{ "threat_severity" : "Moderate", "public_date" : "2024-05-09T00:00:00Z", "bugzilla" : { "description" : "containers/image: digest type does not guarantee valid type", "id" : "2274767", "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=2274767" }, "cvss3" : { "cvss3_base_score" : "8.3", "cvss3_scoring_vector" : "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H", "status" : "verified" }, "cwe" : "CWE-354", "details" : [ "A flaw was found in the github.com/containers/image library. This flaw allows attackers to trigger unexpected authenticated registry accesses on behalf of a victim user, causing resource exhaustion, local path traversal, and other attacks.", "A flaw was found in the github.com/containers/image library. This flaw allows attackers to trigger unexpected authenticated registry accesses on behalf of a victim user, causing resource exhaustion, local path traversal, and other attacks." ], "statement" : "Some conditions are necessary for this attack to occur, such as the attacker being able to upload malicious images to the registry and persuade a victim to pull them. Hence, the severity of this flaw was rated as Moderate.", "affected_release" : [ { "product_name" : "OADP-1.3-RHEL-9", "release_date" : "2024-11-19T00:00:00Z", "advisory" : "RHSA-2024:9960", "cpe" : "cpe:/a:redhat:openshift_api_data_protection:1.3::el9", "package" : "oadp/oadp-velero-plugin-rhel9:1.3.4-9" }, { "product_name" : "Red Hat Advanced Cluster Security 4.4", "release_date" : "2024-08-29T00:00:00Z", "advisory" : "RHSA-2024:6054", "cpe" : "cpe:/a:redhat:advanced_cluster_security:4.4::el8", "package" : "advanced-cluster-security/rhacs-central-db-rhel8:4.4.5-2" }, { "product_name" : "Red Hat Advanced Cluster Security 4.4", "release_date" : "2024-08-29T00:00:00Z", "advisory" : "RHSA-2024:6054", "cpe" : "cpe:/a:redhat:advanced_cluster_security:4.4::el8", "package" : "advanced-cluster-security/rhacs-collector-rhel8:4.4.5-2" }, { "product_name" : "Red Hat Advanced Cluster Security 4.4", "release_date" : "2024-08-29T00:00:00Z", "advisory" : "RHSA-2024:6054", "cpe" : "cpe:/a:redhat:advanced_cluster_security:4.4::el8", "package" : "advanced-cluster-security/rhacs-collector-slim-rhel8:4.4.5-2" }, { "product_name" : "Red Hat Advanced Cluster Security 4.4", "release_date" : "2024-08-29T00:00:00Z", "advisory" : "RHSA-2024:6054", "cpe" : "cpe:/a:redhat:advanced_cluster_security:4.4::el8", "package" : "advanced-cluster-security/rhacs-main-rhel8:4.4.5-4" }, { "product_name" : "Red Hat Advanced Cluster Security 4.4", "release_date" : "2024-08-29T00:00:00Z", "advisory" : "RHSA-2024:6054", "cpe" : "cpe:/a:redhat:advanced_cluster_security:4.4::el8", "package" : "advanced-cluster-security/rhacs-operator-bundle:4.4.5-3" }, { "product_name" : "Red Hat Advanced Cluster Security 4.4", "release_date" : "2024-08-29T00:00:00Z", "advisory" : "RHSA-2024:6054", "cpe" : "cpe:/a:redhat:advanced_cluster_security:4.4::el8", "package" : "advanced-cluster-security/rhacs-rhel8-operator:4.4.5-2" }, { "product_name" : "Red Hat Advanced Cluster Security 4.4", "release_date" : "2024-08-29T00:00:00Z", "advisory" : "RHSA-2024:6054", "cpe" : "cpe:/a:redhat:advanced_cluster_security:4.4::el8", "package" : "advanced-cluster-security/rhacs-roxctl-rhel8:4.4.5-2" }, { "product_name" : "Red Hat Advanced Cluster Security 4.4", "release_date" : "2024-08-29T00:00:00Z", "advisory" : "RHSA-2024:6054", "cpe" : "cpe:/a:redhat:advanced_cluster_security:4.4::el8", "package" : "advanced-cluster-security/rhacs-scanner-db-rhel8:4.4.5-2" }, { "product_name" : "Red Hat Advanced Cluster Security 4.4", "release_date" : "2024-08-29T00:00:00Z", "advisory" : "RHSA-2024:6054", "cpe" : "cpe:/a:redhat:advanced_cluster_security:4.4::el8", "package" : "advanced-cluster-security/rhacs-scanner-db-slim-rhel8:4.4.5-3" }, { "product_name" : "Red Hat Advanced Cluster Security 4.4", "release_date" : "2024-08-29T00:00:00Z", "advisory" : "RHSA-2024:6054", "cpe" : "cpe:/a:redhat:advanced_cluster_security:4.4::el8", "package" : "advanced-cluster-security/rhacs-scanner-rhel8:4.4.5-2" }, { "product_name" : "Red Hat Advanced Cluster Security 4.4", "release_date" : "2024-08-29T00:00:00Z", "advisory" : "RHSA-2024:6054", "cpe" : "cpe:/a:redhat:advanced_cluster_security:4.4::el8", "package" : "advanced-cluster-security/rhacs-scanner-slim-rhel8:4.4.5-2" }, { "product_name" : "Red Hat Advanced Cluster Security 4.4", "release_date" : "2024-08-29T00:00:00Z", "advisory" : "RHSA-2024:6054", "cpe" : "cpe:/a:redhat:advanced_cluster_security:4.4::el8", "package" : "advanced-cluster-security/rhacs-scanner-v4-db-rhel8:4.4.5-3" }, { "product_name" : "Red Hat Advanced Cluster Security 4.4", "release_date" : "2024-08-29T00:00:00Z", "advisory" : "RHSA-2024:6054", "cpe" : "cpe:/a:redhat:advanced_cluster_security:4.4::el8", "package" : "advanced-cluster-security/rhacs-scanner-v4-rhel8:4.4.5-3" }, { "product_name" : "Red Hat Advanced Cluster Security 4.5", "release_date" : "2024-09-16T00:00:00Z", "advisory" : "RHSA-2024:6708", "cpe" : "cpe:/a:redhat:advanced_cluster_security:4.5::el8", "package" : "advanced-cluster-security/rhacs-central-db-rhel8:4.5.2-2" }, { "product_name" : "Red Hat Advanced Cluster Security 4.5", "release_date" : "2024-09-16T00:00:00Z", "advisory" : "RHSA-2024:6708", "cpe" : "cpe:/a:redhat:advanced_cluster_security:4.5::el8", "package" : "advanced-cluster-security/rhacs-collector-rhel8:4.5.2-2" }, { "product_name" : "Red Hat Advanced Cluster Security 4.5", "release_date" : "2024-09-16T00:00:00Z", "advisory" : "RHSA-2024:6708", "cpe" : "cpe:/a:redhat:advanced_cluster_security:4.5::el8", "package" : "advanced-cluster-security/rhacs-collector-slim-rhel8:4.5.2-2" }, { "product_name" : "Red Hat Advanced Cluster Security 4.5", "release_date" : "2024-09-16T00:00:00Z", "advisory" : "RHSA-2024:6708", "cpe" : "cpe:/a:redhat:advanced_cluster_security:4.5::el8", "package" : "advanced-cluster-security/rhacs-main-rhel8:4.5.2-2" }, { "product_name" : "Red Hat Advanced Cluster Security 4.5", "release_date" : "2024-09-16T00:00:00Z", "advisory" : "RHSA-2024:6708", "cpe" : "cpe:/a:redhat:advanced_cluster_security:4.5::el8", "package" : "advanced-cluster-security/rhacs-operator-bundle:4.5.2-2" }, { "product_name" : "Red Hat Advanced Cluster Security 4.5", "release_date" : "2024-09-16T00:00:00Z", "advisory" : "RHSA-2024:6708", "cpe" : "cpe:/a:redhat:advanced_cluster_security:4.5::el8", "package" : "advanced-cluster-security/rhacs-rhel8-operator:4.5.2-2" }, { "product_name" : "Red Hat Advanced Cluster Security 4.5", "release_date" : "2024-09-16T00:00:00Z", "advisory" : "RHSA-2024:6708", "cpe" : "cpe:/a:redhat:advanced_cluster_security:4.5::el8", "package" : "advanced-cluster-security/rhacs-roxctl-rhel8:4.5.2-2" }, { "product_name" : "Red Hat Advanced Cluster Security 4.5", "release_date" : "2024-09-16T00:00:00Z", "advisory" : "RHSA-2024:6708", "cpe" : "cpe:/a:redhat:advanced_cluster_security:4.5::el8", "package" : "advanced-cluster-security/rhacs-scanner-db-rhel8:4.5.2-2" }, { "product_name" : "Red Hat Advanced Cluster Security 4.5", "release_date" : "2024-09-16T00:00:00Z", "advisory" : "RHSA-2024:6708", "cpe" : "cpe:/a:redhat:advanced_cluster_security:4.5::el8", "package" : "advanced-cluster-security/rhacs-scanner-db-slim-rhel8:4.5.2-2" }, { "product_name" : "Red Hat Advanced Cluster Security 4.5", "release_date" : "2024-09-16T00:00:00Z", "advisory" : "RHSA-2024:6708", "cpe" : "cpe:/a:redhat:advanced_cluster_security:4.5::el8", "package" : "advanced-cluster-security/rhacs-scanner-rhel8:4.5.2-2" }, { "product_name" : "Red Hat Advanced Cluster Security 4.5", "release_date" : "2024-09-16T00:00:00Z", "advisory" : "RHSA-2024:6708", "cpe" : "cpe:/a:redhat:advanced_cluster_security:4.5::el8", "package" : "advanced-cluster-security/rhacs-scanner-slim-rhel8:4.5.2-1" }, { "product_name" : "Red Hat Advanced Cluster Security 4.5", "release_date" : "2024-09-16T00:00:00Z", "advisory" : "RHSA-2024:6708", "cpe" : "cpe:/a:redhat:advanced_cluster_security:4.5::el8", "package" : "advanced-cluster-security/rhacs-scanner-v4-db-rhel8:4.5.2-2" }, { "product_name" : "Red Hat Advanced Cluster Security 4.5", "release_date" : "2024-09-16T00:00:00Z", "advisory" : "RHSA-2024:6708", "cpe" : "cpe:/a:redhat:advanced_cluster_security:4.5::el8", "package" : "advanced-cluster-security/rhacs-scanner-v4-rhel8:4.5.2-2" }, { "product_name" : "Red Hat Enterprise Linux 8", "release_date" : "2024-08-13T00:00:00Z", "advisory" : "RHSA-2024:5258", "cpe" : "cpe:/a:redhat:enterprise_linux:8", "package" : "container-tools:rhel8-8100020240808093819.afee755d" }, { "product_name" : "Red Hat Enterprise Linux 9", "release_date" : "2024-11-12T00:00:00Z", "advisory" : "RHSA-2024:9097", "cpe" : "cpe:/a:redhat:enterprise_linux:9", "package" : "buildah-2:1.37.2-1.el9" }, { "product_name" : "Red Hat Enterprise Linux 9", "release_date" : "2024-11-12T00:00:00Z", "advisory" : "RHSA-2024:9098", "cpe" : "cpe:/a:redhat:enterprise_linux:9", "package" : "skopeo-2:1.16.1-1.el9" }, { "product_name" : "Red Hat Enterprise Linux 9", "release_date" : "2024-11-12T00:00:00Z", "advisory" : "RHSA-2024:9102", "cpe" : "cpe:/a:redhat:enterprise_linux:9", "package" : "podman-2:5.2.2-1.el9" }, { "product_name" : "Red Hat Migration Toolkit for Containers 1.8", "release_date" : "2024-09-26T00:00:00Z", "advisory" : "RHSA-2024:7164", "cpe" : "cpe:/a:redhat:rhmt:1.8::el8", "package" : "rhmtc/openshift-migration-controller-rhel8:v1.8.4-22" }, { "product_name" : "Red Hat OpenShift Container Platform 4.13", "release_date" : "2024-10-16T00:00:00Z", "advisory" : "RHSA-2024:7941", "cpe" : "cpe:/a:redhat:openshift:4.13::el8", "package" : "podman-3:4.4.1-13.rhaos4.13.el8" }, { "product_name" : "Red Hat OpenShift Container Platform 4.13", "release_date" : "2024-10-16T00:00:00Z", "advisory" : "RHSA-2024:7941", "cpe" : "cpe:/a:redhat:openshift:4.13::el8", "package" : "skopeo-2:1.11.3-3.rhaos4.13.el8" }, { "product_name" : "Red Hat OpenShift Container Platform 4.14", "release_date" : "2024-08-07T00:00:00Z", "advisory" : "RHSA-2024:4960", "cpe" : "cpe:/a:redhat:openshift:4.14::el8", "package" : "openshift4/ose-operator-lifecycle-manager:v4.14.0-202407260439.p0.g8d9b39e.assembly.stream.el8" }, { "product_name" : "Red Hat OpenShift Container Platform 4.14", "release_date" : "2024-10-03T00:00:00Z", "advisory" : "RHSA-2024:7187", "cpe" : "cpe:/a:redhat:openshift:4.14::el8", "package" : "podman-3:4.4.1-19.rhaos4.14.el8" }, { "product_name" : "Red Hat OpenShift Container Platform 4.14", "release_date" : "2024-10-03T00:00:00Z", "advisory" : "RHSA-2024:7187", "cpe" : "cpe:/a:redhat:openshift:4.14::el8", "package" : "skopeo-2:1.11.3-3.rhaos4.14.el8" }, { "product_name" : "Red Hat OpenShift Container Platform 4.15", "release_date" : "2024-09-25T00:00:00Z", "advisory" : "RHSA-2024:6818", "cpe" : "cpe:/a:redhat:openshift:4.15::el8", "package" : "openshift4/network-tools-rhel8:v4.15.0-202409172305.p0.g17536c8.assembly.stream.el8" }, { "product_name" : "Red Hat OpenShift Container Platform 4.15", "release_date" : "2024-09-25T00:00:00Z", "advisory" : "RHSA-2024:6818", "cpe" : "cpe:/a:redhat:openshift:4.15::el8", "package" : "openshift4/ose-agent-installer-api-server-rhel8:v4.15.0-202409171307.p0.ged4651a.assembly.stream.el8" }, { "product_name" : "Red Hat OpenShift Container Platform 4.15", "release_date" : "2024-09-25T00:00:00Z", "advisory" : "RHSA-2024:6818", "cpe" : "cpe:/a:redhat:openshift:4.15::el8", "package" : "openshift4/ose-agent-installer-node-agent-rhel9:v4.15.0-202409161436.p0.g1f44c02.assembly.stream.el9" }, { "product_name" : "Red Hat OpenShift Container Platform 4.15", "release_date" : "2024-09-25T00:00:00Z", "advisory" : "RHSA-2024:6818", "cpe" : "cpe:/a:redhat:openshift:4.15::el8", "package" : "openshift4/ose-alibaba-machine-controllers-rhel9:v4.15.0-202409120135.p0.gf7f5eed.assembly.stream.el9" }, { "product_name" : "Red Hat OpenShift Container Platform 4.15", "release_date" : "2024-09-25T00:00:00Z", "advisory" : "RHSA-2024:6818", "cpe" : "cpe:/a:redhat:openshift:4.15::el8", "package" : "openshift4/ose-apiserver-network-proxy-rhel9:v4.15.0-202409131835.p0.gadccbd5.assembly.stream.el9" }, { "product_name" : "Red Hat OpenShift Container Platform 4.15", "release_date" : "2024-09-25T00:00:00Z", "advisory" : "RHSA-2024:6818", "cpe" : "cpe:/a:redhat:openshift:4.15::el8", "package" : "openshift4/ose-cluster-autoscaler-rhel9-operator:v4.15.0-202409120135.p0.g8425d88.assembly.stream.el9" }, { "product_name" : "Red Hat OpenShift Container Platform 4.15", "release_date" : "2024-09-25T00:00:00Z", "advisory" : "RHSA-2024:6818", "cpe" : "cpe:/a:redhat:openshift:4.15::el8", "package" : "openshift4/ose-cluster-control-plane-machine-set-rhel9-operator:v4.15.0-202409130735.p0.gc03231f.assembly.stream.el9" }, { "product_name" : "Red Hat OpenShift Container Platform 4.15", "release_date" : "2024-09-25T00:00:00Z", "advisory" : "RHSA-2024:6818", "cpe" : "cpe:/a:redhat:openshift:4.15::el8", "package" : "openshift4/ose-cluster-ingress-rhel9-operator:v4.15.0-202409131635.p0.gb73e37f.assembly.stream.el9" }, { "product_name" : "Red Hat OpenShift Container Platform 4.15", "release_date" : "2024-09-25T00:00:00Z", "advisory" : "RHSA-2024:6818", "cpe" : "cpe:/a:redhat:openshift:4.15::el8", "package" : "openshift4/ose-cluster-network-rhel9-operator:v4.15.0-202409161836.p0.g092d15b.assembly.stream.el9" }, { "product_name" : "Red Hat OpenShift Container Platform 4.15", "release_date" : "2024-09-25T00:00:00Z", "advisory" : "RHSA-2024:6818", "cpe" : "cpe:/a:redhat:openshift:4.15::el8", "package" : "openshift4/ose-cluster-node-tuning-rhel9-operator:v4.15.0-202409180105.p0.g1fdd5b0.assembly.stream.el9" }, { "product_name" : "Red Hat OpenShift Container Platform 4.15", "release_date" : "2024-09-25T00:00:00Z", "advisory" : "RHSA-2024:6818", "cpe" : "cpe:/a:redhat:openshift:4.15::el8", "package" : "openshift4/ose-console:v4.15.0-202409180905.p0.gf6f61ca.assembly.stream.el8" }, { "product_name" : "Red Hat OpenShift Container Platform 4.15", "release_date" : "2024-09-25T00:00:00Z", "advisory" : "RHSA-2024:6818", "cpe" : "cpe:/a:redhat:openshift:4.15::el8", "package" : "openshift4/ose-docker-builder:v4.15.0-202409171307.p0.g160e7ca.assembly.stream.el8" }, { "product_name" : "Red Hat OpenShift Container Platform 4.15", "release_date" : "2024-09-25T00:00:00Z", "advisory" : "RHSA-2024:6818", "cpe" : "cpe:/a:redhat:openshift:4.15::el8", "package" : "openshift4/ose-hypershift-rhel9:v4.15.0-202409131635.p0.gb7c1d6a.assembly.stream.el9" }, { "product_name" : "Red Hat OpenShift Container Platform 4.15", "release_date" : "2024-09-25T00:00:00Z", "advisory" : "RHSA-2024:6818", "cpe" : "cpe:/a:redhat:openshift:4.15::el8", "package" : "openshift4/ose-insights-rhel9-operator:v4.15.0-202409111636.p0.gf0c44f6.assembly.stream.el9" }, { "product_name" : "Red Hat OpenShift Container Platform 4.15", "release_date" : "2024-09-25T00:00:00Z", "advisory" : "RHSA-2024:6818", "cpe" : "cpe:/a:redhat:openshift:4.15::el8", "package" : "openshift4/ose-machine-api-rhel9-operator:v4.15.0-202409120135.p0.g3ab953d.assembly.stream.el9" }, { "product_name" : "Red Hat OpenShift Container Platform 4.15", "release_date" : "2024-09-25T00:00:00Z", "advisory" : "RHSA-2024:6818", "cpe" : "cpe:/a:redhat:openshift:4.15::el8", "package" : "openshift4/ose-multus-admission-controller-rhel9:v4.15.0-202409111636.p0.g9ea52de.assembly.stream.el9" }, { "product_name" : "Red Hat OpenShift Container Platform 4.15", "release_date" : "2024-09-25T00:00:00Z", "advisory" : "RHSA-2024:6818", "cpe" : "cpe:/a:redhat:openshift:4.15::el8", "package" : "openshift4/ose-multus-whereabouts-ipam-cni-rhel8:v4.15.0-202409111636.p0.gd80fe46.assembly.stream.el8" }, { "product_name" : "Red Hat OpenShift Container Platform 4.15", "release_date" : "2024-09-25T00:00:00Z", "advisory" : "RHSA-2024:6818", "cpe" : "cpe:/a:redhat:openshift:4.15::el8", "package" : "openshift4/ose-nutanix-machine-controllers-rhel9:v4.15.0-202409120135.p0.g8de6f94.assembly.stream.el9" }, { "product_name" : "Red Hat OpenShift Container Platform 4.15", "release_date" : "2024-09-25T00:00:00Z", "advisory" : "RHSA-2024:6818", "cpe" : "cpe:/a:redhat:openshift:4.15::el8", "package" : "openshift4/ose-openshift-controller-manager-rhel9:v4.15.0-202409171307.p0.g5d529dd.assembly.stream.el9" }, { "product_name" : "Red Hat OpenShift Container Platform 4.15", "release_date" : "2024-09-25T00:00:00Z", "advisory" : "RHSA-2024:6818", "cpe" : "cpe:/a:redhat:openshift:4.15::el8", "package" : "openshift4/ose-operator-lifecycle-manager-rhel9:v4.15.0-202409180305.p0.g1da79fe.assembly.stream.el9" }, { "product_name" : "Red Hat OpenShift Container Platform 4.15", "release_date" : "2024-09-25T00:00:00Z", "advisory" : "RHSA-2024:6818", "cpe" : "cpe:/a:redhat:openshift:4.15::el8", "package" : "openshift4/ose-operator-registry-rhel9:v4.15.0-202409180305.p0.g1da79fe.assembly.stream.el9" }, { "product_name" : "Red Hat OpenShift Container Platform 4.15", "release_date" : "2024-09-25T00:00:00Z", "advisory" : "RHSA-2024:6818", "cpe" : "cpe:/a:redhat:openshift:4.15::el8", "package" : "openshift4/ose-ovn-kubernetes-microshift-rhel9:v4.15.0-202409172305.p0.g5af0be8.assembly.stream.el9" }, { "product_name" : "Red Hat OpenShift Container Platform 4.15", "release_date" : "2024-09-25T00:00:00Z", "advisory" : "RHSA-2024:6818", "cpe" : "cpe:/a:redhat:openshift:4.15::el8", "package" : "openshift4/ose-ovn-kubernetes-rhel9:v4.15.0-202409172305.p0.g5af0be8.assembly.stream.el9" }, { "product_name" : "Red Hat OpenShift Container Platform 4.15", "release_date" : "2024-09-25T00:00:00Z", "advisory" : "RHSA-2024:6818", "cpe" : "cpe:/a:redhat:openshift:4.15::el8", "package" : "openshift4/ose-powervs-cloud-controller-manager-rhel9:v4.15.0-202409130536.p0.g1d6a7ed.assembly.stream.el9" }, { "product_name" : "Red Hat OpenShift Container Platform 4.15", "release_date" : "2024-09-25T00:00:00Z", "advisory" : "RHSA-2024:6818", "cpe" : "cpe:/a:redhat:openshift:4.15::el8", "package" : "openshift4/ose-powervs-machine-controllers-rhel9:v4.15.0-202409161436.p0.g4121cfc.assembly.stream.el9" }, { "product_name" : "Red Hat OpenShift Container Platform 4.15", "release_date" : "2024-09-25T00:00:00Z", "advisory" : "RHSA-2024:6818", "cpe" : "cpe:/a:redhat:openshift:4.15::el8", "package" : "openshift4/ose-sdn-rhel9:v4.15.0-202409120135.p0.g71a6f28.assembly.stream.el9" }, { "product_name" : "Red Hat OpenShift Container Platform 4.15", "release_date" : "2024-09-25T00:00:00Z", "advisory" : "RHSA-2024:6818", "cpe" : "cpe:/a:redhat:openshift:4.15::el8", "package" : "openshift4/ose-tests:v4.15.0-202409180705.p0.g95ee44e.assembly.stream.el8" }, { "product_name" : "Red Hat OpenShift Container Platform 4.15", "release_date" : "2024-09-25T00:00:00Z", "advisory" : "RHSA-2024:6818", "cpe" : "cpe:/a:redhat:openshift:4.15::el8", "package" : "openshift4/ose-tools-rhel8:v4.15.0-202409161234.p0.g4e8d689.assembly.stream.el8" }, { "product_name" : "Red Hat OpenShift Container Platform 4.15", "release_date" : "2024-09-25T00:00:00Z", "advisory" : "RHSA-2024:6818", "cpe" : "cpe:/a:redhat:openshift:4.15::el8", "package" : "rhcos-415.92.202409162258-0" }, { "product_name" : "Red Hat OpenShift Container Platform 4.15", "release_date" : "2024-10-02T00:00:00Z", "advisory" : "RHSA-2024:7182", "cpe" : "cpe:/a:redhat:openshift:4.15::el8", "package" : "podman-3:4.4.1-30.rhaos4.15.el8" }, { "product_name" : "Red Hat OpenShift Container Platform 4.15", "release_date" : "2024-10-02T00:00:00Z", "advisory" : "RHSA-2024:7182", "cpe" : "cpe:/a:redhat:openshift:4.15::el8", "package" : "skopeo-2:1.11.3-4.rhaos4.15.el8" }, { "product_name" : "Red Hat OpenShift Container Platform 4.15", "release_date" : "2024-10-31T00:00:00Z", "advisory" : "RHSA-2024:8425", "cpe" : "cpe:/a:redhat:openshift:4.15::el8", "package" : "openshift4/ose-agent-installer-node-agent-rhel9:v4.15.0-202410230304.p0.g366295f.assembly.stream.el9" }, { "product_name" : "Red Hat OpenShift Container Platform 4.15", "release_date" : "2024-10-31T00:00:00Z", "advisory" : "RHSA-2024:8425", "cpe" : "cpe:/a:redhat:openshift:4.15::el8", "package" : "openshift4/ose-agent-installer-orchestrator-rhel8:v4.15.0-202410230304.p0.gfde2b2e.assembly.stream.el8" }, { "product_name" : "Red Hat OpenShift Container Platform 4.15", "release_date" : "2024-07-31T00:00:00Z", "advisory" : "RHSA-2024:4850", "cpe" : "cpe:/a:redhat:openshift:4.15::el9", "package" : "openshift4/ose-operator-lifecycle-manager-rhel9:v4.15.0-202407230407.p0.gf3f8de5.assembly.stream.el9" }, { "product_name" : "Red Hat OpenShift Container Platform 4.16", "release_date" : "2024-06-27T00:00:00Z", "advisory" : "RHSA-2024:0045", "cpe" : "cpe:/a:redhat:openshift:4.16::el8", "package" : "podman-4:4.9.4-5.1.rhaos4.16.el8" }, { "product_name" : "Red Hat OpenShift Container Platform 4.16", "release_date" : "2024-06-27T00:00:00Z", "advisory" : "RHSA-2024:0045", "cpe" : "cpe:/a:redhat:openshift:4.16::el8", "package" : "skopeo-2:1.14.4-1.rhaos4.16.el8" }, { "product_name" : "Red Hat OpenShift Container Platform 4.16", "release_date" : "2024-07-03T00:00:00Z", "advisory" : "RHSA-2024:4159", "cpe" : "cpe:/a:redhat:openshift:4.16::el8", "package" : "cri-o-0:1.29.5-7.rhaos4.16.git7db4ada.el8" }, { "product_name" : "Red Hat OpenShift Container Platform 4.16", "release_date" : "2024-07-24T00:00:00Z", "advisory" : "RHSA-2024:4613", "cpe" : "cpe:/a:redhat:openshift:4.16::el9", "package" : "openshift4/ose-operator-lifecycle-manager-rhel9:v4.16.0-202407171536.p0.g1551101.assembly.stream.el9" }, { "product_name" : "Red Hat OpenShift Container Platform 4.16", "release_date" : "2024-09-24T00:00:00Z", "advisory" : "RHSA-2024:6824", "cpe" : "cpe:/a:redhat:openshift:4.16::el9", "package" : "openshift4/ose-machine-config-rhel9-operator:v4.16.0-202409162206.p0.g6a425ab.assembly.stream.el9" }, { "product_name" : "Red Hat OpenShift Container Platform 4.16", "release_date" : "2024-10-02T00:00:00Z", "advisory" : "RHSA-2024:7174", "cpe" : "cpe:/a:redhat:openshift:4.16::el9", "package" : "openshift4/ose-agent-installer-orchestrator-rhel9:v4.16.0-202409231504.p0.g342902b.assembly.stream.el9" }, { "product_name" : "Red Hat OpenShift Container Platform 4.16", "release_date" : "2024-10-24T00:00:00Z", "advisory" : "RHSA-2024:8260", "cpe" : "cpe:/a:redhat:openshift:4.16::el9", "package" : "openshift4/ose-agent-installer-node-agent-rhel9:v4.16.0-202410172201.p0.gb121e87.assembly.stream.el9" }, { "product_name" : "Red Hat OpenShift Container Platform 4.17", "release_date" : "2024-10-01T00:00:00Z", "advisory" : "RHSA-2024:3718", "cpe" : "cpe:/a:redhat:openshift:4.17::el9", "package" : "openshift4/ose-machine-config-rhel9-operator:v4.17.0-202409122005.p0.gb170ad0.assembly.stream.el9" }, { "product_name" : "Red Hat OpenShift Container Platform 4.17", "release_date" : "2024-10-01T00:00:00Z", "advisory" : "RHSA-2024:3718", "cpe" : "cpe:/a:redhat:openshift:4.17::el9", "package" : "openshift4/ose-olm-operator-controller-rhel9:v4.17.0-202409100034.p0.g8d16b39.assembly.stream.el9" }, { "product_name" : "Red Hat OpenShift Container Platform 4.17", "release_date" : "2024-10-01T00:00:00Z", "advisory" : "RHSA-2024:3718", "cpe" : "cpe:/a:redhat:openshift:4.17::el9", "package" : "openshift4/ose-operator-lifecycle-manager-rhel9:v4.17.0-202409101338.p0.gb0d86a0.assembly.stream.el9" }, { "product_name" : "Red Hat OpenShift Container Platform 4.17", "release_date" : "2024-10-01T00:00:00Z", "advisory" : "RHSA-2024:3718", "cpe" : "cpe:/a:redhat:openshift:4.17::el9", "package" : "openshift4/ose-operator-registry-rhel9:v4.17.0-202409101338.p0.gb0d86a0.assembly.stream.el9" }, { "product_name" : "Red Hat OpenShift Container Platform 4.17", "release_date" : "2024-10-16T00:00:00Z", "advisory" : "RHSA-2024:7922", "cpe" : "cpe:/a:redhat:openshift:4.17::el9", "package" : "openshift4/ose-agent-installer-orchestrator-rhel9:v4.17.0-202410022234.p0.gfbc55c6.assembly.stream.el9" }, { "product_name" : "Red Hat OpenShift Container Platform 4.18", "release_date" : "2025-02-25T00:00:00Z", "advisory" : "RHSA-2024:6122", "cpe" : "cpe:/a:redhat:openshift:4.18::el9", "package" : "openshift4/oc-mirror-plugin-rhel9:v4.18.0-202502100934.p0.gc00c7c9.assembly.stream.el9" }, { "product_name" : "Red Hat OpenShift Container Platform 4.18", "release_date" : "2025-02-25T00:00:00Z", "advisory" : "RHSA-2024:6122", "cpe" : "cpe:/a:redhat:openshift:4.18::el9", "package" : "openshift4/ose-agent-installer-api-server-rhel9:v4.18.0-202502040032.p0.ge5a4005.assembly.stream.el9" }, { "product_name" : "Red Hat OpenShift Container Platform 4.18", "release_date" : "2025-02-25T00:00:00Z", "advisory" : "RHSA-2024:6122", "cpe" : "cpe:/a:redhat:openshift:4.18::el9", "package" : "openshift4/ose-agent-installer-node-agent-rhel9:v4.18.0-202502041302.p0.g51a74ac.assembly.stream.el9" }, { "product_name" : "Red Hat OpenShift Container Platform 4.18", "release_date" : "2025-02-25T00:00:00Z", "advisory" : "RHSA-2024:6122", "cpe" : "cpe:/a:redhat:openshift:4.18::el9", "package" : "openshift4/ose-agent-installer-orchestrator-rhel9:v4.18.0-202501230001.p0.g5348c85.assembly.stream.el9" }, { "product_name" : "Red Hat OpenShift Container Platform 4.18", "release_date" : "2025-02-25T00:00:00Z", "advisory" : "RHSA-2024:6122", "cpe" : "cpe:/a:redhat:openshift:4.18::el9", "package" : "openshift4/ose-machine-config-rhel9-operator:v4.18.0-202502100153.p0.g120ba67.assembly.stream.el9" }, { "product_name" : "Red Hat OpenShift Container Platform 4.18", "release_date" : "2025-02-25T00:00:00Z", "advisory" : "RHSA-2024:6122", "cpe" : "cpe:/a:redhat:openshift:4.18::el9", "package" : "openshift4/ose-openshift-apiserver-rhel9:v4.18.0-202502060238.p0.g73d65db.assembly.stream.el9" }, { "product_name" : "RHEL-9-CNV-4.15", "release_date" : "2024-08-28T00:00:00Z", "advisory" : "RHSA-2024:5951", "cpe" : "cpe:/a:redhat:container_native_virtualization:4.15::el9", "package" : "container-native-virtualization/virt-cdi-controller-rhel9:v4.15.5-7" } ], "package_state" : [ { "product_name" : "Multicluster Engine for Kubernetes", "fix_state" : "Not affected", "package_name" : "multicluster-engine/agent-service-rhel8", "cpe" : "cpe:/a:redhat:multicluster_engine" }, { "product_name" : "Multicluster Engine for Kubernetes", "fix_state" : "Not affected", "package_name" : "multicluster-engine/assisted-installer-agent-rhel9", "cpe" : "cpe:/a:redhat:multicluster_engine" }, { "product_name" : "Multicluster Engine for Kubernetes", "fix_state" : "Not affected", "package_name" : "multicluster-engine/assisted-installer-reporter-rhel8", "cpe" : "cpe:/a:redhat:multicluster_engine" }, { "product_name" : "Multicluster Engine for Kubernetes", "fix_state" : "Not affected", "package_name" : "multicluster-engine/assisted-installer-rhel8", "cpe" : "cpe:/a:redhat:multicluster_engine" }, { "product_name" : "Multicluster Engine for Kubernetes", "fix_state" : "Not affected", "package_name" : "multicluster-engine/hive-rhel8", "cpe" : "cpe:/a:redhat:multicluster_engine" }, { "product_name" : "OpenShift Developer Tools and Services", "fix_state" : "Affected", "package_name" : "ocp-tools-4/jenkins-agent-base-rhel8", "cpe" : "cpe:/a:redhat:ocp_tools" }, { "product_name" : "OpenShift Developer Tools and Services", "fix_state" : "Affected", "package_name" : "ocp-tools-4/jenkins-rhel8", "cpe" : "cpe:/a:redhat:ocp_tools" }, { "product_name" : "OpenShift Serverless", "fix_state" : "Will not fix", "package_name" : "openshift-serverless-1/client-kn-rhel8", "cpe" : "cpe:/a:redhat:serverless:1" }, { "product_name" : "OpenShift Serverless", "fix_state" : "Will not fix", "package_name" : "openshift-serverless-clients", "cpe" : "cpe:/a:redhat:serverless:1" }, { "product_name" : "OpenShift Source-to-Image (S2I)", "fix_state" : "Affected", "package_name" : "source-to-image-container", "cpe" : "cpe:/a:redhat:source_to_image:1" }, { "product_name" : "Red Hat Advanced Cluster Management for Kubernetes 2", "fix_state" : "Not affected", "package_name" : "rhacm2/submariner-rhel8-operator", "cpe" : "cpe:/a:redhat:acm:2" }, { "product_name" : "Red Hat Advanced Cluster Security 3", "fix_state" : "Will not fix", "package_name" : "advanced-cluster-security/rhacs-central-db-rhel8", "cpe" : "cpe:/a:redhat:advanced_cluster_security:3" }, { "product_name" : "Red Hat Advanced Cluster Security 3", "fix_state" : "Will not fix", "package_name" : "advanced-cluster-security/rhacs-main-rhel8", "cpe" : "cpe:/a:redhat:advanced_cluster_security:3" }, { "product_name" : "Red Hat Advanced Cluster Security 3", "fix_state" : "Will not fix", "package_name" : "advanced-cluster-security/rhacs-rhel8-operator", "cpe" : "cpe:/a:redhat:advanced_cluster_security:3" }, { "product_name" : "Red Hat Advanced Cluster Security 3", "fix_state" : "Will not fix", "package_name" : "advanced-cluster-security/rhacs-roxctl-rhel8", "cpe" : "cpe:/a:redhat:advanced_cluster_security:3" }, { "product_name" : "Red Hat Advanced Cluster Security 3", "fix_state" : "Will not fix", "package_name" : "advanced-cluster-security/rhacs-scanner-db-rhel8", "cpe" : "cpe:/a:redhat:advanced_cluster_security:3" }, { "product_name" : "Red Hat Advanced Cluster Security 3", "fix_state" : "Not affected", "package_name" : "advanced-cluster-security/rhacs-scanner-db-slim-rhel8", "cpe" : "cpe:/a:redhat:advanced_cluster_security:3" }, { "product_name" : "Red Hat Advanced Cluster Security 3", "fix_state" : "Will not fix", "package_name" : "advanced-cluster-security/rhacs-scanner-rhel8", "cpe" : "cpe:/a:redhat:advanced_cluster_security:3" }, { "product_name" : "Red Hat Advanced Cluster Security 3", "fix_state" : "Will not fix", "package_name" : "advanced-cluster-security/rhacs-scanner-slim-rhel8", "cpe" : "cpe:/a:redhat:advanced_cluster_security:3" }, { "product_name" : "Red Hat Ansible Automation Platform 1.2", "fix_state" : "Not affected", "package_name" : "openshift-clients", "cpe" : "cpe:/a:redhat:ansible_automation_platform" }, { "product_name" : "Red Hat Ansible Automation Platform 2", "fix_state" : "Not affected", "package_name" : "openshift-clients", "cpe" : "cpe:/a:redhat:ansible_automation_platform:2" }, { "product_name" : "Red Hat Enterprise Linux 10", "fix_state" : "Not affected", "package_name" : "buildah", "cpe" : "cpe:/o:redhat:enterprise_linux:10" }, { "product_name" : "Red Hat Enterprise Linux 10", "fix_state" : "Not affected", "package_name" : "conmon", "cpe" : "cpe:/o:redhat:enterprise_linux:10" }, { "product_name" : "Red Hat Enterprise Linux 10", "fix_state" : "Not affected", "package_name" : "containers-common", "cpe" : "cpe:/o:redhat:enterprise_linux:10" }, { "product_name" : "Red Hat Enterprise Linux 10", "fix_state" : "Not affected", "package_name" : "osbuild-composer", "cpe" : "cpe:/o:redhat:enterprise_linux:10" }, { "product_name" : "Red Hat Enterprise Linux 10", "fix_state" : "Not affected", "package_name" : "podman", "cpe" : "cpe:/o:redhat:enterprise_linux:10" }, { "product_name" : "Red Hat Enterprise Linux 10", "fix_state" : "Not affected", "package_name" : "skopeo", "cpe" : "cpe:/o:redhat:enterprise_linux:10" }, { "product_name" : "Red Hat Enterprise Linux 7", "fix_state" : "Out of support scope", "package_name" : "buildah", "cpe" : "cpe:/o:redhat:enterprise_linux:7" }, { "product_name" : "Red Hat Enterprise Linux 7", "fix_state" : "Out of support scope", "package_name" : "podman", "cpe" : "cpe:/o:redhat:enterprise_linux:7" }, { "product_name" : "Red Hat Enterprise Linux 7", "fix_state" : "Out of support scope", "package_name" : "skopeo", "cpe" : "cpe:/o:redhat:enterprise_linux:7" }, { "product_name" : "Red Hat Enterprise Linux 8", "fix_state" : "Not affected", "package_name" : "container-tools:4.0/buildah", "cpe" : "cpe:/o:redhat:enterprise_linux:8" }, { "product_name" : "Red Hat Enterprise Linux 8", "fix_state" : "Not affected", "package_name" : "container-tools:4.0/conmon", "cpe" : "cpe:/o:redhat:enterprise_linux:8" }, { "product_name" : "Red Hat Enterprise Linux 8", "fix_state" : "Not affected", "package_name" : "container-tools:4.0/containers-common", "cpe" : "cpe:/o:redhat:enterprise_linux:8" }, { "product_name" : "Red Hat Enterprise Linux 8", "fix_state" : "Will not fix", "package_name" : "container-tools:4.0/podman", "cpe" : "cpe:/o:redhat:enterprise_linux:8" }, { "product_name" : "Red Hat Enterprise Linux 8", "fix_state" : "Not affected", "package_name" : "container-tools:4.0/skopeo", "cpe" : "cpe:/o:redhat:enterprise_linux:8" }, { "product_name" : "Red Hat Enterprise Linux 8", "fix_state" : "Will not fix", "package_name" : "osbuild-composer", "cpe" : "cpe:/o:redhat:enterprise_linux:8" }, { "product_name" : "Red Hat Enterprise Linux 9", "fix_state" : "Not affected", "package_name" : "conmon", "cpe" : "cpe:/o:redhat:enterprise_linux:9" }, { "product_name" : "Red Hat Enterprise Linux 9", "fix_state" : "Not affected", "package_name" : "containers-common", "cpe" : "cpe:/o:redhat:enterprise_linux:9" }, { "product_name" : "Red Hat Enterprise Linux 9", "fix_state" : "Will not fix", "package_name" : "osbuild-composer", "cpe" : "cpe:/o:redhat:enterprise_linux:9" }, { "product_name" : "Red Hat OpenShift Container Platform 3.11", "fix_state" : "Out of support scope", "package_name" : "atomic-openshift", "cpe" : "cpe:/a:redhat:openshift:3.11" }, { "product_name" : "Red Hat OpenShift Container Platform 3.11", "fix_state" : "Out of support scope", "package_name" : "podman", "cpe" : "cpe:/a:redhat:openshift:3.11" }, { "product_name" : "Red Hat OpenShift Container Platform 4", "fix_state" : "Not affected", "package_name" : "buildah", "cpe" : "cpe:/a:redhat:openshift:4" }, { "product_name" : "Red Hat OpenShift Container Platform 4", "fix_state" : "Not affected", "package_name" : "conmon", "cpe" : "cpe:/a:redhat:openshift:4" }, { "product_name" : "Red Hat OpenShift Container Platform 4", "fix_state" : "Not affected", "package_name" : "containers-common", "cpe" : "cpe:/a:redhat:openshift:4" }, { "product_name" : "Red Hat OpenShift Container Platform 4", "fix_state" : "Affected", "package_name" : "openshift4/ose-agent-installer-csr-approver-rhel9", "cpe" : "cpe:/a:redhat:openshift:4" }, { "product_name" : "Red Hat OpenShift Container Platform 4", "fix_state" : "Not affected", "package_name" : "openshift4/ose-baremetal-installer-rhel8", "cpe" : "cpe:/a:redhat:openshift:4" }, { "product_name" : "Red Hat OpenShift Container Platform 4", "fix_state" : "Will not fix", "package_name" : "openshift4/ose-cli", "cpe" : "cpe:/a:redhat:openshift:4" }, { "product_name" : "Red Hat OpenShift Container Platform 4", "fix_state" : "Affected", "package_name" : "openshift4/ose-cli-artifacts", "cpe" : "cpe:/a:redhat:openshift:4" }, { "product_name" : "Red Hat OpenShift Container Platform 4", "fix_state" : "Will not fix", "package_name" : "openshift4/ose-deployer-rhel9", "cpe" : "cpe:/a:redhat:openshift:4" }, { "product_name" : "Red Hat OpenShift Container Platform 4", "fix_state" : "Affected", "package_name" : "openshift4/ose-installer", "cpe" : "cpe:/a:redhat:openshift:4" }, { "product_name" : "Red Hat OpenShift Container Platform 4", "fix_state" : "Not affected", "package_name" : "openshift4/ose-installer-altinfra-rhel9", "cpe" : "cpe:/a:redhat:openshift:4" }, { "product_name" : "Red Hat OpenShift Container Platform 4", "fix_state" : "Not affected", "package_name" : "openshift4/ose-installer-artifacts-rhel9", "cpe" : "cpe:/a:redhat:openshift:4" }, { "product_name" : "Red Hat OpenShift Container Platform 4", "fix_state" : "Affected", "package_name" : "openshift4/ose-olm-rukpak-rhel8", "cpe" : "cpe:/a:redhat:openshift:4" }, { "product_name" : "Red Hat OpenShift Container Platform 4", "fix_state" : "Not affected", "package_name" : "openshift4/ose-openshift-proxy-pull-test-rhel8", "cpe" : "cpe:/a:redhat:openshift:4" }, { "product_name" : "Red Hat OpenShift Container Platform 4", "fix_state" : "Will not fix", "package_name" : "openshift-clients", "cpe" : "cpe:/a:redhat:openshift:4" }, { "product_name" : "Red Hat OpenShift Container Platform 4", "fix_state" : "Not affected", "package_name" : "ose-installer-terraform-providers-container", "cpe" : "cpe:/a:redhat:openshift:4" }, { "product_name" : "Red Hat OpenShift Container Platform Assisted Installer 1", "fix_state" : "Affected", "package_name" : "rhai-tech-preview/assisted-installer-agent-rhel8", "cpe" : "cpe:/a:redhat:assisted_installer:1" }, { "product_name" : "Red Hat OpenShift Container Platform Assisted Installer 1", "fix_state" : "Affected", "package_name" : "rhai-tech-preview/assisted-installer-reporter-rhel8", "cpe" : "cpe:/a:redhat:assisted_installer:1" }, { "product_name" : "Red Hat OpenShift Container Platform Assisted Installer 1", "fix_state" : "Affected", "package_name" : "rhai-tech-preview/assisted-installer-rhel8", "cpe" : "cpe:/a:redhat:assisted_installer:1" }, { "product_name" : "Red Hat OpenShift Dev Spaces", "fix_state" : "Affected", "package_name" : "devspaces/udi-rhel8", "cpe" : "cpe:/a:redhat:openshift_devspaces:3" }, { "product_name" : "Red Hat Openshift Sandboxed Containers", "fix_state" : "Affected", "package_name" : "openshift-sandboxed-containers/osc-must-gather-rhel9", "cpe" : "cpe:/a:redhat:openshift_sandboxed_containers:1" }, { "product_name" : "Red Hat Openshift Sandboxed Containers", "fix_state" : "Affected", "package_name" : "openshift-sandboxed-containers/osc-rhel8-operator", "cpe" : "cpe:/a:redhat:openshift_sandboxed_containers:1" }, { "product_name" : "Red Hat OpenShift Virtualization 4", "fix_state" : "Will not fix", "package_name" : "container-native-virtualization/virt-cdi-apiserver", "cpe" : "cpe:/a:redhat:container_native_virtualization:4" }, { "product_name" : "Red Hat OpenShift Virtualization 4", "fix_state" : "Will not fix", "package_name" : "container-native-virtualization/virt-cdi-apiserver-rhel9", "cpe" : "cpe:/a:redhat:container_native_virtualization:4" }, { "product_name" : "Red Hat OpenShift Virtualization 4", "fix_state" : "Will not fix", "package_name" : "container-native-virtualization/virt-cdi-cloner", "cpe" : "cpe:/a:redhat:container_native_virtualization:4" }, { "product_name" : "Red Hat OpenShift Virtualization 4", "fix_state" : "Will not fix", "package_name" : "container-native-virtualization/virt-cdi-cloner-rhel9", "cpe" : "cpe:/a:redhat:container_native_virtualization:4" }, { "product_name" : "Red Hat OpenShift Virtualization 4", "fix_state" : "Will not fix", "package_name" : "container-native-virtualization/virt-cdi-controller", "cpe" : "cpe:/a:redhat:container_native_virtualization:4" }, { "product_name" : "Red Hat OpenShift Virtualization 4", "fix_state" : "Will not fix", "package_name" : "container-native-virtualization/virt-cdi-importer", "cpe" : "cpe:/a:redhat:container_native_virtualization:4" }, { "product_name" : "Red Hat OpenShift Virtualization 4", "fix_state" : "Affected", "package_name" : "container-native-virtualization/virt-cdi-importer-rhel9", "cpe" : "cpe:/a:redhat:container_native_virtualization:4" }, { "product_name" : "Red Hat OpenShift Virtualization 4", "fix_state" : "Will not fix", "package_name" : "container-native-virtualization/virt-cdi-operator", "cpe" : "cpe:/a:redhat:container_native_virtualization:4" }, { "product_name" : "Red Hat OpenShift Virtualization 4", "fix_state" : "Will not fix", "package_name" : "container-native-virtualization/virt-cdi-operator-rhel9", "cpe" : "cpe:/a:redhat:container_native_virtualization:4" }, { "product_name" : "Red Hat OpenShift Virtualization 4", "fix_state" : "Will not fix", "package_name" : "container-native-virtualization/virt-cdi-uploadproxy", "cpe" : "cpe:/a:redhat:container_native_virtualization:4" }, { "product_name" : "Red Hat OpenShift Virtualization 4", "fix_state" : "Will not fix", "package_name" : "container-native-virtualization/virt-cdi-uploadproxy-rhel9", "cpe" : "cpe:/a:redhat:container_native_virtualization:4" }, { "product_name" : "Red Hat OpenShift Virtualization 4", "fix_state" : "Will not fix", "package_name" : "container-native-virtualization/virt-cdi-uploadserver", "cpe" : "cpe:/a:redhat:container_native_virtualization:4" }, { "product_name" : "Red Hat OpenShift Virtualization 4", "fix_state" : "Will not fix", "package_name" : "container-native-virtualization/virt-cdi-uploadserver-rhel9", "cpe" : "cpe:/a:redhat:container_native_virtualization:4" }, { "product_name" : "Red Hat OpenStack Platform 16.2", "fix_state" : "Will not fix", "package_name" : "osp-director-provisioner-container", "cpe" : "cpe:/a:redhat:openstack:16.2" }, { "product_name" : "Red Hat Quay 3", "fix_state" : "Not affected", "package_name" : "quay/quay-builder-rhel8", "cpe" : "cpe:/a:redhat:quay:3" } ], "references" : [ "https://www.cve.org/CVERecord?id=CVE-2024-3727\nhttps://nvd.nist.gov/vuln/detail/CVE-2024-3727" ], "name" : "CVE-2024-3727", "csaw" : false }