CVE-2022-30630 - Vulnerability Details

Uncontrolled recursion in Glob in io/fs before Go 1.17.12 and Go 1.18.4 allows an attacker to cause a panic due to stack exhaustion via a path which contains a large number of path separators.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Golang	Go
Redhat	Acm Application Interconnect Ceph Storage Container Native Virtualization Devtools Enterprise Linux Multicluster Engine Openshift Api Data Protection Openshift Custom Metrics Autoscaler Openshift Secondary Scheduler Openstack Rhmt Serverless Service Mesh Stf Workload Availability Nmo

Configuration 1 [-]

OR	cpe:2.3:a:golang:go::::::::
	cpe:2.3:a:golang:go::::::::

Package	CPE	Advisory	Released Date
Application Interconnect 1 for RHEL 8
skupper-cli-0:1.0.2-2.el8	cpe:/a:redhat:application_interconnect:1::el8	RHSA-2022:6113	2022-08-18T00:00:00Z
Multicluster Engine for Kubernetes
multicluster-engine-agent-service-container	cpe:/a:redhat:multicluster_engine:2.1::el8	RHSA-2022:6345	2022-09-06T00:00:00Z
multicluster-engine-apiserver-network-proxy-container	cpe:/a:redhat:multicluster_engine:2.1::el8	RHSA-2022:6345	2022-09-06T00:00:00Z
multicluster-engine-assisted-image-service-container	cpe:/a:redhat:multicluster_engine:2.1::el8	RHSA-2022:6345	2022-09-06T00:00:00Z
multicluster-engine-assisted-installer-agent-container	cpe:/a:redhat:multicluster_engine:2.1::el8	RHSA-2022:6345	2022-09-06T00:00:00Z
multicluster-engine-assisted-installer-container	cpe:/a:redhat:multicluster_engine:2.1::el8	RHSA-2022:6345	2022-09-06T00:00:00Z
multicluster-engine-assisted-installer-reporter-container	cpe:/a:redhat:multicluster_engine:2.1::el8	RHSA-2022:6345	2022-09-06T00:00:00Z
multicluster-engine-aws-encryption-provider-container	cpe:/a:redhat:multicluster_engine:2.1::el8	RHSA-2022:6345	2022-09-06T00:00:00Z
multicluster-engine-cluster-api-container	cpe:/a:redhat:multicluster_engine:2.1::el8	RHSA-2022:6345	2022-09-06T00:00:00Z
multicluster-engine-cluster-api-provider-agent-container	cpe:/a:redhat:multicluster_engine:2.1::el8	RHSA-2022:6345	2022-09-06T00:00:00Z
multicluster-engine-cluster-api-provider-aws-container	cpe:/a:redhat:multicluster_engine:2.1::el8	RHSA-2022:6345	2022-09-06T00:00:00Z
multicluster-engine-cluster-api-provider-azure-container	cpe:/a:redhat:multicluster_engine:2.1::el8	RHSA-2022:6345	2022-09-06T00:00:00Z
multicluster-engine-cluster-api-provider-kubevirt-container	cpe:/a:redhat:multicluster_engine:2.1::el8	RHSA-2022:6345	2022-09-06T00:00:00Z
multicluster-engine-clusterclaims-controller-container	cpe:/a:redhat:multicluster_engine:2.1::el8	RHSA-2022:6345	2022-09-06T00:00:00Z
multicluster-engine-cluster-curator-controller-container	cpe:/a:redhat:multicluster_engine:2.1::el8	RHSA-2022:6345	2022-09-06T00:00:00Z
multicluster-engine-clusterlifecycle-state-metrics-container	cpe:/a:redhat:multicluster_engine:2.1::el8	RHSA-2022:6345	2022-09-06T00:00:00Z
multicluster-engine-cluster-proxy-addon-container	cpe:/a:redhat:multicluster_engine:2.1::el8	RHSA-2022:6345	2022-09-06T00:00:00Z
multicluster-engine-cluster-proxy-container	cpe:/a:redhat:multicluster_engine:2.1::el8	RHSA-2022:6345	2022-09-06T00:00:00Z
multicluster-engine-console-mce-container	cpe:/a:redhat:multicluster_engine:2.1::el8	RHSA-2022:6345	2022-09-06T00:00:00Z
multicluster-engine-discovery-operator-container	cpe:/a:redhat:multicluster_engine:2.1::el8	RHSA-2022:6345	2022-09-06T00:00:00Z
multicluster-engine-hive-container	cpe:/a:redhat:multicluster_engine:2.1::el8	RHSA-2022:6345	2022-09-06T00:00:00Z
multicluster-engine-hypershift-addon-operator-container	cpe:/a:redhat:multicluster_engine:2.1::el8	RHSA-2022:6345	2022-09-06T00:00:00Z
multicluster-engine-hypershift-deployment-controller-container	cpe:/a:redhat:multicluster_engine:2.1::el8	RHSA-2022:6345	2022-09-06T00:00:00Z
multicluster-engine-hypershift-operator-container	cpe:/a:redhat:multicluster_engine:2.1::el8	RHSA-2022:6345	2022-09-06T00:00:00Z
multicluster-engine-klusterlet-operator-bundle-container	cpe:/a:redhat:multicluster_engine:2.1::el8	RHSA-2022:6345	2022-09-06T00:00:00Z
multicluster-engine-managedcluster-import-controller-container	cpe:/a:redhat:multicluster_engine:2.1::el8	RHSA-2022:6345	2022-09-06T00:00:00Z
multicluster-engine-managed-serviceaccount-container	cpe:/a:redhat:multicluster_engine:2.1::el8	RHSA-2022:6345	2022-09-06T00:00:00Z
multicluster-engine-multicloud-manager-container	cpe:/a:redhat:multicluster_engine:2.1::el8	RHSA-2022:6345	2022-09-06T00:00:00Z
multicluster-engine-must-gather-container	cpe:/a:redhat:multicluster_engine:2.1::el8	RHSA-2022:6345	2022-09-06T00:00:00Z
multicluster-engine-operator-bundle-container	cpe:/a:redhat:multicluster_engine:2.1::el8	RHSA-2022:6345	2022-09-06T00:00:00Z
multicluster-engine-operator-container	cpe:/a:redhat:multicluster_engine:2.1::el8	RHSA-2022:6345	2022-09-06T00:00:00Z
multicluster-engine-placement-container	cpe:/a:redhat:multicluster_engine:2.1::el8	RHSA-2022:6345	2022-09-06T00:00:00Z
multicluster-engine-provider-credential-controller-container	cpe:/a:redhat:multicluster_engine:2.1::el8	RHSA-2022:6345	2022-09-06T00:00:00Z
multicluster-engine-registration-container	cpe:/a:redhat:multicluster_engine:2.1::el8	RHSA-2022:6345	2022-09-06T00:00:00Z
multicluster-engine-registration-operator-container	cpe:/a:redhat:multicluster_engine:2.1::el8	RHSA-2022:6345	2022-09-06T00:00:00Z
multicluster-engine-work-container	cpe:/a:redhat:multicluster_engine:2.1::el8	RHSA-2022:6345	2022-09-06T00:00:00Z
Node Maintenance Operator 4.11 for RHEL 8
workload-availability/node-maintenance-rhel8-operator:v4.11.1-1	cpe:/a:redhat:workload_availability_nmo:4.11::el8	RHSA-2022:6188	2022-08-25T00:00:00Z
OADP-1.0-RHEL-8
oadp/oadp-velero-rhel8:1.0.4-6	cpe:/a:redhat:openshift_api_data_protection:1.0::el8	RHSA-2022:6430	2022-09-13T00:00:00Z
OpenShift Custom Metrics Autoscaler 2
custom-metrics-autoscaler-tech-preview/custom-metrics-autoscaler-rhel8:2.8.2-143	cpe:/a:redhat:openshift_custom_metrics_autoscaler:2.0::el8	RHSA-2023:1042	2023-03-06T00:00:00Z
Openshift Serveless 1.24
openshift-serverless-1/client-kn-rhel8:1.3.1-4	cpe:/a:redhat:serverless:1.24::el8	RHSA-2022:6040	2022-08-10T00:00:00Z
openshift-serverless-1/eventing-apiserver-receive-adapter-rhel8:1.3.2-3	cpe:/a:redhat:serverless:1.24::el8	RHSA-2022:6040	2022-08-10T00:00:00Z
openshift-serverless-1/eventing-controller-rhel8:1.3.2-3	cpe:/a:redhat:serverless:1.24::el8	RHSA-2022:6040	2022-08-10T00:00:00Z
openshift-serverless-1/eventing-in-memory-channel-controller-rhel8:1.3.2-3	cpe:/a:redhat:serverless:1.24::el8	RHSA-2022:6040	2022-08-10T00:00:00Z
openshift-serverless-1/eventing-in-memory-channel-dispatcher-rhel8:1.3.2-3	cpe:/a:redhat:serverless:1.24::el8	RHSA-2022:6040	2022-08-10T00:00:00Z
openshift-serverless-1/eventing-kafka-broker-controller-rhel8:1.3.2-2	cpe:/a:redhat:serverless:1.24::el8	RHSA-2022:6040	2022-08-10T00:00:00Z
openshift-serverless-1/eventing-kafka-broker-dispatcher-rhel8:1.3.2-2	cpe:/a:redhat:serverless:1.24::el8	RHSA-2022:6040	2022-08-10T00:00:00Z
openshift-serverless-1/eventing-kafka-broker-post-install-rhel8:1.3.2-2	cpe:/a:redhat:serverless:1.24::el8	RHSA-2022:6040	2022-08-10T00:00:00Z
openshift-serverless-1/eventing-kafka-broker-webhook-rhel8:1.3.2-2	cpe:/a:redhat:serverless:1.24::el8	RHSA-2022:6040	2022-08-10T00:00:00Z
openshift-serverless-1/eventing-mtbroker-filter-rhel8:1.3.2-3	cpe:/a:redhat:serverless:1.24::el8	RHSA-2022:6040	2022-08-10T00:00:00Z
openshift-serverless-1/eventing-mtbroker-ingress-rhel8:1.3.2-3	cpe:/a:redhat:serverless:1.24::el8	RHSA-2022:6040	2022-08-10T00:00:00Z
openshift-serverless-1/eventing-mtchannel-broker-rhel8:1.3.2-3	cpe:/a:redhat:serverless:1.24::el8	RHSA-2022:6040	2022-08-10T00:00:00Z
openshift-serverless-1/eventing-mtping-rhel8:1.3.2-3	cpe:/a:redhat:serverless:1.24::el8	RHSA-2022:6040	2022-08-10T00:00:00Z
openshift-serverless-1/eventing-storage-version-migration-rhel8:1.3.2-3	cpe:/a:redhat:serverless:1.24::el8	RHSA-2022:6040	2022-08-10T00:00:00Z
openshift-serverless-1/eventing-sugar-controller-rhel8:1.3.2-3	cpe:/a:redhat:serverless:1.24::el8	RHSA-2022:6040	2022-08-10T00:00:00Z
openshift-serverless-1/eventing-webhook-rhel8:1.3.2-3	cpe:/a:redhat:serverless:1.24::el8	RHSA-2022:6040	2022-08-10T00:00:00Z
openshift-serverless-1/ingress-rhel8-operator:1.24.0-3	cpe:/a:redhat:serverless:1.24::el8	RHSA-2022:6040	2022-08-10T00:00:00Z
openshift-serverless-1/knative-rhel8-operator:1.24.0-3	cpe:/a:redhat:serverless:1.24::el8	RHSA-2022:6040	2022-08-10T00:00:00Z
openshift-serverless-1/kn-cli-artifacts-rhel8:1.3.1-3	cpe:/a:redhat:serverless:1.24::el8	RHSA-2022:6040	2022-08-10T00:00:00Z
openshift-serverless-1/kourier-control-rhel8:1.3.0-2	cpe:/a:redhat:serverless:1.24::el8	RHSA-2022:6040	2022-08-10T00:00:00Z
openshift-serverless-1/net-istio-controller-rhel8:1.3.0-2	cpe:/a:redhat:serverless:1.24::el8	RHSA-2022:6040	2022-08-10T00:00:00Z
openshift-serverless-1/net-istio-webhook-rhel8:1.3.0-2	cpe:/a:redhat:serverless:1.24::el8	RHSA-2022:6040	2022-08-10T00:00:00Z
openshift-serverless-1/serverless-operator-bundle:1.24.0-3	cpe:/a:redhat:serverless:1.24::el8	RHSA-2022:6040	2022-08-10T00:00:00Z
openshift-serverless-1/serverless-rhel8-operator:1.24.0-3	cpe:/a:redhat:serverless:1.24::el8	RHSA-2022:6040	2022-08-10T00:00:00Z
openshift-serverless-1/serving-activator-rhel8:1.3.0-3	cpe:/a:redhat:serverless:1.24::el8	RHSA-2022:6040	2022-08-10T00:00:00Z
openshift-serverless-1/serving-autoscaler-hpa-rhel8:1.3.0-3	cpe:/a:redhat:serverless:1.24::el8	RHSA-2022:6040	2022-08-10T00:00:00Z
openshift-serverless-1/serving-autoscaler-rhel8:1.3.0-3	cpe:/a:redhat:serverless:1.24::el8	RHSA-2022:6040	2022-08-10T00:00:00Z
openshift-serverless-1/serving-controller-rhel8:1.3.0-3	cpe:/a:redhat:serverless:1.24::el8	RHSA-2022:6040	2022-08-10T00:00:00Z
openshift-serverless-1/serving-domain-mapping-rhel8:1.3.0-3	cpe:/a:redhat:serverless:1.24::el8	RHSA-2022:6040	2022-08-10T00:00:00Z
openshift-serverless-1/serving-domain-mapping-webhook-rhel8:1.3.0-3	cpe:/a:redhat:serverless:1.24::el8	RHSA-2022:6040	2022-08-10T00:00:00Z
openshift-serverless-1/serving-queue-rhel8:1.3.0-3	cpe:/a:redhat:serverless:1.24::el8	RHSA-2022:6040	2022-08-10T00:00:00Z
openshift-serverless-1/serving-storage-version-migration-rhel8:1.3.0-3	cpe:/a:redhat:serverless:1.24::el8	RHSA-2022:6040	2022-08-10T00:00:00Z
openshift-serverless-1/serving-webhook-rhel8:1.3.0-3	cpe:/a:redhat:serverless:1.24::el8	RHSA-2022:6040	2022-08-10T00:00:00Z
openshift-serverless-1/svls-must-gather-rhel8:1.24.0-2	cpe:/a:redhat:serverless:1.24::el8	RHSA-2022:6040	2022-08-10T00:00:00Z
openshift-serverless-1-tech-preview/eventing-kafka-broker-controller-rhel8:1.3.2-2	cpe:/a:redhat:serverless:1.24::el8	RHSA-2022:6040	2022-08-10T00:00:00Z
openshift-serverless-1-tech-preview/eventing-kafka-broker-dispatcher-rhel8:1.3.2-2	cpe:/a:redhat:serverless:1.24::el8	RHSA-2022:6040	2022-08-10T00:00:00Z
openshift-serverless-1-tech-preview/eventing-kafka-broker-receiver-rhel8:1.3.2-2	cpe:/a:redhat:serverless:1.24::el8	RHSA-2022:6040	2022-08-10T00:00:00Z
openshift-serverless-1-tech-preview/eventing-kafka-broker-webhook-rhel8:1.3.2-2	cpe:/a:redhat:serverless:1.24::el8	RHSA-2022:6040	2022-08-10T00:00:00Z
Openshift Serverless 1 on RHEL 8
openshift-serverless-clients-0:1.3.1-4.el8	cpe:/a:redhat:serverless:1.0::el8	RHSA-2022:6042	2022-08-10T00:00:00Z
OSSO-1.1-RHEL-8
openshift-secondary-scheduler-operator/secondary-scheduler-operator-rhel8:v1.1-11	cpe:/a:redhat:openshift_secondary_scheduler:1.1::el8	RHSA-2022:6152	2022-09-01T00:00:00Z
Red Hat Advanced Cluster Management for Kubernetes 2
gatekeeper-container	cpe:/a:redhat:acm:2.5::el8	RHSA-2022:6348	2022-09-06T00:00:00Z
gatekeeper-operator-bundle-container	cpe:/a:redhat:acm:2.5::el8	RHSA-2022:6348	2022-09-06T00:00:00Z
gatekeeper-operator-container	cpe:/a:redhat:acm:2.5::el8	RHSA-2022:6348	2022-09-06T00:00:00Z
lighthouse-agent-container	cpe:/a:redhat:acm:2.6::el8	RHSA-2022:6346	2022-09-06T00:00:00Z
lighthouse-coredns-container	cpe:/a:redhat:acm:2.6::el8	RHSA-2022:6346	2022-09-06T00:00:00Z
nettest-container	cpe:/a:redhat:acm:2.6::el8	RHSA-2022:6346	2022-09-06T00:00:00Z
subctl-container	cpe:/a:redhat:acm:2.6::el8	RHSA-2022:6346	2022-09-06T00:00:00Z
submariner-gateway-container	cpe:/a:redhat:acm:2.6::el8	RHSA-2022:6346	2022-09-06T00:00:00Z
submariner-globalnet-container	cpe:/a:redhat:acm:2.6::el8	RHSA-2022:6346	2022-09-06T00:00:00Z
submariner-networkplugin-syncer-container	cpe:/a:redhat:acm:2.6::el8	RHSA-2022:6346	2022-09-06T00:00:00Z
submariner-operator-bundle-container	cpe:/a:redhat:acm:2.6::el8	RHSA-2022:6346	2022-09-06T00:00:00Z
submariner-operator-container	cpe:/a:redhat:acm:2.6::el8	RHSA-2022:6346	2022-09-06T00:00:00Z
submariner-route-agent-container	cpe:/a:redhat:acm:2.6::el8	RHSA-2022:6346	2022-09-06T00:00:00Z
volsync-container	cpe:/a:redhat:acm:2.6::el8	RHSA-2022:6347	2022-09-06T00:00:00Z
volsync-mover-rclone-container	cpe:/a:redhat:acm:2.6::el8	RHSA-2022:6347	2022-09-06T00:00:00Z
volsync-mover-restic-container	cpe:/a:redhat:acm:2.6::el8	RHSA-2022:6347	2022-09-06T00:00:00Z
volsync-mover-rsync-container	cpe:/a:redhat:acm:2.6::el8	RHSA-2022:6347	2022-09-06T00:00:00Z
volsync-mover-syncthing-container	cpe:/a:redhat:acm:2.6::el8	RHSA-2022:6347	2022-09-06T00:00:00Z
volsync-operator-bundle-container	cpe:/a:redhat:acm:2.6::el8	RHSA-2022:6347	2022-09-06T00:00:00Z
acm-governance-policy-addon-controller-container	cpe:/a:redhat:acm:2.6::el8	RHSA-2022:6370	2022-09-06T00:00:00Z
acm-grafana-container	cpe:/a:redhat:acm:2.6::el8	RHSA-2022:6370	2022-09-06T00:00:00Z
acm-must-gather-container	cpe:/a:redhat:acm:2.6::el8	RHSA-2022:6370	2022-09-06T00:00:00Z
acm-operator-bundle-container	cpe:/a:redhat:acm:2.6::el8	RHSA-2022:6370	2022-09-06T00:00:00Z
acm-prometheus-config-reloader-container	cpe:/a:redhat:acm:2.6::el8	RHSA-2022:6370	2022-09-06T00:00:00Z
acm-prometheus-operator-container	cpe:/a:redhat:acm:2.6::el8	RHSA-2022:6370	2022-09-06T00:00:00Z
acm-volsync-addon-controller-container	cpe:/a:redhat:acm:2.6::el8	RHSA-2022:6370	2022-09-06T00:00:00Z
cert-policy-controller-container	cpe:/a:redhat:acm:2.6::el8	RHSA-2022:6370	2022-09-06T00:00:00Z
cluster-backup-operator-container	cpe:/a:redhat:acm:2.6::el8	RHSA-2022:6370	2022-09-06T00:00:00Z
config-policy-controller-container	cpe:/a:redhat:acm:2.6::el8	RHSA-2022:6370	2022-09-06T00:00:00Z
console-container	cpe:/a:redhat:acm:2.6::el8	RHSA-2022:6370	2022-09-06T00:00:00Z
endpoint-monitoring-operator-container	cpe:/a:redhat:acm:2.6::el8	RHSA-2022:6370	2022-09-06T00:00:00Z
governance-policy-propagator-container	cpe:/a:redhat:acm:2.6::el8	RHSA-2022:6370	2022-09-06T00:00:00Z
governance-policy-spec-sync-container	cpe:/a:redhat:acm:2.6::el8	RHSA-2022:6370	2022-09-06T00:00:00Z
governance-policy-status-sync-container	cpe:/a:redhat:acm:2.6::el8	RHSA-2022:6370	2022-09-06T00:00:00Z
governance-policy-template-sync-container	cpe:/a:redhat:acm:2.6::el8	RHSA-2022:6370	2022-09-06T00:00:00Z
grafana-dashboard-loader-container	cpe:/a:redhat:acm:2.6::el8	RHSA-2022:6370	2022-09-06T00:00:00Z
iam-policy-controller-container	cpe:/a:redhat:acm:2.6::el8	RHSA-2022:6370	2022-09-06T00:00:00Z
insights-client-container	cpe:/a:redhat:acm:2.6::el8	RHSA-2022:6370	2022-09-06T00:00:00Z
insights-metrics-container	cpe:/a:redhat:acm:2.6::el8	RHSA-2022:6370	2022-09-06T00:00:00Z
klusterlet-addon-controller-container	cpe:/a:redhat:acm:2.6::el8	RHSA-2022:6370	2022-09-06T00:00:00Z
kube-rbac-proxy-container	cpe:/a:redhat:acm:2.6::el8	RHSA-2022:6370	2022-09-06T00:00:00Z
kube-state-metrics-container	cpe:/a:redhat:acm:2.6::el8	RHSA-2022:6370	2022-09-06T00:00:00Z
management-ingress-container	cpe:/a:redhat:acm:2.6::el8	RHSA-2022:6370	2022-09-06T00:00:00Z
memcached-container	cpe:/a:redhat:acm:2.6::el8	RHSA-2022:6370	2022-09-06T00:00:00Z
memcached-exporter-container	cpe:/a:redhat:acm:2.6::el8	RHSA-2022:6370	2022-09-06T00:00:00Z
metrics-collector-container	cpe:/a:redhat:acm:2.6::el8	RHSA-2022:6370	2022-09-06T00:00:00Z
multicloud-integrations-container	cpe:/a:redhat:acm:2.6::el8	RHSA-2022:6370	2022-09-06T00:00:00Z
multiclusterhub-operator-container	cpe:/a:redhat:acm:2.6::el8	RHSA-2022:6370	2022-09-06T00:00:00Z
multiclusterhub-repo-container	cpe:/a:redhat:acm:2.6::el8	RHSA-2022:6370	2022-09-06T00:00:00Z
multicluster-observability-operator-container	cpe:/a:redhat:acm:2.6::el8	RHSA-2022:6370	2022-09-06T00:00:00Z
multicluster-operators-application-container	cpe:/a:redhat:acm:2.6::el8	RHSA-2022:6370	2022-09-06T00:00:00Z
multicluster-operators-channel-container	cpe:/a:redhat:acm:2.6::el8	RHSA-2022:6370	2022-09-06T00:00:00Z
multicluster-operators-subscription-operator-container	cpe:/a:redhat:acm:2.6::el8	RHSA-2022:6370	2022-09-06T00:00:00Z
node-exporter-container	cpe:/a:redhat:acm:2.6::el8	RHSA-2022:6370	2022-09-06T00:00:00Z
observatorium-container	cpe:/a:redhat:acm:2.6::el8	RHSA-2022:6370	2022-09-06T00:00:00Z
observatorium-operator-container	cpe:/a:redhat:acm:2.6::el8	RHSA-2022:6370	2022-09-06T00:00:00Z
prometheus-alertmanager-container	cpe:/a:redhat:acm:2.6::el8	RHSA-2022:6370	2022-09-06T00:00:00Z
prometheus-container	cpe:/a:redhat:acm:2.6::el8	RHSA-2022:6370	2022-09-06T00:00:00Z
rbac-query-proxy-container	cpe:/a:redhat:acm:2.6::el8	RHSA-2022:6370	2022-09-06T00:00:00Z
redisgraph-tls-container	cpe:/a:redhat:acm:2.6::el8	RHSA-2022:6370	2022-09-06T00:00:00Z
search-aggregator-container	cpe:/a:redhat:acm:2.6::el8	RHSA-2022:6370	2022-09-06T00:00:00Z
search-api-container	cpe:/a:redhat:acm:2.6::el8	RHSA-2022:6370	2022-09-06T00:00:00Z
search-collector-container	cpe:/a:redhat:acm:2.6::el8	RHSA-2022:6370	2022-09-06T00:00:00Z
search-operator-container	cpe:/a:redhat:acm:2.6::el8	RHSA-2022:6370	2022-09-06T00:00:00Z
submariner-addon-container	cpe:/a:redhat:acm:2.6::el8	RHSA-2022:6370	2022-09-06T00:00:00Z
thanos-container	cpe:/a:redhat:acm:2.6::el8	RHSA-2022:6370	2022-09-06T00:00:00Z
thanos-receive-controller-container	cpe:/a:redhat:acm:2.6::el8	RHSA-2022:6370	2022-09-06T00:00:00Z
Red Hat Ceph Storage 6.1
rhceph/rhceph-6-dashboard-rhel9:6-75	cpe:/a:redhat:ceph_storage:6.1::el9	RHSA-2023:3642	2023-06-15T00:00:00Z
Red Hat Developer Tools
go-toolset-1.17-golang-0:1.17.12-1.el7_9	cpe:/a:redhat:devtools:2022	RHSA-2022:5866	2022-08-02T00:00:00Z
Red Hat Enterprise Linux 8
go-toolset:rhel8-8060020220720230014.97d7f71f	cpe:/a:redhat:enterprise_linux:8	RHSA-2022:5775	2022-08-01T00:00:00Z
git-lfs-0:2.13.3-3.el8_6	cpe:/a:redhat:enterprise_linux:8	RHSA-2022:7129	2022-10-25T00:00:00Z
grafana-0:7.5.15-3.el8	cpe:/a:redhat:enterprise_linux:8	RHSA-2022:7519	2022-11-08T00:00:00Z
container-tools:3.0-8070020220802115906.39077419	cpe:/a:redhat:enterprise_linux:8	RHSA-2022:7529	2022-11-08T00:00:00Z
grafana-pcp-0:3.2.0-2.el8	cpe:/a:redhat:enterprise_linux:8	RHSA-2022:7648	2022-11-08T00:00:00Z
container-tools:rhel8-8080020230321153727.0f77c1b7	cpe:/a:redhat:enterprise_linux:8	RHSA-2023:2758	2023-05-16T00:00:00Z
container-tools:4.0-8080020230217080101.8108cfbc	cpe:/a:redhat:enterprise_linux:8	RHSA-2023:2802	2023-05-16T00:00:00Z
Red Hat Enterprise Linux 9
golang-0:1.17.12-1.el9_0	cpe:/a:redhat:enterprise_linux:9	RHSA-2022:5799	2022-08-01T00:00:00Z
grafana-0:7.5.15-3.el9	cpe:/a:redhat:enterprise_linux:9	RHSA-2022:8057	2022-11-15T00:00:00Z
toolbox-0:0.0.99.3-5.el9	cpe:/a:redhat:enterprise_linux:9	RHSA-2022:8098	2022-11-15T00:00:00Z
grafana-pcp-0:3.2.0-3.el9	cpe:/a:redhat:enterprise_linux:9	RHSA-2022:8250	2022-11-15T00:00:00Z
git-lfs-0:3.2.0-1.el9	cpe:/a:redhat:enterprise_linux:9	RHSA-2023:2357	2023-05-09T00:00:00Z
runc-4:1.1.12-2.el9	cpe:/a:redhat:enterprise_linux:9	RHSA-2024:2180	2024-04-30T00:00:00Z
Red Hat Migration Toolkit for Containers 1.7
rhmtc/openshift-velero-plugin-rhel8:v1.7.6-5	cpe:/a:redhat:rhmt:1.7::el8	RHSA-2022:9047	2022-12-15T00:00:00Z
Red Hat OpenShift Service Mesh 2.2 for RHEL 8
openshift-service-mesh/istio-cni-rhel8:2.2.2-7	cpe:/a:redhat:service_mesh:2.2::el8	RHSA-2022:6283	2022-08-31T00:00:00Z
openshift-service-mesh/istio-rhel8-operator:2.2.2-8	cpe:/a:redhat:service_mesh:2.2::el8	RHSA-2022:6283	2022-08-31T00:00:00Z
openshift-service-mesh/pilot-rhel8:2.2.2-7	cpe:/a:redhat:service_mesh:2.2::el8	RHSA-2022:6283	2022-08-31T00:00:00Z
openshift-service-mesh/prometheus-rhel8:2.2.2-4	cpe:/a:redhat:service_mesh:2.2::el8	RHSA-2022:6283	2022-08-31T00:00:00Z
openshift-service-mesh/proxyv2-rhel8:2.2.2-8	cpe:/a:redhat:service_mesh:2.2::el8	RHSA-2022:6283	2022-08-31T00:00:00Z
openshift-service-mesh/ratelimit-rhel8:2.2.2-4	cpe:/a:redhat:service_mesh:2.2::el8	RHSA-2022:6283	2022-08-31T00:00:00Z
Red Hat OpenStack Platform 16.1
etcd-0:3.3.23-12.el8ost	cpe:/a:redhat:openstack:16.1::el8	RHSA-2023:1275	2023-03-15T00:00:00Z
Red Hat OpenStack Platform 16.2
etcd-0:3.3.23-12.el8ost	cpe:/a:redhat:openstack:16.2::el8	RHSA-2023:1275	2023-03-15T00:00:00Z
RHEL-7-CNV-4.12
kubevirt-0:4.12.0-1057.el7	cpe:/a:redhat:container_native_virtualization:4.12::el7	RHSA-2023:0407	2023-01-24T00:00:00Z
RHEL-8-CNV-4.12
kubevirt-0:4.12.0-1057.el8	cpe:/a:redhat:container_native_virtualization:4.12::el8	RHSA-2023:0407	2023-01-24T00:00:00Z
container-native-virtualization/virt-api:v4.12.0-255	cpe:/a:redhat:container_native_virtualization:4.12::el8	RHSA-2023:0408	2023-01-25T00:00:00Z
STF-1.5-RHEL-8
stf/sg-core-rhel8:5.1.1-2	cpe:/a:redhat:stf:1.5::el8	RHSA-2023:1529	2023-03-30T00:00:00Z

References

Link	Providers
https://go.dev/cl/417065
https://go.dev/issue/53415
https://go.googlesource.com/go/+/fa2d41d0ca736f3ad6b200b2a4e134364e9acc59
https://groups.google.com/g/golang-announce/c/nqrv9fbR0zE
https://nvd.nist.gov/vuln/detail/CVE-2022-30630
https://pkg.go.dev/vuln/GO-2022-0527
https://www.cve.org/CVERecord?id=CVE-2022-30630

History

Wed, 16 Jul 2025 13:45:00 +0000

Type	Values Removed	Values Added
Metrics	epss `{'score': 0.00029}`	epss `{'score': 0.00025}`

Tue, 17 Jun 2025 15:45:00 +0000

Type	Values Removed	Values Added
First Time appeared		Redhat stf
CPEs	~~cpe:/a:redhat:service_telemetry_framework:1.5::el8~~	cpe:/a:redhat:stf:1.5::el8
Vendors & Products	Redhat service Telemetry Framework	Redhat stf

Thu, 13 Feb 2025 00:15:00 +0000

Type	Values Removed	Values Added
First Time appeared		Redhat workload Availability Nmo
CPEs	~~cpe:/a:redhat:workload_availability_node_maintenance:4.11::el8~~	cpe:/a:redhat:workload_availability_nmo:4.11::el8
Vendors & Products	Redhat workload Availability Node Maintenance	Redhat workload Availability Nmo

Sun, 08 Sep 2024 18:45:00 +0000

Type	Values Removed	Values Added
First Time appeared		Redhat acm Redhat multicluster Engine
CPEs		cpe:/a:redhat:acm:2.5::el8 cpe:/a:redhat:acm:2.6::el8 cpe:/a:redhat:multicluster_engine:2.1::el8
Vendors & Products		Redhat acm Redhat multicluster Engine

Mon, 19 Aug 2024 22:15:00 +0000

Type	Values Removed	Values Added
CPEs	cpe:/a:redhat:acm:2.5::el8 cpe:/a:redhat:acm:2.6::el8 cpe:/a:redhat:multicluster_engine:2.1::el8
Vendors & Products	Redhat acm Redhat multicluster Engine

MITRE

Status: PUBLISHED

Assigner: Go

Published: 2022-08-09T20:17:15

Updated: 2024-08-03T06:56:12.871Z

Reserved: 2022-05-12T00:00:00

Link: CVE-2022-30630

Vulnrichment

No data.

NVD

Status : Modified

Published: 2022-08-10T20:15:40.977

Modified: 2024-11-21T07:03:03.843

Link: CVE-2022-30630

Redhat

Severity : Moderate

Publid Date: 2022-07-12T00:00:00Z

Links: CVE-2022-30630 - Bugzilla

{"containers": {"cna": {"providerMetadata": {"orgId": "1bb62c36-49e3-4200-9d77-64a1400537cc", "shortName": "Go", "dateUpdated": "2023-06-12T19:04:48.349Z"}, "title": "Stack exhaustion in Glob on certain paths in io/fs", "descriptions": [{"lang": "en", "value": "Uncontrolled recursion in Glob in io/fs before Go 1.17.12 and Go 1.18.4 allows an attacker to cause a panic due to stack exhaustion via a path which contains a large number of path separators."}], "affected": [{"vendor": "Go standard library", "product": "io/fs", "collectionURL": "https://pkg.go.dev", "packageName": "io/fs", "versions": [{"version": "0", "lessThan": "1.17.12", "status": "affected", "versionType": "semver"}, {"version": "1.18.0-0", "lessThan": "1.18.4", "status": "affected", "versionType": "semver"}], "programRoutines": [{"name": "Glob"}], "defaultStatus": "unaffected"}], "problemTypes": [{"descriptions": [{"lang": "en", "description": "CWE-674: Uncontrolled Recursion"}]}], "references": [{"url": "https://go.dev/cl/417065"}, {"url": "https://go.googlesource.com/go/+/fa2d41d0ca736f3ad6b200b2a4e134364e9acc59"}, {"url": "https://go.dev/issue/53415"}, {"url": "https://groups.google.com/g/golang-announce/c/nqrv9fbR0zE"}, {"url": "https://pkg.go.dev/vuln/GO-2022-0527"}]}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-03T06:56:12.871Z"}, "title": "CVE Program Container", "references": [{"url": "https://go.dev/cl/417065", "tags": ["x_transferred"]}, {"url": "https://go.googlesource.com/go/+/fa2d41d0ca736f3ad6b200b2a4e134364e9acc59", "tags": ["x_transferred"]}, {"url": "https://go.dev/issue/53415", "tags": ["x_transferred"]}, {"url": "https://groups.google.com/g/golang-announce/c/nqrv9fbR0zE", "tags": ["x_transferred"]}, {"url": "https://pkg.go.dev/vuln/GO-2022-0527", "tags": ["x_transferred"]}]}]}, "cveMetadata": {"assignerOrgId": "1bb62c36-49e3-4200-9d77-64a1400537cc", "assignerShortName": "Go", "cveId": "CVE-2022-30630", "datePublished": "2022-08-09T20:17:15", "dateReserved": "2022-05-12T00:00:00", "dateUpdated": "2024-08-03T06:56:12.871Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*", "matchCriteriaId": "646881F6-A299-4D92-A1F3-E95959FA426F", "versionEndExcluding": "1.17.12", "vulnerable": true}, {"criteria": "cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*", "matchCriteriaId": "FE088A2D-7894-4A48-887C-36DD727A7BEB", "versionEndExcluding": "1.18.4", "versionStartIncluding": "1.18.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Uncontrolled recursion in Glob in io/fs before Go 1.17.12 and Go 1.18.4 allows an attacker to cause a panic due to stack exhaustion via a path which contains a large number of path separators."}, {"lang": "es", "value": "Una recursi\u00f3n no controlada en Glob en io/fs versiones anteriores a Go 1.17.12 y Go 1.18.4, permite a un atacante causar un p\u00e1nico debido al agotamiento de la pila por medio de una ruta que contenga un gran n\u00famero de separadores de ruta"}], "id": "CVE-2022-30630", "lastModified": "2024-11-21T07:03:03.843", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2022-08-10T20:15:40.977", "references": [{"source": "security@golang.org", "tags": ["Patch", "Vendor Advisory"], "url": "https://go.dev/cl/417065"}, {"source": "security@golang.org", "tags": ["Issue Tracking", "Vendor Advisory"], "url": "https://go.dev/issue/53415"}, {"source": "security@golang.org", "tags": ["Mailing List", "Patch", "Vendor Advisory"], "url": "https://go.googlesource.com/go/+/fa2d41d0ca736f3ad6b200b2a4e134364e9acc59"}, {"source": "security@golang.org", "tags": ["Mailing List", "Vendor Advisory"], "url": "https://groups.google.com/g/golang-announce/c/nqrv9fbR0zE"}, {"source": "security@golang.org", "tags": ["Vendor Advisory"], "url": "https://pkg.go.dev/vuln/GO-2022-0527"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch", "Vendor Advisory"], "url": "https://go.dev/cl/417065"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Issue Tracking", "Vendor Advisory"], "url": "https://go.dev/issue/53415"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mailing List", "Patch", "Vendor Advisory"], "url": "https://go.googlesource.com/go/+/fa2d41d0ca736f3ad6b200b2a4e134364e9acc59"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mailing List", "Vendor Advisory"], "url": "https://groups.google.com/g/golang-announce/c/nqrv9fbR0zE"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://pkg.go.dev/vuln/GO-2022-0527"}], "sourceIdentifier": "security@golang.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-674"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"affected_release": [{"advisory": "RHSA-2022:6113", "cpe": "cpe:/a:redhat:application_interconnect:1::el8", "package": "skupper-cli-0:1.0.2-2.el8", "product_name": "Application Interconnect 1 for RHEL 8", "release_date": "2022-08-18T00:00:00Z"}, {"advisory": "RHSA-2022:6345", "cpe": "cpe:/a:redhat:multicluster_engine:2.1::el8", "package": "multicluster-engine-agent-service-container", "product_name": "Multicluster Engine for Kubernetes", "release_date": "2022-09-06T00:00:00Z"}, {"advisory": "RHSA-2022:6345", "cpe": "cpe:/a:redhat:multicluster_engine:2.1::el8", "package": "multicluster-engine-apiserver-network-proxy-container", "product_name": "Multicluster Engine for Kubernetes", "release_date": "2022-09-06T00:00:00Z"}, {"advisory": "RHSA-2022:6345", "cpe": "cpe:/a:redhat:multicluster_engine:2.1::el8", "package": "multicluster-engine-assisted-image-service-container", "product_name": "Multicluster Engine for Kubernetes", "release_date": "2022-09-06T00:00:00Z"}, {"advisory": "RHSA-2022:6345", "cpe": "cpe:/a:redhat:multicluster_engine:2.1::el8", "package": "multicluster-engine-assisted-installer-agent-container", "product_name": "Multicluster Engine for Kubernetes", "release_date": "2022-09-06T00:00:00Z"}, {"advisory": "RHSA-2022:6345", "cpe": "cpe:/a:redhat:multicluster_engine:2.1::el8", "package": "multicluster-engine-assisted-installer-container", "product_name": "Multicluster Engine for Kubernetes", "release_date": "2022-09-06T00:00:00Z"}, {"advisory": "RHSA-2022:6345", "cpe": "cpe:/a:redhat:multicluster_engine:2.1::el8", "package": "multicluster-engine-assisted-installer-reporter-container", "product_name": "Multicluster Engine for Kubernetes", "release_date": "2022-09-06T00:00:00Z"}, {"advisory": "RHSA-2022:6345", "cpe": "cpe:/a:redhat:multicluster_engine:2.1::el8", "package": "multicluster-engine-aws-encryption-provider-container", "product_name": "Multicluster Engine for Kubernetes", "release_date": "2022-09-06T00:00:00Z"}, {"advisory": "RHSA-2022:6345", "cpe": "cpe:/a:redhat:multicluster_engine:2.1::el8", "package": "multicluster-engine-cluster-api-container", "product_name": "Multicluster Engine for Kubernetes", "release_date": "2022-09-06T00:00:00Z"}, {"advisory": "RHSA-2022:6345", "cpe": "cpe:/a:redhat:multicluster_engine:2.1::el8", "package": "multicluster-engine-cluster-api-provider-agent-container", "product_name": "Multicluster Engine for Kubernetes", "release_date": "2022-09-06T00:00:00Z"}, {"advisory": "RHSA-2022:6345", "cpe": "cpe:/a:redhat:multicluster_engine:2.1::el8", "package": "multicluster-engine-cluster-api-provider-aws-container", "product_name": "Multicluster Engine for Kubernetes", "release_date": "2022-09-06T00:00:00Z"}, {"advisory": "RHSA-2022:6345", "cpe": "cpe:/a:redhat:multicluster_engine:2.1::el8", "package": "multicluster-engine-cluster-api-provider-azure-container", "product_name": "Multicluster Engine for Kubernetes", "release_date": "2022-09-06T00:00:00Z"}, {"advisory": "RHSA-2022:6345", "cpe": "cpe:/a:redhat:multicluster_engine:2.1::el8", "package": "multicluster-engine-cluster-api-provider-kubevirt-container", "product_name": "Multicluster Engine for Kubernetes", "release_date": "2022-09-06T00:00:00Z"}, {"advisory": "RHSA-2022:6345", "cpe": "cpe:/a:redhat:multicluster_engine:2.1::el8", "package": "multicluster-engine-clusterclaims-controller-container", "product_name": "Multicluster Engine for Kubernetes", "release_date": "2022-09-06T00:00:00Z"}, {"advisory": "RHSA-2022:6345", "cpe": "cpe:/a:redhat:multicluster_engine:2.1::el8", "package": "multicluster-engine-cluster-curator-controller-container", "product_name": "Multicluster Engine for Kubernetes", "release_date": "2022-09-06T00:00:00Z"}, {"advisory": "RHSA-2022:6345", "cpe": "cpe:/a:redhat:multicluster_engine:2.1::el8", "package": "multicluster-engine-clusterlifecycle-state-metrics-container", "product_name": "Multicluster Engine for Kubernetes", "release_date": "2022-09-06T00:00:00Z"}, {"advisory": "RHSA-2022:6345", "cpe": "cpe:/a:redhat:multicluster_engine:2.1::el8", "package": "multicluster-engine-cluster-proxy-addon-container", "product_name": "Multicluster Engine for Kubernetes", "release_date": "2022-09-06T00:00:00Z"}, {"advisory": "RHSA-2022:6345", "cpe": "cpe:/a:redhat:multicluster_engine:2.1::el8", "package": "multicluster-engine-cluster-proxy-container", "product_name": "Multicluster Engine for Kubernetes", "release_date": "2022-09-06T00:00:00Z"}, {"advisory": "RHSA-2022:6345", "cpe": "cpe:/a:redhat:multicluster_engine:2.1::el8", "package": "multicluster-engine-console-mce-container", "product_name": "Multicluster Engine for Kubernetes", "release_date": "2022-09-06T00:00:00Z"}, {"advisory": "RHSA-2022:6345", "cpe": "cpe:/a:redhat:multicluster_engine:2.1::el8", "package": "multicluster-engine-discovery-operator-container", "product_name": "Multicluster Engine for Kubernetes", "release_date": "2022-09-06T00:00:00Z"}, {"advisory": "RHSA-2022:6345", "cpe": "cpe:/a:redhat:multicluster_engine:2.1::el8", "package": "multicluster-engine-hive-container", "product_name": "Multicluster Engine for Kubernetes", "release_date": "2022-09-06T00:00:00Z"}, {"advisory": "RHSA-2022:6345", "cpe": "cpe:/a:redhat:multicluster_engine:2.1::el8", "package": "multicluster-engine-hypershift-addon-operator-container", "product_name": "Multicluster Engine for Kubernetes", "release_date": "2022-09-06T00:00:00Z"}, {"advisory": "RHSA-2022:6345", "cpe": "cpe:/a:redhat:multicluster_engine:2.1::el8", "package": "multicluster-engine-hypershift-deployment-controller-container", "product_name": "Multicluster Engine for Kubernetes", "release_date": "2022-09-06T00:00:00Z"}, {"advisory": "RHSA-2022:6345", "cpe": "cpe:/a:redhat:multicluster_engine:2.1::el8", "package": "multicluster-engine-hypershift-operator-container", "product_name": "Multicluster Engine for Kubernetes", "release_date": "2022-09-06T00:00:00Z"}, {"advisory": "RHSA-2022:6345", "cpe": "cpe:/a:redhat:multicluster_engine:2.1::el8", "package": "multicluster-engine-klusterlet-operator-bundle-container", "product_name": "Multicluster Engine for Kubernetes", "release_date": "2022-09-06T00:00:00Z"}, {"advisory": "RHSA-2022:6345", "cpe": "cpe:/a:redhat:multicluster_engine:2.1::el8", "package": "multicluster-engine-managedcluster-import-controller-container", "product_name": "Multicluster Engine for Kubernetes", "release_date": "2022-09-06T00:00:00Z"}, {"advisory": "RHSA-2022:6345", "cpe": "cpe:/a:redhat:multicluster_engine:2.1::el8", "package": "multicluster-engine-managed-serviceaccount-container", "product_name": "Multicluster Engine for Kubernetes", "release_date": "2022-09-06T00:00:00Z"}, {"advisory": "RHSA-2022:6345", "cpe": "cpe:/a:redhat:multicluster_engine:2.1::el8", "package": "multicluster-engine-multicloud-manager-container", "product_name": "Multicluster Engine for Kubernetes", "release_date": "2022-09-06T00:00:00Z"}, {"advisory": "RHSA-2022:6345", "cpe": "cpe:/a:redhat:multicluster_engine:2.1::el8", "package": "multicluster-engine-must-gather-container", "product_name": "Multicluster Engine for Kubernetes", "release_date": "2022-09-06T00:00:00Z"}, {"advisory": "RHSA-2022:6345", "cpe": "cpe:/a:redhat:multicluster_engine:2.1::el8", "package": "multicluster-engine-operator-bundle-container", "product_name": "Multicluster Engine for Kubernetes", "release_date": "2022-09-06T00:00:00Z"}, {"advisory": "RHSA-2022:6345", "cpe": "cpe:/a:redhat:multicluster_engine:2.1::el8", "package": "multicluster-engine-operator-container", "product_name": "Multicluster Engine for Kubernetes", "release_date": "2022-09-06T00:00:00Z"}, {"advisory": "RHSA-2022:6345", "cpe": "cpe:/a:redhat:multicluster_engine:2.1::el8", "package": "multicluster-engine-placement-container", "product_name": "Multicluster Engine for Kubernetes", "release_date": "2022-09-06T00:00:00Z"}, {"advisory": "RHSA-2022:6345", "cpe": "cpe:/a:redhat:multicluster_engine:2.1::el8", "package": "multicluster-engine-provider-credential-controller-container", "product_name": "Multicluster Engine for Kubernetes", "release_date": "2022-09-06T00:00:00Z"}, {"advisory": "RHSA-2022:6345", "cpe": "cpe:/a:redhat:multicluster_engine:2.1::el8", "package": "multicluster-engine-registration-container", "product_name": "Multicluster Engine for Kubernetes", "release_date": "2022-09-06T00:00:00Z"}, {"advisory": "RHSA-2022:6345", "cpe": "cpe:/a:redhat:multicluster_engine:2.1::el8", "package": "multicluster-engine-registration-operator-container", "product_name": "Multicluster Engine for Kubernetes", "release_date": "2022-09-06T00:00:00Z"}, {"advisory": "RHSA-2022:6345", "cpe": "cpe:/a:redhat:multicluster_engine:2.1::el8", "package": "multicluster-engine-work-container", "product_name": "Multicluster Engine for Kubernetes", "release_date": "2022-09-06T00:00:00Z"}, {"advisory": "RHSA-2022:6188", "cpe": "cpe:/a:redhat:workload_availability_nmo:4.11::el8", "package": "workload-availability/node-maintenance-rhel8-operator:v4.11.1-1", "product_name": "Node Maintenance Operator 4.11 for RHEL 8", "release_date": "2022-08-25T00:00:00Z"}, {"advisory": "RHSA-2022:6430", "cpe": "cpe:/a:redhat:openshift_api_data_protection:1.0::el8", "package": "oadp/oadp-velero-rhel8:1.0.4-6", "product_name": "OADP-1.0-RHEL-8", "release_date": "2022-09-13T00:00:00Z"}, {"advisory": "RHSA-2023:1042", "cpe": "cpe:/a:redhat:openshift_custom_metrics_autoscaler:2.0::el8", "impact": "low", "package": "custom-metrics-autoscaler-tech-preview/custom-metrics-autoscaler-rhel8:2.8.2-143", "product_name": "OpenShift Custom Metrics Autoscaler 2", "release_date": "2023-03-06T00:00:00Z"}, {"advisory": "RHSA-2022:6040", "cpe": "cpe:/a:redhat:serverless:1.24::el8", "package": "openshift-serverless-1/client-kn-rhel8:1.3.1-4", "product_name": "Openshift Serveless 1.24", "release_date": "2022-08-10T00:00:00Z"}, {"advisory": "RHSA-2022:6040", "cpe": "cpe:/a:redhat:serverless:1.24::el8", "package": "openshift-serverless-1/eventing-apiserver-receive-adapter-rhel8:1.3.2-3", "product_name": "Openshift Serveless 1.24", "release_date": "2022-08-10T00:00:00Z"}, {"advisory": "RHSA-2022:6040", "cpe": "cpe:/a:redhat:serverless:1.24::el8", "package": "openshift-serverless-1/eventing-controller-rhel8:1.3.2-3", "product_name": "Openshift Serveless 1.24", "release_date": "2022-08-10T00:00:00Z"}, {"advisory": "RHSA-2022:6040", "cpe": "cpe:/a:redhat:serverless:1.24::el8", "package": "openshift-serverless-1/eventing-in-memory-channel-controller-rhel8:1.3.2-3", "product_name": "Openshift Serveless 1.24", "release_date": "2022-08-10T00:00:00Z"}, {"advisory": "RHSA-2022:6040", "cpe": "cpe:/a:redhat:serverless:1.24::el8", "package": "openshift-serverless-1/eventing-in-memory-channel-dispatcher-rhel8:1.3.2-3", "product_name": "Openshift Serveless 1.24", "release_date": "2022-08-10T00:00:00Z"}, {"advisory": "RHSA-2022:6040", "cpe": "cpe:/a:redhat:serverless:1.24::el8", "package": "openshift-serverless-1/eventing-kafka-broker-controller-rhel8:1.3.2-2", "product_name": "Openshift Serveless 1.24", "release_date": "2022-08-10T00:00:00Z"}, {"advisory": "RHSA-2022:6040", "cpe": "cpe:/a:redhat:serverless:1.24::el8", "package": "openshift-serverless-1/eventing-kafka-broker-dispatcher-rhel8:1.3.2-2", "product_name": "Openshift Serveless 1.24", "release_date": "2022-08-10T00:00:00Z"}, {"advisory": "RHSA-2022:6040", "cpe": "cpe:/a:redhat:serverless:1.24::el8", "package": "openshift-serverless-1/eventing-kafka-broker-post-install-rhel8:1.3.2-2", "product_name": "Openshift Serveless 1.24", "release_date": "2022-08-10T00:00:00Z"}, {"advisory": "RHSA-2022:6040", "cpe": "cpe:/a:redhat:serverless:1.24::el8", "package": "openshift-serverless-1/eventing-kafka-broker-webhook-rhel8:1.3.2-2", "product_name": "Openshift Serveless 1.24", "release_date": "2022-08-10T00:00:00Z"}, {"advisory": "RHSA-2022:6040", "cpe": "cpe:/a:redhat:serverless:1.24::el8", "package": "openshift-serverless-1/eventing-mtbroker-filter-rhel8:1.3.2-3", "product_name": "Openshift Serveless 1.24", "release_date": "2022-08-10T00:00:00Z"}, {"advisory": "RHSA-2022:6040", "cpe": "cpe:/a:redhat:serverless:1.24::el8", "package": "openshift-serverless-1/eventing-mtbroker-ingress-rhel8:1.3.2-3", "product_name": "Openshift Serveless 1.24", "release_date": "2022-08-10T00:00:00Z"}, {"advisory": "RHSA-2022:6040", "cpe": "cpe:/a:redhat:serverless:1.24::el8", "package": "openshift-serverless-1/eventing-mtchannel-broker-rhel8:1.3.2-3", "product_name": "Openshift Serveless 1.24", "release_date": "2022-08-10T00:00:00Z"}, {"advisory": "RHSA-2022:6040", "cpe": "cpe:/a:redhat:serverless:1.24::el8", "package": "openshift-serverless-1/eventing-mtping-rhel8:1.3.2-3", "product_name": "Openshift Serveless 1.24", "release_date": "2022-08-10T00:00:00Z"}, {"advisory": "RHSA-2022:6040", "cpe": "cpe:/a:redhat:serverless:1.24::el8", "package": "openshift-serverless-1/eventing-storage-version-migration-rhel8:1.3.2-3", "product_name": "Openshift Serveless 1.24", "release_date": "2022-08-10T00:00:00Z"}, {"advisory": "RHSA-2022:6040", "cpe": "cpe:/a:redhat:serverless:1.24::el8", "package": "openshift-serverless-1/eventing-sugar-controller-rhel8:1.3.2-3", "product_name": "Openshift Serveless 1.24", "release_date": "2022-08-10T00:00:00Z"}, {"advisory": "RHSA-2022:6040", "cpe": "cpe:/a:redhat:serverless:1.24::el8", "package": "openshift-serverless-1/eventing-webhook-rhel8:1.3.2-3", "product_name": "Openshift Serveless 1.24", "release_date": "2022-08-10T00:00:00Z"}, {"advisory": "RHSA-2022:6040", "cpe": "cpe:/a:redhat:serverless:1.24::el8", "package": "openshift-serverless-1/ingress-rhel8-operator:1.24.0-3", "product_name": "Openshift Serveless 1.24", "release_date": "2022-08-10T00:00:00Z"}, {"advisory": "RHSA-2022:6040", "cpe": "cpe:/a:redhat:serverless:1.24::el8", "package": "openshift-serverless-1/knative-rhel8-operator:1.24.0-3", "product_name": "Openshift Serveless 1.24", "release_date": "2022-08-10T00:00:00Z"}, {"advisory": "RHSA-2022:6040", "cpe": "cpe:/a:redhat:serverless:1.24::el8", "package": "openshift-serverless-1/kn-cli-artifacts-rhel8:1.3.1-3", "product_name": "Openshift Serveless 1.24", "release_date": "2022-08-10T00:00:00Z"}, {"advisory": "RHSA-2022:6040", "cpe": "cpe:/a:redhat:serverless:1.24::el8", "package": "openshift-serverless-1/kourier-control-rhel8:1.3.0-2", "product_name": "Openshift Serveless 1.24", "release_date": "2022-08-10T00:00:00Z"}, {"advisory": "RHSA-2022:6040", "cpe": "cpe:/a:redhat:serverless:1.24::el8", "package": "openshift-serverless-1/net-istio-controller-rhel8:1.3.0-2", "product_name": "Openshift Serveless 1.24", "release_date": "2022-08-10T00:00:00Z"}, {"advisory": "RHSA-2022:6040", "cpe": "cpe:/a:redhat:serverless:1.24::el8", "package": "openshift-serverless-1/net-istio-webhook-rhel8:1.3.0-2", "product_name": "Openshift Serveless 1.24", "release_date": "2022-08-10T00:00:00Z"}, {"advisory": "RHSA-2022:6040", "cpe": "cpe:/a:redhat:serverless:1.24::el8", "package": "openshift-serverless-1/serverless-operator-bundle:1.24.0-3", "product_name": "Openshift Serveless 1.24", "release_date": "2022-08-10T00:00:00Z"}, {"advisory": "RHSA-2022:6040", "cpe": "cpe:/a:redhat:serverless:1.24::el8", "package": "openshift-serverless-1/serverless-rhel8-operator:1.24.0-3", "product_name": "Openshift Serveless 1.24", "release_date": "2022-08-10T00:00:00Z"}, {"advisory": "RHSA-2022:6040", "cpe": "cpe:/a:redhat:serverless:1.24::el8", "package": "openshift-serverless-1/serving-activator-rhel8:1.3.0-3", "product_name": "Openshift Serveless 1.24", "release_date": "2022-08-10T00:00:00Z"}, {"advisory": "RHSA-2022:6040", "cpe": "cpe:/a:redhat:serverless:1.24::el8", "package": "openshift-serverless-1/serving-autoscaler-hpa-rhel8:1.3.0-3", "product_name": "Openshift Serveless 1.24", "release_date": "2022-08-10T00:00:00Z"}, {"advisory": "RHSA-2022:6040", "cpe": "cpe:/a:redhat:serverless:1.24::el8", "package": "openshift-serverless-1/serving-autoscaler-rhel8:1.3.0-3", "product_name": "Openshift Serveless 1.24", "release_date": "2022-08-10T00:00:00Z"}, {"advisory": "RHSA-2022:6040", "cpe": "cpe:/a:redhat:serverless:1.24::el8", "package": "openshift-serverless-1/serving-controller-rhel8:1.3.0-3", "product_name": "Openshift Serveless 1.24", "release_date": "2022-08-10T00:00:00Z"}, {"advisory": "RHSA-2022:6040", "cpe": "cpe:/a:redhat:serverless:1.24::el8", "package": "openshift-serverless-1/serving-domain-mapping-rhel8:1.3.0-3", "product_name": "Openshift Serveless 1.24", "release_date": "2022-08-10T00:00:00Z"}, {"advisory": "RHSA-2022:6040", "cpe": "cpe:/a:redhat:serverless:1.24::el8", "package": "openshift-serverless-1/serving-domain-mapping-webhook-rhel8:1.3.0-3", "product_name": "Openshift Serveless 1.24", "release_date": "2022-08-10T00:00:00Z"}, {"advisory": "RHSA-2022:6040", "cpe": "cpe:/a:redhat:serverless:1.24::el8", "package": "openshift-serverless-1/serving-queue-rhel8:1.3.0-3", "product_name": "Openshift Serveless 1.24", "release_date": "2022-08-10T00:00:00Z"}, {"advisory": "RHSA-2022:6040", "cpe": "cpe:/a:redhat:serverless:1.24::el8", "package": "openshift-serverless-1/serving-storage-version-migration-rhel8:1.3.0-3", "product_name": "Openshift Serveless 1.24", "release_date": "2022-08-10T00:00:00Z"}, {"advisory": "RHSA-2022:6040", "cpe": "cpe:/a:redhat:serverless:1.24::el8", "package": "openshift-serverless-1/serving-webhook-rhel8:1.3.0-3", "product_name": "Openshift Serveless 1.24", "release_date": "2022-08-10T00:00:00Z"}, {"advisory": "RHSA-2022:6040", "cpe": "cpe:/a:redhat:serverless:1.24::el8", "package": "openshift-serverless-1/svls-must-gather-rhel8:1.24.0-2", "product_name": "Openshift Serveless 1.24", "release_date": "2022-08-10T00:00:00Z"}, {"advisory": "RHSA-2022:6040", "cpe": "cpe:/a:redhat:serverless:1.24::el8", "package": "openshift-serverless-1-tech-preview/eventing-kafka-broker-controller-rhel8:1.3.2-2", "product_name": "Openshift Serveless 1.24", "release_date": "2022-08-10T00:00:00Z"}, {"advisory": "RHSA-2022:6040", "cpe": "cpe:/a:redhat:serverless:1.24::el8", "package": "openshift-serverless-1-tech-preview/eventing-kafka-broker-dispatcher-rhel8:1.3.2-2", "product_name": "Openshift Serveless 1.24", "release_date": "2022-08-10T00:00:00Z"}, {"advisory": "RHSA-2022:6040", "cpe": "cpe:/a:redhat:serverless:1.24::el8", "package": "openshift-serverless-1-tech-preview/eventing-kafka-broker-receiver-rhel8:1.3.2-2", "product_name": "Openshift Serveless 1.24", "release_date": "2022-08-10T00:00:00Z"}, {"advisory": "RHSA-2022:6040", "cpe": "cpe:/a:redhat:serverless:1.24::el8", "package": "openshift-serverless-1-tech-preview/eventing-kafka-broker-webhook-rhel8:1.3.2-2", "product_name": "Openshift Serveless 1.24", "release_date": "2022-08-10T00:00:00Z"}, {"advisory": "RHSA-2022:6042", "cpe": "cpe:/a:redhat:serverless:1.0::el8", "package": "openshift-serverless-clients-0:1.3.1-4.el8", "product_name": "Openshift Serverless 1 on RHEL 8", "release_date": "2022-08-10T00:00:00Z"}, {"advisory": "RHSA-2022:6152", "cpe": "cpe:/a:redhat:openshift_secondary_scheduler:1.1::el8", "package": "openshift-secondary-scheduler-operator/secondary-scheduler-operator-rhel8:v1.1-11", "product_name": "OSSO-1.1-RHEL-8", "release_date": "2022-09-01T00:00:00Z"}, {"advisory": "RHSA-2022:6348", "cpe": "cpe:/a:redhat:acm:2.5::el8", "package": "gatekeeper-container", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2", "release_date": "2022-09-06T00:00:00Z"}, {"advisory": "RHSA-2022:6348", "cpe": "cpe:/a:redhat:acm:2.5::el8", "package": "gatekeeper-operator-bundle-container", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2", "release_date": "2022-09-06T00:00:00Z"}, {"advisory": "RHSA-2022:6348", "cpe": "cpe:/a:redhat:acm:2.5::el8", "package": "gatekeeper-operator-container", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2", "release_date": "2022-09-06T00:00:00Z"}, {"advisory": "RHSA-2022:6346", "cpe": "cpe:/a:redhat:acm:2.6::el8", "package": "lighthouse-agent-container", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2", "release_date": "2022-09-06T00:00:00Z"}, {"advisory": "RHSA-2022:6346", "cpe": "cpe:/a:redhat:acm:2.6::el8", "package": "lighthouse-coredns-container", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2", "release_date": "2022-09-06T00:00:00Z"}, {"advisory": "RHSA-2022:6346", "cpe": "cpe:/a:redhat:acm:2.6::el8", "package": "nettest-container", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2", "release_date": "2022-09-06T00:00:00Z"}, {"advisory": "RHSA-2022:6346", "cpe": "cpe:/a:redhat:acm:2.6::el8", "package": "subctl-container", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2", "release_date": "2022-09-06T00:00:00Z"}, {"advisory": "RHSA-2022:6346", "cpe": "cpe:/a:redhat:acm:2.6::el8", "package": "submariner-gateway-container", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2", "release_date": "2022-09-06T00:00:00Z"}, {"advisory": "RHSA-2022:6346", "cpe": "cpe:/a:redhat:acm:2.6::el8", "package": "submariner-globalnet-container", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2", "release_date": "2022-09-06T00:00:00Z"}, {"advisory": "RHSA-2022:6346", "cpe": "cpe:/a:redhat:acm:2.6::el8", "package": "submariner-networkplugin-syncer-container", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2", "release_date": "2022-09-06T00:00:00Z"}, {"advisory": "RHSA-2022:6346", "cpe": "cpe:/a:redhat:acm:2.6::el8", "package": "submariner-operator-bundle-container", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2", "release_date": "2022-09-06T00:00:00Z"}, {"advisory": "RHSA-2022:6346", "cpe": "cpe:/a:redhat:acm:2.6::el8", "package": "submariner-operator-container", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2", "release_date": "2022-09-06T00:00:00Z"}, {"advisory": "RHSA-2022:6346", "cpe": "cpe:/a:redhat:acm:2.6::el8", "package": "submariner-route-agent-container", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2", "release_date": "2022-09-06T00:00:00Z"}, {"advisory": "RHSA-2022:6347", "cpe": "cpe:/a:redhat:acm:2.6::el8", "package": "volsync-container", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2", "release_date": "2022-09-06T00:00:00Z"}, {"advisory": "RHSA-2022:6347", "cpe": "cpe:/a:redhat:acm:2.6::el8", "package": "volsync-mover-rclone-container", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2", "release_date": "2022-09-06T00:00:00Z"}, {"advisory": "RHSA-2022:6347", "cpe": "cpe:/a:redhat:acm:2.6::el8", "package": "volsync-mover-restic-container", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2", "release_date": "2022-09-06T00:00:00Z"}, {"advisory": "RHSA-2022:6347", "cpe": "cpe:/a:redhat:acm:2.6::el8", "package": "volsync-mover-rsync-container", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2", "release_date": "2022-09-06T00:00:00Z"}, {"advisory": "RHSA-2022:6347", "cpe": "cpe:/a:redhat:acm:2.6::el8", "package": "volsync-mover-syncthing-container", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2", "release_date": "2022-09-06T00:00:00Z"}, {"advisory": "RHSA-2022:6347", "cpe": "cpe:/a:redhat:acm:2.6::el8", "package": "volsync-operator-bundle-container", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2", "release_date": "2022-09-06T00:00:00Z"}, {"advisory": "RHSA-2022:6370", "cpe": "cpe:/a:redhat:acm:2.6::el8", "package": "acm-governance-policy-addon-controller-container", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2", "release_date": "2022-09-06T00:00:00Z"}, {"advisory": "RHSA-2022:6370", "cpe": "cpe:/a:redhat:acm:2.6::el8", "package": "acm-grafana-container", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2", "release_date": "2022-09-06T00:00:00Z"}, {"advisory": "RHSA-2022:6370", "cpe": "cpe:/a:redhat:acm:2.6::el8", "package": "acm-must-gather-container", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2", "release_date": "2022-09-06T00:00:00Z"}, {"advisory": "RHSA-2022:6370", "cpe": "cpe:/a:redhat:acm:2.6::el8", "package": "acm-operator-bundle-container", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2", "release_date": "2022-09-06T00:00:00Z"}, {"advisory": "RHSA-2022:6370", "cpe": "cpe:/a:redhat:acm:2.6::el8", "package": "acm-prometheus-config-reloader-container", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2", "release_date": "2022-09-06T00:00:00Z"}, {"advisory": "RHSA-2022:6370", "cpe": "cpe:/a:redhat:acm:2.6::el8", "package": "acm-prometheus-operator-container", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2", "release_date": "2022-09-06T00:00:00Z"}, {"advisory": "RHSA-2022:6370", "cpe": "cpe:/a:redhat:acm:2.6::el8", "package": "acm-volsync-addon-controller-container", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2", "release_date": "2022-09-06T00:00:00Z"}, {"advisory": "RHSA-2022:6370", "cpe": "cpe:/a:redhat:acm:2.6::el8", "package": "cert-policy-controller-container", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2", "release_date": "2022-09-06T00:00:00Z"}, {"advisory": "RHSA-2022:6370", "cpe": "cpe:/a:redhat:acm:2.6::el8", "package": "cluster-backup-operator-container", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2", "release_date": "2022-09-06T00:00:00Z"}, {"advisory": "RHSA-2022:6370", "cpe": "cpe:/a:redhat:acm:2.6::el8", "package": "config-policy-controller-container", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2", "release_date": "2022-09-06T00:00:00Z"}, {"advisory": "RHSA-2022:6370", "cpe": "cpe:/a:redhat:acm:2.6::el8", "package": "console-container", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2", "release_date": "2022-09-06T00:00:00Z"}, {"advisory": "RHSA-2022:6370", "cpe": "cpe:/a:redhat:acm:2.6::el8", "package": "endpoint-monitoring-operator-container", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2", "release_date": "2022-09-06T00:00:00Z"}, {"advisory": "RHSA-2022:6370", "cpe": "cpe:/a:redhat:acm:2.6::el8", "package": "governance-policy-propagator-container", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2", "release_date": "2022-09-06T00:00:00Z"}, {"advisory": "RHSA-2022:6370", "cpe": "cpe:/a:redhat:acm:2.6::el8", "package": "governance-policy-spec-sync-container", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2", "release_date": "2022-09-06T00:00:00Z"}, {"advisory": "RHSA-2022:6370", "cpe": "cpe:/a:redhat:acm:2.6::el8", "package": "governance-policy-status-sync-container", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2", "release_date": "2022-09-06T00:00:00Z"}, {"advisory": "RHSA-2022:6370", "cpe": "cpe:/a:redhat:acm:2.6::el8", "package": "governance-policy-template-sync-container", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2", "release_date": "2022-09-06T00:00:00Z"}, {"advisory": "RHSA-2022:6370", "cpe": "cpe:/a:redhat:acm:2.6::el8", "package": "grafana-dashboard-loader-container", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2", "release_date": "2022-09-06T00:00:00Z"}, {"advisory": "RHSA-2022:6370", "cpe": "cpe:/a:redhat:acm:2.6::el8", "package": "iam-policy-controller-container", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2", "release_date": "2022-09-06T00:00:00Z"}, {"advisory": "RHSA-2022:6370", "cpe": "cpe:/a:redhat:acm:2.6::el8", "package": "insights-client-container", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2", "release_date": "2022-09-06T00:00:00Z"}, {"advisory": "RHSA-2022:6370", "cpe": "cpe:/a:redhat:acm:2.6::el8", "package": "insights-metrics-container", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2", "release_date": "2022-09-06T00:00:00Z"}, {"advisory": "RHSA-2022:6370", "cpe": "cpe:/a:redhat:acm:2.6::el8", "package": "klusterlet-addon-controller-container", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2", "release_date": "2022-09-06T00:00:00Z"}, {"advisory": "RHSA-2022:6370", "cpe": "cpe:/a:redhat:acm:2.6::el8", "package": "kube-rbac-proxy-container", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2", "release_date": "2022-09-06T00:00:00Z"}, {"advisory": "RHSA-2022:6370", "cpe": "cpe:/a:redhat:acm:2.6::el8", "package": "kube-state-metrics-container", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2", "release_date": "2022-09-06T00:00:00Z"}, {"advisory": "RHSA-2022:6370", "cpe": "cpe:/a:redhat:acm:2.6::el8", "package": "management-ingress-container", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2", "release_date": "2022-09-06T00:00:00Z"}, {"advisory": "RHSA-2022:6370", "cpe": "cpe:/a:redhat:acm:2.6::el8", "package": "memcached-container", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2", "release_date": "2022-09-06T00:00:00Z"}, {"advisory": "RHSA-2022:6370", "cpe": "cpe:/a:redhat:acm:2.6::el8", "package": "memcached-exporter-container", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2", "release_date": "2022-09-06T00:00:00Z"}, {"advisory": "RHSA-2022:6370", "cpe": "cpe:/a:redhat:acm:2.6::el8", "package": "metrics-collector-container", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2", "release_date": "2022-09-06T00:00:00Z"}, {"advisory": "RHSA-2022:6370", "cpe": "cpe:/a:redhat:acm:2.6::el8", "package": "multicloud-integrations-container", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2", "release_date": "2022-09-06T00:00:00Z"}, {"advisory": "RHSA-2022:6370", "cpe": "cpe:/a:redhat:acm:2.6::el8", "package": "multiclusterhub-operator-container", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2", "release_date": "2022-09-06T00:00:00Z"}, {"advisory": "RHSA-2022:6370", "cpe": "cpe:/a:redhat:acm:2.6::el8", "package": "multiclusterhub-repo-container", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2", "release_date": "2022-09-06T00:00:00Z"}, {"advisory": "RHSA-2022:6370", "cpe": "cpe:/a:redhat:acm:2.6::el8", "package": "multicluster-observability-operator-container", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2", "release_date": "2022-09-06T00:00:00Z"}, {"advisory": "RHSA-2022:6370", "cpe": "cpe:/a:redhat:acm:2.6::el8", "package": "multicluster-operators-application-container", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2", "release_date": "2022-09-06T00:00:00Z"}, {"advisory": "RHSA-2022:6370", "cpe": "cpe:/a:redhat:acm:2.6::el8", "package": "multicluster-operators-channel-container", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2", "release_date": "2022-09-06T00:00:00Z"}, {"advisory": "RHSA-2022:6370", "cpe": "cpe:/a:redhat:acm:2.6::el8", "package": "multicluster-operators-subscription-operator-container", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2", "release_date": "2022-09-06T00:00:00Z"}, {"advisory": "RHSA-2022:6370", "cpe": "cpe:/a:redhat:acm:2.6::el8", "package": "node-exporter-container", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2", "release_date": "2022-09-06T00:00:00Z"}, {"advisory": "RHSA-2022:6370", "cpe": "cpe:/a:redhat:acm:2.6::el8", "package": "observatorium-container", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2", "release_date": "2022-09-06T00:00:00Z"}, {"advisory": "RHSA-2022:6370", "cpe": "cpe:/a:redhat:acm:2.6::el8", "package": "observatorium-operator-container", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2", "release_date": "2022-09-06T00:00:00Z"}, {"advisory": "RHSA-2022:6370", "cpe": "cpe:/a:redhat:acm:2.6::el8", "package": "prometheus-alertmanager-container", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2", "release_date": "2022-09-06T00:00:00Z"}, {"advisory": "RHSA-2022:6370", "cpe": "cpe:/a:redhat:acm:2.6::el8", "package": "prometheus-container", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2", "release_date": "2022-09-06T00:00:00Z"}, {"advisory": "RHSA-2022:6370", "cpe": "cpe:/a:redhat:acm:2.6::el8", "package": "rbac-query-proxy-container", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2", "release_date": "2022-09-06T00:00:00Z"}, {"advisory": "RHSA-2022:6370", "cpe": "cpe:/a:redhat:acm:2.6::el8", "package": "redisgraph-tls-container", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2", "release_date": "2022-09-06T00:00:00Z"}, {"advisory": "RHSA-2022:6370", "cpe": "cpe:/a:redhat:acm:2.6::el8", "package": "search-aggregator-container", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2", "release_date": "2022-09-06T00:00:00Z"}, {"advisory": "RHSA-2022:6370", "cpe": "cpe:/a:redhat:acm:2.6::el8", "package": "search-api-container", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2", "release_date": "2022-09-06T00:00:00Z"}, {"advisory": "RHSA-2022:6370", "cpe": "cpe:/a:redhat:acm:2.6::el8", "package": "search-collector-container", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2", "release_date": "2022-09-06T00:00:00Z"}, {"advisory": "RHSA-2022:6370", "cpe": "cpe:/a:redhat:acm:2.6::el8", "package": "search-operator-container", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2", "release_date": "2022-09-06T00:00:00Z"}, {"advisory": "RHSA-2022:6370", "cpe": "cpe:/a:redhat:acm:2.6::el8", "package": "submariner-addon-container", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2", "release_date": "2022-09-06T00:00:00Z"}, {"advisory": "RHSA-2022:6370", "cpe": "cpe:/a:redhat:acm:2.6::el8", "package": "thanos-container", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2", "release_date": "2022-09-06T00:00:00Z"}, {"advisory": "RHSA-2022:6370", "cpe": "cpe:/a:redhat:acm:2.6::el8", "package": "thanos-receive-controller-container", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2", "release_date": "2022-09-06T00:00:00Z"}, {"advisory": "RHSA-2023:3642", "cpe": "cpe:/a:redhat:ceph_storage:6.1::el9", "package": "rhceph/rhceph-6-dashboard-rhel9:6-75", "product_name": "Red Hat Ceph Storage 6.1", "release_date": "2023-06-15T00:00:00Z"}, {"advisory": "RHSA-2022:5866", "cpe": "cpe:/a:redhat:devtools:2022", "package": "go-toolset-1.17-golang-0:1.17.12-1.el7_9", "product_name": "Red Hat Developer Tools", "release_date": "2022-08-02T00:00:00Z"}, {"advisory": "RHSA-2022:5775", "cpe": "cpe:/a:redhat:enterprise_linux:8", "package": "go-toolset:rhel8-8060020220720230014.97d7f71f", "product_name": "Red Hat Enterprise Linux 8", "release_date": "2022-08-01T00:00:00Z"}, {"advisory": "RHSA-2022:7129", "cpe": "cpe:/a:redhat:enterprise_linux:8", "package": "git-lfs-0:2.13.3-3.el8_6", "product_name": "Red Hat Enterprise Linux 8", "release_date": "2022-10-25T00:00:00Z"}, {"advisory": "RHSA-2022:7519", "cpe": "cpe:/a:redhat:enterprise_linux:8", "package": "grafana-0:7.5.15-3.el8", "product_name": "Red Hat Enterprise Linux 8", "release_date": "2022-11-08T00:00:00Z"}, {"advisory": "RHSA-2022:7529", "cpe": "cpe:/a:redhat:enterprise_linux:8", "package": "container-tools:3.0-8070020220802115906.39077419", "product_name": "Red Hat Enterprise Linux 8", "release_date": "2022-11-08T00:00:00Z"}, {"advisory": "RHSA-2022:7648", "cpe": "cpe:/a:redhat:enterprise_linux:8", "package": "grafana-pcp-0:3.2.0-2.el8", "product_name": "Red Hat Enterprise Linux 8", "release_date": "2022-11-08T00:00:00Z"}, {"advisory": "RHSA-2023:2758", "cpe": "cpe:/a:redhat:enterprise_linux:8", "package": "container-tools:rhel8-8080020230321153727.0f77c1b7", "product_name": "Red Hat Enterprise Linux 8", "release_date": "2023-05-16T00:00:00Z"}, {"advisory": "RHSA-2023:2802", "cpe": "cpe:/a:redhat:enterprise_linux:8", "package": "container-tools:4.0-8080020230217080101.8108cfbc", "product_name": "Red Hat Enterprise Linux 8", "release_date": "2023-05-16T00:00:00Z"}, {"advisory": "RHSA-2022:5799", "cpe": "cpe:/a:redhat:enterprise_linux:9", "package": "golang-0:1.17.12-1.el9_0", "product_name": "Red Hat Enterprise Linux 9", "release_date": "2022-08-01T00:00:00Z"}, {"advisory": "RHSA-2022:8057", "cpe": "cpe:/a:redhat:enterprise_linux:9", "package": "grafana-0:7.5.15-3.el9", "product_name": "Red Hat Enterprise Linux 9", "release_date": "2022-11-15T00:00:00Z"}, {"advisory": "RHSA-2022:8098", "cpe": "cpe:/a:redhat:enterprise_linux:9", "package": "toolbox-0:0.0.99.3-5.el9", "product_name": "Red Hat Enterprise Linux 9", "release_date": "2022-11-15T00:00:00Z"}, {"advisory": "RHSA-2022:8250", "cpe": "cpe:/a:redhat:enterprise_linux:9", "package": "grafana-pcp-0:3.2.0-3.el9", "product_name": "Red Hat Enterprise Linux 9", "release_date": "2022-11-15T00:00:00Z"}, {"advisory": "RHSA-2023:2357", "cpe": "cpe:/a:redhat:enterprise_linux:9", "package": "git-lfs-0:3.2.0-1.el9", "product_name": "Red Hat Enterprise Linux 9", "release_date": "2023-05-09T00:00:00Z"}, {"advisory": "RHSA-2024:2180", "cpe": "cpe:/a:redhat:enterprise_linux:9", "package": "runc-4:1.1.12-2.el9", "product_name": "Red Hat Enterprise Linux 9", "release_date": "2024-04-30T00:00:00Z"}, {"advisory": "RHSA-2022:9047", "cpe": "cpe:/a:redhat:rhmt:1.7::el8", "package": "rhmtc/openshift-velero-plugin-rhel8:v1.7.6-5", "product_name": "Red Hat Migration Toolkit for Containers 1.7", "release_date": "2022-12-15T00:00:00Z"}, {"advisory": "RHSA-2022:6283", "cpe": "cpe:/a:redhat:service_mesh:2.2::el8", "package": "openshift-service-mesh/istio-cni-rhel8:2.2.2-7", "product_name": "Red Hat OpenShift Service Mesh 2.2 for RHEL 8", "release_date": "2022-08-31T00:00:00Z"}, {"advisory": "RHSA-2022:6283", "cpe": "cpe:/a:redhat:service_mesh:2.2::el8", "package": "openshift-service-mesh/istio-rhel8-operator:2.2.2-8", "product_name": "Red Hat OpenShift Service Mesh 2.2 for RHEL 8", "release_date": "2022-08-31T00:00:00Z"}, {"advisory": "RHSA-2022:6283", "cpe": "cpe:/a:redhat:service_mesh:2.2::el8", "package": "openshift-service-mesh/pilot-rhel8:2.2.2-7", "product_name": "Red Hat OpenShift Service Mesh 2.2 for RHEL 8", "release_date": "2022-08-31T00:00:00Z"}, {"advisory": "RHSA-2022:6283", "cpe": "cpe:/a:redhat:service_mesh:2.2::el8", "package": "openshift-service-mesh/prometheus-rhel8:2.2.2-4", "product_name": "Red Hat OpenShift Service Mesh 2.2 for RHEL 8", "release_date": "2022-08-31T00:00:00Z"}, {"advisory": "RHSA-2022:6283", "cpe": "cpe:/a:redhat:service_mesh:2.2::el8", "package": "openshift-service-mesh/proxyv2-rhel8:2.2.2-8", "product_name": "Red Hat OpenShift Service Mesh 2.2 for RHEL 8", "release_date": "2022-08-31T00:00:00Z"}, {"advisory": "RHSA-2022:6283", "cpe": "cpe:/a:redhat:service_mesh:2.2::el8", "package": "openshift-service-mesh/ratelimit-rhel8:2.2.2-4", "product_name": "Red Hat OpenShift Service Mesh 2.2 for RHEL 8", "release_date": "2022-08-31T00:00:00Z"}, {"advisory": "RHSA-2023:1275", "cpe": "cpe:/a:redhat:openstack:16.1::el8", "package": "etcd-0:3.3.23-12.el8ost", "product_name": "Red Hat OpenStack Platform 16.1", "release_date": "2023-03-15T00:00:00Z"}, {"advisory": "RHSA-2023:1275", "cpe": "cpe:/a:redhat:openstack:16.2::el8", "package": "etcd-0:3.3.23-12.el8ost", "product_name": "Red Hat OpenStack Platform 16.2", "release_date": "2023-03-15T00:00:00Z"}, {"advisory": "RHSA-2023:0407", "cpe": "cpe:/a:redhat:container_native_virtualization:4.12::el7", "package": "kubevirt-0:4.12.0-1057.el7", "product_name": "RHEL-7-CNV-4.12", "release_date": "2023-01-24T00:00:00Z"}, {"advisory": "RHSA-2023:0407", "cpe": "cpe:/a:redhat:container_native_virtualization:4.12::el8", "package": "kubevirt-0:4.12.0-1057.el8", "product_name": "RHEL-8-CNV-4.12", "release_date": "2023-01-24T00:00:00Z"}, {"advisory": "RHSA-2023:0408", "cpe": "cpe:/a:redhat:container_native_virtualization:4.12::el8", "package": "container-native-virtualization/virt-api:v4.12.0-255", "product_name": "RHEL-8-CNV-4.12", "release_date": "2023-01-25T00:00:00Z"}, {"advisory": "RHSA-2023:1529", "cpe": "cpe:/a:redhat:stf:1.5::el8", "package": "stf/sg-core-rhel8:5.1.1-2", "product_name": "STF-1.5-RHEL-8", "release_date": "2023-03-30T00:00:00Z"}], "bugzilla": {"description": "golang: io/fs: stack exhaustion in Glob", "id": "2107371", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2107371"}, "csaw": false, "cvss3": {"cvss3_base_score": "7.5", "cvss3_scoring_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "status": "verified"}, "cwe": "CWE-1325", "details": ["Uncontrolled recursion in Glob in io/fs before Go 1.17.12 and Go 1.18.4 allows an attacker to cause a panic due to stack exhaustion via a path which contains a large number of path separators.", "A flaw was found in the golang standard library, io/fs. Calling Glob on a path that contains a large number of path separators can cause a panic issue due to stack exhaustion. This could allow an attacker to impact availability."], "name": "CVE-2022-30630", "package_state": [{"cpe": "cpe:/a:redhat:migration_toolkit_virtualization:2", "fix_state": "Affected", "package_name": "migration-toolkit-virtualization/mtv-controller-rhel9", "product_name": "Migration Toolkit for Virtualization"}, {"cpe": "cpe:/a:redhat:mirror_registry:1", "fix_state": "Affected", "package_name": "mirror-registry-container", "product_name": "mirror registry for Red Hat OpenShift"}, {"cpe": "cpe:/a:redhat:workload_availability_nmo:5", "fix_state": "Affected", "package_name": "workload-availability/node-maintenance-rhel8-operator", "product_name": "Node Maintenance Operator"}, {"cpe": "cpe:/a:redhat:ocp_tools", "fix_state": "Affected", "package_name": "helm", "product_name": "OpenShift Developer Tools and Services"}, {"cpe": "cpe:/a:redhat:ocp_tools", "fix_state": "Affected", "package_name": "odo", "product_name": "OpenShift Developer Tools and Services"}, {"cpe": "cpe:/a:redhat:openshift_pipelines:1", "fix_state": "Affected", "package_name": "openshift-pipelines-client", "product_name": "OpenShift Pipelines"}, {"cpe": "cpe:/a:redhat:red_hat_3scale_amp:2", "fix_state": "Affected", "package_name": "3scale-operator-container", "product_name": "Red Hat 3scale API Management Platform 2"}, {"cpe": "cpe:/a:redhat:acm:2", "fix_state": "Affected", "package_name": "rhacm2/work-rhel8", "product_name": "Red Hat Advanced Cluster Management for Kubernetes 2"}, {"cpe": "cpe:/a:redhat:advanced_cluster_security:3", "fix_state": "Affected", "package_name": "advanced-cluster-security/rhacs-main-rhel8", "product_name": "Red Hat Advanced Cluster Security 3"}, {"cpe": "cpe:/a:redhat:ansible_automation_platform:2", "fix_state": "Affected", "package_name": "openshift-clients", "product_name": "Red Hat Ansible Automation Platform 2"}, {"cpe": "cpe:/a:redhat:ansible_automation_platform:2", "fix_state": "Affected", "package_name": "receptor", "product_name": "Red Hat Ansible Automation Platform 2"}, {"cpe": "cpe:/a:redhat:application_interconnect:1", "fix_state": "Will not fix", "package_name": "skupper-router", "product_name": "Red Hat Application Interconnect 1.0"}, {"cpe": "cpe:/a:redhat:ceph_storage:3", "fix_state": "Out of support scope", "package_name": "golang", "product_name": "Red Hat Ceph Storage 3"}, {"cpe": "cpe:/a:redhat:ceph_storage:5", "fix_state": "Affected", "package_name": "rhceph/rhceph-5-dashboard-rhel8", "product_name": "Red Hat Ceph Storage 5"}, {"cpe": "cpe:/a:redhat:devtools:", "fix_state": "Affected", "package_name": "go-toolset-1.18-golang", "product_name": "Red Hat Developer Tools"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Will not fix", "package_name": "osbuild-composer", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Will not fix", "package_name": "weldr-client", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Will not fix", "package_name": "buildah", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Will not fix", "package_name": "butane", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "conmon", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Will not fix", "package_name": "containernetworking-plugins", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Affected", "package_name": "go-toolset", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Will not fix", "package_name": "ignition", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Will not fix", "package_name": "osbuild-composer", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Will not fix", "package_name": "podman", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Will not fix", "package_name": "skopeo", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Fix deferred", "package_name": "weldr-client", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/a:redhat:openshift:4", "fix_state": "Not affected", "package_name": "openshift-golang-builder-container", "product_name": "Red Hat OpenShift Container Platform 4"}, {"cpe": "cpe:/a:redhat:openshift_data_foundation:4", "fix_state": "Affected", "package_name": "mcg", "product_name": "Red Hat Openshift Data Foundation 4"}, {"cpe": "cpe:/a:redhat:openshift_data_foundation:4", "fix_state": "Affected", "package_name": "odf4/cephcsi-rhel9", "product_name": "Red Hat Openshift Data Foundation 4"}, {"cpe": "cpe:/a:redhat:openshift_distributed_tracing:2", "fix_state": "Affected", "package_name": "rhosdt/jaeger-agent-rhel8", "product_name": "Red Hat OpenShift distributed tracing 2"}, {"cpe": "cpe:/a:redhat:openshift_gitops:1", "fix_state": "Affected", "package_name": "openshift-gitops-1/gitops-rhel8", "product_name": "Red Hat OpenShift GitOps"}, {"cpe": "cpe:/a:redhat:openshift_gitops:1", "fix_state": "Affected", "package_name": "openshift-gitops-kam", "product_name": "Red Hat OpenShift GitOps"}, {"cpe": "cpe:/a:redhat:openshift_service_on_aws:1", "fix_state": "Affected", "package_name": "rosa", "product_name": "Red Hat OpenShift on AWS"}, {"cpe": "cpe:/a:redhat:openshift_sandboxed_containers:1", "fix_state": "Out of support scope", "package_name": "openshift-sandboxed-containers/osc-rhel8-operator", "product_name": "Red Hat Openshift Sandboxed Containers"}, {"cpe": "cpe:/a:redhat:openstack:16.2", "fix_state": "Will not fix", "package_name": "collectd-libpod-stats", "product_name": "Red Hat OpenStack Platform 16.2"}, {"cpe": "cpe:/a:redhat:openstack:16.2", "fix_state": "Will not fix", "package_name": "golang-qpid-apache", "product_name": "Red Hat OpenStack Platform 16.2"}, {"cpe": "cpe:/a:redhat:openstack:16.2", "fix_state": "Not affected", "package_name": "qpid-proton", "product_name": "Red Hat OpenStack Platform 16.2"}, {"cpe": "cpe:/a:redhat:openstack:16.2", "fix_state": "Will not fix", "package_name": "rhosp-rhel8-tech-preview/osp-director-operator", "product_name": "Red Hat OpenStack Platform 16.2"}, {"cpe": "cpe:/a:redhat:quay:3", "fix_state": "Affected", "package_name": "quay/clair-rhel8", "product_name": "Red Hat Quay 3"}, {"cpe": "cpe:/a:redhat:satellite:6", "fix_state": "Not affected", "package_name": "qpid-proton", "product_name": "Red Hat Satellite 6"}, {"cpe": "cpe:/a:redhat:rhel_software_collections:3", "fix_state": "Will not fix", "package_name": "rh-git227-git-lfs", "product_name": "Red Hat Software Collections"}, {"cpe": "cpe:/a:redhat:storage:3", "fix_state": "Affected", "package_name": "golang", "product_name": "Red Hat Storage 3"}, {"cpe": "cpe:/a:redhat:storage:3", "fix_state": "Affected", "package_name": "go-toolset-7-golang", "product_name": "Red Hat Storage 3"}, {"cpe": "cpe:/a:redhat:storage:3", "fix_state": "Out of support scope", "package_name": "heketi", "product_name": "Red Hat Storage 3"}, {"cpe": "cpe:/a:redhat:webterminal:1", "fix_state": "Affected", "package_name": "web-terminal-exec-container", "product_name": "Red Hat Web Terminal"}, {"cpe": "cpe:/a:redhat:stf:1.4::el8", "fix_state": "Will not fix", "package_name": "stf/sg-core-rhel8", "product_name": "Service Telemetry Framework 1.4 for RHEL 8"}], "public_date": "2022-07-12T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2022-30630\nhttps://nvd.nist.gov/vuln/detail/CVE-2022-30630\nhttps://go.dev/issue/53415\nhttps://groups.google.com/g/golang-announce/c/nqrv9fbR0zE"], "statement": "RH ProdSec has set the Impact of this vulnerability to Moderate as there is no known method to execute arbitary code. Successful exploitation of this bug can cause the application under attack to panic, merely causing a Denial of Service at the application level. As the kernel is unaffected by this bug, the user can merely relaunch the application to fix the problem. Also, if somehow the application keeps relaunching, the timer watchdogs in the default RHEL kernel will stop the attack in its tracks.\nWithin regulated environments, a combination of the following controls acts as a significant barrier to successfully exploiting a CWE-1325: Improperly Controlled Sequential Memory Allocation vulnerability and therefore downgrades the severity of this particular CVE from Moderate to Low.\nAccess to the platform is granted only after successful hard token-based multi-factor authentication (MFA) and is governed by least privilege to ensure only authorized users and roles can execute or modify code. Static code analysis and peer reviews enforce strong input validation and error handling, preventing improperly validated inputs from causing system instability, data exposure, or privilege escalation. In the event of successful exploitation, process isolation limits the impact of excessive sequential memory allocation by restricting memory use per process, preventing any single process from exhausting system resources. Finally, the platform uses memory protection mechanisms such as Data Execution Prevention (DEP) and Address Space Layout Randomization (ASLR) to reduce the risk of memory allocation-based attacks.", "threat_severity": "Moderate"}

Metrics

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object