{"dataType": "CVE_RECORD", "cveMetadata": {"state": "PUBLISHED", "cveId": "CVE-2024-48949", "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "dateUpdated": "2024-10-10T20:21:18.400Z", "dateReserved": "2024-10-10T00:00:00", "datePublished": "2024-10-10T00:00:00"}, "containers": {"cna": {"providerMetadata": {"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre", "dateUpdated": "2024-10-10T00:26:01.524136"}, "descriptions": [{"lang": "en", "value": "The verify function in lib/elliptic/eddsa/index.js in the Elliptic package before 6.5.6 for Node.js omits \"sig.S().gte(sig.eddsa.curve.n) || sig.S().isNeg()\" validation."}], "affected": [{"vendor": "n/a", "product": "n/a", "versions": [{"version": "n/a", "status": "affected"}]}], "references": [{"url": "https://github.com/indutny/elliptic/commit/7ac5360118f74eb02da73bdf9f24fd0c72ff5281"}, {"url": "https://github.com/indutny/elliptic/compare/v6.5.5...v6.5.6"}], "problemTypes": [{"descriptions": [{"type": "text", "lang": "en", "description": "n/a"}]}]}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-10-10T20:20:12.636633Z", "id": "CVE-2024-48949", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-10-10T20:21:18.400Z"}}]}, "dataVersion": "5.1"}

{"dataType": "CVE_RECORD", "cveMetadata": {"state": "PUBLISHED", "cveId": "CVE-2024-48949", "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "dateUpdated": "2024-10-10T20:21:18.400Z", "dateReserved": "2024-10-10T00:00:00", "datePublished": "2024-10-10T00:00:00"}, "containers": {"cna": {"providerMetadata": {"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre", "dateUpdated": "2024-10-10T00:26:01.524136"}, "descriptions": [{"lang": "en", "value": "The verify function in lib/elliptic/eddsa/index.js in the Elliptic package before 6.5.6 for Node.js omits \"sig.S().gte(sig.eddsa.curve.n) || sig.S().isNeg()\" validation."}], "affected": [{"vendor": "n/a", "product": "n/a", "versions": [{"version": "n/a", "status": "affected"}]}], "references": [{"url": "https://github.com/indutny/elliptic/commit/7ac5360118f74eb02da73bdf9f24fd0c72ff5281"}, {"url": "https://github.com/indutny/elliptic/compare/v6.5.5...v6.5.6"}], "problemTypes": [{"descriptions": [{"type": "text", "lang": "en", "description": "n/a"}]}]}, "adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-48949", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-10-10T20:20:12.636633Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-10-10T20:21:12.988Z"}}]}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:indutny:elliptic:*:*:*:*:*:node.js:*:*", "matchCriteriaId": "C0C41343-E02F-4FD7-A270-FDB27E36AC85", "versionEndExcluding": "6.5.6", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "The verify function in lib/elliptic/eddsa/index.js in the Elliptic package before 6.5.6 for Node.js omits \"sig.S().gte(sig.eddsa.curve.n) || sig.S().isNeg()\" validation."}, {"lang": "es", "value": "La funci\u00f3n de verificaci\u00f3n en lib/elliptic/eddsa/index.js en el paquete Elliptic anterior a 6.5.6 para Node.js omite la validaci\u00f3n \"sig.S().gte(sig.eddsa.curve.n) || sig.S().isNeg()\"."}], "id": "CVE-2024-48949", "lastModified": "2024-10-15T14:07:04.057", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 9.1, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.2, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2024-10-10T01:15:11.127", "references": [{"source": "cve@mitre.org", "tags": ["Patch"], "url": "https://github.com/indutny/elliptic/commit/7ac5360118f74eb02da73bdf9f24fd0c72ff5281"}, {"source": "cve@mitre.org", "tags": ["Patch"], "url": "https://github.com/indutny/elliptic/compare/v6.5.5...v6.5.6"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-347"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"affected_release": [{"advisory": "RHSA-2024:8533", "cpe": "cpe:/a:redhat:multicluster_engine:2.4::el8", "package": "multicluster-engine/addon-manager-rhel8:v2.4.6-12", "product_name": "multicluster engine for Kubernetes 2.4 for RHEL 8", "release_date": "2024-10-28T00:00:00Z"}, {"advisory": "RHSA-2024:8533", "cpe": "cpe:/a:redhat:multicluster_engine:2.4::el8", "package": "multicluster-engine/agent-service-rhel8:v2.4.6-27", "product_name": "multicluster engine for Kubernetes 2.4 for RHEL 8", "release_date": "2024-10-28T00:00:00Z"}, {"advisory": "RHSA-2024:8533", "cpe": "cpe:/a:redhat:multicluster_engine:2.4::el8", "package": "multicluster-engine/apiserver-network-proxy-rhel8:v2.4.6-9", "product_name": "multicluster engine for Kubernetes 2.4 for RHEL 8", "release_date": "2024-10-28T00:00:00Z"}, {"advisory": "RHSA-2024:8533", "cpe": "cpe:/a:redhat:multicluster_engine:2.4::el8", "package": "multicluster-engine/assisted-image-service-rhel8:v2.4.6-11", "product_name": "multicluster engine for Kubernetes 2.4 for RHEL 8", "release_date": "2024-10-28T00:00:00Z"}, {"advisory": "RHSA-2024:8533", "cpe": "cpe:/a:redhat:multicluster_engine:2.4::el8", "package": "multicluster-engine/assisted-installer-agent-rhel8:v2.4.6-12", "product_name": "multicluster engine for Kubernetes 2.4 for RHEL 8", "release_date": "2024-10-28T00:00:00Z"}, {"advisory": "RHSA-2024:8533", "cpe": "cpe:/a:redhat:multicluster_engine:2.4::el8", "package": "multicluster-engine/assisted-installer-reporter-rhel8:v2.4.6-11", "product_name": "multicluster engine for Kubernetes 2.4 for RHEL 8", "release_date": "2024-10-28T00:00:00Z"}, {"advisory": "RHSA-2024:8533", "cpe": "cpe:/a:redhat:multicluster_engine:2.4::el8", "package": "multicluster-engine/assisted-installer-rhel8:v2.4.6-10", "product_name": "multicluster engine for Kubernetes 2.4 for RHEL 8", "release_date": "2024-10-28T00:00:00Z"}, {"advisory": "RHSA-2024:8533", "cpe": "cpe:/a:redhat:multicluster_engine:2.4::el8", "package": "multicluster-engine/aws-encryption-provider-rhel8:v2.4.6-9", "product_name": "multicluster engine for Kubernetes 2.4 for RHEL 8", "release_date": "2024-10-28T00:00:00Z"}, {"advisory": "RHSA-2024:8533", "cpe": "cpe:/a:redhat:multicluster_engine:2.4::el8", "package": "multicluster-engine/backplane-rhel8-operator:v2.4.6-30", "product_name": "multicluster engine for Kubernetes 2.4 for RHEL 8", "release_date": "2024-10-28T00:00:00Z"}, {"advisory": "RHSA-2024:8533", "cpe": "cpe:/a:redhat:multicluster_engine:2.4::el8", "package": "multicluster-engine/cluster-api-provider-agent-rhel8:v2.4.6-10", "product_name": "multicluster engine for Kubernetes 2.4 for RHEL 8", "release_date": "2024-10-28T00:00:00Z"}, {"advisory": "RHSA-2024:8533", "cpe": "cpe:/a:redhat:multicluster_engine:2.4::el8", "package": "multicluster-engine/cluster-api-provider-aws-rhel8:v2.4.6-9", "product_name": "multicluster engine for Kubernetes 2.4 for RHEL 8", "release_date": "2024-10-28T00:00:00Z"}, {"advisory": "RHSA-2024:8533", "cpe": "cpe:/a:redhat:multicluster_engine:2.4::el8", "package": "multicluster-engine/cluster-api-provider-kubevirt-rhel8:v2.4.6-9", "product_name": "multicluster engine for Kubernetes 2.4 for RHEL 8", "release_date": "2024-10-28T00:00:00Z"}, {"advisory": "RHSA-2024:8533", "cpe": "cpe:/a:redhat:multicluster_engine:2.4::el8", "package": "multicluster-engine/cluster-api-rhel8:v2.4.6-9", "product_name": "multicluster engine for Kubernetes 2.4 for RHEL 8", "release_date": "2024-10-28T00:00:00Z"}, {"advisory": "RHSA-2024:8533", "cpe": "cpe:/a:redhat:multicluster_engine:2.4::el8", "package": "multicluster-engine/clusterclaims-controller-rhel8:v2.4.6-10", "product_name": "multicluster engine for Kubernetes 2.4 for RHEL 8", "release_date": "2024-10-28T00:00:00Z"}, {"advisory": "RHSA-2024:8533", "cpe": "cpe:/a:redhat:multicluster_engine:2.4::el8", "package": "multicluster-engine/cluster-curator-controller-rhel8:v2.4.6-9", "product_name": "multicluster engine for Kubernetes 2.4 for RHEL 8", "release_date": "2024-10-28T00:00:00Z"}, {"advisory": "RHSA-2024:8533", "cpe": "cpe:/a:redhat:multicluster_engine:2.4::el8", "package": "multicluster-engine/cluster-image-set-controller-rhel8:v2.4.6-10", "product_name": "multicluster engine for Kubernetes 2.4 for RHEL 8", "release_date": "2024-10-28T00:00:00Z"}, {"advisory": "RHSA-2024:8533", "cpe": "cpe:/a:redhat:multicluster_engine:2.4::el8", "package": "multicluster-engine/clusterlifecycle-state-metrics-rhel8:v2.4.6-11", "product_name": "multicluster engine for Kubernetes 2.4 for RHEL 8", "release_date": "2024-10-28T00:00:00Z"}, {"advisory": "RHSA-2024:8533", "cpe": "cpe:/a:redhat:multicluster_engine:2.4::el8", "package": "multicluster-engine/cluster-proxy-addon-rhel8:v2.4.6-9", "product_name": "multicluster engine for Kubernetes 2.4 for RHEL 8", "release_date": "2024-10-28T00:00:00Z"}, {"advisory": "RHSA-2024:8533", "cpe": "cpe:/a:redhat:multicluster_engine:2.4::el8", "package": "multicluster-engine/cluster-proxy-rhel8:v2.4.6-11", "product_name": "multicluster engine for Kubernetes 2.4 for RHEL 8", "release_date": "2024-10-28T00:00:00Z"}, {"advisory": "RHSA-2024:8533", "cpe": "cpe:/a:redhat:multicluster_engine:2.4::el8", "package": "multicluster-engine/console-mce-rhel8:v2.4.6-29", "product_name": "multicluster engine for Kubernetes 2.4 for RHEL 8", "release_date": "2024-10-28T00:00:00Z"}, {"advisory": "RHSA-2024:8533", "cpe": "cpe:/a:redhat:multicluster_engine:2.4::el8", "package": "multicluster-engine/discovery-rhel8:v2.4.6-27", "product_name": "multicluster engine for Kubernetes 2.4 for RHEL 8", "release_date": "2024-10-28T00:00:00Z"}, {"advisory": "RHSA-2024:8533", "cpe": "cpe:/a:redhat:multicluster_engine:2.4::el8", "package": "multicluster-engine/hive-rhel8:v2.4.6-9", "product_name": "multicluster engine for Kubernetes 2.4 for RHEL 8", "release_date": "2024-10-28T00:00:00Z"}, {"advisory": "RHSA-2024:8533", "cpe": "cpe:/a:redhat:multicluster_engine:2.4::el8", "package": "multicluster-engine/hypershift-addon-rhel8-operator:v2.4.6-9", "product_name": "multicluster engine for Kubernetes 2.4 for RHEL 8", "release_date": "2024-10-28T00:00:00Z"}, {"advisory": "RHSA-2024:8533", "cpe": "cpe:/a:redhat:multicluster_engine:2.4::el8", "package": "multicluster-engine/hypershift-cli-rhel8:v2.4.6-33", "product_name": "multicluster engine for Kubernetes 2.4 for RHEL 8", "release_date": "2024-10-28T00:00:00Z"}, {"advisory": "RHSA-2024:8533", "cpe": "cpe:/a:redhat:multicluster_engine:2.4::el8", "package": "multicluster-engine/hypershift-rhel8-operator:v2.4.6-32", "product_name": "multicluster engine for Kubernetes 2.4 for RHEL 8", "release_date": "2024-10-28T00:00:00Z"}, {"advisory": "RHSA-2024:8533", "cpe": "cpe:/a:redhat:multicluster_engine:2.4::el8", "package": "multicluster-engine/klusterlet-operator-bundle:v2.4.6-13", "product_name": "multicluster engine for Kubernetes 2.4 for RHEL 8", "release_date": "2024-10-28T00:00:00Z"}, {"advisory": "RHSA-2024:8533", "cpe": "cpe:/a:redhat:multicluster_engine:2.4::el8", "package": "multicluster-engine/kube-rbac-proxy-mce-rhel8:v2.4.6-8", "product_name": "multicluster engine for Kubernetes 2.4 for RHEL 8", "release_date": "2024-10-28T00:00:00Z"}, {"advisory": "RHSA-2024:8533", "cpe": "cpe:/a:redhat:multicluster_engine:2.4::el8", "package": "multicluster-engine/managedcluster-import-controller-rhel8:v2.4.6-10", "product_name": "multicluster engine for Kubernetes 2.4 for RHEL 8", "release_date": "2024-10-28T00:00:00Z"}, {"advisory": "RHSA-2024:8533", "cpe": "cpe:/a:redhat:multicluster_engine:2.4::el8", "package": "multicluster-engine/managed-serviceaccount-rhel8:v2.4.6-14", "product_name": "multicluster engine for Kubernetes 2.4 for RHEL 8", "release_date": "2024-10-28T00:00:00Z"}, {"advisory": "RHSA-2024:8533", "cpe": "cpe:/a:redhat:multicluster_engine:2.4::el8", "package": "multicluster-engine/mce-operator-bundle:v2.4.6-93", "product_name": "multicluster engine for Kubernetes 2.4 for RHEL 8", "release_date": "2024-10-28T00:00:00Z"}, {"advisory": "RHSA-2024:8533", "cpe": "cpe:/a:redhat:multicluster_engine:2.4::el8", "package": "multicluster-engine/multicloud-manager-rhel8:v2.4.6-10", "product_name": "multicluster engine for Kubernetes 2.4 for RHEL 8", "release_date": "2024-10-28T00:00:00Z"}, {"advisory": "RHSA-2024:8533", "cpe": "cpe:/a:redhat:multicluster_engine:2.4::el8", "package": "multicluster-engine/multicluster-engine-cluster-api-provider-agent-rhel8:v2.4.6-10", "product_name": "multicluster engine for Kubernetes 2.4 for RHEL 8", "release_date": "2024-10-28T00:00:00Z"}, {"advisory": "RHSA-2024:8533", "cpe": "cpe:/a:redhat:multicluster_engine:2.4::el8", "package": "multicluster-engine/multicluster-engine-console-mce-rhel8:v2.4.6-29", "product_name": "multicluster engine for Kubernetes 2.4 for RHEL 8", "release_date": "2024-10-28T00:00:00Z"}, {"advisory": "RHSA-2024:8533", "cpe": "cpe:/a:redhat:multicluster_engine:2.4::el8", "package": "multicluster-engine/multicluster-engine-hypershift-addon-rhel8-operator:v2.4.6-9", "product_name": "multicluster engine for Kubernetes 2.4 for RHEL 8", "release_date": "2024-10-28T00:00:00Z"}, {"advisory": "RHSA-2024:8533", "cpe": "cpe:/a:redhat:multicluster_engine:2.4::el8", "package": "multicluster-engine/multicluster-engine-managed-serviceaccount-rhel8:v2.4.6-14", "product_name": "multicluster engine for Kubernetes 2.4 for RHEL 8", "release_date": "2024-10-28T00:00:00Z"}, {"advisory": "RHSA-2024:8533", "cpe": "cpe:/a:redhat:multicluster_engine:2.4::el8", "package": "multicluster-engine/must-gather-rhel8:v2.4.6-6", "product_name": "multicluster engine for Kubernetes 2.4 for RHEL 8", "release_date": "2024-10-28T00:00:00Z"}, {"advisory": "RHSA-2024:8533", "cpe": "cpe:/a:redhat:multicluster_engine:2.4::el8", "package": "multicluster-engine/placement-rhel8:v2.4.6-13", "product_name": "multicluster engine for Kubernetes 2.4 for RHEL 8", "release_date": "2024-10-28T00:00:00Z"}, {"advisory": "RHSA-2024:8533", "cpe": "cpe:/a:redhat:multicluster_engine:2.4::el8", "package": "multicluster-engine/provider-credential-controller-rhel8:v2.4.6-9", "product_name": "multicluster engine for Kubernetes 2.4 for RHEL 8", "release_date": "2024-10-28T00:00:00Z"}, {"advisory": "RHSA-2024:8533", "cpe": "cpe:/a:redhat:multicluster_engine:2.4::el8", "package": "multicluster-engine/registration-operator-rhel8:v2.4.6-12", "product_name": "multicluster engine for Kubernetes 2.4 for RHEL 8", "release_date": "2024-10-28T00:00:00Z"}, {"advisory": "RHSA-2024:8533", "cpe": "cpe:/a:redhat:multicluster_engine:2.4::el8", "package": "multicluster-engine/registration-rhel8:v2.4.6-12", "product_name": "multicluster engine for Kubernetes 2.4 for RHEL 8", "release_date": "2024-10-28T00:00:00Z"}, {"advisory": "RHSA-2024:8533", "cpe": "cpe:/a:redhat:multicluster_engine:2.4::el8", "package": "multicluster-engine/work-rhel8:v2.4.6-12", "product_name": "multicluster engine for Kubernetes 2.4 for RHEL 8", "release_date": "2024-10-28T00:00:00Z"}, {"advisory": "RHSA-2024:6738", "cpe": "cpe:/a:redhat:multicluster_engine:2.5::el8", "package": "multicluster-engine/console-mce-rhel9:v2.5.7-3", "product_name": "multicluster engine for Kubernetes 2.5 for RHEL 9", "release_date": "2024-09-17T00:00:00Z"}, {"advisory": "RHSA-2024:6738", "cpe": "cpe:/a:redhat:multicluster_engine:2.5::el8", "package": "multicluster-engine/multicluster-engine-console-mce-rhel9:v2.5.7-3", "product_name": "multicluster engine for Kubernetes 2.5 for RHEL 9", "release_date": "2024-09-17T00:00:00Z"}, {"advisory": "RHSA-2024:6779", "cpe": "cpe:/a:redhat:acm:2.10::el9", "package": "rhacm2/console-rhel9:v2.10.6-3", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2.10 for RHEL 9", "release_date": "2024-09-18T00:00:00Z"}, {"advisory": "RHSA-2024:7994", "cpe": "cpe:/a:redhat:acm:2.11::el9", "package": "rhacm2/acm-cluster-permission-rhel9:v2.11.3-4", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2.11 for RHEL 9", "release_date": "2024-10-11T00:00:00Z"}, {"advisory": "RHSA-2024:7994", "cpe": "cpe:/a:redhat:acm:2.11::el9", "package": "rhacm2/acm-governance-policy-addon-controller-rhel9:v2.11.3-6", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2.11 for RHEL 9", "release_date": "2024-10-11T00:00:00Z"}, {"advisory": "RHSA-2024:7994", "cpe": "cpe:/a:redhat:acm:2.11::el9", "package": "rhacm2/acm-governance-policy-framework-addon-rhel9:v2.11.3-6", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2.11 for RHEL 9", "release_date": "2024-10-11T00:00:00Z"}, {"advisory": "RHSA-2024:7994", "cpe": "cpe:/a:redhat:acm:2.11::el9", "package": "rhacm2/acm-grafana-rhel9:v2.11.3-3", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2.11 for RHEL 9", "release_date": "2024-10-11T00:00:00Z"}, {"advisory": "RHSA-2024:7994", "cpe": "cpe:/a:redhat:acm:2.11::el9", "package": "rhacm2/acm-must-gather-rhel9:v2.11.3-8", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2.11 for RHEL 9", "release_date": "2024-10-11T00:00:00Z"}, {"advisory": "RHSA-2024:7994", "cpe": "cpe:/a:redhat:acm:2.11::el9", "package": "rhacm2/acm-operator-bundle:v2.11.3-16", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2.11 for RHEL 9", "release_date": "2024-10-11T00:00:00Z"}, {"advisory": "RHSA-2024:7994", "cpe": "cpe:/a:redhat:acm:2.11::el9", "package": "rhacm2/acm-prometheus-config-reloader-rhel9:v2.11.3-5", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2.11 for RHEL 9", "release_date": "2024-10-11T00:00:00Z"}, {"advisory": "RHSA-2024:7994", "cpe": "cpe:/a:redhat:acm:2.11::el9", "package": "rhacm2/acm-prometheus-rhel9:v2.11.3-5", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2.11 for RHEL 9", "release_date": "2024-10-11T00:00:00Z"}, {"advisory": "RHSA-2024:7994", "cpe": "cpe:/a:redhat:acm:2.11::el9", "package": "rhacm2/acm-search-indexer-rhel9:v2.11.3-4", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2.11 for RHEL 9", "release_date": "2024-10-11T00:00:00Z"}, {"advisory": "RHSA-2024:7994", "cpe": "cpe:/a:redhat:acm:2.11::el9", "package": "rhacm2/acm-search-v2-api-rhel9:v2.11.3-4", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2.11 for RHEL 9", "release_date": "2024-10-11T00:00:00Z"}, {"advisory": "RHSA-2024:7994", "cpe": "cpe:/a:redhat:acm:2.11::el9", "package": "rhacm2/acm-search-v2-rhel9:v2.11.3-4", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2.11 for RHEL 9", "release_date": "2024-10-11T00:00:00Z"}, {"advisory": "RHSA-2024:7994", "cpe": "cpe:/a:redhat:acm:2.11::el9", "package": "rhacm2/acm-volsync-addon-controller-rhel9:v2.11.3-8", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2.11 for RHEL 9", "release_date": "2024-10-11T00:00:00Z"}, {"advisory": "RHSA-2024:7994", "cpe": "cpe:/a:redhat:acm:2.11::el9", "package": "rhacm2/cert-policy-controller-rhel9:v2.11.3-5", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2.11 for RHEL 9", "release_date": "2024-10-11T00:00:00Z"}, {"advisory": "RHSA-2024:7994", "cpe": "cpe:/a:redhat:acm:2.11::el9", "package": "rhacm2/cluster-backup-rhel9-operator:v2.11.3-8", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2.11 for RHEL 9", "release_date": "2024-10-11T00:00:00Z"}, {"advisory": "RHSA-2024:7994", "cpe": "cpe:/a:redhat:acm:2.11::el9", "package": "rhacm2/config-policy-controller-rhel9:v2.11.3-6", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2.11 for RHEL 9", "release_date": "2024-10-11T00:00:00Z"}, {"advisory": "RHSA-2024:7994", "cpe": "cpe:/a:redhat:acm:2.11::el9", "package": "rhacm2/console-rhel9:v2.11.3-6", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2.11 for RHEL 9", "release_date": "2024-10-11T00:00:00Z"}, {"advisory": "RHSA-2024:7994", "cpe": "cpe:/a:redhat:acm:2.11::el9", "package": "rhacm2/endpoint-monitoring-rhel9-operator:v2.11.3-6", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2.11 for RHEL 9", "release_date": "2024-10-11T00:00:00Z"}, {"advisory": "RHSA-2024:7994", "cpe": "cpe:/a:redhat:acm:2.11::el9", "package": "rhacm2/governance-policy-propagator-rhel9:v2.11.3-6", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2.11 for RHEL 9", "release_date": "2024-10-11T00:00:00Z"}, {"advisory": "RHSA-2024:7994", "cpe": "cpe:/a:redhat:acm:2.11::el9", "package": "rhacm2/grafana-dashboard-loader-rhel9:v2.11.3-6", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2.11 for RHEL 9", "release_date": "2024-10-11T00:00:00Z"}, {"advisory": "RHSA-2024:7994", "cpe": "cpe:/a:redhat:acm:2.11::el9", "package": "rhacm2/insights-client-rhel9:v2.11.3-5", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2.11 for RHEL 9", "release_date": "2024-10-11T00:00:00Z"}, {"advisory": "RHSA-2024:7994", "cpe": "cpe:/a:redhat:acm:2.11::el9", "package": "rhacm2/insights-metrics-rhel9:v2.11.3-5", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2.11 for RHEL 9", "release_date": "2024-10-11T00:00:00Z"}, {"advisory": "RHSA-2024:7994", "cpe": "cpe:/a:redhat:acm:2.11::el9", "package": "rhacm2/klusterlet-addon-controller-rhel9:v2.11.3-4", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2.11 for RHEL 9", "release_date": "2024-10-11T00:00:00Z"}, {"advisory": "RHSA-2024:7994", "cpe": "cpe:/a:redhat:acm:2.11::el9", "package": "rhacm2/kube-rbac-proxy-rhel9:v2.11.3-5", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2.11 for RHEL 9", "release_date": "2024-10-11T00:00:00Z"}, {"advisory": "RHSA-2024:7994", "cpe": "cpe:/a:redhat:acm:2.11::el9", "package": "rhacm2/kube-state-metrics-rhel9:v2.11.3-5", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2.11 for RHEL 9", "release_date": "2024-10-11T00:00:00Z"}, {"advisory": "RHSA-2024:7994", "cpe": "cpe:/a:redhat:acm:2.11::el9", "package": "rhacm2/memcached-exporter-rhel9:v2.11.3-4", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2.11 for RHEL 9", "release_date": "2024-10-11T00:00:00Z"}, {"advisory": "RHSA-2024:7994", "cpe": "cpe:/a:redhat:acm:2.11::el9", "package": "rhacm2/memcached-rhel9:v2.11.3-3", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2.11 for RHEL 9", "release_date": "2024-10-11T00:00:00Z"}, {"advisory": "RHSA-2024:7994", "cpe": "cpe:/a:redhat:acm:2.11::el9", "package": "rhacm2/metrics-collector-rhel9:v2.11.3-6", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2.11 for RHEL 9", "release_date": "2024-10-11T00:00:00Z"}, {"advisory": "RHSA-2024:7994", "cpe": "cpe:/a:redhat:acm:2.11::el9", "package": "rhacm2/multicloud-integrations-rhel9:v2.11.3-4", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2.11 for RHEL 9", "release_date": "2024-10-11T00:00:00Z"}, {"advisory": "RHSA-2024:7994", "cpe": "cpe:/a:redhat:acm:2.11::el9", "package": "rhacm2/multiclusterhub-rhel9:v2.11.3-6", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2.11 for RHEL 9", "release_date": "2024-10-11T00:00:00Z"}, {"advisory": "RHSA-2024:7994", "cpe": "cpe:/a:redhat:acm:2.11::el9", "package": "rhacm2/multicluster-observability-rhel9-operator:v2.11.3-6", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2.11 for RHEL 9", "release_date": "2024-10-11T00:00:00Z"}, {"advisory": "RHSA-2024:7994", "cpe": "cpe:/a:redhat:acm:2.11::el9", "package": "rhacm2/multicluster-operators-application-rhel9:v2.11.3-4", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2.11 for RHEL 9", "release_date": "2024-10-11T00:00:00Z"}, {"advisory": "RHSA-2024:7994", "cpe": "cpe:/a:redhat:acm:2.11::el9", "package": "rhacm2/multicluster-operators-channel-rhel9:v2.11.3-4", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2.11 for RHEL 9", "release_date": "2024-10-11T00:00:00Z"}, {"advisory": "RHSA-2024:7994", "cpe": "cpe:/a:redhat:acm:2.11::el9", "package": "rhacm2/multicluster-operators-subscription-rhel9:v2.11.3-5", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2.11 for RHEL 9", "release_date": "2024-10-11T00:00:00Z"}, {"advisory": "RHSA-2024:7994", "cpe": "cpe:/a:redhat:acm:2.11::el9", "package": "rhacm2/node-exporter-rhel9:v2.11.3-4", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2.11 for RHEL 9", "release_date": "2024-10-11T00:00:00Z"}, {"advisory": "RHSA-2024:7994", "cpe": "cpe:/a:redhat:acm:2.11::el9", "package": "rhacm2/observatorium-rhel9:v2.11.3-5", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2.11 for RHEL 9", "release_date": "2024-10-11T00:00:00Z"}, {"advisory": "RHSA-2024:7994", "cpe": "cpe:/a:redhat:acm:2.11::el9", "package": "rhacm2/observatorium-rhel9-operator:v2.11.3-3", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2.11 for RHEL 9", "release_date": "2024-10-11T00:00:00Z"}, {"advisory": "RHSA-2024:7994", "cpe": "cpe:/a:redhat:acm:2.11::el9", "package": "rhacm2/prometheus-alertmanager-rhel9:v2.11.3-5", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2.11 for RHEL 9", "release_date": "2024-10-11T00:00:00Z"}, {"advisory": "RHSA-2024:7994", "cpe": "cpe:/a:redhat:acm:2.11::el9", "package": "rhacm2/prometheus-rhel9:v2.11.3-5", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2.11 for RHEL 9", "release_date": "2024-10-11T00:00:00Z"}, {"advisory": "RHSA-2024:7994", "cpe": "cpe:/a:redhat:acm:2.11::el9", "package": "rhacm2/rbac-query-proxy-rhel9:v2.11.3-6", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2.11 for RHEL 9", "release_date": "2024-10-11T00:00:00Z"}, {"advisory": "RHSA-2024:7994", "cpe": "cpe:/a:redhat:acm:2.11::el9", "package": "rhacm2/search-collector-rhel9:v2.11.3-5", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2.11 for RHEL 9", "release_date": "2024-10-11T00:00:00Z"}, {"advisory": "RHSA-2024:7994", "cpe": "cpe:/a:redhat:acm:2.11::el9", "package": "rhacm2/submariner-addon-rhel9:v2.11.3-8", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2.11 for RHEL 9", "release_date": "2024-10-11T00:00:00Z"}, {"advisory": "RHSA-2024:7994", "cpe": "cpe:/a:redhat:acm:2.11::el9", "package": "rhacm2/thanos-receive-controller-rhel9:v2.11.3-5", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2.11 for RHEL 9", "release_date": "2024-10-11T00:00:00Z"}, {"advisory": "RHSA-2024:7994", "cpe": "cpe:/a:redhat:acm:2.11::el9", "package": "rhacm2/thanos-rhel9:v2.11.3-3", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2.11 for RHEL 9", "release_date": "2024-10-11T00:00:00Z"}, {"advisory": "RHSA-2024:8974", "cpe": "cpe:/a:redhat:acm:2.12::el9", "package": "rhacm2/acm-cli-rhel9:v2.12.0-17", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2.12 for RHEL 9", "release_date": "2024-11-06T00:00:00Z"}, {"advisory": "RHSA-2024:8974", "cpe": "cpe:/a:redhat:acm:2.12::el9", "package": "rhacm2/acm-cluster-permission-rhel9:v2.12.0-13", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2.12 for RHEL 9", "release_date": "2024-11-06T00:00:00Z"}, {"advisory": "RHSA-2024:8974", "cpe": "cpe:/a:redhat:acm:2.12::el9", "package": "rhacm2/acm-governance-policy-addon-controller-rhel9:v2.12.0-27", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2.12 for RHEL 9", "release_date": "2024-11-06T00:00:00Z"}, {"advisory": "RHSA-2024:8974", "cpe": "cpe:/a:redhat:acm:2.12::el9", "package": "rhacm2/acm-governance-policy-framework-addon-rhel9:v2.12.0-20", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2.12 for RHEL 9", "release_date": "2024-11-06T00:00:00Z"}, {"advisory": "RHSA-2024:8974", "cpe": "cpe:/a:redhat:acm:2.12::el9", "package": "rhacm2/acm-grafana-rhel9:v2.12.0-17", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2.12 for RHEL 9", "release_date": "2024-11-06T00:00:00Z"}, {"advisory": "RHSA-2024:8974", "cpe": "cpe:/a:redhat:acm:2.12::el9", "package": "rhacm2/acm-multicluster-observability-addon-rhel9:v2.12.0-20", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2.12 for RHEL 9", "release_date": "2024-11-06T00:00:00Z"}, {"advisory": "RHSA-2024:8974", "cpe": "cpe:/a:redhat:acm:2.12::el9", "package": "rhacm2/acm-must-gather-rhel9:v2.12.0-35", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2.12 for RHEL 9", "release_date": "2024-11-06T00:00:00Z"}, {"advisory": "RHSA-2024:8974", "cpe": "cpe:/a:redhat:acm:2.12::el9", "package": "rhacm2/acm-operator-bundle:v2.12.0-114", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2.12 for RHEL 9", "release_date": "2024-11-06T00:00:00Z"}, {"advisory": "RHSA-2024:8974", "cpe": "cpe:/a:redhat:acm:2.12::el9", "package": "rhacm2/acm-prometheus-config-reloader-rhel9:v2.12.0-16", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2.12 for RHEL 9", "release_date": "2024-11-06T00:00:00Z"}, {"advisory": "RHSA-2024:8974", "cpe": "cpe:/a:redhat:acm:2.12::el9", "package": "rhacm2/acm-prometheus-rhel9:v2.12.0-16", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2.12 for RHEL 9", "release_date": "2024-11-06T00:00:00Z"}, {"advisory": "RHSA-2024:8974", "cpe": "cpe:/a:redhat:acm:2.12::el9", "package": "rhacm2/acm-search-indexer-rhel9:v2.12.0-12", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2.12 for RHEL 9", "release_date": "2024-11-06T00:00:00Z"}, {"advisory": "RHSA-2024:8974", "cpe": "cpe:/a:redhat:acm:2.12::el9", "package": "rhacm2/acm-search-v2-api-rhel9:v2.12.0-15", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2.12 for RHEL 9", "release_date": "2024-11-06T00:00:00Z"}, {"advisory": "RHSA-2024:8974", "cpe": "cpe:/a:redhat:acm:2.12::el9", "package": "rhacm2/acm-search-v2-rhel9:v2.12.0-13", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2.12 for RHEL 9", "release_date": "2024-11-06T00:00:00Z"}, {"advisory": "RHSA-2024:8974", "cpe": "cpe:/a:redhat:acm:2.12::el9", "package": "rhacm2/acm-siteconfig-rhel9:v2.12.0-24", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2.12 for RHEL 9", "release_date": "2024-11-06T00:00:00Z"}, {"advisory": "RHSA-2024:8974", "cpe": "cpe:/a:redhat:acm:2.12::el9", "package": "rhacm2/acm-volsync-addon-controller-rhel9:v2.12.0-22", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2.12 for RHEL 9", "release_date": "2024-11-06T00:00:00Z"}, {"advisory": "RHSA-2024:8974", "cpe": "cpe:/a:redhat:acm:2.12::el9", "package": "rhacm2/cert-policy-controller-rhel9:v2.12.0-22", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2.12 for RHEL 9", "release_date": "2024-11-06T00:00:00Z"}, {"advisory": "RHSA-2024:8974", "cpe": "cpe:/a:redhat:acm:2.12::el9", "package": "rhacm2/cluster-backup-rhel9-operator:v2.12.0-37", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2.12 for RHEL 9", "release_date": "2024-11-06T00:00:00Z"}, {"advisory": "RHSA-2024:8974", "cpe": "cpe:/a:redhat:acm:2.12::el9", "package": "rhacm2/config-policy-controller-rhel9:v2.12.0-31", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2.12 for RHEL 9", "release_date": "2024-11-06T00:00:00Z"}, {"advisory": "RHSA-2024:8974", "cpe": "cpe:/a:redhat:acm:2.12::el9", "package": "rhacm2/console-rhel9:v2.12.0-68", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2.12 for RHEL 9", "release_date": "2024-11-06T00:00:00Z"}, {"advisory": "RHSA-2024:8974", "cpe": "cpe:/a:redhat:acm:2.12::el9", "package": "rhacm2/endpoint-monitoring-rhel9-operator:v2.12.0-39", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2.12 for RHEL 9", "release_date": "2024-11-06T00:00:00Z"}, {"advisory": "RHSA-2024:8974", "cpe": "cpe:/a:redhat:acm:2.12::el9", "package": "rhacm2/governance-policy-propagator-rhel9:v2.12.0-29", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2.12 for RHEL 9", "release_date": "2024-11-06T00:00:00Z"}, {"advisory": "RHSA-2024:8974", "cpe": "cpe:/a:redhat:acm:2.12::el9", "package": "rhacm2/grafana-dashboard-loader-rhel9:v2.12.0-39", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2.12 for RHEL 9", "release_date": "2024-11-06T00:00:00Z"}, {"advisory": "RHSA-2024:8974", "cpe": "cpe:/a:redhat:acm:2.12::el9", "package": "rhacm2/insights-client-rhel9:v2.12.0-18", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2.12 for RHEL 9", "release_date": "2024-11-06T00:00:00Z"}, {"advisory": "RHSA-2024:8974", "cpe": "cpe:/a:redhat:acm:2.12::el9", "package": "rhacm2/insights-metrics-rhel9:v2.12.0-18", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2.12 for RHEL 9", "release_date": "2024-11-06T00:00:00Z"}, {"advisory": "RHSA-2024:8974", "cpe": "cpe:/a:redhat:acm:2.12::el9", "package": "rhacm2/klusterlet-addon-controller-rhel9:v2.12.0-12", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2.12 for RHEL 9", "release_date": "2024-11-06T00:00:00Z"}, {"advisory": "RHSA-2024:8974", "cpe": "cpe:/a:redhat:acm:2.12::el9", "package": "rhacm2/kube-rbac-proxy-rhel9:v2.12.0-13", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2.12 for RHEL 9", "release_date": "2024-11-06T00:00:00Z"}, {"advisory": "RHSA-2024:8974", "cpe": "cpe:/a:redhat:acm:2.12::el9", "package": "rhacm2/kube-state-metrics-rhel9:v2.12.0-17", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2.12 for RHEL 9", "release_date": "2024-11-06T00:00:00Z"}, {"advisory": "RHSA-2024:8974", "cpe": "cpe:/a:redhat:acm:2.12::el9", "package": "rhacm2/memcached-exporter-rhel9:v2.12.0-10", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2.12 for RHEL 9", "release_date": "2024-11-06T00:00:00Z"}, {"advisory": "RHSA-2024:8974", "cpe": "cpe:/a:redhat:acm:2.12::el9", "package": "rhacm2/memcached-rhel9:v2.12.0-7", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2.12 for RHEL 9", "release_date": "2024-11-06T00:00:00Z"}, {"advisory": "RHSA-2024:8974", "cpe": "cpe:/a:redhat:acm:2.12::el9", "package": "rhacm2/metrics-collector-rhel9:v2.12.0-39", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2.12 for RHEL 9", "release_date": "2024-11-06T00:00:00Z"}, {"advisory": "RHSA-2024:8974", "cpe": "cpe:/a:redhat:acm:2.12::el9", "package": "rhacm2/multicloud-integrations-rhel9:v2.12.0-12", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2.12 for RHEL 9", "release_date": "2024-11-06T00:00:00Z"}, {"advisory": "RHSA-2024:8974", "cpe": "cpe:/a:redhat:acm:2.12::el9", "package": "rhacm2/multiclusterhub-rhel9:v2.12.0-51", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2.12 for RHEL 9", "release_date": "2024-11-06T00:00:00Z"}, {"advisory": "RHSA-2024:8974", "cpe": "cpe:/a:redhat:acm:2.12::el9", "package": "rhacm2/multicluster-observability-rhel9-operator:v2.12.0-39", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2.12 for RHEL 9", "release_date": "2024-11-06T00:00:00Z"}, {"advisory": "RHSA-2024:8974", "cpe": "cpe:/a:redhat:acm:2.12::el9", "package": "rhacm2/multicluster-operators-application-rhel9:v2.12.0-14", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2.12 for RHEL 9", "release_date": "2024-11-06T00:00:00Z"}, {"advisory": "RHSA-2024:8974", "cpe": "cpe:/a:redhat:acm:2.12::el9", "package": "rhacm2/multicluster-operators-channel-rhel9:v2.12.0-12", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2.12 for RHEL 9", "release_date": "2024-11-06T00:00:00Z"}, {"advisory": "RHSA-2024:8974", "cpe": "cpe:/a:redhat:acm:2.12::el9", "package": "rhacm2/multicluster-operators-subscription-rhel9:v2.12.0-24", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2.12 for RHEL 9", "release_date": "2024-11-06T00:00:00Z"}, {"advisory": "RHSA-2024:8974", "cpe": "cpe:/a:redhat:acm:2.12::el9", "package": "rhacm2/node-exporter-rhel9:v2.12.0-10", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2.12 for RHEL 9", "release_date": "2024-11-06T00:00:00Z"}, {"advisory": "RHSA-2024:8974", "cpe": "cpe:/a:redhat:acm:2.12::el9", "package": "rhacm2/observatorium-rhel9:v2.12.0-16", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2.12 for RHEL 9", "release_date": "2024-11-06T00:00:00Z"}, {"advisory": "RHSA-2024:8974", "cpe": "cpe:/a:redhat:acm:2.12::el9", "package": "rhacm2/observatorium-rhel9-operator:v2.12.0-17", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2.12 for RHEL 9", "release_date": "2024-11-06T00:00:00Z"}, {"advisory": "RHSA-2024:8974", "cpe": "cpe:/a:redhat:acm:2.12::el9", "package": "rhacm2/prometheus-alertmanager-rhel9:v2.12.0-12", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2.12 for RHEL 9", "release_date": "2024-11-06T00:00:00Z"}, {"advisory": "RHSA-2024:8974", "cpe": "cpe:/a:redhat:acm:2.12::el9", "package": "rhacm2/prometheus-rhel9:v2.12.0-14", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2.12 for RHEL 9", "release_date": "2024-11-06T00:00:00Z"}, {"advisory": "RHSA-2024:8974", "cpe": "cpe:/a:redhat:acm:2.12::el9", "package": "rhacm2/rbac-query-proxy-rhel9:v2.12.0-39", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2.12 for RHEL 9", "release_date": "2024-11-06T00:00:00Z"}, {"advisory": "RHSA-2024:8974", "cpe": "cpe:/a:redhat:acm:2.12::el9", "package": "rhacm2/search-collector-rhel9:v2.12.0-21", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2.12 for RHEL 9", "release_date": "2024-11-06T00:00:00Z"}, {"advisory": "RHSA-2024:8974", "cpe": "cpe:/a:redhat:acm:2.12::el9", "package": "rhacm2/submariner-addon-rhel9:v2.12.0-24", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2.12 for RHEL 9", "release_date": "2024-11-06T00:00:00Z"}, {"advisory": "RHSA-2024:8974", "cpe": "cpe:/a:redhat:acm:2.12::el9", "package": "rhacm2/thanos-receive-controller-rhel9:v2.12.0-13", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2.12 for RHEL 9", "release_date": "2024-11-06T00:00:00Z"}, {"advisory": "RHSA-2024:8974", "cpe": "cpe:/a:redhat:acm:2.12::el9", "package": "rhacm2/thanos-rhel9:v2.12.0-18", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2.12 for RHEL 9", "release_date": "2024-11-06T00:00:00Z"}, {"advisory": "RHSA-2024:8546", "cpe": "cpe:/a:redhat:acm:2.9::el8", "package": "rhacm2/acm-cluster-permission-rhel8:v2.9.5-9", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2.9 for RHEL 8", "release_date": "2024-10-28T00:00:00Z"}, {"advisory": "RHSA-2024:8546", "cpe": "cpe:/a:redhat:acm:2.9::el8", "package": "rhacm2/acm-governance-policy-addon-controller-rhel8:v2.9.5-9", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2.9 for RHEL 8", "release_date": "2024-10-28T00:00:00Z"}, {"advisory": "RHSA-2024:8546", "cpe": "cpe:/a:redhat:acm:2.9::el8", "package": "rhacm2/acm-governance-policy-framework-addon-rhel8:v2.9.5-10", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2.9 for RHEL 8", "release_date": "2024-10-28T00:00:00Z"}, {"advisory": "RHSA-2024:8546", "cpe": "cpe:/a:redhat:acm:2.9::el8", "package": "rhacm2/acm-grafana-rhel8:v2.9.5-8", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2.9 for RHEL 8", "release_date": "2024-10-28T00:00:00Z"}, {"advisory": "RHSA-2024:8546", "cpe": "cpe:/a:redhat:acm:2.9::el8", "package": "rhacm2/acm-must-gather-rhel8:v2.9.5-12", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2.9 for RHEL 8", "release_date": "2024-10-28T00:00:00Z"}, {"advisory": "RHSA-2024:8546", "cpe": "cpe:/a:redhat:acm:2.9::el8", "package": "rhacm2/acm-operator-bundle:v2.9.5-56", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2.9 for RHEL 8", "release_date": "2024-10-28T00:00:00Z"}, {"advisory": "RHSA-2024:8546", "cpe": "cpe:/a:redhat:acm:2.9::el8", "package": "rhacm2/acm-prometheus-config-reloader-rhel8:v2.9.5-9", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2.9 for RHEL 8", "release_date": "2024-10-28T00:00:00Z"}, {"advisory": "RHSA-2024:8546", "cpe": "cpe:/a:redhat:acm:2.9::el8", "package": "rhacm2/acm-prometheus-rhel8:v2.9.5-9", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2.9 for RHEL 8", "release_date": "2024-10-28T00:00:00Z"}, {"advisory": "RHSA-2024:8546", "cpe": "cpe:/a:redhat:acm:2.9::el8", "package": "rhacm2/acm-search-indexer-rhel8:v2.9.5-9", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2.9 for RHEL 8", "release_date": "2024-10-28T00:00:00Z"}, {"advisory": "RHSA-2024:8546", "cpe": "cpe:/a:redhat:acm:2.9::el8", "package": "rhacm2/acm-search-v2-api-rhel8:v2.9.5-9", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2.9 for RHEL 8", "release_date": "2024-10-28T00:00:00Z"}, {"advisory": "RHSA-2024:8546", "cpe": "cpe:/a:redhat:acm:2.9::el8", "package": "rhacm2/acm-search-v2-rhel8:v2.9.5-9", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2.9 for RHEL 8", "release_date": "2024-10-28T00:00:00Z"}, {"advisory": "RHSA-2024:8546", "cpe": "cpe:/a:redhat:acm:2.9::el8", "package": "rhacm2/acm-volsync-addon-controller-rhel8:v2.9.5-9", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2.9 for RHEL 8", "release_date": "2024-10-28T00:00:00Z"}, {"advisory": "RHSA-2024:8546", "cpe": "cpe:/a:redhat:acm:2.9::el8", "package": "rhacm2/cert-policy-controller-rhel8:v2.9.5-11", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2.9 for RHEL 8", "release_date": "2024-10-28T00:00:00Z"}, {"advisory": "RHSA-2024:8546", "cpe": "cpe:/a:redhat:acm:2.9::el8", "package": "rhacm2/cluster-backup-rhel8-operator:v2.9.5-11", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2.9 for RHEL 8", "release_date": "2024-10-28T00:00:00Z"}, {"advisory": "RHSA-2024:8546", "cpe": "cpe:/a:redhat:acm:2.9::el8", "package": "rhacm2/config-policy-controller-rhel8:v2.9.5-10", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2.9 for RHEL 8", "release_date": "2024-10-28T00:00:00Z"}, {"advisory": "RHSA-2024:8546", "cpe": "cpe:/a:redhat:acm:2.9::el8", "package": "rhacm2/console-rhel8:v2.9.5-33", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2.9 for RHEL 8", "release_date": "2024-10-28T00:00:00Z"}, {"advisory": "RHSA-2024:8546", "cpe": "cpe:/a:redhat:acm:2.9::el8", "package": "rhacm2/endpoint-monitoring-rhel8-operator:v2.9.5-12", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2.9 for RHEL 8", "release_date": "2024-10-28T00:00:00Z"}, {"advisory": "RHSA-2024:8546", "cpe": "cpe:/a:redhat:acm:2.9::el8", "package": "rhacm2/governance-policy-propagator-rhel8:v2.9.5-9", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2.9 for RHEL 8", "release_date": "2024-10-28T00:00:00Z"}, {"advisory": "RHSA-2024:8546", "cpe": "cpe:/a:redhat:acm:2.9::el8", "package": "rhacm2/grafana-dashboard-loader-rhel8:v2.9.5-12", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2.9 for RHEL 8", "release_date": "2024-10-28T00:00:00Z"}, {"advisory": "RHSA-2024:8546", "cpe": "cpe:/a:redhat:acm:2.9::el8", "package": "rhacm2/iam-policy-controller-rhel8:v2.9.5-10", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2.9 for RHEL 8", "release_date": "2024-10-28T00:00:00Z"}, {"advisory": "RHSA-2024:8546", "cpe": "cpe:/a:redhat:acm:2.9::el8", "package": "rhacm2/insights-client-rhel8:v2.9.5-10", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2.9 for RHEL 8", "release_date": "2024-10-28T00:00:00Z"}, {"advisory": "RHSA-2024:8546", "cpe": "cpe:/a:redhat:acm:2.9::el8", "package": "rhacm2/insights-metrics-rhel8:v2.9.5-10", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2.9 for RHEL 8", "release_date": "2024-10-28T00:00:00Z"}, {"advisory": "RHSA-2024:8546", "cpe": "cpe:/a:redhat:acm:2.9::el8", "package": "rhacm2/klusterlet-addon-controller-rhel8:v2.9.5-9", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2.9 for RHEL 8", "release_date": "2024-10-28T00:00:00Z"}, {"advisory": "RHSA-2024:8546", "cpe": "cpe:/a:redhat:acm:2.9::el8", "package": "rhacm2/kube-rbac-proxy-rhel8:v2.9.5-10", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2.9 for RHEL 8", "release_date": "2024-10-28T00:00:00Z"}, {"advisory": "RHSA-2024:8546", "cpe": "cpe:/a:redhat:acm:2.9::el8", "package": "rhacm2/kube-state-metrics-rhel8:v2.9.5-9", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2.9 for RHEL 8", "release_date": "2024-10-28T00:00:00Z"}, {"advisory": "RHSA-2024:8546", "cpe": "cpe:/a:redhat:acm:2.9::el8", "package": "rhacm2/memcached-exporter-rhel8:v2.9.5-9", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2.9 for RHEL 8", "release_date": "2024-10-28T00:00:00Z"}, {"advisory": "RHSA-2024:8546", "cpe": "cpe:/a:redhat:acm:2.9::el8", "package": "rhacm2/memcached-rhel8:v2.9.5-6", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2.9 for RHEL 8", "release_date": "2024-10-28T00:00:00Z"}, {"advisory": "RHSA-2024:8546", "cpe": "cpe:/a:redhat:acm:2.9::el8", "package": "rhacm2/metrics-collector-rhel8:v2.9.5-12", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2.9 for RHEL 8", "release_date": "2024-10-28T00:00:00Z"}, {"advisory": "RHSA-2024:8546", "cpe": "cpe:/a:redhat:acm:2.9::el8", "package": "rhacm2/multicloud-integrations-rhel8:v2.9.5-8", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2.9 for RHEL 8", "release_date": "2024-10-28T00:00:00Z"}, {"advisory": "RHSA-2024:8546", "cpe": "cpe:/a:redhat:acm:2.9::el8", "package": "rhacm2/multiclusterhub-rhel8:v2.9.5-12", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2.9 for RHEL 8", "release_date": "2024-10-28T00:00:00Z"}, {"advisory": "RHSA-2024:8546", "cpe": "cpe:/a:redhat:acm:2.9::el8", "package": "rhacm2/multicluster-observability-rhel8-operator:v2.9.5-12", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2.9 for RHEL 8", "release_date": "2024-10-28T00:00:00Z"}, {"advisory": "RHSA-2024:8546", "cpe": "cpe:/a:redhat:acm:2.9::el8", "package": "rhacm2/multicluster-operators-application-rhel8:v2.9.5-9", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2.9 for RHEL 8", "release_date": "2024-10-28T00:00:00Z"}, {"advisory": "RHSA-2024:8546", "cpe": "cpe:/a:redhat:acm:2.9::el8", "package": "rhacm2/multicluster-operators-channel-rhel8:v2.9.5-9", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2.9 for RHEL 8", "release_date": "2024-10-28T00:00:00Z"}, {"advisory": "RHSA-2024:8546", "cpe": "cpe:/a:redhat:acm:2.9::el8", "package": "rhacm2/multicluster-operators-subscription-rhel8:v2.9.5-11", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2.9 for RHEL 8", "release_date": "2024-10-28T00:00:00Z"}, {"advisory": "RHSA-2024:8546", "cpe": "cpe:/a:redhat:acm:2.9::el8", "package": "rhacm2/node-exporter-rhel8:v2.9.5-9", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2.9 for RHEL 8", "release_date": "2024-10-28T00:00:00Z"}, {"advisory": "RHSA-2024:8546", "cpe": "cpe:/a:redhat:acm:2.9::el8", "package": "rhacm2/observatorium-rhel8:v2.9.5-10", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2.9 for RHEL 8", "release_date": "2024-10-28T00:00:00Z"}, {"advisory": "RHSA-2024:8546", "cpe": "cpe:/a:redhat:acm:2.9::el8", "package": "rhacm2/observatorium-rhel8-operator:v2.9.5-8", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2.9 for RHEL 8", "release_date": "2024-10-28T00:00:00Z"}, {"advisory": "RHSA-2024:8546", "cpe": "cpe:/a:redhat:acm:2.9::el8", "package": "rhacm2/prometheus-alertmanager-rhel8:v2.9.5-9", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2.9 for RHEL 8", "release_date": "2024-10-28T00:00:00Z"}, {"advisory": "RHSA-2024:8546", "cpe": "cpe:/a:redhat:acm:2.9::el8", "package": "rhacm2/prometheus-rhel8:v2.9.5-8", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2.9 for RHEL 8", "release_date": "2024-10-28T00:00:00Z"}, {"advisory": "RHSA-2024:8546", "cpe": "cpe:/a:redhat:acm:2.9::el8", "package": "rhacm2/rbac-query-proxy-rhel8:v2.9.5-12", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2.9 for RHEL 8", "release_date": "2024-10-28T00:00:00Z"}, {"advisory": "RHSA-2024:8546", "cpe": "cpe:/a:redhat:acm:2.9::el8", "package": "rhacm2/search-collector-rhel8:v2.9.5-9", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2.9 for RHEL 8", "release_date": "2024-10-28T00:00:00Z"}, {"advisory": "RHSA-2024:8546", "cpe": "cpe:/a:redhat:acm:2.9::el8", "package": "rhacm2/submariner-addon-rhel8:v2.9.5-21", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2.9 for RHEL 8", "release_date": "2024-10-28T00:00:00Z"}, {"advisory": "RHSA-2024:8546", "cpe": "cpe:/a:redhat:acm:2.9::el8", "package": "rhacm2/thanos-receive-controller-rhel8:v2.9.5-8", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2.9 for RHEL 8", "release_date": "2024-10-28T00:00:00Z"}, {"advisory": "RHSA-2024:8546", "cpe": "cpe:/a:redhat:acm:2.9::el8", "package": "rhacm2/thanos-rhel8:v2.9.5-8", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2.9 for RHEL 8", "release_date": "2024-10-28T00:00:00Z"}, {"advisory": "RHSA-2024:8507", "cpe": "cpe:/a:redhat:rhel_aus:8.2", "package": "grafana-0:6.3.6-6.el8_2", "product_name": "Red Hat Enterprise Linux 8.2 Advanced Update Support", "release_date": "2024-10-28T00:00:00Z"}, {"advisory": "RHSA-2024:8351", "cpe": "cpe:/a:redhat:rhel_aus:8.4", "package": "grafana-0:7.3.6-8.el8_4", "product_name": "Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support", "release_date": "2024-10-23T00:00:00Z"}, {"advisory": "RHSA-2024:8351", "cpe": "cpe:/a:redhat:rhel_tus:8.4", "package": "grafana-0:7.3.6-8.el8_4", "product_name": "Red Hat Enterprise Linux 8.4 Telecommunications Update Service", "release_date": "2024-10-23T00:00:00Z"}, {"advisory": "RHSA-2024:8351", "cpe": "cpe:/a:redhat:rhel_e4s:8.4", "package": "grafana-0:7.3.6-8.el8_4", "product_name": "Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions", "release_date": "2024-10-23T00:00:00Z"}], "bugzilla": {"description": "elliptic: Missing Validation in Elliptic's EDDSA Signature Verification", "id": "2317724", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2317724"}, "csaw": false, "cvss3": {"cvss3_base_score": "8.2", "cvss3_scoring_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N", "status": "verified"}, "cwe": "CWE-347", "details": ["The verify function in lib/elliptic/eddsa/index.js in the Elliptic package before 6.5.6 for Node.js omits \"sig.S().gte(sig.eddsa.curve.n) || sig.S().isNeg()\" validation.", "A flaw was found in the Elliptic package. This vulnerability allows attackers to bypass EDDSA signature validation via improper handling of signature values where the S() component of the signature is not properly checked for being non-negative or smaller than the curve order."], "mitigation": {"lang": "en:us", "value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."}, "name": "CVE-2024-48949", "package_state": [{"cpe": "cpe:/a:redhat:logging:5", "fix_state": "Not affected", "package_name": "openshift-logging/kibana6-rhel8", "product_name": "Logging Subsystem for Red Hat OpenShift"}, {"cpe": "cpe:/a:redhat:openshift_pipelines:1", "fix_state": "Affected", "package_name": "openshift-pipelines-console-plugin-rhel8-container", "product_name": "OpenShift Pipelines"}, {"cpe": "cpe:/a:redhat:openshift_pipelines:1", "fix_state": "Affected", "package_name": "openshift-pipelines/pipelines-hub-api-rhel8", "product_name": "OpenShift Pipelines"}, {"cpe": "cpe:/a:redhat:openshift_pipelines:1", "fix_state": "Affected", "package_name": "openshift-pipelines/pipelines-hub-db-migration-rhel8", "product_name": "OpenShift Pipelines"}, {"cpe": "cpe:/a:redhat:openshift_pipelines:1", "fix_state": "Affected", "package_name": "openshift-pipelines/pipelines-hub-ui-rhel8", "product_name": "OpenShift Pipelines"}, {"cpe": "cpe:/a:redhat:service_mesh:2", "fix_state": "Not affected", "package_name": "openshift-service-mesh/kiali-ossmc-rhel8", "product_name": "OpenShift Service Mesh 2"}, {"cpe": "cpe:/a:redhat:service_mesh:2", "fix_state": "Not affected", "package_name": "openshift-service-mesh/kiali-rhel8", "product_name": "OpenShift Service Mesh 2"}, {"cpe": "cpe:/a:redhat:red_hat_3scale_amp:2", "fix_state": "Affected", "package_name": "3scale-amp-system-container", "product_name": "Red Hat 3scale API Management Platform 2"}, {"cpe": "cpe:/a:redhat:rhdh:1", "fix_state": "Not affected", "package_name": "rhdh-hub-container", "product_name": "Red Hat Developer Hub"}, {"cpe": "cpe:/a:redhat:rhdh:1", "fix_state": "Not affected", "package_name": "rhdh-operator-container", "product_name": "Red Hat Developer Hub"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Out of support scope", "package_name": "thunderbird", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Affected", "package_name": "grafana", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "mozjs60", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "pcs", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "gjs", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "pcs", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "polkit", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/a:redhat:openshift:4", "fix_state": "Will not fix", "package_name": "openshift4/ose-console", "product_name": "Red Hat OpenShift Container Platform 4"}, {"cpe": "cpe:/a:redhat:openshift_container_storage:4", "fix_state": "Affected", "package_name": "ocs4/mcg-core-rhel8", "product_name": "Red Hat Openshift Container Storage 4"}, {"cpe": "cpe:/a:redhat:openshift_devspaces:3::el8", "fix_state": "Affected", "package_name": "devspaces/dashboard-rhel8", "product_name": "Red Hat OpenShift Dev Spaces"}, {"cpe": "cpe:/a:redhat:openshift_devspaces:3::el8", "fix_state": "Not affected", "package_name": "devspaces/traefik-rhel8", "product_name": "Red Hat OpenShift Dev Spaces"}, {"cpe": "cpe:/a:redhat:openshift_gitops:1", "fix_state": "Will not fix", "package_name": "openshift-gitops-1/argo-rollouts-rhel8", "product_name": "Red Hat OpenShift GitOps"}, {"cpe": "cpe:/a:redhat:quay:3", "fix_state": "Affected", "package_name": "quay/quay-rhel8", "product_name": "Red Hat Quay 3"}], "public_date": "2024-10-10T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2024-48949\nhttps://nvd.nist.gov/vuln/detail/CVE-2024-48949\nhttps://github.com/indutny/elliptic/commit/7ac5360118f74eb02da73bdf9f24fd0c72ff5281\nhttps://github.com/indutny/elliptic/compare/v6.5.5...v6.5.6"], "statement": "Thunderbird is not supported in Red Hat Enterprise Linux 7 ELS.", "threat_severity": "Important"}