{
    "dataType": "CVE_RECORD",
    "cveMetadata": {
        "cveId": "CVE-2024-3727",
        "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "state": "PUBLISHED",
        "assignerShortName": "redhat",
        "dateReserved": "2024-04-12T17:56:37.261Z",
        "datePublished": "2024-05-09T14:57:21.327Z",
        "dateUpdated": "2024-10-29T00:10:39.166Z"
    },
    "containers": {
        "cna": {
            "title": "Containers/image: digest type does not guarantee valid type",
            "metrics": [
                {
                    "other": {
                        "content": {
                            "value": "Moderate",
                            "namespace": "https://access.redhat.com/security/updates/classification/"
                        },
                        "type": "Red Hat severity rating"
                    }
                },
                {
                    "cvssV3_1": {
                        "attackComplexity": "HIGH",
                        "attackVector": "NETWORK",
                        "availabilityImpact": "HIGH",
                        "baseScore": 8.3,
                        "baseSeverity": "HIGH",
                        "confidentialityImpact": "HIGH",
                        "integrityImpact": "HIGH",
                        "privilegesRequired": "NONE",
                        "scope": "CHANGED",
                        "userInteraction": "REQUIRED",
                        "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H",
                        "version": "3.1"
                    },
                    "format": "CVSS"
                }
            ],
            "descriptions": [
                {
                    "lang": "en",
                    "value": "A flaw was found in the github.com/containers/image library. This flaw allows attackers to trigger unexpected authenticated registry accesses on behalf of a victim user, causing resource exhaustion, local path traversal, and other attacks."
                }
            ],
            "affected": [
                {
                    "versions": [
                        {
                            "status": "affected",
                            "version": "0",
                            "lessThan": "5.29.3",
                            "versionType": "semver"
                        },
                        {
                            "status": "affected",
                            "version": "5.30.0",
                            "lessThan": "5.30.1",
                            "versionType": "semver"
                        }
                    ],
                    "packageName": "image",
                    "collectionURL": "https://github.com/containers/image",
                    "defaultStatus": "unaffected"
                },
                {
                    "vendor": "Red Hat",
                    "product": "Red Hat Advanced Cluster Security 4.4",
                    "collectionURL": "https://catalog.redhat.com/software/containers/",
                    "packageName": "advanced-cluster-security/rhacs-central-db-rhel8",
                    "defaultStatus": "affected",
                    "versions": [
                        {
                            "version": "4.4.5-2",
                            "lessThan": "*",
                            "versionType": "rpm",
                            "status": "unaffected"
                        }
                    ],
                    "cpes": [
                        "cpe:/a:redhat:advanced_cluster_security:4.4::el8"
                    ]
                },
                {
                    "vendor": "Red Hat",
                    "product": "Red Hat Advanced Cluster Security 4.4",
                    "collectionURL": "https://catalog.redhat.com/software/containers/",
                    "packageName": "advanced-cluster-security/rhacs-collector-rhel8",
                    "defaultStatus": "affected",
                    "versions": [
                        {
                            "version": "4.4.5-2",
                            "lessThan": "*",
                            "versionType": "rpm",
                            "status": "unaffected"
                        }
                    ],
                    "cpes": [
                        "cpe:/a:redhat:advanced_cluster_security:4.4::el8"
                    ]
                },
                {
                    "vendor": "Red Hat",
                    "product": "Red Hat Advanced Cluster Security 4.4",
                    "collectionURL": "https://catalog.redhat.com/software/containers/",
                    "packageName": "advanced-cluster-security/rhacs-collector-slim-rhel8",
                    "defaultStatus": "affected",
                    "versions": [
                        {
                            "version": "4.4.5-2",
                            "lessThan": "*",
                            "versionType": "rpm",
                            "status": "unaffected"
                        }
                    ],
                    "cpes": [
                        "cpe:/a:redhat:advanced_cluster_security:4.4::el8"
                    ]
                },
                {
                    "vendor": "Red Hat",
                    "product": "Red Hat Advanced Cluster Security 4.4",
                    "collectionURL": "https://catalog.redhat.com/software/containers/",
                    "packageName": "advanced-cluster-security/rhacs-main-rhel8",
                    "defaultStatus": "affected",
                    "versions": [
                        {
                            "version": "4.4.5-4",
                            "lessThan": "*",
                            "versionType": "rpm",
                            "status": "unaffected"
                        }
                    ],
                    "cpes": [
                        "cpe:/a:redhat:advanced_cluster_security:4.4::el8"
                    ]
                },
                {
                    "vendor": "Red Hat",
                    "product": "Red Hat Advanced Cluster Security 4.4",
                    "collectionURL": "https://catalog.redhat.com/software/containers/",
                    "packageName": "advanced-cluster-security/rhacs-operator-bundle",
                    "defaultStatus": "affected",
                    "versions": [
                        {
                            "version": "4.4.5-3",
                            "lessThan": "*",
                            "versionType": "rpm",
                            "status": "unaffected"
                        }
                    ],
                    "cpes": [
                        "cpe:/a:redhat:advanced_cluster_security:4.4::el8"
                    ]
                },
                {
                    "vendor": "Red Hat",
                    "product": "Red Hat Advanced Cluster Security 4.4",
                    "collectionURL": "https://catalog.redhat.com/software/containers/",
                    "packageName": "advanced-cluster-security/rhacs-rhel8-operator",
                    "defaultStatus": "affected",
                    "versions": [
                        {
                            "version": "4.4.5-2",
                            "lessThan": "*",
                            "versionType": "rpm",
                            "status": "unaffected"
                        }
                    ],
                    "cpes": [
                        "cpe:/a:redhat:advanced_cluster_security:4.4::el8"
                    ]
                },
                {
                    "vendor": "Red Hat",
                    "product": "Red Hat Advanced Cluster Security 4.4",
                    "collectionURL": "https://catalog.redhat.com/software/containers/",
                    "packageName": "advanced-cluster-security/rhacs-roxctl-rhel8",
                    "defaultStatus": "affected",
                    "versions": [
                        {
                            "version": "4.4.5-2",
                            "lessThan": "*",
                            "versionType": "rpm",
                            "status": "unaffected"
                        }
                    ],
                    "cpes": [
                        "cpe:/a:redhat:advanced_cluster_security:4.4::el8"
                    ]
                },
                {
                    "vendor": "Red Hat",
                    "product": "Red Hat Advanced Cluster Security 4.4",
                    "collectionURL": "https://catalog.redhat.com/software/containers/",
                    "packageName": "advanced-cluster-security/rhacs-scanner-db-rhel8",
                    "defaultStatus": "affected",
                    "versions": [
                        {
                            "version": "4.4.5-2",
                            "lessThan": "*",
                            "versionType": "rpm",
                            "status": "unaffected"
                        }
                    ],
                    "cpes": [
                        "cpe:/a:redhat:advanced_cluster_security:4.4::el8"
                    ]
                },
                {
                    "vendor": "Red Hat",
                    "product": "Red Hat Advanced Cluster Security 4.4",
                    "collectionURL": "https://catalog.redhat.com/software/containers/",
                    "packageName": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8",
                    "defaultStatus": "affected",
                    "versions": [
                        {
                            "version": "4.4.5-3",
                            "lessThan": "*",
                            "versionType": "rpm",
                            "status": "unaffected"
                        }
                    ],
                    "cpes": [
                        "cpe:/a:redhat:advanced_cluster_security:4.4::el8"
                    ]
                },
                {
                    "vendor": "Red Hat",
                    "product": "Red Hat Advanced Cluster Security 4.4",
                    "collectionURL": "https://catalog.redhat.com/software/containers/",
                    "packageName": "advanced-cluster-security/rhacs-scanner-rhel8",
                    "defaultStatus": "affected",
                    "versions": [
                        {
                            "version": "4.4.5-2",
                            "lessThan": "*",
                            "versionType": "rpm",
                            "status": "unaffected"
                        }
                    ],
                    "cpes": [
                        "cpe:/a:redhat:advanced_cluster_security:4.4::el8"
                    ]
                },
                {
                    "vendor": "Red Hat",
                    "product": "Red Hat Advanced Cluster Security 4.4",
                    "collectionURL": "https://catalog.redhat.com/software/containers/",
                    "packageName": "advanced-cluster-security/rhacs-scanner-slim-rhel8",
                    "defaultStatus": "affected",
                    "versions": [
                        {
                            "version": "4.4.5-2",
                            "lessThan": "*",
                            "versionType": "rpm",
                            "status": "unaffected"
                        }
                    ],
                    "cpes": [
                        "cpe:/a:redhat:advanced_cluster_security:4.4::el8"
                    ]
                },
                {
                    "vendor": "Red Hat",
                    "product": "Red Hat Advanced Cluster Security 4.4",
                    "collectionURL": "https://catalog.redhat.com/software/containers/",
                    "packageName": "advanced-cluster-security/rhacs-scanner-v4-db-rhel8",
                    "defaultStatus": "affected",
                    "versions": [
                        {
                            "version": "4.4.5-3",
                            "lessThan": "*",
                            "versionType": "rpm",
                            "status": "unaffected"
                        }
                    ],
                    "cpes": [
                        "cpe:/a:redhat:advanced_cluster_security:4.4::el8"
                    ]
                },
                {
                    "vendor": "Red Hat",
                    "product": "Red Hat Advanced Cluster Security 4.4",
                    "collectionURL": "https://catalog.redhat.com/software/containers/",
                    "packageName": "advanced-cluster-security/rhacs-scanner-v4-rhel8",
                    "defaultStatus": "affected",
                    "versions": [
                        {
                            "version": "4.4.5-3",
                            "lessThan": "*",
                            "versionType": "rpm",
                            "status": "unaffected"
                        }
                    ],
                    "cpes": [
                        "cpe:/a:redhat:advanced_cluster_security:4.4::el8"
                    ]
                },
                {
                    "vendor": "Red Hat",
                    "product": "Red Hat Advanced Cluster Security 4.5",
                    "collectionURL": "https://catalog.redhat.com/software/containers/",
                    "packageName": "advanced-cluster-security/rhacs-central-db-rhel8",
                    "defaultStatus": "affected",
                    "versions": [
                        {
                            "version": "4.5.2-2",
                            "lessThan": "*",
                            "versionType": "rpm",
                            "status": "unaffected"
                        }
                    ],
                    "cpes": [
                        "cpe:/a:redhat:advanced_cluster_security:4.5::el8"
                    ]
                },
                {
                    "vendor": "Red Hat",
                    "product": "Red Hat Advanced Cluster Security 4.5",
                    "collectionURL": "https://catalog.redhat.com/software/containers/",
                    "packageName": "advanced-cluster-security/rhacs-collector-rhel8",
                    "defaultStatus": "affected",
                    "versions": [
                        {
                            "version": "4.5.2-2",
                            "lessThan": "*",
                            "versionType": "rpm",
                            "status": "unaffected"
                        }
                    ],
                    "cpes": [
                        "cpe:/a:redhat:advanced_cluster_security:4.5::el8"
                    ]
                },
                {
                    "vendor": "Red Hat",
                    "product": "Red Hat Advanced Cluster Security 4.5",
                    "collectionURL": "https://catalog.redhat.com/software/containers/",
                    "packageName": "advanced-cluster-security/rhacs-collector-slim-rhel8",
                    "defaultStatus": "affected",
                    "versions": [
                        {
                            "version": "4.5.2-2",
                            "lessThan": "*",
                            "versionType": "rpm",
                            "status": "unaffected"
                        }
                    ],
                    "cpes": [
                        "cpe:/a:redhat:advanced_cluster_security:4.5::el8"
                    ]
                },
                {
                    "vendor": "Red Hat",
                    "product": "Red Hat Advanced Cluster Security 4.5",
                    "collectionURL": "https://catalog.redhat.com/software/containers/",
                    "packageName": "advanced-cluster-security/rhacs-main-rhel8",
                    "defaultStatus": "affected",
                    "versions": [
                        {
                            "version": "4.5.2-2",
                            "lessThan": "*",
                            "versionType": "rpm",
                            "status": "unaffected"
                        }
                    ],
                    "cpes": [
                        "cpe:/a:redhat:advanced_cluster_security:4.5::el8"
                    ]
                },
                {
                    "vendor": "Red Hat",
                    "product": "Red Hat Advanced Cluster Security 4.5",
                    "collectionURL": "https://catalog.redhat.com/software/containers/",
                    "packageName": "advanced-cluster-security/rhacs-operator-bundle",
                    "defaultStatus": "affected",
                    "versions": [
                        {
                            "version": "4.5.2-2",
                            "lessThan": "*",
                            "versionType": "rpm",
                            "status": "unaffected"
                        }
                    ],
                    "cpes": [
                        "cpe:/a:redhat:advanced_cluster_security:4.5::el8"
                    ]
                },
                {
                    "vendor": "Red Hat",
                    "product": "Red Hat Advanced Cluster Security 4.5",
                    "collectionURL": "https://catalog.redhat.com/software/containers/",
                    "packageName": "advanced-cluster-security/rhacs-rhel8-operator",
                    "defaultStatus": "affected",
                    "versions": [
                        {
                            "version": "4.5.2-2",
                            "lessThan": "*",
                            "versionType": "rpm",
                            "status": "unaffected"
                        }
                    ],
                    "cpes": [
                        "cpe:/a:redhat:advanced_cluster_security:4.5::el8"
                    ]
                },
                {
                    "vendor": "Red Hat",
                    "product": "Red Hat Advanced Cluster Security 4.5",
                    "collectionURL": "https://catalog.redhat.com/software/containers/",
                    "packageName": "advanced-cluster-security/rhacs-roxctl-rhel8",
                    "defaultStatus": "affected",
                    "versions": [
                        {
                            "version": "4.5.2-2",
                            "lessThan": "*",
                            "versionType": "rpm",
                            "status": "unaffected"
                        }
                    ],
                    "cpes": [
                        "cpe:/a:redhat:advanced_cluster_security:4.5::el8"
                    ]
                },
                {
                    "vendor": "Red Hat",
                    "product": "Red Hat Advanced Cluster Security 4.5",
                    "collectionURL": "https://catalog.redhat.com/software/containers/",
                    "packageName": "advanced-cluster-security/rhacs-scanner-db-rhel8",
                    "defaultStatus": "affected",
                    "versions": [
                        {
                            "version": "4.5.2-2",
                            "lessThan": "*",
                            "versionType": "rpm",
                            "status": "unaffected"
                        }
                    ],
                    "cpes": [
                        "cpe:/a:redhat:advanced_cluster_security:4.5::el8"
                    ]
                },
                {
                    "vendor": "Red Hat",
                    "product": "Red Hat Advanced Cluster Security 4.5",
                    "collectionURL": "https://catalog.redhat.com/software/containers/",
                    "packageName": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8",
                    "defaultStatus": "affected",
                    "versions": [
                        {
                            "version": "4.5.2-2",
                            "lessThan": "*",
                            "versionType": "rpm",
                            "status": "unaffected"
                        }
                    ],
                    "cpes": [
                        "cpe:/a:redhat:advanced_cluster_security:4.5::el8"
                    ]
                },
                {
                    "vendor": "Red Hat",
                    "product": "Red Hat Advanced Cluster Security 4.5",
                    "collectionURL": "https://catalog.redhat.com/software/containers/",
                    "packageName": "advanced-cluster-security/rhacs-scanner-rhel8",
                    "defaultStatus": "affected",
                    "versions": [
                        {
                            "version": "4.5.2-2",
                            "lessThan": "*",
                            "versionType": "rpm",
                            "status": "unaffected"
                        }
                    ],
                    "cpes": [
                        "cpe:/a:redhat:advanced_cluster_security:4.5::el8"
                    ]
                },
                {
                    "vendor": "Red Hat",
                    "product": "Red Hat Advanced Cluster Security 4.5",
                    "collectionURL": "https://catalog.redhat.com/software/containers/",
                    "packageName": "advanced-cluster-security/rhacs-scanner-slim-rhel8",
                    "defaultStatus": "affected",
                    "versions": [
                        {
                            "version": "4.5.2-1",
                            "lessThan": "*",
                            "versionType": "rpm",
                            "status": "unaffected"
                        }
                    ],
                    "cpes": [
                        "cpe:/a:redhat:advanced_cluster_security:4.5::el8"
                    ]
                },
                {
                    "vendor": "Red Hat",
                    "product": "Red Hat Advanced Cluster Security 4.5",
                    "collectionURL": "https://catalog.redhat.com/software/containers/",
                    "packageName": "advanced-cluster-security/rhacs-scanner-v4-db-rhel8",
                    "defaultStatus": "affected",
                    "versions": [
                        {
                            "version": "4.5.2-2",
                            "lessThan": "*",
                            "versionType": "rpm",
                            "status": "unaffected"
                        }
                    ],
                    "cpes": [
                        "cpe:/a:redhat:advanced_cluster_security:4.5::el8"
                    ]
                },
                {
                    "vendor": "Red Hat",
                    "product": "Red Hat Advanced Cluster Security 4.5",
                    "collectionURL": "https://catalog.redhat.com/software/containers/",
                    "packageName": "advanced-cluster-security/rhacs-scanner-v4-rhel8",
                    "defaultStatus": "affected",
                    "versions": [
                        {
                            "version": "4.5.2-2",
                            "lessThan": "*",
                            "versionType": "rpm",
                            "status": "unaffected"
                        }
                    ],
                    "cpes": [
                        "cpe:/a:redhat:advanced_cluster_security:4.5::el8"
                    ]
                },
                {
                    "vendor": "Red Hat",
                    "product": "Red Hat Enterprise Linux 8",
                    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
                    "packageName": "container-tools:rhel8",
                    "defaultStatus": "affected",
                    "versions": [
                        {
                            "version": "8100020240808093819.afee755d",
                            "lessThan": "*",
                            "versionType": "rpm",
                            "status": "unaffected"
                        }
                    ],
                    "cpes": [
                        "cpe:/a:redhat:enterprise_linux:8::appstream"
                    ]
                },
                {
                    "vendor": "Red Hat",
                    "product": "Red Hat Migration Toolkit for Containers 1.8",
                    "collectionURL": "https://catalog.redhat.com/software/containers/",
                    "packageName": "rhmtc/openshift-migration-controller-rhel8",
                    "defaultStatus": "affected",
                    "versions": [
                        {
                            "version": "v1.8.4-22",
                            "lessThan": "*",
                            "versionType": "rpm",
                            "status": "unaffected"
                        }
                    ],
                    "cpes": [
                        "cpe:/a:redhat:rhmt:1.8::el8"
                    ]
                },
                {
                    "vendor": "Red Hat",
                    "product": "Red Hat OpenShift Container Platform 4.13",
                    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
                    "packageName": "podman",
                    "defaultStatus": "affected",
                    "versions": [
                        {
                            "version": "3:4.4.1-14.rhaos4.13.el9",
                            "lessThan": "*",
                            "versionType": "rpm",
                            "status": "unaffected"
                        }
                    ],
                    "cpes": [
                        "cpe:/a:redhat:openshift:4.13::el8",
                        "cpe:/a:redhat:openshift_ironic:4.13::el9",
                        "cpe:/a:redhat:openshift:4.13::el9"
                    ]
                },
                {
                    "vendor": "Red Hat",
                    "product": "Red Hat OpenShift Container Platform 4.13",
                    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
                    "packageName": "skopeo",
                    "defaultStatus": "affected",
                    "versions": [
                        {
                            "version": "2:1.11.3-3.rhaos4.13.el9",
                            "lessThan": "*",
                            "versionType": "rpm",
                            "status": "unaffected"
                        }
                    ],
                    "cpes": [
                        "cpe:/a:redhat:openshift:4.13::el8",
                        "cpe:/a:redhat:openshift_ironic:4.13::el9",
                        "cpe:/a:redhat:openshift:4.13::el9"
                    ]
                },
                {
                    "vendor": "Red Hat",
                    "product": "Red Hat OpenShift Container Platform 4.14",
                    "collectionURL": "https://catalog.redhat.com/software/containers/",
                    "packageName": "openshift4/ose-operator-lifecycle-manager",
                    "defaultStatus": "affected",
                    "versions": [
                        {
                            "version": "v4.14.0-202407260439.p0.g8d9b39e.assembly.stream.el8",
                            "lessThan": "*",
                            "versionType": "rpm",
                            "status": "unaffected"
                        }
                    ],
                    "cpes": [
                        "cpe:/a:redhat:openshift:4.14::el9",
                        "cpe:/a:redhat:openshift:4.14::el8"
                    ]
                },
                {
                    "vendor": "Red Hat",
                    "product": "Red Hat OpenShift Container Platform 4.14",
                    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
                    "packageName": "podman",
                    "defaultStatus": "affected",
                    "versions": [
                        {
                            "version": "3:4.4.1-19.rhaos4.14.el9",
                            "lessThan": "*",
                            "versionType": "rpm",
                            "status": "unaffected"
                        }
                    ],
                    "cpes": [
                        "cpe:/a:redhat:openshift_ironic:4.14::el9",
                        "cpe:/a:redhat:openshift:4.14::el9",
                        "cpe:/a:redhat:openshift:4.14::el8"
                    ]
                },
                {
                    "vendor": "Red Hat",
                    "product": "Red Hat OpenShift Container Platform 4.14",
                    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
                    "packageName": "skopeo",
                    "defaultStatus": "affected",
                    "versions": [
                        {
                            "version": "2:1.11.3-3.rhaos4.14.el8",
                            "lessThan": "*",
                            "versionType": "rpm",
                            "status": "unaffected"
                        }
                    ],
                    "cpes": [
                        "cpe:/a:redhat:openshift_ironic:4.14::el9",
                        "cpe:/a:redhat:openshift:4.14::el9",
                        "cpe:/a:redhat:openshift:4.14::el8"
                    ]
                },
                {
                    "vendor": "Red Hat",
                    "product": "Red Hat OpenShift Container Platform 4.15",
                    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
                    "packageName": "podman",
                    "defaultStatus": "affected",
                    "versions": [
                        {
                            "version": "3:4.4.1-30.rhaos4.15.el8",
                            "lessThan": "*",
                            "versionType": "rpm",
                            "status": "unaffected"
                        }
                    ],
                    "cpes": [
                        "cpe:/a:redhat:openshift:4.15::el9",
                        "cpe:/a:redhat:openshift_ironic:4.15::el9",
                        "cpe:/a:redhat:openshift:4.15::el8"
                    ]
                },
                {
                    "vendor": "Red Hat",
                    "product": "Red Hat OpenShift Container Platform 4.15",
                    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
                    "packageName": "skopeo",
                    "defaultStatus": "affected",
                    "versions": [
                        {
                            "version": "2:1.11.3-4.rhaos4.15.el9",
                            "lessThan": "*",
                            "versionType": "rpm",
                            "status": "unaffected"
                        }
                    ],
                    "cpes": [
                        "cpe:/a:redhat:openshift:4.15::el9",
                        "cpe:/a:redhat:openshift_ironic:4.15::el9",
                        "cpe:/a:redhat:openshift:4.15::el8"
                    ]
                },
                {
                    "vendor": "Red Hat",
                    "product": "Red Hat OpenShift Container Platform 4.15",
                    "collectionURL": "https://catalog.redhat.com/software/containers/",
                    "packageName": "openshift4/ose-operator-lifecycle-manager-rhel9",
                    "defaultStatus": "affected",
                    "versions": [
                        {
                            "version": "v4.15.0-202407230407.p0.gf3f8de5.assembly.stream.el9",
                            "lessThan": "*",
                            "versionType": "rpm",
                            "status": "unaffected"
                        }
                    ],
                    "cpes": [
                        "cpe:/a:redhat:openshift:4.15::el9",
                        "cpe:/a:redhat:openshift:4.15::el8"
                    ]
                },
                {
                    "vendor": "Red Hat",
                    "product": "Red Hat OpenShift Container Platform 4.16",
                    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
                    "packageName": "podman",
                    "defaultStatus": "affected",
                    "versions": [
                        {
                            "version": "4:4.9.4-5.1.rhaos4.16.el9",
                            "lessThan": "*",
                            "versionType": "rpm",
                            "status": "unaffected"
                        }
                    ],
                    "cpes": [
                        "cpe:/a:redhat:openshift:4.16::el8",
                        "cpe:/a:redhat:openshift:4.16::el9",
                        "cpe:/a:redhat:openshift_ironic:4.16::el9"
                    ]
                },
                {
                    "vendor": "Red Hat",
                    "product": "Red Hat OpenShift Container Platform 4.16",
                    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
                    "packageName": "skopeo",
                    "defaultStatus": "affected",
                    "versions": [
                        {
                            "version": "2:1.14.4-1.rhaos4.16.el8",
                            "lessThan": "*",
                            "versionType": "rpm",
                            "status": "unaffected"
                        }
                    ],
                    "cpes": [
                        "cpe:/a:redhat:openshift:4.16::el8",
                        "cpe:/a:redhat:openshift:4.16::el9",
                        "cpe:/a:redhat:openshift_ironic:4.16::el9"
                    ]
                },
                {
                    "vendor": "Red Hat",
                    "product": "Red Hat OpenShift Container Platform 4.16",
                    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
                    "packageName": "cri-o",
                    "defaultStatus": "affected",
                    "versions": [
                        {
                            "version": "0:1.29.5-7.rhaos4.16.git7db4ada.el8",
                            "lessThan": "*",
                            "versionType": "rpm",
                            "status": "unaffected"
                        }
                    ],
                    "cpes": [
                        "cpe:/a:redhat:openshift:4.16::el8",
                        "cpe:/a:redhat:openshift:4.16::el9"
                    ]
                },
                {
                    "vendor": "Red Hat",
                    "product": "Red Hat OpenShift Container Platform 4.16",
                    "collectionURL": "https://catalog.redhat.com/software/containers/",
                    "packageName": "openshift4/ose-operator-lifecycle-manager-rhel9",
                    "defaultStatus": "affected",
                    "versions": [
                        {
                            "version": "v4.16.0-202407171536.p0.g1551101.assembly.stream.el9",
                            "lessThan": "*",
                            "versionType": "rpm",
                            "status": "unaffected"
                        }
                    ],
                    "cpes": [
                        "cpe:/a:redhat:openshift:4.16::el9"
                    ]
                },
                {
                    "vendor": "Red Hat",
                    "product": "Red Hat OpenShift Container Platform 4.16",
                    "collectionURL": "https://catalog.redhat.com/software/containers/",
                    "packageName": "openshift4/ose-machine-config-rhel9-operator",
                    "defaultStatus": "affected",
                    "versions": [
                        {
                            "version": "v4.16.0-202409162206.p0.g6a425ab.assembly.stream.el9",
                            "lessThan": "*",
                            "versionType": "rpm",
                            "status": "unaffected"
                        }
                    ],
                    "cpes": [
                        "cpe:/a:redhat:openshift:4.16::el9"
                    ]
                },
                {
                    "vendor": "Red Hat",
                    "product": "Red Hat OpenShift Container Platform 4.16",
                    "collectionURL": "https://catalog.redhat.com/software/containers/",
                    "packageName": "openshift4/ose-agent-installer-orchestrator-rhel9",
                    "defaultStatus": "affected",
                    "versions": [
                        {
                            "version": "v4.16.0-202409231504.p0.g342902b.assembly.stream.el9",
                            "lessThan": "*",
                            "versionType": "rpm",
                            "status": "unaffected"
                        }
                    ],
                    "cpes": [
                        "cpe:/a:redhat:openshift:4.16::el9"
                    ]
                },
                {
                    "vendor": "Red Hat",
                    "product": "Red Hat OpenShift Container Platform 4.16",
                    "collectionURL": "https://catalog.redhat.com/software/containers/",
                    "packageName": "openshift4/ose-agent-installer-node-agent-rhel9",
                    "defaultStatus": "affected",
                    "versions": [
                        {
                            "version": "v4.16.0-202410172201.p0.gb121e87.assembly.stream.el9",
                            "lessThan": "*",
                            "versionType": "rpm",
                            "status": "unaffected"
                        }
                    ],
                    "cpes": [
                        "cpe:/a:redhat:openshift:4.16::el9"
                    ]
                },
                {
                    "vendor": "Red Hat",
                    "product": "Red Hat OpenShift Container Platform 4.17",
                    "collectionURL": "https://catalog.redhat.com/software/containers/",
                    "packageName": "openshift4/ose-machine-config-rhel9-operator",
                    "defaultStatus": "affected",
                    "versions": [
                        {
                            "version": "v4.17.0-202409122005.p0.gb170ad0.assembly.stream.el9",
                            "lessThan": "*",
                            "versionType": "rpm",
                            "status": "unaffected"
                        }
                    ],
                    "cpes": [
                        "cpe:/a:redhat:openshift:4.17::el9"
                    ]
                },
                {
                    "vendor": "Red Hat",
                    "product": "Red Hat OpenShift Container Platform 4.17",
                    "collectionURL": "https://catalog.redhat.com/software/containers/",
                    "packageName": "openshift4/ose-olm-operator-controller-rhel9",
                    "defaultStatus": "affected",
                    "versions": [
                        {
                            "version": "v4.17.0-202409100034.p0.g8d16b39.assembly.stream.el9",
                            "lessThan": "*",
                            "versionType": "rpm",
                            "status": "unaffected"
                        }
                    ],
                    "cpes": [
                        "cpe:/a:redhat:openshift:4.17::el9"
                    ]
                },
                {
                    "vendor": "Red Hat",
                    "product": "Red Hat OpenShift Container Platform 4.17",
                    "collectionURL": "https://catalog.redhat.com/software/containers/",
                    "packageName": "openshift4/ose-operator-lifecycle-manager-rhel9",
                    "defaultStatus": "affected",
                    "versions": [
                        {
                            "version": "v4.17.0-202409101338.p0.gb0d86a0.assembly.stream.el9",
                            "lessThan": "*",
                            "versionType": "rpm",
                            "status": "unaffected"
                        }
                    ],
                    "cpes": [
                        "cpe:/a:redhat:openshift:4.17::el9"
                    ]
                },
                {
                    "vendor": "Red Hat",
                    "product": "Red Hat OpenShift Container Platform 4.17",
                    "collectionURL": "https://catalog.redhat.com/software/containers/",
                    "packageName": "openshift4/ose-operator-registry-rhel9",
                    "defaultStatus": "affected",
                    "versions": [
                        {
                            "version": "v4.17.0-202409101338.p0.gb0d86a0.assembly.stream.el9",
                            "lessThan": "*",
                            "versionType": "rpm",
                            "status": "unaffected"
                        }
                    ],
                    "cpes": [
                        "cpe:/a:redhat:openshift:4.17::el9"
                    ]
                },
                {
                    "vendor": "Red Hat",
                    "product": "Red Hat OpenShift Container Platform 4.17",
                    "collectionURL": "https://catalog.redhat.com/software/containers/",
                    "packageName": "openshift4/ose-agent-installer-orchestrator-rhel9",
                    "defaultStatus": "affected",
                    "versions": [
                        {
                            "version": "v4.17.0-202410022234.p0.gfbc55c6.assembly.stream.el9",
                            "lessThan": "*",
                            "versionType": "rpm",
                            "status": "unaffected"
                        }
                    ],
                    "cpes": [
                        "cpe:/a:redhat:openshift:4.17::el9"
                    ]
                },
                {
                    "vendor": "Red Hat",
                    "product": "RHEL-9-CNV-4.15",
                    "collectionURL": "https://catalog.redhat.com/software/containers/",
                    "packageName": "container-native-virtualization/virt-cdi-controller-rhel9",
                    "defaultStatus": "affected",
                    "versions": [
                        {
                            "version": "v4.15.5-7",
                            "lessThan": "*",
                            "versionType": "rpm",
                            "status": "unaffected"
                        }
                    ],
                    "cpes": [
                        "cpe:/a:redhat:container_native_virtualization:4.15::el9"
                    ]
                },
                {
                    "vendor": "Red Hat",
                    "product": "Multicluster Engine for Kubernetes",
                    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
                    "packageName": "multicluster-engine/agent-service-rhel8",
                    "defaultStatus": "unaffected",
                    "cpes": [
                        "cpe:/a:redhat:multicluster_engine"
                    ]
                },
                {
                    "vendor": "Red Hat",
                    "product": "Multicluster Engine for Kubernetes",
                    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
                    "packageName": "multicluster-engine/assisted-installer-agent-rhel8",
                    "defaultStatus": "unaffected",
                    "cpes": [
                        "cpe:/a:redhat:multicluster_engine"
                    ]
                },
                {
                    "vendor": "Red Hat",
                    "product": "Multicluster Engine for Kubernetes",
                    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
                    "packageName": "multicluster-engine/assisted-installer-reporter-rhel8",
                    "defaultStatus": "unaffected",
                    "cpes": [
                        "cpe:/a:redhat:multicluster_engine"
                    ]
                },
                {
                    "vendor": "Red Hat",
                    "product": "Multicluster Engine for Kubernetes",
                    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
                    "packageName": "multicluster-engine/assisted-installer-rhel8",
                    "defaultStatus": "unaffected",
                    "cpes": [
                        "cpe:/a:redhat:multicluster_engine"
                    ]
                },
                {
                    "vendor": "Red Hat",
                    "product": "Multicluster Engine for Kubernetes",
                    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
                    "packageName": "multicluster-engine/hive-rhel8",
                    "defaultStatus": "unaffected",
                    "cpes": [
                        "cpe:/a:redhat:multicluster_engine"
                    ]
                },
                {
                    "vendor": "Red Hat",
                    "product": "OpenShift API for Data Protection",
                    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
                    "packageName": "oadp/oadp-velero-plugin-rhel8",
                    "defaultStatus": "affected",
                    "cpes": [
                        "cpe:/a:redhat:openshift_api_data_protection:1"
                    ]
                },
                {
                    "vendor": "Red Hat",
                    "product": "OpenShift Developer Tools and Services",
                    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
                    "packageName": "ocp-tools-4/jenkins-agent-base-rhel8",
                    "defaultStatus": "affected",
                    "cpes": [
                        "cpe:/a:redhat:ocp_tools"
                    ]
                },
                {
                    "vendor": "Red Hat",
                    "product": "OpenShift Developer Tools and Services",
                    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
                    "packageName": "ocp-tools-4/jenkins-rhel8",
                    "defaultStatus": "affected",
                    "cpes": [
                        "cpe:/a:redhat:ocp_tools"
                    ]
                },
                {
                    "vendor": "Red Hat",
                    "product": "OpenShift Serverless",
                    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
                    "packageName": "openshift-serverless-1/client-kn-rhel8",
                    "defaultStatus": "affected",
                    "cpes": [
                        "cpe:/a:redhat:serverless:1"
                    ]
                },
                {
                    "vendor": "Red Hat",
                    "product": "OpenShift Serverless",
                    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
                    "packageName": "openshift-serverless-clients",
                    "defaultStatus": "affected",
                    "cpes": [
                        "cpe:/a:redhat:serverless:1"
                    ]
                },
                {
                    "vendor": "Red Hat",
                    "product": "OpenShift Source-to-Image (S2I)",
                    "collectionURL": "https://catalog.redhat.com/software/containers/",
                    "packageName": "source-to-image-container",
                    "defaultStatus": "affected",
                    "cpes": [
                        "cpe:/a:redhat:source_to_image:1"
                    ]
                },
                {
                    "vendor": "Red Hat",
                    "product": "Red Hat Advanced Cluster Management for Kubernetes 2",
                    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
                    "packageName": "rhacm2/submariner-rhel8-operator",
                    "defaultStatus": "unaffected",
                    "cpes": [
                        "cpe:/a:redhat:acm:2"
                    ]
                },
                {
                    "vendor": "Red Hat",
                    "product": "Red Hat Advanced Cluster Security 3",
                    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
                    "packageName": "advanced-cluster-security/rhacs-central-db-rhel8",
                    "defaultStatus": "affected",
                    "cpes": [
                        "cpe:/a:redhat:advanced_cluster_security:3"
                    ]
                },
                {
                    "vendor": "Red Hat",
                    "product": "Red Hat Advanced Cluster Security 3",
                    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
                    "packageName": "advanced-cluster-security/rhacs-main-rhel8",
                    "defaultStatus": "affected",
                    "cpes": [
                        "cpe:/a:redhat:advanced_cluster_security:3"
                    ]
                },
                {
                    "vendor": "Red Hat",
                    "product": "Red Hat Advanced Cluster Security 3",
                    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
                    "packageName": "advanced-cluster-security/rhacs-rhel8-operator",
                    "defaultStatus": "affected",
                    "cpes": [
                        "cpe:/a:redhat:advanced_cluster_security:3"
                    ]
                },
                {
                    "vendor": "Red Hat",
                    "product": "Red Hat Advanced Cluster Security 3",
                    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
                    "packageName": "advanced-cluster-security/rhacs-roxctl-rhel8",
                    "defaultStatus": "affected",
                    "cpes": [
                        "cpe:/a:redhat:advanced_cluster_security:3"
                    ]
                },
                {
                    "vendor": "Red Hat",
                    "product": "Red Hat Advanced Cluster Security 3",
                    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
                    "packageName": "advanced-cluster-security/rhacs-scanner-db-rhel8",
                    "defaultStatus": "affected",
                    "cpes": [
                        "cpe:/a:redhat:advanced_cluster_security:3"
                    ]
                },
                {
                    "vendor": "Red Hat",
                    "product": "Red Hat Advanced Cluster Security 3",
                    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
                    "packageName": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8",
                    "defaultStatus": "affected",
                    "cpes": [
                        "cpe:/a:redhat:advanced_cluster_security:3"
                    ]
                },
                {
                    "vendor": "Red Hat",
                    "product": "Red Hat Advanced Cluster Security 3",
                    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
                    "packageName": "advanced-cluster-security/rhacs-scanner-rhel8",
                    "defaultStatus": "affected",
                    "cpes": [
                        "cpe:/a:redhat:advanced_cluster_security:3"
                    ]
                },
                {
                    "vendor": "Red Hat",
                    "product": "Red Hat Advanced Cluster Security 3",
                    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
                    "packageName": "advanced-cluster-security/rhacs-scanner-slim-rhel8",
                    "defaultStatus": "affected",
                    "cpes": [
                        "cpe:/a:redhat:advanced_cluster_security:3"
                    ]
                },
                {
                    "vendor": "Red Hat",
                    "product": "Red Hat Ansible Automation Platform 1.2",
                    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
                    "packageName": "openshift-clients",
                    "defaultStatus": "unaffected",
                    "cpes": [
                        "cpe:/a:redhat:ansible_automation_platform"
                    ]
                },
                {
                    "vendor": "Red Hat",
                    "product": "Red Hat Ansible Automation Platform 2",
                    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
                    "packageName": "openshift-clients",
                    "defaultStatus": "unaffected",
                    "cpes": [
                        "cpe:/a:redhat:ansible_automation_platform:2"
                    ]
                },
                {
                    "vendor": "Red Hat",
                    "product": "Red Hat Enterprise Linux 7",
                    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
                    "packageName": "buildah",
                    "defaultStatus": "unknown",
                    "cpes": [
                        "cpe:/o:redhat:enterprise_linux:7"
                    ]
                },
                {
                    "vendor": "Red Hat",
                    "product": "Red Hat Enterprise Linux 7",
                    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
                    "packageName": "podman",
                    "defaultStatus": "unknown",
                    "cpes": [
                        "cpe:/o:redhat:enterprise_linux:7"
                    ]
                },
                {
                    "vendor": "Red Hat",
                    "product": "Red Hat Enterprise Linux 7",
                    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
                    "packageName": "skopeo",
                    "defaultStatus": "unknown",
                    "cpes": [
                        "cpe:/o:redhat:enterprise_linux:7"
                    ]
                },
                {
                    "vendor": "Red Hat",
                    "product": "Red Hat Enterprise Linux 8",
                    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
                    "packageName": "container-tools:4.0/buildah",
                    "defaultStatus": "unaffected",
                    "cpes": [
                        "cpe:/o:redhat:enterprise_linux:8"
                    ]
                },
                {
                    "vendor": "Red Hat",
                    "product": "Red Hat Enterprise Linux 8",
                    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
                    "packageName": "container-tools:4.0/conmon",
                    "defaultStatus": "unaffected",
                    "cpes": [
                        "cpe:/o:redhat:enterprise_linux:8"
                    ]
                },
                {
                    "vendor": "Red Hat",
                    "product": "Red Hat Enterprise Linux 8",
                    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
                    "packageName": "container-tools:4.0/containers-common",
                    "defaultStatus": "unaffected",
                    "cpes": [
                        "cpe:/o:redhat:enterprise_linux:8"
                    ]
                },
                {
                    "vendor": "Red Hat",
                    "product": "Red Hat Enterprise Linux 8",
                    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
                    "packageName": "container-tools:4.0/podman",
                    "defaultStatus": "affected",
                    "cpes": [
                        "cpe:/o:redhat:enterprise_linux:8"
                    ]
                },
                {
                    "vendor": "Red Hat",
                    "product": "Red Hat Enterprise Linux 8",
                    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
                    "packageName": "container-tools:4.0/skopeo",
                    "defaultStatus": "unaffected",
                    "cpes": [
                        "cpe:/o:redhat:enterprise_linux:8"
                    ]
                },
                {
                    "vendor": "Red Hat",
                    "product": "Red Hat Enterprise Linux 8",
                    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
                    "packageName": "osbuild-composer",
                    "defaultStatus": "affected",
                    "cpes": [
                        "cpe:/o:redhat:enterprise_linux:8"
                    ]
                },
                {
                    "vendor": "Red Hat",
                    "product": "Red Hat Enterprise Linux 9",
                    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
                    "packageName": "buildah",
                    "defaultStatus": "affected",
                    "cpes": [
                        "cpe:/o:redhat:enterprise_linux:9"
                    ]
                },
                {
                    "vendor": "Red Hat",
                    "product": "Red Hat Enterprise Linux 9",
                    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
                    "packageName": "conmon",
                    "defaultStatus": "unaffected",
                    "cpes": [
                        "cpe:/o:redhat:enterprise_linux:9"
                    ]
                },
                {
                    "vendor": "Red Hat",
                    "product": "Red Hat Enterprise Linux 9",
                    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
                    "packageName": "containers-common",
                    "defaultStatus": "unaffected",
                    "cpes": [
                        "cpe:/o:redhat:enterprise_linux:9"
                    ]
                },
                {
                    "vendor": "Red Hat",
                    "product": "Red Hat Enterprise Linux 9",
                    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
                    "packageName": "osbuild-composer",
                    "defaultStatus": "affected",
                    "cpes": [
                        "cpe:/o:redhat:enterprise_linux:9"
                    ]
                },
                {
                    "vendor": "Red Hat",
                    "product": "Red Hat Enterprise Linux 9",
                    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
                    "packageName": "podman",
                    "defaultStatus": "affected",
                    "cpes": [
                        "cpe:/o:redhat:enterprise_linux:9"
                    ]
                },
                {
                    "vendor": "Red Hat",
                    "product": "Red Hat Enterprise Linux 9",
                    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
                    "packageName": "skopeo",
                    "defaultStatus": "affected",
                    "cpes": [
                        "cpe:/o:redhat:enterprise_linux:9"
                    ]
                },
                {
                    "vendor": "Red Hat",
                    "product": "Red Hat OpenShift Container Platform 3.11",
                    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
                    "packageName": "atomic-openshift",
                    "defaultStatus": "unknown",
                    "cpes": [
                        "cpe:/a:redhat:openshift:3.11"
                    ]
                },
                {
                    "vendor": "Red Hat",
                    "product": "Red Hat OpenShift Container Platform 3.11",
                    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
                    "packageName": "podman",
                    "defaultStatus": "unknown",
                    "cpes": [
                        "cpe:/a:redhat:openshift:3.11"
                    ]
                },
                {
                    "vendor": "Red Hat",
                    "product": "Red Hat OpenShift Container Platform 4",
                    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
                    "packageName": "buildah",
                    "defaultStatus": "unaffected",
                    "cpes": [
                        "cpe:/a:redhat:openshift:4"
                    ]
                },
                {
                    "vendor": "Red Hat",
                    "product": "Red Hat OpenShift Container Platform 4",
                    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
                    "packageName": "conmon",
                    "defaultStatus": "unaffected",
                    "cpes": [
                        "cpe:/a:redhat:openshift:4"
                    ]
                },
                {
                    "vendor": "Red Hat",
                    "product": "Red Hat OpenShift Container Platform 4",
                    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
                    "packageName": "containers-common",
                    "defaultStatus": "unaffected",
                    "cpes": [
                        "cpe:/a:redhat:openshift:4"
                    ]
                },
                {
                    "vendor": "Red Hat",
                    "product": "Red Hat OpenShift Container Platform 4",
                    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
                    "packageName": "openshift4/oc-mirror-plugin-rhel8",
                    "defaultStatus": "affected",
                    "cpes": [
                        "cpe:/a:redhat:openshift:4"
                    ]
                },
                {
                    "vendor": "Red Hat",
                    "product": "Red Hat OpenShift Container Platform 4",
                    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
                    "packageName": "openshift4/ose-agent-installer-api-server-rhel8",
                    "defaultStatus": "affected",
                    "cpes": [
                        "cpe:/a:redhat:openshift:4"
                    ]
                },
                {
                    "vendor": "Red Hat",
                    "product": "Red Hat OpenShift Container Platform 4",
                    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
                    "packageName": "openshift4/ose-agent-installer-csr-approver-rhel8",
                    "defaultStatus": "affected",
                    "cpes": [
                        "cpe:/a:redhat:openshift:4"
                    ]
                },
                {
                    "vendor": "Red Hat",
                    "product": "Red Hat OpenShift Container Platform 4",
                    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
                    "packageName": "openshift4/ose-baremetal-installer-rhel7",
                    "defaultStatus": "unaffected",
                    "cpes": [
                        "cpe:/a:redhat:openshift:4"
                    ]
                },
                {
                    "vendor": "Red Hat",
                    "product": "Red Hat OpenShift Container Platform 4",
                    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
                    "packageName": "openshift4/ose-cli",
                    "defaultStatus": "affected",
                    "cpes": [
                        "cpe:/a:redhat:openshift:4"
                    ]
                },
                {
                    "vendor": "Red Hat",
                    "product": "Red Hat OpenShift Container Platform 4",
                    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
                    "packageName": "openshift4/ose-cli-artifacts",
                    "defaultStatus": "affected",
                    "cpes": [
                        "cpe:/a:redhat:openshift:4"
                    ]
                },
                {
                    "vendor": "Red Hat",
                    "product": "Red Hat OpenShift Container Platform 4",
                    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
                    "packageName": "openshift4/ose-deployer",
                    "defaultStatus": "affected",
                    "cpes": [
                        "cpe:/a:redhat:openshift:4"
                    ]
                },
                {
                    "vendor": "Red Hat",
                    "product": "Red Hat OpenShift Container Platform 4",
                    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
                    "packageName": "openshift4/ose-docker-builder",
                    "defaultStatus": "affected",
                    "cpes": [
                        "cpe:/a:redhat:openshift:4"
                    ]
                },
                {
                    "vendor": "Red Hat",
                    "product": "Red Hat OpenShift Container Platform 4",
                    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
                    "packageName": "openshift4/ose-installer",
                    "defaultStatus": "affected",
                    "cpes": [
                        "cpe:/a:redhat:openshift:4"
                    ]
                },
                {
                    "vendor": "Red Hat",
                    "product": "Red Hat OpenShift Container Platform 4",
                    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
                    "packageName": "openshift4/ose-installer-altinfra-rhel8",
                    "defaultStatus": "unaffected",
                    "cpes": [
                        "cpe:/a:redhat:openshift:4"
                    ]
                },
                {
                    "vendor": "Red Hat",
                    "product": "Red Hat OpenShift Container Platform 4",
                    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
                    "packageName": "openshift4/ose-installer-artifacts",
                    "defaultStatus": "unaffected",
                    "cpes": [
                        "cpe:/a:redhat:openshift:4"
                    ]
                },
                {
                    "vendor": "Red Hat",
                    "product": "Red Hat OpenShift Container Platform 4",
                    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
                    "packageName": "openshift4/ose-olm-rukpak-rhel8",
                    "defaultStatus": "affected",
                    "cpes": [
                        "cpe:/a:redhat:openshift:4"
                    ]
                },
                {
                    "vendor": "Red Hat",
                    "product": "Red Hat OpenShift Container Platform 4",
                    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
                    "packageName": "openshift4/ose-openshift-apiserver-rhel7",
                    "defaultStatus": "affected",
                    "cpes": [
                        "cpe:/a:redhat:openshift:4"
                    ]
                },
                {
                    "vendor": "Red Hat",
                    "product": "Red Hat OpenShift Container Platform 4",
                    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
                    "packageName": "openshift4/ose-openshift-controller-manager-rhel7",
                    "defaultStatus": "affected",
                    "cpes": [
                        "cpe:/a:redhat:openshift:4"
                    ]
                },
                {
                    "vendor": "Red Hat",
                    "product": "Red Hat OpenShift Container Platform 4",
                    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
                    "packageName": "openshift4/ose-openshift-proxy-pull-test-rhel8",
                    "defaultStatus": "unaffected",
                    "cpes": [
                        "cpe:/a:redhat:openshift:4"
                    ]
                },
                {
                    "vendor": "Red Hat",
                    "product": "Red Hat OpenShift Container Platform 4",
                    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
                    "packageName": "openshift4/ose-tools-rhel8",
                    "defaultStatus": "affected",
                    "cpes": [
                        "cpe:/a:redhat:openshift:4"
                    ]
                },
                {
                    "vendor": "Red Hat",
                    "product": "Red Hat OpenShift Container Platform 4",
                    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
                    "packageName": "openshift-clients",
                    "defaultStatus": "affected",
                    "cpes": [
                        "cpe:/a:redhat:openshift:4"
                    ]
                },
                {
                    "vendor": "Red Hat",
                    "product": "Red Hat OpenShift Container Platform 4",
                    "collectionURL": "https://catalog.redhat.com/software/containers/",
                    "packageName": "ose-installer-terraform-providers-container",
                    "defaultStatus": "unaffected",
                    "cpes": [
                        "cpe:/a:redhat:openshift:4"
                    ]
                },
                {
                    "vendor": "Red Hat",
                    "product": "Red Hat OpenShift Container Platform Assisted Installer",
                    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
                    "packageName": "rhai-tech-preview/assisted-installer-agent-rhel8",
                    "defaultStatus": "affected",
                    "cpes": [
                        "cpe:/a:redhat:assisted_installer:"
                    ]
                },
                {
                    "vendor": "Red Hat",
                    "product": "Red Hat OpenShift Container Platform Assisted Installer",
                    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
                    "packageName": "rhai-tech-preview/assisted-installer-reporter-rhel8",
                    "defaultStatus": "affected",
                    "cpes": [
                        "cpe:/a:redhat:assisted_installer:"
                    ]
                },
                {
                    "vendor": "Red Hat",
                    "product": "Red Hat OpenShift Container Platform Assisted Installer",
                    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
                    "packageName": "rhai-tech-preview/assisted-installer-rhel8",
                    "defaultStatus": "affected",
                    "cpes": [
                        "cpe:/a:redhat:assisted_installer:"
                    ]
                },
                {
                    "vendor": "Red Hat",
                    "product": "Red Hat OpenShift Dev Spaces",
                    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
                    "packageName": "devspaces/udi-rhel8",
                    "defaultStatus": "affected",
                    "cpes": [
                        "cpe:/a:redhat:openshift_devspaces:3::el8"
                    ]
                },
                {
                    "vendor": "Red Hat",
                    "product": "Red Hat Openshift sandboxed containers",
                    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
                    "packageName": "openshift-sandboxed-containers-tech-preview/osc-must-gather-rhel8",
                    "defaultStatus": "affected",
                    "cpes": [
                        "cpe:/a:redhat:openshift_sandboxed_containers:1"
                    ]
                },
                {
                    "vendor": "Red Hat",
                    "product": "Red Hat Openshift sandboxed containers",
                    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
                    "packageName": "openshift-sandboxed-containers-tech-preview/osc-rhel8-operator",
                    "defaultStatus": "affected",
                    "cpes": [
                        "cpe:/a:redhat:openshift_sandboxed_containers:1"
                    ]
                },
                {
                    "vendor": "Red Hat",
                    "product": "Red Hat OpenShift Virtualization 4",
                    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
                    "packageName": "container-native-virtualization/virt-cdi-apiserver",
                    "defaultStatus": "affected",
                    "cpes": [
                        "cpe:/a:redhat:container_native_virtualization:4"
                    ]
                },
                {
                    "vendor": "Red Hat",
                    "product": "Red Hat OpenShift Virtualization 4",
                    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
                    "packageName": "container-native-virtualization/virt-cdi-apiserver-rhel9",
                    "defaultStatus": "affected",
                    "cpes": [
                        "cpe:/a:redhat:container_native_virtualization:4"
                    ]
                },
                {
                    "vendor": "Red Hat",
                    "product": "Red Hat OpenShift Virtualization 4",
                    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
                    "packageName": "container-native-virtualization/virt-cdi-cloner",
                    "defaultStatus": "affected",
                    "cpes": [
                        "cpe:/a:redhat:container_native_virtualization:4"
                    ]
                },
                {
                    "vendor": "Red Hat",
                    "product": "Red Hat OpenShift Virtualization 4",
                    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
                    "packageName": "container-native-virtualization/virt-cdi-cloner-rhel9",
                    "defaultStatus": "affected",
                    "cpes": [
                        "cpe:/a:redhat:container_native_virtualization:4"
                    ]
                },
                {
                    "vendor": "Red Hat",
                    "product": "Red Hat OpenShift Virtualization 4",
                    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
                    "packageName": "container-native-virtualization/virt-cdi-controller",
                    "defaultStatus": "affected",
                    "cpes": [
                        "cpe:/a:redhat:container_native_virtualization:4"
                    ]
                },
                {
                    "vendor": "Red Hat",
                    "product": "Red Hat OpenShift Virtualization 4",
                    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
                    "packageName": "container-native-virtualization/virt-cdi-importer",
                    "defaultStatus": "affected",
                    "cpes": [
                        "cpe:/a:redhat:container_native_virtualization:4"
                    ]
                },
                {
                    "vendor": "Red Hat",
                    "product": "Red Hat OpenShift Virtualization 4",
                    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
                    "packageName": "container-native-virtualization/virt-cdi-importer-rhel9",
                    "defaultStatus": "affected",
                    "cpes": [
                        "cpe:/a:redhat:container_native_virtualization:4"
                    ]
                },
                {
                    "vendor": "Red Hat",
                    "product": "Red Hat OpenShift Virtualization 4",
                    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
                    "packageName": "container-native-virtualization/virt-cdi-operator",
                    "defaultStatus": "affected",
                    "cpes": [
                        "cpe:/a:redhat:container_native_virtualization:4"
                    ]
                },
                {
                    "vendor": "Red Hat",
                    "product": "Red Hat OpenShift Virtualization 4",
                    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
                    "packageName": "container-native-virtualization/virt-cdi-operator-rhel9",
                    "defaultStatus": "affected",
                    "cpes": [
                        "cpe:/a:redhat:container_native_virtualization:4"
                    ]
                },
                {
                    "vendor": "Red Hat",
                    "product": "Red Hat OpenShift Virtualization 4",
                    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
                    "packageName": "container-native-virtualization/virt-cdi-uploadproxy",
                    "defaultStatus": "affected",
                    "cpes": [
                        "cpe:/a:redhat:container_native_virtualization:4"
                    ]
                },
                {
                    "vendor": "Red Hat",
                    "product": "Red Hat OpenShift Virtualization 4",
                    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
                    "packageName": "container-native-virtualization/virt-cdi-uploadproxy-rhel9",
                    "defaultStatus": "affected",
                    "cpes": [
                        "cpe:/a:redhat:container_native_virtualization:4"
                    ]
                },
                {
                    "vendor": "Red Hat",
                    "product": "Red Hat OpenShift Virtualization 4",
                    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
                    "packageName": "container-native-virtualization/virt-cdi-uploadserver",
                    "defaultStatus": "affected",
                    "cpes": [
                        "cpe:/a:redhat:container_native_virtualization:4"
                    ]
                },
                {
                    "vendor": "Red Hat",
                    "product": "Red Hat OpenShift Virtualization 4",
                    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
                    "packageName": "container-native-virtualization/virt-cdi-uploadserver-rhel9",
                    "defaultStatus": "affected",
                    "cpes": [
                        "cpe:/a:redhat:container_native_virtualization:4"
                    ]
                },
                {
                    "vendor": "Red Hat",
                    "product": "Red Hat OpenStack Platform 16.2",
                    "collectionURL": "https://catalog.redhat.com/software/containers/",
                    "packageName": "osp-director-provisioner-container",
                    "defaultStatus": "affected",
                    "cpes": [
                        "cpe:/a:redhat:openstack:16.2"
                    ]
                },
                {
                    "vendor": "Red Hat",
                    "product": "Red Hat Quay 3",
                    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
                    "packageName": "quay/quay-builder-rhel8",
                    "defaultStatus": "affected",
                    "cpes": [
                        "cpe:/a:redhat:quay:3"
                    ]
                }
            ],
            "references": [
                {
                    "url": "https://access.redhat.com/errata/RHSA-2024:0045",
                    "name": "RHSA-2024:0045",
                    "tags": [
                        "vendor-advisory",
                        "x_refsource_REDHAT"
                    ]
                },
                {
                    "url": "https://access.redhat.com/errata/RHSA-2024:3718",
                    "name": "RHSA-2024:3718",
                    "tags": [
                        "vendor-advisory",
                        "x_refsource_REDHAT"
                    ]
                },
                {
                    "url": "https://access.redhat.com/errata/RHSA-2024:4159",
                    "name": "RHSA-2024:4159",
                    "tags": [
                        "vendor-advisory",
                        "x_refsource_REDHAT"
                    ]
                },
                {
                    "url": "https://access.redhat.com/errata/RHSA-2024:4613",
                    "name": "RHSA-2024:4613",
                    "tags": [
                        "vendor-advisory",
                        "x_refsource_REDHAT"
                    ]
                },
                {
                    "url": "https://access.redhat.com/errata/RHSA-2024:4850",
                    "name": "RHSA-2024:4850",
                    "tags": [
                        "vendor-advisory",
                        "x_refsource_REDHAT"
                    ]
                },
                {
                    "url": "https://access.redhat.com/errata/RHSA-2024:4960",
                    "name": "RHSA-2024:4960",
                    "tags": [
                        "vendor-advisory",
                        "x_refsource_REDHAT"
                    ]
                },
                {
                    "url": "https://access.redhat.com/errata/RHSA-2024:5258",
                    "name": "RHSA-2024:5258",
                    "tags": [
                        "vendor-advisory",
                        "x_refsource_REDHAT"
                    ]
                },
                {
                    "url": "https://access.redhat.com/errata/RHSA-2024:5951",
                    "name": "RHSA-2024:5951",
                    "tags": [
                        "vendor-advisory",
                        "x_refsource_REDHAT"
                    ]
                },
                {
                    "url": "https://access.redhat.com/errata/RHSA-2024:6054",
                    "name": "RHSA-2024:6054",
                    "tags": [
                        "vendor-advisory",
                        "x_refsource_REDHAT"
                    ]
                },
                {
                    "url": "https://access.redhat.com/errata/RHSA-2024:6708",
                    "name": "RHSA-2024:6708",
                    "tags": [
                        "vendor-advisory",
                        "x_refsource_REDHAT"
                    ]
                },
                {
                    "url": "https://access.redhat.com/errata/RHSA-2024:6824",
                    "name": "RHSA-2024:6824",
                    "tags": [
                        "vendor-advisory",
                        "x_refsource_REDHAT"
                    ]
                },
                {
                    "url": "https://access.redhat.com/errata/RHSA-2024:7164",
                    "name": "RHSA-2024:7164",
                    "tags": [
                        "vendor-advisory",
                        "x_refsource_REDHAT"
                    ]
                },
                {
                    "url": "https://access.redhat.com/errata/RHSA-2024:7174",
                    "name": "RHSA-2024:7174",
                    "tags": [
                        "vendor-advisory",
                        "x_refsource_REDHAT"
                    ]
                },
                {
                    "url": "https://access.redhat.com/errata/RHSA-2024:7182",
                    "name": "RHSA-2024:7182",
                    "tags": [
                        "vendor-advisory",
                        "x_refsource_REDHAT"
                    ]
                },
                {
                    "url": "https://access.redhat.com/errata/RHSA-2024:7187",
                    "name": "RHSA-2024:7187",
                    "tags": [
                        "vendor-advisory",
                        "x_refsource_REDHAT"
                    ]
                },
                {
                    "url": "https://access.redhat.com/errata/RHSA-2024:7922",
                    "name": "RHSA-2024:7922",
                    "tags": [
                        "vendor-advisory",
                        "x_refsource_REDHAT"
                    ]
                },
                {
                    "url": "https://access.redhat.com/errata/RHSA-2024:7941",
                    "name": "RHSA-2024:7941",
                    "tags": [
                        "vendor-advisory",
                        "x_refsource_REDHAT"
                    ]
                },
                {
                    "url": "https://access.redhat.com/errata/RHSA-2024:8260",
                    "name": "RHSA-2024:8260",
                    "tags": [
                        "vendor-advisory",
                        "x_refsource_REDHAT"
                    ]
                },
                {
                    "url": "https://access.redhat.com/security/cve/CVE-2024-3727",
                    "tags": [
                        "vdb-entry",
                        "x_refsource_REDHAT"
                    ]
                },
                {
                    "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2274767",
                    "name": "RHBZ#2274767",
                    "tags": [
                        "issue-tracking",
                        "x_refsource_REDHAT"
                    ]
                }
            ],
            "datePublic": "2024-05-09T00:00:00+00:00",
            "problemTypes": [
                {
                    "descriptions": [
                        {
                            "cweId": "CWE-354",
                            "description": "Improper Validation of Integrity Check Value",
                            "lang": "en",
                            "type": "CWE"
                        }
                    ]
                }
            ],
            "x_redhatCweChain": "CWE-354: Improper Validation of Integrity Check Value",
            "timeline": [
                {
                    "lang": "en",
                    "time": "2024-04-12T00:00:00+00:00",
                    "value": "Reported to Red Hat."
                },
                {
                    "lang": "en",
                    "time": "2024-05-09T00:00:00+00:00",
                    "value": "Made public."
                }
            ],
            "providerMetadata": {
                "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
                "shortName": "redhat",
                "dateUpdated": "2024-10-29T00:10:39.166Z"
            }
        },
        "adp": [
            {
                "title": "CISA ADP Vulnrichment",
                "metrics": [
                    {
                        "other": {
                            "type": "ssvc",
                            "content": {
                                "id": "CVE-2024-3727",
                                "role": "CISA Coordinator",
                                "options": [
                                    {
                                        "Exploitation": "none"
                                    },
                                    {
                                        "Automatable": "no"
                                    },
                                    {
                                        "Technical Impact": "partial"
                                    }
                                ],
                                "version": "2.0.3",
                                "timestamp": "2024-05-13T17:59:41.318223Z"
                            }
                        }
                    }
                ],
                "providerMetadata": {
                    "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
                    "shortName": "CISA-ADP",
                    "dateUpdated": "2024-06-04T17:33:13.046Z"
                }
            },
            {
                "providerMetadata": {
                    "orgId": "af854a3a-2127-422b-91ae-364da2661108",
                    "shortName": "CVE",
                    "dateUpdated": "2024-08-01T20:20:01.029Z"
                },
                "title": "CVE Program Container",
                "references": [
                    {
                        "url": "https://access.redhat.com/errata/RHSA-2024:0045",
                        "name": "RHSA-2024:0045",
                        "tags": [
                            "vendor-advisory",
                            "x_refsource_REDHAT",
                            "x_transferred"
                        ]
                    },
                    {
                        "url": "https://access.redhat.com/errata/RHSA-2024:4159",
                        "name": "RHSA-2024:4159",
                        "tags": [
                            "vendor-advisory",
                            "x_refsource_REDHAT",
                            "x_transferred"
                        ]
                    },
                    {
                        "url": "https://access.redhat.com/errata/RHSA-2024:4613",
                        "name": "RHSA-2024:4613",
                        "tags": [
                            "vendor-advisory",
                            "x_refsource_REDHAT",
                            "x_transferred"
                        ]
                    },
                    {
                        "url": "https://access.redhat.com/security/cve/CVE-2024-3727",
                        "tags": [
                            "vdb-entry",
                            "x_refsource_REDHAT",
                            "x_transferred"
                        ]
                    },
                    {
                        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2274767",
                        "name": "RHBZ#2274767",
                        "tags": [
                            "issue-tracking",
                            "x_refsource_REDHAT",
                            "x_transferred"
                        ]
                    },
                    {
                        "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4HEYS34N55G7NOQZKNEXZKQVNDGEICCD/",
                        "tags": [
                            "x_transferred"
                        ]
                    },
                    {
                        "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6B37TXOKTKDBE2V26X2NSP7JKNMZOFVP/",
                        "tags": [
                            "x_transferred"
                        ]
                    },
                    {
                        "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CYT3D2P3OJKISNFKOOHGY6HCUCQZYAVR/",
                        "tags": [
                            "x_transferred"
                        ]
                    },
                    {
                        "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DLND3YDQQRWVRIUPL2G5UKXP5L3VSBBT/",
                        "tags": [
                            "x_transferred"
                        ]
                    },
                    {
                        "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DTOMYERG5ND4QFDHC4ZSGCED3T3ESRSC/",
                        "tags": [
                            "x_transferred"
                        ]
                    },
                    {
                        "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FBZQ2ZRMFEUQ35235B2HWPSXGDCBZHFV/",
                        "tags": [
                            "x_transferred"
                        ]
                    },
                    {
                        "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GD2GSBQTBLYADASUBHHZV2CZPTSLIPQJ/",
                        "tags": [
                            "x_transferred"
                        ]
                    },
                    {
                        "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QFXMF3VVKIZN7ZMB7PKZCSWV6MOMTGMQ/",
                        "tags": [
                            "x_transferred"
                        ]
                    },
                    {
                        "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SFVSMR7TNLO2KPWJSW4CF64C2QMQXCIN/",
                        "tags": [
                            "x_transferred"
                        ]
                    }
                ]
            }
        ]
    },
    "dataVersion": "5.1"
}