rhsa-2025:8510
Vulnerability from csaf_redhat
Published
2025-06-04 12:26
Modified
2025-08-19 03:15
Summary
Red Hat Security Advisory: Migration Toolkit for Containers (MTC) 1.8.7 security and bug fix update
Notes
Topic
The Migration Toolkit for Containers (MTC) 1.8.7 is now available.
Red Hat Product Security has rated this update as having a security impact
of Important. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available for each vulnerability
from the CVE link(s) in the References section.
Details
The Migration Toolkit for Containers (MTC) enables you to migrate Kubernetes resources, persistent volume data, and internal container images between OpenShift Container Platform clusters, using the MTC web console or the Kubernetes API.
Security Fix(es) from Bugzilla:
* golang.org/x/net/html: Non-linear parsing of case-insensitive content in golang.org/x/net/html (CVE-2024-45338)
* golang.org/x/oauth2/jws: Unexpected memory consumption during token parsing in golang.org/x/oauth2/jws (CVE-2025-22868)
* golang-jwt/jwt: jwt-go allows excessive memory allocation during header parsing (CVE-2025-30204)
* http-proxy-middleware: Denial of Service (CVE-2024-21536)
* cross-spawn: regular expression denial of service (CVE-2024-21538)
For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Important" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "The Migration Toolkit for Containers (MTC) 1.8.7 is now available.\n\nRed Hat Product Security has rated this update as having a security impact\nof Important. A Common Vulnerability Scoring System (CVSS) base score,\nwhich gives a detailed severity rating, is available for each vulnerability\nfrom the CVE link(s) in the References section.", "title": "Topic" }, { "category": "general", "text": "The Migration Toolkit for Containers (MTC) enables you to migrate Kubernetes resources, persistent volume data, and internal container images between OpenShift Container Platform clusters, using the MTC web console or the Kubernetes API.\n\nSecurity Fix(es) from Bugzilla:\n\n* golang.org/x/net/html: Non-linear parsing of case-insensitive content in golang.org/x/net/html (CVE-2024-45338)\n\n* golang.org/x/oauth2/jws: Unexpected memory consumption during token parsing in golang.org/x/oauth2/jws (CVE-2025-22868)\n\n* golang-jwt/jwt: jwt-go allows excessive memory allocation during header parsing (CVE-2025-30204)\n\n* http-proxy-middleware: Denial of Service (CVE-2024-21536)\n\n* cross-spawn: regular expression denial of service (CVE-2024-21538)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2025:8510", "url": "https://access.redhat.com/errata/RHSA-2025:8510" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#important", "url": "https://access.redhat.com/security/updates/classification/#important" }, { "category": "external", "summary": "2319884", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2319884" }, { "category": "external", "summary": "2324550", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2324550" }, { "category": "external", "summary": "2333122", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2333122" }, { "category": "external", "summary": "2348366", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2348366" }, { "category": "external", "summary": "2354195", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2354195" }, { "category": "external", "summary": "MIG-1733", "url": "https://issues.redhat.com/browse/MIG-1733" }, { "category": "external", "summary": "MIG-1735", "url": "https://issues.redhat.com/browse/MIG-1735" }, { "category": "external", "summary": "MIG-1738", "url": "https://issues.redhat.com/browse/MIG-1738" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_8510.json" } ], "title": "Red Hat Security Advisory: Migration Toolkit for Containers (MTC) 1.8.7 security and bug fix update", "tracking": { "current_release_date": "2025-08-19T03:15:13+00:00", "generator": { "date": "2025-08-19T03:15:13+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.6.6" } }, "id": "RHSA-2025:8510", "initial_release_date": "2025-06-04T12:26:00+00:00", "revision_history": [ { "date": "2025-06-04T12:26:00+00:00", "number": "1", "summary": "Initial version" }, { "date": "2025-06-04T12:26:00+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2025-08-19T03:15:13+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "8Base-RHMTC-1.8", "product": { "name": "8Base-RHMTC-1.8", "product_id": "8Base-RHMTC-1.8", "product_identification_helper": { "cpe": "cpe:/a:redhat:rhmt:1.8::el8" } } } ], "category": "product_family", "name": "Red Hat Migration Toolkit" }, { "branches": [ { "category": "product_version", "name": "rhmtc/openshift-migration-controller-rhel8@sha256:0c83726f520790b68fba4926299c9a8327d2316d8d0aff472b64aad586a7a39a_amd64", "product": { "name": "rhmtc/openshift-migration-controller-rhel8@sha256:0c83726f520790b68fba4926299c9a8327d2316d8d0aff472b64aad586a7a39a_amd64", "product_id": "rhmtc/openshift-migration-controller-rhel8@sha256:0c83726f520790b68fba4926299c9a8327d2316d8d0aff472b64aad586a7a39a_amd64", "product_identification_helper": { "purl": "pkg:oci/openshift-migration-controller-rhel8@sha256:0c83726f520790b68fba4926299c9a8327d2316d8d0aff472b64aad586a7a39a?arch=amd64\u0026repository_url=registry.redhat.io/rhmtc/openshift-migration-controller-rhel8\u0026tag=v1.8.7-3" } } }, { "category": "product_version", "name": "rhmtc/openshift-migration-hook-runner-rhel8@sha256:e58aec84cb80cd57ef37038e83ca60113c8cb7998923806decd901355db06900_amd64", "product": { "name": "rhmtc/openshift-migration-hook-runner-rhel8@sha256:e58aec84cb80cd57ef37038e83ca60113c8cb7998923806decd901355db06900_amd64", "product_id": "rhmtc/openshift-migration-hook-runner-rhel8@sha256:e58aec84cb80cd57ef37038e83ca60113c8cb7998923806decd901355db06900_amd64", "product_identification_helper": { "purl": "pkg:oci/openshift-migration-hook-runner-rhel8@sha256:e58aec84cb80cd57ef37038e83ca60113c8cb7998923806decd901355db06900?arch=amd64\u0026repository_url=registry.redhat.io/rhmtc/openshift-migration-hook-runner-rhel8\u0026tag=v1.8.7-2" } } }, { "category": "product_version", "name": "rhmtc/openshift-migration-log-reader-rhel8@sha256:2b887879f51ba42555bc166e2b5e44265a8ecce87d35ffe698054bd8394c5923_amd64", "product": { "name": "rhmtc/openshift-migration-log-reader-rhel8@sha256:2b887879f51ba42555bc166e2b5e44265a8ecce87d35ffe698054bd8394c5923_amd64", "product_id": "rhmtc/openshift-migration-log-reader-rhel8@sha256:2b887879f51ba42555bc166e2b5e44265a8ecce87d35ffe698054bd8394c5923_amd64", "product_identification_helper": { "purl": "pkg:oci/openshift-migration-log-reader-rhel8@sha256:2b887879f51ba42555bc166e2b5e44265a8ecce87d35ffe698054bd8394c5923?arch=amd64\u0026repository_url=registry.redhat.io/rhmtc/openshift-migration-log-reader-rhel8\u0026tag=v1.8.7-2" } } }, { "category": "product_version", "name": "rhmtc/openshift-migration-must-gather-rhel8@sha256:e63f4262e1a95f5913a812437ec9bf25aa8903e8c41574b6f7b69b8f8bc850ad_amd64", "product": { "name": "rhmtc/openshift-migration-must-gather-rhel8@sha256:e63f4262e1a95f5913a812437ec9bf25aa8903e8c41574b6f7b69b8f8bc850ad_amd64", "product_id": "rhmtc/openshift-migration-must-gather-rhel8@sha256:e63f4262e1a95f5913a812437ec9bf25aa8903e8c41574b6f7b69b8f8bc850ad_amd64", "product_identification_helper": { "purl": "pkg:oci/openshift-migration-must-gather-rhel8@sha256:e63f4262e1a95f5913a812437ec9bf25aa8903e8c41574b6f7b69b8f8bc850ad?arch=amd64\u0026repository_url=registry.redhat.io/rhmtc/openshift-migration-must-gather-rhel8\u0026tag=v1.8.7-2" } } }, { "category": "product_version", "name": "rhmtc/openshift-migration-openvpn-rhel8@sha256:68aab51a9d9bf099124738d9e7506b357e0f194924f34dded268c2027e9e4dc5_amd64", "product": { "name": "rhmtc/openshift-migration-openvpn-rhel8@sha256:68aab51a9d9bf099124738d9e7506b357e0f194924f34dded268c2027e9e4dc5_amd64", "product_id": "rhmtc/openshift-migration-openvpn-rhel8@sha256:68aab51a9d9bf099124738d9e7506b357e0f194924f34dded268c2027e9e4dc5_amd64", "product_identification_helper": { "purl": "pkg:oci/openshift-migration-openvpn-rhel8@sha256:68aab51a9d9bf099124738d9e7506b357e0f194924f34dded268c2027e9e4dc5?arch=amd64\u0026repository_url=registry.redhat.io/rhmtc/openshift-migration-openvpn-rhel8\u0026tag=v1.8.7-1" } } }, { "category": "product_version", "name": "rhmtc/openshift-migration-rhel8-operator@sha256:6761863f92e894c1c0b019d4a640bfc872c6dcebcf18ce1abbe83691cae45a1d_amd64", "product": { "name": "rhmtc/openshift-migration-rhel8-operator@sha256:6761863f92e894c1c0b019d4a640bfc872c6dcebcf18ce1abbe83691cae45a1d_amd64", "product_id": "rhmtc/openshift-migration-rhel8-operator@sha256:6761863f92e894c1c0b019d4a640bfc872c6dcebcf18ce1abbe83691cae45a1d_amd64", "product_identification_helper": { "purl": "pkg:oci/openshift-migration-rhel8-operator@sha256:6761863f92e894c1c0b019d4a640bfc872c6dcebcf18ce1abbe83691cae45a1d?arch=amd64\u0026repository_url=registry.redhat.io/rhmtc/openshift-migration-rhel8-operator\u0026tag=v1.8.7-5" } } }, { "category": "product_version", "name": "rhmtc/openshift-migration-operator-bundle@sha256:6611752875c270468d29fc6ff63c6d66aaa2675c0e524937180ff8ee93215b4b_amd64", "product": { "name": "rhmtc/openshift-migration-operator-bundle@sha256:6611752875c270468d29fc6ff63c6d66aaa2675c0e524937180ff8ee93215b4b_amd64", "product_id": "rhmtc/openshift-migration-operator-bundle@sha256:6611752875c270468d29fc6ff63c6d66aaa2675c0e524937180ff8ee93215b4b_amd64", "product_identification_helper": { "purl": "pkg:oci/openshift-migration-operator-bundle@sha256:6611752875c270468d29fc6ff63c6d66aaa2675c0e524937180ff8ee93215b4b?arch=amd64\u0026repository_url=registry.redhat.io/rhmtc/openshift-migration-operator-bundle\u0026tag=v1.8.7-8" } } }, { "category": "product_version", "name": "rhmtc/openshift-migration-registry-rhel8@sha256:bedabe364c8eef1627a9eb6f96737448df680ab090cecfdcfe20af90dac5240d_amd64", "product": { "name": "rhmtc/openshift-migration-registry-rhel8@sha256:bedabe364c8eef1627a9eb6f96737448df680ab090cecfdcfe20af90dac5240d_amd64", "product_id": "rhmtc/openshift-migration-registry-rhel8@sha256:bedabe364c8eef1627a9eb6f96737448df680ab090cecfdcfe20af90dac5240d_amd64", "product_identification_helper": { "purl": "pkg:oci/openshift-migration-registry-rhel8@sha256:bedabe364c8eef1627a9eb6f96737448df680ab090cecfdcfe20af90dac5240d?arch=amd64\u0026repository_url=registry.redhat.io/rhmtc/openshift-migration-registry-rhel8\u0026tag=v1.8.7-1" } } }, { "category": "product_version", "name": "rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:f64466725f6a76d47c191bbe50c7526add0774b04bccb9dabd8166c01e992123_amd64", "product": { "name": "rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:f64466725f6a76d47c191bbe50c7526add0774b04bccb9dabd8166c01e992123_amd64", "product_id": "rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:f64466725f6a76d47c191bbe50c7526add0774b04bccb9dabd8166c01e992123_amd64", "product_identification_helper": { "purl": "pkg:oci/openshift-migration-rsync-transfer-rhel8@sha256:f64466725f6a76d47c191bbe50c7526add0774b04bccb9dabd8166c01e992123?arch=amd64\u0026repository_url=registry.redhat.io/rhmtc/openshift-migration-rsync-transfer-rhel8\u0026tag=v1.8.7-1" } } }, { "category": "product_version", "name": "rhmtc/openshift-migration-ui-rhel8@sha256:596f8ae61f2bb56e19e5e03bf7d114ff0607a7f381d6177b3cc0df2cfdcf1e58_amd64", "product": { "name": "rhmtc/openshift-migration-ui-rhel8@sha256:596f8ae61f2bb56e19e5e03bf7d114ff0607a7f381d6177b3cc0df2cfdcf1e58_amd64", "product_id": "rhmtc/openshift-migration-ui-rhel8@sha256:596f8ae61f2bb56e19e5e03bf7d114ff0607a7f381d6177b3cc0df2cfdcf1e58_amd64", "product_identification_helper": { "purl": "pkg:oci/openshift-migration-ui-rhel8@sha256:596f8ae61f2bb56e19e5e03bf7d114ff0607a7f381d6177b3cc0df2cfdcf1e58?arch=amd64\u0026repository_url=registry.redhat.io/rhmtc/openshift-migration-ui-rhel8\u0026tag=v1.8.7-2" } } }, { "category": "product_version", "name": "rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:9a0002e60e5115d60cdaa09b852aca0ceaa704b35a864695afb384694bbf9d42_amd64", "product": { "name": "rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:9a0002e60e5115d60cdaa09b852aca0ceaa704b35a864695afb384694bbf9d42_amd64", "product_id": "rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:9a0002e60e5115d60cdaa09b852aca0ceaa704b35a864695afb384694bbf9d42_amd64", "product_identification_helper": { "purl": "pkg:oci/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:9a0002e60e5115d60cdaa09b852aca0ceaa704b35a864695afb384694bbf9d42?arch=amd64\u0026repository_url=registry.redhat.io/rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8\u0026tag=v1.8.7-1" } } } ], "category": "architecture", "name": "amd64" } ], "category": "vendor", "name": "Red Hat" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "rhmtc/openshift-migration-controller-rhel8@sha256:0c83726f520790b68fba4926299c9a8327d2316d8d0aff472b64aad586a7a39a_amd64 as a component of 8Base-RHMTC-1.8", "product_id": "8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:0c83726f520790b68fba4926299c9a8327d2316d8d0aff472b64aad586a7a39a_amd64" }, "product_reference": "rhmtc/openshift-migration-controller-rhel8@sha256:0c83726f520790b68fba4926299c9a8327d2316d8d0aff472b64aad586a7a39a_amd64", "relates_to_product_reference": "8Base-RHMTC-1.8" }, { "category": "default_component_of", "full_product_name": { "name": "rhmtc/openshift-migration-hook-runner-rhel8@sha256:e58aec84cb80cd57ef37038e83ca60113c8cb7998923806decd901355db06900_amd64 as a component of 8Base-RHMTC-1.8", "product_id": "8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:e58aec84cb80cd57ef37038e83ca60113c8cb7998923806decd901355db06900_amd64" }, "product_reference": "rhmtc/openshift-migration-hook-runner-rhel8@sha256:e58aec84cb80cd57ef37038e83ca60113c8cb7998923806decd901355db06900_amd64", "relates_to_product_reference": "8Base-RHMTC-1.8" }, { "category": "default_component_of", "full_product_name": { "name": "rhmtc/openshift-migration-log-reader-rhel8@sha256:2b887879f51ba42555bc166e2b5e44265a8ecce87d35ffe698054bd8394c5923_amd64 as a component of 8Base-RHMTC-1.8", "product_id": "8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:2b887879f51ba42555bc166e2b5e44265a8ecce87d35ffe698054bd8394c5923_amd64" }, "product_reference": "rhmtc/openshift-migration-log-reader-rhel8@sha256:2b887879f51ba42555bc166e2b5e44265a8ecce87d35ffe698054bd8394c5923_amd64", "relates_to_product_reference": "8Base-RHMTC-1.8" }, { "category": "default_component_of", "full_product_name": { "name": "rhmtc/openshift-migration-must-gather-rhel8@sha256:e63f4262e1a95f5913a812437ec9bf25aa8903e8c41574b6f7b69b8f8bc850ad_amd64 as a component of 8Base-RHMTC-1.8", "product_id": "8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:e63f4262e1a95f5913a812437ec9bf25aa8903e8c41574b6f7b69b8f8bc850ad_amd64" }, "product_reference": "rhmtc/openshift-migration-must-gather-rhel8@sha256:e63f4262e1a95f5913a812437ec9bf25aa8903e8c41574b6f7b69b8f8bc850ad_amd64", "relates_to_product_reference": "8Base-RHMTC-1.8" }, { "category": "default_component_of", "full_product_name": { "name": "rhmtc/openshift-migration-openvpn-rhel8@sha256:68aab51a9d9bf099124738d9e7506b357e0f194924f34dded268c2027e9e4dc5_amd64 as a component of 8Base-RHMTC-1.8", "product_id": "8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:68aab51a9d9bf099124738d9e7506b357e0f194924f34dded268c2027e9e4dc5_amd64" }, "product_reference": "rhmtc/openshift-migration-openvpn-rhel8@sha256:68aab51a9d9bf099124738d9e7506b357e0f194924f34dded268c2027e9e4dc5_amd64", "relates_to_product_reference": "8Base-RHMTC-1.8" }, { "category": "default_component_of", "full_product_name": { "name": "rhmtc/openshift-migration-operator-bundle@sha256:6611752875c270468d29fc6ff63c6d66aaa2675c0e524937180ff8ee93215b4b_amd64 as a component of 8Base-RHMTC-1.8", "product_id": "8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:6611752875c270468d29fc6ff63c6d66aaa2675c0e524937180ff8ee93215b4b_amd64" }, "product_reference": "rhmtc/openshift-migration-operator-bundle@sha256:6611752875c270468d29fc6ff63c6d66aaa2675c0e524937180ff8ee93215b4b_amd64", "relates_to_product_reference": "8Base-RHMTC-1.8" }, { "category": "default_component_of", "full_product_name": { "name": "rhmtc/openshift-migration-registry-rhel8@sha256:bedabe364c8eef1627a9eb6f96737448df680ab090cecfdcfe20af90dac5240d_amd64 as a component of 8Base-RHMTC-1.8", "product_id": "8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:bedabe364c8eef1627a9eb6f96737448df680ab090cecfdcfe20af90dac5240d_amd64" }, "product_reference": "rhmtc/openshift-migration-registry-rhel8@sha256:bedabe364c8eef1627a9eb6f96737448df680ab090cecfdcfe20af90dac5240d_amd64", "relates_to_product_reference": "8Base-RHMTC-1.8" }, { "category": "default_component_of", "full_product_name": { "name": "rhmtc/openshift-migration-rhel8-operator@sha256:6761863f92e894c1c0b019d4a640bfc872c6dcebcf18ce1abbe83691cae45a1d_amd64 as a component of 8Base-RHMTC-1.8", "product_id": "8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:6761863f92e894c1c0b019d4a640bfc872c6dcebcf18ce1abbe83691cae45a1d_amd64" }, "product_reference": "rhmtc/openshift-migration-rhel8-operator@sha256:6761863f92e894c1c0b019d4a640bfc872c6dcebcf18ce1abbe83691cae45a1d_amd64", "relates_to_product_reference": "8Base-RHMTC-1.8" }, { "category": "default_component_of", "full_product_name": { "name": "rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:f64466725f6a76d47c191bbe50c7526add0774b04bccb9dabd8166c01e992123_amd64 as a component of 8Base-RHMTC-1.8", "product_id": "8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:f64466725f6a76d47c191bbe50c7526add0774b04bccb9dabd8166c01e992123_amd64" }, "product_reference": "rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:f64466725f6a76d47c191bbe50c7526add0774b04bccb9dabd8166c01e992123_amd64", "relates_to_product_reference": "8Base-RHMTC-1.8" }, { "category": "default_component_of", "full_product_name": { "name": "rhmtc/openshift-migration-ui-rhel8@sha256:596f8ae61f2bb56e19e5e03bf7d114ff0607a7f381d6177b3cc0df2cfdcf1e58_amd64 as a component of 8Base-RHMTC-1.8", "product_id": "8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:596f8ae61f2bb56e19e5e03bf7d114ff0607a7f381d6177b3cc0df2cfdcf1e58_amd64" }, "product_reference": "rhmtc/openshift-migration-ui-rhel8@sha256:596f8ae61f2bb56e19e5e03bf7d114ff0607a7f381d6177b3cc0df2cfdcf1e58_amd64", "relates_to_product_reference": "8Base-RHMTC-1.8" }, { "category": "default_component_of", "full_product_name": { "name": "rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:9a0002e60e5115d60cdaa09b852aca0ceaa704b35a864695afb384694bbf9d42_amd64 as a component of 8Base-RHMTC-1.8", "product_id": "8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:9a0002e60e5115d60cdaa09b852aca0ceaa704b35a864695afb384694bbf9d42_amd64" }, "product_reference": "rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:9a0002e60e5115d60cdaa09b852aca0ceaa704b35a864695afb384694bbf9d42_amd64", "relates_to_product_reference": "8Base-RHMTC-1.8" } ] }, "vulnerabilities": [ { "cve": "CVE-2024-21536", "cwe": { "id": "CWE-400", "name": "Uncontrolled Resource Consumption" }, "discovery_date": "2024-10-19T06:00:36.846953+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:0c83726f520790b68fba4926299c9a8327d2316d8d0aff472b64aad586a7a39a_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:e58aec84cb80cd57ef37038e83ca60113c8cb7998923806decd901355db06900_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:2b887879f51ba42555bc166e2b5e44265a8ecce87d35ffe698054bd8394c5923_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:e63f4262e1a95f5913a812437ec9bf25aa8903e8c41574b6f7b69b8f8bc850ad_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:68aab51a9d9bf099124738d9e7506b357e0f194924f34dded268c2027e9e4dc5_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:6611752875c270468d29fc6ff63c6d66aaa2675c0e524937180ff8ee93215b4b_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:bedabe364c8eef1627a9eb6f96737448df680ab090cecfdcfe20af90dac5240d_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:6761863f92e894c1c0b019d4a640bfc872c6dcebcf18ce1abbe83691cae45a1d_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:f64466725f6a76d47c191bbe50c7526add0774b04bccb9dabd8166c01e992123_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:9a0002e60e5115d60cdaa09b852aca0ceaa704b35a864695afb384694bbf9d42_amd64" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2319884" } ], "notes": [ { "category": "description", "text": "A flaw was found in the http-proxy-middleware package. Affected versions of this package are vulnerable to denial of service (DoS) due to an UnhandledPromiseRejection error thrown by micromatch. This flaw allows an attacker to kill the Node.js process and crash the server by requesting certain paths.", "title": "Vulnerability description" }, { "category": "summary", "text": "http-proxy-middleware: Denial of Service", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:596f8ae61f2bb56e19e5e03bf7d114ff0607a7f381d6177b3cc0df2cfdcf1e58_amd64" ], "known_not_affected": [ "8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:0c83726f520790b68fba4926299c9a8327d2316d8d0aff472b64aad586a7a39a_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:e58aec84cb80cd57ef37038e83ca60113c8cb7998923806decd901355db06900_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:2b887879f51ba42555bc166e2b5e44265a8ecce87d35ffe698054bd8394c5923_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:e63f4262e1a95f5913a812437ec9bf25aa8903e8c41574b6f7b69b8f8bc850ad_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:68aab51a9d9bf099124738d9e7506b357e0f194924f34dded268c2027e9e4dc5_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:6611752875c270468d29fc6ff63c6d66aaa2675c0e524937180ff8ee93215b4b_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:bedabe364c8eef1627a9eb6f96737448df680ab090cecfdcfe20af90dac5240d_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:6761863f92e894c1c0b019d4a640bfc872c6dcebcf18ce1abbe83691cae45a1d_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:f64466725f6a76d47c191bbe50c7526add0774b04bccb9dabd8166c01e992123_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:9a0002e60e5115d60cdaa09b852aca0ceaa704b35a864695afb384694bbf9d42_amd64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2024-21536" }, { "category": "external", "summary": "RHBZ#2319884", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2319884" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2024-21536", "url": "https://www.cve.org/CVERecord?id=CVE-2024-21536" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-21536", "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-21536" }, { "category": "external", "summary": "https://gist.github.com/mhassan1/28be67266d82a53708ed59ce5dc3c94a", "url": "https://gist.github.com/mhassan1/28be67266d82a53708ed59ce5dc3c94a" }, { "category": "external", "summary": "https://github.com/chimurai/http-proxy-middleware/commit/0b4274e8cc9e9a2c5a06f35fbf456ccfcebc55a5", "url": "https://github.com/chimurai/http-proxy-middleware/commit/0b4274e8cc9e9a2c5a06f35fbf456ccfcebc55a5" }, { "category": "external", "summary": "https://github.com/chimurai/http-proxy-middleware/commit/788b21e4aff38332d6319557d4a5b1b13b1f9a22", "url": "https://github.com/chimurai/http-proxy-middleware/commit/788b21e4aff38332d6319557d4a5b1b13b1f9a22" }, { "category": "external", "summary": "https://security.snyk.io/vuln/SNYK-JS-HTTPPROXYMIDDLEWARE-8229906", "url": "https://security.snyk.io/vuln/SNYK-JS-HTTPPROXYMIDDLEWARE-8229906" } ], "release_date": "2024-10-19T05:00:04.056000+00:00", "remediations": [ { "category": "vendor_fix", "date": "2025-06-04T12:26:00+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:596f8ae61f2bb56e19e5e03bf7d114ff0607a7f381d6177b3cc0df2cfdcf1e58_amd64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2025:8510" }, { "category": "workaround", "details": "Red Hat Product Security does not have any mitigation recommendations at this time.", "product_ids": [ "8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:0c83726f520790b68fba4926299c9a8327d2316d8d0aff472b64aad586a7a39a_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:e58aec84cb80cd57ef37038e83ca60113c8cb7998923806decd901355db06900_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:2b887879f51ba42555bc166e2b5e44265a8ecce87d35ffe698054bd8394c5923_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:e63f4262e1a95f5913a812437ec9bf25aa8903e8c41574b6f7b69b8f8bc850ad_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:68aab51a9d9bf099124738d9e7506b357e0f194924f34dded268c2027e9e4dc5_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:6611752875c270468d29fc6ff63c6d66aaa2675c0e524937180ff8ee93215b4b_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:bedabe364c8eef1627a9eb6f96737448df680ab090cecfdcfe20af90dac5240d_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:6761863f92e894c1c0b019d4a640bfc872c6dcebcf18ce1abbe83691cae45a1d_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:f64466725f6a76d47c191bbe50c7526add0774b04bccb9dabd8166c01e992123_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:596f8ae61f2bb56e19e5e03bf7d114ff0607a7f381d6177b3cc0df2cfdcf1e58_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:9a0002e60e5115d60cdaa09b852aca0ceaa704b35a864695afb384694bbf9d42_amd64" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:0c83726f520790b68fba4926299c9a8327d2316d8d0aff472b64aad586a7a39a_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:e58aec84cb80cd57ef37038e83ca60113c8cb7998923806decd901355db06900_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:2b887879f51ba42555bc166e2b5e44265a8ecce87d35ffe698054bd8394c5923_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:e63f4262e1a95f5913a812437ec9bf25aa8903e8c41574b6f7b69b8f8bc850ad_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:68aab51a9d9bf099124738d9e7506b357e0f194924f34dded268c2027e9e4dc5_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:6611752875c270468d29fc6ff63c6d66aaa2675c0e524937180ff8ee93215b4b_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:bedabe364c8eef1627a9eb6f96737448df680ab090cecfdcfe20af90dac5240d_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:6761863f92e894c1c0b019d4a640bfc872c6dcebcf18ce1abbe83691cae45a1d_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:f64466725f6a76d47c191bbe50c7526add0774b04bccb9dabd8166c01e992123_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:596f8ae61f2bb56e19e5e03bf7d114ff0607a7f381d6177b3cc0df2cfdcf1e58_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:9a0002e60e5115d60cdaa09b852aca0ceaa704b35a864695afb384694bbf9d42_amd64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "http-proxy-middleware: Denial of Service" }, { "cve": "CVE-2024-21538", "cwe": { "id": "CWE-1333", "name": "Inefficient Regular Expression Complexity" }, "discovery_date": "2024-11-08T13:44:29.182678+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:0c83726f520790b68fba4926299c9a8327d2316d8d0aff472b64aad586a7a39a_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:e58aec84cb80cd57ef37038e83ca60113c8cb7998923806decd901355db06900_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:2b887879f51ba42555bc166e2b5e44265a8ecce87d35ffe698054bd8394c5923_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:e63f4262e1a95f5913a812437ec9bf25aa8903e8c41574b6f7b69b8f8bc850ad_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:68aab51a9d9bf099124738d9e7506b357e0f194924f34dded268c2027e9e4dc5_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:6611752875c270468d29fc6ff63c6d66aaa2675c0e524937180ff8ee93215b4b_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:bedabe364c8eef1627a9eb6f96737448df680ab090cecfdcfe20af90dac5240d_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:6761863f92e894c1c0b019d4a640bfc872c6dcebcf18ce1abbe83691cae45a1d_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:f64466725f6a76d47c191bbe50c7526add0774b04bccb9dabd8166c01e992123_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:9a0002e60e5115d60cdaa09b852aca0ceaa704b35a864695afb384694bbf9d42_amd64" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2324550" } ], "notes": [ { "category": "description", "text": "A Regular Expression Denial of Service (ReDoS) vulnerability was found in the cross-spawn package for Node.js. Due to improper input sanitization, an attacker can increase CPU usage and crash the program with a large, specially crafted string.", "title": "Vulnerability description" }, { "category": "summary", "text": "cross-spawn: regular expression denial of service", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:596f8ae61f2bb56e19e5e03bf7d114ff0607a7f381d6177b3cc0df2cfdcf1e58_amd64" ], "known_not_affected": [ "8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:0c83726f520790b68fba4926299c9a8327d2316d8d0aff472b64aad586a7a39a_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:e58aec84cb80cd57ef37038e83ca60113c8cb7998923806decd901355db06900_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:2b887879f51ba42555bc166e2b5e44265a8ecce87d35ffe698054bd8394c5923_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:e63f4262e1a95f5913a812437ec9bf25aa8903e8c41574b6f7b69b8f8bc850ad_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:68aab51a9d9bf099124738d9e7506b357e0f194924f34dded268c2027e9e4dc5_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:6611752875c270468d29fc6ff63c6d66aaa2675c0e524937180ff8ee93215b4b_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:bedabe364c8eef1627a9eb6f96737448df680ab090cecfdcfe20af90dac5240d_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:6761863f92e894c1c0b019d4a640bfc872c6dcebcf18ce1abbe83691cae45a1d_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:f64466725f6a76d47c191bbe50c7526add0774b04bccb9dabd8166c01e992123_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:9a0002e60e5115d60cdaa09b852aca0ceaa704b35a864695afb384694bbf9d42_amd64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2024-21538" }, { "category": "external", "summary": "RHBZ#2324550", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2324550" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2024-21538", "url": "https://www.cve.org/CVERecord?id=CVE-2024-21538" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-21538", "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-21538" }, { "category": "external", "summary": "https://github.com/moxystudio/node-cross-spawn/commit/5ff3a07d9add449021d806e45c4168203aa833ff", "url": "https://github.com/moxystudio/node-cross-spawn/commit/5ff3a07d9add449021d806e45c4168203aa833ff" }, { "category": "external", "summary": "https://github.com/moxystudio/node-cross-spawn/commit/640d391fde65388548601d95abedccc12943374f", "url": "https://github.com/moxystudio/node-cross-spawn/commit/640d391fde65388548601d95abedccc12943374f" }, { "category": "external", "summary": "https://github.com/moxystudio/node-cross-spawn/pull/160", "url": "https://github.com/moxystudio/node-cross-spawn/pull/160" }, { "category": "external", "summary": "https://security.snyk.io/vuln/SNYK-JS-CROSSSPAWN-8303230", "url": "https://security.snyk.io/vuln/SNYK-JS-CROSSSPAWN-8303230" } ], "release_date": "2024-11-08T05:00:04.695000+00:00", "remediations": [ { "category": "vendor_fix", "date": "2025-06-04T12:26:00+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:596f8ae61f2bb56e19e5e03bf7d114ff0607a7f381d6177b3cc0df2cfdcf1e58_amd64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2025:8510" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 4.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:0c83726f520790b68fba4926299c9a8327d2316d8d0aff472b64aad586a7a39a_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:e58aec84cb80cd57ef37038e83ca60113c8cb7998923806decd901355db06900_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:2b887879f51ba42555bc166e2b5e44265a8ecce87d35ffe698054bd8394c5923_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:e63f4262e1a95f5913a812437ec9bf25aa8903e8c41574b6f7b69b8f8bc850ad_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:68aab51a9d9bf099124738d9e7506b357e0f194924f34dded268c2027e9e4dc5_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:6611752875c270468d29fc6ff63c6d66aaa2675c0e524937180ff8ee93215b4b_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:bedabe364c8eef1627a9eb6f96737448df680ab090cecfdcfe20af90dac5240d_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:6761863f92e894c1c0b019d4a640bfc872c6dcebcf18ce1abbe83691cae45a1d_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:f64466725f6a76d47c191bbe50c7526add0774b04bccb9dabd8166c01e992123_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:596f8ae61f2bb56e19e5e03bf7d114ff0607a7f381d6177b3cc0df2cfdcf1e58_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:9a0002e60e5115d60cdaa09b852aca0ceaa704b35a864695afb384694bbf9d42_amd64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "cross-spawn: regular expression denial of service" }, { "cve": "CVE-2024-45338", "cwe": { "id": "CWE-770", "name": "Allocation of Resources Without Limits or Throttling" }, "discovery_date": "2024-12-18T21:00:59.938173+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:e58aec84cb80cd57ef37038e83ca60113c8cb7998923806decd901355db06900_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:2b887879f51ba42555bc166e2b5e44265a8ecce87d35ffe698054bd8394c5923_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:e63f4262e1a95f5913a812437ec9bf25aa8903e8c41574b6f7b69b8f8bc850ad_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:68aab51a9d9bf099124738d9e7506b357e0f194924f34dded268c2027e9e4dc5_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:6611752875c270468d29fc6ff63c6d66aaa2675c0e524937180ff8ee93215b4b_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:bedabe364c8eef1627a9eb6f96737448df680ab090cecfdcfe20af90dac5240d_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:6761863f92e894c1c0b019d4a640bfc872c6dcebcf18ce1abbe83691cae45a1d_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:f64466725f6a76d47c191bbe50c7526add0774b04bccb9dabd8166c01e992123_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:596f8ae61f2bb56e19e5e03bf7d114ff0607a7f381d6177b3cc0df2cfdcf1e58_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:9a0002e60e5115d60cdaa09b852aca0ceaa704b35a864695afb384694bbf9d42_amd64" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2333122" } ], "notes": [ { "category": "description", "text": "A flaw was found in golang.org/x/net/html. This flaw allows an attacker to craft input to the parse functions that would be processed non-linearly with respect to its length, resulting in extremely slow parsing. This issue can cause a denial of service.", "title": "Vulnerability description" }, { "category": "summary", "text": "golang.org/x/net/html: Non-linear parsing of case-insensitive content in golang.org/x/net/html", "title": "Vulnerability summary" }, { "category": "other", "text": "This vulnerability is rated as an Important severity because an attacker can craft malicious input that causes the parsing functions to process data non-linearly, resulting in significant delays which leads to a denial of service by exhausting system resources.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:0c83726f520790b68fba4926299c9a8327d2316d8d0aff472b64aad586a7a39a_amd64" ], "known_not_affected": [ "8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:e58aec84cb80cd57ef37038e83ca60113c8cb7998923806decd901355db06900_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:2b887879f51ba42555bc166e2b5e44265a8ecce87d35ffe698054bd8394c5923_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:e63f4262e1a95f5913a812437ec9bf25aa8903e8c41574b6f7b69b8f8bc850ad_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:68aab51a9d9bf099124738d9e7506b357e0f194924f34dded268c2027e9e4dc5_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:6611752875c270468d29fc6ff63c6d66aaa2675c0e524937180ff8ee93215b4b_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:bedabe364c8eef1627a9eb6f96737448df680ab090cecfdcfe20af90dac5240d_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:6761863f92e894c1c0b019d4a640bfc872c6dcebcf18ce1abbe83691cae45a1d_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:f64466725f6a76d47c191bbe50c7526add0774b04bccb9dabd8166c01e992123_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:596f8ae61f2bb56e19e5e03bf7d114ff0607a7f381d6177b3cc0df2cfdcf1e58_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:9a0002e60e5115d60cdaa09b852aca0ceaa704b35a864695afb384694bbf9d42_amd64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2024-45338" }, { "category": "external", "summary": "RHBZ#2333122", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2333122" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2024-45338", "url": "https://www.cve.org/CVERecord?id=CVE-2024-45338" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-45338", "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-45338" }, { "category": "external", "summary": "https://go.dev/cl/637536", "url": "https://go.dev/cl/637536" }, { "category": "external", "summary": "https://go.dev/issue/70906", "url": "https://go.dev/issue/70906" }, { "category": "external", "summary": "https://groups.google.com/g/golang-announce/c/wSCRmFnNmPA/m/Lvcd0mRMAwAJ", "url": "https://groups.google.com/g/golang-announce/c/wSCRmFnNmPA/m/Lvcd0mRMAwAJ" }, { "category": "external", "summary": "https://pkg.go.dev/vuln/GO-2024-3333", "url": "https://pkg.go.dev/vuln/GO-2024-3333" } ], "release_date": "2024-12-18T20:38:22.660000+00:00", "remediations": [ { "category": "vendor_fix", "date": "2025-06-04T12:26:00+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:0c83726f520790b68fba4926299c9a8327d2316d8d0aff472b64aad586a7a39a_amd64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2025:8510" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:0c83726f520790b68fba4926299c9a8327d2316d8d0aff472b64aad586a7a39a_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:e58aec84cb80cd57ef37038e83ca60113c8cb7998923806decd901355db06900_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:2b887879f51ba42555bc166e2b5e44265a8ecce87d35ffe698054bd8394c5923_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:e63f4262e1a95f5913a812437ec9bf25aa8903e8c41574b6f7b69b8f8bc850ad_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:68aab51a9d9bf099124738d9e7506b357e0f194924f34dded268c2027e9e4dc5_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:6611752875c270468d29fc6ff63c6d66aaa2675c0e524937180ff8ee93215b4b_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:bedabe364c8eef1627a9eb6f96737448df680ab090cecfdcfe20af90dac5240d_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:6761863f92e894c1c0b019d4a640bfc872c6dcebcf18ce1abbe83691cae45a1d_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:f64466725f6a76d47c191bbe50c7526add0774b04bccb9dabd8166c01e992123_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:596f8ae61f2bb56e19e5e03bf7d114ff0607a7f381d6177b3cc0df2cfdcf1e58_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:9a0002e60e5115d60cdaa09b852aca0ceaa704b35a864695afb384694bbf9d42_amd64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "golang.org/x/net/html: Non-linear parsing of case-insensitive content in golang.org/x/net/html" }, { "acknowledgments": [ { "names": [ "jub0bs" ] } ], "cve": "CVE-2025-22868", "cwe": { "id": "CWE-1286", "name": "Improper Validation of Syntactic Correctness of Input" }, "discovery_date": "2025-02-26T04:00:44.350024+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:e58aec84cb80cd57ef37038e83ca60113c8cb7998923806decd901355db06900_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:2b887879f51ba42555bc166e2b5e44265a8ecce87d35ffe698054bd8394c5923_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:e63f4262e1a95f5913a812437ec9bf25aa8903e8c41574b6f7b69b8f8bc850ad_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:68aab51a9d9bf099124738d9e7506b357e0f194924f34dded268c2027e9e4dc5_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:6611752875c270468d29fc6ff63c6d66aaa2675c0e524937180ff8ee93215b4b_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:bedabe364c8eef1627a9eb6f96737448df680ab090cecfdcfe20af90dac5240d_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:6761863f92e894c1c0b019d4a640bfc872c6dcebcf18ce1abbe83691cae45a1d_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:f64466725f6a76d47c191bbe50c7526add0774b04bccb9dabd8166c01e992123_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:596f8ae61f2bb56e19e5e03bf7d114ff0607a7f381d6177b3cc0df2cfdcf1e58_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:9a0002e60e5115d60cdaa09b852aca0ceaa704b35a864695afb384694bbf9d42_amd64" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2348366" } ], "notes": [ { "category": "description", "text": "A flaw was found in the `golang.org/x/oauth2/jws` package in the token parsing component. This vulnerability is made possible because of the use of `strings.Split(token, \".\")` to split JWT tokens, which can lead to excessive memory consumption when processing maliciously crafted tokens with a large number of `.` characters. An attacker could exploit this functionality by sending numerous malformed tokens and can trigger memory exhaustion and a Denial of Service.", "title": "Vulnerability description" }, { "category": "summary", "text": "golang.org/x/oauth2/jws: Unexpected memory consumption during token parsing in golang.org/x/oauth2/jws", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:0c83726f520790b68fba4926299c9a8327d2316d8d0aff472b64aad586a7a39a_amd64" ], "known_not_affected": [ "8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:e58aec84cb80cd57ef37038e83ca60113c8cb7998923806decd901355db06900_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:2b887879f51ba42555bc166e2b5e44265a8ecce87d35ffe698054bd8394c5923_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:e63f4262e1a95f5913a812437ec9bf25aa8903e8c41574b6f7b69b8f8bc850ad_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:68aab51a9d9bf099124738d9e7506b357e0f194924f34dded268c2027e9e4dc5_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:6611752875c270468d29fc6ff63c6d66aaa2675c0e524937180ff8ee93215b4b_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:bedabe364c8eef1627a9eb6f96737448df680ab090cecfdcfe20af90dac5240d_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:6761863f92e894c1c0b019d4a640bfc872c6dcebcf18ce1abbe83691cae45a1d_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:f64466725f6a76d47c191bbe50c7526add0774b04bccb9dabd8166c01e992123_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:596f8ae61f2bb56e19e5e03bf7d114ff0607a7f381d6177b3cc0df2cfdcf1e58_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:9a0002e60e5115d60cdaa09b852aca0ceaa704b35a864695afb384694bbf9d42_amd64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2025-22868" }, { "category": "external", "summary": "RHBZ#2348366", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2348366" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2025-22868", "url": "https://www.cve.org/CVERecord?id=CVE-2025-22868" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-22868", "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-22868" }, { "category": "external", "summary": "https://go.dev/cl/652155", "url": "https://go.dev/cl/652155" }, { "category": "external", "summary": "https://go.dev/issue/71490", "url": "https://go.dev/issue/71490" }, { "category": "external", "summary": "https://pkg.go.dev/vuln/GO-2025-3488", "url": "https://pkg.go.dev/vuln/GO-2025-3488" } ], "release_date": "2025-02-26T03:07:49.012000+00:00", "remediations": [ { "category": "vendor_fix", "date": "2025-06-04T12:26:00+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:0c83726f520790b68fba4926299c9a8327d2316d8d0aff472b64aad586a7a39a_amd64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2025:8510" }, { "category": "workaround", "details": "To mitigate this vulnerability, it is recommended to pre-validate any payloads passed to `go-jose` to check that they do not contain an excessive amount of `.` characters.", "product_ids": [ "8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:0c83726f520790b68fba4926299c9a8327d2316d8d0aff472b64aad586a7a39a_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:e58aec84cb80cd57ef37038e83ca60113c8cb7998923806decd901355db06900_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:2b887879f51ba42555bc166e2b5e44265a8ecce87d35ffe698054bd8394c5923_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:e63f4262e1a95f5913a812437ec9bf25aa8903e8c41574b6f7b69b8f8bc850ad_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:68aab51a9d9bf099124738d9e7506b357e0f194924f34dded268c2027e9e4dc5_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:6611752875c270468d29fc6ff63c6d66aaa2675c0e524937180ff8ee93215b4b_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:bedabe364c8eef1627a9eb6f96737448df680ab090cecfdcfe20af90dac5240d_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:6761863f92e894c1c0b019d4a640bfc872c6dcebcf18ce1abbe83691cae45a1d_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:f64466725f6a76d47c191bbe50c7526add0774b04bccb9dabd8166c01e992123_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:596f8ae61f2bb56e19e5e03bf7d114ff0607a7f381d6177b3cc0df2cfdcf1e58_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:9a0002e60e5115d60cdaa09b852aca0ceaa704b35a864695afb384694bbf9d42_amd64" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:0c83726f520790b68fba4926299c9a8327d2316d8d0aff472b64aad586a7a39a_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:e58aec84cb80cd57ef37038e83ca60113c8cb7998923806decd901355db06900_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:2b887879f51ba42555bc166e2b5e44265a8ecce87d35ffe698054bd8394c5923_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:e63f4262e1a95f5913a812437ec9bf25aa8903e8c41574b6f7b69b8f8bc850ad_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:68aab51a9d9bf099124738d9e7506b357e0f194924f34dded268c2027e9e4dc5_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:6611752875c270468d29fc6ff63c6d66aaa2675c0e524937180ff8ee93215b4b_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:bedabe364c8eef1627a9eb6f96737448df680ab090cecfdcfe20af90dac5240d_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:6761863f92e894c1c0b019d4a640bfc872c6dcebcf18ce1abbe83691cae45a1d_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:f64466725f6a76d47c191bbe50c7526add0774b04bccb9dabd8166c01e992123_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:596f8ae61f2bb56e19e5e03bf7d114ff0607a7f381d6177b3cc0df2cfdcf1e58_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:9a0002e60e5115d60cdaa09b852aca0ceaa704b35a864695afb384694bbf9d42_amd64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "golang.org/x/oauth2/jws: Unexpected memory consumption during token parsing in golang.org/x/oauth2/jws" }, { "cve": "CVE-2025-30204", "cwe": { "id": "CWE-405", "name": "Asymmetric Resource Consumption (Amplification)" }, "discovery_date": "2025-03-21T22:00:43.818367+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:e58aec84cb80cd57ef37038e83ca60113c8cb7998923806decd901355db06900_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:2b887879f51ba42555bc166e2b5e44265a8ecce87d35ffe698054bd8394c5923_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:e63f4262e1a95f5913a812437ec9bf25aa8903e8c41574b6f7b69b8f8bc850ad_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:68aab51a9d9bf099124738d9e7506b357e0f194924f34dded268c2027e9e4dc5_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:6611752875c270468d29fc6ff63c6d66aaa2675c0e524937180ff8ee93215b4b_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:bedabe364c8eef1627a9eb6f96737448df680ab090cecfdcfe20af90dac5240d_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:6761863f92e894c1c0b019d4a640bfc872c6dcebcf18ce1abbe83691cae45a1d_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:f64466725f6a76d47c191bbe50c7526add0774b04bccb9dabd8166c01e992123_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:596f8ae61f2bb56e19e5e03bf7d114ff0607a7f381d6177b3cc0df2cfdcf1e58_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:9a0002e60e5115d60cdaa09b852aca0ceaa704b35a864695afb384694bbf9d42_amd64" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2354195" } ], "notes": [ { "category": "description", "text": "A flaw was found in the golang-jwt implementation of JSON Web Tokens (JWT). In affected versions, a malicious request with specially crafted Authorization header data may trigger an excessive consumption of resources on the host system. This issue can cause significant performance degradation or an application crash, leading to a denial of service.", "title": "Vulnerability description" }, { "category": "summary", "text": "golang-jwt/jwt: jwt-go allows excessive memory allocation during header parsing", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:0c83726f520790b68fba4926299c9a8327d2316d8d0aff472b64aad586a7a39a_amd64" ], "known_not_affected": [ "8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:e58aec84cb80cd57ef37038e83ca60113c8cb7998923806decd901355db06900_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:2b887879f51ba42555bc166e2b5e44265a8ecce87d35ffe698054bd8394c5923_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:e63f4262e1a95f5913a812437ec9bf25aa8903e8c41574b6f7b69b8f8bc850ad_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:68aab51a9d9bf099124738d9e7506b357e0f194924f34dded268c2027e9e4dc5_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:6611752875c270468d29fc6ff63c6d66aaa2675c0e524937180ff8ee93215b4b_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:bedabe364c8eef1627a9eb6f96737448df680ab090cecfdcfe20af90dac5240d_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:6761863f92e894c1c0b019d4a640bfc872c6dcebcf18ce1abbe83691cae45a1d_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:f64466725f6a76d47c191bbe50c7526add0774b04bccb9dabd8166c01e992123_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:596f8ae61f2bb56e19e5e03bf7d114ff0607a7f381d6177b3cc0df2cfdcf1e58_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:9a0002e60e5115d60cdaa09b852aca0ceaa704b35a864695afb384694bbf9d42_amd64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2025-30204" }, { "category": "external", "summary": "RHBZ#2354195", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2354195" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2025-30204", "url": "https://www.cve.org/CVERecord?id=CVE-2025-30204" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-30204", "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-30204" }, { "category": "external", "summary": "https://github.com/golang-jwt/jwt/commit/0951d184286dece21f73c85673fd308786ffe9c3", "url": "https://github.com/golang-jwt/jwt/commit/0951d184286dece21f73c85673fd308786ffe9c3" }, { "category": "external", "summary": "https://github.com/golang-jwt/jwt/security/advisories/GHSA-mh63-6h87-95cp", "url": "https://github.com/golang-jwt/jwt/security/advisories/GHSA-mh63-6h87-95cp" }, { "category": "external", "summary": "https://pkg.go.dev/vuln/GO-2025-3553", "url": "https://pkg.go.dev/vuln/GO-2025-3553" } ], "release_date": "2025-03-21T21:42:01.382000+00:00", "remediations": [ { "category": "vendor_fix", "date": "2025-06-04T12:26:00+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:0c83726f520790b68fba4926299c9a8327d2316d8d0aff472b64aad586a7a39a_amd64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2025:8510" }, { "category": "workaround", "details": "Red Hat Product Security does not have a recommended mitigation at this time.", "product_ids": [ "8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:0c83726f520790b68fba4926299c9a8327d2316d8d0aff472b64aad586a7a39a_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:e58aec84cb80cd57ef37038e83ca60113c8cb7998923806decd901355db06900_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:2b887879f51ba42555bc166e2b5e44265a8ecce87d35ffe698054bd8394c5923_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:e63f4262e1a95f5913a812437ec9bf25aa8903e8c41574b6f7b69b8f8bc850ad_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:68aab51a9d9bf099124738d9e7506b357e0f194924f34dded268c2027e9e4dc5_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:6611752875c270468d29fc6ff63c6d66aaa2675c0e524937180ff8ee93215b4b_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:bedabe364c8eef1627a9eb6f96737448df680ab090cecfdcfe20af90dac5240d_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:6761863f92e894c1c0b019d4a640bfc872c6dcebcf18ce1abbe83691cae45a1d_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:f64466725f6a76d47c191bbe50c7526add0774b04bccb9dabd8166c01e992123_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:596f8ae61f2bb56e19e5e03bf7d114ff0607a7f381d6177b3cc0df2cfdcf1e58_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:9a0002e60e5115d60cdaa09b852aca0ceaa704b35a864695afb384694bbf9d42_amd64" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:0c83726f520790b68fba4926299c9a8327d2316d8d0aff472b64aad586a7a39a_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:e58aec84cb80cd57ef37038e83ca60113c8cb7998923806decd901355db06900_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:2b887879f51ba42555bc166e2b5e44265a8ecce87d35ffe698054bd8394c5923_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:e63f4262e1a95f5913a812437ec9bf25aa8903e8c41574b6f7b69b8f8bc850ad_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:68aab51a9d9bf099124738d9e7506b357e0f194924f34dded268c2027e9e4dc5_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:6611752875c270468d29fc6ff63c6d66aaa2675c0e524937180ff8ee93215b4b_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:bedabe364c8eef1627a9eb6f96737448df680ab090cecfdcfe20af90dac5240d_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:6761863f92e894c1c0b019d4a640bfc872c6dcebcf18ce1abbe83691cae45a1d_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:f64466725f6a76d47c191bbe50c7526add0774b04bccb9dabd8166c01e992123_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:596f8ae61f2bb56e19e5e03bf7d114ff0607a7f381d6177b3cc0df2cfdcf1e58_amd64", "8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:9a0002e60e5115d60cdaa09b852aca0ceaa704b35a864695afb384694bbf9d42_amd64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "golang-jwt/jwt: jwt-go allows excessive memory allocation during header parsing" } ] }
Loading…
Loading…
Sightings
Author | Source | Type | Date |
---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…