{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-6104", "assignerOrgId": "67fedba0-ff2e-4543-ba5b-aa93e87718cc", "state": "PUBLISHED", "assignerShortName": "HashiCorp", "dateReserved": "2024-06-17T22:19:58.680Z", "datePublished": "2024-06-24T17:06:21.150Z", "dateUpdated": "2024-08-01T21:33:04.395Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "platforms": ["64 bit", "32 bit", "x86", "ARM", "MacOS", "Windows", "Linux"], "product": "Shared library", "repo": "https://github.com/hashicorp/go-retryablehttp", "vendor": "HashiCorp", "versions": [{"lessThan": "0.7.7", "status": "affected", "version": "0", "versionType": "semver"}]}], "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "<p>go-retryablehttp prior to 0.7.7 did not sanitize urls when writing them to its log file. This could lead to go-retryablehttp writing sensitive HTTP basic auth credentials to its log file. This vulnerability, CVE-2024-6104, was fixed in go-retryablehttp 0.7.7.</p><br/>"}], "value": "go-retryablehttp prior to 0.7.7 did not sanitize urls when writing them to its log file. This could lead to go-retryablehttp writing sensitive HTTP basic auth credentials to its log file. This vulnerability, CVE-2024-6104, was fixed in go-retryablehttp 0.7.7."}], "impacts": [{"capecId": "CAPEC-118", "descriptions": [{"lang": "en", "value": "CAPEC-118: Collect and Analyze Information"}]}], "metrics": [{"cvssV3_1": {"baseScore": 6, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-532", "description": "CWE-532: Insertion of Sensitive Information into Log File", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "67fedba0-ff2e-4543-ba5b-aa93e87718cc", "shortName": "HashiCorp", "dateUpdated": "2024-06-24T17:06:21.150Z"}, "references": [{"url": "https://discuss.hashicorp.com/c/security"}], "source": {"advisory": "HCSEC-2024-12", "discovery": "EXTERNAL"}, "title": "go-retryablehttp can leak basic auth credentials to log files"}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-06-24T19:19:22.878144Z", "id": "CVE-2024-6104", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-06-24T19:19:28.773Z"}}, {"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-01T21:33:04.395Z"}, "title": "CVE Program Container", "references": [{"url": "https://discuss.hashicorp.com/c/security", "tags": ["x_transferred"]}]}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://discuss.hashicorp.com/c/security", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-01T21:33:04.395Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-6104", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-06-24T19:19:22.878144Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-06-24T19:19:26.219Z"}}], "cna": {"title": "go-retryablehttp can leak basic auth credentials to log files", "source": {"advisory": "HCSEC-2024-12", "discovery": "EXTERNAL"}, "impacts": [{"capecId": "CAPEC-118", "descriptions": [{"lang": "en", "value": "CAPEC-118: Collect and Analyze Information"}]}], "metrics": [{"format": "CVSS", "cvssV3_1": {"version": "3.1", "baseScore": 6, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"repo": "https://github.com/hashicorp/go-retryablehttp", "vendor": "HashiCorp", "product": "Shared library", "versions": [{"status": "affected", "version": "0", "lessThan": "0.7.7", "versionType": "semver"}], "platforms": ["64 bit", "32 bit", "x86", "ARM", "MacOS", "Windows", "Linux"], "defaultStatus": "unaffected"}], "references": [{"url": "https://discuss.hashicorp.com/c/security"}], "descriptions": [{"lang": "en", "value": "go-retryablehttp prior to 0.7.7 did not sanitize urls when writing them to its log file. This could lead to go-retryablehttp writing sensitive HTTP basic auth credentials to its log file. This vulnerability, CVE-2024-6104, was fixed in go-retryablehttp 0.7.7.", "supportingMedia": [{"type": "text/html", "value": "<p>go-retryablehttp prior to 0.7.7 did not sanitize urls when writing them to its log file. This could lead to go-retryablehttp writing sensitive HTTP basic auth credentials to its log file. This vulnerability, CVE-2024-6104, was fixed in go-retryablehttp 0.7.7.</p><br/>", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-532", "description": "CWE-532: Insertion of Sensitive Information into Log File"}]}], "providerMetadata": {"orgId": "67fedba0-ff2e-4543-ba5b-aa93e87718cc", "shortName": "HashiCorp", "dateUpdated": "2024-06-24T17:06:21.150Z"}}}, "cveMetadata": {"cveId": "CVE-2024-6104", "state": "PUBLISHED", "dateUpdated": "2024-08-01T21:33:04.395Z", "dateReserved": "2024-06-17T22:19:58.680Z", "assignerOrgId": "67fedba0-ff2e-4543-ba5b-aa93e87718cc", "datePublished": "2024-06-24T17:06:21.150Z", "assignerShortName": "HashiCorp"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:hashicorp:retryablehttp:*:*:*:*:*:go:*:*", "matchCriteriaId": "0FCBD41E-84B7-4720-A6EA-9A617EEC3F30", "versionEndExcluding": "0.7.7", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "go-retryablehttp prior to 0.7.7 did not sanitize urls when writing them to its log file. This could lead to go-retryablehttp writing sensitive HTTP basic auth credentials to its log file. This vulnerability, CVE-2024-6104, was fixed in go-retryablehttp 0.7.7."}, {"lang": "es", "value": "go-retryablehttp anterior a 0.7.7 no sanitizaba las URL al escribirlas en su archivo de registro. Esto podr\u00eda llevar a que go-retryablehttp escriba credenciales de autenticaci\u00f3n b\u00e1sicas HTTP confidenciales en su archivo de registro. Esta vulnerabilidad, CVE-2024-6104, se solucion\u00f3 en go-retryablehttp 0.7.7."}], "id": "CVE-2024-6104", "lastModified": "2024-11-21T09:48:58.263", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 6.0, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "HIGH", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 1.5, "impactScore": 4.0, "source": "security@hashicorp.com", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2024-06-24T17:15:11.087", "references": [{"source": "security@hashicorp.com", "tags": ["Vendor Advisory"], "url": "https://discuss.hashicorp.com/c/security"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://discuss.hashicorp.com/c/security"}], "sourceIdentifier": "security@hashicorp.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-532"}], "source": "security@hashicorp.com", "type": "Secondary"}, {"description": [{"lang": "en", "value": "CWE-532"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"affected_release": [{"advisory": "RHSA-2024:8040", "cpe": "cpe:/a:redhat:cluster_observability_operator:0.4::el8", "package": "cluster-observability-operator/cluster-observability-operator-bundle:0.4.1-18", "product_name": "CLUSTER-OBSERVABILITY-OPERATOR-0.4-RHEL-8", "release_date": "2024-10-14T00:00:00Z"}, {"advisory": "RHSA-2024:8040", "cpe": "cpe:/a:redhat:cluster_observability_operator:0.4::el8", "package": "cluster-observability-operator/cluster-observability-rhel8-operator:v0.4.1-4", "product_name": "CLUSTER-OBSERVABILITY-OPERATOR-0.4-RHEL-8", "release_date": "2024-10-14T00:00:00Z"}, {"advisory": "RHSA-2024:8040", "cpe": "cpe:/a:redhat:cluster_observability_operator:0.4::el8", "package": "cluster-observability-operator/coo-admission-webhook-rhel8:v0.77.1-1", "product_name": "CLUSTER-OBSERVABILITY-OPERATOR-0.4-RHEL-8", "release_date": "2024-10-14T00:00:00Z"}, {"advisory": "RHSA-2024:8040", "cpe": "cpe:/a:redhat:cluster_observability_operator:0.4::el8", "package": "cluster-observability-operator/coo-console-dashboards-plugin-rhel8:v0.2.0-15", "product_name": "CLUSTER-OBSERVABILITY-OPERATOR-0.4-RHEL-8", "release_date": "2024-10-14T00:00:00Z"}, {"advisory": "RHSA-2024:8040", "cpe": "cpe:/a:redhat:cluster_observability_operator:0.4::el8", "package": "cluster-observability-operator/coo-console-distributed-tracing-plugin-rhel8:v0.1.0-16", "product_name": "CLUSTER-OBSERVABILITY-OPERATOR-0.4-RHEL-8", "release_date": "2024-10-14T00:00:00Z"}, {"advisory": "RHSA-2024:8040", "cpe": "cpe:/a:redhat:cluster_observability_operator:0.4::el8", "package": "cluster-observability-operator/coo-console-logging-plugin-rhel8:v6.0.0-20", "product_name": "CLUSTER-OBSERVABILITY-OPERATOR-0.4-RHEL-8", "release_date": "2024-10-14T00:00:00Z"}, {"advisory": "RHSA-2024:8040", "cpe": "cpe:/a:redhat:cluster_observability_operator:0.4::el8", "package": "cluster-observability-operator/coo-console-troubleshooting-panel-plugin-rhel8:v0.1.0-19", "product_name": "CLUSTER-OBSERVABILITY-OPERATOR-0.4-RHEL-8", "release_date": "2024-10-14T00:00:00Z"}, {"advisory": "RHSA-2024:8040", "cpe": "cpe:/a:redhat:cluster_observability_operator:0.4::el8", "package": "cluster-observability-operator/coo-korrel8r-rhel8:v0.6.3-15", "product_name": "CLUSTER-OBSERVABILITY-OPERATOR-0.4-RHEL-8", "release_date": "2024-10-14T00:00:00Z"}, {"advisory": "RHSA-2024:8040", "cpe": "cpe:/a:redhat:cluster_observability_operator:0.4::el8", "package": "cluster-observability-operator/coo-prometheus-alertmanager-rhel8:v0.27.0-4", "product_name": "CLUSTER-OBSERVABILITY-OPERATOR-0.4-RHEL-8", "release_date": "2024-10-14T00:00:00Z"}, {"advisory": "RHSA-2024:8040", "cpe": "cpe:/a:redhat:cluster_observability_operator:0.4::el8", "package": "cluster-observability-operator/coo-prometheus-config-reloader-rhel8:v0.77.1-1", "product_name": "CLUSTER-OBSERVABILITY-OPERATOR-0.4-RHEL-8", "release_date": "2024-10-14T00:00:00Z"}, {"advisory": "RHSA-2024:8040", "cpe": "cpe:/a:redhat:cluster_observability_operator:0.4::el8", "package": "cluster-observability-operator/coo-prometheus-rhel8:v2.54.1-1", "product_name": "CLUSTER-OBSERVABILITY-OPERATOR-0.4-RHEL-8", "release_date": "2024-10-14T00:00:00Z"}, {"advisory": "RHSA-2024:8040", "cpe": "cpe:/a:redhat:cluster_observability_operator:0.4::el8", "package": "cluster-observability-operator/coo-prometheus-rhel8-operator:v0.77.1-1", "product_name": "CLUSTER-OBSERVABILITY-OPERATOR-0.4-RHEL-8", "release_date": "2024-10-14T00:00:00Z"}, {"advisory": "RHSA-2024:8040", "cpe": "cpe:/a:redhat:cluster_observability_operator:0.4::el8", "package": "cluster-observability-operator/coo-thanos-rhel8:v0.36.1-1", "product_name": "CLUSTER-OBSERVABILITY-OPERATOR-0.4-RHEL-8", "release_date": "2024-10-14T00:00:00Z"}, {"advisory": "RHSA-2024:6738", "cpe": "cpe:/a:redhat:multicluster_engine:2.5::el8", "package": "multicluster-engine/hive-rhel8:v2.5.7-1", "product_name": "multicluster engine for Kubernetes 2.5 for RHEL 8", "release_date": "2024-09-17T00:00:00Z"}, {"advisory": "RHSA-2024:6054", "cpe": "cpe:/a:redhat:advanced_cluster_security:4.4::el8", "package": "advanced-cluster-security/rhacs-central-db-rhel8:4.4.5-2", "product_name": "Red Hat Advanced Cluster Security 4.4", "release_date": "2024-08-29T00:00:00Z"}, {"advisory": "RHSA-2024:6054", "cpe": "cpe:/a:redhat:advanced_cluster_security:4.4::el8", "package": "advanced-cluster-security/rhacs-collector-rhel8:4.4.5-2", "product_name": "Red Hat Advanced Cluster Security 4.4", "release_date": "2024-08-29T00:00:00Z"}, {"advisory": "RHSA-2024:6054", "cpe": "cpe:/a:redhat:advanced_cluster_security:4.4::el8", "package": "advanced-cluster-security/rhacs-collector-slim-rhel8:4.4.5-2", "product_name": "Red Hat Advanced Cluster Security 4.4", "release_date": "2024-08-29T00:00:00Z"}, {"advisory": "RHSA-2024:6054", "cpe": "cpe:/a:redhat:advanced_cluster_security:4.4::el8", "package": "advanced-cluster-security/rhacs-main-rhel8:4.4.5-4", "product_name": "Red Hat Advanced Cluster Security 4.4", "release_date": "2024-08-29T00:00:00Z"}, {"advisory": "RHSA-2024:6054", "cpe": "cpe:/a:redhat:advanced_cluster_security:4.4::el8", "package": "advanced-cluster-security/rhacs-operator-bundle:4.4.5-3", "product_name": "Red Hat Advanced Cluster Security 4.4", "release_date": "2024-08-29T00:00:00Z"}, {"advisory": "RHSA-2024:6054", "cpe": "cpe:/a:redhat:advanced_cluster_security:4.4::el8", "package": "advanced-cluster-security/rhacs-rhel8-operator:4.4.5-2", "product_name": "Red Hat Advanced Cluster Security 4.4", "release_date": "2024-08-29T00:00:00Z"}, {"advisory": "RHSA-2024:6054", "cpe": "cpe:/a:redhat:advanced_cluster_security:4.4::el8", "package": "advanced-cluster-security/rhacs-roxctl-rhel8:4.4.5-2", "product_name": "Red Hat Advanced Cluster Security 4.4", "release_date": "2024-08-29T00:00:00Z"}, {"advisory": "RHSA-2024:6054", "cpe": "cpe:/a:redhat:advanced_cluster_security:4.4::el8", "package": "advanced-cluster-security/rhacs-scanner-db-rhel8:4.4.5-2", "product_name": "Red Hat Advanced Cluster Security 4.4", "release_date": "2024-08-29T00:00:00Z"}, {"advisory": "RHSA-2024:6054", "cpe": "cpe:/a:redhat:advanced_cluster_security:4.4::el8", "package": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8:4.4.5-3", "product_name": "Red Hat Advanced Cluster Security 4.4", "release_date": "2024-08-29T00:00:00Z"}, {"advisory": "RHSA-2024:6054", "cpe": "cpe:/a:redhat:advanced_cluster_security:4.4::el8", "package": "advanced-cluster-security/rhacs-scanner-rhel8:4.4.5-2", "product_name": "Red Hat Advanced Cluster Security 4.4", "release_date": "2024-08-29T00:00:00Z"}, {"advisory": "RHSA-2024:6054", "cpe": "cpe:/a:redhat:advanced_cluster_security:4.4::el8", "package": "advanced-cluster-security/rhacs-scanner-slim-rhel8:4.4.5-2", "product_name": "Red Hat Advanced Cluster Security 4.4", "release_date": "2024-08-29T00:00:00Z"}, {"advisory": "RHSA-2024:6054", "cpe": "cpe:/a:redhat:advanced_cluster_security:4.4::el8", "package": "advanced-cluster-security/rhacs-scanner-v4-db-rhel8:4.4.5-3", "product_name": "Red Hat Advanced Cluster Security 4.4", "release_date": "2024-08-29T00:00:00Z"}, {"advisory": "RHSA-2024:6054", "cpe": "cpe:/a:redhat:advanced_cluster_security:4.4::el8", "package": "advanced-cluster-security/rhacs-scanner-v4-rhel8:4.4.5-3", "product_name": "Red Hat Advanced Cluster Security 4.4", "release_date": "2024-08-29T00:00:00Z"}, {"advisory": "RHSA-2025:9776", "cpe": "cpe:/a:redhat:ceph_storage:8.1::el9", "package": "rhceph/grafana-rhel9:11.5.2-6", "product_name": "Red Hat Ceph Storage 8.1", "release_date": "2025-06-26T00:00:00Z"}, {"advisory": "RHSA-2025:9776", "cpe": "cpe:/a:redhat:ceph_storage:8.1::el9", "package": "rhceph/keepalived-rhel9:2.2.8-65", "product_name": "Red Hat Ceph Storage 8.1", "release_date": "2025-06-26T00:00:00Z"}, {"advisory": "RHSA-2025:9776", "cpe": "cpe:/a:redhat:ceph_storage:8.1::el9", "package": "rhceph/oauth2-proxy-rhel9:v7.6.0-27", "product_name": "Red Hat Ceph Storage 8.1", "release_date": "2025-06-26T00:00:00Z"}, {"advisory": "RHSA-2025:9776", "cpe": "cpe:/a:redhat:ceph_storage:8.1::el9", "package": "rhceph/rhceph-8-rhel9:8-492", "product_name": "Red Hat Ceph Storage 8.1", "release_date": "2025-06-26T00:00:00Z"}, {"advisory": "RHSA-2025:9776", "cpe": "cpe:/a:redhat:ceph_storage:8.1::el9", "package": "rhceph/rhceph-haproxy-rhel9:2.4.22-67", "product_name": "Red Hat Ceph Storage 8.1", "release_date": "2025-06-26T00:00:00Z"}, {"advisory": "RHSA-2025:9776", "cpe": "cpe:/a:redhat:ceph_storage:8.1::el9", "package": "rhceph/rhceph-promtail-rhel9:v3.0.0-34", "product_name": "Red Hat Ceph Storage 8.1", "release_date": "2025-06-26T00:00:00Z"}, {"advisory": "RHSA-2025:9776", "cpe": "cpe:/a:redhat:ceph_storage:8.1::el9", "package": "rhceph/snmp-notifier-rhel9:1.2.1-115", "product_name": "Red Hat Ceph Storage 8.1", "release_date": "2025-06-26T00:00:00Z"}, {"advisory": "RHSA-2024:5258", "cpe": "cpe:/a:redhat:enterprise_linux:8", "package": "container-tools:rhel8-8100020240808093819.afee755d", "product_name": "Red Hat Enterprise Linux 8", "release_date": "2024-08-13T00:00:00Z"}, {"advisory": "RHSA-2024:5194", "cpe": "cpe:/a:redhat:rhel_eus:8.8", "package": "container-tools:rhel8-8080020240724065004.0f77c1b7", "product_name": "Red Hat Enterprise Linux 8.8 Extended Update Support", "release_date": "2024-08-12T00:00:00Z"}, {"advisory": "RHSA-2024:6194", "cpe": "cpe:/a:redhat:enterprise_linux:9", "package": "podman-4:4.9.4-10.el9_4", "product_name": "Red Hat Enterprise Linux 9", "release_date": "2024-09-03T00:00:00Z"}, {"advisory": "RHSA-2024:9098", "cpe": "cpe:/a:redhat:enterprise_linux:9", "package": "skopeo-2:1.16.1-1.el9", "product_name": "Red Hat Enterprise Linux 9", "release_date": "2024-11-12T00:00:00Z"}, {"advisory": "RHSA-2024:9115", "cpe": "cpe:/a:redhat:enterprise_linux:9", "package": "grafana-0:10.2.6-4.el9", "product_name": "Red Hat Enterprise Linux 9", "release_date": "2024-11-12T00:00:00Z"}, {"advisory": "RHSA-2024:5634", "cpe": "cpe:/a:redhat:rhel_eus:9.2", "package": "podman-2:4.4.1-20.el9_2", "product_name": "Red Hat Enterprise Linux 9.2 Extended Update Support", "release_date": "2024-08-20T00:00:00Z"}, {"advisory": "RHSA-2024:5199", "cpe": "cpe:/a:redhat:openshift:4.12::el8", "package": "openshift4/ose-sriov-network-webhook:v4.12.0-202408091241.p0.g83b800f.assembly.stream.el8", "product_name": "Red Hat OpenShift Container Platform 4.12", "release_date": "2024-08-19T00:00:00Z"}, {"advisory": "RHSA-2024:5200", "cpe": "cpe:/a:redhat:openshift:4.12::el8", "package": "openshift4/ose-cloud-credential-operator:v4.12.0-202408072203.p0.g6de9c4e.assembly.stream.el8", "product_name": "Red Hat OpenShift Container Platform 4.12", "release_date": "2024-08-19T00:00:00Z"}, {"advisory": "RHSA-2024:5200", "cpe": "cpe:/a:redhat:openshift:4.12::el8", "package": "openshift4/ose-cluster-image-registry-operator:v4.12.0-202408071159.p0.g77fd1a9.assembly.stream.el8", "product_name": "Red Hat OpenShift Container Platform 4.12", "release_date": "2024-08-19T00:00:00Z"}, {"advisory": "RHSA-2024:5200", "cpe": "cpe:/a:redhat:openshift:4.12::el8", "package": "openshift4/ose-ibm-vpc-block-csi-driver-operator-rhel8:v4.12.0-202408071159.p0.gf2b726d.assembly.stream.el8", "product_name": "Red Hat OpenShift Container Platform 4.12", "release_date": "2024-08-19T00:00:00Z"}, {"advisory": "RHSA-2024:5200", "cpe": "cpe:/a:redhat:openshift:4.12::el8", "package": "openshift4/ose-ibm-vpc-block-csi-driver-rhel8:v4.12.0-202408071159.p0.g921509f.assembly.stream.el8", "product_name": "Red Hat OpenShift Container Platform 4.12", "release_date": "2024-08-19T00:00:00Z"}, {"advisory": "RHSA-2024:5808", "cpe": "cpe:/a:redhat:openshift:4.12::el8", "package": "openshift4/ose-azure-cluster-api-controllers-rhel8:v4.12.0-202408220304.p0.ga1b2a37.assembly.stream.el8", "product_name": "Red Hat OpenShift Container Platform 4.12", "release_date": "2024-08-29T00:00:00Z"}, {"advisory": "RHSA-2024:6642", "cpe": "cpe:/a:redhat:openshift:4.12::el8", "package": "openshift4/ose-installer:v4.12.0-202409040731.p0.g798aeaa.assembly.stream.el8", "product_name": "Red Hat OpenShift Container Platform 4.12", "release_date": "2024-09-18T00:00:00Z"}, {"advisory": "RHSA-2024:4846", "cpe": "cpe:/a:redhat:openshift:4.13::el8", "package": "openshift4/ose-cloud-credential-operator:v4.13.0-202407192107.p0.g73ecd48.assembly.stream.el8", "product_name": "Red Hat OpenShift Container Platform 4.13", "release_date": "2024-07-31T00:00:00Z"}, {"advisory": "RHSA-2024:4846", "cpe": "cpe:/a:redhat:openshift:4.13::el8", "package": "openshift4/ose-cluster-image-registry-operator:v4.13.0-202407221409.p0.g19ee668.assembly.stream.el8", "product_name": "Red Hat OpenShift Container Platform 4.13", "release_date": "2024-07-31T00:00:00Z"}, {"advisory": "RHSA-2024:4846", "cpe": "cpe:/a:redhat:openshift:4.13::el8", "package": "openshift4/ose-ibm-vpc-block-csi-driver-operator-rhel8:v4.13.0-202407182339.p0.g4c23f81.assembly.stream.el8", "product_name": "Red Hat OpenShift Container Platform 4.13", "release_date": "2024-07-31T00:00:00Z"}, {"advisory": "RHSA-2024:4846", "cpe": "cpe:/a:redhat:openshift:4.13::el8", "package": "openshift4/ose-ibm-vpc-block-csi-driver-rhel8:v4.13.0-202407182137.p0.g54aaeff.assembly.stream.el8", "product_name": "Red Hat OpenShift Container Platform 4.13", "release_date": "2024-07-31T00:00:00Z"}, {"advisory": "RHSA-2024:4846", "cpe": "cpe:/a:redhat:openshift:4.13::el8", "package": "openshift4/ose-ibm-vpc-node-label-updater-rhel8:v4.13.0-202407221109.p0.gb819827.assembly.stream.el8", "product_name": "Red Hat OpenShift Container Platform 4.13", "release_date": "2024-07-31T00:00:00Z"}, {"advisory": "RHSA-2024:5444", "cpe": "cpe:/a:redhat:openshift:4.13::el8", "package": "openshift4/ose-azure-cluster-api-controllers-rhel8:v4.13.0-202408131940.p0.g3f757a8.assembly.stream.el8", "product_name": "Red Hat OpenShift Container Platform 4.13", "release_date": "2024-08-22T00:00:00Z"}, {"advisory": "RHSA-2024:5444", "cpe": "cpe:/a:redhat:openshift:4.13::el8", "package": "openshift4/ose-powervs-block-csi-driver-rhel8:v4.13.0-202408131940.p0.g16fa555.assembly.stream.el8", "product_name": "Red Hat OpenShift Container Platform 4.13", "release_date": "2024-08-22T00:00:00Z"}, {"advisory": "RHSA-2024:5446", "cpe": "cpe:/a:redhat:openshift:4.13::el8", "package": "podman-3:4.4.1-13.rhaos4.13.el9", "product_name": "Red Hat OpenShift Container Platform 4.13", "release_date": "2024-08-22T00:00:00Z"}, {"advisory": "RHSA-2024:6009", "cpe": "cpe:/a:redhat:openshift:4.13::el8", "package": "openshift4/ose-installer:v4.13.0-202408280339.p0.g1b2041c.assembly.stream.el8", "product_name": "Red Hat OpenShift Container Platform 4.13", "release_date": "2024-09-04T00:00:00Z"}, {"advisory": "RHSA-2024:6811", "cpe": "cpe:/a:redhat:openshift:4.13::el8", "package": "openshift4/ose-hypershift-rhel8:v4.13.0-202409142105.p0.g6daddee.assembly.stream.el8", "product_name": "Red Hat OpenShift Container Platform 4.13", "release_date": "2024-09-25T00:00:00Z"}, {"advisory": "RHSA-2025:1116", "cpe": "cpe:/a:redhat:openshift:4.13::el8", "package": "openshift4/ose-ibmcloud-machine-controllers-rhel8:v4.13.0-202502010028.p0.g4698265.assembly.stream.el8", "product_name": "Red Hat OpenShift Container Platform 4.13", "release_date": "2025-02-13T00:00:00Z"}, {"advisory": "RHSA-2024:4479", "cpe": "cpe:/a:redhat:openshift:4.14::el8", "package": "openshift4/ose-cluster-image-registry-operator:v4.14.0-202407041041.p0.g5e20c16.assembly.stream.el8", "product_name": "Red Hat OpenShift Container Platform 4.14", "release_date": "2024-07-17T00:00:00Z"}, {"advisory": "RHSA-2024:4960", "cpe": "cpe:/a:redhat:openshift:4.14::el8", "package": "openshift4/ose-cloud-credential-operator:v4.14.0-202407301840.p0.g7a5d12e.assembly.stream.el8", "product_name": "Red Hat OpenShift Container Platform 4.14", "release_date": "2024-08-07T00:00:00Z"}, {"advisory": "RHSA-2024:4960", "cpe": "cpe:/a:redhat:openshift:4.14::el8", "package": "openshift4/ose-ibm-vpc-block-csi-driver-operator-rhel8:v4.14.0-202407120310.p0.g620220e.assembly.stream.el8", "product_name": "Red Hat OpenShift Container Platform 4.14", "release_date": "2024-08-07T00:00:00Z"}, {"advisory": "RHSA-2024:4960", "cpe": "cpe:/a:redhat:openshift:4.14::el8", "package": "openshift4/ose-ibm-vpc-block-csi-driver-rhel8:v4.14.0-202407161139.p0.gea2bc15.assembly.stream.el8", "product_name": "Red Hat OpenShift Container Platform 4.14", "release_date": "2024-08-07T00:00:00Z"}, {"advisory": "RHSA-2024:4960", "cpe": "cpe:/a:redhat:openshift:4.14::el8", "package": "openshift4/ose-ibm-vpc-node-label-updater-rhel8:v4.14.0-202407191039.p0.gda6823b.assembly.stream.el8", "product_name": "Red Hat OpenShift Container Platform 4.14", "release_date": "2024-08-07T00:00:00Z"}, {"advisory": "RHSA-2024:4963", "cpe": "cpe:/a:redhat:openshift:4.14::el8", "package": "podman-3:4.4.1-16.4.rhaos4.14.el9", "product_name": "Red Hat OpenShift Container Platform 4.14", "release_date": "2024-08-07T00:00:00Z"}, {"advisory": "RHSA-2024:5433", "cpe": "cpe:/a:redhat:openshift:4.14::el8", "package": "openshift4/ose-azure-cluster-api-controllers-rhel8:v4.14.0-202408081241.p0.g8c2203f.assembly.stream.el8", "product_name": "Red Hat OpenShift Container Platform 4.14", "release_date": "2024-08-22T00:00:00Z"}, {"advisory": "RHSA-2024:5433", "cpe": "cpe:/a:redhat:openshift:4.14::el8", "package": "openshift4/ose-powervs-block-csi-driver-rhel8:v4.14.0-202408081513.p0.g988f710.assembly.stream.el8", "product_name": "Red Hat OpenShift Container Platform 4.14", "release_date": "2024-08-22T00:00:00Z"}, {"advisory": "RHSA-2024:6406", "cpe": "cpe:/a:redhat:openshift:4.14::el8", "package": "openshift4/ose-installer:v4.14.0-202409031910.p0.ga8c1414.assembly.stream.el8", "product_name": "Red Hat OpenShift Container Platform 4.14", "release_date": "2024-09-11T00:00:00Z"}, {"advisory": "RHSA-2024:7184", "cpe": "cpe:/a:redhat:openshift:4.14::el8", "package": "openshift4/ose-hypershift-rhel8:v4.14.0-202409250538.p0.gd8f8831.assembly.stream.el8", "product_name": "Red Hat OpenShift Container Platform 4.14", "release_date": "2024-10-03T00:00:00Z"}, {"advisory": "RHSA-2025:0029", "cpe": "cpe:/a:redhat:openshift:4.14::el8", "package": "openshift4/ose-ibmcloud-machine-controllers-rhel8:v4.14.0-202412200205.p0.ga63c6aa.assembly.stream.el8", "product_name": "Red Hat OpenShift Container Platform 4.14", "release_date": "2025-01-09T00:00:00Z"}, {"advisory": "RHSA-2024:4699", "cpe": "cpe:/a:redhat:openshift:4.15::el8", "package": "openshift4/ose-cloud-credential-operator:v4.15.0-202407181606.p0.gf8455ca.assembly.stream.el8", "product_name": "Red Hat OpenShift Container Platform 4.15", "release_date": "2024-07-25T00:00:00Z"}, {"advisory": "RHSA-2024:4699", "cpe": "cpe:/a:redhat:openshift:4.15::el8", "package": "openshift4/ose-ibm-vpc-block-csi-driver-operator-rhel8:v4.15.0-202407111437.p0.gdf0f1f6.assembly.stream.el8", "product_name": "Red Hat OpenShift Container Platform 4.15", "release_date": "2024-07-25T00:00:00Z"}, {"advisory": "RHSA-2024:4699", "cpe": "cpe:/a:redhat:openshift:4.15::el8", "package": "openshift4/ose-ibm-vpc-block-csi-driver-rhel9:v4.15.0-202407151106.p0.g81877ac.assembly.stream.el9", "product_name": "Red Hat OpenShift Container Platform 4.15", "release_date": "2024-07-25T00:00:00Z"}, {"advisory": "RHSA-2024:4699", "cpe": "cpe:/a:redhat:openshift:4.15::el8", "package": "openshift4/ose-ibm-vpc-node-label-updater-rhel9:v4.15.0-202407160936.p0.g5d72ced.assembly.stream.el9", "product_name": "Red Hat OpenShift Container Platform 4.15", "release_date": "2024-07-25T00:00:00Z"}, {"advisory": "RHSA-2024:4853", "cpe": "cpe:/a:redhat:openshift:4.15::el8", "package": "podman-3:4.4.1-26.2.rhaos4.15.el8", "product_name": "Red Hat OpenShift Container Platform 4.15", "release_date": "2024-07-31T00:00:00Z"}, {"advisory": "RHSA-2024:5160", "cpe": "cpe:/a:redhat:openshift:4.15::el8", "package": "openshift4/ose-installer:v4.15.0-202408060439.p0.g950491f.assembly.stream.el8", "product_name": "Red Hat OpenShift Container Platform 4.15", "release_date": "2024-08-15T00:00:00Z"}, {"advisory": "RHSA-2024:5160", "cpe": "cpe:/a:redhat:openshift:4.15::el8", "package": "openshift4/ose-powervs-block-csi-driver-rhel9:v4.15.0-202408060439.p0.g38bee56.assembly.stream.el9", "product_name": "Red Hat OpenShift Container Platform 4.15", "release_date": "2024-08-15T00:00:00Z"}, {"advisory": "RHSA-2024:11562", "cpe": "cpe:/a:redhat:openshift:4.15::el9", "package": "openshift4/ose-ibmcloud-machine-controllers-rhel9:v4.15.0-202412120304.p0.g6846b9a.assembly.stream.el9", "product_name": "Red Hat OpenShift Container Platform 4.15", "release_date": "2025-01-02T00:00:00Z"}, {"advisory": "RHSA-2024:4321", "cpe": "cpe:/a:redhat:openshift:4.15::el9", "package": "openshift4/ose-azure-cluster-api-controllers-rhel9:v4.15.0-202407020237.p0.g44832d2.assembly.stream.el9", "product_name": "Red Hat OpenShift Container Platform 4.15", "release_date": "2024-07-10T00:00:00Z"}, {"advisory": "RHSA-2024:4321", "cpe": "cpe:/a:redhat:openshift:4.15::el9", "package": "openshift4/ose-cluster-image-registry-rhel9-operator:v4.15.0-202407031137.p0.g8740a71.assembly.stream.el9", "product_name": "Red Hat OpenShift Container Platform 4.15", "release_date": "2024-07-10T00:00:00Z"}, {"advisory": "RHSA-2024:6409", "cpe": "cpe:/a:redhat:openshift:4.15::el9", "package": "openshift4/ose-hypershift-rhel9:v4.15.0-202409041437.p0.gf2684bc.assembly.stream.el9", "product_name": "Red Hat OpenShift Container Platform 4.15", "release_date": "2024-09-11T00:00:00Z"}, {"advisory": "RHSA-2024:4858", "cpe": "cpe:/a:redhat:openshift:4.16::el8", "package": "podman-4:4.9.4-9.rhaos4.16.el9", "product_name": "Red Hat OpenShift Container Platform 4.16", "release_date": "2024-07-31T00:00:00Z"}, {"advisory": "RHSA-2024:10823", "cpe": "cpe:/a:redhat:openshift:4.16::el9", "package": "openshift4/ose-ibmcloud-machine-controllers-rhel9:v4.16.0-202412021934.p0.gd29506e.assembly.stream.el9", "product_name": "Red Hat OpenShift Container Platform 4.16", "release_date": "2024-12-12T00:00:00Z"}, {"advisory": "RHSA-2024:4316", "cpe": "cpe:/a:redhat:openshift:4.16::el9", "package": "openshift4/ose-azure-cluster-api-controllers-rhel9:v4.16.0-202407030803.p0.ga81e3b3.assembly.stream.el9", "product_name": "Red Hat OpenShift Container Platform 4.16", "release_date": "2024-07-09T00:00:00Z"}, {"advisory": "RHSA-2024:4316", "cpe": "cpe:/a:redhat:openshift:4.16::el9", "package": "openshift4/ose-cluster-image-registry-rhel9-operator:v4.16.0-202407030803.p0.g335c914.assembly.stream.el9", "product_name": "Red Hat OpenShift Container Platform 4.16", "release_date": "2024-07-09T00:00:00Z"}, {"advisory": "RHSA-2024:4469", "cpe": "cpe:/a:redhat:openshift:4.16::el9", "package": "openshift4/ose-ibm-vpc-block-csi-driver-rhel9:v4.16.0-202407031636.p0.g32b4c00.assembly.stream.el9", "product_name": "Red Hat OpenShift Container Platform 4.16", "release_date": "2024-07-16T00:00:00Z"}, {"advisory": "RHSA-2024:4469", "cpe": "cpe:/a:redhat:openshift:4.16::el9", "package": "openshift4/ose-ibm-vpc-block-csi-driver-rhel9-operator:v4.16.0-202407031636.p0.g34fc9a4.assembly.stream.el9", "product_name": "Red Hat OpenShift Container Platform 4.16", "release_date": "2024-07-16T00:00:00Z"}, {"advisory": "RHSA-2024:4613", "cpe": "cpe:/a:redhat:openshift:4.16::el9", "package": "openshift4/ose-cloud-credential-rhel9-operator:v4.16.0-202407142206.p0.gfffc75d.assembly.stream.el9", "product_name": "Red Hat OpenShift Container Platform 4.16", "release_date": "2024-07-24T00:00:00Z"}, {"advisory": "RHSA-2024:4613", "cpe": "cpe:/a:redhat:openshift:4.16::el9", "package": "openshift4/ose-installer-rhel9:v4.16.0-202407161505.p0.g41969e2.assembly.stream.el9", "product_name": "Red Hat OpenShift Container Platform 4.16", "release_date": "2024-07-24T00:00:00Z"}, {"advisory": "RHSA-2024:4965", "cpe": "cpe:/a:redhat:openshift:4.16::el9", "package": "openshift4/ose-powervs-cloud-controller-manager-rhel9:v4.16.0-202407300708.p0.g20e6dc7.assembly.stream.el9", "product_name": "Red Hat OpenShift Container Platform 4.16", "release_date": "2024-08-06T00:00:00Z"}, {"advisory": "RHSA-2024:4965", "cpe": "cpe:/a:redhat:openshift:4.16::el9", "package": "openshift4/ose-prometheus-rhel9:v4.16.0-202407261437.p0.gbc04420.assembly.stream.el9", "product_name": "Red Hat OpenShift Container Platform 4.16", "release_date": "2024-08-06T00:00:00Z"}, {"advisory": "RHSA-2024:5107", "cpe": "cpe:/a:redhat:openshift:4.16::el9", "package": "openshift4/ose-powervs-block-csi-driver-rhel9:v4.16.0-202408010610.p0.g26162ba.assembly.stream.el9", "product_name": "Red Hat OpenShift Container Platform 4.16", "release_date": "2024-08-13T00:00:00Z"}, {"advisory": "RHSA-2024:6004", "cpe": "cpe:/a:redhat:openshift:4.16::el9", "package": "openshift4/ose-hypershift-rhel9:v4.16.0-202408281556.p0.g469fb1e.assembly.stream.el9", "product_name": "Red Hat OpenShift Container Platform 4.16", "release_date": "2024-09-03T00:00:00Z"}, {"advisory": "RHSA-2024:3722", "cpe": "cpe:/a:redhat:openshift:4.17::el8", "package": "podman-4:5.2.0-2.rhaos4.17.el9", "product_name": "Red Hat OpenShift Container Platform 4.17", "release_date": "2024-10-01T00:00:00Z"}, {"advisory": "RHSA-2024:3722", "cpe": "cpe:/a:redhat:openshift:4.17::el8", "package": "skopeo-2:1.16.0-2.rhaos4.17.el8", "product_name": "Red Hat OpenShift Container Platform 4.17", "release_date": "2024-10-01T00:00:00Z"}, {"advisory": "RHSA-2024:10518", "cpe": "cpe:/a:redhat:openshift:4.17::el9", "package": "openshift4/ose-ibmcloud-machine-controllers-rhel9:v4.17.0-202411251634.p0.g238348d.assembly.stream.el9", "product_name": "Red Hat OpenShift Container Platform 4.17", "release_date": "2024-12-03T00:00:00Z"}, {"advisory": "RHSA-2024:6122", "cpe": "cpe:/a:redhat:openshift:4.18::el9", "package": "openshift4/ose-cluster-ingress-rhel9-operator:v4.18.0-202501230001.p0.g8be1749.assembly.stream.el9", "product_name": "Red Hat OpenShift Container Platform 4.18", "release_date": "2025-02-25T00:00:00Z"}, {"advisory": "RHSA-2024:8677", "cpe": "cpe:/a:redhat:openshift_gitops:1.12::el8", "package": "openshift-gitops-1/argocd-rhel8:v1.12.6-2", "product_name": "Red Hat OpenShift GitOps 1.12", "release_date": "2024-10-30T00:00:00Z"}, {"advisory": "RHSA-2024:8677", "cpe": "cpe:/a:redhat:openshift_gitops:1.12::el8", "package": "openshift-gitops-1/argo-rollouts-rhel8:v1.12.6-2", "product_name": "Red Hat OpenShift GitOps 1.12", "release_date": "2024-10-30T00:00:00Z"}, {"advisory": "RHSA-2024:8677", "cpe": "cpe:/a:redhat:openshift_gitops:1.12::el8", "package": "openshift-gitops-1/console-plugin-rhel8:v1.12.6-2", "product_name": "Red Hat OpenShift GitOps 1.12", "release_date": "2024-10-30T00:00:00Z"}, {"advisory": "RHSA-2024:8677", "cpe": "cpe:/a:redhat:openshift_gitops:1.12::el8", "package": "openshift-gitops-1/dex-rhel8:v1.12.6-2", "product_name": "Red Hat OpenShift GitOps 1.12", "release_date": "2024-10-30T00:00:00Z"}, {"advisory": "RHSA-2024:8677", "cpe": "cpe:/a:redhat:openshift_gitops:1.12::el8", "package": "openshift-gitops-1/gitops-operator-bundle:v1.12.6-2", "product_name": "Red Hat OpenShift GitOps 1.12", "release_date": "2024-10-30T00:00:00Z"}, {"advisory": "RHSA-2024:8677", "cpe": "cpe:/a:redhat:openshift_gitops:1.12::el8", "package": "openshift-gitops-1/gitops-rhel8:v1.12.6-2", "product_name": "Red Hat OpenShift GitOps 1.12", "release_date": "2024-10-30T00:00:00Z"}, {"advisory": "RHSA-2024:8677", "cpe": "cpe:/a:redhat:openshift_gitops:1.12::el8", "package": "openshift-gitops-1/gitops-rhel8-operator:v1.12.6-2", "product_name": "Red Hat OpenShift GitOps 1.12", "release_date": "2024-10-30T00:00:00Z"}, {"advisory": "RHSA-2024:8677", "cpe": "cpe:/a:redhat:openshift_gitops:1.12::el8", "package": "openshift-gitops-1/kam-delivery-rhel8:v1.12.6-2", "product_name": "Red Hat OpenShift GitOps 1.12", "release_date": "2024-10-30T00:00:00Z"}, {"advisory": "RHSA-2024:8677", "cpe": "cpe:/a:redhat:openshift_gitops:1.12::el8", "package": "openshift-gitops-1/must-gather-rhel8:v1.12.6-2", "product_name": "Red Hat OpenShift GitOps 1.12", "release_date": "2024-10-30T00:00:00Z"}, {"advisory": "RHSA-2024:8677", "cpe": "cpe:/a:redhat:openshift_gitops:1.12::el9", "package": "openshift-gitops-argocd-rhel9-container-v1.12.6-1", "product_name": "Red Hat OpenShift GitOps 1.12 - RHEL 9", "release_date": "2024-10-30T00:00:00Z"}, {"advisory": "RHSA-2024:7744", "cpe": "cpe:/a:redhat:openshift_data_foundation:4.13::el9", "package": "odf4/cephcsi-rhel9:v4.13.12-2", "product_name": "RHODF-4.13-RHEL-9", "release_date": "2024-10-07T00:00:00Z"}, {"advisory": "RHSA-2024:7624", "cpe": "cpe:/a:redhat:openshift_data_foundation:4.14::el9", "package": "odf4/cephcsi-rhel9:v4.14.11-2", "product_name": "RHODF-4.14-RHEL-9", "release_date": "2024-10-03T00:00:00Z"}, {"advisory": "RHSA-2025:1866", "cpe": "cpe:/a:redhat:openshift_data_foundation:4.14::el9", "package": "odf4/ocs-rhel9-operator:v4.14.16-2", "product_name": "RHODF-4.14-RHEL-9", "release_date": "2025-02-26T00:00:00Z"}, {"advisory": "RHSA-2025:1866", "cpe": "cpe:/a:redhat:openshift_data_foundation:4.14::el9", "package": "odf4/odf-rhel9-operator:v4.14.16-2", "product_name": "RHODF-4.14-RHEL-9", "release_date": "2025-02-26T00:00:00Z"}, {"advisory": "RHSA-2025:1865", "cpe": "cpe:/a:redhat:openshift_data_foundation:4.15::el9", "package": "odf4/ocs-rhel9-operator:v4.15.12-1", "product_name": "RHODF-4.15-RHEL-9", "release_date": "2025-02-26T00:00:00Z"}, {"advisory": "RHSA-2025:1865", "cpe": "cpe:/a:redhat:openshift_data_foundation:4.15::el9", "package": "odf4/odf-rhel9-operator:v4.15.12-1", "product_name": "RHODF-4.15-RHEL-9", "release_date": "2025-02-26T00:00:00Z"}, {"advisory": "RHSA-2024:5547", "cpe": "cpe:/a:redhat:openshift_data_foundation:4.16::el9", "package": "odf4/mcg-rhel9-operator:v4.16.1-3", "product_name": "RHODF-4.16-RHEL-9", "release_date": "2024-08-19T00:00:00Z"}, {"advisory": "RHSA-2024:5547", "cpe": "cpe:/a:redhat:openshift_data_foundation:4.16::el9", "package": "odf4/odf-cli-rhel9:v4.16.1-3", "product_name": "RHODF-4.16-RHEL-9", "release_date": "2024-08-19T00:00:00Z"}, {"advisory": "RHSA-2024:5547", "cpe": "cpe:/a:redhat:openshift_data_foundation:4.16::el9", "package": "odf4/odf-multicluster-rhel9-operator:v4.16.1-1", "product_name": "RHODF-4.16-RHEL-9", "release_date": "2024-08-19T00:00:00Z"}, {"advisory": "RHSA-2024:6755", "cpe": "cpe:/a:redhat:openshift_data_foundation:4.16::el9", "package": "odf4/cephcsi-rhel9:v4.16.2-2", "product_name": "RHODF-4.16-RHEL-9", "release_date": "2024-09-18T00:00:00Z"}, {"advisory": "RHSA-2024:6755", "cpe": "cpe:/a:redhat:openshift_data_foundation:4.16::el9", "package": "odf4/odf-cli-rhel9:v4.16.2-2", "product_name": "RHODF-4.16-RHEL-9", "release_date": "2024-09-18T00:00:00Z"}, {"advisory": "RHSA-2024:6755", "cpe": "cpe:/a:redhat:openshift_data_foundation:4.16::el9", "package": "odf4/rook-ceph-rhel9-operator:v4.16.2-3", "product_name": "RHODF-4.16-RHEL-9", "release_date": "2024-09-18T00:00:00Z"}, {"advisory": "RHSA-2025:1829", "cpe": "cpe:/a:redhat:openshift_data_foundation:4.16::el9", "package": "odf4/ocs-rhel9-operator:v4.16.8-1", "product_name": "RHODF-4.16-RHEL-9", "release_date": "2025-02-25T00:00:00Z"}, {"advisory": "RHSA-2025:1829", "cpe": "cpe:/a:redhat:openshift_data_foundation:4.16::el9", "package": "odf4/odf-rhel9-operator:v4.16.8-1", "product_name": "RHODF-4.16-RHEL-9", "release_date": "2025-02-25T00:00:00Z"}, {"advisory": "RHSA-2024:7323", "cpe": "cpe:/a:redhat:logging:5.6::el8", "package": "openshift-logging/cluster-logging-operator-bundle:v5.6.24-7", "product_name": "RHOL-5.6-RHEL-8", "release_date": "2024-10-07T00:00:00Z"}, {"advisory": "RHSA-2024:7323", "cpe": "cpe:/a:redhat:logging:5.6::el8", "package": "openshift-logging/cluster-logging-rhel8-operator:v5.6.24-2", "product_name": "RHOL-5.6-RHEL-8", "release_date": "2024-10-07T00:00:00Z"}, {"advisory": "RHSA-2024:7323", "cpe": "cpe:/a:redhat:logging:5.6::el8", "package": "openshift-logging/elasticsearch6-rhel8:v6.8.1-440", "product_name": "RHOL-5.6-RHEL-8", "release_date": "2024-10-07T00:00:00Z"}, {"advisory": "RHSA-2024:7323", "cpe": "cpe:/a:redhat:logging:5.6::el8", "package": "openshift-logging/elasticsearch-operator-bundle:v5.6.24-9", "product_name": "RHOL-5.6-RHEL-8", "release_date": "2024-10-07T00:00:00Z"}, {"advisory": "RHSA-2024:7323", "cpe": "cpe:/a:redhat:logging:5.6::el8", "package": "openshift-logging/elasticsearch-proxy-rhel8:v1.0.0-515", "product_name": "RHOL-5.6-RHEL-8", "release_date": "2024-10-07T00:00:00Z"}, {"advisory": "RHSA-2024:7323", "cpe": "cpe:/a:redhat:logging:5.6::el8", "package": "openshift-logging/elasticsearch-rhel8-operator:v5.6.24-2", "product_name": "RHOL-5.6-RHEL-8", "release_date": "2024-10-07T00:00:00Z"}, {"advisory": "RHSA-2024:7323", "cpe": "cpe:/a:redhat:logging:5.6::el8", "package": "openshift-logging/eventrouter-rhel8:v0.4.0-300", "product_name": "RHOL-5.6-RHEL-8", "release_date": "2024-10-07T00:00:00Z"}, {"advisory": "RHSA-2024:7323", "cpe": "cpe:/a:redhat:logging:5.6::el8", "package": "openshift-logging/fluentd-rhel8:v1.14.6-228", "product_name": "RHOL-5.6-RHEL-8", "release_date": "2024-10-07T00:00:00Z"}, {"advisory": "RHSA-2024:7323", "cpe": "cpe:/a:redhat:logging:5.6::el8", "package": "openshift-logging/kibana6-rhel8:v6.8.1-460", "product_name": "RHOL-5.6-RHEL-8", "release_date": "2024-10-07T00:00:00Z"}, {"advisory": "RHSA-2024:7323", "cpe": "cpe:/a:redhat:logging:5.6::el8", "package": "openshift-logging/log-file-metric-exporter-rhel8:v1.1.0-281", "product_name": "RHOL-5.6-RHEL-8", "release_date": "2024-10-07T00:00:00Z"}, {"advisory": "RHSA-2024:7323", "cpe": "cpe:/a:redhat:logging:5.6::el8", "package": "openshift-logging/logging-curator5-rhel8:v5.8.1-523", "product_name": "RHOL-5.6-RHEL-8", "release_date": "2024-10-07T00:00:00Z"}, {"advisory": "RHSA-2024:7323", "cpe": "cpe:/a:redhat:logging:5.6::el8", "package": "openshift-logging/logging-loki-rhel8:v3.1.1-11", "product_name": "RHOL-5.6-RHEL-8", "release_date": "2024-10-07T00:00:00Z"}, {"advisory": "RHSA-2024:7323", "cpe": "cpe:/a:redhat:logging:5.6::el8", "package": "openshift-logging/logging-view-plugin-rhel8:v5.6.24-3", "product_name": "RHOL-5.6-RHEL-8", "release_date": "2024-10-07T00:00:00Z"}, {"advisory": "RHSA-2024:7323", "cpe": "cpe:/a:redhat:logging:5.6::el8", "package": "openshift-logging/loki-operator-bundle:v5.6.24-18", "product_name": "RHOL-5.6-RHEL-8", "release_date": "2024-10-07T00:00:00Z"}, {"advisory": "RHSA-2024:7323", "cpe": "cpe:/a:redhat:logging:5.6::el8", "package": "openshift-logging/loki-rhel8-operator:v5.6.24-7", "product_name": "RHOL-5.6-RHEL-8", "release_date": "2024-10-07T00:00:00Z"}, {"advisory": "RHSA-2024:7323", "cpe": "cpe:/a:redhat:logging:5.6::el8", "package": "openshift-logging/lokistack-gateway-rhel8:v0.1.0-652", "product_name": "RHOL-5.6-RHEL-8", "release_date": "2024-10-07T00:00:00Z"}, {"advisory": "RHSA-2024:7323", "cpe": "cpe:/a:redhat:logging:5.6::el8", "package": "openshift-logging/opa-openshift-rhel8:v0.1.0-287", "product_name": "RHOL-5.6-RHEL-8", "release_date": "2024-10-07T00:00:00Z"}, {"advisory": "RHSA-2024:7323", "cpe": "cpe:/a:redhat:logging:5.6::el8", "package": "openshift-logging/vector-rhel8:v0.21.0-138", "product_name": "RHOL-5.6-RHEL-8", "release_date": "2024-10-07T00:00:00Z"}, {"advisory": "RHSA-2024:7237", "cpe": "cpe:/a:redhat:logging:5.8::el9", "package": "openshift-logging/cluster-logging-operator-bundle:v5.8.13-15", "product_name": "RHOL-5.8-RHEL-9", "release_date": "2024-09-26T00:00:00Z"}, {"advisory": "RHSA-2024:7237", "cpe": "cpe:/a:redhat:logging:5.8::el9", "package": "openshift-logging/cluster-logging-rhel9-operator:v5.8.13-7", "product_name": "RHOL-5.8-RHEL-9", "release_date": "2024-09-26T00:00:00Z"}, {"advisory": "RHSA-2024:7237", "cpe": "cpe:/a:redhat:logging:5.8::el9", "package": "openshift-logging/elasticsearch6-rhel9:v6.8.1-438", "product_name": "RHOL-5.8-RHEL-9", "release_date": "2024-09-26T00:00:00Z"}, {"advisory": "RHSA-2024:7237", "cpe": "cpe:/a:redhat:logging:5.8::el9", "package": "openshift-logging/elasticsearch-operator-bundle:v5.8.13-13", "product_name": "RHOL-5.8-RHEL-9", "release_date": "2024-09-26T00:00:00Z"}, {"advisory": "RHSA-2024:7237", "cpe": "cpe:/a:redhat:logging:5.8::el9", "package": "openshift-logging/elasticsearch-proxy-rhel9:v1.0.0-513", "product_name": "RHOL-5.8-RHEL-9", "release_date": "2024-09-26T00:00:00Z"}, {"advisory": "RHSA-2024:7237", "cpe": "cpe:/a:redhat:logging:5.8::el9", "package": "openshift-logging/elasticsearch-rhel9-operator:v5.8.13-5", "product_name": "RHOL-5.8-RHEL-9", "release_date": "2024-09-26T00:00:00Z"}, {"advisory": "RHSA-2024:7237", "cpe": "cpe:/a:redhat:logging:5.8::el9", "package": "openshift-logging/eventrouter-rhel9:v0.4.0-296", "product_name": "RHOL-5.8-RHEL-9", "release_date": "2024-09-26T00:00:00Z"}, {"advisory": "RHSA-2024:7237", "cpe": "cpe:/a:redhat:logging:5.8::el9", "package": "openshift-logging/fluentd-rhel9:v5.8.13-3", "product_name": "RHOL-5.8-RHEL-9", "release_date": "2024-09-26T00:00:00Z"}, {"advisory": "RHSA-2024:7237", "cpe": "cpe:/a:redhat:logging:5.8::el9", "package": "openshift-logging/log-file-metric-exporter-rhel9:v1.1.0-277", "product_name": "RHOL-5.8-RHEL-9", "release_date": "2024-09-26T00:00:00Z"}, {"advisory": "RHSA-2024:7237", "cpe": "cpe:/a:redhat:logging:5.8::el9", "package": "openshift-logging/logging-curator5-rhel9:v5.8.1-521", "product_name": "RHOL-5.8-RHEL-9", "release_date": "2024-09-26T00:00:00Z"}, {"advisory": "RHSA-2024:7237", "cpe": "cpe:/a:redhat:logging:5.8::el9", "package": "openshift-logging/logging-loki-rhel9:v3.1.1-7", "product_name": "RHOL-5.8-RHEL-9", "release_date": "2024-09-26T00:00:00Z"}, {"advisory": "RHSA-2024:7237", "cpe": "cpe:/a:redhat:logging:5.8::el9", "package": "openshift-logging/logging-view-plugin-rhel9:v5.8.13-4", "product_name": "RHOL-5.8-RHEL-9", "release_date": "2024-09-26T00:00:00Z"}, {"advisory": "RHSA-2024:7237", "cpe": "cpe:/a:redhat:logging:5.8::el9", "package": "openshift-logging/loki-operator-bundle:v5.8.13-17", "product_name": "RHOL-5.8-RHEL-9", "release_date": "2024-09-26T00:00:00Z"}, {"advisory": "RHSA-2024:7237", "cpe": "cpe:/a:redhat:logging:5.8::el9", "package": "openshift-logging/loki-rhel9-operator:v5.8.13-6", "product_name": "RHOL-5.8-RHEL-9", "release_date": "2024-09-26T00:00:00Z"}, {"advisory": "RHSA-2024:7237", "cpe": "cpe:/a:redhat:logging:5.8::el9", "package": "openshift-logging/lokistack-gateway-rhel9:v0.1.0-649", "product_name": "RHOL-5.8-RHEL-9", "release_date": "2024-09-26T00:00:00Z"}, {"advisory": "RHSA-2024:7237", "cpe": "cpe:/a:redhat:logging:5.8::el9", "package": "openshift-logging/opa-openshift-rhel9:v0.1.0-284", "product_name": "RHOL-5.8-RHEL-9", "release_date": "2024-09-26T00:00:00Z"}, {"advisory": "RHSA-2024:7237", "cpe": "cpe:/a:redhat:logging:5.8::el9", "package": "openshift-logging/vector-rhel9:v0.28.1-76", "product_name": "RHOL-5.8-RHEL-9", "release_date": "2024-09-26T00:00:00Z"}, {"advisory": "RHSA-2024:7324", "cpe": "cpe:/a:redhat:logging:5.9::el9", "package": "openshift-logging/cluster-logging-operator-bundle:v5.9.7-11", "product_name": "RHOL-5.9-RHEL-9", "release_date": "2024-10-02T00:00:00Z"}, {"advisory": "RHSA-2024:7324", "cpe": "cpe:/a:redhat:logging:5.9::el9", "package": "openshift-logging/cluster-logging-rhel9-operator:v5.9.7-6", "product_name": "RHOL-5.9-RHEL-9", "release_date": "2024-10-02T00:00:00Z"}, {"advisory": "RHSA-2024:7324", "cpe": "cpe:/a:redhat:logging:5.9::el9", "package": "openshift-logging/eventrouter-rhel9:v0.4.0-301", "product_name": "RHOL-5.9-RHEL-9", "release_date": "2024-10-02T00:00:00Z"}, {"advisory": "RHSA-2024:7324", "cpe": "cpe:/a:redhat:logging:5.9::el9", "package": "openshift-logging/fluentd-rhel9:v5.9.7-3", "product_name": "RHOL-5.9-RHEL-9", "release_date": "2024-10-02T00:00:00Z"}, {"advisory": "RHSA-2024:7324", "cpe": "cpe:/a:redhat:logging:5.9::el9", "package": "openshift-logging/log-file-metric-exporter-rhel9:v1.1.0-282", "product_name": "RHOL-5.9-RHEL-9", "release_date": "2024-10-02T00:00:00Z"}, {"advisory": "RHSA-2024:7324", "cpe": "cpe:/a:redhat:logging:5.9::el9", "package": "openshift-logging/logging-loki-rhel9:v3.1.1-10", "product_name": "RHOL-5.9-RHEL-9", "release_date": "2024-10-02T00:00:00Z"}, {"advisory": "RHSA-2024:7324", "cpe": "cpe:/a:redhat:logging:5.9::el9", "package": "openshift-logging/logging-view-plugin-rhel9:v5.9.7-5", "product_name": "RHOL-5.9-RHEL-9", "release_date": "2024-10-02T00:00:00Z"}, {"advisory": "RHSA-2024:7324", "cpe": "cpe:/a:redhat:logging:5.9::el9", "package": "openshift-logging/loki-operator-bundle:v5.9.7-16", "product_name": "RHOL-5.9-RHEL-9", "release_date": "2024-10-02T00:00:00Z"}, {"advisory": "RHSA-2024:7324", "cpe": "cpe:/a:redhat:logging:5.9::el9", "package": "openshift-logging/loki-rhel9-operator:v5.9.7-7", "product_name": "RHOL-5.9-RHEL-9", "release_date": "2024-10-02T00:00:00Z"}, {"advisory": "RHSA-2024:7324", "cpe": "cpe:/a:redhat:logging:5.9::el9", "package": "openshift-logging/lokistack-gateway-rhel9:v0.1.0-653", "product_name": "RHOL-5.9-RHEL-9", "release_date": "2024-10-02T00:00:00Z"}, {"advisory": "RHSA-2024:7324", "cpe": "cpe:/a:redhat:logging:5.9::el9", "package": "openshift-logging/opa-openshift-rhel9:v0.1.0-288", "product_name": "RHOL-5.9-RHEL-9", "release_date": "2024-10-02T00:00:00Z"}, {"advisory": "RHSA-2024:7324", "cpe": "cpe:/a:redhat:logging:5.9::el9", "package": "openshift-logging/vector-rhel9:v0.34.1-19", "product_name": "RHOL-5.9-RHEL-9", "release_date": "2024-10-02T00:00:00Z"}, {"advisory": "RHSA-2024:8314", "cpe": "cpe:/a:redhat:logging:6.0::el9", "package": "openshift-logging/logging-loki-rhel9:v3.2.0-12", "product_name": "RHOL-6.0-RHEL-9", "release_date": "2024-10-23T00:00:00Z"}, {"advisory": "RHSA-2024:4872", "cpe": "cpe:/a:redhat:openshift_serverless:1.33::el8", "package": "openshift-serverless-1/client-kn-rhel8:1.12.0-6", "product_name": "RHOSS-1.33-RHEL-8", "release_date": "2024-07-25T00:00:00Z"}, {"advisory": "RHSA-2024:4872", "cpe": "cpe:/a:redhat:openshift_serverless:1.33::el8", "package": "openshift-serverless-1/eventing-apiserver-receive-adapter-rhel8:1.12.0-7", "product_name": "RHOSS-1.33-RHEL-8", "release_date": "2024-07-25T00:00:00Z"}, {"advisory": "RHSA-2024:4872", "cpe": "cpe:/a:redhat:openshift_serverless:1.33::el8", "package": "openshift-serverless-1/eventing-controller-rhel8:1.12.0-7", "product_name": "RHOSS-1.33-RHEL-8", "release_date": "2024-07-25T00:00:00Z"}, {"advisory": "RHSA-2024:4872", "cpe": "cpe:/a:redhat:openshift_serverless:1.33::el8", "package": "openshift-serverless-1/eventing-in-memory-channel-controller-rhel8:1.12.0-7", "product_name": "RHOSS-1.33-RHEL-8", "release_date": "2024-07-25T00:00:00Z"}, {"advisory": "RHSA-2024:4872", "cpe": "cpe:/a:redhat:openshift_serverless:1.33::el8", "package": "openshift-serverless-1/eventing-in-memory-channel-dispatcher-rhel8:1.12.0-7", "product_name": "RHOSS-1.33-RHEL-8", "release_date": "2024-07-25T00:00:00Z"}, {"advisory": "RHSA-2024:4872", "cpe": "cpe:/a:redhat:openshift_serverless:1.33::el8", "package": "openshift-serverless-1/eventing-istio-controller-rhel8:1.12.0-5", "product_name": "RHOSS-1.33-RHEL-8", "release_date": "2024-07-25T00:00:00Z"}, {"advisory": "RHSA-2024:4872", "cpe": "cpe:/a:redhat:openshift_serverless:1.33::el8", "package": "openshift-serverless-1/eventing-kafka-broker-controller-rhel8:1.12.0-6", "product_name": "RHOSS-1.33-RHEL-8", "release_date": "2024-07-25T00:00:00Z"}, {"advisory": "RHSA-2024:4872", "cpe": "cpe:/a:redhat:openshift_serverless:1.33::el8", "package": "openshift-serverless-1/eventing-kafka-broker-dispatcher-rhel8:1.12.0-6", "product_name": "RHOSS-1.33-RHEL-8", "release_date": "2024-07-25T00:00:00Z"}, {"advisory": "RHSA-2024:4872", "cpe": "cpe:/a:redhat:openshift_serverless:1.33::el8", "package": "openshift-serverless-1/eventing-kafka-broker-post-install-rhel8:1.12.0-6", "product_name": "RHOSS-1.33-RHEL-8", "release_date": "2024-07-25T00:00:00Z"}, {"advisory": "RHSA-2024:4872", "cpe": "cpe:/a:redhat:openshift_serverless:1.33::el8", "package": "openshift-serverless-1/eventing-kafka-broker-receiver-rhel8:1.12.0-6", "product_name": "RHOSS-1.33-RHEL-8", "release_date": "2024-07-25T00:00:00Z"}, {"advisory": "RHSA-2024:4872", "cpe": "cpe:/a:redhat:openshift_serverless:1.33::el8", "package": "openshift-serverless-1/eventing-kafka-broker-webhook-rhel8:1.12.0-6", "product_name": "RHOSS-1.33-RHEL-8", "release_date": "2024-07-25T00:00:00Z"}, {"advisory": "RHSA-2024:4872", "cpe": "cpe:/a:redhat:openshift_serverless:1.33::el8", "package": "openshift-serverless-1/eventing-mtbroker-filter-rhel8:1.12.0-7", "product_name": "RHOSS-1.33-RHEL-8", "release_date": "2024-07-25T00:00:00Z"}, {"advisory": "RHSA-2024:4872", "cpe": "cpe:/a:redhat:openshift_serverless:1.33::el8", "package": "openshift-serverless-1/eventing-mtbroker-ingress-rhel8:1.12.0-7", "product_name": "RHOSS-1.33-RHEL-8", "release_date": "2024-07-25T00:00:00Z"}, {"advisory": "RHSA-2024:4872", "cpe": "cpe:/a:redhat:openshift_serverless:1.33::el8", "package": "openshift-serverless-1/eventing-mtchannel-broker-rhel8:1.12.0-7", "product_name": "RHOSS-1.33-RHEL-8", "release_date": "2024-07-25T00:00:00Z"}, {"advisory": "RHSA-2024:4872", "cpe": "cpe:/a:redhat:openshift_serverless:1.33::el8", "package": "openshift-serverless-1/eventing-mtping-rhel8:1.12.0-7", "product_name": "RHOSS-1.33-RHEL-8", "release_date": "2024-07-25T00:00:00Z"}, {"advisory": "RHSA-2024:4872", "cpe": "cpe:/a:redhat:openshift_serverless:1.33::el8", "package": "openshift-serverless-1/eventing-storage-version-migration-rhel8:1.12.0-7", "product_name": "RHOSS-1.33-RHEL-8", "release_date": "2024-07-25T00:00:00Z"}, {"advisory": "RHSA-2024:4872", "cpe": "cpe:/a:redhat:openshift_serverless:1.33::el8", "package": "openshift-serverless-1/eventing-webhook-rhel8:1.12.0-7", "product_name": "RHOSS-1.33-RHEL-8", "release_date": "2024-07-25T00:00:00Z"}, {"advisory": "RHSA-2024:4872", "cpe": "cpe:/a:redhat:openshift_serverless:1.33::el8", "package": "openshift-serverless-1/func-utils-rhel8:1.33.1-1", "product_name": "RHOSS-1.33-RHEL-8", "release_date": "2024-07-25T00:00:00Z"}, {"advisory": "RHSA-2024:4872", "cpe": "cpe:/a:redhat:openshift_serverless:1.33::el8", "package": "openshift-serverless-1/ingress-rhel8-operator:1.33.1-2", "product_name": "RHOSS-1.33-RHEL-8", "release_date": "2024-07-25T00:00:00Z"}, {"advisory": "RHSA-2024:4872", "cpe": "cpe:/a:redhat:openshift_serverless:1.33::el8", "package": "openshift-serverless-1/knative-rhel8-operator:1.33.1-2", "product_name": "RHOSS-1.33-RHEL-8", "release_date": "2024-07-25T00:00:00Z"}, {"advisory": "RHSA-2024:4872", "cpe": "cpe:/a:redhat:openshift_serverless:1.33::el8", "package": "openshift-serverless-1/kn-cli-artifacts-rhel8:1.12.0-6", "product_name": "RHOSS-1.33-RHEL-8", "release_date": "2024-07-25T00:00:00Z"}, {"advisory": "RHSA-2024:4872", "cpe": "cpe:/a:redhat:openshift_serverless:1.33::el8", "package": "openshift-serverless-1/kourier-control-rhel8:1.12.0-5", "product_name": "RHOSS-1.33-RHEL-8", "release_date": "2024-07-25T00:00:00Z"}, {"advisory": "RHSA-2024:4872", "cpe": "cpe:/a:redhat:openshift_serverless:1.33::el8", "package": "openshift-serverless-1/net-istio-controller-rhel8:1.12.0-5", "product_name": "RHOSS-1.33-RHEL-8", "release_date": "2024-07-25T00:00:00Z"}, {"advisory": "RHSA-2024:4872", "cpe": "cpe:/a:redhat:openshift_serverless:1.33::el8", "package": "openshift-serverless-1/net-istio-webhook-rhel8:1.12.0-5", "product_name": "RHOSS-1.33-RHEL-8", "release_date": "2024-07-25T00:00:00Z"}, {"advisory": "RHSA-2024:4872", "cpe": "cpe:/a:redhat:openshift_serverless:1.33::el8", "package": "openshift-serverless-1/serverless-operator-bundle:1.33.1-2", "product_name": "RHOSS-1.33-RHEL-8", "release_date": "2024-07-25T00:00:00Z"}, {"advisory": "RHSA-2024:4872", "cpe": "cpe:/a:redhat:openshift_serverless:1.33::el8", "package": "openshift-serverless-1/serverless-rhel8-operator:1.33.1-2", "product_name": "RHOSS-1.33-RHEL-8", "release_date": "2024-07-25T00:00:00Z"}, {"advisory": "RHSA-2024:4872", "cpe": "cpe:/a:redhat:openshift_serverless:1.33::el8", "package": "openshift-serverless-1/serving-activator-rhel8:1.12.0-5", "product_name": "RHOSS-1.33-RHEL-8", "release_date": "2024-07-25T00:00:00Z"}, {"advisory": "RHSA-2024:4872", "cpe": "cpe:/a:redhat:openshift_serverless:1.33::el8", "package": "openshift-serverless-1/serving-autoscaler-hpa-rhel8:1.12.0-5", "product_name": "RHOSS-1.33-RHEL-8", "release_date": "2024-07-25T00:00:00Z"}, {"advisory": "RHSA-2024:4872", "cpe": "cpe:/a:redhat:openshift_serverless:1.33::el8", "package": "openshift-serverless-1/serving-autoscaler-rhel8:1.12.0-5", "product_name": "RHOSS-1.33-RHEL-8", "release_date": "2024-07-25T00:00:00Z"}, {"advisory": "RHSA-2024:4872", "cpe": "cpe:/a:redhat:openshift_serverless:1.33::el8", "package": "openshift-serverless-1/serving-controller-rhel8:1.12.0-5", "product_name": "RHOSS-1.33-RHEL-8", "release_date": "2024-07-25T00:00:00Z"}, {"advisory": "RHSA-2024:4872", "cpe": "cpe:/a:redhat:openshift_serverless:1.33::el8", "package": "openshift-serverless-1/serving-queue-rhel8:1.12.0-5", "product_name": "RHOSS-1.33-RHEL-8", "release_date": "2024-07-25T00:00:00Z"}, {"advisory": "RHSA-2024:4872", "cpe": "cpe:/a:redhat:openshift_serverless:1.33::el8", "package": "openshift-serverless-1/serving-storage-version-migration-rhel8:1.12.0-5", "product_name": "RHOSS-1.33-RHEL-8", "release_date": "2024-07-25T00:00:00Z"}, {"advisory": "RHSA-2024:4872", "cpe": "cpe:/a:redhat:openshift_serverless:1.33::el8", "package": "openshift-serverless-1/serving-webhook-rhel8:1.12.0-5", "product_name": "RHOSS-1.33-RHEL-8", "release_date": "2024-07-25T00:00:00Z"}, {"advisory": "RHSA-2024:4872", "cpe": "cpe:/a:redhat:openshift_serverless:1.33::el8", "package": "openshift-serverless-1/svls-must-gather-rhel8:1.33.1-1", "product_name": "RHOSS-1.33-RHEL-8", "release_date": "2024-07-25T00:00:00Z"}, {"advisory": "RHSA-2024:4872", "cpe": "cpe:/a:redhat:openshift_serverless:1.33::el8", "package": "openshift-serverless-1-tech-preview/backstage-plugins-eventmesh-rhel8:1.33.1-1", "product_name": "RHOSS-1.33-RHEL-8", "release_date": "2024-07-25T00:00:00Z"}, {"advisory": "RHSA-2024:4872", "cpe": "cpe:/a:redhat:openshift_serverless:1.33::el8", "package": "openshift-serverless-1-tech-preview/knative-client-plugin-event-sender-rhel8:1.12.0-6", "product_name": "RHOSS-1.33-RHEL-8", "release_date": "2024-07-25T00:00:00Z"}, {"advisory": "RHSA-2025:3714", "cpe": "cpe:/a:redhat:cert_manager:1.14::el9", "package": "registry.redhat.io/cert-manager/jetstack-cert-manager-rhel9:sha256:a594b7ff2fa1ff1b5e6764815d792ea546901edd566e8d2ec84674b3b1248bf1", "product_name": "cert-manager operator for Red Hat OpenShift 1.14", "release_date": "2025-04-08T00:00:00Z"}, {"advisory": "RHSA-2025:0536", "cpe": "cpe:/a:redhat:cert_manager:1.15::el9", "package": "registry.redhat.io/cert-manager/jetstack-cert-manager-acmesolver-rhel9:sha256:2e4eae54c75591d3dacd8165159397a63d6f695a1f733d12623652705ad40173", "product_name": "cert-manager operator for Red Hat OpenShift 1.15", "release_date": "2025-01-21T00:00:00Z"}, {"advisory": "RHSA-2025:0536", "cpe": "cpe:/a:redhat:cert_manager:1.15::el9", "package": "registry.redhat.io/cert-manager/jetstack-cert-manager-rhel9:sha256:30d0113003152532d29a845550a78454a1f88099e90b475711ab74901560c67e", "product_name": "cert-manager operator for Red Hat OpenShift 1.15", "release_date": "2025-01-21T00:00:00Z"}], "bugzilla": {"description": "go-retryablehttp: url might write sensitive information to log file", "id": "2294000", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2294000"}, "csaw": false, "cvss3": {"cvss3_base_score": "6.0", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N", "status": "verified"}, "cwe": "CWE-532", "details": ["go-retryablehttp prior to 0.7.7 did not sanitize urls when writing them to its log file. This could lead to go-retryablehttp writing sensitive HTTP basic auth credentials to its log file. This vulnerability, CVE-2024-6104, was fixed in go-retryablehttp 0.7.7.", "A vulnerability was found in go-retryablehttp. The package may suffer from a lack of input sanitization by not cleaning up URL data when writing to the logs. This issue could expose sensitive authentication information."], "mitigation": {"lang": "en:us", "value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."}, "name": "CVE-2024-6104", "package_state": [{"cpe": "cpe:/a:redhat:openshift_custom_metrics_autoscaler:2", "fix_state": "Affected", "package_name": "custom-metrics-autoscaler/custom-metrics-autoscaler-rhel8", "product_name": "Custom Metric Autoscaler operator for Red Hat Openshift"}, {"cpe": "cpe:/a:redhat:multicluster_engine", "fix_state": "Not affected", "package_name": "multicluster-engine/cluster-api-provider-azure-rhel8", "product_name": "Multicluster Engine for Kubernetes"}, {"cpe": "cpe:/a:redhat:multicluster_engine", "fix_state": "Not affected", "package_name": "multicluster-engine/hypershift-cli-rhel8", "product_name": "Multicluster Engine for Kubernetes"}, {"cpe": "cpe:/a:redhat:openshift_api_data_protection:1", "fix_state": "Will not fix", "package_name": "oadp/oadp-kubevirt-velero-plugin-rhel9", "product_name": "OpenShift API for Data Protection"}, {"cpe": "cpe:/a:redhat:openshift_pipelines:1", "fix_state": "Affected", "package_name": "openshift-pipelines-client", "product_name": "OpenShift Pipelines"}, {"cpe": "cpe:/a:redhat:serverless:1", "fix_state": "Affected", "package_name": "openshift-serverless-clients", "product_name": "OpenShift Serverless"}, {"cpe": "cpe:/a:redhat:ceph_storage:6", "fix_state": "Affected", "package_name": "rhceph/rhceph-6-dashboard-rhel9", "product_name": "Red Hat Ceph Storage 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:10", "fix_state": "Not affected", "package_name": "grafana", "product_name": "Red Hat Enterprise Linux 10"}, {"cpe": "cpe:/o:redhat:enterprise_linux:10", "fix_state": "Not affected", "package_name": "osbuild-composer", "product_name": "Red Hat Enterprise Linux 10"}, {"cpe": "cpe:/o:redhat:enterprise_linux:10", "fix_state": "Not affected", "package_name": "podman", "product_name": "Red Hat Enterprise Linux 10"}, {"cpe": "cpe:/o:redhat:enterprise_linux:10", "fix_state": "Not affected", "package_name": "skopeo", "product_name": "Red Hat Enterprise Linux 10"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Affected", "package_name": "osbuild-composer", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Will not fix", "package_name": "osbuild-composer", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/a:redhat:openshift_ai", "fix_state": "Not affected", "package_name": "odh-ml-pipelines-cache-container", "product_name": "Red Hat OpenShift AI (RHOAI)"}, {"cpe": "cpe:/a:redhat:openshift_ai", "fix_state": "Will not fix", "package_name": "odh-ml-pipelines-driver-container", "product_name": "Red Hat OpenShift AI (RHOAI)"}, {"cpe": "cpe:/a:redhat:openshift:4", "fix_state": "Will not fix", "package_name": "openshift4/ose-console", "product_name": "Red Hat OpenShift Container Platform 4"}, {"cpe": "cpe:/a:redhat:openshift:4", "fix_state": "Will not fix", "package_name": "openshift4/ose-contour-rhel8", "product_name": "Red Hat OpenShift Container Platform 4"}, {"cpe": "cpe:/a:redhat:openshift:4", "fix_state": "Fix deferred", "package_name": "openshift4/ose-ibmcloud-cluster-api-controllers-rhel8", "product_name": "Red Hat OpenShift Container Platform 4"}, {"cpe": "cpe:/a:redhat:openshift:4", "fix_state": "Fix deferred", "package_name": "openshift4/ose-ibm-cloud-controller-manager-rhel8", "product_name": "Red Hat OpenShift Container Platform 4"}, {"cpe": "cpe:/a:redhat:openshift:4", "fix_state": "Fix deferred", "package_name": "ose-powervs-machine-controllers-container", "product_name": "Red Hat OpenShift Container Platform 4"}, {"cpe": "cpe:/a:redhat:openshift_container_storage:4", "fix_state": "Out of support scope", "package_name": "mcg", "product_name": "Red Hat Openshift Container Storage 4"}, {"cpe": "cpe:/a:redhat:openshift_container_storage:4", "fix_state": "Out of support scope", "package_name": "ocs4/cephcsi-rhel8", "product_name": "Red Hat Openshift Container Storage 4"}, {"cpe": "cpe:/a:redhat:openshift_container_storage:4", "fix_state": "Out of support scope", "package_name": "ocs4/mcg-rhel8-operator", "product_name": "Red Hat Openshift Container Storage 4"}, {"cpe": "cpe:/a:redhat:openshift_container_storage:4", "fix_state": "Out of support scope", "package_name": "ocs4/ocs-rhel8-operator", "product_name": "Red Hat Openshift Container Storage 4"}, {"cpe": "cpe:/a:redhat:openshift_container_storage:4", "fix_state": "Out of support scope", "package_name": "ocs4/rook-ceph-rhel8-operator", "product_name": "Red Hat Openshift Container Storage 4"}, {"cpe": "cpe:/a:redhat:openshift_data_foundation:4", "fix_state": "Not affected", "package_name": "mcg", "product_name": "Red Hat Openshift Data Foundation 4"}, {"cpe": "cpe:/a:redhat:openshift_data_foundation:4", "fix_state": "Not affected", "package_name": "odf4/mcg-cli-rhel9", "product_name": "Red Hat Openshift Data Foundation 4"}, {"cpe": "cpe:/a:redhat:openshift_data_science", "fix_state": "Not affected", "package_name": "rhods/odh-ml-pipelines-cache-rhel8", "product_name": "Red Hat OpenShift Data Science (RHODS)"}, {"cpe": "cpe:/a:redhat:openshift_devspaces:3:", "fix_state": "Will not fix", "package_name": "devspaces/traefik-rhel8", "product_name": "Red Hat OpenShift Dev Spaces"}, {"cpe": "cpe:/a:redhat:openshift_distributed_tracing:3", "fix_state": "Affected", "package_name": "rhosdt/opentelemetry-collector-rhel8", "product_name": "Red Hat OpenShift distributed tracing 3"}, {"cpe": "cpe:/a:redhat:openshift_distributed_tracing:3", "fix_state": "Affected", "package_name": "rhosdt/opentelemetry-rhel8-operator", "product_name": "Red Hat OpenShift distributed tracing 3"}, {"cpe": "cpe:/a:redhat:openshift_sandboxed_containers:1", "fix_state": "Affected", "package_name": "openshift-sandboxed-containers/osc-podvm-payload-rhel9", "product_name": "Red Hat Openshift Sandboxed Containers"}, {"cpe": "cpe:/a:redhat:openshift_sandboxed_containers:1", "fix_state": "Affected", "package_name": "openshift-sandboxed-containers/osc-rhel8-operator", "product_name": "Red Hat Openshift Sandboxed Containers"}], "public_date": "2024-06-24T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2024-6104\nhttps://nvd.nist.gov/vuln/detail/CVE-2024-6104"], "statement": "Within regulated environments, a combination of the following controls acts as a significant barrier to the successful exploitation of a CWE-532: Insertion of Sensitive Information into Log File vulnerability and therefore downgrades the severity of this particular CVE from Moderate to Low.\nLogging configurations are centrally managed and follow secure defaults that avoid recording sensitive information such as passwords, tokens, or keys. Audit logs are periodically reviewed and analyzed to identify anomalous events or improper logging practices, while privileged functions are monitored to ensure sensitive actions are traceable without overexposing data. Integrity verification mechanisms protect the authenticity of log data, helping detect unauthorized modification or injection. These layered controls significantly reduce the likelihood that sensitive data will be exposed through logging and ensure that any deviations are quickly detected and remediated.", "threat_severity": "Moderate"}

{}