{
  "threat_severity" : "Moderate",
  "public_date" : "2018-03-24T00:00:00Z",
  "bugzilla" : {
    "description" : "satori/go.uuid: predictable UUIDs generated via insecure randomness",
    "id" : "1954376",
    "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1954376"
  },
  "cvss3" : {
    "cvss3_base_score" : "9.8",
    "cvss3_scoring_vector" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
    "status" : "draft"
  },
  "cwe" : "CWE-338",
  "details" : [ "A flaw was found in github.com/satori/go.uuid in versions from commit 0ef6afb2f6cdd6cdaeee3885a95099c63f18fc8c to d91630c8510268e75203009fe7daf2b8e1d60c45. Due to insecure randomness in the g.rand.Read function the generated UUIDs are predictable for an attacker.", "A flaw was found in github.com/satori/go.uuid. Due to insecure randomness in the g.rand.Read function the generated UUIDs are predictable for an attacker." ],
  "statement" : "For OpenShift Virtualization, github.com/satori/go.uuid is referenced in some of the projects' go.sum files, however it is only used in ovs-cni-plugin-container, where a version including the fix for this flaw is used.\nAn upstream fix has been pushed into the master branch [1], but new release was not published.\n[1] https://github.com/satori/go.uuid/commit/d91630c8510268e75203009fe7daf2b8e1d60c45",
  "package_state" : [ {
    "product_name" : "Migration Toolkit for Containers",
    "fix_state" : "Not affected",
    "package_name" : "rhmtc/openshift-migration-controller-rhel8",
    "cpe" : "cpe:/a:redhat:rhmt:1"
  }, {
    "product_name" : "Migration Toolkit for Containers",
    "fix_state" : "Not affected",
    "package_name" : "rhmtc/openshift-migration-registry-rhel8",
    "cpe" : "cpe:/a:redhat:rhmt:1"
  }, {
    "product_name" : "Migration Toolkit for Containers",
    "fix_state" : "Not affected",
    "package_name" : "rhmtc/openshift-migration-velero-plugin-for-gcp-rhel8",
    "cpe" : "cpe:/a:redhat:rhmt:1"
  }, {
    "product_name" : "Migration Toolkit for Containers",
    "fix_state" : "Not affected",
    "package_name" : "rhmtc/openshift-migration-velero-plugin-for-microsoft-azure-rhel8",
    "cpe" : "cpe:/a:redhat:rhmt:1"
  }, {
    "product_name" : "Migration Toolkit for Containers",
    "fix_state" : "Not affected",
    "package_name" : "rhmtc/openshift-migration-velero-rhel8",
    "cpe" : "cpe:/a:redhat:rhmt:1"
  }, {
    "product_name" : "Red Hat Advanced Cluster Management for Kubernetes 2",
    "fix_state" : "Not affected",
    "package_name" : "rhacm2/acm-grafana-rhel8",
    "cpe" : "cpe:/a:redhat:acm:2"
  }, {
    "product_name" : "Red Hat Advanced Cluster Management for Kubernetes 2",
    "fix_state" : "Not affected",
    "package_name" : "rhacm2/cert-policy-controller-rhel9",
    "cpe" : "cpe:/a:redhat:acm:2"
  }, {
    "product_name" : "Red Hat Advanced Cluster Management for Kubernetes 2",
    "fix_state" : "Not affected",
    "package_name" : "rhacm2/cluster-curator-controller-rhel8",
    "cpe" : "cpe:/a:redhat:acm:2"
  }, {
    "product_name" : "Red Hat Advanced Cluster Management for Kubernetes 2",
    "fix_state" : "Not affected",
    "package_name" : "rhacm2/clusterlifecycle-state-metrics-rhel8",
    "cpe" : "cpe:/a:redhat:acm:2"
  }, {
    "product_name" : "Red Hat Advanced Cluster Management for Kubernetes 2",
    "fix_state" : "Not affected",
    "package_name" : "rhacm2/config-policy-controller-rhel8",
    "cpe" : "cpe:/a:redhat:acm:2"
  }, {
    "product_name" : "Red Hat Advanced Cluster Management for Kubernetes 2",
    "fix_state" : "Not affected",
    "package_name" : "rhacm2/endpoint-monitoring-rhel8-operator",
    "cpe" : "cpe:/a:redhat:acm:2"
  }, {
    "product_name" : "Red Hat Advanced Cluster Management for Kubernetes 2",
    "fix_state" : "Not affected",
    "package_name" : "rhacm2/governance-policy-propagator-rhel9",
    "cpe" : "cpe:/a:redhat:acm:2"
  }, {
    "product_name" : "Red Hat Advanced Cluster Management for Kubernetes 2",
    "fix_state" : "Not affected",
    "package_name" : "rhacm2/governance-policy-spec-sync-rhel8",
    "cpe" : "cpe:/a:redhat:acm:2"
  }, {
    "product_name" : "Red Hat Advanced Cluster Management for Kubernetes 2",
    "fix_state" : "Not affected",
    "package_name" : "rhacm2/governance-policy-status-sync-rhel8",
    "cpe" : "cpe:/a:redhat:acm:2"
  }, {
    "product_name" : "Red Hat Advanced Cluster Management for Kubernetes 2",
    "fix_state" : "Not affected",
    "package_name" : "rhacm2/governance-policy-template-sync-rhel8",
    "cpe" : "cpe:/a:redhat:acm:2"
  }, {
    "product_name" : "Red Hat Advanced Cluster Management for Kubernetes 2",
    "fix_state" : "Not affected",
    "package_name" : "rhacm2/iam-policy-controller-rhel8",
    "cpe" : "cpe:/a:redhat:acm:2"
  }, {
    "product_name" : "Red Hat Advanced Cluster Management for Kubernetes 2",
    "fix_state" : "Not affected",
    "package_name" : "rhacm2/lighthouse-agent-rhel9",
    "cpe" : "cpe:/a:redhat:acm:2"
  }, {
    "product_name" : "Red Hat Advanced Cluster Management for Kubernetes 2",
    "fix_state" : "Not affected",
    "package_name" : "rhacm2/lighthouse-coredns-rhel8",
    "cpe" : "cpe:/a:redhat:acm:2"
  }, {
    "product_name" : "Red Hat Advanced Cluster Management for Kubernetes 2",
    "fix_state" : "Not affected",
    "package_name" : "rhacm2/managedcluster-import-controller-rhel8",
    "cpe" : "cpe:/a:redhat:acm:2"
  }, {
    "product_name" : "Red Hat Advanced Cluster Management for Kubernetes 2",
    "fix_state" : "Not affected",
    "package_name" : "rhacm2/management-ingress-rhel8",
    "cpe" : "cpe:/a:redhat:acm:2"
  }, {
    "product_name" : "Red Hat Advanced Cluster Management for Kubernetes 2",
    "fix_state" : "Not affected",
    "package_name" : "rhacm2/metrics-collector-rhel8",
    "cpe" : "cpe:/a:redhat:acm:2"
  }, {
    "product_name" : "Red Hat Advanced Cluster Management for Kubernetes 2",
    "fix_state" : "Not affected",
    "package_name" : "rhacm2/multicloud-manager-rhel8",
    "cpe" : "cpe:/a:redhat:acm:2"
  }, {
    "product_name" : "Red Hat Advanced Cluster Management for Kubernetes 2",
    "fix_state" : "Not affected",
    "package_name" : "rhacm2/multiclusterhub-repo-rhel8",
    "cpe" : "cpe:/a:redhat:acm:2"
  }, {
    "product_name" : "Red Hat Advanced Cluster Management for Kubernetes 2",
    "fix_state" : "Not affected",
    "package_name" : "rhacm2/multiclusterhub-rhel8",
    "cpe" : "cpe:/a:redhat:acm:2"
  }, {
    "product_name" : "Red Hat Advanced Cluster Management for Kubernetes 2",
    "fix_state" : "Not affected",
    "package_name" : "rhacm2/multicluster-observability-rhel9-operator",
    "cpe" : "cpe:/a:redhat:acm:2"
  }, {
    "product_name" : "Red Hat Advanced Cluster Management for Kubernetes 2",
    "fix_state" : "Not affected",
    "package_name" : "rhacm2/multicluster-operators-application-rhel9",
    "cpe" : "cpe:/a:redhat:acm:2"
  }, {
    "product_name" : "Red Hat Advanced Cluster Management for Kubernetes 2",
    "fix_state" : "Not affected",
    "package_name" : "rhacm2/multicluster-operators-channel-rhel9",
    "cpe" : "cpe:/a:redhat:acm:2"
  }, {
    "product_name" : "Red Hat Advanced Cluster Management for Kubernetes 2",
    "fix_state" : "Not affected",
    "package_name" : "rhacm2/multicluster-operators-deployable-rhel8",
    "cpe" : "cpe:/a:redhat:acm:2"
  }, {
    "product_name" : "Red Hat Advanced Cluster Management for Kubernetes 2",
    "fix_state" : "Not affected",
    "package_name" : "rhacm2/multicluster-operators-placementrule-rhel8",
    "cpe" : "cpe:/a:redhat:acm:2"
  }, {
    "product_name" : "Red Hat Advanced Cluster Management for Kubernetes 2",
    "fix_state" : "Not affected",
    "package_name" : "rhacm2/multicluster-operators-subscription-release-rhel8",
    "cpe" : "cpe:/a:redhat:acm:2"
  }, {
    "product_name" : "Red Hat Advanced Cluster Management for Kubernetes 2",
    "fix_state" : "Not affected",
    "package_name" : "rhacm2/multicluster-operators-subscription-rhel8",
    "cpe" : "cpe:/a:redhat:acm:2"
  }, {
    "product_name" : "Red Hat Advanced Cluster Management for Kubernetes 2",
    "fix_state" : "Not affected",
    "package_name" : "rhacm2/observatorium-rhel8",
    "cpe" : "cpe:/a:redhat:acm:2"
  }, {
    "product_name" : "Red Hat Advanced Cluster Management for Kubernetes 2",
    "fix_state" : "Not affected",
    "package_name" : "rhacm2/observatorium-rhel8-operator",
    "cpe" : "cpe:/a:redhat:acm:2"
  }, {
    "product_name" : "Red Hat Advanced Cluster Management for Kubernetes 2",
    "fix_state" : "Not affected",
    "package_name" : "rhacm2/openshift-hive-rhel8",
    "cpe" : "cpe:/a:redhat:acm:2"
  }, {
    "product_name" : "Red Hat Advanced Cluster Management for Kubernetes 2",
    "fix_state" : "Not affected",
    "package_name" : "rhacm2/rbac-query-proxy-rhel8",
    "cpe" : "cpe:/a:redhat:acm:2"
  }, {
    "product_name" : "Red Hat Advanced Cluster Management for Kubernetes 2",
    "fix_state" : "Not affected",
    "package_name" : "rhacm2/rcm-controller-rhel8",
    "cpe" : "cpe:/a:redhat:acm:2"
  }, {
    "product_name" : "Red Hat Advanced Cluster Management for Kubernetes 2",
    "fix_state" : "Not affected",
    "package_name" : "rhacm2/search-aggregator-rhel8",
    "cpe" : "cpe:/a:redhat:acm:2"
  }, {
    "product_name" : "Red Hat Advanced Cluster Management for Kubernetes 2",
    "fix_state" : "Not affected",
    "package_name" : "rhacm2/search-collector-rhel8",
    "cpe" : "cpe:/a:redhat:acm:2"
  }, {
    "product_name" : "Red Hat Advanced Cluster Management for Kubernetes 2",
    "fix_state" : "Not affected",
    "package_name" : "rhacm2/search-rhel8",
    "cpe" : "cpe:/a:redhat:acm:2"
  }, {
    "product_name" : "Red Hat Advanced Cluster Management for Kubernetes 2",
    "fix_state" : "Not affected",
    "package_name" : "rhacm2/subctl-rhel9",
    "cpe" : "cpe:/a:redhat:acm:2"
  }, {
    "product_name" : "Red Hat Advanced Cluster Management for Kubernetes 2",
    "fix_state" : "Not affected",
    "package_name" : "rhacm2/submariner-operator-bundle",
    "cpe" : "cpe:/a:redhat:acm:2"
  }, {
    "product_name" : "Red Hat Advanced Cluster Management for Kubernetes 2",
    "fix_state" : "Not affected",
    "package_name" : "rhacm2/submariner-rhel9-operator",
    "cpe" : "cpe:/a:redhat:acm:2"
  }, {
    "product_name" : "Red Hat Advanced Cluster Management for Kubernetes 2",
    "fix_state" : "Not affected",
    "package_name" : "rhacm2/thanos-receive-controller-rhel9",
    "cpe" : "cpe:/a:redhat:acm:2"
  }, {
    "product_name" : "Red Hat Advanced Cluster Management for Kubernetes 2",
    "fix_state" : "Not affected",
    "package_name" : "rhacm2/thanos-rhel9",
    "cpe" : "cpe:/a:redhat:acm:2"
  }, {
    "product_name" : "Red Hat OpenShift Container Platform 4",
    "fix_state" : "Not affected",
    "package_name" : "openshift",
    "cpe" : "cpe:/a:redhat:openshift:4"
  }, {
    "product_name" : "Red Hat OpenShift Container Platform 4",
    "fix_state" : "Not affected",
    "package_name" : "openshift4/cnf-tests-rhel8",
    "cpe" : "cpe:/a:redhat:openshift:4"
  }, {
    "product_name" : "Red Hat OpenShift Container Platform 4",
    "fix_state" : "Not affected",
    "package_name" : "openshift4/compliance-rhel8-operator",
    "cpe" : "cpe:/a:redhat:openshift:4"
  }, {
    "product_name" : "Red Hat OpenShift Container Platform 4",
    "fix_state" : "Not affected",
    "package_name" : "openshift4/file-integrity-rhel8-operator",
    "cpe" : "cpe:/a:redhat:openshift:4"
  }, {
    "product_name" : "Red Hat OpenShift Container Platform 4",
    "fix_state" : "Not affected",
    "package_name" : "openshift4/ose-baremetal-installer-rhel8",
    "cpe" : "cpe:/a:redhat:openshift:4"
  }, {
    "product_name" : "Red Hat OpenShift Container Platform 4",
    "fix_state" : "Not affected",
    "package_name" : "openshift4/ose-cloud-credential-operator",
    "cpe" : "cpe:/a:redhat:openshift:4"
  }, {
    "product_name" : "Red Hat OpenShift Container Platform 4",
    "fix_state" : "Not affected",
    "package_name" : "openshift4/ose-docker-registry",
    "cpe" : "cpe:/a:redhat:openshift:4"
  }, {
    "product_name" : "Red Hat OpenShift Container Platform 4",
    "fix_state" : "Not affected",
    "package_name" : "openshift4/ose-hello-openshift-rhel8",
    "cpe" : "cpe:/a:redhat:openshift:4"
  }, {
    "product_name" : "Red Hat OpenShift Container Platform 4",
    "fix_state" : "Not affected",
    "package_name" : "openshift4/ose-hyperkube",
    "cpe" : "cpe:/a:redhat:openshift:4"
  }, {
    "product_name" : "Red Hat OpenShift Container Platform 4",
    "fix_state" : "Not affected",
    "package_name" : "openshift4/ose-installer",
    "cpe" : "cpe:/a:redhat:openshift:4"
  }, {
    "product_name" : "Red Hat OpenShift Container Platform 4",
    "fix_state" : "Not affected",
    "package_name" : "openshift4/ose-installer-artifacts-rhel9",
    "cpe" : "cpe:/a:redhat:openshift:4"
  }, {
    "product_name" : "Red Hat OpenShift Container Platform 4",
    "fix_state" : "Not affected",
    "package_name" : "openshift4/ose-operator-registry",
    "cpe" : "cpe:/a:redhat:openshift:4"
  }, {
    "product_name" : "Red Hat OpenShift Container Platform 4",
    "fix_state" : "Not affected",
    "package_name" : "openshift4/ose-prometheus-alertmanager",
    "cpe" : "cpe:/a:redhat:openshift:4"
  }, {
    "product_name" : "Red Hat OpenShift Container Platform 4",
    "fix_state" : "Not affected",
    "package_name" : "openshift4/ose-telemeter",
    "cpe" : "cpe:/a:redhat:openshift:4"
  }, {
    "product_name" : "Red Hat OpenShift Container Platform 4",
    "fix_state" : "Not affected",
    "package_name" : "openshift4/ose-tests",
    "cpe" : "cpe:/a:redhat:openshift:4"
  }, {
    "product_name" : "Red Hat OpenShift Container Platform 4",
    "fix_state" : "Not affected",
    "package_name" : "openshift4-wincw/windows-machine-config-rhel8-operator",
    "cpe" : "cpe:/a:redhat:openshift:4"
  }, {
    "product_name" : "Red Hat OpenShift Container Platform Assisted Installer 1",
    "fix_state" : "Not affected",
    "package_name" : "rhai-tech-preview/assisted-installer-agent-rhel8",
    "cpe" : "cpe:/a:redhat:assisted_installer:1"
  }, {
    "product_name" : "Red Hat OpenShift Container Platform Assisted Installer 1",
    "fix_state" : "Not affected",
    "package_name" : "rhai-tech-preview/assisted-installer-reporter-rhel8",
    "cpe" : "cpe:/a:redhat:assisted_installer:1"
  }, {
    "product_name" : "Red Hat OpenShift Container Platform Assisted Installer 1",
    "fix_state" : "Not affected",
    "package_name" : "rhai-tech-preview/assisted-installer-rhel8",
    "cpe" : "cpe:/a:redhat:assisted_installer:1"
  }, {
    "product_name" : "Red Hat Openshift Container Storage 4",
    "fix_state" : "Not affected",
    "package_name" : "mcg",
    "cpe" : "cpe:/a:redhat:openshift_container_storage:4"
  }, {
    "product_name" : "Red Hat Openshift Container Storage 4",
    "fix_state" : "Not affected",
    "package_name" : "ocs4/cephcsi-rhel8",
    "cpe" : "cpe:/a:redhat:openshift_container_storage:4"
  }, {
    "product_name" : "Red Hat Openshift Container Storage 4",
    "fix_state" : "Not affected",
    "package_name" : "ocs4/mcg-rhel8-operator",
    "cpe" : "cpe:/a:redhat:openshift_container_storage:4"
  }, {
    "product_name" : "Red Hat Openshift Container Storage 4",
    "fix_state" : "Not affected",
    "package_name" : "ocs4/ocs-must-gather-rhel8",
    "cpe" : "cpe:/a:redhat:openshift_container_storage:4"
  }, {
    "product_name" : "Red Hat Openshift Container Storage 4",
    "fix_state" : "Not affected",
    "package_name" : "ocs4/ocs-rhel8-operator",
    "cpe" : "cpe:/a:redhat:openshift_container_storage:4"
  }, {
    "product_name" : "Red Hat Openshift Container Storage 4",
    "fix_state" : "Not affected",
    "package_name" : "ocs4/rook-ceph-rhel8-operator",
    "cpe" : "cpe:/a:redhat:openshift_container_storage:4"
  }, {
    "product_name" : "Red Hat OpenShift Virtualization 2",
    "fix_state" : "Not affected",
    "package_name" : "cluster-network-addons-operator-container",
    "cpe" : "cpe:/a:redhat:container_native_virtualization:2"
  }, {
    "product_name" : "Red Hat OpenShift Virtualization 2",
    "fix_state" : "Not affected",
    "package_name" : "cnv-containernetworking-plugins-container",
    "cpe" : "cpe:/a:redhat:container_native_virtualization:2"
  }, {
    "product_name" : "Red Hat OpenShift Virtualization 2",
    "fix_state" : "Not affected",
    "package_name" : "container-native-virtualization/vm-import-controller",
    "cpe" : "cpe:/a:redhat:container_native_virtualization:2"
  }, {
    "product_name" : "Red Hat OpenShift Virtualization 2",
    "fix_state" : "Not affected",
    "package_name" : "container-native-virtualization/vm-import-controller-rhel8",
    "cpe" : "cpe:/a:redhat:container_native_virtualization:2"
  }, {
    "product_name" : "Red Hat OpenShift Virtualization 2",
    "fix_state" : "Not affected",
    "package_name" : "hostpath-provisioner-operator-container",
    "cpe" : "cpe:/a:redhat:container_native_virtualization:2"
  }, {
    "product_name" : "Red Hat OpenShift Virtualization 2",
    "fix_state" : "Not affected",
    "package_name" : "hyperconverged-cluster-operator-container",
    "cpe" : "cpe:/a:redhat:container_native_virtualization:2"
  }, {
    "product_name" : "Red Hat OpenShift Virtualization 2",
    "fix_state" : "Not affected",
    "package_name" : "hyperconverged-cluster-webhook-container",
    "cpe" : "cpe:/a:redhat:container_native_virtualization:2"
  }, {
    "product_name" : "Red Hat OpenShift Virtualization 2",
    "fix_state" : "Not affected",
    "package_name" : "kubernetes-nmstate-handler-container",
    "cpe" : "cpe:/a:redhat:container_native_virtualization:2"
  }, {
    "product_name" : "Red Hat OpenShift Virtualization 2",
    "fix_state" : "Not affected",
    "package_name" : "node-maintenance-operator-container",
    "cpe" : "cpe:/a:redhat:container_native_virtualization:2"
  }, {
    "product_name" : "Red Hat OpenShift Virtualization 2",
    "fix_state" : "Not affected",
    "package_name" : "ovs-cni-marker-container",
    "cpe" : "cpe:/a:redhat:container_native_virtualization:2"
  }, {
    "product_name" : "Red Hat OpenShift Virtualization 2",
    "fix_state" : "Not affected",
    "package_name" : "ovs-cni-plugin-container",
    "cpe" : "cpe:/a:redhat:container_native_virtualization:2"
  }, {
    "product_name" : "Red Hat OpenShift Virtualization 2",
    "fix_state" : "Not affected",
    "package_name" : "vm-import-operator-container",
    "cpe" : "cpe:/a:redhat:container_native_virtualization:2"
  }, {
    "product_name" : "Red Hat OpenShift Virtualization 2",
    "fix_state" : "Not affected",
    "package_name" : "vm-import-virtv2v-container",
    "cpe" : "cpe:/a:redhat:container_native_virtualization:2"
  }, {
    "product_name" : "Red Hat OpenShift Virtualization 4",
    "fix_state" : "Not affected",
    "package_name" : "container-native-virtualization/cluster-network-addons-operator",
    "cpe" : "cpe:/a:redhat:container_native_virtualization:4"
  }, {
    "product_name" : "Red Hat OpenShift Virtualization 4",
    "fix_state" : "Not affected",
    "package_name" : "container-native-virtualization/hostpath-provisioner-rhel8-operator",
    "cpe" : "cpe:/a:redhat:container_native_virtualization:4"
  }, {
    "product_name" : "Red Hat OpenShift Virtualization 4",
    "fix_state" : "Not affected",
    "package_name" : "container-native-virtualization/hyperconverged-cluster-operator",
    "cpe" : "cpe:/a:redhat:container_native_virtualization:4"
  }, {
    "product_name" : "Red Hat OpenShift Virtualization 4",
    "fix_state" : "Not affected",
    "package_name" : "container-native-virtualization/hyperconverged-cluster-webhook-rhel8",
    "cpe" : "cpe:/a:redhat:container_native_virtualization:4"
  }, {
    "product_name" : "Red Hat OpenShift Virtualization 4",
    "fix_state" : "Not affected",
    "package_name" : "container-native-virtualization/kubernetes-nmstate-handler-rhel8",
    "cpe" : "cpe:/a:redhat:container_native_virtualization:4"
  }, {
    "product_name" : "Red Hat OpenShift Virtualization 4",
    "fix_state" : "Not affected",
    "package_name" : "container-native-virtualization/node-maintenance-operator",
    "cpe" : "cpe:/a:redhat:container_native_virtualization:4"
  }, {
    "product_name" : "Red Hat OpenShift Virtualization 4",
    "fix_state" : "Not affected",
    "package_name" : "container-native-virtualization/ovs-cni-marker",
    "cpe" : "cpe:/a:redhat:container_native_virtualization:4"
  }, {
    "product_name" : "Red Hat OpenShift Virtualization 4",
    "fix_state" : "Not affected",
    "package_name" : "container-native-virtualization/ovs-cni-plugin",
    "cpe" : "cpe:/a:redhat:container_native_virtualization:4"
  }, {
    "product_name" : "Red Hat OpenShift Virtualization 4",
    "fix_state" : "Not affected",
    "package_name" : "container-native-virtualization/vm-import-controller-rhel8",
    "cpe" : "cpe:/a:redhat:container_native_virtualization:4"
  }, {
    "product_name" : "Red Hat OpenShift Virtualization 4",
    "fix_state" : "Not affected",
    "package_name" : "container-native-virtualization/vm-import-operator-rhel8",
    "cpe" : "cpe:/a:redhat:container_native_virtualization:4"
  }, {
    "product_name" : "Red Hat OpenShift Virtualization 4",
    "fix_state" : "Not affected",
    "package_name" : "container-native-virtualization/vm-import-virtv2v-rhel8",
    "cpe" : "cpe:/a:redhat:container_native_virtualization:4"
  }, {
    "product_name" : "Red Hat OpenStack Platform 16.1",
    "fix_state" : "Not affected",
    "package_name" : "smart-gateway-container",
    "cpe" : "cpe:/a:redhat:openstack:16.1"
  }, {
    "product_name" : "Red Hat OpenStack Platform 16.2",
    "fix_state" : "Affected",
    "package_name" : "smart-gateway-container",
    "cpe" : "cpe:/a:redhat:openstack:16.2"
  }, {
    "product_name" : "Red Hat Quay 3",
    "fix_state" : "Not affected",
    "package_name" : "quay/clair-rhel8",
    "cpe" : "cpe:/a:redhat:quay:3"
  }, {
    "product_name" : "Red Hat Quay 3",
    "fix_state" : "Not affected",
    "package_name" : "quay/quay-builder-rhel8",
    "cpe" : "cpe:/a:redhat:quay:3"
  }, {
    "product_name" : "Red Hat Quay 3",
    "fix_state" : "Not affected",
    "package_name" : "quay/quay-operator-rhel8",
    "cpe" : "cpe:/a:redhat:quay:3"
  } ],
  "references" : [ "https://www.cve.org/CVERecord?id=CVE-2021-3538\nhttps://nvd.nist.gov/vuln/detail/CVE-2021-3538\nhttps://github.com/satori/go.uuid/issues/73\nhttps://snyk.io/vuln/SNYK-GOLANG-GITHUBCOMSATORIGOUUID-72488" ],
  "name" : "CVE-2021-3538",
  "csaw" : false
}