CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H
AI Score
Confidence
Low
EPSS
Percentile
17.8%
A flaw was found in the github.com/containers/image library. This flaw allows attackers to trigger unexpected authenticated registry accesses on behalf of a victim user, causing resource exhaustion, local path traversal, and other attacks.
[
{
"vendor": "Red Hat",
"product": "Red Hat Advanced Cluster Security 4.4",
"collectionURL": "https://catalog.redhat.com/software/containers/",
"packageName": "advanced-cluster-security/rhacs-central-db-rhel8",
"defaultStatus": "affected",
"versions": [
{
"version": "4.4.5-2",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
}
],
"cpes": [
"cpe:/a:redhat:advanced_cluster_security:4.4::el8"
]
},
{
"vendor": "Red Hat",
"product": "Red Hat Advanced Cluster Security 4.4",
"collectionURL": "https://catalog.redhat.com/software/containers/",
"packageName": "advanced-cluster-security/rhacs-collector-rhel8",
"defaultStatus": "affected",
"versions": [
{
"version": "4.4.5-2",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
}
],
"cpes": [
"cpe:/a:redhat:advanced_cluster_security:4.4::el8"
]
},
{
"vendor": "Red Hat",
"product": "Red Hat Advanced Cluster Security 4.4",
"collectionURL": "https://catalog.redhat.com/software/containers/",
"packageName": "advanced-cluster-security/rhacs-collector-slim-rhel8",
"defaultStatus": "affected",
"versions": [
{
"version": "4.4.5-2",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
}
],
"cpes": [
"cpe:/a:redhat:advanced_cluster_security:4.4::el8"
]
},
{
"vendor": "Red Hat",
"product": "Red Hat Advanced Cluster Security 4.4",
"collectionURL": "https://catalog.redhat.com/software/containers/",
"packageName": "advanced-cluster-security/rhacs-main-rhel8",
"defaultStatus": "affected",
"versions": [
{
"version": "4.4.5-4",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
}
],
"cpes": [
"cpe:/a:redhat:advanced_cluster_security:4.4::el8"
]
},
{
"vendor": "Red Hat",
"product": "Red Hat Advanced Cluster Security 4.4",
"collectionURL": "https://catalog.redhat.com/software/containers/",
"packageName": "advanced-cluster-security/rhacs-operator-bundle",
"defaultStatus": "affected",
"versions": [
{
"version": "4.4.5-3",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
}
],
"cpes": [
"cpe:/a:redhat:advanced_cluster_security:4.4::el8"
]
},
{
"vendor": "Red Hat",
"product": "Red Hat Advanced Cluster Security 4.4",
"collectionURL": "https://catalog.redhat.com/software/containers/",
"packageName": "advanced-cluster-security/rhacs-rhel8-operator",
"defaultStatus": "affected",
"versions": [
{
"version": "4.4.5-2",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
}
],
"cpes": [
"cpe:/a:redhat:advanced_cluster_security:4.4::el8"
]
},
{
"vendor": "Red Hat",
"product": "Red Hat Advanced Cluster Security 4.4",
"collectionURL": "https://catalog.redhat.com/software/containers/",
"packageName": "advanced-cluster-security/rhacs-roxctl-rhel8",
"defaultStatus": "affected",
"versions": [
{
"version": "4.4.5-2",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
}
],
"cpes": [
"cpe:/a:redhat:advanced_cluster_security:4.4::el8"
]
},
{
"vendor": "Red Hat",
"product": "Red Hat Advanced Cluster Security 4.4",
"collectionURL": "https://catalog.redhat.com/software/containers/",
"packageName": "advanced-cluster-security/rhacs-scanner-db-rhel8",
"defaultStatus": "affected",
"versions": [
{
"version": "4.4.5-2",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
}
],
"cpes": [
"cpe:/a:redhat:advanced_cluster_security:4.4::el8"
]
},
{
"vendor": "Red Hat",
"product": "Red Hat Advanced Cluster Security 4.4",
"collectionURL": "https://catalog.redhat.com/software/containers/",
"packageName": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8",
"defaultStatus": "affected",
"versions": [
{
"version": "4.4.5-3",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
}
],
"cpes": [
"cpe:/a:redhat:advanced_cluster_security:4.4::el8"
]
},
{
"vendor": "Red Hat",
"product": "Red Hat Advanced Cluster Security 4.4",
"collectionURL": "https://catalog.redhat.com/software/containers/",
"packageName": "advanced-cluster-security/rhacs-scanner-rhel8",
"defaultStatus": "affected",
"versions": [
{
"version": "4.4.5-2",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
}
],
"cpes": [
"cpe:/a:redhat:advanced_cluster_security:4.4::el8"
]
},
{
"vendor": "Red Hat",
"product": "Red Hat Advanced Cluster Security 4.4",
"collectionURL": "https://catalog.redhat.com/software/containers/",
"packageName": "advanced-cluster-security/rhacs-scanner-slim-rhel8",
"defaultStatus": "affected",
"versions": [
{
"version": "4.4.5-2",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
}
],
"cpes": [
"cpe:/a:redhat:advanced_cluster_security:4.4::el8"
]
},
{
"vendor": "Red Hat",
"product": "Red Hat Advanced Cluster Security 4.4",
"collectionURL": "https://catalog.redhat.com/software/containers/",
"packageName": "advanced-cluster-security/rhacs-scanner-v4-db-rhel8",
"defaultStatus": "affected",
"versions": [
{
"version": "4.4.5-3",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
}
],
"cpes": [
"cpe:/a:redhat:advanced_cluster_security:4.4::el8"
]
},
{
"vendor": "Red Hat",
"product": "Red Hat Advanced Cluster Security 4.4",
"collectionURL": "https://catalog.redhat.com/software/containers/",
"packageName": "advanced-cluster-security/rhacs-scanner-v4-rhel8",
"defaultStatus": "affected",
"versions": [
{
"version": "4.4.5-3",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
}
],
"cpes": [
"cpe:/a:redhat:advanced_cluster_security:4.4::el8"
]
},
{
"vendor": "Red Hat",
"product": "Red Hat Advanced Cluster Security 4.5",
"collectionURL": "https://catalog.redhat.com/software/containers/",
"packageName": "advanced-cluster-security/rhacs-central-db-rhel8",
"defaultStatus": "affected",
"versions": [
{
"version": "4.5.2-2",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
}
],
"cpes": [
"cpe:/a:redhat:advanced_cluster_security:4.5::el8"
]
},
{
"vendor": "Red Hat",
"product": "Red Hat Advanced Cluster Security 4.5",
"collectionURL": "https://catalog.redhat.com/software/containers/",
"packageName": "advanced-cluster-security/rhacs-collector-rhel8",
"defaultStatus": "affected",
"versions": [
{
"version": "4.5.2-2",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
}
],
"cpes": [
"cpe:/a:redhat:advanced_cluster_security:4.5::el8"
]
},
{
"vendor": "Red Hat",
"product": "Red Hat Advanced Cluster Security 4.5",
"collectionURL": "https://catalog.redhat.com/software/containers/",
"packageName": "advanced-cluster-security/rhacs-collector-slim-rhel8",
"defaultStatus": "affected",
"versions": [
{
"version": "4.5.2-2",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
}
],
"cpes": [
"cpe:/a:redhat:advanced_cluster_security:4.5::el8"
]
},
{
"vendor": "Red Hat",
"product": "Red Hat Advanced Cluster Security 4.5",
"collectionURL": "https://catalog.redhat.com/software/containers/",
"packageName": "advanced-cluster-security/rhacs-main-rhel8",
"defaultStatus": "affected",
"versions": [
{
"version": "4.5.2-2",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
}
],
"cpes": [
"cpe:/a:redhat:advanced_cluster_security:4.5::el8"
]
},
{
"vendor": "Red Hat",
"product": "Red Hat Advanced Cluster Security 4.5",
"collectionURL": "https://catalog.redhat.com/software/containers/",
"packageName": "advanced-cluster-security/rhacs-operator-bundle",
"defaultStatus": "affected",
"versions": [
{
"version": "4.5.2-2",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
}
],
"cpes": [
"cpe:/a:redhat:advanced_cluster_security:4.5::el8"
]
},
{
"vendor": "Red Hat",
"product": "Red Hat Advanced Cluster Security 4.5",
"collectionURL": "https://catalog.redhat.com/software/containers/",
"packageName": "advanced-cluster-security/rhacs-rhel8-operator",
"defaultStatus": "affected",
"versions": [
{
"version": "4.5.2-2",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
}
],
"cpes": [
"cpe:/a:redhat:advanced_cluster_security:4.5::el8"
]
},
{
"vendor": "Red Hat",
"product": "Red Hat Advanced Cluster Security 4.5",
"collectionURL": "https://catalog.redhat.com/software/containers/",
"packageName": "advanced-cluster-security/rhacs-roxctl-rhel8",
"defaultStatus": "affected",
"versions": [
{
"version": "4.5.2-2",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
}
],
"cpes": [
"cpe:/a:redhat:advanced_cluster_security:4.5::el8"
]
},
{
"vendor": "Red Hat",
"product": "Red Hat Advanced Cluster Security 4.5",
"collectionURL": "https://catalog.redhat.com/software/containers/",
"packageName": "advanced-cluster-security/rhacs-scanner-db-rhel8",
"defaultStatus": "affected",
"versions": [
{
"version": "4.5.2-2",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
}
],
"cpes": [
"cpe:/a:redhat:advanced_cluster_security:4.5::el8"
]
},
{
"vendor": "Red Hat",
"product": "Red Hat Advanced Cluster Security 4.5",
"collectionURL": "https://catalog.redhat.com/software/containers/",
"packageName": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8",
"defaultStatus": "affected",
"versions": [
{
"version": "4.5.2-2",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
}
],
"cpes": [
"cpe:/a:redhat:advanced_cluster_security:4.5::el8"
]
},
{
"vendor": "Red Hat",
"product": "Red Hat Advanced Cluster Security 4.5",
"collectionURL": "https://catalog.redhat.com/software/containers/",
"packageName": "advanced-cluster-security/rhacs-scanner-rhel8",
"defaultStatus": "affected",
"versions": [
{
"version": "4.5.2-2",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
}
],
"cpes": [
"cpe:/a:redhat:advanced_cluster_security:4.5::el8"
]
},
{
"vendor": "Red Hat",
"product": "Red Hat Advanced Cluster Security 4.5",
"collectionURL": "https://catalog.redhat.com/software/containers/",
"packageName": "advanced-cluster-security/rhacs-scanner-slim-rhel8",
"defaultStatus": "affected",
"versions": [
{
"version": "4.5.2-1",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
}
],
"cpes": [
"cpe:/a:redhat:advanced_cluster_security:4.5::el8"
]
},
{
"vendor": "Red Hat",
"product": "Red Hat Advanced Cluster Security 4.5",
"collectionURL": "https://catalog.redhat.com/software/containers/",
"packageName": "advanced-cluster-security/rhacs-scanner-v4-db-rhel8",
"defaultStatus": "affected",
"versions": [
{
"version": "4.5.2-2",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
}
],
"cpes": [
"cpe:/a:redhat:advanced_cluster_security:4.5::el8"
]
},
{
"vendor": "Red Hat",
"product": "Red Hat Advanced Cluster Security 4.5",
"collectionURL": "https://catalog.redhat.com/software/containers/",
"packageName": "advanced-cluster-security/rhacs-scanner-v4-rhel8",
"defaultStatus": "affected",
"versions": [
{
"version": "4.5.2-2",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
}
],
"cpes": [
"cpe:/a:redhat:advanced_cluster_security:4.5::el8"
]
},
{
"vendor": "Red Hat",
"product": "Red Hat Enterprise Linux 8",
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"packageName": "container-tools:rhel8",
"defaultStatus": "affected",
"versions": [
{
"version": "8100020240808093819.afee755d",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
}
],
"cpes": [
"cpe:/a:redhat:enterprise_linux:8::appstream"
]
},
{
"vendor": "Red Hat",
"product": "Red Hat Migration Toolkit for Containers 1.8",
"collectionURL": "https://catalog.redhat.com/software/containers/",
"packageName": "rhmtc/openshift-migration-controller-rhel8",
"defaultStatus": "affected",
"versions": [
{
"version": "v1.8.4-22",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
}
],
"cpes": [
"cpe:/a:redhat:rhmt:1.8::el8"
]
},
{
"vendor": "Red Hat",
"product": "Red Hat OpenShift Container Platform 4.14",
"collectionURL": "https://catalog.redhat.com/software/containers/",
"packageName": "openshift4/ose-operator-lifecycle-manager",
"defaultStatus": "affected",
"versions": [
{
"version": "v4.14.0-202407260439.p0.g8d9b39e.assembly.stream.el8",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
}
],
"cpes": [
"cpe:/a:redhat:openshift:4.14::el9",
"cpe:/a:redhat:openshift:4.14::el8"
]
},
{
"vendor": "Red Hat",
"product": "Red Hat OpenShift Container Platform 4.15",
"collectionURL": "https://catalog.redhat.com/software/containers/",
"packageName": "openshift4/ose-operator-lifecycle-manager-rhel9",
"defaultStatus": "affected",
"versions": [
{
"version": "v4.15.0-202407230407.p0.gf3f8de5.assembly.stream.el9",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
}
],
"cpes": [
"cpe:/a:redhat:openshift:4.15::el9",
"cpe:/a:redhat:openshift:4.15::el8"
]
},
{
"vendor": "Red Hat",
"product": "Red Hat OpenShift Container Platform 4.16",
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"packageName": "podman",
"defaultStatus": "affected",
"versions": [
{
"version": "4:4.9.4-5.1.rhaos4.16.el9",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
}
],
"cpes": [
"cpe:/a:redhat:openshift:4.16::el9",
"cpe:/a:redhat:openshift_ironic:4.16::el9",
"cpe:/a:redhat:openshift:4.16::el8"
]
},
{
"vendor": "Red Hat",
"product": "Red Hat OpenShift Container Platform 4.16",
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"packageName": "skopeo",
"defaultStatus": "affected",
"versions": [
{
"version": "2:1.14.4-1.rhaos4.16.el8",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
}
],
"cpes": [
"cpe:/a:redhat:openshift:4.16::el9",
"cpe:/a:redhat:openshift_ironic:4.16::el9",
"cpe:/a:redhat:openshift:4.16::el8"
]
},
{
"vendor": "Red Hat",
"product": "Red Hat OpenShift Container Platform 4.16",
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"packageName": "cri-o",
"defaultStatus": "affected",
"versions": [
{
"version": "0:1.29.5-7.rhaos4.16.git7db4ada.el9",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
}
],
"cpes": [
"cpe:/a:redhat:openshift:4.16::el9",
"cpe:/a:redhat:openshift:4.16::el8"
]
},
{
"vendor": "Red Hat",
"product": "Red Hat OpenShift Container Platform 4.16",
"collectionURL": "https://catalog.redhat.com/software/containers/",
"packageName": "openshift4/ose-operator-lifecycle-manager-rhel9",
"defaultStatus": "affected",
"versions": [
{
"version": "v4.16.0-202407171536.p0.g1551101.assembly.stream.el9",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
}
],
"cpes": [
"cpe:/a:redhat:openshift:4.16::el9"
]
},
{
"vendor": "Red Hat",
"product": "Red Hat OpenShift Container Platform 4.16",
"collectionURL": "https://catalog.redhat.com/software/containers/",
"packageName": "openshift4/ose-machine-config-rhel9-operator",
"defaultStatus": "affected",
"versions": [
{
"version": "v4.16.0-202409162206.p0.g6a425ab.assembly.stream.el9",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
}
],
"cpes": [
"cpe:/a:redhat:openshift:4.16::el9"
]
},
{
"vendor": "Red Hat",
"product": "RHEL-9-CNV-4.15",
"collectionURL": "https://catalog.redhat.com/software/containers/",
"packageName": "container-native-virtualization/virt-cdi-controller-rhel9",
"defaultStatus": "affected",
"versions": [
{
"version": "v4.15.5-7",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
}
],
"cpes": [
"cpe:/a:redhat:container_native_virtualization:4.15::el9"
]
},
{
"vendor": "Red Hat",
"product": "Multicluster Engine for Kubernetes",
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"packageName": "multicluster-engine/agent-service-rhel8",
"defaultStatus": "unaffected",
"cpes": [
"cpe:/a:redhat:multicluster_engine"
]
},
{
"vendor": "Red Hat",
"product": "Multicluster Engine for Kubernetes",
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"packageName": "multicluster-engine/assisted-installer-agent-rhel8",
"defaultStatus": "unaffected",
"cpes": [
"cpe:/a:redhat:multicluster_engine"
]
},
{
"vendor": "Red Hat",
"product": "Multicluster Engine for Kubernetes",
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"packageName": "multicluster-engine/assisted-installer-reporter-rhel8",
"defaultStatus": "unaffected",
"cpes": [
"cpe:/a:redhat:multicluster_engine"
]
},
{
"vendor": "Red Hat",
"product": "Multicluster Engine for Kubernetes",
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"packageName": "multicluster-engine/assisted-installer-rhel8",
"defaultStatus": "unaffected",
"cpes": [
"cpe:/a:redhat:multicluster_engine"
]
},
{
"vendor": "Red Hat",
"product": "Multicluster Engine for Kubernetes",
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"packageName": "multicluster-engine/hive-rhel8",
"defaultStatus": "unaffected",
"cpes": [
"cpe:/a:redhat:multicluster_engine"
]
},
{
"vendor": "Red Hat",
"product": "OpenShift API for Data Protection",
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"packageName": "oadp/oadp-velero-plugin-rhel8",
"defaultStatus": "affected",
"cpes": [
"cpe:/a:redhat:openshift_api_data_protection:1"
]
},
{
"vendor": "Red Hat",
"product": "OpenShift Developer Tools and Services",
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"packageName": "ocp-tools-4/jenkins-agent-base-rhel8",
"defaultStatus": "affected",
"cpes": [
"cpe:/a:redhat:ocp_tools"
]
},
{
"vendor": "Red Hat",
"product": "OpenShift Developer Tools and Services",
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"packageName": "ocp-tools-4/jenkins-rhel8",
"defaultStatus": "affected",
"cpes": [
"cpe:/a:redhat:ocp_tools"
]
},
{
"vendor": "Red Hat",
"product": "OpenShift Serverless",
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"packageName": "openshift-serverless-1/client-kn-rhel8",
"defaultStatus": "affected",
"cpes": [
"cpe:/a:redhat:serverless:1"
]
},
{
"vendor": "Red Hat",
"product": "OpenShift Serverless",
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"packageName": "openshift-serverless-clients",
"defaultStatus": "affected",
"cpes": [
"cpe:/a:redhat:serverless:1"
]
},
{
"vendor": "Red Hat",
"product": "OpenShift Source-to-Image (S2I) Builder Image",
"collectionURL": "https://catalog.redhat.com/software/containers/",
"packageName": "source-to-image-container",
"defaultStatus": "affected",
"cpes": [
"cpe:/a:redhat:source_to_image:1"
]
},
{
"vendor": "Red Hat",
"product": "Red Hat Advanced Cluster Management for Kubernetes 2",
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"packageName": "rhacm2/submariner-rhel8-operator",
"defaultStatus": "unaffected",
"cpes": [
"cpe:/a:redhat:acm:2"
]
},
{
"vendor": "Red Hat",
"product": "Red Hat Advanced Cluster Security 3",
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"packageName": "advanced-cluster-security/rhacs-central-db-rhel8",
"defaultStatus": "affected",
"cpes": [
"cpe:/a:redhat:advanced_cluster_security:3"
]
},
{
"vendor": "Red Hat",
"product": "Red Hat Advanced Cluster Security 3",
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"packageName": "advanced-cluster-security/rhacs-main-rhel8",
"defaultStatus": "affected",
"cpes": [
"cpe:/a:redhat:advanced_cluster_security:3"
]
},
{
"vendor": "Red Hat",
"product": "Red Hat Advanced Cluster Security 3",
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"packageName": "advanced-cluster-security/rhacs-rhel8-operator",
"defaultStatus": "affected",
"cpes": [
"cpe:/a:redhat:advanced_cluster_security:3"
]
},
{
"vendor": "Red Hat",
"product": "Red Hat Advanced Cluster Security 3",
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"packageName": "advanced-cluster-security/rhacs-roxctl-rhel8",
"defaultStatus": "affected",
"cpes": [
"cpe:/a:redhat:advanced_cluster_security:3"
]
},
{
"vendor": "Red Hat",
"product": "Red Hat Advanced Cluster Security 3",
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"packageName": "advanced-cluster-security/rhacs-scanner-db-rhel8",
"defaultStatus": "affected",
"cpes": [
"cpe:/a:redhat:advanced_cluster_security:3"
]
},
{
"vendor": "Red Hat",
"product": "Red Hat Advanced Cluster Security 3",
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"packageName": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8",
"defaultStatus": "affected",
"cpes": [
"cpe:/a:redhat:advanced_cluster_security:3"
]
},
{
"vendor": "Red Hat",
"product": "Red Hat Advanced Cluster Security 3",
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"packageName": "advanced-cluster-security/rhacs-scanner-rhel8",
"defaultStatus": "affected",
"cpes": [
"cpe:/a:redhat:advanced_cluster_security:3"
]
},
{
"vendor": "Red Hat",
"product": "Red Hat Advanced Cluster Security 3",
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"packageName": "advanced-cluster-security/rhacs-scanner-slim-rhel8",
"defaultStatus": "affected",
"cpes": [
"cpe:/a:redhat:advanced_cluster_security:3"
]
},
{
"vendor": "Red Hat",
"product": "Red Hat Ansible Automation Platform 1.2",
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"packageName": "openshift-clients",
"defaultStatus": "unaffected",
"cpes": [
"cpe:/a:redhat:ansible_automation_platform"
]
},
{
"vendor": "Red Hat",
"product": "Red Hat Ansible Automation Platform 2",
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"packageName": "openshift-clients",
"defaultStatus": "unaffected",
"cpes": [
"cpe:/a:redhat:ansible_automation_platform:2"
]
},
{
"vendor": "Red Hat",
"product": "Red Hat Enterprise Linux 7",
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"packageName": "buildah",
"defaultStatus": "unknown",
"cpes": [
"cpe:/o:redhat:enterprise_linux:7"
]
},
{
"vendor": "Red Hat",
"product": "Red Hat Enterprise Linux 7",
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"packageName": "podman",
"defaultStatus": "unknown",
"cpes": [
"cpe:/o:redhat:enterprise_linux:7"
]
},
{
"vendor": "Red Hat",
"product": "Red Hat Enterprise Linux 7",
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"packageName": "skopeo",
"defaultStatus": "unknown",
"cpes": [
"cpe:/o:redhat:enterprise_linux:7"
]
},
{
"vendor": "Red Hat",
"product": "Red Hat Enterprise Linux 8",
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"packageName": "container-tools:4.0/buildah",
"defaultStatus": "unaffected",
"cpes": [
"cpe:/o:redhat:enterprise_linux:8"
]
},
{
"vendor": "Red Hat",
"product": "Red Hat Enterprise Linux 8",
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"packageName": "container-tools:4.0/conmon",
"defaultStatus": "unaffected",
"cpes": [
"cpe:/o:redhat:enterprise_linux:8"
]
},
{
"vendor": "Red Hat",
"product": "Red Hat Enterprise Linux 8",
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"packageName": "container-tools:4.0/containers-common",
"defaultStatus": "unaffected",
"cpes": [
"cpe:/o:redhat:enterprise_linux:8"
]
},
{
"vendor": "Red Hat",
"product": "Red Hat Enterprise Linux 8",
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"packageName": "container-tools:4.0/podman",
"defaultStatus": "affected",
"cpes": [
"cpe:/o:redhat:enterprise_linux:8"
]
},
{
"vendor": "Red Hat",
"product": "Red Hat Enterprise Linux 8",
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"packageName": "container-tools:4.0/skopeo",
"defaultStatus": "unaffected",
"cpes": [
"cpe:/o:redhat:enterprise_linux:8"
]
},
{
"vendor": "Red Hat",
"product": "Red Hat Enterprise Linux 8",
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"packageName": "osbuild-composer",
"defaultStatus": "affected",
"cpes": [
"cpe:/o:redhat:enterprise_linux:8"
]
},
{
"vendor": "Red Hat",
"product": "Red Hat Enterprise Linux 9",
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"packageName": "buildah",
"defaultStatus": "affected",
"cpes": [
"cpe:/o:redhat:enterprise_linux:9"
]
},
{
"vendor": "Red Hat",
"product": "Red Hat Enterprise Linux 9",
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"packageName": "conmon",
"defaultStatus": "unaffected",
"cpes": [
"cpe:/o:redhat:enterprise_linux:9"
]
},
{
"vendor": "Red Hat",
"product": "Red Hat Enterprise Linux 9",
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"packageName": "containers-common",
"defaultStatus": "unaffected",
"cpes": [
"cpe:/o:redhat:enterprise_linux:9"
]
},
{
"vendor": "Red Hat",
"product": "Red Hat Enterprise Linux 9",
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"packageName": "osbuild-composer",
"defaultStatus": "affected",
"cpes": [
"cpe:/o:redhat:enterprise_linux:9"
]
},
{
"vendor": "Red Hat",
"product": "Red Hat Enterprise Linux 9",
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"packageName": "podman",
"defaultStatus": "affected",
"cpes": [
"cpe:/o:redhat:enterprise_linux:9"
]
},
{
"vendor": "Red Hat",
"product": "Red Hat Enterprise Linux 9",
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"packageName": "skopeo",
"defaultStatus": "affected",
"cpes": [
"cpe:/o:redhat:enterprise_linux:9"
]
},
{
"vendor": "Red Hat",
"product": "Red Hat OpenShift Container Platform 3.11",
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"packageName": "atomic-openshift",
"defaultStatus": "unknown",
"cpes": [
"cpe:/a:redhat:openshift:3.11"
]
},
{
"vendor": "Red Hat",
"product": "Red Hat OpenShift Container Platform 3.11",
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"packageName": "podman",
"defaultStatus": "unknown",
"cpes": [
"cpe:/a:redhat:openshift:3.11"
]
},
{
"vendor": "Red Hat",
"product": "Red Hat OpenShift Container Platform 4",
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"packageName": "buildah",
"defaultStatus": "unaffected",
"cpes": [
"cpe:/a:redhat:openshift:4"
]
},
{
"vendor": "Red Hat",
"product": "Red Hat OpenShift Container Platform 4",
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"packageName": "conmon",
"defaultStatus": "unaffected",
"cpes": [
"cpe:/a:redhat:openshift:4"
]
},
{
"vendor": "Red Hat",
"product": "Red Hat OpenShift Container Platform 4",
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"packageName": "containers-common",
"defaultStatus": "unaffected",
"cpes": [
"cpe:/a:redhat:openshift:4"
]
},
{
"vendor": "Red Hat",
"product": "Red Hat OpenShift Container Platform 4",
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"packageName": "openshift4/oc-mirror-plugin-rhel8",
"defaultStatus": "affected",
"cpes": [
"cpe:/a:redhat:openshift:4"
]
},
{
"vendor": "Red Hat",
"product": "Red Hat OpenShift Container Platform 4",
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"packageName": "openshift4/ose-agent-installer-api-server-rhel8",
"defaultStatus": "affected",
"cpes": [
"cpe:/a:redhat:openshift:4"
]
},
{
"vendor": "Red Hat",
"product": "Red Hat OpenShift Container Platform 4",
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"packageName": "openshift4/ose-agent-installer-csr-approver-rhel8",
"defaultStatus": "affected",
"cpes": [
"cpe:/a:redhat:openshift:4"
]
},
{
"vendor": "Red Hat",
"product": "Red Hat OpenShift Container Platform 4",
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"packageName": "openshift4/ose-agent-installer-node-agent-rhel8",
"defaultStatus": "affected",
"cpes": [
"cpe:/a:redhat:openshift:4"
]
},
{
"vendor": "Red Hat",
"product": "Red Hat OpenShift Container Platform 4",
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"packageName": "openshift4/ose-agent-installer-orchestrator-rhel8",
"defaultStatus": "affected",
"cpes": [
"cpe:/a:redhat:openshift:4"
]
},
{
"vendor": "Red Hat",
"product": "Red Hat OpenShift Container Platform 4",
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"packageName": "openshift4/ose-baremetal-installer-rhel7",
"defaultStatus": "unaffected",
"cpes": [
"cpe:/a:redhat:openshift:4"
]
},
{
"vendor": "Red Hat",
"product": "Red Hat OpenShift Container Platform 4",
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"packageName": "openshift4/ose-cli",
"defaultStatus": "affected",
"cpes": [
"cpe:/a:redhat:openshift:4"
]
},
{
"vendor": "Red Hat",
"product": "Red Hat OpenShift Container Platform 4",
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"packageName": "openshift4/ose-cli-artifacts",
"defaultStatus": "affected",
"cpes": [
"cpe:/a:redhat:openshift:4"
]
},
{
"vendor": "Red Hat",
"product": "Red Hat OpenShift Container Platform 4",
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"packageName": "openshift4/ose-deployer",
"defaultStatus": "affected",
"cpes": [
"cpe:/a:redhat:openshift:4"
]
},
{
"vendor": "Red Hat",
"product": "Red Hat OpenShift Container Platform 4",
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"packageName": "openshift4/ose-docker-builder",
"defaultStatus": "affected",
"cpes": [
"cpe:/a:redhat:openshift:4"
]
},
{
"vendor": "Red Hat",
"product": "Red Hat OpenShift Container Platform 4",
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"packageName": "openshift4/ose-installer",
"defaultStatus": "affected",
"cpes": [
"cpe:/a:redhat:openshift:4"
]
},
{
"vendor": "Red Hat",
"product": "Red Hat OpenShift Container Platform 4",
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"packageName": "openshift4/ose-installer-altinfra-rhel8",
"defaultStatus": "unaffected",
"cpes": [
"cpe:/a:redhat:openshift:4"
]
},
{
"vendor": "Red Hat",
"product": "Red Hat OpenShift Container Platform 4",
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"packageName": "openshift4/ose-installer-artifacts",
"defaultStatus": "unaffected",
"cpes": [
"cpe:/a:redhat:openshift:4"
]
},
{
"vendor": "Red Hat",
"product": "Red Hat OpenShift Container Platform 4",
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"packageName": "openshift4/ose-olm-operator-controller-rhel8",
"defaultStatus": "affected",
"cpes": [
"cpe:/a:redhat:openshift:4"
]
},
{
"vendor": "Red Hat",
"product": "Red Hat OpenShift Container Platform 4",
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"packageName": "openshift4/ose-olm-rukpak-rhel8",
"defaultStatus": "affected",
"cpes": [
"cpe:/a:redhat:openshift:4"
]
},
{
"vendor": "Red Hat",
"product": "Red Hat OpenShift Container Platform 4",
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"packageName": "openshift4/ose-openshift-apiserver-rhel7",
"defaultStatus": "unaffected",
"cpes": [
"cpe:/a:redhat:openshift:4"
]
},
{
"vendor": "Red Hat",
"product": "Red Hat OpenShift Container Platform 4",
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"packageName": "openshift4/ose-openshift-proxy-pull-test-rhel8",
"defaultStatus": "unaffected",
"cpes": [
"cpe:/a:redhat:openshift:4"
]
},
{
"vendor": "Red Hat",
"product": "Red Hat OpenShift Container Platform 4",
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"packageName": "openshift4/ose-operator-registry",
"defaultStatus": "affected",
"cpes": [
"cpe:/a:redhat:openshift:4"
]
},
{
"vendor": "Red Hat",
"product": "Red Hat OpenShift Container Platform 4",
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"packageName": "openshift4/ose-tools-rhel8",
"defaultStatus": "affected",
"cpes": [
"cpe:/a:redhat:openshift:4"
]
},
{
"vendor": "Red Hat",
"product": "Red Hat OpenShift Container Platform 4",
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"packageName": "openshift-clients",
"defaultStatus": "affected",
"cpes": [
"cpe:/a:redhat:openshift:4"
]
},
{
"vendor": "Red Hat",
"product": "Red Hat OpenShift Container Platform 4",
"collectionURL": "https://catalog.redhat.com/software/containers/",
"packageName": "ose-installer-terraform-providers-container",
"defaultStatus": "unaffected",
"cpes": [
"cpe:/a:redhat:openshift:4"
]
},
{
"vendor": "Red Hat",
"product": "Red Hat OpenShift Container Platform 4",
"collectionURL": "https://catalog.redhat.com/software/containers/",
"packageName": "ose-openshift-controller-manager-container",
"defaultStatus": "affected",
"cpes": [
"cpe:/a:redhat:openshift:4"
]
},
{
"vendor": "Red Hat",
"product": "Red Hat OpenShift Container Platform Assisted Installer",
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"packageName": "rhai-tech-preview/assisted-installer-agent-rhel8",
"defaultStatus": "affected",
"cpes": [
"cpe:/a:redhat:assisted_installer:"
]
},
{
"vendor": "Red Hat",
"product": "Red Hat OpenShift Container Platform Assisted Installer",
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"packageName": "rhai-tech-preview/assisted-installer-reporter-rhel8",
"defaultStatus": "affected",
"cpes": [
"cpe:/a:redhat:assisted_installer:"
]
},
{
"vendor": "Red Hat",
"product": "Red Hat OpenShift Container Platform Assisted Installer",
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"packageName": "rhai-tech-preview/assisted-installer-rhel8",
"defaultStatus": "affected",
"cpes": [
"cpe:/a:redhat:assisted_installer:"
]
},
{
"vendor": "Red Hat",
"product": "Red Hat OpenShift Dev Spaces",
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"packageName": "devspaces/udi-rhel8",
"defaultStatus": "affected",
"cpes": [
"cpe:/a:redhat:openshift_devspaces:3::el8"
]
},
{
"vendor": "Red Hat",
"product": "Red Hat Openshift sandboxed containers",
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"packageName": "openshift-sandboxed-containers-tech-preview/osc-must-gather-rhel8",
"defaultStatus": "affected",
"cpes": [
"cpe:/a:redhat:openshift_sandboxed_containers:1"
]
},
{
"vendor": "Red Hat",
"product": "Red Hat Openshift sandboxed containers",
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"packageName": "openshift-sandboxed-containers-tech-preview/osc-rhel8-operator",
"defaultStatus": "affected",
"cpes": [
"cpe:/a:redhat:openshift_sandboxed_containers:1"
]
},
{
"vendor": "Red Hat",
"product": "Red Hat OpenShift Virtualization 4",
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"packageName": "container-native-virtualization/virt-cdi-apiserver",
"defaultStatus": "affected",
"cpes": [
"cpe:/a:redhat:container_native_virtualization:4"
]
},
{
"vendor": "Red Hat",
"product": "Red Hat OpenShift Virtualization 4",
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"packageName": "container-native-virtualization/virt-cdi-apiserver-rhel9",
"defaultStatus": "affected",
"cpes": [
"cpe:/a:redhat:container_native_virtualization:4"
]
},
{
"vendor": "Red Hat",
"product": "Red Hat OpenShift Virtualization 4",
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"packageName": "container-native-virtualization/virt-cdi-cloner",
"defaultStatus": "affected",
"cpes": [
"cpe:/a:redhat:container_native_virtualization:4"
]
},
{
"vendor": "Red Hat",
"product": "Red Hat OpenShift Virtualization 4",
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"packageName": "container-native-virtualization/virt-cdi-cloner-rhel9",
"defaultStatus": "affected",
"cpes": [
"cpe:/a:redhat:container_native_virtualization:4"
]
},
{
"vendor": "Red Hat",
"product": "Red Hat OpenShift Virtualization 4",
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"packageName": "container-native-virtualization/virt-cdi-controller",
"defaultStatus": "affected",
"cpes": [
"cpe:/a:redhat:container_native_virtualization:4"
]
},
{
"vendor": "Red Hat",
"product": "Red Hat OpenShift Virtualization 4",
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"packageName": "container-native-virtualization/virt-cdi-importer",
"defaultStatus": "affected",
"cpes": [
"cpe:/a:redhat:container_native_virtualization:4"
]
},
{
"vendor": "Red Hat",
"product": "Red Hat OpenShift Virtualization 4",
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"packageName": "container-native-virtualization/virt-cdi-importer-rhel9",
"defaultStatus": "affected",
"cpes": [
"cpe:/a:redhat:container_native_virtualization:4"
]
},
{
"vendor": "Red Hat",
"product": "Red Hat OpenShift Virtualization 4",
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"packageName": "container-native-virtualization/virt-cdi-operator",
"defaultStatus": "affected",
"cpes": [
"cpe:/a:redhat:container_native_virtualization:4"
]
},
{
"vendor": "Red Hat",
"product": "Red Hat OpenShift Virtualization 4",
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"packageName": "container-native-virtualization/virt-cdi-operator-rhel9",
"defaultStatus": "affected",
"cpes": [
"cpe:/a:redhat:container_native_virtualization:4"
]
},
{
"vendor": "Red Hat",
"product": "Red Hat OpenShift Virtualization 4",
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"packageName": "container-native-virtualization/virt-cdi-uploadproxy",
"defaultStatus": "affected",
"cpes": [
"cpe:/a:redhat:container_native_virtualization:4"
]
},
{
"vendor": "Red Hat",
"product": "Red Hat OpenShift Virtualization 4",
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"packageName": "container-native-virtualization/virt-cdi-uploadproxy-rhel9",
"defaultStatus": "affected",
"cpes": [
"cpe:/a:redhat:container_native_virtualization:4"
]
},
{
"vendor": "Red Hat",
"product": "Red Hat OpenShift Virtualization 4",
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"packageName": "container-native-virtualization/virt-cdi-uploadserver",
"defaultStatus": "affected",
"cpes": [
"cpe:/a:redhat:container_native_virtualization:4"
]
},
{
"vendor": "Red Hat",
"product": "Red Hat OpenShift Virtualization 4",
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"packageName": "container-native-virtualization/virt-cdi-uploadserver-rhel9",
"defaultStatus": "affected",
"cpes": [
"cpe:/a:redhat:container_native_virtualization:4"
]
},
{
"vendor": "Red Hat",
"product": "Red Hat OpenStack Platform 16.2",
"collectionURL": "https://catalog.redhat.com/software/containers/",
"packageName": "osp-director-provisioner-container",
"defaultStatus": "affected",
"cpes": [
"cpe:/a:redhat:openstack:16.2"
]
},
{
"vendor": "Red Hat",
"product": "Red Hat Quay 3",
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"packageName": "quay/quay-builder-rhel8",
"defaultStatus": "affected",
"cpes": [
"cpe:/a:redhat:quay:3"
]
}
]
access.redhat.com/errata/RHSA-2024:0045
access.redhat.com/errata/RHSA-2024:4159
access.redhat.com/errata/RHSA-2024:4613
access.redhat.com/errata/RHSA-2024:4850
access.redhat.com/errata/RHSA-2024:4960
access.redhat.com/errata/RHSA-2024:5258
access.redhat.com/errata/RHSA-2024:5951
access.redhat.com/errata/RHSA-2024:6054
access.redhat.com/errata/RHSA-2024:6708
access.redhat.com/errata/RHSA-2024:6824
access.redhat.com/errata/RHSA-2024:7164
access.redhat.com/security/cve/CVE-2024-3727
bugzilla.redhat.com/show_bug.cgi?id=2274767
More
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H
AI Score
Confidence
Low
EPSS
Percentile
17.8%