Show
OADP-3723
ON_QA
wnstb
OADP 1.3.3
CVE-2023-45288 oadp-operator-container: golang: net/http, x/net/http2: unlimited number of CONTINUATION frames causes DoS [oadp-1.3]
CVE-2023-45288
Security
SecurityTracking
flaw:bz#2268273
pscomponent:oadp-operator-container
triaged
[ Actions
https://issues.redhat.com/rest/api/1.0/issues/15876775/ActionsAndOperations?atl_token=AQZJ-FV3A-N91S-UDEU_598320ce90ddd1f789d7c49095ba968c04eba0e9_lin]
OADP-4000
ON_QA
rjohnson@redhat.com
OADP 1.3.3
CVE-2024-24788 oadp-velero-container: golang: net: malformed DNS message can cause infinite loop [oadp-1]
CVE-2024-24788
Security
SecurityTracking
flaw:bz#2279814
pscomponent:oadp-velero-container
triaged
[ Actions
https://issues.redhat.com/rest/api/1.0/issues/15993097/ActionsAndOperations?atl_token=AQZJ-FV3A-N91S-UDEU_598320ce90ddd1f789d7c49095ba968c04eba0e9_lin]
OADP-4329
ON_QA
rjohnson@redhat.com
OADP 1.3.3
CVE-2024-24789 oadp-velero-container: golang: archive/zip: Incorrect handling of certain ZIP files [oadp-1]
CVE-2024-24789
Security
SecurityTracking
flaw:bz#2292668
pscomponent:oadp-velero-container
triaged
[ Actions
https://issues.redhat.com/rest/api/1.0/issues/16078316/ActionsAndOperations?atl_token=AQZJ-FV3A-N91S-UDEU_598320ce90ddd1f789d7c49095ba968c04eba0e9_lin]
OADP-4327
ON_QA
rjohnson@redhat.com
OADP 1.3.3
CVE-2024-24789 oadp-mustgather-container: golang: archive/zip: Incorrect handling of certain ZIP files [oadp-1]
CVE-2024-24789
Security
SecurityTracking
flaw:bz#2292668
pscomponent:oadp-mustgather-container
triaged
[ Actions
https://issues.redhat.com/rest/api/1.0/issues/16078314/ActionsAndOperations?atl_token=AQZJ-FV3A-N91S-UDEU_598320ce90ddd1f789d7c49095ba968c04eba0e9_lin]
OADP-4328
ON_QA
rjohnson@redhat.com
OADP 1.3.3
CVE-2024-24789 oadp-operator-container: golang: archive/zip: Incorrect handling of certain ZIP files [oadp-1]
CVE-2024-24789
Security
SecurityTracking
flaw:bz#2292668
pscomponent:oadp-operator-container
triaged
[ Actions
https://issues.redhat.com/rest/api/1.0/issues/16078315/ActionsAndOperations?atl_token=AQZJ-FV3A-N91S-UDEU_598320ce90ddd1f789d7c49095ba968c04eba0e9_lin]
OADP-4330
ON_QA
rjohnson@redhat.com
OADP 1.3.3
CVE-2024-24789 oadp-velero-restic-restore-helper-container: golang: archive/zip: Incorrect handling of certain ZIP files [oadp-1]
CVE-2024-24789
Security
SecurityTracking
flaw:bz#2292668
pscomponent:oadp-velero-restic-restore-helper-container
triaged
[ Actions
https://issues.redhat.com/rest/api/1.0/issues/16078317/ActionsAndOperations?atl_token=AQZJ-FV3A-N91S-UDEU_598320ce90ddd1f789d7c49095ba968c04eba0e9_lin]
OADP-4345
ON_QA
rjohnson@redhat.com
OADP 1.3.3
CVE-2024-24790 oadp-velero-container: golang: net/netip: Unexpected behavior from Is methods for IPv4-mapped IPv6 addresses [oadp-1]
CVE-2024-24790
Security
SecurityTracking
flaw:bz#2292787
pscomponent:oadp-velero-container
triaged
[ Actions
https://issues.redhat.com/rest/api/1.0/issues/16082091/ActionsAndOperations?atl_token=AQZJ-FV3A-N91S-UDEU_598320ce90ddd1f789d7c49095ba968c04eba0e9_lin]
OADP-3701
New
alitke@redhat.com
OADP 1.3.3
CVE-2024-28180 oadp-kubevirt-velero-plugin-container: jose-go: improper handling of highly compressed data [oadp-1]
CVE-2024-28180
Security
SecurityTracking
flaw:bz#2268854
pscomponent:oadp-kubevirt-velero-plugin-container
[ Actions
https://issues.redhat.com/rest/api/1.0/issues/15867083/ActionsAndOperations?atl_token=AQZJ-FV3A-N91S-UDEU_598320ce90ddd1f789d7c49095ba968c04eba0e9_lin]
OADP-3835
Closed
wnstb
OADP 1.3.3
CVE-2024-30255 oadp-velero-container: envoy: HTTP/2 CPU exhaustion due to CONTINUATION frame flood [oadp-1]
CVE-2024-30255
Security
SecurityTracking
flaw:bz#2272986
pscomponent:oadp-velero-container
[ Actions
https://issues.redhat.com/rest/api/1.0/issues/15918883/ActionsAndOperations?atl_token=AQZJ-FV3A-N91S-UDEU_598320ce90ddd1f789d7c49095ba968c04eba0e9_lin]
OADP-3836
Closed
wnstb
OADP 1.3.3
CVE-2024-30255 oadp-velero-plugin-for-gcp-container: envoy: HTTP/2 CPU exhaustion due to CONTINUATION frame flood [oadp-1]
CVE-2024-30255
Security
SecurityTracking
flaw:bz#2272986
pscomponent:oadp-velero-plugin-for-gcp-container
[ Actions
https://issues.redhat.com/rest/api/1.0/issues/15918884/ActionsAndOperations?atl_token=AQZJ-FV3A-N91S-UDEU_598320ce90ddd1f789d7c49095ba968c04eba0e9_lin]
OADP-4387
New
wnstb
OADP 1.3.3
CVE-2024-6104 oadp-kubevirt-velero-plugin-container: go-retryablehttp: url might write sensitive information to log file [oadp-1.3]
CVE-2024-6104
Security
SecurityTracking
flaw:bz#2294000