{
  "document": {
    "aggregate_severity": {
      "namespace": "https://access.redhat.com/security/updates/classification/",
      "text": "Important"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright © Red Hat, Inc. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "The Migration Toolkit for Containers (MTC) 1.7.10 is now available.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
        "title": "Topic"
      },
      {
        "category": "general",
        "text": "The Migration Toolkit for Containers (MTC) enables you to migrate Kubernetes resources, persistent volume data, and internal container images between OpenShift Container Platform clusters, using the MTC web console or the Kubernetes API.\n\nSecurity Fix(es) from Bugzilla:\n\n* golang: html/template: improper handling of JavaScript whitespace (CVE-2023-24540)\n\n* golang: net/http, net/textproto: denial of service from excessive memory allocation (CVE-2023-24534)\n\n* golang: net/http, net/textproto, mime/multipart: denial of service from excessive resource consumption (CVE-2023-24536)\n\n* golang: go/parser: Infinite loop in parsing (CVE-2023-24537)\n\n* golang: html/template: backticks not treated as string delimiters (CVE-2023-24538)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.",
        "title": "Details"
      },
      {
        "category": "legal_disclaimer",
        "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
        "title": "Terms of Use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://access.redhat.com/security/team/contact/",
      "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
      "name": "Red Hat Product Security",
      "namespace": "https://www.redhat.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "https://access.redhat.com/errata/RHSA-2023:3624",
        "url": "https://access.redhat.com/errata/RHSA-2023:3624"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/updates/classification/#important",
        "url": "https://access.redhat.com/security/updates/classification/#important"
      },
      {
        "category": "external",
        "summary": "2184481",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2184481"
      },
      {
        "category": "external",
        "summary": "2184482",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2184482"
      },
      {
        "category": "external",
        "summary": "2184483",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2184483"
      },
      {
        "category": "external",
        "summary": "2184484",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2184484"
      },
      {
        "category": "external",
        "summary": "2196027",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2196027"
      },
      {
        "category": "external",
        "summary": "2204461",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2204461"
      },
      {
        "category": "external",
        "summary": "2210565",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2210565"
      },
      {
        "category": "external",
        "summary": "2212528",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2212528"
      },
      {
        "category": "self",
        "summary": "Canonical URL",
        "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2023/rhsa-2023_3624.json"
      }
    ],
    "title": "Red Hat Security Advisory: Migration Toolkit for Containers (MTC) 1.7.10 security and bug fix update",
    "tracking": {
      "current_release_date": "2026-06-30T03:24:58+00:00",
      "generator": {
        "date": "2026-06-30T03:24:58+00:00",
        "engine": {
          "name": "Red Hat SDEngine",
          "version": "5.3.0"
        }
      },
      "id": "RHSA-2023:3624",
      "initial_release_date": "2023-06-15T09:48:09+00:00",
      "revision_history": [
        {
          "date": "2023-06-15T09:48:09+00:00",
          "number": "1",
          "summary": "Initial version"
        },
        {
          "date": "2023-06-15T09:48:09+00:00",
          "number": "2",
          "summary": "Last updated version"
        },
        {
          "date": "2026-06-30T03:24:58+00:00",
          "number": "3",
          "summary": "Last generated version"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "8Base-RHMTC-1.7",
                "product": {
                  "name": "8Base-RHMTC-1.7",
                  "product_id": "8Base-RHMTC-1.7",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:rhmt:1.7::el8"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "Red Hat Migration Toolkit"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "rhmtc/openshift-migration-controller-rhel8@sha256:fdd27f3cb68a541b704fa014e7ea564583307743a4d31032cad01268dddf55bc_amd64",
                "product": {
                  "name": "rhmtc/openshift-migration-controller-rhel8@sha256:fdd27f3cb68a541b704fa014e7ea564583307743a4d31032cad01268dddf55bc_amd64",
                  "product_id": "rhmtc/openshift-migration-controller-rhel8@sha256:fdd27f3cb68a541b704fa014e7ea564583307743a4d31032cad01268dddf55bc_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/openshift-migration-controller-rhel8@sha256:fdd27f3cb68a541b704fa014e7ea564583307743a4d31032cad01268dddf55bc?arch=amd64&repository_url=registry.redhat.io/rhmtc/openshift-migration-controller-rhel8&tag=v1.7.10-5"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "rhmtc/openshift-migration-hook-runner-rhel8@sha256:9fea1718dc2fe0dd2735750df6d16921086e2593da3c8de2272584f1b976c6ee_amd64",
                "product": {
                  "name": "rhmtc/openshift-migration-hook-runner-rhel8@sha256:9fea1718dc2fe0dd2735750df6d16921086e2593da3c8de2272584f1b976c6ee_amd64",
                  "product_id": "rhmtc/openshift-migration-hook-runner-rhel8@sha256:9fea1718dc2fe0dd2735750df6d16921086e2593da3c8de2272584f1b976c6ee_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/openshift-migration-hook-runner-rhel8@sha256:9fea1718dc2fe0dd2735750df6d16921086e2593da3c8de2272584f1b976c6ee?arch=amd64&repository_url=registry.redhat.io/rhmtc/openshift-migration-hook-runner-rhel8&tag=v1.7.10-2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "rhmtc/openshift-migration-legacy-rhel8-operator@sha256:ea7911f8d680f1a827fdd29fc67c5b5d0d5f420fd09baa930809ef4fa38ae6ab_amd64",
                "product": {
                  "name": "rhmtc/openshift-migration-legacy-rhel8-operator@sha256:ea7911f8d680f1a827fdd29fc67c5b5d0d5f420fd09baa930809ef4fa38ae6ab_amd64",
                  "product_id": "rhmtc/openshift-migration-legacy-rhel8-operator@sha256:ea7911f8d680f1a827fdd29fc67c5b5d0d5f420fd09baa930809ef4fa38ae6ab_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/openshift-migration-legacy-rhel8-operator@sha256:ea7911f8d680f1a827fdd29fc67c5b5d0d5f420fd09baa930809ef4fa38ae6ab?arch=amd64&repository_url=registry.redhat.io/rhmtc/openshift-migration-legacy-rhel8-operator&tag=v1.7.10-4"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "rhmtc/openshift-migration-log-reader-rhel8@sha256:d768e09a2ab2d6906d63612488d32180d1c6270804c0bcc9fa6f89bbd7f04193_amd64",
                "product": {
                  "name": "rhmtc/openshift-migration-log-reader-rhel8@sha256:d768e09a2ab2d6906d63612488d32180d1c6270804c0bcc9fa6f89bbd7f04193_amd64",
                  "product_id": "rhmtc/openshift-migration-log-reader-rhel8@sha256:d768e09a2ab2d6906d63612488d32180d1c6270804c0bcc9fa6f89bbd7f04193_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/openshift-migration-log-reader-rhel8@sha256:d768e09a2ab2d6906d63612488d32180d1c6270804c0bcc9fa6f89bbd7f04193?arch=amd64&repository_url=registry.redhat.io/rhmtc/openshift-migration-log-reader-rhel8&tag=v1.7.10-2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "rhmtc/openshift-migration-must-gather-rhel8@sha256:fdf17820034efd0f7f76274798518bcea6c9483c8de8804f5a56b651ef77e717_amd64",
                "product": {
                  "name": "rhmtc/openshift-migration-must-gather-rhel8@sha256:fdf17820034efd0f7f76274798518bcea6c9483c8de8804f5a56b651ef77e717_amd64",
                  "product_id": "rhmtc/openshift-migration-must-gather-rhel8@sha256:fdf17820034efd0f7f76274798518bcea6c9483c8de8804f5a56b651ef77e717_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/openshift-migration-must-gather-rhel8@sha256:fdf17820034efd0f7f76274798518bcea6c9483c8de8804f5a56b651ef77e717?arch=amd64&repository_url=registry.redhat.io/rhmtc/openshift-migration-must-gather-rhel8&tag=v1.7.10-2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "rhmtc/openshift-migration-openvpn-rhel8@sha256:edfff81bc56194aea84e3b80fa550b439c266df3fc81c58c111e5972b670f7ae_amd64",
                "product": {
                  "name": "rhmtc/openshift-migration-openvpn-rhel8@sha256:edfff81bc56194aea84e3b80fa550b439c266df3fc81c58c111e5972b670f7ae_amd64",
                  "product_id": "rhmtc/openshift-migration-openvpn-rhel8@sha256:edfff81bc56194aea84e3b80fa550b439c266df3fc81c58c111e5972b670f7ae_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/openshift-migration-openvpn-rhel8@sha256:edfff81bc56194aea84e3b80fa550b439c266df3fc81c58c111e5972b670f7ae?arch=amd64&repository_url=registry.redhat.io/rhmtc/openshift-migration-openvpn-rhel8&tag=v1.7.10-2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "rhmtc/openshift-migration-rhel8-operator@sha256:41c5da49059d19beb97ec9d9fd4542120af73d488ffdc1d611c9774bf1f7c79a_amd64",
                "product": {
                  "name": "rhmtc/openshift-migration-rhel8-operator@sha256:41c5da49059d19beb97ec9d9fd4542120af73d488ffdc1d611c9774bf1f7c79a_amd64",
                  "product_id": "rhmtc/openshift-migration-rhel8-operator@sha256:41c5da49059d19beb97ec9d9fd4542120af73d488ffdc1d611c9774bf1f7c79a_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/openshift-migration-rhel8-operator@sha256:41c5da49059d19beb97ec9d9fd4542120af73d488ffdc1d611c9774bf1f7c79a?arch=amd64&repository_url=registry.redhat.io/rhmtc/openshift-migration-rhel8-operator&tag=v1.7.10-4"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "rhmtc/openshift-migration-operator-bundle@sha256:20d278777ec6758913a21946f57ea207fd924f84085f6bf9ea51cd94eaae24ca_amd64",
                "product": {
                  "name": "rhmtc/openshift-migration-operator-bundle@sha256:20d278777ec6758913a21946f57ea207fd924f84085f6bf9ea51cd94eaae24ca_amd64",
                  "product_id": "rhmtc/openshift-migration-operator-bundle@sha256:20d278777ec6758913a21946f57ea207fd924f84085f6bf9ea51cd94eaae24ca_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/openshift-migration-operator-bundle@sha256:20d278777ec6758913a21946f57ea207fd924f84085f6bf9ea51cd94eaae24ca?arch=amd64&repository_url=registry.redhat.io/rhmtc/openshift-migration-operator-bundle&tag=v1.7.10-4"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "rhmtc/openshift-migration-registry-rhel8@sha256:3200f7f9624ad8aee46d0e3ebf6c04464b277cac4da67075863c2f4f0b33aaff_amd64",
                "product": {
                  "name": "rhmtc/openshift-migration-registry-rhel8@sha256:3200f7f9624ad8aee46d0e3ebf6c04464b277cac4da67075863c2f4f0b33aaff_amd64",
                  "product_id": "rhmtc/openshift-migration-registry-rhel8@sha256:3200f7f9624ad8aee46d0e3ebf6c04464b277cac4da67075863c2f4f0b33aaff_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/openshift-migration-registry-rhel8@sha256:3200f7f9624ad8aee46d0e3ebf6c04464b277cac4da67075863c2f4f0b33aaff?arch=amd64&repository_url=registry.redhat.io/rhmtc/openshift-migration-registry-rhel8&tag=v1.7.10-2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:b172c46f467a7813bed75b04dd82c24be0092e1ea2c74a45a8f82ce895876e81_amd64",
                "product": {
                  "name": "rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:b172c46f467a7813bed75b04dd82c24be0092e1ea2c74a45a8f82ce895876e81_amd64",
                  "product_id": "rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:b172c46f467a7813bed75b04dd82c24be0092e1ea2c74a45a8f82ce895876e81_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/openshift-migration-rsync-transfer-rhel8@sha256:b172c46f467a7813bed75b04dd82c24be0092e1ea2c74a45a8f82ce895876e81?arch=amd64&repository_url=registry.redhat.io/rhmtc/openshift-migration-rsync-transfer-rhel8&tag=v1.7.10-2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "rhmtc/openshift-migration-ui-rhel8@sha256:926a4c07b2a4223264fa1455f3f056d94a9dc52885713978ff8586e8caa2eff5_amd64",
                "product": {
                  "name": "rhmtc/openshift-migration-ui-rhel8@sha256:926a4c07b2a4223264fa1455f3f056d94a9dc52885713978ff8586e8caa2eff5_amd64",
                  "product_id": "rhmtc/openshift-migration-ui-rhel8@sha256:926a4c07b2a4223264fa1455f3f056d94a9dc52885713978ff8586e8caa2eff5_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/openshift-migration-ui-rhel8@sha256:926a4c07b2a4223264fa1455f3f056d94a9dc52885713978ff8586e8caa2eff5?arch=amd64&repository_url=registry.redhat.io/rhmtc/openshift-migration-ui-rhel8&tag=v1.7.10-2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "rhmtc/openshift-migration-velero-rhel8@sha256:346fa63bcbdc03896e91b2ee3318e062b4deb7fe9183135c7841d0da69c3690c_amd64",
                "product": {
                  "name": "rhmtc/openshift-migration-velero-rhel8@sha256:346fa63bcbdc03896e91b2ee3318e062b4deb7fe9183135c7841d0da69c3690c_amd64",
                  "product_id": "rhmtc/openshift-migration-velero-rhel8@sha256:346fa63bcbdc03896e91b2ee3318e062b4deb7fe9183135c7841d0da69c3690c_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/openshift-migration-velero-rhel8@sha256:346fa63bcbdc03896e91b2ee3318e062b4deb7fe9183135c7841d0da69c3690c?arch=amd64&repository_url=registry.redhat.io/rhmtc/openshift-migration-velero-rhel8&tag=v1.7.10-2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "rhmtc/openshift-migration-velero-plugin-for-aws-rhel8@sha256:6097ccca550816d040055dd4878d17cc0996d47a436f06296fe5d26c5862e1f5_amd64",
                "product": {
                  "name": "rhmtc/openshift-migration-velero-plugin-for-aws-rhel8@sha256:6097ccca550816d040055dd4878d17cc0996d47a436f06296fe5d26c5862e1f5_amd64",
                  "product_id": "rhmtc/openshift-migration-velero-plugin-for-aws-rhel8@sha256:6097ccca550816d040055dd4878d17cc0996d47a436f06296fe5d26c5862e1f5_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/openshift-migration-velero-plugin-for-aws-rhel8@sha256:6097ccca550816d040055dd4878d17cc0996d47a436f06296fe5d26c5862e1f5?arch=amd64&repository_url=registry.redhat.io/rhmtc/openshift-migration-velero-plugin-for-aws-rhel8&tag=v1.7.10-2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "rhmtc/openshift-migration-velero-plugin-for-gcp-rhel8@sha256:1b4eb48d9aa6b63cd6409fa5b77eb769a2ed4bc257a4058d1a07a66ea95039a5_amd64",
                "product": {
                  "name": "rhmtc/openshift-migration-velero-plugin-for-gcp-rhel8@sha256:1b4eb48d9aa6b63cd6409fa5b77eb769a2ed4bc257a4058d1a07a66ea95039a5_amd64",
                  "product_id": "rhmtc/openshift-migration-velero-plugin-for-gcp-rhel8@sha256:1b4eb48d9aa6b63cd6409fa5b77eb769a2ed4bc257a4058d1a07a66ea95039a5_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/openshift-migration-velero-plugin-for-gcp-rhel8@sha256:1b4eb48d9aa6b63cd6409fa5b77eb769a2ed4bc257a4058d1a07a66ea95039a5?arch=amd64&repository_url=registry.redhat.io/rhmtc/openshift-migration-velero-plugin-for-gcp-rhel8&tag=v1.7.10-2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "rhmtc/openshift-migration-velero-plugin-for-microsoft-azure-rhel8@sha256:9ef09a93b6910806b2952b9d50c5a61ae6f2c7284c439f61bf303d2e893c8c22_amd64",
                "product": {
                  "name": "rhmtc/openshift-migration-velero-plugin-for-microsoft-azure-rhel8@sha256:9ef09a93b6910806b2952b9d50c5a61ae6f2c7284c439f61bf303d2e893c8c22_amd64",
                  "product_id": "rhmtc/openshift-migration-velero-plugin-for-microsoft-azure-rhel8@sha256:9ef09a93b6910806b2952b9d50c5a61ae6f2c7284c439f61bf303d2e893c8c22_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/openshift-migration-velero-plugin-for-microsoft-azure-rhel8@sha256:9ef09a93b6910806b2952b9d50c5a61ae6f2c7284c439f61bf303d2e893c8c22?arch=amd64&repository_url=registry.redhat.io/rhmtc/openshift-migration-velero-plugin-for-microsoft-azure-rhel8&tag=v1.7.10-2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "rhmtc/openshift-migration-velero-restic-restore-helper-rhel8@sha256:6da71292aa6f83b0c6cc113c6c05b2224ba2b3f90de62d69843cf6399558551e_amd64",
                "product": {
                  "name": "rhmtc/openshift-migration-velero-restic-restore-helper-rhel8@sha256:6da71292aa6f83b0c6cc113c6c05b2224ba2b3f90de62d69843cf6399558551e_amd64",
                  "product_id": "rhmtc/openshift-migration-velero-restic-restore-helper-rhel8@sha256:6da71292aa6f83b0c6cc113c6c05b2224ba2b3f90de62d69843cf6399558551e_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/openshift-migration-velero-restic-restore-helper-rhel8@sha256:6da71292aa6f83b0c6cc113c6c05b2224ba2b3f90de62d69843cf6399558551e?arch=amd64&repository_url=registry.redhat.io/rhmtc/openshift-migration-velero-restic-restore-helper-rhel8&tag=v1.7.10-2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "rhmtc/openshift-velero-plugin-rhel8@sha256:916d5fd70f5eb58931927d44e05e2287ce85f04ac3bdefde78b6522214a0286e_amd64",
                "product": {
                  "name": "rhmtc/openshift-velero-plugin-rhel8@sha256:916d5fd70f5eb58931927d44e05e2287ce85f04ac3bdefde78b6522214a0286e_amd64",
                  "product_id": "rhmtc/openshift-velero-plugin-rhel8@sha256:916d5fd70f5eb58931927d44e05e2287ce85f04ac3bdefde78b6522214a0286e_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/openshift-velero-plugin-rhel8@sha256:916d5fd70f5eb58931927d44e05e2287ce85f04ac3bdefde78b6522214a0286e?arch=amd64&repository_url=registry.redhat.io/rhmtc/openshift-velero-plugin-rhel8&tag=v1.7.10-2"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "amd64"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rhmtc/openshift-migration-controller-rhel8@sha256:fdd27f3cb68a541b704fa014e7ea564583307743a4d31032cad01268dddf55bc_amd64 as a component of 8Base-RHMTC-1.7",
          "product_id": "8Base-RHMTC-1.7:rhmtc/openshift-migration-controller-rhel8@sha256:fdd27f3cb68a541b704fa014e7ea564583307743a4d31032cad01268dddf55bc_amd64"
        },
        "product_reference": "rhmtc/openshift-migration-controller-rhel8@sha256:fdd27f3cb68a541b704fa014e7ea564583307743a4d31032cad01268dddf55bc_amd64",
        "relates_to_product_reference": "8Base-RHMTC-1.7"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rhmtc/openshift-migration-hook-runner-rhel8@sha256:9fea1718dc2fe0dd2735750df6d16921086e2593da3c8de2272584f1b976c6ee_amd64 as a component of 8Base-RHMTC-1.7",
          "product_id": "8Base-RHMTC-1.7:rhmtc/openshift-migration-hook-runner-rhel8@sha256:9fea1718dc2fe0dd2735750df6d16921086e2593da3c8de2272584f1b976c6ee_amd64"
        },
        "product_reference": "rhmtc/openshift-migration-hook-runner-rhel8@sha256:9fea1718dc2fe0dd2735750df6d16921086e2593da3c8de2272584f1b976c6ee_amd64",
        "relates_to_product_reference": "8Base-RHMTC-1.7"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rhmtc/openshift-migration-legacy-rhel8-operator@sha256:ea7911f8d680f1a827fdd29fc67c5b5d0d5f420fd09baa930809ef4fa38ae6ab_amd64 as a component of 8Base-RHMTC-1.7",
          "product_id": "8Base-RHMTC-1.7:rhmtc/openshift-migration-legacy-rhel8-operator@sha256:ea7911f8d680f1a827fdd29fc67c5b5d0d5f420fd09baa930809ef4fa38ae6ab_amd64"
        },
        "product_reference": "rhmtc/openshift-migration-legacy-rhel8-operator@sha256:ea7911f8d680f1a827fdd29fc67c5b5d0d5f420fd09baa930809ef4fa38ae6ab_amd64",
        "relates_to_product_reference": "8Base-RHMTC-1.7"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rhmtc/openshift-migration-log-reader-rhel8@sha256:d768e09a2ab2d6906d63612488d32180d1c6270804c0bcc9fa6f89bbd7f04193_amd64 as a component of 8Base-RHMTC-1.7",
          "product_id": "8Base-RHMTC-1.7:rhmtc/openshift-migration-log-reader-rhel8@sha256:d768e09a2ab2d6906d63612488d32180d1c6270804c0bcc9fa6f89bbd7f04193_amd64"
        },
        "product_reference": "rhmtc/openshift-migration-log-reader-rhel8@sha256:d768e09a2ab2d6906d63612488d32180d1c6270804c0bcc9fa6f89bbd7f04193_amd64",
        "relates_to_product_reference": "8Base-RHMTC-1.7"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rhmtc/openshift-migration-must-gather-rhel8@sha256:fdf17820034efd0f7f76274798518bcea6c9483c8de8804f5a56b651ef77e717_amd64 as a component of 8Base-RHMTC-1.7",
          "product_id": "8Base-RHMTC-1.7:rhmtc/openshift-migration-must-gather-rhel8@sha256:fdf17820034efd0f7f76274798518bcea6c9483c8de8804f5a56b651ef77e717_amd64"
        },
        "product_reference": "rhmtc/openshift-migration-must-gather-rhel8@sha256:fdf17820034efd0f7f76274798518bcea6c9483c8de8804f5a56b651ef77e717_amd64",
        "relates_to_product_reference": "8Base-RHMTC-1.7"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rhmtc/openshift-migration-openvpn-rhel8@sha256:edfff81bc56194aea84e3b80fa550b439c266df3fc81c58c111e5972b670f7ae_amd64 as a component of 8Base-RHMTC-1.7",
          "product_id": "8Base-RHMTC-1.7:rhmtc/openshift-migration-openvpn-rhel8@sha256:edfff81bc56194aea84e3b80fa550b439c266df3fc81c58c111e5972b670f7ae_amd64"
        },
        "product_reference": "rhmtc/openshift-migration-openvpn-rhel8@sha256:edfff81bc56194aea84e3b80fa550b439c266df3fc81c58c111e5972b670f7ae_amd64",
        "relates_to_product_reference": "8Base-RHMTC-1.7"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rhmtc/openshift-migration-operator-bundle@sha256:20d278777ec6758913a21946f57ea207fd924f84085f6bf9ea51cd94eaae24ca_amd64 as a component of 8Base-RHMTC-1.7",
          "product_id": "8Base-RHMTC-1.7:rhmtc/openshift-migration-operator-bundle@sha256:20d278777ec6758913a21946f57ea207fd924f84085f6bf9ea51cd94eaae24ca_amd64"
        },
        "product_reference": "rhmtc/openshift-migration-operator-bundle@sha256:20d278777ec6758913a21946f57ea207fd924f84085f6bf9ea51cd94eaae24ca_amd64",
        "relates_to_product_reference": "8Base-RHMTC-1.7"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rhmtc/openshift-migration-registry-rhel8@sha256:3200f7f9624ad8aee46d0e3ebf6c04464b277cac4da67075863c2f4f0b33aaff_amd64 as a component of 8Base-RHMTC-1.7",
          "product_id": "8Base-RHMTC-1.7:rhmtc/openshift-migration-registry-rhel8@sha256:3200f7f9624ad8aee46d0e3ebf6c04464b277cac4da67075863c2f4f0b33aaff_amd64"
        },
        "product_reference": "rhmtc/openshift-migration-registry-rhel8@sha256:3200f7f9624ad8aee46d0e3ebf6c04464b277cac4da67075863c2f4f0b33aaff_amd64",
        "relates_to_product_reference": "8Base-RHMTC-1.7"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rhmtc/openshift-migration-rhel8-operator@sha256:41c5da49059d19beb97ec9d9fd4542120af73d488ffdc1d611c9774bf1f7c79a_amd64 as a component of 8Base-RHMTC-1.7",
          "product_id": "8Base-RHMTC-1.7:rhmtc/openshift-migration-rhel8-operator@sha256:41c5da49059d19beb97ec9d9fd4542120af73d488ffdc1d611c9774bf1f7c79a_amd64"
        },
        "product_reference": "rhmtc/openshift-migration-rhel8-operator@sha256:41c5da49059d19beb97ec9d9fd4542120af73d488ffdc1d611c9774bf1f7c79a_amd64",
        "relates_to_product_reference": "8Base-RHMTC-1.7"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:b172c46f467a7813bed75b04dd82c24be0092e1ea2c74a45a8f82ce895876e81_amd64 as a component of 8Base-RHMTC-1.7",
          "product_id": "8Base-RHMTC-1.7:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:b172c46f467a7813bed75b04dd82c24be0092e1ea2c74a45a8f82ce895876e81_amd64"
        },
        "product_reference": "rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:b172c46f467a7813bed75b04dd82c24be0092e1ea2c74a45a8f82ce895876e81_amd64",
        "relates_to_product_reference": "8Base-RHMTC-1.7"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rhmtc/openshift-migration-ui-rhel8@sha256:926a4c07b2a4223264fa1455f3f056d94a9dc52885713978ff8586e8caa2eff5_amd64 as a component of 8Base-RHMTC-1.7",
          "product_id": "8Base-RHMTC-1.7:rhmtc/openshift-migration-ui-rhel8@sha256:926a4c07b2a4223264fa1455f3f056d94a9dc52885713978ff8586e8caa2eff5_amd64"
        },
        "product_reference": "rhmtc/openshift-migration-ui-rhel8@sha256:926a4c07b2a4223264fa1455f3f056d94a9dc52885713978ff8586e8caa2eff5_amd64",
        "relates_to_product_reference": "8Base-RHMTC-1.7"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rhmtc/openshift-migration-velero-plugin-for-aws-rhel8@sha256:6097ccca550816d040055dd4878d17cc0996d47a436f06296fe5d26c5862e1f5_amd64 as a component of 8Base-RHMTC-1.7",
          "product_id": "8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-plugin-for-aws-rhel8@sha256:6097ccca550816d040055dd4878d17cc0996d47a436f06296fe5d26c5862e1f5_amd64"
        },
        "product_reference": "rhmtc/openshift-migration-velero-plugin-for-aws-rhel8@sha256:6097ccca550816d040055dd4878d17cc0996d47a436f06296fe5d26c5862e1f5_amd64",
        "relates_to_product_reference": "8Base-RHMTC-1.7"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rhmtc/openshift-migration-velero-plugin-for-gcp-rhel8@sha256:1b4eb48d9aa6b63cd6409fa5b77eb769a2ed4bc257a4058d1a07a66ea95039a5_amd64 as a component of 8Base-RHMTC-1.7",
          "product_id": "8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-plugin-for-gcp-rhel8@sha256:1b4eb48d9aa6b63cd6409fa5b77eb769a2ed4bc257a4058d1a07a66ea95039a5_amd64"
        },
        "product_reference": "rhmtc/openshift-migration-velero-plugin-for-gcp-rhel8@sha256:1b4eb48d9aa6b63cd6409fa5b77eb769a2ed4bc257a4058d1a07a66ea95039a5_amd64",
        "relates_to_product_reference": "8Base-RHMTC-1.7"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rhmtc/openshift-migration-velero-plugin-for-microsoft-azure-rhel8@sha256:9ef09a93b6910806b2952b9d50c5a61ae6f2c7284c439f61bf303d2e893c8c22_amd64 as a component of 8Base-RHMTC-1.7",
          "product_id": "8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-plugin-for-microsoft-azure-rhel8@sha256:9ef09a93b6910806b2952b9d50c5a61ae6f2c7284c439f61bf303d2e893c8c22_amd64"
        },
        "product_reference": "rhmtc/openshift-migration-velero-plugin-for-microsoft-azure-rhel8@sha256:9ef09a93b6910806b2952b9d50c5a61ae6f2c7284c439f61bf303d2e893c8c22_amd64",
        "relates_to_product_reference": "8Base-RHMTC-1.7"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rhmtc/openshift-migration-velero-restic-restore-helper-rhel8@sha256:6da71292aa6f83b0c6cc113c6c05b2224ba2b3f90de62d69843cf6399558551e_amd64 as a component of 8Base-RHMTC-1.7",
          "product_id": "8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-restic-restore-helper-rhel8@sha256:6da71292aa6f83b0c6cc113c6c05b2224ba2b3f90de62d69843cf6399558551e_amd64"
        },
        "product_reference": "rhmtc/openshift-migration-velero-restic-restore-helper-rhel8@sha256:6da71292aa6f83b0c6cc113c6c05b2224ba2b3f90de62d69843cf6399558551e_amd64",
        "relates_to_product_reference": "8Base-RHMTC-1.7"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rhmtc/openshift-migration-velero-rhel8@sha256:346fa63bcbdc03896e91b2ee3318e062b4deb7fe9183135c7841d0da69c3690c_amd64 as a component of 8Base-RHMTC-1.7",
          "product_id": "8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-rhel8@sha256:346fa63bcbdc03896e91b2ee3318e062b4deb7fe9183135c7841d0da69c3690c_amd64"
        },
        "product_reference": "rhmtc/openshift-migration-velero-rhel8@sha256:346fa63bcbdc03896e91b2ee3318e062b4deb7fe9183135c7841d0da69c3690c_amd64",
        "relates_to_product_reference": "8Base-RHMTC-1.7"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rhmtc/openshift-velero-plugin-rhel8@sha256:916d5fd70f5eb58931927d44e05e2287ce85f04ac3bdefde78b6522214a0286e_amd64 as a component of 8Base-RHMTC-1.7",
          "product_id": "8Base-RHMTC-1.7:rhmtc/openshift-velero-plugin-rhel8@sha256:916d5fd70f5eb58931927d44e05e2287ce85f04ac3bdefde78b6522214a0286e_amd64"
        },
        "product_reference": "rhmtc/openshift-velero-plugin-rhel8@sha256:916d5fd70f5eb58931927d44e05e2287ce85f04ac3bdefde78b6522214a0286e_amd64",
        "relates_to_product_reference": "8Base-RHMTC-1.7"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2023-24534",
      "cwe": {
        "id": "CWE-400",
        "name": "Uncontrolled Resource Consumption"
      },
      "discovery_date": "2023-04-04T00:00:00+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "8Base-RHMTC-1.7:rhmtc/openshift-migration-controller-rhel8@sha256:fdd27f3cb68a541b704fa014e7ea564583307743a4d31032cad01268dddf55bc_amd64",
            "8Base-RHMTC-1.7:rhmtc/openshift-migration-hook-runner-rhel8@sha256:9fea1718dc2fe0dd2735750df6d16921086e2593da3c8de2272584f1b976c6ee_amd64",
            "8Base-RHMTC-1.7:rhmtc/openshift-migration-legacy-rhel8-operator@sha256:ea7911f8d680f1a827fdd29fc67c5b5d0d5f420fd09baa930809ef4fa38ae6ab_amd64",
            "8Base-RHMTC-1.7:rhmtc/openshift-migration-log-reader-rhel8@sha256:d768e09a2ab2d6906d63612488d32180d1c6270804c0bcc9fa6f89bbd7f04193_amd64",
            "8Base-RHMTC-1.7:rhmtc/openshift-migration-must-gather-rhel8@sha256:fdf17820034efd0f7f76274798518bcea6c9483c8de8804f5a56b651ef77e717_amd64",
            "8Base-RHMTC-1.7:rhmtc/openshift-migration-openvpn-rhel8@sha256:edfff81bc56194aea84e3b80fa550b439c266df3fc81c58c111e5972b670f7ae_amd64",
            "8Base-RHMTC-1.7:rhmtc/openshift-migration-operator-bundle@sha256:20d278777ec6758913a21946f57ea207fd924f84085f6bf9ea51cd94eaae24ca_amd64",
            "8Base-RHMTC-1.7:rhmtc/openshift-migration-registry-rhel8@sha256:3200f7f9624ad8aee46d0e3ebf6c04464b277cac4da67075863c2f4f0b33aaff_amd64",
            "8Base-RHMTC-1.7:rhmtc/openshift-migration-rhel8-operator@sha256:41c5da49059d19beb97ec9d9fd4542120af73d488ffdc1d611c9774bf1f7c79a_amd64",
            "8Base-RHMTC-1.7:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:b172c46f467a7813bed75b04dd82c24be0092e1ea2c74a45a8f82ce895876e81_amd64",
            "8Base-RHMTC-1.7:rhmtc/openshift-migration-ui-rhel8@sha256:926a4c07b2a4223264fa1455f3f056d94a9dc52885713978ff8586e8caa2eff5_amd64",
            "8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-plugin-for-aws-rhel8@sha256:6097ccca550816d040055dd4878d17cc0996d47a436f06296fe5d26c5862e1f5_amd64",
            "8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-plugin-for-gcp-rhel8@sha256:1b4eb48d9aa6b63cd6409fa5b77eb769a2ed4bc257a4058d1a07a66ea95039a5_amd64",
            "8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-plugin-for-microsoft-azure-rhel8@sha256:9ef09a93b6910806b2952b9d50c5a61ae6f2c7284c439f61bf303d2e893c8c22_amd64",
            "8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-restic-restore-helper-rhel8@sha256:6da71292aa6f83b0c6cc113c6c05b2224ba2b3f90de62d69843cf6399558551e_amd64",
            "8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-rhel8@sha256:346fa63bcbdc03896e91b2ee3318e062b4deb7fe9183135c7841d0da69c3690c_amd64"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2184483"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in Golang Go, where it is vulnerable to a denial of service caused by memory exhaustion in the common function in HTTP and MIME header parsing. By sending a specially crafted request, a remote attacker can cause a denial of service.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "golang: net/http, net/textproto: denial of service from excessive memory allocation",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "8Base-RHMTC-1.7:rhmtc/openshift-velero-plugin-rhel8@sha256:916d5fd70f5eb58931927d44e05e2287ce85f04ac3bdefde78b6522214a0286e_amd64"
        ],
        "known_not_affected": [
          "8Base-RHMTC-1.7:rhmtc/openshift-migration-controller-rhel8@sha256:fdd27f3cb68a541b704fa014e7ea564583307743a4d31032cad01268dddf55bc_amd64",
          "8Base-RHMTC-1.7:rhmtc/openshift-migration-hook-runner-rhel8@sha256:9fea1718dc2fe0dd2735750df6d16921086e2593da3c8de2272584f1b976c6ee_amd64",
          "8Base-RHMTC-1.7:rhmtc/openshift-migration-legacy-rhel8-operator@sha256:ea7911f8d680f1a827fdd29fc67c5b5d0d5f420fd09baa930809ef4fa38ae6ab_amd64",
          "8Base-RHMTC-1.7:rhmtc/openshift-migration-log-reader-rhel8@sha256:d768e09a2ab2d6906d63612488d32180d1c6270804c0bcc9fa6f89bbd7f04193_amd64",
          "8Base-RHMTC-1.7:rhmtc/openshift-migration-must-gather-rhel8@sha256:fdf17820034efd0f7f76274798518bcea6c9483c8de8804f5a56b651ef77e717_amd64",
          "8Base-RHMTC-1.7:rhmtc/openshift-migration-openvpn-rhel8@sha256:edfff81bc56194aea84e3b80fa550b439c266df3fc81c58c111e5972b670f7ae_amd64",
          "8Base-RHMTC-1.7:rhmtc/openshift-migration-operator-bundle@sha256:20d278777ec6758913a21946f57ea207fd924f84085f6bf9ea51cd94eaae24ca_amd64",
          "8Base-RHMTC-1.7:rhmtc/openshift-migration-registry-rhel8@sha256:3200f7f9624ad8aee46d0e3ebf6c04464b277cac4da67075863c2f4f0b33aaff_amd64",
          "8Base-RHMTC-1.7:rhmtc/openshift-migration-rhel8-operator@sha256:41c5da49059d19beb97ec9d9fd4542120af73d488ffdc1d611c9774bf1f7c79a_amd64",
          "8Base-RHMTC-1.7:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:b172c46f467a7813bed75b04dd82c24be0092e1ea2c74a45a8f82ce895876e81_amd64",
          "8Base-RHMTC-1.7:rhmtc/openshift-migration-ui-rhel8@sha256:926a4c07b2a4223264fa1455f3f056d94a9dc52885713978ff8586e8caa2eff5_amd64",
          "8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-plugin-for-aws-rhel8@sha256:6097ccca550816d040055dd4878d17cc0996d47a436f06296fe5d26c5862e1f5_amd64",
          "8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-plugin-for-gcp-rhel8@sha256:1b4eb48d9aa6b63cd6409fa5b77eb769a2ed4bc257a4058d1a07a66ea95039a5_amd64",
          "8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-plugin-for-microsoft-azure-rhel8@sha256:9ef09a93b6910806b2952b9d50c5a61ae6f2c7284c439f61bf303d2e893c8c22_amd64",
          "8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-restic-restore-helper-rhel8@sha256:6da71292aa6f83b0c6cc113c6c05b2224ba2b3f90de62d69843cf6399558551e_amd64",
          "8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-rhel8@sha256:346fa63bcbdc03896e91b2ee3318e062b4deb7fe9183135c7841d0da69c3690c_amd64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2023-24534"
        },
        {
          "category": "external",
          "summary": "RHBZ#2184483",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2184483"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2023-24534",
          "url": "https://www.cve.org/CVERecord?id=CVE-2023-24534"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-24534",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-24534"
        },
        {
          "category": "external",
          "summary": "https://go.dev/issue/58975",
          "url": "https://go.dev/issue/58975"
        },
        {
          "category": "external",
          "summary": "https://groups.google.com/g/golang-announce/c/Xdv6JL9ENs8",
          "url": "https://groups.google.com/g/golang-announce/c/Xdv6JL9ENs8"
        }
      ],
      "release_date": "2023-04-04T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2023-06-15T09:48:09+00:00",
          "details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "8Base-RHMTC-1.7:rhmtc/openshift-velero-plugin-rhel8@sha256:916d5fd70f5eb58931927d44e05e2287ce85f04ac3bdefde78b6522214a0286e_amd64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2023:3624"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "8Base-RHMTC-1.7:rhmtc/openshift-migration-controller-rhel8@sha256:fdd27f3cb68a541b704fa014e7ea564583307743a4d31032cad01268dddf55bc_amd64",
            "8Base-RHMTC-1.7:rhmtc/openshift-migration-hook-runner-rhel8@sha256:9fea1718dc2fe0dd2735750df6d16921086e2593da3c8de2272584f1b976c6ee_amd64",
            "8Base-RHMTC-1.7:rhmtc/openshift-migration-legacy-rhel8-operator@sha256:ea7911f8d680f1a827fdd29fc67c5b5d0d5f420fd09baa930809ef4fa38ae6ab_amd64",
            "8Base-RHMTC-1.7:rhmtc/openshift-migration-log-reader-rhel8@sha256:d768e09a2ab2d6906d63612488d32180d1c6270804c0bcc9fa6f89bbd7f04193_amd64",
            "8Base-RHMTC-1.7:rhmtc/openshift-migration-must-gather-rhel8@sha256:fdf17820034efd0f7f76274798518bcea6c9483c8de8804f5a56b651ef77e717_amd64",
            "8Base-RHMTC-1.7:rhmtc/openshift-migration-openvpn-rhel8@sha256:edfff81bc56194aea84e3b80fa550b439c266df3fc81c58c111e5972b670f7ae_amd64",
            "8Base-RHMTC-1.7:rhmtc/openshift-migration-operator-bundle@sha256:20d278777ec6758913a21946f57ea207fd924f84085f6bf9ea51cd94eaae24ca_amd64",
            "8Base-RHMTC-1.7:rhmtc/openshift-migration-registry-rhel8@sha256:3200f7f9624ad8aee46d0e3ebf6c04464b277cac4da67075863c2f4f0b33aaff_amd64",
            "8Base-RHMTC-1.7:rhmtc/openshift-migration-rhel8-operator@sha256:41c5da49059d19beb97ec9d9fd4542120af73d488ffdc1d611c9774bf1f7c79a_amd64",
            "8Base-RHMTC-1.7:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:b172c46f467a7813bed75b04dd82c24be0092e1ea2c74a45a8f82ce895876e81_amd64",
            "8Base-RHMTC-1.7:rhmtc/openshift-migration-ui-rhel8@sha256:926a4c07b2a4223264fa1455f3f056d94a9dc52885713978ff8586e8caa2eff5_amd64",
            "8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-plugin-for-aws-rhel8@sha256:6097ccca550816d040055dd4878d17cc0996d47a436f06296fe5d26c5862e1f5_amd64",
            "8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-plugin-for-gcp-rhel8@sha256:1b4eb48d9aa6b63cd6409fa5b77eb769a2ed4bc257a4058d1a07a66ea95039a5_amd64",
            "8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-plugin-for-microsoft-azure-rhel8@sha256:9ef09a93b6910806b2952b9d50c5a61ae6f2c7284c439f61bf303d2e893c8c22_amd64",
            "8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-restic-restore-helper-rhel8@sha256:6da71292aa6f83b0c6cc113c6c05b2224ba2b3f90de62d69843cf6399558551e_amd64",
            "8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-rhel8@sha256:346fa63bcbdc03896e91b2ee3318e062b4deb7fe9183135c7841d0da69c3690c_amd64",
            "8Base-RHMTC-1.7:rhmtc/openshift-velero-plugin-rhel8@sha256:916d5fd70f5eb58931927d44e05e2287ce85f04ac3bdefde78b6522214a0286e_amd64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "golang: net/http, net/textproto: denial of service from excessive memory allocation"
    },
    {
      "cve": "CVE-2023-24536",
      "cwe": {
        "id": "CWE-400",
        "name": "Uncontrolled Resource Consumption"
      },
      "discovery_date": "2023-04-04T00:00:00+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "8Base-RHMTC-1.7:rhmtc/openshift-migration-controller-rhel8@sha256:fdd27f3cb68a541b704fa014e7ea564583307743a4d31032cad01268dddf55bc_amd64",
            "8Base-RHMTC-1.7:rhmtc/openshift-migration-hook-runner-rhel8@sha256:9fea1718dc2fe0dd2735750df6d16921086e2593da3c8de2272584f1b976c6ee_amd64",
            "8Base-RHMTC-1.7:rhmtc/openshift-migration-legacy-rhel8-operator@sha256:ea7911f8d680f1a827fdd29fc67c5b5d0d5f420fd09baa930809ef4fa38ae6ab_amd64",
            "8Base-RHMTC-1.7:rhmtc/openshift-migration-log-reader-rhel8@sha256:d768e09a2ab2d6906d63612488d32180d1c6270804c0bcc9fa6f89bbd7f04193_amd64",
            "8Base-RHMTC-1.7:rhmtc/openshift-migration-must-gather-rhel8@sha256:fdf17820034efd0f7f76274798518bcea6c9483c8de8804f5a56b651ef77e717_amd64",
            "8Base-RHMTC-1.7:rhmtc/openshift-migration-openvpn-rhel8@sha256:edfff81bc56194aea84e3b80fa550b439c266df3fc81c58c111e5972b670f7ae_amd64",
            "8Base-RHMTC-1.7:rhmtc/openshift-migration-operator-bundle@sha256:20d278777ec6758913a21946f57ea207fd924f84085f6bf9ea51cd94eaae24ca_amd64",
            "8Base-RHMTC-1.7:rhmtc/openshift-migration-registry-rhel8@sha256:3200f7f9624ad8aee46d0e3ebf6c04464b277cac4da67075863c2f4f0b33aaff_amd64",
            "8Base-RHMTC-1.7:rhmtc/openshift-migration-rhel8-operator@sha256:41c5da49059d19beb97ec9d9fd4542120af73d488ffdc1d611c9774bf1f7c79a_amd64",
            "8Base-RHMTC-1.7:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:b172c46f467a7813bed75b04dd82c24be0092e1ea2c74a45a8f82ce895876e81_amd64",
            "8Base-RHMTC-1.7:rhmtc/openshift-migration-ui-rhel8@sha256:926a4c07b2a4223264fa1455f3f056d94a9dc52885713978ff8586e8caa2eff5_amd64",
            "8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-plugin-for-aws-rhel8@sha256:6097ccca550816d040055dd4878d17cc0996d47a436f06296fe5d26c5862e1f5_amd64",
            "8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-plugin-for-gcp-rhel8@sha256:1b4eb48d9aa6b63cd6409fa5b77eb769a2ed4bc257a4058d1a07a66ea95039a5_amd64",
            "8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-plugin-for-microsoft-azure-rhel8@sha256:9ef09a93b6910806b2952b9d50c5a61ae6f2c7284c439f61bf303d2e893c8c22_amd64",
            "8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-restic-restore-helper-rhel8@sha256:6da71292aa6f83b0c6cc113c6c05b2224ba2b3f90de62d69843cf6399558551e_amd64",
            "8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-rhel8@sha256:346fa63bcbdc03896e91b2ee3318e062b4deb7fe9183135c7841d0da69c3690c_amd64"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2184482"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in Golang Go, where it is vulnerable to a denial of service caused by an issue during multipart form parsing. By sending a specially crafted input, a remote attacker can consume large amounts of CPU and memory, resulting in a denial of service.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "golang: net/http, net/textproto, mime/multipart: denial of service from excessive resource consumption",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "For Red Hat Enterprise Linux,\n\n* Conmon uses Go in unit testing, but not functionally in the package. Go is used only in test files, hence, not in the actual code, thus, conmon is not-affected.\n* The CVE refers to multipart form parsing routine mime/multipart.Reader.ReadForm, which is not used in Grafana, hence it is not-affected.\n* Butane does not parse multipart forms, hence, it is also not-affected.\nRedhat has marked this vulnerability as moderate as this vulnerability could lead to a potential denial of service when all the resource of a system is consumed which is technically not a clear case of denial of service.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "8Base-RHMTC-1.7:rhmtc/openshift-velero-plugin-rhel8@sha256:916d5fd70f5eb58931927d44e05e2287ce85f04ac3bdefde78b6522214a0286e_amd64"
        ],
        "known_not_affected": [
          "8Base-RHMTC-1.7:rhmtc/openshift-migration-controller-rhel8@sha256:fdd27f3cb68a541b704fa014e7ea564583307743a4d31032cad01268dddf55bc_amd64",
          "8Base-RHMTC-1.7:rhmtc/openshift-migration-hook-runner-rhel8@sha256:9fea1718dc2fe0dd2735750df6d16921086e2593da3c8de2272584f1b976c6ee_amd64",
          "8Base-RHMTC-1.7:rhmtc/openshift-migration-legacy-rhel8-operator@sha256:ea7911f8d680f1a827fdd29fc67c5b5d0d5f420fd09baa930809ef4fa38ae6ab_amd64",
          "8Base-RHMTC-1.7:rhmtc/openshift-migration-log-reader-rhel8@sha256:d768e09a2ab2d6906d63612488d32180d1c6270804c0bcc9fa6f89bbd7f04193_amd64",
          "8Base-RHMTC-1.7:rhmtc/openshift-migration-must-gather-rhel8@sha256:fdf17820034efd0f7f76274798518bcea6c9483c8de8804f5a56b651ef77e717_amd64",
          "8Base-RHMTC-1.7:rhmtc/openshift-migration-openvpn-rhel8@sha256:edfff81bc56194aea84e3b80fa550b439c266df3fc81c58c111e5972b670f7ae_amd64",
          "8Base-RHMTC-1.7:rhmtc/openshift-migration-operator-bundle@sha256:20d278777ec6758913a21946f57ea207fd924f84085f6bf9ea51cd94eaae24ca_amd64",
          "8Base-RHMTC-1.7:rhmtc/openshift-migration-registry-rhel8@sha256:3200f7f9624ad8aee46d0e3ebf6c04464b277cac4da67075863c2f4f0b33aaff_amd64",
          "8Base-RHMTC-1.7:rhmtc/openshift-migration-rhel8-operator@sha256:41c5da49059d19beb97ec9d9fd4542120af73d488ffdc1d611c9774bf1f7c79a_amd64",
          "8Base-RHMTC-1.7:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:b172c46f467a7813bed75b04dd82c24be0092e1ea2c74a45a8f82ce895876e81_amd64",
          "8Base-RHMTC-1.7:rhmtc/openshift-migration-ui-rhel8@sha256:926a4c07b2a4223264fa1455f3f056d94a9dc52885713978ff8586e8caa2eff5_amd64",
          "8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-plugin-for-aws-rhel8@sha256:6097ccca550816d040055dd4878d17cc0996d47a436f06296fe5d26c5862e1f5_amd64",
          "8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-plugin-for-gcp-rhel8@sha256:1b4eb48d9aa6b63cd6409fa5b77eb769a2ed4bc257a4058d1a07a66ea95039a5_amd64",
          "8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-plugin-for-microsoft-azure-rhel8@sha256:9ef09a93b6910806b2952b9d50c5a61ae6f2c7284c439f61bf303d2e893c8c22_amd64",
          "8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-restic-restore-helper-rhel8@sha256:6da71292aa6f83b0c6cc113c6c05b2224ba2b3f90de62d69843cf6399558551e_amd64",
          "8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-rhel8@sha256:346fa63bcbdc03896e91b2ee3318e062b4deb7fe9183135c7841d0da69c3690c_amd64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2023-24536"
        },
        {
          "category": "external",
          "summary": "RHBZ#2184482",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2184482"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2023-24536",
          "url": "https://www.cve.org/CVERecord?id=CVE-2023-24536"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-24536",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-24536"
        },
        {
          "category": "external",
          "summary": "https://go.dev/issue/59153",
          "url": "https://go.dev/issue/59153"
        },
        {
          "category": "external",
          "summary": "https://groups.google.com/g/golang-announce/c/Xdv6JL9ENs8",
          "url": "https://groups.google.com/g/golang-announce/c/Xdv6JL9ENs8"
        }
      ],
      "release_date": "2023-04-04T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2023-06-15T09:48:09+00:00",
          "details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "8Base-RHMTC-1.7:rhmtc/openshift-velero-plugin-rhel8@sha256:916d5fd70f5eb58931927d44e05e2287ce85f04ac3bdefde78b6522214a0286e_amd64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2023:3624"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
          "product_ids": [
            "8Base-RHMTC-1.7:rhmtc/openshift-migration-controller-rhel8@sha256:fdd27f3cb68a541b704fa014e7ea564583307743a4d31032cad01268dddf55bc_amd64",
            "8Base-RHMTC-1.7:rhmtc/openshift-migration-hook-runner-rhel8@sha256:9fea1718dc2fe0dd2735750df6d16921086e2593da3c8de2272584f1b976c6ee_amd64",
            "8Base-RHMTC-1.7:rhmtc/openshift-migration-legacy-rhel8-operator@sha256:ea7911f8d680f1a827fdd29fc67c5b5d0d5f420fd09baa930809ef4fa38ae6ab_amd64",
            "8Base-RHMTC-1.7:rhmtc/openshift-migration-log-reader-rhel8@sha256:d768e09a2ab2d6906d63612488d32180d1c6270804c0bcc9fa6f89bbd7f04193_amd64",
            "8Base-RHMTC-1.7:rhmtc/openshift-migration-must-gather-rhel8@sha256:fdf17820034efd0f7f76274798518bcea6c9483c8de8804f5a56b651ef77e717_amd64",
            "8Base-RHMTC-1.7:rhmtc/openshift-migration-openvpn-rhel8@sha256:edfff81bc56194aea84e3b80fa550b439c266df3fc81c58c111e5972b670f7ae_amd64",
            "8Base-RHMTC-1.7:rhmtc/openshift-migration-operator-bundle@sha256:20d278777ec6758913a21946f57ea207fd924f84085f6bf9ea51cd94eaae24ca_amd64",
            "8Base-RHMTC-1.7:rhmtc/openshift-migration-registry-rhel8@sha256:3200f7f9624ad8aee46d0e3ebf6c04464b277cac4da67075863c2f4f0b33aaff_amd64",
            "8Base-RHMTC-1.7:rhmtc/openshift-migration-rhel8-operator@sha256:41c5da49059d19beb97ec9d9fd4542120af73d488ffdc1d611c9774bf1f7c79a_amd64",
            "8Base-RHMTC-1.7:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:b172c46f467a7813bed75b04dd82c24be0092e1ea2c74a45a8f82ce895876e81_amd64",
            "8Base-RHMTC-1.7:rhmtc/openshift-migration-ui-rhel8@sha256:926a4c07b2a4223264fa1455f3f056d94a9dc52885713978ff8586e8caa2eff5_amd64",
            "8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-plugin-for-aws-rhel8@sha256:6097ccca550816d040055dd4878d17cc0996d47a436f06296fe5d26c5862e1f5_amd64",
            "8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-plugin-for-gcp-rhel8@sha256:1b4eb48d9aa6b63cd6409fa5b77eb769a2ed4bc257a4058d1a07a66ea95039a5_amd64",
            "8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-plugin-for-microsoft-azure-rhel8@sha256:9ef09a93b6910806b2952b9d50c5a61ae6f2c7284c439f61bf303d2e893c8c22_amd64",
            "8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-restic-restore-helper-rhel8@sha256:6da71292aa6f83b0c6cc113c6c05b2224ba2b3f90de62d69843cf6399558551e_amd64",
            "8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-rhel8@sha256:346fa63bcbdc03896e91b2ee3318e062b4deb7fe9183135c7841d0da69c3690c_amd64",
            "8Base-RHMTC-1.7:rhmtc/openshift-velero-plugin-rhel8@sha256:916d5fd70f5eb58931927d44e05e2287ce85f04ac3bdefde78b6522214a0286e_amd64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "8Base-RHMTC-1.7:rhmtc/openshift-migration-controller-rhel8@sha256:fdd27f3cb68a541b704fa014e7ea564583307743a4d31032cad01268dddf55bc_amd64",
            "8Base-RHMTC-1.7:rhmtc/openshift-migration-hook-runner-rhel8@sha256:9fea1718dc2fe0dd2735750df6d16921086e2593da3c8de2272584f1b976c6ee_amd64",
            "8Base-RHMTC-1.7:rhmtc/openshift-migration-legacy-rhel8-operator@sha256:ea7911f8d680f1a827fdd29fc67c5b5d0d5f420fd09baa930809ef4fa38ae6ab_amd64",
            "8Base-RHMTC-1.7:rhmtc/openshift-migration-log-reader-rhel8@sha256:d768e09a2ab2d6906d63612488d32180d1c6270804c0bcc9fa6f89bbd7f04193_amd64",
            "8Base-RHMTC-1.7:rhmtc/openshift-migration-must-gather-rhel8@sha256:fdf17820034efd0f7f76274798518bcea6c9483c8de8804f5a56b651ef77e717_amd64",
            "8Base-RHMTC-1.7:rhmtc/openshift-migration-openvpn-rhel8@sha256:edfff81bc56194aea84e3b80fa550b439c266df3fc81c58c111e5972b670f7ae_amd64",
            "8Base-RHMTC-1.7:rhmtc/openshift-migration-operator-bundle@sha256:20d278777ec6758913a21946f57ea207fd924f84085f6bf9ea51cd94eaae24ca_amd64",
            "8Base-RHMTC-1.7:rhmtc/openshift-migration-registry-rhel8@sha256:3200f7f9624ad8aee46d0e3ebf6c04464b277cac4da67075863c2f4f0b33aaff_amd64",
            "8Base-RHMTC-1.7:rhmtc/openshift-migration-rhel8-operator@sha256:41c5da49059d19beb97ec9d9fd4542120af73d488ffdc1d611c9774bf1f7c79a_amd64",
            "8Base-RHMTC-1.7:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:b172c46f467a7813bed75b04dd82c24be0092e1ea2c74a45a8f82ce895876e81_amd64",
            "8Base-RHMTC-1.7:rhmtc/openshift-migration-ui-rhel8@sha256:926a4c07b2a4223264fa1455f3f056d94a9dc52885713978ff8586e8caa2eff5_amd64",
            "8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-plugin-for-aws-rhel8@sha256:6097ccca550816d040055dd4878d17cc0996d47a436f06296fe5d26c5862e1f5_amd64",
            "8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-plugin-for-gcp-rhel8@sha256:1b4eb48d9aa6b63cd6409fa5b77eb769a2ed4bc257a4058d1a07a66ea95039a5_amd64",
            "8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-plugin-for-microsoft-azure-rhel8@sha256:9ef09a93b6910806b2952b9d50c5a61ae6f2c7284c439f61bf303d2e893c8c22_amd64",
            "8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-restic-restore-helper-rhel8@sha256:6da71292aa6f83b0c6cc113c6c05b2224ba2b3f90de62d69843cf6399558551e_amd64",
            "8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-rhel8@sha256:346fa63bcbdc03896e91b2ee3318e062b4deb7fe9183135c7841d0da69c3690c_amd64",
            "8Base-RHMTC-1.7:rhmtc/openshift-velero-plugin-rhel8@sha256:916d5fd70f5eb58931927d44e05e2287ce85f04ac3bdefde78b6522214a0286e_amd64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "golang: net/http, net/textproto, mime/multipart: denial of service from excessive resource consumption"
    },
    {
      "cve": "CVE-2023-24537",
      "cwe": {
        "id": "CWE-835",
        "name": "Loop with Unreachable Exit Condition ('Infinite Loop')"
      },
      "discovery_date": "2023-04-04T00:00:00+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "8Base-RHMTC-1.7:rhmtc/openshift-migration-controller-rhel8@sha256:fdd27f3cb68a541b704fa014e7ea564583307743a4d31032cad01268dddf55bc_amd64",
            "8Base-RHMTC-1.7:rhmtc/openshift-migration-hook-runner-rhel8@sha256:9fea1718dc2fe0dd2735750df6d16921086e2593da3c8de2272584f1b976c6ee_amd64",
            "8Base-RHMTC-1.7:rhmtc/openshift-migration-legacy-rhel8-operator@sha256:ea7911f8d680f1a827fdd29fc67c5b5d0d5f420fd09baa930809ef4fa38ae6ab_amd64",
            "8Base-RHMTC-1.7:rhmtc/openshift-migration-log-reader-rhel8@sha256:d768e09a2ab2d6906d63612488d32180d1c6270804c0bcc9fa6f89bbd7f04193_amd64",
            "8Base-RHMTC-1.7:rhmtc/openshift-migration-must-gather-rhel8@sha256:fdf17820034efd0f7f76274798518bcea6c9483c8de8804f5a56b651ef77e717_amd64",
            "8Base-RHMTC-1.7:rhmtc/openshift-migration-openvpn-rhel8@sha256:edfff81bc56194aea84e3b80fa550b439c266df3fc81c58c111e5972b670f7ae_amd64",
            "8Base-RHMTC-1.7:rhmtc/openshift-migration-operator-bundle@sha256:20d278777ec6758913a21946f57ea207fd924f84085f6bf9ea51cd94eaae24ca_amd64",
            "8Base-RHMTC-1.7:rhmtc/openshift-migration-registry-rhel8@sha256:3200f7f9624ad8aee46d0e3ebf6c04464b277cac4da67075863c2f4f0b33aaff_amd64",
            "8Base-RHMTC-1.7:rhmtc/openshift-migration-rhel8-operator@sha256:41c5da49059d19beb97ec9d9fd4542120af73d488ffdc1d611c9774bf1f7c79a_amd64",
            "8Base-RHMTC-1.7:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:b172c46f467a7813bed75b04dd82c24be0092e1ea2c74a45a8f82ce895876e81_amd64",
            "8Base-RHMTC-1.7:rhmtc/openshift-migration-ui-rhel8@sha256:926a4c07b2a4223264fa1455f3f056d94a9dc52885713978ff8586e8caa2eff5_amd64",
            "8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-plugin-for-aws-rhel8@sha256:6097ccca550816d040055dd4878d17cc0996d47a436f06296fe5d26c5862e1f5_amd64",
            "8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-plugin-for-gcp-rhel8@sha256:1b4eb48d9aa6b63cd6409fa5b77eb769a2ed4bc257a4058d1a07a66ea95039a5_amd64",
            "8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-plugin-for-microsoft-azure-rhel8@sha256:9ef09a93b6910806b2952b9d50c5a61ae6f2c7284c439f61bf303d2e893c8c22_amd64",
            "8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-restic-restore-helper-rhel8@sha256:6da71292aa6f83b0c6cc113c6c05b2224ba2b3f90de62d69843cf6399558551e_amd64",
            "8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-rhel8@sha256:346fa63bcbdc03896e91b2ee3318e062b4deb7fe9183135c7841d0da69c3690c_amd64"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2184484"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in Golang Go, where it is vulnerable to a denial of service caused by an infinite loop due to integer overflow when calling any of the Parse functions. By sending a specially crafted input, a remote attacker can cause a denial of service.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "golang: go/parser: Infinite loop in parsing",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This vulnerability has been rated Moderate because it allows denial of service condition in Go’s source code parser when processing specially crafted input containing //line directives with excessively large line numbers. Exploitation can cause the parser to enter an infinite loop, consuming CPU resources and rendering services unresponsive. While this issue does not permit code execution or data access, it poses a significant availability impact for systems processing untrusted Go source input.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "8Base-RHMTC-1.7:rhmtc/openshift-velero-plugin-rhel8@sha256:916d5fd70f5eb58931927d44e05e2287ce85f04ac3bdefde78b6522214a0286e_amd64"
        ],
        "known_not_affected": [
          "8Base-RHMTC-1.7:rhmtc/openshift-migration-controller-rhel8@sha256:fdd27f3cb68a541b704fa014e7ea564583307743a4d31032cad01268dddf55bc_amd64",
          "8Base-RHMTC-1.7:rhmtc/openshift-migration-hook-runner-rhel8@sha256:9fea1718dc2fe0dd2735750df6d16921086e2593da3c8de2272584f1b976c6ee_amd64",
          "8Base-RHMTC-1.7:rhmtc/openshift-migration-legacy-rhel8-operator@sha256:ea7911f8d680f1a827fdd29fc67c5b5d0d5f420fd09baa930809ef4fa38ae6ab_amd64",
          "8Base-RHMTC-1.7:rhmtc/openshift-migration-log-reader-rhel8@sha256:d768e09a2ab2d6906d63612488d32180d1c6270804c0bcc9fa6f89bbd7f04193_amd64",
          "8Base-RHMTC-1.7:rhmtc/openshift-migration-must-gather-rhel8@sha256:fdf17820034efd0f7f76274798518bcea6c9483c8de8804f5a56b651ef77e717_amd64",
          "8Base-RHMTC-1.7:rhmtc/openshift-migration-openvpn-rhel8@sha256:edfff81bc56194aea84e3b80fa550b439c266df3fc81c58c111e5972b670f7ae_amd64",
          "8Base-RHMTC-1.7:rhmtc/openshift-migration-operator-bundle@sha256:20d278777ec6758913a21946f57ea207fd924f84085f6bf9ea51cd94eaae24ca_amd64",
          "8Base-RHMTC-1.7:rhmtc/openshift-migration-registry-rhel8@sha256:3200f7f9624ad8aee46d0e3ebf6c04464b277cac4da67075863c2f4f0b33aaff_amd64",
          "8Base-RHMTC-1.7:rhmtc/openshift-migration-rhel8-operator@sha256:41c5da49059d19beb97ec9d9fd4542120af73d488ffdc1d611c9774bf1f7c79a_amd64",
          "8Base-RHMTC-1.7:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:b172c46f467a7813bed75b04dd82c24be0092e1ea2c74a45a8f82ce895876e81_amd64",
          "8Base-RHMTC-1.7:rhmtc/openshift-migration-ui-rhel8@sha256:926a4c07b2a4223264fa1455f3f056d94a9dc52885713978ff8586e8caa2eff5_amd64",
          "8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-plugin-for-aws-rhel8@sha256:6097ccca550816d040055dd4878d17cc0996d47a436f06296fe5d26c5862e1f5_amd64",
          "8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-plugin-for-gcp-rhel8@sha256:1b4eb48d9aa6b63cd6409fa5b77eb769a2ed4bc257a4058d1a07a66ea95039a5_amd64",
          "8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-plugin-for-microsoft-azure-rhel8@sha256:9ef09a93b6910806b2952b9d50c5a61ae6f2c7284c439f61bf303d2e893c8c22_amd64",
          "8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-restic-restore-helper-rhel8@sha256:6da71292aa6f83b0c6cc113c6c05b2224ba2b3f90de62d69843cf6399558551e_amd64",
          "8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-rhel8@sha256:346fa63bcbdc03896e91b2ee3318e062b4deb7fe9183135c7841d0da69c3690c_amd64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2023-24537"
        },
        {
          "category": "external",
          "summary": "RHBZ#2184484",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2184484"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2023-24537",
          "url": "https://www.cve.org/CVERecord?id=CVE-2023-24537"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-24537",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-24537"
        },
        {
          "category": "external",
          "summary": "https://github.com/golang/go/issues/59180",
          "url": "https://github.com/golang/go/issues/59180"
        },
        {
          "category": "external",
          "summary": "https://groups.google.com/g/golang-announce/c/Xdv6JL9ENs8",
          "url": "https://groups.google.com/g/golang-announce/c/Xdv6JL9ENs8"
        }
      ],
      "release_date": "2023-04-04T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2023-06-15T09:48:09+00:00",
          "details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "8Base-RHMTC-1.7:rhmtc/openshift-velero-plugin-rhel8@sha256:916d5fd70f5eb58931927d44e05e2287ce85f04ac3bdefde78b6522214a0286e_amd64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2023:3624"
        },
        {
          "category": "workaround",
          "details": "To mitigate this issue, upgrade Go to version 1.19.8, 1.20.3, or later, where the vulnerability has been addressed.",
          "product_ids": [
            "8Base-RHMTC-1.7:rhmtc/openshift-migration-controller-rhel8@sha256:fdd27f3cb68a541b704fa014e7ea564583307743a4d31032cad01268dddf55bc_amd64",
            "8Base-RHMTC-1.7:rhmtc/openshift-migration-hook-runner-rhel8@sha256:9fea1718dc2fe0dd2735750df6d16921086e2593da3c8de2272584f1b976c6ee_amd64",
            "8Base-RHMTC-1.7:rhmtc/openshift-migration-legacy-rhel8-operator@sha256:ea7911f8d680f1a827fdd29fc67c5b5d0d5f420fd09baa930809ef4fa38ae6ab_amd64",
            "8Base-RHMTC-1.7:rhmtc/openshift-migration-log-reader-rhel8@sha256:d768e09a2ab2d6906d63612488d32180d1c6270804c0bcc9fa6f89bbd7f04193_amd64",
            "8Base-RHMTC-1.7:rhmtc/openshift-migration-must-gather-rhel8@sha256:fdf17820034efd0f7f76274798518bcea6c9483c8de8804f5a56b651ef77e717_amd64",
            "8Base-RHMTC-1.7:rhmtc/openshift-migration-openvpn-rhel8@sha256:edfff81bc56194aea84e3b80fa550b439c266df3fc81c58c111e5972b670f7ae_amd64",
            "8Base-RHMTC-1.7:rhmtc/openshift-migration-operator-bundle@sha256:20d278777ec6758913a21946f57ea207fd924f84085f6bf9ea51cd94eaae24ca_amd64",
            "8Base-RHMTC-1.7:rhmtc/openshift-migration-registry-rhel8@sha256:3200f7f9624ad8aee46d0e3ebf6c04464b277cac4da67075863c2f4f0b33aaff_amd64",
            "8Base-RHMTC-1.7:rhmtc/openshift-migration-rhel8-operator@sha256:41c5da49059d19beb97ec9d9fd4542120af73d488ffdc1d611c9774bf1f7c79a_amd64",
            "8Base-RHMTC-1.7:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:b172c46f467a7813bed75b04dd82c24be0092e1ea2c74a45a8f82ce895876e81_amd64",
            "8Base-RHMTC-1.7:rhmtc/openshift-migration-ui-rhel8@sha256:926a4c07b2a4223264fa1455f3f056d94a9dc52885713978ff8586e8caa2eff5_amd64",
            "8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-plugin-for-aws-rhel8@sha256:6097ccca550816d040055dd4878d17cc0996d47a436f06296fe5d26c5862e1f5_amd64",
            "8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-plugin-for-gcp-rhel8@sha256:1b4eb48d9aa6b63cd6409fa5b77eb769a2ed4bc257a4058d1a07a66ea95039a5_amd64",
            "8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-plugin-for-microsoft-azure-rhel8@sha256:9ef09a93b6910806b2952b9d50c5a61ae6f2c7284c439f61bf303d2e893c8c22_amd64",
            "8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-restic-restore-helper-rhel8@sha256:6da71292aa6f83b0c6cc113c6c05b2224ba2b3f90de62d69843cf6399558551e_amd64",
            "8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-rhel8@sha256:346fa63bcbdc03896e91b2ee3318e062b4deb7fe9183135c7841d0da69c3690c_amd64",
            "8Base-RHMTC-1.7:rhmtc/openshift-velero-plugin-rhel8@sha256:916d5fd70f5eb58931927d44e05e2287ce85f04ac3bdefde78b6522214a0286e_amd64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "8Base-RHMTC-1.7:rhmtc/openshift-migration-controller-rhel8@sha256:fdd27f3cb68a541b704fa014e7ea564583307743a4d31032cad01268dddf55bc_amd64",
            "8Base-RHMTC-1.7:rhmtc/openshift-migration-hook-runner-rhel8@sha256:9fea1718dc2fe0dd2735750df6d16921086e2593da3c8de2272584f1b976c6ee_amd64",
            "8Base-RHMTC-1.7:rhmtc/openshift-migration-legacy-rhel8-operator@sha256:ea7911f8d680f1a827fdd29fc67c5b5d0d5f420fd09baa930809ef4fa38ae6ab_amd64",
            "8Base-RHMTC-1.7:rhmtc/openshift-migration-log-reader-rhel8@sha256:d768e09a2ab2d6906d63612488d32180d1c6270804c0bcc9fa6f89bbd7f04193_amd64",
            "8Base-RHMTC-1.7:rhmtc/openshift-migration-must-gather-rhel8@sha256:fdf17820034efd0f7f76274798518bcea6c9483c8de8804f5a56b651ef77e717_amd64",
            "8Base-RHMTC-1.7:rhmtc/openshift-migration-openvpn-rhel8@sha256:edfff81bc56194aea84e3b80fa550b439c266df3fc81c58c111e5972b670f7ae_amd64",
            "8Base-RHMTC-1.7:rhmtc/openshift-migration-operator-bundle@sha256:20d278777ec6758913a21946f57ea207fd924f84085f6bf9ea51cd94eaae24ca_amd64",
            "8Base-RHMTC-1.7:rhmtc/openshift-migration-registry-rhel8@sha256:3200f7f9624ad8aee46d0e3ebf6c04464b277cac4da67075863c2f4f0b33aaff_amd64",
            "8Base-RHMTC-1.7:rhmtc/openshift-migration-rhel8-operator@sha256:41c5da49059d19beb97ec9d9fd4542120af73d488ffdc1d611c9774bf1f7c79a_amd64",
            "8Base-RHMTC-1.7:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:b172c46f467a7813bed75b04dd82c24be0092e1ea2c74a45a8f82ce895876e81_amd64",
            "8Base-RHMTC-1.7:rhmtc/openshift-migration-ui-rhel8@sha256:926a4c07b2a4223264fa1455f3f056d94a9dc52885713978ff8586e8caa2eff5_amd64",
            "8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-plugin-for-aws-rhel8@sha256:6097ccca550816d040055dd4878d17cc0996d47a436f06296fe5d26c5862e1f5_amd64",
            "8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-plugin-for-gcp-rhel8@sha256:1b4eb48d9aa6b63cd6409fa5b77eb769a2ed4bc257a4058d1a07a66ea95039a5_amd64",
            "8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-plugin-for-microsoft-azure-rhel8@sha256:9ef09a93b6910806b2952b9d50c5a61ae6f2c7284c439f61bf303d2e893c8c22_amd64",
            "8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-restic-restore-helper-rhel8@sha256:6da71292aa6f83b0c6cc113c6c05b2224ba2b3f90de62d69843cf6399558551e_amd64",
            "8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-rhel8@sha256:346fa63bcbdc03896e91b2ee3318e062b4deb7fe9183135c7841d0da69c3690c_amd64",
            "8Base-RHMTC-1.7:rhmtc/openshift-velero-plugin-rhel8@sha256:916d5fd70f5eb58931927d44e05e2287ce85f04ac3bdefde78b6522214a0286e_amd64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "golang: go/parser: Infinite loop in parsing"
    },
    {
      "cve": "CVE-2023-24538",
      "cwe": {
        "id": "CWE-94",
        "name": "Improper Control of Generation of Code ('Code Injection')"
      },
      "discovery_date": "2023-04-04T00:00:00+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "8Base-RHMTC-1.7:rhmtc/openshift-migration-controller-rhel8@sha256:fdd27f3cb68a541b704fa014e7ea564583307743a4d31032cad01268dddf55bc_amd64",
            "8Base-RHMTC-1.7:rhmtc/openshift-migration-hook-runner-rhel8@sha256:9fea1718dc2fe0dd2735750df6d16921086e2593da3c8de2272584f1b976c6ee_amd64",
            "8Base-RHMTC-1.7:rhmtc/openshift-migration-legacy-rhel8-operator@sha256:ea7911f8d680f1a827fdd29fc67c5b5d0d5f420fd09baa930809ef4fa38ae6ab_amd64",
            "8Base-RHMTC-1.7:rhmtc/openshift-migration-log-reader-rhel8@sha256:d768e09a2ab2d6906d63612488d32180d1c6270804c0bcc9fa6f89bbd7f04193_amd64",
            "8Base-RHMTC-1.7:rhmtc/openshift-migration-must-gather-rhel8@sha256:fdf17820034efd0f7f76274798518bcea6c9483c8de8804f5a56b651ef77e717_amd64",
            "8Base-RHMTC-1.7:rhmtc/openshift-migration-openvpn-rhel8@sha256:edfff81bc56194aea84e3b80fa550b439c266df3fc81c58c111e5972b670f7ae_amd64",
            "8Base-RHMTC-1.7:rhmtc/openshift-migration-operator-bundle@sha256:20d278777ec6758913a21946f57ea207fd924f84085f6bf9ea51cd94eaae24ca_amd64",
            "8Base-RHMTC-1.7:rhmtc/openshift-migration-registry-rhel8@sha256:3200f7f9624ad8aee46d0e3ebf6c04464b277cac4da67075863c2f4f0b33aaff_amd64",
            "8Base-RHMTC-1.7:rhmtc/openshift-migration-rhel8-operator@sha256:41c5da49059d19beb97ec9d9fd4542120af73d488ffdc1d611c9774bf1f7c79a_amd64",
            "8Base-RHMTC-1.7:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:b172c46f467a7813bed75b04dd82c24be0092e1ea2c74a45a8f82ce895876e81_amd64",
            "8Base-RHMTC-1.7:rhmtc/openshift-migration-ui-rhel8@sha256:926a4c07b2a4223264fa1455f3f056d94a9dc52885713978ff8586e8caa2eff5_amd64",
            "8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-plugin-for-aws-rhel8@sha256:6097ccca550816d040055dd4878d17cc0996d47a436f06296fe5d26c5862e1f5_amd64",
            "8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-plugin-for-gcp-rhel8@sha256:1b4eb48d9aa6b63cd6409fa5b77eb769a2ed4bc257a4058d1a07a66ea95039a5_amd64",
            "8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-plugin-for-microsoft-azure-rhel8@sha256:9ef09a93b6910806b2952b9d50c5a61ae6f2c7284c439f61bf303d2e893c8c22_amd64",
            "8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-restic-restore-helper-rhel8@sha256:6da71292aa6f83b0c6cc113c6c05b2224ba2b3f90de62d69843cf6399558551e_amd64",
            "8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-rhel8@sha256:346fa63bcbdc03896e91b2ee3318e062b4deb7fe9183135c7841d0da69c3690c_amd64"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2184481"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in Golang Go. This flaw allows a remote attacker to execute arbitrary code on the system, caused by not properly considering backticks (`) as Javascript string delimiters. By sending a specially crafted request, an attacker execute arbitrary code on the system.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "golang: html/template: backticks not treated as string delimiters",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "The described issue involving Go templates and JavaScript template literals poses a moderate severity rather than an important one due to several mitigating factors. Firstly, the vulnerability requires specific conditions to be met: the presence of Go templates within JavaScript template literals. This limits the scope of affected codebases, reducing the likelihood of exploitation. Additionally, the decision to disallow such interactions in future releases of Go indicates a proactive approach to addressing the issue. Furthermore, the affected packages or components within Red Hat Enterprise Linux, such as Conmon, Grafana, and the RHC package, have been assessed and determined not to be impacted due to their specific usage patterns. So the limited scope of affected systems and the absence of exploitation vectors in specific components within Red Hat Enterprise Linux contribute to categorizing the severity of the issue as moderate.\n\nFor Red Hat Enterprise Linux,\n\n* Conmon uses go in unit testing, but not functionally in the package. Go is used only in test files, hence, not in the actual code, thus, conmon is not affected.\n* The Go templates in Grafana do not contain any javascript. Thus, it is not affected.\n* The rhc package do not make use of html/template. Hence, it is also not affected.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "8Base-RHMTC-1.7:rhmtc/openshift-velero-plugin-rhel8@sha256:916d5fd70f5eb58931927d44e05e2287ce85f04ac3bdefde78b6522214a0286e_amd64"
        ],
        "known_not_affected": [
          "8Base-RHMTC-1.7:rhmtc/openshift-migration-controller-rhel8@sha256:fdd27f3cb68a541b704fa014e7ea564583307743a4d31032cad01268dddf55bc_amd64",
          "8Base-RHMTC-1.7:rhmtc/openshift-migration-hook-runner-rhel8@sha256:9fea1718dc2fe0dd2735750df6d16921086e2593da3c8de2272584f1b976c6ee_amd64",
          "8Base-RHMTC-1.7:rhmtc/openshift-migration-legacy-rhel8-operator@sha256:ea7911f8d680f1a827fdd29fc67c5b5d0d5f420fd09baa930809ef4fa38ae6ab_amd64",
          "8Base-RHMTC-1.7:rhmtc/openshift-migration-log-reader-rhel8@sha256:d768e09a2ab2d6906d63612488d32180d1c6270804c0bcc9fa6f89bbd7f04193_amd64",
          "8Base-RHMTC-1.7:rhmtc/openshift-migration-must-gather-rhel8@sha256:fdf17820034efd0f7f76274798518bcea6c9483c8de8804f5a56b651ef77e717_amd64",
          "8Base-RHMTC-1.7:rhmtc/openshift-migration-openvpn-rhel8@sha256:edfff81bc56194aea84e3b80fa550b439c266df3fc81c58c111e5972b670f7ae_amd64",
          "8Base-RHMTC-1.7:rhmtc/openshift-migration-operator-bundle@sha256:20d278777ec6758913a21946f57ea207fd924f84085f6bf9ea51cd94eaae24ca_amd64",
          "8Base-RHMTC-1.7:rhmtc/openshift-migration-registry-rhel8@sha256:3200f7f9624ad8aee46d0e3ebf6c04464b277cac4da67075863c2f4f0b33aaff_amd64",
          "8Base-RHMTC-1.7:rhmtc/openshift-migration-rhel8-operator@sha256:41c5da49059d19beb97ec9d9fd4542120af73d488ffdc1d611c9774bf1f7c79a_amd64",
          "8Base-RHMTC-1.7:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:b172c46f467a7813bed75b04dd82c24be0092e1ea2c74a45a8f82ce895876e81_amd64",
          "8Base-RHMTC-1.7:rhmtc/openshift-migration-ui-rhel8@sha256:926a4c07b2a4223264fa1455f3f056d94a9dc52885713978ff8586e8caa2eff5_amd64",
          "8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-plugin-for-aws-rhel8@sha256:6097ccca550816d040055dd4878d17cc0996d47a436f06296fe5d26c5862e1f5_amd64",
          "8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-plugin-for-gcp-rhel8@sha256:1b4eb48d9aa6b63cd6409fa5b77eb769a2ed4bc257a4058d1a07a66ea95039a5_amd64",
          "8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-plugin-for-microsoft-azure-rhel8@sha256:9ef09a93b6910806b2952b9d50c5a61ae6f2c7284c439f61bf303d2e893c8c22_amd64",
          "8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-restic-restore-helper-rhel8@sha256:6da71292aa6f83b0c6cc113c6c05b2224ba2b3f90de62d69843cf6399558551e_amd64",
          "8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-rhel8@sha256:346fa63bcbdc03896e91b2ee3318e062b4deb7fe9183135c7841d0da69c3690c_amd64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2023-24538"
        },
        {
          "category": "external",
          "summary": "RHBZ#2184481",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2184481"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2023-24538",
          "url": "https://www.cve.org/CVERecord?id=CVE-2023-24538"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-24538",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-24538"
        },
        {
          "category": "external",
          "summary": "https://github.com/golang/go/issues/59234",
          "url": "https://github.com/golang/go/issues/59234"
        },
        {
          "category": "external",
          "summary": "https://groups.google.com/g/golang-announce/c/Xdv6JL9ENs8",
          "url": "https://groups.google.com/g/golang-announce/c/Xdv6JL9ENs8"
        }
      ],
      "release_date": "2023-04-04T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2023-06-15T09:48:09+00:00",
          "details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "8Base-RHMTC-1.7:rhmtc/openshift-velero-plugin-rhel8@sha256:916d5fd70f5eb58931927d44e05e2287ce85f04ac3bdefde78b6522214a0286e_amd64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2023:3624"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
          "product_ids": [
            "8Base-RHMTC-1.7:rhmtc/openshift-migration-controller-rhel8@sha256:fdd27f3cb68a541b704fa014e7ea564583307743a4d31032cad01268dddf55bc_amd64",
            "8Base-RHMTC-1.7:rhmtc/openshift-migration-hook-runner-rhel8@sha256:9fea1718dc2fe0dd2735750df6d16921086e2593da3c8de2272584f1b976c6ee_amd64",
            "8Base-RHMTC-1.7:rhmtc/openshift-migration-legacy-rhel8-operator@sha256:ea7911f8d680f1a827fdd29fc67c5b5d0d5f420fd09baa930809ef4fa38ae6ab_amd64",
            "8Base-RHMTC-1.7:rhmtc/openshift-migration-log-reader-rhel8@sha256:d768e09a2ab2d6906d63612488d32180d1c6270804c0bcc9fa6f89bbd7f04193_amd64",
            "8Base-RHMTC-1.7:rhmtc/openshift-migration-must-gather-rhel8@sha256:fdf17820034efd0f7f76274798518bcea6c9483c8de8804f5a56b651ef77e717_amd64",
            "8Base-RHMTC-1.7:rhmtc/openshift-migration-openvpn-rhel8@sha256:edfff81bc56194aea84e3b80fa550b439c266df3fc81c58c111e5972b670f7ae_amd64",
            "8Base-RHMTC-1.7:rhmtc/openshift-migration-operator-bundle@sha256:20d278777ec6758913a21946f57ea207fd924f84085f6bf9ea51cd94eaae24ca_amd64",
            "8Base-RHMTC-1.7:rhmtc/openshift-migration-registry-rhel8@sha256:3200f7f9624ad8aee46d0e3ebf6c04464b277cac4da67075863c2f4f0b33aaff_amd64",
            "8Base-RHMTC-1.7:rhmtc/openshift-migration-rhel8-operator@sha256:41c5da49059d19beb97ec9d9fd4542120af73d488ffdc1d611c9774bf1f7c79a_amd64",
            "8Base-RHMTC-1.7:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:b172c46f467a7813bed75b04dd82c24be0092e1ea2c74a45a8f82ce895876e81_amd64",
            "8Base-RHMTC-1.7:rhmtc/openshift-migration-ui-rhel8@sha256:926a4c07b2a4223264fa1455f3f056d94a9dc52885713978ff8586e8caa2eff5_amd64",
            "8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-plugin-for-aws-rhel8@sha256:6097ccca550816d040055dd4878d17cc0996d47a436f06296fe5d26c5862e1f5_amd64",
            "8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-plugin-for-gcp-rhel8@sha256:1b4eb48d9aa6b63cd6409fa5b77eb769a2ed4bc257a4058d1a07a66ea95039a5_amd64",
            "8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-plugin-for-microsoft-azure-rhel8@sha256:9ef09a93b6910806b2952b9d50c5a61ae6f2c7284c439f61bf303d2e893c8c22_amd64",
            "8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-restic-restore-helper-rhel8@sha256:6da71292aa6f83b0c6cc113c6c05b2224ba2b3f90de62d69843cf6399558551e_amd64",
            "8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-rhel8@sha256:346fa63bcbdc03896e91b2ee3318e062b4deb7fe9183135c7841d0da69c3690c_amd64",
            "8Base-RHMTC-1.7:rhmtc/openshift-velero-plugin-rhel8@sha256:916d5fd70f5eb58931927d44e05e2287ce85f04ac3bdefde78b6522214a0286e_amd64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "8Base-RHMTC-1.7:rhmtc/openshift-migration-controller-rhel8@sha256:fdd27f3cb68a541b704fa014e7ea564583307743a4d31032cad01268dddf55bc_amd64",
            "8Base-RHMTC-1.7:rhmtc/openshift-migration-hook-runner-rhel8@sha256:9fea1718dc2fe0dd2735750df6d16921086e2593da3c8de2272584f1b976c6ee_amd64",
            "8Base-RHMTC-1.7:rhmtc/openshift-migration-legacy-rhel8-operator@sha256:ea7911f8d680f1a827fdd29fc67c5b5d0d5f420fd09baa930809ef4fa38ae6ab_amd64",
            "8Base-RHMTC-1.7:rhmtc/openshift-migration-log-reader-rhel8@sha256:d768e09a2ab2d6906d63612488d32180d1c6270804c0bcc9fa6f89bbd7f04193_amd64",
            "8Base-RHMTC-1.7:rhmtc/openshift-migration-must-gather-rhel8@sha256:fdf17820034efd0f7f76274798518bcea6c9483c8de8804f5a56b651ef77e717_amd64",
            "8Base-RHMTC-1.7:rhmtc/openshift-migration-openvpn-rhel8@sha256:edfff81bc56194aea84e3b80fa550b439c266df3fc81c58c111e5972b670f7ae_amd64",
            "8Base-RHMTC-1.7:rhmtc/openshift-migration-operator-bundle@sha256:20d278777ec6758913a21946f57ea207fd924f84085f6bf9ea51cd94eaae24ca_amd64",
            "8Base-RHMTC-1.7:rhmtc/openshift-migration-registry-rhel8@sha256:3200f7f9624ad8aee46d0e3ebf6c04464b277cac4da67075863c2f4f0b33aaff_amd64",
            "8Base-RHMTC-1.7:rhmtc/openshift-migration-rhel8-operator@sha256:41c5da49059d19beb97ec9d9fd4542120af73d488ffdc1d611c9774bf1f7c79a_amd64",
            "8Base-RHMTC-1.7:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:b172c46f467a7813bed75b04dd82c24be0092e1ea2c74a45a8f82ce895876e81_amd64",
            "8Base-RHMTC-1.7:rhmtc/openshift-migration-ui-rhel8@sha256:926a4c07b2a4223264fa1455f3f056d94a9dc52885713978ff8586e8caa2eff5_amd64",
            "8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-plugin-for-aws-rhel8@sha256:6097ccca550816d040055dd4878d17cc0996d47a436f06296fe5d26c5862e1f5_amd64",
            "8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-plugin-for-gcp-rhel8@sha256:1b4eb48d9aa6b63cd6409fa5b77eb769a2ed4bc257a4058d1a07a66ea95039a5_amd64",
            "8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-plugin-for-microsoft-azure-rhel8@sha256:9ef09a93b6910806b2952b9d50c5a61ae6f2c7284c439f61bf303d2e893c8c22_amd64",
            "8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-restic-restore-helper-rhel8@sha256:6da71292aa6f83b0c6cc113c6c05b2224ba2b3f90de62d69843cf6399558551e_amd64",
            "8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-rhel8@sha256:346fa63bcbdc03896e91b2ee3318e062b4deb7fe9183135c7841d0da69c3690c_amd64",
            "8Base-RHMTC-1.7:rhmtc/openshift-velero-plugin-rhel8@sha256:916d5fd70f5eb58931927d44e05e2287ce85f04ac3bdefde78b6522214a0286e_amd64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "golang: html/template: backticks not treated as string delimiters"
    },
    {
      "acknowledgments": [
        {
          "names": [
            "Juho Nurminen"
          ],
          "organization": "Mattermost"
        }
      ],
      "cve": "CVE-2023-24540",
      "cwe": {
        "id": "CWE-176",
        "name": "Improper Handling of Unicode Encoding"
      },
      "discovery_date": "2023-05-07T00:00:00+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "8Base-RHMTC-1.7:rhmtc/openshift-migration-controller-rhel8@sha256:fdd27f3cb68a541b704fa014e7ea564583307743a4d31032cad01268dddf55bc_amd64",
            "8Base-RHMTC-1.7:rhmtc/openshift-migration-hook-runner-rhel8@sha256:9fea1718dc2fe0dd2735750df6d16921086e2593da3c8de2272584f1b976c6ee_amd64",
            "8Base-RHMTC-1.7:rhmtc/openshift-migration-legacy-rhel8-operator@sha256:ea7911f8d680f1a827fdd29fc67c5b5d0d5f420fd09baa930809ef4fa38ae6ab_amd64",
            "8Base-RHMTC-1.7:rhmtc/openshift-migration-log-reader-rhel8@sha256:d768e09a2ab2d6906d63612488d32180d1c6270804c0bcc9fa6f89bbd7f04193_amd64",
            "8Base-RHMTC-1.7:rhmtc/openshift-migration-must-gather-rhel8@sha256:fdf17820034efd0f7f76274798518bcea6c9483c8de8804f5a56b651ef77e717_amd64",
            "8Base-RHMTC-1.7:rhmtc/openshift-migration-openvpn-rhel8@sha256:edfff81bc56194aea84e3b80fa550b439c266df3fc81c58c111e5972b670f7ae_amd64",
            "8Base-RHMTC-1.7:rhmtc/openshift-migration-operator-bundle@sha256:20d278777ec6758913a21946f57ea207fd924f84085f6bf9ea51cd94eaae24ca_amd64",
            "8Base-RHMTC-1.7:rhmtc/openshift-migration-registry-rhel8@sha256:3200f7f9624ad8aee46d0e3ebf6c04464b277cac4da67075863c2f4f0b33aaff_amd64",
            "8Base-RHMTC-1.7:rhmtc/openshift-migration-rhel8-operator@sha256:41c5da49059d19beb97ec9d9fd4542120af73d488ffdc1d611c9774bf1f7c79a_amd64",
            "8Base-RHMTC-1.7:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:b172c46f467a7813bed75b04dd82c24be0092e1ea2c74a45a8f82ce895876e81_amd64",
            "8Base-RHMTC-1.7:rhmtc/openshift-migration-ui-rhel8@sha256:926a4c07b2a4223264fa1455f3f056d94a9dc52885713978ff8586e8caa2eff5_amd64",
            "8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-plugin-for-aws-rhel8@sha256:6097ccca550816d040055dd4878d17cc0996d47a436f06296fe5d26c5862e1f5_amd64",
            "8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-plugin-for-gcp-rhel8@sha256:1b4eb48d9aa6b63cd6409fa5b77eb769a2ed4bc257a4058d1a07a66ea95039a5_amd64",
            "8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-plugin-for-microsoft-azure-rhel8@sha256:9ef09a93b6910806b2952b9d50c5a61ae6f2c7284c439f61bf303d2e893c8c22_amd64",
            "8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-restic-restore-helper-rhel8@sha256:6da71292aa6f83b0c6cc113c6c05b2224ba2b3f90de62d69843cf6399558551e_amd64",
            "8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-rhel8@sha256:346fa63bcbdc03896e91b2ee3318e062b4deb7fe9183135c7841d0da69c3690c_amd64"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2196027"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in golang, where not all valid JavaScript white-space characters were considered white space. Due to this issue, templates containing white-space characters outside of the character set \"\\t\\n\\f\\r\\u0020\\u2028\\u2029\" in JavaScript contexts that also contain actions may not be properly sanitized during execution.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "golang: html/template: improper handling of JavaScript whitespace",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "For Red Hat Enterprise Linux,\n* Conmon uses go in unit testing, but not functionally in the package. Go is used only in test files, hence, not in the actual code, thus, conmon is not affected.\n* The Go templates in Grafana do not contain any javascript. Thus, it is not affected.\n* Ignition does not make use of html/template.\n\nIn Red Hat Advanced Cluster Management for Kubernetes (RHACM) the affected containers are behind OpenShift OAuth authentication. This restricts access to the vulnerable golang html/templates to authenticated users only, therefore the impact is low.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "8Base-RHMTC-1.7:rhmtc/openshift-velero-plugin-rhel8@sha256:916d5fd70f5eb58931927d44e05e2287ce85f04ac3bdefde78b6522214a0286e_amd64"
        ],
        "known_not_affected": [
          "8Base-RHMTC-1.7:rhmtc/openshift-migration-controller-rhel8@sha256:fdd27f3cb68a541b704fa014e7ea564583307743a4d31032cad01268dddf55bc_amd64",
          "8Base-RHMTC-1.7:rhmtc/openshift-migration-hook-runner-rhel8@sha256:9fea1718dc2fe0dd2735750df6d16921086e2593da3c8de2272584f1b976c6ee_amd64",
          "8Base-RHMTC-1.7:rhmtc/openshift-migration-legacy-rhel8-operator@sha256:ea7911f8d680f1a827fdd29fc67c5b5d0d5f420fd09baa930809ef4fa38ae6ab_amd64",
          "8Base-RHMTC-1.7:rhmtc/openshift-migration-log-reader-rhel8@sha256:d768e09a2ab2d6906d63612488d32180d1c6270804c0bcc9fa6f89bbd7f04193_amd64",
          "8Base-RHMTC-1.7:rhmtc/openshift-migration-must-gather-rhel8@sha256:fdf17820034efd0f7f76274798518bcea6c9483c8de8804f5a56b651ef77e717_amd64",
          "8Base-RHMTC-1.7:rhmtc/openshift-migration-openvpn-rhel8@sha256:edfff81bc56194aea84e3b80fa550b439c266df3fc81c58c111e5972b670f7ae_amd64",
          "8Base-RHMTC-1.7:rhmtc/openshift-migration-operator-bundle@sha256:20d278777ec6758913a21946f57ea207fd924f84085f6bf9ea51cd94eaae24ca_amd64",
          "8Base-RHMTC-1.7:rhmtc/openshift-migration-registry-rhel8@sha256:3200f7f9624ad8aee46d0e3ebf6c04464b277cac4da67075863c2f4f0b33aaff_amd64",
          "8Base-RHMTC-1.7:rhmtc/openshift-migration-rhel8-operator@sha256:41c5da49059d19beb97ec9d9fd4542120af73d488ffdc1d611c9774bf1f7c79a_amd64",
          "8Base-RHMTC-1.7:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:b172c46f467a7813bed75b04dd82c24be0092e1ea2c74a45a8f82ce895876e81_amd64",
          "8Base-RHMTC-1.7:rhmtc/openshift-migration-ui-rhel8@sha256:926a4c07b2a4223264fa1455f3f056d94a9dc52885713978ff8586e8caa2eff5_amd64",
          "8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-plugin-for-aws-rhel8@sha256:6097ccca550816d040055dd4878d17cc0996d47a436f06296fe5d26c5862e1f5_amd64",
          "8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-plugin-for-gcp-rhel8@sha256:1b4eb48d9aa6b63cd6409fa5b77eb769a2ed4bc257a4058d1a07a66ea95039a5_amd64",
          "8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-plugin-for-microsoft-azure-rhel8@sha256:9ef09a93b6910806b2952b9d50c5a61ae6f2c7284c439f61bf303d2e893c8c22_amd64",
          "8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-restic-restore-helper-rhel8@sha256:6da71292aa6f83b0c6cc113c6c05b2224ba2b3f90de62d69843cf6399558551e_amd64",
          "8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-rhel8@sha256:346fa63bcbdc03896e91b2ee3318e062b4deb7fe9183135c7841d0da69c3690c_amd64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2023-24540"
        },
        {
          "category": "external",
          "summary": "RHBZ#2196027",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2196027"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2023-24540",
          "url": "https://www.cve.org/CVERecord?id=CVE-2023-24540"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-24540",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-24540"
        },
        {
          "category": "external",
          "summary": "https://go.dev/issue/59721",
          "url": "https://go.dev/issue/59721"
        },
        {
          "category": "external",
          "summary": "https://groups.google.com/g/golang-announce/c/MEb0UyuSMsU",
          "url": "https://groups.google.com/g/golang-announce/c/MEb0UyuSMsU"
        }
      ],
      "release_date": "2023-04-20T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2023-06-15T09:48:09+00:00",
          "details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "8Base-RHMTC-1.7:rhmtc/openshift-velero-plugin-rhel8@sha256:916d5fd70f5eb58931927d44e05e2287ce85f04ac3bdefde78b6522214a0286e_amd64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2023:3624"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
          "product_ids": [
            "8Base-RHMTC-1.7:rhmtc/openshift-migration-controller-rhel8@sha256:fdd27f3cb68a541b704fa014e7ea564583307743a4d31032cad01268dddf55bc_amd64",
            "8Base-RHMTC-1.7:rhmtc/openshift-migration-hook-runner-rhel8@sha256:9fea1718dc2fe0dd2735750df6d16921086e2593da3c8de2272584f1b976c6ee_amd64",
            "8Base-RHMTC-1.7:rhmtc/openshift-migration-legacy-rhel8-operator@sha256:ea7911f8d680f1a827fdd29fc67c5b5d0d5f420fd09baa930809ef4fa38ae6ab_amd64",
            "8Base-RHMTC-1.7:rhmtc/openshift-migration-log-reader-rhel8@sha256:d768e09a2ab2d6906d63612488d32180d1c6270804c0bcc9fa6f89bbd7f04193_amd64",
            "8Base-RHMTC-1.7:rhmtc/openshift-migration-must-gather-rhel8@sha256:fdf17820034efd0f7f76274798518bcea6c9483c8de8804f5a56b651ef77e717_amd64",
            "8Base-RHMTC-1.7:rhmtc/openshift-migration-openvpn-rhel8@sha256:edfff81bc56194aea84e3b80fa550b439c266df3fc81c58c111e5972b670f7ae_amd64",
            "8Base-RHMTC-1.7:rhmtc/openshift-migration-operator-bundle@sha256:20d278777ec6758913a21946f57ea207fd924f84085f6bf9ea51cd94eaae24ca_amd64",
            "8Base-RHMTC-1.7:rhmtc/openshift-migration-registry-rhel8@sha256:3200f7f9624ad8aee46d0e3ebf6c04464b277cac4da67075863c2f4f0b33aaff_amd64",
            "8Base-RHMTC-1.7:rhmtc/openshift-migration-rhel8-operator@sha256:41c5da49059d19beb97ec9d9fd4542120af73d488ffdc1d611c9774bf1f7c79a_amd64",
            "8Base-RHMTC-1.7:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:b172c46f467a7813bed75b04dd82c24be0092e1ea2c74a45a8f82ce895876e81_amd64",
            "8Base-RHMTC-1.7:rhmtc/openshift-migration-ui-rhel8@sha256:926a4c07b2a4223264fa1455f3f056d94a9dc52885713978ff8586e8caa2eff5_amd64",
            "8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-plugin-for-aws-rhel8@sha256:6097ccca550816d040055dd4878d17cc0996d47a436f06296fe5d26c5862e1f5_amd64",
            "8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-plugin-for-gcp-rhel8@sha256:1b4eb48d9aa6b63cd6409fa5b77eb769a2ed4bc257a4058d1a07a66ea95039a5_amd64",
            "8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-plugin-for-microsoft-azure-rhel8@sha256:9ef09a93b6910806b2952b9d50c5a61ae6f2c7284c439f61bf303d2e893c8c22_amd64",
            "8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-restic-restore-helper-rhel8@sha256:6da71292aa6f83b0c6cc113c6c05b2224ba2b3f90de62d69843cf6399558551e_amd64",
            "8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-rhel8@sha256:346fa63bcbdc03896e91b2ee3318e062b4deb7fe9183135c7841d0da69c3690c_amd64",
            "8Base-RHMTC-1.7:rhmtc/openshift-velero-plugin-rhel8@sha256:916d5fd70f5eb58931927d44e05e2287ce85f04ac3bdefde78b6522214a0286e_amd64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "8Base-RHMTC-1.7:rhmtc/openshift-migration-controller-rhel8@sha256:fdd27f3cb68a541b704fa014e7ea564583307743a4d31032cad01268dddf55bc_amd64",
            "8Base-RHMTC-1.7:rhmtc/openshift-migration-hook-runner-rhel8@sha256:9fea1718dc2fe0dd2735750df6d16921086e2593da3c8de2272584f1b976c6ee_amd64",
            "8Base-RHMTC-1.7:rhmtc/openshift-migration-legacy-rhel8-operator@sha256:ea7911f8d680f1a827fdd29fc67c5b5d0d5f420fd09baa930809ef4fa38ae6ab_amd64",
            "8Base-RHMTC-1.7:rhmtc/openshift-migration-log-reader-rhel8@sha256:d768e09a2ab2d6906d63612488d32180d1c6270804c0bcc9fa6f89bbd7f04193_amd64",
            "8Base-RHMTC-1.7:rhmtc/openshift-migration-must-gather-rhel8@sha256:fdf17820034efd0f7f76274798518bcea6c9483c8de8804f5a56b651ef77e717_amd64",
            "8Base-RHMTC-1.7:rhmtc/openshift-migration-openvpn-rhel8@sha256:edfff81bc56194aea84e3b80fa550b439c266df3fc81c58c111e5972b670f7ae_amd64",
            "8Base-RHMTC-1.7:rhmtc/openshift-migration-operator-bundle@sha256:20d278777ec6758913a21946f57ea207fd924f84085f6bf9ea51cd94eaae24ca_amd64",
            "8Base-RHMTC-1.7:rhmtc/openshift-migration-registry-rhel8@sha256:3200f7f9624ad8aee46d0e3ebf6c04464b277cac4da67075863c2f4f0b33aaff_amd64",
            "8Base-RHMTC-1.7:rhmtc/openshift-migration-rhel8-operator@sha256:41c5da49059d19beb97ec9d9fd4542120af73d488ffdc1d611c9774bf1f7c79a_amd64",
            "8Base-RHMTC-1.7:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:b172c46f467a7813bed75b04dd82c24be0092e1ea2c74a45a8f82ce895876e81_amd64",
            "8Base-RHMTC-1.7:rhmtc/openshift-migration-ui-rhel8@sha256:926a4c07b2a4223264fa1455f3f056d94a9dc52885713978ff8586e8caa2eff5_amd64",
            "8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-plugin-for-aws-rhel8@sha256:6097ccca550816d040055dd4878d17cc0996d47a436f06296fe5d26c5862e1f5_amd64",
            "8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-plugin-for-gcp-rhel8@sha256:1b4eb48d9aa6b63cd6409fa5b77eb769a2ed4bc257a4058d1a07a66ea95039a5_amd64",
            "8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-plugin-for-microsoft-azure-rhel8@sha256:9ef09a93b6910806b2952b9d50c5a61ae6f2c7284c439f61bf303d2e893c8c22_amd64",
            "8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-restic-restore-helper-rhel8@sha256:6da71292aa6f83b0c6cc113c6c05b2224ba2b3f90de62d69843cf6399558551e_amd64",
            "8Base-RHMTC-1.7:rhmtc/openshift-migration-velero-rhel8@sha256:346fa63bcbdc03896e91b2ee3318e062b4deb7fe9183135c7841d0da69c3690c_amd64",
            "8Base-RHMTC-1.7:rhmtc/openshift-velero-plugin-rhel8@sha256:916d5fd70f5eb58931927d44e05e2287ce85f04ac3bdefde78b6522214a0286e_amd64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "golang: html/template: improper handling of JavaScript whitespace"
    }
  ]
}