Show plain JSON{"affected_release": [{"advisory": "RHSA-2022:0735", "cpe": "cpe:/a:redhat:acm:2.4::el8", "package": "acm-grafana-container", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2", "release_date": "2022-03-03T00:00:00Z"}, {"advisory": "RHSA-2022:0735", "cpe": "cpe:/a:redhat:acm:2.4::el8", "package": "acm-must-gather-container", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2", "release_date": "2022-03-03T00:00:00Z"}, {"advisory": "RHSA-2022:0735", "cpe": "cpe:/a:redhat:acm:2.4::el8", "package": "acm-operator-bundle-container", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2", "release_date": "2022-03-03T00:00:00Z"}, {"advisory": "RHSA-2022:0735", "cpe": "cpe:/a:redhat:acm:2.4::el8", "package": "application-ui-container", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2", "release_date": "2022-03-03T00:00:00Z"}, {"advisory": "RHSA-2022:0735", "cpe": "cpe:/a:redhat:acm:2.4::el8", "package": "assisted-image-service-container", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2", "release_date": "2022-03-03T00:00:00Z"}, {"advisory": "RHSA-2022:0735", "cpe": "cpe:/a:redhat:acm:2.4::el8", "package": "cert-policy-controller-container", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2", "release_date": "2022-03-03T00:00:00Z"}, {"advisory": "RHSA-2022:0735", "cpe": "cpe:/a:redhat:acm:2.4::el8", "package": "cluster-backup-operator-container", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2", "release_date": "2022-03-03T00:00:00Z"}, {"advisory": "RHSA-2022:0735", "cpe": "cpe:/a:redhat:acm:2.4::el8", "package": "clusterclaims-controller-container", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2", "release_date": "2022-03-03T00:00:00Z"}, {"advisory": "RHSA-2022:0735", "cpe": "cpe:/a:redhat:acm:2.4::el8", "package": "cluster-curator-controller-container", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2", "release_date": "2022-03-03T00:00:00Z"}, {"advisory": "RHSA-2022:0735", "cpe": "cpe:/a:redhat:acm:2.4::el8", "package": "clusterlifecycle-state-metrics-container", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2", "release_date": "2022-03-03T00:00:00Z"}, {"advisory": "RHSA-2022:0735", "cpe": "cpe:/a:redhat:acm:2.4::el8", "package": "cluster-proxy-addon-container", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2", "release_date": "2022-03-03T00:00:00Z"}, {"advisory": "RHSA-2022:0735", "cpe": "cpe:/a:redhat:acm:2.4::el8", "package": "config-policy-controller-container", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2", "release_date": "2022-03-03T00:00:00Z"}, {"advisory": "RHSA-2022:0735", "cpe": "cpe:/a:redhat:acm:2.4::el8", "package": "console-api-container", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2", "release_date": "2022-03-03T00:00:00Z"}, {"advisory": "RHSA-2022:0735", "cpe": "cpe:/a:redhat:acm:2.4::el8", "package": "console-container", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2", "release_date": "2022-03-03T00:00:00Z"}, {"advisory": "RHSA-2022:0735", "cpe": "cpe:/a:redhat:acm:2.4::el8", "package": "discovery-operator-container", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2", "release_date": "2022-03-03T00:00:00Z"}, {"advisory": "RHSA-2022:0735", "cpe": "cpe:/a:redhat:acm:2.4::el8", "package": "endpoint-monitoring-operator-container", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2", "release_date": "2022-03-03T00:00:00Z"}, {"advisory": "RHSA-2022:0735", "cpe": "cpe:/a:redhat:acm:2.4::el8", "package": "governance-policy-propagator-container", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2", "release_date": "2022-03-03T00:00:00Z"}, {"advisory": "RHSA-2022:0735", "cpe": "cpe:/a:redhat:acm:2.4::el8", "package": "governance-policy-spec-sync-container", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2", "release_date": "2022-03-03T00:00:00Z"}, {"advisory": "RHSA-2022:0735", "cpe": "cpe:/a:redhat:acm:2.4::el8", "package": "governance-policy-status-sync-container", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2", "release_date": "2022-03-03T00:00:00Z"}, {"advisory": "RHSA-2022:0735", "cpe": "cpe:/a:redhat:acm:2.4::el8", "package": "governance-policy-template-sync-container", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2", "release_date": "2022-03-03T00:00:00Z"}, {"advisory": "RHSA-2022:0735", "cpe": "cpe:/a:redhat:acm:2.4::el8", "package": "grafana-dashboard-loader-container", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2", "release_date": "2022-03-03T00:00:00Z"}, {"advisory": "RHSA-2022:0735", "cpe": "cpe:/a:redhat:acm:2.4::el8", "package": "grc-ui-api-container", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2", "release_date": "2022-03-03T00:00:00Z"}, {"advisory": "RHSA-2022:0735", "cpe": "cpe:/a:redhat:acm:2.4::el8", "package": "grc-ui-container", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2", "release_date": "2022-03-03T00:00:00Z"}, {"advisory": "RHSA-2022:0735", "cpe": "cpe:/a:redhat:acm:2.4::el8", "package": "iam-policy-controller-container", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2", "release_date": "2022-03-03T00:00:00Z"}, {"advisory": "RHSA-2022:0735", "cpe": "cpe:/a:redhat:acm:2.4::el8", "package": "insights-client-container", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2", "release_date": "2022-03-03T00:00:00Z"}, {"advisory": "RHSA-2022:0735", "cpe": "cpe:/a:redhat:acm:2.4::el8", "package": "insights-metrics-container", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2", "release_date": "2022-03-03T00:00:00Z"}, {"advisory": "RHSA-2022:0735", "cpe": "cpe:/a:redhat:acm:2.4::el8", "package": "klusterlet-addon-controller-container", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2", "release_date": "2022-03-03T00:00:00Z"}, {"advisory": "RHSA-2022:0735", "cpe": "cpe:/a:redhat:acm:2.4::el8", "package": "klusterlet-addon-operator-container", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2", "release_date": "2022-03-03T00:00:00Z"}, {"advisory": "RHSA-2022:0735", "cpe": "cpe:/a:redhat:acm:2.4::el8", "package": "klusterlet-operator-bundle-container", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2", "release_date": "2022-03-03T00:00:00Z"}, {"advisory": "RHSA-2022:0735", "cpe": "cpe:/a:redhat:acm:2.4::el8", "package": "kube-rbac-proxy-container", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2", "release_date": "2022-03-03T00:00:00Z"}, {"advisory": "RHSA-2022:0735", "cpe": "cpe:/a:redhat:acm:2.4::el8", "package": "kube-state-metrics-container", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2", "release_date": "2022-03-03T00:00:00Z"}, {"advisory": "RHSA-2022:0735", "cpe": "cpe:/a:redhat:acm:2.4::el8", "package": "managedcluster-import-controller-container", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2", "release_date": "2022-03-03T00:00:00Z"}, {"advisory": "RHSA-2022:0735", "cpe": "cpe:/a:redhat:acm:2.4::el8", "package": "management-ingress-container", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2", "release_date": "2022-03-03T00:00:00Z"}, {"advisory": "RHSA-2022:0735", "cpe": "cpe:/a:redhat:acm:2.4::el8", "package": "memcached-container", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2", "release_date": "2022-03-03T00:00:00Z"}, {"advisory": "RHSA-2022:0735", "cpe": "cpe:/a:redhat:acm:2.4::el8", "package": "memcached-exporter-container", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2", "release_date": "2022-03-03T00:00:00Z"}, {"advisory": "RHSA-2022:0735", "cpe": "cpe:/a:redhat:acm:2.4::el8", "package": "metrics-collector-container", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2", "release_date": "2022-03-03T00:00:00Z"}, {"advisory": "RHSA-2022:0735", "cpe": "cpe:/a:redhat:acm:2.4::el8", "package": "multicloud-integrations-container", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2", "release_date": "2022-03-03T00:00:00Z"}, {"advisory": "RHSA-2022:0735", "cpe": "cpe:/a:redhat:acm:2.4::el8", "package": "multicloud-manager-container", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2", "release_date": "2022-03-03T00:00:00Z"}, {"advisory": "RHSA-2022:0735", "cpe": "cpe:/a:redhat:acm:2.4::el8", "package": "multiclusterhub-operator-container", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2", "release_date": "2022-03-03T00:00:00Z"}, {"advisory": "RHSA-2022:0735", "cpe": "cpe:/a:redhat:acm:2.4::el8", "package": "multiclusterhub-repo-container", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2", "release_date": "2022-03-03T00:00:00Z"}, {"advisory": "RHSA-2022:0735", "cpe": "cpe:/a:redhat:acm:2.4::el8", "package": "multicluster-observability-operator-container", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2", "release_date": "2022-03-03T00:00:00Z"}, {"advisory": "RHSA-2022:0735", "cpe": "cpe:/a:redhat:acm:2.4::el8", "package": "multicluster-operators-application-container", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2", "release_date": "2022-03-03T00:00:00Z"}, {"advisory": "RHSA-2022:0735", "cpe": "cpe:/a:redhat:acm:2.4::el8", "package": "multicluster-operators-channel-container", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2", "release_date": "2022-03-03T00:00:00Z"}, {"advisory": "RHSA-2022:0735", "cpe": "cpe:/a:redhat:acm:2.4::el8", "package": "multicluster-operators-deployable-container", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2", "release_date": "2022-03-03T00:00:00Z"}, {"advisory": "RHSA-2022:0735", "cpe": "cpe:/a:redhat:acm:2.4::el8", "package": "multicluster-operators-placementrule-container", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2", "release_date": "2022-03-03T00:00:00Z"}, {"advisory": "RHSA-2022:0735", "cpe": "cpe:/a:redhat:acm:2.4::el8", "package": "multicluster-operators-subscription-operator-container", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2", "release_date": "2022-03-03T00:00:00Z"}, {"advisory": "RHSA-2022:0735", "cpe": "cpe:/a:redhat:acm:2.4::el8", "package": "multicluster-operators-subscription-release-container", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2", "release_date": "2022-03-03T00:00:00Z"}, {"advisory": "RHSA-2022:0735", "cpe": "cpe:/a:redhat:acm:2.4::el8", "package": "node-exporter-container", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2", "release_date": "2022-03-03T00:00:00Z"}, {"advisory": "RHSA-2022:0735", "cpe": "cpe:/a:redhat:acm:2.4::el8", "package": "observatorium-container", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2", "release_date": "2022-03-03T00:00:00Z"}, {"advisory": "RHSA-2022:0735", "cpe": "cpe:/a:redhat:acm:2.4::el8", "package": "observatorium-operator-container", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2", "release_date": "2022-03-03T00:00:00Z"}, {"advisory": "RHSA-2022:0735", "cpe": "cpe:/a:redhat:acm:2.4::el8", "package": "openshift-hive-operator-container", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2", "release_date": "2022-03-03T00:00:00Z"}, {"advisory": "RHSA-2022:0735", "cpe": "cpe:/a:redhat:acm:2.4::el8", "package": "placement-container", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2", "release_date": "2022-03-03T00:00:00Z"}, {"advisory": "RHSA-2022:0735", "cpe": "cpe:/a:redhat:acm:2.4::el8", "package": "prometheus-alertmanager-container", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2", "release_date": "2022-03-03T00:00:00Z"}, {"advisory": "RHSA-2022:0735", "cpe": "cpe:/a:redhat:acm:2.4::el8", "package": "prometheus-container", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2", "release_date": "2022-03-03T00:00:00Z"}, {"advisory": "RHSA-2022:0735", "cpe": "cpe:/a:redhat:acm:2.4::el8", "package": "provider-credential-controller-container", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2", "release_date": "2022-03-03T00:00:00Z"}, {"advisory": "RHSA-2022:0735", "cpe": "cpe:/a:redhat:acm:2.4::el8", "package": "rbac-query-proxy-container", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2", "release_date": "2022-03-03T00:00:00Z"}, {"advisory": "RHSA-2022:0735", "cpe": "cpe:/a:redhat:acm:2.4::el8", "package": "redisgraph-tls-container", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2", "release_date": "2022-03-03T00:00:00Z"}, {"advisory": "RHSA-2022:0735", "cpe": "cpe:/a:redhat:acm:2.4::el8", "package": "registration-container", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2", "release_date": "2022-03-03T00:00:00Z"}, {"advisory": "RHSA-2022:0735", "cpe": "cpe:/a:redhat:acm:2.4::el8", "package": "registration-operator-container", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2", "release_date": "2022-03-03T00:00:00Z"}, {"advisory": "RHSA-2022:0735", "cpe": "cpe:/a:redhat:acm:2.4::el8", "package": "rhacm-agent-service-container", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2", "release_date": "2022-03-03T00:00:00Z"}, {"advisory": "RHSA-2022:0735", "cpe": "cpe:/a:redhat:acm:2.4::el8", "package": "rhacm-assisted-installer-agent-container", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2", "release_date": "2022-03-03T00:00:00Z"}, {"advisory": "RHSA-2022:0735", "cpe": "cpe:/a:redhat:acm:2.4::el8", "package": "rhacm-assisted-installer-container", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2", "release_date": "2022-03-03T00:00:00Z"}, {"advisory": "RHSA-2022:0735", "cpe": "cpe:/a:redhat:acm:2.4::el8", "package": "rhacm-assisted-installer-reporter-container", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2", "release_date": "2022-03-03T00:00:00Z"}, {"advisory": "RHSA-2022:0735", "cpe": "cpe:/a:redhat:acm:2.4::el8", "package": "search-aggregator-container", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2", "release_date": "2022-03-03T00:00:00Z"}, {"advisory": "RHSA-2022:0735", "cpe": "cpe:/a:redhat:acm:2.4::el8", "package": "search-api-container", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2", "release_date": "2022-03-03T00:00:00Z"}, {"advisory": "RHSA-2022:0735", "cpe": "cpe:/a:redhat:acm:2.4::el8", "package": "search-collector-container", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2", "release_date": "2022-03-03T00:00:00Z"}, {"advisory": "RHSA-2022:0735", "cpe": "cpe:/a:redhat:acm:2.4::el8", "package": "search-operator-container", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2", "release_date": "2022-03-03T00:00:00Z"}, {"advisory": "RHSA-2022:0735", "cpe": "cpe:/a:redhat:acm:2.4::el8", "package": "search-ui-container", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2", "release_date": "2022-03-03T00:00:00Z"}, {"advisory": "RHSA-2022:0735", "cpe": "cpe:/a:redhat:acm:2.4::el8", "package": "submariner-addon-container", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2", "release_date": "2022-03-03T00:00:00Z"}, {"advisory": "RHSA-2022:0735", "cpe": "cpe:/a:redhat:acm:2.4::el8", "package": "thanos-container", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2", "release_date": "2022-03-03T00:00:00Z"}, {"advisory": "RHSA-2022:0735", "cpe": "cpe:/a:redhat:acm:2.4::el8", "package": "thanos-receive-controller-container", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2", "release_date": "2022-03-03T00:00:00Z"}, {"advisory": "RHSA-2022:0735", "cpe": "cpe:/a:redhat:acm:2.4::el8", "package": "volsync-container", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2", "release_date": "2022-03-03T00:00:00Z"}, {"advisory": "RHSA-2022:0735", "cpe": "cpe:/a:redhat:acm:2.4::el8", "package": "volsync-mover-rclone-container", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2", "release_date": "2022-03-03T00:00:00Z"}, {"advisory": "RHSA-2022:0735", "cpe": "cpe:/a:redhat:acm:2.4::el8", "package": "volsync-mover-restic-container", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2", "release_date": "2022-03-03T00:00:00Z"}, {"advisory": "RHSA-2022:0735", "cpe": "cpe:/a:redhat:acm:2.4::el8", "package": "volsync-mover-rsync-container", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2", "release_date": "2022-03-03T00:00:00Z"}, {"advisory": "RHSA-2022:0735", "cpe": "cpe:/a:redhat:acm:2.4::el8", "package": "work-container", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2", "release_date": "2022-03-03T00:00:00Z"}, {"advisory": "RHSA-2022:4956", "cpe": "cpe:/a:redhat:acm:2.5::el8", "package": "acm-cluster-proxy-container", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2", "release_date": "2022-06-09T00:00:00Z"}, {"advisory": "RHSA-2022:4956", "cpe": "cpe:/a:redhat:acm:2.5::el8", "package": "acm-governance-policy-addon-controller-container", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2", "release_date": "2022-06-09T00:00:00Z"}, {"advisory": "RHSA-2022:4956", "cpe": "cpe:/a:redhat:acm:2.5::el8", "package": "acm-grafana-container", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2", "release_date": "2022-06-09T00:00:00Z"}, {"advisory": "RHSA-2022:4956", "cpe": "cpe:/a:redhat:acm:2.5::el8", "package": "acm-must-gather-container", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2", "release_date": "2022-06-09T00:00:00Z"}, {"advisory": "RHSA-2022:4956", "cpe": "cpe:/a:redhat:acm:2.5::el8", "package": "acm-operator-bundle-container", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2", "release_date": "2022-06-09T00:00:00Z"}, {"advisory": "RHSA-2022:4956", "cpe": "cpe:/a:redhat:acm:2.5::el8", "package": "acm-prometheus-config-reloader-container", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2", "release_date": "2022-06-09T00:00:00Z"}, {"advisory": "RHSA-2022:4956", "cpe": "cpe:/a:redhat:acm:2.5::el8", "package": "acm-prometheus-operator-container", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2", "release_date": "2022-06-09T00:00:00Z"}, {"advisory": "RHSA-2022:4956", "cpe": "cpe:/a:redhat:acm:2.5::el8", "package": "acm-volsync-addon-controller-container", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2", "release_date": "2022-06-09T00:00:00Z"}, {"advisory": "RHSA-2022:4956", "cpe": "cpe:/a:redhat:acm:2.5::el8", "package": "cert-policy-controller-container", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2", "release_date": "2022-06-09T00:00:00Z"}, {"advisory": "RHSA-2022:4956", "cpe": "cpe:/a:redhat:acm:2.5::el8", "package": "cluster-backup-operator-container", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2", "release_date": "2022-06-09T00:00:00Z"}, {"advisory": "RHSA-2022:4956", "cpe": "cpe:/a:redhat:acm:2.5::el8", "package": "cluster-proxy-addon-container", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2", "release_date": "2022-06-09T00:00:00Z"}, {"advisory": "RHSA-2022:4956", "cpe": "cpe:/a:redhat:acm:2.5::el8", "package": "config-policy-controller-container", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2", "release_date": "2022-06-09T00:00:00Z"}, {"advisory": "RHSA-2022:4956", "cpe": "cpe:/a:redhat:acm:2.5::el8", "package": "console-container", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2", "release_date": "2022-06-09T00:00:00Z"}, {"advisory": "RHSA-2022:4956", "cpe": "cpe:/a:redhat:acm:2.5::el8", "package": "endpoint-monitoring-operator-container", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2", "release_date": "2022-06-09T00:00:00Z"}, {"advisory": "RHSA-2022:4956", "cpe": "cpe:/a:redhat:acm:2.5::el8", "package": "governance-policy-propagator-container", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2", "release_date": "2022-06-09T00:00:00Z"}, {"advisory": "RHSA-2022:4956", "cpe": "cpe:/a:redhat:acm:2.5::el8", "package": "governance-policy-spec-sync-container", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2", "release_date": "2022-06-09T00:00:00Z"}, {"advisory": "RHSA-2022:4956", "cpe": "cpe:/a:redhat:acm:2.5::el8", "package": "governance-policy-status-sync-container", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2", "release_date": "2022-06-09T00:00:00Z"}, {"advisory": "RHSA-2022:4956", "cpe": "cpe:/a:redhat:acm:2.5::el8", "package": "governance-policy-template-sync-container", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2", "release_date": "2022-06-09T00:00:00Z"}, {"advisory": "RHSA-2022:4956", "cpe": "cpe:/a:redhat:acm:2.5::el8", "package": "grafana-dashboard-loader-container", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2", "release_date": "2022-06-09T00:00:00Z"}, {"advisory": "RHSA-2022:4956", "cpe": "cpe:/a:redhat:acm:2.5::el8", "package": "iam-policy-controller-container", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2", "release_date": "2022-06-09T00:00:00Z"}, {"advisory": "RHSA-2022:4956", "cpe": "cpe:/a:redhat:acm:2.5::el8", "package": "insights-client-container", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2", "release_date": "2022-06-09T00:00:00Z"}, {"advisory": "RHSA-2022:4956", "cpe": "cpe:/a:redhat:acm:2.5::el8", "package": "insights-metrics-container", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2", "release_date": "2022-06-09T00:00:00Z"}, {"advisory": "RHSA-2022:4956", "cpe": "cpe:/a:redhat:acm:2.5::el8", "package": "klusterlet-addon-controller-container", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2", "release_date": "2022-06-09T00:00:00Z"}, {"advisory": "RHSA-2022:4956", "cpe": "cpe:/a:redhat:acm:2.5::el8", "package": "klusterlet-addon-operator-container", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2", "release_date": "2022-06-09T00:00:00Z"}, {"advisory": "RHSA-2022:4956", "cpe": "cpe:/a:redhat:acm:2.5::el8", "package": "kube-rbac-proxy-container", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2", "release_date": "2022-06-09T00:00:00Z"}, {"advisory": "RHSA-2022:4956", "cpe": "cpe:/a:redhat:acm:2.5::el8", "package": "kube-state-metrics-container", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2", "release_date": "2022-06-09T00:00:00Z"}, {"advisory": "RHSA-2022:4956", "cpe": "cpe:/a:redhat:acm:2.5::el8", "package": "management-ingress-container", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2", "release_date": "2022-06-09T00:00:00Z"}, {"advisory": "RHSA-2022:4956", "cpe": "cpe:/a:redhat:acm:2.5::el8", "package": "memcached-container", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2", "release_date": "2022-06-09T00:00:00Z"}, {"advisory": "RHSA-2022:4956", "cpe": "cpe:/a:redhat:acm:2.5::el8", "package": "memcached-exporter-container", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2", "release_date": "2022-06-09T00:00:00Z"}, {"advisory": "RHSA-2022:4956", "cpe": "cpe:/a:redhat:acm:2.5::el8", "package": "metrics-collector-container", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2", "release_date": "2022-06-09T00:00:00Z"}, {"advisory": "RHSA-2022:4956", "cpe": "cpe:/a:redhat:acm:2.5::el8", "package": "multicloud-integrations-container", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2", "release_date": "2022-06-09T00:00:00Z"}, {"advisory": "RHSA-2022:4956", "cpe": "cpe:/a:redhat:acm:2.5::el8", "package": "multiclusterhub-operator-container", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2", "release_date": "2022-06-09T00:00:00Z"}, {"advisory": "RHSA-2022:4956", "cpe": "cpe:/a:redhat:acm:2.5::el8", "package": "multiclusterhub-repo-container", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2", "release_date": "2022-06-09T00:00:00Z"}, {"advisory": "RHSA-2022:4956", "cpe": "cpe:/a:redhat:acm:2.5::el8", "package": "multicluster-observability-operator-container", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2", "release_date": "2022-06-09T00:00:00Z"}, {"advisory": "RHSA-2022:4956", "cpe": "cpe:/a:redhat:acm:2.5::el8", "package": "multicluster-operators-application-container", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2", "release_date": "2022-06-09T00:00:00Z"}, {"advisory": "RHSA-2022:4956", "cpe": "cpe:/a:redhat:acm:2.5::el8", "package": "multicluster-operators-channel-container", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2", "release_date": "2022-06-09T00:00:00Z"}, {"advisory": "RHSA-2022:4956", "cpe": "cpe:/a:redhat:acm:2.5::el8", "package": "multicluster-operators-subscription-operator-container", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2", "release_date": "2022-06-09T00:00:00Z"}, {"advisory": "RHSA-2022:4956", "cpe": "cpe:/a:redhat:acm:2.5::el8", "package": "node-exporter-container", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2", "release_date": "2022-06-09T00:00:00Z"}, {"advisory": "RHSA-2022:4956", "cpe": "cpe:/a:redhat:acm:2.5::el8", "package": "observatorium-container", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2", "release_date": "2022-06-09T00:00:00Z"}, {"advisory": "RHSA-2022:4956", "cpe": "cpe:/a:redhat:acm:2.5::el8", "package": "observatorium-operator-container", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2", "release_date": "2022-06-09T00:00:00Z"}, {"advisory": "RHSA-2022:4956", "cpe": "cpe:/a:redhat:acm:2.5::el8", "package": "prometheus-alertmanager-container", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2", "release_date": "2022-06-09T00:00:00Z"}, {"advisory": "RHSA-2022:4956", "cpe": "cpe:/a:redhat:acm:2.5::el8", "package": "prometheus-container", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2", "release_date": "2022-06-09T00:00:00Z"}, {"advisory": "RHSA-2022:4956", "cpe": "cpe:/a:redhat:acm:2.5::el8", "package": "rbac-query-proxy-container", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2", "release_date": "2022-06-09T00:00:00Z"}, {"advisory": "RHSA-2022:4956", "cpe": "cpe:/a:redhat:acm:2.5::el8", "package": "redisgraph-tls-container", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2", "release_date": "2022-06-09T00:00:00Z"}, {"advisory": "RHSA-2022:4956", "cpe": "cpe:/a:redhat:acm:2.5::el8", "package": "search-aggregator-container", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2", "release_date": "2022-06-09T00:00:00Z"}, {"advisory": "RHSA-2022:4956", "cpe": "cpe:/a:redhat:acm:2.5::el8", "package": "search-api-container", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2", "release_date": "2022-06-09T00:00:00Z"}, {"advisory": "RHSA-2022:4956", "cpe": "cpe:/a:redhat:acm:2.5::el8", "package": "search-collector-container", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2", "release_date": "2022-06-09T00:00:00Z"}, {"advisory": "RHSA-2022:4956", "cpe": "cpe:/a:redhat:acm:2.5::el8", "package": "search-operator-container", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2", "release_date": "2022-06-09T00:00:00Z"}, {"advisory": "RHSA-2022:4956", "cpe": "cpe:/a:redhat:acm:2.5::el8", "package": "submariner-addon-container", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2", "release_date": "2022-06-09T00:00:00Z"}, {"advisory": "RHSA-2022:4956", "cpe": "cpe:/a:redhat:acm:2.5::el8", "package": "thanos-container", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2", "release_date": "2022-06-09T00:00:00Z"}, {"advisory": "RHSA-2022:4956", "cpe": "cpe:/a:redhat:acm:2.5::el8", "package": "thanos-receive-controller-container", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2", "release_date": "2022-06-09T00:00:00Z"}, {"advisory": "RHSA-2022:0595", "cpe": "cpe:/a:redhat:acm:2.3::el8", "impact": "moderate", "package": "rhacm2/application-ui-rhel8:v2.3.6-9", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2.3 for RHEL 8", "release_date": "2022-03-04T00:00:00Z"}, {"advisory": "RHSA-2022:0595", "cpe": "cpe:/a:redhat:acm:2.3::el8", "impact": "moderate", "package": "rhacm2/console-api-rhel8:v2.3.6-9", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2.3 for RHEL 8", "release_date": "2022-03-04T00:00:00Z"}, {"advisory": "RHSA-2022:0595", "cpe": "cpe:/a:redhat:acm:2.3::el8", "impact": "moderate", "package": "rhacm2/grc-ui-api-rhel8:v2.3.6-10", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2.3 for RHEL 8", "release_date": "2022-03-04T00:00:00Z"}, {"advisory": "RHSA-2022:0595", "cpe": "cpe:/a:redhat:acm:2.3::el8", "impact": "moderate", "package": "rhacm2/grc-ui-rhel8:v2.3.6-8", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2.3 for RHEL 8", "release_date": "2022-03-04T00:00:00Z"}, {"advisory": "RHEA-2022:5139", "cpe": "cpe:/a:redhat:enterprise_linux:8", "impact": "moderate", "package": "nodejs:12-8060020220523160029.ad008a3a", "product_name": "Red Hat Enterprise Linux 8", "release_date": "2022-06-21T00:00:00Z"}, {"advisory": "RHSA-2021:5171", "cpe": "cpe:/a:redhat:enterprise_linux:8", "impact": "moderate", "package": "nodejs:16-8050020211206113934.c5368500", "product_name": "Red Hat Enterprise Linux 8", "release_date": "2021-12-16T00:00:00Z"}, {"advisory": "RHSA-2022:0350", "cpe": "cpe:/a:redhat:enterprise_linux:8", "impact": "moderate", "package": "nodejs:14-8050020211213115342.c5368500", "product_name": "Red Hat Enterprise Linux 8", "release_date": "2022-02-01T00:00:00Z"}, {"advisory": "RHEA-2022:4925", "cpe": "cpe:/a:redhat:rhel_e4s:8.1", "package": "nodejs:12-8010020220518102644.c27ad7f8", "product_name": "Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions", "release_date": "2022-06-07T00:00:00Z"}, {"advisory": "RHEA-2022:5221", "cpe": "cpe:/a:redhat:rhel_eus:8.2", "package": "nodejs:12-8020020220523154454.4cda2c84", "product_name": "Red Hat Enterprise Linux 8.2 Extended Update Support", "release_date": "2022-06-28T00:00:00Z"}, {"advisory": "RHEA-2022:5615", "cpe": "cpe:/a:redhat:rhel_eus:8.4", "package": "nodejs:12-8040020220523155137.522a0ee4", "product_name": "Red Hat Enterprise Linux 8.4 Extended Update Support", "release_date": "2022-07-19T00:00:00Z"}, {"advisory": "RHSA-2022:0246", "cpe": "cpe:/a:redhat:rhel_eus:8.4", "package": "nodejs:14-8040020211213111158.522a0ee4", "product_name": "Red Hat Enterprise Linux 8.4 Extended Update Support", "release_date": "2022-01-25T00:00:00Z"}, {"advisory": "RHSA-2022:7055", "cpe": "cpe:/a:redhat:openshift_distributed_tracing:2.6::el8", "package": "opentelemetry-collector-container", "product_name": "Red Hat OpenShift distributed tracing 2", "release_date": "2022-10-19T00:00:00Z"}, {"advisory": "RHSA-2022:7055", "cpe": "cpe:/a:redhat:openshift_distributed_tracing:2.6::el8", "package": "opentelemetry-operator-container", "product_name": "Red Hat OpenShift distributed tracing 2", "release_date": "2022-10-19T00:00:00Z"}, {"advisory": "RHSA-2022:0041", "cpe": "cpe:/a:redhat:rhel_software_collections:3::el7", "impact": "moderate", "package": "rh-nodejs14-nodejs-0:14.18.2-1.el7", "product_name": "Red Hat Software Collections for Red Hat Enterprise Linux 7", "release_date": "2022-01-06T00:00:00Z"}, {"advisory": "RHSA-2022:0041", "cpe": "cpe:/a:redhat:rhel_software_collections:3::el7", "impact": "moderate", "package": "rh-nodejs14-nodejs-nodemon-0:2.0.3-6.el7", "product_name": "Red Hat Software Collections for Red Hat Enterprise Linux 7", "release_date": "2022-01-06T00:00:00Z"}, {"advisory": "RHSA-2022:4914", "cpe": "cpe:/a:redhat:rhel_software_collections:3::el7", "impact": "moderate", "package": "rh-nodejs12-nodejs-0:12.22.12-2.el7", "product_name": "Red Hat Software Collections for Red Hat Enterprise Linux 7", "release_date": "2022-06-06T00:00:00Z"}], "bugzilla": {"description": "nodejs-json-schema: Prototype pollution vulnerability", "id": "2024702", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2024702"}, "csaw": false, "cvss3": {"cvss3_base_score": "9.8", "cvss3_scoring_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "status": "verified"}, "cwe": "CWE-915", "details": ["json-schema is vulnerable to Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')", "The json-schema Node.JS library was vulnerable to prototype pollution during the validation of a JSON object. An attacker, able to provide a specially crafted JSON file for validation, could use this flaw to modify the behavior of the node program, to, for example, execute arbitrary code."], "name": "CVE-2021-3918", "package_state": [{"cpe": "cpe:/a:redhat:logging:5", "fix_state": "Not affected", "impact": "moderate", "package_name": "openshift-logging/kibana6-rhel8", "product_name": "Logging Subsystem for Red Hat OpenShift"}, {"cpe": "cpe:/a:redhat:migration_toolkit_virtualization:2", "fix_state": "Will not fix", "impact": "moderate", "package_name": "migration-toolkit-virtualization/mtv-ui-rhel8", "product_name": "Migration Toolkit for Virtualization"}, {"cpe": "cpe:/a:redhat:service_mesh:2.0", "fix_state": "Will not fix", "package_name": "servicemesh-grafana", "product_name": "OpenShift Service Mesh 2.0"}, {"cpe": "cpe:/a:redhat:service_mesh:2.0", "fix_state": "Will not fix", "package_name": "servicemesh-prometheus", "product_name": "OpenShift Service Mesh 2.0"}, {"cpe": "cpe:/a:redhat:service_mesh:2.1", "fix_state": "Affected", "package_name": "openshift-service-mesh/kiali-rhel8", "product_name": "OpenShift Service Mesh 2.1"}, {"cpe": "cpe:/a:redhat:service_mesh:2.1", "fix_state": "Affected", "package_name": "servicemesh-grafana", "product_name": "OpenShift Service Mesh 2.1"}, {"cpe": "cpe:/a:redhat:service_mesh:2.1", "fix_state": "Affected", "package_name": "servicemesh-prometheus", "product_name": "OpenShift Service Mesh 2.1"}, {"cpe": "cpe:/a:redhat:acm:2", "fix_state": "Will not fix", "impact": "moderate", "package_name": "rhacm2/console-header-rhel8", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2"}, {"cpe": "cpe:/a:redhat:acm:2", "fix_state": "Affected", "impact": "moderate", "package_name": "rhacm2/console-rhel8", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2"}, {"cpe": "cpe:/a:redhat:acm:2", "fix_state": "Will not fix", "impact": "moderate", "package_name": "rhacm2/console-ui-rhel8", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2"}, {"cpe": "cpe:/a:redhat:acm:2", "fix_state": "Not affected", "impact": "moderate", "package_name": "rhacm2/kui-web-terminal-rhel8", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2"}, {"cpe": "cpe:/a:redhat:acm:2", "fix_state": "Will not fix", "impact": "moderate", "package_name": "rhacm2/mcm-topology-api-rhel8", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2"}, {"cpe": "cpe:/a:redhat:acm:2", "fix_state": "Will not fix", "impact": "moderate", "package_name": "rhacm2/mcm-topology-rhel8", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2"}, {"cpe": "cpe:/a:redhat:acm:2", "fix_state": "Affected", "impact": "moderate", "package_name": "rhacm2/search-api-rhel8", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2"}, {"cpe": "cpe:/a:redhat:acm:2", "fix_state": "Affected", "impact": "moderate", "package_name": "rhacm2/search-ui-rhel8", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "impact": "moderate", "package_name": "nodejs", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/a:redhat:openshift_application_runtimes:1.0", "fix_state": "Not affected", "package_name": "vertx-json-schema", "product_name": "Red Hat OpenShift Application Runtimes"}, {"cpe": "cpe:/a:redhat:openshift:4", "fix_state": "Will not fix", "impact": "moderate", "package_name": "openshift4/ose-grafana", "product_name": "Red Hat OpenShift Container Platform 4"}, {"cpe": "cpe:/a:redhat:openshift:4", "fix_state": "Will not fix", "impact": "moderate", "package_name": "openshift4/ose-prometheus", "product_name": "Red Hat OpenShift Container Platform 4"}, {"cpe": "cpe:/a:redhat:openshift:4", "fix_state": "Will not fix", "impact": "moderate", "package_name": "openshift4/ose-thanos-rhel8", "product_name": "Red Hat OpenShift Container Platform 4"}, {"cpe": "cpe:/a:redhat:openshift_data_foundation:4", "fix_state": "Will not fix", "impact": "moderate", "package_name": "odf4/mcg-core-rhel8", "product_name": "Red Hat Openshift Data Foundation 4"}, {"cpe": "cpe:/a:redhat:openshift_data_foundation:4", "fix_state": "Will not fix", "impact": "moderate", "package_name": "odf4/odf-console-rhel8", "product_name": "Red Hat Openshift Data Foundation 4"}, {"cpe": "cpe:/a:redhat:openshift_distributed_tracing:2", "fix_state": "Affected", "impact": "moderate", "package_name": "rhosdt/jaeger-query-rhel8", "product_name": "Red Hat OpenShift distributed tracing 2"}, {"cpe": "cpe:/a:redhat:quay:3", "fix_state": "Will not fix", "impact": "moderate", "package_name": "quay/quay-rhel8", "product_name": "Red Hat Quay 3"}], "public_date": "2021-10-03T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2021-3918\nhttps://nvd.nist.gov/vuln/detail/CVE-2021-3918"], "statement": "npm versions 8.0.0 and older provide a vulnerable version of the json-schema library. However, it is currently believed that in the context of npm, it is not possible to take advantage of the vulnerability.\nRed Hat Enterprise Linux version 8 and Software Collections provide a vulnerable version of the json-schema library only as embedded in the npm package. As a result, the severity of the incident has been lowered for these 2 products.\nRed Hat Quay includes json-schema as a development dependency of quay-registry-container. As a result, the impact rating has been lowered to Moderate.\nIn Red Hat OpenShift Container Platform (RHOCP), Red Hat Openshift Data Foundations (ODF), Red Hat distributed tracing, Migration Toolkit for Virtualization (MTV) and Red Hat Advanced Cluster Management for Kubernetes (RHACM) the affected components are behind OpenShift OAuth. This restricts access to the vulnerable json-schema library to authenticated users only, therefore the impact is reduced to Moderate.\nIn Red Hat Openshift Data Foundations (ODF) the odf4/mcg-core-rhel8 component has \"Will not fix status\", but starting from ODF 4.11 stream this component contains already patched version of the json-schema library. Earlier version of ODF are already under Maintenance Support phase, hence this vulnerability will not be fixed.", "threat_severity": "Important", "upstream_fix": "npm 8.1.0, node 16.11.0, nodejs-json-schema 0.4.0"}