csaf_redhat - rhsa-2025:4667

rhsa-2025:4667

Vulnerability from csaf_redhat

Published

2025-05-07 12:55

Modified

2025-08-14 03:16

Summary

Red Hat Security Advisory: Updated 7.1 container image is now available in the Red Hat Ecosystem Catalog.

Notes

Topic

Updated rhceph-7.1 container image is now available in the Red Hat Ecosystem Catalog.

Details

Red Hat Ceph Storage is a scalable, open, software-defined storage platform that combines the most stable version of the Ceph storage system with a Ceph management platform, deployment utilities, and support services. This new container image is based on Red Hat Ceph Storage 7.1 and Red Hat Enterprise Linux 9.5, 9.4, 8.10. Space precludes documenting all of these changes in this advisory. Users are directed to the Red Hat Ceph Storage Release Notes for information on the most significant of these changes: https://docs.redhat.com/en/documentation/red_hat_ceph_storage/7/html/7.1_release_notes All users of Red Hat Ceph Storage are advised to pull these new images from the Red Hat Ecosystem catalog, which provides numerous enhancements and bug fixes.

This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://access.redhat.com/security/updates/classification/",
      "text": "Moderate"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "Updated rhceph-7.1 container image is now available in the Red Hat Ecosystem Catalog.",
        "title": "Topic"
      },
      {
        "category": "general",
        "text": "Red Hat Ceph Storage is a scalable, open, software-defined storage platform that combines the most stable version of the Ceph storage system with a Ceph management platform, deployment utilities, and support services. \n \nThis new container image is based on Red Hat Ceph Storage 7.1 and Red Hat Enterprise Linux 9.5, 9.4, 8.10. \n \nSpace precludes documenting all of these changes in this advisory. Users are directed to the Red Hat Ceph Storage Release Notes for information on the most significant of these changes:\n\nhttps://docs.redhat.com/en/documentation/red_hat_ceph_storage/7/html/7.1_release_notes\n\nAll users of Red Hat Ceph Storage are advised to pull these new images from the Red Hat Ecosystem catalog, which provides numerous enhancements and bug fixes.",
        "title": "Details"
      },
      {
        "category": "legal_disclaimer",
        "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
        "title": "Terms of Use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://access.redhat.com/security/team/contact/",
      "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
      "name": "Red Hat Product Security",
      "namespace": "https://www.redhat.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "https://access.redhat.com/errata/RHSA-2025:4667",
        "url": "https://access.redhat.com/errata/RHSA-2025:4667"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/updates/classification/#moderate",
        "url": "https://access.redhat.com/security/updates/classification/#moderate"
      },
      {
        "category": "self",
        "summary": "Canonical URL",
        "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_4667.json"
      }
    ],
    "title": "Red Hat Security Advisory: Updated 7.1 container image is now available in the Red Hat Ecosystem Catalog.",
    "tracking": {
      "current_release_date": "2025-08-14T03:16:47+00:00",
      "generator": {
        "date": "2025-08-14T03:16:47+00:00",
        "engine": {
          "name": "Red Hat SDEngine",
          "version": "4.6.6"
        }
      },
      "id": "RHSA-2025:4667",
      "initial_release_date": "2025-05-07T12:55:17+00:00",
      "revision_history": [
        {
          "date": "2025-05-07T12:55:17+00:00",
          "number": "1",
          "summary": "Initial version"
        },
        {
          "date": "2025-05-07T12:55:17+00:00",
          "number": "2",
          "summary": "Last updated version"
        },
        {
          "date": "2025-08-14T03:16:47+00:00",
          "number": "3",
          "summary": "Last generated version"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Red Hat Ceph Storage 7.1 Tools",
                "product": {
                  "name": "Red Hat Ceph Storage 7.1 Tools",
                  "product_id": "9Base-RHCEPH-7.1-Tools",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:ceph_storage:7.1::el9"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "Red Hat Ceph Storage"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "rhceph/grafana-rhel9@sha256:1acdd9584f131b9931ec44b41d2c661b956abfb341560a1e3cd33c6916b282f5_amd64",
                "product": {
                  "name": "rhceph/grafana-rhel9@sha256:1acdd9584f131b9931ec44b41d2c661b956abfb341560a1e3cd33c6916b282f5_amd64",
                  "product_id": "rhceph/grafana-rhel9@sha256:1acdd9584f131b9931ec44b41d2c661b956abfb341560a1e3cd33c6916b282f5_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/grafana-rhel9@sha256:1acdd9584f131b9931ec44b41d2c661b956abfb341560a1e3cd33c6916b282f5?arch=amd64\u0026repository_url=registry.redhat.io/rhceph/grafana-rhel9\u0026tag=latest-1746621761"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "rhceph/keepalived-rhel9@sha256:5fbbb15572fcc21cff00b8d6a4ac6cb119936e8d85eb5dfd9280c7cb270abace_amd64",
                "product": {
                  "name": "rhceph/keepalived-rhel9@sha256:5fbbb15572fcc21cff00b8d6a4ac6cb119936e8d85eb5dfd9280c7cb270abace_amd64",
                  "product_id": "rhceph/keepalived-rhel9@sha256:5fbbb15572fcc21cff00b8d6a4ac6cb119936e8d85eb5dfd9280c7cb270abace_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/keepalived-rhel9@sha256:5fbbb15572fcc21cff00b8d6a4ac6cb119936e8d85eb5dfd9280c7cb270abace?arch=amd64\u0026repository_url=registry.redhat.io/rhceph/keepalived-rhel9\u0026tag=2.2.8-1746621568"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "rhceph/rhceph-promtail-rhel9@sha256:44de5dc49f2580333eeba80002a5333566b2a77eb3390a6074087accff89e775_amd64",
                "product": {
                  "name": "rhceph/rhceph-promtail-rhel9@sha256:44de5dc49f2580333eeba80002a5333566b2a77eb3390a6074087accff89e775_amd64",
                  "product_id": "rhceph/rhceph-promtail-rhel9@sha256:44de5dc49f2580333eeba80002a5333566b2a77eb3390a6074087accff89e775_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/rhceph-promtail-rhel9@sha256:44de5dc49f2580333eeba80002a5333566b2a77eb3390a6074087accff89e775?arch=amd64\u0026repository_url=registry.redhat.io/rhceph/rhceph-promtail-rhel9\u0026tag=v3.0.0-21"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "rhceph/rhceph-7-rhel9@sha256:b64cd611ee6a8ba643f17a4626cb0dbfb7c4e730988ce971218c94546543beb0_amd64",
                "product": {
                  "name": "rhceph/rhceph-7-rhel9@sha256:b64cd611ee6a8ba643f17a4626cb0dbfb7c4e730988ce971218c94546543beb0_amd64",
                  "product_id": "rhceph/rhceph-7-rhel9@sha256:b64cd611ee6a8ba643f17a4626cb0dbfb7c4e730988ce971218c94546543beb0_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/rhceph-7-rhel9@sha256:b64cd611ee6a8ba643f17a4626cb0dbfb7c4e730988ce971218c94546543beb0?arch=amd64\u0026repository_url=registry.redhat.io/rhceph/rhceph-7-rhel9\u0026tag=latest"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "rhceph/rhceph-haproxy-rhel9@sha256:e76f5b7de4ecb81e6ca945076257bbd3734da007723cc787a4ba89de41c4af04_amd64",
                "product": {
                  "name": "rhceph/rhceph-haproxy-rhel9@sha256:e76f5b7de4ecb81e6ca945076257bbd3734da007723cc787a4ba89de41c4af04_amd64",
                  "product_id": "rhceph/rhceph-haproxy-rhel9@sha256:e76f5b7de4ecb81e6ca945076257bbd3734da007723cc787a4ba89de41c4af04_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/rhceph-haproxy-rhel9@sha256:e76f5b7de4ecb81e6ca945076257bbd3734da007723cc787a4ba89de41c4af04?arch=amd64\u0026repository_url=registry.redhat.io/rhceph/rhceph-haproxy-rhel9\u0026tag=2.4.22-1746621558"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "rhceph/snmp-notifier-rhel9@sha256:f841aa3ee738cd4bb9333127b1b374ca817d2fa337ed2ec489ea1c056d20245e_amd64",
                "product": {
                  "name": "rhceph/snmp-notifier-rhel9@sha256:f841aa3ee738cd4bb9333127b1b374ca817d2fa337ed2ec489ea1c056d20245e_amd64",
                  "product_id": "rhceph/snmp-notifier-rhel9@sha256:f841aa3ee738cd4bb9333127b1b374ca817d2fa337ed2ec489ea1c056d20245e_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/snmp-notifier-rhel9@sha256:f841aa3ee738cd4bb9333127b1b374ca817d2fa337ed2ec489ea1c056d20245e?arch=amd64\u0026repository_url=registry.redhat.io/rhceph/snmp-notifier-rhel9\u0026tag=1.2.1-1746621536"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "amd64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "rhceph/grafana-rhel9@sha256:3b5176fc3933d4ac14e77917dcee097a57bc5a44bf87b6c4dd2fcffa40677068_s390x",
                "product": {
                  "name": "rhceph/grafana-rhel9@sha256:3b5176fc3933d4ac14e77917dcee097a57bc5a44bf87b6c4dd2fcffa40677068_s390x",
                  "product_id": "rhceph/grafana-rhel9@sha256:3b5176fc3933d4ac14e77917dcee097a57bc5a44bf87b6c4dd2fcffa40677068_s390x",
                  "product_identification_helper": {
                    "purl": "pkg:oci/grafana-rhel9@sha256:3b5176fc3933d4ac14e77917dcee097a57bc5a44bf87b6c4dd2fcffa40677068?arch=s390x\u0026repository_url=registry.redhat.io/rhceph/grafana-rhel9\u0026tag=latest-1746621761"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "rhceph/keepalived-rhel9@sha256:0838f180ac530462659838844e3fa547e50e82eb2c9a7d7f563fc5bb11ce0cc2_s390x",
                "product": {
                  "name": "rhceph/keepalived-rhel9@sha256:0838f180ac530462659838844e3fa547e50e82eb2c9a7d7f563fc5bb11ce0cc2_s390x",
                  "product_id": "rhceph/keepalived-rhel9@sha256:0838f180ac530462659838844e3fa547e50e82eb2c9a7d7f563fc5bb11ce0cc2_s390x",
                  "product_identification_helper": {
                    "purl": "pkg:oci/keepalived-rhel9@sha256:0838f180ac530462659838844e3fa547e50e82eb2c9a7d7f563fc5bb11ce0cc2?arch=s390x\u0026repository_url=registry.redhat.io/rhceph/keepalived-rhel9\u0026tag=2.2.8-1746621568"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "rhceph/rhceph-promtail-rhel9@sha256:acbaae2df3e06c6f499cb5dfedb44ce3ef113462651a58015d222aecb4b3b892_s390x",
                "product": {
                  "name": "rhceph/rhceph-promtail-rhel9@sha256:acbaae2df3e06c6f499cb5dfedb44ce3ef113462651a58015d222aecb4b3b892_s390x",
                  "product_id": "rhceph/rhceph-promtail-rhel9@sha256:acbaae2df3e06c6f499cb5dfedb44ce3ef113462651a58015d222aecb4b3b892_s390x",
                  "product_identification_helper": {
                    "purl": "pkg:oci/rhceph-promtail-rhel9@sha256:acbaae2df3e06c6f499cb5dfedb44ce3ef113462651a58015d222aecb4b3b892?arch=s390x\u0026repository_url=registry.redhat.io/rhceph/rhceph-promtail-rhel9\u0026tag=v3.0.0-21"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "rhceph/rhceph-7-rhel9@sha256:2b9cc77493ee13fe6de6d5c1f0de0c0341d7ebc7f35431f0a72449a1b8f91593_s390x",
                "product": {
                  "name": "rhceph/rhceph-7-rhel9@sha256:2b9cc77493ee13fe6de6d5c1f0de0c0341d7ebc7f35431f0a72449a1b8f91593_s390x",
                  "product_id": "rhceph/rhceph-7-rhel9@sha256:2b9cc77493ee13fe6de6d5c1f0de0c0341d7ebc7f35431f0a72449a1b8f91593_s390x",
                  "product_identification_helper": {
                    "purl": "pkg:oci/rhceph-7-rhel9@sha256:2b9cc77493ee13fe6de6d5c1f0de0c0341d7ebc7f35431f0a72449a1b8f91593?arch=s390x\u0026repository_url=registry.redhat.io/rhceph/rhceph-7-rhel9\u0026tag=latest"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "rhceph/rhceph-haproxy-rhel9@sha256:f9bbb11f6d30f4a8430617f52f8d9729a2ef039596c03f1a7e674a77932b0bde_s390x",
                "product": {
                  "name": "rhceph/rhceph-haproxy-rhel9@sha256:f9bbb11f6d30f4a8430617f52f8d9729a2ef039596c03f1a7e674a77932b0bde_s390x",
                  "product_id": "rhceph/rhceph-haproxy-rhel9@sha256:f9bbb11f6d30f4a8430617f52f8d9729a2ef039596c03f1a7e674a77932b0bde_s390x",
                  "product_identification_helper": {
                    "purl": "pkg:oci/rhceph-haproxy-rhel9@sha256:f9bbb11f6d30f4a8430617f52f8d9729a2ef039596c03f1a7e674a77932b0bde?arch=s390x\u0026repository_url=registry.redhat.io/rhceph/rhceph-haproxy-rhel9\u0026tag=2.4.22-1746621558"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "rhceph/snmp-notifier-rhel9@sha256:be3e253624563fa2db911309336f7b1524d22c414bb5aee70b545cefa194ec31_s390x",
                "product": {
                  "name": "rhceph/snmp-notifier-rhel9@sha256:be3e253624563fa2db911309336f7b1524d22c414bb5aee70b545cefa194ec31_s390x",
                  "product_id": "rhceph/snmp-notifier-rhel9@sha256:be3e253624563fa2db911309336f7b1524d22c414bb5aee70b545cefa194ec31_s390x",
                  "product_identification_helper": {
                    "purl": "pkg:oci/snmp-notifier-rhel9@sha256:be3e253624563fa2db911309336f7b1524d22c414bb5aee70b545cefa194ec31?arch=s390x\u0026repository_url=registry.redhat.io/rhceph/snmp-notifier-rhel9\u0026tag=1.2.1-1746621536"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "s390x"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "rhceph/grafana-rhel9@sha256:6fbbfa1bc1de9fb6c7810fffdffb5be1da904efe22aa602deb4ad09b6d0c7d3a_ppc64le",
                "product": {
                  "name": "rhceph/grafana-rhel9@sha256:6fbbfa1bc1de9fb6c7810fffdffb5be1da904efe22aa602deb4ad09b6d0c7d3a_ppc64le",
                  "product_id": "rhceph/grafana-rhel9@sha256:6fbbfa1bc1de9fb6c7810fffdffb5be1da904efe22aa602deb4ad09b6d0c7d3a_ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:oci/grafana-rhel9@sha256:6fbbfa1bc1de9fb6c7810fffdffb5be1da904efe22aa602deb4ad09b6d0c7d3a?arch=ppc64le\u0026repository_url=registry.redhat.io/rhceph/grafana-rhel9\u0026tag=latest-1746621761"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "rhceph/keepalived-rhel9@sha256:fe74d4288903e8e1f590c30869d5186a83e9ba62a262a030778ab9bc305fd73a_ppc64le",
                "product": {
                  "name": "rhceph/keepalived-rhel9@sha256:fe74d4288903e8e1f590c30869d5186a83e9ba62a262a030778ab9bc305fd73a_ppc64le",
                  "product_id": "rhceph/keepalived-rhel9@sha256:fe74d4288903e8e1f590c30869d5186a83e9ba62a262a030778ab9bc305fd73a_ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:oci/keepalived-rhel9@sha256:fe74d4288903e8e1f590c30869d5186a83e9ba62a262a030778ab9bc305fd73a?arch=ppc64le\u0026repository_url=registry.redhat.io/rhceph/keepalived-rhel9\u0026tag=2.2.8-1746621568"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "rhceph/rhceph-promtail-rhel9@sha256:600c2838052e0e7e6c798b456cd163745b8a154d5a4570fabc86f90bc8f46f76_ppc64le",
                "product": {
                  "name": "rhceph/rhceph-promtail-rhel9@sha256:600c2838052e0e7e6c798b456cd163745b8a154d5a4570fabc86f90bc8f46f76_ppc64le",
                  "product_id": "rhceph/rhceph-promtail-rhel9@sha256:600c2838052e0e7e6c798b456cd163745b8a154d5a4570fabc86f90bc8f46f76_ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:oci/rhceph-promtail-rhel9@sha256:600c2838052e0e7e6c798b456cd163745b8a154d5a4570fabc86f90bc8f46f76?arch=ppc64le\u0026repository_url=registry.redhat.io/rhceph/rhceph-promtail-rhel9\u0026tag=v3.0.0-21"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "rhceph/rhceph-7-rhel9@sha256:7be06e7059c107a63d7f00f189b673c7793ecc480cfa343925afed7c52656699_ppc64le",
                "product": {
                  "name": "rhceph/rhceph-7-rhel9@sha256:7be06e7059c107a63d7f00f189b673c7793ecc480cfa343925afed7c52656699_ppc64le",
                  "product_id": "rhceph/rhceph-7-rhel9@sha256:7be06e7059c107a63d7f00f189b673c7793ecc480cfa343925afed7c52656699_ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:oci/rhceph-7-rhel9@sha256:7be06e7059c107a63d7f00f189b673c7793ecc480cfa343925afed7c52656699?arch=ppc64le\u0026repository_url=registry.redhat.io/rhceph/rhceph-7-rhel9\u0026tag=latest"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "rhceph/rhceph-haproxy-rhel9@sha256:990cbc4014d5336c9e0d0a2f1d99796215e83eda5ee8c1adb62acd67b6be067b_ppc64le",
                "product": {
                  "name": "rhceph/rhceph-haproxy-rhel9@sha256:990cbc4014d5336c9e0d0a2f1d99796215e83eda5ee8c1adb62acd67b6be067b_ppc64le",
                  "product_id": "rhceph/rhceph-haproxy-rhel9@sha256:990cbc4014d5336c9e0d0a2f1d99796215e83eda5ee8c1adb62acd67b6be067b_ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:oci/rhceph-haproxy-rhel9@sha256:990cbc4014d5336c9e0d0a2f1d99796215e83eda5ee8c1adb62acd67b6be067b?arch=ppc64le\u0026repository_url=registry.redhat.io/rhceph/rhceph-haproxy-rhel9\u0026tag=2.4.22-1746621558"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "rhceph/snmp-notifier-rhel9@sha256:77674d5445337c2ecb958ea79af869dc852ce9bb127673495eae4365ab8ad00d_ppc64le",
                "product": {
                  "name": "rhceph/snmp-notifier-rhel9@sha256:77674d5445337c2ecb958ea79af869dc852ce9bb127673495eae4365ab8ad00d_ppc64le",
                  "product_id": "rhceph/snmp-notifier-rhel9@sha256:77674d5445337c2ecb958ea79af869dc852ce9bb127673495eae4365ab8ad00d_ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:oci/snmp-notifier-rhel9@sha256:77674d5445337c2ecb958ea79af869dc852ce9bb127673495eae4365ab8ad00d?arch=ppc64le\u0026repository_url=registry.redhat.io/rhceph/snmp-notifier-rhel9\u0026tag=1.2.1-1746621536"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "ppc64le"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rhceph/grafana-rhel9@sha256:1acdd9584f131b9931ec44b41d2c661b956abfb341560a1e3cd33c6916b282f5_amd64 as a component of Red Hat Ceph Storage 7.1 Tools",
          "product_id": "9Base-RHCEPH-7.1-Tools:rhceph/grafana-rhel9@sha256:1acdd9584f131b9931ec44b41d2c661b956abfb341560a1e3cd33c6916b282f5_amd64"
        },
        "product_reference": "rhceph/grafana-rhel9@sha256:1acdd9584f131b9931ec44b41d2c661b956abfb341560a1e3cd33c6916b282f5_amd64",
        "relates_to_product_reference": "9Base-RHCEPH-7.1-Tools"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rhceph/grafana-rhel9@sha256:3b5176fc3933d4ac14e77917dcee097a57bc5a44bf87b6c4dd2fcffa40677068_s390x as a component of Red Hat Ceph Storage 7.1 Tools",
          "product_id": "9Base-RHCEPH-7.1-Tools:rhceph/grafana-rhel9@sha256:3b5176fc3933d4ac14e77917dcee097a57bc5a44bf87b6c4dd2fcffa40677068_s390x"
        },
        "product_reference": "rhceph/grafana-rhel9@sha256:3b5176fc3933d4ac14e77917dcee097a57bc5a44bf87b6c4dd2fcffa40677068_s390x",
        "relates_to_product_reference": "9Base-RHCEPH-7.1-Tools"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rhceph/grafana-rhel9@sha256:6fbbfa1bc1de9fb6c7810fffdffb5be1da904efe22aa602deb4ad09b6d0c7d3a_ppc64le as a component of Red Hat Ceph Storage 7.1 Tools",
          "product_id": "9Base-RHCEPH-7.1-Tools:rhceph/grafana-rhel9@sha256:6fbbfa1bc1de9fb6c7810fffdffb5be1da904efe22aa602deb4ad09b6d0c7d3a_ppc64le"
        },
        "product_reference": "rhceph/grafana-rhel9@sha256:6fbbfa1bc1de9fb6c7810fffdffb5be1da904efe22aa602deb4ad09b6d0c7d3a_ppc64le",
        "relates_to_product_reference": "9Base-RHCEPH-7.1-Tools"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rhceph/keepalived-rhel9@sha256:0838f180ac530462659838844e3fa547e50e82eb2c9a7d7f563fc5bb11ce0cc2_s390x as a component of Red Hat Ceph Storage 7.1 Tools",
          "product_id": "9Base-RHCEPH-7.1-Tools:rhceph/keepalived-rhel9@sha256:0838f180ac530462659838844e3fa547e50e82eb2c9a7d7f563fc5bb11ce0cc2_s390x"
        },
        "product_reference": "rhceph/keepalived-rhel9@sha256:0838f180ac530462659838844e3fa547e50e82eb2c9a7d7f563fc5bb11ce0cc2_s390x",
        "relates_to_product_reference": "9Base-RHCEPH-7.1-Tools"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rhceph/keepalived-rhel9@sha256:5fbbb15572fcc21cff00b8d6a4ac6cb119936e8d85eb5dfd9280c7cb270abace_amd64 as a component of Red Hat Ceph Storage 7.1 Tools",
          "product_id": "9Base-RHCEPH-7.1-Tools:rhceph/keepalived-rhel9@sha256:5fbbb15572fcc21cff00b8d6a4ac6cb119936e8d85eb5dfd9280c7cb270abace_amd64"
        },
        "product_reference": "rhceph/keepalived-rhel9@sha256:5fbbb15572fcc21cff00b8d6a4ac6cb119936e8d85eb5dfd9280c7cb270abace_amd64",
        "relates_to_product_reference": "9Base-RHCEPH-7.1-Tools"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rhceph/keepalived-rhel9@sha256:fe74d4288903e8e1f590c30869d5186a83e9ba62a262a030778ab9bc305fd73a_ppc64le as a component of Red Hat Ceph Storage 7.1 Tools",
          "product_id": "9Base-RHCEPH-7.1-Tools:rhceph/keepalived-rhel9@sha256:fe74d4288903e8e1f590c30869d5186a83e9ba62a262a030778ab9bc305fd73a_ppc64le"
        },
        "product_reference": "rhceph/keepalived-rhel9@sha256:fe74d4288903e8e1f590c30869d5186a83e9ba62a262a030778ab9bc305fd73a_ppc64le",
        "relates_to_product_reference": "9Base-RHCEPH-7.1-Tools"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rhceph/rhceph-7-rhel9@sha256:2b9cc77493ee13fe6de6d5c1f0de0c0341d7ebc7f35431f0a72449a1b8f91593_s390x as a component of Red Hat Ceph Storage 7.1 Tools",
          "product_id": "9Base-RHCEPH-7.1-Tools:rhceph/rhceph-7-rhel9@sha256:2b9cc77493ee13fe6de6d5c1f0de0c0341d7ebc7f35431f0a72449a1b8f91593_s390x"
        },
        "product_reference": "rhceph/rhceph-7-rhel9@sha256:2b9cc77493ee13fe6de6d5c1f0de0c0341d7ebc7f35431f0a72449a1b8f91593_s390x",
        "relates_to_product_reference": "9Base-RHCEPH-7.1-Tools"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rhceph/rhceph-7-rhel9@sha256:7be06e7059c107a63d7f00f189b673c7793ecc480cfa343925afed7c52656699_ppc64le as a component of Red Hat Ceph Storage 7.1 Tools",
          "product_id": "9Base-RHCEPH-7.1-Tools:rhceph/rhceph-7-rhel9@sha256:7be06e7059c107a63d7f00f189b673c7793ecc480cfa343925afed7c52656699_ppc64le"
        },
        "product_reference": "rhceph/rhceph-7-rhel9@sha256:7be06e7059c107a63d7f00f189b673c7793ecc480cfa343925afed7c52656699_ppc64le",
        "relates_to_product_reference": "9Base-RHCEPH-7.1-Tools"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rhceph/rhceph-7-rhel9@sha256:b64cd611ee6a8ba643f17a4626cb0dbfb7c4e730988ce971218c94546543beb0_amd64 as a component of Red Hat Ceph Storage 7.1 Tools",
          "product_id": "9Base-RHCEPH-7.1-Tools:rhceph/rhceph-7-rhel9@sha256:b64cd611ee6a8ba643f17a4626cb0dbfb7c4e730988ce971218c94546543beb0_amd64"
        },
        "product_reference": "rhceph/rhceph-7-rhel9@sha256:b64cd611ee6a8ba643f17a4626cb0dbfb7c4e730988ce971218c94546543beb0_amd64",
        "relates_to_product_reference": "9Base-RHCEPH-7.1-Tools"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rhceph/rhceph-haproxy-rhel9@sha256:990cbc4014d5336c9e0d0a2f1d99796215e83eda5ee8c1adb62acd67b6be067b_ppc64le as a component of Red Hat Ceph Storage 7.1 Tools",
          "product_id": "9Base-RHCEPH-7.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:990cbc4014d5336c9e0d0a2f1d99796215e83eda5ee8c1adb62acd67b6be067b_ppc64le"
        },
        "product_reference": "rhceph/rhceph-haproxy-rhel9@sha256:990cbc4014d5336c9e0d0a2f1d99796215e83eda5ee8c1adb62acd67b6be067b_ppc64le",
        "relates_to_product_reference": "9Base-RHCEPH-7.1-Tools"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rhceph/rhceph-haproxy-rhel9@sha256:e76f5b7de4ecb81e6ca945076257bbd3734da007723cc787a4ba89de41c4af04_amd64 as a component of Red Hat Ceph Storage 7.1 Tools",
          "product_id": "9Base-RHCEPH-7.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:e76f5b7de4ecb81e6ca945076257bbd3734da007723cc787a4ba89de41c4af04_amd64"
        },
        "product_reference": "rhceph/rhceph-haproxy-rhel9@sha256:e76f5b7de4ecb81e6ca945076257bbd3734da007723cc787a4ba89de41c4af04_amd64",
        "relates_to_product_reference": "9Base-RHCEPH-7.1-Tools"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rhceph/rhceph-haproxy-rhel9@sha256:f9bbb11f6d30f4a8430617f52f8d9729a2ef039596c03f1a7e674a77932b0bde_s390x as a component of Red Hat Ceph Storage 7.1 Tools",
          "product_id": "9Base-RHCEPH-7.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:f9bbb11f6d30f4a8430617f52f8d9729a2ef039596c03f1a7e674a77932b0bde_s390x"
        },
        "product_reference": "rhceph/rhceph-haproxy-rhel9@sha256:f9bbb11f6d30f4a8430617f52f8d9729a2ef039596c03f1a7e674a77932b0bde_s390x",
        "relates_to_product_reference": "9Base-RHCEPH-7.1-Tools"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rhceph/rhceph-promtail-rhel9@sha256:44de5dc49f2580333eeba80002a5333566b2a77eb3390a6074087accff89e775_amd64 as a component of Red Hat Ceph Storage 7.1 Tools",
          "product_id": "9Base-RHCEPH-7.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:44de5dc49f2580333eeba80002a5333566b2a77eb3390a6074087accff89e775_amd64"
        },
        "product_reference": "rhceph/rhceph-promtail-rhel9@sha256:44de5dc49f2580333eeba80002a5333566b2a77eb3390a6074087accff89e775_amd64",
        "relates_to_product_reference": "9Base-RHCEPH-7.1-Tools"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rhceph/rhceph-promtail-rhel9@sha256:600c2838052e0e7e6c798b456cd163745b8a154d5a4570fabc86f90bc8f46f76_ppc64le as a component of Red Hat Ceph Storage 7.1 Tools",
          "product_id": "9Base-RHCEPH-7.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:600c2838052e0e7e6c798b456cd163745b8a154d5a4570fabc86f90bc8f46f76_ppc64le"
        },
        "product_reference": "rhceph/rhceph-promtail-rhel9@sha256:600c2838052e0e7e6c798b456cd163745b8a154d5a4570fabc86f90bc8f46f76_ppc64le",
        "relates_to_product_reference": "9Base-RHCEPH-7.1-Tools"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rhceph/rhceph-promtail-rhel9@sha256:acbaae2df3e06c6f499cb5dfedb44ce3ef113462651a58015d222aecb4b3b892_s390x as a component of Red Hat Ceph Storage 7.1 Tools",
          "product_id": "9Base-RHCEPH-7.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:acbaae2df3e06c6f499cb5dfedb44ce3ef113462651a58015d222aecb4b3b892_s390x"
        },
        "product_reference": "rhceph/rhceph-promtail-rhel9@sha256:acbaae2df3e06c6f499cb5dfedb44ce3ef113462651a58015d222aecb4b3b892_s390x",
        "relates_to_product_reference": "9Base-RHCEPH-7.1-Tools"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rhceph/snmp-notifier-rhel9@sha256:77674d5445337c2ecb958ea79af869dc852ce9bb127673495eae4365ab8ad00d_ppc64le as a component of Red Hat Ceph Storage 7.1 Tools",
          "product_id": "9Base-RHCEPH-7.1-Tools:rhceph/snmp-notifier-rhel9@sha256:77674d5445337c2ecb958ea79af869dc852ce9bb127673495eae4365ab8ad00d_ppc64le"
        },
        "product_reference": "rhceph/snmp-notifier-rhel9@sha256:77674d5445337c2ecb958ea79af869dc852ce9bb127673495eae4365ab8ad00d_ppc64le",
        "relates_to_product_reference": "9Base-RHCEPH-7.1-Tools"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rhceph/snmp-notifier-rhel9@sha256:be3e253624563fa2db911309336f7b1524d22c414bb5aee70b545cefa194ec31_s390x as a component of Red Hat Ceph Storage 7.1 Tools",
          "product_id": "9Base-RHCEPH-7.1-Tools:rhceph/snmp-notifier-rhel9@sha256:be3e253624563fa2db911309336f7b1524d22c414bb5aee70b545cefa194ec31_s390x"
        },
        "product_reference": "rhceph/snmp-notifier-rhel9@sha256:be3e253624563fa2db911309336f7b1524d22c414bb5aee70b545cefa194ec31_s390x",
        "relates_to_product_reference": "9Base-RHCEPH-7.1-Tools"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rhceph/snmp-notifier-rhel9@sha256:f841aa3ee738cd4bb9333127b1b374ca817d2fa337ed2ec489ea1c056d20245e_amd64 as a component of Red Hat Ceph Storage 7.1 Tools",
          "product_id": "9Base-RHCEPH-7.1-Tools:rhceph/snmp-notifier-rhel9@sha256:f841aa3ee738cd4bb9333127b1b374ca817d2fa337ed2ec489ea1c056d20245e_amd64"
        },
        "product_reference": "rhceph/snmp-notifier-rhel9@sha256:f841aa3ee738cd4bb9333127b1b374ca817d2fa337ed2ec489ea1c056d20245e_amd64",
        "relates_to_product_reference": "9Base-RHCEPH-7.1-Tools"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2024-24790",
      "cwe": {
        "id": "CWE-115",
        "name": "Misinterpretation of Input"
      },
      "discovery_date": "2024-06-17T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2292787"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in the Go language standard library net/netip. The method Is*() (IsPrivate(), IsPublic(), etc) doesn\u0027t behave properly when working with IPv6 mapped to IPv4 addresses. The unexpected behavior can lead to integrity and confidentiality issues, specifically when these methods are used to control access to resources or data.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "golang: net/netip: Unexpected behavior from Is methods for IPv4-mapped IPv6 addresses",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This CVE has been marked as moderate as for our products a network-based attack vector is simply impossible when it comes to golang code,apart from that as per CVE flaw analysis reported by golang, this only affects integrity and confidentiality and has no effect on availability, hence CVSS has been marked as such.\n\nWithin regulated environments, a combination of the following controls acts as a significant barrier to successfully exploiting a CWE-115: Misinterpretation of Input vulnerability and therefore downgrades the severity of this particular CVE from Moderate to Low.\n\nControls such as input validation and error handling mitigate input misinterpretation risks by enforcing strict validation rules and secure error management. Error handling ensures inputs are validated against predefined formats, preventing malformed data from being misinterpreted. Techniques like strong typing, allow listing, and proper encoding reduce the likelihood of injection attacks and unintended code execution. Input validation also ensures that errors do not expose sensitive system details or cause unpredictable behavior. Secure error handling prevents information leakage through detailed error messages while preserving system stability under malformed input conditions. Together, these controls reduce the attack surface by maintaining consistent input processing and preventing exploitable system states, strengthening the overall security posture.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "9Base-RHCEPH-7.1-Tools:rhceph/grafana-rhel9@sha256:1acdd9584f131b9931ec44b41d2c661b956abfb341560a1e3cd33c6916b282f5_amd64",
          "9Base-RHCEPH-7.1-Tools:rhceph/grafana-rhel9@sha256:3b5176fc3933d4ac14e77917dcee097a57bc5a44bf87b6c4dd2fcffa40677068_s390x",
          "9Base-RHCEPH-7.1-Tools:rhceph/grafana-rhel9@sha256:6fbbfa1bc1de9fb6c7810fffdffb5be1da904efe22aa602deb4ad09b6d0c7d3a_ppc64le",
          "9Base-RHCEPH-7.1-Tools:rhceph/keepalived-rhel9@sha256:0838f180ac530462659838844e3fa547e50e82eb2c9a7d7f563fc5bb11ce0cc2_s390x",
          "9Base-RHCEPH-7.1-Tools:rhceph/keepalived-rhel9@sha256:5fbbb15572fcc21cff00b8d6a4ac6cb119936e8d85eb5dfd9280c7cb270abace_amd64",
          "9Base-RHCEPH-7.1-Tools:rhceph/keepalived-rhel9@sha256:fe74d4288903e8e1f590c30869d5186a83e9ba62a262a030778ab9bc305fd73a_ppc64le",
          "9Base-RHCEPH-7.1-Tools:rhceph/rhceph-7-rhel9@sha256:2b9cc77493ee13fe6de6d5c1f0de0c0341d7ebc7f35431f0a72449a1b8f91593_s390x",
          "9Base-RHCEPH-7.1-Tools:rhceph/rhceph-7-rhel9@sha256:7be06e7059c107a63d7f00f189b673c7793ecc480cfa343925afed7c52656699_ppc64le",
          "9Base-RHCEPH-7.1-Tools:rhceph/rhceph-7-rhel9@sha256:b64cd611ee6a8ba643f17a4626cb0dbfb7c4e730988ce971218c94546543beb0_amd64",
          "9Base-RHCEPH-7.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:990cbc4014d5336c9e0d0a2f1d99796215e83eda5ee8c1adb62acd67b6be067b_ppc64le",
          "9Base-RHCEPH-7.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:e76f5b7de4ecb81e6ca945076257bbd3734da007723cc787a4ba89de41c4af04_amd64",
          "9Base-RHCEPH-7.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:f9bbb11f6d30f4a8430617f52f8d9729a2ef039596c03f1a7e674a77932b0bde_s390x",
          "9Base-RHCEPH-7.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:44de5dc49f2580333eeba80002a5333566b2a77eb3390a6074087accff89e775_amd64",
          "9Base-RHCEPH-7.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:600c2838052e0e7e6c798b456cd163745b8a154d5a4570fabc86f90bc8f46f76_ppc64le",
          "9Base-RHCEPH-7.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:acbaae2df3e06c6f499cb5dfedb44ce3ef113462651a58015d222aecb4b3b892_s390x",
          "9Base-RHCEPH-7.1-Tools:rhceph/snmp-notifier-rhel9@sha256:77674d5445337c2ecb958ea79af869dc852ce9bb127673495eae4365ab8ad00d_ppc64le",
          "9Base-RHCEPH-7.1-Tools:rhceph/snmp-notifier-rhel9@sha256:be3e253624563fa2db911309336f7b1524d22c414bb5aee70b545cefa194ec31_s390x",
          "9Base-RHCEPH-7.1-Tools:rhceph/snmp-notifier-rhel9@sha256:f841aa3ee738cd4bb9333127b1b374ca817d2fa337ed2ec489ea1c056d20245e_amd64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2024-24790"
        },
        {
          "category": "external",
          "summary": "RHBZ#2292787",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2292787"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2024-24790",
          "url": "https://www.cve.org/CVERecord?id=CVE-2024-24790"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-24790",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-24790"
        }
      ],
      "release_date": "2024-06-04T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2025-05-07T12:55:17+00:00",
          "details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/2789521\n\nFor supported configurations, refer to:\n\nhttps://access.redhat.com/articles/1548993",
          "product_ids": [
            "9Base-RHCEPH-7.1-Tools:rhceph/grafana-rhel9@sha256:1acdd9584f131b9931ec44b41d2c661b956abfb341560a1e3cd33c6916b282f5_amd64",
            "9Base-RHCEPH-7.1-Tools:rhceph/grafana-rhel9@sha256:3b5176fc3933d4ac14e77917dcee097a57bc5a44bf87b6c4dd2fcffa40677068_s390x",
            "9Base-RHCEPH-7.1-Tools:rhceph/grafana-rhel9@sha256:6fbbfa1bc1de9fb6c7810fffdffb5be1da904efe22aa602deb4ad09b6d0c7d3a_ppc64le",
            "9Base-RHCEPH-7.1-Tools:rhceph/keepalived-rhel9@sha256:0838f180ac530462659838844e3fa547e50e82eb2c9a7d7f563fc5bb11ce0cc2_s390x",
            "9Base-RHCEPH-7.1-Tools:rhceph/keepalived-rhel9@sha256:5fbbb15572fcc21cff00b8d6a4ac6cb119936e8d85eb5dfd9280c7cb270abace_amd64",
            "9Base-RHCEPH-7.1-Tools:rhceph/keepalived-rhel9@sha256:fe74d4288903e8e1f590c30869d5186a83e9ba62a262a030778ab9bc305fd73a_ppc64le",
            "9Base-RHCEPH-7.1-Tools:rhceph/rhceph-7-rhel9@sha256:2b9cc77493ee13fe6de6d5c1f0de0c0341d7ebc7f35431f0a72449a1b8f91593_s390x",
            "9Base-RHCEPH-7.1-Tools:rhceph/rhceph-7-rhel9@sha256:7be06e7059c107a63d7f00f189b673c7793ecc480cfa343925afed7c52656699_ppc64le",
            "9Base-RHCEPH-7.1-Tools:rhceph/rhceph-7-rhel9@sha256:b64cd611ee6a8ba643f17a4626cb0dbfb7c4e730988ce971218c94546543beb0_amd64",
            "9Base-RHCEPH-7.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:990cbc4014d5336c9e0d0a2f1d99796215e83eda5ee8c1adb62acd67b6be067b_ppc64le",
            "9Base-RHCEPH-7.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:e76f5b7de4ecb81e6ca945076257bbd3734da007723cc787a4ba89de41c4af04_amd64",
            "9Base-RHCEPH-7.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:f9bbb11f6d30f4a8430617f52f8d9729a2ef039596c03f1a7e674a77932b0bde_s390x",
            "9Base-RHCEPH-7.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:44de5dc49f2580333eeba80002a5333566b2a77eb3390a6074087accff89e775_amd64",
            "9Base-RHCEPH-7.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:600c2838052e0e7e6c798b456cd163745b8a154d5a4570fabc86f90bc8f46f76_ppc64le",
            "9Base-RHCEPH-7.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:acbaae2df3e06c6f499cb5dfedb44ce3ef113462651a58015d222aecb4b3b892_s390x",
            "9Base-RHCEPH-7.1-Tools:rhceph/snmp-notifier-rhel9@sha256:77674d5445337c2ecb958ea79af869dc852ce9bb127673495eae4365ab8ad00d_ppc64le",
            "9Base-RHCEPH-7.1-Tools:rhceph/snmp-notifier-rhel9@sha256:be3e253624563fa2db911309336f7b1524d22c414bb5aee70b545cefa194ec31_s390x",
            "9Base-RHCEPH-7.1-Tools:rhceph/snmp-notifier-rhel9@sha256:f841aa3ee738cd4bb9333127b1b374ca817d2fa337ed2ec489ea1c056d20245e_amd64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2025:4667"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
          "product_ids": [
            "9Base-RHCEPH-7.1-Tools:rhceph/grafana-rhel9@sha256:1acdd9584f131b9931ec44b41d2c661b956abfb341560a1e3cd33c6916b282f5_amd64",
            "9Base-RHCEPH-7.1-Tools:rhceph/grafana-rhel9@sha256:3b5176fc3933d4ac14e77917dcee097a57bc5a44bf87b6c4dd2fcffa40677068_s390x",
            "9Base-RHCEPH-7.1-Tools:rhceph/grafana-rhel9@sha256:6fbbfa1bc1de9fb6c7810fffdffb5be1da904efe22aa602deb4ad09b6d0c7d3a_ppc64le",
            "9Base-RHCEPH-7.1-Tools:rhceph/keepalived-rhel9@sha256:0838f180ac530462659838844e3fa547e50e82eb2c9a7d7f563fc5bb11ce0cc2_s390x",
            "9Base-RHCEPH-7.1-Tools:rhceph/keepalived-rhel9@sha256:5fbbb15572fcc21cff00b8d6a4ac6cb119936e8d85eb5dfd9280c7cb270abace_amd64",
            "9Base-RHCEPH-7.1-Tools:rhceph/keepalived-rhel9@sha256:fe74d4288903e8e1f590c30869d5186a83e9ba62a262a030778ab9bc305fd73a_ppc64le",
            "9Base-RHCEPH-7.1-Tools:rhceph/rhceph-7-rhel9@sha256:2b9cc77493ee13fe6de6d5c1f0de0c0341d7ebc7f35431f0a72449a1b8f91593_s390x",
            "9Base-RHCEPH-7.1-Tools:rhceph/rhceph-7-rhel9@sha256:7be06e7059c107a63d7f00f189b673c7793ecc480cfa343925afed7c52656699_ppc64le",
            "9Base-RHCEPH-7.1-Tools:rhceph/rhceph-7-rhel9@sha256:b64cd611ee6a8ba643f17a4626cb0dbfb7c4e730988ce971218c94546543beb0_amd64",
            "9Base-RHCEPH-7.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:990cbc4014d5336c9e0d0a2f1d99796215e83eda5ee8c1adb62acd67b6be067b_ppc64le",
            "9Base-RHCEPH-7.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:e76f5b7de4ecb81e6ca945076257bbd3734da007723cc787a4ba89de41c4af04_amd64",
            "9Base-RHCEPH-7.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:f9bbb11f6d30f4a8430617f52f8d9729a2ef039596c03f1a7e674a77932b0bde_s390x",
            "9Base-RHCEPH-7.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:44de5dc49f2580333eeba80002a5333566b2a77eb3390a6074087accff89e775_amd64",
            "9Base-RHCEPH-7.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:600c2838052e0e7e6c798b456cd163745b8a154d5a4570fabc86f90bc8f46f76_ppc64le",
            "9Base-RHCEPH-7.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:acbaae2df3e06c6f499cb5dfedb44ce3ef113462651a58015d222aecb4b3b892_s390x",
            "9Base-RHCEPH-7.1-Tools:rhceph/snmp-notifier-rhel9@sha256:77674d5445337c2ecb958ea79af869dc852ce9bb127673495eae4365ab8ad00d_ppc64le",
            "9Base-RHCEPH-7.1-Tools:rhceph/snmp-notifier-rhel9@sha256:be3e253624563fa2db911309336f7b1524d22c414bb5aee70b545cefa194ec31_s390x",
            "9Base-RHCEPH-7.1-Tools:rhceph/snmp-notifier-rhel9@sha256:f841aa3ee738cd4bb9333127b1b374ca817d2fa337ed2ec489ea1c056d20245e_amd64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "LOCAL",
            "availabilityImpact": "NONE",
            "baseScore": 6.7,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "9Base-RHCEPH-7.1-Tools:rhceph/grafana-rhel9@sha256:1acdd9584f131b9931ec44b41d2c661b956abfb341560a1e3cd33c6916b282f5_amd64",
            "9Base-RHCEPH-7.1-Tools:rhceph/grafana-rhel9@sha256:3b5176fc3933d4ac14e77917dcee097a57bc5a44bf87b6c4dd2fcffa40677068_s390x",
            "9Base-RHCEPH-7.1-Tools:rhceph/grafana-rhel9@sha256:6fbbfa1bc1de9fb6c7810fffdffb5be1da904efe22aa602deb4ad09b6d0c7d3a_ppc64le",
            "9Base-RHCEPH-7.1-Tools:rhceph/keepalived-rhel9@sha256:0838f180ac530462659838844e3fa547e50e82eb2c9a7d7f563fc5bb11ce0cc2_s390x",
            "9Base-RHCEPH-7.1-Tools:rhceph/keepalived-rhel9@sha256:5fbbb15572fcc21cff00b8d6a4ac6cb119936e8d85eb5dfd9280c7cb270abace_amd64",
            "9Base-RHCEPH-7.1-Tools:rhceph/keepalived-rhel9@sha256:fe74d4288903e8e1f590c30869d5186a83e9ba62a262a030778ab9bc305fd73a_ppc64le",
            "9Base-RHCEPH-7.1-Tools:rhceph/rhceph-7-rhel9@sha256:2b9cc77493ee13fe6de6d5c1f0de0c0341d7ebc7f35431f0a72449a1b8f91593_s390x",
            "9Base-RHCEPH-7.1-Tools:rhceph/rhceph-7-rhel9@sha256:7be06e7059c107a63d7f00f189b673c7793ecc480cfa343925afed7c52656699_ppc64le",
            "9Base-RHCEPH-7.1-Tools:rhceph/rhceph-7-rhel9@sha256:b64cd611ee6a8ba643f17a4626cb0dbfb7c4e730988ce971218c94546543beb0_amd64",
            "9Base-RHCEPH-7.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:990cbc4014d5336c9e0d0a2f1d99796215e83eda5ee8c1adb62acd67b6be067b_ppc64le",
            "9Base-RHCEPH-7.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:e76f5b7de4ecb81e6ca945076257bbd3734da007723cc787a4ba89de41c4af04_amd64",
            "9Base-RHCEPH-7.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:f9bbb11f6d30f4a8430617f52f8d9729a2ef039596c03f1a7e674a77932b0bde_s390x",
            "9Base-RHCEPH-7.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:44de5dc49f2580333eeba80002a5333566b2a77eb3390a6074087accff89e775_amd64",
            "9Base-RHCEPH-7.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:600c2838052e0e7e6c798b456cd163745b8a154d5a4570fabc86f90bc8f46f76_ppc64le",
            "9Base-RHCEPH-7.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:acbaae2df3e06c6f499cb5dfedb44ce3ef113462651a58015d222aecb4b3b892_s390x",
            "9Base-RHCEPH-7.1-Tools:rhceph/snmp-notifier-rhel9@sha256:77674d5445337c2ecb958ea79af869dc852ce9bb127673495eae4365ab8ad00d_ppc64le",
            "9Base-RHCEPH-7.1-Tools:rhceph/snmp-notifier-rhel9@sha256:be3e253624563fa2db911309336f7b1524d22c414bb5aee70b545cefa194ec31_s390x",
            "9Base-RHCEPH-7.1-Tools:rhceph/snmp-notifier-rhel9@sha256:f841aa3ee738cd4bb9333127b1b374ca817d2fa337ed2ec489ea1c056d20245e_amd64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "golang: net/netip: Unexpected behavior from Is methods for IPv4-mapped IPv6 addresses"
    },
    {
      "cve": "CVE-2024-45336",
      "cwe": {
        "id": "CWE-200",
        "name": "Exposure of Sensitive Information to an Unauthorized Actor"
      },
      "discovery_date": "2025-01-23T12:57:38.123000+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2341751"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in the net/http package of the Golang standard library. The HTTP client drops sensitive headers after following a cross-domain redirect. For example, a request to `a.com/` containing an Authorization header redirected to `b.com/` will not send that header to `b.com`. However, the sensitive headers would be restored if the client received a subsequent same-domain redirect. For example, a chain of redirects from `a.com/`, to `b.com/1`, and finally to `b.com/2` would incorrectly send the Authorization header to `b.com/2`.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "golang: net/http: net/http: sensitive headers incorrectly sent after cross-domain redirect",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "Within regulated environments, a combination of the following controls acts as a significant barrier to successfully exploiting a CWE-200: Exposure of Sensitive Information to an Unauthorized Actor vulnerability and therefore downgrades the severity of this particular CVE from Moderate to Low.\n\nAccess to the platform is granted only after successful hard token, multi-factor authentication (MFA), which is coupled with account management controls, including integration with single sign-on (SSO), to ensure that user permissions are restricted to only the functions necessary for their roles. Access to sensitive information is explicitly authorized and enforced based on predefined access policies. Event logs are collected and processed for centralization, correlation, analysis, monitoring, reporting, alerting, and retention. This process ensures that audit logs are generated for specific events involving sensitive information, which helps identify patterns of unauthorized access or data exposure. The platform enforces the use of validated cryptographic modules across compute resources to protect the confidentiality of information, even in the event of interception.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "9Base-RHCEPH-7.1-Tools:rhceph/grafana-rhel9@sha256:1acdd9584f131b9931ec44b41d2c661b956abfb341560a1e3cd33c6916b282f5_amd64",
          "9Base-RHCEPH-7.1-Tools:rhceph/grafana-rhel9@sha256:3b5176fc3933d4ac14e77917dcee097a57bc5a44bf87b6c4dd2fcffa40677068_s390x",
          "9Base-RHCEPH-7.1-Tools:rhceph/grafana-rhel9@sha256:6fbbfa1bc1de9fb6c7810fffdffb5be1da904efe22aa602deb4ad09b6d0c7d3a_ppc64le",
          "9Base-RHCEPH-7.1-Tools:rhceph/keepalived-rhel9@sha256:0838f180ac530462659838844e3fa547e50e82eb2c9a7d7f563fc5bb11ce0cc2_s390x",
          "9Base-RHCEPH-7.1-Tools:rhceph/keepalived-rhel9@sha256:5fbbb15572fcc21cff00b8d6a4ac6cb119936e8d85eb5dfd9280c7cb270abace_amd64",
          "9Base-RHCEPH-7.1-Tools:rhceph/keepalived-rhel9@sha256:fe74d4288903e8e1f590c30869d5186a83e9ba62a262a030778ab9bc305fd73a_ppc64le",
          "9Base-RHCEPH-7.1-Tools:rhceph/rhceph-7-rhel9@sha256:2b9cc77493ee13fe6de6d5c1f0de0c0341d7ebc7f35431f0a72449a1b8f91593_s390x",
          "9Base-RHCEPH-7.1-Tools:rhceph/rhceph-7-rhel9@sha256:7be06e7059c107a63d7f00f189b673c7793ecc480cfa343925afed7c52656699_ppc64le",
          "9Base-RHCEPH-7.1-Tools:rhceph/rhceph-7-rhel9@sha256:b64cd611ee6a8ba643f17a4626cb0dbfb7c4e730988ce971218c94546543beb0_amd64",
          "9Base-RHCEPH-7.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:990cbc4014d5336c9e0d0a2f1d99796215e83eda5ee8c1adb62acd67b6be067b_ppc64le",
          "9Base-RHCEPH-7.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:e76f5b7de4ecb81e6ca945076257bbd3734da007723cc787a4ba89de41c4af04_amd64",
          "9Base-RHCEPH-7.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:f9bbb11f6d30f4a8430617f52f8d9729a2ef039596c03f1a7e674a77932b0bde_s390x",
          "9Base-RHCEPH-7.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:44de5dc49f2580333eeba80002a5333566b2a77eb3390a6074087accff89e775_amd64",
          "9Base-RHCEPH-7.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:600c2838052e0e7e6c798b456cd163745b8a154d5a4570fabc86f90bc8f46f76_ppc64le",
          "9Base-RHCEPH-7.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:acbaae2df3e06c6f499cb5dfedb44ce3ef113462651a58015d222aecb4b3b892_s390x",
          "9Base-RHCEPH-7.1-Tools:rhceph/snmp-notifier-rhel9@sha256:77674d5445337c2ecb958ea79af869dc852ce9bb127673495eae4365ab8ad00d_ppc64le",
          "9Base-RHCEPH-7.1-Tools:rhceph/snmp-notifier-rhel9@sha256:be3e253624563fa2db911309336f7b1524d22c414bb5aee70b545cefa194ec31_s390x",
          "9Base-RHCEPH-7.1-Tools:rhceph/snmp-notifier-rhel9@sha256:f841aa3ee738cd4bb9333127b1b374ca817d2fa337ed2ec489ea1c056d20245e_amd64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2024-45336"
        },
        {
          "category": "external",
          "summary": "RHBZ#2341751",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2341751"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2024-45336",
          "url": "https://www.cve.org/CVERecord?id=CVE-2024-45336"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-45336",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-45336"
        }
      ],
      "release_date": "2025-01-17T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2025-05-07T12:55:17+00:00",
          "details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/2789521\n\nFor supported configurations, refer to:\n\nhttps://access.redhat.com/articles/1548993",
          "product_ids": [
            "9Base-RHCEPH-7.1-Tools:rhceph/grafana-rhel9@sha256:1acdd9584f131b9931ec44b41d2c661b956abfb341560a1e3cd33c6916b282f5_amd64",
            "9Base-RHCEPH-7.1-Tools:rhceph/grafana-rhel9@sha256:3b5176fc3933d4ac14e77917dcee097a57bc5a44bf87b6c4dd2fcffa40677068_s390x",
            "9Base-RHCEPH-7.1-Tools:rhceph/grafana-rhel9@sha256:6fbbfa1bc1de9fb6c7810fffdffb5be1da904efe22aa602deb4ad09b6d0c7d3a_ppc64le",
            "9Base-RHCEPH-7.1-Tools:rhceph/keepalived-rhel9@sha256:0838f180ac530462659838844e3fa547e50e82eb2c9a7d7f563fc5bb11ce0cc2_s390x",
            "9Base-RHCEPH-7.1-Tools:rhceph/keepalived-rhel9@sha256:5fbbb15572fcc21cff00b8d6a4ac6cb119936e8d85eb5dfd9280c7cb270abace_amd64",
            "9Base-RHCEPH-7.1-Tools:rhceph/keepalived-rhel9@sha256:fe74d4288903e8e1f590c30869d5186a83e9ba62a262a030778ab9bc305fd73a_ppc64le",
            "9Base-RHCEPH-7.1-Tools:rhceph/rhceph-7-rhel9@sha256:2b9cc77493ee13fe6de6d5c1f0de0c0341d7ebc7f35431f0a72449a1b8f91593_s390x",
            "9Base-RHCEPH-7.1-Tools:rhceph/rhceph-7-rhel9@sha256:7be06e7059c107a63d7f00f189b673c7793ecc480cfa343925afed7c52656699_ppc64le",
            "9Base-RHCEPH-7.1-Tools:rhceph/rhceph-7-rhel9@sha256:b64cd611ee6a8ba643f17a4626cb0dbfb7c4e730988ce971218c94546543beb0_amd64",
            "9Base-RHCEPH-7.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:990cbc4014d5336c9e0d0a2f1d99796215e83eda5ee8c1adb62acd67b6be067b_ppc64le",
            "9Base-RHCEPH-7.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:e76f5b7de4ecb81e6ca945076257bbd3734da007723cc787a4ba89de41c4af04_amd64",
            "9Base-RHCEPH-7.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:f9bbb11f6d30f4a8430617f52f8d9729a2ef039596c03f1a7e674a77932b0bde_s390x",
            "9Base-RHCEPH-7.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:44de5dc49f2580333eeba80002a5333566b2a77eb3390a6074087accff89e775_amd64",
            "9Base-RHCEPH-7.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:600c2838052e0e7e6c798b456cd163745b8a154d5a4570fabc86f90bc8f46f76_ppc64le",
            "9Base-RHCEPH-7.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:acbaae2df3e06c6f499cb5dfedb44ce3ef113462651a58015d222aecb4b3b892_s390x",
            "9Base-RHCEPH-7.1-Tools:rhceph/snmp-notifier-rhel9@sha256:77674d5445337c2ecb958ea79af869dc852ce9bb127673495eae4365ab8ad00d_ppc64le",
            "9Base-RHCEPH-7.1-Tools:rhceph/snmp-notifier-rhel9@sha256:be3e253624563fa2db911309336f7b1524d22c414bb5aee70b545cefa194ec31_s390x",
            "9Base-RHCEPH-7.1-Tools:rhceph/snmp-notifier-rhel9@sha256:f841aa3ee738cd4bb9333127b1b374ca817d2fa337ed2ec489ea1c056d20245e_amd64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2025:4667"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "9Base-RHCEPH-7.1-Tools:rhceph/grafana-rhel9@sha256:1acdd9584f131b9931ec44b41d2c661b956abfb341560a1e3cd33c6916b282f5_amd64",
            "9Base-RHCEPH-7.1-Tools:rhceph/grafana-rhel9@sha256:3b5176fc3933d4ac14e77917dcee097a57bc5a44bf87b6c4dd2fcffa40677068_s390x",
            "9Base-RHCEPH-7.1-Tools:rhceph/grafana-rhel9@sha256:6fbbfa1bc1de9fb6c7810fffdffb5be1da904efe22aa602deb4ad09b6d0c7d3a_ppc64le",
            "9Base-RHCEPH-7.1-Tools:rhceph/keepalived-rhel9@sha256:0838f180ac530462659838844e3fa547e50e82eb2c9a7d7f563fc5bb11ce0cc2_s390x",
            "9Base-RHCEPH-7.1-Tools:rhceph/keepalived-rhel9@sha256:5fbbb15572fcc21cff00b8d6a4ac6cb119936e8d85eb5dfd9280c7cb270abace_amd64",
            "9Base-RHCEPH-7.1-Tools:rhceph/keepalived-rhel9@sha256:fe74d4288903e8e1f590c30869d5186a83e9ba62a262a030778ab9bc305fd73a_ppc64le",
            "9Base-RHCEPH-7.1-Tools:rhceph/rhceph-7-rhel9@sha256:2b9cc77493ee13fe6de6d5c1f0de0c0341d7ebc7f35431f0a72449a1b8f91593_s390x",
            "9Base-RHCEPH-7.1-Tools:rhceph/rhceph-7-rhel9@sha256:7be06e7059c107a63d7f00f189b673c7793ecc480cfa343925afed7c52656699_ppc64le",
            "9Base-RHCEPH-7.1-Tools:rhceph/rhceph-7-rhel9@sha256:b64cd611ee6a8ba643f17a4626cb0dbfb7c4e730988ce971218c94546543beb0_amd64",
            "9Base-RHCEPH-7.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:990cbc4014d5336c9e0d0a2f1d99796215e83eda5ee8c1adb62acd67b6be067b_ppc64le",
            "9Base-RHCEPH-7.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:e76f5b7de4ecb81e6ca945076257bbd3734da007723cc787a4ba89de41c4af04_amd64",
            "9Base-RHCEPH-7.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:f9bbb11f6d30f4a8430617f52f8d9729a2ef039596c03f1a7e674a77932b0bde_s390x",
            "9Base-RHCEPH-7.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:44de5dc49f2580333eeba80002a5333566b2a77eb3390a6074087accff89e775_amd64",
            "9Base-RHCEPH-7.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:600c2838052e0e7e6c798b456cd163745b8a154d5a4570fabc86f90bc8f46f76_ppc64le",
            "9Base-RHCEPH-7.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:acbaae2df3e06c6f499cb5dfedb44ce3ef113462651a58015d222aecb4b3b892_s390x",
            "9Base-RHCEPH-7.1-Tools:rhceph/snmp-notifier-rhel9@sha256:77674d5445337c2ecb958ea79af869dc852ce9bb127673495eae4365ab8ad00d_ppc64le",
            "9Base-RHCEPH-7.1-Tools:rhceph/snmp-notifier-rhel9@sha256:be3e253624563fa2db911309336f7b1524d22c414bb5aee70b545cefa194ec31_s390x",
            "9Base-RHCEPH-7.1-Tools:rhceph/snmp-notifier-rhel9@sha256:f841aa3ee738cd4bb9333127b1b374ca817d2fa337ed2ec489ea1c056d20245e_amd64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "golang: net/http: net/http: sensitive headers incorrectly sent after cross-domain redirect"
    },
    {
      "cve": "CVE-2025-22866",
      "cwe": {
        "id": "CWE-200",
        "name": "Exposure of Sensitive Information to an Unauthorized Actor"
      },
      "discovery_date": "2025-02-06T17:00:56.155646+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2344219"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in the Golang crypto/internal/nistec package. Due to the usage of a variable time instruction in the assembly implementation of an internal function, a small number of bits of secret scalars are leaked on the ppc64le architecture. Considering how this function is used, this leakage is likely insufficient to recover the private key when P-256 is used in any well-known protocols.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "crypto/internal/nistec: golang: Timing sidechannel for P-256 on ppc64le in crypto/internal/nistec",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "Within regulated environments, a combination of the following controls acts as a significant barrier to successfully exploiting a CWE-200: Exposure of Sensitive Information to an Unauthorized Actor vulnerability and therefore downgrades the severity of this particular CVE from Moderate to Low.\n\nAccess to the platform is granted only after successful hard token, multi-factor authentication (MFA), which is coupled with account management controls, including integration with single sign-on (SSO), to ensure that user permissions are restricted to only the functions necessary for their roles. Access to sensitive information is explicitly authorized and enforced based on predefined access policies. Event logs are collected and processed for centralization, correlation, analysis, monitoring, reporting, alerting, and retention. This process ensures that audit logs are generated for specific events involving sensitive information, which helps identify patterns of unauthorized access or data exposure. The platform enforces the use of validated cryptographic modules across compute resources to protect the confidentiality of information, even in the event of interception.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "9Base-RHCEPH-7.1-Tools:rhceph/grafana-rhel9@sha256:1acdd9584f131b9931ec44b41d2c661b956abfb341560a1e3cd33c6916b282f5_amd64",
          "9Base-RHCEPH-7.1-Tools:rhceph/grafana-rhel9@sha256:3b5176fc3933d4ac14e77917dcee097a57bc5a44bf87b6c4dd2fcffa40677068_s390x",
          "9Base-RHCEPH-7.1-Tools:rhceph/grafana-rhel9@sha256:6fbbfa1bc1de9fb6c7810fffdffb5be1da904efe22aa602deb4ad09b6d0c7d3a_ppc64le",
          "9Base-RHCEPH-7.1-Tools:rhceph/keepalived-rhel9@sha256:0838f180ac530462659838844e3fa547e50e82eb2c9a7d7f563fc5bb11ce0cc2_s390x",
          "9Base-RHCEPH-7.1-Tools:rhceph/keepalived-rhel9@sha256:5fbbb15572fcc21cff00b8d6a4ac6cb119936e8d85eb5dfd9280c7cb270abace_amd64",
          "9Base-RHCEPH-7.1-Tools:rhceph/keepalived-rhel9@sha256:fe74d4288903e8e1f590c30869d5186a83e9ba62a262a030778ab9bc305fd73a_ppc64le",
          "9Base-RHCEPH-7.1-Tools:rhceph/rhceph-7-rhel9@sha256:2b9cc77493ee13fe6de6d5c1f0de0c0341d7ebc7f35431f0a72449a1b8f91593_s390x",
          "9Base-RHCEPH-7.1-Tools:rhceph/rhceph-7-rhel9@sha256:7be06e7059c107a63d7f00f189b673c7793ecc480cfa343925afed7c52656699_ppc64le",
          "9Base-RHCEPH-7.1-Tools:rhceph/rhceph-7-rhel9@sha256:b64cd611ee6a8ba643f17a4626cb0dbfb7c4e730988ce971218c94546543beb0_amd64",
          "9Base-RHCEPH-7.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:990cbc4014d5336c9e0d0a2f1d99796215e83eda5ee8c1adb62acd67b6be067b_ppc64le",
          "9Base-RHCEPH-7.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:e76f5b7de4ecb81e6ca945076257bbd3734da007723cc787a4ba89de41c4af04_amd64",
          "9Base-RHCEPH-7.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:f9bbb11f6d30f4a8430617f52f8d9729a2ef039596c03f1a7e674a77932b0bde_s390x",
          "9Base-RHCEPH-7.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:44de5dc49f2580333eeba80002a5333566b2a77eb3390a6074087accff89e775_amd64",
          "9Base-RHCEPH-7.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:600c2838052e0e7e6c798b456cd163745b8a154d5a4570fabc86f90bc8f46f76_ppc64le",
          "9Base-RHCEPH-7.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:acbaae2df3e06c6f499cb5dfedb44ce3ef113462651a58015d222aecb4b3b892_s390x",
          "9Base-RHCEPH-7.1-Tools:rhceph/snmp-notifier-rhel9@sha256:77674d5445337c2ecb958ea79af869dc852ce9bb127673495eae4365ab8ad00d_ppc64le",
          "9Base-RHCEPH-7.1-Tools:rhceph/snmp-notifier-rhel9@sha256:be3e253624563fa2db911309336f7b1524d22c414bb5aee70b545cefa194ec31_s390x",
          "9Base-RHCEPH-7.1-Tools:rhceph/snmp-notifier-rhel9@sha256:f841aa3ee738cd4bb9333127b1b374ca817d2fa337ed2ec489ea1c056d20245e_amd64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2025-22866"
        },
        {
          "category": "external",
          "summary": "RHBZ#2344219",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2344219"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2025-22866",
          "url": "https://www.cve.org/CVERecord?id=CVE-2025-22866"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-22866",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-22866"
        },
        {
          "category": "external",
          "summary": "https://go.dev/cl/643735",
          "url": "https://go.dev/cl/643735"
        },
        {
          "category": "external",
          "summary": "https://go.dev/issue/71383",
          "url": "https://go.dev/issue/71383"
        },
        {
          "category": "external",
          "summary": "https://groups.google.com/g/golang-announce/c/xU1ZCHUZw3k",
          "url": "https://groups.google.com/g/golang-announce/c/xU1ZCHUZw3k"
        },
        {
          "category": "external",
          "summary": "https://pkg.go.dev/vuln/GO-2025-3447",
          "url": "https://pkg.go.dev/vuln/GO-2025-3447"
        }
      ],
      "release_date": "2025-02-06T16:54:10.252000+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2025-05-07T12:55:17+00:00",
          "details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/2789521\n\nFor supported configurations, refer to:\n\nhttps://access.redhat.com/articles/1548993",
          "product_ids": [
            "9Base-RHCEPH-7.1-Tools:rhceph/grafana-rhel9@sha256:1acdd9584f131b9931ec44b41d2c661b956abfb341560a1e3cd33c6916b282f5_amd64",
            "9Base-RHCEPH-7.1-Tools:rhceph/grafana-rhel9@sha256:3b5176fc3933d4ac14e77917dcee097a57bc5a44bf87b6c4dd2fcffa40677068_s390x",
            "9Base-RHCEPH-7.1-Tools:rhceph/grafana-rhel9@sha256:6fbbfa1bc1de9fb6c7810fffdffb5be1da904efe22aa602deb4ad09b6d0c7d3a_ppc64le",
            "9Base-RHCEPH-7.1-Tools:rhceph/keepalived-rhel9@sha256:0838f180ac530462659838844e3fa547e50e82eb2c9a7d7f563fc5bb11ce0cc2_s390x",
            "9Base-RHCEPH-7.1-Tools:rhceph/keepalived-rhel9@sha256:5fbbb15572fcc21cff00b8d6a4ac6cb119936e8d85eb5dfd9280c7cb270abace_amd64",
            "9Base-RHCEPH-7.1-Tools:rhceph/keepalived-rhel9@sha256:fe74d4288903e8e1f590c30869d5186a83e9ba62a262a030778ab9bc305fd73a_ppc64le",
            "9Base-RHCEPH-7.1-Tools:rhceph/rhceph-7-rhel9@sha256:2b9cc77493ee13fe6de6d5c1f0de0c0341d7ebc7f35431f0a72449a1b8f91593_s390x",
            "9Base-RHCEPH-7.1-Tools:rhceph/rhceph-7-rhel9@sha256:7be06e7059c107a63d7f00f189b673c7793ecc480cfa343925afed7c52656699_ppc64le",
            "9Base-RHCEPH-7.1-Tools:rhceph/rhceph-7-rhel9@sha256:b64cd611ee6a8ba643f17a4626cb0dbfb7c4e730988ce971218c94546543beb0_amd64",
            "9Base-RHCEPH-7.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:990cbc4014d5336c9e0d0a2f1d99796215e83eda5ee8c1adb62acd67b6be067b_ppc64le",
            "9Base-RHCEPH-7.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:e76f5b7de4ecb81e6ca945076257bbd3734da007723cc787a4ba89de41c4af04_amd64",
            "9Base-RHCEPH-7.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:f9bbb11f6d30f4a8430617f52f8d9729a2ef039596c03f1a7e674a77932b0bde_s390x",
            "9Base-RHCEPH-7.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:44de5dc49f2580333eeba80002a5333566b2a77eb3390a6074087accff89e775_amd64",
            "9Base-RHCEPH-7.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:600c2838052e0e7e6c798b456cd163745b8a154d5a4570fabc86f90bc8f46f76_ppc64le",
            "9Base-RHCEPH-7.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:acbaae2df3e06c6f499cb5dfedb44ce3ef113462651a58015d222aecb4b3b892_s390x",
            "9Base-RHCEPH-7.1-Tools:rhceph/snmp-notifier-rhel9@sha256:77674d5445337c2ecb958ea79af869dc852ce9bb127673495eae4365ab8ad00d_ppc64le",
            "9Base-RHCEPH-7.1-Tools:rhceph/snmp-notifier-rhel9@sha256:be3e253624563fa2db911309336f7b1524d22c414bb5aee70b545cefa194ec31_s390x",
            "9Base-RHCEPH-7.1-Tools:rhceph/snmp-notifier-rhel9@sha256:f841aa3ee738cd4bb9333127b1b374ca817d2fa337ed2ec489ea1c056d20245e_amd64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2025:4667"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "9Base-RHCEPH-7.1-Tools:rhceph/grafana-rhel9@sha256:1acdd9584f131b9931ec44b41d2c661b956abfb341560a1e3cd33c6916b282f5_amd64",
            "9Base-RHCEPH-7.1-Tools:rhceph/grafana-rhel9@sha256:3b5176fc3933d4ac14e77917dcee097a57bc5a44bf87b6c4dd2fcffa40677068_s390x",
            "9Base-RHCEPH-7.1-Tools:rhceph/grafana-rhel9@sha256:6fbbfa1bc1de9fb6c7810fffdffb5be1da904efe22aa602deb4ad09b6d0c7d3a_ppc64le",
            "9Base-RHCEPH-7.1-Tools:rhceph/keepalived-rhel9@sha256:0838f180ac530462659838844e3fa547e50e82eb2c9a7d7f563fc5bb11ce0cc2_s390x",
            "9Base-RHCEPH-7.1-Tools:rhceph/keepalived-rhel9@sha256:5fbbb15572fcc21cff00b8d6a4ac6cb119936e8d85eb5dfd9280c7cb270abace_amd64",
            "9Base-RHCEPH-7.1-Tools:rhceph/keepalived-rhel9@sha256:fe74d4288903e8e1f590c30869d5186a83e9ba62a262a030778ab9bc305fd73a_ppc64le",
            "9Base-RHCEPH-7.1-Tools:rhceph/rhceph-7-rhel9@sha256:2b9cc77493ee13fe6de6d5c1f0de0c0341d7ebc7f35431f0a72449a1b8f91593_s390x",
            "9Base-RHCEPH-7.1-Tools:rhceph/rhceph-7-rhel9@sha256:7be06e7059c107a63d7f00f189b673c7793ecc480cfa343925afed7c52656699_ppc64le",
            "9Base-RHCEPH-7.1-Tools:rhceph/rhceph-7-rhel9@sha256:b64cd611ee6a8ba643f17a4626cb0dbfb7c4e730988ce971218c94546543beb0_amd64",
            "9Base-RHCEPH-7.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:990cbc4014d5336c9e0d0a2f1d99796215e83eda5ee8c1adb62acd67b6be067b_ppc64le",
            "9Base-RHCEPH-7.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:e76f5b7de4ecb81e6ca945076257bbd3734da007723cc787a4ba89de41c4af04_amd64",
            "9Base-RHCEPH-7.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:f9bbb11f6d30f4a8430617f52f8d9729a2ef039596c03f1a7e674a77932b0bde_s390x",
            "9Base-RHCEPH-7.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:44de5dc49f2580333eeba80002a5333566b2a77eb3390a6074087accff89e775_amd64",
            "9Base-RHCEPH-7.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:600c2838052e0e7e6c798b456cd163745b8a154d5a4570fabc86f90bc8f46f76_ppc64le",
            "9Base-RHCEPH-7.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:acbaae2df3e06c6f499cb5dfedb44ce3ef113462651a58015d222aecb4b3b892_s390x",
            "9Base-RHCEPH-7.1-Tools:rhceph/snmp-notifier-rhel9@sha256:77674d5445337c2ecb958ea79af869dc852ce9bb127673495eae4365ab8ad00d_ppc64le",
            "9Base-RHCEPH-7.1-Tools:rhceph/snmp-notifier-rhel9@sha256:be3e253624563fa2db911309336f7b1524d22c414bb5aee70b545cefa194ec31_s390x",
            "9Base-RHCEPH-7.1-Tools:rhceph/snmp-notifier-rhel9@sha256:f841aa3ee738cd4bb9333127b1b374ca817d2fa337ed2ec489ea1c056d20245e_amd64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "crypto/internal/nistec: golang: Timing sidechannel for P-256 on ppc64le in crypto/internal/nistec"
    }
  ]
}

CVE-2025-22866 (GCVE-0-2025-22866)

Vulnerability from cvelistv5

Published

2025-02-06 16:54

Modified

2025-02-21 18:03

Severity ?

4.0 (Medium) - CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

CWE

CWE-208: Observable Timing Discrepancy

Summary

Due to the usage of a variable time instruction in the assembly implementation of an internal function, a small number of bits of secret scalars are leaked on the ppc64le architecture. Due to the way this function is used, we do not believe this leakage is enough to allow recovery of the private key when P-256 is used in any well known protocols.

References

►

URL

Tags

	https://go.dev/cl/643735
	https://go.dev/issue/71383
	https://groups.google.com/g/golang-announce/c/xU1ZCHUZw3k
	https://pkg.go.dev/vuln/GO-2025-3447

Impacted products

	Vendor	Product	Version
	Go standard library	crypto/internal/nistec	Version: 0 ≤ Version: 1.23.0-0 ≤ Version: 1.24.0-0 ≤

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "LOCAL",
              "availabilityImpact": "NONE",
              "baseScore": 4,
              "baseSeverity": "MEDIUM",
              "confidentialityImpact": "LOW",
              "integrityImpact": "NONE",
              "privilegesRequired": "NONE",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2025-22866",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-02-10T20:40:17.232803Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-02-11T14:47:25.778Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2025-02-21T18:03:36.215Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "url": "https://security.netapp.com/advisory/ntap-20250221-0002/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://pkg.go.dev",
          "defaultStatus": "unaffected",
          "packageName": "crypto/internal/nistec",
          "product": "crypto/internal/nistec",
          "programRoutines": [
            {
              "name": "p256NegCond"
            },
            {
              "name": "P256Point.ScalarBaseMult"
            },
            {
              "name": "P256Point.ScalarMult"
            },
            {
              "name": "P256Point.SetBytes"
            }
          ],
          "vendor": "Go standard library",
          "versions": [
            {
              "lessThan": "1.22.12",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThan": "1.23.6",
              "status": "affected",
              "version": "1.23.0-0",
              "versionType": "semver"
            },
            {
              "lessThan": "1.24.0-rc.3",
              "status": "affected",
              "version": "1.24.0-0",
              "versionType": "semver"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Due to the usage of a variable time instruction in the assembly implementation of an internal function, a small number of bits of secret scalars are leaked on the ppc64le architecture. Due to the way this function is used, we do not believe this leakage is enough to allow recovery of the private key when P-256 is used in any well known protocols."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "CWE-208: Observable Timing Discrepancy",
              "lang": "en"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-02-06T16:54:10.252Z",
        "orgId": "1bb62c36-49e3-4200-9d77-64a1400537cc",
        "shortName": "Go"
      },
      "references": [
        {
          "url": "https://go.dev/cl/643735"
        },
        {
          "url": "https://go.dev/issue/71383"
        },
        {
          "url": "https://groups.google.com/g/golang-announce/c/xU1ZCHUZw3k"
        },
        {
          "url": "https://pkg.go.dev/vuln/GO-2025-3447"
        }
      ],
      "title": "Timing sidechannel for P-256 on ppc64le in crypto/internal/nistec"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "1bb62c36-49e3-4200-9d77-64a1400537cc",
    "assignerShortName": "Go",
    "cveId": "CVE-2025-22866",
    "datePublished": "2025-02-06T16:54:10.252Z",
    "dateReserved": "2025-01-08T19:11:42.834Z",
    "dateUpdated": "2025-02-21T18:03:36.215Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-45336 (GCVE-0-2024-45336)

Vulnerability from cvelistv5

Published

2025-01-28 01:03

Modified

2025-02-21 18:03

Severity ?

6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

CWE

CWE-116: Improper Encoding or Escaping of Output

Summary

The HTTP client drops sensitive headers after following a cross-domain redirect. For example, a request to a.com/ containing an Authorization header which is redirected to b.com/ will not send that header to b.com. In the event that the client received a subsequent same-domain redirect, however, the sensitive headers would be restored. For example, a chain of redirects from a.com/, to b.com/1, and finally to b.com/2 would incorrectly send the Authorization header to b.com/2.

References

►

URL

Tags

	https://go.dev/cl/643100
	https://go.dev/issue/70530
	https://groups.google.com/g/golang-dev/c/CAWXhan3Jww/m/bk9LAa-lCgAJ
	https://groups.google.com/g/golang-dev/c/bG8cv1muIBM/m/G461hA6lCgAJ
	https://pkg.go.dev/vuln/GO-2025-3420

Impacted products

	Vendor	Product	Version
	Go standard library	net/http	Version: 0 ≤ Version: 1.23.0-0 ≤ Version: 1.24.0-0 ≤

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "NETWORK",
              "availabilityImpact": "NONE",
              "baseScore": 6.1,
              "baseSeverity": "MEDIUM",
              "confidentialityImpact": "LOW",
              "integrityImpact": "LOW",
              "privilegesRequired": "NONE",
              "scope": "CHANGED",
              "userInteraction": "REQUIRED",
              "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2024-45336",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-01-28T14:56:59.058895Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-01-28T15:16:38.044Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2025-02-21T18:03:31.299Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "url": "https://security.netapp.com/advisory/ntap-20250221-0003/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://pkg.go.dev",
          "defaultStatus": "unaffected",
          "packageName": "net/http",
          "product": "net/http",
          "programRoutines": [
            {
              "name": "Client.do"
            },
            {
              "name": "Client.makeHeadersCopier"
            },
            {
              "name": "shouldCopyHeaderOnRedirect"
            },
            {
              "name": "Client.Do"
            },
            {
              "name": "Client.Get"
            },
            {
              "name": "Client.Head"
            },
            {
              "name": "Client.Post"
            },
            {
              "name": "Client.PostForm"
            },
            {
              "name": "Get"
            },
            {
              "name": "Head"
            },
            {
              "name": "Post"
            },
            {
              "name": "PostForm"
            }
          ],
          "vendor": "Go standard library",
          "versions": [
            {
              "lessThan": "1.22.11",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThan": "1.23.5",
              "status": "affected",
              "version": "1.23.0-0",
              "versionType": "semver"
            },
            {
              "lessThan": "1.24.0-rc.2",
              "status": "affected",
              "version": "1.24.0-0",
              "versionType": "semver"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Kyle Seely"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "The HTTP client drops sensitive headers after following a cross-domain redirect. For example, a request to a.com/ containing an Authorization header which is redirected to b.com/ will not send that header to b.com. In the event that the client received a subsequent same-domain redirect, however, the sensitive headers would be restored. For example, a chain of redirects from a.com/, to b.com/1, and finally to b.com/2 would incorrectly send the Authorization header to b.com/2."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "CWE-116: Improper Encoding or Escaping of Output",
              "lang": "en"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-01-30T19:14:21.805Z",
        "orgId": "1bb62c36-49e3-4200-9d77-64a1400537cc",
        "shortName": "Go"
      },
      "references": [
        {
          "url": "https://go.dev/cl/643100"
        },
        {
          "url": "https://go.dev/issue/70530"
        },
        {
          "url": "https://groups.google.com/g/golang-dev/c/CAWXhan3Jww/m/bk9LAa-lCgAJ"
        },
        {
          "url": "https://groups.google.com/g/golang-dev/c/bG8cv1muIBM/m/G461hA6lCgAJ"
        },
        {
          "url": "https://pkg.go.dev/vuln/GO-2025-3420"
        }
      ],
      "title": "Sensitive headers incorrectly sent after cross-domain redirect in net/http"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "1bb62c36-49e3-4200-9d77-64a1400537cc",
    "assignerShortName": "Go",
    "cveId": "CVE-2024-45336",
    "datePublished": "2025-01-28T01:03:24.869Z",
    "dateReserved": "2024-08-27T19:41:58.555Z",
    "dateUpdated": "2025-02-21T18:03:31.299Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-24790 (GCVE-0-2024-24790)

Vulnerability from cvelistv5

Published

2024-06-05 15:13

Modified

2025-02-13 17:40

Severity ?

9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE

CWE-180: Incorrect Behavior Order: Validate Before Canonicalize

Summary

The various Is methods (IsPrivate, IsLoopback, etc) did not work as expected for IPv4-mapped IPv6 addresses, returning false for addresses which would return true in their traditional IPv4 forms.

References

►

URL

Tags

	https://go.dev/cl/590316
	https://go.dev/issue/67680
	https://groups.google.com/g/golang-announce/c/XbxouI9gY7k/m/TuoGEhxIEwAJ
	https://pkg.go.dev/vuln/GO-2024-2887
	http://www.openwall.com/lists/oss-security/2024/06/04/1

Impacted products

	Vendor	Product	Version
	Go standard library	net/netip	Version: 0 ≤ Version: 1.22.0-0 ≤

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-09-05T08:03:29.294Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://go.dev/cl/590316"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://go.dev/issue/67680"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://groups.google.com/g/golang-announce/c/XbxouI9gY7k/m/TuoGEhxIEwAJ"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://pkg.go.dev/vuln/GO-2024-2887"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2024/06/04/1"
          },
          {
            "url": "https://security.netapp.com/advisory/ntap-20240905-0002/"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "go",
            "vendor": "golang",
            "versions": [
              {
                "lessThan": "1.21.11",
                "status": "affected",
                "version": "0",
                "versionType": "semver"
              },
              {
                "lessThan": "1.22.4",
                "status": "affected",
                "version": "1.22.0-0",
                "versionType": "semver"
              }
            ]
          }
        ],
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "NETWORK",
              "availabilityImpact": "HIGH",
              "baseScore": 9.8,
              "baseSeverity": "CRITICAL",
              "confidentialityImpact": "HIGH",
              "integrityImpact": "HIGH",
              "privilegesRequired": "NONE",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2024-24790",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-08-07T14:59:19.414359Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-09-03T17:47:16.286Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://pkg.go.dev",
          "defaultStatus": "unaffected",
          "packageName": "net/netip",
          "product": "net/netip",
          "programRoutines": [
            {
              "name": "Addr.IsLoopback"
            },
            {
              "name": "Addr.IsMulticast"
            },
            {
              "name": "Addr.IsInterfaceLocalMulticast"
            },
            {
              "name": "Addr.IsLinkLocalMulticast"
            },
            {
              "name": "Addr.IsGlobalUnicast"
            },
            {
              "name": "Addr.IsPrivate"
            }
          ],
          "vendor": "Go standard library",
          "versions": [
            {
              "lessThan": "1.21.11",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThan": "1.22.4",
              "status": "affected",
              "version": "1.22.0-0",
              "versionType": "semver"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Enze Wang of Alioth (@zer0yu)"
        },
        {
          "lang": "en",
          "value": "Jianjun Chen of Zhongguancun Lab (@chenjj)"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "The various Is methods (IsPrivate, IsLoopback, etc) did not work as expected for IPv4-mapped IPv6 addresses, returning false for addresses which would return true in their traditional IPv4 forms."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "CWE-180: Incorrect Behavior Order: Validate Before Canonicalize",
              "lang": "en"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-06-10T17:11:30.724Z",
        "orgId": "1bb62c36-49e3-4200-9d77-64a1400537cc",
        "shortName": "Go"
      },
      "references": [
        {
          "url": "https://go.dev/cl/590316"
        },
        {
          "url": "https://go.dev/issue/67680"
        },
        {
          "url": "https://groups.google.com/g/golang-announce/c/XbxouI9gY7k/m/TuoGEhxIEwAJ"
        },
        {
          "url": "https://pkg.go.dev/vuln/GO-2024-2887"
        },
        {
          "url": "http://www.openwall.com/lists/oss-security/2024/06/04/1"
        }
      ],
      "title": "Unexpected behavior from Is methods for IPv4-mapped IPv6 addresses in net/netip"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "1bb62c36-49e3-4200-9d77-64a1400537cc",
    "assignerShortName": "Go",
    "cveId": "CVE-2024-24790",
    "datePublished": "2024-06-05T15:13:50.527Z",
    "dateReserved": "2024-01-30T16:05:14.758Z",
    "dateUpdated": "2025-02-13T17:40:28.639Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

rhsa-2025:4667

Vulnerability from csaf_redhat

CVE-2025-22866 (GCVE-0-2025-22866)

Vulnerability from cvelistv5

CVE-2024-45336 (GCVE-0-2024-45336)

Vulnerability from cvelistv5

CVE-2024-24790 (GCVE-0-2024-24790)

Vulnerability from cvelistv5

Tags

Sightings

Nomenclature