CVE-2024-6104 - Vulnerability Details

go-retryablehttp prior to 0.7.7 did not sanitize urls when writing them to its log file. This could lead to go-retryablehttp writing sensitive HTTP basic auth credentials to its log file. This vulnerability, CVE-2024-6104, was fixed in go-retryablehttp 0.7.7.

No CVSS v4.0

Attack Vector Local

Attack Complexity Low

Privileges Required High

Scope Changed

Confidentiality Impact High

Integrity Impact None

Availability Impact None

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Hashicorp	Retryablehttp
Redhat	Advanced Cluster Security Cert Manager Cluster Observability Operator Enterprise Linux Logging Multicluster Engine Openshift Openshift Data Foundation Openshift Gitops Openshift Serverless Rhel Eus

Configuration 1 [-]

cpe:2.3:a:hashicorp:retryablehttp:*:*:*:*:*:go:*:*

Package	CPE	Advisory	Released Date
CLUSTER-OBSERVABILITY-OPERATOR-0.4-RHEL-8
cluster-observability-operator/cluster-observability-operator-bundle:0.4.1-18	cpe:/a:redhat:cluster_observability_operator:0.4::el8	RHSA-2024:8040	2024-10-14T00:00:00Z
cluster-observability-operator/cluster-observability-rhel8-operator:v0.4.1-4	cpe:/a:redhat:cluster_observability_operator:0.4::el8	RHSA-2024:8040	2024-10-14T00:00:00Z
cluster-observability-operator/coo-admission-webhook-rhel8:v0.77.1-1	cpe:/a:redhat:cluster_observability_operator:0.4::el8	RHSA-2024:8040	2024-10-14T00:00:00Z
cluster-observability-operator/coo-console-dashboards-plugin-rhel8:v0.2.0-15	cpe:/a:redhat:cluster_observability_operator:0.4::el8	RHSA-2024:8040	2024-10-14T00:00:00Z
cluster-observability-operator/coo-console-distributed-tracing-plugin-rhel8:v0.1.0-16	cpe:/a:redhat:cluster_observability_operator:0.4::el8	RHSA-2024:8040	2024-10-14T00:00:00Z
cluster-observability-operator/coo-console-logging-plugin-rhel8:v6.0.0-20	cpe:/a:redhat:cluster_observability_operator:0.4::el8	RHSA-2024:8040	2024-10-14T00:00:00Z
cluster-observability-operator/coo-console-troubleshooting-panel-plugin-rhel8:v0.1.0-19	cpe:/a:redhat:cluster_observability_operator:0.4::el8	RHSA-2024:8040	2024-10-14T00:00:00Z
cluster-observability-operator/coo-korrel8r-rhel8:v0.6.3-15	cpe:/a:redhat:cluster_observability_operator:0.4::el8	RHSA-2024:8040	2024-10-14T00:00:00Z
cluster-observability-operator/coo-prometheus-alertmanager-rhel8:v0.27.0-4	cpe:/a:redhat:cluster_observability_operator:0.4::el8	RHSA-2024:8040	2024-10-14T00:00:00Z
cluster-observability-operator/coo-prometheus-config-reloader-rhel8:v0.77.1-1	cpe:/a:redhat:cluster_observability_operator:0.4::el8	RHSA-2024:8040	2024-10-14T00:00:00Z
cluster-observability-operator/coo-prometheus-rhel8:v2.54.1-1	cpe:/a:redhat:cluster_observability_operator:0.4::el8	RHSA-2024:8040	2024-10-14T00:00:00Z
cluster-observability-operator/coo-prometheus-rhel8-operator:v0.77.1-1	cpe:/a:redhat:cluster_observability_operator:0.4::el8	RHSA-2024:8040	2024-10-14T00:00:00Z
cluster-observability-operator/coo-thanos-rhel8:v0.36.1-1	cpe:/a:redhat:cluster_observability_operator:0.4::el8	RHSA-2024:8040	2024-10-14T00:00:00Z
multicluster engine for Kubernetes 2.5 for RHEL 8
multicluster-engine/hive-rhel8:v2.5.7-1	cpe:/a:redhat:multicluster_engine:2.5::el8	RHSA-2024:6738	2024-09-17T00:00:00Z
Red Hat Advanced Cluster Security 4.4
advanced-cluster-security/rhacs-central-db-rhel8:4.4.5-2	cpe:/a:redhat:advanced_cluster_security:4.4::el8	RHSA-2024:6054	2024-08-29T00:00:00Z
advanced-cluster-security/rhacs-collector-rhel8:4.4.5-2	cpe:/a:redhat:advanced_cluster_security:4.4::el8	RHSA-2024:6054	2024-08-29T00:00:00Z
advanced-cluster-security/rhacs-collector-slim-rhel8:4.4.5-2	cpe:/a:redhat:advanced_cluster_security:4.4::el8	RHSA-2024:6054	2024-08-29T00:00:00Z
advanced-cluster-security/rhacs-main-rhel8:4.4.5-4	cpe:/a:redhat:advanced_cluster_security:4.4::el8	RHSA-2024:6054	2024-08-29T00:00:00Z
advanced-cluster-security/rhacs-operator-bundle:4.4.5-3	cpe:/a:redhat:advanced_cluster_security:4.4::el8	RHSA-2024:6054	2024-08-29T00:00:00Z
advanced-cluster-security/rhacs-rhel8-operator:4.4.5-2	cpe:/a:redhat:advanced_cluster_security:4.4::el8	RHSA-2024:6054	2024-08-29T00:00:00Z
advanced-cluster-security/rhacs-roxctl-rhel8:4.4.5-2	cpe:/a:redhat:advanced_cluster_security:4.4::el8	RHSA-2024:6054	2024-08-29T00:00:00Z
advanced-cluster-security/rhacs-scanner-db-rhel8:4.4.5-2	cpe:/a:redhat:advanced_cluster_security:4.4::el8	RHSA-2024:6054	2024-08-29T00:00:00Z
advanced-cluster-security/rhacs-scanner-db-slim-rhel8:4.4.5-3	cpe:/a:redhat:advanced_cluster_security:4.4::el8	RHSA-2024:6054	2024-08-29T00:00:00Z
advanced-cluster-security/rhacs-scanner-rhel8:4.4.5-2	cpe:/a:redhat:advanced_cluster_security:4.4::el8	RHSA-2024:6054	2024-08-29T00:00:00Z
advanced-cluster-security/rhacs-scanner-slim-rhel8:4.4.5-2	cpe:/a:redhat:advanced_cluster_security:4.4::el8	RHSA-2024:6054	2024-08-29T00:00:00Z
advanced-cluster-security/rhacs-scanner-v4-db-rhel8:4.4.5-3	cpe:/a:redhat:advanced_cluster_security:4.4::el8	RHSA-2024:6054	2024-08-29T00:00:00Z
advanced-cluster-security/rhacs-scanner-v4-rhel8:4.4.5-3	cpe:/a:redhat:advanced_cluster_security:4.4::el8	RHSA-2024:6054	2024-08-29T00:00:00Z
Red Hat Enterprise Linux 8
container-tools:rhel8-8100020240808093819.afee755d	cpe:/a:redhat:enterprise_linux:8	RHSA-2024:5258	2024-08-13T00:00:00Z
Red Hat Enterprise Linux 8.8 Extended Update Support
container-tools:rhel8-8080020240724065004.0f77c1b7	cpe:/a:redhat:rhel_eus:8.8	RHSA-2024:5194	2024-08-12T00:00:00Z
Red Hat Enterprise Linux 9
podman-4:4.9.4-10.el9_4	cpe:/a:redhat:enterprise_linux:9	RHSA-2024:6194	2024-09-03T00:00:00Z
skopeo-2:1.16.1-1.el9	cpe:/a:redhat:enterprise_linux:9	RHSA-2024:9098	2024-11-12T00:00:00Z
grafana-0:10.2.6-4.el9	cpe:/a:redhat:enterprise_linux:9	RHSA-2024:9115	2024-11-12T00:00:00Z
Red Hat Enterprise Linux 9.2 Extended Update Support
podman-2:4.4.1-20.el9_2	cpe:/a:redhat:rhel_eus:9.2	RHSA-2024:5634	2024-08-20T00:00:00Z
Red Hat OpenShift Container Platform 4.12
openshift4/ose-sriov-network-webhook:v4.12.0-202408091241.p0.g83b800f.assembly.stream.el8	cpe:/a:redhat:openshift:4.12::el8	RHSA-2024:5199	2024-08-19T00:00:00Z
openshift4/ose-cloud-credential-operator:v4.12.0-202408072203.p0.g6de9c4e.assembly.stream.el8	cpe:/a:redhat:openshift:4.12::el8	RHSA-2024:5200	2024-08-19T00:00:00Z
openshift4/ose-cluster-image-registry-operator:v4.12.0-202408071159.p0.g77fd1a9.assembly.stream.el8	cpe:/a:redhat:openshift:4.12::el8	RHSA-2024:5200	2024-08-19T00:00:00Z
openshift4/ose-ibm-vpc-block-csi-driver-operator-rhel8:v4.12.0-202408071159.p0.gf2b726d.assembly.stream.el8	cpe:/a:redhat:openshift:4.12::el8	RHSA-2024:5200	2024-08-19T00:00:00Z
openshift4/ose-ibm-vpc-block-csi-driver-rhel8:v4.12.0-202408071159.p0.g921509f.assembly.stream.el8	cpe:/a:redhat:openshift:4.12::el8	RHSA-2024:5200	2024-08-19T00:00:00Z
openshift4/ose-azure-cluster-api-controllers-rhel8:v4.12.0-202408220304.p0.ga1b2a37.assembly.stream.el8	cpe:/a:redhat:openshift:4.12::el8	RHSA-2024:5808	2024-08-29T00:00:00Z
openshift4/ose-installer:v4.12.0-202409040731.p0.g798aeaa.assembly.stream.el8	cpe:/a:redhat:openshift:4.12::el8	RHSA-2024:6642	2024-09-18T00:00:00Z
Red Hat OpenShift Container Platform 4.13
openshift4/ose-cloud-credential-operator:v4.13.0-202407192107.p0.g73ecd48.assembly.stream.el8	cpe:/a:redhat:openshift:4.13::el8	RHSA-2024:4846	2024-07-31T00:00:00Z
openshift4/ose-cluster-image-registry-operator:v4.13.0-202407221409.p0.g19ee668.assembly.stream.el8	cpe:/a:redhat:openshift:4.13::el8	RHSA-2024:4846	2024-07-31T00:00:00Z
openshift4/ose-ibm-vpc-block-csi-driver-operator-rhel8:v4.13.0-202407182339.p0.g4c23f81.assembly.stream.el8	cpe:/a:redhat:openshift:4.13::el8	RHSA-2024:4846	2024-07-31T00:00:00Z
openshift4/ose-ibm-vpc-block-csi-driver-rhel8:v4.13.0-202407182137.p0.g54aaeff.assembly.stream.el8	cpe:/a:redhat:openshift:4.13::el8	RHSA-2024:4846	2024-07-31T00:00:00Z
openshift4/ose-ibm-vpc-node-label-updater-rhel8:v4.13.0-202407221109.p0.gb819827.assembly.stream.el8	cpe:/a:redhat:openshift:4.13::el8	RHSA-2024:4846	2024-07-31T00:00:00Z
openshift4/ose-azure-cluster-api-controllers-rhel8:v4.13.0-202408131940.p0.g3f757a8.assembly.stream.el8	cpe:/a:redhat:openshift:4.13::el8	RHSA-2024:5444	2024-08-22T00:00:00Z
openshift4/ose-powervs-block-csi-driver-rhel8:v4.13.0-202408131940.p0.g16fa555.assembly.stream.el8	cpe:/a:redhat:openshift:4.13::el8	RHSA-2024:5444	2024-08-22T00:00:00Z
podman-3:4.4.1-13.rhaos4.13.el9	cpe:/a:redhat:openshift:4.13::el8	RHSA-2024:5446	2024-08-22T00:00:00Z
openshift4/ose-installer:v4.13.0-202408280339.p0.g1b2041c.assembly.stream.el8	cpe:/a:redhat:openshift:4.13::el8	RHSA-2024:6009	2024-09-04T00:00:00Z
openshift4/ose-hypershift-rhel8:v4.13.0-202409142105.p0.g6daddee.assembly.stream.el8	cpe:/a:redhat:openshift:4.13::el8	RHSA-2024:6811	2024-09-25T00:00:00Z
openshift4/ose-ibmcloud-machine-controllers-rhel8:v4.13.0-202502010028.p0.g4698265.assembly.stream.el8	cpe:/a:redhat:openshift:4.13::el8	RHSA-2025:1116	2025-02-13T00:00:00Z
Red Hat OpenShift Container Platform 4.14
openshift4/ose-cluster-image-registry-operator:v4.14.0-202407041041.p0.g5e20c16.assembly.stream.el8	cpe:/a:redhat:openshift:4.14::el8	RHSA-2024:4479	2024-07-17T00:00:00Z
openshift4/ose-cloud-credential-operator:v4.14.0-202407301840.p0.g7a5d12e.assembly.stream.el8	cpe:/a:redhat:openshift:4.14::el8	RHSA-2024:4960	2024-08-07T00:00:00Z
openshift4/ose-ibm-vpc-block-csi-driver-operator-rhel8:v4.14.0-202407120310.p0.g620220e.assembly.stream.el8	cpe:/a:redhat:openshift:4.14::el8	RHSA-2024:4960	2024-08-07T00:00:00Z
openshift4/ose-ibm-vpc-block-csi-driver-rhel8:v4.14.0-202407161139.p0.gea2bc15.assembly.stream.el8	cpe:/a:redhat:openshift:4.14::el8	RHSA-2024:4960	2024-08-07T00:00:00Z
openshift4/ose-ibm-vpc-node-label-updater-rhel8:v4.14.0-202407191039.p0.gda6823b.assembly.stream.el8	cpe:/a:redhat:openshift:4.14::el8	RHSA-2024:4960	2024-08-07T00:00:00Z
podman-3:4.4.1-16.4.rhaos4.14.el9	cpe:/a:redhat:openshift:4.14::el8	RHSA-2024:4963	2024-08-07T00:00:00Z
openshift4/ose-azure-cluster-api-controllers-rhel8:v4.14.0-202408081241.p0.g8c2203f.assembly.stream.el8	cpe:/a:redhat:openshift:4.14::el8	RHSA-2024:5433	2024-08-22T00:00:00Z
openshift4/ose-powervs-block-csi-driver-rhel8:v4.14.0-202408081513.p0.g988f710.assembly.stream.el8	cpe:/a:redhat:openshift:4.14::el8	RHSA-2024:5433	2024-08-22T00:00:00Z
openshift4/ose-installer:v4.14.0-202409031910.p0.ga8c1414.assembly.stream.el8	cpe:/a:redhat:openshift:4.14::el8	RHSA-2024:6406	2024-09-11T00:00:00Z
openshift4/ose-hypershift-rhel8:v4.14.0-202409250538.p0.gd8f8831.assembly.stream.el8	cpe:/a:redhat:openshift:4.14::el8	RHSA-2024:7184	2024-10-03T00:00:00Z
openshift4/ose-ibmcloud-machine-controllers-rhel8:v4.14.0-202412200205.p0.ga63c6aa.assembly.stream.el8	cpe:/a:redhat:openshift:4.14::el8	RHSA-2025:0029	2025-01-09T00:00:00Z
Red Hat OpenShift Container Platform 4.15
openshift4/ose-cloud-credential-operator:v4.15.0-202407181606.p0.gf8455ca.assembly.stream.el8	cpe:/a:redhat:openshift:4.15::el8	RHSA-2024:4699	2024-07-25T00:00:00Z
openshift4/ose-ibm-vpc-block-csi-driver-operator-rhel8:v4.15.0-202407111437.p0.gdf0f1f6.assembly.stream.el8	cpe:/a:redhat:openshift:4.15::el8	RHSA-2024:4699	2024-07-25T00:00:00Z
openshift4/ose-ibm-vpc-block-csi-driver-rhel9:v4.15.0-202407151106.p0.g81877ac.assembly.stream.el9	cpe:/a:redhat:openshift:4.15::el8	RHSA-2024:4699	2024-07-25T00:00:00Z
openshift4/ose-ibm-vpc-node-label-updater-rhel9:v4.15.0-202407160936.p0.g5d72ced.assembly.stream.el9	cpe:/a:redhat:openshift:4.15::el8	RHSA-2024:4699	2024-07-25T00:00:00Z
podman-3:4.4.1-26.2.rhaos4.15.el8	cpe:/a:redhat:openshift:4.15::el8	RHSA-2024:4853	2024-07-31T00:00:00Z
openshift4/ose-installer:v4.15.0-202408060439.p0.g950491f.assembly.stream.el8	cpe:/a:redhat:openshift:4.15::el8	RHSA-2024:5160	2024-08-15T00:00:00Z
openshift4/ose-powervs-block-csi-driver-rhel9:v4.15.0-202408060439.p0.g38bee56.assembly.stream.el9	cpe:/a:redhat:openshift:4.15::el8	RHSA-2024:5160	2024-08-15T00:00:00Z
openshift4/ose-ibmcloud-machine-controllers-rhel9:v4.15.0-202412120304.p0.g6846b9a.assembly.stream.el9	cpe:/a:redhat:openshift:4.15::el9	RHSA-2024:11562	2025-01-02T00:00:00Z
openshift4/ose-azure-cluster-api-controllers-rhel9:v4.15.0-202407020237.p0.g44832d2.assembly.stream.el9	cpe:/a:redhat:openshift:4.15::el9	RHSA-2024:4321	2024-07-10T00:00:00Z
openshift4/ose-cluster-image-registry-rhel9-operator:v4.15.0-202407031137.p0.g8740a71.assembly.stream.el9	cpe:/a:redhat:openshift:4.15::el9	RHSA-2024:4321	2024-07-10T00:00:00Z
openshift4/ose-hypershift-rhel9:v4.15.0-202409041437.p0.gf2684bc.assembly.stream.el9	cpe:/a:redhat:openshift:4.15::el9	RHSA-2024:6409	2024-09-11T00:00:00Z
Red Hat OpenShift Container Platform 4.16
podman-4:4.9.4-9.rhaos4.16.el9	cpe:/a:redhat:openshift:4.16::el8	RHSA-2024:4858	2024-07-31T00:00:00Z
openshift4/ose-ibmcloud-machine-controllers-rhel9:v4.16.0-202412021934.p0.gd29506e.assembly.stream.el9	cpe:/a:redhat:openshift:4.16::el9	RHSA-2024:10823	2024-12-12T00:00:00Z
openshift4/ose-azure-cluster-api-controllers-rhel9:v4.16.0-202407030803.p0.ga81e3b3.assembly.stream.el9	cpe:/a:redhat:openshift:4.16::el9	RHSA-2024:4316	2024-07-09T00:00:00Z
openshift4/ose-cluster-image-registry-rhel9-operator:v4.16.0-202407030803.p0.g335c914.assembly.stream.el9	cpe:/a:redhat:openshift:4.16::el9	RHSA-2024:4316	2024-07-09T00:00:00Z
openshift4/ose-ibm-vpc-block-csi-driver-rhel9:v4.16.0-202407031636.p0.g32b4c00.assembly.stream.el9	cpe:/a:redhat:openshift:4.16::el9	RHSA-2024:4469	2024-07-16T00:00:00Z
openshift4/ose-ibm-vpc-block-csi-driver-rhel9-operator:v4.16.0-202407031636.p0.g34fc9a4.assembly.stream.el9	cpe:/a:redhat:openshift:4.16::el9	RHSA-2024:4469	2024-07-16T00:00:00Z
openshift4/ose-cloud-credential-rhel9-operator:v4.16.0-202407142206.p0.gfffc75d.assembly.stream.el9	cpe:/a:redhat:openshift:4.16::el9	RHSA-2024:4613	2024-07-24T00:00:00Z
openshift4/ose-installer-rhel9:v4.16.0-202407161505.p0.g41969e2.assembly.stream.el9	cpe:/a:redhat:openshift:4.16::el9	RHSA-2024:4613	2024-07-24T00:00:00Z
openshift4/ose-powervs-cloud-controller-manager-rhel9:v4.16.0-202407300708.p0.g20e6dc7.assembly.stream.el9	cpe:/a:redhat:openshift:4.16::el9	RHSA-2024:4965	2024-08-06T00:00:00Z
openshift4/ose-prometheus-rhel9:v4.16.0-202407261437.p0.gbc04420.assembly.stream.el9	cpe:/a:redhat:openshift:4.16::el9	RHSA-2024:4965	2024-08-06T00:00:00Z
openshift4/ose-powervs-block-csi-driver-rhel9:v4.16.0-202408010610.p0.g26162ba.assembly.stream.el9	cpe:/a:redhat:openshift:4.16::el9	RHSA-2024:5107	2024-08-13T00:00:00Z
openshift4/ose-hypershift-rhel9:v4.16.0-202408281556.p0.g469fb1e.assembly.stream.el9	cpe:/a:redhat:openshift:4.16::el9	RHSA-2024:6004	2024-09-03T00:00:00Z
Red Hat OpenShift Container Platform 4.17
podman-4:5.2.0-3.rhaos4.17.el8	cpe:/a:redhat:openshift:4.17::el8	RHSA-2024:3722	2024-10-01T00:00:00Z
skopeo-2:1.16.0-2.rhaos4.17.el9	cpe:/a:redhat:openshift:4.17::el8	RHSA-2024:3722	2024-10-01T00:00:00Z
openshift4/ose-ibmcloud-machine-controllers-rhel9:v4.17.0-202411251634.p0.g238348d.assembly.stream.el9	cpe:/a:redhat:openshift:4.17::el9	RHSA-2024:10518	2024-12-03T00:00:00Z
Red Hat OpenShift Container Platform 4.18
openshift4/ose-cluster-ingress-rhel9-operator:v4.18.0-202501230001.p0.g8be1749.assembly.stream.el9	cpe:/a:redhat:openshift:4.18::el9	RHSA-2024:6122	2025-02-25T00:00:00Z
Red Hat OpenShift GitOps 1.12
openshift-gitops-1/argocd-rhel8:v1.12.6-2	cpe:/a:redhat:openshift_gitops:1.12::el8	RHSA-2024:8677	2024-10-30T00:00:00Z
openshift-gitops-1/argo-rollouts-rhel8:v1.12.6-2	cpe:/a:redhat:openshift_gitops:1.12::el8	RHSA-2024:8677	2024-10-30T00:00:00Z
openshift-gitops-1/console-plugin-rhel8:v1.12.6-2	cpe:/a:redhat:openshift_gitops:1.12::el8	RHSA-2024:8677	2024-10-30T00:00:00Z
openshift-gitops-1/dex-rhel8:v1.12.6-2	cpe:/a:redhat:openshift_gitops:1.12::el8	RHSA-2024:8677	2024-10-30T00:00:00Z
openshift-gitops-1/gitops-operator-bundle:v1.12.6-2	cpe:/a:redhat:openshift_gitops:1.12::el8	RHSA-2024:8677	2024-10-30T00:00:00Z
openshift-gitops-1/gitops-rhel8:v1.12.6-2	cpe:/a:redhat:openshift_gitops:1.12::el8	RHSA-2024:8677	2024-10-30T00:00:00Z
openshift-gitops-1/gitops-rhel8-operator:v1.12.6-2	cpe:/a:redhat:openshift_gitops:1.12::el8	RHSA-2024:8677	2024-10-30T00:00:00Z
openshift-gitops-1/kam-delivery-rhel8:v1.12.6-2	cpe:/a:redhat:openshift_gitops:1.12::el8	RHSA-2024:8677	2024-10-30T00:00:00Z
openshift-gitops-1/must-gather-rhel8:v1.12.6-2	cpe:/a:redhat:openshift_gitops:1.12::el8	RHSA-2024:8677	2024-10-30T00:00:00Z
Red Hat OpenShift GitOps 1.12 - RHEL 9
openshift-gitops-argocd-rhel9-container-v1.12.6-1	cpe:/a:redhat:openshift_gitops:1.12::el9	RHSA-2024:8677	2024-10-30T00:00:00Z
RHODF-4.13-RHEL-9
odf4/cephcsi-rhel9:v4.13.12-2	cpe:/a:redhat:openshift_data_foundation:4.13::el9	RHSA-2024:7744	2024-10-07T00:00:00Z
RHODF-4.14-RHEL-9
odf4/cephcsi-rhel9:v4.14.11-2	cpe:/a:redhat:openshift_data_foundation:4.14::el9	RHSA-2024:7624	2024-10-03T00:00:00Z
odf4/ocs-rhel9-operator:v4.14.16-2	cpe:/a:redhat:openshift_data_foundation:4.14::el9	RHSA-2025:1866	2025-02-26T00:00:00Z
odf4/odf-rhel9-operator:v4.14.16-2	cpe:/a:redhat:openshift_data_foundation:4.14::el9	RHSA-2025:1866	2025-02-26T00:00:00Z
RHODF-4.15-RHEL-9
odf4/ocs-rhel9-operator:v4.15.12-1	cpe:/a:redhat:openshift_data_foundation:4.15::el9	RHSA-2025:1865	2025-02-26T00:00:00Z
odf4/odf-rhel9-operator:v4.15.12-1	cpe:/a:redhat:openshift_data_foundation:4.15::el9	RHSA-2025:1865	2025-02-26T00:00:00Z
RHODF-4.16-RHEL-9
odf4/mcg-rhel9-operator:v4.16.1-3	cpe:/a:redhat:openshift_data_foundation:4.16::el9	RHSA-2024:5547	2024-08-19T00:00:00Z
odf4/odf-cli-rhel9:v4.16.1-3	cpe:/a:redhat:openshift_data_foundation:4.16::el9	RHSA-2024:5547	2024-08-19T00:00:00Z
odf4/odf-multicluster-rhel9-operator:v4.16.1-1	cpe:/a:redhat:openshift_data_foundation:4.16::el9	RHSA-2024:5547	2024-08-19T00:00:00Z
odf4/cephcsi-rhel9:v4.16.2-2	cpe:/a:redhat:openshift_data_foundation:4.16::el9	RHSA-2024:6755	2024-09-18T00:00:00Z
odf4/odf-cli-rhel9:v4.16.2-2	cpe:/a:redhat:openshift_data_foundation:4.16::el9	RHSA-2024:6755	2024-09-18T00:00:00Z
odf4/rook-ceph-rhel9-operator:v4.16.2-3	cpe:/a:redhat:openshift_data_foundation:4.16::el9	RHSA-2024:6755	2024-09-18T00:00:00Z
odf4/ocs-rhel9-operator:v4.16.8-1	cpe:/a:redhat:openshift_data_foundation:4.16::el9	RHSA-2025:1829	2025-02-25T00:00:00Z
odf4/odf-rhel9-operator:v4.16.8-1	cpe:/a:redhat:openshift_data_foundation:4.16::el9	RHSA-2025:1829	2025-02-25T00:00:00Z
RHOL-5.6-RHEL-8
openshift-logging/cluster-logging-operator-bundle:v5.6.24-7	cpe:/a:redhat:logging:5.6::el8	RHSA-2024:7323	2024-10-07T00:00:00Z
openshift-logging/cluster-logging-rhel8-operator:v5.6.24-2	cpe:/a:redhat:logging:5.6::el8	RHSA-2024:7323	2024-10-07T00:00:00Z
openshift-logging/elasticsearch6-rhel8:v6.8.1-440	cpe:/a:redhat:logging:5.6::el8	RHSA-2024:7323	2024-10-07T00:00:00Z
openshift-logging/elasticsearch-operator-bundle:v5.6.24-9	cpe:/a:redhat:logging:5.6::el8	RHSA-2024:7323	2024-10-07T00:00:00Z
openshift-logging/elasticsearch-proxy-rhel8:v1.0.0-515	cpe:/a:redhat:logging:5.6::el8	RHSA-2024:7323	2024-10-07T00:00:00Z
openshift-logging/elasticsearch-rhel8-operator:v5.6.24-2	cpe:/a:redhat:logging:5.6::el8	RHSA-2024:7323	2024-10-07T00:00:00Z
openshift-logging/eventrouter-rhel8:v0.4.0-300	cpe:/a:redhat:logging:5.6::el8	RHSA-2024:7323	2024-10-07T00:00:00Z
openshift-logging/fluentd-rhel8:v1.14.6-228	cpe:/a:redhat:logging:5.6::el8	RHSA-2024:7323	2024-10-07T00:00:00Z
openshift-logging/kibana6-rhel8:v6.8.1-460	cpe:/a:redhat:logging:5.6::el8	RHSA-2024:7323	2024-10-07T00:00:00Z
openshift-logging/log-file-metric-exporter-rhel8:v1.1.0-281	cpe:/a:redhat:logging:5.6::el8	RHSA-2024:7323	2024-10-07T00:00:00Z
openshift-logging/logging-curator5-rhel8:v5.8.1-523	cpe:/a:redhat:logging:5.6::el8	RHSA-2024:7323	2024-10-07T00:00:00Z
openshift-logging/logging-loki-rhel8:v3.1.1-11	cpe:/a:redhat:logging:5.6::el8	RHSA-2024:7323	2024-10-07T00:00:00Z
openshift-logging/logging-view-plugin-rhel8:v5.6.24-3	cpe:/a:redhat:logging:5.6::el8	RHSA-2024:7323	2024-10-07T00:00:00Z
openshift-logging/loki-operator-bundle:v5.6.24-18	cpe:/a:redhat:logging:5.6::el8	RHSA-2024:7323	2024-10-07T00:00:00Z
openshift-logging/loki-rhel8-operator:v5.6.24-7	cpe:/a:redhat:logging:5.6::el8	RHSA-2024:7323	2024-10-07T00:00:00Z
openshift-logging/lokistack-gateway-rhel8:v0.1.0-652	cpe:/a:redhat:logging:5.6::el8	RHSA-2024:7323	2024-10-07T00:00:00Z
openshift-logging/opa-openshift-rhel8:v0.1.0-287	cpe:/a:redhat:logging:5.6::el8	RHSA-2024:7323	2024-10-07T00:00:00Z
openshift-logging/vector-rhel8:v0.21.0-138	cpe:/a:redhat:logging:5.6::el8	RHSA-2024:7323	2024-10-07T00:00:00Z
RHOL-5.8-RHEL-9
openshift-logging/cluster-logging-operator-bundle:v5.8.13-15	cpe:/a:redhat:logging:5.8::el9	RHSA-2024:7237	2024-09-26T00:00:00Z
openshift-logging/cluster-logging-rhel9-operator:v5.8.13-7	cpe:/a:redhat:logging:5.8::el9	RHSA-2024:7237	2024-09-26T00:00:00Z
openshift-logging/elasticsearch6-rhel9:v6.8.1-438	cpe:/a:redhat:logging:5.8::el9	RHSA-2024:7237	2024-09-26T00:00:00Z
openshift-logging/elasticsearch-operator-bundle:v5.8.13-13	cpe:/a:redhat:logging:5.8::el9	RHSA-2024:7237	2024-09-26T00:00:00Z
openshift-logging/elasticsearch-proxy-rhel9:v1.0.0-513	cpe:/a:redhat:logging:5.8::el9	RHSA-2024:7237	2024-09-26T00:00:00Z
openshift-logging/elasticsearch-rhel9-operator:v5.8.13-5	cpe:/a:redhat:logging:5.8::el9	RHSA-2024:7237	2024-09-26T00:00:00Z
openshift-logging/eventrouter-rhel9:v0.4.0-296	cpe:/a:redhat:logging:5.8::el9	RHSA-2024:7237	2024-09-26T00:00:00Z
openshift-logging/fluentd-rhel9:v5.8.13-3	cpe:/a:redhat:logging:5.8::el9	RHSA-2024:7237	2024-09-26T00:00:00Z
openshift-logging/log-file-metric-exporter-rhel9:v1.1.0-277	cpe:/a:redhat:logging:5.8::el9	RHSA-2024:7237	2024-09-26T00:00:00Z
openshift-logging/logging-curator5-rhel9:v5.8.1-521	cpe:/a:redhat:logging:5.8::el9	RHSA-2024:7237	2024-09-26T00:00:00Z
openshift-logging/logging-loki-rhel9:v3.1.1-7	cpe:/a:redhat:logging:5.8::el9	RHSA-2024:7237	2024-09-26T00:00:00Z
openshift-logging/logging-view-plugin-rhel9:v5.8.13-4	cpe:/a:redhat:logging:5.8::el9	RHSA-2024:7237	2024-09-26T00:00:00Z
openshift-logging/loki-operator-bundle:v5.8.13-17	cpe:/a:redhat:logging:5.8::el9	RHSA-2024:7237	2024-09-26T00:00:00Z
openshift-logging/loki-rhel9-operator:v5.8.13-6	cpe:/a:redhat:logging:5.8::el9	RHSA-2024:7237	2024-09-26T00:00:00Z
openshift-logging/lokistack-gateway-rhel9:v0.1.0-649	cpe:/a:redhat:logging:5.8::el9	RHSA-2024:7237	2024-09-26T00:00:00Z
openshift-logging/opa-openshift-rhel9:v0.1.0-284	cpe:/a:redhat:logging:5.8::el9	RHSA-2024:7237	2024-09-26T00:00:00Z
openshift-logging/vector-rhel9:v0.28.1-76	cpe:/a:redhat:logging:5.8::el9	RHSA-2024:7237	2024-09-26T00:00:00Z
RHOL-5.9-RHEL-9
openshift-logging/cluster-logging-operator-bundle:v5.9.7-11	cpe:/a:redhat:logging:5.9::el9	RHSA-2024:7324	2024-10-02T00:00:00Z
openshift-logging/cluster-logging-rhel9-operator:v5.9.7-6	cpe:/a:redhat:logging:5.9::el9	RHSA-2024:7324	2024-10-02T00:00:00Z
openshift-logging/eventrouter-rhel9:v0.4.0-301	cpe:/a:redhat:logging:5.9::el9	RHSA-2024:7324	2024-10-02T00:00:00Z
openshift-logging/fluentd-rhel9:v5.9.7-3	cpe:/a:redhat:logging:5.9::el9	RHSA-2024:7324	2024-10-02T00:00:00Z
openshift-logging/log-file-metric-exporter-rhel9:v1.1.0-282	cpe:/a:redhat:logging:5.9::el9	RHSA-2024:7324	2024-10-02T00:00:00Z
openshift-logging/logging-loki-rhel9:v3.1.1-10	cpe:/a:redhat:logging:5.9::el9	RHSA-2024:7324	2024-10-02T00:00:00Z
openshift-logging/logging-view-plugin-rhel9:v5.9.7-5	cpe:/a:redhat:logging:5.9::el9	RHSA-2024:7324	2024-10-02T00:00:00Z
openshift-logging/loki-operator-bundle:v5.9.7-16	cpe:/a:redhat:logging:5.9::el9	RHSA-2024:7324	2024-10-02T00:00:00Z
openshift-logging/loki-rhel9-operator:v5.9.7-7	cpe:/a:redhat:logging:5.9::el9	RHSA-2024:7324	2024-10-02T00:00:00Z
openshift-logging/lokistack-gateway-rhel9:v0.1.0-653	cpe:/a:redhat:logging:5.9::el9	RHSA-2024:7324	2024-10-02T00:00:00Z
openshift-logging/opa-openshift-rhel9:v0.1.0-288	cpe:/a:redhat:logging:5.9::el9	RHSA-2024:7324	2024-10-02T00:00:00Z
openshift-logging/vector-rhel9:v0.34.1-19	cpe:/a:redhat:logging:5.9::el9	RHSA-2024:7324	2024-10-02T00:00:00Z
RHOL-6.0-RHEL-9
openshift-logging/logging-loki-rhel9:v3.2.0-12	cpe:/a:redhat:logging:6.0::el9	RHSA-2024:8314	2024-10-23T00:00:00Z
RHOSS-1.33-RHEL-8
openshift-serverless-1/client-kn-rhel8:1.12.0-6	cpe:/a:redhat:openshift_serverless:1.33::el8	RHSA-2024:4872	2024-07-25T00:00:00Z
openshift-serverless-1/eventing-apiserver-receive-adapter-rhel8:1.12.0-7	cpe:/a:redhat:openshift_serverless:1.33::el8	RHSA-2024:4872	2024-07-25T00:00:00Z
openshift-serverless-1/eventing-controller-rhel8:1.12.0-7	cpe:/a:redhat:openshift_serverless:1.33::el8	RHSA-2024:4872	2024-07-25T00:00:00Z
openshift-serverless-1/eventing-in-memory-channel-controller-rhel8:1.12.0-7	cpe:/a:redhat:openshift_serverless:1.33::el8	RHSA-2024:4872	2024-07-25T00:00:00Z
openshift-serverless-1/eventing-in-memory-channel-dispatcher-rhel8:1.12.0-7	cpe:/a:redhat:openshift_serverless:1.33::el8	RHSA-2024:4872	2024-07-25T00:00:00Z
openshift-serverless-1/eventing-istio-controller-rhel8:1.12.0-5	cpe:/a:redhat:openshift_serverless:1.33::el8	RHSA-2024:4872	2024-07-25T00:00:00Z
openshift-serverless-1/eventing-kafka-broker-controller-rhel8:1.12.0-6	cpe:/a:redhat:openshift_serverless:1.33::el8	RHSA-2024:4872	2024-07-25T00:00:00Z
openshift-serverless-1/eventing-kafka-broker-dispatcher-rhel8:1.12.0-6	cpe:/a:redhat:openshift_serverless:1.33::el8	RHSA-2024:4872	2024-07-25T00:00:00Z
openshift-serverless-1/eventing-kafka-broker-post-install-rhel8:1.12.0-6	cpe:/a:redhat:openshift_serverless:1.33::el8	RHSA-2024:4872	2024-07-25T00:00:00Z
openshift-serverless-1/eventing-kafka-broker-receiver-rhel8:1.12.0-6	cpe:/a:redhat:openshift_serverless:1.33::el8	RHSA-2024:4872	2024-07-25T00:00:00Z
openshift-serverless-1/eventing-kafka-broker-webhook-rhel8:1.12.0-6	cpe:/a:redhat:openshift_serverless:1.33::el8	RHSA-2024:4872	2024-07-25T00:00:00Z
openshift-serverless-1/eventing-mtbroker-filter-rhel8:1.12.0-7	cpe:/a:redhat:openshift_serverless:1.33::el8	RHSA-2024:4872	2024-07-25T00:00:00Z
openshift-serverless-1/eventing-mtbroker-ingress-rhel8:1.12.0-7	cpe:/a:redhat:openshift_serverless:1.33::el8	RHSA-2024:4872	2024-07-25T00:00:00Z
openshift-serverless-1/eventing-mtchannel-broker-rhel8:1.12.0-7	cpe:/a:redhat:openshift_serverless:1.33::el8	RHSA-2024:4872	2024-07-25T00:00:00Z
openshift-serverless-1/eventing-mtping-rhel8:1.12.0-7	cpe:/a:redhat:openshift_serverless:1.33::el8	RHSA-2024:4872	2024-07-25T00:00:00Z
openshift-serverless-1/eventing-storage-version-migration-rhel8:1.12.0-7	cpe:/a:redhat:openshift_serverless:1.33::el8	RHSA-2024:4872	2024-07-25T00:00:00Z
openshift-serverless-1/eventing-webhook-rhel8:1.12.0-7	cpe:/a:redhat:openshift_serverless:1.33::el8	RHSA-2024:4872	2024-07-25T00:00:00Z
openshift-serverless-1/func-utils-rhel8:1.33.1-1	cpe:/a:redhat:openshift_serverless:1.33::el8	RHSA-2024:4872	2024-07-25T00:00:00Z
openshift-serverless-1/ingress-rhel8-operator:1.33.1-2	cpe:/a:redhat:openshift_serverless:1.33::el8	RHSA-2024:4872	2024-07-25T00:00:00Z
openshift-serverless-1/knative-rhel8-operator:1.33.1-2	cpe:/a:redhat:openshift_serverless:1.33::el8	RHSA-2024:4872	2024-07-25T00:00:00Z
openshift-serverless-1/kn-cli-artifacts-rhel8:1.12.0-6	cpe:/a:redhat:openshift_serverless:1.33::el8	RHSA-2024:4872	2024-07-25T00:00:00Z
openshift-serverless-1/kourier-control-rhel8:1.12.0-5	cpe:/a:redhat:openshift_serverless:1.33::el8	RHSA-2024:4872	2024-07-25T00:00:00Z
openshift-serverless-1/net-istio-controller-rhel8:1.12.0-5	cpe:/a:redhat:openshift_serverless:1.33::el8	RHSA-2024:4872	2024-07-25T00:00:00Z
openshift-serverless-1/net-istio-webhook-rhel8:1.12.0-5	cpe:/a:redhat:openshift_serverless:1.33::el8	RHSA-2024:4872	2024-07-25T00:00:00Z
openshift-serverless-1/serverless-operator-bundle:1.33.1-2	cpe:/a:redhat:openshift_serverless:1.33::el8	RHSA-2024:4872	2024-07-25T00:00:00Z
openshift-serverless-1/serverless-rhel8-operator:1.33.1-2	cpe:/a:redhat:openshift_serverless:1.33::el8	RHSA-2024:4872	2024-07-25T00:00:00Z
openshift-serverless-1/serving-activator-rhel8:1.12.0-5	cpe:/a:redhat:openshift_serverless:1.33::el8	RHSA-2024:4872	2024-07-25T00:00:00Z
openshift-serverless-1/serving-autoscaler-hpa-rhel8:1.12.0-5	cpe:/a:redhat:openshift_serverless:1.33::el8	RHSA-2024:4872	2024-07-25T00:00:00Z
openshift-serverless-1/serving-autoscaler-rhel8:1.12.0-5	cpe:/a:redhat:openshift_serverless:1.33::el8	RHSA-2024:4872	2024-07-25T00:00:00Z
openshift-serverless-1/serving-controller-rhel8:1.12.0-5	cpe:/a:redhat:openshift_serverless:1.33::el8	RHSA-2024:4872	2024-07-25T00:00:00Z
openshift-serverless-1/serving-queue-rhel8:1.12.0-5	cpe:/a:redhat:openshift_serverless:1.33::el8	RHSA-2024:4872	2024-07-25T00:00:00Z
openshift-serverless-1/serving-storage-version-migration-rhel8:1.12.0-5	cpe:/a:redhat:openshift_serverless:1.33::el8	RHSA-2024:4872	2024-07-25T00:00:00Z
openshift-serverless-1/serving-webhook-rhel8:1.12.0-5	cpe:/a:redhat:openshift_serverless:1.33::el8	RHSA-2024:4872	2024-07-25T00:00:00Z
openshift-serverless-1/svls-must-gather-rhel8:1.33.1-1	cpe:/a:redhat:openshift_serverless:1.33::el8	RHSA-2024:4872	2024-07-25T00:00:00Z
openshift-serverless-1-tech-preview/backstage-plugins-eventmesh-rhel8:1.33.1-1	cpe:/a:redhat:openshift_serverless:1.33::el8	RHSA-2024:4872	2024-07-25T00:00:00Z
openshift-serverless-1-tech-preview/knative-client-plugin-event-sender-rhel8:1.12.0-6	cpe:/a:redhat:openshift_serverless:1.33::el8	RHSA-2024:4872	2024-07-25T00:00:00Z
cert-manager operator for Red Hat OpenShift 1.14
registry.redhat.io/cert-manager/jetstack-cert-manager-rhel9:sha256:d2b37ee05356f9b32b677c0edecf9b942ec5102655715a067dc35279c597dd9e	cpe:/a:redhat:cert_manager:1.14::el9	RHSA-2025:3714	2025-04-08T00:00:00Z
cert-manager operator for Red Hat OpenShift 1.15
registry.redhat.io/cert-manager/jetstack-cert-manager-acmesolver-rhel9:sha256:c1f40166786adbd77027d0dc210e8fcd0320e9f2d3b9a3df6f6ab27a46c8ade1	cpe:/a:redhat:cert_manager:1.15::el9	RHSA-2025:0536	2025-01-21T00:00:00Z
registry.redhat.io/cert-manager/jetstack-cert-manager-rhel9:sha256:30d0113003152532d29a845550a78454a1f88099e90b475711ab74901560c67e	cpe:/a:redhat:cert_manager:1.15::el9	RHSA-2025:0536	2025-01-21T00:00:00Z

References

Link	Providers
https://discuss.hashicorp.com/c/security
https://nvd.nist.gov/vuln/detail/CVE-2024-6104
https://www.cve.org/CVERecord?id=CVE-2024-6104

History

Wed, 09 Apr 2025 02:45:00 +0000

Type	Values Removed	Values Added
CPEs		cpe:/a:redhat:cert_manager:1.14::el9

Wed, 26 Feb 2025 14:45:00 +0000

Type	Values Removed	Values Added
CPEs		cpe:/a:redhat:openshift_data_foundation:4.15::el9

Tue, 25 Feb 2025 14:45:00 +0000

Type	Values Removed	Values Added
CPEs		cpe:/a:redhat:openshift:4.18::el9

Thu, 13 Feb 2025 00:45:00 +0000

Type	Values Removed	Values Added
First Time appeared		Redhat cert Manager
CPEs		cpe:/a:redhat:cert_manager:1.15::el9
Vendors & Products		Redhat cert Manager

Wed, 04 Dec 2024 02:30:00 +0000

Type	Values Removed	Values Added
CPEs		cpe:/a:redhat:openshift:4.17::el9

Thu, 31 Oct 2024 02:30:00 +0000

Type	Values Removed	Values Added
First Time appeared		Redhat openshift Gitops
CPEs		cpe:/a:redhat:openshift_gitops:1.12::el8 cpe:/a:redhat:openshift_gitops:1.12::el9
Vendors & Products		Redhat openshift Gitops

Thu, 24 Oct 2024 02:30:00 +0000

Type	Values Removed	Values Added
CPEs		cpe:/a:redhat:logging:6.0::el9

Tue, 15 Oct 2024 02:30:00 +0000

Type	Values Removed	Values Added
First Time appeared		Redhat cluster Observability Operator
CPEs		cpe:/a:redhat:cluster_observability_operator:0.4::el8
Vendors & Products		Redhat cluster Observability Operator

Tue, 08 Oct 2024 14:45:00 +0000

Type	Values Removed	Values Added
CPEs		cpe:/a:redhat:logging:5.6::el8

Tue, 08 Oct 2024 02:30:00 +0000

Type	Values Removed	Values Added
CPEs		cpe:/a:redhat:openshift_data_foundation:4.13::el9

Fri, 04 Oct 2024 15:00:00 +0000

Type	Values Removed	Values Added
CPEs		cpe:/a:redhat:openshift_data_foundation:4.14::el9

Thu, 03 Oct 2024 02:15:00 +0000

Type	Values Removed	Values Added
CPEs		cpe:/a:redhat:logging:5.9::el9

Tue, 01 Oct 2024 14:45:00 +0000

Type	Values Removed	Values Added
CPEs		cpe:/a:redhat:openshift:4.17::el8

Thu, 26 Sep 2024 23:00:00 +0000

Type	Values Removed	Values Added
First Time appeared		Redhat logging
CPEs		cpe:/a:redhat:logging:5.8::el9
Vendors & Products		Redhat logging

Wed, 18 Sep 2024 06:30:00 +0000

Type	Values Removed	Values Added
First Time appeared		Redhat multicluster Engine
CPEs		cpe:/a:redhat:multicluster_engine:2.5::el8
Vendors & Products		Redhat multicluster Engine

Fri, 06 Sep 2024 13:45:00 +0000

Type	Values Removed	Values Added
CPEs		cpe:/a:redhat:enterprise_linux:9

Fri, 30 Aug 2024 02:15:00 +0000

Type	Values Removed	Values Added
First Time appeared		Redhat advanced Cluster Security
CPEs		cpe:/a:redhat:advanced_cluster_security:4.4::el8
Vendors & Products		Redhat advanced Cluster Security

Tue, 20 Aug 2024 22:45:00 +0000

Type	Values Removed	Values Added
CPEs		cpe:/a:redhat:rhel_eus:9.2

Mon, 19 Aug 2024 22:30:00 +0000

Type	Values Removed	Values Added
First Time appeared		Redhat openshift Data Foundation
CPEs		cpe:/a:redhat:openshift:4.12::el8 cpe:/a:redhat:openshift_data_foundation:4.16::el9
Vendors & Products		Redhat openshift Data Foundation

Tue, 13 Aug 2024 22:45:00 +0000

Type	Values Removed	Values Added
First Time appeared		Redhat enterprise Linux
CPEs		cpe:/a:redhat:enterprise_linux:8
Vendors & Products		Redhat enterprise Linux

Mon, 12 Aug 2024 10:30:00 +0000

Type	Values Removed	Values Added
First Time appeared		Redhat rhel Eus
CPEs		cpe:/a:redhat:rhel_eus:8.8
Vendors & Products		Redhat rhel Eus

MITRE

Status: PUBLISHED

Assigner: HashiCorp

Published: 2024-06-24T17:06:21.150Z

Updated: 2024-08-01T21:33:04.395Z

Reserved: 2024-06-17T22:19:58.680Z

Link: CVE-2024-6104

Vulnrichment

Updated: 2024-08-01T21:33:04.395Z

NVD

Status : Modified

Published: 2024-06-24T17:15:11.087

Modified: 2024-11-21T09:48:58.263

Link: CVE-2024-6104

Redhat

Severity : Moderate

Publid Date: 2024-06-24T00:00:00Z

Links: CVE-2024-6104 - Bugzilla

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-6104", "assignerOrgId": "67fedba0-ff2e-4543-ba5b-aa93e87718cc", "state": "PUBLISHED", "assignerShortName": "HashiCorp", "dateReserved": "2024-06-17T22:19:58.680Z", "datePublished": "2024-06-24T17:06:21.150Z", "dateUpdated": "2024-08-01T21:33:04.395Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "platforms": ["64 bit", "32 bit", "x86", "ARM", "MacOS", "Windows", "Linux"], "product": "Shared library", "repo": "https://github.com/hashicorp/go-retryablehttp", "vendor": "HashiCorp", "versions": [{"lessThan": "0.7.7", "status": "affected", "version": "0", "versionType": "semver"}]}], "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "go-retryablehttp prior to 0.7.7 did not sanitize urls when writing them to its log file. This could lead to go-retryablehttp writing sensitive HTTP basic auth credentials to its log file. This vulnerability, CVE-2024-6104, was fixed in go-retryablehttp 0.7.7. "}], "value": "go-retryablehttp prior to 0.7.7 did not sanitize urls when writing them to its log file. This could lead to go-retryablehttp writing sensitive HTTP basic auth credentials to its log file. This vulnerability, CVE-2024-6104, was fixed in go-retryablehttp 0.7.7."}], "impacts": [{"capecId": "CAPEC-118", "descriptions": [{"lang": "en", "value": "CAPEC-118: Collect and Analyze Information"}]}], "metrics": [{"cvssV3_1": {"baseScore": 6, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-532", "description": "CWE-532: Insertion of Sensitive Information into Log File", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "67fedba0-ff2e-4543-ba5b-aa93e87718cc", "shortName": "HashiCorp", "dateUpdated": "2024-06-24T17:06:21.150Z"}, "references": [{"url": "https://discuss.hashicorp.com/c/security"}], "source": {"advisory": "HCSEC-2024-12", "discovery": "EXTERNAL"}, "title": "go-retryablehttp can leak basic auth credentials to log files"}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-06-24T19:19:22.878144Z", "id": "CVE-2024-6104", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-06-24T19:19:28.773Z"}}, {"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-01T21:33:04.395Z"}, "title": "CVE Program Container", "references": [{"url": "https://discuss.hashicorp.com/c/security", "tags": ["x_transferred"]}]}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://discuss.hashicorp.com/c/security", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-01T21:33:04.395Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-6104", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-06-24T19:19:22.878144Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-06-24T19:19:26.219Z"}}], "cna": {"title": "go-retryablehttp can leak basic auth credentials to log files", "source": {"advisory": "HCSEC-2024-12", "discovery": "EXTERNAL"}, "impacts": [{"capecId": "CAPEC-118", "descriptions": [{"lang": "en", "value": "CAPEC-118: Collect and Analyze Information"}]}], "metrics": [{"format": "CVSS", "cvssV3_1": {"version": "3.1", "baseScore": 6, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"repo": "https://github.com/hashicorp/go-retryablehttp", "vendor": "HashiCorp", "product": "Shared library", "versions": [{"status": "affected", "version": "0", "lessThan": "0.7.7", "versionType": "semver"}], "platforms": ["64 bit", "32 bit", "x86", "ARM", "MacOS", "Windows", "Linux"], "defaultStatus": "unaffected"}], "references": [{"url": "https://discuss.hashicorp.com/c/security"}], "descriptions": [{"lang": "en", "value": "go-retryablehttp prior to 0.7.7 did not sanitize urls when writing them to its log file. This could lead to go-retryablehttp writing sensitive HTTP basic auth credentials to its log file. This vulnerability, CVE-2024-6104, was fixed in go-retryablehttp 0.7.7.", "supportingMedia": [{"type": "text/html", "value": "go-retryablehttp prior to 0.7.7 did not sanitize urls when writing them to its log file. This could lead to go-retryablehttp writing sensitive HTTP basic auth credentials to its log file. This vulnerability, CVE-2024-6104, was fixed in go-retryablehttp 0.7.7. ", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-532", "description": "CWE-532: Insertion of Sensitive Information into Log File"}]}], "providerMetadata": {"orgId": "67fedba0-ff2e-4543-ba5b-aa93e87718cc", "shortName": "HashiCorp", "dateUpdated": "2024-06-24T17:06:21.150Z"}}}, "cveMetadata": {"cveId": "CVE-2024-6104", "state": "PUBLISHED", "dateUpdated": "2024-08-01T21:33:04.395Z", "dateReserved": "2024-06-17T22:19:58.680Z", "assignerOrgId": "67fedba0-ff2e-4543-ba5b-aa93e87718cc", "datePublished": "2024-06-24T17:06:21.150Z", "assignerShortName": "HashiCorp"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:hashicorp:retryablehttp:*:*:*:*:*:go:*:*", "matchCriteriaId": "0FCBD41E-84B7-4720-A6EA-9A617EEC3F30", "versionEndExcluding": "0.7.7", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "go-retryablehttp prior to 0.7.7 did not sanitize urls when writing them to its log file. This could lead to go-retryablehttp writing sensitive HTTP basic auth credentials to its log file. This vulnerability, CVE-2024-6104, was fixed in go-retryablehttp 0.7.7."}, {"lang": "es", "value": "go-retryablehttp anterior a 0.7.7 no sanitizaba las URL al escribirlas en su archivo de registro. Esto podr\u00eda llevar a que go-retryablehttp escriba credenciales de autenticaci\u00f3n b\u00e1sicas HTTP confidenciales en su archivo de registro. Esta vulnerabilidad, CVE-2024-6104, se solucion\u00f3 en go-retryablehttp 0.7.7."}], "id": "CVE-2024-6104", "lastModified": "2024-11-21T09:48:58.263", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 6.0, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "HIGH", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 1.5, "impactScore": 4.0, "source": "security@hashicorp.com", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2024-06-24T17:15:11.087", "references": [{"source": "security@hashicorp.com", "tags": ["Vendor Advisory"], "url": "https://discuss.hashicorp.com/c/security"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://discuss.hashicorp.com/c/security"}], "sourceIdentifier": "security@hashicorp.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-532"}], "source": "security@hashicorp.com", "type": "Secondary"}, {"description": [{"lang": "en", "value": "CWE-532"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"affected_release": [{"advisory": "RHSA-2024:8040", "cpe": "cpe:/a:redhat:cluster_observability_operator:0.4::el8", "package": "cluster-observability-operator/cluster-observability-operator-bundle:0.4.1-18", "product_name": "CLUSTER-OBSERVABILITY-OPERATOR-0.4-RHEL-8", "release_date": "2024-10-14T00:00:00Z"}, {"advisory": "RHSA-2024:8040", "cpe": "cpe:/a:redhat:cluster_observability_operator:0.4::el8", "package": "cluster-observability-operator/cluster-observability-rhel8-operator:v0.4.1-4", "product_name": "CLUSTER-OBSERVABILITY-OPERATOR-0.4-RHEL-8", "release_date": "2024-10-14T00:00:00Z"}, {"advisory": "RHSA-2024:8040", "cpe": "cpe:/a:redhat:cluster_observability_operator:0.4::el8", "package": "cluster-observability-operator/coo-admission-webhook-rhel8:v0.77.1-1", "product_name": "CLUSTER-OBSERVABILITY-OPERATOR-0.4-RHEL-8", "release_date": "2024-10-14T00:00:00Z"}, {"advisory": "RHSA-2024:8040", "cpe": "cpe:/a:redhat:cluster_observability_operator:0.4::el8", "package": "cluster-observability-operator/coo-console-dashboards-plugin-rhel8:v0.2.0-15", "product_name": "CLUSTER-OBSERVABILITY-OPERATOR-0.4-RHEL-8", "release_date": "2024-10-14T00:00:00Z"}, {"advisory": "RHSA-2024:8040", "cpe": "cpe:/a:redhat:cluster_observability_operator:0.4::el8", "package": "cluster-observability-operator/coo-console-distributed-tracing-plugin-rhel8:v0.1.0-16", "product_name": "CLUSTER-OBSERVABILITY-OPERATOR-0.4-RHEL-8", "release_date": "2024-10-14T00:00:00Z"}, {"advisory": "RHSA-2024:8040", "cpe": "cpe:/a:redhat:cluster_observability_operator:0.4::el8", "package": "cluster-observability-operator/coo-console-logging-plugin-rhel8:v6.0.0-20", "product_name": "CLUSTER-OBSERVABILITY-OPERATOR-0.4-RHEL-8", "release_date": "2024-10-14T00:00:00Z"}, {"advisory": "RHSA-2024:8040", "cpe": "cpe:/a:redhat:cluster_observability_operator:0.4::el8", "package": "cluster-observability-operator/coo-console-troubleshooting-panel-plugin-rhel8:v0.1.0-19", "product_name": "CLUSTER-OBSERVABILITY-OPERATOR-0.4-RHEL-8", "release_date": "2024-10-14T00:00:00Z"}, {"advisory": "RHSA-2024:8040", "cpe": "cpe:/a:redhat:cluster_observability_operator:0.4::el8", "package": "cluster-observability-operator/coo-korrel8r-rhel8:v0.6.3-15", "product_name": "CLUSTER-OBSERVABILITY-OPERATOR-0.4-RHEL-8", "release_date": "2024-10-14T00:00:00Z"}, {"advisory": "RHSA-2024:8040", "cpe": "cpe:/a:redhat:cluster_observability_operator:0.4::el8", "package": "cluster-observability-operator/coo-prometheus-alertmanager-rhel8:v0.27.0-4", "product_name": "CLUSTER-OBSERVABILITY-OPERATOR-0.4-RHEL-8", "release_date": "2024-10-14T00:00:00Z"}, {"advisory": "RHSA-2024:8040", "cpe": "cpe:/a:redhat:cluster_observability_operator:0.4::el8", "package": "cluster-observability-operator/coo-prometheus-config-reloader-rhel8:v0.77.1-1", "product_name": "CLUSTER-OBSERVABILITY-OPERATOR-0.4-RHEL-8", "release_date": "2024-10-14T00:00:00Z"}, {"advisory": "RHSA-2024:8040", "cpe": "cpe:/a:redhat:cluster_observability_operator:0.4::el8", "package": "cluster-observability-operator/coo-prometheus-rhel8:v2.54.1-1", "product_name": "CLUSTER-OBSERVABILITY-OPERATOR-0.4-RHEL-8", "release_date": "2024-10-14T00:00:00Z"}, {"advisory": "RHSA-2024:8040", "cpe": "cpe:/a:redhat:cluster_observability_operator:0.4::el8", "package": "cluster-observability-operator/coo-prometheus-rhel8-operator:v0.77.1-1", "product_name": "CLUSTER-OBSERVABILITY-OPERATOR-0.4-RHEL-8", "release_date": "2024-10-14T00:00:00Z"}, {"advisory": "RHSA-2024:8040", "cpe": "cpe:/a:redhat:cluster_observability_operator:0.4::el8", "package": "cluster-observability-operator/coo-thanos-rhel8:v0.36.1-1", "product_name": "CLUSTER-OBSERVABILITY-OPERATOR-0.4-RHEL-8", "release_date": "2024-10-14T00:00:00Z"}, {"advisory": "RHSA-2024:6738", "cpe": "cpe:/a:redhat:multicluster_engine:2.5::el8", "package": "multicluster-engine/hive-rhel8:v2.5.7-1", "product_name": "multicluster engine for Kubernetes 2.5 for RHEL 8", "release_date": "2024-09-17T00:00:00Z"}, {"advisory": "RHSA-2024:6054", "cpe": "cpe:/a:redhat:advanced_cluster_security:4.4::el8", "package": "advanced-cluster-security/rhacs-central-db-rhel8:4.4.5-2", "product_name": "Red Hat Advanced Cluster Security 4.4", "release_date": "2024-08-29T00:00:00Z"}, {"advisory": "RHSA-2024:6054", "cpe": "cpe:/a:redhat:advanced_cluster_security:4.4::el8", "package": "advanced-cluster-security/rhacs-collector-rhel8:4.4.5-2", "product_name": "Red Hat Advanced Cluster Security 4.4", "release_date": "2024-08-29T00:00:00Z"}, {"advisory": "RHSA-2024:6054", "cpe": "cpe:/a:redhat:advanced_cluster_security:4.4::el8", "package": "advanced-cluster-security/rhacs-collector-slim-rhel8:4.4.5-2", "product_name": "Red Hat Advanced Cluster Security 4.4", "release_date": "2024-08-29T00:00:00Z"}, {"advisory": "RHSA-2024:6054", "cpe": "cpe:/a:redhat:advanced_cluster_security:4.4::el8", "package": "advanced-cluster-security/rhacs-main-rhel8:4.4.5-4", "product_name": "Red Hat Advanced Cluster Security 4.4", "release_date": "2024-08-29T00:00:00Z"}, {"advisory": "RHSA-2024:6054", "cpe": "cpe:/a:redhat:advanced_cluster_security:4.4::el8", "package": "advanced-cluster-security/rhacs-operator-bundle:4.4.5-3", "product_name": "Red Hat Advanced Cluster Security 4.4", "release_date": "2024-08-29T00:00:00Z"}, {"advisory": "RHSA-2024:6054", "cpe": "cpe:/a:redhat:advanced_cluster_security:4.4::el8", "package": "advanced-cluster-security/rhacs-rhel8-operator:4.4.5-2", "product_name": "Red Hat Advanced Cluster Security 4.4", "release_date": "2024-08-29T00:00:00Z"}, {"advisory": "RHSA-2024:6054", "cpe": "cpe:/a:redhat:advanced_cluster_security:4.4::el8", "package": "advanced-cluster-security/rhacs-roxctl-rhel8:4.4.5-2", "product_name": "Red Hat Advanced Cluster Security 4.4", "release_date": "2024-08-29T00:00:00Z"}, {"advisory": "RHSA-2024:6054", "cpe": "cpe:/a:redhat:advanced_cluster_security:4.4::el8", "package": "advanced-cluster-security/rhacs-scanner-db-rhel8:4.4.5-2", "product_name": "Red Hat Advanced Cluster Security 4.4", "release_date": "2024-08-29T00:00:00Z"}, {"advisory": "RHSA-2024:6054", "cpe": "cpe:/a:redhat:advanced_cluster_security:4.4::el8", "package": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8:4.4.5-3", "product_name": "Red Hat Advanced Cluster Security 4.4", "release_date": "2024-08-29T00:00:00Z"}, {"advisory": "RHSA-2024:6054", "cpe": "cpe:/a:redhat:advanced_cluster_security:4.4::el8", "package": "advanced-cluster-security/rhacs-scanner-rhel8:4.4.5-2", "product_name": "Red Hat Advanced Cluster Security 4.4", "release_date": "2024-08-29T00:00:00Z"}, {"advisory": "RHSA-2024:6054", "cpe": "cpe:/a:redhat:advanced_cluster_security:4.4::el8", "package": "advanced-cluster-security/rhacs-scanner-slim-rhel8:4.4.5-2", "product_name": "Red Hat Advanced Cluster Security 4.4", "release_date": "2024-08-29T00:00:00Z"}, {"advisory": "RHSA-2024:6054", "cpe": "cpe:/a:redhat:advanced_cluster_security:4.4::el8", "package": "advanced-cluster-security/rhacs-scanner-v4-db-rhel8:4.4.5-3", "product_name": "Red Hat Advanced Cluster Security 4.4", "release_date": "2024-08-29T00:00:00Z"}, {"advisory": "RHSA-2024:6054", "cpe": "cpe:/a:redhat:advanced_cluster_security:4.4::el8", "package": "advanced-cluster-security/rhacs-scanner-v4-rhel8:4.4.5-3", "product_name": "Red Hat Advanced Cluster Security 4.4", "release_date": "2024-08-29T00:00:00Z"}, {"advisory": "RHSA-2024:5258", "cpe": "cpe:/a:redhat:enterprise_linux:8", "package": "container-tools:rhel8-8100020240808093819.afee755d", "product_name": "Red Hat Enterprise Linux 8", "release_date": "2024-08-13T00:00:00Z"}, {"advisory": "RHSA-2024:5194", "cpe": "cpe:/a:redhat:rhel_eus:8.8", "package": "container-tools:rhel8-8080020240724065004.0f77c1b7", "product_name": "Red Hat Enterprise Linux 8.8 Extended Update Support", "release_date": "2024-08-12T00:00:00Z"}, {"advisory": "RHSA-2024:6194", "cpe": "cpe:/a:redhat:enterprise_linux:9", "package": "podman-4:4.9.4-10.el9_4", "product_name": "Red Hat Enterprise Linux 9", "release_date": "2024-09-03T00:00:00Z"}, {"advisory": "RHSA-2024:9098", "cpe": "cpe:/a:redhat:enterprise_linux:9", "package": "skopeo-2:1.16.1-1.el9", "product_name": "Red Hat Enterprise Linux 9", "release_date": "2024-11-12T00:00:00Z"}, {"advisory": "RHSA-2024:9115", "cpe": "cpe:/a:redhat:enterprise_linux:9", "package": "grafana-0:10.2.6-4.el9", "product_name": "Red Hat Enterprise Linux 9", "release_date": "2024-11-12T00:00:00Z"}, {"advisory": "RHSA-2024:5634", "cpe": "cpe:/a:redhat:rhel_eus:9.2", "package": "podman-2:4.4.1-20.el9_2", "product_name": "Red Hat Enterprise Linux 9.2 Extended Update Support", "release_date": "2024-08-20T00:00:00Z"}, {"advisory": "RHSA-2024:5199", "cpe": "cpe:/a:redhat:openshift:4.12::el8", "package": "openshift4/ose-sriov-network-webhook:v4.12.0-202408091241.p0.g83b800f.assembly.stream.el8", "product_name": "Red Hat OpenShift Container Platform 4.12", "release_date": "2024-08-19T00:00:00Z"}, {"advisory": "RHSA-2024:5200", "cpe": "cpe:/a:redhat:openshift:4.12::el8", "package": "openshift4/ose-cloud-credential-operator:v4.12.0-202408072203.p0.g6de9c4e.assembly.stream.el8", "product_name": "Red Hat OpenShift Container Platform 4.12", "release_date": "2024-08-19T00:00:00Z"}, {"advisory": "RHSA-2024:5200", "cpe": "cpe:/a:redhat:openshift:4.12::el8", "package": "openshift4/ose-cluster-image-registry-operator:v4.12.0-202408071159.p0.g77fd1a9.assembly.stream.el8", "product_name": "Red Hat OpenShift Container Platform 4.12", "release_date": "2024-08-19T00:00:00Z"}, {"advisory": "RHSA-2024:5200", "cpe": "cpe:/a:redhat:openshift:4.12::el8", "package": "openshift4/ose-ibm-vpc-block-csi-driver-operator-rhel8:v4.12.0-202408071159.p0.gf2b726d.assembly.stream.el8", "product_name": "Red Hat OpenShift Container Platform 4.12", "release_date": "2024-08-19T00:00:00Z"}, {"advisory": "RHSA-2024:5200", "cpe": "cpe:/a:redhat:openshift:4.12::el8", "package": "openshift4/ose-ibm-vpc-block-csi-driver-rhel8:v4.12.0-202408071159.p0.g921509f.assembly.stream.el8", "product_name": "Red Hat OpenShift Container Platform 4.12", "release_date": "2024-08-19T00:00:00Z"}, {"advisory": "RHSA-2024:5808", "cpe": "cpe:/a:redhat:openshift:4.12::el8", "package": "openshift4/ose-azure-cluster-api-controllers-rhel8:v4.12.0-202408220304.p0.ga1b2a37.assembly.stream.el8", "product_name": "Red Hat OpenShift Container Platform 4.12", "release_date": "2024-08-29T00:00:00Z"}, {"advisory": "RHSA-2024:6642", "cpe": "cpe:/a:redhat:openshift:4.12::el8", "package": "openshift4/ose-installer:v4.12.0-202409040731.p0.g798aeaa.assembly.stream.el8", "product_name": "Red Hat OpenShift Container Platform 4.12", "release_date": "2024-09-18T00:00:00Z"}, {"advisory": "RHSA-2024:4846", "cpe": "cpe:/a:redhat:openshift:4.13::el8", "package": "openshift4/ose-cloud-credential-operator:v4.13.0-202407192107.p0.g73ecd48.assembly.stream.el8", "product_name": "Red Hat OpenShift Container Platform 4.13", "release_date": "2024-07-31T00:00:00Z"}, {"advisory": "RHSA-2024:4846", "cpe": "cpe:/a:redhat:openshift:4.13::el8", "package": "openshift4/ose-cluster-image-registry-operator:v4.13.0-202407221409.p0.g19ee668.assembly.stream.el8", "product_name": "Red Hat OpenShift Container Platform 4.13", "release_date": "2024-07-31T00:00:00Z"}, {"advisory": "RHSA-2024:4846", "cpe": "cpe:/a:redhat:openshift:4.13::el8", "package": "openshift4/ose-ibm-vpc-block-csi-driver-operator-rhel8:v4.13.0-202407182339.p0.g4c23f81.assembly.stream.el8", "product_name": "Red Hat OpenShift Container Platform 4.13", "release_date": "2024-07-31T00:00:00Z"}, {"advisory": "RHSA-2024:4846", "cpe": "cpe:/a:redhat:openshift:4.13::el8", "package": "openshift4/ose-ibm-vpc-block-csi-driver-rhel8:v4.13.0-202407182137.p0.g54aaeff.assembly.stream.el8", "product_name": "Red Hat OpenShift Container Platform 4.13", "release_date": "2024-07-31T00:00:00Z"}, {"advisory": "RHSA-2024:4846", "cpe": "cpe:/a:redhat:openshift:4.13::el8", "package": "openshift4/ose-ibm-vpc-node-label-updater-rhel8:v4.13.0-202407221109.p0.gb819827.assembly.stream.el8", "product_name": "Red Hat OpenShift Container Platform 4.13", "release_date": "2024-07-31T00:00:00Z"}, {"advisory": "RHSA-2024:5444", "cpe": "cpe:/a:redhat:openshift:4.13::el8", "package": "openshift4/ose-azure-cluster-api-controllers-rhel8:v4.13.0-202408131940.p0.g3f757a8.assembly.stream.el8", "product_name": "Red Hat OpenShift Container Platform 4.13", "release_date": "2024-08-22T00:00:00Z"}, {"advisory": "RHSA-2024:5444", "cpe": "cpe:/a:redhat:openshift:4.13::el8", "package": "openshift4/ose-powervs-block-csi-driver-rhel8:v4.13.0-202408131940.p0.g16fa555.assembly.stream.el8", "product_name": "Red Hat OpenShift Container Platform 4.13", "release_date": "2024-08-22T00:00:00Z"}, {"advisory": "RHSA-2024:5446", "cpe": "cpe:/a:redhat:openshift:4.13::el8", "package": "podman-3:4.4.1-13.rhaos4.13.el9", "product_name": "Red Hat OpenShift Container Platform 4.13", "release_date": "2024-08-22T00:00:00Z"}, {"advisory": "RHSA-2024:6009", "cpe": "cpe:/a:redhat:openshift:4.13::el8", "package": "openshift4/ose-installer:v4.13.0-202408280339.p0.g1b2041c.assembly.stream.el8", "product_name": "Red Hat OpenShift Container Platform 4.13", "release_date": "2024-09-04T00:00:00Z"}, {"advisory": "RHSA-2024:6811", "cpe": "cpe:/a:redhat:openshift:4.13::el8", "package": "openshift4/ose-hypershift-rhel8:v4.13.0-202409142105.p0.g6daddee.assembly.stream.el8", "product_name": "Red Hat OpenShift Container Platform 4.13", "release_date": "2024-09-25T00:00:00Z"}, {"advisory": "RHSA-2025:1116", "cpe": "cpe:/a:redhat:openshift:4.13::el8", "package": "openshift4/ose-ibmcloud-machine-controllers-rhel8:v4.13.0-202502010028.p0.g4698265.assembly.stream.el8", "product_name": "Red Hat OpenShift Container Platform 4.13", "release_date": "2025-02-13T00:00:00Z"}, {"advisory": "RHSA-2024:4479", "cpe": "cpe:/a:redhat:openshift:4.14::el8", "package": "openshift4/ose-cluster-image-registry-operator:v4.14.0-202407041041.p0.g5e20c16.assembly.stream.el8", "product_name": "Red Hat OpenShift Container Platform 4.14", "release_date": "2024-07-17T00:00:00Z"}, {"advisory": "RHSA-2024:4960", "cpe": "cpe:/a:redhat:openshift:4.14::el8", "package": "openshift4/ose-cloud-credential-operator:v4.14.0-202407301840.p0.g7a5d12e.assembly.stream.el8", "product_name": "Red Hat OpenShift Container Platform 4.14", "release_date": "2024-08-07T00:00:00Z"}, {"advisory": "RHSA-2024:4960", "cpe": "cpe:/a:redhat:openshift:4.14::el8", "package": "openshift4/ose-ibm-vpc-block-csi-driver-operator-rhel8:v4.14.0-202407120310.p0.g620220e.assembly.stream.el8", "product_name": "Red Hat OpenShift Container Platform 4.14", "release_date": "2024-08-07T00:00:00Z"}, {"advisory": "RHSA-2024:4960", "cpe": "cpe:/a:redhat:openshift:4.14::el8", "package": "openshift4/ose-ibm-vpc-block-csi-driver-rhel8:v4.14.0-202407161139.p0.gea2bc15.assembly.stream.el8", "product_name": "Red Hat OpenShift Container Platform 4.14", "release_date": "2024-08-07T00:00:00Z"}, {"advisory": "RHSA-2024:4960", "cpe": "cpe:/a:redhat:openshift:4.14::el8", "package": "openshift4/ose-ibm-vpc-node-label-updater-rhel8:v4.14.0-202407191039.p0.gda6823b.assembly.stream.el8", "product_name": "Red Hat OpenShift Container Platform 4.14", "release_date": "2024-08-07T00:00:00Z"}, {"advisory": "RHSA-2024:4963", "cpe": "cpe:/a:redhat:openshift:4.14::el8", "package": "podman-3:4.4.1-16.4.rhaos4.14.el9", "product_name": "Red Hat OpenShift Container Platform 4.14", "release_date": "2024-08-07T00:00:00Z"}, {"advisory": "RHSA-2024:5433", "cpe": "cpe:/a:redhat:openshift:4.14::el8", "package": "openshift4/ose-azure-cluster-api-controllers-rhel8:v4.14.0-202408081241.p0.g8c2203f.assembly.stream.el8", "product_name": "Red Hat OpenShift Container Platform 4.14", "release_date": "2024-08-22T00:00:00Z"}, {"advisory": "RHSA-2024:5433", "cpe": "cpe:/a:redhat:openshift:4.14::el8", "package": "openshift4/ose-powervs-block-csi-driver-rhel8:v4.14.0-202408081513.p0.g988f710.assembly.stream.el8", "product_name": "Red Hat OpenShift Container Platform 4.14", "release_date": "2024-08-22T00:00:00Z"}, {"advisory": "RHSA-2024:6406", "cpe": "cpe:/a:redhat:openshift:4.14::el8", "package": "openshift4/ose-installer:v4.14.0-202409031910.p0.ga8c1414.assembly.stream.el8", "product_name": "Red Hat OpenShift Container Platform 4.14", "release_date": "2024-09-11T00:00:00Z"}, {"advisory": "RHSA-2024:7184", "cpe": "cpe:/a:redhat:openshift:4.14::el8", "package": "openshift4/ose-hypershift-rhel8:v4.14.0-202409250538.p0.gd8f8831.assembly.stream.el8", "product_name": "Red Hat OpenShift Container Platform 4.14", "release_date": "2024-10-03T00:00:00Z"}, {"advisory": "RHSA-2025:0029", "cpe": "cpe:/a:redhat:openshift:4.14::el8", "package": "openshift4/ose-ibmcloud-machine-controllers-rhel8:v4.14.0-202412200205.p0.ga63c6aa.assembly.stream.el8", "product_name": "Red Hat OpenShift Container Platform 4.14", "release_date": "2025-01-09T00:00:00Z"}, {"advisory": "RHSA-2024:4699", "cpe": "cpe:/a:redhat:openshift:4.15::el8", "package": "openshift4/ose-cloud-credential-operator:v4.15.0-202407181606.p0.gf8455ca.assembly.stream.el8", "product_name": "Red Hat OpenShift Container Platform 4.15", "release_date": "2024-07-25T00:00:00Z"}, {"advisory": "RHSA-2024:4699", "cpe": "cpe:/a:redhat:openshift:4.15::el8", "package": "openshift4/ose-ibm-vpc-block-csi-driver-operator-rhel8:v4.15.0-202407111437.p0.gdf0f1f6.assembly.stream.el8", "product_name": "Red Hat OpenShift Container Platform 4.15", "release_date": "2024-07-25T00:00:00Z"}, {"advisory": "RHSA-2024:4699", "cpe": "cpe:/a:redhat:openshift:4.15::el8", "package": "openshift4/ose-ibm-vpc-block-csi-driver-rhel9:v4.15.0-202407151106.p0.g81877ac.assembly.stream.el9", "product_name": "Red Hat OpenShift Container Platform 4.15", "release_date": "2024-07-25T00:00:00Z"}, {"advisory": "RHSA-2024:4699", "cpe": "cpe:/a:redhat:openshift:4.15::el8", "package": "openshift4/ose-ibm-vpc-node-label-updater-rhel9:v4.15.0-202407160936.p0.g5d72ced.assembly.stream.el9", "product_name": "Red Hat OpenShift Container Platform 4.15", "release_date": "2024-07-25T00:00:00Z"}, {"advisory": "RHSA-2024:4853", "cpe": "cpe:/a:redhat:openshift:4.15::el8", "package": "podman-3:4.4.1-26.2.rhaos4.15.el8", "product_name": "Red Hat OpenShift Container Platform 4.15", "release_date": "2024-07-31T00:00:00Z"}, {"advisory": "RHSA-2024:5160", "cpe": "cpe:/a:redhat:openshift:4.15::el8", "package": "openshift4/ose-installer:v4.15.0-202408060439.p0.g950491f.assembly.stream.el8", "product_name": "Red Hat OpenShift Container Platform 4.15", "release_date": "2024-08-15T00:00:00Z"}, {"advisory": "RHSA-2024:5160", "cpe": "cpe:/a:redhat:openshift:4.15::el8", "package": "openshift4/ose-powervs-block-csi-driver-rhel9:v4.15.0-202408060439.p0.g38bee56.assembly.stream.el9", "product_name": "Red Hat OpenShift Container Platform 4.15", "release_date": "2024-08-15T00:00:00Z"}, {"advisory": "RHSA-2024:11562", "cpe": "cpe:/a:redhat:openshift:4.15::el9", "package": "openshift4/ose-ibmcloud-machine-controllers-rhel9:v4.15.0-202412120304.p0.g6846b9a.assembly.stream.el9", "product_name": "Red Hat OpenShift Container Platform 4.15", "release_date": "2025-01-02T00:00:00Z"}, {"advisory": "RHSA-2024:4321", "cpe": "cpe:/a:redhat:openshift:4.15::el9", "package": "openshift4/ose-azure-cluster-api-controllers-rhel9:v4.15.0-202407020237.p0.g44832d2.assembly.stream.el9", "product_name": "Red Hat OpenShift Container Platform 4.15", "release_date": "2024-07-10T00:00:00Z"}, {"advisory": "RHSA-2024:4321", "cpe": "cpe:/a:redhat:openshift:4.15::el9", "package": "openshift4/ose-cluster-image-registry-rhel9-operator:v4.15.0-202407031137.p0.g8740a71.assembly.stream.el9", "product_name": "Red Hat OpenShift Container Platform 4.15", "release_date": "2024-07-10T00:00:00Z"}, {"advisory": "RHSA-2024:6409", "cpe": "cpe:/a:redhat:openshift:4.15::el9", "package": "openshift4/ose-hypershift-rhel9:v4.15.0-202409041437.p0.gf2684bc.assembly.stream.el9", "product_name": "Red Hat OpenShift Container Platform 4.15", "release_date": "2024-09-11T00:00:00Z"}, {"advisory": "RHSA-2024:4858", "cpe": "cpe:/a:redhat:openshift:4.16::el8", "package": "podman-4:4.9.4-9.rhaos4.16.el9", "product_name": "Red Hat OpenShift Container Platform 4.16", "release_date": "2024-07-31T00:00:00Z"}, {"advisory": "RHSA-2024:10823", "cpe": "cpe:/a:redhat:openshift:4.16::el9", "package": "openshift4/ose-ibmcloud-machine-controllers-rhel9:v4.16.0-202412021934.p0.gd29506e.assembly.stream.el9", "product_name": "Red Hat OpenShift Container Platform 4.16", "release_date": "2024-12-12T00:00:00Z"}, {"advisory": "RHSA-2024:4316", "cpe": "cpe:/a:redhat:openshift:4.16::el9", "package": "openshift4/ose-azure-cluster-api-controllers-rhel9:v4.16.0-202407030803.p0.ga81e3b3.assembly.stream.el9", "product_name": "Red Hat OpenShift Container Platform 4.16", "release_date": "2024-07-09T00:00:00Z"}, {"advisory": "RHSA-2024:4316", "cpe": "cpe:/a:redhat:openshift:4.16::el9", "package": "openshift4/ose-cluster-image-registry-rhel9-operator:v4.16.0-202407030803.p0.g335c914.assembly.stream.el9", "product_name": "Red Hat OpenShift Container Platform 4.16", "release_date": "2024-07-09T00:00:00Z"}, {"advisory": "RHSA-2024:4469", "cpe": "cpe:/a:redhat:openshift:4.16::el9", "package": "openshift4/ose-ibm-vpc-block-csi-driver-rhel9:v4.16.0-202407031636.p0.g32b4c00.assembly.stream.el9", "product_name": "Red Hat OpenShift Container Platform 4.16", "release_date": "2024-07-16T00:00:00Z"}, {"advisory": "RHSA-2024:4469", "cpe": "cpe:/a:redhat:openshift:4.16::el9", "package": "openshift4/ose-ibm-vpc-block-csi-driver-rhel9-operator:v4.16.0-202407031636.p0.g34fc9a4.assembly.stream.el9", "product_name": "Red Hat OpenShift Container Platform 4.16", "release_date": "2024-07-16T00:00:00Z"}, {"advisory": "RHSA-2024:4613", "cpe": "cpe:/a:redhat:openshift:4.16::el9", "package": "openshift4/ose-cloud-credential-rhel9-operator:v4.16.0-202407142206.p0.gfffc75d.assembly.stream.el9", "product_name": "Red Hat OpenShift Container Platform 4.16", "release_date": "2024-07-24T00:00:00Z"}, {"advisory": "RHSA-2024:4613", "cpe": "cpe:/a:redhat:openshift:4.16::el9", "package": "openshift4/ose-installer-rhel9:v4.16.0-202407161505.p0.g41969e2.assembly.stream.el9", "product_name": "Red Hat OpenShift Container Platform 4.16", "release_date": "2024-07-24T00:00:00Z"}, {"advisory": "RHSA-2024:4965", "cpe": "cpe:/a:redhat:openshift:4.16::el9", "package": "openshift4/ose-powervs-cloud-controller-manager-rhel9:v4.16.0-202407300708.p0.g20e6dc7.assembly.stream.el9", "product_name": "Red Hat OpenShift Container Platform 4.16", "release_date": "2024-08-06T00:00:00Z"}, {"advisory": "RHSA-2024:4965", "cpe": "cpe:/a:redhat:openshift:4.16::el9", "package": "openshift4/ose-prometheus-rhel9:v4.16.0-202407261437.p0.gbc04420.assembly.stream.el9", "product_name": "Red Hat OpenShift Container Platform 4.16", "release_date": "2024-08-06T00:00:00Z"}, {"advisory": "RHSA-2024:5107", "cpe": "cpe:/a:redhat:openshift:4.16::el9", "package": "openshift4/ose-powervs-block-csi-driver-rhel9:v4.16.0-202408010610.p0.g26162ba.assembly.stream.el9", "product_name": "Red Hat OpenShift Container Platform 4.16", "release_date": "2024-08-13T00:00:00Z"}, {"advisory": "RHSA-2024:6004", "cpe": "cpe:/a:redhat:openshift:4.16::el9", "package": "openshift4/ose-hypershift-rhel9:v4.16.0-202408281556.p0.g469fb1e.assembly.stream.el9", "product_name": "Red Hat OpenShift Container Platform 4.16", "release_date": "2024-09-03T00:00:00Z"}, {"advisory": "RHSA-2024:3722", "cpe": "cpe:/a:redhat:openshift:4.17::el8", "package": "podman-4:5.2.0-3.rhaos4.17.el8", "product_name": "Red Hat OpenShift Container Platform 4.17", "release_date": "2024-10-01T00:00:00Z"}, {"advisory": "RHSA-2024:3722", "cpe": "cpe:/a:redhat:openshift:4.17::el8", "package": "skopeo-2:1.16.0-2.rhaos4.17.el9", "product_name": "Red Hat OpenShift Container Platform 4.17", "release_date": "2024-10-01T00:00:00Z"}, {"advisory": "RHSA-2024:10518", "cpe": "cpe:/a:redhat:openshift:4.17::el9", "package": "openshift4/ose-ibmcloud-machine-controllers-rhel9:v4.17.0-202411251634.p0.g238348d.assembly.stream.el9", "product_name": "Red Hat OpenShift Container Platform 4.17", "release_date": "2024-12-03T00:00:00Z"}, {"advisory": "RHSA-2024:6122", "cpe": "cpe:/a:redhat:openshift:4.18::el9", "package": "openshift4/ose-cluster-ingress-rhel9-operator:v4.18.0-202501230001.p0.g8be1749.assembly.stream.el9", "product_name": "Red Hat OpenShift Container Platform 4.18", "release_date": "2025-02-25T00:00:00Z"}, {"advisory": "RHSA-2024:8677", "cpe": "cpe:/a:redhat:openshift_gitops:1.12::el8", "package": "openshift-gitops-1/argocd-rhel8:v1.12.6-2", "product_name": "Red Hat OpenShift GitOps 1.12", "release_date": "2024-10-30T00:00:00Z"}, {"advisory": "RHSA-2024:8677", "cpe": "cpe:/a:redhat:openshift_gitops:1.12::el8", "package": "openshift-gitops-1/argo-rollouts-rhel8:v1.12.6-2", "product_name": "Red Hat OpenShift GitOps 1.12", "release_date": "2024-10-30T00:00:00Z"}, {"advisory": "RHSA-2024:8677", "cpe": "cpe:/a:redhat:openshift_gitops:1.12::el8", "package": "openshift-gitops-1/console-plugin-rhel8:v1.12.6-2", "product_name": "Red Hat OpenShift GitOps 1.12", "release_date": "2024-10-30T00:00:00Z"}, {"advisory": "RHSA-2024:8677", "cpe": "cpe:/a:redhat:openshift_gitops:1.12::el8", "package": "openshift-gitops-1/dex-rhel8:v1.12.6-2", "product_name": "Red Hat OpenShift GitOps 1.12", "release_date": "2024-10-30T00:00:00Z"}, {"advisory": "RHSA-2024:8677", "cpe": "cpe:/a:redhat:openshift_gitops:1.12::el8", "package": "openshift-gitops-1/gitops-operator-bundle:v1.12.6-2", "product_name": "Red Hat OpenShift GitOps 1.12", "release_date": "2024-10-30T00:00:00Z"}, {"advisory": "RHSA-2024:8677", "cpe": "cpe:/a:redhat:openshift_gitops:1.12::el8", "package": "openshift-gitops-1/gitops-rhel8:v1.12.6-2", "product_name": "Red Hat OpenShift GitOps 1.12", "release_date": "2024-10-30T00:00:00Z"}, {"advisory": "RHSA-2024:8677", "cpe": "cpe:/a:redhat:openshift_gitops:1.12::el8", "package": "openshift-gitops-1/gitops-rhel8-operator:v1.12.6-2", "product_name": "Red Hat OpenShift GitOps 1.12", "release_date": "2024-10-30T00:00:00Z"}, {"advisory": "RHSA-2024:8677", "cpe": "cpe:/a:redhat:openshift_gitops:1.12::el8", "package": "openshift-gitops-1/kam-delivery-rhel8:v1.12.6-2", "product_name": "Red Hat OpenShift GitOps 1.12", "release_date": "2024-10-30T00:00:00Z"}, {"advisory": "RHSA-2024:8677", "cpe": "cpe:/a:redhat:openshift_gitops:1.12::el8", "package": "openshift-gitops-1/must-gather-rhel8:v1.12.6-2", "product_name": "Red Hat OpenShift GitOps 1.12", "release_date": "2024-10-30T00:00:00Z"}, {"advisory": "RHSA-2024:8677", "cpe": "cpe:/a:redhat:openshift_gitops:1.12::el9", "package": "openshift-gitops-argocd-rhel9-container-v1.12.6-1", "product_name": "Red Hat OpenShift GitOps 1.12 - RHEL 9", "release_date": "2024-10-30T00:00:00Z"}, {"advisory": "RHSA-2024:7744", "cpe": "cpe:/a:redhat:openshift_data_foundation:4.13::el9", "package": "odf4/cephcsi-rhel9:v4.13.12-2", "product_name": "RHODF-4.13-RHEL-9", "release_date": "2024-10-07T00:00:00Z"}, {"advisory": "RHSA-2024:7624", "cpe": "cpe:/a:redhat:openshift_data_foundation:4.14::el9", "package": "odf4/cephcsi-rhel9:v4.14.11-2", "product_name": "RHODF-4.14-RHEL-9", "release_date": "2024-10-03T00:00:00Z"}, {"advisory": "RHSA-2025:1866", "cpe": "cpe:/a:redhat:openshift_data_foundation:4.14::el9", "package": "odf4/ocs-rhel9-operator:v4.14.16-2", "product_name": "RHODF-4.14-RHEL-9", "release_date": "2025-02-26T00:00:00Z"}, {"advisory": "RHSA-2025:1866", "cpe": "cpe:/a:redhat:openshift_data_foundation:4.14::el9", "package": "odf4/odf-rhel9-operator:v4.14.16-2", "product_name": "RHODF-4.14-RHEL-9", "release_date": "2025-02-26T00:00:00Z"}, {"advisory": "RHSA-2025:1865", "cpe": "cpe:/a:redhat:openshift_data_foundation:4.15::el9", "package": "odf4/ocs-rhel9-operator:v4.15.12-1", "product_name": "RHODF-4.15-RHEL-9", "release_date": "2025-02-26T00:00:00Z"}, {"advisory": "RHSA-2025:1865", "cpe": "cpe:/a:redhat:openshift_data_foundation:4.15::el9", "package": "odf4/odf-rhel9-operator:v4.15.12-1", "product_name": "RHODF-4.15-RHEL-9", "release_date": "2025-02-26T00:00:00Z"}, {"advisory": "RHSA-2024:5547", "cpe": "cpe:/a:redhat:openshift_data_foundation:4.16::el9", "package": "odf4/mcg-rhel9-operator:v4.16.1-3", "product_name": "RHODF-4.16-RHEL-9", "release_date": "2024-08-19T00:00:00Z"}, {"advisory": "RHSA-2024:5547", "cpe": "cpe:/a:redhat:openshift_data_foundation:4.16::el9", "package": "odf4/odf-cli-rhel9:v4.16.1-3", "product_name": "RHODF-4.16-RHEL-9", "release_date": "2024-08-19T00:00:00Z"}, {"advisory": "RHSA-2024:5547", "cpe": "cpe:/a:redhat:openshift_data_foundation:4.16::el9", "package": "odf4/odf-multicluster-rhel9-operator:v4.16.1-1", "product_name": "RHODF-4.16-RHEL-9", "release_date": "2024-08-19T00:00:00Z"}, {"advisory": "RHSA-2024:6755", "cpe": "cpe:/a:redhat:openshift_data_foundation:4.16::el9", "package": "odf4/cephcsi-rhel9:v4.16.2-2", "product_name": "RHODF-4.16-RHEL-9", "release_date": "2024-09-18T00:00:00Z"}, {"advisory": "RHSA-2024:6755", "cpe": "cpe:/a:redhat:openshift_data_foundation:4.16::el9", "package": "odf4/odf-cli-rhel9:v4.16.2-2", "product_name": "RHODF-4.16-RHEL-9", "release_date": "2024-09-18T00:00:00Z"}, {"advisory": "RHSA-2024:6755", "cpe": "cpe:/a:redhat:openshift_data_foundation:4.16::el9", "package": "odf4/rook-ceph-rhel9-operator:v4.16.2-3", "product_name": "RHODF-4.16-RHEL-9", "release_date": "2024-09-18T00:00:00Z"}, {"advisory": "RHSA-2025:1829", "cpe": "cpe:/a:redhat:openshift_data_foundation:4.16::el9", "package": "odf4/ocs-rhel9-operator:v4.16.8-1", "product_name": "RHODF-4.16-RHEL-9", "release_date": "2025-02-25T00:00:00Z"}, {"advisory": "RHSA-2025:1829", "cpe": "cpe:/a:redhat:openshift_data_foundation:4.16::el9", "package": "odf4/odf-rhel9-operator:v4.16.8-1", "product_name": "RHODF-4.16-RHEL-9", "release_date": "2025-02-25T00:00:00Z"}, {"advisory": "RHSA-2024:7323", "cpe": "cpe:/a:redhat:logging:5.6::el8", "package": "openshift-logging/cluster-logging-operator-bundle:v5.6.24-7", "product_name": "RHOL-5.6-RHEL-8", "release_date": "2024-10-07T00:00:00Z"}, {"advisory": "RHSA-2024:7323", "cpe": "cpe:/a:redhat:logging:5.6::el8", "package": "openshift-logging/cluster-logging-rhel8-operator:v5.6.24-2", "product_name": "RHOL-5.6-RHEL-8", "release_date": "2024-10-07T00:00:00Z"}, {"advisory": "RHSA-2024:7323", "cpe": "cpe:/a:redhat:logging:5.6::el8", "package": "openshift-logging/elasticsearch6-rhel8:v6.8.1-440", "product_name": "RHOL-5.6-RHEL-8", "release_date": "2024-10-07T00:00:00Z"}, {"advisory": "RHSA-2024:7323", "cpe": "cpe:/a:redhat:logging:5.6::el8", "package": "openshift-logging/elasticsearch-operator-bundle:v5.6.24-9", "product_name": "RHOL-5.6-RHEL-8", "release_date": "2024-10-07T00:00:00Z"}, {"advisory": "RHSA-2024:7323", "cpe": "cpe:/a:redhat:logging:5.6::el8", "package": "openshift-logging/elasticsearch-proxy-rhel8:v1.0.0-515", "product_name": "RHOL-5.6-RHEL-8", "release_date": "2024-10-07T00:00:00Z"}, {"advisory": "RHSA-2024:7323", "cpe": "cpe:/a:redhat:logging:5.6::el8", "package": "openshift-logging/elasticsearch-rhel8-operator:v5.6.24-2", "product_name": "RHOL-5.6-RHEL-8", "release_date": "2024-10-07T00:00:00Z"}, {"advisory": "RHSA-2024:7323", "cpe": "cpe:/a:redhat:logging:5.6::el8", "package": "openshift-logging/eventrouter-rhel8:v0.4.0-300", "product_name": "RHOL-5.6-RHEL-8", "release_date": "2024-10-07T00:00:00Z"}, {"advisory": "RHSA-2024:7323", "cpe": "cpe:/a:redhat:logging:5.6::el8", "package": "openshift-logging/fluentd-rhel8:v1.14.6-228", "product_name": "RHOL-5.6-RHEL-8", "release_date": "2024-10-07T00:00:00Z"}, {"advisory": "RHSA-2024:7323", "cpe": "cpe:/a:redhat:logging:5.6::el8", "package": "openshift-logging/kibana6-rhel8:v6.8.1-460", "product_name": "RHOL-5.6-RHEL-8", "release_date": "2024-10-07T00:00:00Z"}, {"advisory": "RHSA-2024:7323", "cpe": "cpe:/a:redhat:logging:5.6::el8", "package": "openshift-logging/log-file-metric-exporter-rhel8:v1.1.0-281", "product_name": "RHOL-5.6-RHEL-8", "release_date": "2024-10-07T00:00:00Z"}, {"advisory": "RHSA-2024:7323", "cpe": "cpe:/a:redhat:logging:5.6::el8", "package": "openshift-logging/logging-curator5-rhel8:v5.8.1-523", "product_name": "RHOL-5.6-RHEL-8", "release_date": "2024-10-07T00:00:00Z"}, {"advisory": "RHSA-2024:7323", "cpe": "cpe:/a:redhat:logging:5.6::el8", "package": "openshift-logging/logging-loki-rhel8:v3.1.1-11", "product_name": "RHOL-5.6-RHEL-8", "release_date": "2024-10-07T00:00:00Z"}, {"advisory": "RHSA-2024:7323", "cpe": "cpe:/a:redhat:logging:5.6::el8", "package": "openshift-logging/logging-view-plugin-rhel8:v5.6.24-3", "product_name": "RHOL-5.6-RHEL-8", "release_date": "2024-10-07T00:00:00Z"}, {"advisory": "RHSA-2024:7323", "cpe": "cpe:/a:redhat:logging:5.6::el8", "package": "openshift-logging/loki-operator-bundle:v5.6.24-18", "product_name": "RHOL-5.6-RHEL-8", "release_date": "2024-10-07T00:00:00Z"}, {"advisory": "RHSA-2024:7323", "cpe": "cpe:/a:redhat:logging:5.6::el8", "package": "openshift-logging/loki-rhel8-operator:v5.6.24-7", "product_name": "RHOL-5.6-RHEL-8", "release_date": "2024-10-07T00:00:00Z"}, {"advisory": "RHSA-2024:7323", "cpe": "cpe:/a:redhat:logging:5.6::el8", "package": "openshift-logging/lokistack-gateway-rhel8:v0.1.0-652", "product_name": "RHOL-5.6-RHEL-8", "release_date": "2024-10-07T00:00:00Z"}, {"advisory": "RHSA-2024:7323", "cpe": "cpe:/a:redhat:logging:5.6::el8", "package": "openshift-logging/opa-openshift-rhel8:v0.1.0-287", "product_name": "RHOL-5.6-RHEL-8", "release_date": "2024-10-07T00:00:00Z"}, {"advisory": "RHSA-2024:7323", "cpe": "cpe:/a:redhat:logging:5.6::el8", "package": "openshift-logging/vector-rhel8:v0.21.0-138", "product_name": "RHOL-5.6-RHEL-8", "release_date": "2024-10-07T00:00:00Z"}, {"advisory": "RHSA-2024:7237", "cpe": "cpe:/a:redhat:logging:5.8::el9", "package": "openshift-logging/cluster-logging-operator-bundle:v5.8.13-15", "product_name": "RHOL-5.8-RHEL-9", "release_date": "2024-09-26T00:00:00Z"}, {"advisory": "RHSA-2024:7237", "cpe": "cpe:/a:redhat:logging:5.8::el9", "package": "openshift-logging/cluster-logging-rhel9-operator:v5.8.13-7", "product_name": "RHOL-5.8-RHEL-9", "release_date": "2024-09-26T00:00:00Z"}, {"advisory": "RHSA-2024:7237", "cpe": "cpe:/a:redhat:logging:5.8::el9", "package": "openshift-logging/elasticsearch6-rhel9:v6.8.1-438", "product_name": "RHOL-5.8-RHEL-9", "release_date": "2024-09-26T00:00:00Z"}, {"advisory": "RHSA-2024:7237", "cpe": "cpe:/a:redhat:logging:5.8::el9", "package": "openshift-logging/elasticsearch-operator-bundle:v5.8.13-13", "product_name": "RHOL-5.8-RHEL-9", "release_date": "2024-09-26T00:00:00Z"}, {"advisory": "RHSA-2024:7237", "cpe": "cpe:/a:redhat:logging:5.8::el9", "package": "openshift-logging/elasticsearch-proxy-rhel9:v1.0.0-513", "product_name": "RHOL-5.8-RHEL-9", "release_date": "2024-09-26T00:00:00Z"}, {"advisory": "RHSA-2024:7237", "cpe": "cpe:/a:redhat:logging:5.8::el9", "package": "openshift-logging/elasticsearch-rhel9-operator:v5.8.13-5", "product_name": "RHOL-5.8-RHEL-9", "release_date": "2024-09-26T00:00:00Z"}, {"advisory": "RHSA-2024:7237", "cpe": "cpe:/a:redhat:logging:5.8::el9", "package": "openshift-logging/eventrouter-rhel9:v0.4.0-296", "product_name": "RHOL-5.8-RHEL-9", "release_date": "2024-09-26T00:00:00Z"}, {"advisory": "RHSA-2024:7237", "cpe": "cpe:/a:redhat:logging:5.8::el9", "package": "openshift-logging/fluentd-rhel9:v5.8.13-3", "product_name": "RHOL-5.8-RHEL-9", "release_date": "2024-09-26T00:00:00Z"}, {"advisory": "RHSA-2024:7237", "cpe": "cpe:/a:redhat:logging:5.8::el9", "package": "openshift-logging/log-file-metric-exporter-rhel9:v1.1.0-277", "product_name": "RHOL-5.8-RHEL-9", "release_date": "2024-09-26T00:00:00Z"}, {"advisory": "RHSA-2024:7237", "cpe": "cpe:/a:redhat:logging:5.8::el9", "package": "openshift-logging/logging-curator5-rhel9:v5.8.1-521", "product_name": "RHOL-5.8-RHEL-9", "release_date": "2024-09-26T00:00:00Z"}, {"advisory": "RHSA-2024:7237", "cpe": "cpe:/a:redhat:logging:5.8::el9", "package": "openshift-logging/logging-loki-rhel9:v3.1.1-7", "product_name": "RHOL-5.8-RHEL-9", "release_date": "2024-09-26T00:00:00Z"}, {"advisory": "RHSA-2024:7237", "cpe": "cpe:/a:redhat:logging:5.8::el9", "package": "openshift-logging/logging-view-plugin-rhel9:v5.8.13-4", "product_name": "RHOL-5.8-RHEL-9", "release_date": "2024-09-26T00:00:00Z"}, {"advisory": "RHSA-2024:7237", "cpe": "cpe:/a:redhat:logging:5.8::el9", "package": "openshift-logging/loki-operator-bundle:v5.8.13-17", "product_name": "RHOL-5.8-RHEL-9", "release_date": "2024-09-26T00:00:00Z"}, {"advisory": "RHSA-2024:7237", "cpe": "cpe:/a:redhat:logging:5.8::el9", "package": "openshift-logging/loki-rhel9-operator:v5.8.13-6", "product_name": "RHOL-5.8-RHEL-9", "release_date": "2024-09-26T00:00:00Z"}, {"advisory": "RHSA-2024:7237", "cpe": "cpe:/a:redhat:logging:5.8::el9", "package": "openshift-logging/lokistack-gateway-rhel9:v0.1.0-649", "product_name": "RHOL-5.8-RHEL-9", "release_date": "2024-09-26T00:00:00Z"}, {"advisory": "RHSA-2024:7237", "cpe": "cpe:/a:redhat:logging:5.8::el9", "package": "openshift-logging/opa-openshift-rhel9:v0.1.0-284", "product_name": "RHOL-5.8-RHEL-9", "release_date": "2024-09-26T00:00:00Z"}, {"advisory": "RHSA-2024:7237", "cpe": "cpe:/a:redhat:logging:5.8::el9", "package": "openshift-logging/vector-rhel9:v0.28.1-76", "product_name": "RHOL-5.8-RHEL-9", "release_date": "2024-09-26T00:00:00Z"}, {"advisory": "RHSA-2024:7324", "cpe": "cpe:/a:redhat:logging:5.9::el9", "package": "openshift-logging/cluster-logging-operator-bundle:v5.9.7-11", "product_name": "RHOL-5.9-RHEL-9", "release_date": "2024-10-02T00:00:00Z"}, {"advisory": "RHSA-2024:7324", "cpe": "cpe:/a:redhat:logging:5.9::el9", "package": "openshift-logging/cluster-logging-rhel9-operator:v5.9.7-6", "product_name": "RHOL-5.9-RHEL-9", "release_date": "2024-10-02T00:00:00Z"}, {"advisory": "RHSA-2024:7324", "cpe": "cpe:/a:redhat:logging:5.9::el9", "package": "openshift-logging/eventrouter-rhel9:v0.4.0-301", "product_name": "RHOL-5.9-RHEL-9", "release_date": "2024-10-02T00:00:00Z"}, {"advisory": "RHSA-2024:7324", "cpe": "cpe:/a:redhat:logging:5.9::el9", "package": "openshift-logging/fluentd-rhel9:v5.9.7-3", "product_name": "RHOL-5.9-RHEL-9", "release_date": "2024-10-02T00:00:00Z"}, {"advisory": "RHSA-2024:7324", "cpe": "cpe:/a:redhat:logging:5.9::el9", "package": "openshift-logging/log-file-metric-exporter-rhel9:v1.1.0-282", "product_name": "RHOL-5.9-RHEL-9", "release_date": "2024-10-02T00:00:00Z"}, {"advisory": "RHSA-2024:7324", "cpe": "cpe:/a:redhat:logging:5.9::el9", "package": "openshift-logging/logging-loki-rhel9:v3.1.1-10", "product_name": "RHOL-5.9-RHEL-9", "release_date": "2024-10-02T00:00:00Z"}, {"advisory": "RHSA-2024:7324", "cpe": "cpe:/a:redhat:logging:5.9::el9", "package": "openshift-logging/logging-view-plugin-rhel9:v5.9.7-5", "product_name": "RHOL-5.9-RHEL-9", "release_date": "2024-10-02T00:00:00Z"}, {"advisory": "RHSA-2024:7324", "cpe": "cpe:/a:redhat:logging:5.9::el9", "package": "openshift-logging/loki-operator-bundle:v5.9.7-16", "product_name": "RHOL-5.9-RHEL-9", "release_date": "2024-10-02T00:00:00Z"}, {"advisory": "RHSA-2024:7324", "cpe": "cpe:/a:redhat:logging:5.9::el9", "package": "openshift-logging/loki-rhel9-operator:v5.9.7-7", "product_name": "RHOL-5.9-RHEL-9", "release_date": "2024-10-02T00:00:00Z"}, {"advisory": "RHSA-2024:7324", "cpe": "cpe:/a:redhat:logging:5.9::el9", "package": "openshift-logging/lokistack-gateway-rhel9:v0.1.0-653", "product_name": "RHOL-5.9-RHEL-9", "release_date": "2024-10-02T00:00:00Z"}, {"advisory": "RHSA-2024:7324", "cpe": "cpe:/a:redhat:logging:5.9::el9", "package": "openshift-logging/opa-openshift-rhel9:v0.1.0-288", "product_name": "RHOL-5.9-RHEL-9", "release_date": "2024-10-02T00:00:00Z"}, {"advisory": "RHSA-2024:7324", "cpe": "cpe:/a:redhat:logging:5.9::el9", "package": "openshift-logging/vector-rhel9:v0.34.1-19", "product_name": "RHOL-5.9-RHEL-9", "release_date": "2024-10-02T00:00:00Z"}, {"advisory": "RHSA-2024:8314", "cpe": "cpe:/a:redhat:logging:6.0::el9", "package": "openshift-logging/logging-loki-rhel9:v3.2.0-12", "product_name": "RHOL-6.0-RHEL-9", "release_date": "2024-10-23T00:00:00Z"}, {"advisory": "RHSA-2024:4872", "cpe": "cpe:/a:redhat:openshift_serverless:1.33::el8", "package": "openshift-serverless-1/client-kn-rhel8:1.12.0-6", "product_name": "RHOSS-1.33-RHEL-8", "release_date": "2024-07-25T00:00:00Z"}, {"advisory": "RHSA-2024:4872", "cpe": "cpe:/a:redhat:openshift_serverless:1.33::el8", "package": "openshift-serverless-1/eventing-apiserver-receive-adapter-rhel8:1.12.0-7", "product_name": "RHOSS-1.33-RHEL-8", "release_date": "2024-07-25T00:00:00Z"}, {"advisory": "RHSA-2024:4872", "cpe": "cpe:/a:redhat:openshift_serverless:1.33::el8", "package": "openshift-serverless-1/eventing-controller-rhel8:1.12.0-7", "product_name": "RHOSS-1.33-RHEL-8", "release_date": "2024-07-25T00:00:00Z"}, {"advisory": "RHSA-2024:4872", "cpe": "cpe:/a:redhat:openshift_serverless:1.33::el8", "package": "openshift-serverless-1/eventing-in-memory-channel-controller-rhel8:1.12.0-7", "product_name": "RHOSS-1.33-RHEL-8", "release_date": "2024-07-25T00:00:00Z"}, {"advisory": "RHSA-2024:4872", "cpe": "cpe:/a:redhat:openshift_serverless:1.33::el8", "package": "openshift-serverless-1/eventing-in-memory-channel-dispatcher-rhel8:1.12.0-7", "product_name": "RHOSS-1.33-RHEL-8", "release_date": "2024-07-25T00:00:00Z"}, {"advisory": "RHSA-2024:4872", "cpe": "cpe:/a:redhat:openshift_serverless:1.33::el8", "package": "openshift-serverless-1/eventing-istio-controller-rhel8:1.12.0-5", "product_name": "RHOSS-1.33-RHEL-8", "release_date": "2024-07-25T00:00:00Z"}, {"advisory": "RHSA-2024:4872", "cpe": "cpe:/a:redhat:openshift_serverless:1.33::el8", "package": "openshift-serverless-1/eventing-kafka-broker-controller-rhel8:1.12.0-6", "product_name": "RHOSS-1.33-RHEL-8", "release_date": "2024-07-25T00:00:00Z"}, {"advisory": "RHSA-2024:4872", "cpe": "cpe:/a:redhat:openshift_serverless:1.33::el8", "package": "openshift-serverless-1/eventing-kafka-broker-dispatcher-rhel8:1.12.0-6", "product_name": "RHOSS-1.33-RHEL-8", "release_date": "2024-07-25T00:00:00Z"}, {"advisory": "RHSA-2024:4872", "cpe": "cpe:/a:redhat:openshift_serverless:1.33::el8", "package": "openshift-serverless-1/eventing-kafka-broker-post-install-rhel8:1.12.0-6", "product_name": "RHOSS-1.33-RHEL-8", "release_date": "2024-07-25T00:00:00Z"}, {"advisory": "RHSA-2024:4872", "cpe": "cpe:/a:redhat:openshift_serverless:1.33::el8", "package": "openshift-serverless-1/eventing-kafka-broker-receiver-rhel8:1.12.0-6", "product_name": "RHOSS-1.33-RHEL-8", "release_date": "2024-07-25T00:00:00Z"}, {"advisory": "RHSA-2024:4872", "cpe": "cpe:/a:redhat:openshift_serverless:1.33::el8", "package": "openshift-serverless-1/eventing-kafka-broker-webhook-rhel8:1.12.0-6", "product_name": "RHOSS-1.33-RHEL-8", "release_date": "2024-07-25T00:00:00Z"}, {"advisory": "RHSA-2024:4872", "cpe": "cpe:/a:redhat:openshift_serverless:1.33::el8", "package": "openshift-serverless-1/eventing-mtbroker-filter-rhel8:1.12.0-7", "product_name": "RHOSS-1.33-RHEL-8", "release_date": "2024-07-25T00:00:00Z"}, {"advisory": "RHSA-2024:4872", "cpe": "cpe:/a:redhat:openshift_serverless:1.33::el8", "package": "openshift-serverless-1/eventing-mtbroker-ingress-rhel8:1.12.0-7", "product_name": "RHOSS-1.33-RHEL-8", "release_date": "2024-07-25T00:00:00Z"}, {"advisory": "RHSA-2024:4872", "cpe": "cpe:/a:redhat:openshift_serverless:1.33::el8", "package": "openshift-serverless-1/eventing-mtchannel-broker-rhel8:1.12.0-7", "product_name": "RHOSS-1.33-RHEL-8", "release_date": "2024-07-25T00:00:00Z"}, {"advisory": "RHSA-2024:4872", "cpe": "cpe:/a:redhat:openshift_serverless:1.33::el8", "package": "openshift-serverless-1/eventing-mtping-rhel8:1.12.0-7", "product_name": "RHOSS-1.33-RHEL-8", "release_date": "2024-07-25T00:00:00Z"}, {"advisory": "RHSA-2024:4872", "cpe": "cpe:/a:redhat:openshift_serverless:1.33::el8", "package": "openshift-serverless-1/eventing-storage-version-migration-rhel8:1.12.0-7", "product_name": "RHOSS-1.33-RHEL-8", "release_date": "2024-07-25T00:00:00Z"}, {"advisory": "RHSA-2024:4872", "cpe": "cpe:/a:redhat:openshift_serverless:1.33::el8", "package": "openshift-serverless-1/eventing-webhook-rhel8:1.12.0-7", "product_name": "RHOSS-1.33-RHEL-8", "release_date": "2024-07-25T00:00:00Z"}, {"advisory": "RHSA-2024:4872", "cpe": "cpe:/a:redhat:openshift_serverless:1.33::el8", "package": "openshift-serverless-1/func-utils-rhel8:1.33.1-1", "product_name": "RHOSS-1.33-RHEL-8", "release_date": "2024-07-25T00:00:00Z"}, {"advisory": "RHSA-2024:4872", "cpe": "cpe:/a:redhat:openshift_serverless:1.33::el8", "package": "openshift-serverless-1/ingress-rhel8-operator:1.33.1-2", "product_name": "RHOSS-1.33-RHEL-8", "release_date": "2024-07-25T00:00:00Z"}, {"advisory": "RHSA-2024:4872", "cpe": "cpe:/a:redhat:openshift_serverless:1.33::el8", "package": "openshift-serverless-1/knative-rhel8-operator:1.33.1-2", "product_name": "RHOSS-1.33-RHEL-8", "release_date": "2024-07-25T00:00:00Z"}, {"advisory": "RHSA-2024:4872", "cpe": "cpe:/a:redhat:openshift_serverless:1.33::el8", "package": "openshift-serverless-1/kn-cli-artifacts-rhel8:1.12.0-6", "product_name": "RHOSS-1.33-RHEL-8", "release_date": "2024-07-25T00:00:00Z"}, {"advisory": "RHSA-2024:4872", "cpe": "cpe:/a:redhat:openshift_serverless:1.33::el8", "package": "openshift-serverless-1/kourier-control-rhel8:1.12.0-5", "product_name": "RHOSS-1.33-RHEL-8", "release_date": "2024-07-25T00:00:00Z"}, {"advisory": "RHSA-2024:4872", "cpe": "cpe:/a:redhat:openshift_serverless:1.33::el8", "package": "openshift-serverless-1/net-istio-controller-rhel8:1.12.0-5", "product_name": "RHOSS-1.33-RHEL-8", "release_date": "2024-07-25T00:00:00Z"}, {"advisory": "RHSA-2024:4872", "cpe": "cpe:/a:redhat:openshift_serverless:1.33::el8", "package": "openshift-serverless-1/net-istio-webhook-rhel8:1.12.0-5", "product_name": "RHOSS-1.33-RHEL-8", "release_date": "2024-07-25T00:00:00Z"}, {"advisory": "RHSA-2024:4872", "cpe": "cpe:/a:redhat:openshift_serverless:1.33::el8", "package": "openshift-serverless-1/serverless-operator-bundle:1.33.1-2", "product_name": "RHOSS-1.33-RHEL-8", "release_date": "2024-07-25T00:00:00Z"}, {"advisory": "RHSA-2024:4872", "cpe": "cpe:/a:redhat:openshift_serverless:1.33::el8", "package": "openshift-serverless-1/serverless-rhel8-operator:1.33.1-2", "product_name": "RHOSS-1.33-RHEL-8", "release_date": "2024-07-25T00:00:00Z"}, {"advisory": "RHSA-2024:4872", "cpe": "cpe:/a:redhat:openshift_serverless:1.33::el8", "package": "openshift-serverless-1/serving-activator-rhel8:1.12.0-5", "product_name": "RHOSS-1.33-RHEL-8", "release_date": "2024-07-25T00:00:00Z"}, {"advisory": "RHSA-2024:4872", "cpe": "cpe:/a:redhat:openshift_serverless:1.33::el8", "package": "openshift-serverless-1/serving-autoscaler-hpa-rhel8:1.12.0-5", "product_name": "RHOSS-1.33-RHEL-8", "release_date": "2024-07-25T00:00:00Z"}, {"advisory": "RHSA-2024:4872", "cpe": "cpe:/a:redhat:openshift_serverless:1.33::el8", "package": "openshift-serverless-1/serving-autoscaler-rhel8:1.12.0-5", "product_name": "RHOSS-1.33-RHEL-8", "release_date": "2024-07-25T00:00:00Z"}, {"advisory": "RHSA-2024:4872", "cpe": "cpe:/a:redhat:openshift_serverless:1.33::el8", "package": "openshift-serverless-1/serving-controller-rhel8:1.12.0-5", "product_name": "RHOSS-1.33-RHEL-8", "release_date": "2024-07-25T00:00:00Z"}, {"advisory": "RHSA-2024:4872", "cpe": "cpe:/a:redhat:openshift_serverless:1.33::el8", "package": "openshift-serverless-1/serving-queue-rhel8:1.12.0-5", "product_name": "RHOSS-1.33-RHEL-8", "release_date": "2024-07-25T00:00:00Z"}, {"advisory": "RHSA-2024:4872", "cpe": "cpe:/a:redhat:openshift_serverless:1.33::el8", "package": "openshift-serverless-1/serving-storage-version-migration-rhel8:1.12.0-5", "product_name": "RHOSS-1.33-RHEL-8", "release_date": "2024-07-25T00:00:00Z"}, {"advisory": "RHSA-2024:4872", "cpe": "cpe:/a:redhat:openshift_serverless:1.33::el8", "package": "openshift-serverless-1/serving-webhook-rhel8:1.12.0-5", "product_name": "RHOSS-1.33-RHEL-8", "release_date": "2024-07-25T00:00:00Z"}, {"advisory": "RHSA-2024:4872", "cpe": "cpe:/a:redhat:openshift_serverless:1.33::el8", "package": "openshift-serverless-1/svls-must-gather-rhel8:1.33.1-1", "product_name": "RHOSS-1.33-RHEL-8", "release_date": "2024-07-25T00:00:00Z"}, {"advisory": "RHSA-2024:4872", "cpe": "cpe:/a:redhat:openshift_serverless:1.33::el8", "package": "openshift-serverless-1-tech-preview/backstage-plugins-eventmesh-rhel8:1.33.1-1", "product_name": "RHOSS-1.33-RHEL-8", "release_date": "2024-07-25T00:00:00Z"}, {"advisory": "RHSA-2024:4872", "cpe": "cpe:/a:redhat:openshift_serverless:1.33::el8", "package": "openshift-serverless-1-tech-preview/knative-client-plugin-event-sender-rhel8:1.12.0-6", "product_name": "RHOSS-1.33-RHEL-8", "release_date": "2024-07-25T00:00:00Z"}, {"advisory": "RHSA-2025:3714", "cpe": "cpe:/a:redhat:cert_manager:1.14::el9", "package": "registry.redhat.io/cert-manager/jetstack-cert-manager-rhel9:sha256:d2b37ee05356f9b32b677c0edecf9b942ec5102655715a067dc35279c597dd9e", "product_name": "cert-manager operator for Red Hat OpenShift 1.14", "release_date": "2025-04-08T00:00:00Z"}, {"advisory": "RHSA-2025:0536", "cpe": "cpe:/a:redhat:cert_manager:1.15::el9", "package": "registry.redhat.io/cert-manager/jetstack-cert-manager-acmesolver-rhel9:sha256:c1f40166786adbd77027d0dc210e8fcd0320e9f2d3b9a3df6f6ab27a46c8ade1", "product_name": "cert-manager operator for Red Hat OpenShift 1.15", "release_date": "2025-01-21T00:00:00Z"}, {"advisory": "RHSA-2025:0536", "cpe": "cpe:/a:redhat:cert_manager:1.15::el9", "package": "registry.redhat.io/cert-manager/jetstack-cert-manager-rhel9:sha256:30d0113003152532d29a845550a78454a1f88099e90b475711ab74901560c67e", "product_name": "cert-manager operator for Red Hat OpenShift 1.15", "release_date": "2025-01-21T00:00:00Z"}], "bugzilla": {"description": "go-retryablehttp: url might write sensitive information to log file", "id": "2294000", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2294000"}, "csaw": false, "cvss3": {"cvss3_base_score": "6.0", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N", "status": "verified"}, "cwe": "CWE-532", "details": ["go-retryablehttp prior to 0.7.7 did not sanitize urls when writing them to its log file. This could lead to go-retryablehttp writing sensitive HTTP basic auth credentials to its log file. This vulnerability, CVE-2024-6104, was fixed in go-retryablehttp 0.7.7.", "A vulnerability was found in go-retryablehttp. The package may suffer from a lack of input sanitization by not cleaning up URL data when writing to the logs. This issue could expose sensitive authentication information."], "mitigation": {"lang": "en:us", "value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."}, "name": "CVE-2024-6104", "package_state": [{"cpe": "cpe:/a:redhat:openshift_custom_metrics_autoscaler:2", "fix_state": "Affected", "package_name": "custom-metrics-autoscaler/custom-metrics-autoscaler-rhel8", "product_name": "Custom Metric Autoscaler operator for Red Hat Openshift"}, {"cpe": "cpe:/a:redhat:multicluster_engine", "fix_state": "Not affected", "package_name": "multicluster-engine/cluster-api-provider-azure-rhel8", "product_name": "Multicluster Engine for Kubernetes"}, {"cpe": "cpe:/a:redhat:multicluster_engine", "fix_state": "Not affected", "package_name": "multicluster-engine/hypershift-cli-rhel8", "product_name": "Multicluster Engine for Kubernetes"}, {"cpe": "cpe:/a:redhat:openshift_api_data_protection:1", "fix_state": "Will not fix", "package_name": "oadp/oadp-kubevirt-velero-plugin-rhel8", "product_name": "OpenShift API for Data Protection"}, {"cpe": "cpe:/a:redhat:openshift_pipelines:1", "fix_state": "Affected", "package_name": "openshift-pipelines-client", "product_name": "OpenShift Pipelines"}, {"cpe": "cpe:/a:redhat:serverless:1", "fix_state": "Affected", "package_name": "openshift-serverless-clients", "product_name": "OpenShift Serverless"}, {"cpe": "cpe:/a:redhat:ceph_storage:6", "fix_state": "Affected", "package_name": "rhceph/rhceph-6-dashboard-rhel9", "product_name": "Red Hat Ceph Storage 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Affected", "package_name": "osbuild-composer", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Will not fix", "package_name": "osbuild-composer", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/a:redhat:openshift_ai", "fix_state": "Not affected", "package_name": "odh-ml-pipelines-cache-container", "product_name": "Red Hat OpenShift AI (RHOAI)"}, {"cpe": "cpe:/a:redhat:openshift_ai", "fix_state": "Will not fix", "package_name": "odh-ml-pipelines-driver-container", "product_name": "Red Hat OpenShift AI (RHOAI)"}, {"cpe": "cpe:/a:redhat:openshift:4", "fix_state": "Will not fix", "package_name": "openshift4/ose-console", "product_name": "Red Hat OpenShift Container Platform 4"}, {"cpe": "cpe:/a:redhat:openshift:4", "fix_state": "Will not fix", "package_name": "openshift4/ose-contour-rhel8", "product_name": "Red Hat OpenShift Container Platform 4"}, {"cpe": "cpe:/a:redhat:openshift:4", "fix_state": "Fix deferred", "package_name": "openshift4/ose-ibmcloud-cluster-api-controllers-rhel8", "product_name": "Red Hat OpenShift Container Platform 4"}, {"cpe": "cpe:/a:redhat:openshift:4", "fix_state": "Fix deferred", "package_name": "openshift4/ose-ibm-cloud-controller-manager-rhel8", "product_name": "Red Hat OpenShift Container Platform 4"}, {"cpe": "cpe:/a:redhat:openshift:4", "fix_state": "Fix deferred", "package_name": "openshift4/ose-powervs-machine-controllers-rhel8", "product_name": "Red Hat OpenShift Container Platform 4"}, {"cpe": "cpe:/a:redhat:openshift_container_storage:4", "fix_state": "Out of support scope", "package_name": "mcg", "product_name": "Red Hat Openshift Container Storage 4"}, {"cpe": "cpe:/a:redhat:openshift_container_storage:4", "fix_state": "Out of support scope", "package_name": "ocs4/cephcsi-rhel8", "product_name": "Red Hat Openshift Container Storage 4"}, {"cpe": "cpe:/a:redhat:openshift_container_storage:4", "fix_state": "Out of support scope", "package_name": "ocs4/mcg-rhel8-operator", "product_name": "Red Hat Openshift Container Storage 4"}, {"cpe": "cpe:/a:redhat:openshift_container_storage:4", "fix_state": "Out of support scope", "package_name": "ocs4/ocs-rhel8-operator", "product_name": "Red Hat Openshift Container Storage 4"}, {"cpe": "cpe:/a:redhat:openshift_container_storage:4", "fix_state": "Out of support scope", "package_name": "ocs4/rook-ceph-rhel8-operator", "product_name": "Red Hat Openshift Container Storage 4"}, {"cpe": "cpe:/a:redhat:openshift_data_foundation:4", "fix_state": "Affected", "package_name": "mcg", "product_name": "Red Hat Openshift Data Foundation 4"}, {"cpe": "cpe:/a:redhat:openshift_data_foundation:4", "fix_state": "Affected", "package_name": "odf4/mcg-cli-rhel9", "product_name": "Red Hat Openshift Data Foundation 4"}, {"cpe": "cpe:/a:redhat:openshift_data_science", "fix_state": "Not affected", "package_name": "rhods/odh-ml-pipelines-cache-rhel8", "product_name": "Red Hat OpenShift Data Science (RHODS)"}, {"cpe": "cpe:/a:redhat:openshift_devspaces:3:", "fix_state": "Will not fix", "package_name": "devspaces/traefik-rhel8", "product_name": "Red Hat OpenShift Dev Spaces"}, {"cpe": "cpe:/a:redhat:openshift_distributed_tracing:3", "fix_state": "Affected", "package_name": "rhosdt/opentelemetry-collector-rhel8", "product_name": "Red Hat OpenShift distributed tracing 3"}, {"cpe": "cpe:/a:redhat:openshift_distributed_tracing:3", "fix_state": "Affected", "package_name": "rhosdt/opentelemetry-rhel8-operator", "product_name": "Red Hat OpenShift distributed tracing 3"}, {"cpe": "cpe:/a:redhat:openshift_sandboxed_containers:1", "fix_state": "Affected", "package_name": "openshift-sandboxed-containers/osc-podvm-payload-rhel9", "product_name": "Red Hat Openshift Sandboxed Containers"}, {"cpe": "cpe:/a:redhat:openshift_sandboxed_containers:1", "fix_state": "Affected", "package_name": "openshift-sandboxed-containers/osc-rhel8-operator", "product_name": "Red Hat Openshift Sandboxed Containers"}], "public_date": "2024-06-24T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2024-6104\nhttps://nvd.nist.gov/vuln/detail/CVE-2024-6104"], "threat_severity": "Moderate"}

Metrics

Attack Vector Local

Attack Complexity Low

Privileges Required High

Scope Changed

Confidentiality Impact High

Integrity Impact None

Availability Impact None

User Interaction None

Affected Vendors & Products

Metrics

Attack Vector Local

Attack Complexity Low

Privileges Required High

Scope Changed

Confidentiality Impact High

Integrity Impact None

Availability Impact None

User Interaction None

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object