{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2023-45288", "assignerOrgId": "1bb62c36-49e3-4200-9d77-64a1400537cc", "state": "PUBLISHED", "assignerShortName": "Go", "dateReserved": "2023-10-06T17:06:26.221Z", "datePublished": "2024-04-04T20:37:30.714Z", "dateUpdated": "2024-08-26T20:40:01.996Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "1bb62c36-49e3-4200-9d77-64a1400537cc", "shortName": "Go", "dateUpdated": "2024-04-04T20:37:30.714Z"}, "title": "HTTP/2 CONTINUATION flood in net/http", "descriptions": [{"lang": "en", "value": "An attacker may cause an HTTP/2 endpoint to read arbitrary amounts of header data by sending an excessive number of CONTINUATION frames. Maintaining HPACK state requires parsing and processing all HEADERS and CONTINUATION frames on a connection. When a request's headers exceed MaxHeaderBytes, no memory is allocated to store the excess headers, but they are still parsed. This permits an attacker to cause an HTTP/2 endpoint to read arbitrary amounts of header data, all associated with a request which is going to be rejected. These headers can include Huffman-encoded data which is significantly more expensive for the receiver to decode than for an attacker to send. The fix sets a limit on the amount of excess header frames we will process before closing a connection."}], "affected": [{"vendor": "Go standard library", "product": "net/http", "collectionURL": "https://pkg.go.dev", "packageName": "net/http", "versions": [{"version": "0", "lessThan": "1.21.9", "status": "affected", "versionType": "semver"}, {"version": "1.22.0-0", "lessThan": "1.22.2", "status": "affected", "versionType": "semver"}], "programRoutines": [{"name": "http2Framer.readMetaFrame"}, {"name": "CanonicalHeaderKey"}, {"name": "Client.CloseIdleConnections"}, {"name": "Client.Do"}, {"name": "Client.Get"}, {"name": "Client.Head"}, {"name": "Client.Post"}, {"name": "Client.PostForm"}, {"name": "Cookie.String"}, {"name": "Cookie.Valid"}, {"name": "Dir.Open"}, {"name": "Error"}, {"name": "Get"}, {"name": "HandlerFunc.ServeHTTP"}, {"name": "Head"}, {"name": "Header.Add"}, {"name": "Header.Del"}, {"name": "Header.Get"}, {"name": "Header.Set"}, {"name": "Header.Values"}, {"name": "Header.Write"}, {"name": "Header.WriteSubset"}, {"name": "ListenAndServe"}, {"name": "ListenAndServeTLS"}, {"name": "NewRequest"}, {"name": "NewRequestWithContext"}, {"name": "NotFound"}, {"name": "ParseTime"}, {"name": "Post"}, {"name": "PostForm"}, {"name": "ProxyFromEnvironment"}, {"name": "ReadRequest"}, {"name": "ReadResponse"}, {"name": "Redirect"}, {"name": "Request.AddCookie"}, {"name": "Request.BasicAuth"}, {"name": "Request.FormFile"}, {"name": "Request.FormValue"}, {"name": "Request.MultipartReader"}, {"name": "Request.ParseForm"}, {"name": "Request.ParseMultipartForm"}, {"name": "Request.PostFormValue"}, {"name": "Request.Referer"}, {"name": "Request.SetBasicAuth"}, {"name": "Request.UserAgent"}, {"name": "Request.Write"}, {"name": "Request.WriteProxy"}, {"name": "Response.Cookies"}, {"name": "Response.Location"}, {"name": "Response.Write"}, {"name": "ResponseController.EnableFullDuplex"}, {"name": "ResponseController.Flush"}, {"name": "ResponseController.Hijack"}, {"name": "ResponseController.SetReadDeadline"}, {"name": "ResponseController.SetWriteDeadline"}, {"name": "Serve"}, {"name": "ServeContent"}, {"name": "ServeFile"}, {"name": "ServeMux.ServeHTTP"}, {"name": "ServeTLS"}, {"name": "Server.Close"}, {"name": "Server.ListenAndServe"}, {"name": "Server.ListenAndServeTLS"}, {"name": "Server.Serve"}, {"name": "Server.ServeTLS"}, {"name": "Server.SetKeepAlivesEnabled"}, {"name": "Server.Shutdown"}, {"name": "SetCookie"}, {"name": "Transport.CancelRequest"}, {"name": "Transport.Clone"}, {"name": "Transport.CloseIdleConnections"}, {"name": "Transport.RoundTrip"}, {"name": "body.Close"}, {"name": "body.Read"}, {"name": "bodyEOFSignal.Close"}, {"name": "bodyEOFSignal.Read"}, {"name": "bodyLocked.Read"}, {"name": "bufioFlushWriter.Write"}, {"name": "cancelTimerBody.Close"}, {"name": "cancelTimerBody.Read"}, {"name": "checkConnErrorWriter.Write"}, {"name": "chunkWriter.Write"}, {"name": "connReader.Read"}, {"name": "connectMethodKey.String"}, {"name": "expectContinueReader.Close"}, {"name": "expectContinueReader.Read"}, {"name": "extraHeader.Write"}, {"name": "fileHandler.ServeHTTP"}, {"name": "fileTransport.RoundTrip"}, {"name": "globalOptionsHandler.ServeHTTP"}, {"name": "gzipReader.Close"}, {"name": "gzipReader.Read"}, {"name": "http2ClientConn.Close"}, {"name": "http2ClientConn.Ping"}, {"name": "http2ClientConn.RoundTrip"}, {"name": "http2ClientConn.Shutdown"}, {"name": "http2ConnectionError.Error"}, {"name": "http2ErrCode.String"}, {"name": "http2FrameHeader.String"}, {"name": "http2FrameType.String"}, {"name": "http2FrameWriteRequest.String"}, {"name": "http2Framer.ReadFrame"}, {"name": "http2Framer.WriteContinuation"}, {"name": "http2Framer.WriteData"}, {"name": "http2Framer.WriteDataPadded"}, {"name": "http2Framer.WriteGoAway"}, {"name": "http2Framer.WriteHeaders"}, {"name": "http2Framer.WritePing"}, {"name": "http2Framer.WritePriority"}, {"name": "http2Framer.WritePushPromise"}, {"name": "http2Framer.WriteRSTStream"}, {"name": "http2Framer.WriteRawFrame"}, {"name": "http2Framer.WriteSettings"}, {"name": "http2Framer.WriteSettingsAck"}, {"name": "http2Framer.WriteWindowUpdate"}, {"name": "http2GoAwayError.Error"}, {"name": "http2Server.ServeConn"}, {"name": "http2Setting.String"}, {"name": "http2SettingID.String"}, {"name": "http2SettingsFrame.ForeachSetting"}, {"name": "http2StreamError.Error"}, {"name": "http2Transport.CloseIdleConnections"}, {"name": "http2Transport.NewClientConn"}, {"name": "http2Transport.RoundTrip"}, {"name": "http2Transport.RoundTripOpt"}, {"name": "http2bufferedWriter.Flush"}, {"name": "http2bufferedWriter.Write"}, {"name": "http2chunkWriter.Write"}, {"name": "http2clientConnPool.GetClientConn"}, {"name": "http2connError.Error"}, {"name": "http2dataBuffer.Read"}, {"name": "http2duplicatePseudoHeaderError.Error"}, {"name": "http2gzipReader.Close"}, {"name": "http2gzipReader.Read"}, {"name": "http2headerFieldNameError.Error"}, {"name": "http2headerFieldValueError.Error"}, {"name": "http2noDialClientConnPool.GetClientConn"}, {"name": "http2noDialH2RoundTripper.RoundTrip"}, {"name": "http2pipe.Read"}, {"name": "http2priorityWriteScheduler.CloseStream"}, {"name": "http2priorityWriteScheduler.OpenStream"}, {"name": "http2pseudoHeaderError.Error"}, {"name": "http2requestBody.Close"}, {"name": "http2requestBody.Read"}, {"name": "http2responseWriter.Flush"}, {"name": "http2responseWriter.FlushError"}, {"name": "http2responseWriter.Push"}, {"name": "http2responseWriter.SetReadDeadline"}, {"name": "http2responseWriter.SetWriteDeadline"}, {"name": "http2responseWriter.Write"}, {"name": "http2responseWriter.WriteHeader"}, {"name": "http2responseWriter.WriteString"}, {"name": "http2roundRobinWriteScheduler.OpenStream"}, {"name": "http2serverConn.CloseConn"}, {"name": "http2serverConn.Flush"}, {"name": "http2stickyErrWriter.Write"}, {"name": "http2transportResponseBody.Close"}, {"name": "http2transportResponseBody.Read"}, {"name": "http2writeData.String"}, {"name": "initALPNRequest.ServeHTTP"}, {"name": "loggingConn.Close"}, {"name": "loggingConn.Read"}, {"name": "loggingConn.Write"}, {"name": "maxBytesReader.Close"}, {"name": "maxBytesReader.Read"}, {"name": "onceCloseListener.Close"}, {"name": "persistConn.Read"}, {"name": "persistConnWriter.ReadFrom"}, {"name": "persistConnWriter.Write"}, {"name": "populateResponse.Write"}, {"name": "populateResponse.WriteHeader"}, {"name": "readTrackingBody.Close"}, {"name": "readTrackingBody.Read"}, {"name": "readWriteCloserBody.Read"}, {"name": "redirectHandler.ServeHTTP"}, {"name": "response.Flush"}, {"name": "response.FlushError"}, {"name": "response.Hijack"}, {"name": "response.ReadFrom"}, {"name": "response.Write"}, {"name": "response.WriteHeader"}, {"name": "response.WriteString"}, {"name": "serverHandler.ServeHTTP"}, {"name": "socksDialer.DialWithConn"}, {"name": "socksUsernamePassword.Authenticate"}, {"name": "stringWriter.WriteString"}, {"name": "timeoutHandler.ServeHTTP"}, {"name": "timeoutWriter.Write"}, {"name": "timeoutWriter.WriteHeader"}, {"name": "transportReadFromServerError.Error"}], "defaultStatus": "unaffected"}, {"vendor": "golang.org/x/net", "product": "golang.org/x/net/http2", "collectionURL": "https://pkg.go.dev", "packageName": "golang.org/x/net/http2", "versions": [{"version": "0", "lessThan": "0.23.0", "status": "affected", "versionType": "semver"}], "programRoutines": [{"name": "Framer.readMetaFrame"}, {"name": "ClientConn.Close"}, {"name": "ClientConn.Ping"}, {"name": "ClientConn.RoundTrip"}, {"name": "ClientConn.Shutdown"}, {"name": "ConfigureServer"}, {"name": "ConfigureTransport"}, {"name": "ConfigureTransports"}, {"name": "ConnectionError.Error"}, {"name": "ErrCode.String"}, {"name": "FrameHeader.String"}, {"name": "FrameType.String"}, {"name": "FrameWriteRequest.String"}, {"name": "Framer.ReadFrame"}, {"name": "Framer.WriteContinuation"}, {"name": "Framer.WriteData"}, {"name": "Framer.WriteDataPadded"}, {"name": "Framer.WriteGoAway"}, {"name": "Framer.WriteHeaders"}, {"name": "Framer.WritePing"}, {"name": "Framer.WritePriority"}, {"name": "Framer.WritePushPromise"}, {"name": "Framer.WriteRSTStream"}, {"name": "Framer.WriteRawFrame"}, {"name": "Framer.WriteSettings"}, {"name": "Framer.WriteSettingsAck"}, {"name": "Framer.WriteWindowUpdate"}, {"name": "GoAwayError.Error"}, {"name": "ReadFrameHeader"}, {"name": "Server.ServeConn"}, {"name": "Setting.String"}, {"name": "SettingID.String"}, {"name": "SettingsFrame.ForeachSetting"}, {"name": "StreamError.Error"}, {"name": "Transport.CloseIdleConnections"}, {"name": "Transport.NewClientConn"}, {"name": "Transport.RoundTrip"}, {"name": "Transport.RoundTripOpt"}, {"name": "bufferedWriter.Flush"}, {"name": "bufferedWriter.Write"}, {"name": "chunkWriter.Write"}, {"name": "clientConnPool.GetClientConn"}, {"name": "connError.Error"}, {"name": "dataBuffer.Read"}, {"name": "duplicatePseudoHeaderError.Error"}, {"name": "gzipReader.Close"}, {"name": "gzipReader.Read"}, {"name": "headerFieldNameError.Error"}, {"name": "headerFieldValueError.Error"}, {"name": "noDialClientConnPool.GetClientConn"}, {"name": "noDialH2RoundTripper.RoundTrip"}, {"name": "pipe.Read"}, {"name": "priorityWriteScheduler.CloseStream"}, {"name": "priorityWriteScheduler.OpenStream"}, {"name": "pseudoHeaderError.Error"}, {"name": "requestBody.Close"}, {"name": "requestBody.Read"}, {"name": "responseWriter.Flush"}, {"name": "responseWriter.FlushError"}, {"name": "responseWriter.Push"}, {"name": "responseWriter.SetReadDeadline"}, {"name": "responseWriter.SetWriteDeadline"}, {"name": "responseWriter.Write"}, {"name": "responseWriter.WriteHeader"}, {"name": "responseWriter.WriteString"}, {"name": "roundRobinWriteScheduler.OpenStream"}, {"name": "serverConn.CloseConn"}, {"name": "serverConn.Flush"}, {"name": "stickyErrWriter.Write"}, {"name": "transportResponseBody.Close"}, {"name": "transportResponseBody.Read"}, {"name": "writeData.String"}], "defaultStatus": "unaffected"}], "problemTypes": [{"descriptions": [{"lang": "en", "description": "CWE-400: Uncontrolled Resource Consumption"}]}], "references": [{"url": "https://go.dev/issue/65051"}, {"url": "https://go.dev/cl/576155"}, {"url": "https://groups.google.com/g/golang-announce/c/YgW0sx8mN3M"}, {"url": "https://pkg.go.dev/vuln/GO-2024-2687"}, {"url": "https://security.netapp.com/advisory/ntap-20240419-0009/"}, {"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT/"}, {"url": "http://www.openwall.com/lists/oss-security/2024/04/05/4"}, {"url": "http://www.openwall.com/lists/oss-security/2024/04/03/16"}], "credits": [{"lang": "en", "value": "Bartek Nowotarski (https://nowotarski.info/)"}]}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T20:21:15.329Z"}, "title": "CVE Program Container", "references": [{"url": "https://go.dev/issue/65051", "tags": ["x_transferred"]}, {"url": "https://go.dev/cl/576155", "tags": ["x_transferred"]}, {"url": "https://groups.google.com/g/golang-announce/c/YgW0sx8mN3M", "tags": ["x_transferred"]}, {"url": "https://pkg.go.dev/vuln/GO-2024-2687", "tags": ["x_transferred"]}, {"url": "https://security.netapp.com/advisory/ntap-20240419-0009/", "tags": ["x_transferred"]}, {"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT/", "tags": ["x_transferred"]}, {"url": "http://www.openwall.com/lists/oss-security/2024/04/05/4", "tags": ["x_transferred"]}, {"url": "http://www.openwall.com/lists/oss-security/2024/04/03/16", "tags": ["x_transferred"]}]}, {"affected": [{"vendor": "go_standard_library", "product": "net\\/http", "cpes": ["cpe:2.3:a:go_standard_library:net\\/http:*:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "0", "status": "affected", "lessThan": "1.21.9", "versionType": "custom"}, {"version": "1.22.0-0", "status": "affected", "lessThan": "1.22.2", "versionType": "custom"}]}, {"vendor": "golang", "product": "http2", "cpes": ["cpe:2.3:a:golang:http2:*:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "0", "status": "affected", "lessThan": "0.23.0", "versionType": "custom"}]}], "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}}, {"other": {"type": "ssvc", "content": {"timestamp": "2024-04-05T17:08:42.212936Z", "id": "CVE-2023-45288", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-08-26T20:40:01.996Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://go.dev/issue/65051", "tags": ["x_transferred"]}, {"url": "https://go.dev/cl/576155", "tags": ["x_transferred"]}, {"url": "https://groups.google.com/g/golang-announce/c/YgW0sx8mN3M", "tags": ["x_transferred"]}, {"url": "https://pkg.go.dev/vuln/GO-2024-2687", "tags": ["x_transferred"]}, {"url": "https://security.netapp.com/advisory/ntap-20240419-0009/", "tags": ["x_transferred"]}, {"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT/", "tags": ["x_transferred"]}, {"url": "http://www.openwall.com/lists/oss-security/2024/04/05/4", "tags": ["x_transferred"]}, {"url": "http://www.openwall.com/lists/oss-security/2024/04/03/16", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T20:21:15.329Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}}, {"other": {"type": "ssvc", "content": {"id": "CVE-2023-45288", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-04-05T17:08:42.212936Z"}}}], "affected": [{"cpes": ["cpe:2.3:a:go_standard_library:net\\/http:*:*:*:*:*:*:*:*"], "vendor": "go_standard_library", "product": "net\\/http", "versions": [{"status": "affected", "version": "0", "lessThan": "1.21.9", "versionType": "custom"}, {"status": "affected", "version": "1.22.0-0", "lessThan": "1.22.2", "versionType": "custom"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:a:golang:http2:*:*:*:*:*:*:*:*"], "vendor": "golang", "product": "http2", "versions": [{"status": "affected", "version": "0", "lessThan": "0.23.0", "versionType": "custom"}], "defaultStatus": "unknown"}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-08-26T20:39:55.687Z"}}], "cna": {"title": "HTTP/2 CONTINUATION flood in net/http", "credits": [{"lang": "en", "value": "Bartek Nowotarski (https://nowotarski.info/)"}], "affected": [{"vendor": "Go standard library", "product": "net/http", "versions": [{"status": "affected", "version": "0", "lessThan": "1.21.9", "versionType": "semver"}, {"status": "affected", "version": "1.22.0-0", "lessThan": "1.22.2", "versionType": "semver"}], "packageName": "net/http", "collectionURL": "https://pkg.go.dev", "defaultStatus": "unaffected", "programRoutines": [{"name": "http2Framer.readMetaFrame"}, {"name": "CanonicalHeaderKey"}, {"name": "Client.CloseIdleConnections"}, {"name": "Client.Do"}, {"name": "Client.Get"}, {"name": "Client.Head"}, {"name": "Client.Post"}, {"name": "Client.PostForm"}, {"name": "Cookie.String"}, {"name": "Cookie.Valid"}, {"name": "Dir.Open"}, {"name": "Error"}, {"name": "Get"}, {"name": "HandlerFunc.ServeHTTP"}, {"name": "Head"}, {"name": "Header.Add"}, {"name": "Header.Del"}, {"name": "Header.Get"}, {"name": "Header.Set"}, {"name": "Header.Values"}, {"name": "Header.Write"}, {"name": "Header.WriteSubset"}, {"name": "ListenAndServe"}, {"name": "ListenAndServeTLS"}, {"name": "NewRequest"}, {"name": "NewRequestWithContext"}, {"name": "NotFound"}, {"name": "ParseTime"}, {"name": "Post"}, {"name": "PostForm"}, {"name": "ProxyFromEnvironment"}, {"name": "ReadRequest"}, {"name": "ReadResponse"}, {"name": "Redirect"}, {"name": "Request.AddCookie"}, {"name": "Request.BasicAuth"}, {"name": "Request.FormFile"}, {"name": "Request.FormValue"}, {"name": "Request.MultipartReader"}, {"name": "Request.ParseForm"}, {"name": "Request.ParseMultipartForm"}, {"name": "Request.PostFormValue"}, {"name": "Request.Referer"}, {"name": "Request.SetBasicAuth"}, {"name": "Request.UserAgent"}, {"name": "Request.Write"}, {"name": "Request.WriteProxy"}, {"name": "Response.Cookies"}, {"name": "Response.Location"}, {"name": "Response.Write"}, {"name": "ResponseController.EnableFullDuplex"}, {"name": "ResponseController.Flush"}, {"name": "ResponseController.Hijack"}, {"name": "ResponseController.SetReadDeadline"}, {"name": "ResponseController.SetWriteDeadline"}, {"name": "Serve"}, {"name": "ServeContent"}, {"name": "ServeFile"}, {"name": "ServeMux.ServeHTTP"}, {"name": "ServeTLS"}, {"name": "Server.Close"}, {"name": "Server.ListenAndServe"}, {"name": "Server.ListenAndServeTLS"}, {"name": "Server.Serve"}, {"name": "Server.ServeTLS"}, {"name": "Server.SetKeepAlivesEnabled"}, {"name": "Server.Shutdown"}, {"name": "SetCookie"}, {"name": "Transport.CancelRequest"}, {"name": "Transport.Clone"}, {"name": "Transport.CloseIdleConnections"}, {"name": "Transport.RoundTrip"}, {"name": "body.Close"}, {"name": "body.Read"}, {"name": "bodyEOFSignal.Close"}, {"name": "bodyEOFSignal.Read"}, {"name": "bodyLocked.Read"}, {"name": "bufioFlushWriter.Write"}, {"name": "cancelTimerBody.Close"}, {"name": "cancelTimerBody.Read"}, {"name": "checkConnErrorWriter.Write"}, {"name": "chunkWriter.Write"}, {"name": "connReader.Read"}, {"name": "connectMethodKey.String"}, {"name": "expectContinueReader.Close"}, {"name": "expectContinueReader.Read"}, {"name": "extraHeader.Write"}, {"name": "fileHandler.ServeHTTP"}, {"name": "fileTransport.RoundTrip"}, {"name": "globalOptionsHandler.ServeHTTP"}, {"name": "gzipReader.Close"}, {"name": "gzipReader.Read"}, {"name": "http2ClientConn.Close"}, {"name": "http2ClientConn.Ping"}, {"name": "http2ClientConn.RoundTrip"}, {"name": "http2ClientConn.Shutdown"}, {"name": "http2ConnectionError.Error"}, {"name": "http2ErrCode.String"}, {"name": "http2FrameHeader.String"}, {"name": "http2FrameType.String"}, {"name": "http2FrameWriteRequest.String"}, {"name": "http2Framer.ReadFrame"}, {"name": "http2Framer.WriteContinuation"}, {"name": "http2Framer.WriteData"}, {"name": "http2Framer.WriteDataPadded"}, {"name": "http2Framer.WriteGoAway"}, {"name": "http2Framer.WriteHeaders"}, {"name": "http2Framer.WritePing"}, {"name": "http2Framer.WritePriority"}, {"name": "http2Framer.WritePushPromise"}, {"name": "http2Framer.WriteRSTStream"}, {"name": "http2Framer.WriteRawFrame"}, {"name": "http2Framer.WriteSettings"}, {"name": "http2Framer.WriteSettingsAck"}, {"name": "http2Framer.WriteWindowUpdate"}, {"name": "http2GoAwayError.Error"}, {"name": "http2Server.ServeConn"}, {"name": "http2Setting.String"}, {"name": "http2SettingID.String"}, {"name": "http2SettingsFrame.ForeachSetting"}, {"name": "http2StreamError.Error"}, {"name": "http2Transport.CloseIdleConnections"}, {"name": "http2Transport.NewClientConn"}, {"name": "http2Transport.RoundTrip"}, {"name": "http2Transport.RoundTripOpt"}, {"name": "http2bufferedWriter.Flush"}, {"name": "http2bufferedWriter.Write"}, {"name": "http2chunkWriter.Write"}, {"name": "http2clientConnPool.GetClientConn"}, {"name": "http2connError.Error"}, {"name": "http2dataBuffer.Read"}, {"name": "http2duplicatePseudoHeaderError.Error"}, {"name": "http2gzipReader.Close"}, {"name": "http2gzipReader.Read"}, {"name": "http2headerFieldNameError.Error"}, {"name": "http2headerFieldValueError.Error"}, {"name": "http2noDialClientConnPool.GetClientConn"}, {"name": "http2noDialH2RoundTripper.RoundTrip"}, {"name": "http2pipe.Read"}, {"name": "http2priorityWriteScheduler.CloseStream"}, {"name": "http2priorityWriteScheduler.OpenStream"}, {"name": "http2pseudoHeaderError.Error"}, {"name": "http2requestBody.Close"}, {"name": "http2requestBody.Read"}, {"name": "http2responseWriter.Flush"}, {"name": "http2responseWriter.FlushError"}, {"name": "http2responseWriter.Push"}, {"name": "http2responseWriter.SetReadDeadline"}, {"name": "http2responseWriter.SetWriteDeadline"}, {"name": "http2responseWriter.Write"}, {"name": "http2responseWriter.WriteHeader"}, {"name": "http2responseWriter.WriteString"}, {"name": "http2roundRobinWriteScheduler.OpenStream"}, {"name": "http2serverConn.CloseConn"}, {"name": "http2serverConn.Flush"}, {"name": "http2stickyErrWriter.Write"}, {"name": "http2transportResponseBody.Close"}, {"name": "http2transportResponseBody.Read"}, {"name": "http2writeData.String"}, {"name": "initALPNRequest.ServeHTTP"}, {"name": "loggingConn.Close"}, {"name": "loggingConn.Read"}, {"name": "loggingConn.Write"}, {"name": "maxBytesReader.Close"}, {"name": "maxBytesReader.Read"}, {"name": "onceCloseListener.Close"}, {"name": "persistConn.Read"}, {"name": "persistConnWriter.ReadFrom"}, {"name": "persistConnWriter.Write"}, {"name": "populateResponse.Write"}, {"name": "populateResponse.WriteHeader"}, {"name": "readTrackingBody.Close"}, {"name": "readTrackingBody.Read"}, {"name": "readWriteCloserBody.Read"}, {"name": "redirectHandler.ServeHTTP"}, {"name": "response.Flush"}, {"name": "response.FlushError"}, {"name": "response.Hijack"}, {"name": "response.ReadFrom"}, {"name": "response.Write"}, {"name": "response.WriteHeader"}, {"name": "response.WriteString"}, {"name": "serverHandler.ServeHTTP"}, {"name": "socksDialer.DialWithConn"}, {"name": "socksUsernamePassword.Authenticate"}, {"name": "stringWriter.WriteString"}, {"name": "timeoutHandler.ServeHTTP"}, {"name": "timeoutWriter.Write"}, {"name": "timeoutWriter.WriteHeader"}, {"name": "transportReadFromServerError.Error"}]}, {"vendor": "golang.org/x/net", "product": "golang.org/x/net/http2", "versions": [{"status": "affected", "version": "0", "lessThan": "0.23.0", "versionType": "semver"}], "packageName": "golang.org/x/net/http2", "collectionURL": "https://pkg.go.dev", "defaultStatus": "unaffected", "programRoutines": [{"name": "Framer.readMetaFrame"}, {"name": "ClientConn.Close"}, {"name": "ClientConn.Ping"}, {"name": "ClientConn.RoundTrip"}, {"name": "ClientConn.Shutdown"}, {"name": "ConfigureServer"}, {"name": "ConfigureTransport"}, {"name": "ConfigureTransports"}, {"name": "ConnectionError.Error"}, {"name": "ErrCode.String"}, {"name": "FrameHeader.String"}, {"name": "FrameType.String"}, {"name": "FrameWriteRequest.String"}, {"name": "Framer.ReadFrame"}, {"name": "Framer.WriteContinuation"}, {"name": "Framer.WriteData"}, {"name": "Framer.WriteDataPadded"}, {"name": "Framer.WriteGoAway"}, {"name": "Framer.WriteHeaders"}, {"name": "Framer.WritePing"}, {"name": "Framer.WritePriority"}, {"name": "Framer.WritePushPromise"}, {"name": "Framer.WriteRSTStream"}, {"name": "Framer.WriteRawFrame"}, {"name": "Framer.WriteSettings"}, {"name": "Framer.WriteSettingsAck"}, {"name": "Framer.WriteWindowUpdate"}, {"name": "GoAwayError.Error"}, {"name": "ReadFrameHeader"}, {"name": "Server.ServeConn"}, {"name": "Setting.String"}, {"name": "SettingID.String"}, {"name": "SettingsFrame.ForeachSetting"}, {"name": "StreamError.Error"}, {"name": "Transport.CloseIdleConnections"}, {"name": "Transport.NewClientConn"}, {"name": "Transport.RoundTrip"}, {"name": "Transport.RoundTripOpt"}, {"name": "bufferedWriter.Flush"}, {"name": "bufferedWriter.Write"}, {"name": "chunkWriter.Write"}, {"name": "clientConnPool.GetClientConn"}, {"name": "connError.Error"}, {"name": "dataBuffer.Read"}, {"name": "duplicatePseudoHeaderError.Error"}, {"name": "gzipReader.Close"}, {"name": "gzipReader.Read"}, {"name": "headerFieldNameError.Error"}, {"name": "headerFieldValueError.Error"}, {"name": "noDialClientConnPool.GetClientConn"}, {"name": "noDialH2RoundTripper.RoundTrip"}, {"name": "pipe.Read"}, {"name": "priorityWriteScheduler.CloseStream"}, {"name": "priorityWriteScheduler.OpenStream"}, {"name": "pseudoHeaderError.Error"}, {"name": "requestBody.Close"}, {"name": "requestBody.Read"}, {"name": "responseWriter.Flush"}, {"name": "responseWriter.FlushError"}, {"name": "responseWriter.Push"}, {"name": "responseWriter.SetReadDeadline"}, {"name": "responseWriter.SetWriteDeadline"}, {"name": "responseWriter.Write"}, {"name": "responseWriter.WriteHeader"}, {"name": "responseWriter.WriteString"}, {"name": "roundRobinWriteScheduler.OpenStream"}, {"name": "serverConn.CloseConn"}, {"name": "serverConn.Flush"}, {"name": "stickyErrWriter.Write"}, {"name": "transportResponseBody.Close"}, {"name": "transportResponseBody.Read"}, {"name": "writeData.String"}]}], "references": [{"url": "https://go.dev/issue/65051"}, {"url": "https://go.dev/cl/576155"}, {"url": "https://groups.google.com/g/golang-announce/c/YgW0sx8mN3M"}, {"url": "https://pkg.go.dev/vuln/GO-2024-2687"}, {"url": "https://security.netapp.com/advisory/ntap-20240419-0009/"}, {"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT/"}, {"url": "http://www.openwall.com/lists/oss-security/2024/04/05/4"}, {"url": "http://www.openwall.com/lists/oss-security/2024/04/03/16"}], "descriptions": [{"lang": "en", "value": "An attacker may cause an HTTP/2 endpoint to read arbitrary amounts of header data by sending an excessive number of CONTINUATION frames. Maintaining HPACK state requires parsing and processing all HEADERS and CONTINUATION frames on a connection. When a request's headers exceed MaxHeaderBytes, no memory is allocated to store the excess headers, but they are still parsed. This permits an attacker to cause an HTTP/2 endpoint to read arbitrary amounts of header data, all associated with a request which is going to be rejected. These headers can include Huffman-encoded data which is significantly more expensive for the receiver to decode than for an attacker to send. The fix sets a limit on the amount of excess header frames we will process before closing a connection."}], "problemTypes": [{"descriptions": [{"lang": "en", "description": "CWE-400: Uncontrolled Resource Consumption"}]}], "providerMetadata": {"orgId": "1bb62c36-49e3-4200-9d77-64a1400537cc", "shortName": "Go", "dateUpdated": "2024-04-04T20:37:30.714Z"}}}, "cveMetadata": {"cveId": "CVE-2023-45288", "state": "PUBLISHED", "dateUpdated": "2024-08-26T20:40:01.996Z", "dateReserved": "2023-10-06T17:06:26.221Z", "assignerOrgId": "1bb62c36-49e3-4200-9d77-64a1400537cc", "datePublished": "2024-04-04T20:37:30.714Z", "assignerShortName": "Go"}, "dataVersion": "5.1"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "An attacker may cause an HTTP/2 endpoint to read arbitrary amounts of header data by sending an excessive number of CONTINUATION frames. Maintaining HPACK state requires parsing and processing all HEADERS and CONTINUATION frames on a connection. When a request's headers exceed MaxHeaderBytes, no memory is allocated to store the excess headers, but they are still parsed. This permits an attacker to cause an HTTP/2 endpoint to read arbitrary amounts of header data, all associated with a request which is going to be rejected. These headers can include Huffman-encoded data which is significantly more expensive for the receiver to decode than for an attacker to send. The fix sets a limit on the amount of excess header frames we will process before closing a connection."}, {"lang": "es", "value": "Un atacante puede hacer que un endpoint HTTP/2 lea cantidades arbitrarias de datos de encabezado enviando una cantidad excesiva de tramas de CONTINUACI\u00d3N. Mantener el estado de HPACK requiere analizar y procesar todos los encabezados y tramas de CONTINUACI\u00d3N en una conexi\u00f3n. Cuando los encabezados de una solicitud exceden MaxHeaderBytes, no se asigna memoria para almacenar los encabezados sobrantes, pero a\u00fan as\u00ed se analizan. Esto permite a un atacante hacer que un endpoint HTTP/2 lea cantidades arbitrarias de datos de encabezado, todos asociados con una solicitud que ser\u00e1 rechazada. Estos encabezados pueden incluir datos codificados por Huffman, cuya decodificaci\u00f3n es significativamente m\u00e1s costosa para el receptor que para el atacante. La soluci\u00f3n establece un l\u00edmite en la cantidad de fotogramas de encabezado excedentes que procesaremos antes de cerrar una conexi\u00f3n."}], "id": "CVE-2023-45288", "lastModified": "2024-08-26T21:35:02.457", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}, "published": "2024-04-04T21:15:16.113", "references": [{"source": "security@golang.org", "url": "http://www.openwall.com/lists/oss-security/2024/04/03/16"}, {"source": "security@golang.org", "url": "http://www.openwall.com/lists/oss-security/2024/04/05/4"}, {"source": "security@golang.org", "url": "https://go.dev/cl/576155"}, {"source": "security@golang.org", "url": "https://go.dev/issue/65051"}, {"source": "security@golang.org", "url": "https://groups.google.com/g/golang-announce/c/YgW0sx8mN3M"}, {"source": "security@golang.org", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT/"}, {"source": "security@golang.org", "url": "https://pkg.go.dev/vuln/GO-2024-2687"}, {"source": "security@golang.org", "url": "https://security.netapp.com/advisory/ntap-20240419-0009/"}], "sourceIdentifier": "security@golang.org", "vulnStatus": "Awaiting Analysis"}

{"acknowledgement": "Red Hat would like to thank Bartek Nowotarski (nowotarski.info) for reporting this issue.", "affected_release": [{"advisory": "RHSA-2024:6221", "cpe": "cpe:/a:redhat:openshift_builds:1.1::el9", "package": "openshift-builds-operator-container", "product_name": "Builds for Red Hat OpenShift", "release_date": "2024-09-03T00:00:00Z"}, {"advisory": "RHSA-2024:2088", "cpe": "cpe:/a:redhat:cryostat:2::el8", "package": "cryostat-tech-preview/cryostat-grafana-dashboard-rhel8:2.4.0-7", "product_name": "Cryostat 2 on RHEL 8", "release_date": "2024-04-29T00:00:00Z"}, {"advisory": "RHSA-2024:2088", "cpe": "cpe:/a:redhat:cryostat:2::el8", "package": "cryostat-tech-preview/cryostat-operator-bundle:2.4.0-4", "product_name": "Cryostat 2 on RHEL 8", "release_date": "2024-04-29T00:00:00Z"}, {"advisory": "RHSA-2024:2088", "cpe": "cpe:/a:redhat:cryostat:2::el8", "package": "cryostat-tech-preview/cryostat-reports-rhel8:2.4.0-4", "product_name": "Cryostat 2 on RHEL 8", "release_date": "2024-04-29T00:00:00Z"}, {"advisory": "RHSA-2024:2088", "cpe": "cpe:/a:redhat:cryostat:2::el8", "package": "cryostat-tech-preview/cryostat-rhel8:2.4.0-4", "product_name": "Cryostat 2 on RHEL 8", "release_date": "2024-04-29T00:00:00Z"}, {"advisory": "RHSA-2024:2088", "cpe": "cpe:/a:redhat:cryostat:2::el8", "package": "cryostat-tech-preview/cryostat-rhel8-operator:2.4.0-9", "product_name": "Cryostat 2 on RHEL 8", "release_date": "2024-04-29T00:00:00Z"}, {"advisory": "RHSA-2024:2088", "cpe": "cpe:/a:redhat:cryostat:2::el8", "package": "cryostat-tech-preview/jfr-datasource-rhel8:2.4.0-4", "product_name": "Cryostat 2 on RHEL 8", "release_date": "2024-04-29T00:00:00Z"}, {"advisory": "RHSA-2024:3316", "cpe": "cpe:/a:redhat:migration_toolkit_applications:7.0::el9", "package": "mta/mta-cli-rhel9:7.0.3-16", "product_name": "MTA-7.0-RHEL-9", "release_date": "2024-05-23T00:00:00Z"}, {"advisory": "RHSA-2024:4982", "cpe": "cpe:/a:redhat:openshift_api_data_protection:1.3::el9", "package": "oadp/oadp-rhel9-operator:1.3.3-12", "product_name": "OADP-1.3-RHEL-9", "release_date": "2024-08-01T00:00:00Z"}, {"advisory": "RHSA-2024:2901", "cpe": "cpe:/a:redhat:openshift_custom_metrics_autoscaler:2.0::el8", "package": "custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel8:2.12.1-394", "product_name": "OpenShift Custom Metrics Autoscaler 2", "release_date": "2024-05-23T00:00:00Z"}, {"advisory": "RHSA-2024:2901", "cpe": "cpe:/a:redhat:openshift_custom_metrics_autoscaler:2.0::el8", "package": "custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel8:2.12.1-394", "product_name": "OpenShift Custom Metrics Autoscaler 2", "release_date": "2024-05-23T00:00:00Z"}, {"advisory": "RHSA-2024:2901", "cpe": "cpe:/a:redhat:openshift_custom_metrics_autoscaler:2.0::el8", "package": "custom-metrics-autoscaler/custom-metrics-autoscaler-operator-bundle:2.12.1-394", "product_name": "OpenShift Custom Metrics Autoscaler 2", "release_date": "2024-05-23T00:00:00Z"}, {"advisory": "RHSA-2024:2901", "cpe": "cpe:/a:redhat:openshift_custom_metrics_autoscaler:2.0::el8", "package": "custom-metrics-autoscaler/custom-metrics-autoscaler-rhel8:2.12.1-394", "product_name": "OpenShift Custom Metrics Autoscaler 2", "release_date": "2024-05-23T00:00:00Z"}, {"advisory": "RHSA-2024:2901", "cpe": "cpe:/a:redhat:openshift_custom_metrics_autoscaler:2.0::el8", "package": "custom-metrics-autoscaler/custom-metrics-autoscaler-rhel8-operator:2.12.1-394", "product_name": "OpenShift Custom Metrics Autoscaler 2", "release_date": "2024-05-23T00:00:00Z"}, {"advisory": "RHSA-2024:4023", "cpe": "cpe:/a:redhat:serverless:1.0::el8", "package": "openshift-serverless-clients-0:1.12.0-7.el8", "product_name": "Openshift Serverless 1 on RHEL 8", "release_date": "2024-06-20T00:00:00Z"}, {"advisory": "RHSA-2024:3637", "cpe": "cpe:/a:redhat:openshift_secondary_scheduler:1.3::el9", "package": "openshift-secondary-scheduler-operator/secondary-scheduler-operator-bundle:v1.3-12", "product_name": "OSSO-1.3-RHEL-9", "release_date": "2024-07-01T00:00:00Z"}, {"advisory": "RHSA-2024:3637", "cpe": "cpe:/a:redhat:openshift_secondary_scheduler:1.3::el9", "package": "openshift-secondary-scheduler-operator/secondary-scheduler-rhel9-operator:v1.3-12", "product_name": "OSSO-1.3-RHEL-9", "release_date": "2024-07-01T00:00:00Z"}, {"advisory": "RHSA-2024:4464", "cpe": "cpe:/a:redhat:acm:2.10::el9", "package": "rhacm2/acm-cluster-permission-rhel9:v2.10.4-6", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2.10 for RHEL 9", "release_date": "2024-07-10T00:00:00Z"}, {"advisory": "RHSA-2024:4922", "cpe": "cpe:/a:redhat:acm:2.8::el8", "package": "rhacm2/acm-governance-policy-addon-controller-rhel8:v2.8.7-18", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2.8 for RHEL 8", "release_date": "2024-07-30T00:00:00Z"}, {"advisory": "RHSA-2024:4922", "cpe": "cpe:/a:redhat:acm:2.8::el8", "package": "rhacm2/acm-governance-policy-framework-addon-rhel8:v2.8.7-16", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2.8 for RHEL 8", "release_date": "2024-07-30T00:00:00Z"}, {"advisory": "RHSA-2024:4922", "cpe": "cpe:/a:redhat:acm:2.8::el8", "package": "rhacm2/acm-grafana-rhel8:v2.8.7-17", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2.8 for RHEL 8", "release_date": "2024-07-30T00:00:00Z"}, {"advisory": "RHSA-2024:4922", "cpe": "cpe:/a:redhat:acm:2.8::el8", "package": "rhacm2/acm-must-gather-rhel8:v2.8.7-17", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2.8 for RHEL 8", "release_date": "2024-07-30T00:00:00Z"}, {"advisory": "RHSA-2024:4922", "cpe": "cpe:/a:redhat:acm:2.8::el8", "package": "rhacm2/acm-operator-bundle:v2.8.7-31", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2.8 for RHEL 8", "release_date": "2024-07-30T00:00:00Z"}, {"advisory": "RHSA-2024:4922", "cpe": "cpe:/a:redhat:acm:2.8::el8", "package": "rhacm2/acm-prometheus-config-reloader-rhel8:v2.8.7-16", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2.8 for RHEL 8", "release_date": "2024-07-30T00:00:00Z"}, {"advisory": "RHSA-2024:4922", "cpe": "cpe:/a:redhat:acm:2.8::el8", "package": "rhacm2/acm-prometheus-rhel8:v2.8.7-17", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2.8 for RHEL 8", "release_date": "2024-07-30T00:00:00Z"}, {"advisory": "RHSA-2024:4922", "cpe": "cpe:/a:redhat:acm:2.8::el8", "package": "rhacm2/acm-search-indexer-rhel8:v2.8.7-16", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2.8 for RHEL 8", "release_date": "2024-07-30T00:00:00Z"}, {"advisory": "RHSA-2024:4922", "cpe": "cpe:/a:redhat:acm:2.8::el8", "package": "rhacm2/acm-search-v2-api-rhel8:v2.8.7-14", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2.8 for RHEL 8", "release_date": "2024-07-30T00:00:00Z"}, {"advisory": "RHSA-2024:4922", "cpe": "cpe:/a:redhat:acm:2.8::el8", "package": "rhacm2/acm-search-v2-rhel8:v2.8.7-16", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2.8 for RHEL 8", "release_date": "2024-07-30T00:00:00Z"}, {"advisory": "RHSA-2024:4922", "cpe": "cpe:/a:redhat:acm:2.8::el8", "package": "rhacm2/acm-volsync-addon-controller-rhel8:v2.8.7-15", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2.8 for RHEL 8", "release_date": "2024-07-30T00:00:00Z"}, {"advisory": "RHSA-2024:4922", "cpe": "cpe:/a:redhat:acm:2.8::el8", "package": "rhacm2/cert-policy-controller-rhel8:v2.8.7-17", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2.8 for RHEL 8", "release_date": "2024-07-30T00:00:00Z"}, {"advisory": "RHSA-2024:4922", "cpe": "cpe:/a:redhat:acm:2.8::el8", "package": "rhacm2/cluster-backup-rhel8-operator:v2.8.7-15", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2.8 for RHEL 8", "release_date": "2024-07-30T00:00:00Z"}, {"advisory": "RHSA-2024:4922", "cpe": "cpe:/a:redhat:acm:2.8::el8", "package": "rhacm2/config-policy-controller-rhel8:v2.8.7-15", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2.8 for RHEL 8", "release_date": "2024-07-30T00:00:00Z"}, {"advisory": "RHSA-2024:4922", "cpe": "cpe:/a:redhat:acm:2.8::el8", "package": "rhacm2/console-rhel8:v2.8.7-9", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2.8 for RHEL 8", "release_date": "2024-07-30T00:00:00Z"}, {"advisory": "RHSA-2024:4922", "cpe": "cpe:/a:redhat:acm:2.8::el8", "package": "rhacm2/endpoint-monitoring-rhel8-operator:v2.8.7-14", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2.8 for RHEL 8", "release_date": "2024-07-30T00:00:00Z"}, {"advisory": "RHSA-2024:4922", "cpe": "cpe:/a:redhat:acm:2.8::el8", "package": "rhacm2/governance-policy-propagator-rhel8:v2.8.7-19", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2.8 for RHEL 8", "release_date": "2024-07-30T00:00:00Z"}, {"advisory": "RHSA-2024:4922", "cpe": "cpe:/a:redhat:acm:2.8::el8", "package": "rhacm2/grafana-dashboard-loader-rhel8:v2.8.7-15", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2.8 for RHEL 8", "release_date": "2024-07-30T00:00:00Z"}, {"advisory": "RHSA-2024:4922", "cpe": "cpe:/a:redhat:acm:2.8::el8", "package": "rhacm2/iam-policy-controller-rhel8:v2.8.7-16", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2.8 for RHEL 8", "release_date": "2024-07-30T00:00:00Z"}, {"advisory": "RHSA-2024:4922", "cpe": "cpe:/a:redhat:acm:2.8::el8", "package": "rhacm2/insights-client-rhel8:v2.8.7-17", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2.8 for RHEL 8", "release_date": "2024-07-30T00:00:00Z"}, {"advisory": "RHSA-2024:4922", "cpe": "cpe:/a:redhat:acm:2.8::el8", "package": "rhacm2/insights-metrics-rhel8:v2.8.7-17", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2.8 for RHEL 8", "release_date": "2024-07-30T00:00:00Z"}, {"advisory": "RHSA-2024:4922", "cpe": "cpe:/a:redhat:acm:2.8::el8", "package": "rhacm2/klusterlet-addon-controller-rhel8:v2.8.7-16", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2.8 for RHEL 8", "release_date": "2024-07-30T00:00:00Z"}, {"advisory": "RHSA-2024:4922", "cpe": "cpe:/a:redhat:acm:2.8::el8", "package": "rhacm2/kube-rbac-proxy-rhel8:v2.8.7-16", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2.8 for RHEL 8", "release_date": "2024-07-30T00:00:00Z"}, {"advisory": "RHSA-2024:4922", "cpe": "cpe:/a:redhat:acm:2.8::el8", "package": "rhacm2/kube-state-metrics-rhel8:v2.8.7-16", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2.8 for RHEL 8", "release_date": "2024-07-30T00:00:00Z"}, {"advisory": "RHSA-2024:4922", "cpe": "cpe:/a:redhat:acm:2.8::el8", "package": "rhacm2/memcached-exporter-rhel8:v2.8.7-16", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2.8 for RHEL 8", "release_date": "2024-07-30T00:00:00Z"}, {"advisory": "RHSA-2024:4922", "cpe": "cpe:/a:redhat:acm:2.8::el8", "package": "rhacm2/memcached-rhel8:v2.8.7-16", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2.8 for RHEL 8", "release_date": "2024-07-30T00:00:00Z"}, {"advisory": "RHSA-2024:4922", "cpe": "cpe:/a:redhat:acm:2.8::el8", "package": "rhacm2/metrics-collector-rhel8:v2.8.7-15", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2.8 for RHEL 8", "release_date": "2024-07-30T00:00:00Z"}, {"advisory": "RHSA-2024:4922", "cpe": "cpe:/a:redhat:acm:2.8::el8", "package": "rhacm2/multicloud-integrations-rhel8:v2.8.7-16", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2.8 for RHEL 8", "release_date": "2024-07-30T00:00:00Z"}, {"advisory": "RHSA-2024:4922", "cpe": "cpe:/a:redhat:acm:2.8::el8", "package": "rhacm2/multiclusterhub-rhel8:v2.8.7-18", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2.8 for RHEL 8", "release_date": "2024-07-30T00:00:00Z"}, {"advisory": "RHSA-2024:4922", "cpe": "cpe:/a:redhat:acm:2.8::el8", "package": "rhacm2/multicluster-observability-rhel8-operator:v2.8.7-15", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2.8 for RHEL 8", "release_date": "2024-07-30T00:00:00Z"}, {"advisory": "RHSA-2024:4922", "cpe": "cpe:/a:redhat:acm:2.8::el8", "package": "rhacm2/multicluster-operators-application-rhel8:v2.8.7-18", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2.8 for RHEL 8", "release_date": "2024-07-30T00:00:00Z"}, {"advisory": "RHSA-2024:4922", "cpe": "cpe:/a:redhat:acm:2.8::el8", "package": "rhacm2/multicluster-operators-channel-rhel8:v2.8.7-15", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2.8 for RHEL 8", "release_date": "2024-07-30T00:00:00Z"}, {"advisory": "RHSA-2024:4922", "cpe": "cpe:/a:redhat:acm:2.8::el8", "package": "rhacm2/multicluster-operators-subscription-rhel8:v2.8.7-18", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2.8 for RHEL 8", "release_date": "2024-07-30T00:00:00Z"}, {"advisory": "RHSA-2024:4922", "cpe": "cpe:/a:redhat:acm:2.8::el8", "package": "rhacm2/node-exporter-rhel8:v2.8.7-17", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2.8 for RHEL 8", "release_date": "2024-07-30T00:00:00Z"}, {"advisory": "RHSA-2024:4922", "cpe": "cpe:/a:redhat:acm:2.8::el8", "package": "rhacm2/observatorium-rhel8:v2.8.7-17", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2.8 for RHEL 8", "release_date": "2024-07-30T00:00:00Z"}, {"advisory": "RHSA-2024:4922", "cpe": "cpe:/a:redhat:acm:2.8::el8", "package": "rhacm2/observatorium-rhel8-operator:v2.8.7-18", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2.8 for RHEL 8", "release_date": "2024-07-30T00:00:00Z"}, {"advisory": "RHSA-2024:4922", "cpe": "cpe:/a:redhat:acm:2.8::el8", "package": "rhacm2/prometheus-alertmanager-rhel8:v2.8.7-16", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2.8 for RHEL 8", "release_date": "2024-07-30T00:00:00Z"}, {"advisory": "RHSA-2024:4922", "cpe": "cpe:/a:redhat:acm:2.8::el8", "package": "rhacm2/prometheus-rhel8:v2.8.7-16", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2.8 for RHEL 8", "release_date": "2024-07-30T00:00:00Z"}, {"advisory": "RHSA-2024:4922", "cpe": "cpe:/a:redhat:acm:2.8::el8", "package": "rhacm2/rbac-query-proxy-rhel8:v2.8.7-15", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2.8 for RHEL 8", "release_date": "2024-07-30T00:00:00Z"}, {"advisory": "RHSA-2024:4922", "cpe": "cpe:/a:redhat:acm:2.8::el8", "package": "rhacm2/search-collector-rhel8:v2.8.7-17", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2.8 for RHEL 8", "release_date": "2024-07-30T00:00:00Z"}, {"advisory": "RHSA-2024:4922", "cpe": "cpe:/a:redhat:acm:2.8::el8", "package": "rhacm2/submariner-addon-rhel8:v2.8.7-22", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2.8 for RHEL 8", "release_date": "2024-07-30T00:00:00Z"}, {"advisory": "RHSA-2024:4922", "cpe": "cpe:/a:redhat:acm:2.8::el8", "package": "rhacm2/thanos-receive-controller-rhel8:v2.8.7-16", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2.8 for RHEL 8", "release_date": "2024-07-30T00:00:00Z"}, {"advisory": "RHSA-2024:4922", "cpe": "cpe:/a:redhat:acm:2.8::el8", "package": "rhacm2/thanos-rhel8:v2.8.7-18", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2.8 for RHEL 8", "release_date": "2024-07-30T00:00:00Z"}, {"advisory": "RHSA-2024:2941", "cpe": "cpe:/a:redhat:advanced_cluster_security:4.4::el8", "package": "advanced-cluster-security/rhacs-central-db-rhel8:4.4.2-4", "product_name": "Red Hat Advanced Cluster Security 4.4", "release_date": "2024-05-21T00:00:00Z"}, {"advisory": "RHSA-2024:2941", "cpe": "cpe:/a:redhat:advanced_cluster_security:4.4::el8", "package": "advanced-cluster-security/rhacs-collector-rhel8:4.4.2-4", "product_name": "Red Hat Advanced Cluster Security 4.4", "release_date": "2024-05-21T00:00:00Z"}, {"advisory": "RHSA-2024:2941", "cpe": "cpe:/a:redhat:advanced_cluster_security:4.4::el8", "package": "advanced-cluster-security/rhacs-collector-slim-rhel8:4.4.2-4", "product_name": "Red Hat Advanced Cluster Security 4.4", "release_date": "2024-05-21T00:00:00Z"}, {"advisory": "RHSA-2024:2941", "cpe": "cpe:/a:redhat:advanced_cluster_security:4.4::el8", "package": "advanced-cluster-security/rhacs-main-rhel8:4.4.2-6", "product_name": "Red Hat Advanced Cluster Security 4.4", "release_date": "2024-05-21T00:00:00Z"}, {"advisory": "RHSA-2024:2941", "cpe": "cpe:/a:redhat:advanced_cluster_security:4.4::el8", "package": "advanced-cluster-security/rhacs-operator-bundle:4.4.2-6", "product_name": "Red Hat Advanced Cluster Security 4.4", "release_date": "2024-05-21T00:00:00Z"}, {"advisory": "RHSA-2024:2941", "cpe": "cpe:/a:redhat:advanced_cluster_security:4.4::el8", "package": "advanced-cluster-security/rhacs-rhel8-operator:4.4.2-4", "product_name": "Red Hat Advanced Cluster Security 4.4", "release_date": "2024-05-21T00:00:00Z"}, {"advisory": "RHSA-2024:2941", "cpe": "cpe:/a:redhat:advanced_cluster_security:4.4::el8", "package": "advanced-cluster-security/rhacs-roxctl-rhel8:4.4.2-4", "product_name": "Red Hat Advanced Cluster Security 4.4", "release_date": "2024-05-21T00:00:00Z"}, {"advisory": "RHSA-2024:2941", "cpe": "cpe:/a:redhat:advanced_cluster_security:4.4::el8", "package": "advanced-cluster-security/rhacs-scanner-db-rhel8:4.4.2-4", "product_name": "Red Hat Advanced Cluster Security 4.4", "release_date": "2024-05-21T00:00:00Z"}, {"advisory": "RHSA-2024:2941", "cpe": "cpe:/a:redhat:advanced_cluster_security:4.4::el8", "package": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8:4.4.2-4", "product_name": "Red Hat Advanced Cluster Security 4.4", "release_date": "2024-05-21T00:00:00Z"}, {"advisory": "RHSA-2024:2941", "cpe": "cpe:/a:redhat:advanced_cluster_security:4.4::el8", "package": "advanced-cluster-security/rhacs-scanner-rhel8:4.4.2-4", "product_name": "Red Hat Advanced Cluster Security 4.4", "release_date": "2024-05-21T00:00:00Z"}, {"advisory": "RHSA-2024:2941", "cpe": "cpe:/a:redhat:advanced_cluster_security:4.4::el8", "package": "advanced-cluster-security/rhacs-scanner-slim-rhel8:4.4.2-4", "product_name": "Red Hat Advanced Cluster Security 4.4", "release_date": "2024-05-21T00:00:00Z"}, {"advisory": "RHSA-2024:2941", "cpe": "cpe:/a:redhat:advanced_cluster_security:4.4::el8", "package": "advanced-cluster-security/rhacs-scanner-v4-db-rhel8:4.4.2-4", "product_name": "Red Hat Advanced Cluster Security 4.4", "release_date": "2024-05-21T00:00:00Z"}, {"advisory": "RHSA-2024:2941", "cpe": "cpe:/a:redhat:advanced_cluster_security:4.4::el8", "package": "advanced-cluster-security/rhacs-scanner-v4-rhel8:4.4.2-6", "product_name": "Red Hat Advanced Cluster Security 4.4", "release_date": "2024-05-21T00:00:00Z"}, {"advisory": "RHSA-2024:3781", "cpe": "cpe:/a:redhat:ansible_automation_platform:2.4::el8", "impact": "low", "package": "receptor-0:1.4.8-1.el8ap", "product_name": "Red Hat Ansible Automation Platform 2.4 for RHEL 8", "release_date": "2024-06-10T00:00:00Z"}, {"advisory": "RHSA-2024:3781", "cpe": "cpe:/a:redhat:ansible_automation_platform:2.4::el9", "impact": "low", "package": "receptor-0:1.4.8-1.el9ap", "product_name": "Red Hat Ansible Automation Platform 2.4 for RHEL 9", "release_date": "2024-06-10T00:00:00Z"}, {"advisory": "RHSA-2024:2892", "cpe": "cpe:/a:redhat:devtools:2023::el7", "package": "go-toolset-1.19-golang-0:1.19.13-7.el7_9", "product_name": "Red Hat Developer Tools", "release_date": "2024-05-20T00:00:00Z"}, {"advisory": "RHSA-2024:2625", "cpe": "cpe:/o:redhat:enterprise_linux:7", "package": "rhc-worker-script-0:0.8-1.el7_9", "product_name": "Red Hat Enterprise Linux 7", "release_date": "2024-04-30T00:00:00Z"}, {"advisory": "RHSA-2024:1962", "cpe": "cpe:/a:redhat:enterprise_linux:8", "package": "go-toolset:rhel8-8090020240419184349.26eb71ac", "product_name": "Red Hat Enterprise Linux 8", "release_date": "2024-04-23T00:00:00Z"}, {"advisory": "RHSA-2024:2699", "cpe": "cpe:/a:redhat:enterprise_linux:8", "package": "git-lfs-0:3.2.0-3.el8_9", "product_name": "Red Hat Enterprise Linux 8", "release_date": "2024-05-06T00:00:00Z"}, {"advisory": "RHSA-2024:3259", "cpe": "cpe:/a:redhat:enterprise_linux:8", "package": "go-toolset:rhel8-8100020240412145753.a3795dee", "product_name": "Red Hat Enterprise Linux 8", "release_date": "2024-05-22T00:00:00Z"}, {"advisory": "RHSA-2024:3346", "cpe": "cpe:/a:redhat:enterprise_linux:8", "package": "git-lfs-0:3.4.1-2.el8_10", "product_name": "Red Hat Enterprise Linux 8", "release_date": "2024-05-23T00:00:00Z"}, {"advisory": "RHSA-2024:4933", "cpe": "cpe:/a:redhat:rhel_aus:8.4", "package": "git-lfs-0:2.11.0-2.el8_4.2", "product_name": "Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support", "release_date": "2024-07-31T00:00:00Z"}, {"advisory": "RHSA-2024:4933", "cpe": "cpe:/a:redhat:rhel_tus:8.4", "package": "git-lfs-0:2.11.0-2.el8_4.2", "product_name": "Red Hat Enterprise Linux 8.4 Telecommunications Update Service", "release_date": "2024-07-31T00:00:00Z"}, {"advisory": "RHSA-2024:4933", "cpe": "cpe:/a:redhat:rhel_e4s:8.4", "package": "git-lfs-0:2.11.0-2.el8_4.2", "product_name": "Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions", "release_date": "2024-07-31T00:00:00Z"}, {"advisory": "RHSA-2024:4546", "cpe": "cpe:/a:redhat:rhel_aus:8.6", "package": "git-lfs-0:2.13.3-3.el8_6.1", "product_name": "Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support", "release_date": "2024-07-15T00:00:00Z"}, {"advisory": "RHSA-2024:2935", "cpe": "cpe:/a:redhat:rhel_eus:8.6", "package": "go-toolset:rhel8-8060020240426233308.97d7f71f", "product_name": "Red Hat Enterprise Linux 8.6 Extended Update Support", "release_date": "2024-05-21T00:00:00Z"}, {"advisory": "RHSA-2024:4546", "cpe": "cpe:/a:redhat:rhel_tus:8.6", "package": "git-lfs-0:2.13.3-3.el8_6.1", "product_name": "Red Hat Enterprise Linux 8.6 Telecommunications Update Service", "release_date": "2024-07-15T00:00:00Z"}, {"advisory": "RHSA-2024:4546", "cpe": "cpe:/a:redhat:rhel_e4s:8.6", "package": "git-lfs-0:2.13.3-3.el8_6.1", "product_name": "Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions", "release_date": "2024-07-15T00:00:00Z"}, {"advisory": "RHSA-2024:2936", "cpe": "cpe:/a:redhat:rhel_eus:8.8", "package": "go-toolset:rhel8-8080020240506114235.6b4b45d8", "product_name": "Red Hat Enterprise Linux 8.8 Extended Update Support", "release_date": "2024-05-21T00:00:00Z"}, {"advisory": "RHSA-2024:4545", "cpe": "cpe:/a:redhat:rhel_eus:8.8", "package": "git-lfs-0:3.2.0-2.el8_8.1", "product_name": "Red Hat Enterprise Linux 8.8 Extended Update Support", "release_date": "2024-07-15T00:00:00Z"}, {"advisory": "RHSA-2024:1963", "cpe": "cpe:/a:redhat:enterprise_linux:9", "package": "golang-0:1.20.12-4.el9_3", "product_name": "Red Hat Enterprise Linux 9", "release_date": "2024-04-23T00:00:00Z"}, {"advisory": "RHSA-2024:2079", "cpe": "cpe:/a:redhat:enterprise_linux:9", "package": "git-lfs-0:3.2.0-2.el9_3", "product_name": "Red Hat Enterprise Linux 9", "release_date": "2024-04-29T00:00:00Z"}, {"advisory": "RHSA-2024:2562", "cpe": "cpe:/a:redhat:enterprise_linux:9", "package": "golang-0:1.21.9-2.el9_4", "product_name": "Red Hat Enterprise Linux 9", "release_date": "2024-04-30T00:00:00Z"}, {"advisory": "RHSA-2024:2724", "cpe": "cpe:/a:redhat:enterprise_linux:9", "package": "git-lfs-0:3.4.1-2.el9_4", "product_name": "Red Hat Enterprise Linux 9", "release_date": "2024-05-07T00:00:00Z"}, {"advisory": "RHSA-2024:4543", "cpe": "cpe:/a:redhat:rhel_e4s:9.0", "package": "git-lfs-0:2.13.3-5.el9_0.1", "product_name": "Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions", "release_date": "2024-07-15T00:00:00Z"}, {"advisory": "RHSA-2024:4146", "cpe": "cpe:/a:redhat:rhel_eus:9.2", "package": "golang-0:1.19.13-7.el9_2", "product_name": "Red Hat Enterprise Linux 9.2 Extended Update Support", "release_date": "2024-06-27T00:00:00Z"}, {"advisory": "RHSA-2024:4934", "cpe": "cpe:/a:redhat:rhel_eus:9.2", "package": "git-lfs-0:3.2.0-1.el9_2", "product_name": "Red Hat Enterprise Linux 9.2 Extended Update Support", "release_date": "2024-07-31T00:00:00Z"}, {"advisory": "RHSA-2024:7164", "cpe": "cpe:/a:redhat:rhmt:1.8::el8", "package": "rhmtc/openshift-migration-controller-rhel8:v1.8.4-22", "product_name": "Red Hat Migration Toolkit for Containers 1.8", "release_date": "2024-09-26T00:00:00Z"}, {"advisory": "RHSA-2024:1679", "cpe": "cpe:/a:redhat:openshift:4.12::el8", "package": "openshift4/ose-hyperkube:v4.12.0-202404040933.p1.gbd92d70.assembly.stream.el8", "product_name": "Red Hat OpenShift Container Platform 4.12", "release_date": "2024-04-08T00:00:00Z"}, {"advisory": "RHSA-2024:1899", "cpe": "cpe:/a:redhat:openshift:4.12::el8", "package": "openshift-0:4.12.0-202404161006.p0.g054f0ba.assembly.stream.el9", "product_name": "Red Hat OpenShift Container Platform 4.12", "release_date": "2024-04-26T00:00:00Z"}, {"advisory": "RHSA-2024:2782", "cpe": "cpe:/a:redhat:openshift:4.12::el8", "package": "openshift4/ose-cluster-etcd-rhel8-operator:v4.12.0-202405091536.p0.gf49210c.assembly.stream.el8", "product_name": "Red Hat OpenShift Container Platform 4.12", "release_date": "2024-05-16T00:00:00Z"}, {"advisory": "RHSA-2024:2782", "cpe": "cpe:/a:redhat:openshift:4.12::el8", "package": "openshift4/ose-docker-registry:v4.12.0-202405091536.p0.g9e75355.assembly.stream.el8", "product_name": "Red Hat OpenShift Container Platform 4.12", "release_date": "2024-05-16T00:00:00Z"}, {"advisory": "RHSA-2024:2782", "cpe": "cpe:/a:redhat:openshift:4.12::el8", "package": "openshift4/ose-insights-rhel8-operator:v4.12.0-202405091536.p0.g6b54388.assembly.stream.el8", "product_name": "Red Hat OpenShift Container Platform 4.12", "release_date": "2024-05-16T00:00:00Z"}, {"advisory": "RHSA-2024:4006", "cpe": "cpe:/a:redhat:openshift:4.12::el8", "package": "openshift4/ose-cluster-autoscaler-operator:v4.12.0-202406190905.p0.g29a6e57.assembly.stream.el8", "product_name": "Red Hat OpenShift Container Platform 4.12", "release_date": "2024-06-27T00:00:00Z"}, {"advisory": "RHSA-2024:4006", "cpe": "cpe:/a:redhat:openshift:4.12::el8", "package": "openshift4/ose-machine-api-operator:v4.12.0-202406190905.p0.gcffade7.assembly.stream.el8", "product_name": "Red Hat OpenShift Container Platform 4.12", "release_date": "2024-06-27T00:00:00Z"}, {"advisory": "RHSA-2024:4006", "cpe": "cpe:/a:redhat:openshift:4.12::el8", "package": "openshift4/ose-operator-marketplace:v4.12.0-202406190905.p0.g3589162.assembly.stream.el8", "product_name": "Red Hat OpenShift Container Platform 4.12", "release_date": "2024-06-27T00:00:00Z"}, {"advisory": "RHSA-2024:4677", "cpe": "cpe:/a:redhat:openshift:4.12::el8", "package": "openshift4/ose-aws-cloud-controller-manager-rhel8:v4.12.0-202407151105.p0.gf90fb44.assembly.stream.el8", "product_name": "Red Hat OpenShift Container Platform 4.12", "release_date": "2024-07-25T00:00:00Z"}, {"advisory": "RHSA-2024:4677", "cpe": "cpe:/a:redhat:openshift:4.12::el8", "package": "openshift4/ose-operator-lifecycle-manager:v4.12.0-202407151105.p0.g3327393.assembly.stream.el8", "product_name": "Red Hat OpenShift Container Platform 4.12", "release_date": "2024-07-25T00:00:00Z"}, {"advisory": "RHSA-2024:4677", "cpe": "cpe:/a:redhat:openshift:4.12::el8", "package": "openshift4/ose-operator-registry:v4.12.0-202407151105.p0.g3327393.assembly.stream.el8", "product_name": "Red Hat OpenShift Container Platform 4.12", "release_date": "2024-07-25T00:00:00Z"}, {"advisory": "RHSA-2024:6642", "cpe": "cpe:/a:redhat:openshift:4.12::el8", "package": "openshift4/ose-oauth-apiserver-rhel8:v4.12.0-202409101431.p0.g1053f14.assembly.stream.el8", "product_name": "Red Hat OpenShift Container Platform 4.12", "release_date": "2024-09-18T00:00:00Z"}, {"advisory": "RHSA-2024:8692", "cpe": "cpe:/a:redhat:openshift:4.12::el8", "package": "openshift4/ose-cluster-baremetal-operator-rhel8:v4.12.0-202410182029.p0.g537a74c.assembly.stream.el8", "product_name": "Red Hat OpenShift Container Platform 4.12", "release_date": "2024-11-07T00:00:00Z"}, {"advisory": "RHSA-2024:8692", "cpe": "cpe:/a:redhat:openshift:4.12::el8", "package": "openshift4/ose-kube-rbac-proxy:v4.12.0-202410182029.p0.gc69fae7.assembly.stream.el8", "product_name": "Red Hat OpenShift Container Platform 4.12", "release_date": "2024-11-07T00:00:00Z"}, {"advisory": "RHSA-2024:1683", "cpe": "cpe:/a:redhat:openshift:4.13::el8", "package": "openshift4/ose-hyperkube:v4.13.0-202404040933.p1.g731fb36.assembly.stream.el8", "product_name": "Red Hat OpenShift Container Platform 4.13", "release_date": "2024-04-08T00:00:00Z"}, {"advisory": "RHSA-2024:2049", "cpe": "cpe:/a:redhat:openshift:4.13::el8", "package": "openshift-0:4.13.0-202404222036.p0.g4818370.assembly.stream.el8", "product_name": "Red Hat OpenShift Container Platform 4.13", "release_date": "2024-05-02T00:00:00Z"}, {"advisory": "RHSA-2024:2875", "cpe": "cpe:/a:redhat:openshift:4.13::el8", "package": "openshift4/ose-cluster-etcd-rhel8-operator:v4.13.0-202405141537.p0.g4b16f0e.assembly.stream.el8", "product_name": "Red Hat OpenShift Container Platform 4.13", "release_date": "2024-05-23T00:00:00Z"}, {"advisory": "RHSA-2024:2875", "cpe": "cpe:/a:redhat:openshift:4.13::el8", "package": "openshift4/ose-docker-registry:v4.13.0-202405141537.p0.g47a15ac.assembly.stream.el8", "product_name": "Red Hat OpenShift Container Platform 4.13", "release_date": "2024-05-23T00:00:00Z"}, {"advisory": "RHSA-2024:2875", "cpe": "cpe:/a:redhat:openshift:4.13::el8", "package": "openshift4/ose-insights-rhel8-operator:v4.13.0-202405141537.p0.g72078be.assembly.stream.el8", "product_name": "Red Hat OpenShift Container Platform 4.13", "release_date": "2024-05-23T00:00:00Z"}, {"advisory": "RHSA-2024:3885", "cpe": "cpe:/a:redhat:openshift:4.13::el8", "package": "openshift4/ose-cluster-autoscaler-operator:v4.13.0-202405301137.p0.g0007e90.assembly.stream.el8", "product_name": "Red Hat OpenShift Container Platform 4.13", "release_date": "2024-06-19T00:00:00Z"}, {"advisory": "RHSA-2024:3885", "cpe": "cpe:/a:redhat:openshift:4.13::el8", "package": "openshift4/ose-machine-api-operator:v4.13.0-202405311036.p0.gdc7ee81.assembly.stream.el8", "product_name": "Red Hat OpenShift Container Platform 4.13", "release_date": "2024-06-19T00:00:00Z"}, {"advisory": "RHSA-2024:4484", "cpe": "cpe:/a:redhat:openshift:4.13::el8", "package": "openshift4/ose-aws-cloud-controller-manager-rhel8:v4.13.0-202407081338.p0.g95c03b7.assembly.stream.el8", "product_name": "Red Hat OpenShift Container Platform 4.13", "release_date": "2024-07-17T00:00:00Z"}, {"advisory": "RHSA-2024:4484", "cpe": "cpe:/a:redhat:openshift:4.13::el8", "package": "openshift4/ose-operator-lifecycle-manager:v4.13.0-202407081338.p0.gd8cfe86.assembly.stream.el8", "product_name": "Red Hat OpenShift Container Platform 4.13", "release_date": "2024-07-17T00:00:00Z"}, {"advisory": "RHSA-2024:4484", "cpe": "cpe:/a:redhat:openshift:4.13::el8", "package": "openshift4/ose-operator-marketplace:v4.13.0-202407081338.p0.g7efdbca.assembly.stream.el8", "product_name": "Red Hat OpenShift Container Platform 4.13", "release_date": "2024-07-17T00:00:00Z"}, {"advisory": "RHSA-2024:4484", "cpe": "cpe:/a:redhat:openshift:4.13::el8", "package": "openshift4/ose-operator-registry:v4.13.0-202407081338.p0.gd8cfe86.assembly.stream.el8", "product_name": "Red Hat OpenShift Container Platform 4.13", "release_date": "2024-07-17T00:00:00Z"}, {"advisory": "RHSA-2024:4484", "cpe": "cpe:/a:redhat:openshift:4.13::el8", "package": "redhat/redhat-operator-index:v4.13.0-202407081338.p0.gd8cfe86.assembly.stream.el8", "product_name": "Red Hat OpenShift Container Platform 4.13", "release_date": "2024-07-17T00:00:00Z"}, {"advisory": "RHSA-2024:6009", "cpe": "cpe:/a:redhat:openshift:4.13::el8", "package": "openshift4/ose-oauth-apiserver-rhel8:v4.13.0-202408281337.p0.g6a59716.assembly.stream.el8", "product_name": "Red Hat OpenShift Container Platform 4.13", "release_date": "2024-09-04T00:00:00Z"}, {"advisory": "RHSA-2024:6811", "cpe": "cpe:/a:redhat:openshift:4.13::el8", "package": "openshift4/ose-openshift-apiserver-rhel8:v4.13.0-202409020337.p0.g3a7ac1b.assembly.stream.el8", "product_name": "Red Hat OpenShift Container Platform 4.13", "release_date": "2024-09-25T00:00:00Z"}, {"advisory": "RHSA-2024:8688", "cpe": "cpe:/a:redhat:openshift:4.13::el8", "package": "openshift4/ose-cluster-baremetal-operator-rhel8:v4.13.0-202410190100.p0.gcc237f1.assembly.stream.el8", "product_name": "Red Hat OpenShift Container Platform 4.13", "release_date": "2024-11-06T00:00:00Z"}, {"advisory": "RHSA-2024:8688", "cpe": "cpe:/a:redhat:openshift:4.13::el8", "package": "openshift4/ose-kube-rbac-proxy:v4.13.0-202410190100.p0.gf35f954.assembly.stream.el8", "product_name": "Red Hat OpenShift Container Platform 4.13", "release_date": "2024-11-06T00:00:00Z"}, {"advisory": "RHSA-2024:1897", "cpe": "cpe:/a:redhat:openshift:4.14::el8", "package": "openshift-0:4.14.0-202404160939.p0.g7bee54d.assembly.stream.el9", "product_name": "Red Hat OpenShift Container Platform 4.14", "release_date": "2024-04-26T00:00:00Z"}, {"advisory": "RHSA-2024:2668", "cpe": "cpe:/a:redhat:openshift:4.14::el8", "package": "openshift4/ose-cluster-etcd-rhel8-operator:v4.14.0-202404251438.p0.gd275b4e.assembly.stream.el8", "product_name": "Red Hat OpenShift Container Platform 4.14", "release_date": "2024-05-09T00:00:00Z"}, {"advisory": "RHSA-2024:2668", "cpe": "cpe:/a:redhat:openshift:4.14::el8", "package": "openshift4/ose-docker-registry:v4.14.0-202404251438.p0.gf03c240.assembly.stream.el8", "product_name": "Red Hat OpenShift Container Platform 4.14", "release_date": "2024-05-09T00:00:00Z"}, {"advisory": "RHSA-2024:2668", "cpe": "cpe:/a:redhat:openshift:4.14::el8", "package": "openshift4/ose-insights-rhel8-operator:v4.14.0-202404250639.p0.g1c5bc26.assembly.stream.el8", "product_name": "Red Hat OpenShift Container Platform 4.14", "release_date": "2024-05-09T00:00:00Z"}, {"advisory": "RHSA-2024:2672", "cpe": "cpe:/a:redhat:openshift:4.14::el8", "package": "openshift-0:4.14.0-202404301807.p0.gfd36fb9.assembly.stream.el9", "product_name": "Red Hat OpenShift Container Platform 4.14", "release_date": "2024-05-09T00:00:00Z"}, {"advisory": "RHSA-2024:3331", "cpe": "cpe:/a:redhat:openshift:4.14::el8", "package": "openshift4/ose-cluster-autoscaler-operator:v4.14.0-202405171210.p0.g32854ba.assembly.stream.el8", "product_name": "Red Hat OpenShift Container Platform 4.14", "release_date": "2024-05-30T00:00:00Z"}, {"advisory": "RHSA-2024:3331", "cpe": "cpe:/a:redhat:openshift:4.14::el8", "package": "openshift4/ose-machine-api-operator:v4.14.0-202405171210.p0.g73f2a1f.assembly.stream.el8", "product_name": "Red Hat OpenShift Container Platform 4.14", "release_date": "2024-05-30T00:00:00Z"}, {"advisory": "RHSA-2024:3523", "cpe": "cpe:/a:redhat:openshift:4.14::el8", "package": "openshift4/ose-powervs-block-csi-driver-rhel8:v4.14.0-202405222237.p0.gceacf8b.assembly.stream.el8", "product_name": "Red Hat OpenShift Container Platform 4.14", "release_date": "2024-06-10T00:00:00Z"}, {"advisory": "RHSA-2024:4010", "cpe": "cpe:/a:redhat:openshift:4.14::el8", "package": "openshift4/ose-aws-cloud-controller-manager-rhel8:v4.14.0-202406180839.p0.g471f069.assembly.stream.el8", "product_name": "Red Hat OpenShift Container Platform 4.14", "release_date": "2024-06-26T00:00:00Z"}, {"advisory": "RHSA-2024:4010", "cpe": "cpe:/a:redhat:openshift:4.14::el8", "package": "openshift4/ose-operator-lifecycle-manager:v4.14.0-202406180839.p0.g169e315.assembly.stream.el8", "product_name": "Red Hat OpenShift Container Platform 4.14", "release_date": "2024-06-26T00:00:00Z"}, {"advisory": "RHSA-2024:4010", "cpe": "cpe:/a:redhat:openshift:4.14::el8", "package": "openshift4/ose-operator-marketplace:v4.14.0-202406180839.p0.g3ca78f1.assembly.stream.el8", "product_name": "Red Hat OpenShift Container Platform 4.14", "release_date": "2024-06-26T00:00:00Z"}, {"advisory": "RHSA-2024:4010", "cpe": "cpe:/a:redhat:openshift:4.14::el8", "package": "openshift4/ose-operator-registry:v4.14.0-202406180839.p0.g169e315.assembly.stream.el8", "product_name": "Red Hat OpenShift Container Platform 4.14", "release_date": "2024-06-26T00:00:00Z"}, {"advisory": "RHSA-2024:4010", "cpe": "cpe:/a:redhat:openshift:4.14::el8", "package": "redhat/redhat-operator-index:v4.14.0-202406180839.p0.g169e315.assembly.stream.el8", "product_name": "Red Hat OpenShift Container Platform 4.14", "release_date": "2024-06-26T00:00:00Z"}, {"advisory": "RHSA-2024:4960", "cpe": "cpe:/a:redhat:openshift:4.14::el8", "package": "openshift4/ose-oauth-apiserver-rhel8:v4.14.0-202407250240.p0.ge1cd9d0.assembly.stream.el8", "product_name": "Red Hat OpenShift Container Platform 4.14", "release_date": "2024-08-07T00:00:00Z"}, {"advisory": "RHSA-2024:6406", "cpe": "cpe:/a:redhat:openshift:4.14::el8", "package": "openshift4/ose-openshift-apiserver-rhel8:v4.14.0-202408260910.p0.g433fd32.assembly.stream.el8", "product_name": "Red Hat OpenShift Container Platform 4.14", "release_date": "2024-09-11T00:00:00Z"}, {"advisory": "RHSA-2024:8235", "cpe": "cpe:/a:redhat:openshift:4.14::el8", "package": "openshift4/ose-cluster-baremetal-operator-rhel8:v4.14.0-202410111638.p0.gaffcfb5.assembly.stream.el8", "product_name": "Red Hat OpenShift Container Platform 4.14", "release_date": "2024-10-23T00:00:00Z"}, {"advisory": "RHSA-2024:8235", "cpe": "cpe:/a:redhat:openshift:4.14::el8", "package": "openshift4/ose-kube-rbac-proxy:v4.14.0-202410091239.p0.gb8b8259.assembly.stream.el8", "product_name": "Red Hat OpenShift Container Platform 4.14", "release_date": "2024-10-23T00:00:00Z"}, {"advisory": "RHSA-2024:1681", "cpe": "cpe:/a:redhat:openshift:4.14::el9", "package": "openshift4/ose-hyperkube-rhel9:v4.14.0-202404041112.p0.gec42b99.assembly.stream.el9", "product_name": "Red Hat OpenShift Container Platform 4.14", "release_date": "2024-04-08T00:00:00Z"}, {"advisory": "RHSA-2024:2671", "cpe": "cpe:/a:redhat:openshift:4.14::el9", "package": "microshift-0:4.14.24-202405021453.p0.g6e3abf7.assembly.4.14.24.el9", "product_name": "Red Hat OpenShift Container Platform 4.14", "release_date": "2024-05-09T00:00:00Z"}, {"advisory": "RHSA-2024:1892", "cpe": "cpe:/a:redhat:openshift:4.15::el8", "package": "openshift-0:4.15.0-202404151212.p0.g8974577.assembly.stream.el8", "product_name": "Red Hat OpenShift Container Platform 4.15", "release_date": "2024-04-26T00:00:00Z"}, {"advisory": "RHSA-2024:8425", "cpe": "cpe:/a:redhat:openshift:4.15::el8", "package": "openshift4/ose-cluster-baremetal-operator-rhel9:v4.15.0-202410230304.p0.g934c218.assembly.stream.el9", "product_name": "Red Hat OpenShift Container Platform 4.15", "release_date": "2024-10-31T00:00:00Z"}, {"advisory": "RHSA-2024:8425", "cpe": "cpe:/a:redhat:openshift:4.15::el8", "package": "openshift4/ose-kube-rbac-proxy:v4.15.0-202410230304.p0.g9308e7f.assembly.stream.el8", "product_name": "Red Hat OpenShift Container Platform 4.15", "release_date": "2024-10-31T00:00:00Z"}, {"advisory": "RHSA-2024:1668", "cpe": "cpe:/a:redhat:openshift:4.15::el9", "package": "openshift4/ose-hyperkube-rhel9:v4.15.0-202404031521.p1.gc1f5b34.assembly.stream.el9", "product_name": "Red Hat OpenShift Container Platform 4.15", "release_date": "2024-04-08T00:00:00Z"}, {"advisory": "RHSA-2024:2068", "cpe": "cpe:/a:redhat:openshift:4.15::el9", "package": "openshift4/ose-docker-registry-rhel9:v4.15.0-202404221012.p0.g0a844cb.assembly.stream.el9", "product_name": "Red Hat OpenShift Container Platform 4.15", "release_date": "2024-05-02T00:00:00Z"}, {"advisory": "RHSA-2024:2068", "cpe": "cpe:/a:redhat:openshift:4.15::el9", "package": "openshift4/ose-insights-rhel9-operator:v4.15.0-202404222113.p0.gcecb4da.assembly.stream.el9", "product_name": "Red Hat OpenShift Container Platform 4.15", "release_date": "2024-05-02T00:00:00Z"}, {"advisory": "RHSA-2024:2664", "cpe": "cpe:/a:redhat:openshift:4.15::el9", "package": "openshift4/ose-cluster-etcd-rhel9-operator:v4.15.0-202404292006.p0.g5d90013.assembly.stream.el9", "product_name": "Red Hat OpenShift Container Platform 4.15", "release_date": "2024-05-09T00:00:00Z"}, {"advisory": "RHSA-2024:2667", "cpe": "cpe:/a:redhat:openshift:4.15::el9", "package": "microshift-0:4.15.12-202405021504.p0.ge0938ef.assembly.4.15.12.el9", "product_name": "Red Hat OpenShift Container Platform 4.15", "release_date": "2024-05-09T00:00:00Z"}, {"advisory": "RHSA-2024:2773", "cpe": "cpe:/a:redhat:openshift:4.15::el9", "package": "openshift4/ose-oauth-apiserver-rhel9:v4.15.0-202405032206.p0.g6ce0e75.assembly.stream.el9", "product_name": "Red Hat OpenShift Container Platform 4.15", "release_date": "2024-05-15T00:00:00Z"}, {"advisory": "RHSA-2024:2865", "cpe": "cpe:/a:redhat:openshift:4.15::el9", "package": "openshift4/ose-cluster-autoscaler-rhel9-operator:v4.15.0-202405130639.p0.g1ba1af3.assembly.stream.el9", "product_name": "Red Hat OpenShift Container Platform 4.15", "release_date": "2024-05-21T00:00:00Z"}, {"advisory": "RHSA-2024:2865", "cpe": "cpe:/a:redhat:openshift:4.15::el9", "package": "openshift4/ose-machine-api-rhel9-operator:v4.15.0-202405130639.p0.gad9fdfd.assembly.stream.el9", "product_name": "Red Hat OpenShift Container Platform 4.15", "release_date": "2024-05-21T00:00:00Z"}, {"advisory": "RHSA-2024:3327", "cpe": "cpe:/a:redhat:openshift:4.15::el9", "package": "openshift4/ose-powervs-block-csi-driver-rhel9:v4.15.0-202405161507.p0.g2baff7a.assembly.stream.el9", "product_name": "Red Hat OpenShift Container Platform 4.15", "release_date": "2024-05-29T00:00:00Z"}, {"advisory": "RHSA-2024:3889", "cpe": "cpe:/a:redhat:openshift:4.15::el9", "package": "openshift4/ose-aws-cloud-controller-manager-rhel9:v4.15.0-202406110206.p0.g1e5e25d.assembly.stream.el9", "product_name": "Red Hat OpenShift Container Platform 4.15", "release_date": "2024-06-18T00:00:00Z"}, {"advisory": "RHSA-2024:3889", "cpe": "cpe:/a:redhat:openshift:4.15::el9", "package": "openshift4/ose-operator-marketplace-rhel9:v4.15.0-202406110506.p0.g3f36a1b.assembly.stream.el9", "product_name": "Red Hat OpenShift Container Platform 4.15", "release_date": "2024-06-18T00:00:00Z"}, {"advisory": "RHSA-2024:4041", "cpe": "cpe:/a:redhat:openshift:4.15::el9", "package": "openshift4/ose-operator-lifecycle-manager-rhel9:v4.15.0-202406190836.p0.g95839e1.assembly.stream.el9", "product_name": "Red Hat OpenShift Container Platform 4.15", "release_date": "2024-06-26T00:00:00Z"}, {"advisory": "RHSA-2024:4041", "cpe": "cpe:/a:redhat:openshift:4.15::el9", "package": "openshift4/ose-operator-registry-rhel9:v4.15.0-202406190836.p0.g95839e1.assembly.stream.el9", "product_name": "Red Hat OpenShift Container Platform 4.15", "release_date": "2024-06-26T00:00:00Z"}, {"advisory": "RHSA-2024:4699", "cpe": "cpe:/a:redhat:openshift:4.15::el9", "package": "openshift4/ose-openshift-apiserver-rhel9:v4.15.0-202407151306.p0.g08f4c42.assembly.stream.el9", "product_name": "Red Hat OpenShift Container Platform 4.15", "release_date": "2024-07-25T00:00:00Z"}, {"advisory": "RHSA-2024:6004", "cpe": "cpe:/a:redhat:openshift:4.16::el9", "package": "openshift4/ose-cluster-baremetal-operator-rhel9:v4.16.0-202408262007.p0.g8f65ef6.assembly.stream.el9", "product_name": "Red Hat OpenShift Container Platform 4.16", "release_date": "2024-09-03T00:00:00Z"}, {"advisory": "RHSA-2024:4631", "cpe": "cpe:/a:redhat:openshift_devspaces:3::el8", "package": "devspaces/devspaces-rhel8-operator:3.15-10", "product_name": "Red Hat OpenShift Dev Spaces 3 Containers", "release_date": "2024-07-18T00:00:00Z"}, {"advisory": "RHSA-2024:3621", "cpe": "cpe:/a:redhat:openshift_distributed_tracing:3.2::el8", "package": "rhosdt/jaeger-agent-rhel8:1.57.0-5", "product_name": "Red Hat Openshift distributed tracing 3.2", "release_date": "2024-06-05T00:00:00Z"}, {"advisory": "RHSA-2024:3621", "cpe": "cpe:/a:redhat:openshift_distributed_tracing:3.2::el8", "package": "rhosdt/jaeger-all-in-one-rhel8:1.57.0-5", "product_name": "Red Hat Openshift distributed tracing 3.2", "release_date": "2024-06-05T00:00:00Z"}, {"advisory": "RHSA-2024:3621", "cpe": "cpe:/a:redhat:openshift_distributed_tracing:3.2::el8", "package": "rhosdt/jaeger-collector-rhel8:1.57.0-5", "product_name": "Red Hat Openshift distributed tracing 3.2", "release_date": "2024-06-05T00:00:00Z"}, {"advisory": "RHSA-2024:3621", "cpe": "cpe:/a:redhat:openshift_distributed_tracing:3.2::el8", "package": "rhosdt/jaeger-es-index-cleaner-rhel8:1.57.0-6", "product_name": "Red Hat Openshift distributed tracing 3.2", "release_date": "2024-06-05T00:00:00Z"}, {"advisory": "RHSA-2024:3621", "cpe": "cpe:/a:redhat:openshift_distributed_tracing:3.2::el8", "package": "rhosdt/jaeger-es-rollover-rhel8:1.57.0-6", "product_name": "Red Hat Openshift distributed tracing 3.2", "release_date": "2024-06-05T00:00:00Z"}, {"advisory": "RHSA-2024:3621", "cpe": "cpe:/a:redhat:openshift_distributed_tracing:3.2::el8", "package": "rhosdt/jaeger-ingester-rhel8:1.57.0-5", "product_name": "Red Hat Openshift distributed tracing 3.2", "release_date": "2024-06-05T00:00:00Z"}, {"advisory": "RHSA-2024:3621", "cpe": "cpe:/a:redhat:openshift_distributed_tracing:3.2::el8", "package": "rhosdt/jaeger-operator-bundle:1.57.0-20", "product_name": "Red Hat Openshift distributed tracing 3.2", "release_date": "2024-06-05T00:00:00Z"}, {"advisory": "RHSA-2024:3621", "cpe": "cpe:/a:redhat:openshift_distributed_tracing:3.2::el8", "package": "rhosdt/jaeger-query-rhel8:1.57.0-5", "product_name": "Red Hat Openshift distributed tracing 3.2", "release_date": "2024-06-05T00:00:00Z"}, {"advisory": "RHSA-2024:3621", "cpe": "cpe:/a:redhat:openshift_distributed_tracing:3.2::el8", "package": "rhosdt/jaeger-rhel8-operator:1.57.0-5", "product_name": "Red Hat Openshift distributed tracing 3.2", "release_date": "2024-06-05T00:00:00Z"}, {"advisory": "RHSA-2024:3621", "cpe": "cpe:/a:redhat:openshift_distributed_tracing:3.2::el8", "package": "rhosdt/opentelemetry-collector-rhel8:0.100.1-4", "product_name": "Red Hat Openshift distributed tracing 3.2", "release_date": "2024-06-05T00:00:00Z"}, {"advisory": "RHSA-2024:3621", "cpe": "cpe:/a:redhat:openshift_distributed_tracing:3.2::el8", "package": "rhosdt/opentelemetry-operator-bundle:0.100.1-9", "product_name": "Red Hat Openshift distributed tracing 3.2", "release_date": "2024-06-05T00:00:00Z"}, {"advisory": "RHSA-2024:3621", "cpe": "cpe:/a:redhat:openshift_distributed_tracing:3.2::el8", "package": "rhosdt/opentelemetry-rhel8-operator:0.100.1-3", "product_name": "Red Hat Openshift distributed tracing 3.2", "release_date": "2024-06-05T00:00:00Z"}, {"advisory": "RHSA-2024:3621", "cpe": "cpe:/a:redhat:openshift_distributed_tracing:3.2::el8", "package": "rhosdt/opentelemetry-target-allocator-rhel8:0.100.1-3", "product_name": "Red Hat Openshift distributed tracing 3.2", "release_date": "2024-06-05T00:00:00Z"}, {"advisory": "RHSA-2024:3621", "cpe": "cpe:/a:redhat:openshift_distributed_tracing:3.2::el8", "package": "rhosdt/tempo-gateway-opa-rhel8:1.0.0-9", "product_name": "Red Hat Openshift distributed tracing 3.2", "release_date": "2024-06-05T00:00:00Z"}, {"advisory": "RHSA-2024:3621", "cpe": "cpe:/a:redhat:openshift_distributed_tracing:3.2::el8", "package": "rhosdt/tempo-gateway-rhel8:1.0.0-8", "product_name": "Red Hat Openshift distributed tracing 3.2", "release_date": "2024-06-05T00:00:00Z"}, {"advisory": "RHSA-2024:3621", "cpe": "cpe:/a:redhat:openshift_distributed_tracing:3.2::el8", "package": "rhosdt/tempo-operator-bundle:0.10.0-20", "product_name": "Red Hat Openshift distributed tracing 3.2", "release_date": "2024-06-05T00:00:00Z"}, {"advisory": "RHSA-2024:3621", "cpe": "cpe:/a:redhat:openshift_distributed_tracing:3.2::el8", "package": "rhosdt/tempo-query-rhel8:0.10.0-8", "product_name": "Red Hat Openshift distributed tracing 3.2", "release_date": "2024-06-05T00:00:00Z"}, {"advisory": "RHSA-2024:3621", "cpe": "cpe:/a:redhat:openshift_distributed_tracing:3.2::el8", "package": "rhosdt/tempo-rhel8:2.4.2-3", "product_name": "Red Hat Openshift distributed tracing 3.2", "release_date": "2024-06-05T00:00:00Z"}, {"advisory": "RHSA-2024:3621", "cpe": "cpe:/a:redhat:openshift_distributed_tracing:3.2::el8", "package": "rhosdt/tempo-rhel8-operator:0.10.0-6", "product_name": "Red Hat Openshift distributed tracing 3.2", "release_date": "2024-06-05T00:00:00Z"}, {"advisory": "RHSA-2024:3680", "cpe": "cpe:/a:redhat:service_mesh:2.4::el8", "package": "openshift-service-mesh/prometheus-rhel8:2.4.8-6", "product_name": "Red Hat OpenShift Service Mesh 2.4 for RHEL 8", "release_date": "2024-06-06T00:00:00Z"}, {"advisory": "RHSA-2024:3467", "cpe": "cpe:/a:redhat:openstack:16.1::el8", "package": "etcd-0:3.3.23-16.el8ost", "product_name": "Red Hat OpenStack Platform 16.1", "release_date": "2024-05-29T00:00:00Z"}, {"advisory": "RHSA-2024:3352", "cpe": "cpe:/a:redhat:openstack:16.2::el8", "package": "etcd-0:3.3.23-16.el8ost", "product_name": "Red Hat OpenStack Platform 16.2", "release_date": "2024-05-23T00:00:00Z"}, {"advisory": "RHSA-2024:3479", "cpe": "cpe:/a:redhat:openstack:16.2::el8", "package": "rhosp-rhel8/osp-director-agent:1.3.0-14", "product_name": "Red Hat OpenStack Platform 16.2", "release_date": "2024-05-29T00:00:00Z"}, {"advisory": "RHSA-2024:3479", "cpe": "cpe:/a:redhat:openstack:16.2::el8", "package": "rhosp-rhel8/osp-director-downloader:1.3.0-14", "product_name": "Red Hat OpenStack Platform 16.2", "release_date": "2024-05-29T00:00:00Z"}, {"advisory": "RHSA-2024:3479", "cpe": "cpe:/a:redhat:openstack:16.2::el8", "package": "rhosp-rhel8/osp-director-operator:1.3.0-12", "product_name": "Red Hat OpenStack Platform 16.2", "release_date": "2024-05-29T00:00:00Z"}, {"advisory": "RHSA-2024:3479", "cpe": "cpe:/a:redhat:openstack:16.2::el8", "package": "rhosp-rhel8/osp-director-operator-bundle:1.3.0-26", "product_name": "Red Hat OpenStack Platform 16.2", "release_date": "2024-05-29T00:00:00Z"}, {"advisory": "RHSA-2024:2728", "cpe": "cpe:/a:redhat:openstack:17.1::el9", "package": "rhosp-rhel9/osp-director-agent:1.3.1-15", "product_name": "Red Hat OpenStack Platform 17.1 for RHEL 9", "release_date": "2024-05-29T00:00:00Z"}, {"advisory": "RHSA-2024:2728", "cpe": "cpe:/a:redhat:openstack:17.1::el9", "package": "rhosp-rhel9/osp-director-downloader:1.3.1-13", "product_name": "Red Hat OpenStack Platform 17.1 for RHEL 9", "release_date": "2024-05-29T00:00:00Z"}, {"advisory": "RHSA-2024:2728", "cpe": "cpe:/a:redhat:openstack:17.1::el9", "package": "rhosp-rhel9/osp-director-operator:1.3.1-15", "product_name": "Red Hat OpenStack Platform 17.1 for RHEL 9", "release_date": "2024-05-29T00:00:00Z"}, {"advisory": "RHSA-2024:2728", "cpe": "cpe:/a:redhat:openstack:17.1::el9", "package": "rhosp-rhel9/osp-director-operator-bundle:1.3.1-27", "product_name": "Red Hat OpenStack Platform 17.1 for RHEL 9", "release_date": "2024-05-29T00:00:00Z"}, {"advisory": "RHSA-2024:2729", "cpe": "cpe:/a:redhat:openstack:17.1::el9", "package": "etcd-0:3.4.26-8.el9ost", "product_name": "Red Hat OpenStack Platform 17.1 for RHEL 9", "release_date": "2024-05-22T00:00:00Z"}, {"advisory": "RHSA-2024:3315", "cpe": "cpe:/a:redhat:container_native_virtualization:4.13::el9", "package": "container-native-virtualization/hostpath-provisioner-operator-rhel9:v4.13.9-4", "product_name": "RHEL-9-CNV-4.13", "release_date": "2024-05-23T00:00:00Z"}, {"advisory": "RHSA-2024:3315", "cpe": "cpe:/a:redhat:container_native_virtualization:4.13::el9", "package": "container-native-virtualization/hyperconverged-cluster-operator-rhel9:v4.13.9-3", "product_name": "RHEL-9-CNV-4.13", "release_date": "2024-05-23T00:00:00Z"}, {"advisory": "RHSA-2024:3315", "cpe": "cpe:/a:redhat:container_native_virtualization:4.13::el9", "package": "container-native-virtualization/hyperconverged-cluster-webhook-rhel9:v4.13.9-3", "product_name": "RHEL-9-CNV-4.13", "release_date": "2024-05-23T00:00:00Z"}, {"advisory": "RHSA-2024:3315", "cpe": "cpe:/a:redhat:container_native_virtualization:4.13::el9", "package": "container-native-virtualization/kubemacpool-rhel9:v4.13.9-2", "product_name": "RHEL-9-CNV-4.13", "release_date": "2024-05-23T00:00:00Z"}, {"advisory": "RHSA-2024:3315", "cpe": "cpe:/a:redhat:container_native_virtualization:4.13::el9", "package": "container-native-virtualization/kubevirt-ssp-operator-rhel9:v4.13.9-5", "product_name": "RHEL-9-CNV-4.13", "release_date": "2024-05-23T00:00:00Z"}, {"advisory": "RHSA-2024:3315", "cpe": "cpe:/a:redhat:container_native_virtualization:4.13::el9", "package": "container-native-virtualization/kubevirt-template-validator-rhel9:v4.13.9-2", "product_name": "RHEL-9-CNV-4.13", "release_date": "2024-05-23T00:00:00Z"}, {"advisory": "RHSA-2024:3315", "cpe": "cpe:/a:redhat:container_native_virtualization:4.13::el9", "package": "container-native-virtualization/virt-cdi-apiserver-rhel9:v4.13.9-7", "product_name": "RHEL-9-CNV-4.13", "release_date": "2024-05-23T00:00:00Z"}, {"advisory": "RHSA-2024:3315", "cpe": "cpe:/a:redhat:container_native_virtualization:4.13::el9", "package": "container-native-virtualization/virt-cdi-cloner-rhel9:v4.13.9-7", "product_name": "RHEL-9-CNV-4.13", "release_date": "2024-05-23T00:00:00Z"}, {"advisory": "RHSA-2024:3315", "cpe": "cpe:/a:redhat:container_native_virtualization:4.13::el9", "package": "container-native-virtualization/virt-cdi-controller-rhel9:v4.13.9-7", "product_name": "RHEL-9-CNV-4.13", "release_date": "2024-05-23T00:00:00Z"}, {"advisory": "RHSA-2024:3315", "cpe": "cpe:/a:redhat:container_native_virtualization:4.13::el9", "package": "container-native-virtualization/virt-cdi-importer-rhel9:v4.13.9-7", "product_name": "RHEL-9-CNV-4.13", "release_date": "2024-05-23T00:00:00Z"}, {"advisory": "RHSA-2024:3315", "cpe": "cpe:/a:redhat:container_native_virtualization:4.13::el9", "package": "container-native-virtualization/virt-cdi-operator-rhel9:v4.13.9-7", "product_name": "RHEL-9-CNV-4.13", "release_date": "2024-05-23T00:00:00Z"}, {"advisory": "RHSA-2024:3315", "cpe": "cpe:/a:redhat:container_native_virtualization:4.13::el9", "package": "container-native-virtualization/virt-cdi-uploadproxy-rhel9:v4.13.9-7", "product_name": "RHEL-9-CNV-4.13", "release_date": "2024-05-23T00:00:00Z"}, {"advisory": "RHSA-2024:3315", "cpe": "cpe:/a:redhat:container_native_virtualization:4.13::el9", "package": "container-native-virtualization/virt-cdi-uploadserver-rhel9:v4.13.9-7", "product_name": "RHEL-9-CNV-4.13", "release_date": "2024-05-23T00:00:00Z"}, {"advisory": "RHSA-2024:3315", "cpe": "cpe:/a:redhat:container_native_virtualization:4.13::el9", "package": "container-native-virtualization/virt-exportproxy-rhel9:v4.13.9-7", "product_name": "RHEL-9-CNV-4.13", "release_date": "2024-05-23T00:00:00Z"}, {"advisory": "RHSA-2024:3315", "cpe": "cpe:/a:redhat:container_native_virtualization:4.13::el9", "package": "container-native-virtualization/virt-operator-rhel9:v4.13.9-7", "product_name": "RHEL-9-CNV-4.13", "release_date": "2024-05-23T00:00:00Z"}, {"advisory": "RHSA-2024:3315", "cpe": "cpe:/a:redhat:container_native_virtualization:4.13::el9", "package": "container-native-virtualization/vm-console-proxy-rhel9:v4.13.9-2", "product_name": "RHEL-9-CNV-4.13", "release_date": "2024-05-23T00:00:00Z"}, {"advisory": "RHSA-2024:2060", "cpe": "cpe:/a:redhat:container_native_virtualization:4.14::el9", "package": "container-native-virtualization/bridge-marker-rhel9:v4.14.5-4", "product_name": "RHEL-9-CNV-4.14", "release_date": "2024-04-25T00:00:00Z"}, {"advisory": "RHSA-2024:2060", "cpe": "cpe:/a:redhat:container_native_virtualization:4.14::el9", "package": "container-native-virtualization/cluster-network-addons-operator-rhel9:v4.14.5-5", "product_name": "RHEL-9-CNV-4.14", "release_date": "2024-04-25T00:00:00Z"}, {"advisory": "RHSA-2024:2060", "cpe": "cpe:/a:redhat:container_native_virtualization:4.14::el9", "package": "container-native-virtualization/cnv-containernetworking-plugins-rhel9:v4.14.5-2", "product_name": "RHEL-9-CNV-4.14", "release_date": "2024-04-25T00:00:00Z"}, {"advisory": "RHSA-2024:2060", "cpe": "cpe:/a:redhat:container_native_virtualization:4.14::el9", "package": "container-native-virtualization/cnv-must-gather-rhel9:v4.14.5-7", "product_name": "RHEL-9-CNV-4.14", "release_date": "2024-04-25T00:00:00Z"}, {"advisory": "RHSA-2024:2060", "cpe": "cpe:/a:redhat:container_native_virtualization:4.14::el9", "package": "container-native-virtualization/hco-bundle-registry-rhel9:v4.14.5.rhel9-242", "product_name": "RHEL-9-CNV-4.14", "release_date": "2024-04-25T00:00:00Z"}, {"advisory": "RHSA-2024:2060", "cpe": "cpe:/a:redhat:container_native_virtualization:4.14::el9", "package": "container-native-virtualization/hostpath-csi-driver-rhel9:v4.14.5-4", "product_name": "RHEL-9-CNV-4.14", "release_date": "2024-04-25T00:00:00Z"}, {"advisory": "RHSA-2024:2060", "cpe": "cpe:/a:redhat:container_native_virtualization:4.14::el9", "package": "container-native-virtualization/hostpath-provisioner-operator-rhel9:v4.14.5-7", "product_name": "RHEL-9-CNV-4.14", "release_date": "2024-04-25T00:00:00Z"}, {"advisory": "RHSA-2024:2060", "cpe": "cpe:/a:redhat:container_native_virtualization:4.14::el9", "package": "container-native-virtualization/hostpath-provisioner-rhel9:v4.14.5-4", "product_name": "RHEL-9-CNV-4.14", "release_date": "2024-04-25T00:00:00Z"}, {"advisory": "RHSA-2024:2060", "cpe": "cpe:/a:redhat:container_native_virtualization:4.14::el9", "package": "container-native-virtualization/hyperconverged-cluster-operator-rhel9:v4.14.5-5", "product_name": "RHEL-9-CNV-4.14", "release_date": "2024-04-25T00:00:00Z"}, {"advisory": "RHSA-2024:2060", "cpe": "cpe:/a:redhat:container_native_virtualization:4.14::el9", "package": "container-native-virtualization/hyperconverged-cluster-webhook-rhel9:v4.14.5-5", "product_name": "RHEL-9-CNV-4.14", "release_date": "2024-04-25T00:00:00Z"}, {"advisory": "RHSA-2024:2060", "cpe": "cpe:/a:redhat:container_native_virtualization:4.14::el9", "package": "container-native-virtualization/kubemacpool-rhel9:v4.14.5-4", "product_name": "RHEL-9-CNV-4.14", "release_date": "2024-04-25T00:00:00Z"}, {"advisory": "RHSA-2024:2060", "cpe": "cpe:/a:redhat:container_native_virtualization:4.14::el9", "package": "container-native-virtualization/kubesecondarydns-rhel9:v4.14.5-4", "product_name": "RHEL-9-CNV-4.14", "release_date": "2024-04-25T00:00:00Z"}, {"advisory": "RHSA-2024:2060", "cpe": "cpe:/a:redhat:container_native_virtualization:4.14::el9", "package": "container-native-virtualization/kubevirt-apiserver-proxy-rhel9:v4.14.5-5", "product_name": "RHEL-9-CNV-4.14", "release_date": "2024-04-25T00:00:00Z"}, {"advisory": "RHSA-2024:2060", "cpe": "cpe:/a:redhat:container_native_virtualization:4.14::el9", "package": "container-native-virtualization/kubevirt-console-plugin-rhel9:v4.14.5-257", "product_name": "RHEL-9-CNV-4.14", "release_date": "2024-04-25T00:00:00Z"}, {"advisory": "RHSA-2024:2060", "cpe": "cpe:/a:redhat:container_native_virtualization:4.14::el9", "package": "container-native-virtualization/kubevirt-dpdk-checkup-rhel9:v4.14.5-4", "product_name": "RHEL-9-CNV-4.14", "release_date": "2024-04-25T00:00:00Z"}, {"advisory": "RHSA-2024:2060", "cpe": "cpe:/a:redhat:container_native_virtualization:4.14::el9", "package": "container-native-virtualization/kubevirt-ssp-operator-rhel9:v4.14.5-7", "product_name": "RHEL-9-CNV-4.14", "release_date": "2024-04-25T00:00:00Z"}, {"advisory": "RHSA-2024:2060", "cpe": "cpe:/a:redhat:container_native_virtualization:4.14::el9", "package": "container-native-virtualization/kubevirt-tekton-tasks-create-datavolume-rhel9:v4.14.5-7", "product_name": "RHEL-9-CNV-4.14", "release_date": "2024-04-25T00:00:00Z"}, {"advisory": "RHSA-2024:2060", "cpe": "cpe:/a:redhat:container_native_virtualization:4.14::el9", "package": "container-native-virtualization/kubevirt-tekton-tasks-disk-virt-customize-rhel9:v4.14.5-8", "product_name": "RHEL-9-CNV-4.14", "release_date": "2024-04-25T00:00:00Z"}, {"advisory": "RHSA-2024:2060", "cpe": "cpe:/a:redhat:container_native_virtualization:4.14::el9", "package": "container-native-virtualization/kubevirt-template-validator-rhel9:v4.14.5-5", "product_name": "RHEL-9-CNV-4.14", "release_date": "2024-04-25T00:00:00Z"}, {"advisory": "RHSA-2024:2060", "cpe": "cpe:/a:redhat:container_native_virtualization:4.14::el9", "package": "container-native-virtualization/libguestfs-tools-rhel9:v4.14.5-5", "product_name": "RHEL-9-CNV-4.14", "release_date": "2024-04-25T00:00:00Z"}, {"advisory": "RHSA-2024:2060", "cpe": "cpe:/a:redhat:container_native_virtualization:4.14::el9", "package": "container-native-virtualization/mtq-controller-rhel9:v4.14.5-5", "product_name": "RHEL-9-CNV-4.14", "release_date": "2024-04-25T00:00:00Z"}, {"advisory": "RHSA-2024:2060", "cpe": "cpe:/a:redhat:container_native_virtualization:4.14::el9", "package": "container-native-virtualization/mtq-lock-server-rhel9:v4.14.5-6", "product_name": "RHEL-9-CNV-4.14", "release_date": "2024-04-25T00:00:00Z"}, {"advisory": "RHSA-2024:2060", "cpe": "cpe:/a:redhat:container_native_virtualization:4.14::el9", "package": "container-native-virtualization/mtq-operator-rhel9:v4.14.5-5", "product_name": "RHEL-9-CNV-4.14", "release_date": "2024-04-25T00:00:00Z"}, {"advisory": "RHSA-2024:2060", "cpe": "cpe:/a:redhat:container_native_virtualization:4.14::el9", "package": "container-native-virtualization/multus-dynamic-networks-rhel9:v4.14.5-4", "product_name": "RHEL-9-CNV-4.14", "release_date": "2024-04-25T00:00:00Z"}, {"advisory": "RHSA-2024:2060", "cpe": "cpe:/a:redhat:container_native_virtualization:4.14::el9", "package": "container-native-virtualization/ovs-cni-plugin-rhel9:v4.14.5-4", "product_name": "RHEL-9-CNV-4.14", "release_date": "2024-04-25T00:00:00Z"}, {"advisory": "RHSA-2024:2060", "cpe": "cpe:/a:redhat:container_native_virtualization:4.14::el9", "package": "container-native-virtualization/pr-helper-rhel9:v4.14.5-5", "product_name": "RHEL-9-CNV-4.14", "release_date": "2024-04-25T00:00:00Z"}, {"advisory": "RHSA-2024:2060", "cpe": "cpe:/a:redhat:container_native_virtualization:4.14::el9", "package": "container-native-virtualization/virt-api-rhel9:v4.14.5-5", "product_name": "RHEL-9-CNV-4.14", "release_date": "2024-04-25T00:00:00Z"}, {"advisory": "RHSA-2024:2060", "cpe": "cpe:/a:redhat:container_native_virtualization:4.14::el9", "package": "container-native-virtualization/virt-artifacts-server-rhel9:v4.14.5-5", "product_name": "RHEL-9-CNV-4.14", "release_date": "2024-04-25T00:00:00Z"}, {"advisory": "RHSA-2024:2060", "cpe": "cpe:/a:redhat:container_native_virtualization:4.14::el9", "package": "container-native-virtualization/virt-cdi-apiserver-rhel9:v4.14.5-10", "product_name": "RHEL-9-CNV-4.14", "release_date": "2024-04-25T00:00:00Z"}, {"advisory": "RHSA-2024:2060", "cpe": "cpe:/a:redhat:container_native_virtualization:4.14::el9", "package": "container-native-virtualization/virt-cdi-cloner-rhel9:v4.14.5-10", "product_name": "RHEL-9-CNV-4.14", "release_date": "2024-04-25T00:00:00Z"}, {"advisory": "RHSA-2024:2060", "cpe": "cpe:/a:redhat:container_native_virtualization:4.14::el9", "package": "container-native-virtualization/virt-cdi-controller-rhel9:v4.14.5-10", "product_name": "RHEL-9-CNV-4.14", "release_date": "2024-04-25T00:00:00Z"}, {"advisory": "RHSA-2024:2060", "cpe": "cpe:/a:redhat:container_native_virtualization:4.14::el9", "package": "container-native-virtualization/virt-cdi-importer-rhel9:v4.14.5-10", "product_name": "RHEL-9-CNV-4.14", "release_date": "2024-04-25T00:00:00Z"}, {"advisory": "RHSA-2024:2060", "cpe": "cpe:/a:redhat:container_native_virtualization:4.14::el9", "package": "container-native-virtualization/virt-cdi-operator-rhel9:v4.14.5-10", "product_name": "RHEL-9-CNV-4.14", "release_date": "2024-04-25T00:00:00Z"}, {"advisory": "RHSA-2024:2060", "cpe": "cpe:/a:redhat:container_native_virtualization:4.14::el9", "package": "container-native-virtualization/virt-cdi-uploadproxy-rhel9:v4.14.5-10", "product_name": "RHEL-9-CNV-4.14", "release_date": "2024-04-25T00:00:00Z"}, {"advisory": "RHSA-2024:2060", "cpe": "cpe:/a:redhat:container_native_virtualization:4.14::el9", "package": "container-native-virtualization/virt-cdi-uploadserver-rhel9:v4.14.5-10", "product_name": "RHEL-9-CNV-4.14", "release_date": "2024-04-25T00:00:00Z"}, {"advisory": "RHSA-2024:2060", "cpe": "cpe:/a:redhat:container_native_virtualization:4.14::el9", "package": "container-native-virtualization/virt-controller-rhel9:v4.14.5-5", "product_name": "RHEL-9-CNV-4.14", "release_date": "2024-04-25T00:00:00Z"}, {"advisory": "RHSA-2024:2060", "cpe": "cpe:/a:redhat:container_native_virtualization:4.14::el9", "package": "container-native-virtualization/virt-exportproxy-rhel9:v4.14.5-5", "product_name": "RHEL-9-CNV-4.14", "release_date": "2024-04-25T00:00:00Z"}, {"advisory": "RHSA-2024:2060", "cpe": "cpe:/a:redhat:container_native_virtualization:4.14::el9", "package": "container-native-virtualization/virt-exportserver-rhel9:v4.14.5-5", "product_name": "RHEL-9-CNV-4.14", "release_date": "2024-04-25T00:00:00Z"}, {"advisory": "RHSA-2024:2060", "cpe": "cpe:/a:redhat:container_native_virtualization:4.14::el9", "package": "container-native-virtualization/virt-handler-rhel9:v4.14.5-5", "product_name": "RHEL-9-CNV-4.14", "release_date": "2024-04-25T00:00:00Z"}, {"advisory": "RHSA-2024:2060", "cpe": "cpe:/a:redhat:container_native_virtualization:4.14::el9", "package": "container-native-virtualization/virtio-win-rhel9:v4.14.5-2", "product_name": "RHEL-9-CNV-4.14", "release_date": "2024-04-25T00:00:00Z"}, {"advisory": "RHSA-2024:2060", "cpe": "cpe:/a:redhat:container_native_virtualization:4.14::el9", "package": "container-native-virtualization/virt-launcher-rhel9:v4.14.5-5", "product_name": "RHEL-9-CNV-4.14", "release_date": "2024-04-25T00:00:00Z"}, {"advisory": "RHSA-2024:2060", "cpe": "cpe:/a:redhat:container_native_virtualization:4.14::el9", "package": "container-native-virtualization/virt-operator-rhel9:v4.14.5-5", "product_name": "RHEL-9-CNV-4.14", "release_date": "2024-04-25T00:00:00Z"}, {"advisory": "RHSA-2024:2060", "cpe": "cpe:/a:redhat:container_native_virtualization:4.14::el9", "package": "container-native-virtualization/vm-console-proxy-rhel9:v4.14.5-5", "product_name": "RHEL-9-CNV-4.14", "release_date": "2024-04-25T00:00:00Z"}, {"advisory": "RHSA-2024:2060", "cpe": "cpe:/a:redhat:container_native_virtualization:4.14::el9", "package": "container-native-virtualization/vm-network-latency-checkup-rhel9:v4.14.5-4", "product_name": "RHEL-9-CNV-4.14", "release_date": "2024-04-25T00:00:00Z"}, {"advisory": "RHSA-2024:3314", "cpe": "cpe:/a:redhat:container_native_virtualization:4.15::el9", "package": "container-native-virtualization/aaq-controller-rhel9:v4.15.2-17", "product_name": "RHEL-9-CNV-4.15", "release_date": "2024-05-23T00:00:00Z"}, {"advisory": "RHSA-2024:3314", "cpe": "cpe:/a:redhat:container_native_virtualization:4.15::el9", "package": "container-native-virtualization/aaq-operator-rhel9:v4.15.2-17", "product_name": "RHEL-9-CNV-4.15", "release_date": "2024-05-23T00:00:00Z"}, {"advisory": "RHSA-2024:3314", "cpe": "cpe:/a:redhat:container_native_virtualization:4.15::el9", "package": "container-native-virtualization/aaq-server-rhel9:v4.15.2-17", "product_name": "RHEL-9-CNV-4.15", "release_date": "2024-05-23T00:00:00Z"}, {"advisory": "RHSA-2024:3314", "cpe": "cpe:/a:redhat:container_native_virtualization:4.15::el9", "package": "container-native-virtualization/bridge-marker-rhel9:v4.15.2-2", "product_name": "RHEL-9-CNV-4.15", "release_date": "2024-05-23T00:00:00Z"}, {"advisory": "RHSA-2024:3314", "cpe": "cpe:/a:redhat:container_native_virtualization:4.15::el9", "package": "container-native-virtualization/cluster-network-addons-operator-rhel9:v4.15.2-2", "product_name": "RHEL-9-CNV-4.15", "release_date": "2024-05-23T00:00:00Z"}, {"advisory": "RHSA-2024:3314", "cpe": "cpe:/a:redhat:container_native_virtualization:4.15::el9", "package": "container-native-virtualization/cnv-containernetworking-plugins-rhel9:v4.15.2-2", "product_name": "RHEL-9-CNV-4.15", "release_date": "2024-05-23T00:00:00Z"}, {"advisory": "RHSA-2024:3314", "cpe": "cpe:/a:redhat:container_native_virtualization:4.15::el9", "package": "container-native-virtualization/cnv-must-gather-rhel9:v4.15.2-11", "product_name": "RHEL-9-CNV-4.15", "release_date": "2024-05-23T00:00:00Z"}, {"advisory": "RHSA-2024:3314", "cpe": "cpe:/a:redhat:container_native_virtualization:4.15::el9", "package": "container-native-virtualization/hco-bundle-registry-rhel9:v4.15.2.rhel9-335", "product_name": "RHEL-9-CNV-4.15", "release_date": "2024-05-23T00:00:00Z"}, {"advisory": "RHSA-2024:3314", "cpe": "cpe:/a:redhat:container_native_virtualization:4.15::el9", "package": "container-native-virtualization/hostpath-csi-driver-rhel9:v4.15.2-3", "product_name": "RHEL-9-CNV-4.15", "release_date": "2024-05-23T00:00:00Z"}, {"advisory": "RHSA-2024:3314", "cpe": "cpe:/a:redhat:container_native_virtualization:4.15::el9", "package": "container-native-virtualization/hostpath-provisioner-operator-rhel9:v4.15.2-4", "product_name": "RHEL-9-CNV-4.15", "release_date": "2024-05-23T00:00:00Z"}, {"advisory": "RHSA-2024:3314", "cpe": "cpe:/a:redhat:container_native_virtualization:4.15::el9", "package": "container-native-virtualization/hostpath-provisioner-rhel9:v4.15.2-3", "product_name": "RHEL-9-CNV-4.15", "release_date": "2024-05-23T00:00:00Z"}, {"advisory": "RHSA-2024:3314", "cpe": "cpe:/a:redhat:container_native_virtualization:4.15::el9", "package": "container-native-virtualization/hyperconverged-cluster-operator-rhel9:v4.15.2-11", "product_name": "RHEL-9-CNV-4.15", "release_date": "2024-05-23T00:00:00Z"}, {"advisory": "RHSA-2024:3314", "cpe": "cpe:/a:redhat:container_native_virtualization:4.15::el9", "package": "container-native-virtualization/hyperconverged-cluster-webhook-rhel9:v4.15.2-11", "product_name": "RHEL-9-CNV-4.15", "release_date": "2024-05-23T00:00:00Z"}, {"advisory": "RHSA-2024:3314", "cpe": "cpe:/a:redhat:container_native_virtualization:4.15::el9", "package": "container-native-virtualization/kubemacpool-rhel9:v4.15.2-2", "product_name": "RHEL-9-CNV-4.15", "release_date": "2024-05-23T00:00:00Z"}, {"advisory": "RHSA-2024:3314", "cpe": "cpe:/a:redhat:container_native_virtualization:4.15::el9", "package": "container-native-virtualization/kubesecondarydns-rhel9:v4.15.2-2", "product_name": "RHEL-9-CNV-4.15", "release_date": "2024-05-23T00:00:00Z"}, {"advisory": "RHSA-2024:3314", "cpe": "cpe:/a:redhat:container_native_virtualization:4.15::el9", "package": "container-native-virtualization/kubevirt-apiserver-proxy-rhel9:v4.15.2-2", "product_name": "RHEL-9-CNV-4.15", "release_date": "2024-05-23T00:00:00Z"}, {"advisory": "RHSA-2024:3314", "cpe": "cpe:/a:redhat:container_native_virtualization:4.15::el9", "package": "container-native-virtualization/kubevirt-common-instancetypes-rhel9:v4.15.2-6", "product_name": "RHEL-9-CNV-4.15", "release_date": "2024-05-23T00:00:00Z"}, {"advisory": "RHSA-2024:3314", "cpe": "cpe:/a:redhat:container_native_virtualization:4.15::el9", "package": "container-native-virtualization/kubevirt-console-plugin-rhel9:v4.15.2-383", "product_name": "RHEL-9-CNV-4.15", "release_date": "2024-05-23T00:00:00Z"}, {"advisory": "RHSA-2024:3314", "cpe": "cpe:/a:redhat:container_native_virtualization:4.15::el9", "package": "container-native-virtualization/kubevirt-dpdk-checkup-rhel9:v4.15.2-3", "product_name": "RHEL-9-CNV-4.15", "release_date": "2024-05-23T00:00:00Z"}, {"advisory": "RHSA-2024:3314", "cpe": "cpe:/a:redhat:container_native_virtualization:4.15::el9", "package": "container-native-virtualization/kubevirt-realtime-checkup-rhel9:v4.15.2-3", "product_name": "RHEL-9-CNV-4.15", "release_date": "2024-05-23T00:00:00Z"}, {"advisory": "RHSA-2024:3314", "cpe": "cpe:/a:redhat:container_native_virtualization:4.15::el9", "package": "container-native-virtualization/kubevirt-ssp-operator-rhel9:v4.15.2-10", "product_name": "RHEL-9-CNV-4.15", "release_date": "2024-05-23T00:00:00Z"}, {"advisory": "RHSA-2024:3314", "cpe": "cpe:/a:redhat:container_native_virtualization:4.15::el9", "package": "container-native-virtualization/kubevirt-storage-checkup-rhel9:v4.15.2-5", "product_name": "RHEL-9-CNV-4.15", "release_date": "2024-05-23T00:00:00Z"}, {"advisory": "RHSA-2024:3314", "cpe": "cpe:/a:redhat:container_native_virtualization:4.15::el9", "package": "container-native-virtualization/kubevirt-tekton-tasks-create-datavolume-rhel9:v4.15.2-3", "product_name": "RHEL-9-CNV-4.15", "release_date": "2024-05-23T00:00:00Z"}, {"advisory": "RHSA-2024:3314", "cpe": "cpe:/a:redhat:container_native_virtualization:4.15::el9", "package": "container-native-virtualization/kubevirt-tekton-tasks-disk-virt-customize-rhel9:v4.15.2-9", "product_name": "RHEL-9-CNV-4.15", "release_date": "2024-05-23T00:00:00Z"}, {"advisory": "RHSA-2024:3314", "cpe": "cpe:/a:redhat:container_native_virtualization:4.15::el9", "package": "container-native-virtualization/kubevirt-template-validator-rhel9:v4.15.2-6", "product_name": "RHEL-9-CNV-4.15", "release_date": "2024-05-23T00:00:00Z"}, {"advisory": "RHSA-2024:3314", "cpe": "cpe:/a:redhat:container_native_virtualization:4.15::el9", "package": "container-native-virtualization/libguestfs-tools-rhel9:v4.15.2-9", "product_name": "RHEL-9-CNV-4.15", "release_date": "2024-05-23T00:00:00Z"}, {"advisory": "RHSA-2024:3314", "cpe": "cpe:/a:redhat:container_native_virtualization:4.15::el9", "package": "container-native-virtualization/mtq-controller-rhel9:v4.15.2-4", "product_name": "RHEL-9-CNV-4.15", "release_date": "2024-05-23T00:00:00Z"}, {"advisory": "RHSA-2024:3314", "cpe": "cpe:/a:redhat:container_native_virtualization:4.15::el9", "package": "container-native-virtualization/mtq-lock-server-rhel9:v4.15.2-4", "product_name": "RHEL-9-CNV-4.15", "release_date": "2024-05-23T00:00:00Z"}, {"advisory": "RHSA-2024:3314", "cpe": "cpe:/a:redhat:container_native_virtualization:4.15::el9", "package": "container-native-virtualization/mtq-operator-rhel9:v4.15.2-4", "product_name": "RHEL-9-CNV-4.15", "release_date": "2024-05-23T00:00:00Z"}, {"advisory": "RHSA-2024:3314", "cpe": "cpe:/a:redhat:container_native_virtualization:4.15::el9", "package": "container-native-virtualization/multus-dynamic-networks-rhel9:v4.15.2-2", "product_name": "RHEL-9-CNV-4.15", "release_date": "2024-05-23T00:00:00Z"}, {"advisory": "RHSA-2024:3314", "cpe": "cpe:/a:redhat:container_native_virtualization:4.15::el9", "package": "container-native-virtualization/ovs-cni-plugin-rhel9:v4.15.2-2", "product_name": "RHEL-9-CNV-4.15", "release_date": "2024-05-23T00:00:00Z"}, {"advisory": "RHSA-2024:3314", "cpe": "cpe:/a:redhat:container_native_virtualization:4.15::el9", "package": "container-native-virtualization/pr-helper-rhel9:v4.15.2-9", "product_name": "RHEL-9-CNV-4.15", "release_date": "2024-05-23T00:00:00Z"}, {"advisory": "RHSA-2024:3314", "cpe": "cpe:/a:redhat:container_native_virtualization:4.15::el9", "package": "container-native-virtualization/virt-api-rhel9:v4.15.2-9", "product_name": "RHEL-9-CNV-4.15", "release_date": "2024-05-23T00:00:00Z"}, {"advisory": "RHSA-2024:3314", "cpe": "cpe:/a:redhat:container_native_virtualization:4.15::el9", "package": "container-native-virtualization/virt-artifacts-server-rhel9:v4.15.2-12", "product_name": "RHEL-9-CNV-4.15", "release_date": "2024-05-23T00:00:00Z"}, {"advisory": "RHSA-2024:3314", "cpe": "cpe:/a:redhat:container_native_virtualization:4.15::el9", "package": "container-native-virtualization/virt-cdi-apiserver-rhel9:v4.15.2-10", "product_name": "RHEL-9-CNV-4.15", "release_date": "2024-05-23T00:00:00Z"}, {"advisory": "RHSA-2024:3314", "cpe": "cpe:/a:redhat:container_native_virtualization:4.15::el9", "package": "container-native-virtualization/virt-cdi-cloner-rhel9:v4.15.2-10", "product_name": "RHEL-9-CNV-4.15", "release_date": "2024-05-23T00:00:00Z"}, {"advisory": "RHSA-2024:3314", "cpe": "cpe:/a:redhat:container_native_virtualization:4.15::el9", "package": "container-native-virtualization/virt-cdi-controller-rhel9:v4.15.2-10", "product_name": "RHEL-9-CNV-4.15", "release_date": "2024-05-23T00:00:00Z"}, {"advisory": "RHSA-2024:3314", "cpe": "cpe:/a:redhat:container_native_virtualization:4.15::el9", "package": "container-native-virtualization/virt-cdi-importer-rhel9:v4.15.2-10", "product_name": "RHEL-9-CNV-4.15", "release_date": "2024-05-23T00:00:00Z"}, {"advisory": "RHSA-2024:3314", "cpe": "cpe:/a:redhat:container_native_virtualization:4.15::el9", "package": "container-native-virtualization/virt-cdi-operator-rhel9:v4.15.2-10", "product_name": "RHEL-9-CNV-4.15", "release_date": "2024-05-23T00:00:00Z"}, {"advisory": "RHSA-2024:3314", "cpe": "cpe:/a:redhat:container_native_virtualization:4.15::el9", "package": "container-native-virtualization/virt-cdi-uploadproxy-rhel9:v4.15.2-10", "product_name": "RHEL-9-CNV-4.15", "release_date": "2024-05-23T00:00:00Z"}, {"advisory": "RHSA-2024:3314", "cpe": "cpe:/a:redhat:container_native_virtualization:4.15::el9", "package": "container-native-virtualization/virt-cdi-uploadserver-rhel9:v4.15.2-10", "product_name": "RHEL-9-CNV-4.15", "release_date": "2024-05-23T00:00:00Z"}, {"advisory": "RHSA-2024:3314", "cpe": "cpe:/a:redhat:container_native_virtualization:4.15::el9", "package": "container-native-virtualization/virt-controller-rhel9:v4.15.2-9", "product_name": "RHEL-9-CNV-4.15", "release_date": "2024-05-23T00:00:00Z"}, {"advisory": "RHSA-2024:3314", "cpe": "cpe:/a:redhat:container_native_virtualization:4.15::el9", "package": "container-native-virtualization/virt-exportproxy-rhel9:v4.15.2-9", "product_name": "RHEL-9-CNV-4.15", "release_date": "2024-05-23T00:00:00Z"}, {"advisory": "RHSA-2024:3314", "cpe": "cpe:/a:redhat:container_native_virtualization:4.15::el9", "package": "container-native-virtualization/virt-exportserver-rhel9:v4.15.2-9", "product_name": "RHEL-9-CNV-4.15", "release_date": "2024-05-23T00:00:00Z"}, {"advisory": "RHSA-2024:3314", "cpe": "cpe:/a:redhat:container_native_virtualization:4.15::el9", "package": "container-native-virtualization/virt-handler-rhel9:v4.15.2-9", "product_name": "RHEL-9-CNV-4.15", "release_date": "2024-05-23T00:00:00Z"}, {"advisory": "RHSA-2024:3314", "cpe": "cpe:/a:redhat:container_native_virtualization:4.15::el9", "package": "container-native-virtualization/virtio-win-rhel9:v4.15.2-2", "product_name": "RHEL-9-CNV-4.15", "release_date": "2024-05-23T00:00:00Z"}, {"advisory": "RHSA-2024:3314", "cpe": "cpe:/a:redhat:container_native_virtualization:4.15::el9", "package": "container-native-virtualization/virt-launcher-rhel9:v4.15.2-9", "product_name": "RHEL-9-CNV-4.15", "release_date": "2024-05-23T00:00:00Z"}, {"advisory": "RHSA-2024:3314", "cpe": "cpe:/a:redhat:container_native_virtualization:4.15::el9", "package": "container-native-virtualization/virt-operator-rhel9:v4.15.2-13", "product_name": "RHEL-9-CNV-4.15", "release_date": "2024-05-23T00:00:00Z"}, {"advisory": "RHSA-2024:3314", "cpe": "cpe:/a:redhat:container_native_virtualization:4.15::el9", "package": "container-native-virtualization/vm-console-proxy-rhel9:v4.15.2-4", "product_name": "RHEL-9-CNV-4.15", "release_date": "2024-05-23T00:00:00Z"}, {"advisory": "RHSA-2024:3314", "cpe": "cpe:/a:redhat:container_native_virtualization:4.15::el9", "package": "container-native-virtualization/vm-network-latency-checkup-rhel9:v4.15.2-2", "product_name": "RHEL-9-CNV-4.15", "release_date": "2024-05-23T00:00:00Z"}, {"advisory": "RHSA-2024:2929", "cpe": "cpe:/a:redhat:logging:5.6::el8", "package": "openshift-logging/cluster-logging-operator-bundle:v5.6.19-13", "product_name": "RHOL-5.6-RHEL-8", "release_date": "2024-05-23T00:00:00Z"}, {"advisory": "RHSA-2024:2929", "cpe": "cpe:/a:redhat:logging:5.6::el8", "package": "openshift-logging/cluster-logging-rhel8-operator:v5.6.19-7", "product_name": "RHOL-5.6-RHEL-8", "release_date": "2024-05-23T00:00:00Z"}, {"advisory": "RHSA-2024:2929", "cpe": "cpe:/a:redhat:logging:5.6::el8", "package": "openshift-logging/elasticsearch6-rhel8:v6.8.1-414", "product_name": "RHOL-5.6-RHEL-8", "release_date": "2024-05-23T00:00:00Z"}, {"advisory": "RHSA-2024:2929", "cpe": "cpe:/a:redhat:logging:5.6::el8", "package": "openshift-logging/elasticsearch-operator-bundle:v5.6.19-9", "product_name": "RHOL-5.6-RHEL-8", "release_date": "2024-05-23T00:00:00Z"}, {"advisory": "RHSA-2024:2929", "cpe": "cpe:/a:redhat:logging:5.6::el8", "package": "openshift-logging/elasticsearch-proxy-rhel8:v1.0.0-486", "product_name": "RHOL-5.6-RHEL-8", "release_date": "2024-05-23T00:00:00Z"}, {"advisory": "RHSA-2024:2929", "cpe": "cpe:/a:redhat:logging:5.6::el8", "package": "openshift-logging/elasticsearch-rhel8-operator:v5.6.19-4", "product_name": "RHOL-5.6-RHEL-8", "release_date": "2024-05-23T00:00:00Z"}, {"advisory": "RHSA-2024:2929", "cpe": "cpe:/a:redhat:logging:5.6::el8", "package": "openshift-logging/eventrouter-rhel8:v0.4.0-254", "product_name": "RHOL-5.6-RHEL-8", "release_date": "2024-05-23T00:00:00Z"}, {"advisory": "RHSA-2024:2929", "cpe": "cpe:/a:redhat:logging:5.6::el8", "package": "openshift-logging/fluentd-rhel8:v1.14.6-217", "product_name": "RHOL-5.6-RHEL-8", "release_date": "2024-05-23T00:00:00Z"}, {"advisory": "RHSA-2024:2929", "cpe": "cpe:/a:redhat:logging:5.6::el8", "package": "openshift-logging/kibana6-rhel8:v6.8.1-435", "product_name": "RHOL-5.6-RHEL-8", "release_date": "2024-05-23T00:00:00Z"}, {"advisory": "RHSA-2024:2929", "cpe": "cpe:/a:redhat:logging:5.6::el8", "package": "openshift-logging/log-file-metric-exporter-rhel8:v1.1.0-234", "product_name": "RHOL-5.6-RHEL-8", "release_date": "2024-05-23T00:00:00Z"}, {"advisory": "RHSA-2024:2929", "cpe": "cpe:/a:redhat:logging:5.6::el8", "package": "openshift-logging/logging-curator5-rhel8:v5.8.1-476", "product_name": "RHOL-5.6-RHEL-8", "release_date": "2024-05-23T00:00:00Z"}, {"advisory": "RHSA-2024:2929", "cpe": "cpe:/a:redhat:logging:5.6::el8", "package": "openshift-logging/logging-loki-rhel8:v2.9.8-9", "product_name": "RHOL-5.6-RHEL-8", "release_date": "2024-05-23T00:00:00Z"}, {"advisory": "RHSA-2024:2929", "cpe": "cpe:/a:redhat:logging:5.6::el8", "package": "openshift-logging/logging-view-plugin-rhel8:v5.6.19-2", "product_name": "RHOL-5.6-RHEL-8", "release_date": "2024-05-23T00:00:00Z"}, {"advisory": "RHSA-2024:2929", "cpe": "cpe:/a:redhat:logging:5.6::el8", "package": "openshift-logging/loki-operator-bundle:v5.6.19-16", "product_name": "RHOL-5.6-RHEL-8", "release_date": "2024-05-23T00:00:00Z"}, {"advisory": "RHSA-2024:2929", "cpe": "cpe:/a:redhat:logging:5.6::el8", "package": "openshift-logging/loki-rhel8-operator:v5.6.19-7", "product_name": "RHOL-5.6-RHEL-8", "release_date": "2024-05-23T00:00:00Z"}, {"advisory": "RHSA-2024:2929", "cpe": "cpe:/a:redhat:logging:5.6::el8", "package": "openshift-logging/lokistack-gateway-rhel8:v0.1.0-546", "product_name": "RHOL-5.6-RHEL-8", "release_date": "2024-05-23T00:00:00Z"}, {"advisory": "RHSA-2024:2929", "cpe": "cpe:/a:redhat:logging:5.6::el8", "package": "openshift-logging/opa-openshift-rhel8:v0.1.0-239", "product_name": "RHOL-5.6-RHEL-8", "release_date": "2024-05-23T00:00:00Z"}, {"advisory": "RHSA-2024:2929", "cpe": "cpe:/a:redhat:logging:5.6::el8", "package": "openshift-logging/vector-rhel8:v0.21.0-128", "product_name": "RHOL-5.6-RHEL-8", "release_date": "2024-05-23T00:00:00Z"}, {"advisory": "RHSA-2024:2930", "cpe": "cpe:/a:redhat:logging:5.7::el8", "package": "openshift-logging/cluster-logging-operator-bundle:v5.7.14-14", "product_name": "RHOL-5.7-RHEL-8", "release_date": "2024-05-23T00:00:00Z"}, {"advisory": "RHSA-2024:2930", "cpe": "cpe:/a:redhat:logging:5.7::el8", "package": "openshift-logging/cluster-logging-rhel8-operator:v5.7.14-7", "product_name": "RHOL-5.7-RHEL-8", "release_date": "2024-05-23T00:00:00Z"}, {"advisory": "RHSA-2024:2930", "cpe": "cpe:/a:redhat:logging:5.7::el8", "package": "openshift-logging/elasticsearch6-rhel8:v6.8.1-413", "product_name": "RHOL-5.7-RHEL-8", "release_date": "2024-05-23T00:00:00Z"}, {"advisory": "RHSA-2024:2930", "cpe": "cpe:/a:redhat:logging:5.7::el8", "package": "openshift-logging/elasticsearch-operator-bundle:v5.7.14-11", "product_name": "RHOL-5.7-RHEL-8", "release_date": "2024-05-23T00:00:00Z"}, {"advisory": "RHSA-2024:2930", "cpe": "cpe:/a:redhat:logging:5.7::el8", "package": "openshift-logging/elasticsearch-proxy-rhel8:v1.0.0-485", "product_name": "RHOL-5.7-RHEL-8", "release_date": "2024-05-23T00:00:00Z"}, {"advisory": "RHSA-2024:2930", "cpe": "cpe:/a:redhat:logging:5.7::el8", "package": "openshift-logging/elasticsearch-rhel8-operator:v5.7.14-4", "product_name": "RHOL-5.7-RHEL-8", "release_date": "2024-05-23T00:00:00Z"}, {"advisory": "RHSA-2024:2930", "cpe": "cpe:/a:redhat:logging:5.7::el8", "package": "openshift-logging/eventrouter-rhel8:v0.4.0-255", "product_name": "RHOL-5.7-RHEL-8", "release_date": "2024-05-23T00:00:00Z"}, {"advisory": "RHSA-2024:2930", "cpe": "cpe:/a:redhat:logging:5.7::el8", "package": "openshift-logging/fluentd-rhel8:v1.14.6-218", "product_name": "RHOL-5.7-RHEL-8", "release_date": "2024-05-23T00:00:00Z"}, {"advisory": "RHSA-2024:2930", "cpe": "cpe:/a:redhat:logging:5.7::el8", "package": "openshift-logging/kibana6-rhel8:v6.8.1-434", "product_name": "RHOL-5.7-RHEL-8", "release_date": "2024-05-23T00:00:00Z"}, {"advisory": "RHSA-2024:2930", "cpe": "cpe:/a:redhat:logging:5.7::el8", "package": "openshift-logging/log-file-metric-exporter-rhel8:v1.1.0-235", "product_name": "RHOL-5.7-RHEL-8", "release_date": "2024-05-23T00:00:00Z"}, {"advisory": "RHSA-2024:2930", "cpe": "cpe:/a:redhat:logging:5.7::el8", "package": "openshift-logging/logging-curator5-rhel8:v5.8.1-477", "product_name": "RHOL-5.7-RHEL-8", "release_date": "2024-05-23T00:00:00Z"}, {"advisory": "RHSA-2024:2930", "cpe": "cpe:/a:redhat:logging:5.7::el8", "package": "openshift-logging/logging-loki-rhel8:v2.9.8-10", "product_name": "RHOL-5.7-RHEL-8", "release_date": "2024-05-23T00:00:00Z"}, {"advisory": "RHSA-2024:2930", "cpe": "cpe:/a:redhat:logging:5.7::el8", "package": "openshift-logging/logging-view-plugin-rhel8:v5.7.14-2", "product_name": "RHOL-5.7-RHEL-8", "release_date": "2024-05-23T00:00:00Z"}, {"advisory": "RHSA-2024:2930", "cpe": "cpe:/a:redhat:logging:5.7::el8", "package": "openshift-logging/loki-operator-bundle:v5.7.14-14", "product_name": "RHOL-5.7-RHEL-8", "release_date": "2024-05-23T00:00:00Z"}, {"advisory": "RHSA-2024:2930", "cpe": "cpe:/a:redhat:logging:5.7::el8", "package": "openshift-logging/loki-rhel8-operator:v5.7.14-6", "product_name": "RHOL-5.7-RHEL-8", "release_date": "2024-05-23T00:00:00Z"}, {"advisory": "RHSA-2024:2930", "cpe": "cpe:/a:redhat:logging:5.7::el8", "package": "openshift-logging/lokistack-gateway-rhel8:v0.1.0-547", "product_name": "RHOL-5.7-RHEL-8", "release_date": "2024-05-23T00:00:00Z"}, {"advisory": "RHSA-2024:2930", "cpe": "cpe:/a:redhat:logging:5.7::el8", "package": "openshift-logging/opa-openshift-rhel8:v0.1.0-240", "product_name": "RHOL-5.7-RHEL-8", "release_date": "2024-05-23T00:00:00Z"}, {"advisory": "RHSA-2024:2930", "cpe": "cpe:/a:redhat:logging:5.7::el8", "package": "openshift-logging/vector-rhel8:v0.28.1-61", "product_name": "RHOL-5.7-RHEL-8", "release_date": "2024-05-23T00:00:00Z"}, {"advisory": "RHSA-2024:2932", "cpe": "cpe:/a:redhat:logging:5.8::el9", "package": "openshift-logging/cluster-logging-operator-bundle:v5.8.7-14", "product_name": "RHOL-5.8-RHEL-9", "release_date": "2024-05-23T00:00:00Z"}, {"advisory": "RHSA-2024:2932", "cpe": "cpe:/a:redhat:logging:5.8::el9", "package": "openshift-logging/cluster-logging-rhel9-operator:v5.8.7-7", "product_name": "RHOL-5.8-RHEL-9", "release_date": "2024-05-23T00:00:00Z"}, {"advisory": "RHSA-2024:2932", "cpe": "cpe:/a:redhat:logging:5.8::el9", "package": "openshift-logging/elasticsearch6-rhel9:v6.8.1-412", "product_name": "RHOL-5.8-RHEL-9", "release_date": "2024-05-23T00:00:00Z"}, {"advisory": "RHSA-2024:2932", "cpe": "cpe:/a:redhat:logging:5.8::el9", "package": "openshift-logging/elasticsearch-operator-bundle:v5.8.7-10", "product_name": "RHOL-5.8-RHEL-9", "release_date": "2024-05-23T00:00:00Z"}, {"advisory": "RHSA-2024:2932", "cpe": "cpe:/a:redhat:logging:5.8::el9", "package": "openshift-logging/elasticsearch-proxy-rhel9:v1.0.0-487", "product_name": "RHOL-5.8-RHEL-9", "release_date": "2024-05-23T00:00:00Z"}, {"advisory": "RHSA-2024:2932", "cpe": "cpe:/a:redhat:logging:5.8::el9", "package": "openshift-logging/elasticsearch-rhel9-operator:v5.8.7-4", "product_name": "RHOL-5.8-RHEL-9", "release_date": "2024-05-23T00:00:00Z"}, {"advisory": "RHSA-2024:2932", "cpe": "cpe:/a:redhat:logging:5.8::el9", "package": "openshift-logging/eventrouter-rhel9:v0.4.0-253", "product_name": "RHOL-5.8-RHEL-9", "release_date": "2024-05-23T00:00:00Z"}, {"advisory": "RHSA-2024:2932", "cpe": "cpe:/a:redhat:logging:5.8::el9", "package": "openshift-logging/fluentd-rhel9:v5.8.7-2", "product_name": "RHOL-5.8-RHEL-9", "release_date": "2024-05-23T00:00:00Z"}, {"advisory": "RHSA-2024:2932", "cpe": "cpe:/a:redhat:logging:5.8::el9", "package": "openshift-logging/log-file-metric-exporter-rhel9:v1.1.0-233", "product_name": "RHOL-5.8-RHEL-9", "release_date": "2024-05-23T00:00:00Z"}, {"advisory": "RHSA-2024:2932", "cpe": "cpe:/a:redhat:logging:5.8::el9", "package": "openshift-logging/logging-curator5-rhel9:v5.8.1-478", "product_name": "RHOL-5.8-RHEL-9", "release_date": "2024-05-23T00:00:00Z"}, {"advisory": "RHSA-2024:2932", "cpe": "cpe:/a:redhat:logging:5.8::el9", "package": "openshift-logging/logging-loki-rhel9:v2.9.8-7", "product_name": "RHOL-5.8-RHEL-9", "release_date": "2024-05-23T00:00:00Z"}, {"advisory": "RHSA-2024:2932", "cpe": "cpe:/a:redhat:logging:5.8::el9", "package": "openshift-logging/logging-view-plugin-rhel9:v5.8.7-3", "product_name": "RHOL-5.8-RHEL-9", "release_date": "2024-05-23T00:00:00Z"}, {"advisory": "RHSA-2024:2932", "cpe": "cpe:/a:redhat:logging:5.8::el9", "package": "openshift-logging/loki-operator-bundle:v5.8.7-14", "product_name": "RHOL-5.8-RHEL-9", "release_date": "2024-05-23T00:00:00Z"}, {"advisory": "RHSA-2024:2932", "cpe": "cpe:/a:redhat:logging:5.8::el9", "package": "openshift-logging/loki-rhel9-operator:v5.8.7-7", "product_name": "RHOL-5.8-RHEL-9", "release_date": "2024-05-23T00:00:00Z"}, {"advisory": "RHSA-2024:2932", "cpe": "cpe:/a:redhat:logging:5.8::el9", "package": "openshift-logging/lokistack-gateway-rhel9:v0.1.0-548", "product_name": "RHOL-5.8-RHEL-9", "release_date": "2024-05-23T00:00:00Z"}, {"advisory": "RHSA-2024:2932", "cpe": "cpe:/a:redhat:logging:5.8::el9", "package": "openshift-logging/opa-openshift-rhel9:v0.1.0-236", "product_name": "RHOL-5.8-RHEL-9", "release_date": "2024-05-23T00:00:00Z"}, {"advisory": "RHSA-2024:2932", "cpe": "cpe:/a:redhat:logging:5.8::el9", "package": "openshift-logging/vector-rhel9:v0.28.1-59", "product_name": "RHOL-5.8-RHEL-9", "release_date": "2024-05-23T00:00:00Z"}, {"advisory": "RHSA-2024:2933", "cpe": "cpe:/a:redhat:logging:5.9::el9", "package": "openshift-logging/cluster-logging-operator-bundle:v5.9.2-17", "product_name": "RHOL-5.9-RHEL-9", "release_date": "2024-05-23T00:00:00Z"}, {"advisory": "RHSA-2024:2933", "cpe": "cpe:/a:redhat:logging:5.9::el9", "package": "openshift-logging/cluster-logging-rhel9-operator:v5.9.2-9", "product_name": "RHOL-5.9-RHEL-9", "release_date": "2024-05-23T00:00:00Z"}, {"advisory": "RHSA-2024:2933", "cpe": "cpe:/a:redhat:logging:5.9::el9", "package": "openshift-logging/eventrouter-rhel9:v0.4.0-252", "product_name": "RHOL-5.9-RHEL-9", "release_date": "2024-05-23T00:00:00Z"}, {"advisory": "RHSA-2024:2933", "cpe": "cpe:/a:redhat:logging:5.9::el9", "package": "openshift-logging/fluentd-rhel9:v5.9.2-3", "product_name": "RHOL-5.9-RHEL-9", "release_date": "2024-05-23T00:00:00Z"}, {"advisory": "RHSA-2024:2933", "cpe": "cpe:/a:redhat:logging:5.9::el9", "package": "openshift-logging/log-file-metric-exporter-rhel9:v1.1.0-232", "product_name": "RHOL-5.9-RHEL-9", "release_date": "2024-05-23T00:00:00Z"}, {"advisory": "RHSA-2024:2933", "cpe": "cpe:/a:redhat:logging:5.9::el9", "package": "openshift-logging/logging-loki-rhel9:v2.9.8-6", "product_name": "RHOL-5.9-RHEL-9", "release_date": "2024-05-23T00:00:00Z"}, {"advisory": "RHSA-2024:2933", "cpe": "cpe:/a:redhat:logging:5.9::el9", "package": "openshift-logging/logging-view-plugin-rhel9:v5.9.2-3", "product_name": "RHOL-5.9-RHEL-9", "release_date": "2024-05-23T00:00:00Z"}, {"advisory": "RHSA-2024:2933", "cpe": "cpe:/a:redhat:logging:5.9::el9", "package": "openshift-logging/loki-operator-bundle:v5.9.2-13", "product_name": "RHOL-5.9-RHEL-9", "release_date": "2024-05-23T00:00:00Z"}, {"advisory": "RHSA-2024:2933", "cpe": "cpe:/a:redhat:logging:5.9::el9", "package": "openshift-logging/loki-rhel9-operator:v5.9.2-6", "product_name": "RHOL-5.9-RHEL-9", "release_date": "2024-05-23T00:00:00Z"}, {"advisory": "RHSA-2024:2933", "cpe": "cpe:/a:redhat:logging:5.9::el9", "package": "openshift-logging/lokistack-gateway-rhel9:v0.1.0-552", "product_name": "RHOL-5.9-RHEL-9", "release_date": "2024-05-23T00:00:00Z"}, {"advisory": "RHSA-2024:2933", "cpe": "cpe:/a:redhat:logging:5.9::el9", "package": "openshift-logging/opa-openshift-rhel9:v0.1.0-235", "product_name": "RHOL-5.9-RHEL-9", "release_date": "2024-05-23T00:00:00Z"}, {"advisory": "RHSA-2024:2933", "cpe": "cpe:/a:redhat:logging:5.9::el9", "package": "openshift-logging/vector-rhel9:v0.34.1-7", "product_name": "RHOL-5.9-RHEL-9", "release_date": "2024-05-23T00:00:00Z"}, {"advisory": "RHSA-2024:1616", "cpe": "cpe:/a:redhat:run_once_duration_override_operator:1.1::el9", "package": "run-once-duration-override-operator/run-once-duration-override-operator-bundle:v1.1-20", "product_name": "RODOO-1.1-RHEL-9", "release_date": "2024-07-01T00:00:00Z"}, {"advisory": "RHSA-2024:1616", "cpe": "cpe:/a:redhat:run_once_duration_override_operator:1.1::el9", "package": "run-once-duration-override-operator/run-once-duration-override-rhel9:v1.1-21", "product_name": "RODOO-1.1-RHEL-9", "release_date": "2024-07-01T00:00:00Z"}, {"advisory": "RHSA-2024:1616", "cpe": "cpe:/a:redhat:run_once_duration_override_operator:1.1::el9", "package": "run-once-duration-override-operator/run-once-duration-override-rhel9-operator:v1.1-21", "product_name": "RODOO-1.1-RHEL-9", "release_date": "2024-07-01T00:00:00Z"}, {"advisory": "RHSA-2024:4125", "cpe": "cpe:/a:redhat:service_interconnect:1.4::el8", "package": "skupper-cli-0:1.4.5-1.el8", "product_name": "Service Interconnect 1.4 for RHEL 8", "release_date": "2024-06-26T00:00:00Z"}, {"advisory": "RHSA-2024:4125", "cpe": "cpe:/a:redhat:service_interconnect:1.4::el9", "package": "skupper-cli-0:1.4.5-1.el9", "product_name": "Service Interconnect 1.4 for RHEL 9", "release_date": "2024-06-26T00:00:00Z"}, {"advisory": "RHSA-2024:4034", "cpe": "cpe:/a:redhat:service_interconnect:1::el9", "package": "service-interconnect/skupper-config-sync-rhel9:1.5.4-1", "product_name": "Service Interconnect 1 for RHEL 9", "release_date": "2024-06-20T00:00:00Z"}, {"advisory": "RHSA-2024:4034", "cpe": "cpe:/a:redhat:service_interconnect:1::el9", "package": "service-interconnect/skupper-controller-podman-container-rhel9:1.5.4-1", "product_name": "Service Interconnect 1 for RHEL 9", "release_date": "2024-06-20T00:00:00Z"}, {"advisory": "RHSA-2024:4034", "cpe": "cpe:/a:redhat:service_interconnect:1::el9", "package": "service-interconnect/skupper-controller-podman-rhel9:1.5.4-1", "product_name": "Service Interconnect 1 for RHEL 9", "release_date": "2024-06-20T00:00:00Z"}, {"advisory": "RHSA-2024:4034", "cpe": "cpe:/a:redhat:service_interconnect:1::el9", "package": "service-interconnect/skupper-flow-collector-rhel9:1.5.4-1", "product_name": "Service Interconnect 1 for RHEL 9", "release_date": "2024-06-20T00:00:00Z"}, {"advisory": "RHSA-2024:4034", "cpe": "cpe:/a:redhat:service_interconnect:1::el9", "package": "service-interconnect/skupper-operator-bundle:1.5.4-2", "product_name": "Service Interconnect 1 for RHEL 9", "release_date": "2024-06-20T00:00:00Z"}, {"advisory": "RHSA-2024:4034", "cpe": "cpe:/a:redhat:service_interconnect:1::el9", "package": "service-interconnect/skupper-router-rhel9:2.5.3-1", "product_name": "Service Interconnect 1 for RHEL 9", "release_date": "2024-06-20T00:00:00Z"}, {"advisory": "RHSA-2024:4034", "cpe": "cpe:/a:redhat:service_interconnect:1::el9", "package": "service-interconnect/skupper-service-controller-rhel9:1.5.4-1", "product_name": "Service Interconnect 1 for RHEL 9", "release_date": "2024-06-20T00:00:00Z"}, {"advisory": "RHSA-2024:4034", "cpe": "cpe:/a:redhat:service_interconnect:1::el9", "package": "service-interconnect/skupper-site-controller-rhel9:1.5.4-1", "product_name": "Service Interconnect 1 for RHEL 9", "release_date": "2024-06-20T00:00:00Z"}, {"advisory": "RHSA-2024:2062", "cpe": "cpe:/a:redhat:service_telemetry_framework:1.5::el8", "package": "stf/sg-core-rhel8:5.2.1-7", "product_name": "STF-1.5-RHEL-8", "release_date": "2024-04-25T00:00:00Z"}, {"advisory": "RHSA-2024:5013", "cpe": "cpe:/a:redhat:openshift_builds:1.1::el9", "package": "openshift-builds-controller-rhel9", "product_name": "Builds for Red Hat OpenShift", "release_date": "2024-08-05T00:00:00Z"}, {"advisory": "RHSA-2024:5013", "cpe": "cpe:/a:redhat:openshift_builds:1.1::el9", "package": "openshift-builds-git-cloner-rhel9", "product_name": "Builds for Red Hat OpenShift", "release_date": "2024-08-05T00:00:00Z"}, {"advisory": "RHSA-2024:5013", "cpe": "cpe:/a:redhat:openshift_builds:1.1::el9", "package": "openshift-builds-image-bundler-rhel9", "product_name": "Builds for Red Hat OpenShift", "release_date": "2024-08-05T00:00:00Z"}, {"advisory": "RHSA-2024:5013", "cpe": "cpe:/a:redhat:openshift_builds:1.1::el9", "package": "openshift-builds-image-processing-rhel9", "product_name": "Builds for Red Hat OpenShift", "release_date": "2024-08-05T00:00:00Z"}, {"advisory": "RHSA-2024:5013", "cpe": "cpe:/a:redhat:openshift_builds:1.1::el9", "package": "openshift-builds-operator-bundle", "product_name": "Builds for Red Hat OpenShift", "release_date": "2024-08-05T00:00:00Z"}, {"advisory": "RHSA-2024:5013", "cpe": "cpe:/a:redhat:openshift_builds:1.1::el9", "package": "openshift-builds-rhel9-operator", "product_name": "Builds for Red Hat OpenShift", "release_date": "2024-08-05T00:00:00Z"}, {"advisory": "RHSA-2024:5013", "cpe": "cpe:/a:redhat:openshift_builds:1.1::el9", "package": "openshift-builds-shared-resource-rhel9", "product_name": "Builds for Red Hat OpenShift", "release_date": "2024-08-05T00:00:00Z"}, {"advisory": "RHSA-2024:5013", "cpe": "cpe:/a:redhat:openshift_builds:1.1::el9", "package": "openshift-builds-shared-resource-webhook-rhel9", "product_name": "Builds for Red Hat OpenShift", "release_date": "2024-08-05T00:00:00Z"}, {"advisory": "RHSA-2024:5013", "cpe": "cpe:/a:redhat:openshift_builds:1.1::el9", "package": "openshift-builds-waiters-rhel9", "product_name": "Builds for Red Hat OpenShift", "release_date": "2024-08-05T00:00:00Z"}, {"advisory": "RHSA-2024:5013", "cpe": "cpe:/a:redhat:openshift_builds:1.1::el9", "package": "openshift-builds-webhook-rhel9", "product_name": "Builds for Red Hat OpenShift", "release_date": "2024-08-05T00:00:00Z"}], "bugzilla": {"description": "golang: net/http, x/net/http2: unlimited number of CONTINUATION frames causes DoS", "id": "2268273", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2268273"}, "csaw": false, "cvss3": {"cvss3_base_score": "7.5", "cvss3_scoring_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "status": "verified"}, "cwe": "CWE-400", "details": ["An attacker may cause an HTTP/2 endpoint to read arbitrary amounts of header data by sending an excessive number of CONTINUATION frames. Maintaining HPACK state requires parsing and processing all HEADERS and CONTINUATION frames on a connection. When a request's headers exceed MaxHeaderBytes, no memory is allocated to store the excess headers, but they are still parsed. This permits an attacker to cause an HTTP/2 endpoint to read arbitrary amounts of header data, all associated with a request which is going to be rejected. These headers can include Huffman-encoded data which is significantly more expensive for the receiver to decode than for an attacker to send. The fix sets a limit on the amount of excess header frames we will process before closing a connection.", "A vulnerability was discovered with the implementation of the HTTP/2 protocol in the Go programming language. There were insufficient limitations on the amount of CONTINUATION frames sent within a single stream. An attacker could potentially exploit this to cause a Denial of Service (DoS) attack."], "mitigation": {"lang": "en:us", "value": "In some environments where http/2 support is not required, it may be possible to disable this feature to reduce risk."}, "name": "CVE-2023-45288", "package_state": [{"cpe": "cpe:/a:redhat:cert_manager:1", "fix_state": "Affected", "package_name": "cert-manager/cert-manager-operator-rhel9", "product_name": "cert-manager Operator for Red Hat OpenShift"}, {"cpe": "cpe:/a:redhat:cert_manager:1", "fix_state": "Fix deferred", "impact": "low", "package_name": "jetstack-cert-manager-rhel9", "product_name": "cert-manager Operator for Red Hat OpenShift"}, {"cpe": "cpe:/a:redhat:cost_management:3", "fix_state": "Affected", "package_name": "costmanagement-metrics-operator-container", "product_name": "Cost Management Metrics Operator"}, {"cpe": "cpe:/a:redhat:workload_availability_fence_agents_remediation", "fix_state": "Affected", "package_name": "workload-availability/fence-agents-remediation-rhel8-operator", "product_name": "Fence Agents Remediation Operator"}, {"cpe": "cpe:/a:redhat:lvms:4", "fix_state": "Affected", "package_name": "lvms4/topolvm-rhel9", "product_name": "Logical Volume Manager Storage"}, {"cpe": "cpe:/a:redhat:workload_availability_machine_deletion_remediation", "fix_state": "Affected", "package_name": "workload-availability/machine-deletion-remediation-rhel8-operator", "product_name": "Machine Deletion Remediation Operator"}, {"cpe": "cpe:/a:redhat:migration_toolkit_applications:6", "fix_state": "Affected", "package_name": "mta/mta-hub-rhel8", "product_name": "Migration Toolkit for Applications 6"}, {"cpe": "cpe:/a:redhat:migration_toolkit_virtualization:2", "fix_state": "Affected", "package_name": "migration-toolkit-virtualization/mtv-api-rhel9", "product_name": "Migration Toolkit for Virtualization"}, {"cpe": "cpe:/a:redhat:multicluster_engine", "fix_state": "Affected", "package_name": "multicluster-engine/work-rhel8", "product_name": "Multicluster Engine for Kubernetes"}, {"cpe": "cpe:/a:redhat:network_bound_disk_encryption_tang:1", "fix_state": "Not affected", "package_name": "tang-operator-container", "product_name": "NBDE Tang Server"}, {"cpe": "cpe:/a:redhat:network_observ_optr:1", "fix_state": "Not affected", "package_name": "network-observability/network-observability-rhel8-operator", "product_name": "Network Observability Operator"}, {"cpe": "cpe:/a:redhat:workload_availability_node_healthcheck", "fix_state": "Will not fix", "package_name": "workload-availability/node-healthcheck-rhel8-operator", "product_name": "Node HealthCheck Operator"}, {"cpe": "cpe:/a:redhat:workload_availability:4", "fix_state": "Affected", "package_name": "node-maintenance-operator-container", "product_name": "Node Maintenance Operator"}, {"cpe": "cpe:/a:redhat:ocp_tools", "fix_state": "Affected", "package_name": "helm", "product_name": "OpenShift Developer Tools and Services"}, {"cpe": "cpe:/a:redhat:openshift_pipelines:1", "fix_state": "Affected", "package_name": "openshift-pipelines-client", "product_name": "OpenShift Pipelines"}, {"cpe": "cpe:/a:redhat:openshift_power_monitoring", "fix_state": "Not affected", "package_name": "power-monitoring-operator-container", "product_name": "Power monitoring for Red Hat OpenShift"}, {"cpe": "cpe:/a:redhat:red_hat_3scale_amp:2", "fix_state": "Affected", "package_name": "3scale-operator-container", "product_name": "Red Hat 3scale API Management Platform 2"}, {"cpe": "cpe:/a:redhat:advanced_cluster_security:3", "fix_state": "Out of support scope", "package_name": "advanced-cluster-security/rhacs-main-rhel8", "product_name": "Red Hat Advanced Cluster Security 3"}, {"cpe": "cpe:/a:redhat:ansible_automation_platform", "fix_state": "Not affected", "package_name": "openshift-clients", "product_name": "Red Hat Ansible Automation Platform 1.2"}, {"cpe": "cpe:/a:redhat:ceph_storage:5", "fix_state": "Affected", "package_name": "rhceph/rhceph-5-dashboard-rhel8", "product_name": "Red Hat Ceph Storage 5"}, {"cpe": "cpe:/a:redhat:ceph_storage:6", "fix_state": "Affected", "package_name": "rhceph/rhceph-6-dashboard-rhel9", "product_name": "Red Hat Ceph Storage 6"}, {"cpe": "cpe:/a:redhat:ceph_storage:7", "fix_state": "Affected", "package_name": "rhceph/grafana-rhel9", "product_name": "Red Hat Ceph Storage 7"}, {"cpe": "cpe:/a:redhat:certifications:1::el8", "fix_state": "Affected", "package_name": "redhat-certification-preflight", "product_name": "Red Hat Certification for Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/a:redhat:certifications:1::el9", "fix_state": "Affected", "package_name": "redhat-certification-preflight", "product_name": "Red Hat Certification for Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "container-tools:4.0/buildah", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/a:redhat:openshift:3.11", "fix_state": "Out of support scope", "package_name": "ansible-service-broker", "product_name": "Red Hat OpenShift Container Platform 3.11"}, {"cpe": "cpe:/a:redhat:openshift:3.11", "fix_state": "Out of support scope", "package_name": "apb", "product_name": "Red Hat OpenShift Container Platform 3.11"}, {"cpe": "cpe:/a:redhat:openshift:3.11", "fix_state": "Out of support scope", "package_name": "atomic-enterprise-service-catalog", "product_name": "Red Hat OpenShift Container Platform 3.11"}, {"cpe": "cpe:/a:redhat:openshift:3.11", "fix_state": "Out of support scope", "package_name": "atomic-openshift", "product_name": "Red Hat OpenShift Container Platform 3.11"}, {"cpe": "cpe:/a:redhat:openshift:3.11", "fix_state": "Out of support scope", "package_name": "atomic-openshift-descheduler", "product_name": "Red Hat OpenShift Container Platform 3.11"}, {"cpe": "cpe:/a:redhat:openshift:3.11", "fix_state": "Out of support scope", "package_name": "atomic-openshift-dockerregistry", "product_name": "Red Hat OpenShift Container Platform 3.11"}, {"cpe": "cpe:/a:redhat:openshift:3.11", "fix_state": "Out of support scope", "package_name": "atomic-openshift-service-idler", "product_name": "Red Hat OpenShift Container Platform 3.11"}, {"cpe": "cpe:/a:redhat:openshift:3.11", "fix_state": "Out of support scope", "package_name": "atomic-openshift-web-console", "product_name": "Red Hat OpenShift Container Platform 3.11"}, {"cpe": "cpe:/a:redhat:openshift:3.11", "fix_state": "Out of support scope", "package_name": "csi-attacher", "product_name": "Red Hat OpenShift Container Platform 3.11"}, {"cpe": "cpe:/a:redhat:openshift:3.11", "fix_state": "Out of support scope", "package_name": "csi-driver-registrar", "product_name": "Red Hat OpenShift Container Platform 3.11"}, {"cpe": "cpe:/a:redhat:openshift:3.11", "fix_state": "Out of support scope", "package_name": "csi-livenessprobe", "product_name": "Red Hat OpenShift Container Platform 3.11"}, {"cpe": "cpe:/a:redhat:openshift:3.11", "fix_state": "Out of support scope", "package_name": "csi-provisioner", "product_name": "Red Hat OpenShift Container Platform 3.11"}, {"cpe": "cpe:/a:redhat:openshift:3.11", "fix_state": "Out of support scope", "package_name": "golang-github-openshift-oauth-proxy", "product_name": "Red Hat OpenShift Container Platform 3.11"}, {"cpe": "cpe:/a:redhat:openshift:3.11", "fix_state": "Out of support scope", "package_name": "hawkular-openshift-agent", "product_name": "Red Hat OpenShift Container Platform 3.11"}, {"cpe": "cpe:/a:redhat:openshift:3.11", "fix_state": "Out of support scope", "package_name": "openshift-enterprise-autoheal", "product_name": "Red Hat OpenShift Container Platform 3.11"}, {"cpe": "cpe:/a:redhat:openshift:3.11", "fix_state": "Out of support scope", "package_name": "openshift-enterprise-cluster-capacity", "product_name": "Red Hat OpenShift Container Platform 3.11"}, {"cpe": "cpe:/a:redhat:openshift:3.11", "fix_state": "Out of support scope", "package_name": "openshift-enterprise-image-registry", "product_name": "Red Hat OpenShift Container Platform 3.11"}, {"cpe": "cpe:/a:redhat:openshift:3.11", "fix_state": "Out of support scope", "package_name": "openshift-eventrouter", "product_name": "Red Hat OpenShift Container Platform 3.11"}, {"cpe": "cpe:/a:redhat:openshift:3.11", "fix_state": "Out of support scope", "package_name": "openshift-external-storage", "product_name": "Red Hat OpenShift Container Platform 3.11"}, {"cpe": "cpe:/a:redhat:openshift:3.11", "fix_state": "Out of support scope", "package_name": "openshift-monitor-project-lifecycle", "product_name": "Red Hat OpenShift Container Platform 3.11"}, {"cpe": "cpe:/a:redhat:openshift:4", "fix_state": "Not affected", "package_name": "ibm-powervs-block-csi-driver", "product_name": "Red Hat OpenShift Container Platform 4"}, {"cpe": "cpe:/a:redhat:openshift:4", "fix_state": "Not affected", "package_name": "openshift4/noderesourcetopology-scheduler-rhel9", "product_name": "Red Hat OpenShift Container Platform 4"}, {"cpe": "cpe:/a:redhat:openshift:4", "fix_state": "Not affected", "package_name": "openshift4/numaresources-rhel9-operator", "product_name": "Red Hat OpenShift Container Platform 4"}, {"cpe": "cpe:/a:redhat:openshift:4", "fix_state": "Fix deferred", "impact": "low", "package_name": "ose-cli", "product_name": "Red Hat OpenShift Container Platform 4"}, {"cpe": "cpe:/a:redhat:openshift:4", "fix_state": "Fix deferred", "impact": "low", "package_name": "ose-cli-artifacts", "product_name": "Red Hat OpenShift Container Platform 4"}, {"cpe": "cpe:/a:redhat:openshift:4", "fix_state": "Fix deferred", "impact": "low", "package_name": "ose-cloud-credential-operator", "product_name": "Red Hat OpenShift Container Platform 4"}, {"cpe": "cpe:/a:redhat:openshift:4", "fix_state": "Fix deferred", "impact": "low", "package_name": "ose-cluster-authentication-operator", "product_name": "Red Hat OpenShift Container Platform 4"}, {"cpe": "cpe:/a:redhat:openshift:4", "fix_state": "Fix deferred", "impact": "low", "package_name": "ose-cluster-cloud-controller-manager-operator", "product_name": "Red Hat OpenShift Container Platform 4"}, {"cpe": "cpe:/a:redhat:openshift:4", "fix_state": "Fix deferred", "impact": "low", "package_name": "ose-cluster-config-operator", "product_name": "Red Hat OpenShift Container Platform 4"}, {"cpe": "cpe:/a:redhat:openshift:4", "fix_state": "Fix deferred", "impact": "low", "package_name": "ose-cluster-control-plane-machine-set-operator", "product_name": "Red Hat OpenShift Container Platform 4"}, {"cpe": "cpe:/a:redhat:openshift:4", "fix_state": "Fix deferred", "impact": "low", "package_name": "ose-cluster-csi-snapshot-controller-operator", "product_name": "Red Hat OpenShift Container Platform 4"}, {"cpe": "cpe:/a:redhat:openshift:4", "fix_state": "Fix deferred", "impact": "low", "package_name": "ose-cluster-dns-operator", "product_name": "Red Hat OpenShift Container Platform 4"}, {"cpe": "cpe:/a:redhat:openshift:4", "fix_state": "Fix deferred", "impact": "low", "package_name": "ose-cluster-etcd-operator", "product_name": "Red Hat OpenShift Container Platform 4"}, {"cpe": "cpe:/a:redhat:openshift:4", "fix_state": "Fix deferred", "impact": "low", "package_name": "ose-cluster-image-registry-operator", "product_name": "Red Hat OpenShift Container Platform 4"}, {"cpe": "cpe:/a:redhat:openshift:4", "fix_state": "Fix deferred", "impact": "low", "package_name": "ose-cluster-ingress-operator", "product_name": "Red Hat OpenShift Container Platform 4"}, {"cpe": "cpe:/a:redhat:openshift:4", "fix_state": "Fix deferred", "impact": "low", "package_name": "ose-cluster-kube-apiserver-operator", "product_name": "Red Hat OpenShift Container Platform 4"}, {"cpe": "cpe:/a:redhat:openshift:4", "fix_state": "Fix deferred", "impact": "low", "package_name": "ose-cluster-kube-controller-manager-operator", "product_name": "Red Hat OpenShift Container Platform 4"}, {"cpe": "cpe:/a:redhat:openshift:4", "fix_state": "Fix deferred", "impact": "low", "package_name": "ose-cluster-kube-scheduler-operator", "product_name": "Red Hat OpenShift Container Platform 4"}, {"cpe": "cpe:/a:redhat:openshift:4", "fix_state": "Fix deferred", "impact": "low", "package_name": "ose-cluster-kube-storage-version-migrator-operator", "product_name": "Red Hat OpenShift Container Platform 4"}, {"cpe": "cpe:/a:redhat:openshift:4", "fix_state": "Fix deferred", "impact": "low", "package_name": "ose-cluster-machine-approver", "product_name": "Red Hat OpenShift Container Platform 4"}, {"cpe": "cpe:/a:redhat:openshift:4", "fix_state": "Fix deferred", "impact": "low", "package_name": "ose-cluster-monitoring-operator", "product_name": "Red Hat OpenShift Container Platform 4"}, {"cpe": "cpe:/a:redhat:openshift:4", "fix_state": "Fix deferred", "impact": "low", "package_name": "ose-cluster-network-operator", "product_name": "Red Hat OpenShift Container Platform 4"}, {"cpe": "cpe:/a:redhat:openshift:4", "fix_state": "Fix deferred", "impact": "low", "package_name": "ose-cluster-node-tuning-operator", "product_name": "Red Hat OpenShift Container Platform 4"}, {"cpe": "cpe:/a:redhat:openshift:4", "fix_state": "Fix deferred", "impact": "low", "package_name": "ose-cluster-openshift-apiserver-operator", "product_name": "Red Hat OpenShift Container Platform 4"}, {"cpe": "cpe:/a:redhat:openshift:4", "fix_state": "Fix deferred", "impact": "low", "package_name": "ose-cluster-openshift-controller-manager-operator", "product_name": "Red Hat OpenShift Container Platform 4"}, {"cpe": "cpe:/a:redhat:openshift:4", "fix_state": "Fix deferred", "impact": "low", "package_name": "ose-cluster-policy-controller", "product_name": "Red Hat OpenShift Container Platform 4"}, {"cpe": "cpe:/a:redhat:openshift:4", "fix_state": "Fix deferred", "impact": "low", "package_name": "ose-cluster-samples-operator", "product_name": "Red Hat OpenShift Container Platform 4"}, {"cpe": "cpe:/a:redhat:openshift:4", "fix_state": "Fix deferred", "impact": "low", "package_name": "ose-cluster-storage-operator", "product_name": "Red Hat OpenShift Container Platform 4"}, {"cpe": "cpe:/a:redhat:openshift:4", "fix_state": "Fix deferred", "impact": "low", "package_name": "ose-console", "product_name": "Red Hat OpenShift Container Platform 4"}, {"cpe": "cpe:/a:redhat:openshift:4", "fix_state": "Fix deferred", "impact": "low", "package_name": "ose-console-operator", "product_name": "Red Hat OpenShift Container Platform 4"}, {"cpe": "cpe:/a:redhat:openshift:4", "fix_state": "Fix deferred", "impact": "low", "package_name": "ose-coredns", "product_name": "Red Hat OpenShift Container Platform 4"}, {"cpe": "cpe:/a:redhat:openshift:4", "fix_state": "Fix deferred", "impact": "low", "package_name": "ose-csi-external-attacher", "product_name": "Red Hat OpenShift Container Platform 4"}, {"cpe": "cpe:/a:redhat:openshift:4", "fix_state": "Fix deferred", "impact": "low", "package_name": "ose-csi-external-provisioner", "product_name": "Red Hat OpenShift Container Platform 4"}, {"cpe": "cpe:/a:redhat:openshift:4", "fix_state": "Fix deferred", "impact": "low", "package_name": "ose-csi-external-resizer", "product_name": "Red Hat OpenShift Container Platform 4"}, {"cpe": "cpe:/a:redhat:openshift:4", "fix_state": "Fix deferred", "impact": "low", "package_name": "ose-csi-external-snapshotter", "product_name": "Red Hat OpenShift Container Platform 4"}, {"cpe": "cpe:/a:redhat:openshift:4", "fix_state": "Fix deferred", "impact": "low", "package_name": "ose-csi-livenessprobe", "product_name": "Red Hat OpenShift Container Platform 4"}, {"cpe": "cpe:/a:redhat:openshift:4", "fix_state": "Fix deferred", "impact": "low", "package_name": "ose-csi-node-driver-registrar", "product_name": "Red Hat OpenShift Container Platform 4"}, {"cpe": "cpe:/a:redhat:openshift:4", "fix_state": "Fix deferred", "impact": "low", "package_name": "ose-csi-snapshot-controller", "product_name": "Red Hat OpenShift Container Platform 4"}, {"cpe": "cpe:/a:redhat:openshift:4", "fix_state": "Fix deferred", "impact": "low", "package_name": "ose-csi-snapshot-validation-webhook", "product_name": "Red Hat OpenShift Container Platform 4"}, {"cpe": "cpe:/a:redhat:openshift:4", "fix_state": "Fix deferred", "impact": "low", "package_name": "ose-docker-registry", "product_name": "Red Hat OpenShift Container Platform 4"}, {"cpe": "cpe:/a:redhat:openshift:4", "fix_state": "Fix deferred", "impact": "low", "package_name": "ose-etcd", "product_name": "Red Hat OpenShift Container Platform 4"}, {"cpe": "cpe:/a:redhat:openshift:4", "fix_state": "Fix deferred", "impact": "low", "package_name": "ose-haproxy-router", "product_name": "Red Hat OpenShift Container Platform 4"}, {"cpe": "cpe:/a:redhat:openshift:4", "fix_state": "Fix deferred", "impact": "low", "package_name": "ose-insights-operator", "product_name": "Red Hat OpenShift Container Platform 4"}, {"cpe": "cpe:/a:redhat:openshift:4", "fix_state": "Fix deferred", "impact": "low", "package_name": "ose-k8s-prometheus-adapter", "product_name": "Red Hat OpenShift Container Platform 4"}, {"cpe": "cpe:/a:redhat:openshift:4", "fix_state": "Fix deferred", "impact": "low", "package_name": "ose-kube-state-metrics", "product_name": "Red Hat OpenShift Container Platform 4"}, {"cpe": "cpe:/a:redhat:openshift:4", "fix_state": "Fix deferred", "impact": "low", "package_name": "ose-kube-storage-version-migrator", "product_name": "Red Hat OpenShift Container Platform 4"}, {"cpe": "cpe:/a:redhat:openshift:4", "fix_state": "Fix deferred", "impact": "low", "package_name": "ose-machine-config-operator", "product_name": "Red Hat OpenShift Container Platform 4"}, {"cpe": "cpe:/a:redhat:openshift:4", "fix_state": "Fix deferred", "impact": "low", "package_name": "ose-multus-admission-controller", "product_name": "Red Hat OpenShift Container Platform 4"}, {"cpe": "cpe:/a:redhat:openshift:4", "fix_state": "Fix deferred", "impact": "low", "package_name": "ose-multus-cni", "product_name": "Red Hat OpenShift Container Platform 4"}, {"cpe": "cpe:/a:redhat:openshift:4", "fix_state": "Fix deferred", "impact": "low", "package_name": "ose-network-metrics-daemon", "product_name": "Red Hat OpenShift Container Platform 4"}, {"cpe": "cpe:/a:redhat:openshift:4", "fix_state": "Fix deferred", "impact": "low", "package_name": "ose-oauth-apiserver", "product_name": "Red Hat OpenShift Container Platform 4"}, {"cpe": "cpe:/a:redhat:openshift:4", "fix_state": "Fix deferred", "impact": "low", "package_name": "ose-oauth-proxy", "product_name": "Red Hat OpenShift Container Platform 4"}, {"cpe": "cpe:/a:redhat:openshift:4", "fix_state": "Fix deferred", "impact": "low", "package_name": "ose-oauth-server", "product_name": "Red Hat OpenShift Container Platform 4"}, {"cpe": "cpe:/a:redhat:openshift:4", "fix_state": "Fix deferred", "impact": "low", "package_name": "ose-openshift-apiserver", "product_name": "Red Hat OpenShift Container Platform 4"}, {"cpe": "cpe:/a:redhat:openshift:4", "fix_state": "Fix deferred", "impact": "low", "package_name": "ose-openshift-controller-manager", "product_name": "Red Hat OpenShift Container Platform 4"}, {"cpe": "cpe:/a:redhat:openshift:4", "fix_state": "Fix deferred", "impact": "low", "package_name": "ose-openshift-state-metrics", "product_name": "Red Hat OpenShift Container Platform 4"}, {"cpe": "cpe:/a:redhat:openshift:4", "fix_state": "Fix deferred", "impact": "low", "package_name": "ose-ovn-kubernetes", "product_name": "Red Hat OpenShift Container Platform 4"}, {"cpe": "cpe:/a:redhat:openshift:4", "fix_state": "Fix deferred", "impact": "low", "package_name": "ose-prometheus", "product_name": "Red Hat OpenShift Container Platform 4"}, {"cpe": "cpe:/a:redhat:openshift:4", "fix_state": "Fix deferred", "impact": "low", "package_name": "ose-prometheus-alertmanager", "product_name": "Red Hat OpenShift Container Platform 4"}, {"cpe": "cpe:/a:redhat:openshift:4", "fix_state": "Fix deferred", "impact": "low", "package_name": "ose-prometheus-config-reloader", "product_name": "Red Hat OpenShift Container Platform 4"}, {"cpe": "cpe:/a:redhat:openshift:4", "fix_state": "Fix deferred", "impact": "low", "package_name": "ose-prometheus-node-exporter", "product_name": "Red Hat OpenShift Container Platform 4"}, {"cpe": "cpe:/a:redhat:openshift:4", "fix_state": "Fix deferred", "impact": "low", "package_name": "ose-prometheus-operator", "product_name": "Red Hat OpenShift Container Platform 4"}, {"cpe": "cpe:/a:redhat:openshift:4", "fix_state": "Fix deferred", "impact": "low", "package_name": "ose-prometheus-operator-admission-webhook", "product_name": "Red Hat OpenShift Container Platform 4"}, {"cpe": "cpe:/a:redhat:openshift:4", "fix_state": "Fix deferred", "impact": "low", "package_name": "ose-prom-label-proxy", "product_name": "Red Hat OpenShift Container Platform 4"}, {"cpe": "cpe:/a:redhat:openshift:4", "fix_state": "Fix deferred", "impact": "low", "package_name": "ose-route-controller-manager", "product_name": "Red Hat OpenShift Container Platform 4"}, {"cpe": "cpe:/a:redhat:openshift:4", "fix_state": "Fix deferred", "impact": "low", "package_name": "ose-service-ca-operator", "product_name": "Red Hat OpenShift Container Platform 4"}, {"cpe": "cpe:/a:redhat:openshift:4", "fix_state": "Fix deferred", "impact": "low", "package_name": "ose-telemeter", "product_name": "Red Hat OpenShift Container Platform 4"}, {"cpe": "cpe:/a:redhat:openshift:4", "fix_state": "Fix deferred", "impact": "low", "package_name": "ose-thanos", "product_name": "Red Hat OpenShift Container Platform 4"}, {"cpe": "cpe:/a:redhat:openshift:4", "fix_state": "Fix deferred", "impact": "low", "package_name": "ose-vsphere-cloud-controller-manager", "product_name": "Red Hat OpenShift Container Platform 4"}, {"cpe": "cpe:/a:redhat:openshift:4", "fix_state": "Fix deferred", "impact": "low", "package_name": "ose-vsphere-csi-driver", "product_name": "Red Hat OpenShift Container Platform 4"}, {"cpe": "cpe:/a:redhat:openshift:4", "fix_state": "Fix deferred", "impact": "low", "package_name": "ose-vsphere-csi-driver-operator", "product_name": "Red Hat OpenShift Container Platform 4"}, {"cpe": "cpe:/a:redhat:openshift:4", "fix_state": "Fix deferred", "impact": "low", "package_name": "ose-vsphere-csi-driver-syncer", "product_name": "Red Hat OpenShift Container Platform 4"}, {"cpe": "cpe:/a:redhat:openshift:4", "fix_state": "Fix deferred", "impact": "low", "package_name": "ose-vsphere-problem-detector", "product_name": "Red Hat OpenShift Container Platform 4"}, {"cpe": "cpe:/a:redhat:assisted_installer:", "fix_state": "Affected", "package_name": "rhai-tech-preview/assisted-installer-rhel8", "product_name": "Red Hat OpenShift Container Platform Assisted Installer"}, {"cpe": "cpe:/a:redhat:openshift_container_storage:4", "fix_state": "Affected", "package_name": "ocs4/ocs-rhel8-operator", "product_name": "Red Hat Openshift Container Storage 4"}, {"cpe": "cpe:/a:redhat:openshift_data_foundation:4", "fix_state": "Affected", "package_name": "odf4/odf-rhel8-operator", "product_name": "Red Hat Openshift Data Foundation 4"}, {"cpe": "cpe:/a:redhat:openshift_distributed_tracing:2", "fix_state": "Affected", "package_name": "rhosdt/jaeger-rhel8-operator", "product_name": "Red Hat OpenShift distributed tracing 2"}, {"cpe": "cpe:/a:redhat:openshift_gitops:1", "fix_state": "Fix deferred", "impact": "low", "package_name": "kam-delivery-rhel8", "product_name": "Red Hat OpenShift GitOps"}, {"cpe": "cpe:/a:redhat:openshift_gitops:1", "fix_state": "Affected", "package_name": "openshift-gitops-1/gitops-rhel8", "product_name": "Red Hat OpenShift GitOps"}, {"cpe": "cpe:/a:redhat:openshift_service_on_aws:1", "fix_state": "Affected", "package_name": "rosa", "product_name": "Red Hat OpenShift on AWS"}, {"cpe": "cpe:/a:redhat:openshift_sandboxed_containers:1", "fix_state": "Affected", "package_name": "openshift-sandboxed-containers-tech-preview/osc-rhel8-operator", "product_name": "Red Hat Openshift sandboxed containers"}, {"cpe": "cpe:/a:redhat:openstack:18.0", "fix_state": "Will not fix", "package_name": "etcd", "product_name": "Red Hat OpenStack Platform 18.0"}, {"cpe": "cpe:/a:redhat:quay:3", "fix_state": "Affected", "package_name": "quay/quay-operator-rhel8", "product_name": "Red Hat Quay 3"}, {"cpe": "cpe:/a:redhat:rhel_software_collections:3", "fix_state": "Affected", "package_name": "rh-git227-git-lfs", "product_name": "Red Hat Software Collections"}, {"cpe": "cpe:/a:redhat:storage:3", "fix_state": "Affected", "package_name": "etcd", "product_name": "Red Hat Storage 3"}, {"cpe": "cpe:/a:redhat:webterminal:1", "fix_state": "Affected", "package_name": "web-terminal-operator-container", "product_name": "Red Hat Web Terminal"}, {"cpe": "cpe:/a:redhat:workload_availability_self_node_remediation", "fix_state": "Affected", "package_name": "workload-availability/self-node-remediation-rhel8-operator", "product_name": "Self Node Remediation Operator"}], "public_date": "2024-04-03T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2023-45288\nhttps://nvd.nist.gov/vuln/detail/CVE-2023-45288\nhttps://nowotarski.info/http2-continuation-flood/\nhttps://pkg.go.dev/vuln/GO-2024-2687\nhttps://www.kb.cert.org/vuls/id/421644"], "statement": "Red Hat rates the security impact of this vulnerability as Important due to the worst case scenario resulting in a denial of service. It is simple to exploit, could significantly impact availability, and there is not a suitable mitigation for all use cases. Once an attack has ended, the system should return to normal operations on its own.\nThis vulnerability only impacts servers which have HTTP/2 enabled. It stems from an imperfect definition of the protocol. As the Go programming language is widely utilized across nearly every major Red Hat offering, a full listing of impacted packages will not be provided. Therefore, the \u201cAffected Packages and Issued Red Hat Security Errata\u201d section contains a simplified list of what offerings need to remediate this vulnerability. Every impacted offering has at least one representative component listed, but potentially not all of them. Rest assured that Red Hat is committed to remediating this vulnerability across our entire portfolio.\nMany components are rated as Low impact due to configurations which reduce the attack surface or significantly increase the difficulty of exploitation. A summary of these scenarios are:\n* The container includes a package that provides a vulnerable webserver, but it is not used or running during operation\n* HTTP/2 is disabled by default and is not supported\n* Only a client implementation is provided, which is not vulnerable\n* A vulnerable module (either golang.org/net/http or golang.org/x/net/http2) is included, but disabled\n* Access to a vulnerable server is restricted within the container (loopback only connections)\n* Golang is available in the container but is not used\nWithin the Red Hat OpenShift Container Platform, the majority of vulnerable components are not externally accessible. This means an attacker must already have access to a container within your environment to exploit this vulnerability. However, the ose-hyperkube (openshift-enterprise-hyperkube) container is externally accessible, so there are less barriers to exploitation. Fixes for this specific container are already available.\nWithin Red Hat Ansible Automation Platform, the impacted component is Receptor. The impact has been reduced to Low as the vulnerable code is present, but not utilized. There are three potential exposures within this component:\n* Receptor utilizes QUIC a UDP based protocol which does not run over HTTP/2\n* Receptor utilizes the x/net/ipv4 and ipv6 packages, both of which are not affected", "threat_severity": "Important", "upstream_fix": "golang 1.22.2, golang 1.21.9, golang.org/x/net 0.23.0"}