CVE-2023-2138: 
JavaScript vulnerability analysis and mitigation

A security vulnerability was identified in Red Hat OpenShift Container Platform 4.13.0 CNF vRAN extras, tracked as CVE-2023-2138. The vulnerability affects multiple components including ztp-site-generate-container, topology-aware-lifecycle-manager, and bare-metal-event-relay (Red Hat Advisory).

The vulnerability was addressed in a security update released on May 18, 2023. Red Hat Product Security rated this update as having a security impact of Moderate. The issue affects multiple architectures including x86_64, ppc64le, s390x, and aarch64 platforms (Red Hat Advisory).

The vulnerability affects Red Hat OpenShift Container Platform 4.13 and 4.10 versions across multiple architectures including RHEL 8 x86_64, Power, IBM Z and LinuxONE, and ARM 64 platforms (Red Hat Advisory).

Red Hat has released security updates to address this vulnerability. Users are advised to upgrade to the updated packages and images. The fix includes updates to various components including bare-metal-event-relay-operator-bundle, topology-aware-lifecycle-manager, and ztp-site-generate-rhel8 (Red Hat Advisory).