c581f64fda05fd705805b34327d_arm64"
},
"product_reference": "oadp/oadp-velero-restic-restore-helper-rhel9@sha256:37a60c31f57eb012097db76db3682d1c98936c581f64fda05fd705805b34327d_arm64",
"relates_to_product_reference": "9Base-OADP-1.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-velero-restic-restore-helper-rhel9@sha256:8d42dac3bdfb6f30bbbb62f83b9a3847c56ee405474b543e51619735e1b6dea4_ppc64le as a component of 9Base-OADP-1.4",
"product_id": "9Base-OADP-1.4:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:8d42dac3bdfb6f30bbbb62f83b9a3847c56ee405474b543e51619735e1b6dea4_ppc64le"
},
"product_reference": "oadp/oadp-velero-restic-restore-helper-rhel9@sha256:8d42dac3bdfb6f30bbbb62f83b9a3847c56ee405474b543e51619735e1b6dea4_ppc64le",
"relates_to_product_reference": "9Base-OADP-1.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-velero-restic-restore-helper-rhel9@sha256:aaf2bfc6b4a84f6b56592cfaa63552bea96ac5c8283f883b0f810a4c00b5f469_amd64 as a component of 9Base-OADP-1.4",
"product_id": "9Base-OADP-1.4:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:aaf2bfc6b4a84f6b56592cfaa63552bea96ac5c8283f883b0f810a4c00b5f469_amd64"
},
"product_reference": "oadp/oadp-velero-restic-restore-helper-rhel9@sha256:aaf2bfc6b4a84f6b56592cfaa63552bea96ac5c8283f883b0f810a4c00b5f469_amd64",
"relates_to_product_reference": "9Base-OADP-1.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-velero-restic-restore-helper-rhel9@sha256:ebe2f773be55633f5d78274d9b85c253cd97257e227f20a12f20f27722c56885_s390x as a component of 9Base-OADP-1.4",
"product_id": "9Base-OADP-1.4:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:ebe2f773be55633f5d78274d9b85c253cd97257e227f20a12f20f27722c56885_s390x"
},
"product_reference": "oadp/oadp-velero-restic-restore-helper-rhel9@sha256:ebe2f773be55633f5d78274d9b85c253cd97257e227f20a12f20f27722c56885_s390x",
"relates_to_product_reference": "9Base-OADP-1.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-velero-rhel9@sha256:489b4765e3f7f9da000be488e6ee755f9e930ce2e0d688c39677fc964cd1ae3a_ppc64le as a component of 9Base-OADP-1.4",
"product_id": "9Base-OADP-1.4:oadp/oadp-velero-rhel9@sha256:489b4765e3f7f9da000be488e6ee755f9e930ce2e0d688c39677fc964cd1ae3a_ppc64le"
},
"product_reference": "oadp/oadp-velero-rhel9@sha256:489b4765e3f7f9da000be488e6ee755f9e930ce2e0d688c39677fc964cd1ae3a_ppc64le",
"relates_to_product_reference": "9Base-OADP-1.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-velero-rhel9@sha256:6eb63751e7f228d3b91abd9927ca0fd84d73aa095bc76afd681340f85c36cd92_amd64 as a component of 9Base-OADP-1.4",
"product_id": "9Base-OADP-1.4:oadp/oadp-velero-rhel9@sha256:6eb63751e7f228d3b91abd9927ca0fd84d73aa095bc76afd681340f85c36cd92_amd64"
},
"product_reference": "oadp/oadp-velero-rhel9@sha256:6eb63751e7f228d3b91abd9927ca0fd84d73aa095bc76afd681340f85c36cd92_amd64",
"relates_to_product_reference": "9Base-OADP-1.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-velero-rhel9@sha256:704acaaf95af349cb107ac6df2bfef5da3df3d5fc16f16c631b5e5f97492bcaf_s390x as a component of 9Base-OADP-1.4",
"product_id": "9Base-OADP-1.4:oadp/oadp-velero-rhel9@sha256:704acaaf95af349cb107ac6df2bfef5da3df3d5fc16f16c631b5e5f97492bcaf_s390x"
},
"product_reference": "oadp/oadp-velero-rhel9@sha256:704acaaf95af349cb107ac6df2bfef5da3df3d5fc16f16c631b5e5f97492bcaf_s390x",
"relates_to_product_reference": "9Base-OADP-1.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-velero-rhel9@sha256:8f28683c1b38621778de147f3f2329119f843e017d48a33de14fcadfc9f4384b_arm64 as a component of 9Base-OADP-1.4",
"product_id": "9Base-OADP-1.4:oadp/oadp-velero-rhel9@sha256:8f28683c1b38621778de147f3f2329119f843e017d48a33de14fcadfc9f4384b_arm64"
},
"product_reference": "oadp/oadp-velero-rhel9@sha256:8f28683c1b38621778de147f3f2329119f843e017d48a33de14fcadfc9f4384b_arm64",
"relates_to_product_reference": "9Base-OADP-1.4"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-45337",
"cwe": {
"id": "CWE-285",
"name": "Improper Authorization"
},
"discovery_date": "2024-12-11T19:00:54.247490+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-OADP-1.4:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:2bae3100587b970b7246ae28196982edc6b9dae145f4d8c812fc9d78bff20961_amd64",
"9Base-OADP-1.4:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:475a27e370e023af9fc2698ce9b14a97cd0302d27f2bc52dc680bb63a82eb707_s390x",
"9Base-OADP-1.4:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:e4699d011786df4d3b8481b0b79a41c6cf2450c28a96d983b506393734a24c3a_ppc64le",
"9Base-OADP-1.4:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:f78f207306aebfe90a9126218b77b64a088b68122f8805b5b69e47972e5d298a_arm64",
"9Base-OADP-1.4:oadp/oadp-operator-bundle@sha256:7317ed83242340597b5cdde8ee314606ddd563d0067ee85c12eb21037e2feb99_amd64",
"9Base-OADP-1.4:oadp/oadp-operator-bundle@sha256:7bbd1cb460a20aa568f543122ead86a7590827ed04166b82902cd68f60c67b4a_arm64",
"9Base-OADP-1.4:oadp/oadp-operator-bundle@sha256:c06a0dc726d75fbed4c5f0ed5beb1abafdc2f85997d9d0b1dab41775b7ffe07d_s390x",
"9Base-OADP-1.4:oadp/oadp-operator-bundle@sha256:f05c810e2b1c445a5d997826f423b6759c11b188dd8781af5908c085d082ceac_ppc64le",
"9Base-OADP-1.4:oadp/oadp-rhel9-operator@sha256:a695cf5140b0b109ede8c718c7b5b720fbe3f92c033f999506d78e2341c01203_ppc64le",
"9Base-OADP-1.4:oadp/oadp-rhel9-operator@sha256:a8b86cbc818be479fd560b85e129e917c2314c82070d39a0c1453d8f11631ec5_s390x",
"9Base-OADP-1.4:oadp/oadp-rhel9-operator@sha256:c64c81ccaa4d3ed1c2b333936b0a9aa111e4dde2de88af5780ebd83f3b29bad6_amd64",
"9Base-OADP-1.4:oadp/oadp-rhel9-operator@sha256:e4a7bd1b9aeae7350256a65fcb094cff2622e569ca8768df63d43682dff364d4_arm64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:2cdd8800ab19ff52a6682d3a6477c745b09224998dd4d7c5882111496ae8ec09_amd64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:36a22693fd6d1d2721f2f6d579bc638d51ae3648766cc57118f6956cd10aba36_arm64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:969922831941453a7d0c16bbe908b3b3596493134e68e771bd49ed9460f38bf1_ppc64le",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:e97dc347f843eab864efb81f939b425554e6db58cde788a942afd7b00ac470df_s390x",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:6ab225df2a249068ce7f22d909916ee94e58abcbae8662d4df3f0e93e4b97eed_arm64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:a654a342057e7f679a96a5f18069bf6568e9a9f59f9f1934bf02f346a73cfe25_ppc64le",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:d70161cdeb833ec007dfad5a7f1b1ff411a10fe054b9ede12f3d7879e201ee17_amd64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:d9cc11a9154a89f84d66874f773225b6ac2b9a3342bd4d15cbb2ee8639c5f05f_s390x",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:121c80f73d2739694de126801e5c9622584ddc61fad9d1953e56fc83439ce074_amd64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:1ead7c1b32cb4ff2ec3002142a2fa25dbde1cc99c9ab07742e06981055963716_ppc64le",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:9f7b3d93c79057eaefd036c8aa06f392487a73c1dde9a5bdecac73610b42461d_arm64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:cc1323f77941a5c0d4202ab96ca1643b6d06df4febf996de2ee82f43010e319c_s390x",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:18bfc85cc1a69536c266b0d168644406ccab9943aeb076a4e1a241655783a199_s390x",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:6c8c1cee0d702a5917c16decf62950adddc5ad4b629492b50a2d3c860dad14c2_ppc64le",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:7d22ecdc5faffcf9073c2b08178363820dc74d6fed62d0974bb3df309be573cb_amd64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:fb57f4b7e2df487e6a8d272168c88ccd2f9f9b4d06efe23cf271c900d84d66cc_arm64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-rhel9@sha256:6fb517f7cba99c4db682a9e71e4afce78f0f6b2b6fed6ee83ee39e3883af72d1_arm64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-rhel9@sha256:7c3889900001f080690330f619d8e509e7005363a984eeb47221359b91166674_ppc64le",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-rhel9@sha256:b76bf2f89b41f4f5a3fb696a3942f26eb1ffbdf5a0bc0d9611906dd1de177d16_amd64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-rhel9@sha256:d37ce4423a62897fa3ba2b59fe9bb3a4832088020ea089dd03b920a36179418f_s390x",
"9Base-OADP-1.4:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:37a60c31f57eb012097db76db3682d1c98936c581f64fda05fd705805b34327d_arm64",
"9Base-OADP-1.4:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:8d42dac3bdfb6f30bbbb62f83b9a3847c56ee405474b543e51619735e1b6dea4_ppc64le",
"9Base-OADP-1.4:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:aaf2bfc6b4a84f6b56592cfaa63552bea96ac5c8283f883b0f810a4c00b5f469_amd64",
"9Base-OADP-1.4:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:ebe2f773be55633f5d78274d9b85c253cd97257e227f20a12f20f27722c56885_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2331720"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the x/crypto/ssh go library. Applications and libraries that misuse the ServerConfig.PublicKeyCallback callback may be susceptible to an authorization bypass. For example, an attacker may send public keys A and B and authenticate with A. PublicKeyCallback would be called only twice, first with A and then with B. A vulnerable application may then make authorization decisions based on key B, for which the attacker does not control the private key. The misuse of ServerConfig.PublicKeyCallback may cause an authorization bypass.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang.org/x/crypto/ssh: Misuse of ServerConfig.PublicKeyCallback may cause authorization bypass in golang.org/x/crypto",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is classified as important rather than critical because it does not directly enable unauthorized access but rather introduces a risk of authorization bypass if the application or library misuses the PublicKeyCallback API. The vulnerability relies on incorrect assumptions made by the application when handling the sequence or state of keys provided during SSH authentication. Properly implemented systems that use the Permissions field or avoid relying on external state remain unaffected. Additionally, the vulnerability does not allow direct exploitation to gain control over a system without the presence of insecure logic in the application\u0027s handling of authentication attempts.\n\n\nRed Hat Enterprise Linux(RHEL) 8 \u0026 9 and Red Hat Openshift marked as not affected as it was determined that the problem function `ServerConfig.PublicKeyCallback`, as noted in the CVE-2024-45337 issue, is not called by Podman, Buildah, containers-common, or the gvisor-tap-vsock projects.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-OADP-1.4:oadp/oadp-mustgather-rhel9@sha256:41f32fb3b6f3c1ed7be1f2580dd0fcc861c8240c8470b4e0346e0ba5bbb512b5_s390x",
"9Base-OADP-1.4:oadp/oadp-mustgather-rhel9@sha256:a0dad19da75a825d5756e033590df8cdb5a6af0f55f906b9b1000d4c3adccd5a_amd64",
"9Base-OADP-1.4:oadp/oadp-mustgather-rhel9@sha256:abf07f4cad8f18537ccc2f162b25e11a5cae547c5f0db789f573ebc42a327041_arm64",
"9Base-OADP-1.4:oadp/oadp-mustgather-rhel9@sha256:d9bcac4f030c419292e13e517baf606514dece94182328e9f54058508a5138f1_ppc64le",
"9Base-OADP-1.4:oadp/oadp-velero-rhel9@sha256:489b4765e3f7f9da000be488e6ee755f9e930ce2e0d688c39677fc964cd1ae3a_ppc64le",
"9Base-OADP-1.4:oadp/oadp-velero-rhel9@sha256:6eb63751e7f228d3b91abd9927ca0fd84d73aa095bc76afd681340f85c36cd92_amd64",
"9Base-OADP-1.4:oadp/oadp-velero-rhel9@sha256:704acaaf95af349cb107ac6df2bfef5da3df3d5fc16f16c631b5e5f97492bcaf_s390x",
"9Base-OADP-1.4:oadp/oadp-velero-rhel9@sha256:8f28683c1b38621778de147f3f2329119f843e017d48a33de14fcadfc9f4384b_arm64"
],
"known_not_affected": [
"9Base-OADP-1.4:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:2bae3100587b970b7246ae28196982edc6b9dae145f4d8c812fc9d78bff20961_amd64",
"9Base-OADP-1.4:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:475a27e370e023af9fc2698ce9b14a97cd0302d27f2bc52dc680bb63a82eb707_s390x",
"9Base-OADP-1.4:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:e4699d011786df4d3b8481b0b79a41c6cf2450c28a96d983b506393734a24c3a_ppc64le",
"9Base-OADP-1.4:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:f78f207306aebfe90a9126218b77b64a088b68122f8805b5b69e47972e5d298a_arm64",
"9Base-OADP-1.4:oadp/oadp-operator-bundle@sha256:7317ed83242340597b5cdde8ee314606ddd563d0067ee85c12eb21037e2feb99_amd64",
"9Base-OADP-1.4:oadp/oadp-operator-bundle@sha256:7bbd1cb460a20aa568f543122ead86a7590827ed04166b82902cd68f60c67b4a_arm64",
"9Base-OADP-1.4:oadp/oadp-operator-bundle@sha256:c06a0dc726d75fbed4c5f0ed5beb1abafdc2f85997d9d0b1dab41775b7ffe07d_s390x",
"9Base-OADP-1.4:oadp/oadp-operator-bundle@sha256:f05c810e2b1c445a5d997826f423b6759c11b188dd8781af5908c085d082ceac_ppc64le",
"9Base-OADP-1.4:oadp/oadp-rhel9-operator@sha256:a695cf5140b0b109ede8c718c7b5b720fbe3f92c033f999506d78e2341c01203_ppc64le",
"9Base-OADP-1.4:oadp/oadp-rhel9-operator@sha256:a8b86cbc818be479fd560b85e129e917c2314c82070d39a0c1453d8f11631ec5_s390x",
"9Base-OADP-1.4:oadp/oadp-rhel9-operator@sha256:c64c81ccaa4d3ed1c2b333936b0a9aa111e4dde2de88af5780ebd83f3b29bad6_amd64",
"9Base-OADP-1.4:oadp/oadp-rhel9-operator@sha256:e4a7bd1b9aeae7350256a65fcb094cff2622e569ca8768df63d43682dff364d4_arm64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:2cdd8800ab19ff52a6682d3a6477c745b09224998dd4d7c5882111496ae8ec09_amd64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:36a22693fd6d1d2721f2f6d579bc638d51ae3648766cc57118f6956cd10aba36_arm64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:969922831941453a7d0c16bbe908b3b3596493134e68e771bd49ed9460f38bf1_ppc64le",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:e97dc347f843eab864efb81f939b425554e6db58cde788a942afd7b00ac470df_s390x",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:6ab225df2a249068ce7f22d909916ee94e58abcbae8662d4df3f0e93e4b97eed_arm64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:a654a342057e7f679a96a5f18069bf6568e9a9f59f9f1934bf02f346a73cfe25_ppc64le",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:d70161cdeb833ec007dfad5a7f1b1ff411a10fe054b9ede12f3d7879e201ee17_amd64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:d9cc11a9154a89f84d66874f773225b6ac2b9a3342bd4d15cbb2ee8639c5f05f_s390x",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:121c80f73d2739694de126801e5c9622584ddc61fad9d1953e56fc83439ce074_amd64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:1ead7c1b32cb4ff2ec3002142a2fa25dbde1cc99c9ab07742e06981055963716_ppc64le",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:9f7b3d93c79057eaefd036c8aa06f392487a73c1dde9a5bdecac73610b42461d_arm64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:cc1323f77941a5c0d4202ab96ca1643b6d06df4febf996de2ee82f43010e319c_s390x",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:18bfc85cc1a69536c266b0d168644406ccab9943aeb076a4e1a241655783a199_s390x",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:6c8c1cee0d702a5917c16decf62950adddc5ad4b629492b50a2d3c860dad14c2_ppc64le",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:7d22ecdc5faffcf9073c2b08178363820dc74d6fed62d0974bb3df309be573cb_amd64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:fb57f4b7e2df487e6a8d272168c88ccd2f9f9b4d06efe23cf271c900d84d66cc_arm64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-rhel9@sha256:6fb517f7cba99c4db682a9e71e4afce78f0f6b2b6fed6ee83ee39e3883af72d1_arm64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-rhel9@sha256:7c3889900001f080690330f619d8e509e7005363a984eeb47221359b91166674_ppc64le",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-rhel9@sha256:b76bf2f89b41f4f5a3fb696a3942f26eb1ffbdf5a0bc0d9611906dd1de177d16_amd64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-rhel9@sha256:d37ce4423a62897fa3ba2b59fe9bb3a4832088020ea089dd03b920a36179418f_s390x",
"9Base-OADP-1.4:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:37a60c31f57eb012097db76db3682d1c98936c581f64fda05fd705805b34327d_arm64",
"9Base-OADP-1.4:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:8d42dac3bdfb6f30bbbb62f83b9a3847c56ee405474b543e51619735e1b6dea4_ppc64le",
"9Base-OADP-1.4:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:aaf2bfc6b4a84f6b56592cfaa63552bea96ac5c8283f883b0f810a4c00b5f469_amd64",
"9Base-OADP-1.4:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:ebe2f773be55633f5d78274d9b85c253cd97257e227f20a12f20f27722c56885_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-45337"
},
{
"category": "external",
"summary": "RHBZ#2331720",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2331720"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-45337",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45337"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-45337",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-45337"
},
{
"category": "external",
"summary": "https://github.com/golang/crypto/commit/b4f1988a35dee11ec3e05d6bf3e90b695fbd8909",
"url": "https://github.com/golang/crypto/commit/b4f1988a35dee11ec3e05d6bf3e90b695fbd8909"
},
{
"category": "external",
"summary": "https://go.dev/cl/635315",
"url": "https://go.dev/cl/635315"
},
{
"category": "external",
"summary": "https://go.dev/issue/70779",
"url": "https://go.dev/issue/70779"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/-nPEi39gI4Q/m/cGVPJCqdAQAJ",
"url": "https://groups.google.com/g/golang-announce/c/-nPEi39gI4Q/m/cGVPJCqdAQAJ"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2024-3321",
"url": "https://pkg.go.dev/vuln/GO-2024-3321"
}
],
"release_date": "2024-12-11T18:55:58.506000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-07-18T15:51:18+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-OADP-1.4:oadp/oadp-mustgather-rhel9@sha256:41f32fb3b6f3c1ed7be1f2580dd0fcc861c8240c8470b4e0346e0ba5bbb512b5_s390x",
"9Base-OADP-1.4:oadp/oadp-mustgather-rhel9@sha256:a0dad19da75a825d5756e033590df8cdb5a6af0f55f906b9b1000d4c3adccd5a_amd64",
"9Base-OADP-1.4:oadp/oadp-mustgather-rhel9@sha256:abf07f4cad8f18537ccc2f162b25e11a5cae547c5f0db789f573ebc42a327041_arm64",
"9Base-OADP-1.4:oadp/oadp-mustgather-rhel9@sha256:d9bcac4f030c419292e13e517baf606514dece94182328e9f54058508a5138f1_ppc64le",
"9Base-OADP-1.4:oadp/oadp-velero-rhel9@sha256:489b4765e3f7f9da000be488e6ee755f9e930ce2e0d688c39677fc964cd1ae3a_ppc64le",
"9Base-OADP-1.4:oadp/oadp-velero-rhel9@sha256:6eb63751e7f228d3b91abd9927ca0fd84d73aa095bc76afd681340f85c36cd92_amd64",
"9Base-OADP-1.4:oadp/oadp-velero-rhel9@sha256:704acaaf95af349cb107ac6df2bfef5da3df3d5fc16f16c631b5e5f97492bcaf_s390x",
"9Base-OADP-1.4:oadp/oadp-velero-rhel9@sha256:8f28683c1b38621778de147f3f2329119f843e017d48a33de14fcadfc9f4384b_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:11396"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"9Base-OADP-1.4:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:2bae3100587b970b7246ae28196982edc6b9dae145f4d8c812fc9d78bff20961_amd64",
"9Base-OADP-1.4:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:475a27e370e023af9fc2698ce9b14a97cd0302d27f2bc52dc680bb63a82eb707_s390x",
"9Base-OADP-1.4:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:e4699d011786df4d3b8481b0b79a41c6cf2450c28a96d983b506393734a24c3a_ppc64le",
"9Base-OADP-1.4:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:f78f207306aebfe90a9126218b77b64a088b68122f8805b5b69e47972e5d298a_arm64",
"9Base-OADP-1.4:oadp/oadp-mustgather-rhel9@sha256:41f32fb3b6f3c1ed7be1f2580dd0fcc861c8240c8470b4e0346e0ba5bbb512b5_s390x",
"9Base-OADP-1.4:oadp/oadp-mustgather-rhel9@sha256:a0dad19da75a825d5756e033590df8cdb5a6af0f55f906b9b1000d4c3adccd5a_amd64",
"9Base-OADP-1.4:oadp/oadp-mustgather-rhel9@sha256:abf07f4cad8f18537ccc2f162b25e11a5cae547c5f0db789f573ebc42a327041_arm64",
"9Base-OADP-1.4:oadp/oadp-mustgather-rhel9@sha256:d9bcac4f030c419292e13e517baf606514dece94182328e9f54058508a5138f1_ppc64le",
"9Base-OADP-1.4:oadp/oadp-operator-bundle@sha256:7317ed83242340597b5cdde8ee314606ddd563d0067ee85c12eb21037e2feb99_amd64",
"9Base-OADP-1.4:oadp/oadp-operator-bundle@sha256:7bbd1cb460a20aa568f543122ead86a7590827ed04166b82902cd68f60c67b4a_arm64",
"9Base-OADP-1.4:oadp/oadp-operator-bundle@sha256:c06a0dc726d75fbed4c5f0ed5beb1abafdc2f85997d9d0b1dab41775b7ffe07d_s390x",
"9Base-OADP-1.4:oadp/oadp-operator-bundle@sha256:f05c810e2b1c445a5d997826f423b6759c11b188dd8781af5908c085d082ceac_ppc64le",
"9Base-OADP-1.4:oadp/oadp-rhel9-operator@sha256:a695cf5140b0b109ede8c718c7b5b720fbe3f92c033f999506d78e2341c01203_ppc64le",
"9Base-OADP-1.4:oadp/oadp-rhel9-operator@sha256:a8b86cbc818be479fd560b85e129e917c2314c82070d39a0c1453d8f11631ec5_s390x",
"9Base-OADP-1.4:oadp/oadp-rhel9-operator@sha256:c64c81ccaa4d3ed1c2b333936b0a9aa111e4dde2de88af5780ebd83f3b29bad6_amd64",
"9Base-OADP-1.4:oadp/oadp-rhel9-operator@sha256:e4a7bd1b9aeae7350256a65fcb094cff2622e569ca8768df63d43682dff364d4_arm64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:2cdd8800ab19ff52a6682d3a6477c745b09224998dd4d7c5882111496ae8ec09_amd64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:36a22693fd6d1d2721f2f6d579bc638d51ae3648766cc57118f6956cd10aba36_arm64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:969922831941453a7d0c16bbe908b3b3596493134e68e771bd49ed9460f38bf1_ppc64le",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:e97dc347f843eab864efb81f939b425554e6db58cde788a942afd7b00ac470df_s390x",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:6ab225df2a249068ce7f22d909916ee94e58abcbae8662d4df3f0e93e4b97eed_arm64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:a654a342057e7f679a96a5f18069bf6568e9a9f59f9f1934bf02f346a73cfe25_ppc64le",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:d70161cdeb833ec007dfad5a7f1b1ff411a10fe054b9ede12f3d7879e201ee17_amd64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:d9cc11a9154a89f84d66874f773225b6ac2b9a3342bd4d15cbb2ee8639c5f05f_s390x",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:121c80f73d2739694de126801e5c9622584ddc61fad9d1953e56fc83439ce074_amd64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:1ead7c1b32cb4ff2ec3002142a2fa25dbde1cc99c9ab07742e06981055963716_ppc64le",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:9f7b3d93c79057eaefd036c8aa06f392487a73c1dde9a5bdecac73610b42461d_arm64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:cc1323f77941a5c0d4202ab96ca1643b6d06df4febf996de2ee82f43010e319c_s390x",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:18bfc85cc1a69536c266b0d168644406ccab9943aeb076a4e1a241655783a199_s390x",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:6c8c1cee0d702a5917c16decf62950adddc5ad4b629492b50a2d3c860dad14c2_ppc64le",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:7d22ecdc5faffcf9073c2b08178363820dc74d6fed62d0974bb3df309be573cb_amd64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:fb57f4b7e2df487e6a8d272168c88ccd2f9f9b4d06efe23cf271c900d84d66cc_arm64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-rhel9@sha256:6fb517f7cba99c4db682a9e71e4afce78f0f6b2b6fed6ee83ee39e3883af72d1_arm64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-rhel9@sha256:7c3889900001f080690330f619d8e509e7005363a984eeb47221359b91166674_ppc64le",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-rhel9@sha256:b76bf2f89b41f4f5a3fb696a3942f26eb1ffbdf5a0bc0d9611906dd1de177d16_amd64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-rhel9@sha256:d37ce4423a62897fa3ba2b59fe9bb3a4832088020ea089dd03b920a36179418f_s390x",
"9Base-OADP-1.4:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:37a60c31f57eb012097db76db3682d1c98936c581f64fda05fd705805b34327d_arm64",
"9Base-OADP-1.4:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:8d42dac3bdfb6f30bbbb62f83b9a3847c56ee405474b543e51619735e1b6dea4_ppc64le",
"9Base-OADP-1.4:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:aaf2bfc6b4a84f6b56592cfaa63552bea96ac5c8283f883b0f810a4c00b5f469_amd64",
"9Base-OADP-1.4:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:ebe2f773be55633f5d78274d9b85c253cd97257e227f20a12f20f27722c56885_s390x",
"9Base-OADP-1.4:oadp/oadp-velero-rhel9@sha256:489b4765e3f7f9da000be488e6ee755f9e930ce2e0d688c39677fc964cd1ae3a_ppc64le",
"9Base-OADP-1.4:oadp/oadp-velero-rhel9@sha256:6eb63751e7f228d3b91abd9927ca0fd84d73aa095bc76afd681340f85c36cd92_amd64",
"9Base-OADP-1.4:oadp/oadp-velero-rhel9@sha256:704acaaf95af349cb107ac6df2bfef5da3df3d5fc16f16c631b5e5f97492bcaf_s390x",
"9Base-OADP-1.4:oadp/oadp-velero-rhel9@sha256:8f28683c1b38621778de147f3f2329119f843e017d48a33de14fcadfc9f4384b_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"9Base-OADP-1.4:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:2bae3100587b970b7246ae28196982edc6b9dae145f4d8c812fc9d78bff20961_amd64",
"9Base-OADP-1.4:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:475a27e370e023af9fc2698ce9b14a97cd0302d27f2bc52dc680bb63a82eb707_s390x",
"9Base-OADP-1.4:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:e4699d011786df4d3b8481b0b79a41c6cf2450c28a96d983b506393734a24c3a_ppc64le",
"9Base-OADP-1.4:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:f78f207306aebfe90a9126218b77b64a088b68122f8805b5b69e47972e5d298a_arm64",
"9Base-OADP-1.4:oadp/oadp-mustgather-rhel9@sha256:41f32fb3b6f3c1ed7be1f2580dd0fcc861c8240c8470b4e0346e0ba5bbb512b5_s390x",
"9Base-OADP-1.4:oadp/oadp-mustgather-rhel9@sha256:a0dad19da75a825d5756e033590df8cdb5a6af0f55f906b9b1000d4c3adccd5a_amd64",
"9Base-OADP-1.4:oadp/oadp-mustgather-rhel9@sha256:abf07f4cad8f18537ccc2f162b25e11a5cae547c5f0db789f573ebc42a327041_arm64",
"9Base-OADP-1.4:oadp/oadp-mustgather-rhel9@sha256:d9bcac4f030c419292e13e517baf606514dece94182328e9f54058508a5138f1_ppc64le",
"9Base-OADP-1.4:oadp/oadp-operator-bundle@sha256:7317ed83242340597b5cdde8ee314606ddd563d0067ee85c12eb21037e2feb99_amd64",
"9Base-OADP-1.4:oadp/oadp-operator-bundle@sha256:7bbd1cb460a20aa568f543122ead86a7590827ed04166b82902cd68f60c67b4a_arm64",
"9Base-OADP-1.4:oadp/oadp-operator-bundle@sha256:c06a0dc726d75fbed4c5f0ed5beb1abafdc2f85997d9d0b1dab41775b7ffe07d_s390x",
"9Base-OADP-1.4:oadp/oadp-operator-bundle@sha256:f05c810e2b1c445a5d997826f423b6759c11b188dd8781af5908c085d082ceac_ppc64le",
"9Base-OADP-1.4:oadp/oadp-rhel9-operator@sha256:a695cf5140b0b109ede8c718c7b5b720fbe3f92c033f999506d78e2341c01203_ppc64le",
"9Base-OADP-1.4:oadp/oadp-rhel9-operator@sha256:a8b86cbc818be479fd560b85e129e917c2314c82070d39a0c1453d8f11631ec5_s390x",
"9Base-OADP-1.4:oadp/oadp-rhel9-operator@sha256:c64c81ccaa4d3ed1c2b333936b0a9aa111e4dde2de88af5780ebd83f3b29bad6_amd64",
"9Base-OADP-1.4:oadp/oadp-rhel9-operator@sha256:e4a7bd1b9aeae7350256a65fcb094cff2622e569ca8768df63d43682dff364d4_arm64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:2cdd8800ab19ff52a6682d3a6477c745b09224998dd4d7c5882111496ae8ec09_amd64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:36a22693fd6d1d2721f2f6d579bc638d51ae3648766cc57118f6956cd10aba36_arm64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:969922831941453a7d0c16bbe908b3b3596493134e68e771bd49ed9460f38bf1_ppc64le",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:e97dc347f843eab864efb81f939b425554e6db58cde788a942afd7b00ac470df_s390x",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:6ab225df2a249068ce7f22d909916ee94e58abcbae8662d4df3f0e93e4b97eed_arm64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:a654a342057e7f679a96a5f18069bf6568e9a9f59f9f1934bf02f346a73cfe25_ppc64le",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:d70161cdeb833ec007dfad5a7f1b1ff411a10fe054b9ede12f3d7879e201ee17_amd64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:d9cc11a9154a89f84d66874f773225b6ac2b9a3342bd4d15cbb2ee8639c5f05f_s390x",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:121c80f73d2739694de126801e5c9622584ddc61fad9d1953e56fc83439ce074_amd64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:1ead7c1b32cb4ff2ec3002142a2fa25dbde1cc99c9ab07742e06981055963716_ppc64le",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:9f7b3d93c79057eaefd036c8aa06f392487a73c1dde9a5bdecac73610b42461d_arm64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:cc1323f77941a5c0d4202ab96ca1643b6d06df4febf996de2ee82f43010e319c_s390x",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:18bfc85cc1a69536c266b0d168644406ccab9943aeb076a4e1a241655783a199_s390x",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:6c8c1cee0d702a5917c16decf62950adddc5ad4b629492b50a2d3c860dad14c2_ppc64le",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:7d22ecdc5faffcf9073c2b08178363820dc74d6fed62d0974bb3df309be573cb_amd64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:fb57f4b7e2df487e6a8d272168c88ccd2f9f9b4d06efe23cf271c900d84d66cc_arm64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-rhel9@sha256:6fb517f7cba99c4db682a9e71e4afce78f0f6b2b6fed6ee83ee39e3883af72d1_arm64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-rhel9@sha256:7c3889900001f080690330f619d8e509e7005363a984eeb47221359b91166674_ppc64le",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-rhel9@sha256:b76bf2f89b41f4f5a3fb696a3942f26eb1ffbdf5a0bc0d9611906dd1de177d16_amd64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-rhel9@sha256:d37ce4423a62897fa3ba2b59fe9bb3a4832088020ea089dd03b920a36179418f_s390x",
"9Base-OADP-1.4:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:37a60c31f57eb012097db76db3682d1c98936c581f64fda05fd705805b34327d_arm64",
"9Base-OADP-1.4:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:8d42dac3bdfb6f30bbbb62f83b9a3847c56ee405474b543e51619735e1b6dea4_ppc64le",
"9Base-OADP-1.4:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:aaf2bfc6b4a84f6b56592cfaa63552bea96ac5c8283f883b0f810a4c00b5f469_amd64",
"9Base-OADP-1.4:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:ebe2f773be55633f5d78274d9b85c253cd97257e227f20a12f20f27722c56885_s390x",
"9Base-OADP-1.4:oadp/oadp-velero-rhel9@sha256:489b4765e3f7f9da000be488e6ee755f9e930ce2e0d688c39677fc964cd1ae3a_ppc64le",
"9Base-OADP-1.4:oadp/oadp-velero-rhel9@sha256:6eb63751e7f228d3b91abd9927ca0fd84d73aa095bc76afd681340f85c36cd92_amd64",
"9Base-OADP-1.4:oadp/oadp-velero-rhel9@sha256:704acaaf95af349cb107ac6df2bfef5da3df3d5fc16f16c631b5e5f97492bcaf_s390x",
"9Base-OADP-1.4:oadp/oadp-velero-rhel9@sha256:8f28683c1b38621778de147f3f2329119f843e017d48a33de14fcadfc9f4384b_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang.org/x/crypto/ssh: Misuse of ServerConfig.PublicKeyCallback may cause authorization bypass in golang.org/x/crypto"
},
{
"cve": "CVE-2024-45338",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2024-12-18T21:00:59.938173+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-OADP-1.4:oadp/oadp-operator-bundle@sha256:7317ed83242340597b5cdde8ee314606ddd563d0067ee85c12eb21037e2feb99_amd64",
"9Base-OADP-1.4:oadp/oadp-operator-bundle@sha256:7bbd1cb460a20aa568f543122ead86a7590827ed04166b82902cd68f60c67b4a_arm64",
"9Base-OADP-1.4:oadp/oadp-operator-bundle@sha256:c06a0dc726d75fbed4c5f0ed5beb1abafdc2f85997d9d0b1dab41775b7ffe07d_s390x",
"9Base-OADP-1.4:oadp/oadp-operator-bundle@sha256:f05c810e2b1c445a5d997826f423b6759c11b188dd8781af5908c085d082ceac_ppc64le",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:2cdd8800ab19ff52a6682d3a6477c745b09224998dd4d7c5882111496ae8ec09_amd64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:36a22693fd6d1d2721f2f6d579bc638d51ae3648766cc57118f6956cd10aba36_arm64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:969922831941453a7d0c16bbe908b3b3596493134e68e771bd49ed9460f38bf1_ppc64le",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:e97dc347f843eab864efb81f939b425554e6db58cde788a942afd7b00ac470df_s390x",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:6ab225df2a249068ce7f22d909916ee94e58abcbae8662d4df3f0e93e4b97eed_arm64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:a654a342057e7f679a96a5f18069bf6568e9a9f59f9f1934bf02f346a73cfe25_ppc64le",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:d70161cdeb833ec007dfad5a7f1b1ff411a10fe054b9ede12f3d7879e201ee17_amd64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:d9cc11a9154a89f84d66874f773225b6ac2b9a3342bd4d15cbb2ee8639c5f05f_s390x",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:121c80f73d2739694de126801e5c9622584ddc61fad9d1953e56fc83439ce074_amd64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:1ead7c1b32cb4ff2ec3002142a2fa25dbde1cc99c9ab07742e06981055963716_ppc64le",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:9f7b3d93c79057eaefd036c8aa06f392487a73c1dde9a5bdecac73610b42461d_arm64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:cc1323f77941a5c0d4202ab96ca1643b6d06df4febf996de2ee82f43010e319c_s390x",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:18bfc85cc1a69536c266b0d168644406ccab9943aeb076a4e1a241655783a199_s390x",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:6c8c1cee0d702a5917c16decf62950adddc5ad4b629492b50a2d3c860dad14c2_ppc64le",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:7d22ecdc5faffcf9073c2b08178363820dc74d6fed62d0974bb3df309be573cb_amd64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:fb57f4b7e2df487e6a8d272168c88ccd2f9f9b4d06efe23cf271c900d84d66cc_arm64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-rhel9@sha256:6fb517f7cba99c4db682a9e71e4afce78f0f6b2b6fed6ee83ee39e3883af72d1_arm64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-rhel9@sha256:7c3889900001f080690330f619d8e509e7005363a984eeb47221359b91166674_ppc64le",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-rhel9@sha256:b76bf2f89b41f4f5a3fb696a3942f26eb1ffbdf5a0bc0d9611906dd1de177d16_amd64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-rhel9@sha256:d37ce4423a62897fa3ba2b59fe9bb3a4832088020ea089dd03b920a36179418f_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2333122"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in golang.org/x/net/html. This flaw allows an attacker to craft input to the parse functions that would be processed non-linearly with respect to its length, resulting in extremely slow parsing. This issue can cause a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang.org/x/net/html: Non-linear parsing of case-insensitive content in golang.org/x/net/html",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated as an Important severity because an attacker can craft malicious input that causes the parsing functions to process data non-linearly, resulting in significant delays which leads to a denial of service by exhausting system resources.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-OADP-1.4:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:2bae3100587b970b7246ae28196982edc6b9dae145f4d8c812fc9d78bff20961_amd64",
"9Base-OADP-1.4:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:475a27e370e023af9fc2698ce9b14a97cd0302d27f2bc52dc680bb63a82eb707_s390x",
"9Base-OADP-1.4:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:e4699d011786df4d3b8481b0b79a41c6cf2450c28a96d983b506393734a24c3a_ppc64le",
"9Base-OADP-1.4:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:f78f207306aebfe90a9126218b77b64a088b68122f8805b5b69e47972e5d298a_arm64",
"9Base-OADP-1.4:oadp/oadp-mustgather-rhel9@sha256:41f32fb3b6f3c1ed7be1f2580dd0fcc861c8240c8470b4e0346e0ba5bbb512b5_s390x",
"9Base-OADP-1.4:oadp/oadp-mustgather-rhel9@sha256:a0dad19da75a825d5756e033590df8cdb5a6af0f55f906b9b1000d4c3adccd5a_amd64",
"9Base-OADP-1.4:oadp/oadp-mustgather-rhel9@sha256:abf07f4cad8f18537ccc2f162b25e11a5cae547c5f0db789f573ebc42a327041_arm64",
"9Base-OADP-1.4:oadp/oadp-mustgather-rhel9@sha256:d9bcac4f030c419292e13e517baf606514dece94182328e9f54058508a5138f1_ppc64le",
"9Base-OADP-1.4:oadp/oadp-rhel9-operator@sha256:a695cf5140b0b109ede8c718c7b5b720fbe3f92c033f999506d78e2341c01203_ppc64le",
"9Base-OADP-1.4:oadp/oadp-rhel9-operator@sha256:a8b86cbc818be479fd560b85e129e917c2314c82070d39a0c1453d8f11631ec5_s390x",
"9Base-OADP-1.4:oadp/oadp-rhel9-operator@sha256:c64c81ccaa4d3ed1c2b333936b0a9aa111e4dde2de88af5780ebd83f3b29bad6_amd64",
"9Base-OADP-1.4:oadp/oadp-rhel9-operator@sha256:e4a7bd1b9aeae7350256a65fcb094cff2622e569ca8768df63d43682dff364d4_arm64",
"9Base-OADP-1.4:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:37a60c31f57eb012097db76db3682d1c98936c581f64fda05fd705805b34327d_arm64",
"9Base-OADP-1.4:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:8d42dac3bdfb6f30bbbb62f83b9a3847c56ee405474b543e51619735e1b6dea4_ppc64le",
"9Base-OADP-1.4:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:aaf2bfc6b4a84f6b56592cfaa63552bea96ac5c8283f883b0f810a4c00b5f469_amd64",
"9Base-OADP-1.4:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:ebe2f773be55633f5d78274d9b85c253cd97257e227f20a12f20f27722c56885_s390x",
"9Base-OADP-1.4:oadp/oadp-velero-rhel9@sha256:489b4765e3f7f9da000be488e6ee755f9e930ce2e0d688c39677fc964cd1ae3a_ppc64le",
"9Base-OADP-1.4:oadp/oadp-velero-rhel9@sha256:6eb63751e7f228d3b91abd9927ca0fd84d73aa095bc76afd681340f85c36cd92_amd64",
"9Base-OADP-1.4:oadp/oadp-velero-rhel9@sha256:704acaaf95af349cb107ac6df2bfef5da3df3d5fc16f16c631b5e5f97492bcaf_s390x",
"9Base-OADP-1.4:oadp/oadp-velero-rhel9@sha256:8f28683c1b38621778de147f3f2329119f843e017d48a33de14fcadfc9f4384b_arm64"
],
"known_not_affected": [
"9Base-OADP-1.4:oadp/oadp-operator-bundle@sha256:7317ed83242340597b5cdde8ee314606ddd563d0067ee85c12eb21037e2feb99_amd64",
"9Base-OADP-1.4:oadp/oadp-operator-bundle@sha256:7bbd1cb460a20aa568f543122ead86a7590827ed04166b82902cd68f60c67b4a_arm64",
"9Base-OADP-1.4:oadp/oadp-operator-bundle@sha256:c06a0dc726d75fbed4c5f0ed5beb1abafdc2f85997d9d0b1dab41775b7ffe07d_s390x",
"9Base-OADP-1.4:oadp/oadp-operator-bundle@sha256:f05c810e2b1c445a5d997826f423b6759c11b188dd8781af5908c085d082ceac_ppc64le",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:2cdd8800ab19ff52a6682d3a6477c745b09224998dd4d7c5882111496ae8ec09_amd64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:36a22693fd6d1d2721f2f6d579bc638d51ae3648766cc57118f6956cd10aba36_arm64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:969922831941453a7d0c16bbe908b3b3596493134e68e771bd49ed9460f38bf1_ppc64le",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:e97dc347f843eab864efb81f939b425554e6db58cde788a942afd7b00ac470df_s390x",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:6ab225df2a249068ce7f22d909916ee94e58abcbae8662d4df3f0e93e4b97eed_arm64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:a654a342057e7f679a96a5f18069bf6568e9a9f59f9f1934bf02f346a73cfe25_ppc64le",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:d70161cdeb833ec007dfad5a7f1b1ff411a10fe054b9ede12f3d7879e201ee17_amd64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:d9cc11a9154a89f84d66874f773225b6ac2b9a3342bd4d15cbb2ee8639c5f05f_s390x",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:121c80f73d2739694de126801e5c9622584ddc61fad9d1953e56fc83439ce074_amd64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:1ead7c1b32cb4ff2ec3002142a2fa25dbde1cc99c9ab07742e06981055963716_ppc64le",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:9f7b3d93c79057eaefd036c8aa06f392487a73c1dde9a5bdecac73610b42461d_arm64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:cc1323f77941a5c0d4202ab96ca1643b6d06df4febf996de2ee82f43010e319c_s390x",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:18bfc85cc1a69536c266b0d168644406ccab9943aeb076a4e1a241655783a199_s390x",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:6c8c1cee0d702a5917c16decf62950adddc5ad4b629492b50a2d3c860dad14c2_ppc64le",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:7d22ecdc5faffcf9073c2b08178363820dc74d6fed62d0974bb3df309be573cb_amd64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:fb57f4b7e2df487e6a8d272168c88ccd2f9f9b4d06efe23cf271c900d84d66cc_arm64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-rhel9@sha256:6fb517f7cba99c4db682a9e71e4afce78f0f6b2b6fed6ee83ee39e3883af72d1_arm64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-rhel9@sha256:7c3889900001f080690330f619d8e509e7005363a984eeb47221359b91166674_ppc64le",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-rhel9@sha256:b76bf2f89b41f4f5a3fb696a3942f26eb1ffbdf5a0bc0d9611906dd1de177d16_amd64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-rhel9@sha256:d37ce4423a62897fa3ba2b59fe9bb3a4832088020ea089dd03b920a36179418f_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-45338"
},
{
"category": "external",
"summary": "RHBZ#2333122",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2333122"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-45338",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45338"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-45338",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-45338"
},
{
"category": "external",
"summary": "https://go.dev/cl/637536",
"url": "https://go.dev/cl/637536"
},
{
"category": "external",
"summary": "https://go.dev/issue/70906",
"url": "https://go.dev/issue/70906"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/wSCRmFnNmPA/m/Lvcd0mRMAwAJ",
"url": "https://groups.google.com/g/golang-announce/c/wSCRmFnNmPA/m/Lvcd0mRMAwAJ"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2024-3333",
"url": "https://pkg.go.dev/vuln/GO-2024-3333"
}
],
"release_date": "2024-12-18T20:38:22.660000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-07-18T15:51:18+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-OADP-1.4:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:2bae3100587b970b7246ae28196982edc6b9dae145f4d8c812fc9d78bff20961_amd64",
"9Base-OADP-1.4:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:475a27e370e023af9fc2698ce9b14a97cd0302d27f2bc52dc680bb63a82eb707_s390x",
"9Base-OADP-1.4:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:e4699d011786df4d3b8481b0b79a41c6cf2450c28a96d983b506393734a24c3a_ppc64le",
"9Base-OADP-1.4:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:f78f207306aebfe90a9126218b77b64a088b68122f8805b5b69e47972e5d298a_arm64",
"9Base-OADP-1.4:oadp/oadp-mustgather-rhel9@sha256:41f32fb3b6f3c1ed7be1f2580dd0fcc861c8240c8470b4e0346e0ba5bbb512b5_s390x",
"9Base-OADP-1.4:oadp/oadp-mustgather-rhel9@sha256:a0dad19da75a825d5756e033590df8cdb5a6af0f55f906b9b1000d4c3adccd5a_amd64",
"9Base-OADP-1.4:oadp/oadp-mustgather-rhel9@sha256:abf07f4cad8f18537ccc2f162b25e11a5cae547c5f0db789f573ebc42a327041_arm64",
"9Base-OADP-1.4:oadp/oadp-mustgather-rhel9@sha256:d9bcac4f030c419292e13e517baf606514dece94182328e9f54058508a5138f1_ppc64le",
"9Base-OADP-1.4:oadp/oadp-rhel9-operator@sha256:a695cf5140b0b109ede8c718c7b5b720fbe3f92c033f999506d78e2341c01203_ppc64le",
"9Base-OADP-1.4:oadp/oadp-rhel9-operator@sha256:a8b86cbc818be479fd560b85e129e917c2314c82070d39a0c1453d8f11631ec5_s390x",
"9Base-OADP-1.4:oadp/oadp-rhel9-operator@sha256:c64c81ccaa4d3ed1c2b333936b0a9aa111e4dde2de88af5780ebd83f3b29bad6_amd64",
"9Base-OADP-1.4:oadp/oadp-rhel9-operator@sha256:e4a7bd1b9aeae7350256a65fcb094cff2622e569ca8768df63d43682dff364d4_arm64",
"9Base-OADP-1.4:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:37a60c31f57eb012097db76db3682d1c98936c581f64fda05fd705805b34327d_arm64",
"9Base-OADP-1.4:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:8d42dac3bdfb6f30bbbb62f83b9a3847c56ee405474b543e51619735e1b6dea4_ppc64le",
"9Base-OADP-1.4:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:aaf2bfc6b4a84f6b56592cfaa63552bea96ac5c8283f883b0f810a4c00b5f469_amd64",
"9Base-OADP-1.4:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:ebe2f773be55633f5d78274d9b85c253cd97257e227f20a12f20f27722c56885_s390x",
"9Base-OADP-1.4:oadp/oadp-velero-rhel9@sha256:489b4765e3f7f9da000be488e6ee755f9e930ce2e0d688c39677fc964cd1ae3a_ppc64le",
"9Base-OADP-1.4:oadp/oadp-velero-rhel9@sha256:6eb63751e7f228d3b91abd9927ca0fd84d73aa095bc76afd681340f85c36cd92_amd64",
"9Base-OADP-1.4:oadp/oadp-velero-rhel9@sha256:704acaaf95af349cb107ac6df2bfef5da3df3d5fc16f16c631b5e5f97492bcaf_s390x",
"9Base-OADP-1.4:oadp/oadp-velero-rhel9@sha256:8f28683c1b38621778de147f3f2329119f843e017d48a33de14fcadfc9f4384b_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:11396"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-OADP-1.4:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:2bae3100587b970b7246ae28196982edc6b9dae145f4d8c812fc9d78bff20961_amd64",
"9Base-OADP-1.4:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:475a27e370e023af9fc2698ce9b14a97cd0302d27f2bc52dc680bb63a82eb707_s390x",
"9Base-OADP-1.4:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:e4699d011786df4d3b8481b0b79a41c6cf2450c28a96d983b506393734a24c3a_ppc64le",
"9Base-OADP-1.4:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:f78f207306aebfe90a9126218b77b64a088b68122f8805b5b69e47972e5d298a_arm64",
"9Base-OADP-1.4:oadp/oadp-mustgather-rhel9@sha256:41f32fb3b6f3c1ed7be1f2580dd0fcc861c8240c8470b4e0346e0ba5bbb512b5_s390x",
"9Base-OADP-1.4:oadp/oadp-mustgather-rhel9@sha256:a0dad19da75a825d5756e033590df8cdb5a6af0f55f906b9b1000d4c3adccd5a_amd64",
"9Base-OADP-1.4:oadp/oadp-mustgather-rhel9@sha256:abf07f4cad8f18537ccc2f162b25e11a5cae547c5f0db789f573ebc42a327041_arm64",
"9Base-OADP-1.4:oadp/oadp-mustgather-rhel9@sha256:d9bcac4f030c419292e13e517baf606514dece94182328e9f54058508a5138f1_ppc64le",
"9Base-OADP-1.4:oadp/oadp-operator-bundle@sha256:7317ed83242340597b5cdde8ee314606ddd563d0067ee85c12eb21037e2feb99_amd64",
"9Base-OADP-1.4:oadp/oadp-operator-bundle@sha256:7bbd1cb460a20aa568f543122ead86a7590827ed04166b82902cd68f60c67b4a_arm64",
"9Base-OADP-1.4:oadp/oadp-operator-bundle@sha256:c06a0dc726d75fbed4c5f0ed5beb1abafdc2f85997d9d0b1dab41775b7ffe07d_s390x",
"9Base-OADP-1.4:oadp/oadp-operator-bundle@sha256:f05c810e2b1c445a5d997826f423b6759c11b188dd8781af5908c085d082ceac_ppc64le",
"9Base-OADP-1.4:oadp/oadp-rhel9-operator@sha256:a695cf5140b0b109ede8c718c7b5b720fbe3f92c033f999506d78e2341c01203_ppc64le",
"9Base-OADP-1.4:oadp/oadp-rhel9-operator@sha256:a8b86cbc818be479fd560b85e129e917c2314c82070d39a0c1453d8f11631ec5_s390x",
"9Base-OADP-1.4:oadp/oadp-rhel9-operator@sha256:c64c81ccaa4d3ed1c2b333936b0a9aa111e4dde2de88af5780ebd83f3b29bad6_amd64",
"9Base-OADP-1.4:oadp/oadp-rhel9-operator@sha256:e4a7bd1b9aeae7350256a65fcb094cff2622e569ca8768df63d43682dff364d4_arm64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:2cdd8800ab19ff52a6682d3a6477c745b09224998dd4d7c5882111496ae8ec09_amd64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:36a22693fd6d1d2721f2f6d579bc638d51ae3648766cc57118f6956cd10aba36_arm64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:969922831941453a7d0c16bbe908b3b3596493134e68e771bd49ed9460f38bf1_ppc64le",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:e97dc347f843eab864efb81f939b425554e6db58cde788a942afd7b00ac470df_s390x",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:6ab225df2a249068ce7f22d909916ee94e58abcbae8662d4df3f0e93e4b97eed_arm64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:a654a342057e7f679a96a5f18069bf6568e9a9f59f9f1934bf02f346a73cfe25_ppc64le",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:d70161cdeb833ec007dfad5a7f1b1ff411a10fe054b9ede12f3d7879e201ee17_amd64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:d9cc11a9154a89f84d66874f773225b6ac2b9a3342bd4d15cbb2ee8639c5f05f_s390x",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:121c80f73d2739694de126801e5c9622584ddc61fad9d1953e56fc83439ce074_amd64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:1ead7c1b32cb4ff2ec3002142a2fa25dbde1cc99c9ab07742e06981055963716_ppc64le",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:9f7b3d93c79057eaefd036c8aa06f392487a73c1dde9a5bdecac73610b42461d_arm64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:cc1323f77941a5c0d4202ab96ca1643b6d06df4febf996de2ee82f43010e319c_s390x",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:18bfc85cc1a69536c266b0d168644406ccab9943aeb076a4e1a241655783a199_s390x",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:6c8c1cee0d702a5917c16decf62950adddc5ad4b629492b50a2d3c860dad14c2_ppc64le",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:7d22ecdc5faffcf9073c2b08178363820dc74d6fed62d0974bb3df309be573cb_amd64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:fb57f4b7e2df487e6a8d272168c88ccd2f9f9b4d06efe23cf271c900d84d66cc_arm64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-rhel9@sha256:6fb517f7cba99c4db682a9e71e4afce78f0f6b2b6fed6ee83ee39e3883af72d1_arm64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-rhel9@sha256:7c3889900001f080690330f619d8e509e7005363a984eeb47221359b91166674_ppc64le",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-rhel9@sha256:b76bf2f89b41f4f5a3fb696a3942f26eb1ffbdf5a0bc0d9611906dd1de177d16_amd64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-rhel9@sha256:d37ce4423a62897fa3ba2b59fe9bb3a4832088020ea089dd03b920a36179418f_s390x",
"9Base-OADP-1.4:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:37a60c31f57eb012097db76db3682d1c98936c581f64fda05fd705805b34327d_arm64",
"9Base-OADP-1.4:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:8d42dac3bdfb6f30bbbb62f83b9a3847c56ee405474b543e51619735e1b6dea4_ppc64le",
"9Base-OADP-1.4:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:aaf2bfc6b4a84f6b56592cfaa63552bea96ac5c8283f883b0f810a4c00b5f469_amd64",
"9Base-OADP-1.4:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:ebe2f773be55633f5d78274d9b85c253cd97257e227f20a12f20f27722c56885_s390x",
"9Base-OADP-1.4:oadp/oadp-velero-rhel9@sha256:489b4765e3f7f9da000be488e6ee755f9e930ce2e0d688c39677fc964cd1ae3a_ppc64le",
"9Base-OADP-1.4:oadp/oadp-velero-rhel9@sha256:6eb63751e7f228d3b91abd9927ca0fd84d73aa095bc76afd681340f85c36cd92_amd64",
"9Base-OADP-1.4:oadp/oadp-velero-rhel9@sha256:704acaaf95af349cb107ac6df2bfef5da3df3d5fc16f16c631b5e5f97492bcaf_s390x",
"9Base-OADP-1.4:oadp/oadp-velero-rhel9@sha256:8f28683c1b38621778de147f3f2329119f843e017d48a33de14fcadfc9f4384b_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang.org/x/net/html: Non-linear parsing of case-insensitive content in golang.org/x/net/html"
},
{
"cve": "CVE-2025-21613",
"cwe": {
"id": "CWE-88",
"name": "Improper Neutralization of Argument Delimiters in a Command (\u0027Argument Injection\u0027)"
},
"discovery_date": "2025-01-06T17:00:41.244449+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-OADP-1.4:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:2bae3100587b970b7246ae28196982edc6b9dae145f4d8c812fc9d78bff20961_amd64",
"9Base-OADP-1.4:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:475a27e370e023af9fc2698ce9b14a97cd0302d27f2bc52dc680bb63a82eb707_s390x",
"9Base-OADP-1.4:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:e4699d011786df4d3b8481b0b79a41c6cf2450c28a96d983b506393734a24c3a_ppc64le",
"9Base-OADP-1.4:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:f78f207306aebfe90a9126218b77b64a088b68122f8805b5b69e47972e5d298a_arm64",
"9Base-OADP-1.4:oadp/oadp-operator-bundle@sha256:7317ed83242340597b5cdde8ee314606ddd563d0067ee85c12eb21037e2feb99_amd64",
"9Base-OADP-1.4:oadp/oadp-operator-bundle@sha256:7bbd1cb460a20aa568f543122ead86a7590827ed04166b82902cd68f60c67b4a_arm64",
"9Base-OADP-1.4:oadp/oadp-operator-bundle@sha256:c06a0dc726d75fbed4c5f0ed5beb1abafdc2f85997d9d0b1dab41775b7ffe07d_s390x",
"9Base-OADP-1.4:oadp/oadp-operator-bundle@sha256:f05c810e2b1c445a5d997826f423b6759c11b188dd8781af5908c085d082ceac_ppc64le",
"9Base-OADP-1.4:oadp/oadp-rhel9-operator@sha256:a695cf5140b0b109ede8c718c7b5b720fbe3f92c033f999506d78e2341c01203_ppc64le",
"9Base-OADP-1.4:oadp/oadp-rhel9-operator@sha256:a8b86cbc818be479fd560b85e129e917c2314c82070d39a0c1453d8f11631ec5_s390x",
"9Base-OADP-1.4:oadp/oadp-rhel9-operator@sha256:c64c81ccaa4d3ed1c2b333936b0a9aa111e4dde2de88af5780ebd83f3b29bad6_amd64",
"9Base-OADP-1.4:oadp/oadp-rhel9-operator@sha256:e4a7bd1b9aeae7350256a65fcb094cff2622e569ca8768df63d43682dff364d4_arm64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:2cdd8800ab19ff52a6682d3a6477c745b09224998dd4d7c5882111496ae8ec09_amd64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:36a22693fd6d1d2721f2f6d579bc638d51ae3648766cc57118f6956cd10aba36_arm64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:969922831941453a7d0c16bbe908b3b3596493134e68e771bd49ed9460f38bf1_ppc64le",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:e97dc347f843eab864efb81f939b425554e6db58cde788a942afd7b00ac470df_s390x",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:6ab225df2a249068ce7f22d909916ee94e58abcbae8662d4df3f0e93e4b97eed_arm64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:a654a342057e7f679a96a5f18069bf6568e9a9f59f9f1934bf02f346a73cfe25_ppc64le",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:d70161cdeb833ec007dfad5a7f1b1ff411a10fe054b9ede12f3d7879e201ee17_amd64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:d9cc11a9154a89f84d66874f773225b6ac2b9a3342bd4d15cbb2ee8639c5f05f_s390x",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:121c80f73d2739694de126801e5c9622584ddc61fad9d1953e56fc83439ce074_amd64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:1ead7c1b32cb4ff2ec3002142a2fa25dbde1cc99c9ab07742e06981055963716_ppc64le",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:9f7b3d93c79057eaefd036c8aa06f392487a73c1dde9a5bdecac73610b42461d_arm64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:cc1323f77941a5c0d4202ab96ca1643b6d06df4febf996de2ee82f43010e319c_s390x",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:18bfc85cc1a69536c266b0d168644406ccab9943aeb076a4e1a241655783a199_s390x",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:6c8c1cee0d702a5917c16decf62950adddc5ad4b629492b50a2d3c860dad14c2_ppc64le",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:7d22ecdc5faffcf9073c2b08178363820dc74d6fed62d0974bb3df309be573cb_amd64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:fb57f4b7e2df487e6a8d272168c88ccd2f9f9b4d06efe23cf271c900d84d66cc_arm64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-rhel9@sha256:6fb517f7cba99c4db682a9e71e4afce78f0f6b2b6fed6ee83ee39e3883af72d1_arm64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-rhel9@sha256:7c3889900001f080690330f619d8e509e7005363a984eeb47221359b91166674_ppc64le",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-rhel9@sha256:b76bf2f89b41f4f5a3fb696a3942f26eb1ffbdf5a0bc0d9611906dd1de177d16_amd64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-rhel9@sha256:d37ce4423a62897fa3ba2b59fe9bb3a4832088020ea089dd03b920a36179418f_s390x",
"9Base-OADP-1.4:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:37a60c31f57eb012097db76db3682d1c98936c581f64fda05fd705805b34327d_arm64",
"9Base-OADP-1.4:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:8d42dac3bdfb6f30bbbb62f83b9a3847c56ee405474b543e51619735e1b6dea4_ppc64le",
"9Base-OADP-1.4:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:aaf2bfc6b4a84f6b56592cfaa63552bea96ac5c8283f883b0f810a4c00b5f469_amd64",
"9Base-OADP-1.4:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:ebe2f773be55633f5d78274d9b85c253cd97257e227f20a12f20f27722c56885_s390x",
"9Base-OADP-1.4:oadp/oadp-velero-rhel9@sha256:489b4765e3f7f9da000be488e6ee755f9e930ce2e0d688c39677fc964cd1ae3a_ppc64le",
"9Base-OADP-1.4:oadp/oadp-velero-rhel9@sha256:6eb63751e7f228d3b91abd9927ca0fd84d73aa095bc76afd681340f85c36cd92_amd64",
"9Base-OADP-1.4:oadp/oadp-velero-rhel9@sha256:704acaaf95af349cb107ac6df2bfef5da3df3d5fc16f16c631b5e5f97492bcaf_s390x",
"9Base-OADP-1.4:oadp/oadp-velero-rhel9@sha256:8f28683c1b38621778de147f3f2329119f843e017d48a33de14fcadfc9f4384b_arm64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2335888"
}
],
"notes": [
{
"category": "description",
"text": "An argument injection vulnerability was found in go-git. This flaw allows an attacker to set arbitrary values to git-upload-pack flags, leading to command or code execution, exposure of sensitive data, or other unintended behavior. This is only possible in configurations where the file transport protocol is being used.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "go-git: argument injection via the URL field",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated as an Important severity because an argument injection has been discovered in go-git, where an attackers can manipulate git-upload-pack flags, potentially enabling command or code execution leads to an exposure of sensitive data or other unintended actions, this vulnerability occurs exclusively in configurations using the file transport protocol.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-OADP-1.4:oadp/oadp-mustgather-rhel9@sha256:41f32fb3b6f3c1ed7be1f2580dd0fcc861c8240c8470b4e0346e0ba5bbb512b5_s390x",
"9Base-OADP-1.4:oadp/oadp-mustgather-rhel9@sha256:a0dad19da75a825d5756e033590df8cdb5a6af0f55f906b9b1000d4c3adccd5a_amd64",
"9Base-OADP-1.4:oadp/oadp-mustgather-rhel9@sha256:abf07f4cad8f18537ccc2f162b25e11a5cae547c5f0db789f573ebc42a327041_arm64",
"9Base-OADP-1.4:oadp/oadp-mustgather-rhel9@sha256:d9bcac4f030c419292e13e517baf606514dece94182328e9f54058508a5138f1_ppc64le"
],
"known_not_affected": [
"9Base-OADP-1.4:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:2bae3100587b970b7246ae28196982edc6b9dae145f4d8c812fc9d78bff20961_amd64",
"9Base-OADP-1.4:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:475a27e370e023af9fc2698ce9b14a97cd0302d27f2bc52dc680bb63a82eb707_s390x",
"9Base-OADP-1.4:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:e4699d011786df4d3b8481b0b79a41c6cf2450c28a96d983b506393734a24c3a_ppc64le",
"9Base-OADP-1.4:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:f78f207306aebfe90a9126218b77b64a088b68122f8805b5b69e47972e5d298a_arm64",
"9Base-OADP-1.4:oadp/oadp-operator-bundle@sha256:7317ed83242340597b5cdde8ee314606ddd563d0067ee85c12eb21037e2feb99_amd64",
"9Base-OADP-1.4:oadp/oadp-operator-bundle@sha256:7bbd1cb460a20aa568f543122ead86a7590827ed04166b82902cd68f60c67b4a_arm64",
"9Base-OADP-1.4:oadp/oadp-operator-bundle@sha256:c06a0dc726d75fbed4c5f0ed5beb1abafdc2f85997d9d0b1dab41775b7ffe07d_s390x",
"9Base-OADP-1.4:oadp/oadp-operator-bundle@sha256:f05c810e2b1c445a5d997826f423b6759c11b188dd8781af5908c085d082ceac_ppc64le",
"9Base-OADP-1.4:oadp/oadp-rhel9-operator@sha256:a695cf5140b0b109ede8c718c7b5b720fbe3f92c033f999506d78e2341c01203_ppc64le",
"9Base-OADP-1.4:oadp/oadp-rhel9-operator@sha256:a8b86cbc818be479fd560b85e129e917c2314c82070d39a0c1453d8f11631ec5_s390x",
"9Base-OADP-1.4:oadp/oadp-rhel9-operator@sha256:c64c81ccaa4d3ed1c2b333936b0a9aa111e4dde2de88af5780ebd83f3b29bad6_amd64",
"9Base-OADP-1.4:oadp/oadp-rhel9-operator@sha256:e4a7bd1b9aeae7350256a65fcb094cff2622e569ca8768df63d43682dff364d4_arm64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:2cdd8800ab19ff52a6682d3a6477c745b09224998dd4d7c5882111496ae8ec09_amd64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:36a22693fd6d1d2721f2f6d579bc638d51ae3648766cc57118f6956cd10aba36_arm64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:969922831941453a7d0c16bbe908b3b3596493134e68e771bd49ed9460f38bf1_ppc64le",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:e97dc347f843eab864efb81f939b425554e6db58cde788a942afd7b00ac470df_s390x",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:6ab225df2a249068ce7f22d909916ee94e58abcbae8662d4df3f0e93e4b97eed_arm64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:a654a342057e7f679a96a5f18069bf6568e9a9f59f9f1934bf02f346a73cfe25_ppc64le",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:d70161cdeb833ec007dfad5a7f1b1ff411a10fe054b9ede12f3d7879e201ee17_amd64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:d9cc11a9154a89f84d66874f773225b6ac2b9a3342bd4d15cbb2ee8639c5f05f_s390x",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:121c80f73d2739694de126801e5c9622584ddc61fad9d1953e56fc83439ce074_amd64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:1ead7c1b32cb4ff2ec3002142a2fa25dbde1cc99c9ab07742e06981055963716_ppc64le",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:9f7b3d93c79057eaefd036c8aa06f392487a73c1dde9a5bdecac73610b42461d_arm64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:cc1323f77941a5c0d4202ab96ca1643b6d06df4febf996de2ee82f43010e319c_s390x",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:18bfc85cc1a69536c266b0d168644406ccab9943aeb076a4e1a241655783a199_s390x",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:6c8c1cee0d702a5917c16decf62950adddc5ad4b629492b50a2d3c860dad14c2_ppc64le",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:7d22ecdc5faffcf9073c2b08178363820dc74d6fed62d0974bb3df309be573cb_amd64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:fb57f4b7e2df487e6a8d272168c88ccd2f9f9b4d06efe23cf271c900d84d66cc_arm64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-rhel9@sha256:6fb517f7cba99c4db682a9e71e4afce78f0f6b2b6fed6ee83ee39e3883af72d1_arm64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-rhel9@sha256:7c3889900001f080690330f619d8e509e7005363a984eeb47221359b91166674_ppc64le",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-rhel9@sha256:b76bf2f89b41f4f5a3fb696a3942f26eb1ffbdf5a0bc0d9611906dd1de177d16_amd64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-rhel9@sha256:d37ce4423a62897fa3ba2b59fe9bb3a4832088020ea089dd03b920a36179418f_s390x",
"9Base-OADP-1.4:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:37a60c31f57eb012097db76db3682d1c98936c581f64fda05fd705805b34327d_arm64",
"9Base-OADP-1.4:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:8d42dac3bdfb6f30bbbb62f83b9a3847c56ee405474b543e51619735e1b6dea4_ppc64le",
"9Base-OADP-1.4:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:aaf2bfc6b4a84f6b56592cfaa63552bea96ac5c8283f883b0f810a4c00b5f469_amd64",
"9Base-OADP-1.4:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:ebe2f773be55633f5d78274d9b85c253cd97257e227f20a12f20f27722c56885_s390x",
"9Base-OADP-1.4:oadp/oadp-velero-rhel9@sha256:489b4765e3f7f9da000be488e6ee755f9e930ce2e0d688c39677fc964cd1ae3a_ppc64le",
"9Base-OADP-1.4:oadp/oadp-velero-rhel9@sha256:6eb63751e7f228d3b91abd9927ca0fd84d73aa095bc76afd681340f85c36cd92_amd64",
"9Base-OADP-1.4:oadp/oadp-velero-rhel9@sha256:704acaaf95af349cb107ac6df2bfef5da3df3d5fc16f16c631b5e5f97492bcaf_s390x",
"9Base-OADP-1.4:oadp/oadp-velero-rhel9@sha256:8f28683c1b38621778de147f3f2329119f843e017d48a33de14fcadfc9f4384b_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-21613"
},
{
"category": "external",
"summary": "RHBZ#2335888",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2335888"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-21613",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21613"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-21613",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-21613"
},
{
"category": "external",
"summary": "https://github.com/go-git/go-git/security/advisories/GHSA-v725-9546-7q7m",
"url": "https://github.com/go-git/go-git/security/advisories/GHSA-v725-9546-7q7m"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2025-3368",
"url": "https://pkg.go.dev/vuln/GO-2025-3368"
}
],
"release_date": "2025-01-06T16:13:10.611000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-07-18T15:51:18+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-OADP-1.4:oadp/oadp-mustgather-rhel9@sha256:41f32fb3b6f3c1ed7be1f2580dd0fcc861c8240c8470b4e0346e0ba5bbb512b5_s390x",
"9Base-OADP-1.4:oadp/oadp-mustgather-rhel9@sha256:a0dad19da75a825d5756e033590df8cdb5a6af0f55f906b9b1000d4c3adccd5a_amd64",
"9Base-OADP-1.4:oadp/oadp-mustgather-rhel9@sha256:abf07f4cad8f18537ccc2f162b25e11a5cae547c5f0db789f573ebc42a327041_arm64",
"9Base-OADP-1.4:oadp/oadp-mustgather-rhel9@sha256:d9bcac4f030c419292e13e517baf606514dece94182328e9f54058508a5138f1_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:11396"
},
{
"category": "workaround",
"details": "In cases where it is not possible to update to the latest version of go-git, it is recommended to enforce validation rules for values passed in the URL field.",
"product_ids": [
"9Base-OADP-1.4:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:2bae3100587b970b7246ae28196982edc6b9dae145f4d8c812fc9d78bff20961_amd64",
"9Base-OADP-1.4:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:475a27e370e023af9fc2698ce9b14a97cd0302d27f2bc52dc680bb63a82eb707_s390x",
"9Base-OADP-1.4:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:e4699d011786df4d3b8481b0b79a41c6cf2450c28a96d983b506393734a24c3a_ppc64le",
"9Base-OADP-1.4:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:f78f207306aebfe90a9126218b77b64a088b68122f8805b5b69e47972e5d298a_arm64",
"9Base-OADP-1.4:oadp/oadp-mustgather-rhel9@sha256:41f32fb3b6f3c1ed7be1f2580dd0fcc861c8240c8470b4e0346e0ba5bbb512b5_s390x",
"9Base-OADP-1.4:oadp/oadp-mustgather-rhel9@sha256:a0dad19da75a825d5756e033590df8cdb5a6af0f55f906b9b1000d4c3adccd5a_amd64",
"9Base-OADP-1.4:oadp/oadp-mustgather-rhel9@sha256:abf07f4cad8f18537ccc2f162b25e11a5cae547c5f0db789f573ebc42a327041_arm64",
"9Base-OADP-1.4:oadp/oadp-mustgather-rhel9@sha256:d9bcac4f030c419292e13e517baf606514dece94182328e9f54058508a5138f1_ppc64le",
"9Base-OADP-1.4:oadp/oadp-operator-bundle@sha256:7317ed83242340597b5cdde8ee314606ddd563d0067ee85c12eb21037e2feb99_amd64",
"9Base-OADP-1.4:oadp/oadp-operator-bundle@sha256:7bbd1cb460a20aa568f543122ead86a7590827ed04166b82902cd68f60c67b4a_arm64",
"9Base-OADP-1.4:oadp/oadp-operator-bundle@sha256:c06a0dc726d75fbed4c5f0ed5beb1abafdc2f85997d9d0b1dab41775b7ffe07d_s390x",
"9Base-OADP-1.4:oadp/oadp-operator-bundle@sha256:f05c810e2b1c445a5d997826f423b6759c11b188dd8781af5908c085d082ceac_ppc64le",
"9Base-OADP-1.4:oadp/oadp-rhel9-operator@sha256:a695cf5140b0b109ede8c718c7b5b720fbe3f92c033f999506d78e2341c01203_ppc64le",
"9Base-OADP-1.4:oadp/oadp-rhel9-operator@sha256:a8b86cbc818be479fd560b85e129e917c2314c82070d39a0c1453d8f11631ec5_s390x",
"9Base-OADP-1.4:oadp/oadp-rhel9-operator@sha256:c64c81ccaa4d3ed1c2b333936b0a9aa111e4dde2de88af5780ebd83f3b29bad6_amd64",
"9Base-OADP-1.4:oadp/oadp-rhel9-operator@sha256:e4a7bd1b9aeae7350256a65fcb094cff2622e569ca8768df63d43682dff364d4_arm64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:2cdd8800ab19ff52a6682d3a6477c745b09224998dd4d7c5882111496ae8ec09_amd64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:36a22693fd6d1d2721f2f6d579bc638d51ae3648766cc57118f6956cd10aba36_arm64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:969922831941453a7d0c16bbe908b3b3596493134e68e771bd49ed9460f38bf1_ppc64le",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:e97dc347f843eab864efb81f939b425554e6db58cde788a942afd7b00ac470df_s390x",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:6ab225df2a249068ce7f22d909916ee94e58abcbae8662d4df3f0e93e4b97eed_arm64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:a654a342057e7f679a96a5f18069bf6568e9a9f59f9f1934bf02f346a73cfe25_ppc64le",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:d70161cdeb833ec007dfad5a7f1b1ff411a10fe054b9ede12f3d7879e201ee17_amd64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:d9cc11a9154a89f84d66874f773225b6ac2b9a3342bd4d15cbb2ee8639c5f05f_s390x",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:121c80f73d2739694de126801e5c9622584ddc61fad9d1953e56fc83439ce074_amd64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:1ead7c1b32cb4ff2ec3002142a2fa25dbde1cc99c9ab07742e06981055963716_ppc64le",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:9f7b3d93c79057eaefd036c8aa06f392487a73c1dde9a5bdecac73610b42461d_arm64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:cc1323f77941a5c0d4202ab96ca1643b6d06df4febf996de2ee82f43010e319c_s390x",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:18bfc85cc1a69536c266b0d168644406ccab9943aeb076a4e1a241655783a199_s390x",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:6c8c1cee0d702a5917c16decf62950adddc5ad4b629492b50a2d3c860dad14c2_ppc64le",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:7d22ecdc5faffcf9073c2b08178363820dc74d6fed62d0974bb3df309be573cb_amd64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:fb57f4b7e2df487e6a8d272168c88ccd2f9f9b4d06efe23cf271c900d84d66cc_arm64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-rhel9@sha256:6fb517f7cba99c4db682a9e71e4afce78f0f6b2b6fed6ee83ee39e3883af72d1_arm64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-rhel9@sha256:7c3889900001f080690330f619d8e509e7005363a984eeb47221359b91166674_ppc64le",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-rhel9@sha256:b76bf2f89b41f4f5a3fb696a3942f26eb1ffbdf5a0bc0d9611906dd1de177d16_amd64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-rhel9@sha256:d37ce4423a62897fa3ba2b59fe9bb3a4832088020ea089dd03b920a36179418f_s390x",
"9Base-OADP-1.4:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:37a60c31f57eb012097db76db3682d1c98936c581f64fda05fd705805b34327d_arm64",
"9Base-OADP-1.4:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:8d42dac3bdfb6f30bbbb62f83b9a3847c56ee405474b543e51619735e1b6dea4_ppc64le",
"9Base-OADP-1.4:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:aaf2bfc6b4a84f6b56592cfaa63552bea96ac5c8283f883b0f810a4c00b5f469_amd64",
"9Base-OADP-1.4:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:ebe2f773be55633f5d78274d9b85c253cd97257e227f20a12f20f27722c56885_s390x",
"9Base-OADP-1.4:oadp/oadp-velero-rhel9@sha256:489b4765e3f7f9da000be488e6ee755f9e930ce2e0d688c39677fc964cd1ae3a_ppc64le",
"9Base-OADP-1.4:oadp/oadp-velero-rhel9@sha256:6eb63751e7f228d3b91abd9927ca0fd84d73aa095bc76afd681340f85c36cd92_amd64",
"9Base-OADP-1.4:oadp/oadp-velero-rhel9@sha256:704acaaf95af349cb107ac6df2bfef5da3df3d5fc16f16c631b5e5f97492bcaf_s390x",
"9Base-OADP-1.4:oadp/oadp-velero-rhel9@sha256:8f28683c1b38621778de147f3f2329119f843e017d48a33de14fcadfc9f4384b_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"9Base-OADP-1.4:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:2bae3100587b970b7246ae28196982edc6b9dae145f4d8c812fc9d78bff20961_amd64",
"9Base-OADP-1.4:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:475a27e370e023af9fc2698ce9b14a97cd0302d27f2bc52dc680bb63a82eb707_s390x",
"9Base-OADP-1.4:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:e4699d011786df4d3b8481b0b79a41c6cf2450c28a96d983b506393734a24c3a_ppc64le",
"9Base-OADP-1.4:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:f78f207306aebfe90a9126218b77b64a088b68122f8805b5b69e47972e5d298a_arm64",
"9Base-OADP-1.4:oadp/oadp-mustgather-rhel9@sha256:41f32fb3b6f3c1ed7be1f2580dd0fcc861c8240c8470b4e0346e0ba5bbb512b5_s390x",
"9Base-OADP-1.4:oadp/oadp-mustgather-rhel9@sha256:a0dad19da75a825d5756e033590df8cdb5a6af0f55f906b9b1000d4c3adccd5a_amd64",
"9Base-OADP-1.4:oadp/oadp-mustgather-rhel9@sha256:abf07f4cad8f18537ccc2f162b25e11a5cae547c5f0db789f573ebc42a327041_arm64",
"9Base-OADP-1.4:oadp/oadp-mustgather-rhel9@sha256:d9bcac4f030c419292e13e517baf606514dece94182328e9f54058508a5138f1_ppc64le",
"9Base-OADP-1.4:oadp/oadp-operator-bundle@sha256:7317ed83242340597b5cdde8ee314606ddd563d0067ee85c12eb21037e2feb99_amd64",
"9Base-OADP-1.4:oadp/oadp-operator-bundle@sha256:7bbd1cb460a20aa568f543122ead86a7590827ed04166b82902cd68f60c67b4a_arm64",
"9Base-OADP-1.4:oadp/oadp-operator-bundle@sha256:c06a0dc726d75fbed4c5f0ed5beb1abafdc2f85997d9d0b1dab41775b7ffe07d_s390x",
"9Base-OADP-1.4:oadp/oadp-operator-bundle@sha256:f05c810e2b1c445a5d997826f423b6759c11b188dd8781af5908c085d082ceac_ppc64le",
"9Base-OADP-1.4:oadp/oadp-rhel9-operator@sha256:a695cf5140b0b109ede8c718c7b5b720fbe3f92c033f999506d78e2341c01203_ppc64le",
"9Base-OADP-1.4:oadp/oadp-rhel9-operator@sha256:a8b86cbc818be479fd560b85e129e917c2314c82070d39a0c1453d8f11631ec5_s390x",
"9Base-OADP-1.4:oadp/oadp-rhel9-operator@sha256:c64c81ccaa4d3ed1c2b333936b0a9aa111e4dde2de88af5780ebd83f3b29bad6_amd64",
"9Base-OADP-1.4:oadp/oadp-rhel9-operator@sha256:e4a7bd1b9aeae7350256a65fcb094cff2622e569ca8768df63d43682dff364d4_arm64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:2cdd8800ab19ff52a6682d3a6477c745b09224998dd4d7c5882111496ae8ec09_amd64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:36a22693fd6d1d2721f2f6d579bc638d51ae3648766cc57118f6956cd10aba36_arm64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:969922831941453a7d0c16bbe908b3b3596493134e68e771bd49ed9460f38bf1_ppc64le",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:e97dc347f843eab864efb81f939b425554e6db58cde788a942afd7b00ac470df_s390x",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:6ab225df2a249068ce7f22d909916ee94e58abcbae8662d4df3f0e93e4b97eed_arm64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:a654a342057e7f679a96a5f18069bf6568e9a9f59f9f1934bf02f346a73cfe25_ppc64le",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:d70161cdeb833ec007dfad5a7f1b1ff411a10fe054b9ede12f3d7879e201ee17_amd64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:d9cc11a9154a89f84d66874f773225b6ac2b9a3342bd4d15cbb2ee8639c5f05f_s390x",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:121c80f73d2739694de126801e5c9622584ddc61fad9d1953e56fc83439ce074_amd64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:1ead7c1b32cb4ff2ec3002142a2fa25dbde1cc99c9ab07742e06981055963716_ppc64le",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:9f7b3d93c79057eaefd036c8aa06f392487a73c1dde9a5bdecac73610b42461d_arm64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:cc1323f77941a5c0d4202ab96ca1643b6d06df4febf996de2ee82f43010e319c_s390x",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:18bfc85cc1a69536c266b0d168644406ccab9943aeb076a4e1a241655783a199_s390x",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:6c8c1cee0d702a5917c16decf62950adddc5ad4b629492b50a2d3c860dad14c2_ppc64le",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:7d22ecdc5faffcf9073c2b08178363820dc74d6fed62d0974bb3df309be573cb_amd64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:fb57f4b7e2df487e6a8d272168c88ccd2f9f9b4d06efe23cf271c900d84d66cc_arm64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-rhel9@sha256:6fb517f7cba99c4db682a9e71e4afce78f0f6b2b6fed6ee83ee39e3883af72d1_arm64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-rhel9@sha256:7c3889900001f080690330f619d8e509e7005363a984eeb47221359b91166674_ppc64le",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-rhel9@sha256:b76bf2f89b41f4f5a3fb696a3942f26eb1ffbdf5a0bc0d9611906dd1de177d16_amd64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-rhel9@sha256:d37ce4423a62897fa3ba2b59fe9bb3a4832088020ea089dd03b920a36179418f_s390x",
"9Base-OADP-1.4:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:37a60c31f57eb012097db76db3682d1c98936c581f64fda05fd705805b34327d_arm64",
"9Base-OADP-1.4:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:8d42dac3bdfb6f30bbbb62f83b9a3847c56ee405474b543e51619735e1b6dea4_ppc64le",
"9Base-OADP-1.4:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:aaf2bfc6b4a84f6b56592cfaa63552bea96ac5c8283f883b0f810a4c00b5f469_amd64",
"9Base-OADP-1.4:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:ebe2f773be55633f5d78274d9b85c253cd97257e227f20a12f20f27722c56885_s390x",
"9Base-OADP-1.4:oadp/oadp-velero-rhel9@sha256:489b4765e3f7f9da000be488e6ee755f9e930ce2e0d688c39677fc964cd1ae3a_ppc64le",
"9Base-OADP-1.4:oadp/oadp-velero-rhel9@sha256:6eb63751e7f228d3b91abd9927ca0fd84d73aa095bc76afd681340f85c36cd92_amd64",
"9Base-OADP-1.4:oadp/oadp-velero-rhel9@sha256:704acaaf95af349cb107ac6df2bfef5da3df3d5fc16f16c631b5e5f97492bcaf_s390x",
"9Base-OADP-1.4:oadp/oadp-velero-rhel9@sha256:8f28683c1b38621778de147f3f2329119f843e017d48a33de14fcadfc9f4384b_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "go-git: argument injection via the URL field"
},
{
"acknowledgments": [
{
"names": [
"jub0bs"
]
}
],
"cve": "CVE-2025-22868",
"cwe": {
"id": "CWE-1286",
"name": "Improper Validation of Syntactic Correctness of Input"
},
"discovery_date": "2025-02-26T04:00:44.350024+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-OADP-1.4:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:2bae3100587b970b7246ae28196982edc6b9dae145f4d8c812fc9d78bff20961_amd64",
"9Base-OADP-1.4:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:475a27e370e023af9fc2698ce9b14a97cd0302d27f2bc52dc680bb63a82eb707_s390x",
"9Base-OADP-1.4:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:e4699d011786df4d3b8481b0b79a41c6cf2450c28a96d983b506393734a24c3a_ppc64le",
"9Base-OADP-1.4:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:f78f207306aebfe90a9126218b77b64a088b68122f8805b5b69e47972e5d298a_arm64",
"9Base-OADP-1.4:oadp/oadp-operator-bundle@sha256:7317ed83242340597b5cdde8ee314606ddd563d0067ee85c12eb21037e2feb99_amd64",
"9Base-OADP-1.4:oadp/oadp-operator-bundle@sha256:7bbd1cb460a20aa568f543122ead86a7590827ed04166b82902cd68f60c67b4a_arm64",
"9Base-OADP-1.4:oadp/oadp-operator-bundle@sha256:c06a0dc726d75fbed4c5f0ed5beb1abafdc2f85997d9d0b1dab41775b7ffe07d_s390x",
"9Base-OADP-1.4:oadp/oadp-operator-bundle@sha256:f05c810e2b1c445a5d997826f423b6759c11b188dd8781af5908c085d082ceac_ppc64le",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:2cdd8800ab19ff52a6682d3a6477c745b09224998dd4d7c5882111496ae8ec09_amd64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:36a22693fd6d1d2721f2f6d579bc638d51ae3648766cc57118f6956cd10aba36_arm64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:969922831941453a7d0c16bbe908b3b3596493134e68e771bd49ed9460f38bf1_ppc64le",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:e97dc347f843eab864efb81f939b425554e6db58cde788a942afd7b00ac470df_s390x",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:121c80f73d2739694de126801e5c9622584ddc61fad9d1953e56fc83439ce074_amd64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:1ead7c1b32cb4ff2ec3002142a2fa25dbde1cc99c9ab07742e06981055963716_ppc64le",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:9f7b3d93c79057eaefd036c8aa06f392487a73c1dde9a5bdecac73610b42461d_arm64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:cc1323f77941a5c0d4202ab96ca1643b6d06df4febf996de2ee82f43010e319c_s390x",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:18bfc85cc1a69536c266b0d168644406ccab9943aeb076a4e1a241655783a199_s390x",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:6c8c1cee0d702a5917c16decf62950adddc5ad4b629492b50a2d3c860dad14c2_ppc64le",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:7d22ecdc5faffcf9073c2b08178363820dc74d6fed62d0974bb3df309be573cb_amd64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:fb57f4b7e2df487e6a8d272168c88ccd2f9f9b4d06efe23cf271c900d84d66cc_arm64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-rhel9@sha256:6fb517f7cba99c4db682a9e71e4afce78f0f6b2b6fed6ee83ee39e3883af72d1_arm64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-rhel9@sha256:7c3889900001f080690330f619d8e509e7005363a984eeb47221359b91166674_ppc64le",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-rhel9@sha256:b76bf2f89b41f4f5a3fb696a3942f26eb1ffbdf5a0bc0d9611906dd1de177d16_amd64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-rhel9@sha256:d37ce4423a62897fa3ba2b59fe9bb3a4832088020ea089dd03b920a36179418f_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2348366"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the `golang.org/x/oauth2/jws` package in the token parsing component. This vulnerability is made possible because of the use of `strings.Split(token, \".\")` to split JWT tokens, which can lead to excessive memory consumption when processing maliciously crafted tokens with a large number of `.` characters. An attacker could exploit this functionality by sending numerous malformed tokens and can trigger memory exhaustion and a Denial of Service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang.org/x/oauth2/jws: Unexpected memory consumption during token parsing in golang.org/x/oauth2/jws",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-OADP-1.4:oadp/oadp-mustgather-rhel9@sha256:41f32fb3b6f3c1ed7be1f2580dd0fcc861c8240c8470b4e0346e0ba5bbb512b5_s390x",
"9Base-OADP-1.4:oadp/oadp-mustgather-rhel9@sha256:a0dad19da75a825d5756e033590df8cdb5a6af0f55f906b9b1000d4c3adccd5a_amd64",
"9Base-OADP-1.4:oadp/oadp-mustgather-rhel9@sha256:abf07f4cad8f18537ccc2f162b25e11a5cae547c5f0db789f573ebc42a327041_arm64",
"9Base-OADP-1.4:oadp/oadp-mustgather-rhel9@sha256:d9bcac4f030c419292e13e517baf606514dece94182328e9f54058508a5138f1_ppc64le",
"9Base-OADP-1.4:oadp/oadp-rhel9-operator@sha256:a695cf5140b0b109ede8c718c7b5b720fbe3f92c033f999506d78e2341c01203_ppc64le",
"9Base-OADP-1.4:oadp/oadp-rhel9-operator@sha256:a8b86cbc818be479fd560b85e129e917c2314c82070d39a0c1453d8f11631ec5_s390x",
"9Base-OADP-1.4:oadp/oadp-rhel9-operator@sha256:c64c81ccaa4d3ed1c2b333936b0a9aa111e4dde2de88af5780ebd83f3b29bad6_amd64",
"9Base-OADP-1.4:oadp/oadp-rhel9-operator@sha256:e4a7bd1b9aeae7350256a65fcb094cff2622e569ca8768df63d43682dff364d4_arm64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:6ab225df2a249068ce7f22d909916ee94e58abcbae8662d4df3f0e93e4b97eed_arm64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:a654a342057e7f679a96a5f18069bf6568e9a9f59f9f1934bf02f346a73cfe25_ppc64le",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:d70161cdeb833ec007dfad5a7f1b1ff411a10fe054b9ede12f3d7879e201ee17_amd64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:d9cc11a9154a89f84d66874f773225b6ac2b9a3342bd4d15cbb2ee8639c5f05f_s390x",
"9Base-OADP-1.4:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:37a60c31f57eb012097db76db3682d1c98936c581f64fda05fd705805b34327d_arm64",
"9Base-OADP-1.4:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:8d42dac3bdfb6f30bbbb62f83b9a3847c56ee405474b543e51619735e1b6dea4_ppc64le",
"9Base-OADP-1.4:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:aaf2bfc6b4a84f6b56592cfaa63552bea96ac5c8283f883b0f810a4c00b5f469_amd64",
"9Base-OADP-1.4:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:ebe2f773be55633f5d78274d9b85c253cd97257e227f20a12f20f27722c56885_s390x",
"9Base-OADP-1.4:oadp/oadp-velero-rhel9@sha256:489b4765e3f7f9da000be488e6ee755f9e930ce2e0d688c39677fc964cd1ae3a_ppc64le",
"9Base-OADP-1.4:oadp/oadp-velero-rhel9@sha256:6eb63751e7f228d3b91abd9927ca0fd84d73aa095bc76afd681340f85c36cd92_amd64",
"9Base-OADP-1.4:oadp/oadp-velero-rhel9@sha256:704acaaf95af349cb107ac6df2bfef5da3df3d5fc16f16c631b5e5f97492bcaf_s390x",
"9Base-OADP-1.4:oadp/oadp-velero-rhel9@sha256:8f28683c1b38621778de147f3f2329119f843e017d48a33de14fcadfc9f4384b_arm64"
],
"known_not_affected": [
"9Base-OADP-1.4:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:2bae3100587b970b7246ae28196982edc6b9dae145f4d8c812fc9d78bff20961_amd64",
"9Base-OADP-1.4:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:475a27e370e023af9fc2698ce9b14a97cd0302d27f2bc52dc680bb63a82eb707_s390x",
"9Base-OADP-1.4:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:e4699d011786df4d3b8481b0b79a41c6cf2450c28a96d983b506393734a24c3a_ppc64le",
"9Base-OADP-1.4:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:f78f207306aebfe90a9126218b77b64a088b68122f8805b5b69e47972e5d298a_arm64",
"9Base-OADP-1.4:oadp/oadp-operator-bundle@sha256:7317ed83242340597b5cdde8ee314606ddd563d0067ee85c12eb21037e2feb99_amd64",
"9Base-OADP-1.4:oadp/oadp-operator-bundle@sha256:7bbd1cb460a20aa568f543122ead86a7590827ed04166b82902cd68f60c67b4a_arm64",
"9Base-OADP-1.4:oadp/oadp-operator-bundle@sha256:c06a0dc726d75fbed4c5f0ed5beb1abafdc2f85997d9d0b1dab41775b7ffe07d_s390x",
"9Base-OADP-1.4:oadp/oadp-operator-bundle@sha256:f05c810e2b1c445a5d997826f423b6759c11b188dd8781af5908c085d082ceac_ppc64le",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:2cdd8800ab19ff52a6682d3a6477c745b09224998dd4d7c5882111496ae8ec09_amd64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:36a22693fd6d1d2721f2f6d579bc638d51ae3648766cc57118f6956cd10aba36_arm64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:969922831941453a7d0c16bbe908b3b3596493134e68e771bd49ed9460f38bf1_ppc64le",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:e97dc347f843eab864efb81f939b425554e6db58cde788a942afd7b00ac470df_s390x",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:121c80f73d2739694de126801e5c9622584ddc61fad9d1953e56fc83439ce074_amd64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:1ead7c1b32cb4ff2ec3002142a2fa25dbde1cc99c9ab07742e06981055963716_ppc64le",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:9f7b3d93c79057eaefd036c8aa06f392487a73c1dde9a5bdecac73610b42461d_arm64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:cc1323f77941a5c0d4202ab96ca1643b6d06df4febf996de2ee82f43010e319c_s390x",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:18bfc85cc1a69536c266b0d168644406ccab9943aeb076a4e1a241655783a199_s390x",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:6c8c1cee0d702a5917c16decf62950adddc5ad4b629492b50a2d3c860dad14c2_ppc64le",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:7d22ecdc5faffcf9073c2b08178363820dc74d6fed62d0974bb3df309be573cb_amd64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:fb57f4b7e2df487e6a8d272168c88ccd2f9f9b4d06efe23cf271c900d84d66cc_arm64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-rhel9@sha256:6fb517f7cba99c4db682a9e71e4afce78f0f6b2b6fed6ee83ee39e3883af72d1_arm64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-rhel9@sha256:7c3889900001f080690330f619d8e509e7005363a984eeb47221359b91166674_ppc64le",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-rhel9@sha256:b76bf2f89b41f4f5a3fb696a3942f26eb1ffbdf5a0bc0d9611906dd1de177d16_amd64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-rhel9@sha256:d37ce4423a62897fa3ba2b59fe9bb3a4832088020ea089dd03b920a36179418f_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-22868"
},
{
"category": "external",
"summary": "RHBZ#2348366",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2348366"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-22868",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22868"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-22868",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-22868"
},
{
"category": "external",
"summary": "https://go.dev/cl/652155",
"url": "https://go.dev/cl/652155"
},
{
"category": "external",
"summary": "https://go.dev/issue/71490",
"url": "https://go.dev/issue/71490"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2025-3488",
"url": "https://pkg.go.dev/vuln/GO-2025-3488"
}
],
"release_date": "2025-02-26T03:07:49.012000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-07-18T15:51:18+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-OADP-1.4:oadp/oadp-mustgather-rhel9@sha256:41f32fb3b6f3c1ed7be1f2580dd0fcc861c8240c8470b4e0346e0ba5bbb512b5_s390x",
"9Base-OADP-1.4:oadp/oadp-mustgather-rhel9@sha256:a0dad19da75a825d5756e033590df8cdb5a6af0f55f906b9b1000d4c3adccd5a_amd64",
"9Base-OADP-1.4:oadp/oadp-mustgather-rhel9@sha256:abf07f4cad8f18537ccc2f162b25e11a5cae547c5f0db789f573ebc42a327041_arm64",
"9Base-OADP-1.4:oadp/oadp-mustgather-rhel9@sha256:d9bcac4f030c419292e13e517baf606514dece94182328e9f54058508a5138f1_ppc64le",
"9Base-OADP-1.4:oadp/oadp-rhel9-operator@sha256:a695cf5140b0b109ede8c718c7b5b720fbe3f92c033f999506d78e2341c01203_ppc64le",
"9Base-OADP-1.4:oadp/oadp-rhel9-operator@sha256:a8b86cbc818be479fd560b85e129e917c2314c82070d39a0c1453d8f11631ec5_s390x",
"9Base-OADP-1.4:oadp/oadp-rhel9-operator@sha256:c64c81ccaa4d3ed1c2b333936b0a9aa111e4dde2de88af5780ebd83f3b29bad6_amd64",
"9Base-OADP-1.4:oadp/oadp-rhel9-operator@sha256:e4a7bd1b9aeae7350256a65fcb094cff2622e569ca8768df63d43682dff364d4_arm64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:6ab225df2a249068ce7f22d909916ee94e58abcbae8662d4df3f0e93e4b97eed_arm64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:a654a342057e7f679a96a5f18069bf6568e9a9f59f9f1934bf02f346a73cfe25_ppc64le",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:d70161cdeb833ec007dfad5a7f1b1ff411a10fe054b9ede12f3d7879e201ee17_amd64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:d9cc11a9154a89f84d66874f773225b6ac2b9a3342bd4d15cbb2ee8639c5f05f_s390x",
"9Base-OADP-1.4:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:37a60c31f57eb012097db76db3682d1c98936c581f64fda05fd705805b34327d_arm64",
"9Base-OADP-1.4:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:8d42dac3bdfb6f30bbbb62f83b9a3847c56ee405474b543e51619735e1b6dea4_ppc64le",
"9Base-OADP-1.4:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:aaf2bfc6b4a84f6b56592cfaa63552bea96ac5c8283f883b0f810a4c00b5f469_amd64",
"9Base-OADP-1.4:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:ebe2f773be55633f5d78274d9b85c253cd97257e227f20a12f20f27722c56885_s390x",
"9Base-OADP-1.4:oadp/oadp-velero-rhel9@sha256:489b4765e3f7f9da000be488e6ee755f9e930ce2e0d688c39677fc964cd1ae3a_ppc64le",
"9Base-OADP-1.4:oadp/oadp-velero-rhel9@sha256:6eb63751e7f228d3b91abd9927ca0fd84d73aa095bc76afd681340f85c36cd92_amd64",
"9Base-OADP-1.4:oadp/oadp-velero-rhel9@sha256:704acaaf95af349cb107ac6df2bfef5da3df3d5fc16f16c631b5e5f97492bcaf_s390x",
"9Base-OADP-1.4:oadp/oadp-velero-rhel9@sha256:8f28683c1b38621778de147f3f2329119f843e017d48a33de14fcadfc9f4384b_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:11396"
},
{
"category": "workaround",
"details": "To mitigate this vulnerability, it is recommended to pre-validate any payloads passed to `go-jose` to check that they do not contain an excessive amount of `.` characters.",
"product_ids": [
"9Base-OADP-1.4:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:2bae3100587b970b7246ae28196982edc6b9dae145f4d8c812fc9d78bff20961_amd64",
"9Base-OADP-1.4:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:475a27e370e023af9fc2698ce9b14a97cd0302d27f2bc52dc680bb63a82eb707_s390x",
"9Base-OADP-1.4:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:e4699d011786df4d3b8481b0b79a41c6cf2450c28a96d983b506393734a24c3a_ppc64le",
"9Base-OADP-1.4:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:f78f207306aebfe90a9126218b77b64a088b68122f8805b5b69e47972e5d298a_arm64",
"9Base-OADP-1.4:oadp/oadp-mustgather-rhel9@sha256:41f32fb3b6f3c1ed7be1f2580dd0fcc861c8240c8470b4e0346e0ba5bbb512b5_s390x",
"9Base-OADP-1.4:oadp/oadp-mustgather-rhel9@sha256:a0dad19da75a825d5756e033590df8cdb5a6af0f55f906b9b1000d4c3adccd5a_amd64",
"9Base-OADP-1.4:oadp/oadp-mustgather-rhel9@sha256:abf07f4cad8f18537ccc2f162b25e11a5cae547c5f0db789f573ebc42a327041_arm64",
"9Base-OADP-1.4:oadp/oadp-mustgather-rhel9@sha256:d9bcac4f030c419292e13e517baf606514dece94182328e9f54058508a5138f1_ppc64le",
"9Base-OADP-1.4:oadp/oadp-operator-bundle@sha256:7317ed83242340597b5cdde8ee314606ddd563d0067ee85c12eb21037e2feb99_amd64",
"9Base-OADP-1.4:oadp/oadp-operator-bundle@sha256:7bbd1cb460a20aa568f543122ead86a7590827ed04166b82902cd68f60c67b4a_arm64",
"9Base-OADP-1.4:oadp/oadp-operator-bundle@sha256:c06a0dc726d75fbed4c5f0ed5beb1abafdc2f85997d9d0b1dab41775b7ffe07d_s390x",
"9Base-OADP-1.4:oadp/oadp-operator-bundle@sha256:f05c810e2b1c445a5d997826f423b6759c11b188dd8781af5908c085d082ceac_ppc64le",
"9Base-OADP-1.4:oadp/oadp-rhel9-operator@sha256:a695cf5140b0b109ede8c718c7b5b720fbe3f92c033f999506d78e2341c01203_ppc64le",
"9Base-OADP-1.4:oadp/oadp-rhel9-operator@sha256:a8b86cbc818be479fd560b85e129e917c2314c82070d39a0c1453d8f11631ec5_s390x",
"9Base-OADP-1.4:oadp/oadp-rhel9-operator@sha256:c64c81ccaa4d3ed1c2b333936b0a9aa111e4dde2de88af5780ebd83f3b29bad6_amd64",
"9Base-OADP-1.4:oadp/oadp-rhel9-operator@sha256:e4a7bd1b9aeae7350256a65fcb094cff2622e569ca8768df63d43682dff364d4_arm64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:2cdd8800ab19ff52a6682d3a6477c745b09224998dd4d7c5882111496ae8ec09_amd64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:36a22693fd6d1d2721f2f6d579bc638d51ae3648766cc57118f6956cd10aba36_arm64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:969922831941453a7d0c16bbe908b3b3596493134e68e771bd49ed9460f38bf1_ppc64le",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:e97dc347f843eab864efb81f939b425554e6db58cde788a942afd7b00ac470df_s390x",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:6ab225df2a249068ce7f22d909916ee94e58abcbae8662d4df3f0e93e4b97eed_arm64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:a654a342057e7f679a96a5f18069bf6568e9a9f59f9f1934bf02f346a73cfe25_ppc64le",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:d70161cdeb833ec007dfad5a7f1b1ff411a10fe054b9ede12f3d7879e201ee17_amd64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:d9cc11a9154a89f84d66874f773225b6ac2b9a3342bd4d15cbb2ee8639c5f05f_s390x",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:121c80f73d2739694de126801e5c9622584ddc61fad9d1953e56fc83439ce074_amd64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:1ead7c1b32cb4ff2ec3002142a2fa25dbde1cc99c9ab07742e06981055963716_ppc64le",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:9f7b3d93c79057eaefd036c8aa06f392487a73c1dde9a5bdecac73610b42461d_arm64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:cc1323f77941a5c0d4202ab96ca1643b6d06df4febf996de2ee82f43010e319c_s390x",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:18bfc85cc1a69536c266b0d168644406ccab9943aeb076a4e1a241655783a199_s390x",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:6c8c1cee0d702a5917c16decf62950adddc5ad4b629492b50a2d3c860dad14c2_ppc64le",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:7d22ecdc5faffcf9073c2b08178363820dc74d6fed62d0974bb3df309be573cb_amd64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:fb57f4b7e2df487e6a8d272168c88ccd2f9f9b4d06efe23cf271c900d84d66cc_arm64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-rhel9@sha256:6fb517f7cba99c4db682a9e71e4afce78f0f6b2b6fed6ee83ee39e3883af72d1_arm64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-rhel9@sha256:7c3889900001f080690330f619d8e509e7005363a984eeb47221359b91166674_ppc64le",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-rhel9@sha256:b76bf2f89b41f4f5a3fb696a3942f26eb1ffbdf5a0bc0d9611906dd1de177d16_amd64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-rhel9@sha256:d37ce4423a62897fa3ba2b59fe9bb3a4832088020ea089dd03b920a36179418f_s390x",
"9Base-OADP-1.4:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:37a60c31f57eb012097db76db3682d1c98936c581f64fda05fd705805b34327d_arm64",
"9Base-OADP-1.4:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:8d42dac3bdfb6f30bbbb62f83b9a3847c56ee405474b543e51619735e1b6dea4_ppc64le",
"9Base-OADP-1.4:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:aaf2bfc6b4a84f6b56592cfaa63552bea96ac5c8283f883b0f810a4c00b5f469_amd64",
"9Base-OADP-1.4:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:ebe2f773be55633f5d78274d9b85c253cd97257e227f20a12f20f27722c56885_s390x",
"9Base-OADP-1.4:oadp/oadp-velero-rhel9@sha256:489b4765e3f7f9da000be488e6ee755f9e930ce2e0d688c39677fc964cd1ae3a_ppc64le",
"9Base-OADP-1.4:oadp/oadp-velero-rhel9@sha256:6eb63751e7f228d3b91abd9927ca0fd84d73aa095bc76afd681340f85c36cd92_amd64",
"9Base-OADP-1.4:oadp/oadp-velero-rhel9@sha256:704acaaf95af349cb107ac6df2bfef5da3df3d5fc16f16c631b5e5f97492bcaf_s390x",
"9Base-OADP-1.4:oadp/oadp-velero-rhel9@sha256:8f28683c1b38621778de147f3f2329119f843e017d48a33de14fcadfc9f4384b_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-OADP-1.4:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:2bae3100587b970b7246ae28196982edc6b9dae145f4d8c812fc9d78bff20961_amd64",
"9Base-OADP-1.4:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:475a27e370e023af9fc2698ce9b14a97cd0302d27f2bc52dc680bb63a82eb707_s390x",
"9Base-OADP-1.4:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:e4699d011786df4d3b8481b0b79a41c6cf2450c28a96d983b506393734a24c3a_ppc64le",
"9Base-OADP-1.4:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:f78f207306aebfe90a9126218b77b64a088b68122f8805b5b69e47972e5d298a_arm64",
"9Base-OADP-1.4:oadp/oadp-mustgather-rhel9@sha256:41f32fb3b6f3c1ed7be1f2580dd0fcc861c8240c8470b4e0346e0ba5bbb512b5_s390x",
"9Base-OADP-1.4:oadp/oadp-mustgather-rhel9@sha256:a0dad19da75a825d5756e033590df8cdb5a6af0f55f906b9b1000d4c3adccd5a_amd64",
"9Base-OADP-1.4:oadp/oadp-mustgather-rhel9@sha256:abf07f4cad8f18537ccc2f162b25e11a5cae547c5f0db789f573ebc42a327041_arm64",
"9Base-OADP-1.4:oadp/oadp-mustgather-rhel9@sha256:d9bcac4f030c419292e13e517baf606514dece94182328e9f54058508a5138f1_ppc64le",
"9Base-OADP-1.4:oadp/oadp-operator-bundle@sha256:7317ed83242340597b5cdde8ee314606ddd563d0067ee85c12eb21037e2feb99_amd64",
"9Base-OADP-1.4:oadp/oadp-operator-bundle@sha256:7bbd1cb460a20aa568f543122ead86a7590827ed04166b82902cd68f60c67b4a_arm64",
"9Base-OADP-1.4:oadp/oadp-operator-bundle@sha256:c06a0dc726d75fbed4c5f0ed5beb1abafdc2f85997d9d0b1dab41775b7ffe07d_s390x",
"9Base-OADP-1.4:oadp/oadp-operator-bundle@sha256:f05c810e2b1c445a5d997826f423b6759c11b188dd8781af5908c085d082ceac_ppc64le",
"9Base-OADP-1.4:oadp/oadp-rhel9-operator@sha256:a695cf5140b0b109ede8c718c7b5b720fbe3f92c033f999506d78e2341c01203_ppc64le",
"9Base-OADP-1.4:oadp/oadp-rhel9-operator@sha256:a8b86cbc818be479fd560b85e129e917c2314c82070d39a0c1453d8f11631ec5_s390x",
"9Base-OADP-1.4:oadp/oadp-rhel9-operator@sha256:c64c81ccaa4d3ed1c2b333936b0a9aa111e4dde2de88af5780ebd83f3b29bad6_amd64",
"9Base-OADP-1.4:oadp/oadp-rhel9-operator@sha256:e4a7bd1b9aeae7350256a65fcb094cff2622e569ca8768df63d43682dff364d4_arm64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:2cdd8800ab19ff52a6682d3a6477c745b09224998dd4d7c5882111496ae8ec09_amd64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:36a22693fd6d1d2721f2f6d579bc638d51ae3648766cc57118f6956cd10aba36_arm64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:969922831941453a7d0c16bbe908b3b3596493134e68e771bd49ed9460f38bf1_ppc64le",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:e97dc347f843eab864efb81f939b425554e6db58cde788a942afd7b00ac470df_s390x",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:6ab225df2a249068ce7f22d909916ee94e58abcbae8662d4df3f0e93e4b97eed_arm64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:a654a342057e7f679a96a5f18069bf6568e9a9f59f9f1934bf02f346a73cfe25_ppc64le",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:d70161cdeb833ec007dfad5a7f1b1ff411a10fe054b9ede12f3d7879e201ee17_amd64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:d9cc11a9154a89f84d66874f773225b6ac2b9a3342bd4d15cbb2ee8639c5f05f_s390x",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:121c80f73d2739694de126801e5c9622584ddc61fad9d1953e56fc83439ce074_amd64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:1ead7c1b32cb4ff2ec3002142a2fa25dbde1cc99c9ab07742e06981055963716_ppc64le",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:9f7b3d93c79057eaefd036c8aa06f392487a73c1dde9a5bdecac73610b42461d_arm64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:cc1323f77941a5c0d4202ab96ca1643b6d06df4febf996de2ee82f43010e319c_s390x",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:18bfc85cc1a69536c266b0d168644406ccab9943aeb076a4e1a241655783a199_s390x",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:6c8c1cee0d702a5917c16decf62950adddc5ad4b629492b50a2d3c860dad14c2_ppc64le",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:7d22ecdc5faffcf9073c2b08178363820dc74d6fed62d0974bb3df309be573cb_amd64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:fb57f4b7e2df487e6a8d272168c88ccd2f9f9b4d06efe23cf271c900d84d66cc_arm64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-rhel9@sha256:6fb517f7cba99c4db682a9e71e4afce78f0f6b2b6fed6ee83ee39e3883af72d1_arm64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-rhel9@sha256:7c3889900001f080690330f619d8e509e7005363a984eeb47221359b91166674_ppc64le",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-rhel9@sha256:b76bf2f89b41f4f5a3fb696a3942f26eb1ffbdf5a0bc0d9611906dd1de177d16_amd64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-rhel9@sha256:d37ce4423a62897fa3ba2b59fe9bb3a4832088020ea089dd03b920a36179418f_s390x",
"9Base-OADP-1.4:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:37a60c31f57eb012097db76db3682d1c98936c581f64fda05fd705805b34327d_arm64",
"9Base-OADP-1.4:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:8d42dac3bdfb6f30bbbb62f83b9a3847c56ee405474b543e51619735e1b6dea4_ppc64le",
"9Base-OADP-1.4:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:aaf2bfc6b4a84f6b56592cfaa63552bea96ac5c8283f883b0f810a4c00b5f469_amd64",
"9Base-OADP-1.4:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:ebe2f773be55633f5d78274d9b85c253cd97257e227f20a12f20f27722c56885_s390x",
"9Base-OADP-1.4:oadp/oadp-velero-rhel9@sha256:489b4765e3f7f9da000be488e6ee755f9e930ce2e0d688c39677fc964cd1ae3a_ppc64le",
"9Base-OADP-1.4:oadp/oadp-velero-rhel9@sha256:6eb63751e7f228d3b91abd9927ca0fd84d73aa095bc76afd681340f85c36cd92_amd64",
"9Base-OADP-1.4:oadp/oadp-velero-rhel9@sha256:704acaaf95af349cb107ac6df2bfef5da3df3d5fc16f16c631b5e5f97492bcaf_s390x",
"9Base-OADP-1.4:oadp/oadp-velero-rhel9@sha256:8f28683c1b38621778de147f3f2329119f843e017d48a33de14fcadfc9f4384b_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang.org/x/oauth2/jws: Unexpected memory consumption during token parsing in golang.org/x/oauth2/jws"
},
{
"cve": "CVE-2025-22869",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2025-02-26T04:00:47.683125+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-OADP-1.4:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:2bae3100587b970b7246ae28196982edc6b9dae145f4d8c812fc9d78bff20961_amd64",
"9Base-OADP-1.4:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:475a27e370e023af9fc2698ce9b14a97cd0302d27f2bc52dc680bb63a82eb707_s390x",
"9Base-OADP-1.4:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:e4699d011786df4d3b8481b0b79a41c6cf2450c28a96d983b506393734a24c3a_ppc64le",
"9Base-OADP-1.4:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:f78f207306aebfe90a9126218b77b64a088b68122f8805b5b69e47972e5d298a_arm64",
"9Base-OADP-1.4:oadp/oadp-operator-bundle@sha256:7317ed83242340597b5cdde8ee314606ddd563d0067ee85c12eb21037e2feb99_amd64",
"9Base-OADP-1.4:oadp/oadp-operator-bundle@sha256:7bbd1cb460a20aa568f543122ead86a7590827ed04166b82902cd68f60c67b4a_arm64",
"9Base-OADP-1.4:oadp/oadp-operator-bundle@sha256:c06a0dc726d75fbed4c5f0ed5beb1abafdc2f85997d9d0b1dab41775b7ffe07d_s390x",
"9Base-OADP-1.4:oadp/oadp-operator-bundle@sha256:f05c810e2b1c445a5d997826f423b6759c11b188dd8781af5908c085d082ceac_ppc64le",
"9Base-OADP-1.4:oadp/oadp-rhel9-operator@sha256:a695cf5140b0b109ede8c718c7b5b720fbe3f92c033f999506d78e2341c01203_ppc64le",
"9Base-OADP-1.4:oadp/oadp-rhel9-operator@sha256:a8b86cbc818be479fd560b85e129e917c2314c82070d39a0c1453d8f11631ec5_s390x",
"9Base-OADP-1.4:oadp/oadp-rhel9-operator@sha256:c64c81ccaa4d3ed1c2b333936b0a9aa111e4dde2de88af5780ebd83f3b29bad6_amd64",
"9Base-OADP-1.4:oadp/oadp-rhel9-operator@sha256:e4a7bd1b9aeae7350256a65fcb094cff2622e569ca8768df63d43682dff364d4_arm64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:2cdd8800ab19ff52a6682d3a6477c745b09224998dd4d7c5882111496ae8ec09_amd64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:36a22693fd6d1d2721f2f6d579bc638d51ae3648766cc57118f6956cd10aba36_arm64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:969922831941453a7d0c16bbe908b3b3596493134e68e771bd49ed9460f38bf1_ppc64le",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:e97dc347f843eab864efb81f939b425554e6db58cde788a942afd7b00ac470df_s390x",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:6ab225df2a249068ce7f22d909916ee94e58abcbae8662d4df3f0e93e4b97eed_arm64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:a654a342057e7f679a96a5f18069bf6568e9a9f59f9f1934bf02f346a73cfe25_ppc64le",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:d70161cdeb833ec007dfad5a7f1b1ff411a10fe054b9ede12f3d7879e201ee17_amd64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:d9cc11a9154a89f84d66874f773225b6ac2b9a3342bd4d15cbb2ee8639c5f05f_s390x",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:121c80f73d2739694de126801e5c9622584ddc61fad9d1953e56fc83439ce074_amd64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:1ead7c1b32cb4ff2ec3002142a2fa25dbde1cc99c9ab07742e06981055963716_ppc64le",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:9f7b3d93c79057eaefd036c8aa06f392487a73c1dde9a5bdecac73610b42461d_arm64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:cc1323f77941a5c0d4202ab96ca1643b6d06df4febf996de2ee82f43010e319c_s390x",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:18bfc85cc1a69536c266b0d168644406ccab9943aeb076a4e1a241655783a199_s390x",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:6c8c1cee0d702a5917c16decf62950adddc5ad4b629492b50a2d3c860dad14c2_ppc64le",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:7d22ecdc5faffcf9073c2b08178363820dc74d6fed62d0974bb3df309be573cb_amd64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:fb57f4b7e2df487e6a8d272168c88ccd2f9f9b4d06efe23cf271c900d84d66cc_arm64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-rhel9@sha256:6fb517f7cba99c4db682a9e71e4afce78f0f6b2b6fed6ee83ee39e3883af72d1_arm64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-rhel9@sha256:7c3889900001f080690330f619d8e509e7005363a984eeb47221359b91166674_ppc64le",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-rhel9@sha256:b76bf2f89b41f4f5a3fb696a3942f26eb1ffbdf5a0bc0d9611906dd1de177d16_amd64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-rhel9@sha256:d37ce4423a62897fa3ba2b59fe9bb3a4832088020ea089dd03b920a36179418f_s390x",
"9Base-OADP-1.4:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:37a60c31f57eb012097db76db3682d1c98936c581f64fda05fd705805b34327d_arm64",
"9Base-OADP-1.4:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:8d42dac3bdfb6f30bbbb62f83b9a3847c56ee405474b543e51619735e1b6dea4_ppc64le",
"9Base-OADP-1.4:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:aaf2bfc6b4a84f6b56592cfaa63552bea96ac5c8283f883b0f810a4c00b5f469_amd64",
"9Base-OADP-1.4:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:ebe2f773be55633f5d78274d9b85c253cd97257e227f20a12f20f27722c56885_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2348367"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the golang.org/x/crypto/ssh package. SSH clients and servers are vulnerable to increased resource consumption, possibly leading to memory exhaustion and a DoS. This can occur during key exchange when the other party is slow to respond during key exchange.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang.org/x/crypto/ssh: Denial of Service in the Key Exchange of golang.org/x/crypto/ssh",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "While this flaw affects both SSH clients and servers implemented with golang.org/x/crypto/ssh, realistically the flaw will only lead to a DoS when transferring large files, greatly reducing the likelihood of exploitation.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-OADP-1.4:oadp/oadp-mustgather-rhel9@sha256:41f32fb3b6f3c1ed7be1f2580dd0fcc861c8240c8470b4e0346e0ba5bbb512b5_s390x",
"9Base-OADP-1.4:oadp/oadp-mustgather-rhel9@sha256:a0dad19da75a825d5756e033590df8cdb5a6af0f55f906b9b1000d4c3adccd5a_amd64",
"9Base-OADP-1.4:oadp/oadp-mustgather-rhel9@sha256:abf07f4cad8f18537ccc2f162b25e11a5cae547c5f0db789f573ebc42a327041_arm64",
"9Base-OADP-1.4:oadp/oadp-mustgather-rhel9@sha256:d9bcac4f030c419292e13e517baf606514dece94182328e9f54058508a5138f1_ppc64le",
"9Base-OADP-1.4:oadp/oadp-velero-rhel9@sha256:489b4765e3f7f9da000be488e6ee755f9e930ce2e0d688c39677fc964cd1ae3a_ppc64le",
"9Base-OADP-1.4:oadp/oadp-velero-rhel9@sha256:6eb63751e7f228d3b91abd9927ca0fd84d73aa095bc76afd681340f85c36cd92_amd64",
"9Base-OADP-1.4:oadp/oadp-velero-rhel9@sha256:704acaaf95af349cb107ac6df2bfef5da3df3d5fc16f16c631b5e5f97492bcaf_s390x",
"9Base-OADP-1.4:oadp/oadp-velero-rhel9@sha256:8f28683c1b38621778de147f3f2329119f843e017d48a33de14fcadfc9f4384b_arm64"
],
"known_not_affected": [
"9Base-OADP-1.4:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:2bae3100587b970b7246ae28196982edc6b9dae145f4d8c812fc9d78bff20961_amd64",
"9Base-OADP-1.4:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:475a27e370e023af9fc2698ce9b14a97cd0302d27f2bc52dc680bb63a82eb707_s390x",
"9Base-OADP-1.4:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:e4699d011786df4d3b8481b0b79a41c6cf2450c28a96d983b506393734a24c3a_ppc64le",
"9Base-OADP-1.4:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:f78f207306aebfe90a9126218b77b64a088b68122f8805b5b69e47972e5d298a_arm64",
"9Base-OADP-1.4:oadp/oadp-operator-bundle@sha256:7317ed83242340597b5cdde8ee314606ddd563d0067ee85c12eb21037e2feb99_amd64",
"9Base-OADP-1.4:oadp/oadp-operator-bundle@sha256:7bbd1cb460a20aa568f543122ead86a7590827ed04166b82902cd68f60c67b4a_arm64",
"9Base-OADP-1.4:oadp/oadp-operator-bundle@sha256:c06a0dc726d75fbed4c5f0ed5beb1abafdc2f85997d9d0b1dab41775b7ffe07d_s390x",
"9Base-OADP-1.4:oadp/oadp-operator-bundle@sha256:f05c810e2b1c445a5d997826f423b6759c11b188dd8781af5908c085d082ceac_ppc64le",
"9Base-OADP-1.4:oadp/oadp-rhel9-operator@sha256:a695cf5140b0b109ede8c718c7b5b720fbe3f92c033f999506d78e2341c01203_ppc64le",
"9Base-OADP-1.4:oadp/oadp-rhel9-operator@sha256:a8b86cbc818be479fd560b85e129e917c2314c82070d39a0c1453d8f11631ec5_s390x",
"9Base-OADP-1.4:oadp/oadp-rhel9-operator@sha256:c64c81ccaa4d3ed1c2b333936b0a9aa111e4dde2de88af5780ebd83f3b29bad6_amd64",
"9Base-OADP-1.4:oadp/oadp-rhel9-operator@sha256:e4a7bd1b9aeae7350256a65fcb094cff2622e569ca8768df63d43682dff364d4_arm64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:2cdd8800ab19ff52a6682d3a6477c745b09224998dd4d7c5882111496ae8ec09_amd64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:36a22693fd6d1d2721f2f6d579bc638d51ae3648766cc57118f6956cd10aba36_arm64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:969922831941453a7d0c16bbe908b3b3596493134e68e771bd49ed9460f38bf1_ppc64le",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:e97dc347f843eab864efb81f939b425554e6db58cde788a942afd7b00ac470df_s390x",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:6ab225df2a249068ce7f22d909916ee94e58abcbae8662d4df3f0e93e4b97eed_arm64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:a654a342057e7f679a96a5f18069bf6568e9a9f59f9f1934bf02f346a73cfe25_ppc64le",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:d70161cdeb833ec007dfad5a7f1b1ff411a10fe054b9ede12f3d7879e201ee17_amd64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:d9cc11a9154a89f84d66874f773225b6ac2b9a3342bd4d15cbb2ee8639c5f05f_s390x",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:121c80f73d2739694de126801e5c9622584ddc61fad9d1953e56fc83439ce074_amd64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:1ead7c1b32cb4ff2ec3002142a2fa25dbde1cc99c9ab07742e06981055963716_ppc64le",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:9f7b3d93c79057eaefd036c8aa06f392487a73c1dde9a5bdecac73610b42461d_arm64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:cc1323f77941a5c0d4202ab96ca1643b6d06df4febf996de2ee82f43010e319c_s390x",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:18bfc85cc1a69536c266b0d168644406ccab9943aeb076a4e1a241655783a199_s390x",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:6c8c1cee0d702a5917c16decf62950adddc5ad4b629492b50a2d3c860dad14c2_ppc64le",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:7d22ecdc5faffcf9073c2b08178363820dc74d6fed62d0974bb3df309be573cb_amd64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:fb57f4b7e2df487e6a8d272168c88ccd2f9f9b4d06efe23cf271c900d84d66cc_arm64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-rhel9@sha256:6fb517f7cba99c4db682a9e71e4afce78f0f6b2b6fed6ee83ee39e3883af72d1_arm64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-rhel9@sha256:7c3889900001f080690330f619d8e509e7005363a984eeb47221359b91166674_ppc64le",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-rhel9@sha256:b76bf2f89b41f4f5a3fb696a3942f26eb1ffbdf5a0bc0d9611906dd1de177d16_amd64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-rhel9@sha256:d37ce4423a62897fa3ba2b59fe9bb3a4832088020ea089dd03b920a36179418f_s390x",
"9Base-OADP-1.4:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:37a60c31f57eb012097db76db3682d1c98936c581f64fda05fd705805b34327d_arm64",
"9Base-OADP-1.4:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:8d42dac3bdfb6f30bbbb62f83b9a3847c56ee405474b543e51619735e1b6dea4_ppc64le",
"9Base-OADP-1.4:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:aaf2bfc6b4a84f6b56592cfaa63552bea96ac5c8283f883b0f810a4c00b5f469_amd64",
"9Base-OADP-1.4:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:ebe2f773be55633f5d78274d9b85c253cd97257e227f20a12f20f27722c56885_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-22869"
},
{
"category": "external",
"summary": "RHBZ#2348367",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2348367"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-22869",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22869"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-22869",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-22869"
},
{
"category": "external",
"summary": "https://go.dev/cl/652135",
"url": "https://go.dev/cl/652135"
},
{
"category": "external",
"summary": "https://go.dev/issue/71931",
"url": "https://go.dev/issue/71931"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2025-3487",
"url": "https://pkg.go.dev/vuln/GO-2025-3487"
}
],
"release_date": "2025-02-26T03:07:48.855000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-07-18T15:51:18+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-OADP-1.4:oadp/oadp-mustgather-rhel9@sha256:41f32fb3b6f3c1ed7be1f2580dd0fcc861c8240c8470b4e0346e0ba5bbb512b5_s390x",
"9Base-OADP-1.4:oadp/oadp-mustgather-rhel9@sha256:a0dad19da75a825d5756e033590df8cdb5a6af0f55f906b9b1000d4c3adccd5a_amd64",
"9Base-OADP-1.4:oadp/oadp-mustgather-rhel9@sha256:abf07f4cad8f18537ccc2f162b25e11a5cae547c5f0db789f573ebc42a327041_arm64",
"9Base-OADP-1.4:oadp/oadp-mustgather-rhel9@sha256:d9bcac4f030c419292e13e517baf606514dece94182328e9f54058508a5138f1_ppc64le",
"9Base-OADP-1.4:oadp/oadp-velero-rhel9@sha256:489b4765e3f7f9da000be488e6ee755f9e930ce2e0d688c39677fc964cd1ae3a_ppc64le",
"9Base-OADP-1.4:oadp/oadp-velero-rhel9@sha256:6eb63751e7f228d3b91abd9927ca0fd84d73aa095bc76afd681340f85c36cd92_amd64",
"9Base-OADP-1.4:oadp/oadp-velero-rhel9@sha256:704acaaf95af349cb107ac6df2bfef5da3df3d5fc16f16c631b5e5f97492bcaf_s390x",
"9Base-OADP-1.4:oadp/oadp-velero-rhel9@sha256:8f28683c1b38621778de147f3f2329119f843e017d48a33de14fcadfc9f4384b_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:11396"
},
{
"category": "workaround",
"details": "This flaw can be mitigated when using the client only connecting to trusted servers.",
"product_ids": [
"9Base-OADP-1.4:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:2bae3100587b970b7246ae28196982edc6b9dae145f4d8c812fc9d78bff20961_amd64",
"9Base-OADP-1.4:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:475a27e370e023af9fc2698ce9b14a97cd0302d27f2bc52dc680bb63a82eb707_s390x",
"9Base-OADP-1.4:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:e4699d011786df4d3b8481b0b79a41c6cf2450c28a96d983b506393734a24c3a_ppc64le",
"9Base-OADP-1.4:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:f78f207306aebfe90a9126218b77b64a088b68122f8805b5b69e47972e5d298a_arm64",
"9Base-OADP-1.4:oadp/oadp-mustgather-rhel9@sha256:41f32fb3b6f3c1ed7be1f2580dd0fcc861c8240c8470b4e0346e0ba5bbb512b5_s390x",
"9Base-OADP-1.4:oadp/oadp-mustgather-rhel9@sha256:a0dad19da75a825d5756e033590df8cdb5a6af0f55f906b9b1000d4c3adccd5a_amd64",
"9Base-OADP-1.4:oadp/oadp-mustgather-rhel9@sha256:abf07f4cad8f18537ccc2f162b25e11a5cae547c5f0db789f573ebc42a327041_arm64",
"9Base-OADP-1.4:oadp/oadp-mustgather-rhel9@sha256:d9bcac4f030c419292e13e517baf606514dece94182328e9f54058508a5138f1_ppc64le",
"9Base-OADP-1.4:oadp/oadp-operator-bundle@sha256:7317ed83242340597b5cdde8ee314606ddd563d0067ee85c12eb21037e2feb99_amd64",
"9Base-OADP-1.4:oadp/oadp-operator-bundle@sha256:7bbd1cb460a20aa568f543122ead86a7590827ed04166b82902cd68f60c67b4a_arm64",
"9Base-OADP-1.4:oadp/oadp-operator-bundle@sha256:c06a0dc726d75fbed4c5f0ed5beb1abafdc2f85997d9d0b1dab41775b7ffe07d_s390x",
"9Base-OADP-1.4:oadp/oadp-operator-bundle@sha256:f05c810e2b1c445a5d997826f423b6759c11b188dd8781af5908c085d082ceac_ppc64le",
"9Base-OADP-1.4:oadp/oadp-rhel9-operator@sha256:a695cf5140b0b109ede8c718c7b5b720fbe3f92c033f999506d78e2341c01203_ppc64le",
"9Base-OADP-1.4:oadp/oadp-rhel9-operator@sha256:a8b86cbc818be479fd560b85e129e917c2314c82070d39a0c1453d8f11631ec5_s390x",
"9Base-OADP-1.4:oadp/oadp-rhel9-operator@sha256:c64c81ccaa4d3ed1c2b333936b0a9aa111e4dde2de88af5780ebd83f3b29bad6_amd64",
"9Base-OADP-1.4:oadp/oadp-rhel9-operator@sha256:e4a7bd1b9aeae7350256a65fcb094cff2622e569ca8768df63d43682dff364d4_arm64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:2cdd8800ab19ff52a6682d3a6477c745b09224998dd4d7c5882111496ae8ec09_amd64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:36a22693fd6d1d2721f2f6d579bc638d51ae3648766cc57118f6956cd10aba36_arm64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:969922831941453a7d0c16bbe908b3b3596493134e68e771bd49ed9460f38bf1_ppc64le",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:e97dc347f843eab864efb81f939b425554e6db58cde788a942afd7b00ac470df_s390x",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:6ab225df2a249068ce7f22d909916ee94e58abcbae8662d4df3f0e93e4b97eed_arm64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:a654a342057e7f679a96a5f18069bf6568e9a9f59f9f1934bf02f346a73cfe25_ppc64le",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:d70161cdeb833ec007dfad5a7f1b1ff411a10fe054b9ede12f3d7879e201ee17_amd64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:d9cc11a9154a89f84d66874f773225b6ac2b9a3342bd4d15cbb2ee8639c5f05f_s390x",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:121c80f73d2739694de126801e5c9622584ddc61fad9d1953e56fc83439ce074_amd64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:1ead7c1b32cb4ff2ec3002142a2fa25dbde1cc99c9ab07742e06981055963716_ppc64le",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:9f7b3d93c79057eaefd036c8aa06f392487a73c1dde9a5bdecac73610b42461d_arm64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:cc1323f77941a5c0d4202ab96ca1643b6d06df4febf996de2ee82f43010e319c_s390x",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:18bfc85cc1a69536c266b0d168644406ccab9943aeb076a4e1a241655783a199_s390x",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:6c8c1cee0d702a5917c16decf62950adddc5ad4b629492b50a2d3c860dad14c2_ppc64le",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:7d22ecdc5faffcf9073c2b08178363820dc74d6fed62d0974bb3df309be573cb_amd64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:fb57f4b7e2df487e6a8d272168c88ccd2f9f9b4d06efe23cf271c900d84d66cc_arm64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-rhel9@sha256:6fb517f7cba99c4db682a9e71e4afce78f0f6b2b6fed6ee83ee39e3883af72d1_arm64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-rhel9@sha256:7c3889900001f080690330f619d8e509e7005363a984eeb47221359b91166674_ppc64le",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-rhel9@sha256:b76bf2f89b41f4f5a3fb696a3942f26eb1ffbdf5a0bc0d9611906dd1de177d16_amd64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-rhel9@sha256:d37ce4423a62897fa3ba2b59fe9bb3a4832088020ea089dd03b920a36179418f_s390x",
"9Base-OADP-1.4:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:37a60c31f57eb012097db76db3682d1c98936c581f64fda05fd705805b34327d_arm64",
"9Base-OADP-1.4:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:8d42dac3bdfb6f30bbbb62f83b9a3847c56ee405474b543e51619735e1b6dea4_ppc64le",
"9Base-OADP-1.4:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:aaf2bfc6b4a84f6b56592cfaa63552bea96ac5c8283f883b0f810a4c00b5f469_amd64",
"9Base-OADP-1.4:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:ebe2f773be55633f5d78274d9b85c253cd97257e227f20a12f20f27722c56885_s390x",
"9Base-OADP-1.4:oadp/oadp-velero-rhel9@sha256:489b4765e3f7f9da000be488e6ee755f9e930ce2e0d688c39677fc964cd1ae3a_ppc64le",
"9Base-OADP-1.4:oadp/oadp-velero-rhel9@sha256:6eb63751e7f228d3b91abd9927ca0fd84d73aa095bc76afd681340f85c36cd92_amd64",
"9Base-OADP-1.4:oadp/oadp-velero-rhel9@sha256:704acaaf95af349cb107ac6df2bfef5da3df3d5fc16f16c631b5e5f97492bcaf_s390x",
"9Base-OADP-1.4:oadp/oadp-velero-rhel9@sha256:8f28683c1b38621778de147f3f2329119f843e017d48a33de14fcadfc9f4384b_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-OADP-1.4:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:2bae3100587b970b7246ae28196982edc6b9dae145f4d8c812fc9d78bff20961_amd64",
"9Base-OADP-1.4:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:475a27e370e023af9fc2698ce9b14a97cd0302d27f2bc52dc680bb63a82eb707_s390x",
"9Base-OADP-1.4:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:e4699d011786df4d3b8481b0b79a41c6cf2450c28a96d983b506393734a24c3a_ppc64le",
"9Base-OADP-1.4:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:f78f207306aebfe90a9126218b77b64a088b68122f8805b5b69e47972e5d298a_arm64",
"9Base-OADP-1.4:oadp/oadp-mustgather-rhel9@sha256:41f32fb3b6f3c1ed7be1f2580dd0fcc861c8240c8470b4e0346e0ba5bbb512b5_s390x",
"9Base-OADP-1.4:oadp/oadp-mustgather-rhel9@sha256:a0dad19da75a825d5756e033590df8cdb5a6af0f55f906b9b1000d4c3adccd5a_amd64",
"9Base-OADP-1.4:oadp/oadp-mustgather-rhel9@sha256:abf07f4cad8f18537ccc2f162b25e11a5cae547c5f0db789f573ebc42a327041_arm64",
"9Base-OADP-1.4:oadp/oadp-mustgather-rhel9@sha256:d9bcac4f030c419292e13e517baf606514dece94182328e9f54058508a5138f1_ppc64le",
"9Base-OADP-1.4:oadp/oadp-operator-bundle@sha256:7317ed83242340597b5cdde8ee314606ddd563d0067ee85c12eb21037e2feb99_amd64",
"9Base-OADP-1.4:oadp/oadp-operator-bundle@sha256:7bbd1cb460a20aa568f543122ead86a7590827ed04166b82902cd68f60c67b4a_arm64",
"9Base-OADP-1.4:oadp/oadp-operator-bundle@sha256:c06a0dc726d75fbed4c5f0ed5beb1abafdc2f85997d9d0b1dab41775b7ffe07d_s390x",
"9Base-OADP-1.4:oadp/oadp-operator-bundle@sha256:f05c810e2b1c445a5d997826f423b6759c11b188dd8781af5908c085d082ceac_ppc64le",
"9Base-OADP-1.4:oadp/oadp-rhel9-operator@sha256:a695cf5140b0b109ede8c718c7b5b720fbe3f92c033f999506d78e2341c01203_ppc64le",
"9Base-OADP-1.4:oadp/oadp-rhel9-operator@sha256:a8b86cbc818be479fd560b85e129e917c2314c82070d39a0c1453d8f11631ec5_s390x",
"9Base-OADP-1.4:oadp/oadp-rhel9-operator@sha256:c64c81ccaa4d3ed1c2b333936b0a9aa111e4dde2de88af5780ebd83f3b29bad6_amd64",
"9Base-OADP-1.4:oadp/oadp-rhel9-operator@sha256:e4a7bd1b9aeae7350256a65fcb094cff2622e569ca8768df63d43682dff364d4_arm64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:2cdd8800ab19ff52a6682d3a6477c745b09224998dd4d7c5882111496ae8ec09_amd64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:36a22693fd6d1d2721f2f6d579bc638d51ae3648766cc57118f6956cd10aba36_arm64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:969922831941453a7d0c16bbe908b3b3596493134e68e771bd49ed9460f38bf1_ppc64le",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:e97dc347f843eab864efb81f939b425554e6db58cde788a942afd7b00ac470df_s390x",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:6ab225df2a249068ce7f22d909916ee94e58abcbae8662d4df3f0e93e4b97eed_arm64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:a654a342057e7f679a96a5f18069bf6568e9a9f59f9f1934bf02f346a73cfe25_ppc64le",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:d70161cdeb833ec007dfad5a7f1b1ff411a10fe054b9ede12f3d7879e201ee17_amd64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:d9cc11a9154a89f84d66874f773225b6ac2b9a3342bd4d15cbb2ee8639c5f05f_s390x",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:121c80f73d2739694de126801e5c9622584ddc61fad9d1953e56fc83439ce074_amd64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:1ead7c1b32cb4ff2ec3002142a2fa25dbde1cc99c9ab07742e06981055963716_ppc64le",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:9f7b3d93c79057eaefd036c8aa06f392487a73c1dde9a5bdecac73610b42461d_arm64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:cc1323f77941a5c0d4202ab96ca1643b6d06df4febf996de2ee82f43010e319c_s390x",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:18bfc85cc1a69536c266b0d168644406ccab9943aeb076a4e1a241655783a199_s390x",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:6c8c1cee0d702a5917c16decf62950adddc5ad4b629492b50a2d3c860dad14c2_ppc64le",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:7d22ecdc5faffcf9073c2b08178363820dc74d6fed62d0974bb3df309be573cb_amd64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:fb57f4b7e2df487e6a8d272168c88ccd2f9f9b4d06efe23cf271c900d84d66cc_arm64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-rhel9@sha256:6fb517f7cba99c4db682a9e71e4afce78f0f6b2b6fed6ee83ee39e3883af72d1_arm64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-rhel9@sha256:7c3889900001f080690330f619d8e509e7005363a984eeb47221359b91166674_ppc64le",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-rhel9@sha256:b76bf2f89b41f4f5a3fb696a3942f26eb1ffbdf5a0bc0d9611906dd1de177d16_amd64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-rhel9@sha256:d37ce4423a62897fa3ba2b59fe9bb3a4832088020ea089dd03b920a36179418f_s390x",
"9Base-OADP-1.4:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:37a60c31f57eb012097db76db3682d1c98936c581f64fda05fd705805b34327d_arm64",
"9Base-OADP-1.4:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:8d42dac3bdfb6f30bbbb62f83b9a3847c56ee405474b543e51619735e1b6dea4_ppc64le",
"9Base-OADP-1.4:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:aaf2bfc6b4a84f6b56592cfaa63552bea96ac5c8283f883b0f810a4c00b5f469_amd64",
"9Base-OADP-1.4:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:ebe2f773be55633f5d78274d9b85c253cd97257e227f20a12f20f27722c56885_s390x",
"9Base-OADP-1.4:oadp/oadp-velero-rhel9@sha256:489b4765e3f7f9da000be488e6ee755f9e930ce2e0d688c39677fc964cd1ae3a_ppc64le",
"9Base-OADP-1.4:oadp/oadp-velero-rhel9@sha256:6eb63751e7f228d3b91abd9927ca0fd84d73aa095bc76afd681340f85c36cd92_amd64",
"9Base-OADP-1.4:oadp/oadp-velero-rhel9@sha256:704acaaf95af349cb107ac6df2bfef5da3df3d5fc16f16c631b5e5f97492bcaf_s390x",
"9Base-OADP-1.4:oadp/oadp-velero-rhel9@sha256:8f28683c1b38621778de147f3f2329119f843e017d48a33de14fcadfc9f4384b_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang.org/x/crypto/ssh: Denial of Service in the Key Exchange of golang.org/x/crypto/ssh"
},
{
"cve": "CVE-2025-22871",
"cwe": {
"id": "CWE-444",
"name": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)"
},
"discovery_date": "2025-04-08T21:01:32.229479+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-OADP-1.4:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:2bae3100587b970b7246ae28196982edc6b9dae145f4d8c812fc9d78bff20961_amd64",
"9Base-OADP-1.4:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:475a27e370e023af9fc2698ce9b14a97cd0302d27f2bc52dc680bb63a82eb707_s390x",
"9Base-OADP-1.4:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:e4699d011786df4d3b8481b0b79a41c6cf2450c28a96d983b506393734a24c3a_ppc64le",
"9Base-OADP-1.4:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:f78f207306aebfe90a9126218b77b64a088b68122f8805b5b69e47972e5d298a_arm64",
"9Base-OADP-1.4:oadp/oadp-mustgather-rhel9@sha256:41f32fb3b6f3c1ed7be1f2580dd0fcc861c8240c8470b4e0346e0ba5bbb512b5_s390x",
"9Base-OADP-1.4:oadp/oadp-mustgather-rhel9@sha256:a0dad19da75a825d5756e033590df8cdb5a6af0f55f906b9b1000d4c3adccd5a_amd64",
"9Base-OADP-1.4:oadp/oadp-mustgather-rhel9@sha256:abf07f4cad8f18537ccc2f162b25e11a5cae547c5f0db789f573ebc42a327041_arm64",
"9Base-OADP-1.4:oadp/oadp-mustgather-rhel9@sha256:d9bcac4f030c419292e13e517baf606514dece94182328e9f54058508a5138f1_ppc64le",
"9Base-OADP-1.4:oadp/oadp-operator-bundle@sha256:7317ed83242340597b5cdde8ee314606ddd563d0067ee85c12eb21037e2feb99_amd64",
"9Base-OADP-1.4:oadp/oadp-operator-bundle@sha256:7bbd1cb460a20aa568f543122ead86a7590827ed04166b82902cd68f60c67b4a_arm64",
"9Base-OADP-1.4:oadp/oadp-operator-bundle@sha256:c06a0dc726d75fbed4c5f0ed5beb1abafdc2f85997d9d0b1dab41775b7ffe07d_s390x",
"9Base-OADP-1.4:oadp/oadp-operator-bundle@sha256:f05c810e2b1c445a5d997826f423b6759c11b188dd8781af5908c085d082ceac_ppc64le",
"9Base-OADP-1.4:oadp/oadp-rhel9-operator@sha256:a695cf5140b0b109ede8c718c7b5b720fbe3f92c033f999506d78e2341c01203_ppc64le",
"9Base-OADP-1.4:oadp/oadp-rhel9-operator@sha256:a8b86cbc818be479fd560b85e129e917c2314c82070d39a0c1453d8f11631ec5_s390x",
"9Base-OADP-1.4:oadp/oadp-rhel9-operator@sha256:c64c81ccaa4d3ed1c2b333936b0a9aa111e4dde2de88af5780ebd83f3b29bad6_amd64",
"9Base-OADP-1.4:oadp/oadp-rhel9-operator@sha256:e4a7bd1b9aeae7350256a65fcb094cff2622e569ca8768df63d43682dff364d4_arm64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:2cdd8800ab19ff52a6682d3a6477c745b09224998dd4d7c5882111496ae8ec09_amd64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:36a22693fd6d1d2721f2f6d579bc638d51ae3648766cc57118f6956cd10aba36_arm64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:969922831941453a7d0c16bbe908b3b3596493134e68e771bd49ed9460f38bf1_ppc64le",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:e97dc347f843eab864efb81f939b425554e6db58cde788a942afd7b00ac470df_s390x",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:6ab225df2a249068ce7f22d909916ee94e58abcbae8662d4df3f0e93e4b97eed_arm64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:a654a342057e7f679a96a5f18069bf6568e9a9f59f9f1934bf02f346a73cfe25_ppc64le",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:d70161cdeb833ec007dfad5a7f1b1ff411a10fe054b9ede12f3d7879e201ee17_amd64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:d9cc11a9154a89f84d66874f773225b6ac2b9a3342bd4d15cbb2ee8639c5f05f_s390x",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:121c80f73d2739694de126801e5c9622584ddc61fad9d1953e56fc83439ce074_amd64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:1ead7c1b32cb4ff2ec3002142a2fa25dbde1cc99c9ab07742e06981055963716_ppc64le",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:9f7b3d93c79057eaefd036c8aa06f392487a73c1dde9a5bdecac73610b42461d_arm64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:cc1323f77941a5c0d4202ab96ca1643b6d06df4febf996de2ee82f43010e319c_s390x",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:18bfc85cc1a69536c266b0d168644406ccab9943aeb076a4e1a241655783a199_s390x",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:6c8c1cee0d702a5917c16decf62950adddc5ad4b629492b50a2d3c860dad14c2_ppc64le",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:7d22ecdc5faffcf9073c2b08178363820dc74d6fed62d0974bb3df309be573cb_amd64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:fb57f4b7e2df487e6a8d272168c88ccd2f9f9b4d06efe23cf271c900d84d66cc_arm64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-rhel9@sha256:6fb517f7cba99c4db682a9e71e4afce78f0f6b2b6fed6ee83ee39e3883af72d1_arm64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-rhel9@sha256:7c3889900001f080690330f619d8e509e7005363a984eeb47221359b91166674_ppc64le",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-rhel9@sha256:b76bf2f89b41f4f5a3fb696a3942f26eb1ffbdf5a0bc0d9611906dd1de177d16_amd64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-rhel9@sha256:d37ce4423a62897fa3ba2b59fe9bb3a4832088020ea089dd03b920a36179418f_s390x",
"9Base-OADP-1.4:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:37a60c31f57eb012097db76db3682d1c98936c581f64fda05fd705805b34327d_arm64",
"9Base-OADP-1.4:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:8d42dac3bdfb6f30bbbb62f83b9a3847c56ee405474b543e51619735e1b6dea4_ppc64le",
"9Base-OADP-1.4:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:aaf2bfc6b4a84f6b56592cfaa63552bea96ac5c8283f883b0f810a4c00b5f469_amd64",
"9Base-OADP-1.4:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:ebe2f773be55633f5d78274d9b85c253cd97257e227f20a12f20f27722c56885_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2358493"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the net/http golang package. The net/http package incorrectly accepts messages that end with a line feed (LF) instead of the proper line ending. When used with another server that also misinterprets this, it can lead to request smuggling\u2014where an attacker tricks the system to send hidden or unauthorized requests.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "net/http: Request smuggling due to acceptance of invalid chunked data in net/http",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Satellite includes affected component however product is not directly impacted since the vulnerability arises when \"net/http\" is used as a server. Satellite uses it solely as a client, so it\u0027s not exposed to the flaw. Product Security has assessed this as Low severity.\n\nWithin regulated environments, a combination of the following controls acts as a significant barrier to successfully exploiting a CWE-444: Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027) vulnerability and therefore downgrades the severity of this particular CVE from Moderate to Low.\n\nThe platform uses secure, encrypted HTTPS connections over TLS 1.2 to reduce the risk of smuggling attacks by preventing the injection of ambiguous or malformed requests between components. The environment employs IPS/IDS and antimalware solutions to detect and block malicious code while ensuring consistent interpretation of HTTP requests across network layers, mitigating request/response inconsistencies. Event logs are collected and analyzed for centralization, correlation, monitoring, alerting, and retention, enabling the detection of malformed or suspicious HTTP traffic. Static code analysis and peer reviews enforce strong input validation and error handling to ensure all user inputs adhere to HTTP protocol specifications.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-OADP-1.4:oadp/oadp-velero-rhel9@sha256:489b4765e3f7f9da000be488e6ee755f9e930ce2e0d688c39677fc964cd1ae3a_ppc64le",
"9Base-OADP-1.4:oadp/oadp-velero-rhel9@sha256:6eb63751e7f228d3b91abd9927ca0fd84d73aa095bc76afd681340f85c36cd92_amd64",
"9Base-OADP-1.4:oadp/oadp-velero-rhel9@sha256:704acaaf95af349cb107ac6df2bfef5da3df3d5fc16f16c631b5e5f97492bcaf_s390x",
"9Base-OADP-1.4:oadp/oadp-velero-rhel9@sha256:8f28683c1b38621778de147f3f2329119f843e017d48a33de14fcadfc9f4384b_arm64"
],
"known_not_affected": [
"9Base-OADP-1.4:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:2bae3100587b970b7246ae28196982edc6b9dae145f4d8c812fc9d78bff20961_amd64",
"9Base-OADP-1.4:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:475a27e370e023af9fc2698ce9b14a97cd0302d27f2bc52dc680bb63a82eb707_s390x",
"9Base-OADP-1.4:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:e4699d011786df4d3b8481b0b79a41c6cf2450c28a96d983b506393734a24c3a_ppc64le",
"9Base-OADP-1.4:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:f78f207306aebfe90a9126218b77b64a088b68122f8805b5b69e47972e5d298a_arm64",
"9Base-OADP-1.4:oadp/oadp-mustgather-rhel9@sha256:41f32fb3b6f3c1ed7be1f2580dd0fcc861c8240c8470b4e0346e0ba5bbb512b5_s390x",
"9Base-OADP-1.4:oadp/oadp-mustgather-rhel9@sha256:a0dad19da75a825d5756e033590df8cdb5a6af0f55f906b9b1000d4c3adccd5a_amd64",
"9Base-OADP-1.4:oadp/oadp-mustgather-rhel9@sha256:abf07f4cad8f18537ccc2f162b25e11a5cae547c5f0db789f573ebc42a327041_arm64",
"9Base-OADP-1.4:oadp/oadp-mustgather-rhel9@sha256:d9bcac4f030c419292e13e517baf606514dece94182328e9f54058508a5138f1_ppc64le",
"9Base-OADP-1.4:oadp/oadp-operator-bundle@sha256:7317ed83242340597b5cdde8ee314606ddd563d0067ee85c12eb21037e2feb99_amd64",
"9Base-OADP-1.4:oadp/oadp-operator-bundle@sha256:7bbd1cb460a20aa568f543122ead86a7590827ed04166b82902cd68f60c67b4a_arm64",
"9Base-OADP-1.4:oadp/oadp-operator-bundle@sha256:c06a0dc726d75fbed4c5f0ed5beb1abafdc2f85997d9d0b1dab41775b7ffe07d_s390x",
"9Base-OADP-1.4:oadp/oadp-operator-bundle@sha256:f05c810e2b1c445a5d997826f423b6759c11b188dd8781af5908c085d082ceac_ppc64le",
"9Base-OADP-1.4:oadp/oadp-rhel9-operator@sha256:a695cf5140b0b109ede8c718c7b5b720fbe3f92c033f999506d78e2341c01203_ppc64le",
"9Base-OADP-1.4:oadp/oadp-rhel9-operator@sha256:a8b86cbc818be479fd560b85e129e917c2314c82070d39a0c1453d8f11631ec5_s390x",
"9Base-OADP-1.4:oadp/oadp-rhel9-operator@sha256:c64c81ccaa4d3ed1c2b333936b0a9aa111e4dde2de88af5780ebd83f3b29bad6_amd64",
"9Base-OADP-1.4:oadp/oadp-rhel9-operator@sha256:e4a7bd1b9aeae7350256a65fcb094cff2622e569ca8768df63d43682dff364d4_arm64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:2cdd8800ab19ff52a6682d3a6477c745b09224998dd4d7c5882111496ae8ec09_amd64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:36a22693fd6d1d2721f2f6d579bc638d51ae3648766cc57118f6956cd10aba36_arm64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:969922831941453a7d0c16bbe908b3b3596493134e68e771bd49ed9460f38bf1_ppc64le",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:e97dc347f843eab864efb81f939b425554e6db58cde788a942afd7b00ac470df_s390x",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:6ab225df2a249068ce7f22d909916ee94e58abcbae8662d4df3f0e93e4b97eed_arm64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:a654a342057e7f679a96a5f18069bf6568e9a9f59f9f1934bf02f346a73cfe25_ppc64le",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:d70161cdeb833ec007dfad5a7f1b1ff411a10fe054b9ede12f3d7879e201ee17_amd64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:d9cc11a9154a89f84d66874f773225b6ac2b9a3342bd4d15cbb2ee8639c5f05f_s390x",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:121c80f73d2739694de126801e5c9622584ddc61fad9d1953e56fc83439ce074_amd64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:1ead7c1b32cb4ff2ec3002142a2fa25dbde1cc99c9ab07742e06981055963716_ppc64le",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:9f7b3d93c79057eaefd036c8aa06f392487a73c1dde9a5bdecac73610b42461d_arm64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:cc1323f77941a5c0d4202ab96ca1643b6d06df4febf996de2ee82f43010e319c_s390x",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:18bfc85cc1a69536c266b0d168644406ccab9943aeb076a4e1a241655783a199_s390x",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:6c8c1cee0d702a5917c16decf62950adddc5ad4b629492b50a2d3c860dad14c2_ppc64le",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:7d22ecdc5faffcf9073c2b08178363820dc74d6fed62d0974bb3df309be573cb_amd64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:fb57f4b7e2df487e6a8d272168c88ccd2f9f9b4d06efe23cf271c900d84d66cc_arm64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-rhel9@sha256:6fb517f7cba99c4db682a9e71e4afce78f0f6b2b6fed6ee83ee39e3883af72d1_arm64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-rhel9@sha256:7c3889900001f080690330f619d8e509e7005363a984eeb47221359b91166674_ppc64le",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-rhel9@sha256:b76bf2f89b41f4f5a3fb696a3942f26eb1ffbdf5a0bc0d9611906dd1de177d16_amd64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-rhel9@sha256:d37ce4423a62897fa3ba2b59fe9bb3a4832088020ea089dd03b920a36179418f_s390x",
"9Base-OADP-1.4:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:37a60c31f57eb012097db76db3682d1c98936c581f64fda05fd705805b34327d_arm64",
"9Base-OADP-1.4:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:8d42dac3bdfb6f30bbbb62f83b9a3847c56ee405474b543e51619735e1b6dea4_ppc64le",
"9Base-OADP-1.4:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:aaf2bfc6b4a84f6b56592cfaa63552bea96ac5c8283f883b0f810a4c00b5f469_amd64",
"9Base-OADP-1.4:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:ebe2f773be55633f5d78274d9b85c253cd97257e227f20a12f20f27722c56885_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-22871"
},
{
"category": "external",
"summary": "RHBZ#2358493",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2358493"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-22871",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22871"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-22871",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-22871"
},
{
"category": "external",
"summary": "https://go.dev/cl/652998",
"url": "https://go.dev/cl/652998"
},
{
"category": "external",
"summary": "https://go.dev/issue/71988",
"url": "https://go.dev/issue/71988"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/Y2uBTVKjBQk",
"url": "https://groups.google.com/g/golang-announce/c/Y2uBTVKjBQk"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2025-3563",
"url": "https://pkg.go.dev/vuln/GO-2025-3563"
}
],
"release_date": "2025-04-08T20:04:34.769000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-07-18T15:51:18+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-OADP-1.4:oadp/oadp-velero-rhel9@sha256:489b4765e3f7f9da000be488e6ee755f9e930ce2e0d688c39677fc964cd1ae3a_ppc64le",
"9Base-OADP-1.4:oadp/oadp-velero-rhel9@sha256:6eb63751e7f228d3b91abd9927ca0fd84d73aa095bc76afd681340f85c36cd92_amd64",
"9Base-OADP-1.4:oadp/oadp-velero-rhel9@sha256:704acaaf95af349cb107ac6df2bfef5da3df3d5fc16f16c631b5e5f97492bcaf_s390x",
"9Base-OADP-1.4:oadp/oadp-velero-rhel9@sha256:8f28683c1b38621778de147f3f2329119f843e017d48a33de14fcadfc9f4384b_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:11396"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"9Base-OADP-1.4:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:2bae3100587b970b7246ae28196982edc6b9dae145f4d8c812fc9d78bff20961_amd64",
"9Base-OADP-1.4:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:475a27e370e023af9fc2698ce9b14a97cd0302d27f2bc52dc680bb63a82eb707_s390x",
"9Base-OADP-1.4:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:e4699d011786df4d3b8481b0b79a41c6cf2450c28a96d983b506393734a24c3a_ppc64le",
"9Base-OADP-1.4:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:f78f207306aebfe90a9126218b77b64a088b68122f8805b5b69e47972e5d298a_arm64",
"9Base-OADP-1.4:oadp/oadp-mustgather-rhel9@sha256:41f32fb3b6f3c1ed7be1f2580dd0fcc861c8240c8470b4e0346e0ba5bbb512b5_s390x",
"9Base-OADP-1.4:oadp/oadp-mustgather-rhel9@sha256:a0dad19da75a825d5756e033590df8cdb5a6af0f55f906b9b1000d4c3adccd5a_amd64",
"9Base-OADP-1.4:oadp/oadp-mustgather-rhel9@sha256:abf07f4cad8f18537ccc2f162b25e11a5cae547c5f0db789f573ebc42a327041_arm64",
"9Base-OADP-1.4:oadp/oadp-mustgather-rhel9@sha256:d9bcac4f030c419292e13e517baf606514dece94182328e9f54058508a5138f1_ppc64le",
"9Base-OADP-1.4:oadp/oadp-operator-bundle@sha256:7317ed83242340597b5cdde8ee314606ddd563d0067ee85c12eb21037e2feb99_amd64",
"9Base-OADP-1.4:oadp/oadp-operator-bundle@sha256:7bbd1cb460a20aa568f543122ead86a7590827ed04166b82902cd68f60c67b4a_arm64",
"9Base-OADP-1.4:oadp/oadp-operator-bundle@sha256:c06a0dc726d75fbed4c5f0ed5beb1abafdc2f85997d9d0b1dab41775b7ffe07d_s390x",
"9Base-OADP-1.4:oadp/oadp-operator-bundle@sha256:f05c810e2b1c445a5d997826f423b6759c11b188dd8781af5908c085d082ceac_ppc64le",
"9Base-OADP-1.4:oadp/oadp-rhel9-operator@sha256:a695cf5140b0b109ede8c718c7b5b720fbe3f92c033f999506d78e2341c01203_ppc64le",
"9Base-OADP-1.4:oadp/oadp-rhel9-operator@sha256:a8b86cbc818be479fd560b85e129e917c2314c82070d39a0c1453d8f11631ec5_s390x",
"9Base-OADP-1.4:oadp/oadp-rhel9-operator@sha256:c64c81ccaa4d3ed1c2b333936b0a9aa111e4dde2de88af5780ebd83f3b29bad6_amd64",
"9Base-OADP-1.4:oadp/oadp-rhel9-operator@sha256:e4a7bd1b9aeae7350256a65fcb094cff2622e569ca8768df63d43682dff364d4_arm64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:2cdd8800ab19ff52a6682d3a6477c745b09224998dd4d7c5882111496ae8ec09_amd64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:36a22693fd6d1d2721f2f6d579bc638d51ae3648766cc57118f6956cd10aba36_arm64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:969922831941453a7d0c16bbe908b3b3596493134e68e771bd49ed9460f38bf1_ppc64le",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:e97dc347f843eab864efb81f939b425554e6db58cde788a942afd7b00ac470df_s390x",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:6ab225df2a249068ce7f22d909916ee94e58abcbae8662d4df3f0e93e4b97eed_arm64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:a654a342057e7f679a96a5f18069bf6568e9a9f59f9f1934bf02f346a73cfe25_ppc64le",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:d70161cdeb833ec007dfad5a7f1b1ff411a10fe054b9ede12f3d7879e201ee17_amd64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:d9cc11a9154a89f84d66874f773225b6ac2b9a3342bd4d15cbb2ee8639c5f05f_s390x",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:121c80f73d2739694de126801e5c9622584ddc61fad9d1953e56fc83439ce074_amd64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:1ead7c1b32cb4ff2ec3002142a2fa25dbde1cc99c9ab07742e06981055963716_ppc64le",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:9f7b3d93c79057eaefd036c8aa06f392487a73c1dde9a5bdecac73610b42461d_arm64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:cc1323f77941a5c0d4202ab96ca1643b6d06df4febf996de2ee82f43010e319c_s390x",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:18bfc85cc1a69536c266b0d168644406ccab9943aeb076a4e1a241655783a199_s390x",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:6c8c1cee0d702a5917c16decf62950adddc5ad4b629492b50a2d3c860dad14c2_ppc64le",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:7d22ecdc5faffcf9073c2b08178363820dc74d6fed62d0974bb3df309be573cb_amd64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:fb57f4b7e2df487e6a8d272168c88ccd2f9f9b4d06efe23cf271c900d84d66cc_arm64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-rhel9@sha256:6fb517f7cba99c4db682a9e71e4afce78f0f6b2b6fed6ee83ee39e3883af72d1_arm64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-rhel9@sha256:7c3889900001f080690330f619d8e509e7005363a984eeb47221359b91166674_ppc64le",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-rhel9@sha256:b76bf2f89b41f4f5a3fb696a3942f26eb1ffbdf5a0bc0d9611906dd1de177d16_amd64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-rhel9@sha256:d37ce4423a62897fa3ba2b59fe9bb3a4832088020ea089dd03b920a36179418f_s390x",
"9Base-OADP-1.4:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:37a60c31f57eb012097db76db3682d1c98936c581f64fda05fd705805b34327d_arm64",
"9Base-OADP-1.4:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:8d42dac3bdfb6f30bbbb62f83b9a3847c56ee405474b543e51619735e1b6dea4_ppc64le",
"9Base-OADP-1.4:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:aaf2bfc6b4a84f6b56592cfaa63552bea96ac5c8283f883b0f810a4c00b5f469_amd64",
"9Base-OADP-1.4:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:ebe2f773be55633f5d78274d9b85c253cd97257e227f20a12f20f27722c56885_s390x",
"9Base-OADP-1.4:oadp/oadp-velero-rhel9@sha256:489b4765e3f7f9da000be488e6ee755f9e930ce2e0d688c39677fc964cd1ae3a_ppc64le",
"9Base-OADP-1.4:oadp/oadp-velero-rhel9@sha256:6eb63751e7f228d3b91abd9927ca0fd84d73aa095bc76afd681340f85c36cd92_amd64",
"9Base-OADP-1.4:oadp/oadp-velero-rhel9@sha256:704acaaf95af349cb107ac6df2bfef5da3df3d5fc16f16c631b5e5f97492bcaf_s390x",
"9Base-OADP-1.4:oadp/oadp-velero-rhel9@sha256:8f28683c1b38621778de147f3f2329119f843e017d48a33de14fcadfc9f4384b_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"9Base-OADP-1.4:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:2bae3100587b970b7246ae28196982edc6b9dae145f4d8c812fc9d78bff20961_amd64",
"9Base-OADP-1.4:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:475a27e370e023af9fc2698ce9b14a97cd0302d27f2bc52dc680bb63a82eb707_s390x",
"9Base-OADP-1.4:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:e4699d011786df4d3b8481b0b79a41c6cf2450c28a96d983b506393734a24c3a_ppc64le",
"9Base-OADP-1.4:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:f78f207306aebfe90a9126218b77b64a088b68122f8805b5b69e47972e5d298a_arm64",
"9Base-OADP-1.4:oadp/oadp-mustgather-rhel9@sha256:41f32fb3b6f3c1ed7be1f2580dd0fcc861c8240c8470b4e0346e0ba5bbb512b5_s390x",
"9Base-OADP-1.4:oadp/oadp-mustgather-rhel9@sha256:a0dad19da75a825d5756e033590df8cdb5a6af0f55f906b9b1000d4c3adccd5a_amd64",
"9Base-OADP-1.4:oadp/oadp-mustgather-rhel9@sha256:abf07f4cad8f18537ccc2f162b25e11a5cae547c5f0db789f573ebc42a327041_arm64",
"9Base-OADP-1.4:oadp/oadp-mustgather-rhel9@sha256:d9bcac4f030c419292e13e517baf606514dece94182328e9f54058508a5138f1_ppc64le",
"9Base-OADP-1.4:oadp/oadp-operator-bundle@sha256:7317ed83242340597b5cdde8ee314606ddd563d0067ee85c12eb21037e2feb99_amd64",
"9Base-OADP-1.4:oadp/oadp-operator-bundle@sha256:7bbd1cb460a20aa568f543122ead86a7590827ed04166b82902cd68f60c67b4a_arm64",
"9Base-OADP-1.4:oadp/oadp-operator-bundle@sha256:c06a0dc726d75fbed4c5f0ed5beb1abafdc2f85997d9d0b1dab41775b7ffe07d_s390x",
"9Base-OADP-1.4:oadp/oadp-operator-bundle@sha256:f05c810e2b1c445a5d997826f423b6759c11b188dd8781af5908c085d082ceac_ppc64le",
"9Base-OADP-1.4:oadp/oadp-rhel9-operator@sha256:a695cf5140b0b109ede8c718c7b5b720fbe3f92c033f999506d78e2341c01203_ppc64le",
"9Base-OADP-1.4:oadp/oadp-rhel9-operator@sha256:a8b86cbc818be479fd560b85e129e917c2314c82070d39a0c1453d8f11631ec5_s390x",
"9Base-OADP-1.4:oadp/oadp-rhel9-operator@sha256:c64c81ccaa4d3ed1c2b333936b0a9aa111e4dde2de88af5780ebd83f3b29bad6_amd64",
"9Base-OADP-1.4:oadp/oadp-rhel9-operator@sha256:e4a7bd1b9aeae7350256a65fcb094cff2622e569ca8768df63d43682dff364d4_arm64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:2cdd8800ab19ff52a6682d3a6477c745b09224998dd4d7c5882111496ae8ec09_amd64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:36a22693fd6d1d2721f2f6d579bc638d51ae3648766cc57118f6956cd10aba36_arm64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:969922831941453a7d0c16bbe908b3b3596493134e68e771bd49ed9460f38bf1_ppc64le",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:e97dc347f843eab864efb81f939b425554e6db58cde788a942afd7b00ac470df_s390x",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:6ab225df2a249068ce7f22d909916ee94e58abcbae8662d4df3f0e93e4b97eed_arm64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:a654a342057e7f679a96a5f18069bf6568e9a9f59f9f1934bf02f346a73cfe25_ppc64le",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:d70161cdeb833ec007dfad5a7f1b1ff411a10fe054b9ede12f3d7879e201ee17_amd64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:d9cc11a9154a89f84d66874f773225b6ac2b9a3342bd4d15cbb2ee8639c5f05f_s390x",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:121c80f73d2739694de126801e5c9622584ddc61fad9d1953e56fc83439ce074_amd64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:1ead7c1b32cb4ff2ec3002142a2fa25dbde1cc99c9ab07742e06981055963716_ppc64le",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:9f7b3d93c79057eaefd036c8aa06f392487a73c1dde9a5bdecac73610b42461d_arm64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:cc1323f77941a5c0d4202ab96ca1643b6d06df4febf996de2ee82f43010e319c_s390x",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:18bfc85cc1a69536c266b0d168644406ccab9943aeb076a4e1a241655783a199_s390x",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:6c8c1cee0d702a5917c16decf62950adddc5ad4b629492b50a2d3c860dad14c2_ppc64le",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:7d22ecdc5faffcf9073c2b08178363820dc74d6fed62d0974bb3df309be573cb_amd64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:fb57f4b7e2df487e6a8d272168c88ccd2f9f9b4d06efe23cf271c900d84d66cc_arm64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-rhel9@sha256:6fb517f7cba99c4db682a9e71e4afce78f0f6b2b6fed6ee83ee39e3883af72d1_arm64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-rhel9@sha256:7c3889900001f080690330f619d8e509e7005363a984eeb47221359b91166674_ppc64le",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-rhel9@sha256:b76bf2f89b41f4f5a3fb696a3942f26eb1ffbdf5a0bc0d9611906dd1de177d16_amd64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-rhel9@sha256:d37ce4423a62897fa3ba2b59fe9bb3a4832088020ea089dd03b920a36179418f_s390x",
"9Base-OADP-1.4:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:37a60c31f57eb012097db76db3682d1c98936c581f64fda05fd705805b34327d_arm64",
"9Base-OADP-1.4:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:8d42dac3bdfb6f30bbbb62f83b9a3847c56ee405474b543e51619735e1b6dea4_ppc64le",
"9Base-OADP-1.4:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:aaf2bfc6b4a84f6b56592cfaa63552bea96ac5c8283f883b0f810a4c00b5f469_amd64",
"9Base-OADP-1.4:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:ebe2f773be55633f5d78274d9b85c253cd97257e227f20a12f20f27722c56885_s390x",
"9Base-OADP-1.4:oadp/oadp-velero-rhel9@sha256:489b4765e3f7f9da000be488e6ee755f9e930ce2e0d688c39677fc964cd1ae3a_ppc64le",
"9Base-OADP-1.4:oadp/oadp-velero-rhel9@sha256:6eb63751e7f228d3b91abd9927ca0fd84d73aa095bc76afd681340f85c36cd92_amd64",
"9Base-OADP-1.4:oadp/oadp-velero-rhel9@sha256:704acaaf95af349cb107ac6df2bfef5da3df3d5fc16f16c631b5e5f97492bcaf_s390x",
"9Base-OADP-1.4:oadp/oadp-velero-rhel9@sha256:8f28683c1b38621778de147f3f2329119f843e017d48a33de14fcadfc9f4384b_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "net/http: Request smuggling due to acceptance of invalid chunked data in net/http"
},
{
"cve": "CVE-2025-27144",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2025-02-24T23:00:42.448432+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-OADP-1.4:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:2bae3100587b970b7246ae28196982edc6b9dae145f4d8c812fc9d78bff20961_amd64",
"9Base-OADP-1.4:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:475a27e370e023af9fc2698ce9b14a97cd0302d27f2bc52dc680bb63a82eb707_s390x",
"9Base-OADP-1.4:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:e4699d011786df4d3b8481b0b79a41c6cf2450c28a96d983b506393734a24c3a_ppc64le",
"9Base-OADP-1.4:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:f78f207306aebfe90a9126218b77b64a088b68122f8805b5b69e47972e5d298a_arm64",
"9Base-OADP-1.4:oadp/oadp-operator-bundle@sha256:7317ed83242340597b5cdde8ee314606ddd563d0067ee85c12eb21037e2feb99_amd64",
"9Base-OADP-1.4:oadp/oadp-operator-bundle@sha256:7bbd1cb460a20aa568f543122ead86a7590827ed04166b82902cd68f60c67b4a_arm64",
"9Base-OADP-1.4:oadp/oadp-operator-bundle@sha256:c06a0dc726d75fbed4c5f0ed5beb1abafdc2f85997d9d0b1dab41775b7ffe07d_s390x",
"9Base-OADP-1.4:oadp/oadp-operator-bundle@sha256:f05c810e2b1c445a5d997826f423b6759c11b188dd8781af5908c085d082ceac_ppc64le",
"9Base-OADP-1.4:oadp/oadp-rhel9-operator@sha256:a695cf5140b0b109ede8c718c7b5b720fbe3f92c033f999506d78e2341c01203_ppc64le",
"9Base-OADP-1.4:oadp/oadp-rhel9-operator@sha256:a8b86cbc818be479fd560b85e129e917c2314c82070d39a0c1453d8f11631ec5_s390x",
"9Base-OADP-1.4:oadp/oadp-rhel9-operator@sha256:c64c81ccaa4d3ed1c2b333936b0a9aa111e4dde2de88af5780ebd83f3b29bad6_amd64",
"9Base-OADP-1.4:oadp/oadp-rhel9-operator@sha256:e4a7bd1b9aeae7350256a65fcb094cff2622e569ca8768df63d43682dff364d4_arm64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:2cdd8800ab19ff52a6682d3a6477c745b09224998dd4d7c5882111496ae8ec09_amd64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:36a22693fd6d1d2721f2f6d579bc638d51ae3648766cc57118f6956cd10aba36_arm64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:969922831941453a7d0c16bbe908b3b3596493134e68e771bd49ed9460f38bf1_ppc64le",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:e97dc347f843eab864efb81f939b425554e6db58cde788a942afd7b00ac470df_s390x",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:6ab225df2a249068ce7f22d909916ee94e58abcbae8662d4df3f0e93e4b97eed_arm64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:a654a342057e7f679a96a5f18069bf6568e9a9f59f9f1934bf02f346a73cfe25_ppc64le",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:d70161cdeb833ec007dfad5a7f1b1ff411a10fe054b9ede12f3d7879e201ee17_amd64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:d9cc11a9154a89f84d66874f773225b6ac2b9a3342bd4d15cbb2ee8639c5f05f_s390x",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:121c80f73d2739694de126801e5c9622584ddc61fad9d1953e56fc83439ce074_amd64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:1ead7c1b32cb4ff2ec3002142a2fa25dbde1cc99c9ab07742e06981055963716_ppc64le",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:9f7b3d93c79057eaefd036c8aa06f392487a73c1dde9a5bdecac73610b42461d_arm64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:cc1323f77941a5c0d4202ab96ca1643b6d06df4febf996de2ee82f43010e319c_s390x",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:18bfc85cc1a69536c266b0d168644406ccab9943aeb076a4e1a241655783a199_s390x",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:6c8c1cee0d702a5917c16decf62950adddc5ad4b629492b50a2d3c860dad14c2_ppc64le",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:7d22ecdc5faffcf9073c2b08178363820dc74d6fed62d0974bb3df309be573cb_amd64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:fb57f4b7e2df487e6a8d272168c88ccd2f9f9b4d06efe23cf271c900d84d66cc_arm64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-rhel9@sha256:6fb517f7cba99c4db682a9e71e4afce78f0f6b2b6fed6ee83ee39e3883af72d1_arm64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-rhel9@sha256:7c3889900001f080690330f619d8e509e7005363a984eeb47221359b91166674_ppc64le",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-rhel9@sha256:b76bf2f89b41f4f5a3fb696a3942f26eb1ffbdf5a0bc0d9611906dd1de177d16_amd64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-rhel9@sha256:d37ce4423a62897fa3ba2b59fe9bb3a4832088020ea089dd03b920a36179418f_s390x",
"9Base-OADP-1.4:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:37a60c31f57eb012097db76db3682d1c98936c581f64fda05fd705805b34327d_arm64",
"9Base-OADP-1.4:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:8d42dac3bdfb6f30bbbb62f83b9a3847c56ee405474b543e51619735e1b6dea4_ppc64le",
"9Base-OADP-1.4:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:aaf2bfc6b4a84f6b56592cfaa63552bea96ac5c8283f883b0f810a4c00b5f469_amd64",
"9Base-OADP-1.4:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:ebe2f773be55633f5d78274d9b85c253cd97257e227f20a12f20f27722c56885_s390x",
"9Base-OADP-1.4:oadp/oadp-velero-rhel9@sha256:489b4765e3f7f9da000be488e6ee755f9e930ce2e0d688c39677fc964cd1ae3a_ppc64le",
"9Base-OADP-1.4:oadp/oadp-velero-rhel9@sha256:6eb63751e7f228d3b91abd9927ca0fd84d73aa095bc76afd681340f85c36cd92_amd64",
"9Base-OADP-1.4:oadp/oadp-velero-rhel9@sha256:704acaaf95af349cb107ac6df2bfef5da3df3d5fc16f16c631b5e5f97492bcaf_s390x",
"9Base-OADP-1.4:oadp/oadp-velero-rhel9@sha256:8f28683c1b38621778de147f3f2329119f843e017d48a33de14fcadfc9f4384b_arm64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2347423"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in GO-JOSE. In affected versions, when parsing compact JWS or JWE input, Go JOSE could use excessive memory. The code uses strings.Split(token, \".\") to split JWT tokens, which is vulnerable to excessive memory consumption when processing maliciously crafted tokens with a large number of `.` characters. This issue could be exploied by sending numerous malformed tokens, leading to memory exhaustion and a Denial of Service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "go-jose: Go JOSE\u0027s Parsing Vulnerable to Denial of Service",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Within regulated environments, a combination of the following controls acts as a significant barrier to successfully exploiting a CWE-770: Allocation of Resources Without Limits or Throttling vulnerability and therefore downgrades the severity of this particular CVE from Moderate to Low.\n\nThe platform enforces hardening guidelines to apply the most restrictive settings required for operations, while baseline configurations maintain secure system and software states. A defense-in-depth monitoring strategy includes perimeter firewalls and endpoint protection services that detect excessive resource usage caused by malicious activity or system misconfigurations. In the event of exploitation, process isolation ensures workloads operate in separate environments, preventing any single process from overconsuming CPU or memory and degrading system performance.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-OADP-1.4:oadp/oadp-mustgather-rhel9@sha256:41f32fb3b6f3c1ed7be1f2580dd0fcc861c8240c8470b4e0346e0ba5bbb512b5_s390x",
"9Base-OADP-1.4:oadp/oadp-mustgather-rhel9@sha256:a0dad19da75a825d5756e033590df8cdb5a6af0f55f906b9b1000d4c3adccd5a_amd64",
"9Base-OADP-1.4:oadp/oadp-mustgather-rhel9@sha256:abf07f4cad8f18537ccc2f162b25e11a5cae547c5f0db789f573ebc42a327041_arm64",
"9Base-OADP-1.4:oadp/oadp-mustgather-rhel9@sha256:d9bcac4f030c419292e13e517baf606514dece94182328e9f54058508a5138f1_ppc64le"
],
"known_not_affected": [
"9Base-OADP-1.4:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:2bae3100587b970b7246ae28196982edc6b9dae145f4d8c812fc9d78bff20961_amd64",
"9Base-OADP-1.4:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:475a27e370e023af9fc2698ce9b14a97cd0302d27f2bc52dc680bb63a82eb707_s390x",
"9Base-OADP-1.4:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:e4699d011786df4d3b8481b0b79a41c6cf2450c28a96d983b506393734a24c3a_ppc64le",
"9Base-OADP-1.4:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:f78f207306aebfe90a9126218b77b64a088b68122f8805b5b69e47972e5d298a_arm64",
"9Base-OADP-1.4:oadp/oadp-operator-bundle@sha256:7317ed83242340597b5cdde8ee314606ddd563d0067ee85c12eb21037e2feb99_amd64",
"9Base-OADP-1.4:oadp/oadp-operator-bundle@sha256:7bbd1cb460a20aa568f543122ead86a7590827ed04166b82902cd68f60c67b4a_arm64",
"9Base-OADP-1.4:oadp/oadp-operator-bundle@sha256:c06a0dc726d75fbed4c5f0ed5beb1abafdc2f85997d9d0b1dab41775b7ffe07d_s390x",
"9Base-OADP-1.4:oadp/oadp-operator-bundle@sha256:f05c810e2b1c445a5d997826f423b6759c11b188dd8781af5908c085d082ceac_ppc64le",
"9Base-OADP-1.4:oadp/oadp-rhel9-operator@sha256:a695cf5140b0b109ede8c718c7b5b720fbe3f92c033f999506d78e2341c01203_ppc64le",
"9Base-OADP-1.4:oadp/oadp-rhel9-operator@sha256:a8b86cbc818be479fd560b85e129e917c2314c82070d39a0c1453d8f11631ec5_s390x",
"9Base-OADP-1.4:oadp/oadp-rhel9-operator@sha256:c64c81ccaa4d3ed1c2b333936b0a9aa111e4dde2de88af5780ebd83f3b29bad6_amd64",
"9Base-OADP-1.4:oadp/oadp-rhel9-operator@sha256:e4a7bd1b9aeae7350256a65fcb094cff2622e569ca8768df63d43682dff364d4_arm64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:2cdd8800ab19ff52a6682d3a6477c745b09224998dd4d7c5882111496ae8ec09_amd64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:36a22693fd6d1d2721f2f6d579bc638d51ae3648766cc57118f6956cd10aba36_arm64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:969922831941453a7d0c16bbe908b3b3596493134e68e771bd49ed9460f38bf1_ppc64le",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:e97dc347f843eab864efb81f939b425554e6db58cde788a942afd7b00ac470df_s390x",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:6ab225df2a249068ce7f22d909916ee94e58abcbae8662d4df3f0e93e4b97eed_arm64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:a654a342057e7f679a96a5f18069bf6568e9a9f59f9f1934bf02f346a73cfe25_ppc64le",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:d70161cdeb833ec007dfad5a7f1b1ff411a10fe054b9ede12f3d7879e201ee17_amd64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:d9cc11a9154a89f84d66874f773225b6ac2b9a3342bd4d15cbb2ee8639c5f05f_s390x",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:121c80f73d2739694de126801e5c9622584ddc61fad9d1953e56fc83439ce074_amd64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:1ead7c1b32cb4ff2ec3002142a2fa25dbde1cc99c9ab07742e06981055963716_ppc64le",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:9f7b3d93c79057eaefd036c8aa06f392487a73c1dde9a5bdecac73610b42461d_arm64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:cc1323f77941a5c0d4202ab96ca1643b6d06df4febf996de2ee82f43010e319c_s390x",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:18bfc85cc1a69536c266b0d168644406ccab9943aeb076a4e1a241655783a199_s390x",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:6c8c1cee0d702a5917c16decf62950adddc5ad4b629492b50a2d3c860dad14c2_ppc64le",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:7d22ecdc5faffcf9073c2b08178363820dc74d6fed62d0974bb3df309be573cb_amd64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:fb57f4b7e2df487e6a8d272168c88ccd2f9f9b4d06efe23cf271c900d84d66cc_arm64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-rhel9@sha256:6fb517f7cba99c4db682a9e71e4afce78f0f6b2b6fed6ee83ee39e3883af72d1_arm64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-rhel9@sha256:7c3889900001f080690330f619d8e509e7005363a984eeb47221359b91166674_ppc64le",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-rhel9@sha256:b76bf2f89b41f4f5a3fb696a3942f26eb1ffbdf5a0bc0d9611906dd1de177d16_amd64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-rhel9@sha256:d37ce4423a62897fa3ba2b59fe9bb3a4832088020ea089dd03b920a36179418f_s390x",
"9Base-OADP-1.4:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:37a60c31f57eb012097db76db3682d1c98936c581f64fda05fd705805b34327d_arm64",
"9Base-OADP-1.4:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:8d42dac3bdfb6f30bbbb62f83b9a3847c56ee405474b543e51619735e1b6dea4_ppc64le",
"9Base-OADP-1.4:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:aaf2bfc6b4a84f6b56592cfaa63552bea96ac5c8283f883b0f810a4c00b5f469_amd64",
"9Base-OADP-1.4:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:ebe2f773be55633f5d78274d9b85c253cd97257e227f20a12f20f27722c56885_s390x",
"9Base-OADP-1.4:oadp/oadp-velero-rhel9@sha256:489b4765e3f7f9da000be488e6ee755f9e930ce2e0d688c39677fc964cd1ae3a_ppc64le",
"9Base-OADP-1.4:oadp/oadp-velero-rhel9@sha256:6eb63751e7f228d3b91abd9927ca0fd84d73aa095bc76afd681340f85c36cd92_amd64",
"9Base-OADP-1.4:oadp/oadp-velero-rhel9@sha256:704acaaf95af349cb107ac6df2bfef5da3df3d5fc16f16c631b5e5f97492bcaf_s390x",
"9Base-OADP-1.4:oadp/oadp-velero-rhel9@sha256:8f28683c1b38621778de147f3f2329119f843e017d48a33de14fcadfc9f4384b_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-27144"
},
{
"category": "external",
"summary": "RHBZ#2347423",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2347423"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-27144",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27144"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-27144",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-27144"
},
{
"category": "external",
"summary": "https://github.com/go-jose/go-jose/commit/99b346cec4e86d102284642c5dcbe9bb0cacfc22",
"url": "https://github.com/go-jose/go-jose/commit/99b346cec4e86d102284642c5dcbe9bb0cacfc22"
},
{
"category": "external",
"summary": "https://github.com/go-jose/go-jose/releases/tag/v4.0.5",
"url": "https://github.com/go-jose/go-jose/releases/tag/v4.0.5"
},
{
"category": "external",
"summary": "https://github.com/go-jose/go-jose/security/advisories/GHSA-c6gw-w398-hv78",
"url": "https://github.com/go-jose/go-jose/security/advisories/GHSA-c6gw-w398-hv78"
}
],
"release_date": "2025-02-24T22:22:22.863000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-07-18T15:51:18+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-OADP-1.4:oadp/oadp-mustgather-rhel9@sha256:41f32fb3b6f3c1ed7be1f2580dd0fcc861c8240c8470b4e0346e0ba5bbb512b5_s390x",
"9Base-OADP-1.4:oadp/oadp-mustgather-rhel9@sha256:a0dad19da75a825d5756e033590df8cdb5a6af0f55f906b9b1000d4c3adccd5a_amd64",
"9Base-OADP-1.4:oadp/oadp-mustgather-rhel9@sha256:abf07f4cad8f18537ccc2f162b25e11a5cae547c5f0db789f573ebc42a327041_arm64",
"9Base-OADP-1.4:oadp/oadp-mustgather-rhel9@sha256:d9bcac4f030c419292e13e517baf606514dece94182328e9f54058508a5138f1_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:11396"
},
{
"category": "workaround",
"details": "As a workaround, applications can pre-validate that payloads being passed to Go JOSE do not contain an excessive number of `.` characters.",
"product_ids": [
"9Base-OADP-1.4:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:2bae3100587b970b7246ae28196982edc6b9dae145f4d8c812fc9d78bff20961_amd64",
"9Base-OADP-1.4:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:475a27e370e023af9fc2698ce9b14a97cd0302d27f2bc52dc680bb63a82eb707_s390x",
"9Base-OADP-1.4:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:e4699d011786df4d3b8481b0b79a41c6cf2450c28a96d983b506393734a24c3a_ppc64le",
"9Base-OADP-1.4:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:f78f207306aebfe90a9126218b77b64a088b68122f8805b5b69e47972e5d298a_arm64",
"9Base-OADP-1.4:oadp/oadp-mustgather-rhel9@sha256:41f32fb3b6f3c1ed7be1f2580dd0fcc861c8240c8470b4e0346e0ba5bbb512b5_s390x",
"9Base-OADP-1.4:oadp/oadp-mustgather-rhel9@sha256:a0dad19da75a825d5756e033590df8cdb5a6af0f55f906b9b1000d4c3adccd5a_amd64",
"9Base-OADP-1.4:oadp/oadp-mustgather-rhel9@sha256:abf07f4cad8f18537ccc2f162b25e11a5cae547c5f0db789f573ebc42a327041_arm64",
"9Base-OADP-1.4:oadp/oadp-mustgather-rhel9@sha256:d9bcac4f030c419292e13e517baf606514dece94182328e9f54058508a5138f1_ppc64le",
"9Base-OADP-1.4:oadp/oadp-operator-bundle@sha256:7317ed83242340597b5cdde8ee314606ddd563d0067ee85c12eb21037e2feb99_amd64",
"9Base-OADP-1.4:oadp/oadp-operator-bundle@sha256:7bbd1cb460a20aa568f543122ead86a7590827ed04166b82902cd68f60c67b4a_arm64",
"9Base-OADP-1.4:oadp/oadp-operator-bundle@sha256:c06a0dc726d75fbed4c5f0ed5beb1abafdc2f85997d9d0b1dab41775b7ffe07d_s390x",
"9Base-OADP-1.4:oadp/oadp-operator-bundle@sha256:f05c810e2b1c445a5d997826f423b6759c11b188dd8781af5908c085d082ceac_ppc64le",
"9Base-OADP-1.4:oadp/oadp-rhel9-operator@sha256:a695cf5140b0b109ede8c718c7b5b720fbe3f92c033f999506d78e2341c01203_ppc64le",
"9Base-OADP-1.4:oadp/oadp-rhel9-operator@sha256:a8b86cbc818be479fd560b85e129e917c2314c82070d39a0c1453d8f11631ec5_s390x",
"9Base-OADP-1.4:oadp/oadp-rhel9-operator@sha256:c64c81ccaa4d3ed1c2b333936b0a9aa111e4dde2de88af5780ebd83f3b29bad6_amd64",
"9Base-OADP-1.4:oadp/oadp-rhel9-operator@sha256:e4a7bd1b9aeae7350256a65fcb094cff2622e569ca8768df63d43682dff364d4_arm64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:2cdd8800ab19ff52a6682d3a6477c745b09224998dd4d7c5882111496ae8ec09_amd64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:36a22693fd6d1d2721f2f6d579bc638d51ae3648766cc57118f6956cd10aba36_arm64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:969922831941453a7d0c16bbe908b3b3596493134e68e771bd49ed9460f38bf1_ppc64le",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:e97dc347f843eab864efb81f939b425554e6db58cde788a942afd7b00ac470df_s390x",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:6ab225df2a249068ce7f22d909916ee94e58abcbae8662d4df3f0e93e4b97eed_arm64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:a654a342057e7f679a96a5f18069bf6568e9a9f59f9f1934bf02f346a73cfe25_ppc64le",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:d70161cdeb833ec007dfad5a7f1b1ff411a10fe054b9ede12f3d7879e201ee17_amd64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:d9cc11a9154a89f84d66874f773225b6ac2b9a3342bd4d15cbb2ee8639c5f05f_s390x",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:121c80f73d2739694de126801e5c9622584ddc61fad9d1953e56fc83439ce074_amd64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:1ead7c1b32cb4ff2ec3002142a2fa25dbde1cc99c9ab07742e06981055963716_ppc64le",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:9f7b3d93c79057eaefd036c8aa06f392487a73c1dde9a5bdecac73610b42461d_arm64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:cc1323f77941a5c0d4202ab96ca1643b6d06df4febf996de2ee82f43010e319c_s390x",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:18bfc85cc1a69536c266b0d168644406ccab9943aeb076a4e1a241655783a199_s390x",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:6c8c1cee0d702a5917c16decf62950adddc5ad4b629492b50a2d3c860dad14c2_ppc64le",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:7d22ecdc5faffcf9073c2b08178363820dc74d6fed62d0974bb3df309be573cb_amd64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:fb57f4b7e2df487e6a8d272168c88ccd2f9f9b4d06efe23cf271c900d84d66cc_arm64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-rhel9@sha256:6fb517f7cba99c4db682a9e71e4afce78f0f6b2b6fed6ee83ee39e3883af72d1_arm64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-rhel9@sha256:7c3889900001f080690330f619d8e509e7005363a984eeb47221359b91166674_ppc64le",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-rhel9@sha256:b76bf2f89b41f4f5a3fb696a3942f26eb1ffbdf5a0bc0d9611906dd1de177d16_amd64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-rhel9@sha256:d37ce4423a62897fa3ba2b59fe9bb3a4832088020ea089dd03b920a36179418f_s390x",
"9Base-OADP-1.4:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:37a60c31f57eb012097db76db3682d1c98936c581f64fda05fd705805b34327d_arm64",
"9Base-OADP-1.4:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:8d42dac3bdfb6f30bbbb62f83b9a3847c56ee405474b543e51619735e1b6dea4_ppc64le",
"9Base-OADP-1.4:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:aaf2bfc6b4a84f6b56592cfaa63552bea96ac5c8283f883b0f810a4c00b5f469_amd64",
"9Base-OADP-1.4:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:ebe2f773be55633f5d78274d9b85c253cd97257e227f20a12f20f27722c56885_s390x",
"9Base-OADP-1.4:oadp/oadp-velero-rhel9@sha256:489b4765e3f7f9da000be488e6ee755f9e930ce2e0d688c39677fc964cd1ae3a_ppc64le",
"9Base-OADP-1.4:oadp/oadp-velero-rhel9@sha256:6eb63751e7f228d3b91abd9927ca0fd84d73aa095bc76afd681340f85c36cd92_amd64",
"9Base-OADP-1.4:oadp/oadp-velero-rhel9@sha256:704acaaf95af349cb107ac6df2bfef5da3df3d5fc16f16c631b5e5f97492bcaf_s390x",
"9Base-OADP-1.4:oadp/oadp-velero-rhel9@sha256:8f28683c1b38621778de147f3f2329119f843e017d48a33de14fcadfc9f4384b_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-OADP-1.4:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:2bae3100587b970b7246ae28196982edc6b9dae145f4d8c812fc9d78bff20961_amd64",
"9Base-OADP-1.4:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:475a27e370e023af9fc2698ce9b14a97cd0302d27f2bc52dc680bb63a82eb707_s390x",
"9Base-OADP-1.4:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:e4699d011786df4d3b8481b0b79a41c6cf2450c28a96d983b506393734a24c3a_ppc64le",
"9Base-OADP-1.4:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:f78f207306aebfe90a9126218b77b64a088b68122f8805b5b69e47972e5d298a_arm64",
"9Base-OADP-1.4:oadp/oadp-mustgather-rhel9@sha256:41f32fb3b6f3c1ed7be1f2580dd0fcc861c8240c8470b4e0346e0ba5bbb512b5_s390x",
"9Base-OADP-1.4:oadp/oadp-mustgather-rhel9@sha256:a0dad19da75a825d5756e033590df8cdb5a6af0f55f906b9b1000d4c3adccd5a_amd64",
"9Base-OADP-1.4:oadp/oadp-mustgather-rhel9@sha256:abf07f4cad8f18537ccc2f162b25e11a5cae547c5f0db789f573ebc42a327041_arm64",
"9Base-OADP-1.4:oadp/oadp-mustgather-rhel9@sha256:d9bcac4f030c419292e13e517baf606514dece94182328e9f54058508a5138f1_ppc64le",
"9Base-OADP-1.4:oadp/oadp-operator-bundle@sha256:7317ed83242340597b5cdde8ee314606ddd563d0067ee85c12eb21037e2feb99_amd64",
"9Base-OADP-1.4:oadp/oadp-operator-bundle@sha256:7bbd1cb460a20aa568f543122ead86a7590827ed04166b82902cd68f60c67b4a_arm64",
"9Base-OADP-1.4:oadp/oadp-operator-bundle@sha256:c06a0dc726d75fbed4c5f0ed5beb1abafdc2f85997d9d0b1dab41775b7ffe07d_s390x",
"9Base-OADP-1.4:oadp/oadp-operator-bundle@sha256:f05c810e2b1c445a5d997826f423b6759c11b188dd8781af5908c085d082ceac_ppc64le",
"9Base-OADP-1.4:oadp/oadp-rhel9-operator@sha256:a695cf5140b0b109ede8c718c7b5b720fbe3f92c033f999506d78e2341c01203_ppc64le",
"9Base-OADP-1.4:oadp/oadp-rhel9-operator@sha256:a8b86cbc818be479fd560b85e129e917c2314c82070d39a0c1453d8f11631ec5_s390x",
"9Base-OADP-1.4:oadp/oadp-rhel9-operator@sha256:c64c81ccaa4d3ed1c2b333936b0a9aa111e4dde2de88af5780ebd83f3b29bad6_amd64",
"9Base-OADP-1.4:oadp/oadp-rhel9-operator@sha256:e4a7bd1b9aeae7350256a65fcb094cff2622e569ca8768df63d43682dff364d4_arm64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:2cdd8800ab19ff52a6682d3a6477c745b09224998dd4d7c5882111496ae8ec09_amd64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:36a22693fd6d1d2721f2f6d579bc638d51ae3648766cc57118f6956cd10aba36_arm64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:969922831941453a7d0c16bbe908b3b3596493134e68e771bd49ed9460f38bf1_ppc64le",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:e97dc347f843eab864efb81f939b425554e6db58cde788a942afd7b00ac470df_s390x",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:6ab225df2a249068ce7f22d909916ee94e58abcbae8662d4df3f0e93e4b97eed_arm64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:a654a342057e7f679a96a5f18069bf6568e9a9f59f9f1934bf02f346a73cfe25_ppc64le",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:d70161cdeb833ec007dfad5a7f1b1ff411a10fe054b9ede12f3d7879e201ee17_amd64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:d9cc11a9154a89f84d66874f773225b6ac2b9a3342bd4d15cbb2ee8639c5f05f_s390x",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:121c80f73d2739694de126801e5c9622584ddc61fad9d1953e56fc83439ce074_amd64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:1ead7c1b32cb4ff2ec3002142a2fa25dbde1cc99c9ab07742e06981055963716_ppc64le",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:9f7b3d93c79057eaefd036c8aa06f392487a73c1dde9a5bdecac73610b42461d_arm64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:cc1323f77941a5c0d4202ab96ca1643b6d06df4febf996de2ee82f43010e319c_s390x",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:18bfc85cc1a69536c266b0d168644406ccab9943aeb076a4e1a241655783a199_s390x",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:6c8c1cee0d702a5917c16decf62950adddc5ad4b629492b50a2d3c860dad14c2_ppc64le",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:7d22ecdc5faffcf9073c2b08178363820dc74d6fed62d0974bb3df309be573cb_amd64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:fb57f4b7e2df487e6a8d272168c88ccd2f9f9b4d06efe23cf271c900d84d66cc_arm64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-rhel9@sha256:6fb517f7cba99c4db682a9e71e4afce78f0f6b2b6fed6ee83ee39e3883af72d1_arm64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-rhel9@sha256:7c3889900001f080690330f619d8e509e7005363a984eeb47221359b91166674_ppc64le",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-rhel9@sha256:b76bf2f89b41f4f5a3fb696a3942f26eb1ffbdf5a0bc0d9611906dd1de177d16_amd64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-rhel9@sha256:d37ce4423a62897fa3ba2b59fe9bb3a4832088020ea089dd03b920a36179418f_s390x",
"9Base-OADP-1.4:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:37a60c31f57eb012097db76db3682d1c98936c581f64fda05fd705805b34327d_arm64",
"9Base-OADP-1.4:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:8d42dac3bdfb6f30bbbb62f83b9a3847c56ee405474b543e51619735e1b6dea4_ppc64le",
"9Base-OADP-1.4:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:aaf2bfc6b4a84f6b56592cfaa63552bea96ac5c8283f883b0f810a4c00b5f469_amd64",
"9Base-OADP-1.4:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:ebe2f773be55633f5d78274d9b85c253cd97257e227f20a12f20f27722c56885_s390x",
"9Base-OADP-1.4:oadp/oadp-velero-rhel9@sha256:489b4765e3f7f9da000be488e6ee755f9e930ce2e0d688c39677fc964cd1ae3a_ppc64le",
"9Base-OADP-1.4:oadp/oadp-velero-rhel9@sha256:6eb63751e7f228d3b91abd9927ca0fd84d73aa095bc76afd681340f85c36cd92_amd64",
"9Base-OADP-1.4:oadp/oadp-velero-rhel9@sha256:704acaaf95af349cb107ac6df2bfef5da3df3d5fc16f16c631b5e5f97492bcaf_s390x",
"9Base-OADP-1.4:oadp/oadp-velero-rhel9@sha256:8f28683c1b38621778de147f3f2329119f843e017d48a33de14fcadfc9f4384b_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "go-jose: Go JOSE\u0027s Parsing Vulnerable to Denial of Service"
},
{
"cve": "CVE-2025-30204",
"cwe": {
"id": "CWE-405",
"name": "Asymmetric Resource Consumption (Amplification)"
},
"discovery_date": "2025-03-21T22:00:43.818367+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-OADP-1.4:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:2bae3100587b970b7246ae28196982edc6b9dae145f4d8c812fc9d78bff20961_amd64",
"9Base-OADP-1.4:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:475a27e370e023af9fc2698ce9b14a97cd0302d27f2bc52dc680bb63a82eb707_s390x",
"9Base-OADP-1.4:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:e4699d011786df4d3b8481b0b79a41c6cf2450c28a96d983b506393734a24c3a_ppc64le",
"9Base-OADP-1.4:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:f78f207306aebfe90a9126218b77b64a088b68122f8805b5b69e47972e5d298a_arm64",
"9Base-OADP-1.4:oadp/oadp-operator-bundle@sha256:7317ed83242340597b5cdde8ee314606ddd563d0067ee85c12eb21037e2feb99_amd64",
"9Base-OADP-1.4:oadp/oadp-operator-bundle@sha256:7bbd1cb460a20aa568f543122ead86a7590827ed04166b82902cd68f60c67b4a_arm64",
"9Base-OADP-1.4:oadp/oadp-operator-bundle@sha256:c06a0dc726d75fbed4c5f0ed5beb1abafdc2f85997d9d0b1dab41775b7ffe07d_s390x",
"9Base-OADP-1.4:oadp/oadp-operator-bundle@sha256:f05c810e2b1c445a5d997826f423b6759c11b188dd8781af5908c085d082ceac_ppc64le",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:2cdd8800ab19ff52a6682d3a6477c745b09224998dd4d7c5882111496ae8ec09_amd64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:36a22693fd6d1d2721f2f6d579bc638d51ae3648766cc57118f6956cd10aba36_arm64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:969922831941453a7d0c16bbe908b3b3596493134e68e771bd49ed9460f38bf1_ppc64le",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:e97dc347f843eab864efb81f939b425554e6db58cde788a942afd7b00ac470df_s390x",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:6ab225df2a249068ce7f22d909916ee94e58abcbae8662d4df3f0e93e4b97eed_arm64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:a654a342057e7f679a96a5f18069bf6568e9a9f59f9f1934bf02f346a73cfe25_ppc64le",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:d70161cdeb833ec007dfad5a7f1b1ff411a10fe054b9ede12f3d7879e201ee17_amd64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:d9cc11a9154a89f84d66874f773225b6ac2b9a3342bd4d15cbb2ee8639c5f05f_s390x",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:121c80f73d2739694de126801e5c9622584ddc61fad9d1953e56fc83439ce074_amd64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:1ead7c1b32cb4ff2ec3002142a2fa25dbde1cc99c9ab07742e06981055963716_ppc64le",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:9f7b3d93c79057eaefd036c8aa06f392487a73c1dde9a5bdecac73610b42461d_arm64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:cc1323f77941a5c0d4202ab96ca1643b6d06df4febf996de2ee82f43010e319c_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2354195"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the golang-jwt implementation of JSON Web Tokens (JWT). In affected versions, a malicious request with specially crafted Authorization header data may trigger an excessive consumption of resources on the host system. This issue can cause significant performance degradation or an application crash, leading to a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang-jwt/jwt: jwt-go allows excessive memory allocation during header parsing",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-OADP-1.4:oadp/oadp-mustgather-rhel9@sha256:41f32fb3b6f3c1ed7be1f2580dd0fcc861c8240c8470b4e0346e0ba5bbb512b5_s390x",
"9Base-OADP-1.4:oadp/oadp-mustgather-rhel9@sha256:a0dad19da75a825d5756e033590df8cdb5a6af0f55f906b9b1000d4c3adccd5a_amd64",
"9Base-OADP-1.4:oadp/oadp-mustgather-rhel9@sha256:abf07f4cad8f18537ccc2f162b25e11a5cae547c5f0db789f573ebc42a327041_arm64",
"9Base-OADP-1.4:oadp/oadp-mustgather-rhel9@sha256:d9bcac4f030c419292e13e517baf606514dece94182328e9f54058508a5138f1_ppc64le",
"9Base-OADP-1.4:oadp/oadp-rhel9-operator@sha256:a695cf5140b0b109ede8c718c7b5b720fbe3f92c033f999506d78e2341c01203_ppc64le",
"9Base-OADP-1.4:oadp/oadp-rhel9-operator@sha256:a8b86cbc818be479fd560b85e129e917c2314c82070d39a0c1453d8f11631ec5_s390x",
"9Base-OADP-1.4:oadp/oadp-rhel9-operator@sha256:c64c81ccaa4d3ed1c2b333936b0a9aa111e4dde2de88af5780ebd83f3b29bad6_amd64",
"9Base-OADP-1.4:oadp/oadp-rhel9-operator@sha256:e4a7bd1b9aeae7350256a65fcb094cff2622e569ca8768df63d43682dff364d4_arm64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:18bfc85cc1a69536c266b0d168644406ccab9943aeb076a4e1a241655783a199_s390x",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:6c8c1cee0d702a5917c16decf62950adddc5ad4b629492b50a2d3c860dad14c2_ppc64le",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:7d22ecdc5faffcf9073c2b08178363820dc74d6fed62d0974bb3df309be573cb_amd64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:fb57f4b7e2df487e6a8d272168c88ccd2f9f9b4d06efe23cf271c900d84d66cc_arm64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-rhel9@sha256:6fb517f7cba99c4db682a9e71e4afce78f0f6b2b6fed6ee83ee39e3883af72d1_arm64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-rhel9@sha256:7c3889900001f080690330f619d8e509e7005363a984eeb47221359b91166674_ppc64le",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-rhel9@sha256:b76bf2f89b41f4f5a3fb696a3942f26eb1ffbdf5a0bc0d9611906dd1de177d16_amd64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-rhel9@sha256:d37ce4423a62897fa3ba2b59fe9bb3a4832088020ea089dd03b920a36179418f_s390x",
"9Base-OADP-1.4:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:37a60c31f57eb012097db76db3682d1c98936c581f64fda05fd705805b34327d_arm64",
"9Base-OADP-1.4:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:8d42dac3bdfb6f30bbbb62f83b9a3847c56ee405474b543e51619735e1b6dea4_ppc64le",
"9Base-OADP-1.4:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:aaf2bfc6b4a84f6b56592cfaa63552bea96ac5c8283f883b0f810a4c00b5f469_amd64",
"9Base-OADP-1.4:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:ebe2f773be55633f5d78274d9b85c253cd97257e227f20a12f20f27722c56885_s390x",
"9Base-OADP-1.4:oadp/oadp-velero-rhel9@sha256:489b4765e3f7f9da000be488e6ee755f9e930ce2e0d688c39677fc964cd1ae3a_ppc64le",
"9Base-OADP-1.4:oadp/oadp-velero-rhel9@sha256:6eb63751e7f228d3b91abd9927ca0fd84d73aa095bc76afd681340f85c36cd92_amd64",
"9Base-OADP-1.4:oadp/oadp-velero-rhel9@sha256:704acaaf95af349cb107ac6df2bfef5da3df3d5fc16f16c631b5e5f97492bcaf_s390x",
"9Base-OADP-1.4:oadp/oadp-velero-rhel9@sha256:8f28683c1b38621778de147f3f2329119f843e017d48a33de14fcadfc9f4384b_arm64"
],
"known_not_affected": [
"9Base-OADP-1.4:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:2bae3100587b970b7246ae28196982edc6b9dae145f4d8c812fc9d78bff20961_amd64",
"9Base-OADP-1.4:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:475a27e370e023af9fc2698ce9b14a97cd0302d27f2bc52dc680bb63a82eb707_s390x",
"9Base-OADP-1.4:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:e4699d011786df4d3b8481b0b79a41c6cf2450c28a96d983b506393734a24c3a_ppc64le",
"9Base-OADP-1.4:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:f78f207306aebfe90a9126218b77b64a088b68122f8805b5b69e47972e5d298a_arm64",
"9Base-OADP-1.4:oadp/oadp-operator-bundle@sha256:7317ed83242340597b5cdde8ee314606ddd563d0067ee85c12eb21037e2feb99_amd64",
"9Base-OADP-1.4:oadp/oadp-operator-bundle@sha256:7bbd1cb460a20aa568f543122ead86a7590827ed04166b82902cd68f60c67b4a_arm64",
"9Base-OADP-1.4:oadp/oadp-operator-bundle@sha256:c06a0dc726d75fbed4c5f0ed5beb1abafdc2f85997d9d0b1dab41775b7ffe07d_s390x",
"9Base-OADP-1.4:oadp/oadp-operator-bundle@sha256:f05c810e2b1c445a5d997826f423b6759c11b188dd8781af5908c085d082ceac_ppc64le",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:2cdd8800ab19ff52a6682d3a6477c745b09224998dd4d7c5882111496ae8ec09_amd64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:36a22693fd6d1d2721f2f6d579bc638d51ae3648766cc57118f6956cd10aba36_arm64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:969922831941453a7d0c16bbe908b3b3596493134e68e771bd49ed9460f38bf1_ppc64le",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:e97dc347f843eab864efb81f939b425554e6db58cde788a942afd7b00ac470df_s390x",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:6ab225df2a249068ce7f22d909916ee94e58abcbae8662d4df3f0e93e4b97eed_arm64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:a654a342057e7f679a96a5f18069bf6568e9a9f59f9f1934bf02f346a73cfe25_ppc64le",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:d70161cdeb833ec007dfad5a7f1b1ff411a10fe054b9ede12f3d7879e201ee17_amd64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:d9cc11a9154a89f84d66874f773225b6ac2b9a3342bd4d15cbb2ee8639c5f05f_s390x",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:121c80f73d2739694de126801e5c9622584ddc61fad9d1953e56fc83439ce074_amd64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:1ead7c1b32cb4ff2ec3002142a2fa25dbde1cc99c9ab07742e06981055963716_ppc64le",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:9f7b3d93c79057eaefd036c8aa06f392487a73c1dde9a5bdecac73610b42461d_arm64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:cc1323f77941a5c0d4202ab96ca1643b6d06df4febf996de2ee82f43010e319c_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-30204"
},
{
"category": "external",
"summary": "RHBZ#2354195",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2354195"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-30204",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30204"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-30204",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-30204"
},
{
"category": "external",
"summary": "https://github.com/golang-jwt/jwt/commit/0951d184286dece21f73c85673fd308786ffe9c3",
"url": "https://github.com/golang-jwt/jwt/commit/0951d184286dece21f73c85673fd308786ffe9c3"
},
{
"category": "external",
"summary": "https://github.com/golang-jwt/jwt/security/advisories/GHSA-mh63-6h87-95cp",
"url": "https://github.com/golang-jwt/jwt/security/advisories/GHSA-mh63-6h87-95cp"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2025-3553",
"url": "https://pkg.go.dev/vuln/GO-2025-3553"
}
],
"release_date": "2025-03-21T21:42:01.382000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-07-18T15:51:18+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-OADP-1.4:oadp/oadp-mustgather-rhel9@sha256:41f32fb3b6f3c1ed7be1f2580dd0fcc861c8240c8470b4e0346e0ba5bbb512b5_s390x",
"9Base-OADP-1.4:oadp/oadp-mustgather-rhel9@sha256:a0dad19da75a825d5756e033590df8cdb5a6af0f55f906b9b1000d4c3adccd5a_amd64",
"9Base-OADP-1.4:oadp/oadp-mustgather-rhel9@sha256:abf07f4cad8f18537ccc2f162b25e11a5cae547c5f0db789f573ebc42a327041_arm64",
"9Base-OADP-1.4:oadp/oadp-mustgather-rhel9@sha256:d9bcac4f030c419292e13e517baf606514dece94182328e9f54058508a5138f1_ppc64le",
"9Base-OADP-1.4:oadp/oadp-rhel9-operator@sha256:a695cf5140b0b109ede8c718c7b5b720fbe3f92c033f999506d78e2341c01203_ppc64le",
"9Base-OADP-1.4:oadp/oadp-rhel9-operator@sha256:a8b86cbc818be479fd560b85e129e917c2314c82070d39a0c1453d8f11631ec5_s390x",
"9Base-OADP-1.4:oadp/oadp-rhel9-operator@sha256:c64c81ccaa4d3ed1c2b333936b0a9aa111e4dde2de88af5780ebd83f3b29bad6_amd64",
"9Base-OADP-1.4:oadp/oadp-rhel9-operator@sha256:e4a7bd1b9aeae7350256a65fcb094cff2622e569ca8768df63d43682dff364d4_arm64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:18bfc85cc1a69536c266b0d168644406ccab9943aeb076a4e1a241655783a199_s390x",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:6c8c1cee0d702a5917c16decf62950adddc5ad4b629492b50a2d3c860dad14c2_ppc64le",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:7d22ecdc5faffcf9073c2b08178363820dc74d6fed62d0974bb3df309be573cb_amd64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:fb57f4b7e2df487e6a8d272168c88ccd2f9f9b4d06efe23cf271c900d84d66cc_arm64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-rhel9@sha256:6fb517f7cba99c4db682a9e71e4afce78f0f6b2b6fed6ee83ee39e3883af72d1_arm64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-rhel9@sha256:7c3889900001f080690330f619d8e509e7005363a984eeb47221359b91166674_ppc64le",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-rhel9@sha256:b76bf2f89b41f4f5a3fb696a3942f26eb1ffbdf5a0bc0d9611906dd1de177d16_amd64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-rhel9@sha256:d37ce4423a62897fa3ba2b59fe9bb3a4832088020ea089dd03b920a36179418f_s390x",
"9Base-OADP-1.4:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:37a60c31f57eb012097db76db3682d1c98936c581f64fda05fd705805b34327d_arm64",
"9Base-OADP-1.4:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:8d42dac3bdfb6f30bbbb62f83b9a3847c56ee405474b543e51619735e1b6dea4_ppc64le",
"9Base-OADP-1.4:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:aaf2bfc6b4a84f6b56592cfaa63552bea96ac5c8283f883b0f810a4c00b5f469_amd64",
"9Base-OADP-1.4:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:ebe2f773be55633f5d78274d9b85c253cd97257e227f20a12f20f27722c56885_s390x",
"9Base-OADP-1.4:oadp/oadp-velero-rhel9@sha256:489b4765e3f7f9da000be488e6ee755f9e930ce2e0d688c39677fc964cd1ae3a_ppc64le",
"9Base-OADP-1.4:oadp/oadp-velero-rhel9@sha256:6eb63751e7f228d3b91abd9927ca0fd84d73aa095bc76afd681340f85c36cd92_amd64",
"9Base-OADP-1.4:oadp/oadp-velero-rhel9@sha256:704acaaf95af349cb107ac6df2bfef5da3df3d5fc16f16c631b5e5f97492bcaf_s390x",
"9Base-OADP-1.4:oadp/oadp-velero-rhel9@sha256:8f28683c1b38621778de147f3f2329119f843e017d48a33de14fcadfc9f4384b_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:11396"
},
{
"category": "workaround",
"details": "Red Hat Product Security does not have a recommended mitigation at this time.",
"product_ids": [
"9Base-OADP-1.4:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:2bae3100587b970b7246ae28196982edc6b9dae145f4d8c812fc9d78bff20961_amd64",
"9Base-OADP-1.4:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:475a27e370e023af9fc2698ce9b14a97cd0302d27f2bc52dc680bb63a82eb707_s390x",
"9Base-OADP-1.4:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:e4699d011786df4d3b8481b0b79a41c6cf2450c28a96d983b506393734a24c3a_ppc64le",
"9Base-OADP-1.4:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:f78f207306aebfe90a9126218b77b64a088b68122f8805b5b69e47972e5d298a_arm64",
"9Base-OADP-1.4:oadp/oadp-mustgather-rhel9@sha256:41f32fb3b6f3c1ed7be1f2580dd0fcc861c8240c8470b4e0346e0ba5bbb512b5_s390x",
"9Base-OADP-1.4:oadp/oadp-mustgather-rhel9@sha256:a0dad19da75a825d5756e033590df8cdb5a6af0f55f906b9b1000d4c3adccd5a_amd64",
"9Base-OADP-1.4:oadp/oadp-mustgather-rhel9@sha256:abf07f4cad8f18537ccc2f162b25e11a5cae547c5f0db789f573ebc42a327041_arm64",
"9Base-OADP-1.4:oadp/oadp-mustgather-rhel9@sha256:d9bcac4f030c419292e13e517baf606514dece94182328e9f54058508a5138f1_ppc64le",
"9Base-OADP-1.4:oadp/oadp-operator-bundle@sha256:7317ed83242340597b5cdde8ee314606ddd563d0067ee85c12eb21037e2feb99_amd64",
"9Base-OADP-1.4:oadp/oadp-operator-bundle@sha256:7bbd1cb460a20aa568f543122ead86a7590827ed04166b82902cd68f60c67b4a_arm64",
"9Base-OADP-1.4:oadp/oadp-operator-bundle@sha256:c06a0dc726d75fbed4c5f0ed5beb1abafdc2f85997d9d0b1dab41775b7ffe07d_s390x",
"9Base-OADP-1.4:oadp/oadp-operator-bundle@sha256:f05c810e2b1c445a5d997826f423b6759c11b188dd8781af5908c085d082ceac_ppc64le",
"9Base-OADP-1.4:oadp/oadp-rhel9-operator@sha256:a695cf5140b0b109ede8c718c7b5b720fbe3f92c033f999506d78e2341c01203_ppc64le",
"9Base-OADP-1.4:oadp/oadp-rhel9-operator@sha256:a8b86cbc818be479fd560b85e129e917c2314c82070d39a0c1453d8f11631ec5_s390x",
"9Base-OADP-1.4:oadp/oadp-rhel9-operator@sha256:c64c81ccaa4d3ed1c2b333936b0a9aa111e4dde2de88af5780ebd83f3b29bad6_amd64",
"9Base-OADP-1.4:oadp/oadp-rhel9-operator@sha256:e4a7bd1b9aeae7350256a65fcb094cff2622e569ca8768df63d43682dff364d4_arm64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:2cdd8800ab19ff52a6682d3a6477c745b09224998dd4d7c5882111496ae8ec09_amd64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:36a22693fd6d1d2721f2f6d579bc638d51ae3648766cc57118f6956cd10aba36_arm64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:969922831941453a7d0c16bbe908b3b3596493134e68e771bd49ed9460f38bf1_ppc64le",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:e97dc347f843eab864efb81f939b425554e6db58cde788a942afd7b00ac470df_s390x",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:6ab225df2a249068ce7f22d909916ee94e58abcbae8662d4df3f0e93e4b97eed_arm64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:a654a342057e7f679a96a5f18069bf6568e9a9f59f9f1934bf02f346a73cfe25_ppc64le",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:d70161cdeb833ec007dfad5a7f1b1ff411a10fe054b9ede12f3d7879e201ee17_amd64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:d9cc11a9154a89f84d66874f773225b6ac2b9a3342bd4d15cbb2ee8639c5f05f_s390x",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:121c80f73d2739694de126801e5c9622584ddc61fad9d1953e56fc83439ce074_amd64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:1ead7c1b32cb4ff2ec3002142a2fa25dbde1cc99c9ab07742e06981055963716_ppc64le",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:9f7b3d93c79057eaefd036c8aa06f392487a73c1dde9a5bdecac73610b42461d_arm64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:cc1323f77941a5c0d4202ab96ca1643b6d06df4febf996de2ee82f43010e319c_s390x",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:18bfc85cc1a69536c266b0d168644406ccab9943aeb076a4e1a241655783a199_s390x",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:6c8c1cee0d702a5917c16decf62950adddc5ad4b629492b50a2d3c860dad14c2_ppc64le",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:7d22ecdc5faffcf9073c2b08178363820dc74d6fed62d0974bb3df309be573cb_amd64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:fb57f4b7e2df487e6a8d272168c88ccd2f9f9b4d06efe23cf271c900d84d66cc_arm64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-rhel9@sha256:6fb517f7cba99c4db682a9e71e4afce78f0f6b2b6fed6ee83ee39e3883af72d1_arm64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-rhel9@sha256:7c3889900001f080690330f619d8e509e7005363a984eeb47221359b91166674_ppc64le",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-rhel9@sha256:b76bf2f89b41f4f5a3fb696a3942f26eb1ffbdf5a0bc0d9611906dd1de177d16_amd64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-rhel9@sha256:d37ce4423a62897fa3ba2b59fe9bb3a4832088020ea089dd03b920a36179418f_s390x",
"9Base-OADP-1.4:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:37a60c31f57eb012097db76db3682d1c98936c581f64fda05fd705805b34327d_arm64",
"9Base-OADP-1.4:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:8d42dac3bdfb6f30bbbb62f83b9a3847c56ee405474b543e51619735e1b6dea4_ppc64le",
"9Base-OADP-1.4:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:aaf2bfc6b4a84f6b56592cfaa63552bea96ac5c8283f883b0f810a4c00b5f469_amd64",
"9Base-OADP-1.4:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:ebe2f773be55633f5d78274d9b85c253cd97257e227f20a12f20f27722c56885_s390x",
"9Base-OADP-1.4:oadp/oadp-velero-rhel9@sha256:489b4765e3f7f9da000be488e6ee755f9e930ce2e0d688c39677fc964cd1ae3a_ppc64le",
"9Base-OADP-1.4:oadp/oadp-velero-rhel9@sha256:6eb63751e7f228d3b91abd9927ca0fd84d73aa095bc76afd681340f85c36cd92_amd64",
"9Base-OADP-1.4:oadp/oadp-velero-rhel9@sha256:704acaaf95af349cb107ac6df2bfef5da3df3d5fc16f16c631b5e5f97492bcaf_s390x",
"9Base-OADP-1.4:oadp/oadp-velero-rhel9@sha256:8f28683c1b38621778de147f3f2329119f843e017d48a33de14fcadfc9f4384b_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-OADP-1.4:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:2bae3100587b970b7246ae28196982edc6b9dae145f4d8c812fc9d78bff20961_amd64",
"9Base-OADP-1.4:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:475a27e370e023af9fc2698ce9b14a97cd0302d27f2bc52dc680bb63a82eb707_s390x",
"9Base-OADP-1.4:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:e4699d011786df4d3b8481b0b79a41c6cf2450c28a96d983b506393734a24c3a_ppc64le",
"9Base-OADP-1.4:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:f78f207306aebfe90a9126218b77b64a088b68122f8805b5b69e47972e5d298a_arm64",
"9Base-OADP-1.4:oadp/oadp-mustgather-rhel9@sha256:41f32fb3b6f3c1ed7be1f2580dd0fcc861c8240c8470b4e0346e0ba5bbb512b5_s390x",
"9Base-OADP-1.4:oadp/oadp-mustgather-rhel9@sha256:a0dad19da75a825d5756e033590df8cdb5a6af0f55f906b9b1000d4c3adccd5a_amd64",
"9Base-OADP-1.4:oadp/oadp-mustgather-rhel9@sha256:abf07f4cad8f18537ccc2f162b25e11a5cae547c5f0db789f573ebc42a327041_arm64",
"9Base-OADP-1.4:oadp/oadp-mustgather-rhel9@sha256:d9bcac4f030c419292e13e517baf606514dece94182328e9f54058508a5138f1_ppc64le",
"9Base-OADP-1.4:oadp/oadp-operator-bundle@sha256:7317ed83242340597b5cdde8ee314606ddd563d0067ee85c12eb21037e2feb99_amd64",
"9Base-OADP-1.4:oadp/oadp-operator-bundle@sha256:7bbd1cb460a20aa568f543122ead86a7590827ed04166b82902cd68f60c67b4a_arm64",
"9Base-OADP-1.4:oadp/oadp-operator-bundle@sha256:c06a0dc726d75fbed4c5f0ed5beb1abafdc2f85997d9d0b1dab41775b7ffe07d_s390x",
"9Base-OADP-1.4:oadp/oadp-operator-bundle@sha256:f05c810e2b1c445a5d997826f423b6759c11b188dd8781af5908c085d082ceac_ppc64le",
"9Base-OADP-1.4:oadp/oadp-rhel9-operator@sha256:a695cf5140b0b109ede8c718c7b5b720fbe3f92c033f999506d78e2341c01203_ppc64le",
"9Base-OADP-1.4:oadp/oadp-rhel9-operator@sha256:a8b86cbc818be479fd560b85e129e917c2314c82070d39a0c1453d8f11631ec5_s390x",
"9Base-OADP-1.4:oadp/oadp-rhel9-operator@sha256:c64c81ccaa4d3ed1c2b333936b0a9aa111e4dde2de88af5780ebd83f3b29bad6_amd64",
"9Base-OADP-1.4:oadp/oadp-rhel9-operator@sha256:e4a7bd1b9aeae7350256a65fcb094cff2622e569ca8768df63d43682dff364d4_arm64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:2cdd8800ab19ff52a6682d3a6477c745b09224998dd4d7c5882111496ae8ec09_amd64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:36a22693fd6d1d2721f2f6d579bc638d51ae3648766cc57118f6956cd10aba36_arm64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:969922831941453a7d0c16bbe908b3b3596493134e68e771bd49ed9460f38bf1_ppc64le",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:e97dc347f843eab864efb81f939b425554e6db58cde788a942afd7b00ac470df_s390x",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:6ab225df2a249068ce7f22d909916ee94e58abcbae8662d4df3f0e93e4b97eed_arm64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:a654a342057e7f679a96a5f18069bf6568e9a9f59f9f1934bf02f346a73cfe25_ppc64le",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:d70161cdeb833ec007dfad5a7f1b1ff411a10fe054b9ede12f3d7879e201ee17_amd64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:d9cc11a9154a89f84d66874f773225b6ac2b9a3342bd4d15cbb2ee8639c5f05f_s390x",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:121c80f73d2739694de126801e5c9622584ddc61fad9d1953e56fc83439ce074_amd64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:1ead7c1b32cb4ff2ec3002142a2fa25dbde1cc99c9ab07742e06981055963716_ppc64le",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:9f7b3d93c79057eaefd036c8aa06f392487a73c1dde9a5bdecac73610b42461d_arm64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:cc1323f77941a5c0d4202ab96ca1643b6d06df4febf996de2ee82f43010e319c_s390x",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:18bfc85cc1a69536c266b0d168644406ccab9943aeb076a4e1a241655783a199_s390x",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:6c8c1cee0d702a5917c16decf62950adddc5ad4b629492b50a2d3c860dad14c2_ppc64le",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:7d22ecdc5faffcf9073c2b08178363820dc74d6fed62d0974bb3df309be573cb_amd64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:fb57f4b7e2df487e6a8d272168c88ccd2f9f9b4d06efe23cf271c900d84d66cc_arm64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-rhel9@sha256:6fb517f7cba99c4db682a9e71e4afce78f0f6b2b6fed6ee83ee39e3883af72d1_arm64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-rhel9@sha256:7c3889900001f080690330f619d8e509e7005363a984eeb47221359b91166674_ppc64le",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-rhel9@sha256:b76bf2f89b41f4f5a3fb696a3942f26eb1ffbdf5a0bc0d9611906dd1de177d16_amd64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-rhel9@sha256:d37ce4423a62897fa3ba2b59fe9bb3a4832088020ea089dd03b920a36179418f_s390x",
"9Base-OADP-1.4:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:37a60c31f57eb012097db76db3682d1c98936c581f64fda05fd705805b34327d_arm64",
"9Base-OADP-1.4:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:8d42dac3bdfb6f30bbbb62f83b9a3847c56ee405474b543e51619735e1b6dea4_ppc64le",
"9Base-OADP-1.4:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:aaf2bfc6b4a84f6b56592cfaa63552bea96ac5c8283f883b0f810a4c00b5f469_amd64",
"9Base-OADP-1.4:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:ebe2f773be55633f5d78274d9b85c253cd97257e227f20a12f20f27722c56885_s390x",
"9Base-OADP-1.4:oadp/oadp-velero-rhel9@sha256:489b4765e3f7f9da000be488e6ee755f9e930ce2e0d688c39677fc964cd1ae3a_ppc64le",
"9Base-OADP-1.4:oadp/oadp-velero-rhel9@sha256:6eb63751e7f228d3b91abd9927ca0fd84d73aa095bc76afd681340f85c36cd92_amd64",
"9Base-OADP-1.4:oadp/oadp-velero-rhel9@sha256:704acaaf95af349cb107ac6df2bfef5da3df3d5fc16f16c631b5e5f97492bcaf_s390x",
"9Base-OADP-1.4:oadp/oadp-velero-rhel9@sha256:8f28683c1b38621778de147f3f2329119f843e017d48a33de14fcadfc9f4384b_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang-jwt/jwt: jwt-go allows excessive memory allocation during header parsing"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…