rhsa-2025:8244
Vulnerability from csaf_redhat
Published
2025-05-28 02:39
Modified
2025-08-22 03:21
Summary
Red Hat Security Advisory: Red Hat OpenShift Dev Spaces 3.21.0 release
Notes
Topic
Red Hat OpenShift Dev Spaces 3.21 has been released.
All containers have been updated to include feature enhancements, bug fixes and CVE fixes.
Details
Red Hat OpenShift Dev Spaces provides a cloud developer workspace server and a browser-based IDE built for teams and organizations. Dev Spaces runs in OpenShift and is well-suited for container-based development.
The 3.21 release is based on Eclipse Che 7.102 and uses the DevWorkspace engine to provide support for workspaces based on devfile v2.1 and v2.2.
Users still using the v1 standard should migrate as soon as possible.
https://devfile.io/docs/2.2.0/migrating-to-devfile-v2
Dev Spaces releases support the latest two OpenShift 4 EUS releases. Users are expected to update to newer OpenShift releases in order to continue to get Dev Spaces updates.
https://access.redhat.com/support/policy/updates/openshift#devspaces
Security Fix(es):
devspaces-code
- tar-fs: link following and path traversal via maliciously crafted tar file (CVE-2024-12905)
devspaces-traefik
- traefik: HTTP client can manipulate custom HTTP headers that are added by Traefik (CVE-2024-45410)
- golang.org/x/crypto/ssh: Misuse of ServerConfig.PublicKeyCallback may cause authorization bypass in golang.org/x/crypto (CVE-2024-45337)
- golang.org/x/crypto/ssh: Denial of Service in the Key Exchange of golang.org/x/crypto/ssh (CVE-2025-22869)
- golang-jwt/jwt: jwt-go allows excessive memory allocation during header parsing (CVE-2025-30204)
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Red Hat OpenShift Dev Spaces 3.21 has been released.\n\nAll containers have been updated to include feature enhancements, bug fixes and CVE fixes.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat OpenShift Dev Spaces provides a cloud developer workspace server and a browser-based IDE built for teams and organizations. Dev Spaces runs in OpenShift and is well-suited for container-based development.\n\nThe 3.21 release is based on Eclipse Che 7.102 and uses the DevWorkspace engine to provide support for workspaces based on devfile v2.1 and v2.2.\n\nUsers still using the v1 standard should migrate as soon as possible.\n\nhttps://devfile.io/docs/2.2.0/migrating-to-devfile-v2\n\nDev Spaces releases support the latest two OpenShift 4 EUS releases. Users are expected to update to newer OpenShift releases in order to continue to get Dev Spaces updates. \n\nhttps://access.redhat.com/support/policy/updates/openshift#devspaces\n\nSecurity Fix(es):\n\ndevspaces-code\n- tar-fs: link following and path traversal via maliciously crafted tar file (CVE-2024-12905)\n\ndevspaces-traefik\n- traefik: HTTP client can manipulate custom HTTP headers that are added by Traefik (CVE-2024-45410)\n- golang.org/x/crypto/ssh: Misuse of ServerConfig.PublicKeyCallback may cause authorization bypass in golang.org/x/crypto (CVE-2024-45337)\n- golang.org/x/crypto/ssh: Denial of Service in the Key Exchange of golang.org/x/crypto/ssh (CVE-2025-22869)\n- golang-jwt/jwt: jwt-go allows excessive memory allocation during header parsing (CVE-2025-30204)",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2025:8244",
"url": "https://access.redhat.com/errata/RHSA-2025:8244"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2313584",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2313584"
},
{
"category": "external",
"summary": "2331720",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2331720"
},
{
"category": "external",
"summary": "2348367",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2348367"
},
{
"category": "external",
"summary": "2354195",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2354195"
},
{
"category": "external",
"summary": "2355460",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2355460"
},
{
"category": "external",
"summary": "CRW-8607",
"url": "https://issues.redhat.com/browse/CRW-8607"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_8244.json"
}
],
"title": "Red Hat Security Advisory: Red Hat OpenShift Dev Spaces 3.21.0 release",
"tracking": {
"current_release_date": "2025-08-22T03:21:44+00:00",
"generator": {
"date": "2025-08-22T03:21:44+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.6"
}
},
"id": "RHSA-2025:8244",
"initial_release_date": "2025-05-28T02:39:39+00:00",
"revision_history": [
{
"date": "2025-05-28T02:39:39+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2025-05-28T02:39:39+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-08-22T03:21:44+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat OpenShift Dev Spaces 3",
"product": {
"name": "Red Hat OpenShift Dev Spaces 3",
"product_id": "9Base-RHOSDS-3",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift_devspaces:3::el9"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenShift Dev Spaces"
},
{
"branches": [
{
"category": "product_version",
"name": "devspaces/code-rhel9@sha256:08f2e3cd088b9d1176e61f8017126ecaa7447ade3aede5d63e49bd678b5cc30b_s390x",
"product": {
"name": "devspaces/code-rhel9@sha256:08f2e3cd088b9d1176e61f8017126ecaa7447ade3aede5d63e49bd678b5cc30b_s390x",
"product_id": "devspaces/code-rhel9@sha256:08f2e3cd088b9d1176e61f8017126ecaa7447ade3aede5d63e49bd678b5cc30b_s390x",
"product_identification_helper": {
"purl": "pkg:oci/code-rhel9@sha256:08f2e3cd088b9d1176e61f8017126ecaa7447ade3aede5d63e49bd678b5cc30b?arch=s390x\u0026repository_url=registry.redhat.io/devspaces/code-rhel9\u0026tag=3.21-5"
}
}
},
{
"category": "product_version",
"name": "devspaces/configbump-rhel9@sha256:a47dcbcc9292e09c31ad8df74d54b58aa03db782700937365434407029c586d7_s390x",
"product": {
"name": "devspaces/configbump-rhel9@sha256:a47dcbcc9292e09c31ad8df74d54b58aa03db782700937365434407029c586d7_s390x",
"product_id": "devspaces/configbump-rhel9@sha256:a47dcbcc9292e09c31ad8df74d54b58aa03db782700937365434407029c586d7_s390x",
"product_identification_helper": {
"purl": "pkg:oci/configbump-rhel9@sha256:a47dcbcc9292e09c31ad8df74d54b58aa03db782700937365434407029c586d7?arch=s390x\u0026repository_url=registry.redhat.io/devspaces/configbump-rhel9\u0026tag=latest"
}
}
},
{
"category": "product_version",
"name": "devspaces/dashboard-rhel9@sha256:f894dcaddbc0dd33c9e524e33bf54416f08dd328838bbe2c869eb7201cf7ef1a_s390x",
"product": {
"name": "devspaces/dashboard-rhel9@sha256:f894dcaddbc0dd33c9e524e33bf54416f08dd328838bbe2c869eb7201cf7ef1a_s390x",
"product_id": "devspaces/dashboard-rhel9@sha256:f894dcaddbc0dd33c9e524e33bf54416f08dd328838bbe2c869eb7201cf7ef1a_s390x",
"product_identification_helper": {
"purl": "pkg:oci/dashboard-rhel9@sha256:f894dcaddbc0dd33c9e524e33bf54416f08dd328838bbe2c869eb7201cf7ef1a?arch=s390x\u0026repository_url=registry.redhat.io/devspaces/dashboard-rhel9\u0026tag=3.21-12"
}
}
},
{
"category": "product_version",
"name": "devspaces/imagepuller-rhel9@sha256:4e11c662d89bb01653f32ed2f3bc66a67be8a1464e267a564a30e36d047b46a6_s390x",
"product": {
"name": "devspaces/imagepuller-rhel9@sha256:4e11c662d89bb01653f32ed2f3bc66a67be8a1464e267a564a30e36d047b46a6_s390x",
"product_id": "devspaces/imagepuller-rhel9@sha256:4e11c662d89bb01653f32ed2f3bc66a67be8a1464e267a564a30e36d047b46a6_s390x",
"product_identification_helper": {
"purl": "pkg:oci/imagepuller-rhel9@sha256:4e11c662d89bb01653f32ed2f3bc66a67be8a1464e267a564a30e36d047b46a6?arch=s390x\u0026repository_url=registry.redhat.io/devspaces/imagepuller-rhel9\u0026tag=latest"
}
}
},
{
"category": "product_version",
"name": "devspaces-tech-preview/jetbrains-ide-rhel9@sha256:82d121266eb9adca7faa9af0da6c89323cfe24add67bcba759a6a81ca161ba2f_s390x",
"product": {
"name": "devspaces-tech-preview/jetbrains-ide-rhel9@sha256:82d121266eb9adca7faa9af0da6c89323cfe24add67bcba759a6a81ca161ba2f_s390x",
"product_id": "devspaces-tech-preview/jetbrains-ide-rhel9@sha256:82d121266eb9adca7faa9af0da6c89323cfe24add67bcba759a6a81ca161ba2f_s390x",
"product_identification_helper": {
"purl": "pkg:oci/jetbrains-ide-rhel9@sha256:82d121266eb9adca7faa9af0da6c89323cfe24add67bcba759a6a81ca161ba2f?arch=s390x\u0026repository_url=registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9\u0026tag=latest"
}
}
},
{
"category": "product_version",
"name": "devspaces/machineexec-rhel9@sha256:60f6c9724b2c7e773654d7fd176829661420b6a3eb9df7f72c3560e7890fe691_s390x",
"product": {
"name": "devspaces/machineexec-rhel9@sha256:60f6c9724b2c7e773654d7fd176829661420b6a3eb9df7f72c3560e7890fe691_s390x",
"product_id": "devspaces/machineexec-rhel9@sha256:60f6c9724b2c7e773654d7fd176829661420b6a3eb9df7f72c3560e7890fe691_s390x",
"product_identification_helper": {
"purl": "pkg:oci/machineexec-rhel9@sha256:60f6c9724b2c7e773654d7fd176829661420b6a3eb9df7f72c3560e7890fe691?arch=s390x\u0026repository_url=registry.redhat.io/devspaces/machineexec-rhel9\u0026tag=3.21-4"
}
}
},
{
"category": "product_version",
"name": "devspaces/devspaces-operator-bundle@sha256:f463c35bfe9daac4929295c610f07935ff9655793b72d5fd040944fad8307c9a_s390x",
"product": {
"name": "devspaces/devspaces-operator-bundle@sha256:f463c35bfe9daac4929295c610f07935ff9655793b72d5fd040944fad8307c9a_s390x",
"product_id": "devspaces/devspaces-operator-bundle@sha256:f463c35bfe9daac4929295c610f07935ff9655793b72d5fd040944fad8307c9a_s390x",
"product_identification_helper": {
"purl": "pkg:oci/devspaces-operator-bundle@sha256:f463c35bfe9daac4929295c610f07935ff9655793b72d5fd040944fad8307c9a?arch=s390x\u0026repository_url=registry.redhat.io/devspaces/devspaces-operator-bundle\u0026tag=3.21-25"
}
}
},
{
"category": "product_version",
"name": "devspaces/pluginregistry-rhel9@sha256:989fc72b261f44374f16ba8aa190791d04da8b295933f724a00bc31a84efd89e_s390x",
"product": {
"name": "devspaces/pluginregistry-rhel9@sha256:989fc72b261f44374f16ba8aa190791d04da8b295933f724a00bc31a84efd89e_s390x",
"product_id": "devspaces/pluginregistry-rhel9@sha256:989fc72b261f44374f16ba8aa190791d04da8b295933f724a00bc31a84efd89e_s390x",
"product_identification_helper": {
"purl": "pkg:oci/pluginregistry-rhel9@sha256:989fc72b261f44374f16ba8aa190791d04da8b295933f724a00bc31a84efd89e?arch=s390x\u0026repository_url=registry.redhat.io/devspaces/pluginregistry-rhel9\u0026tag=3.21-7"
}
}
},
{
"category": "product_version",
"name": "devspaces/devspaces-rhel9-operator@sha256:e2b9c33d133573a466fead6c5f904d7ef31ba96d5fce1a619f3ff8c47d86a9da_s390x",
"product": {
"name": "devspaces/devspaces-rhel9-operator@sha256:e2b9c33d133573a466fead6c5f904d7ef31ba96d5fce1a619f3ff8c47d86a9da_s390x",
"product_id": "devspaces/devspaces-rhel9-operator@sha256:e2b9c33d133573a466fead6c5f904d7ef31ba96d5fce1a619f3ff8c47d86a9da_s390x",
"product_identification_helper": {
"purl": "pkg:oci/devspaces-rhel9-operator@sha256:e2b9c33d133573a466fead6c5f904d7ef31ba96d5fce1a619f3ff8c47d86a9da?arch=s390x\u0026repository_url=registry.redhat.io/devspaces/devspaces-rhel9-operator\u0026tag=3.21-6"
}
}
},
{
"category": "product_version",
"name": "devspaces/server-rhel9@sha256:ae275fed16fdc724d0e48659c3de940e4af3e0722d3b5d465634d31f5a2a972e_s390x",
"product": {
"name": "devspaces/server-rhel9@sha256:ae275fed16fdc724d0e48659c3de940e4af3e0722d3b5d465634d31f5a2a972e_s390x",
"product_id": "devspaces/server-rhel9@sha256:ae275fed16fdc724d0e48659c3de940e4af3e0722d3b5d465634d31f5a2a972e_s390x",
"product_identification_helper": {
"purl": "pkg:oci/server-rhel9@sha256:ae275fed16fdc724d0e48659c3de940e4af3e0722d3b5d465634d31f5a2a972e?arch=s390x\u0026repository_url=registry.redhat.io/devspaces/server-rhel9\u0026tag=3.21-11"
}
}
},
{
"category": "product_version",
"name": "devspaces/traefik-rhel9@sha256:90df466eef849a4fd6846345273968f875397d72f24c38445058d462d861ca9c_s390x",
"product": {
"name": "devspaces/traefik-rhel9@sha256:90df466eef849a4fd6846345273968f875397d72f24c38445058d462d861ca9c_s390x",
"product_id": "devspaces/traefik-rhel9@sha256:90df466eef849a4fd6846345273968f875397d72f24c38445058d462d861ca9c_s390x",
"product_identification_helper": {
"purl": "pkg:oci/traefik-rhel9@sha256:90df466eef849a4fd6846345273968f875397d72f24c38445058d462d861ca9c?arch=s390x\u0026repository_url=registry.redhat.io/devspaces/traefik-rhel9\u0026tag=3.21-1"
}
}
},
{
"category": "product_version",
"name": "devspaces/udi-base-rhel9@sha256:e1b46dd642b4391ece60c7bc3bb062ba81c3c975cb3723ade62f5a230a43ed5d_s390x",
"product": {
"name": "devspaces/udi-base-rhel9@sha256:e1b46dd642b4391ece60c7bc3bb062ba81c3c975cb3723ade62f5a230a43ed5d_s390x",
"product_id": "devspaces/udi-base-rhel9@sha256:e1b46dd642b4391ece60c7bc3bb062ba81c3c975cb3723ade62f5a230a43ed5d_s390x",
"product_identification_helper": {
"purl": "pkg:oci/udi-base-rhel9@sha256:e1b46dd642b4391ece60c7bc3bb062ba81c3c975cb3723ade62f5a230a43ed5d?arch=s390x\u0026repository_url=registry.redhat.io/devspaces/udi-base-rhel9\u0026tag=latest"
}
}
},
{
"category": "product_version",
"name": "devspaces/udi-rhel9@sha256:e6d836b45dfb32da1a94114ab9908251da24adeeca932de89ba0e23d4f104e22_s390x",
"product": {
"name": "devspaces/udi-rhel9@sha256:e6d836b45dfb32da1a94114ab9908251da24adeeca932de89ba0e23d4f104e22_s390x",
"product_id": "devspaces/udi-rhel9@sha256:e6d836b45dfb32da1a94114ab9908251da24adeeca932de89ba0e23d4f104e22_s390x",
"product_identification_helper": {
"purl": "pkg:oci/udi-rhel9@sha256:e6d836b45dfb32da1a94114ab9908251da24adeeca932de89ba0e23d4f104e22?arch=s390x\u0026repository_url=registry.redhat.io/devspaces/udi-rhel9\u0026tag=3.21-6"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "devspaces/code-rhel9@sha256:d36fb4add09a1576207fe4b114f60142a43b351d218b1f5d0807bacc19c02915_ppc64le",
"product": {
"name": "devspaces/code-rhel9@sha256:d36fb4add09a1576207fe4b114f60142a43b351d218b1f5d0807bacc19c02915_ppc64le",
"product_id": "devspaces/code-rhel9@sha256:d36fb4add09a1576207fe4b114f60142a43b351d218b1f5d0807bacc19c02915_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/code-rhel9@sha256:d36fb4add09a1576207fe4b114f60142a43b351d218b1f5d0807bacc19c02915?arch=ppc64le\u0026repository_url=registry.redhat.io/devspaces/code-rhel9\u0026tag=3.21-5"
}
}
},
{
"category": "product_version",
"name": "devspaces/configbump-rhel9@sha256:97544fe3e08648e8f0aec09dda768e884b0c213be0b833568747c797d492bb42_ppc64le",
"product": {
"name": "devspaces/configbump-rhel9@sha256:97544fe3e08648e8f0aec09dda768e884b0c213be0b833568747c797d492bb42_ppc64le",
"product_id": "devspaces/configbump-rhel9@sha256:97544fe3e08648e8f0aec09dda768e884b0c213be0b833568747c797d492bb42_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/configbump-rhel9@sha256:97544fe3e08648e8f0aec09dda768e884b0c213be0b833568747c797d492bb42?arch=ppc64le\u0026repository_url=registry.redhat.io/devspaces/configbump-rhel9\u0026tag=latest"
}
}
},
{
"category": "product_version",
"name": "devspaces/dashboard-rhel9@sha256:4fb48f0964049b6e56c71cac4973c8ec4ae53b3248ec842e58ec499736e3ffb7_ppc64le",
"product": {
"name": "devspaces/dashboard-rhel9@sha256:4fb48f0964049b6e56c71cac4973c8ec4ae53b3248ec842e58ec499736e3ffb7_ppc64le",
"product_id": "devspaces/dashboard-rhel9@sha256:4fb48f0964049b6e56c71cac4973c8ec4ae53b3248ec842e58ec499736e3ffb7_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/dashboard-rhel9@sha256:4fb48f0964049b6e56c71cac4973c8ec4ae53b3248ec842e58ec499736e3ffb7?arch=ppc64le\u0026repository_url=registry.redhat.io/devspaces/dashboard-rhel9\u0026tag=3.21-12"
}
}
},
{
"category": "product_version",
"name": "devspaces/imagepuller-rhel9@sha256:8de9e91840963be836e62c27395e7c37ebe1e908770a817197cb938fcf1777dc_ppc64le",
"product": {
"name": "devspaces/imagepuller-rhel9@sha256:8de9e91840963be836e62c27395e7c37ebe1e908770a817197cb938fcf1777dc_ppc64le",
"product_id": "devspaces/imagepuller-rhel9@sha256:8de9e91840963be836e62c27395e7c37ebe1e908770a817197cb938fcf1777dc_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/imagepuller-rhel9@sha256:8de9e91840963be836e62c27395e7c37ebe1e908770a817197cb938fcf1777dc?arch=ppc64le\u0026repository_url=registry.redhat.io/devspaces/imagepuller-rhel9\u0026tag=latest"
}
}
},
{
"category": "product_version",
"name": "devspaces-tech-preview/jetbrains-ide-rhel9@sha256:9a8899c791034c3395c081fbe55746021d372ea1ea3523f2a72bf7e31a2a4132_ppc64le",
"product": {
"name": "devspaces-tech-preview/jetbrains-ide-rhel9@sha256:9a8899c791034c3395c081fbe55746021d372ea1ea3523f2a72bf7e31a2a4132_ppc64le",
"product_id": "devspaces-tech-preview/jetbrains-ide-rhel9@sha256:9a8899c791034c3395c081fbe55746021d372ea1ea3523f2a72bf7e31a2a4132_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/jetbrains-ide-rhel9@sha256:9a8899c791034c3395c081fbe55746021d372ea1ea3523f2a72bf7e31a2a4132?arch=ppc64le\u0026repository_url=registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9\u0026tag=latest"
}
}
},
{
"category": "product_version",
"name": "devspaces/machineexec-rhel9@sha256:ac07b6bc8c311b357ab5e0545a2b80aa567c2f76b9ed01a3d382b5685b688c83_ppc64le",
"product": {
"name": "devspaces/machineexec-rhel9@sha256:ac07b6bc8c311b357ab5e0545a2b80aa567c2f76b9ed01a3d382b5685b688c83_ppc64le",
"product_id": "devspaces/machineexec-rhel9@sha256:ac07b6bc8c311b357ab5e0545a2b80aa567c2f76b9ed01a3d382b5685b688c83_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/machineexec-rhel9@sha256:ac07b6bc8c311b357ab5e0545a2b80aa567c2f76b9ed01a3d382b5685b688c83?arch=ppc64le\u0026repository_url=registry.redhat.io/devspaces/machineexec-rhel9\u0026tag=3.21-4"
}
}
},
{
"category": "product_version",
"name": "devspaces/devspaces-operator-bundle@sha256:ba152d33e05c8d53dd9c39249ba9756418619ff784ef1e4cb296a7aa1a33adfd_ppc64le",
"product": {
"name": "devspaces/devspaces-operator-bundle@sha256:ba152d33e05c8d53dd9c39249ba9756418619ff784ef1e4cb296a7aa1a33adfd_ppc64le",
"product_id": "devspaces/devspaces-operator-bundle@sha256:ba152d33e05c8d53dd9c39249ba9756418619ff784ef1e4cb296a7aa1a33adfd_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/devspaces-operator-bundle@sha256:ba152d33e05c8d53dd9c39249ba9756418619ff784ef1e4cb296a7aa1a33adfd?arch=ppc64le\u0026repository_url=registry.redhat.io/devspaces/devspaces-operator-bundle\u0026tag=3.21-25"
}
}
},
{
"category": "product_version",
"name": "devspaces/pluginregistry-rhel9@sha256:4c5430c1e53219652c27d861d7a7d577097db0dad05ded83b814275cb9a6cad2_ppc64le",
"product": {
"name": "devspaces/pluginregistry-rhel9@sha256:4c5430c1e53219652c27d861d7a7d577097db0dad05ded83b814275cb9a6cad2_ppc64le",
"product_id": "devspaces/pluginregistry-rhel9@sha256:4c5430c1e53219652c27d861d7a7d577097db0dad05ded83b814275cb9a6cad2_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/pluginregistry-rhel9@sha256:4c5430c1e53219652c27d861d7a7d577097db0dad05ded83b814275cb9a6cad2?arch=ppc64le\u0026repository_url=registry.redhat.io/devspaces/pluginregistry-rhel9\u0026tag=3.21-7"
}
}
},
{
"category": "product_version",
"name": "devspaces/devspaces-rhel9-operator@sha256:23280e408cce44be3fc8ebf244b19f5e386da1e6fab218a1a3ee8a1748f132f9_ppc64le",
"product": {
"name": "devspaces/devspaces-rhel9-operator@sha256:23280e408cce44be3fc8ebf244b19f5e386da1e6fab218a1a3ee8a1748f132f9_ppc64le",
"product_id": "devspaces/devspaces-rhel9-operator@sha256:23280e408cce44be3fc8ebf244b19f5e386da1e6fab218a1a3ee8a1748f132f9_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/devspaces-rhel9-operator@sha256:23280e408cce44be3fc8ebf244b19f5e386da1e6fab218a1a3ee8a1748f132f9?arch=ppc64le\u0026repository_url=registry.redhat.io/devspaces/devspaces-rhel9-operator\u0026tag=3.21-6"
}
}
},
{
"category": "product_version",
"name": "devspaces/server-rhel9@sha256:edae16c9f7a40feaf051b22a05945fd3a51033d031b742346105cff657848881_ppc64le",
"product": {
"name": "devspaces/server-rhel9@sha256:edae16c9f7a40feaf051b22a05945fd3a51033d031b742346105cff657848881_ppc64le",
"product_id": "devspaces/server-rhel9@sha256:edae16c9f7a40feaf051b22a05945fd3a51033d031b742346105cff657848881_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/server-rhel9@sha256:edae16c9f7a40feaf051b22a05945fd3a51033d031b742346105cff657848881?arch=ppc64le\u0026repository_url=registry.redhat.io/devspaces/server-rhel9\u0026tag=3.21-11"
}
}
},
{
"category": "product_version",
"name": "devspaces/traefik-rhel9@sha256:2a9c66e55371adf209b5b317068e63cfbd9b3e27da9de210250607da8b3ffdff_ppc64le",
"product": {
"name": "devspaces/traefik-rhel9@sha256:2a9c66e55371adf209b5b317068e63cfbd9b3e27da9de210250607da8b3ffdff_ppc64le",
"product_id": "devspaces/traefik-rhel9@sha256:2a9c66e55371adf209b5b317068e63cfbd9b3e27da9de210250607da8b3ffdff_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/traefik-rhel9@sha256:2a9c66e55371adf209b5b317068e63cfbd9b3e27da9de210250607da8b3ffdff?arch=ppc64le\u0026repository_url=registry.redhat.io/devspaces/traefik-rhel9\u0026tag=3.21-1"
}
}
},
{
"category": "product_version",
"name": "devspaces/udi-base-rhel9@sha256:89d858f949b7bbc4502109ff8ab3cf0f416ad1a4c9432924669fc30eeba26b86_ppc64le",
"product": {
"name": "devspaces/udi-base-rhel9@sha256:89d858f949b7bbc4502109ff8ab3cf0f416ad1a4c9432924669fc30eeba26b86_ppc64le",
"product_id": "devspaces/udi-base-rhel9@sha256:89d858f949b7bbc4502109ff8ab3cf0f416ad1a4c9432924669fc30eeba26b86_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/udi-base-rhel9@sha256:89d858f949b7bbc4502109ff8ab3cf0f416ad1a4c9432924669fc30eeba26b86?arch=ppc64le\u0026repository_url=registry.redhat.io/devspaces/udi-base-rhel9\u0026tag=latest"
}
}
},
{
"category": "product_version",
"name": "devspaces/udi-rhel9@sha256:f6be90596ba55531a1ef7acf4041ed2828d4fe8a3cdd4e8b251bf4929bd19700_ppc64le",
"product": {
"name": "devspaces/udi-rhel9@sha256:f6be90596ba55531a1ef7acf4041ed2828d4fe8a3cdd4e8b251bf4929bd19700_ppc64le",
"product_id": "devspaces/udi-rhel9@sha256:f6be90596ba55531a1ef7acf4041ed2828d4fe8a3cdd4e8b251bf4929bd19700_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/udi-rhel9@sha256:f6be90596ba55531a1ef7acf4041ed2828d4fe8a3cdd4e8b251bf4929bd19700?arch=ppc64le\u0026repository_url=registry.redhat.io/devspaces/udi-rhel9\u0026tag=3.21-6"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "devspaces/code-rhel9@sha256:e48a0e27d13aff1bc60facd4ef3bd875f3b9c68b33c5d9be86dcf2fb46971d24_amd64",
"product": {
"name": "devspaces/code-rhel9@sha256:e48a0e27d13aff1bc60facd4ef3bd875f3b9c68b33c5d9be86dcf2fb46971d24_amd64",
"product_id": "devspaces/code-rhel9@sha256:e48a0e27d13aff1bc60facd4ef3bd875f3b9c68b33c5d9be86dcf2fb46971d24_amd64",
"product_identification_helper": {
"purl": "pkg:oci/code-rhel9@sha256:e48a0e27d13aff1bc60facd4ef3bd875f3b9c68b33c5d9be86dcf2fb46971d24?arch=amd64\u0026repository_url=registry.redhat.io/devspaces/code-rhel9\u0026tag=3.21-5"
}
}
},
{
"category": "product_version",
"name": "devspaces/configbump-rhel9@sha256:403b6c1ddb3fe9337fc1f83129d0b9e51dc18948df29f94212e291246b828e90_amd64",
"product": {
"name": "devspaces/configbump-rhel9@sha256:403b6c1ddb3fe9337fc1f83129d0b9e51dc18948df29f94212e291246b828e90_amd64",
"product_id": "devspaces/configbump-rhel9@sha256:403b6c1ddb3fe9337fc1f83129d0b9e51dc18948df29f94212e291246b828e90_amd64",
"product_identification_helper": {
"purl": "pkg:oci/configbump-rhel9@sha256:403b6c1ddb3fe9337fc1f83129d0b9e51dc18948df29f94212e291246b828e90?arch=amd64\u0026repository_url=registry.redhat.io/devspaces/configbump-rhel9\u0026tag=latest"
}
}
},
{
"category": "product_version",
"name": "devspaces/dashboard-rhel9@sha256:bbb3292a84927c24cdef7aaff704cc12560172ba0c55021bf397d92f0f8c04c8_amd64",
"product": {
"name": "devspaces/dashboard-rhel9@sha256:bbb3292a84927c24cdef7aaff704cc12560172ba0c55021bf397d92f0f8c04c8_amd64",
"product_id": "devspaces/dashboard-rhel9@sha256:bbb3292a84927c24cdef7aaff704cc12560172ba0c55021bf397d92f0f8c04c8_amd64",
"product_identification_helper": {
"purl": "pkg:oci/dashboard-rhel9@sha256:bbb3292a84927c24cdef7aaff704cc12560172ba0c55021bf397d92f0f8c04c8?arch=amd64\u0026repository_url=registry.redhat.io/devspaces/dashboard-rhel9\u0026tag=3.21-12"
}
}
},
{
"category": "product_version",
"name": "devspaces-tech-preview/idea-rhel9@sha256:e57eccb97cb2329af1654e27ad2ad30bb30de70c496b0e6e4353d2d0ce9274b8_amd64",
"product": {
"name": "devspaces-tech-preview/idea-rhel9@sha256:e57eccb97cb2329af1654e27ad2ad30bb30de70c496b0e6e4353d2d0ce9274b8_amd64",
"product_id": "devspaces-tech-preview/idea-rhel9@sha256:e57eccb97cb2329af1654e27ad2ad30bb30de70c496b0e6e4353d2d0ce9274b8_amd64",
"product_identification_helper": {
"purl": "pkg:oci/idea-rhel9@sha256:e57eccb97cb2329af1654e27ad2ad30bb30de70c496b0e6e4353d2d0ce9274b8?arch=amd64\u0026repository_url=registry.redhat.io/devspaces-tech-preview/idea-rhel9\u0026tag=latest"
}
}
},
{
"category": "product_version",
"name": "devspaces/imagepuller-rhel9@sha256:899c0fa0d3035a2da050c9dc765d2d5a1e79969ac8e5fe772e6dab003940c4b4_amd64",
"product": {
"name": "devspaces/imagepuller-rhel9@sha256:899c0fa0d3035a2da050c9dc765d2d5a1e79969ac8e5fe772e6dab003940c4b4_amd64",
"product_id": "devspaces/imagepuller-rhel9@sha256:899c0fa0d3035a2da050c9dc765d2d5a1e79969ac8e5fe772e6dab003940c4b4_amd64",
"product_identification_helper": {
"purl": "pkg:oci/imagepuller-rhel9@sha256:899c0fa0d3035a2da050c9dc765d2d5a1e79969ac8e5fe772e6dab003940c4b4?arch=amd64\u0026repository_url=registry.redhat.io/devspaces/imagepuller-rhel9\u0026tag=latest"
}
}
},
{
"category": "product_version",
"name": "devspaces-tech-preview/jetbrains-ide-rhel9@sha256:6f3737f74c7659d65af8fe9a7cab165f8cdb1554b8ff963352885e1d9014ff27_amd64",
"product": {
"name": "devspaces-tech-preview/jetbrains-ide-rhel9@sha256:6f3737f74c7659d65af8fe9a7cab165f8cdb1554b8ff963352885e1d9014ff27_amd64",
"product_id": "devspaces-tech-preview/jetbrains-ide-rhel9@sha256:6f3737f74c7659d65af8fe9a7cab165f8cdb1554b8ff963352885e1d9014ff27_amd64",
"product_identification_helper": {
"purl": "pkg:oci/jetbrains-ide-rhel9@sha256:6f3737f74c7659d65af8fe9a7cab165f8cdb1554b8ff963352885e1d9014ff27?arch=amd64\u0026repository_url=registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9\u0026tag=latest"
}
}
},
{
"category": "product_version",
"name": "devspaces/machineexec-rhel9@sha256:0ce141da5a9eec8fd61d6beee7c993ed4731a4b25501fd3a8f261a4aeab2ccda_amd64",
"product": {
"name": "devspaces/machineexec-rhel9@sha256:0ce141da5a9eec8fd61d6beee7c993ed4731a4b25501fd3a8f261a4aeab2ccda_amd64",
"product_id": "devspaces/machineexec-rhel9@sha256:0ce141da5a9eec8fd61d6beee7c993ed4731a4b25501fd3a8f261a4aeab2ccda_amd64",
"product_identification_helper": {
"purl": "pkg:oci/machineexec-rhel9@sha256:0ce141da5a9eec8fd61d6beee7c993ed4731a4b25501fd3a8f261a4aeab2ccda?arch=amd64\u0026repository_url=registry.redhat.io/devspaces/machineexec-rhel9\u0026tag=3.21-4"
}
}
},
{
"category": "product_version",
"name": "devspaces/devspaces-operator-bundle@sha256:b05f216166a75a5ae3f56495ea4f47a6c3b91d5405360cd991f7c9d545491150_amd64",
"product": {
"name": "devspaces/devspaces-operator-bundle@sha256:b05f216166a75a5ae3f56495ea4f47a6c3b91d5405360cd991f7c9d545491150_amd64",
"product_id": "devspaces/devspaces-operator-bundle@sha256:b05f216166a75a5ae3f56495ea4f47a6c3b91d5405360cd991f7c9d545491150_amd64",
"product_identification_helper": {
"purl": "pkg:oci/devspaces-operator-bundle@sha256:b05f216166a75a5ae3f56495ea4f47a6c3b91d5405360cd991f7c9d545491150?arch=amd64\u0026repository_url=registry.redhat.io/devspaces/devspaces-operator-bundle\u0026tag=3.21-25"
}
}
},
{
"category": "product_version",
"name": "devspaces/pluginregistry-rhel9@sha256:7107f9bf1082a528e0f3af30a5b02e26a770b3430600596e37bebafa18fd0786_amd64",
"product": {
"name": "devspaces/pluginregistry-rhel9@sha256:7107f9bf1082a528e0f3af30a5b02e26a770b3430600596e37bebafa18fd0786_amd64",
"product_id": "devspaces/pluginregistry-rhel9@sha256:7107f9bf1082a528e0f3af30a5b02e26a770b3430600596e37bebafa18fd0786_amd64",
"product_identification_helper": {
"purl": "pkg:oci/pluginregistry-rhel9@sha256:7107f9bf1082a528e0f3af30a5b02e26a770b3430600596e37bebafa18fd0786?arch=amd64\u0026repository_url=registry.redhat.io/devspaces/pluginregistry-rhel9\u0026tag=3.21-7"
}
}
},
{
"category": "product_version",
"name": "devspaces/devspaces-rhel9-operator@sha256:0cfde874c304561625ac5a838df9d90514bafddd5af6f7ed38f1476475497df3_amd64",
"product": {
"name": "devspaces/devspaces-rhel9-operator@sha256:0cfde874c304561625ac5a838df9d90514bafddd5af6f7ed38f1476475497df3_amd64",
"product_id": "devspaces/devspaces-rhel9-operator@sha256:0cfde874c304561625ac5a838df9d90514bafddd5af6f7ed38f1476475497df3_amd64",
"product_identification_helper": {
"purl": "pkg:oci/devspaces-rhel9-operator@sha256:0cfde874c304561625ac5a838df9d90514bafddd5af6f7ed38f1476475497df3?arch=amd64\u0026repository_url=registry.redhat.io/devspaces/devspaces-rhel9-operator\u0026tag=3.21-6"
}
}
},
{
"category": "product_version",
"name": "devspaces/server-rhel9@sha256:52ea2c5e3244363b1d131b8551c10abc687b18f95ca5b9f561f79041a6f06c21_amd64",
"product": {
"name": "devspaces/server-rhel9@sha256:52ea2c5e3244363b1d131b8551c10abc687b18f95ca5b9f561f79041a6f06c21_amd64",
"product_id": "devspaces/server-rhel9@sha256:52ea2c5e3244363b1d131b8551c10abc687b18f95ca5b9f561f79041a6f06c21_amd64",
"product_identification_helper": {
"purl": "pkg:oci/server-rhel9@sha256:52ea2c5e3244363b1d131b8551c10abc687b18f95ca5b9f561f79041a6f06c21?arch=amd64\u0026repository_url=registry.redhat.io/devspaces/server-rhel9\u0026tag=3.21-11"
}
}
},
{
"category": "product_version",
"name": "devspaces/traefik-rhel9@sha256:24a8578aa65eaeb3fbbc4809db2bd8e57cd76cc6a96d94ce67aa22f1b5d4a4a5_amd64",
"product": {
"name": "devspaces/traefik-rhel9@sha256:24a8578aa65eaeb3fbbc4809db2bd8e57cd76cc6a96d94ce67aa22f1b5d4a4a5_amd64",
"product_id": "devspaces/traefik-rhel9@sha256:24a8578aa65eaeb3fbbc4809db2bd8e57cd76cc6a96d94ce67aa22f1b5d4a4a5_amd64",
"product_identification_helper": {
"purl": "pkg:oci/traefik-rhel9@sha256:24a8578aa65eaeb3fbbc4809db2bd8e57cd76cc6a96d94ce67aa22f1b5d4a4a5?arch=amd64\u0026repository_url=registry.redhat.io/devspaces/traefik-rhel9\u0026tag=3.21-1"
}
}
},
{
"category": "product_version",
"name": "devspaces/udi-base-rhel9@sha256:25b8dab260796cc1962ef2c31a6c8b98e258b1a9e8b13580da798a0074acd4e8_amd64",
"product": {
"name": "devspaces/udi-base-rhel9@sha256:25b8dab260796cc1962ef2c31a6c8b98e258b1a9e8b13580da798a0074acd4e8_amd64",
"product_id": "devspaces/udi-base-rhel9@sha256:25b8dab260796cc1962ef2c31a6c8b98e258b1a9e8b13580da798a0074acd4e8_amd64",
"product_identification_helper": {
"purl": "pkg:oci/udi-base-rhel9@sha256:25b8dab260796cc1962ef2c31a6c8b98e258b1a9e8b13580da798a0074acd4e8?arch=amd64\u0026repository_url=registry.redhat.io/devspaces/udi-base-rhel9\u0026tag=latest"
}
}
},
{
"category": "product_version",
"name": "devspaces/udi-rhel9@sha256:c98bbca9019281daafac3fb0ac3590258ca5c93ecc954e5127c1c99db4aa0315_amd64",
"product": {
"name": "devspaces/udi-rhel9@sha256:c98bbca9019281daafac3fb0ac3590258ca5c93ecc954e5127c1c99db4aa0315_amd64",
"product_id": "devspaces/udi-rhel9@sha256:c98bbca9019281daafac3fb0ac3590258ca5c93ecc954e5127c1c99db4aa0315_amd64",
"product_identification_helper": {
"purl": "pkg:oci/udi-rhel9@sha256:c98bbca9019281daafac3fb0ac3590258ca5c93ecc954e5127c1c99db4aa0315?arch=amd64\u0026repository_url=registry.redhat.io/devspaces/udi-rhel9\u0026tag=3.21-6"
}
}
}
],
"category": "architecture",
"name": "amd64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "devspaces-tech-preview/idea-rhel9@sha256:e57eccb97cb2329af1654e27ad2ad30bb30de70c496b0e6e4353d2d0ce9274b8_amd64 as a component of Red Hat OpenShift Dev Spaces 3",
"product_id": "9Base-RHOSDS-3:devspaces-tech-preview/idea-rhel9@sha256:e57eccb97cb2329af1654e27ad2ad30bb30de70c496b0e6e4353d2d0ce9274b8_amd64"
},
"product_reference": "devspaces-tech-preview/idea-rhel9@sha256:e57eccb97cb2329af1654e27ad2ad30bb30de70c496b0e6e4353d2d0ce9274b8_amd64",
"relates_to_product_reference": "9Base-RHOSDS-3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "devspaces-tech-preview/jetbrains-ide-rhel9@sha256:6f3737f74c7659d65af8fe9a7cab165f8cdb1554b8ff963352885e1d9014ff27_amd64 as a component of Red Hat OpenShift Dev Spaces 3",
"product_id": "9Base-RHOSDS-3:devspaces-tech-preview/jetbrains-ide-rhel9@sha256:6f3737f74c7659d65af8fe9a7cab165f8cdb1554b8ff963352885e1d9014ff27_amd64"
},
"product_reference": "devspaces-tech-preview/jetbrains-ide-rhel9@sha256:6f3737f74c7659d65af8fe9a7cab165f8cdb1554b8ff963352885e1d9014ff27_amd64",
"relates_to_product_reference": "9Base-RHOSDS-3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "devspaces-tech-preview/jetbrains-ide-rhel9@sha256:82d121266eb9adca7faa9af0da6c89323cfe24add67bcba759a6a81ca161ba2f_s390x as a component of Red Hat OpenShift Dev Spaces 3",
"product_id": "9Base-RHOSDS-3:devspaces-tech-preview/jetbrains-ide-rhel9@sha256:82d121266eb9adca7faa9af0da6c89323cfe24add67bcba759a6a81ca161ba2f_s390x"
},
"product_reference": "devspaces-tech-preview/jetbrains-ide-rhel9@sha256:82d121266eb9adca7faa9af0da6c89323cfe24add67bcba759a6a81ca161ba2f_s390x",
"relates_to_product_reference": "9Base-RHOSDS-3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "devspaces-tech-preview/jetbrains-ide-rhel9@sha256:9a8899c791034c3395c081fbe55746021d372ea1ea3523f2a72bf7e31a2a4132_ppc64le as a component of Red Hat OpenShift Dev Spaces 3",
"product_id": "9Base-RHOSDS-3:devspaces-tech-preview/jetbrains-ide-rhel9@sha256:9a8899c791034c3395c081fbe55746021d372ea1ea3523f2a72bf7e31a2a4132_ppc64le"
},
"product_reference": "devspaces-tech-preview/jetbrains-ide-rhel9@sha256:9a8899c791034c3395c081fbe55746021d372ea1ea3523f2a72bf7e31a2a4132_ppc64le",
"relates_to_product_reference": "9Base-RHOSDS-3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "devspaces/code-rhel9@sha256:08f2e3cd088b9d1176e61f8017126ecaa7447ade3aede5d63e49bd678b5cc30b_s390x as a component of Red Hat OpenShift Dev Spaces 3",
"product_id": "9Base-RHOSDS-3:devspaces/code-rhel9@sha256:08f2e3cd088b9d1176e61f8017126ecaa7447ade3aede5d63e49bd678b5cc30b_s390x"
},
"product_reference": "devspaces/code-rhel9@sha256:08f2e3cd088b9d1176e61f8017126ecaa7447ade3aede5d63e49bd678b5cc30b_s390x",
"relates_to_product_reference": "9Base-RHOSDS-3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "devspaces/code-rhel9@sha256:d36fb4add09a1576207fe4b114f60142a43b351d218b1f5d0807bacc19c02915_ppc64le as a component of Red Hat OpenShift Dev Spaces 3",
"product_id": "9Base-RHOSDS-3:devspaces/code-rhel9@sha256:d36fb4add09a1576207fe4b114f60142a43b351d218b1f5d0807bacc19c02915_ppc64le"
},
"product_reference": "devspaces/code-rhel9@sha256:d36fb4add09a1576207fe4b114f60142a43b351d218b1f5d0807bacc19c02915_ppc64le",
"relates_to_product_reference": "9Base-RHOSDS-3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "devspaces/code-rhel9@sha256:e48a0e27d13aff1bc60facd4ef3bd875f3b9c68b33c5d9be86dcf2fb46971d24_amd64 as a component of Red Hat OpenShift Dev Spaces 3",
"product_id": "9Base-RHOSDS-3:devspaces/code-rhel9@sha256:e48a0e27d13aff1bc60facd4ef3bd875f3b9c68b33c5d9be86dcf2fb46971d24_amd64"
},
"product_reference": "devspaces/code-rhel9@sha256:e48a0e27d13aff1bc60facd4ef3bd875f3b9c68b33c5d9be86dcf2fb46971d24_amd64",
"relates_to_product_reference": "9Base-RHOSDS-3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "devspaces/configbump-rhel9@sha256:403b6c1ddb3fe9337fc1f83129d0b9e51dc18948df29f94212e291246b828e90_amd64 as a component of Red Hat OpenShift Dev Spaces 3",
"product_id": "9Base-RHOSDS-3:devspaces/configbump-rhel9@sha256:403b6c1ddb3fe9337fc1f83129d0b9e51dc18948df29f94212e291246b828e90_amd64"
},
"product_reference": "devspaces/configbump-rhel9@sha256:403b6c1ddb3fe9337fc1f83129d0b9e51dc18948df29f94212e291246b828e90_amd64",
"relates_to_product_reference": "9Base-RHOSDS-3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "devspaces/configbump-rhel9@sha256:97544fe3e08648e8f0aec09dda768e884b0c213be0b833568747c797d492bb42_ppc64le as a component of Red Hat OpenShift Dev Spaces 3",
"product_id": "9Base-RHOSDS-3:devspaces/configbump-rhel9@sha256:97544fe3e08648e8f0aec09dda768e884b0c213be0b833568747c797d492bb42_ppc64le"
},
"product_reference": "devspaces/configbump-rhel9@sha256:97544fe3e08648e8f0aec09dda768e884b0c213be0b833568747c797d492bb42_ppc64le",
"relates_to_product_reference": "9Base-RHOSDS-3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "devspaces/configbump-rhel9@sha256:a47dcbcc9292e09c31ad8df74d54b58aa03db782700937365434407029c586d7_s390x as a component of Red Hat OpenShift Dev Spaces 3",
"product_id": "9Base-RHOSDS-3:devspaces/configbump-rhel9@sha256:a47dcbcc9292e09c31ad8df74d54b58aa03db782700937365434407029c586d7_s390x"
},
"product_reference": "devspaces/configbump-rhel9@sha256:a47dcbcc9292e09c31ad8df74d54b58aa03db782700937365434407029c586d7_s390x",
"relates_to_product_reference": "9Base-RHOSDS-3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "devspaces/dashboard-rhel9@sha256:4fb48f0964049b6e56c71cac4973c8ec4ae53b3248ec842e58ec499736e3ffb7_ppc64le as a component of Red Hat OpenShift Dev Spaces 3",
"product_id": "9Base-RHOSDS-3:devspaces/dashboard-rhel9@sha256:4fb48f0964049b6e56c71cac4973c8ec4ae53b3248ec842e58ec499736e3ffb7_ppc64le"
},
"product_reference": "devspaces/dashboard-rhel9@sha256:4fb48f0964049b6e56c71cac4973c8ec4ae53b3248ec842e58ec499736e3ffb7_ppc64le",
"relates_to_product_reference": "9Base-RHOSDS-3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "devspaces/dashboard-rhel9@sha256:bbb3292a84927c24cdef7aaff704cc12560172ba0c55021bf397d92f0f8c04c8_amd64 as a component of Red Hat OpenShift Dev Spaces 3",
"product_id": "9Base-RHOSDS-3:devspaces/dashboard-rhel9@sha256:bbb3292a84927c24cdef7aaff704cc12560172ba0c55021bf397d92f0f8c04c8_amd64"
},
"product_reference": "devspaces/dashboard-rhel9@sha256:bbb3292a84927c24cdef7aaff704cc12560172ba0c55021bf397d92f0f8c04c8_amd64",
"relates_to_product_reference": "9Base-RHOSDS-3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "devspaces/dashboard-rhel9@sha256:f894dcaddbc0dd33c9e524e33bf54416f08dd328838bbe2c869eb7201cf7ef1a_s390x as a component of Red Hat OpenShift Dev Spaces 3",
"product_id": "9Base-RHOSDS-3:devspaces/dashboard-rhel9@sha256:f894dcaddbc0dd33c9e524e33bf54416f08dd328838bbe2c869eb7201cf7ef1a_s390x"
},
"product_reference": "devspaces/dashboard-rhel9@sha256:f894dcaddbc0dd33c9e524e33bf54416f08dd328838bbe2c869eb7201cf7ef1a_s390x",
"relates_to_product_reference": "9Base-RHOSDS-3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "devspaces/devspaces-operator-bundle@sha256:b05f216166a75a5ae3f56495ea4f47a6c3b91d5405360cd991f7c9d545491150_amd64 as a component of Red Hat OpenShift Dev Spaces 3",
"product_id": "9Base-RHOSDS-3:devspaces/devspaces-operator-bundle@sha256:b05f216166a75a5ae3f56495ea4f47a6c3b91d5405360cd991f7c9d545491150_amd64"
},
"product_reference": "devspaces/devspaces-operator-bundle@sha256:b05f216166a75a5ae3f56495ea4f47a6c3b91d5405360cd991f7c9d545491150_amd64",
"relates_to_product_reference": "9Base-RHOSDS-3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "devspaces/devspaces-operator-bundle@sha256:ba152d33e05c8d53dd9c39249ba9756418619ff784ef1e4cb296a7aa1a33adfd_ppc64le as a component of Red Hat OpenShift Dev Spaces 3",
"product_id": "9Base-RHOSDS-3:devspaces/devspaces-operator-bundle@sha256:ba152d33e05c8d53dd9c39249ba9756418619ff784ef1e4cb296a7aa1a33adfd_ppc64le"
},
"product_reference": "devspaces/devspaces-operator-bundle@sha256:ba152d33e05c8d53dd9c39249ba9756418619ff784ef1e4cb296a7aa1a33adfd_ppc64le",
"relates_to_product_reference": "9Base-RHOSDS-3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "devspaces/devspaces-operator-bundle@sha256:f463c35bfe9daac4929295c610f07935ff9655793b72d5fd040944fad8307c9a_s390x as a component of Red Hat OpenShift Dev Spaces 3",
"product_id": "9Base-RHOSDS-3:devspaces/devspaces-operator-bundle@sha256:f463c35bfe9daac4929295c610f07935ff9655793b72d5fd040944fad8307c9a_s390x"
},
"product_reference": "devspaces/devspaces-operator-bundle@sha256:f463c35bfe9daac4929295c610f07935ff9655793b72d5fd040944fad8307c9a_s390x",
"relates_to_product_reference": "9Base-RHOSDS-3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "devspaces/devspaces-rhel9-operator@sha256:0cfde874c304561625ac5a838df9d90514bafddd5af6f7ed38f1476475497df3_amd64 as a component of Red Hat OpenShift Dev Spaces 3",
"product_id": "9Base-RHOSDS-3:devspaces/devspaces-rhel9-operator@sha256:0cfde874c304561625ac5a838df9d90514bafddd5af6f7ed38f1476475497df3_amd64"
},
"product_reference": "devspaces/devspaces-rhel9-operator@sha256:0cfde874c304561625ac5a838df9d90514bafddd5af6f7ed38f1476475497df3_amd64",
"relates_to_product_reference": "9Base-RHOSDS-3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "devspaces/devspaces-rhel9-operator@sha256:23280e408cce44be3fc8ebf244b19f5e386da1e6fab218a1a3ee8a1748f132f9_ppc64le as a component of Red Hat OpenShift Dev Spaces 3",
"product_id": "9Base-RHOSDS-3:devspaces/devspaces-rhel9-operator@sha256:23280e408cce44be3fc8ebf244b19f5e386da1e6fab218a1a3ee8a1748f132f9_ppc64le"
},
"product_reference": "devspaces/devspaces-rhel9-operator@sha256:23280e408cce44be3fc8ebf244b19f5e386da1e6fab218a1a3ee8a1748f132f9_ppc64le",
"relates_to_product_reference": "9Base-RHOSDS-3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "devspaces/devspaces-rhel9-operator@sha256:e2b9c33d133573a466fead6c5f904d7ef31ba96d5fce1a619f3ff8c47d86a9da_s390x as a component of Red Hat OpenShift Dev Spaces 3",
"product_id": "9Base-RHOSDS-3:devspaces/devspaces-rhel9-operator@sha256:e2b9c33d133573a466fead6c5f904d7ef31ba96d5fce1a619f3ff8c47d86a9da_s390x"
},
"product_reference": "devspaces/devspaces-rhel9-operator@sha256:e2b9c33d133573a466fead6c5f904d7ef31ba96d5fce1a619f3ff8c47d86a9da_s390x",
"relates_to_product_reference": "9Base-RHOSDS-3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "devspaces/imagepuller-rhel9@sha256:4e11c662d89bb01653f32ed2f3bc66a67be8a1464e267a564a30e36d047b46a6_s390x as a component of Red Hat OpenShift Dev Spaces 3",
"product_id": "9Base-RHOSDS-3:devspaces/imagepuller-rhel9@sha256:4e11c662d89bb01653f32ed2f3bc66a67be8a1464e267a564a30e36d047b46a6_s390x"
},
"product_reference": "devspaces/imagepuller-rhel9@sha256:4e11c662d89bb01653f32ed2f3bc66a67be8a1464e267a564a30e36d047b46a6_s390x",
"relates_to_product_reference": "9Base-RHOSDS-3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "devspaces/imagepuller-rhel9@sha256:899c0fa0d3035a2da050c9dc765d2d5a1e79969ac8e5fe772e6dab003940c4b4_amd64 as a component of Red Hat OpenShift Dev Spaces 3",
"product_id": "9Base-RHOSDS-3:devspaces/imagepuller-rhel9@sha256:899c0fa0d3035a2da050c9dc765d2d5a1e79969ac8e5fe772e6dab003940c4b4_amd64"
},
"product_reference": "devspaces/imagepuller-rhel9@sha256:899c0fa0d3035a2da050c9dc765d2d5a1e79969ac8e5fe772e6dab003940c4b4_amd64",
"relates_to_product_reference": "9Base-RHOSDS-3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "devspaces/imagepuller-rhel9@sha256:8de9e91840963be836e62c27395e7c37ebe1e908770a817197cb938fcf1777dc_ppc64le as a component of Red Hat OpenShift Dev Spaces 3",
"product_id": "9Base-RHOSDS-3:devspaces/imagepuller-rhel9@sha256:8de9e91840963be836e62c27395e7c37ebe1e908770a817197cb938fcf1777dc_ppc64le"
},
"product_reference": "devspaces/imagepuller-rhel9@sha256:8de9e91840963be836e62c27395e7c37ebe1e908770a817197cb938fcf1777dc_ppc64le",
"relates_to_product_reference": "9Base-RHOSDS-3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "devspaces/machineexec-rhel9@sha256:0ce141da5a9eec8fd61d6beee7c993ed4731a4b25501fd3a8f261a4aeab2ccda_amd64 as a component of Red Hat OpenShift Dev Spaces 3",
"product_id": "9Base-RHOSDS-3:devspaces/machineexec-rhel9@sha256:0ce141da5a9eec8fd61d6beee7c993ed4731a4b25501fd3a8f261a4aeab2ccda_amd64"
},
"product_reference": "devspaces/machineexec-rhel9@sha256:0ce141da5a9eec8fd61d6beee7c993ed4731a4b25501fd3a8f261a4aeab2ccda_amd64",
"relates_to_product_reference": "9Base-RHOSDS-3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "devspaces/machineexec-rhel9@sha256:60f6c9724b2c7e773654d7fd176829661420b6a3eb9df7f72c3560e7890fe691_s390x as a component of Red Hat OpenShift Dev Spaces 3",
"product_id": "9Base-RHOSDS-3:devspaces/machineexec-rhel9@sha256:60f6c9724b2c7e773654d7fd176829661420b6a3eb9df7f72c3560e7890fe691_s390x"
},
"product_reference": "devspaces/machineexec-rhel9@sha256:60f6c9724b2c7e773654d7fd176829661420b6a3eb9df7f72c3560e7890fe691_s390x",
"relates_to_product_reference": "9Base-RHOSDS-3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "devspaces/machineexec-rhel9@sha256:ac07b6bc8c311b357ab5e0545a2b80aa567c2f76b9ed01a3d382b5685b688c83_ppc64le as a component of Red Hat OpenShift Dev Spaces 3",
"product_id": "9Base-RHOSDS-3:devspaces/machineexec-rhel9@sha256:ac07b6bc8c311b357ab5e0545a2b80aa567c2f76b9ed01a3d382b5685b688c83_ppc64le"
},
"product_reference": "devspaces/machineexec-rhel9@sha256:ac07b6bc8c311b357ab5e0545a2b80aa567c2f76b9ed01a3d382b5685b688c83_ppc64le",
"relates_to_product_reference": "9Base-RHOSDS-3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "devspaces/pluginregistry-rhel9@sha256:4c5430c1e53219652c27d861d7a7d577097db0dad05ded83b814275cb9a6cad2_ppc64le as a component of Red Hat OpenShift Dev Spaces 3",
"product_id": "9Base-RHOSDS-3:devspaces/pluginregistry-rhel9@sha256:4c5430c1e53219652c27d861d7a7d577097db0dad05ded83b814275cb9a6cad2_ppc64le"
},
"product_reference": "devspaces/pluginregistry-rhel9@sha256:4c5430c1e53219652c27d861d7a7d577097db0dad05ded83b814275cb9a6cad2_ppc64le",
"relates_to_product_reference": "9Base-RHOSDS-3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "devspaces/pluginregistry-rhel9@sha256:7107f9bf1082a528e0f3af30a5b02e26a770b3430600596e37bebafa18fd0786_amd64 as a component of Red Hat OpenShift Dev Spaces 3",
"product_id": "9Base-RHOSDS-3:devspaces/pluginregistry-rhel9@sha256:7107f9bf1082a528e0f3af30a5b02e26a770b3430600596e37bebafa18fd0786_amd64"
},
"product_reference": "devspaces/pluginregistry-rhel9@sha256:7107f9bf1082a528e0f3af30a5b02e26a770b3430600596e37bebafa18fd0786_amd64",
"relates_to_product_reference": "9Base-RHOSDS-3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "devspaces/pluginregistry-rhel9@sha256:989fc72b261f44374f16ba8aa190791d04da8b295933f724a00bc31a84efd89e_s390x as a component of Red Hat OpenShift Dev Spaces 3",
"product_id": "9Base-RHOSDS-3:devspaces/pluginregistry-rhel9@sha256:989fc72b261f44374f16ba8aa190791d04da8b295933f724a00bc31a84efd89e_s390x"
},
"product_reference": "devspaces/pluginregistry-rhel9@sha256:989fc72b261f44374f16ba8aa190791d04da8b295933f724a00bc31a84efd89e_s390x",
"relates_to_product_reference": "9Base-RHOSDS-3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "devspaces/server-rhel9@sha256:52ea2c5e3244363b1d131b8551c10abc687b18f95ca5b9f561f79041a6f06c21_amd64 as a component of Red Hat OpenShift Dev Spaces 3",
"product_id": "9Base-RHOSDS-3:devspaces/server-rhel9@sha256:52ea2c5e3244363b1d131b8551c10abc687b18f95ca5b9f561f79041a6f06c21_amd64"
},
"product_reference": "devspaces/server-rhel9@sha256:52ea2c5e3244363b1d131b8551c10abc687b18f95ca5b9f561f79041a6f06c21_amd64",
"relates_to_product_reference": "9Base-RHOSDS-3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "devspaces/server-rhel9@sha256:ae275fed16fdc724d0e48659c3de940e4af3e0722d3b5d465634d31f5a2a972e_s390x as a component of Red Hat OpenShift Dev Spaces 3",
"product_id": "9Base-RHOSDS-3:devspaces/server-rhel9@sha256:ae275fed16fdc724d0e48659c3de940e4af3e0722d3b5d465634d31f5a2a972e_s390x"
},
"product_reference": "devspaces/server-rhel9@sha256:ae275fed16fdc724d0e48659c3de940e4af3e0722d3b5d465634d31f5a2a972e_s390x",
"relates_to_product_reference": "9Base-RHOSDS-3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "devspaces/server-rhel9@sha256:edae16c9f7a40feaf051b22a05945fd3a51033d031b742346105cff657848881_ppc64le as a component of Red Hat OpenShift Dev Spaces 3",
"product_id": "9Base-RHOSDS-3:devspaces/server-rhel9@sha256:edae16c9f7a40feaf051b22a05945fd3a51033d031b742346105cff657848881_ppc64le"
},
"product_reference": "devspaces/server-rhel9@sha256:edae16c9f7a40feaf051b22a05945fd3a51033d031b742346105cff657848881_ppc64le",
"relates_to_product_reference": "9Base-RHOSDS-3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "devspaces/traefik-rhel9@sha256:24a8578aa65eaeb3fbbc4809db2bd8e57cd76cc6a96d94ce67aa22f1b5d4a4a5_amd64 as a component of Red Hat OpenShift Dev Spaces 3",
"product_id": "9Base-RHOSDS-3:devspaces/traefik-rhel9@sha256:24a8578aa65eaeb3fbbc4809db2bd8e57cd76cc6a96d94ce67aa22f1b5d4a4a5_amd64"
},
"product_reference": "devspaces/traefik-rhel9@sha256:24a8578aa65eaeb3fbbc4809db2bd8e57cd76cc6a96d94ce67aa22f1b5d4a4a5_amd64",
"relates_to_product_reference": "9Base-RHOSDS-3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "devspaces/traefik-rhel9@sha256:2a9c66e55371adf209b5b317068e63cfbd9b3e27da9de210250607da8b3ffdff_ppc64le as a component of Red Hat OpenShift Dev Spaces 3",
"product_id": "9Base-RHOSDS-3:devspaces/traefik-rhel9@sha256:2a9c66e55371adf209b5b317068e63cfbd9b3e27da9de210250607da8b3ffdff_ppc64le"
},
"product_reference": "devspaces/traefik-rhel9@sha256:2a9c66e55371adf209b5b317068e63cfbd9b3e27da9de210250607da8b3ffdff_ppc64le",
"relates_to_product_reference": "9Base-RHOSDS-3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "devspaces/traefik-rhel9@sha256:90df466eef849a4fd6846345273968f875397d72f24c38445058d462d861ca9c_s390x as a component of Red Hat OpenShift Dev Spaces 3",
"product_id": "9Base-RHOSDS-3:devspaces/traefik-rhel9@sha256:90df466eef849a4fd6846345273968f875397d72f24c38445058d462d861ca9c_s390x"
},
"product_reference": "devspaces/traefik-rhel9@sha256:90df466eef849a4fd6846345273968f875397d72f24c38445058d462d861ca9c_s390x",
"relates_to_product_reference": "9Base-RHOSDS-3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "devspaces/udi-base-rhel9@sha256:25b8dab260796cc1962ef2c31a6c8b98e258b1a9e8b13580da798a0074acd4e8_amd64 as a component of Red Hat OpenShift Dev Spaces 3",
"product_id": "9Base-RHOSDS-3:devspaces/udi-base-rhel9@sha256:25b8dab260796cc1962ef2c31a6c8b98e258b1a9e8b13580da798a0074acd4e8_amd64"
},
"product_reference": "devspaces/udi-base-rhel9@sha256:25b8dab260796cc1962ef2c31a6c8b98e258b1a9e8b13580da798a0074acd4e8_amd64",
"relates_to_product_reference": "9Base-RHOSDS-3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "devspaces/udi-base-rhel9@sha256:89d858f949b7bbc4502109ff8ab3cf0f416ad1a4c9432924669fc30eeba26b86_ppc64le as a component of Red Hat OpenShift Dev Spaces 3",
"product_id": "9Base-RHOSDS-3:devspaces/udi-base-rhel9@sha256:89d858f949b7bbc4502109ff8ab3cf0f416ad1a4c9432924669fc30eeba26b86_ppc64le"
},
"product_reference": "devspaces/udi-base-rhel9@sha256:89d858f949b7bbc4502109ff8ab3cf0f416ad1a4c9432924669fc30eeba26b86_ppc64le",
"relates_to_product_reference": "9Base-RHOSDS-3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "devspaces/udi-base-rhel9@sha256:e1b46dd642b4391ece60c7bc3bb062ba81c3c975cb3723ade62f5a230a43ed5d_s390x as a component of Red Hat OpenShift Dev Spaces 3",
"product_id": "9Base-RHOSDS-3:devspaces/udi-base-rhel9@sha256:e1b46dd642b4391ece60c7bc3bb062ba81c3c975cb3723ade62f5a230a43ed5d_s390x"
},
"product_reference": "devspaces/udi-base-rhel9@sha256:e1b46dd642b4391ece60c7bc3bb062ba81c3c975cb3723ade62f5a230a43ed5d_s390x",
"relates_to_product_reference": "9Base-RHOSDS-3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "devspaces/udi-rhel9@sha256:c98bbca9019281daafac3fb0ac3590258ca5c93ecc954e5127c1c99db4aa0315_amd64 as a component of Red Hat OpenShift Dev Spaces 3",
"product_id": "9Base-RHOSDS-3:devspaces/udi-rhel9@sha256:c98bbca9019281daafac3fb0ac3590258ca5c93ecc954e5127c1c99db4aa0315_amd64"
},
"product_reference": "devspaces/udi-rhel9@sha256:c98bbca9019281daafac3fb0ac3590258ca5c93ecc954e5127c1c99db4aa0315_amd64",
"relates_to_product_reference": "9Base-RHOSDS-3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "devspaces/udi-rhel9@sha256:e6d836b45dfb32da1a94114ab9908251da24adeeca932de89ba0e23d4f104e22_s390x as a component of Red Hat OpenShift Dev Spaces 3",
"product_id": "9Base-RHOSDS-3:devspaces/udi-rhel9@sha256:e6d836b45dfb32da1a94114ab9908251da24adeeca932de89ba0e23d4f104e22_s390x"
},
"product_reference": "devspaces/udi-rhel9@sha256:e6d836b45dfb32da1a94114ab9908251da24adeeca932de89ba0e23d4f104e22_s390x",
"relates_to_product_reference": "9Base-RHOSDS-3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "devspaces/udi-rhel9@sha256:f6be90596ba55531a1ef7acf4041ed2828d4fe8a3cdd4e8b251bf4929bd19700_ppc64le as a component of Red Hat OpenShift Dev Spaces 3",
"product_id": "9Base-RHOSDS-3:devspaces/udi-rhel9@sha256:f6be90596ba55531a1ef7acf4041ed2828d4fe8a3cdd4e8b251bf4929bd19700_ppc64le"
},
"product_reference": "devspaces/udi-rhel9@sha256:f6be90596ba55531a1ef7acf4041ed2828d4fe8a3cdd4e8b251bf4929bd19700_ppc64le",
"relates_to_product_reference": "9Base-RHOSDS-3"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-12905",
"cwe": {
"id": "CWE-59",
"name": "Improper Link Resolution Before File Access (\u0027Link Following\u0027)"
},
"discovery_date": "2025-03-27T17:02:14.911888+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2355460"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the tar-fs package for Node.js. In affected versions, unauthorized file writes or overwrites outside the intended extraction directory can occur when extracting a maliciously crafted tar file. The issue is associated with index.js in the tar-fs package.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "tar-fs: link following and path traversal via maliciously crafted tar file",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated as an important severity because it allows attackers to extract a malicious tar file that can write or overwrite files outside the intended directory. This occurs due to improper handling of link resolution and pathname limitations. The risk is high for systems that automatically extract tar files, as it can lead to data corruption or unauthorized file modifications without user interaction.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHOSDS-3:devspaces-tech-preview/idea-rhel9@sha256:e57eccb97cb2329af1654e27ad2ad30bb30de70c496b0e6e4353d2d0ce9274b8_amd64",
"9Base-RHOSDS-3:devspaces-tech-preview/jetbrains-ide-rhel9@sha256:6f3737f74c7659d65af8fe9a7cab165f8cdb1554b8ff963352885e1d9014ff27_amd64",
"9Base-RHOSDS-3:devspaces-tech-preview/jetbrains-ide-rhel9@sha256:82d121266eb9adca7faa9af0da6c89323cfe24add67bcba759a6a81ca161ba2f_s390x",
"9Base-RHOSDS-3:devspaces-tech-preview/jetbrains-ide-rhel9@sha256:9a8899c791034c3395c081fbe55746021d372ea1ea3523f2a72bf7e31a2a4132_ppc64le",
"9Base-RHOSDS-3:devspaces/code-rhel9@sha256:08f2e3cd088b9d1176e61f8017126ecaa7447ade3aede5d63e49bd678b5cc30b_s390x",
"9Base-RHOSDS-3:devspaces/code-rhel9@sha256:d36fb4add09a1576207fe4b114f60142a43b351d218b1f5d0807bacc19c02915_ppc64le",
"9Base-RHOSDS-3:devspaces/code-rhel9@sha256:e48a0e27d13aff1bc60facd4ef3bd875f3b9c68b33c5d9be86dcf2fb46971d24_amd64",
"9Base-RHOSDS-3:devspaces/configbump-rhel9@sha256:403b6c1ddb3fe9337fc1f83129d0b9e51dc18948df29f94212e291246b828e90_amd64",
"9Base-RHOSDS-3:devspaces/configbump-rhel9@sha256:97544fe3e08648e8f0aec09dda768e884b0c213be0b833568747c797d492bb42_ppc64le",
"9Base-RHOSDS-3:devspaces/configbump-rhel9@sha256:a47dcbcc9292e09c31ad8df74d54b58aa03db782700937365434407029c586d7_s390x",
"9Base-RHOSDS-3:devspaces/dashboard-rhel9@sha256:4fb48f0964049b6e56c71cac4973c8ec4ae53b3248ec842e58ec499736e3ffb7_ppc64le",
"9Base-RHOSDS-3:devspaces/dashboard-rhel9@sha256:bbb3292a84927c24cdef7aaff704cc12560172ba0c55021bf397d92f0f8c04c8_amd64",
"9Base-RHOSDS-3:devspaces/dashboard-rhel9@sha256:f894dcaddbc0dd33c9e524e33bf54416f08dd328838bbe2c869eb7201cf7ef1a_s390x",
"9Base-RHOSDS-3:devspaces/devspaces-operator-bundle@sha256:b05f216166a75a5ae3f56495ea4f47a6c3b91d5405360cd991f7c9d545491150_amd64",
"9Base-RHOSDS-3:devspaces/devspaces-operator-bundle@sha256:ba152d33e05c8d53dd9c39249ba9756418619ff784ef1e4cb296a7aa1a33adfd_ppc64le",
"9Base-RHOSDS-3:devspaces/devspaces-operator-bundle@sha256:f463c35bfe9daac4929295c610f07935ff9655793b72d5fd040944fad8307c9a_s390x",
"9Base-RHOSDS-3:devspaces/devspaces-rhel9-operator@sha256:0cfde874c304561625ac5a838df9d90514bafddd5af6f7ed38f1476475497df3_amd64",
"9Base-RHOSDS-3:devspaces/devspaces-rhel9-operator@sha256:23280e408cce44be3fc8ebf244b19f5e386da1e6fab218a1a3ee8a1748f132f9_ppc64le",
"9Base-RHOSDS-3:devspaces/devspaces-rhel9-operator@sha256:e2b9c33d133573a466fead6c5f904d7ef31ba96d5fce1a619f3ff8c47d86a9da_s390x",
"9Base-RHOSDS-3:devspaces/imagepuller-rhel9@sha256:4e11c662d89bb01653f32ed2f3bc66a67be8a1464e267a564a30e36d047b46a6_s390x",
"9Base-RHOSDS-3:devspaces/imagepuller-rhel9@sha256:899c0fa0d3035a2da050c9dc765d2d5a1e79969ac8e5fe772e6dab003940c4b4_amd64",
"9Base-RHOSDS-3:devspaces/imagepuller-rhel9@sha256:8de9e91840963be836e62c27395e7c37ebe1e908770a817197cb938fcf1777dc_ppc64le",
"9Base-RHOSDS-3:devspaces/machineexec-rhel9@sha256:0ce141da5a9eec8fd61d6beee7c993ed4731a4b25501fd3a8f261a4aeab2ccda_amd64",
"9Base-RHOSDS-3:devspaces/machineexec-rhel9@sha256:60f6c9724b2c7e773654d7fd176829661420b6a3eb9df7f72c3560e7890fe691_s390x",
"9Base-RHOSDS-3:devspaces/machineexec-rhel9@sha256:ac07b6bc8c311b357ab5e0545a2b80aa567c2f76b9ed01a3d382b5685b688c83_ppc64le",
"9Base-RHOSDS-3:devspaces/pluginregistry-rhel9@sha256:4c5430c1e53219652c27d861d7a7d577097db0dad05ded83b814275cb9a6cad2_ppc64le",
"9Base-RHOSDS-3:devspaces/pluginregistry-rhel9@sha256:7107f9bf1082a528e0f3af30a5b02e26a770b3430600596e37bebafa18fd0786_amd64",
"9Base-RHOSDS-3:devspaces/pluginregistry-rhel9@sha256:989fc72b261f44374f16ba8aa190791d04da8b295933f724a00bc31a84efd89e_s390x",
"9Base-RHOSDS-3:devspaces/server-rhel9@sha256:52ea2c5e3244363b1d131b8551c10abc687b18f95ca5b9f561f79041a6f06c21_amd64",
"9Base-RHOSDS-3:devspaces/server-rhel9@sha256:ae275fed16fdc724d0e48659c3de940e4af3e0722d3b5d465634d31f5a2a972e_s390x",
"9Base-RHOSDS-3:devspaces/server-rhel9@sha256:edae16c9f7a40feaf051b22a05945fd3a51033d031b742346105cff657848881_ppc64le",
"9Base-RHOSDS-3:devspaces/traefik-rhel9@sha256:24a8578aa65eaeb3fbbc4809db2bd8e57cd76cc6a96d94ce67aa22f1b5d4a4a5_amd64",
"9Base-RHOSDS-3:devspaces/traefik-rhel9@sha256:2a9c66e55371adf209b5b317068e63cfbd9b3e27da9de210250607da8b3ffdff_ppc64le",
"9Base-RHOSDS-3:devspaces/traefik-rhel9@sha256:90df466eef849a4fd6846345273968f875397d72f24c38445058d462d861ca9c_s390x",
"9Base-RHOSDS-3:devspaces/udi-base-rhel9@sha256:25b8dab260796cc1962ef2c31a6c8b98e258b1a9e8b13580da798a0074acd4e8_amd64",
"9Base-RHOSDS-3:devspaces/udi-base-rhel9@sha256:89d858f949b7bbc4502109ff8ab3cf0f416ad1a4c9432924669fc30eeba26b86_ppc64le",
"9Base-RHOSDS-3:devspaces/udi-base-rhel9@sha256:e1b46dd642b4391ece60c7bc3bb062ba81c3c975cb3723ade62f5a230a43ed5d_s390x",
"9Base-RHOSDS-3:devspaces/udi-rhel9@sha256:c98bbca9019281daafac3fb0ac3590258ca5c93ecc954e5127c1c99db4aa0315_amd64",
"9Base-RHOSDS-3:devspaces/udi-rhel9@sha256:e6d836b45dfb32da1a94114ab9908251da24adeeca932de89ba0e23d4f104e22_s390x",
"9Base-RHOSDS-3:devspaces/udi-rhel9@sha256:f6be90596ba55531a1ef7acf4041ed2828d4fe8a3cdd4e8b251bf4929bd19700_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-12905"
},
{
"category": "external",
"summary": "RHBZ#2355460",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2355460"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-12905",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12905"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-12905",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-12905"
},
{
"category": "external",
"summary": "https://github.com/mafintosh/tar-fs/commit/a1dd7e7c7f4b4a8bd2ab60f513baca573b44e2ed",
"url": "https://github.com/mafintosh/tar-fs/commit/a1dd7e7c7f4b4a8bd2ab60f513baca573b44e2ed"
}
],
"release_date": "2025-03-27T16:25:34.410000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-05-28T02:39:39+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-RHOSDS-3:devspaces-tech-preview/idea-rhel9@sha256:e57eccb97cb2329af1654e27ad2ad30bb30de70c496b0e6e4353d2d0ce9274b8_amd64",
"9Base-RHOSDS-3:devspaces-tech-preview/jetbrains-ide-rhel9@sha256:6f3737f74c7659d65af8fe9a7cab165f8cdb1554b8ff963352885e1d9014ff27_amd64",
"9Base-RHOSDS-3:devspaces-tech-preview/jetbrains-ide-rhel9@sha256:82d121266eb9adca7faa9af0da6c89323cfe24add67bcba759a6a81ca161ba2f_s390x",
"9Base-RHOSDS-3:devspaces-tech-preview/jetbrains-ide-rhel9@sha256:9a8899c791034c3395c081fbe55746021d372ea1ea3523f2a72bf7e31a2a4132_ppc64le",
"9Base-RHOSDS-3:devspaces/code-rhel9@sha256:08f2e3cd088b9d1176e61f8017126ecaa7447ade3aede5d63e49bd678b5cc30b_s390x",
"9Base-RHOSDS-3:devspaces/code-rhel9@sha256:d36fb4add09a1576207fe4b114f60142a43b351d218b1f5d0807bacc19c02915_ppc64le",
"9Base-RHOSDS-3:devspaces/code-rhel9@sha256:e48a0e27d13aff1bc60facd4ef3bd875f3b9c68b33c5d9be86dcf2fb46971d24_amd64",
"9Base-RHOSDS-3:devspaces/configbump-rhel9@sha256:403b6c1ddb3fe9337fc1f83129d0b9e51dc18948df29f94212e291246b828e90_amd64",
"9Base-RHOSDS-3:devspaces/configbump-rhel9@sha256:97544fe3e08648e8f0aec09dda768e884b0c213be0b833568747c797d492bb42_ppc64le",
"9Base-RHOSDS-3:devspaces/configbump-rhel9@sha256:a47dcbcc9292e09c31ad8df74d54b58aa03db782700937365434407029c586d7_s390x",
"9Base-RHOSDS-3:devspaces/dashboard-rhel9@sha256:4fb48f0964049b6e56c71cac4973c8ec4ae53b3248ec842e58ec499736e3ffb7_ppc64le",
"9Base-RHOSDS-3:devspaces/dashboard-rhel9@sha256:bbb3292a84927c24cdef7aaff704cc12560172ba0c55021bf397d92f0f8c04c8_amd64",
"9Base-RHOSDS-3:devspaces/dashboard-rhel9@sha256:f894dcaddbc0dd33c9e524e33bf54416f08dd328838bbe2c869eb7201cf7ef1a_s390x",
"9Base-RHOSDS-3:devspaces/devspaces-operator-bundle@sha256:b05f216166a75a5ae3f56495ea4f47a6c3b91d5405360cd991f7c9d545491150_amd64",
"9Base-RHOSDS-3:devspaces/devspaces-operator-bundle@sha256:ba152d33e05c8d53dd9c39249ba9756418619ff784ef1e4cb296a7aa1a33adfd_ppc64le",
"9Base-RHOSDS-3:devspaces/devspaces-operator-bundle@sha256:f463c35bfe9daac4929295c610f07935ff9655793b72d5fd040944fad8307c9a_s390x",
"9Base-RHOSDS-3:devspaces/devspaces-rhel9-operator@sha256:0cfde874c304561625ac5a838df9d90514bafddd5af6f7ed38f1476475497df3_amd64",
"9Base-RHOSDS-3:devspaces/devspaces-rhel9-operator@sha256:23280e408cce44be3fc8ebf244b19f5e386da1e6fab218a1a3ee8a1748f132f9_ppc64le",
"9Base-RHOSDS-3:devspaces/devspaces-rhel9-operator@sha256:e2b9c33d133573a466fead6c5f904d7ef31ba96d5fce1a619f3ff8c47d86a9da_s390x",
"9Base-RHOSDS-3:devspaces/imagepuller-rhel9@sha256:4e11c662d89bb01653f32ed2f3bc66a67be8a1464e267a564a30e36d047b46a6_s390x",
"9Base-RHOSDS-3:devspaces/imagepuller-rhel9@sha256:899c0fa0d3035a2da050c9dc765d2d5a1e79969ac8e5fe772e6dab003940c4b4_amd64",
"9Base-RHOSDS-3:devspaces/imagepuller-rhel9@sha256:8de9e91840963be836e62c27395e7c37ebe1e908770a817197cb938fcf1777dc_ppc64le",
"9Base-RHOSDS-3:devspaces/machineexec-rhel9@sha256:0ce141da5a9eec8fd61d6beee7c993ed4731a4b25501fd3a8f261a4aeab2ccda_amd64",
"9Base-RHOSDS-3:devspaces/machineexec-rhel9@sha256:60f6c9724b2c7e773654d7fd176829661420b6a3eb9df7f72c3560e7890fe691_s390x",
"9Base-RHOSDS-3:devspaces/machineexec-rhel9@sha256:ac07b6bc8c311b357ab5e0545a2b80aa567c2f76b9ed01a3d382b5685b688c83_ppc64le",
"9Base-RHOSDS-3:devspaces/pluginregistry-rhel9@sha256:4c5430c1e53219652c27d861d7a7d577097db0dad05ded83b814275cb9a6cad2_ppc64le",
"9Base-RHOSDS-3:devspaces/pluginregistry-rhel9@sha256:7107f9bf1082a528e0f3af30a5b02e26a770b3430600596e37bebafa18fd0786_amd64",
"9Base-RHOSDS-3:devspaces/pluginregistry-rhel9@sha256:989fc72b261f44374f16ba8aa190791d04da8b295933f724a00bc31a84efd89e_s390x",
"9Base-RHOSDS-3:devspaces/server-rhel9@sha256:52ea2c5e3244363b1d131b8551c10abc687b18f95ca5b9f561f79041a6f06c21_amd64",
"9Base-RHOSDS-3:devspaces/server-rhel9@sha256:ae275fed16fdc724d0e48659c3de940e4af3e0722d3b5d465634d31f5a2a972e_s390x",
"9Base-RHOSDS-3:devspaces/server-rhel9@sha256:edae16c9f7a40feaf051b22a05945fd3a51033d031b742346105cff657848881_ppc64le",
"9Base-RHOSDS-3:devspaces/traefik-rhel9@sha256:24a8578aa65eaeb3fbbc4809db2bd8e57cd76cc6a96d94ce67aa22f1b5d4a4a5_amd64",
"9Base-RHOSDS-3:devspaces/traefik-rhel9@sha256:2a9c66e55371adf209b5b317068e63cfbd9b3e27da9de210250607da8b3ffdff_ppc64le",
"9Base-RHOSDS-3:devspaces/traefik-rhel9@sha256:90df466eef849a4fd6846345273968f875397d72f24c38445058d462d861ca9c_s390x",
"9Base-RHOSDS-3:devspaces/udi-base-rhel9@sha256:25b8dab260796cc1962ef2c31a6c8b98e258b1a9e8b13580da798a0074acd4e8_amd64",
"9Base-RHOSDS-3:devspaces/udi-base-rhel9@sha256:89d858f949b7bbc4502109ff8ab3cf0f416ad1a4c9432924669fc30eeba26b86_ppc64le",
"9Base-RHOSDS-3:devspaces/udi-base-rhel9@sha256:e1b46dd642b4391ece60c7bc3bb062ba81c3c975cb3723ade62f5a230a43ed5d_s390x",
"9Base-RHOSDS-3:devspaces/udi-rhel9@sha256:c98bbca9019281daafac3fb0ac3590258ca5c93ecc954e5127c1c99db4aa0315_amd64",
"9Base-RHOSDS-3:devspaces/udi-rhel9@sha256:e6d836b45dfb32da1a94114ab9908251da24adeeca932de89ba0e23d4f104e22_s390x",
"9Base-RHOSDS-3:devspaces/udi-rhel9@sha256:f6be90596ba55531a1ef7acf4041ed2828d4fe8a3cdd4e8b251bf4929bd19700_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:8244"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"9Base-RHOSDS-3:devspaces-tech-preview/idea-rhel9@sha256:e57eccb97cb2329af1654e27ad2ad30bb30de70c496b0e6e4353d2d0ce9274b8_amd64",
"9Base-RHOSDS-3:devspaces-tech-preview/jetbrains-ide-rhel9@sha256:6f3737f74c7659d65af8fe9a7cab165f8cdb1554b8ff963352885e1d9014ff27_amd64",
"9Base-RHOSDS-3:devspaces-tech-preview/jetbrains-ide-rhel9@sha256:82d121266eb9adca7faa9af0da6c89323cfe24add67bcba759a6a81ca161ba2f_s390x",
"9Base-RHOSDS-3:devspaces-tech-preview/jetbrains-ide-rhel9@sha256:9a8899c791034c3395c081fbe55746021d372ea1ea3523f2a72bf7e31a2a4132_ppc64le",
"9Base-RHOSDS-3:devspaces/code-rhel9@sha256:08f2e3cd088b9d1176e61f8017126ecaa7447ade3aede5d63e49bd678b5cc30b_s390x",
"9Base-RHOSDS-3:devspaces/code-rhel9@sha256:d36fb4add09a1576207fe4b114f60142a43b351d218b1f5d0807bacc19c02915_ppc64le",
"9Base-RHOSDS-3:devspaces/code-rhel9@sha256:e48a0e27d13aff1bc60facd4ef3bd875f3b9c68b33c5d9be86dcf2fb46971d24_amd64",
"9Base-RHOSDS-3:devspaces/configbump-rhel9@sha256:403b6c1ddb3fe9337fc1f83129d0b9e51dc18948df29f94212e291246b828e90_amd64",
"9Base-RHOSDS-3:devspaces/configbump-rhel9@sha256:97544fe3e08648e8f0aec09dda768e884b0c213be0b833568747c797d492bb42_ppc64le",
"9Base-RHOSDS-3:devspaces/configbump-rhel9@sha256:a47dcbcc9292e09c31ad8df74d54b58aa03db782700937365434407029c586d7_s390x",
"9Base-RHOSDS-3:devspaces/dashboard-rhel9@sha256:4fb48f0964049b6e56c71cac4973c8ec4ae53b3248ec842e58ec499736e3ffb7_ppc64le",
"9Base-RHOSDS-3:devspaces/dashboard-rhel9@sha256:bbb3292a84927c24cdef7aaff704cc12560172ba0c55021bf397d92f0f8c04c8_amd64",
"9Base-RHOSDS-3:devspaces/dashboard-rhel9@sha256:f894dcaddbc0dd33c9e524e33bf54416f08dd328838bbe2c869eb7201cf7ef1a_s390x",
"9Base-RHOSDS-3:devspaces/devspaces-operator-bundle@sha256:b05f216166a75a5ae3f56495ea4f47a6c3b91d5405360cd991f7c9d545491150_amd64",
"9Base-RHOSDS-3:devspaces/devspaces-operator-bundle@sha256:ba152d33e05c8d53dd9c39249ba9756418619ff784ef1e4cb296a7aa1a33adfd_ppc64le",
"9Base-RHOSDS-3:devspaces/devspaces-operator-bundle@sha256:f463c35bfe9daac4929295c610f07935ff9655793b72d5fd040944fad8307c9a_s390x",
"9Base-RHOSDS-3:devspaces/devspaces-rhel9-operator@sha256:0cfde874c304561625ac5a838df9d90514bafddd5af6f7ed38f1476475497df3_amd64",
"9Base-RHOSDS-3:devspaces/devspaces-rhel9-operator@sha256:23280e408cce44be3fc8ebf244b19f5e386da1e6fab218a1a3ee8a1748f132f9_ppc64le",
"9Base-RHOSDS-3:devspaces/devspaces-rhel9-operator@sha256:e2b9c33d133573a466fead6c5f904d7ef31ba96d5fce1a619f3ff8c47d86a9da_s390x",
"9Base-RHOSDS-3:devspaces/imagepuller-rhel9@sha256:4e11c662d89bb01653f32ed2f3bc66a67be8a1464e267a564a30e36d047b46a6_s390x",
"9Base-RHOSDS-3:devspaces/imagepuller-rhel9@sha256:899c0fa0d3035a2da050c9dc765d2d5a1e79969ac8e5fe772e6dab003940c4b4_amd64",
"9Base-RHOSDS-3:devspaces/imagepuller-rhel9@sha256:8de9e91840963be836e62c27395e7c37ebe1e908770a817197cb938fcf1777dc_ppc64le",
"9Base-RHOSDS-3:devspaces/machineexec-rhel9@sha256:0ce141da5a9eec8fd61d6beee7c993ed4731a4b25501fd3a8f261a4aeab2ccda_amd64",
"9Base-RHOSDS-3:devspaces/machineexec-rhel9@sha256:60f6c9724b2c7e773654d7fd176829661420b6a3eb9df7f72c3560e7890fe691_s390x",
"9Base-RHOSDS-3:devspaces/machineexec-rhel9@sha256:ac07b6bc8c311b357ab5e0545a2b80aa567c2f76b9ed01a3d382b5685b688c83_ppc64le",
"9Base-RHOSDS-3:devspaces/pluginregistry-rhel9@sha256:4c5430c1e53219652c27d861d7a7d577097db0dad05ded83b814275cb9a6cad2_ppc64le",
"9Base-RHOSDS-3:devspaces/pluginregistry-rhel9@sha256:7107f9bf1082a528e0f3af30a5b02e26a770b3430600596e37bebafa18fd0786_amd64",
"9Base-RHOSDS-3:devspaces/pluginregistry-rhel9@sha256:989fc72b261f44374f16ba8aa190791d04da8b295933f724a00bc31a84efd89e_s390x",
"9Base-RHOSDS-3:devspaces/server-rhel9@sha256:52ea2c5e3244363b1d131b8551c10abc687b18f95ca5b9f561f79041a6f06c21_amd64",
"9Base-RHOSDS-3:devspaces/server-rhel9@sha256:ae275fed16fdc724d0e48659c3de940e4af3e0722d3b5d465634d31f5a2a972e_s390x",
"9Base-RHOSDS-3:devspaces/server-rhel9@sha256:edae16c9f7a40feaf051b22a05945fd3a51033d031b742346105cff657848881_ppc64le",
"9Base-RHOSDS-3:devspaces/traefik-rhel9@sha256:24a8578aa65eaeb3fbbc4809db2bd8e57cd76cc6a96d94ce67aa22f1b5d4a4a5_amd64",
"9Base-RHOSDS-3:devspaces/traefik-rhel9@sha256:2a9c66e55371adf209b5b317068e63cfbd9b3e27da9de210250607da8b3ffdff_ppc64le",
"9Base-RHOSDS-3:devspaces/traefik-rhel9@sha256:90df466eef849a4fd6846345273968f875397d72f24c38445058d462d861ca9c_s390x",
"9Base-RHOSDS-3:devspaces/udi-base-rhel9@sha256:25b8dab260796cc1962ef2c31a6c8b98e258b1a9e8b13580da798a0074acd4e8_amd64",
"9Base-RHOSDS-3:devspaces/udi-base-rhel9@sha256:89d858f949b7bbc4502109ff8ab3cf0f416ad1a4c9432924669fc30eeba26b86_ppc64le",
"9Base-RHOSDS-3:devspaces/udi-base-rhel9@sha256:e1b46dd642b4391ece60c7bc3bb062ba81c3c975cb3723ade62f5a230a43ed5d_s390x",
"9Base-RHOSDS-3:devspaces/udi-rhel9@sha256:c98bbca9019281daafac3fb0ac3590258ca5c93ecc954e5127c1c99db4aa0315_amd64",
"9Base-RHOSDS-3:devspaces/udi-rhel9@sha256:e6d836b45dfb32da1a94114ab9908251da24adeeca932de89ba0e23d4f104e22_s390x",
"9Base-RHOSDS-3:devspaces/udi-rhel9@sha256:f6be90596ba55531a1ef7acf4041ed2828d4fe8a3cdd4e8b251bf4929bd19700_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "tar-fs: link following and path traversal via maliciously crafted tar file"
},
{
"cve": "CVE-2024-45337",
"cwe": {
"id": "CWE-285",
"name": "Improper Authorization"
},
"discovery_date": "2024-12-11T19:00:54.247490+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2331720"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the x/crypto/ssh go library. Applications and libraries that misuse the ServerConfig.PublicKeyCallback callback may be susceptible to an authorization bypass. For example, an attacker may send public keys A and B and authenticate with A. PublicKeyCallback would be called only twice, first with A and then with B. A vulnerable application may then make authorization decisions based on key B, for which the attacker does not control the private key. The misuse of ServerConfig.PublicKeyCallback may cause an authorization bypass.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang.org/x/crypto/ssh: Misuse of ServerConfig.PublicKeyCallback may cause authorization bypass in golang.org/x/crypto",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is classified as important rather than critical because it does not directly enable unauthorized access but rather introduces a risk of authorization bypass if the application or library misuses the PublicKeyCallback API. The vulnerability relies on incorrect assumptions made by the application when handling the sequence or state of keys provided during SSH authentication. Properly implemented systems that use the Permissions field or avoid relying on external state remain unaffected. Additionally, the vulnerability does not allow direct exploitation to gain control over a system without the presence of insecure logic in the application\u0027s handling of authentication attempts.\n\n\nRed Hat Enterprise Linux(RHEL) 8 \u0026 9 and Red Hat Openshift marked as not affected as it was determined that the problem function `ServerConfig.PublicKeyCallback`, as noted in the CVE-2024-45337 issue, is not called by Podman, Buildah, containers-common, or the gvisor-tap-vsock projects.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHOSDS-3:devspaces-tech-preview/idea-rhel9@sha256:e57eccb97cb2329af1654e27ad2ad30bb30de70c496b0e6e4353d2d0ce9274b8_amd64",
"9Base-RHOSDS-3:devspaces-tech-preview/jetbrains-ide-rhel9@sha256:6f3737f74c7659d65af8fe9a7cab165f8cdb1554b8ff963352885e1d9014ff27_amd64",
"9Base-RHOSDS-3:devspaces-tech-preview/jetbrains-ide-rhel9@sha256:82d121266eb9adca7faa9af0da6c89323cfe24add67bcba759a6a81ca161ba2f_s390x",
"9Base-RHOSDS-3:devspaces-tech-preview/jetbrains-ide-rhel9@sha256:9a8899c791034c3395c081fbe55746021d372ea1ea3523f2a72bf7e31a2a4132_ppc64le",
"9Base-RHOSDS-3:devspaces/code-rhel9@sha256:08f2e3cd088b9d1176e61f8017126ecaa7447ade3aede5d63e49bd678b5cc30b_s390x",
"9Base-RHOSDS-3:devspaces/code-rhel9@sha256:d36fb4add09a1576207fe4b114f60142a43b351d218b1f5d0807bacc19c02915_ppc64le",
"9Base-RHOSDS-3:devspaces/code-rhel9@sha256:e48a0e27d13aff1bc60facd4ef3bd875f3b9c68b33c5d9be86dcf2fb46971d24_amd64",
"9Base-RHOSDS-3:devspaces/configbump-rhel9@sha256:403b6c1ddb3fe9337fc1f83129d0b9e51dc18948df29f94212e291246b828e90_amd64",
"9Base-RHOSDS-3:devspaces/configbump-rhel9@sha256:97544fe3e08648e8f0aec09dda768e884b0c213be0b833568747c797d492bb42_ppc64le",
"9Base-RHOSDS-3:devspaces/configbump-rhel9@sha256:a47dcbcc9292e09c31ad8df74d54b58aa03db782700937365434407029c586d7_s390x",
"9Base-RHOSDS-3:devspaces/dashboard-rhel9@sha256:4fb48f0964049b6e56c71cac4973c8ec4ae53b3248ec842e58ec499736e3ffb7_ppc64le",
"9Base-RHOSDS-3:devspaces/dashboard-rhel9@sha256:bbb3292a84927c24cdef7aaff704cc12560172ba0c55021bf397d92f0f8c04c8_amd64",
"9Base-RHOSDS-3:devspaces/dashboard-rhel9@sha256:f894dcaddbc0dd33c9e524e33bf54416f08dd328838bbe2c869eb7201cf7ef1a_s390x",
"9Base-RHOSDS-3:devspaces/devspaces-operator-bundle@sha256:b05f216166a75a5ae3f56495ea4f47a6c3b91d5405360cd991f7c9d545491150_amd64",
"9Base-RHOSDS-3:devspaces/devspaces-operator-bundle@sha256:ba152d33e05c8d53dd9c39249ba9756418619ff784ef1e4cb296a7aa1a33adfd_ppc64le",
"9Base-RHOSDS-3:devspaces/devspaces-operator-bundle@sha256:f463c35bfe9daac4929295c610f07935ff9655793b72d5fd040944fad8307c9a_s390x",
"9Base-RHOSDS-3:devspaces/devspaces-rhel9-operator@sha256:0cfde874c304561625ac5a838df9d90514bafddd5af6f7ed38f1476475497df3_amd64",
"9Base-RHOSDS-3:devspaces/devspaces-rhel9-operator@sha256:23280e408cce44be3fc8ebf244b19f5e386da1e6fab218a1a3ee8a1748f132f9_ppc64le",
"9Base-RHOSDS-3:devspaces/devspaces-rhel9-operator@sha256:e2b9c33d133573a466fead6c5f904d7ef31ba96d5fce1a619f3ff8c47d86a9da_s390x",
"9Base-RHOSDS-3:devspaces/imagepuller-rhel9@sha256:4e11c662d89bb01653f32ed2f3bc66a67be8a1464e267a564a30e36d047b46a6_s390x",
"9Base-RHOSDS-3:devspaces/imagepuller-rhel9@sha256:899c0fa0d3035a2da050c9dc765d2d5a1e79969ac8e5fe772e6dab003940c4b4_amd64",
"9Base-RHOSDS-3:devspaces/imagepuller-rhel9@sha256:8de9e91840963be836e62c27395e7c37ebe1e908770a817197cb938fcf1777dc_ppc64le",
"9Base-RHOSDS-3:devspaces/machineexec-rhel9@sha256:0ce141da5a9eec8fd61d6beee7c993ed4731a4b25501fd3a8f261a4aeab2ccda_amd64",
"9Base-RHOSDS-3:devspaces/machineexec-rhel9@sha256:60f6c9724b2c7e773654d7fd176829661420b6a3eb9df7f72c3560e7890fe691_s390x",
"9Base-RHOSDS-3:devspaces/machineexec-rhel9@sha256:ac07b6bc8c311b357ab5e0545a2b80aa567c2f76b9ed01a3d382b5685b688c83_ppc64le",
"9Base-RHOSDS-3:devspaces/pluginregistry-rhel9@sha256:4c5430c1e53219652c27d861d7a7d577097db0dad05ded83b814275cb9a6cad2_ppc64le",
"9Base-RHOSDS-3:devspaces/pluginregistry-rhel9@sha256:7107f9bf1082a528e0f3af30a5b02e26a770b3430600596e37bebafa18fd0786_amd64",
"9Base-RHOSDS-3:devspaces/pluginregistry-rhel9@sha256:989fc72b261f44374f16ba8aa190791d04da8b295933f724a00bc31a84efd89e_s390x",
"9Base-RHOSDS-3:devspaces/server-rhel9@sha256:52ea2c5e3244363b1d131b8551c10abc687b18f95ca5b9f561f79041a6f06c21_amd64",
"9Base-RHOSDS-3:devspaces/server-rhel9@sha256:ae275fed16fdc724d0e48659c3de940e4af3e0722d3b5d465634d31f5a2a972e_s390x",
"9Base-RHOSDS-3:devspaces/server-rhel9@sha256:edae16c9f7a40feaf051b22a05945fd3a51033d031b742346105cff657848881_ppc64le",
"9Base-RHOSDS-3:devspaces/traefik-rhel9@sha256:24a8578aa65eaeb3fbbc4809db2bd8e57cd76cc6a96d94ce67aa22f1b5d4a4a5_amd64",
"9Base-RHOSDS-3:devspaces/traefik-rhel9@sha256:2a9c66e55371adf209b5b317068e63cfbd9b3e27da9de210250607da8b3ffdff_ppc64le",
"9Base-RHOSDS-3:devspaces/traefik-rhel9@sha256:90df466eef849a4fd6846345273968f875397d72f24c38445058d462d861ca9c_s390x",
"9Base-RHOSDS-3:devspaces/udi-base-rhel9@sha256:25b8dab260796cc1962ef2c31a6c8b98e258b1a9e8b13580da798a0074acd4e8_amd64",
"9Base-RHOSDS-3:devspaces/udi-base-rhel9@sha256:89d858f949b7bbc4502109ff8ab3cf0f416ad1a4c9432924669fc30eeba26b86_ppc64le",
"9Base-RHOSDS-3:devspaces/udi-base-rhel9@sha256:e1b46dd642b4391ece60c7bc3bb062ba81c3c975cb3723ade62f5a230a43ed5d_s390x",
"9Base-RHOSDS-3:devspaces/udi-rhel9@sha256:c98bbca9019281daafac3fb0ac3590258ca5c93ecc954e5127c1c99db4aa0315_amd64",
"9Base-RHOSDS-3:devspaces/udi-rhel9@sha256:e6d836b45dfb32da1a94114ab9908251da24adeeca932de89ba0e23d4f104e22_s390x",
"9Base-RHOSDS-3:devspaces/udi-rhel9@sha256:f6be90596ba55531a1ef7acf4041ed2828d4fe8a3cdd4e8b251bf4929bd19700_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-45337"
},
{
"category": "external",
"summary": "RHBZ#2331720",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2331720"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-45337",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45337"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-45337",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-45337"
},
{
"category": "external",
"summary": "https://github.com/golang/crypto/commit/b4f1988a35dee11ec3e05d6bf3e90b695fbd8909",
"url": "https://github.com/golang/crypto/commit/b4f1988a35dee11ec3e05d6bf3e90b695fbd8909"
},
{
"category": "external",
"summary": "https://go.dev/cl/635315",
"url": "https://go.dev/cl/635315"
},
{
"category": "external",
"summary": "https://go.dev/issue/70779",
"url": "https://go.dev/issue/70779"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/-nPEi39gI4Q/m/cGVPJCqdAQAJ",
"url": "https://groups.google.com/g/golang-announce/c/-nPEi39gI4Q/m/cGVPJCqdAQAJ"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2024-3321",
"url": "https://pkg.go.dev/vuln/GO-2024-3321"
}
],
"release_date": "2024-12-11T18:55:58.506000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-05-28T02:39:39+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-RHOSDS-3:devspaces-tech-preview/idea-rhel9@sha256:e57eccb97cb2329af1654e27ad2ad30bb30de70c496b0e6e4353d2d0ce9274b8_amd64",
"9Base-RHOSDS-3:devspaces-tech-preview/jetbrains-ide-rhel9@sha256:6f3737f74c7659d65af8fe9a7cab165f8cdb1554b8ff963352885e1d9014ff27_amd64",
"9Base-RHOSDS-3:devspaces-tech-preview/jetbrains-ide-rhel9@sha256:82d121266eb9adca7faa9af0da6c89323cfe24add67bcba759a6a81ca161ba2f_s390x",
"9Base-RHOSDS-3:devspaces-tech-preview/jetbrains-ide-rhel9@sha256:9a8899c791034c3395c081fbe55746021d372ea1ea3523f2a72bf7e31a2a4132_ppc64le",
"9Base-RHOSDS-3:devspaces/code-rhel9@sha256:08f2e3cd088b9d1176e61f8017126ecaa7447ade3aede5d63e49bd678b5cc30b_s390x",
"9Base-RHOSDS-3:devspaces/code-rhel9@sha256:d36fb4add09a1576207fe4b114f60142a43b351d218b1f5d0807bacc19c02915_ppc64le",
"9Base-RHOSDS-3:devspaces/code-rhel9@sha256:e48a0e27d13aff1bc60facd4ef3bd875f3b9c68b33c5d9be86dcf2fb46971d24_amd64",
"9Base-RHOSDS-3:devspaces/configbump-rhel9@sha256:403b6c1ddb3fe9337fc1f83129d0b9e51dc18948df29f94212e291246b828e90_amd64",
"9Base-RHOSDS-3:devspaces/configbump-rhel9@sha256:97544fe3e08648e8f0aec09dda768e884b0c213be0b833568747c797d492bb42_ppc64le",
"9Base-RHOSDS-3:devspaces/configbump-rhel9@sha256:a47dcbcc9292e09c31ad8df74d54b58aa03db782700937365434407029c586d7_s390x",
"9Base-RHOSDS-3:devspaces/dashboard-rhel9@sha256:4fb48f0964049b6e56c71cac4973c8ec4ae53b3248ec842e58ec499736e3ffb7_ppc64le",
"9Base-RHOSDS-3:devspaces/dashboard-rhel9@sha256:bbb3292a84927c24cdef7aaff704cc12560172ba0c55021bf397d92f0f8c04c8_amd64",
"9Base-RHOSDS-3:devspaces/dashboard-rhel9@sha256:f894dcaddbc0dd33c9e524e33bf54416f08dd328838bbe2c869eb7201cf7ef1a_s390x",
"9Base-RHOSDS-3:devspaces/devspaces-operator-bundle@sha256:b05f216166a75a5ae3f56495ea4f47a6c3b91d5405360cd991f7c9d545491150_amd64",
"9Base-RHOSDS-3:devspaces/devspaces-operator-bundle@sha256:ba152d33e05c8d53dd9c39249ba9756418619ff784ef1e4cb296a7aa1a33adfd_ppc64le",
"9Base-RHOSDS-3:devspaces/devspaces-operator-bundle@sha256:f463c35bfe9daac4929295c610f07935ff9655793b72d5fd040944fad8307c9a_s390x",
"9Base-RHOSDS-3:devspaces/devspaces-rhel9-operator@sha256:0cfde874c304561625ac5a838df9d90514bafddd5af6f7ed38f1476475497df3_amd64",
"9Base-RHOSDS-3:devspaces/devspaces-rhel9-operator@sha256:23280e408cce44be3fc8ebf244b19f5e386da1e6fab218a1a3ee8a1748f132f9_ppc64le",
"9Base-RHOSDS-3:devspaces/devspaces-rhel9-operator@sha256:e2b9c33d133573a466fead6c5f904d7ef31ba96d5fce1a619f3ff8c47d86a9da_s390x",
"9Base-RHOSDS-3:devspaces/imagepuller-rhel9@sha256:4e11c662d89bb01653f32ed2f3bc66a67be8a1464e267a564a30e36d047b46a6_s390x",
"9Base-RHOSDS-3:devspaces/imagepuller-rhel9@sha256:899c0fa0d3035a2da050c9dc765d2d5a1e79969ac8e5fe772e6dab003940c4b4_amd64",
"9Base-RHOSDS-3:devspaces/imagepuller-rhel9@sha256:8de9e91840963be836e62c27395e7c37ebe1e908770a817197cb938fcf1777dc_ppc64le",
"9Base-RHOSDS-3:devspaces/machineexec-rhel9@sha256:0ce141da5a9eec8fd61d6beee7c993ed4731a4b25501fd3a8f261a4aeab2ccda_amd64",
"9Base-RHOSDS-3:devspaces/machineexec-rhel9@sha256:60f6c9724b2c7e773654d7fd176829661420b6a3eb9df7f72c3560e7890fe691_s390x",
"9Base-RHOSDS-3:devspaces/machineexec-rhel9@sha256:ac07b6bc8c311b357ab5e0545a2b80aa567c2f76b9ed01a3d382b5685b688c83_ppc64le",
"9Base-RHOSDS-3:devspaces/pluginregistry-rhel9@sha256:4c5430c1e53219652c27d861d7a7d577097db0dad05ded83b814275cb9a6cad2_ppc64le",
"9Base-RHOSDS-3:devspaces/pluginregistry-rhel9@sha256:7107f9bf1082a528e0f3af30a5b02e26a770b3430600596e37bebafa18fd0786_amd64",
"9Base-RHOSDS-3:devspaces/pluginregistry-rhel9@sha256:989fc72b261f44374f16ba8aa190791d04da8b295933f724a00bc31a84efd89e_s390x",
"9Base-RHOSDS-3:devspaces/server-rhel9@sha256:52ea2c5e3244363b1d131b8551c10abc687b18f95ca5b9f561f79041a6f06c21_amd64",
"9Base-RHOSDS-3:devspaces/server-rhel9@sha256:ae275fed16fdc724d0e48659c3de940e4af3e0722d3b5d465634d31f5a2a972e_s390x",
"9Base-RHOSDS-3:devspaces/server-rhel9@sha256:edae16c9f7a40feaf051b22a05945fd3a51033d031b742346105cff657848881_ppc64le",
"9Base-RHOSDS-3:devspaces/traefik-rhel9@sha256:24a8578aa65eaeb3fbbc4809db2bd8e57cd76cc6a96d94ce67aa22f1b5d4a4a5_amd64",
"9Base-RHOSDS-3:devspaces/traefik-rhel9@sha256:2a9c66e55371adf209b5b317068e63cfbd9b3e27da9de210250607da8b3ffdff_ppc64le",
"9Base-RHOSDS-3:devspaces/traefik-rhel9@sha256:90df466eef849a4fd6846345273968f875397d72f24c38445058d462d861ca9c_s390x",
"9Base-RHOSDS-3:devspaces/udi-base-rhel9@sha256:25b8dab260796cc1962ef2c31a6c8b98e258b1a9e8b13580da798a0074acd4e8_amd64",
"9Base-RHOSDS-3:devspaces/udi-base-rhel9@sha256:89d858f949b7bbc4502109ff8ab3cf0f416ad1a4c9432924669fc30eeba26b86_ppc64le",
"9Base-RHOSDS-3:devspaces/udi-base-rhel9@sha256:e1b46dd642b4391ece60c7bc3bb062ba81c3c975cb3723ade62f5a230a43ed5d_s390x",
"9Base-RHOSDS-3:devspaces/udi-rhel9@sha256:c98bbca9019281daafac3fb0ac3590258ca5c93ecc954e5127c1c99db4aa0315_amd64",
"9Base-RHOSDS-3:devspaces/udi-rhel9@sha256:e6d836b45dfb32da1a94114ab9908251da24adeeca932de89ba0e23d4f104e22_s390x",
"9Base-RHOSDS-3:devspaces/udi-rhel9@sha256:f6be90596ba55531a1ef7acf4041ed2828d4fe8a3cdd4e8b251bf4929bd19700_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:8244"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"9Base-RHOSDS-3:devspaces-tech-preview/idea-rhel9@sha256:e57eccb97cb2329af1654e27ad2ad30bb30de70c496b0e6e4353d2d0ce9274b8_amd64",
"9Base-RHOSDS-3:devspaces-tech-preview/jetbrains-ide-rhel9@sha256:6f3737f74c7659d65af8fe9a7cab165f8cdb1554b8ff963352885e1d9014ff27_amd64",
"9Base-RHOSDS-3:devspaces-tech-preview/jetbrains-ide-rhel9@sha256:82d121266eb9adca7faa9af0da6c89323cfe24add67bcba759a6a81ca161ba2f_s390x",
"9Base-RHOSDS-3:devspaces-tech-preview/jetbrains-ide-rhel9@sha256:9a8899c791034c3395c081fbe55746021d372ea1ea3523f2a72bf7e31a2a4132_ppc64le",
"9Base-RHOSDS-3:devspaces/code-rhel9@sha256:08f2e3cd088b9d1176e61f8017126ecaa7447ade3aede5d63e49bd678b5cc30b_s390x",
"9Base-RHOSDS-3:devspaces/code-rhel9@sha256:d36fb4add09a1576207fe4b114f60142a43b351d218b1f5d0807bacc19c02915_ppc64le",
"9Base-RHOSDS-3:devspaces/code-rhel9@sha256:e48a0e27d13aff1bc60facd4ef3bd875f3b9c68b33c5d9be86dcf2fb46971d24_amd64",
"9Base-RHOSDS-3:devspaces/configbump-rhel9@sha256:403b6c1ddb3fe9337fc1f83129d0b9e51dc18948df29f94212e291246b828e90_amd64",
"9Base-RHOSDS-3:devspaces/configbump-rhel9@sha256:97544fe3e08648e8f0aec09dda768e884b0c213be0b833568747c797d492bb42_ppc64le",
"9Base-RHOSDS-3:devspaces/configbump-rhel9@sha256:a47dcbcc9292e09c31ad8df74d54b58aa03db782700937365434407029c586d7_s390x",
"9Base-RHOSDS-3:devspaces/dashboard-rhel9@sha256:4fb48f0964049b6e56c71cac4973c8ec4ae53b3248ec842e58ec499736e3ffb7_ppc64le",
"9Base-RHOSDS-3:devspaces/dashboard-rhel9@sha256:bbb3292a84927c24cdef7aaff704cc12560172ba0c55021bf397d92f0f8c04c8_amd64",
"9Base-RHOSDS-3:devspaces/dashboard-rhel9@sha256:f894dcaddbc0dd33c9e524e33bf54416f08dd328838bbe2c869eb7201cf7ef1a_s390x",
"9Base-RHOSDS-3:devspaces/devspaces-operator-bundle@sha256:b05f216166a75a5ae3f56495ea4f47a6c3b91d5405360cd991f7c9d545491150_amd64",
"9Base-RHOSDS-3:devspaces/devspaces-operator-bundle@sha256:ba152d33e05c8d53dd9c39249ba9756418619ff784ef1e4cb296a7aa1a33adfd_ppc64le",
"9Base-RHOSDS-3:devspaces/devspaces-operator-bundle@sha256:f463c35bfe9daac4929295c610f07935ff9655793b72d5fd040944fad8307c9a_s390x",
"9Base-RHOSDS-3:devspaces/devspaces-rhel9-operator@sha256:0cfde874c304561625ac5a838df9d90514bafddd5af6f7ed38f1476475497df3_amd64",
"9Base-RHOSDS-3:devspaces/devspaces-rhel9-operator@sha256:23280e408cce44be3fc8ebf244b19f5e386da1e6fab218a1a3ee8a1748f132f9_ppc64le",
"9Base-RHOSDS-3:devspaces/devspaces-rhel9-operator@sha256:e2b9c33d133573a466fead6c5f904d7ef31ba96d5fce1a619f3ff8c47d86a9da_s390x",
"9Base-RHOSDS-3:devspaces/imagepuller-rhel9@sha256:4e11c662d89bb01653f32ed2f3bc66a67be8a1464e267a564a30e36d047b46a6_s390x",
"9Base-RHOSDS-3:devspaces/imagepuller-rhel9@sha256:899c0fa0d3035a2da050c9dc765d2d5a1e79969ac8e5fe772e6dab003940c4b4_amd64",
"9Base-RHOSDS-3:devspaces/imagepuller-rhel9@sha256:8de9e91840963be836e62c27395e7c37ebe1e908770a817197cb938fcf1777dc_ppc64le",
"9Base-RHOSDS-3:devspaces/machineexec-rhel9@sha256:0ce141da5a9eec8fd61d6beee7c993ed4731a4b25501fd3a8f261a4aeab2ccda_amd64",
"9Base-RHOSDS-3:devspaces/machineexec-rhel9@sha256:60f6c9724b2c7e773654d7fd176829661420b6a3eb9df7f72c3560e7890fe691_s390x",
"9Base-RHOSDS-3:devspaces/machineexec-rhel9@sha256:ac07b6bc8c311b357ab5e0545a2b80aa567c2f76b9ed01a3d382b5685b688c83_ppc64le",
"9Base-RHOSDS-3:devspaces/pluginregistry-rhel9@sha256:4c5430c1e53219652c27d861d7a7d577097db0dad05ded83b814275cb9a6cad2_ppc64le",
"9Base-RHOSDS-3:devspaces/pluginregistry-rhel9@sha256:7107f9bf1082a528e0f3af30a5b02e26a770b3430600596e37bebafa18fd0786_amd64",
"9Base-RHOSDS-3:devspaces/pluginregistry-rhel9@sha256:989fc72b261f44374f16ba8aa190791d04da8b295933f724a00bc31a84efd89e_s390x",
"9Base-RHOSDS-3:devspaces/server-rhel9@sha256:52ea2c5e3244363b1d131b8551c10abc687b18f95ca5b9f561f79041a6f06c21_amd64",
"9Base-RHOSDS-3:devspaces/server-rhel9@sha256:ae275fed16fdc724d0e48659c3de940e4af3e0722d3b5d465634d31f5a2a972e_s390x",
"9Base-RHOSDS-3:devspaces/server-rhel9@sha256:edae16c9f7a40feaf051b22a05945fd3a51033d031b742346105cff657848881_ppc64le",
"9Base-RHOSDS-3:devspaces/traefik-rhel9@sha256:24a8578aa65eaeb3fbbc4809db2bd8e57cd76cc6a96d94ce67aa22f1b5d4a4a5_amd64",
"9Base-RHOSDS-3:devspaces/traefik-rhel9@sha256:2a9c66e55371adf209b5b317068e63cfbd9b3e27da9de210250607da8b3ffdff_ppc64le",
"9Base-RHOSDS-3:devspaces/traefik-rhel9@sha256:90df466eef849a4fd6846345273968f875397d72f24c38445058d462d861ca9c_s390x",
"9Base-RHOSDS-3:devspaces/udi-base-rhel9@sha256:25b8dab260796cc1962ef2c31a6c8b98e258b1a9e8b13580da798a0074acd4e8_amd64",
"9Base-RHOSDS-3:devspaces/udi-base-rhel9@sha256:89d858f949b7bbc4502109ff8ab3cf0f416ad1a4c9432924669fc30eeba26b86_ppc64le",
"9Base-RHOSDS-3:devspaces/udi-base-rhel9@sha256:e1b46dd642b4391ece60c7bc3bb062ba81c3c975cb3723ade62f5a230a43ed5d_s390x",
"9Base-RHOSDS-3:devspaces/udi-rhel9@sha256:c98bbca9019281daafac3fb0ac3590258ca5c93ecc954e5127c1c99db4aa0315_amd64",
"9Base-RHOSDS-3:devspaces/udi-rhel9@sha256:e6d836b45dfb32da1a94114ab9908251da24adeeca932de89ba0e23d4f104e22_s390x",
"9Base-RHOSDS-3:devspaces/udi-rhel9@sha256:f6be90596ba55531a1ef7acf4041ed2828d4fe8a3cdd4e8b251bf4929bd19700_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"9Base-RHOSDS-3:devspaces-tech-preview/idea-rhel9@sha256:e57eccb97cb2329af1654e27ad2ad30bb30de70c496b0e6e4353d2d0ce9274b8_amd64",
"9Base-RHOSDS-3:devspaces-tech-preview/jetbrains-ide-rhel9@sha256:6f3737f74c7659d65af8fe9a7cab165f8cdb1554b8ff963352885e1d9014ff27_amd64",
"9Base-RHOSDS-3:devspaces-tech-preview/jetbrains-ide-rhel9@sha256:82d121266eb9adca7faa9af0da6c89323cfe24add67bcba759a6a81ca161ba2f_s390x",
"9Base-RHOSDS-3:devspaces-tech-preview/jetbrains-ide-rhel9@sha256:9a8899c791034c3395c081fbe55746021d372ea1ea3523f2a72bf7e31a2a4132_ppc64le",
"9Base-RHOSDS-3:devspaces/code-rhel9@sha256:08f2e3cd088b9d1176e61f8017126ecaa7447ade3aede5d63e49bd678b5cc30b_s390x",
"9Base-RHOSDS-3:devspaces/code-rhel9@sha256:d36fb4add09a1576207fe4b114f60142a43b351d218b1f5d0807bacc19c02915_ppc64le",
"9Base-RHOSDS-3:devspaces/code-rhel9@sha256:e48a0e27d13aff1bc60facd4ef3bd875f3b9c68b33c5d9be86dcf2fb46971d24_amd64",
"9Base-RHOSDS-3:devspaces/configbump-rhel9@sha256:403b6c1ddb3fe9337fc1f83129d0b9e51dc18948df29f94212e291246b828e90_amd64",
"9Base-RHOSDS-3:devspaces/configbump-rhel9@sha256:97544fe3e08648e8f0aec09dda768e884b0c213be0b833568747c797d492bb42_ppc64le",
"9Base-RHOSDS-3:devspaces/configbump-rhel9@sha256:a47dcbcc9292e09c31ad8df74d54b58aa03db782700937365434407029c586d7_s390x",
"9Base-RHOSDS-3:devspaces/dashboard-rhel9@sha256:4fb48f0964049b6e56c71cac4973c8ec4ae53b3248ec842e58ec499736e3ffb7_ppc64le",
"9Base-RHOSDS-3:devspaces/dashboard-rhel9@sha256:bbb3292a84927c24cdef7aaff704cc12560172ba0c55021bf397d92f0f8c04c8_amd64",
"9Base-RHOSDS-3:devspaces/dashboard-rhel9@sha256:f894dcaddbc0dd33c9e524e33bf54416f08dd328838bbe2c869eb7201cf7ef1a_s390x",
"9Base-RHOSDS-3:devspaces/devspaces-operator-bundle@sha256:b05f216166a75a5ae3f56495ea4f47a6c3b91d5405360cd991f7c9d545491150_amd64",
"9Base-RHOSDS-3:devspaces/devspaces-operator-bundle@sha256:ba152d33e05c8d53dd9c39249ba9756418619ff784ef1e4cb296a7aa1a33adfd_ppc64le",
"9Base-RHOSDS-3:devspaces/devspaces-operator-bundle@sha256:f463c35bfe9daac4929295c610f07935ff9655793b72d5fd040944fad8307c9a_s390x",
"9Base-RHOSDS-3:devspaces/devspaces-rhel9-operator@sha256:0cfde874c304561625ac5a838df9d90514bafddd5af6f7ed38f1476475497df3_amd64",
"9Base-RHOSDS-3:devspaces/devspaces-rhel9-operator@sha256:23280e408cce44be3fc8ebf244b19f5e386da1e6fab218a1a3ee8a1748f132f9_ppc64le",
"9Base-RHOSDS-3:devspaces/devspaces-rhel9-operator@sha256:e2b9c33d133573a466fead6c5f904d7ef31ba96d5fce1a619f3ff8c47d86a9da_s390x",
"9Base-RHOSDS-3:devspaces/imagepuller-rhel9@sha256:4e11c662d89bb01653f32ed2f3bc66a67be8a1464e267a564a30e36d047b46a6_s390x",
"9Base-RHOSDS-3:devspaces/imagepuller-rhel9@sha256:899c0fa0d3035a2da050c9dc765d2d5a1e79969ac8e5fe772e6dab003940c4b4_amd64",
"9Base-RHOSDS-3:devspaces/imagepuller-rhel9@sha256:8de9e91840963be836e62c27395e7c37ebe1e908770a817197cb938fcf1777dc_ppc64le",
"9Base-RHOSDS-3:devspaces/machineexec-rhel9@sha256:0ce141da5a9eec8fd61d6beee7c993ed4731a4b25501fd3a8f261a4aeab2ccda_amd64",
"9Base-RHOSDS-3:devspaces/machineexec-rhel9@sha256:60f6c9724b2c7e773654d7fd176829661420b6a3eb9df7f72c3560e7890fe691_s390x",
"9Base-RHOSDS-3:devspaces/machineexec-rhel9@sha256:ac07b6bc8c311b357ab5e0545a2b80aa567c2f76b9ed01a3d382b5685b688c83_ppc64le",
"9Base-RHOSDS-3:devspaces/pluginregistry-rhel9@sha256:4c5430c1e53219652c27d861d7a7d577097db0dad05ded83b814275cb9a6cad2_ppc64le",
"9Base-RHOSDS-3:devspaces/pluginregistry-rhel9@sha256:7107f9bf1082a528e0f3af30a5b02e26a770b3430600596e37bebafa18fd0786_amd64",
"9Base-RHOSDS-3:devspaces/pluginregistry-rhel9@sha256:989fc72b261f44374f16ba8aa190791d04da8b295933f724a00bc31a84efd89e_s390x",
"9Base-RHOSDS-3:devspaces/server-rhel9@sha256:52ea2c5e3244363b1d131b8551c10abc687b18f95ca5b9f561f79041a6f06c21_amd64",
"9Base-RHOSDS-3:devspaces/server-rhel9@sha256:ae275fed16fdc724d0e48659c3de940e4af3e0722d3b5d465634d31f5a2a972e_s390x",
"9Base-RHOSDS-3:devspaces/server-rhel9@sha256:edae16c9f7a40feaf051b22a05945fd3a51033d031b742346105cff657848881_ppc64le",
"9Base-RHOSDS-3:devspaces/traefik-rhel9@sha256:24a8578aa65eaeb3fbbc4809db2bd8e57cd76cc6a96d94ce67aa22f1b5d4a4a5_amd64",
"9Base-RHOSDS-3:devspaces/traefik-rhel9@sha256:2a9c66e55371adf209b5b317068e63cfbd9b3e27da9de210250607da8b3ffdff_ppc64le",
"9Base-RHOSDS-3:devspaces/traefik-rhel9@sha256:90df466eef849a4fd6846345273968f875397d72f24c38445058d462d861ca9c_s390x",
"9Base-RHOSDS-3:devspaces/udi-base-rhel9@sha256:25b8dab260796cc1962ef2c31a6c8b98e258b1a9e8b13580da798a0074acd4e8_amd64",
"9Base-RHOSDS-3:devspaces/udi-base-rhel9@sha256:89d858f949b7bbc4502109ff8ab3cf0f416ad1a4c9432924669fc30eeba26b86_ppc64le",
"9Base-RHOSDS-3:devspaces/udi-base-rhel9@sha256:e1b46dd642b4391ece60c7bc3bb062ba81c3c975cb3723ade62f5a230a43ed5d_s390x",
"9Base-RHOSDS-3:devspaces/udi-rhel9@sha256:c98bbca9019281daafac3fb0ac3590258ca5c93ecc954e5127c1c99db4aa0315_amd64",
"9Base-RHOSDS-3:devspaces/udi-rhel9@sha256:e6d836b45dfb32da1a94114ab9908251da24adeeca932de89ba0e23d4f104e22_s390x",
"9Base-RHOSDS-3:devspaces/udi-rhel9@sha256:f6be90596ba55531a1ef7acf4041ed2828d4fe8a3cdd4e8b251bf4929bd19700_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang.org/x/crypto/ssh: Misuse of ServerConfig.PublicKeyCallback may cause authorization bypass in golang.org/x/crypto"
},
{
"cve": "CVE-2024-45410",
"cwe": {
"id": "CWE-348",
"name": "Use of Less Trusted Source"
},
"discovery_date": "2024-09-19T17:00:10.951603+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2313584"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Traefik. When a HTTP request is processed by Traefik, certain HTTP headers such as X-Forwarded-Host or X-Forwarded-Port are added by Traefik before the request is routed to the application. For a HTTP client, it should not be possible to remove or modify these headers. Since the application trusts the value of these headers, security implications might arise if they can be modified. For HTTP/1.1, however, it was found that some of theses custom headers can indeed be removed and in certain cases manipulated.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "traefik: HTTP client can manipulate custom HTTP headers that are added by Traefik",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability in Traefik is important due to its impact on the integrity of HTTP headers that are often used for security-sensitive operations. When the X-Forwarded headers, such as X-Forwarded-Host or X-Forwarded-Tls-Client-Cert, can be removed or manipulated by the client, applications relying on these headers for trust validation, client authentication, or access control are exposed to potential privilege escalation or unauthorized access. The ability to bypass or alter these headers compromises the security model that many backend services depend on, particularly in reverse proxy or load balancer setups.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHOSDS-3:devspaces-tech-preview/idea-rhel9@sha256:e57eccb97cb2329af1654e27ad2ad30bb30de70c496b0e6e4353d2d0ce9274b8_amd64",
"9Base-RHOSDS-3:devspaces-tech-preview/jetbrains-ide-rhel9@sha256:6f3737f74c7659d65af8fe9a7cab165f8cdb1554b8ff963352885e1d9014ff27_amd64",
"9Base-RHOSDS-3:devspaces-tech-preview/jetbrains-ide-rhel9@sha256:82d121266eb9adca7faa9af0da6c89323cfe24add67bcba759a6a81ca161ba2f_s390x",
"9Base-RHOSDS-3:devspaces-tech-preview/jetbrains-ide-rhel9@sha256:9a8899c791034c3395c081fbe55746021d372ea1ea3523f2a72bf7e31a2a4132_ppc64le",
"9Base-RHOSDS-3:devspaces/code-rhel9@sha256:08f2e3cd088b9d1176e61f8017126ecaa7447ade3aede5d63e49bd678b5cc30b_s390x",
"9Base-RHOSDS-3:devspaces/code-rhel9@sha256:d36fb4add09a1576207fe4b114f60142a43b351d218b1f5d0807bacc19c02915_ppc64le",
"9Base-RHOSDS-3:devspaces/code-rhel9@sha256:e48a0e27d13aff1bc60facd4ef3bd875f3b9c68b33c5d9be86dcf2fb46971d24_amd64",
"9Base-RHOSDS-3:devspaces/configbump-rhel9@sha256:403b6c1ddb3fe9337fc1f83129d0b9e51dc18948df29f94212e291246b828e90_amd64",
"9Base-RHOSDS-3:devspaces/configbump-rhel9@sha256:97544fe3e08648e8f0aec09dda768e884b0c213be0b833568747c797d492bb42_ppc64le",
"9Base-RHOSDS-3:devspaces/configbump-rhel9@sha256:a47dcbcc9292e09c31ad8df74d54b58aa03db782700937365434407029c586d7_s390x",
"9Base-RHOSDS-3:devspaces/dashboard-rhel9@sha256:4fb48f0964049b6e56c71cac4973c8ec4ae53b3248ec842e58ec499736e3ffb7_ppc64le",
"9Base-RHOSDS-3:devspaces/dashboard-rhel9@sha256:bbb3292a84927c24cdef7aaff704cc12560172ba0c55021bf397d92f0f8c04c8_amd64",
"9Base-RHOSDS-3:devspaces/dashboard-rhel9@sha256:f894dcaddbc0dd33c9e524e33bf54416f08dd328838bbe2c869eb7201cf7ef1a_s390x",
"9Base-RHOSDS-3:devspaces/devspaces-operator-bundle@sha256:b05f216166a75a5ae3f56495ea4f47a6c3b91d5405360cd991f7c9d545491150_amd64",
"9Base-RHOSDS-3:devspaces/devspaces-operator-bundle@sha256:ba152d33e05c8d53dd9c39249ba9756418619ff784ef1e4cb296a7aa1a33adfd_ppc64le",
"9Base-RHOSDS-3:devspaces/devspaces-operator-bundle@sha256:f463c35bfe9daac4929295c610f07935ff9655793b72d5fd040944fad8307c9a_s390x",
"9Base-RHOSDS-3:devspaces/devspaces-rhel9-operator@sha256:0cfde874c304561625ac5a838df9d90514bafddd5af6f7ed38f1476475497df3_amd64",
"9Base-RHOSDS-3:devspaces/devspaces-rhel9-operator@sha256:23280e408cce44be3fc8ebf244b19f5e386da1e6fab218a1a3ee8a1748f132f9_ppc64le",
"9Base-RHOSDS-3:devspaces/devspaces-rhel9-operator@sha256:e2b9c33d133573a466fead6c5f904d7ef31ba96d5fce1a619f3ff8c47d86a9da_s390x",
"9Base-RHOSDS-3:devspaces/imagepuller-rhel9@sha256:4e11c662d89bb01653f32ed2f3bc66a67be8a1464e267a564a30e36d047b46a6_s390x",
"9Base-RHOSDS-3:devspaces/imagepuller-rhel9@sha256:899c0fa0d3035a2da050c9dc765d2d5a1e79969ac8e5fe772e6dab003940c4b4_amd64",
"9Base-RHOSDS-3:devspaces/imagepuller-rhel9@sha256:8de9e91840963be836e62c27395e7c37ebe1e908770a817197cb938fcf1777dc_ppc64le",
"9Base-RHOSDS-3:devspaces/machineexec-rhel9@sha256:0ce141da5a9eec8fd61d6beee7c993ed4731a4b25501fd3a8f261a4aeab2ccda_amd64",
"9Base-RHOSDS-3:devspaces/machineexec-rhel9@sha256:60f6c9724b2c7e773654d7fd176829661420b6a3eb9df7f72c3560e7890fe691_s390x",
"9Base-RHOSDS-3:devspaces/machineexec-rhel9@sha256:ac07b6bc8c311b357ab5e0545a2b80aa567c2f76b9ed01a3d382b5685b688c83_ppc64le",
"9Base-RHOSDS-3:devspaces/pluginregistry-rhel9@sha256:4c5430c1e53219652c27d861d7a7d577097db0dad05ded83b814275cb9a6cad2_ppc64le",
"9Base-RHOSDS-3:devspaces/pluginregistry-rhel9@sha256:7107f9bf1082a528e0f3af30a5b02e26a770b3430600596e37bebafa18fd0786_amd64",
"9Base-RHOSDS-3:devspaces/pluginregistry-rhel9@sha256:989fc72b261f44374f16ba8aa190791d04da8b295933f724a00bc31a84efd89e_s390x",
"9Base-RHOSDS-3:devspaces/server-rhel9@sha256:52ea2c5e3244363b1d131b8551c10abc687b18f95ca5b9f561f79041a6f06c21_amd64",
"9Base-RHOSDS-3:devspaces/server-rhel9@sha256:ae275fed16fdc724d0e48659c3de940e4af3e0722d3b5d465634d31f5a2a972e_s390x",
"9Base-RHOSDS-3:devspaces/server-rhel9@sha256:edae16c9f7a40feaf051b22a05945fd3a51033d031b742346105cff657848881_ppc64le",
"9Base-RHOSDS-3:devspaces/traefik-rhel9@sha256:24a8578aa65eaeb3fbbc4809db2bd8e57cd76cc6a96d94ce67aa22f1b5d4a4a5_amd64",
"9Base-RHOSDS-3:devspaces/traefik-rhel9@sha256:2a9c66e55371adf209b5b317068e63cfbd9b3e27da9de210250607da8b3ffdff_ppc64le",
"9Base-RHOSDS-3:devspaces/traefik-rhel9@sha256:90df466eef849a4fd6846345273968f875397d72f24c38445058d462d861ca9c_s390x",
"9Base-RHOSDS-3:devspaces/udi-base-rhel9@sha256:25b8dab260796cc1962ef2c31a6c8b98e258b1a9e8b13580da798a0074acd4e8_amd64",
"9Base-RHOSDS-3:devspaces/udi-base-rhel9@sha256:89d858f949b7bbc4502109ff8ab3cf0f416ad1a4c9432924669fc30eeba26b86_ppc64le",
"9Base-RHOSDS-3:devspaces/udi-base-rhel9@sha256:e1b46dd642b4391ece60c7bc3bb062ba81c3c975cb3723ade62f5a230a43ed5d_s390x",
"9Base-RHOSDS-3:devspaces/udi-rhel9@sha256:c98bbca9019281daafac3fb0ac3590258ca5c93ecc954e5127c1c99db4aa0315_amd64",
"9Base-RHOSDS-3:devspaces/udi-rhel9@sha256:e6d836b45dfb32da1a94114ab9908251da24adeeca932de89ba0e23d4f104e22_s390x",
"9Base-RHOSDS-3:devspaces/udi-rhel9@sha256:f6be90596ba55531a1ef7acf4041ed2828d4fe8a3cdd4e8b251bf4929bd19700_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-45410"
},
{
"category": "external",
"summary": "RHBZ#2313584",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2313584"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-45410",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45410"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-45410",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-45410"
},
{
"category": "external",
"summary": "https://github.com/traefik/traefik",
"url": "https://github.com/traefik/traefik"
},
{
"category": "external",
"summary": "https://github.com/traefik/traefik/commit/584144100524277829f26219baaab29a53b8134f",
"url": "https://github.com/traefik/traefik/commit/584144100524277829f26219baaab29a53b8134f"
},
{
"category": "external",
"summary": "https://github.com/traefik/traefik/releases/tag/v2.11.9",
"url": "https://github.com/traefik/traefik/releases/tag/v2.11.9"
},
{
"category": "external",
"summary": "https://github.com/traefik/traefik/releases/tag/v3.1.3",
"url": "https://github.com/traefik/traefik/releases/tag/v3.1.3"
},
{
"category": "external",
"summary": "https://github.com/traefik/traefik/security/advisories/GHSA-62c8-mh53-4cqv",
"url": "https://github.com/traefik/traefik/security/advisories/GHSA-62c8-mh53-4cqv"
}
],
"release_date": "2024-09-19T14:48:10+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-05-28T02:39:39+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-RHOSDS-3:devspaces-tech-preview/idea-rhel9@sha256:e57eccb97cb2329af1654e27ad2ad30bb30de70c496b0e6e4353d2d0ce9274b8_amd64",
"9Base-RHOSDS-3:devspaces-tech-preview/jetbrains-ide-rhel9@sha256:6f3737f74c7659d65af8fe9a7cab165f8cdb1554b8ff963352885e1d9014ff27_amd64",
"9Base-RHOSDS-3:devspaces-tech-preview/jetbrains-ide-rhel9@sha256:82d121266eb9adca7faa9af0da6c89323cfe24add67bcba759a6a81ca161ba2f_s390x",
"9Base-RHOSDS-3:devspaces-tech-preview/jetbrains-ide-rhel9@sha256:9a8899c791034c3395c081fbe55746021d372ea1ea3523f2a72bf7e31a2a4132_ppc64le",
"9Base-RHOSDS-3:devspaces/code-rhel9@sha256:08f2e3cd088b9d1176e61f8017126ecaa7447ade3aede5d63e49bd678b5cc30b_s390x",
"9Base-RHOSDS-3:devspaces/code-rhel9@sha256:d36fb4add09a1576207fe4b114f60142a43b351d218b1f5d0807bacc19c02915_ppc64le",
"9Base-RHOSDS-3:devspaces/code-rhel9@sha256:e48a0e27d13aff1bc60facd4ef3bd875f3b9c68b33c5d9be86dcf2fb46971d24_amd64",
"9Base-RHOSDS-3:devspaces/configbump-rhel9@sha256:403b6c1ddb3fe9337fc1f83129d0b9e51dc18948df29f94212e291246b828e90_amd64",
"9Base-RHOSDS-3:devspaces/configbump-rhel9@sha256:97544fe3e08648e8f0aec09dda768e884b0c213be0b833568747c797d492bb42_ppc64le",
"9Base-RHOSDS-3:devspaces/configbump-rhel9@sha256:a47dcbcc9292e09c31ad8df74d54b58aa03db782700937365434407029c586d7_s390x",
"9Base-RHOSDS-3:devspaces/dashboard-rhel9@sha256:4fb48f0964049b6e56c71cac4973c8ec4ae53b3248ec842e58ec499736e3ffb7_ppc64le",
"9Base-RHOSDS-3:devspaces/dashboard-rhel9@sha256:bbb3292a84927c24cdef7aaff704cc12560172ba0c55021bf397d92f0f8c04c8_amd64",
"9Base-RHOSDS-3:devspaces/dashboard-rhel9@sha256:f894dcaddbc0dd33c9e524e33bf54416f08dd328838bbe2c869eb7201cf7ef1a_s390x",
"9Base-RHOSDS-3:devspaces/devspaces-operator-bundle@sha256:b05f216166a75a5ae3f56495ea4f47a6c3b91d5405360cd991f7c9d545491150_amd64",
"9Base-RHOSDS-3:devspaces/devspaces-operator-bundle@sha256:ba152d33e05c8d53dd9c39249ba9756418619ff784ef1e4cb296a7aa1a33adfd_ppc64le",
"9Base-RHOSDS-3:devspaces/devspaces-operator-bundle@sha256:f463c35bfe9daac4929295c610f07935ff9655793b72d5fd040944fad8307c9a_s390x",
"9Base-RHOSDS-3:devspaces/devspaces-rhel9-operator@sha256:0cfde874c304561625ac5a838df9d90514bafddd5af6f7ed38f1476475497df3_amd64",
"9Base-RHOSDS-3:devspaces/devspaces-rhel9-operator@sha256:23280e408cce44be3fc8ebf244b19f5e386da1e6fab218a1a3ee8a1748f132f9_ppc64le",
"9Base-RHOSDS-3:devspaces/devspaces-rhel9-operator@sha256:e2b9c33d133573a466fead6c5f904d7ef31ba96d5fce1a619f3ff8c47d86a9da_s390x",
"9Base-RHOSDS-3:devspaces/imagepuller-rhel9@sha256:4e11c662d89bb01653f32ed2f3bc66a67be8a1464e267a564a30e36d047b46a6_s390x",
"9Base-RHOSDS-3:devspaces/imagepuller-rhel9@sha256:899c0fa0d3035a2da050c9dc765d2d5a1e79969ac8e5fe772e6dab003940c4b4_amd64",
"9Base-RHOSDS-3:devspaces/imagepuller-rhel9@sha256:8de9e91840963be836e62c27395e7c37ebe1e908770a817197cb938fcf1777dc_ppc64le",
"9Base-RHOSDS-3:devspaces/machineexec-rhel9@sha256:0ce141da5a9eec8fd61d6beee7c993ed4731a4b25501fd3a8f261a4aeab2ccda_amd64",
"9Base-RHOSDS-3:devspaces/machineexec-rhel9@sha256:60f6c9724b2c7e773654d7fd176829661420b6a3eb9df7f72c3560e7890fe691_s390x",
"9Base-RHOSDS-3:devspaces/machineexec-rhel9@sha256:ac07b6bc8c311b357ab5e0545a2b80aa567c2f76b9ed01a3d382b5685b688c83_ppc64le",
"9Base-RHOSDS-3:devspaces/pluginregistry-rhel9@sha256:4c5430c1e53219652c27d861d7a7d577097db0dad05ded83b814275cb9a6cad2_ppc64le",
"9Base-RHOSDS-3:devspaces/pluginregistry-rhel9@sha256:7107f9bf1082a528e0f3af30a5b02e26a770b3430600596e37bebafa18fd0786_amd64",
"9Base-RHOSDS-3:devspaces/pluginregistry-rhel9@sha256:989fc72b261f44374f16ba8aa190791d04da8b295933f724a00bc31a84efd89e_s390x",
"9Base-RHOSDS-3:devspaces/server-rhel9@sha256:52ea2c5e3244363b1d131b8551c10abc687b18f95ca5b9f561f79041a6f06c21_amd64",
"9Base-RHOSDS-3:devspaces/server-rhel9@sha256:ae275fed16fdc724d0e48659c3de940e4af3e0722d3b5d465634d31f5a2a972e_s390x",
"9Base-RHOSDS-3:devspaces/server-rhel9@sha256:edae16c9f7a40feaf051b22a05945fd3a51033d031b742346105cff657848881_ppc64le",
"9Base-RHOSDS-3:devspaces/traefik-rhel9@sha256:24a8578aa65eaeb3fbbc4809db2bd8e57cd76cc6a96d94ce67aa22f1b5d4a4a5_amd64",
"9Base-RHOSDS-3:devspaces/traefik-rhel9@sha256:2a9c66e55371adf209b5b317068e63cfbd9b3e27da9de210250607da8b3ffdff_ppc64le",
"9Base-RHOSDS-3:devspaces/traefik-rhel9@sha256:90df466eef849a4fd6846345273968f875397d72f24c38445058d462d861ca9c_s390x",
"9Base-RHOSDS-3:devspaces/udi-base-rhel9@sha256:25b8dab260796cc1962ef2c31a6c8b98e258b1a9e8b13580da798a0074acd4e8_amd64",
"9Base-RHOSDS-3:devspaces/udi-base-rhel9@sha256:89d858f949b7bbc4502109ff8ab3cf0f416ad1a4c9432924669fc30eeba26b86_ppc64le",
"9Base-RHOSDS-3:devspaces/udi-base-rhel9@sha256:e1b46dd642b4391ece60c7bc3bb062ba81c3c975cb3723ade62f5a230a43ed5d_s390x",
"9Base-RHOSDS-3:devspaces/udi-rhel9@sha256:c98bbca9019281daafac3fb0ac3590258ca5c93ecc954e5127c1c99db4aa0315_amd64",
"9Base-RHOSDS-3:devspaces/udi-rhel9@sha256:e6d836b45dfb32da1a94114ab9908251da24adeeca932de89ba0e23d4f104e22_s390x",
"9Base-RHOSDS-3:devspaces/udi-rhel9@sha256:f6be90596ba55531a1ef7acf4041ed2828d4fe8a3cdd4e8b251bf4929bd19700_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:8244"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"9Base-RHOSDS-3:devspaces-tech-preview/idea-rhel9@sha256:e57eccb97cb2329af1654e27ad2ad30bb30de70c496b0e6e4353d2d0ce9274b8_amd64",
"9Base-RHOSDS-3:devspaces-tech-preview/jetbrains-ide-rhel9@sha256:6f3737f74c7659d65af8fe9a7cab165f8cdb1554b8ff963352885e1d9014ff27_amd64",
"9Base-RHOSDS-3:devspaces-tech-preview/jetbrains-ide-rhel9@sha256:82d121266eb9adca7faa9af0da6c89323cfe24add67bcba759a6a81ca161ba2f_s390x",
"9Base-RHOSDS-3:devspaces-tech-preview/jetbrains-ide-rhel9@sha256:9a8899c791034c3395c081fbe55746021d372ea1ea3523f2a72bf7e31a2a4132_ppc64le",
"9Base-RHOSDS-3:devspaces/code-rhel9@sha256:08f2e3cd088b9d1176e61f8017126ecaa7447ade3aede5d63e49bd678b5cc30b_s390x",
"9Base-RHOSDS-3:devspaces/code-rhel9@sha256:d36fb4add09a1576207fe4b114f60142a43b351d218b1f5d0807bacc19c02915_ppc64le",
"9Base-RHOSDS-3:devspaces/code-rhel9@sha256:e48a0e27d13aff1bc60facd4ef3bd875f3b9c68b33c5d9be86dcf2fb46971d24_amd64",
"9Base-RHOSDS-3:devspaces/configbump-rhel9@sha256:403b6c1ddb3fe9337fc1f83129d0b9e51dc18948df29f94212e291246b828e90_amd64",
"9Base-RHOSDS-3:devspaces/configbump-rhel9@sha256:97544fe3e08648e8f0aec09dda768e884b0c213be0b833568747c797d492bb42_ppc64le",
"9Base-RHOSDS-3:devspaces/configbump-rhel9@sha256:a47dcbcc9292e09c31ad8df74d54b58aa03db782700937365434407029c586d7_s390x",
"9Base-RHOSDS-3:devspaces/dashboard-rhel9@sha256:4fb48f0964049b6e56c71cac4973c8ec4ae53b3248ec842e58ec499736e3ffb7_ppc64le",
"9Base-RHOSDS-3:devspaces/dashboard-rhel9@sha256:bbb3292a84927c24cdef7aaff704cc12560172ba0c55021bf397d92f0f8c04c8_amd64",
"9Base-RHOSDS-3:devspaces/dashboard-rhel9@sha256:f894dcaddbc0dd33c9e524e33bf54416f08dd328838bbe2c869eb7201cf7ef1a_s390x",
"9Base-RHOSDS-3:devspaces/devspaces-operator-bundle@sha256:b05f216166a75a5ae3f56495ea4f47a6c3b91d5405360cd991f7c9d545491150_amd64",
"9Base-RHOSDS-3:devspaces/devspaces-operator-bundle@sha256:ba152d33e05c8d53dd9c39249ba9756418619ff784ef1e4cb296a7aa1a33adfd_ppc64le",
"9Base-RHOSDS-3:devspaces/devspaces-operator-bundle@sha256:f463c35bfe9daac4929295c610f07935ff9655793b72d5fd040944fad8307c9a_s390x",
"9Base-RHOSDS-3:devspaces/devspaces-rhel9-operator@sha256:0cfde874c304561625ac5a838df9d90514bafddd5af6f7ed38f1476475497df3_amd64",
"9Base-RHOSDS-3:devspaces/devspaces-rhel9-operator@sha256:23280e408cce44be3fc8ebf244b19f5e386da1e6fab218a1a3ee8a1748f132f9_ppc64le",
"9Base-RHOSDS-3:devspaces/devspaces-rhel9-operator@sha256:e2b9c33d133573a466fead6c5f904d7ef31ba96d5fce1a619f3ff8c47d86a9da_s390x",
"9Base-RHOSDS-3:devspaces/imagepuller-rhel9@sha256:4e11c662d89bb01653f32ed2f3bc66a67be8a1464e267a564a30e36d047b46a6_s390x",
"9Base-RHOSDS-3:devspaces/imagepuller-rhel9@sha256:899c0fa0d3035a2da050c9dc765d2d5a1e79969ac8e5fe772e6dab003940c4b4_amd64",
"9Base-RHOSDS-3:devspaces/imagepuller-rhel9@sha256:8de9e91840963be836e62c27395e7c37ebe1e908770a817197cb938fcf1777dc_ppc64le",
"9Base-RHOSDS-3:devspaces/machineexec-rhel9@sha256:0ce141da5a9eec8fd61d6beee7c993ed4731a4b25501fd3a8f261a4aeab2ccda_amd64",
"9Base-RHOSDS-3:devspaces/machineexec-rhel9@sha256:60f6c9724b2c7e773654d7fd176829661420b6a3eb9df7f72c3560e7890fe691_s390x",
"9Base-RHOSDS-3:devspaces/machineexec-rhel9@sha256:ac07b6bc8c311b357ab5e0545a2b80aa567c2f76b9ed01a3d382b5685b688c83_ppc64le",
"9Base-RHOSDS-3:devspaces/pluginregistry-rhel9@sha256:4c5430c1e53219652c27d861d7a7d577097db0dad05ded83b814275cb9a6cad2_ppc64le",
"9Base-RHOSDS-3:devspaces/pluginregistry-rhel9@sha256:7107f9bf1082a528e0f3af30a5b02e26a770b3430600596e37bebafa18fd0786_amd64",
"9Base-RHOSDS-3:devspaces/pluginregistry-rhel9@sha256:989fc72b261f44374f16ba8aa190791d04da8b295933f724a00bc31a84efd89e_s390x",
"9Base-RHOSDS-3:devspaces/server-rhel9@sha256:52ea2c5e3244363b1d131b8551c10abc687b18f95ca5b9f561f79041a6f06c21_amd64",
"9Base-RHOSDS-3:devspaces/server-rhel9@sha256:ae275fed16fdc724d0e48659c3de940e4af3e0722d3b5d465634d31f5a2a972e_s390x",
"9Base-RHOSDS-3:devspaces/server-rhel9@sha256:edae16c9f7a40feaf051b22a05945fd3a51033d031b742346105cff657848881_ppc64le",
"9Base-RHOSDS-3:devspaces/traefik-rhel9@sha256:24a8578aa65eaeb3fbbc4809db2bd8e57cd76cc6a96d94ce67aa22f1b5d4a4a5_amd64",
"9Base-RHOSDS-3:devspaces/traefik-rhel9@sha256:2a9c66e55371adf209b5b317068e63cfbd9b3e27da9de210250607da8b3ffdff_ppc64le",
"9Base-RHOSDS-3:devspaces/traefik-rhel9@sha256:90df466eef849a4fd6846345273968f875397d72f24c38445058d462d861ca9c_s390x",
"9Base-RHOSDS-3:devspaces/udi-base-rhel9@sha256:25b8dab260796cc1962ef2c31a6c8b98e258b1a9e8b13580da798a0074acd4e8_amd64",
"9Base-RHOSDS-3:devspaces/udi-base-rhel9@sha256:89d858f949b7bbc4502109ff8ab3cf0f416ad1a4c9432924669fc30eeba26b86_ppc64le",
"9Base-RHOSDS-3:devspaces/udi-base-rhel9@sha256:e1b46dd642b4391ece60c7bc3bb062ba81c3c975cb3723ade62f5a230a43ed5d_s390x",
"9Base-RHOSDS-3:devspaces/udi-rhel9@sha256:c98bbca9019281daafac3fb0ac3590258ca5c93ecc954e5127c1c99db4aa0315_amd64",
"9Base-RHOSDS-3:devspaces/udi-rhel9@sha256:e6d836b45dfb32da1a94114ab9908251da24adeeca932de89ba0e23d4f104e22_s390x",
"9Base-RHOSDS-3:devspaces/udi-rhel9@sha256:f6be90596ba55531a1ef7acf4041ed2828d4fe8a3cdd4e8b251bf4929bd19700_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"9Base-RHOSDS-3:devspaces-tech-preview/idea-rhel9@sha256:e57eccb97cb2329af1654e27ad2ad30bb30de70c496b0e6e4353d2d0ce9274b8_amd64",
"9Base-RHOSDS-3:devspaces-tech-preview/jetbrains-ide-rhel9@sha256:6f3737f74c7659d65af8fe9a7cab165f8cdb1554b8ff963352885e1d9014ff27_amd64",
"9Base-RHOSDS-3:devspaces-tech-preview/jetbrains-ide-rhel9@sha256:82d121266eb9adca7faa9af0da6c89323cfe24add67bcba759a6a81ca161ba2f_s390x",
"9Base-RHOSDS-3:devspaces-tech-preview/jetbrains-ide-rhel9@sha256:9a8899c791034c3395c081fbe55746021d372ea1ea3523f2a72bf7e31a2a4132_ppc64le",
"9Base-RHOSDS-3:devspaces/code-rhel9@sha256:08f2e3cd088b9d1176e61f8017126ecaa7447ade3aede5d63e49bd678b5cc30b_s390x",
"9Base-RHOSDS-3:devspaces/code-rhel9@sha256:d36fb4add09a1576207fe4b114f60142a43b351d218b1f5d0807bacc19c02915_ppc64le",
"9Base-RHOSDS-3:devspaces/code-rhel9@sha256:e48a0e27d13aff1bc60facd4ef3bd875f3b9c68b33c5d9be86dcf2fb46971d24_amd64",
"9Base-RHOSDS-3:devspaces/configbump-rhel9@sha256:403b6c1ddb3fe9337fc1f83129d0b9e51dc18948df29f94212e291246b828e90_amd64",
"9Base-RHOSDS-3:devspaces/configbump-rhel9@sha256:97544fe3e08648e8f0aec09dda768e884b0c213be0b833568747c797d492bb42_ppc64le",
"9Base-RHOSDS-3:devspaces/configbump-rhel9@sha256:a47dcbcc9292e09c31ad8df74d54b58aa03db782700937365434407029c586d7_s390x",
"9Base-RHOSDS-3:devspaces/dashboard-rhel9@sha256:4fb48f0964049b6e56c71cac4973c8ec4ae53b3248ec842e58ec499736e3ffb7_ppc64le",
"9Base-RHOSDS-3:devspaces/dashboard-rhel9@sha256:bbb3292a84927c24cdef7aaff704cc12560172ba0c55021bf397d92f0f8c04c8_amd64",
"9Base-RHOSDS-3:devspaces/dashboard-rhel9@sha256:f894dcaddbc0dd33c9e524e33bf54416f08dd328838bbe2c869eb7201cf7ef1a_s390x",
"9Base-RHOSDS-3:devspaces/devspaces-operator-bundle@sha256:b05f216166a75a5ae3f56495ea4f47a6c3b91d5405360cd991f7c9d545491150_amd64",
"9Base-RHOSDS-3:devspaces/devspaces-operator-bundle@sha256:ba152d33e05c8d53dd9c39249ba9756418619ff784ef1e4cb296a7aa1a33adfd_ppc64le",
"9Base-RHOSDS-3:devspaces/devspaces-operator-bundle@sha256:f463c35bfe9daac4929295c610f07935ff9655793b72d5fd040944fad8307c9a_s390x",
"9Base-RHOSDS-3:devspaces/devspaces-rhel9-operator@sha256:0cfde874c304561625ac5a838df9d90514bafddd5af6f7ed38f1476475497df3_amd64",
"9Base-RHOSDS-3:devspaces/devspaces-rhel9-operator@sha256:23280e408cce44be3fc8ebf244b19f5e386da1e6fab218a1a3ee8a1748f132f9_ppc64le",
"9Base-RHOSDS-3:devspaces/devspaces-rhel9-operator@sha256:e2b9c33d133573a466fead6c5f904d7ef31ba96d5fce1a619f3ff8c47d86a9da_s390x",
"9Base-RHOSDS-3:devspaces/imagepuller-rhel9@sha256:4e11c662d89bb01653f32ed2f3bc66a67be8a1464e267a564a30e36d047b46a6_s390x",
"9Base-RHOSDS-3:devspaces/imagepuller-rhel9@sha256:899c0fa0d3035a2da050c9dc765d2d5a1e79969ac8e5fe772e6dab003940c4b4_amd64",
"9Base-RHOSDS-3:devspaces/imagepuller-rhel9@sha256:8de9e91840963be836e62c27395e7c37ebe1e908770a817197cb938fcf1777dc_ppc64le",
"9Base-RHOSDS-3:devspaces/machineexec-rhel9@sha256:0ce141da5a9eec8fd61d6beee7c993ed4731a4b25501fd3a8f261a4aeab2ccda_amd64",
"9Base-RHOSDS-3:devspaces/machineexec-rhel9@sha256:60f6c9724b2c7e773654d7fd176829661420b6a3eb9df7f72c3560e7890fe691_s390x",
"9Base-RHOSDS-3:devspaces/machineexec-rhel9@sha256:ac07b6bc8c311b357ab5e0545a2b80aa567c2f76b9ed01a3d382b5685b688c83_ppc64le",
"9Base-RHOSDS-3:devspaces/pluginregistry-rhel9@sha256:4c5430c1e53219652c27d861d7a7d577097db0dad05ded83b814275cb9a6cad2_ppc64le",
"9Base-RHOSDS-3:devspaces/pluginregistry-rhel9@sha256:7107f9bf1082a528e0f3af30a5b02e26a770b3430600596e37bebafa18fd0786_amd64",
"9Base-RHOSDS-3:devspaces/pluginregistry-rhel9@sha256:989fc72b261f44374f16ba8aa190791d04da8b295933f724a00bc31a84efd89e_s390x",
"9Base-RHOSDS-3:devspaces/server-rhel9@sha256:52ea2c5e3244363b1d131b8551c10abc687b18f95ca5b9f561f79041a6f06c21_amd64",
"9Base-RHOSDS-3:devspaces/server-rhel9@sha256:ae275fed16fdc724d0e48659c3de940e4af3e0722d3b5d465634d31f5a2a972e_s390x",
"9Base-RHOSDS-3:devspaces/server-rhel9@sha256:edae16c9f7a40feaf051b22a05945fd3a51033d031b742346105cff657848881_ppc64le",
"9Base-RHOSDS-3:devspaces/traefik-rhel9@sha256:24a8578aa65eaeb3fbbc4809db2bd8e57cd76cc6a96d94ce67aa22f1b5d4a4a5_amd64",
"9Base-RHOSDS-3:devspaces/traefik-rhel9@sha256:2a9c66e55371adf209b5b317068e63cfbd9b3e27da9de210250607da8b3ffdff_ppc64le",
"9Base-RHOSDS-3:devspaces/traefik-rhel9@sha256:90df466eef849a4fd6846345273968f875397d72f24c38445058d462d861ca9c_s390x",
"9Base-RHOSDS-3:devspaces/udi-base-rhel9@sha256:25b8dab260796cc1962ef2c31a6c8b98e258b1a9e8b13580da798a0074acd4e8_amd64",
"9Base-RHOSDS-3:devspaces/udi-base-rhel9@sha256:89d858f949b7bbc4502109ff8ab3cf0f416ad1a4c9432924669fc30eeba26b86_ppc64le",
"9Base-RHOSDS-3:devspaces/udi-base-rhel9@sha256:e1b46dd642b4391ece60c7bc3bb062ba81c3c975cb3723ade62f5a230a43ed5d_s390x",
"9Base-RHOSDS-3:devspaces/udi-rhel9@sha256:c98bbca9019281daafac3fb0ac3590258ca5c93ecc954e5127c1c99db4aa0315_amd64",
"9Base-RHOSDS-3:devspaces/udi-rhel9@sha256:e6d836b45dfb32da1a94114ab9908251da24adeeca932de89ba0e23d4f104e22_s390x",
"9Base-RHOSDS-3:devspaces/udi-rhel9@sha256:f6be90596ba55531a1ef7acf4041ed2828d4fe8a3cdd4e8b251bf4929bd19700_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "traefik: HTTP client can manipulate custom HTTP headers that are added by Traefik"
},
{
"cve": "CVE-2025-22869",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2025-02-26T04:00:47.683125+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2348367"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the golang.org/x/crypto/ssh package. SSH clients and servers are vulnerable to increased resource consumption, possibly leading to memory exhaustion and a DoS. This can occur during key exchange when the other party is slow to respond during key exchange.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang.org/x/crypto/ssh: Denial of Service in the Key Exchange of golang.org/x/crypto/ssh",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "While this flaw affects both SSH clients and servers implemented with golang.org/x/crypto/ssh, realistically the flaw will only lead to a DoS when transferring large files, greatly reducing the likelihood of exploitation.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHOSDS-3:devspaces-tech-preview/idea-rhel9@sha256:e57eccb97cb2329af1654e27ad2ad30bb30de70c496b0e6e4353d2d0ce9274b8_amd64",
"9Base-RHOSDS-3:devspaces-tech-preview/jetbrains-ide-rhel9@sha256:6f3737f74c7659d65af8fe9a7cab165f8cdb1554b8ff963352885e1d9014ff27_amd64",
"9Base-RHOSDS-3:devspaces-tech-preview/jetbrains-ide-rhel9@sha256:82d121266eb9adca7faa9af0da6c89323cfe24add67bcba759a6a81ca161ba2f_s390x",
"9Base-RHOSDS-3:devspaces-tech-preview/jetbrains-ide-rhel9@sha256:9a8899c791034c3395c081fbe55746021d372ea1ea3523f2a72bf7e31a2a4132_ppc64le",
"9Base-RHOSDS-3:devspaces/code-rhel9@sha256:08f2e3cd088b9d1176e61f8017126ecaa7447ade3aede5d63e49bd678b5cc30b_s390x",
"9Base-RHOSDS-3:devspaces/code-rhel9@sha256:d36fb4add09a1576207fe4b114f60142a43b351d218b1f5d0807bacc19c02915_ppc64le",
"9Base-RHOSDS-3:devspaces/code-rhel9@sha256:e48a0e27d13aff1bc60facd4ef3bd875f3b9c68b33c5d9be86dcf2fb46971d24_amd64",
"9Base-RHOSDS-3:devspaces/configbump-rhel9@sha256:403b6c1ddb3fe9337fc1f83129d0b9e51dc18948df29f94212e291246b828e90_amd64",
"9Base-RHOSDS-3:devspaces/configbump-rhel9@sha256:97544fe3e08648e8f0aec09dda768e884b0c213be0b833568747c797d492bb42_ppc64le",
"9Base-RHOSDS-3:devspaces/configbump-rhel9@sha256:a47dcbcc9292e09c31ad8df74d54b58aa03db782700937365434407029c586d7_s390x",
"9Base-RHOSDS-3:devspaces/dashboard-rhel9@sha256:4fb48f0964049b6e56c71cac4973c8ec4ae53b3248ec842e58ec499736e3ffb7_ppc64le",
"9Base-RHOSDS-3:devspaces/dashboard-rhel9@sha256:bbb3292a84927c24cdef7aaff704cc12560172ba0c55021bf397d92f0f8c04c8_amd64",
"9Base-RHOSDS-3:devspaces/dashboard-rhel9@sha256:f894dcaddbc0dd33c9e524e33bf54416f08dd328838bbe2c869eb7201cf7ef1a_s390x",
"9Base-RHOSDS-3:devspaces/devspaces-operator-bundle@sha256:b05f216166a75a5ae3f56495ea4f47a6c3b91d5405360cd991f7c9d545491150_amd64",
"9Base-RHOSDS-3:devspaces/devspaces-operator-bundle@sha256:ba152d33e05c8d53dd9c39249ba9756418619ff784ef1e4cb296a7aa1a33adfd_ppc64le",
"9Base-RHOSDS-3:devspaces/devspaces-operator-bundle@sha256:f463c35bfe9daac4929295c610f07935ff9655793b72d5fd040944fad8307c9a_s390x",
"9Base-RHOSDS-3:devspaces/devspaces-rhel9-operator@sha256:0cfde874c304561625ac5a838df9d90514bafddd5af6f7ed38f1476475497df3_amd64",
"9Base-RHOSDS-3:devspaces/devspaces-rhel9-operator@sha256:23280e408cce44be3fc8ebf244b19f5e386da1e6fab218a1a3ee8a1748f132f9_ppc64le",
"9Base-RHOSDS-3:devspaces/devspaces-rhel9-operator@sha256:e2b9c33d133573a466fead6c5f904d7ef31ba96d5fce1a619f3ff8c47d86a9da_s390x",
"9Base-RHOSDS-3:devspaces/imagepuller-rhel9@sha256:4e11c662d89bb01653f32ed2f3bc66a67be8a1464e267a564a30e36d047b46a6_s390x",
"9Base-RHOSDS-3:devspaces/imagepuller-rhel9@sha256:899c0fa0d3035a2da050c9dc765d2d5a1e79969ac8e5fe772e6dab003940c4b4_amd64",
"9Base-RHOSDS-3:devspaces/imagepuller-rhel9@sha256:8de9e91840963be836e62c27395e7c37ebe1e908770a817197cb938fcf1777dc_ppc64le",
"9Base-RHOSDS-3:devspaces/machineexec-rhel9@sha256:0ce141da5a9eec8fd61d6beee7c993ed4731a4b25501fd3a8f261a4aeab2ccda_amd64",
"9Base-RHOSDS-3:devspaces/machineexec-rhel9@sha256:60f6c9724b2c7e773654d7fd176829661420b6a3eb9df7f72c3560e7890fe691_s390x",
"9Base-RHOSDS-3:devspaces/machineexec-rhel9@sha256:ac07b6bc8c311b357ab5e0545a2b80aa567c2f76b9ed01a3d382b5685b688c83_ppc64le",
"9Base-RHOSDS-3:devspaces/pluginregistry-rhel9@sha256:4c5430c1e53219652c27d861d7a7d577097db0dad05ded83b814275cb9a6cad2_ppc64le",
"9Base-RHOSDS-3:devspaces/pluginregistry-rhel9@sha256:7107f9bf1082a528e0f3af30a5b02e26a770b3430600596e37bebafa18fd0786_amd64",
"9Base-RHOSDS-3:devspaces/pluginregistry-rhel9@sha256:989fc72b261f44374f16ba8aa190791d04da8b295933f724a00bc31a84efd89e_s390x",
"9Base-RHOSDS-3:devspaces/server-rhel9@sha256:52ea2c5e3244363b1d131b8551c10abc687b18f95ca5b9f561f79041a6f06c21_amd64",
"9Base-RHOSDS-3:devspaces/server-rhel9@sha256:ae275fed16fdc724d0e48659c3de940e4af3e0722d3b5d465634d31f5a2a972e_s390x",
"9Base-RHOSDS-3:devspaces/server-rhel9@sha256:edae16c9f7a40feaf051b22a05945fd3a51033d031b742346105cff657848881_ppc64le",
"9Base-RHOSDS-3:devspaces/traefik-rhel9@sha256:24a8578aa65eaeb3fbbc4809db2bd8e57cd76cc6a96d94ce67aa22f1b5d4a4a5_amd64",
"9Base-RHOSDS-3:devspaces/traefik-rhel9@sha256:2a9c66e55371adf209b5b317068e63cfbd9b3e27da9de210250607da8b3ffdff_ppc64le",
"9Base-RHOSDS-3:devspaces/traefik-rhel9@sha256:90df466eef849a4fd6846345273968f875397d72f24c38445058d462d861ca9c_s390x",
"9Base-RHOSDS-3:devspaces/udi-base-rhel9@sha256:25b8dab260796cc1962ef2c31a6c8b98e258b1a9e8b13580da798a0074acd4e8_amd64",
"9Base-RHOSDS-3:devspaces/udi-base-rhel9@sha256:89d858f949b7bbc4502109ff8ab3cf0f416ad1a4c9432924669fc30eeba26b86_ppc64le",
"9Base-RHOSDS-3:devspaces/udi-base-rhel9@sha256:e1b46dd642b4391ece60c7bc3bb062ba81c3c975cb3723ade62f5a230a43ed5d_s390x",
"9Base-RHOSDS-3:devspaces/udi-rhel9@sha256:c98bbca9019281daafac3fb0ac3590258ca5c93ecc954e5127c1c99db4aa0315_amd64",
"9Base-RHOSDS-3:devspaces/udi-rhel9@sha256:e6d836b45dfb32da1a94114ab9908251da24adeeca932de89ba0e23d4f104e22_s390x",
"9Base-RHOSDS-3:devspaces/udi-rhel9@sha256:f6be90596ba55531a1ef7acf4041ed2828d4fe8a3cdd4e8b251bf4929bd19700_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-22869"
},
{
"category": "external",
"summary": "RHBZ#2348367",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2348367"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-22869",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22869"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-22869",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-22869"
},
{
"category": "external",
"summary": "https://go.dev/cl/652135",
"url": "https://go.dev/cl/652135"
},
{
"category": "external",
"summary": "https://go.dev/issue/71931",
"url": "https://go.dev/issue/71931"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2025-3487",
"url": "https://pkg.go.dev/vuln/GO-2025-3487"
}
],
"release_date": "2025-02-26T03:07:48.855000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-05-28T02:39:39+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-RHOSDS-3:devspaces-tech-preview/idea-rhel9@sha256:e57eccb97cb2329af1654e27ad2ad30bb30de70c496b0e6e4353d2d0ce9274b8_amd64",
"9Base-RHOSDS-3:devspaces-tech-preview/jetbrains-ide-rhel9@sha256:6f3737f74c7659d65af8fe9a7cab165f8cdb1554b8ff963352885e1d9014ff27_amd64",
"9Base-RHOSDS-3:devspaces-tech-preview/jetbrains-ide-rhel9@sha256:82d121266eb9adca7faa9af0da6c89323cfe24add67bcba759a6a81ca161ba2f_s390x",
"9Base-RHOSDS-3:devspaces-tech-preview/jetbrains-ide-rhel9@sha256:9a8899c791034c3395c081fbe55746021d372ea1ea3523f2a72bf7e31a2a4132_ppc64le",
"9Base-RHOSDS-3:devspaces/code-rhel9@sha256:08f2e3cd088b9d1176e61f8017126ecaa7447ade3aede5d63e49bd678b5cc30b_s390x",
"9Base-RHOSDS-3:devspaces/code-rhel9@sha256:d36fb4add09a1576207fe4b114f60142a43b351d218b1f5d0807bacc19c02915_ppc64le",
"9Base-RHOSDS-3:devspaces/code-rhel9@sha256:e48a0e27d13aff1bc60facd4ef3bd875f3b9c68b33c5d9be86dcf2fb46971d24_amd64",
"9Base-RHOSDS-3:devspaces/configbump-rhel9@sha256:403b6c1ddb3fe9337fc1f83129d0b9e51dc18948df29f94212e291246b828e90_amd64",
"9Base-RHOSDS-3:devspaces/configbump-rhel9@sha256:97544fe3e08648e8f0aec09dda768e884b0c213be0b833568747c797d492bb42_ppc64le",
"9Base-RHOSDS-3:devspaces/configbump-rhel9@sha256:a47dcbcc9292e09c31ad8df74d54b58aa03db782700937365434407029c586d7_s390x",
"9Base-RHOSDS-3:devspaces/dashboard-rhel9@sha256:4fb48f0964049b6e56c71cac4973c8ec4ae53b3248ec842e58ec499736e3ffb7_ppc64le",
"9Base-RHOSDS-3:devspaces/dashboard-rhel9@sha256:bbb3292a84927c24cdef7aaff704cc12560172ba0c55021bf397d92f0f8c04c8_amd64",
"9Base-RHOSDS-3:devspaces/dashboard-rhel9@sha256:f894dcaddbc0dd33c9e524e33bf54416f08dd328838bbe2c869eb7201cf7ef1a_s390x",
"9Base-RHOSDS-3:devspaces/devspaces-operator-bundle@sha256:b05f216166a75a5ae3f56495ea4f47a6c3b91d5405360cd991f7c9d545491150_amd64",
"9Base-RHOSDS-3:devspaces/devspaces-operator-bundle@sha256:ba152d33e05c8d53dd9c39249ba9756418619ff784ef1e4cb296a7aa1a33adfd_ppc64le",
"9Base-RHOSDS-3:devspaces/devspaces-operator-bundle@sha256:f463c35bfe9daac4929295c610f07935ff9655793b72d5fd040944fad8307c9a_s390x",
"9Base-RHOSDS-3:devspaces/devspaces-rhel9-operator@sha256:0cfde874c304561625ac5a838df9d90514bafddd5af6f7ed38f1476475497df3_amd64",
"9Base-RHOSDS-3:devspaces/devspaces-rhel9-operator@sha256:23280e408cce44be3fc8ebf244b19f5e386da1e6fab218a1a3ee8a1748f132f9_ppc64le",
"9Base-RHOSDS-3:devspaces/devspaces-rhel9-operator@sha256:e2b9c33d133573a466fead6c5f904d7ef31ba96d5fce1a619f3ff8c47d86a9da_s390x",
"9Base-RHOSDS-3:devspaces/imagepuller-rhel9@sha256:4e11c662d89bb01653f32ed2f3bc66a67be8a1464e267a564a30e36d047b46a6_s390x",
"9Base-RHOSDS-3:devspaces/imagepuller-rhel9@sha256:899c0fa0d3035a2da050c9dc765d2d5a1e79969ac8e5fe772e6dab003940c4b4_amd64",
"9Base-RHOSDS-3:devspaces/imagepuller-rhel9@sha256:8de9e91840963be836e62c27395e7c37ebe1e908770a817197cb938fcf1777dc_ppc64le",
"9Base-RHOSDS-3:devspaces/machineexec-rhel9@sha256:0ce141da5a9eec8fd61d6beee7c993ed4731a4b25501fd3a8f261a4aeab2ccda_amd64",
"9Base-RHOSDS-3:devspaces/machineexec-rhel9@sha256:60f6c9724b2c7e773654d7fd176829661420b6a3eb9df7f72c3560e7890fe691_s390x",
"9Base-RHOSDS-3:devspaces/machineexec-rhel9@sha256:ac07b6bc8c311b357ab5e0545a2b80aa567c2f76b9ed01a3d382b5685b688c83_ppc64le",
"9Base-RHOSDS-3:devspaces/pluginregistry-rhel9@sha256:4c5430c1e53219652c27d861d7a7d577097db0dad05ded83b814275cb9a6cad2_ppc64le",
"9Base-RHOSDS-3:devspaces/pluginregistry-rhel9@sha256:7107f9bf1082a528e0f3af30a5b02e26a770b3430600596e37bebafa18fd0786_amd64",
"9Base-RHOSDS-3:devspaces/pluginregistry-rhel9@sha256:989fc72b261f44374f16ba8aa190791d04da8b295933f724a00bc31a84efd89e_s390x",
"9Base-RHOSDS-3:devspaces/server-rhel9@sha256:52ea2c5e3244363b1d131b8551c10abc687b18f95ca5b9f561f79041a6f06c21_amd64",
"9Base-RHOSDS-3:devspaces/server-rhel9@sha256:ae275fed16fdc724d0e48659c3de940e4af3e0722d3b5d465634d31f5a2a972e_s390x",
"9Base-RHOSDS-3:devspaces/server-rhel9@sha256:edae16c9f7a40feaf051b22a05945fd3a51033d031b742346105cff657848881_ppc64le",
"9Base-RHOSDS-3:devspaces/traefik-rhel9@sha256:24a8578aa65eaeb3fbbc4809db2bd8e57cd76cc6a96d94ce67aa22f1b5d4a4a5_amd64",
"9Base-RHOSDS-3:devspaces/traefik-rhel9@sha256:2a9c66e55371adf209b5b317068e63cfbd9b3e27da9de210250607da8b3ffdff_ppc64le",
"9Base-RHOSDS-3:devspaces/traefik-rhel9@sha256:90df466eef849a4fd6846345273968f875397d72f24c38445058d462d861ca9c_s390x",
"9Base-RHOSDS-3:devspaces/udi-base-rhel9@sha256:25b8dab260796cc1962ef2c31a6c8b98e258b1a9e8b13580da798a0074acd4e8_amd64",
"9Base-RHOSDS-3:devspaces/udi-base-rhel9@sha256:89d858f949b7bbc4502109ff8ab3cf0f416ad1a4c9432924669fc30eeba26b86_ppc64le",
"9Base-RHOSDS-3:devspaces/udi-base-rhel9@sha256:e1b46dd642b4391ece60c7bc3bb062ba81c3c975cb3723ade62f5a230a43ed5d_s390x",
"9Base-RHOSDS-3:devspaces/udi-rhel9@sha256:c98bbca9019281daafac3fb0ac3590258ca5c93ecc954e5127c1c99db4aa0315_amd64",
"9Base-RHOSDS-3:devspaces/udi-rhel9@sha256:e6d836b45dfb32da1a94114ab9908251da24adeeca932de89ba0e23d4f104e22_s390x",
"9Base-RHOSDS-3:devspaces/udi-rhel9@sha256:f6be90596ba55531a1ef7acf4041ed2828d4fe8a3cdd4e8b251bf4929bd19700_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:8244"
},
{
"category": "workaround",
"details": "This flaw can be mitigated when using the client only connecting to trusted servers.",
"product_ids": [
"9Base-RHOSDS-3:devspaces-tech-preview/idea-rhel9@sha256:e57eccb97cb2329af1654e27ad2ad30bb30de70c496b0e6e4353d2d0ce9274b8_amd64",
"9Base-RHOSDS-3:devspaces-tech-preview/jetbrains-ide-rhel9@sha256:6f3737f74c7659d65af8fe9a7cab165f8cdb1554b8ff963352885e1d9014ff27_amd64",
"9Base-RHOSDS-3:devspaces-tech-preview/jetbrains-ide-rhel9@sha256:82d121266eb9adca7faa9af0da6c89323cfe24add67bcba759a6a81ca161ba2f_s390x",
"9Base-RHOSDS-3:devspaces-tech-preview/jetbrains-ide-rhel9@sha256:9a8899c791034c3395c081fbe55746021d372ea1ea3523f2a72bf7e31a2a4132_ppc64le",
"9Base-RHOSDS-3:devspaces/code-rhel9@sha256:08f2e3cd088b9d1176e61f8017126ecaa7447ade3aede5d63e49bd678b5cc30b_s390x",
"9Base-RHOSDS-3:devspaces/code-rhel9@sha256:d36fb4add09a1576207fe4b114f60142a43b351d218b1f5d0807bacc19c02915_ppc64le",
"9Base-RHOSDS-3:devspaces/code-rhel9@sha256:e48a0e27d13aff1bc60facd4ef3bd875f3b9c68b33c5d9be86dcf2fb46971d24_amd64",
"9Base-RHOSDS-3:devspaces/configbump-rhel9@sha256:403b6c1ddb3fe9337fc1f83129d0b9e51dc18948df29f94212e291246b828e90_amd64",
"9Base-RHOSDS-3:devspaces/configbump-rhel9@sha256:97544fe3e08648e8f0aec09dda768e884b0c213be0b833568747c797d492bb42_ppc64le",
"9Base-RHOSDS-3:devspaces/configbump-rhel9@sha256:a47dcbcc9292e09c31ad8df74d54b58aa03db782700937365434407029c586d7_s390x",
"9Base-RHOSDS-3:devspaces/dashboard-rhel9@sha256:4fb48f0964049b6e56c71cac4973c8ec4ae53b3248ec842e58ec499736e3ffb7_ppc64le",
"9Base-RHOSDS-3:devspaces/dashboard-rhel9@sha256:bbb3292a84927c24cdef7aaff704cc12560172ba0c55021bf397d92f0f8c04c8_amd64",
"9Base-RHOSDS-3:devspaces/dashboard-rhel9@sha256:f894dcaddbc0dd33c9e524e33bf54416f08dd328838bbe2c869eb7201cf7ef1a_s390x",
"9Base-RHOSDS-3:devspaces/devspaces-operator-bundle@sha256:b05f216166a75a5ae3f56495ea4f47a6c3b91d5405360cd991f7c9d545491150_amd64",
"9Base-RHOSDS-3:devspaces/devspaces-operator-bundle@sha256:ba152d33e05c8d53dd9c39249ba9756418619ff784ef1e4cb296a7aa1a33adfd_ppc64le",
"9Base-RHOSDS-3:devspaces/devspaces-operator-bundle@sha256:f463c35bfe9daac4929295c610f07935ff9655793b72d5fd040944fad8307c9a_s390x",
"9Base-RHOSDS-3:devspaces/devspaces-rhel9-operator@sha256:0cfde874c304561625ac5a838df9d90514bafddd5af6f7ed38f1476475497df3_amd64",
"9Base-RHOSDS-3:devspaces/devspaces-rhel9-operator@sha256:23280e408cce44be3fc8ebf244b19f5e386da1e6fab218a1a3ee8a1748f132f9_ppc64le",
"9Base-RHOSDS-3:devspaces/devspaces-rhel9-operator@sha256:e2b9c33d133573a466fead6c5f904d7ef31ba96d5fce1a619f3ff8c47d86a9da_s390x",
"9Base-RHOSDS-3:devspaces/imagepuller-rhel9@sha256:4e11c662d89bb01653f32ed2f3bc66a67be8a1464e267a564a30e36d047b46a6_s390x",
"9Base-RHOSDS-3:devspaces/imagepuller-rhel9@sha256:899c0fa0d3035a2da050c9dc765d2d5a1e79969ac8e5fe772e6dab003940c4b4_amd64",
"9Base-RHOSDS-3:devspaces/imagepuller-rhel9@sha256:8de9e91840963be836e62c27395e7c37ebe1e908770a817197cb938fcf1777dc_ppc64le",
"9Base-RHOSDS-3:devspaces/machineexec-rhel9@sha256:0ce141da5a9eec8fd61d6beee7c993ed4731a4b25501fd3a8f261a4aeab2ccda_amd64",
"9Base-RHOSDS-3:devspaces/machineexec-rhel9@sha256:60f6c9724b2c7e773654d7fd176829661420b6a3eb9df7f72c3560e7890fe691_s390x",
"9Base-RHOSDS-3:devspaces/machineexec-rhel9@sha256:ac07b6bc8c311b357ab5e0545a2b80aa567c2f76b9ed01a3d382b5685b688c83_ppc64le",
"9Base-RHOSDS-3:devspaces/pluginregistry-rhel9@sha256:4c5430c1e53219652c27d861d7a7d577097db0dad05ded83b814275cb9a6cad2_ppc64le",
"9Base-RHOSDS-3:devspaces/pluginregistry-rhel9@sha256:7107f9bf1082a528e0f3af30a5b02e26a770b3430600596e37bebafa18fd0786_amd64",
"9Base-RHOSDS-3:devspaces/pluginregistry-rhel9@sha256:989fc72b261f44374f16ba8aa190791d04da8b295933f724a00bc31a84efd89e_s390x",
"9Base-RHOSDS-3:devspaces/server-rhel9@sha256:52ea2c5e3244363b1d131b8551c10abc687b18f95ca5b9f561f79041a6f06c21_amd64",
"9Base-RHOSDS-3:devspaces/server-rhel9@sha256:ae275fed16fdc724d0e48659c3de940e4af3e0722d3b5d465634d31f5a2a972e_s390x",
"9Base-RHOSDS-3:devspaces/server-rhel9@sha256:edae16c9f7a40feaf051b22a05945fd3a51033d031b742346105cff657848881_ppc64le",
"9Base-RHOSDS-3:devspaces/traefik-rhel9@sha256:24a8578aa65eaeb3fbbc4809db2bd8e57cd76cc6a96d94ce67aa22f1b5d4a4a5_amd64",
"9Base-RHOSDS-3:devspaces/traefik-rhel9@sha256:2a9c66e55371adf209b5b317068e63cfbd9b3e27da9de210250607da8b3ffdff_ppc64le",
"9Base-RHOSDS-3:devspaces/traefik-rhel9@sha256:90df466eef849a4fd6846345273968f875397d72f24c38445058d462d861ca9c_s390x",
"9Base-RHOSDS-3:devspaces/udi-base-rhel9@sha256:25b8dab260796cc1962ef2c31a6c8b98e258b1a9e8b13580da798a0074acd4e8_amd64",
"9Base-RHOSDS-3:devspaces/udi-base-rhel9@sha256:89d858f949b7bbc4502109ff8ab3cf0f416ad1a4c9432924669fc30eeba26b86_ppc64le",
"9Base-RHOSDS-3:devspaces/udi-base-rhel9@sha256:e1b46dd642b4391ece60c7bc3bb062ba81c3c975cb3723ade62f5a230a43ed5d_s390x",
"9Base-RHOSDS-3:devspaces/udi-rhel9@sha256:c98bbca9019281daafac3fb0ac3590258ca5c93ecc954e5127c1c99db4aa0315_amd64",
"9Base-RHOSDS-3:devspaces/udi-rhel9@sha256:e6d836b45dfb32da1a94114ab9908251da24adeeca932de89ba0e23d4f104e22_s390x",
"9Base-RHOSDS-3:devspaces/udi-rhel9@sha256:f6be90596ba55531a1ef7acf4041ed2828d4fe8a3cdd4e8b251bf4929bd19700_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-RHOSDS-3:devspaces-tech-preview/idea-rhel9@sha256:e57eccb97cb2329af1654e27ad2ad30bb30de70c496b0e6e4353d2d0ce9274b8_amd64",
"9Base-RHOSDS-3:devspaces-tech-preview/jetbrains-ide-rhel9@sha256:6f3737f74c7659d65af8fe9a7cab165f8cdb1554b8ff963352885e1d9014ff27_amd64",
"9Base-RHOSDS-3:devspaces-tech-preview/jetbrains-ide-rhel9@sha256:82d121266eb9adca7faa9af0da6c89323cfe24add67bcba759a6a81ca161ba2f_s390x",
"9Base-RHOSDS-3:devspaces-tech-preview/jetbrains-ide-rhel9@sha256:9a8899c791034c3395c081fbe55746021d372ea1ea3523f2a72bf7e31a2a4132_ppc64le",
"9Base-RHOSDS-3:devspaces/code-rhel9@sha256:08f2e3cd088b9d1176e61f8017126ecaa7447ade3aede5d63e49bd678b5cc30b_s390x",
"9Base-RHOSDS-3:devspaces/code-rhel9@sha256:d36fb4add09a1576207fe4b114f60142a43b351d218b1f5d0807bacc19c02915_ppc64le",
"9Base-RHOSDS-3:devspaces/code-rhel9@sha256:e48a0e27d13aff1bc60facd4ef3bd875f3b9c68b33c5d9be86dcf2fb46971d24_amd64",
"9Base-RHOSDS-3:devspaces/configbump-rhel9@sha256:403b6c1ddb3fe9337fc1f83129d0b9e51dc18948df29f94212e291246b828e90_amd64",
"9Base-RHOSDS-3:devspaces/configbump-rhel9@sha256:97544fe3e08648e8f0aec09dda768e884b0c213be0b833568747c797d492bb42_ppc64le",
"9Base-RHOSDS-3:devspaces/configbump-rhel9@sha256:a47dcbcc9292e09c31ad8df74d54b58aa03db782700937365434407029c586d7_s390x",
"9Base-RHOSDS-3:devspaces/dashboard-rhel9@sha256:4fb48f0964049b6e56c71cac4973c8ec4ae53b3248ec842e58ec499736e3ffb7_ppc64le",
"9Base-RHOSDS-3:devspaces/dashboard-rhel9@sha256:bbb3292a84927c24cdef7aaff704cc12560172ba0c55021bf397d92f0f8c04c8_amd64",
"9Base-RHOSDS-3:devspaces/dashboard-rhel9@sha256:f894dcaddbc0dd33c9e524e33bf54416f08dd328838bbe2c869eb7201cf7ef1a_s390x",
"9Base-RHOSDS-3:devspaces/devspaces-operator-bundle@sha256:b05f216166a75a5ae3f56495ea4f47a6c3b91d5405360cd991f7c9d545491150_amd64",
"9Base-RHOSDS-3:devspaces/devspaces-operator-bundle@sha256:ba152d33e05c8d53dd9c39249ba9756418619ff784ef1e4cb296a7aa1a33adfd_ppc64le",
"9Base-RHOSDS-3:devspaces/devspaces-operator-bundle@sha256:f463c35bfe9daac4929295c610f07935ff9655793b72d5fd040944fad8307c9a_s390x",
"9Base-RHOSDS-3:devspaces/devspaces-rhel9-operator@sha256:0cfde874c304561625ac5a838df9d90514bafddd5af6f7ed38f1476475497df3_amd64",
"9Base-RHOSDS-3:devspaces/devspaces-rhel9-operator@sha256:23280e408cce44be3fc8ebf244b19f5e386da1e6fab218a1a3ee8a1748f132f9_ppc64le",
"9Base-RHOSDS-3:devspaces/devspaces-rhel9-operator@sha256:e2b9c33d133573a466fead6c5f904d7ef31ba96d5fce1a619f3ff8c47d86a9da_s390x",
"9Base-RHOSDS-3:devspaces/imagepuller-rhel9@sha256:4e11c662d89bb01653f32ed2f3bc66a67be8a1464e267a564a30e36d047b46a6_s390x",
"9Base-RHOSDS-3:devspaces/imagepuller-rhel9@sha256:899c0fa0d3035a2da050c9dc765d2d5a1e79969ac8e5fe772e6dab003940c4b4_amd64",
"9Base-RHOSDS-3:devspaces/imagepuller-rhel9@sha256:8de9e91840963be836e62c27395e7c37ebe1e908770a817197cb938fcf1777dc_ppc64le",
"9Base-RHOSDS-3:devspaces/machineexec-rhel9@sha256:0ce141da5a9eec8fd61d6beee7c993ed4731a4b25501fd3a8f261a4aeab2ccda_amd64",
"9Base-RHOSDS-3:devspaces/machineexec-rhel9@sha256:60f6c9724b2c7e773654d7fd176829661420b6a3eb9df7f72c3560e7890fe691_s390x",
"9Base-RHOSDS-3:devspaces/machineexec-rhel9@sha256:ac07b6bc8c311b357ab5e0545a2b80aa567c2f76b9ed01a3d382b5685b688c83_ppc64le",
"9Base-RHOSDS-3:devspaces/pluginregistry-rhel9@sha256:4c5430c1e53219652c27d861d7a7d577097db0dad05ded83b814275cb9a6cad2_ppc64le",
"9Base-RHOSDS-3:devspaces/pluginregistry-rhel9@sha256:7107f9bf1082a528e0f3af30a5b02e26a770b3430600596e37bebafa18fd0786_amd64",
"9Base-RHOSDS-3:devspaces/pluginregistry-rhel9@sha256:989fc72b261f44374f16ba8aa190791d04da8b295933f724a00bc31a84efd89e_s390x",
"9Base-RHOSDS-3:devspaces/server-rhel9@sha256:52ea2c5e3244363b1d131b8551c10abc687b18f95ca5b9f561f79041a6f06c21_amd64",
"9Base-RHOSDS-3:devspaces/server-rhel9@sha256:ae275fed16fdc724d0e48659c3de940e4af3e0722d3b5d465634d31f5a2a972e_s390x",
"9Base-RHOSDS-3:devspaces/server-rhel9@sha256:edae16c9f7a40feaf051b22a05945fd3a51033d031b742346105cff657848881_ppc64le",
"9Base-RHOSDS-3:devspaces/traefik-rhel9@sha256:24a8578aa65eaeb3fbbc4809db2bd8e57cd76cc6a96d94ce67aa22f1b5d4a4a5_amd64",
"9Base-RHOSDS-3:devspaces/traefik-rhel9@sha256:2a9c66e55371adf209b5b317068e63cfbd9b3e27da9de210250607da8b3ffdff_ppc64le",
"9Base-RHOSDS-3:devspaces/traefik-rhel9@sha256:90df466eef849a4fd6846345273968f875397d72f24c38445058d462d861ca9c_s390x",
"9Base-RHOSDS-3:devspaces/udi-base-rhel9@sha256:25b8dab260796cc1962ef2c31a6c8b98e258b1a9e8b13580da798a0074acd4e8_amd64",
"9Base-RHOSDS-3:devspaces/udi-base-rhel9@sha256:89d858f949b7bbc4502109ff8ab3cf0f416ad1a4c9432924669fc30eeba26b86_ppc64le",
"9Base-RHOSDS-3:devspaces/udi-base-rhel9@sha256:e1b46dd642b4391ece60c7bc3bb062ba81c3c975cb3723ade62f5a230a43ed5d_s390x",
"9Base-RHOSDS-3:devspaces/udi-rhel9@sha256:c98bbca9019281daafac3fb0ac3590258ca5c93ecc954e5127c1c99db4aa0315_amd64",
"9Base-RHOSDS-3:devspaces/udi-rhel9@sha256:e6d836b45dfb32da1a94114ab9908251da24adeeca932de89ba0e23d4f104e22_s390x",
"9Base-RHOSDS-3:devspaces/udi-rhel9@sha256:f6be90596ba55531a1ef7acf4041ed2828d4fe8a3cdd4e8b251bf4929bd19700_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang.org/x/crypto/ssh: Denial of Service in the Key Exchange of golang.org/x/crypto/ssh"
},
{
"cve": "CVE-2025-30204",
"cwe": {
"id": "CWE-405",
"name": "Asymmetric Resource Consumption (Amplification)"
},
"discovery_date": "2025-03-21T22:00:43.818367+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2354195"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the golang-jwt implementation of JSON Web Tokens (JWT). In affected versions, a malicious request with specially crafted Authorization header data may trigger an excessive consumption of resources on the host system. This issue can cause significant performance degradation or an application crash, leading to a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang-jwt/jwt: jwt-go allows excessive memory allocation during header parsing",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHOSDS-3:devspaces-tech-preview/idea-rhel9@sha256:e57eccb97cb2329af1654e27ad2ad30bb30de70c496b0e6e4353d2d0ce9274b8_amd64",
"9Base-RHOSDS-3:devspaces-tech-preview/jetbrains-ide-rhel9@sha256:6f3737f74c7659d65af8fe9a7cab165f8cdb1554b8ff963352885e1d9014ff27_amd64",
"9Base-RHOSDS-3:devspaces-tech-preview/jetbrains-ide-rhel9@sha256:82d121266eb9adca7faa9af0da6c89323cfe24add67bcba759a6a81ca161ba2f_s390x",
"9Base-RHOSDS-3:devspaces-tech-preview/jetbrains-ide-rhel9@sha256:9a8899c791034c3395c081fbe55746021d372ea1ea3523f2a72bf7e31a2a4132_ppc64le",
"9Base-RHOSDS-3:devspaces/code-rhel9@sha256:08f2e3cd088b9d1176e61f8017126ecaa7447ade3aede5d63e49bd678b5cc30b_s390x",
"9Base-RHOSDS-3:devspaces/code-rhel9@sha256:d36fb4add09a1576207fe4b114f60142a43b351d218b1f5d0807bacc19c02915_ppc64le",
"9Base-RHOSDS-3:devspaces/code-rhel9@sha256:e48a0e27d13aff1bc60facd4ef3bd875f3b9c68b33c5d9be86dcf2fb46971d24_amd64",
"9Base-RHOSDS-3:devspaces/configbump-rhel9@sha256:403b6c1ddb3fe9337fc1f83129d0b9e51dc18948df29f94212e291246b828e90_amd64",
"9Base-RHOSDS-3:devspaces/configbump-rhel9@sha256:97544fe3e08648e8f0aec09dda768e884b0c213be0b833568747c797d492bb42_ppc64le",
"9Base-RHOSDS-3:devspaces/configbump-rhel9@sha256:a47dcbcc9292e09c31ad8df74d54b58aa03db782700937365434407029c586d7_s390x",
"9Base-RHOSDS-3:devspaces/dashboard-rhel9@sha256:4fb48f0964049b6e56c71cac4973c8ec4ae53b3248ec842e58ec499736e3ffb7_ppc64le",
"9Base-RHOSDS-3:devspaces/dashboard-rhel9@sha256:bbb3292a84927c24cdef7aaff704cc12560172ba0c55021bf397d92f0f8c04c8_amd64",
"9Base-RHOSDS-3:devspaces/dashboard-rhel9@sha256:f894dcaddbc0dd33c9e524e33bf54416f08dd328838bbe2c869eb7201cf7ef1a_s390x",
"9Base-RHOSDS-3:devspaces/devspaces-operator-bundle@sha256:b05f216166a75a5ae3f56495ea4f47a6c3b91d5405360cd991f7c9d545491150_amd64",
"9Base-RHOSDS-3:devspaces/devspaces-operator-bundle@sha256:ba152d33e05c8d53dd9c39249ba9756418619ff784ef1e4cb296a7aa1a33adfd_ppc64le",
"9Base-RHOSDS-3:devspaces/devspaces-operator-bundle@sha256:f463c35bfe9daac4929295c610f07935ff9655793b72d5fd040944fad8307c9a_s390x",
"9Base-RHOSDS-3:devspaces/devspaces-rhel9-operator@sha256:0cfde874c304561625ac5a838df9d90514bafddd5af6f7ed38f1476475497df3_amd64",
"9Base-RHOSDS-3:devspaces/devspaces-rhel9-operator@sha256:23280e408cce44be3fc8ebf244b19f5e386da1e6fab218a1a3ee8a1748f132f9_ppc64le",
"9Base-RHOSDS-3:devspaces/devspaces-rhel9-operator@sha256:e2b9c33d133573a466fead6c5f904d7ef31ba96d5fce1a619f3ff8c47d86a9da_s390x",
"9Base-RHOSDS-3:devspaces/imagepuller-rhel9@sha256:4e11c662d89bb01653f32ed2f3bc66a67be8a1464e267a564a30e36d047b46a6_s390x",
"9Base-RHOSDS-3:devspaces/imagepuller-rhel9@sha256:899c0fa0d3035a2da050c9dc765d2d5a1e79969ac8e5fe772e6dab003940c4b4_amd64",
"9Base-RHOSDS-3:devspaces/imagepuller-rhel9@sha256:8de9e91840963be836e62c27395e7c37ebe1e908770a817197cb938fcf1777dc_ppc64le",
"9Base-RHOSDS-3:devspaces/machineexec-rhel9@sha256:0ce141da5a9eec8fd61d6beee7c993ed4731a4b25501fd3a8f261a4aeab2ccda_amd64",
"9Base-RHOSDS-3:devspaces/machineexec-rhel9@sha256:60f6c9724b2c7e773654d7fd176829661420b6a3eb9df7f72c3560e7890fe691_s390x",
"9Base-RHOSDS-3:devspaces/machineexec-rhel9@sha256:ac07b6bc8c311b357ab5e0545a2b80aa567c2f76b9ed01a3d382b5685b688c83_ppc64le",
"9Base-RHOSDS-3:devspaces/pluginregistry-rhel9@sha256:4c5430c1e53219652c27d861d7a7d577097db0dad05ded83b814275cb9a6cad2_ppc64le",
"9Base-RHOSDS-3:devspaces/pluginregistry-rhel9@sha256:7107f9bf1082a528e0f3af30a5b02e26a770b3430600596e37bebafa18fd0786_amd64",
"9Base-RHOSDS-3:devspaces/pluginregistry-rhel9@sha256:989fc72b261f44374f16ba8aa190791d04da8b295933f724a00bc31a84efd89e_s390x",
"9Base-RHOSDS-3:devspaces/server-rhel9@sha256:52ea2c5e3244363b1d131b8551c10abc687b18f95ca5b9f561f79041a6f06c21_amd64",
"9Base-RHOSDS-3:devspaces/server-rhel9@sha256:ae275fed16fdc724d0e48659c3de940e4af3e0722d3b5d465634d31f5a2a972e_s390x",
"9Base-RHOSDS-3:devspaces/server-rhel9@sha256:edae16c9f7a40feaf051b22a05945fd3a51033d031b742346105cff657848881_ppc64le",
"9Base-RHOSDS-3:devspaces/traefik-rhel9@sha256:24a8578aa65eaeb3fbbc4809db2bd8e57cd76cc6a96d94ce67aa22f1b5d4a4a5_amd64",
"9Base-RHOSDS-3:devspaces/traefik-rhel9@sha256:2a9c66e55371adf209b5b317068e63cfbd9b3e27da9de210250607da8b3ffdff_ppc64le",
"9Base-RHOSDS-3:devspaces/traefik-rhel9@sha256:90df466eef849a4fd6846345273968f875397d72f24c38445058d462d861ca9c_s390x",
"9Base-RHOSDS-3:devspaces/udi-base-rhel9@sha256:25b8dab260796cc1962ef2c31a6c8b98e258b1a9e8b13580da798a0074acd4e8_amd64",
"9Base-RHOSDS-3:devspaces/udi-base-rhel9@sha256:89d858f949b7bbc4502109ff8ab3cf0f416ad1a4c9432924669fc30eeba26b86_ppc64le",
"9Base-RHOSDS-3:devspaces/udi-base-rhel9@sha256:e1b46dd642b4391ece60c7bc3bb062ba81c3c975cb3723ade62f5a230a43ed5d_s390x",
"9Base-RHOSDS-3:devspaces/udi-rhel9@sha256:c98bbca9019281daafac3fb0ac3590258ca5c93ecc954e5127c1c99db4aa0315_amd64",
"9Base-RHOSDS-3:devspaces/udi-rhel9@sha256:e6d836b45dfb32da1a94114ab9908251da24adeeca932de89ba0e23d4f104e22_s390x",
"9Base-RHOSDS-3:devspaces/udi-rhel9@sha256:f6be90596ba55531a1ef7acf4041ed2828d4fe8a3cdd4e8b251bf4929bd19700_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-30204"
},
{
"category": "external",
"summary": "RHBZ#2354195",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2354195"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-30204",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30204"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-30204",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-30204"
},
{
"category": "external",
"summary": "https://github.com/golang-jwt/jwt/commit/0951d184286dece21f73c85673fd308786ffe9c3",
"url": "https://github.com/golang-jwt/jwt/commit/0951d184286dece21f73c85673fd308786ffe9c3"
},
{
"category": "external",
"summary": "https://github.com/golang-jwt/jwt/security/advisories/GHSA-mh63-6h87-95cp",
"url": "https://github.com/golang-jwt/jwt/security/advisories/GHSA-mh63-6h87-95cp"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2025-3553",
"url": "https://pkg.go.dev/vuln/GO-2025-3553"
}
],
"release_date": "2025-03-21T21:42:01.382000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-05-28T02:39:39+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-RHOSDS-3:devspaces-tech-preview/idea-rhel9@sha256:e57eccb97cb2329af1654e27ad2ad30bb30de70c496b0e6e4353d2d0ce9274b8_amd64",
"9Base-RHOSDS-3:devspaces-tech-preview/jetbrains-ide-rhel9@sha256:6f3737f74c7659d65af8fe9a7cab165f8cdb1554b8ff963352885e1d9014ff27_amd64",
"9Base-RHOSDS-3:devspaces-tech-preview/jetbrains-ide-rhel9@sha256:82d121266eb9adca7faa9af0da6c89323cfe24add67bcba759a6a81ca161ba2f_s390x",
"9Base-RHOSDS-3:devspaces-tech-preview/jetbrains-ide-rhel9@sha256:9a8899c791034c3395c081fbe55746021d372ea1ea3523f2a72bf7e31a2a4132_ppc64le",
"9Base-RHOSDS-3:devspaces/code-rhel9@sha256:08f2e3cd088b9d1176e61f8017126ecaa7447ade3aede5d63e49bd678b5cc30b_s390x",
"9Base-RHOSDS-3:devspaces/code-rhel9@sha256:d36fb4add09a1576207fe4b114f60142a43b351d218b1f5d0807bacc19c02915_ppc64le",
"9Base-RHOSDS-3:devspaces/code-rhel9@sha256:e48a0e27d13aff1bc60facd4ef3bd875f3b9c68b33c5d9be86dcf2fb46971d24_amd64",
"9Base-RHOSDS-3:devspaces/configbump-rhel9@sha256:403b6c1ddb3fe9337fc1f83129d0b9e51dc18948df29f94212e291246b828e90_amd64",
"9Base-RHOSDS-3:devspaces/configbump-rhel9@sha256:97544fe3e08648e8f0aec09dda768e884b0c213be0b833568747c797d492bb42_ppc64le",
"9Base-RHOSDS-3:devspaces/configbump-rhel9@sha256:a47dcbcc9292e09c31ad8df74d54b58aa03db782700937365434407029c586d7_s390x",
"9Base-RHOSDS-3:devspaces/dashboard-rhel9@sha256:4fb48f0964049b6e56c71cac4973c8ec4ae53b3248ec842e58ec499736e3ffb7_ppc64le",
"9Base-RHOSDS-3:devspaces/dashboard-rhel9@sha256:bbb3292a84927c24cdef7aaff704cc12560172ba0c55021bf397d92f0f8c04c8_amd64",
"9Base-RHOSDS-3:devspaces/dashboard-rhel9@sha256:f894dcaddbc0dd33c9e524e33bf54416f08dd328838bbe2c869eb7201cf7ef1a_s390x",
"9Base-RHOSDS-3:devspaces/devspaces-operator-bundle@sha256:b05f216166a75a5ae3f56495ea4f47a6c3b91d5405360cd991f7c9d545491150_amd64",
"9Base-RHOSDS-3:devspaces/devspaces-operator-bundle@sha256:ba152d33e05c8d53dd9c39249ba9756418619ff784ef1e4cb296a7aa1a33adfd_ppc64le",
"9Base-RHOSDS-3:devspaces/devspaces-operator-bundle@sha256:f463c35bfe9daac4929295c610f07935ff9655793b72d5fd040944fad8307c9a_s390x",
"9Base-RHOSDS-3:devspaces/devspaces-rhel9-operator@sha256:0cfde874c304561625ac5a838df9d90514bafddd5af6f7ed38f1476475497df3_amd64",
"9Base-RHOSDS-3:devspaces/devspaces-rhel9-operator@sha256:23280e408cce44be3fc8ebf244b19f5e386da1e6fab218a1a3ee8a1748f132f9_ppc64le",
"9Base-RHOSDS-3:devspaces/devspaces-rhel9-operator@sha256:e2b9c33d133573a466fead6c5f904d7ef31ba96d5fce1a619f3ff8c47d86a9da_s390x",
"9Base-RHOSDS-3:devspaces/imagepuller-rhel9@sha256:4e11c662d89bb01653f32ed2f3bc66a67be8a1464e267a564a30e36d047b46a6_s390x",
"9Base-RHOSDS-3:devspaces/imagepuller-rhel9@sha256:899c0fa0d3035a2da050c9dc765d2d5a1e79969ac8e5fe772e6dab003940c4b4_amd64",
"9Base-RHOSDS-3:devspaces/imagepuller-rhel9@sha256:8de9e91840963be836e62c27395e7c37ebe1e908770a817197cb938fcf1777dc_ppc64le",
"9Base-RHOSDS-3:devspaces/machineexec-rhel9@sha256:0ce141da5a9eec8fd61d6beee7c993ed4731a4b25501fd3a8f261a4aeab2ccda_amd64",
"9Base-RHOSDS-3:devspaces/machineexec-rhel9@sha256:60f6c9724b2c7e773654d7fd176829661420b6a3eb9df7f72c3560e7890fe691_s390x",
"9Base-RHOSDS-3:devspaces/machineexec-rhel9@sha256:ac07b6bc8c311b357ab5e0545a2b80aa567c2f76b9ed01a3d382b5685b688c83_ppc64le",
"9Base-RHOSDS-3:devspaces/pluginregistry-rhel9@sha256:4c5430c1e53219652c27d861d7a7d577097db0dad05ded83b814275cb9a6cad2_ppc64le",
"9Base-RHOSDS-3:devspaces/pluginregistry-rhel9@sha256:7107f9bf1082a528e0f3af30a5b02e26a770b3430600596e37bebafa18fd0786_amd64",
"9Base-RHOSDS-3:devspaces/pluginregistry-rhel9@sha256:989fc72b261f44374f16ba8aa190791d04da8b295933f724a00bc31a84efd89e_s390x",
"9Base-RHOSDS-3:devspaces/server-rhel9@sha256:52ea2c5e3244363b1d131b8551c10abc687b18f95ca5b9f561f79041a6f06c21_amd64",
"9Base-RHOSDS-3:devspaces/server-rhel9@sha256:ae275fed16fdc724d0e48659c3de940e4af3e0722d3b5d465634d31f5a2a972e_s390x",
"9Base-RHOSDS-3:devspaces/server-rhel9@sha256:edae16c9f7a40feaf051b22a05945fd3a51033d031b742346105cff657848881_ppc64le",
"9Base-RHOSDS-3:devspaces/traefik-rhel9@sha256:24a8578aa65eaeb3fbbc4809db2bd8e57cd76cc6a96d94ce67aa22f1b5d4a4a5_amd64",
"9Base-RHOSDS-3:devspaces/traefik-rhel9@sha256:2a9c66e55371adf209b5b317068e63cfbd9b3e27da9de210250607da8b3ffdff_ppc64le",
"9Base-RHOSDS-3:devspaces/traefik-rhel9@sha256:90df466eef849a4fd6846345273968f875397d72f24c38445058d462d861ca9c_s390x",
"9Base-RHOSDS-3:devspaces/udi-base-rhel9@sha256:25b8dab260796cc1962ef2c31a6c8b98e258b1a9e8b13580da798a0074acd4e8_amd64",
"9Base-RHOSDS-3:devspaces/udi-base-rhel9@sha256:89d858f949b7bbc4502109ff8ab3cf0f416ad1a4c9432924669fc30eeba26b86_ppc64le",
"9Base-RHOSDS-3:devspaces/udi-base-rhel9@sha256:e1b46dd642b4391ece60c7bc3bb062ba81c3c975cb3723ade62f5a230a43ed5d_s390x",
"9Base-RHOSDS-3:devspaces/udi-rhel9@sha256:c98bbca9019281daafac3fb0ac3590258ca5c93ecc954e5127c1c99db4aa0315_amd64",
"9Base-RHOSDS-3:devspaces/udi-rhel9@sha256:e6d836b45dfb32da1a94114ab9908251da24adeeca932de89ba0e23d4f104e22_s390x",
"9Base-RHOSDS-3:devspaces/udi-rhel9@sha256:f6be90596ba55531a1ef7acf4041ed2828d4fe8a3cdd4e8b251bf4929bd19700_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:8244"
},
{
"category": "workaround",
"details": "Red Hat Product Security does not have a recommended mitigation at this time.",
"product_ids": [
"9Base-RHOSDS-3:devspaces-tech-preview/idea-rhel9@sha256:e57eccb97cb2329af1654e27ad2ad30bb30de70c496b0e6e4353d2d0ce9274b8_amd64",
"9Base-RHOSDS-3:devspaces-tech-preview/jetbrains-ide-rhel9@sha256:6f3737f74c7659d65af8fe9a7cab165f8cdb1554b8ff963352885e1d9014ff27_amd64",
"9Base-RHOSDS-3:devspaces-tech-preview/jetbrains-ide-rhel9@sha256:82d121266eb9adca7faa9af0da6c89323cfe24add67bcba759a6a81ca161ba2f_s390x",
"9Base-RHOSDS-3:devspaces-tech-preview/jetbrains-ide-rhel9@sha256:9a8899c791034c3395c081fbe55746021d372ea1ea3523f2a72bf7e31a2a4132_ppc64le",
"9Base-RHOSDS-3:devspaces/code-rhel9@sha256:08f2e3cd088b9d1176e61f8017126ecaa7447ade3aede5d63e49bd678b5cc30b_s390x",
"9Base-RHOSDS-3:devspaces/code-rhel9@sha256:d36fb4add09a1576207fe4b114f60142a43b351d218b1f5d0807bacc19c02915_ppc64le",
"9Base-RHOSDS-3:devspaces/code-rhel9@sha256:e48a0e27d13aff1bc60facd4ef3bd875f3b9c68b33c5d9be86dcf2fb46971d24_amd64",
"9Base-RHOSDS-3:devspaces/configbump-rhel9@sha256:403b6c1ddb3fe9337fc1f83129d0b9e51dc18948df29f94212e291246b828e90_amd64",
"9Base-RHOSDS-3:devspaces/configbump-rhel9@sha256:97544fe3e08648e8f0aec09dda768e884b0c213be0b833568747c797d492bb42_ppc64le",
"9Base-RHOSDS-3:devspaces/configbump-rhel9@sha256:a47dcbcc9292e09c31ad8df74d54b58aa03db782700937365434407029c586d7_s390x",
"9Base-RHOSDS-3:devspaces/dashboard-rhel9@sha256:4fb48f0964049b6e56c71cac4973c8ec4ae53b3248ec842e58ec499736e3ffb7_ppc64le",
"9Base-RHOSDS-3:devspaces/dashboard-rhel9@sha256:bbb3292a84927c24cdef7aaff704cc12560172ba0c55021bf397d92f0f8c04c8_amd64",
"9Base-RHOSDS-3:devspaces/dashboard-rhel9@sha256:f894dcaddbc0dd33c9e524e33bf54416f08dd328838bbe2c869eb7201cf7ef1a_s390x",
"9Base-RHOSDS-3:devspaces/devspaces-operator-bundle@sha256:b05f216166a75a5ae3f56495ea4f47a6c3b91d5405360cd991f7c9d545491150_amd64",
"9Base-RHOSDS-3:devspaces/devspaces-operator-bundle@sha256:ba152d33e05c8d53dd9c39249ba9756418619ff784ef1e4cb296a7aa1a33adfd_ppc64le",
"9Base-RHOSDS-3:devspaces/devspaces-operator-bundle@sha256:f463c35bfe9daac4929295c610f07935ff9655793b72d5fd040944fad8307c9a_s390x",
"9Base-RHOSDS-3:devspaces/devspaces-rhel9-operator@sha256:0cfde874c304561625ac5a838df9d90514bafddd5af6f7ed38f1476475497df3_amd64",
"9Base-RHOSDS-3:devspaces/devspaces-rhel9-operator@sha256:23280e408cce44be3fc8ebf244b19f5e386da1e6fab218a1a3ee8a1748f132f9_ppc64le",
"9Base-RHOSDS-3:devspaces/devspaces-rhel9-operator@sha256:e2b9c33d133573a466fead6c5f904d7ef31ba96d5fce1a619f3ff8c47d86a9da_s390x",
"9Base-RHOSDS-3:devspaces/imagepuller-rhel9@sha256:4e11c662d89bb01653f32ed2f3bc66a67be8a1464e267a564a30e36d047b46a6_s390x",
"9Base-RHOSDS-3:devspaces/imagepuller-rhel9@sha256:899c0fa0d3035a2da050c9dc765d2d5a1e79969ac8e5fe772e6dab003940c4b4_amd64",
"9Base-RHOSDS-3:devspaces/imagepuller-rhel9@sha256:8de9e91840963be836e62c27395e7c37ebe1e908770a817197cb938fcf1777dc_ppc64le",
"9Base-RHOSDS-3:devspaces/machineexec-rhel9@sha256:0ce141da5a9eec8fd61d6beee7c993ed4731a4b25501fd3a8f261a4aeab2ccda_amd64",
"9Base-RHOSDS-3:devspaces/machineexec-rhel9@sha256:60f6c9724b2c7e773654d7fd176829661420b6a3eb9df7f72c3560e7890fe691_s390x",
"9Base-RHOSDS-3:devspaces/machineexec-rhel9@sha256:ac07b6bc8c311b357ab5e0545a2b80aa567c2f76b9ed01a3d382b5685b688c83_ppc64le",
"9Base-RHOSDS-3:devspaces/pluginregistry-rhel9@sha256:4c5430c1e53219652c27d861d7a7d577097db0dad05ded83b814275cb9a6cad2_ppc64le",
"9Base-RHOSDS-3:devspaces/pluginregistry-rhel9@sha256:7107f9bf1082a528e0f3af30a5b02e26a770b3430600596e37bebafa18fd0786_amd64",
"9Base-RHOSDS-3:devspaces/pluginregistry-rhel9@sha256:989fc72b261f44374f16ba8aa190791d04da8b295933f724a00bc31a84efd89e_s390x",
"9Base-RHOSDS-3:devspaces/server-rhel9@sha256:52ea2c5e3244363b1d131b8551c10abc687b18f95ca5b9f561f79041a6f06c21_amd64",
"9Base-RHOSDS-3:devspaces/server-rhel9@sha256:ae275fed16fdc724d0e48659c3de940e4af3e0722d3b5d465634d31f5a2a972e_s390x",
"9Base-RHOSDS-3:devspaces/server-rhel9@sha256:edae16c9f7a40feaf051b22a05945fd3a51033d031b742346105cff657848881_ppc64le",
"9Base-RHOSDS-3:devspaces/traefik-rhel9@sha256:24a8578aa65eaeb3fbbc4809db2bd8e57cd76cc6a96d94ce67aa22f1b5d4a4a5_amd64",
"9Base-RHOSDS-3:devspaces/traefik-rhel9@sha256:2a9c66e55371adf209b5b317068e63cfbd9b3e27da9de210250607da8b3ffdff_ppc64le",
"9Base-RHOSDS-3:devspaces/traefik-rhel9@sha256:90df466eef849a4fd6846345273968f875397d72f24c38445058d462d861ca9c_s390x",
"9Base-RHOSDS-3:devspaces/udi-base-rhel9@sha256:25b8dab260796cc1962ef2c31a6c8b98e258b1a9e8b13580da798a0074acd4e8_amd64",
"9Base-RHOSDS-3:devspaces/udi-base-rhel9@sha256:89d858f949b7bbc4502109ff8ab3cf0f416ad1a4c9432924669fc30eeba26b86_ppc64le",
"9Base-RHOSDS-3:devspaces/udi-base-rhel9@sha256:e1b46dd642b4391ece60c7bc3bb062ba81c3c975cb3723ade62f5a230a43ed5d_s390x",
"9Base-RHOSDS-3:devspaces/udi-rhel9@sha256:c98bbca9019281daafac3fb0ac3590258ca5c93ecc954e5127c1c99db4aa0315_amd64",
"9Base-RHOSDS-3:devspaces/udi-rhel9@sha256:e6d836b45dfb32da1a94114ab9908251da24adeeca932de89ba0e23d4f104e22_s390x",
"9Base-RHOSDS-3:devspaces/udi-rhel9@sha256:f6be90596ba55531a1ef7acf4041ed2828d4fe8a3cdd4e8b251bf4929bd19700_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-RHOSDS-3:devspaces-tech-preview/idea-rhel9@sha256:e57eccb97cb2329af1654e27ad2ad30bb30de70c496b0e6e4353d2d0ce9274b8_amd64",
"9Base-RHOSDS-3:devspaces-tech-preview/jetbrains-ide-rhel9@sha256:6f3737f74c7659d65af8fe9a7cab165f8cdb1554b8ff963352885e1d9014ff27_amd64",
"9Base-RHOSDS-3:devspaces-tech-preview/jetbrains-ide-rhel9@sha256:82d121266eb9adca7faa9af0da6c89323cfe24add67bcba759a6a81ca161ba2f_s390x",
"9Base-RHOSDS-3:devspaces-tech-preview/jetbrains-ide-rhel9@sha256:9a8899c791034c3395c081fbe55746021d372ea1ea3523f2a72bf7e31a2a4132_ppc64le",
"9Base-RHOSDS-3:devspaces/code-rhel9@sha256:08f2e3cd088b9d1176e61f8017126ecaa7447ade3aede5d63e49bd678b5cc30b_s390x",
"9Base-RHOSDS-3:devspaces/code-rhel9@sha256:d36fb4add09a1576207fe4b114f60142a43b351d218b1f5d0807bacc19c02915_ppc64le",
"9Base-RHOSDS-3:devspaces/code-rhel9@sha256:e48a0e27d13aff1bc60facd4ef3bd875f3b9c68b33c5d9be86dcf2fb46971d24_amd64",
"9Base-RHOSDS-3:devspaces/configbump-rhel9@sha256:403b6c1ddb3fe9337fc1f83129d0b9e51dc18948df29f94212e291246b828e90_amd64",
"9Base-RHOSDS-3:devspaces/configbump-rhel9@sha256:97544fe3e08648e8f0aec09dda768e884b0c213be0b833568747c797d492bb42_ppc64le",
"9Base-RHOSDS-3:devspaces/configbump-rhel9@sha256:a47dcbcc9292e09c31ad8df74d54b58aa03db782700937365434407029c586d7_s390x",
"9Base-RHOSDS-3:devspaces/dashboard-rhel9@sha256:4fb48f0964049b6e56c71cac4973c8ec4ae53b3248ec842e58ec499736e3ffb7_ppc64le",
"9Base-RHOSDS-3:devspaces/dashboard-rhel9@sha256:bbb3292a84927c24cdef7aaff704cc12560172ba0c55021bf397d92f0f8c04c8_amd64",
"9Base-RHOSDS-3:devspaces/dashboard-rhel9@sha256:f894dcaddbc0dd33c9e524e33bf54416f08dd328838bbe2c869eb7201cf7ef1a_s390x",
"9Base-RHOSDS-3:devspaces/devspaces-operator-bundle@sha256:b05f216166a75a5ae3f56495ea4f47a6c3b91d5405360cd991f7c9d545491150_amd64",
"9Base-RHOSDS-3:devspaces/devspaces-operator-bundle@sha256:ba152d33e05c8d53dd9c39249ba9756418619ff784ef1e4cb296a7aa1a33adfd_ppc64le",
"9Base-RHOSDS-3:devspaces/devspaces-operator-bundle@sha256:f463c35bfe9daac4929295c610f07935ff9655793b72d5fd040944fad8307c9a_s390x",
"9Base-RHOSDS-3:devspaces/devspaces-rhel9-operator@sha256:0cfde874c304561625ac5a838df9d90514bafddd5af6f7ed38f1476475497df3_amd64",
"9Base-RHOSDS-3:devspaces/devspaces-rhel9-operator@sha256:23280e408cce44be3fc8ebf244b19f5e386da1e6fab218a1a3ee8a1748f132f9_ppc64le",
"9Base-RHOSDS-3:devspaces/devspaces-rhel9-operator@sha256:e2b9c33d133573a466fead6c5f904d7ef31ba96d5fce1a619f3ff8c47d86a9da_s390x",
"9Base-RHOSDS-3:devspaces/imagepuller-rhel9@sha256:4e11c662d89bb01653f32ed2f3bc66a67be8a1464e267a564a30e36d047b46a6_s390x",
"9Base-RHOSDS-3:devspaces/imagepuller-rhel9@sha256:899c0fa0d3035a2da050c9dc765d2d5a1e79969ac8e5fe772e6dab003940c4b4_amd64",
"9Base-RHOSDS-3:devspaces/imagepuller-rhel9@sha256:8de9e91840963be836e62c27395e7c37ebe1e908770a817197cb938fcf1777dc_ppc64le",
"9Base-RHOSDS-3:devspaces/machineexec-rhel9@sha256:0ce141da5a9eec8fd61d6beee7c993ed4731a4b25501fd3a8f261a4aeab2ccda_amd64",
"9Base-RHOSDS-3:devspaces/machineexec-rhel9@sha256:60f6c9724b2c7e773654d7fd176829661420b6a3eb9df7f72c3560e7890fe691_s390x",
"9Base-RHOSDS-3:devspaces/machineexec-rhel9@sha256:ac07b6bc8c311b357ab5e0545a2b80aa567c2f76b9ed01a3d382b5685b688c83_ppc64le",
"9Base-RHOSDS-3:devspaces/pluginregistry-rhel9@sha256:4c5430c1e53219652c27d861d7a7d577097db0dad05ded83b814275cb9a6cad2_ppc64le",
"9Base-RHOSDS-3:devspaces/pluginregistry-rhel9@sha256:7107f9bf1082a528e0f3af30a5b02e26a770b3430600596e37bebafa18fd0786_amd64",
"9Base-RHOSDS-3:devspaces/pluginregistry-rhel9@sha256:989fc72b261f44374f16ba8aa190791d04da8b295933f724a00bc31a84efd89e_s390x",
"9Base-RHOSDS-3:devspaces/server-rhel9@sha256:52ea2c5e3244363b1d131b8551c10abc687b18f95ca5b9f561f79041a6f06c21_amd64",
"9Base-RHOSDS-3:devspaces/server-rhel9@sha256:ae275fed16fdc724d0e48659c3de940e4af3e0722d3b5d465634d31f5a2a972e_s390x",
"9Base-RHOSDS-3:devspaces/server-rhel9@sha256:edae16c9f7a40feaf051b22a05945fd3a51033d031b742346105cff657848881_ppc64le",
"9Base-RHOSDS-3:devspaces/traefik-rhel9@sha256:24a8578aa65eaeb3fbbc4809db2bd8e57cd76cc6a96d94ce67aa22f1b5d4a4a5_amd64",
"9Base-RHOSDS-3:devspaces/traefik-rhel9@sha256:2a9c66e55371adf209b5b317068e63cfbd9b3e27da9de210250607da8b3ffdff_ppc64le",
"9Base-RHOSDS-3:devspaces/traefik-rhel9@sha256:90df466eef849a4fd6846345273968f875397d72f24c38445058d462d861ca9c_s390x",
"9Base-RHOSDS-3:devspaces/udi-base-rhel9@sha256:25b8dab260796cc1962ef2c31a6c8b98e258b1a9e8b13580da798a0074acd4e8_amd64",
"9Base-RHOSDS-3:devspaces/udi-base-rhel9@sha256:89d858f949b7bbc4502109ff8ab3cf0f416ad1a4c9432924669fc30eeba26b86_ppc64le",
"9Base-RHOSDS-3:devspaces/udi-base-rhel9@sha256:e1b46dd642b4391ece60c7bc3bb062ba81c3c975cb3723ade62f5a230a43ed5d_s390x",
"9Base-RHOSDS-3:devspaces/udi-rhel9@sha256:c98bbca9019281daafac3fb0ac3590258ca5c93ecc954e5127c1c99db4aa0315_amd64",
"9Base-RHOSDS-3:devspaces/udi-rhel9@sha256:e6d836b45dfb32da1a94114ab9908251da24adeeca932de89ba0e23d4f104e22_s390x",
"9Base-RHOSDS-3:devspaces/udi-rhel9@sha256:f6be90596ba55531a1ef7acf4041ed2828d4fe8a3cdd4e8b251bf4929bd19700_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang-jwt/jwt: jwt-go allows excessive memory allocation during header parsing"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…