{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2025-30204", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "state": "PUBLISHED", "assignerShortName": "GitHub_M", "dateReserved": "2025-03-18T18:15:13.849Z", "datePublished": "2025-03-21T21:42:01.382Z", "dateUpdated": "2025-04-10T13:03:19.897Z"}, "containers": {"cna": {"title": "jwt-go allows excessive memory allocation during header parsing", "problemTypes": [{"descriptions": [{"cweId": "CWE-405", "lang": "en", "description": "CWE-405: Asymmetric Resource Consumption (Amplification)", "type": "CWE"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}}], "references": [{"name": "https://github.com/golang-jwt/jwt/security/advisories/GHSA-mh63-6h87-95cp", "tags": ["x_refsource_CONFIRM"], "url": "https://github.com/golang-jwt/jwt/security/advisories/GHSA-mh63-6h87-95cp"}, {"name": "https://github.com/golang-jwt/jwt/commit/0951d184286dece21f73c85673fd308786ffe9c3", "tags": ["x_refsource_MISC"], "url": "https://github.com/golang-jwt/jwt/commit/0951d184286dece21f73c85673fd308786ffe9c3"}, {"name": "https://github.com/golang-jwt/jwt/commit/bf316c48137a1212f8d0af9288cc9ce8e59f1afb", "tags": ["x_refsource_MISC"], "url": "https://github.com/golang-jwt/jwt/commit/bf316c48137a1212f8d0af9288cc9ce8e59f1afb"}], "affected": [{"vendor": "golang-jwt", "product": "jwt", "versions": [{"version": ">= 3.2.0, < 4.5.2", "status": "affected"}, {"version": ">= 5.0.0-rc.1, < 5.2.2", "status": "affected"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2025-04-10T13:03:19.897Z"}, "descriptions": [{"lang": "en", "value": "golang-jwt is a Go implementation of JSON Web Tokens. Starting in version 3.2.0 and prior to versions 5.2.2 and 4.5.2, the function parse.ParseUnverified splits (via a call to strings.Split) its argument (which is untrusted data) on periods. As a result, in the face of a malicious request whose Authorization header consists of Bearer  followed by many period characters, a call to that function incurs allocations to the tune of O(n) bytes (where n stands for the length of the function's argument), with a constant factor of about 16. This issue is fixed in 5.2.2 and 4.5.2."}], "source": {"advisory": "GHSA-mh63-6h87-95cp", "discovery": "UNKNOWN"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-03-24T14:10:18.281694Z", "id": "CVE-2025-30204", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-03-24T14:10:35.776Z"}}, {"title": "CVE Program Container", "references": [{"url": "https://security.netapp.com/advisory/ntap-20250404-0002/"}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2025-04-04T23:03:13.309Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://security.netapp.com/advisory/ntap-20250404-0002/"}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2025-04-04T23:03:13.309Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2025-30204", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2025-03-24T14:10:18.281694Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-03-24T14:10:25.565Z"}}], "cna": {"title": "jwt-go allows excessive memory allocation during header parsing", "source": {"advisory": "GHSA-mh63-6h87-95cp", "discovery": "UNKNOWN"}, "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}}], "affected": [{"vendor": "golang-jwt", "product": "jwt", "versions": [{"status": "affected", "version": ">= 3.2.0, < 4.5.2"}, {"status": "affected", "version": ">= 5.0.0-rc.1, < 5.2.2"}]}], "references": [{"url": "https://github.com/golang-jwt/jwt/security/advisories/GHSA-mh63-6h87-95cp", "name": "https://github.com/golang-jwt/jwt/security/advisories/GHSA-mh63-6h87-95cp", "tags": ["x_refsource_CONFIRM"]}, {"url": "https://github.com/golang-jwt/jwt/commit/0951d184286dece21f73c85673fd308786ffe9c3", "name": "https://github.com/golang-jwt/jwt/commit/0951d184286dece21f73c85673fd308786ffe9c3", "tags": ["x_refsource_MISC"]}, {"url": "https://github.com/golang-jwt/jwt/commit/bf316c48137a1212f8d0af9288cc9ce8e59f1afb", "name": "https://github.com/golang-jwt/jwt/commit/bf316c48137a1212f8d0af9288cc9ce8e59f1afb", "tags": ["x_refsource_MISC"]}], "descriptions": [{"lang": "en", "value": "golang-jwt is a Go implementation of JSON Web Tokens. Starting in version 3.2.0 and prior to versions 5.2.2 and 4.5.2, the function parse.ParseUnverified splits (via a call to strings.Split) its argument (which is untrusted data) on periods. As a result, in the face of a malicious request whose Authorization header consists of Bearer  followed by many period characters, a call to that function incurs allocations to the tune of O(n) bytes (where n stands for the length of the function's argument), with a constant factor of about 16. This issue is fixed in 5.2.2 and 4.5.2."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-405", "description": "CWE-405: Asymmetric Resource Consumption (Amplification)"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2025-04-10T13:03:19.897Z"}}}, "cveMetadata": {"cveId": "CVE-2025-30204", "state": "PUBLISHED", "dateUpdated": "2025-04-10T13:03:19.897Z", "dateReserved": "2025-03-18T18:15:13.849Z", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "datePublished": "2025-03-21T21:42:01.382Z", "assignerShortName": "GitHub_M"}, "dataVersion": "5.1"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "golang-jwt is a Go implementation of JSON Web Tokens. Starting in version 3.2.0 and prior to versions 5.2.2 and 4.5.2, the function parse.ParseUnverified splits (via a call to strings.Split) its argument (which is untrusted data) on periods. As a result, in the face of a malicious request whose Authorization header consists of Bearer  followed by many period characters, a call to that function incurs allocations to the tune of O(n) bytes (where n stands for the length of the function's argument), with a constant factor of about 16. This issue is fixed in 5.2.2 and 4.5.2."}, {"lang": "es", "value": "golang-jwt es una implementaci\u00f3n de Go de tokens web JSON. En versiones anteriores a la 5.2.2 y la 4.5.2, la funci\u00f3n parse.ParseUnverified divide (mediante una llamada a strings.Split) su argumento (que contiene datos no confiables) en puntos. Como resultado, ante una solicitud maliciosa cuyo encabezado de autorizaci\u00f3n consiste en \"Bearer\" seguido de muchos puntos, una llamada a dicha funci\u00f3n genera asignaciones de O(n) bytes (donde n representa la longitud del argumento de la funci\u00f3n), con un factor constante de aproximadamente 16. Este problema se solucion\u00f3 en las versiones 5.2.2 y 4.5.2."}], "id": "CVE-2025-30204", "lastModified": "2025-04-10T13:15:52.097", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "security-advisories@github.com", "type": "Secondary"}]}, "published": "2025-03-21T22:15:26.420", "references": [{"source": "security-advisories@github.com", "url": "https://github.com/golang-jwt/jwt/commit/0951d184286dece21f73c85673fd308786ffe9c3"}, {"source": "security-advisories@github.com", "url": "https://github.com/golang-jwt/jwt/commit/bf316c48137a1212f8d0af9288cc9ce8e59f1afb"}, {"source": "security-advisories@github.com", "url": "https://github.com/golang-jwt/jwt/security/advisories/GHSA-mh63-6h87-95cp"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://security.netapp.com/advisory/ntap-20250404-0002/"}], "sourceIdentifier": "security-advisories@github.com", "vulnStatus": "Awaiting Analysis", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-405"}], "source": "security-advisories@github.com", "type": "Secondary"}]}

{"affected_release": [{"advisory": "RHSA-2025:3503", "cpe": "cpe:/a:redhat:cryostat:4::el9", "package": "cryostat/cryostat-agent-init-rhel9:0.5.0-9", "product_name": "Cryostat 4 on RHEL 9", "release_date": "2025-04-02T00:00:00Z"}, {"advisory": "RHSA-2025:3503", "cpe": "cpe:/a:redhat:cryostat:4::el9", "package": "cryostat/cryostat-db-rhel9:4.0.0-10", "product_name": "Cryostat 4 on RHEL 9", "release_date": "2025-04-02T00:00:00Z"}, {"advisory": "RHSA-2025:3503", "cpe": "cpe:/a:redhat:cryostat:4::el9", "package": "cryostat/cryostat-grafana-dashboard-rhel9:4.0.0-10", "product_name": "Cryostat 4 on RHEL 9", "release_date": "2025-04-02T00:00:00Z"}, {"advisory": "RHSA-2025:3503", "cpe": "cpe:/a:redhat:cryostat:4::el9", "package": "cryostat/cryostat-openshift-console-plugin-rhel9:4.0.0-10", "product_name": "Cryostat 4 on RHEL 9", "release_date": "2025-04-02T00:00:00Z"}, {"advisory": "RHSA-2025:3503", "cpe": "cpe:/a:redhat:cryostat:4::el9", "package": "cryostat/cryostat-operator-bundle:4.0.0-9", "product_name": "Cryostat 4 on RHEL 9", "release_date": "2025-04-02T00:00:00Z"}, {"advisory": "RHSA-2025:3503", "cpe": "cpe:/a:redhat:cryostat:4::el9", "package": "cryostat/cryostat-ose-oauth-proxy-rhel9:4.0.0-10", "product_name": "Cryostat 4 on RHEL 9", "release_date": "2025-04-02T00:00:00Z"}, {"advisory": "RHSA-2025:3503", "cpe": "cpe:/a:redhat:cryostat:4::el9", "package": "cryostat/cryostat-reports-rhel9:4.0.0-10", "product_name": "Cryostat 4 on RHEL 9", "release_date": "2025-04-02T00:00:00Z"}, {"advisory": "RHSA-2025:3503", "cpe": "cpe:/a:redhat:cryostat:4::el9", "package": "cryostat/cryostat-rhel9:4.0.0-10", "product_name": "Cryostat 4 on RHEL 9", "release_date": "2025-04-02T00:00:00Z"}, {"advisory": "RHSA-2025:3503", "cpe": "cpe:/a:redhat:cryostat:4::el9", "package": "cryostat/cryostat-rhel9-operator:4.0.0-10", "product_name": "Cryostat 4 on RHEL 9", "release_date": "2025-04-02T00:00:00Z"}, {"advisory": "RHSA-2025:3503", "cpe": "cpe:/a:redhat:cryostat:4::el9", "package": "cryostat/cryostat-storage-rhel9:4.0.0-10", "product_name": "Cryostat 4 on RHEL 9", "release_date": "2025-04-02T00:00:00Z"}, {"advisory": "RHSA-2025:3503", "cpe": "cpe:/a:redhat:cryostat:4::el9", "package": "cryostat/jfr-datasource-rhel9:4.0.0-10", "product_name": "Cryostat 4 on RHEL 9", "release_date": "2025-04-02T00:00:00Z"}, {"advisory": "RHSA-2025:3344", "cpe": "cpe:/a:redhat:enterprise_linux:9", "package": "grafana-0:10.2.6-9.el9_5", "product_name": "Red Hat Enterprise Linux 9", "release_date": "2025-03-27T00:00:00Z"}, {"advisory": "RHSA-2025:3411", "cpe": "cpe:/a:redhat:enterprise_linux:9", "package": "opentelemetry-collector-0:0.107.0-10.el9_5", "product_name": "Red Hat Enterprise Linux 9", "release_date": "2025-03-31T00:00:00Z"}, {"advisory": "RHSA-2025:3616", "cpe": "cpe:/a:redhat:rhel_eus:9.2", "package": "grafana-0:9.0.9-6.el9_2", "product_name": "Red Hat Enterprise Linux 9.2 Extended Update Support", "release_date": "2025-04-07T00:00:00Z"}, {"advisory": "RHSA-2025:3618", "cpe": "cpe:/a:redhat:rhel_eus:9.4", "package": "grafana-0:9.2.10-22.el9_4", "product_name": "Red Hat Enterprise Linux 9.4 Extended Update Support", "release_date": "2025-04-07T00:00:00Z"}, {"advisory": "RHSA-2025:3698", "cpe": "cpe:/a:redhat:rhel_eus:9.4", "package": "opentelemetry-collector-0:0.107.0-8.el9_4", "product_name": "Red Hat Enterprise Linux 9.4 Extended Update Support", "release_date": "2025-04-08T00:00:00Z"}, {"advisory": "RHSA-2025:3569", "cpe": "cpe:/a:redhat:openshift:4.14::el8", "package": "openshift4/ose-azure-workload-identity-webhook-rhel8:v4.14.0-202504020335.p0.g2cb8201.assembly.stream.el8", "product_name": "Red Hat OpenShift Container Platform 4.14", "release_date": "2025-04-09T00:00:00Z"}, {"advisory": "RHSA-2025:3569", "cpe": "cpe:/a:redhat:openshift:4.14::el8", "package": "openshift4/ose-cloud-credential-operator:v4.14.0-202504011810.p0.g07cf957.assembly.stream.el8", "product_name": "Red Hat OpenShift Container Platform 4.14", "release_date": "2025-04-09T00:00:00Z"}, {"advisory": "RHSA-2025:3565", "cpe": "cpe:/a:redhat:openshift:4.17::el9", "package": "openshift4/ose-azure-workload-identity-webhook-rhel9:v4.17.0-202504010735.p0.g6707f89.assembly.stream.el9", "product_name": "Red Hat OpenShift Container Platform 4.17", "release_date": "2025-04-09T00:00:00Z"}, {"advisory": "RHSA-2025:3565", "cpe": "cpe:/a:redhat:openshift:4.17::el9", "package": "openshift4/ose-cloud-credential-rhel9-operator:v4.17.0-202504010735.p0.gb00cc87.assembly.stream.el9", "product_name": "Red Hat OpenShift Container Platform 4.17", "release_date": "2025-04-09T00:00:00Z"}, {"advisory": "RHSA-2025:3577", "cpe": "cpe:/a:redhat:openshift:4.18::el9", "package": "openshift4/ose-aws-cluster-api-controllers-rhel9:v4.18.0-202504021503.p0.g59febef.assembly.stream.el9", "product_name": "Red Hat OpenShift Container Platform 4.18", "release_date": "2025-04-10T00:00:00Z"}, {"advisory": "RHSA-2025:3577", "cpe": "cpe:/a:redhat:openshift:4.18::el9", "package": "openshift4/ose-azure-workload-identity-webhook-rhel9:v4.18.0-202504021503.p0.gf60e402.assembly.stream.el9", "product_name": "Red Hat OpenShift Container Platform 4.18", "release_date": "2025-04-10T00:00:00Z"}, {"advisory": "RHSA-2025:3577", "cpe": "cpe:/a:redhat:openshift:4.18::el9", "package": "openshift4/ose-cloud-credential-rhel9-operator:v4.18.0-202504021503.p0.gce6f538.assembly.stream.el9", "product_name": "Red Hat OpenShift Container Platform 4.18", "release_date": "2025-04-10T00:00:00Z"}, {"advisory": "RHSA-2025:3607", "cpe": "cpe:/a:redhat:openshift_distributed_tracing:3.5::el8", "package": "registry.redhat.io/rhosdt/tempo-gateway-rhel8:sha256:133f4f1087b0e199f211007ceb2aeae9b9202c5961e812ea4aa037d375a93415", "product_name": "Red Hat OpenShift distributed tracing 3.5.1", "release_date": "2025-04-04T00:00:00Z"}, {"advisory": "RHSA-2025:3740", "cpe": "cpe:/a:redhat:openshift_distributed_tracing:3.5::el8", "package": "registry.redhat.io/rhosdt/tempo-gateway-rhel8:sha256:9502242017d18e1d0b643a93e769b302a38799a9d719e703b64801d65e11dcd4", "product_name": "Red Hat OpenShift distributed tracing 3.5.1", "release_date": "2025-04-09T00:00:00Z"}, {"advisory": "RHSA-2025:3743", "cpe": "cpe:/a:redhat:openshift_distributed_tracing:3.5::el8", "package": "registry.redhat.io/rhosdt/opentelemetry-collector-rhel8:sha256:b7f6e9442ee2ae2b7122a9732eaa11a85b1f0264e60963819c7e5150c1457740", "product_name": "Red Hat OpenShift distributed tracing 3.5.1", "release_date": "2025-04-09T00:00:00Z"}, {"advisory": "RHSA-2025:3808", "cpe": "cpe:/a:redhat:trusted_artifact_signer:1.1::el9", "package": "registry.redhat.io/rhtas/createtree-rhel9:sha256:d9ff8413f1d106cb5084b48b73b205db6dd5ad82818be4111c5cb118d9d135ae", "product_name": "Red Hat Trusted Artifact Signer 1.1", "release_date": "2025-04-10T00:00:00Z"}, {"advisory": "RHSA-2025:3808", "cpe": "cpe:/a:redhat:trusted_artifact_signer:1.1::el9", "package": "registry.redhat.io/rhtas/trillian-database-rhel9:sha256:7ce611aefdfedd8b2a633def482cf41f390c95b8f8c800b6163a585f117a9e2e", "product_name": "Red Hat Trusted Artifact Signer 1.1", "release_date": "2025-04-10T00:00:00Z"}, {"advisory": "RHSA-2025:3808", "cpe": "cpe:/a:redhat:trusted_artifact_signer:1.1::el9", "package": "registry.redhat.io/rhtas/trillian-logserver-rhel9:sha256:76c24a38ac89ed632d38e44049f37e4997abfa27fa8cadbb8afb42575031296f", "product_name": "Red Hat Trusted Artifact Signer 1.1", "release_date": "2025-04-10T00:00:00Z"}, {"advisory": "RHSA-2025:3808", "cpe": "cpe:/a:redhat:trusted_artifact_signer:1.1::el9", "package": "registry.redhat.io/rhtas/trillian-logsigner-rhel9:sha256:1f5a30a285a16635a7234c3c1763dfb385c8bffd605fc862b782bdb5c6c61ea3", "product_name": "Red Hat Trusted Artifact Signer 1.1", "release_date": "2025-04-10T00:00:00Z"}, {"advisory": "RHSA-2025:3808", "cpe": "cpe:/a:redhat:trusted_artifact_signer:1.1::el9", "package": "registry.redhat.io/rhtas/trillian-redis-rhel9:sha256:5a752cefdaf28bfc53847185cdd5fef1ee47e3dcff8472f8a8bf7bbdc224ef57", "product_name": "Red Hat Trusted Artifact Signer 1.1", "release_date": "2025-04-10T00:00:00Z"}, {"advisory": "RHSA-2025:3808", "cpe": "cpe:/a:redhat:trusted_artifact_signer:1.1::el9", "package": "registry.redhat.io/rhtas/updatetree-rhel9:sha256:8651f55805f4b32a7ca351caa642b74f88493ca3dfb52ff57cf3c2dbdbf829f7", "product_name": "Red Hat Trusted Artifact Signer 1.1", "release_date": "2025-04-10T00:00:00Z"}, {"advisory": "RHSA-2025:3811", "cpe": "cpe:/a:redhat:trusted_artifact_signer:1.1::el9", "package": "registry.redhat.io/rhtas/certificate-transparency-rhel9:sha256:dc994a95be22b0f4bab022fc362c4f44c6a7d1887a2eb0d04870d75654ec013b", "product_name": "Red Hat Trusted Artifact Signer 1.1", "release_date": "2025-04-10T00:00:00Z"}, {"advisory": "RHSA-2025:3813", "cpe": "cpe:/a:redhat:trusted_artifact_signer:1.1::el9", "package": "registry.redhat.io/rhtas/timestamp-authority-rhel9:sha256:796860a3e85712c60398c36983e0ff4d45325c7a4de869da2ebf1b6ba4b19825", "product_name": "Red Hat Trusted Artifact Signer 1.1", "release_date": "2025-04-10T00:00:00Z"}, {"advisory": "RHSA-2025:3814", "cpe": "cpe:/a:redhat:trusted_artifact_signer:1.1::el9", "package": "registry.redhat.io/rhtas/rekor-backfill-redis-rhel9:sha256:6131053778ea04e437f3005f90d1138aa11ebc58e3a9295e2a8d8ef6713a52be", "product_name": "Red Hat Trusted Artifact Signer 1.1", "release_date": "2025-04-10T00:00:00Z"}, {"advisory": "RHSA-2025:3814", "cpe": "cpe:/a:redhat:trusted_artifact_signer:1.1::el9", "package": "registry.redhat.io/rhtas/rekor-cli-rhel9:sha256:4bd68a4b63c15e5a09127d93a20e98508ce2ce8e4649bea3ab8e30cd83f235b2", "product_name": "Red Hat Trusted Artifact Signer 1.1", "release_date": "2025-04-10T00:00:00Z"}, {"advisory": "RHSA-2025:3814", "cpe": "cpe:/a:redhat:trusted_artifact_signer:1.1::el9", "package": "registry.redhat.io/rhtas/rekor-server-rhel9:sha256:3b8f49c41df15022f8ffdf3a8f8605b14c14f4e10eae754a06a86b6585d158b3", "product_name": "Red Hat Trusted Artifact Signer 1.1", "release_date": "2025-04-10T00:00:00Z"}, {"advisory": "RHSA-2025:3820", "cpe": "cpe:/a:redhat:trusted_artifact_signer:1.1::el9", "package": "registry.redhat.io/rhtas/cosign-rhel9:sha256:2a2aa8c1a224419be83afe46b0226e168927c19c8bd3f9c4e562e5e5caebb6a9", "product_name": "Red Hat Trusted Artifact Signer 1.1", "release_date": "2025-04-10T00:00:00Z"}, {"advisory": "RHSA-2025:3820", "cpe": "cpe:/a:redhat:trusted_artifact_signer:1.1::el9", "package": "registry.redhat.io/rhtas/gitsign-rhel9:sha256:bef55c43000f266cdb7cf6ea525f7c52f2ee532b7b487ae9752aac31ebded40f", "product_name": "Red Hat Trusted Artifact Signer 1.1", "release_date": "2025-04-10T00:00:00Z"}], "bugzilla": {"description": "golang-jwt/jwt: jwt-go allows excessive memory allocation during header parsing", "id": "2354195", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2354195"}, "csaw": false, "cvss3": {"cvss3_base_score": "7.5", "cvss3_scoring_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "status": "verified"}, "cwe": "CWE-405", "details": ["golang-jwt is a Go implementation of JSON Web Tokens. Starting in version 3.2.0 and prior to versions 5.2.2 and 4.5.2, the function parse.ParseUnverified splits (via a call to strings.Split) its argument (which is untrusted data) on periods. As a result, in the face of a malicious request whose Authorization header consists of Bearer  followed by many period characters, a call to that function incurs allocations to the tune of O(n) bytes (where n stands for the length of the function's argument), with a constant factor of about 16. This issue is fixed in 5.2.2 and 4.5.2.", "A flaw was found in the golang-jwt implementation of JSON Web Tokens (JWT). In affected versions, a malicious request with specially crafted Authorization header data may trigger an excessive consumption of resources on the host system. This issue can cause significant performance degradation or an application crash, leading to a denial of service."], "mitigation": {"lang": "en:us", "value": "Red Hat Product Security does not have a recommended mitigation at this time."}, "name": "CVE-2025-30204", "package_state": [{"cpe": "cpe:/a:redhat:assisted_installer:2", "fix_state": "Affected", "package_name": "rhai-tech-preview/assisted-installer-agent-rhel8", "product_name": "Assisted Installer for Red Hat OpenShift Container Platform"}, {"cpe": "cpe:/a:redhat:assisted_installer:2", "fix_state": "Affected", "package_name": "rhai-tech-preview/assisted-installer-reporter-rhel8", "product_name": "Assisted Installer for Red Hat OpenShift Container Platform"}, {"cpe": "cpe:/a:redhat:assisted_installer:2", "fix_state": "Affected", "package_name": "rhai-tech-preview/assisted-installer-rhel8", "product_name": "Assisted Installer for Red Hat OpenShift Container Platform"}, {"cpe": "cpe:/a:redhat:openshift_builds:1", "fix_state": "Affected", "package_name": "openshift-builds/openshift-builds-controller-rhel9", "product_name": "Builds for Red Hat OpenShift"}, {"cpe": "cpe:/a:redhat:openshift_builds:1", "fix_state": "Affected", "package_name": "openshift-builds/openshift-builds-git-cloner-rhel9", "product_name": "Builds for Red Hat OpenShift"}, {"cpe": "cpe:/a:redhat:openshift_builds:1", "fix_state": "Affected", "package_name": "openshift-builds/openshift-builds-image-bundler-rhel9", "product_name": "Builds for Red Hat OpenShift"}, {"cpe": "cpe:/a:redhat:openshift_builds:1", "fix_state": "Affected", "package_name": "openshift-builds/openshift-builds-image-processing-rhel9", "product_name": "Builds for Red Hat OpenShift"}, {"cpe": "cpe:/a:redhat:openshift_builds:1", "fix_state": "Affected", "package_name": "openshift-builds/openshift-builds-waiters-rhel9", "product_name": "Builds for Red Hat OpenShift"}, {"cpe": "cpe:/a:redhat:openshift_builds:1", "fix_state": "Affected", "package_name": "openshift-builds/openshift-builds-webhook-rhel9", "product_name": "Builds for Red Hat OpenShift"}, {"cpe": "cpe:/a:redhat:cert_manager:1", "fix_state": "Affected", "package_name": "cert-manager/jetstack-cert-manager-acmesolver-rhel9", "product_name": "cert-manager Operator for Red Hat OpenShift"}, {"cpe": "cpe:/a:redhat:cert_manager:1", "fix_state": "Affected", "package_name": "cert-manager/jetstack-cert-manager-rhel9", "product_name": "cert-manager Operator for Red Hat OpenShift"}, {"cpe": "cpe:/a:redhat:cryostat:3", "fix_state": "Out of support scope", "package_name": "cryostat-tech-preview/cryostat-storage-rhel8", "product_name": "Cryostat 3"}, {"cpe": "cpe:/a:redhat:openshift_custom_metrics_autoscaler:2", "fix_state": "Not affected", "package_name": "custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel8", "product_name": "Custom Metric Autoscaler operator for Red Hat Openshift"}, {"cpe": "cpe:/a:redhat:openshift_custom_metrics_autoscaler:2", "fix_state": "Affected", "package_name": "custom-metrics-autoscaler/custom-metrics-autoscaler-rhel8", "product_name": "Custom Metric Autoscaler operator for Red Hat Openshift"}, {"cpe": "cpe:/a:redhat:openshift_custom_metrics_autoscaler:2", "fix_state": "Affected", "package_name": "custom-metrics-autoscaler-tech-preview/custom-metrics-autoscaler-adapter-rhel8", "product_name": "Custom Metric Autoscaler operator for Red Hat Openshift"}, {"cpe": "cpe:/a:redhat:logging:6", "fix_state": "Affected", "package_name": "openshift-logging/logging-loki-rhel9", "product_name": "Logging Subsystem for Red Hat OpenShift"}, {"cpe": "cpe:/a:redhat:logging:6", "fix_state": "Affected", "package_name": "openshift-logging/lokistack-gateway-rhel9", "product_name": "Logging Subsystem for Red Hat OpenShift"}, {"cpe": "cpe:/a:redhat:migration_toolkit_applications:7", "fix_state": "Affected", "package_name": "mta-discovery-addon-container", "product_name": "Migration Toolkit for Applications 7"}, {"cpe": "cpe:/a:redhat:migration_toolkit_applications:7", "fix_state": "Affected", "package_name": "mta-dotnet-external-provider-container", "product_name": "Migration Toolkit for Applications 7"}, {"cpe": "cpe:/a:redhat:migration_toolkit_applications:7", "fix_state": "Affected", "package_name": "mta-generic-external-provider-container", "product_name": "Migration Toolkit for Applications 7"}, {"cpe": "cpe:/a:redhat:migration_toolkit_applications:7", "fix_state": "Affected", "package_name": "mta-java-external-provider-container", "product_name": "Migration Toolkit for Applications 7"}, {"cpe": "cpe:/a:redhat:migration_toolkit_applications:7", "fix_state": "Affected", "package_name": "mta/mta-analyzer-addon-rhel9", "product_name": "Migration Toolkit for Applications 7"}, {"cpe": "cpe:/a:redhat:migration_toolkit_applications:7", "fix_state": "Affected", "package_name": "mta/mta-cli-rhel9", "product_name": "Migration Toolkit for Applications 7"}, {"cpe": "cpe:/a:redhat:migration_toolkit_applications:7", "fix_state": "Affected", "package_name": "mta/mta-hub-rhel9", "product_name": "Migration Toolkit for Applications 7"}, {"cpe": "cpe:/a:redhat:rhmt", "fix_state": "Affected", "package_name": "rhmtc/openshift-migration-controller-rhel8", "product_name": "Migration Toolkit for Containers"}, {"cpe": "cpe:/a:redhat:multicluster_engine", "fix_state": "Affected", "package_name": "multicluster-engine/agent-service-rhel8", "product_name": "Multicluster Engine for Kubernetes"}, {"cpe": "cpe:/a:redhat:multicluster_engine", "fix_state": "Affected", "package_name": "multicluster-engine/assisted-installer-agent-rhel8", "product_name": "Multicluster Engine for Kubernetes"}, {"cpe": "cpe:/a:redhat:multicluster_engine", "fix_state": "Affected", "package_name": "multicluster-engine/assisted-installer-controller-rhel8", "product_name": "Multicluster Engine for Kubernetes"}, {"cpe": "cpe:/a:redhat:multicluster_engine", "fix_state": "Affected", "package_name": "multicluster-engine/assisted-installer-reporter-rhel8", "product_name": "Multicluster Engine for Kubernetes"}, {"cpe": "cpe:/a:redhat:multicluster_engine", "fix_state": "Affected", "package_name": "multicluster-engine/assisted-installer-rhel8", "product_name": "Multicluster Engine for Kubernetes"}, {"cpe": "cpe:/a:redhat:multicluster_engine", "fix_state": "Affected", "package_name": "multicluster-engine/assisted-service-8-rhel8", "product_name": "Multicluster Engine for Kubernetes"}, {"cpe": "cpe:/a:redhat:multicluster_engine", "fix_state": "Affected", "package_name": "multicluster-engine/assisted-service-9-rhel9", "product_name": "Multicluster Engine for Kubernetes"}, {"cpe": "cpe:/a:redhat:multicluster_engine", "fix_state": "Affected", "package_name": "multicluster-engine/cluster-api-provider-azure-rhel8", "product_name": "Multicluster Engine for Kubernetes"}, {"cpe": "cpe:/a:redhat:multicluster_engine", "fix_state": "Affected", "package_name": "multicluster-engine/discovery-rhel9", "product_name": "Multicluster Engine for Kubernetes"}, {"cpe": "cpe:/a:redhat:multicluster_engine", "fix_state": "Affected", "package_name": "multicluster-engine/hive-rhel8", "product_name": "Multicluster Engine for Kubernetes"}, {"cpe": "cpe:/a:redhat:multicluster_engine", "fix_state": "Affected", "package_name": "multicluster-engine/hypershift-addon-rhel9-operator", "product_name": "Multicluster Engine for Kubernetes"}, {"cpe": "cpe:/a:redhat:multicluster_engine", "fix_state": "Affected", "package_name": "multicluster-engine/hypershift-cli-rhel8", "product_name": "Multicluster Engine for Kubernetes"}, {"cpe": "cpe:/a:redhat:multicluster_engine", "fix_state": "Affected", "package_name": "multicluster-engine/hypershift-rhel9-operator", "product_name": "Multicluster Engine for Kubernetes"}, {"cpe": "cpe:/a:redhat:multicluster_engine", "fix_state": "Affected", "package_name": "multicluster-engine/image-based-install-rhel9", "product_name": "Multicluster Engine for Kubernetes"}, {"cpe": "cpe:/a:redhat:multicluster_engine", "fix_state": "Affected", "package_name": "multicluster-engine/managedcluster-import-controller-rhel9", "product_name": "Multicluster Engine for Kubernetes"}, {"cpe": "cpe:/a:redhat:multicluster_engine", "fix_state": "Affected", "package_name": "multicluster-engine/must-gather-rhel8", "product_name": "Multicluster Engine for Kubernetes"}, {"cpe": "cpe:/a:redhat:multicluster_globalhub", "fix_state": "Affected", "package_name": "multicluster-globalhub/multicluster-globalhub-agent-rhel9", "product_name": "Multicluster Global Hub"}, {"cpe": "cpe:/a:redhat:multicluster_globalhub", "fix_state": "Affected", "package_name": "multicluster-globalhub/multicluster-globalhub-grafana-rhel8", "product_name": "Multicluster Global Hub"}, {"cpe": "cpe:/a:redhat:multicluster_globalhub", "fix_state": "Affected", "package_name": "multicluster-globalhub/multicluster-globalhub-kessel-inventory-api-rhel9", "product_name": "Multicluster Global Hub"}, {"cpe": "cpe:/a:redhat:multicluster_globalhub", "fix_state": "Affected", "package_name": "multicluster-globalhub/multicluster-globalhub-manager-rhel8", "product_name": "Multicluster Global Hub"}, {"cpe": "cpe:/a:redhat:multicluster_globalhub", "fix_state": "Not affected", "package_name": "multicluster-globalhub/multicluster-globalhub-operator-bundle", "product_name": "Multicluster Global Hub"}, {"cpe": "cpe:/a:redhat:multicluster_globalhub", "fix_state": "Affected", "package_name": "multicluster-globalhub/multicluster-globalhub-rhel9-operator", "product_name": "Multicluster Global Hub"}, {"cpe": "cpe:/a:redhat:workload_availability_nmo:5", "fix_state": "Affected", "package_name": "workload-availability/node-maintenance-must-gather-rhel8", "product_name": "Node Maintenance Operator"}, {"cpe": "cpe:/a:redhat:workload_availability_nmo:5", "fix_state": "Affected", "package_name": "workload-availability/node-maintenance-operator-bundle", "product_name": "Node Maintenance Operator"}, {"cpe": "cpe:/a:redhat:workload_availability_nmo:5", "fix_state": "Affected", "package_name": "workload-availability/node-maintenance-rhel8-operator", "product_name": "Node Maintenance Operator"}, {"cpe": "cpe:/a:redhat:openshift_api_data_protection:1", "fix_state": "Affected", "package_name": "oadp/oadp-mustgather-rhel8", "product_name": "OpenShift API for Data Protection"}, {"cpe": "cpe:/a:redhat:openshift_api_data_protection:1", "fix_state": "Affected", "package_name": "oadp/oadp-rhel8-operator", "product_name": "OpenShift API for Data Protection"}, {"cpe": "cpe:/a:redhat:openshift_api_data_protection:1", "fix_state": "Affected", "package_name": "oadp/oadp-velero-plugin-for-csi-rhel8", "product_name": "OpenShift API for Data Protection"}, {"cpe": "cpe:/a:redhat:openshift_api_data_protection:1", "fix_state": "Affected", "package_name": "oadp/oadp-velero-plugin-for-microsoft-azure-rhel8", "product_name": "OpenShift API for Data Protection"}, {"cpe": "cpe:/a:redhat:openshift_api_data_protection:1", "fix_state": "Affected", "package_name": "oadp/oadp-velero-plugin-rhel8", "product_name": "OpenShift API for Data Protection"}, {"cpe": "cpe:/a:redhat:openshift_api_data_protection:1", "fix_state": "Affected", "package_name": "oadp/oadp-velero-restic-restore-helper-rhel8", "product_name": "OpenShift API for Data Protection"}, {"cpe": "cpe:/a:redhat:openshift_api_data_protection:1", "fix_state": "Affected", "package_name": "oadp/oadp-velero-rhel8", "product_name": "OpenShift API for Data Protection"}, {"cpe": "cpe:/a:redhat:ocp_tools", "fix_state": "Affected", "package_name": "helm", "product_name": "OpenShift Developer Tools and Services"}, {"cpe": "cpe:/a:redhat:openshift_pipelines:1", "fix_state": "Affected", "package_name": "openshift-pipelines-client", "product_name": "OpenShift Pipelines"}, {"cpe": "cpe:/a:redhat:serverless:1", "fix_state": "Affected", "package_name": "openshift-serverless-1/client-kn-rhel8", "product_name": "OpenShift Serverless"}, {"cpe": "cpe:/a:redhat:serverless:1", "fix_state": "Affected", "package_name": "openshift-serverless-1-func-utils-rhel8-container", "product_name": "OpenShift Serverless"}, {"cpe": "cpe:/a:redhat:serverless:1", "fix_state": "Affected", "package_name": "openshift-serverless-1/kn-plugin-event-sender-rhel8", "product_name": "OpenShift Serverless"}, {"cpe": "cpe:/a:redhat:serverless:1", "fix_state": "Affected", "package_name": "openshift-serverless-1/kn-plugin-func-func-util-rhel8", "product_name": "OpenShift Serverless"}, {"cpe": "cpe:/a:redhat:serverless:1", "fix_state": "Affected", "package_name": "openshift-serverless-1/serving-activator-rhel8", "product_name": "OpenShift Serverless"}, {"cpe": "cpe:/a:redhat:serverless:1", "fix_state": "Affected", "package_name": "openshift-serverless-1/serving-autoscaler-hpa-rhel8", "product_name": "OpenShift Serverless"}, {"cpe": "cpe:/a:redhat:serverless:1", "fix_state": "Affected", "package_name": "openshift-serverless-1/serving-autoscaler-rhel8", "product_name": "OpenShift Serverless"}, {"cpe": "cpe:/a:redhat:serverless:1", "fix_state": "Affected", "package_name": "openshift-serverless-1/serving-controller-rhel8", "product_name": "OpenShift Serverless"}, {"cpe": "cpe:/a:redhat:serverless:1", "fix_state": "Affected", "package_name": "openshift-serverless-1/serving-queue-rhel8", "product_name": "OpenShift Serverless"}, {"cpe": "cpe:/a:redhat:serverless:1", "fix_state": "Affected", "package_name": "openshift-serverless-1/serving-storage-version-migration-rhel8", "product_name": "OpenShift Serverless"}, {"cpe": "cpe:/a:redhat:serverless:1", "fix_state": "Affected", "package_name": "openshift-serverless-1/serving-webhook-rhel8", "product_name": "OpenShift Serverless"}, {"cpe": "cpe:/a:redhat:service_mesh:2", "fix_state": "Will not fix", "package_name": "openshift-service-mesh/istio-cni-rhel8", "product_name": "OpenShift Service Mesh 2"}, {"cpe": "cpe:/a:redhat:service_mesh:2", "fix_state": "Will not fix", "package_name": "openshift-service-mesh/pilot-rhel8", "product_name": "OpenShift Service Mesh 2"}, {"cpe": "cpe:/a:redhat:service_mesh:2", "fix_state": "Will not fix", "package_name": "openshift-service-mesh/proxyv2-rhel8", "product_name": "OpenShift Service Mesh 2"}, {"cpe": "cpe:/a:redhat:acm:2", "fix_state": "Affected", "package_name": "rhacm2/acm-grafana-rhel8", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2"}, {"cpe": "cpe:/a:redhat:acm:2", "fix_state": "Affected", "package_name": "rhacm2/acm-must-gather-rhel8", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2"}, {"cpe": "cpe:/a:redhat:acm:2", "fix_state": "Affected", "package_name": "rhacm2/acm-prometheus-config-reloader-rhel8", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2"}, {"cpe": "cpe:/a:redhat:acm:2", "fix_state": "Not affected", "package_name": "rhacm2/acm-prometheus-rhel8", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2"}, {"cpe": "cpe:/a:redhat:acm:2", "fix_state": "Affected", "package_name": "rhacm2/endpoint-monitoring-rhel8-operator", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2"}, {"cpe": "cpe:/a:redhat:acm:2", "fix_state": "Affected", "package_name": "rhacm2/grafana-dashboard-loader-rhel8", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2"}, {"cpe": "cpe:/a:redhat:acm:2", "fix_state": "Affected", "package_name": "rhacm2/metrics-collector-rhel9", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2"}, {"cpe": "cpe:/a:redhat:acm:2", "fix_state": "Affected", "package_name": "rhacm2/multicluster-observability-rhel8-operator", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2"}, {"cpe": "cpe:/a:redhat:acm:2", "fix_state": "Affected", "package_name": "rhacm2/prometheus-rhel8", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2"}, {"cpe": "cpe:/a:redhat:acm:2", "fix_state": "Affected", "package_name": "rhacm2/rbac-query-proxy-rhel8", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2"}, {"cpe": "cpe:/a:redhat:acm:2", "fix_state": "Affected", "package_name": "rhacm2/subctl-rhel9", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2"}, {"cpe": "cpe:/a:redhat:acm:2", "fix_state": "Affected", "package_name": "rhacm2/submariner-addon-rhel8", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2"}, {"cpe": "cpe:/a:redhat:acm:2", "fix_state": "Affected", "package_name": "rhacm2/thanos-receive-controller-rhel8", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2"}, {"cpe": "cpe:/a:redhat:acm:2", "fix_state": "Affected", "package_name": "rhacm2/thanos-rhel7", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2"}, {"cpe": "cpe:/a:redhat:acm:2", "fix_state": "Affected", "package_name": "rhacm2/volsync-rhel9", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2"}, {"cpe": "cpe:/a:redhat:advanced_cluster_security:4", "fix_state": "Not affected", "package_name": "advanced-cluster-security/rhacs-central-db-rhel8", "product_name": "Red Hat Advanced Cluster Security 4"}, {"cpe": "cpe:/a:redhat:advanced_cluster_security:4", "fix_state": "Affected", "package_name": "advanced-cluster-security/rhacs-main-rhel8", "product_name": "Red Hat Advanced Cluster Security 4"}, {"cpe": "cpe:/a:redhat:advanced_cluster_security:4", "fix_state": "Affected", "package_name": "advanced-cluster-security/rhacs-rhel8-operator", "product_name": "Red Hat Advanced Cluster Security 4"}, {"cpe": "cpe:/a:redhat:advanced_cluster_security:4", "fix_state": "Affected", "package_name": "advanced-cluster-security/rhacs-roxctl-rhel8", "product_name": "Red Hat Advanced Cluster Security 4"}, {"cpe": "cpe:/a:redhat:advanced_cluster_security:4", "fix_state": "Not affected", "package_name": "advanced-cluster-security/rhacs-scanner-v4-db-rhel8", "product_name": "Red Hat Advanced Cluster Security 4"}, {"cpe": "cpe:/a:redhat:advanced_cluster_security:4", "fix_state": "Not affected", "package_name": "advanced-cluster-security/rhacs-scanner-v4-rhel8", "product_name": "Red Hat Advanced Cluster Security 4"}, {"cpe": "cpe:/a:redhat:ansible_automation_platform:2", "fix_state": "Not affected", "package_name": "python3.11-galaxy-ng", "product_name": "Red Hat Ansible Automation Platform 2"}, {"cpe": "cpe:/a:redhat:ansible_automation_platform:2", "fix_state": "Not affected", "package_name": "receptor", "product_name": "Red Hat Ansible Automation Platform 2"}, {"cpe": "cpe:/a:redhat:ceph_storage:5", "fix_state": "Affected", "package_name": "rhceph/rhceph-5-dashboard-rhel8", "product_name": "Red Hat Ceph Storage 5"}, {"cpe": "cpe:/a:redhat:ceph_storage:6", "fix_state": "Affected", "package_name": "rhceph/rhceph-6-dashboard-rhel9", "product_name": "Red Hat Ceph Storage 6"}, {"cpe": "cpe:/a:redhat:ceph_storage:8", "fix_state": "Affected", "package_name": "rhceph/grafana-rhel9", "product_name": "Red Hat Ceph Storage 8"}, {"cpe": "cpe:/a:redhat:ceph_storage:8", "fix_state": "Affected", "package_name": "rhceph/rhceph-promtail-rhel9", "product_name": "Red Hat Ceph Storage 8"}, {"cpe": "cpe:/a:redhat:hybrid_cloud_gateway:1::el9", "fix_state": "Affected", "package_name": "dns-operator-bundle-container", "product_name": "Red Hat Connectivity Link"}, {"cpe": "cpe:/a:redhat:hybrid_cloud_gateway:1::el9", "fix_state": "Affected", "package_name": "dns-operator-container", "product_name": "Red Hat Connectivity Link"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Affected", "package_name": "osbuild-composer", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/a:redhat:openshift_ai", "fix_state": "Not affected", "package_name": "odh-codeflare-operator-container", "product_name": "Red Hat OpenShift AI (RHOAI)"}, {"cpe": "cpe:/a:redhat:openshift_ai", "fix_state": "Not affected", "package_name": "odh-operator-container", "product_name": "Red Hat OpenShift AI (RHOAI)"}, {"cpe": "cpe:/a:redhat:openshift_ai", "fix_state": "Not affected", "package_name": "rhoai/odh-codeflare-operator-rhel8", "product_name": "Red Hat OpenShift AI (RHOAI)"}, {"cpe": "cpe:/a:redhat:openshift_ai", "fix_state": "Affected", "package_name": "rhoai/odh-data-science-pipelines-argo-argoexec-rhel8", "product_name": "Red Hat OpenShift AI (RHOAI)"}, {"cpe": "cpe:/a:redhat:openshift_ai", "fix_state": "Affected", "package_name": "rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8", "product_name": "Red Hat OpenShift AI (RHOAI)"}, {"cpe": "cpe:/a:redhat:openshift_ai", "fix_state": "Not affected", "package_name": "rhoai/odh-training-operator-rhel8", "product_name": "Red Hat OpenShift AI (RHOAI)"}, {"cpe": "cpe:/a:redhat:openshift_cluster_manager_cli:1", "fix_state": "Affected", "package_name": "ocm-cli-clients/ocm-cli-rhel9", "product_name": "Red Hat OpenShift Cluster Manager CLI"}, {"cpe": "cpe:/a:redhat:openshift:4", "fix_state": "Affected", "package_name": "microshift", "product_name": "Red Hat OpenShift Container Platform 4"}, {"cpe": "cpe:/a:redhat:openshift:4", "fix_state": "Affected", "package_name": "openshift", "product_name": "Red Hat OpenShift Container Platform 4"}, {"cpe": "cpe:/a:redhat:openshift:4", "fix_state": "Affected", "package_name": "openshift4/azure-kms-encryption-provider-rhel9", "product_name": "Red Hat OpenShift Container Platform 4"}, {"cpe": "cpe:/a:redhat:openshift:4", "fix_state": "Not affected", "package_name": "openshift4/azure-service-rhel9-operator", "product_name": "Red Hat OpenShift Container Platform 4"}, {"cpe": "cpe:/a:redhat:openshift:4", "fix_state": "Affected", "package_name": "openshift4/bare-metal-event-relay-operator-bundle", "product_name": "Red Hat OpenShift Container Platform 4"}, {"cpe": "cpe:/a:redhat:openshift:4", "fix_state": "Affected", "package_name": "openshift4/cloud-network-config-controller-rhel8", "product_name": "Red Hat OpenShift Container Platform 4"}, {"cpe": "cpe:/a:redhat:openshift:4", "fix_state": "Not affected", "package_name": "openshift4/numaresources-operator-bundle", "product_name": "Red Hat OpenShift Container Platform 4"}, {"cpe": "cpe:/a:redhat:openshift:4", "fix_state": "Affected", "package_name": "openshift4/ose-agent-installer-api-server-rhel9", "product_name": "Red Hat OpenShift Container Platform 4"}, {"cpe": "cpe:/a:redhat:openshift:4", "fix_state": "Affected", "package_name": "openshift4/ose-agent-installer-csr-approver-rhel8", "product_name": "Red Hat OpenShift Container Platform 4"}, {"cpe": "cpe:/a:redhat:openshift:4", "fix_state": "Affected", "package_name": "openshift4/ose-agent-installer-node-agent-rhel9", "product_name": "Red Hat OpenShift Container Platform 4"}, {"cpe": "cpe:/a:redhat:openshift:4", "fix_state": "Affected", "package_name": "openshift4/ose-agent-installer-orchestrator-rhel8", "product_name": "Red Hat OpenShift Container Platform 4"}, {"cpe": "cpe:/a:redhat:openshift:4", "fix_state": "Affected", "package_name": "openshift4/ose-ansible-operator", "product_name": "Red Hat OpenShift Container Platform 4"}, {"cpe": "cpe:/a:redhat:openshift:4", "fix_state": "Not affected", "package_name": "openshift4/ose-azure-cloud-controller-manager-rhel9", "product_name": "Red Hat OpenShift Container Platform 4"}, {"cpe": "cpe:/a:redhat:openshift:4", "fix_state": "Not affected", "package_name": "openshift4/ose-azure-cloud-node-manager-rhel8", "product_name": "Red Hat OpenShift Container Platform 4"}, {"cpe": "cpe:/a:redhat:openshift:4", "fix_state": "Not affected", "package_name": "openshift4/ose-azure-cluster-api-controllers-rhel8", "product_name": "Red Hat OpenShift Container Platform 4"}, {"cpe": "cpe:/a:redhat:openshift:4", "fix_state": "Not affected", "package_name": "openshift4/ose-azure-disk-csi-driver-rhel9", "product_name": "Red Hat OpenShift Container Platform 4"}, {"cpe": "cpe:/a:redhat:openshift:4", "fix_state": "Not affected", "package_name": "openshift4/ose-azure-file-csi-driver-rhel9", "product_name": "Red Hat OpenShift Container Platform 4"}, {"cpe": "cpe:/a:redhat:openshift:4", "fix_state": "Not affected", "package_name": "openshift4/ose-baremetal-installer-rhel8", "product_name": "Red Hat OpenShift Container Platform 4"}, {"cpe": "cpe:/a:redhat:openshift:4", "fix_state": "Affected", "package_name": "openshift4/ose-cli", "product_name": "Red Hat OpenShift Container Platform 4"}, {"cpe": "cpe:/a:redhat:openshift:4", "fix_state": "Affected", "package_name": "openshift4/ose-cli-artifacts", "product_name": "Red Hat OpenShift Container Platform 4"}, {"cpe": "cpe:/a:redhat:openshift:4", "fix_state": "Not affected", "package_name": "openshift4/ose-cluster-api-rhel9", "product_name": "Red Hat OpenShift Container Platform 4"}, {"cpe": "cpe:/a:redhat:openshift:4", "fix_state": "Will not fix", "package_name": "openshift4/ose-cluster-autoscaler-rhel9", "product_name": "Red Hat OpenShift Container Platform 4"}, {"cpe": "cpe:/a:redhat:openshift:4", "fix_state": "Not affected", "package_name": "openshift4/ose-cluster-capi-operator-container-rhel8", "product_name": "Red Hat OpenShift Container Platform 4"}, {"cpe": "cpe:/a:redhat:openshift:4", "fix_state": "Not affected", "package_name": "openshift4/ose-cluster-capi-rhel8-operator", "product_name": "Red Hat OpenShift Container Platform 4"}, {"cpe": "cpe:/a:redhat:openshift:4", "fix_state": "Not affected", "package_name": "openshift4/ose-cluster-cloud-controller-manager-operator-rhel8", "product_name": "Red Hat OpenShift Container Platform 4"}, {"cpe": "cpe:/a:redhat:openshift:4", "fix_state": "Not affected", "package_name": "openshift4/ose-cluster-control-plane-machine-set-operator-rhel8", "product_name": "Red Hat OpenShift Container Platform 4"}, {"cpe": "cpe:/a:redhat:openshift:4", "fix_state": "Affected", "package_name": "openshift4/ose-cluster-etcd-rhel8-operator", "product_name": "Red Hat OpenShift Container Platform 4"}, {"cpe": "cpe:/a:redhat:openshift:4", "fix_state": "Affected", "package_name": "openshift4/ose-cluster-image-registry-rhel9-operator", "product_name": "Red Hat OpenShift Container Platform 4"}, {"cpe": "cpe:/a:redhat:openshift:4", "fix_state": "Affected", "package_name": "openshift4/ose-cluster-ingress-operator", "product_name": "Red Hat OpenShift Container Platform 4"}, {"cpe": "cpe:/a:redhat:openshift:4", "fix_state": "Affected", "package_name": "openshift4/ose-cluster-monitoring-operator", "product_name": "Red Hat OpenShift Container Platform 4"}, {"cpe": "cpe:/a:redhat:openshift:4", "fix_state": "Not affected", "package_name": "openshift4/ose-cluster-nfd-operator", "product_name": "Red Hat OpenShift Container Platform 4"}, {"cpe": "cpe:/a:redhat:openshift:4", "fix_state": "Will not fix", "package_name": "openshift4/ose-cluster-platform-operators-manager-rhel8", "product_name": "Red Hat OpenShift Container Platform 4"}, {"cpe": "cpe:/a:redhat:openshift:4", "fix_state": "Affected", "package_name": "openshift4/ose-coredns-rhel9", "product_name": "Red Hat OpenShift Container Platform 4"}, {"cpe": "cpe:/a:redhat:openshift:4", "fix_state": "Affected", "package_name": "openshift4/ose-deployer", "product_name": "Red Hat OpenShift Container Platform 4"}, {"cpe": "cpe:/a:redhat:openshift:4", "fix_state": "Affected", "package_name": "openshift4/ose-descheduler", "product_name": "Red Hat OpenShift Container Platform 4"}, {"cpe": "cpe:/a:redhat:openshift:4", "fix_state": "Affected", "package_name": "openshift4/ose-docker-registry", "product_name": "Red Hat OpenShift Container Platform 4"}, {"cpe": "cpe:/a:redhat:openshift:4", "fix_state": "Affected", "package_name": "openshift4/ose-etcd", "product_name": "Red Hat OpenShift Container Platform 4"}, {"cpe": "cpe:/a:redhat:openshift:4", "fix_state": "Affected", "package_name": "openshift4/ose-helm-operator", "product_name": "Red Hat OpenShift Container Platform 4"}, {"cpe": "cpe:/a:redhat:openshift:4", "fix_state": "Affected", "package_name": "openshift4/ose-hyperkube-rhel9", "product_name": "Red Hat OpenShift Container Platform 4"}, {"cpe": "cpe:/a:redhat:openshift:4", "fix_state": "Affected", "package_name": "openshift4/ose-hypershift-rhel9", "product_name": "Red Hat OpenShift Container Platform 4"}, {"cpe": "cpe:/a:redhat:openshift:4", "fix_state": "Affected", "package_name": "openshift4/ose-ibm-vpc-block-csi-driver-rhel8", "product_name": "Red Hat OpenShift Container Platform 4"}, {"cpe": "cpe:/a:redhat:openshift:4", "fix_state": "Affected", "package_name": "openshift4/ose-ibm-vpc-node-label-updater-rhel8", "product_name": "Red Hat OpenShift Container Platform 4"}, {"cpe": "cpe:/a:redhat:openshift:4", "fix_state": "Not affected", "package_name": "openshift4/ose-installer", "product_name": "Red Hat OpenShift Container Platform 4"}, {"cpe": "cpe:/a:redhat:openshift:4", "fix_state": "Not affected", "package_name": "openshift4/ose-installer-altinfra-rhel8", "product_name": "Red Hat OpenShift Container Platform 4"}, {"cpe": "cpe:/a:redhat:openshift:4", "fix_state": "Not affected", "package_name": "openshift4/ose-installer-artifacts", "product_name": "Red Hat OpenShift Container Platform 4"}, {"cpe": "cpe:/a:redhat:openshift:4", "fix_state": "Affected", "package_name": "openshift4/ose-kube-proxy", "product_name": "Red Hat OpenShift Container Platform 4"}, {"cpe": "cpe:/a:redhat:openshift:4", "fix_state": "Not affected", "package_name": "openshift4/ose-local-storage-diskmaker", "product_name": "Red Hat OpenShift Container Platform 4"}, {"cpe": "cpe:/a:redhat:openshift:4", "fix_state": "Not affected", "package_name": "openshift4/ose-local-storage-mustgather-rhel8", "product_name": "Red Hat OpenShift Container Platform 4"}, {"cpe": "cpe:/a:redhat:openshift:4", "fix_state": "Not affected", "package_name": "openshift4/ose-local-storage-operator", "product_name": "Red Hat OpenShift Container Platform 4"}, {"cpe": "cpe:/a:redhat:openshift:4", "fix_state": "Not affected", "package_name": "openshift4/ose-machine-api-provider-azure-rhel9", "product_name": "Red Hat OpenShift Container Platform 4"}, {"cpe": "cpe:/a:redhat:openshift:4", "fix_state": "Will not fix", "package_name": "openshift4/ose-olm-catalogd-rhel9", "product_name": "Red Hat OpenShift Container Platform 4"}, {"cpe": "cpe:/a:redhat:openshift:4", "fix_state": "Will not fix", "package_name": "openshift4/ose-olm-operator-controller-rhel8", "product_name": "Red Hat OpenShift Container Platform 4"}, {"cpe": "cpe:/a:redhat:openshift:4", "fix_state": "Will not fix", "package_name": "openshift4/ose-olm-rukpak-rhel8", "product_name": "Red Hat OpenShift Container Platform 4"}, {"cpe": "cpe:/a:redhat:openshift:4", "fix_state": "Will not fix", "package_name": "openshift4/ose-operator-lifecycle-manager", "product_name": "Red Hat OpenShift Container Platform 4"}, {"cpe": "cpe:/a:redhat:openshift:4", "fix_state": "Will not fix", "package_name": "openshift4/ose-operator-registry-rhel9", "product_name": "Red Hat OpenShift Container Platform 4"}, {"cpe": "cpe:/a:redhat:openshift:4", "fix_state": "Affected", "package_name": "openshift4/ose-operator-sdk-rhel8", "product_name": "Red Hat OpenShift Container Platform 4"}, {"cpe": "cpe:/a:redhat:openshift:4", "fix_state": "Affected", "package_name": "openshift4/ose-powervs-block-csi-driver-rhel8", "product_name": "Red Hat OpenShift Container Platform 4"}, {"cpe": "cpe:/a:redhat:openshift:4", "fix_state": "Affected", "package_name": "openshift4/ose-powervs-machine-controllers-rhel8", "product_name": "Red Hat OpenShift Container Platform 4"}, {"cpe": "cpe:/a:redhat:openshift:4", "fix_state": "Will not fix", "package_name": "openshift4/ose-prometheus", "product_name": "Red Hat OpenShift Container Platform 4"}, {"cpe": "cpe:/a:redhat:openshift:4", "fix_state": "Will not fix", "package_name": "openshift4/ose-prometheus-config-reloader-rhel9", "product_name": "Red Hat OpenShift Container Platform 4"}, {"cpe": "cpe:/a:redhat:openshift:4", "fix_state": "Will not fix", "package_name": "openshift4/ose-prometheus-operator-admission-webhook-rhel8", "product_name": "Red Hat OpenShift Container Platform 4"}, {"cpe": "cpe:/a:redhat:openshift:4", "fix_state": "Will not fix", "package_name": "openshift4/ose-prometheus-rhel9-operator", "product_name": "Red Hat OpenShift Container Platform 4"}, {"cpe": "cpe:/a:redhat:openshift:4", "fix_state": "Not affected", "package_name": "openshift4/ose-smb-csi-driver-rhel9", "product_name": "Red Hat OpenShift Container Platform 4"}, {"cpe": "cpe:/a:redhat:openshift:4", "fix_state": "Affected", "package_name": "openshift4/ose-sriov-network-config-daemon", "product_name": "Red Hat OpenShift Container Platform 4"}, {"cpe": "cpe:/a:redhat:openshift:4", "fix_state": "Affected", "package_name": "openshift4/ose-sriov-network-operator", "product_name": "Red Hat OpenShift Container Platform 4"}, {"cpe": "cpe:/a:redhat:openshift:4", "fix_state": "Affected", "package_name": "openshift4/ose-sriov-network-webhook", "product_name": "Red Hat OpenShift Container Platform 4"}, {"cpe": "cpe:/a:redhat:openshift:4", "fix_state": "Not affected", "package_name": "openshift4/ose-tests", "product_name": "Red Hat OpenShift Container Platform 4"}, {"cpe": "cpe:/a:redhat:openshift:4", "fix_state": "Will not fix", "package_name": "openshift4/ose-thanos-rhel8", "product_name": "Red Hat OpenShift Container Platform 4"}, {"cpe": "cpe:/a:redhat:openshift:4", "fix_state": "Affected", "package_name": "openshift4/ose-tools-rhel8", "product_name": "Red Hat OpenShift Container Platform 4"}, {"cpe": "cpe:/a:redhat:openshift:4", "fix_state": "Not affected", "package_name": "openshift4/ose-vsphere-cloud-controller-manager-rhel8", "product_name": "Red Hat OpenShift Container Platform 4"}, {"cpe": "cpe:/a:redhat:openshift:4", "fix_state": "Affected", "package_name": "openshift4/topology-aware-lifecycle-manager-operator-bundle", "product_name": "Red Hat OpenShift Container Platform 4"}, {"cpe": "cpe:/a:redhat:openshift:4", "fix_state": "Affected", "package_name": "openshift4-wincw/windows-machine-config-rhel8-operator", "product_name": "Red Hat OpenShift Container Platform 4"}, {"cpe": "cpe:/a:redhat:openshift:4", "fix_state": "Affected", "package_name": "openshift-clients", "product_name": "Red Hat OpenShift Container Platform 4"}, {"cpe": "cpe:/a:redhat:openshift:4", "fix_state": "Affected", "package_name": "openshift-compliance-must-gather-container", "product_name": "Red Hat OpenShift Container Platform 4"}, {"cpe": "cpe:/a:redhat:openshift:4", "fix_state": "Affected", "package_name": "openshift-compliance-openscap-container", "product_name": "Red Hat OpenShift Container Platform 4"}, {"cpe": "cpe:/a:redhat:openshift:4", "fix_state": "Affected", "package_name": "openshift-compliance-operator-container", "product_name": "Red Hat OpenShift Container Platform 4"}, {"cpe": "cpe:/a:redhat:openshift:4", "fix_state": "Affected", "package_name": "oran-o2ims-operator-bundle-container", "product_name": "Red Hat OpenShift Container Platform 4"}, {"cpe": "cpe:/a:redhat:openshift:4", "fix_state": "Not affected", "package_name": "ose-azure-acr-image-credential-provider", "product_name": "Red Hat OpenShift Container Platform 4"}, {"cpe": "cpe:/a:redhat:openshift:4", "fix_state": "Not affected", "package_name": "ose-azure-storage-azcopy-base-container", "product_name": "Red Hat OpenShift Container Platform 4"}, {"cpe": "cpe:/a:redhat:openshift:4", "fix_state": "Affected", "package_name": "ose-installer-etcd-artifacts-container", "product_name": "Red Hat OpenShift Container Platform 4"}, {"cpe": "cpe:/a:redhat:openshift:4", "fix_state": "Affected", "package_name": "ose-installer-kube-apiserver-artifacts-container", "product_name": "Red Hat OpenShift Container Platform 4"}, {"cpe": "cpe:/a:redhat:openshift:4", "fix_state": "Not affected", "package_name": "ose-installer-terraform-providers-container", "product_name": "Red Hat OpenShift Container Platform 4"}, {"cpe": "cpe:/a:redhat:openshift:4", "fix_state": "Will not fix", "package_name": "redhat/redhat-operator-index", "product_name": "Red Hat OpenShift Container Platform 4"}, {"cpe": "cpe:/a:redhat:openshift_data_foundation:4", "fix_state": "Affected", "package_name": "odf4/cephcsi-rhel9", "product_name": "Red Hat Openshift Data Foundation 4"}, {"cpe": "cpe:/a:redhat:openshift_data_foundation:4", "fix_state": "Affected", "package_name": "odf4/mcg-cli-rhel9", "product_name": "Red Hat Openshift Data Foundation 4"}, {"cpe": "cpe:/a:redhat:openshift_data_foundation:4", "fix_state": "Affected", "package_name": "odf4/mcg-rhel9-operator", "product_name": "Red Hat Openshift Data Foundation 4"}, {"cpe": "cpe:/a:redhat:openshift_data_foundation:4", "fix_state": "Affected", "package_name": "odf4/odf-cli-rhel9", "product_name": "Red Hat Openshift Data Foundation 4"}, {"cpe": "cpe:/a:redhat:openshift_data_foundation:4", "fix_state": "Affected", "package_name": "odf4/rook-ceph-rhel8-operator", "product_name": "Red Hat Openshift Data Foundation 4"}, {"cpe": "cpe:/a:redhat:openshift_devspaces:3:", "fix_state": "Affected", "package_name": "devspaces/traefik-rhel8", "product_name": "Red Hat OpenShift Dev Spaces"}, {"cpe": "cpe:/a:redhat:openshift_devspaces:3:", "fix_state": "Affected", "package_name": "devspaces/traefik-rhel9", "product_name": "Red Hat OpenShift Dev Spaces"}, {"cpe": "cpe:/a:redhat:openshift_distributed_tracing:3", "fix_state": "Not affected", "package_name": "rhosdt/opentelemetry-collector-rhel8", "product_name": "Red Hat OpenShift distributed tracing 3"}, {"cpe": "cpe:/a:redhat:openshift_distributed_tracing:3", "fix_state": "Not affected", "package_name": "rhosdt/opentelemetry-rhel8-operator", "product_name": "Red Hat OpenShift distributed tracing 3"}, {"cpe": "cpe:/a:redhat:openshift_distributed_tracing:3", "fix_state": "Not affected", "package_name": "rhosdt/opentelemetry-target-allocator-rhel8", "product_name": "Red Hat OpenShift distributed tracing 3"}, {"cpe": "cpe:/a:redhat:openshift_distributed_tracing:3", "fix_state": "Not affected", "package_name": "rhosdt/tempo-gateway-opa-rhel8", "product_name": "Red Hat OpenShift distributed tracing 3"}, {"cpe": "cpe:/a:redhat:openshift_distributed_tracing:3", "fix_state": "Not affected", "package_name": "rhosdt/tempo-jaeger-query-rhel8", "product_name": "Red Hat OpenShift distributed tracing 3"}, {"cpe": "cpe:/a:redhat:openshift_distributed_tracing:3", "fix_state": "Not affected", "package_name": "rhosdt/tempo-query-rhel8", "product_name": "Red Hat OpenShift distributed tracing 3"}, {"cpe": "cpe:/a:redhat:openshift_distributed_tracing:3", "fix_state": "Not affected", "package_name": "rhosdt/tempo-rhel8", "product_name": "Red Hat OpenShift distributed tracing 3"}, {"cpe": "cpe:/a:redhat:openshift_distributed_tracing:3", "fix_state": "Not affected", "package_name": "rhosdt/tempo-rhel8-operator", "product_name": "Red Hat OpenShift distributed tracing 3"}, {"cpe": "cpe:/a:redhat:openshift_gitops:1", "fix_state": "Affected", "package_name": "openshift-gitops-1/argocd-rhel8", "product_name": "Red Hat OpenShift GitOps"}, {"cpe": "cpe:/a:redhat:openshift_gitops:1", "fix_state": "Affected", "package_name": "openshift-gitops-1/argo-rollouts-rhel8", "product_name": "Red Hat OpenShift GitOps"}, {"cpe": "cpe:/a:redhat:openshift_gitops:1", "fix_state": "Will not fix", "package_name": "openshift-gitops-1/gitops-operator-bundle", "product_name": "Red Hat OpenShift GitOps"}, {"cpe": "cpe:/a:redhat:openshift_gitops:1", "fix_state": "Affected", "package_name": "openshift-gitops-argocd-rhel9-container", "product_name": "Red Hat OpenShift GitOps"}, {"cpe": "cpe:/a:redhat:openshift_service_on_aws:1", "fix_state": "Affected", "package_name": "rosa", "product_name": "Red Hat OpenShift on AWS"}, {"cpe": "cpe:/a:redhat:openshift_sandboxed_containers:1", "fix_state": "Affected", "package_name": "openshift-sandboxed-containers/osc-cloud-api-adaptor-rhel9", "product_name": "Red Hat Openshift Sandboxed Containers"}, {"cpe": "cpe:/a:redhat:openshift_sandboxed_containers:1", "fix_state": "Affected", "package_name": "openshift-sandboxed-containers/osc-cloud-api-adaptor-webhook-rhel9", "product_name": "Red Hat Openshift Sandboxed Containers"}, {"cpe": "cpe:/a:redhat:openshift_sandboxed_containers:1", "fix_state": "Affected", "package_name": "openshift-sandboxed-containers/osc-podvm-payload-rhel9", "product_name": "Red Hat Openshift Sandboxed Containers"}, {"cpe": "cpe:/a:redhat:openshift_sandboxed_containers:1", "fix_state": "Affected", "package_name": "osc-podvm-builder-container", "product_name": "Red Hat Openshift Sandboxed Containers"}, {"cpe": "cpe:/a:redhat:openshift_update_service:5", "fix_state": "Affected", "package_name": "cincinnati-operator-container", "product_name": "Red Hat OpenShift Update Service"}, {"cpe": "cpe:/a:redhat:container_native_virtualization:4", "fix_state": "Affected", "package_name": "container-native-virtualization/hyperconverged-cluster-operator-rhel9", "product_name": "Red Hat OpenShift Virtualization 4"}, {"cpe": "cpe:/a:redhat:container_native_virtualization:4", "fix_state": "Affected", "package_name": "container-native-virtualization/hyperconverged-cluster-webhook-rhel9", "product_name": "Red Hat OpenShift Virtualization 4"}, {"cpe": "cpe:/a:redhat:container_native_virtualization:4", "fix_state": "Will not fix", "package_name": "container-native-virtualization/kubesecondarydns-rhel9", "product_name": "Red Hat OpenShift Virtualization 4"}, {"cpe": "cpe:/a:redhat:container_native_virtualization:4", "fix_state": "Affected", "package_name": "hyperconverged-cluster-operator-test-rhel9-container", "product_name": "Red Hat OpenShift Virtualization 4"}, {"cpe": "cpe:/a:redhat:quay:3", "fix_state": "Affected", "package_name": "quay/quay-bridge-operator-rhel8", "product_name": "Red Hat Quay 3"}, {"cpe": "cpe:/a:redhat:quay:3", "fix_state": "Affected", "package_name": "quay/quay-openshift-bridge-rhel8-operator", "product_name": "Red Hat Quay 3"}, {"cpe": "cpe:/a:redhat:trusted_artifact_signer:1", "fix_state": "Affected", "package_name": "rhtas/cosign-rhel9", "product_name": "Red Hat Trusted Artifact Signer"}, {"cpe": "cpe:/a:redhat:trusted_artifact_signer:1", "fix_state": "Will not fix", "package_name": "rhtas/createctconfig-rhel9", "product_name": "Red Hat Trusted Artifact Signer"}, {"cpe": "cpe:/a:redhat:trusted_artifact_signer:1", "fix_state": "Affected", "package_name": "rhtas/createtree-rhel9", "product_name": "Red Hat Trusted Artifact Signer"}, {"cpe": "cpe:/a:redhat:trusted_artifact_signer:1", "fix_state": "Will not fix", "package_name": "rhtas/ctlog-managectroots-rhel9", "product_name": "Red Hat Trusted Artifact Signer"}, {"cpe": "cpe:/a:redhat:trusted_artifact_signer:1", "fix_state": "Will not fix", "package_name": "rhtas/fulcio-createcerts-rhel9", "product_name": "Red Hat Trusted Artifact Signer"}, {"cpe": "cpe:/a:redhat:trusted_artifact_signer:1", "fix_state": "Affected", "package_name": "rhtas/gitsign-rhel9", "product_name": "Red Hat Trusted Artifact Signer"}, {"cpe": "cpe:/a:redhat:trusted_artifact_signer:1", "fix_state": "Affected", "package_name": "rhtas/rekor-backfill-redis-rhel9", "product_name": "Red Hat Trusted Artifact Signer"}, {"cpe": "cpe:/a:redhat:trusted_artifact_signer:1", "fix_state": "Affected", "package_name": "rhtas/rekor-cli-rhel9", "product_name": "Red Hat Trusted Artifact Signer"}, {"cpe": "cpe:/a:redhat:trusted_artifact_signer:1", "fix_state": "Affected", "package_name": "rhtas/rekor-server-rhel9", "product_name": "Red Hat Trusted Artifact Signer"}, {"cpe": "cpe:/a:redhat:trusted_artifact_signer:1", "fix_state": "Affected", "package_name": "rhtas/timestamp-authority-rhel9", "product_name": "Red Hat Trusted Artifact Signer"}, {"cpe": "cpe:/a:redhat:trusted_artifact_signer:1", "fix_state": "Will not fix", "package_name": "rhtas/trillian-createdb-rhel9", "product_name": "Red Hat Trusted Artifact Signer"}, {"cpe": "cpe:/a:redhat:trusted_artifact_signer:1", "fix_state": "Will not fix", "package_name": "rhtas/trillian-createtree-rhel9", "product_name": "Red Hat Trusted Artifact Signer"}, {"cpe": "cpe:/a:redhat:trusted_artifact_signer:1", "fix_state": "Affected", "package_name": "rhtas/trillian-database-rhel9", "product_name": "Red Hat Trusted Artifact Signer"}, {"cpe": "cpe:/a:redhat:trusted_artifact_signer:1", "fix_state": "Affected", "package_name": "rhtas/trillian-logserver-rhel9", "product_name": "Red Hat Trusted Artifact Signer"}, {"cpe": "cpe:/a:redhat:trusted_artifact_signer:1", "fix_state": "Affected", "package_name": "rhtas/trillian-logsigner-rhel9", "product_name": "Red Hat Trusted Artifact Signer"}, {"cpe": "cpe:/a:redhat:trusted_artifact_signer:1", "fix_state": "Affected", "package_name": "rhtas/trillian-redis-rhel9", "product_name": "Red Hat Trusted Artifact Signer"}, {"cpe": "cpe:/a:redhat:trusted_artifact_signer:1", "fix_state": "Will not fix", "package_name": "rhtas/tuf-server-rhel9", "product_name": "Red Hat Trusted Artifact Signer"}, {"cpe": "cpe:/a:redhat:trusted_artifact_signer:1", "fix_state": "Affected", "package_name": "rhtas/updatetree-rhel9", "product_name": "Red Hat Trusted Artifact Signer"}], "public_date": "2025-03-21T21:42:01Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2025-30204\nhttps://nvd.nist.gov/vuln/detail/CVE-2025-30204\nhttps://github.com/golang-jwt/jwt/commit/0951d184286dece21f73c85673fd308786ffe9c3\nhttps://github.com/golang-jwt/jwt/security/advisories/GHSA-mh63-6h87-95cp"], "threat_severity": "Important"}