Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2020-16845 (GCVE-0-2020-16845)
Vulnerability from cvelistv5 – Published: 2020-08-06 17:03 – Updated: 2024-08-04 13:45
VLAI
EPSS
Summary
Go before 1.13.15 and 14.x before 1.14.7 can have an infinite read loop in ReadUvarint and ReadVarint in encoding/binary via invalid inputs.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
15 references
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T13:45:33.920Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://groups.google.com/forum/#%21topic/golang-announce/_ulYYcIWg3Q"
},
{
"name": "openSUSE-SU-2020:1178",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00021.html"
},
{
"name": "openSUSE-SU-2020:1194",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00028.html"
},
{
"name": "FEDORA-2020-e384830a0d",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6RCFJTMKHY5ICGEM5BUFUEDDGSPJ25XU/"
},
{
"name": "FEDORA-2020-deff052e7a",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KWRBAH4UZJO3RROQ72SYCUPFCJFA22FO/"
},
{
"name": "FEDORA-2020-a55f130272",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TACQFZDPA7AUR6TRZBCX2RGRFSDYLI7O/"
},
{
"name": "FEDORA-2020-b190375a37",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WV2VWKFTH4EJGZBZALVUJQJOAQB5MDQ4/"
},
{
"name": "openSUSE-SU-2020:1405",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00029.html"
},
{
"name": "openSUSE-SU-2020:1407",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00030.html"
},
{
"name": "[debian-lts-announce] 20201121 [SECURITY] [DLA 2459-1] golang-1.7 security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2020/11/msg00037.html"
},
{
"name": "[debian-lts-announce] 20201121 [SECURITY] [DLA 2460-1] golang-1.8 security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2020/11/msg00038.html"
},
{
"name": "DSA-4848",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "https://www.debian.org/security/2021/dsa-4848"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.oracle.com/security-alerts/cpuApr2021.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://groups.google.com/forum/#%21topic/golang-announce/NyPIaucMgXo"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20200924-0002/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Go before 1.13.15 and 14.x before 1.14.7 can have an infinite read loop in ReadUvarint and ReadVarint in encoding/binary via invalid inputs."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-06-14T17:20:17.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://groups.google.com/forum/#%21topic/golang-announce/_ulYYcIWg3Q"
},
{
"name": "openSUSE-SU-2020:1178",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00021.html"
},
{
"name": "openSUSE-SU-2020:1194",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00028.html"
},
{
"name": "FEDORA-2020-e384830a0d",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6RCFJTMKHY5ICGEM5BUFUEDDGSPJ25XU/"
},
{
"name": "FEDORA-2020-deff052e7a",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KWRBAH4UZJO3RROQ72SYCUPFCJFA22FO/"
},
{
"name": "FEDORA-2020-a55f130272",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TACQFZDPA7AUR6TRZBCX2RGRFSDYLI7O/"
},
{
"name": "FEDORA-2020-b190375a37",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WV2VWKFTH4EJGZBZALVUJQJOAQB5MDQ4/"
},
{
"name": "openSUSE-SU-2020:1405",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00029.html"
},
{
"name": "openSUSE-SU-2020:1407",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00030.html"
},
{
"name": "[debian-lts-announce] 20201121 [SECURITY] [DLA 2459-1] golang-1.7 security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2020/11/msg00037.html"
},
{
"name": "[debian-lts-announce] 20201121 [SECURITY] [DLA 2460-1] golang-1.8 security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2020/11/msg00038.html"
},
{
"name": "DSA-4848",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "https://www.debian.org/security/2021/dsa-4848"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.oracle.com/security-alerts/cpuApr2021.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://groups.google.com/forum/#%21topic/golang-announce/NyPIaucMgXo"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://security.netapp.com/advisory/ntap-20200924-0002/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-16845",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Go before 1.13.15 and 14.x before 1.14.7 can have an infinite read loop in ReadUvarint and ReadVarint in encoding/binary via invalid inputs."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://groups.google.com/forum/#!topic/golang-announce/_ulYYcIWg3Q",
"refsource": "MISC",
"url": "https://groups.google.com/forum/#!topic/golang-announce/_ulYYcIWg3Q"
},
{
"name": "openSUSE-SU-2020:1178",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00021.html"
},
{
"name": "openSUSE-SU-2020:1194",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00028.html"
},
{
"name": "FEDORA-2020-e384830a0d",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6RCFJTMKHY5ICGEM5BUFUEDDGSPJ25XU/"
},
{
"name": "FEDORA-2020-deff052e7a",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KWRBAH4UZJO3RROQ72SYCUPFCJFA22FO/"
},
{
"name": "FEDORA-2020-a55f130272",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TACQFZDPA7AUR6TRZBCX2RGRFSDYLI7O/"
},
{
"name": "FEDORA-2020-b190375a37",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WV2VWKFTH4EJGZBZALVUJQJOAQB5MDQ4/"
},
{
"name": "openSUSE-SU-2020:1405",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00029.html"
},
{
"name": "openSUSE-SU-2020:1407",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00030.html"
},
{
"name": "[debian-lts-announce] 20201121 [SECURITY] [DLA 2459-1] golang-1.7 security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2020/11/msg00037.html"
},
{
"name": "[debian-lts-announce] 20201121 [SECURITY] [DLA 2460-1] golang-1.8 security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2020/11/msg00038.html"
},
{
"name": "DSA-4848",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2021/dsa-4848"
},
{
"name": "https://www.oracle.com/security-alerts/cpuApr2021.html",
"refsource": "MISC",
"url": "https://www.oracle.com/security-alerts/cpuApr2021.html"
},
{
"name": "https://groups.google.com/forum/#!topic/golang-announce/NyPIaucMgXo",
"refsource": "CONFIRM",
"url": "https://groups.google.com/forum/#!topic/golang-announce/NyPIaucMgXo"
},
{
"name": "https://security.netapp.com/advisory/ntap-20200924-0002/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20200924-0002/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-16845",
"datePublished": "2020-08-06T17:03:33.000Z",
"dateReserved": "2020-08-04T00:00:00.000Z",
"dateUpdated": "2024-08-04T13:45:33.920Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2020-16845",
"date": "2026-05-31",
"epss": "0.00147",
"percentile": "0.349"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2020-16845\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2020-08-06T18:15:13.700\",\"lastModified\":\"2024-11-21T05:07:15.297\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Go before 1.13.15 and 14.x before 1.14.7 can have an infinite read loop in ReadUvarint and ReadVarint in encoding/binary via invalid inputs.\"},{\"lang\":\"es\",\"value\":\"Go versiones anteriores a 1.13.15 y versiones 14.x anteriores a 1.14.7, puede presentar un bucle de lectura infinito en las funciones ReadUvarint y ReadVarint en encoding/binary por medio de entradas no v\u00e1lidas\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:N/I:N/A:P\",\"baseScore\":5.0,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":10.0,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-835\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"1.13.15\",\"matchCriteriaId\":\"C9F4422E-27A3-474D-A4AF-0BEE8AD7293C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"1.14\",\"versionEndExcluding\":\"1.14.7\",\"matchCriteriaId\":\"9A59FA2E-0F06-4EDF-9E8C-32D6F656EB54\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B620311B-34A3-48A6-82DF-6F078D7A4493\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:opensuse:leap:15.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B009C22E-30A4-4288-BCF6-C3E81DEAF45A\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DEECE5FC-CACF-4496-A3E7-164736409252\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"07B237A9-69A3-4A9C-9DA0-4E06BD37AE73\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"80F0FA5D-8D3B-4C0E-81E2-87998286AF33\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"36D96259-24BD-44E2-96D9-78CE1D41F956\"}]}]}],\"references\":[{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00021.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00028.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00029.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00030.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://groups.google.com/forum/#%21topic/golang-announce/NyPIaucMgXo\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://groups.google.com/forum/#%21topic/golang-announce/_ulYYcIWg3Q\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://lists.debian.org/debian-lts-announce/2020/11/msg00037.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2020/11/msg00038.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6RCFJTMKHY5ICGEM5BUFUEDDGSPJ25XU/\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KWRBAH4UZJO3RROQ72SYCUPFCJFA22FO/\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TACQFZDPA7AUR6TRZBCX2RGRFSDYLI7O/\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WV2VWKFTH4EJGZBZALVUJQJOAQB5MDQ4/\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://security.netapp.com/advisory/ntap-20200924-0002/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.debian.org/security/2021/dsa-4848\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com/security-alerts/cpuApr2021.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00021.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00028.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00029.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00030.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://groups.google.com/forum/#%21topic/golang-announce/NyPIaucMgXo\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://groups.google.com/forum/#%21topic/golang-announce/_ulYYcIWg3Q\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.debian.org/debian-lts-announce/2020/11/msg00037.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2020/11/msg00038.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6RCFJTMKHY5ICGEM5BUFUEDDGSPJ25XU/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KWRBAH4UZJO3RROQ72SYCUPFCJFA22FO/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TACQFZDPA7AUR6TRZBCX2RGRFSDYLI7O/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WV2VWKFTH4EJGZBZALVUJQJOAQB5MDQ4/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://security.netapp.com/advisory/ntap-20200924-0002/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.debian.org/security/2021/dsa-4848\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com/security-alerts/cpuApr2021.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]}]}}"
}
}
RHSA-2020:5606
Vulnerability from csaf_redhat - Published: 2020-12-17 05:43 - Updated: 2026-05-04 21:01Summary
Red Hat Security Advisory: Red Hat OpenShift Container Storage 4.6 bug fix and enhancement update
Severity
Moderate
Notes
Topic: An update for mcg is now available for Red Hat OpenShift Container Storage 4.6.0 on RHEL-8.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: Red Hat OpenShift Container Storage is software-defined storage integrated with and optimized for the Red Hat OpenShift Container Platform. Red Hat OpenShift Container Storage is a highly scalable, production-grade persistent storage for stateful applications running in the Red Hat OpenShift Container Platform. In addition to persistent storage, Red Hat OpenShift Container Storage provisions a multicloud data management service with an S3 compatible API.
These updated packages include numerous security fixes, bug fixes, and
enhancements.
Security Fix(es):
* golang.org/x/text: possibility to trigger an infinite loop in encoding/unicode could lead to crash (CVE-2020-14040)
* golang: data race in certain net/http servers including ReverseProxy can lead to DoS (CVE-2020-15586)
* golang: ReadUvarint and ReadVarint can read an unlimited number of bytes from invalid inputs (CVE-2020-16845)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
These updated packages include numerous bug fixes and enhancements. Users are
directed to the Red Hat OpenShift Container Storage Release Notes for
information on the most significant of these changes:
https://access.redhat.com/documentation/en-us/red_hat_openshift_container_storage/4.6/html/4.6_release_notes/index
All Red Hat OpenShift Container Storage users are advised to upgrade to these
updated packages.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A denial of service vulnerability was found in the golang.org/x/text library. A library or application must use one of the vulnerable functions, such as unicode.Transform, transform.String, or transform.Byte, to be susceptible to this vulnerability. If an attacker is able to supply specific characters or strings to the vulnerable application, there is the potential to cause an infinite loop to occur using more memory, resulting in a denial of service.
7.5 (High)
Affected products
Fixed
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RH-OCS-4.6:mcg-0:5.6.0-39.2279a46.5.6.el8.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RH-OCS-4.6:mcg-0:5.6.0-39.2279a46.5.6.el8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RH-OCS-4.6:mcg-0:5.6.0-39.2279a46.5.6.el8.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RH-OCS-4.6:mcg-0:5.6.0-39.2279a46.5.6.el8.x86_64 | — |
Vendor Fix
fix
|
Known not affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RH-OCS-4.6:tini-0:0.18.0-5.el8.ppc64le | — | ||
| Unresolved product id: 8Base-RH-OCS-4.6:tini-0:0.18.0-5.el8.s390x | — | ||
| Unresolved product id: 8Base-RH-OCS-4.6:tini-0:0.18.0-5.el8.src | — | ||
| Unresolved product id: 8Base-RH-OCS-4.6:tini-0:0.18.0-5.el8.x86_64 | — |
Threats
Impact
Moderate
A flaw was found Go's net/http package. Servers using ReverseProxy from net/http in the Go standard library are vulnerable to a data race that results in a denial of service. The highest threat from this vulnerability is to system availability.
5.9 (Medium)
Affected products
Fixed
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RH-OCS-4.6:mcg-0:5.6.0-39.2279a46.5.6.el8.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RH-OCS-4.6:mcg-0:5.6.0-39.2279a46.5.6.el8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RH-OCS-4.6:mcg-0:5.6.0-39.2279a46.5.6.el8.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RH-OCS-4.6:mcg-0:5.6.0-39.2279a46.5.6.el8.x86_64 | — |
Vendor Fix
fix
|
Known not affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RH-OCS-4.6:tini-0:0.18.0-5.el8.ppc64le | — | ||
| Unresolved product id: 8Base-RH-OCS-4.6:tini-0:0.18.0-5.el8.s390x | — | ||
| Unresolved product id: 8Base-RH-OCS-4.6:tini-0:0.18.0-5.el8.src | — | ||
| Unresolved product id: 8Base-RH-OCS-4.6:tini-0:0.18.0-5.el8.x86_64 | — |
Threats
Impact
Low
A flaw was found in the Go encoding/binary package. Certain invalid inputs to the ReadUvarint or the ReadVarint causes those functions to read an unlimited number of bytes from the ByteReader argument before returning an error. This flaw possibly leads to processing more input than expected. The highest threat from this vulnerability is to system availability.
7.5 (High)
Affected products
Fixed
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RH-OCS-4.6:mcg-0:5.6.0-39.2279a46.5.6.el8.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RH-OCS-4.6:mcg-0:5.6.0-39.2279a46.5.6.el8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RH-OCS-4.6:mcg-0:5.6.0-39.2279a46.5.6.el8.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RH-OCS-4.6:mcg-0:5.6.0-39.2279a46.5.6.el8.x86_64 | — |
Vendor Fix
fix
|
Known not affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RH-OCS-4.6:tini-0:0.18.0-5.el8.ppc64le | — | ||
| Unresolved product id: 8Base-RH-OCS-4.6:tini-0:0.18.0-5.el8.s390x | — | ||
| Unresolved product id: 8Base-RH-OCS-4.6:tini-0:0.18.0-5.el8.src | — | ||
| Unresolved product id: 8Base-RH-OCS-4.6:tini-0:0.18.0-5.el8.x86_64 | — |
Threats
Impact
Low
References
22 references
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for mcg is now available for Red Hat OpenShift Container Storage 4.6.0 on RHEL-8.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat OpenShift Container Storage is software-defined storage integrated with and optimized for the Red Hat OpenShift Container Platform. Red Hat OpenShift Container Storage is a highly scalable, production-grade persistent storage for stateful applications running in the Red Hat OpenShift Container Platform. In addition to persistent storage, Red Hat OpenShift Container Storage provisions a multicloud data management service with an S3 compatible API.\n\nThese updated packages include numerous security fixes, bug fixes, and\nenhancements.\n\nSecurity Fix(es):\n\n* golang.org/x/text: possibility to trigger an infinite loop in encoding/unicode could lead to crash (CVE-2020-14040)\n\n* golang: data race in certain net/http servers including ReverseProxy can lead to DoS (CVE-2020-15586)\n\n* golang: ReadUvarint and ReadVarint can read an unlimited number of bytes from invalid inputs (CVE-2020-16845)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nThese updated packages include numerous bug fixes and enhancements. Users are\ndirected to the Red Hat OpenShift Container Storage Release Notes for\ninformation on the most significant of these changes:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_openshift_container_storage/4.6/html/4.6_release_notes/index\n\nAll Red Hat OpenShift Container Storage users are advised to upgrade to these\nupdated packages.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2020:5606",
"url": "https://access.redhat.com/errata/RHSA-2020:5606"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "1853652",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1853652"
},
{
"category": "external",
"summary": "1856953",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1856953"
},
{
"category": "external",
"summary": "1867099",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1867099"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2020/rhsa-2020_5606.json"
}
],
"title": "Red Hat Security Advisory: Red Hat OpenShift Container Storage 4.6 bug fix and enhancement update",
"tracking": {
"current_release_date": "2026-05-04T21:01:56+00:00",
"generator": {
"date": "2026-05-04T21:01:56+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.7.9"
}
},
"id": "RHSA-2020:5606",
"initial_release_date": "2020-12-17T05:43:57+00:00",
"revision_history": [
{
"date": "2020-12-17T05:43:57+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2020-12-17T05:43:57+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-05-04T21:01:56+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat OpenShift Container Storage 4.6 on RHEL-8",
"product": {
"name": "Red Hat OpenShift Container Storage 4.6 on RHEL-8",
"product_id": "8Base-RH-OCS-4.6",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift_container_storage:4.6::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenShift Container Storage"
},
{
"branches": [
{
"category": "product_version",
"name": "tini-0:0.18.0-5.el8.src",
"product": {
"name": "tini-0:0.18.0-5.el8.src",
"product_id": "tini-0:0.18.0-5.el8.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tini@0.18.0-5.el8?arch=src"
}
}
},
{
"category": "product_version",
"name": "mcg-0:5.6.0-39.2279a46.5.6.el8.src",
"product": {
"name": "mcg-0:5.6.0-39.2279a46.5.6.el8.src",
"product_id": "mcg-0:5.6.0-39.2279a46.5.6.el8.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mcg@5.6.0-39.2279a46.5.6.el8?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "tini-0:0.18.0-5.el8.x86_64",
"product": {
"name": "tini-0:0.18.0-5.el8.x86_64",
"product_id": "tini-0:0.18.0-5.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tini@0.18.0-5.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "mcg-0:5.6.0-39.2279a46.5.6.el8.x86_64",
"product": {
"name": "mcg-0:5.6.0-39.2279a46.5.6.el8.x86_64",
"product_id": "mcg-0:5.6.0-39.2279a46.5.6.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mcg@5.6.0-39.2279a46.5.6.el8?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "tini-0:0.18.0-5.el8.s390x",
"product": {
"name": "tini-0:0.18.0-5.el8.s390x",
"product_id": "tini-0:0.18.0-5.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tini@0.18.0-5.el8?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "mcg-0:5.6.0-39.2279a46.5.6.el8.s390x",
"product": {
"name": "mcg-0:5.6.0-39.2279a46.5.6.el8.s390x",
"product_id": "mcg-0:5.6.0-39.2279a46.5.6.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mcg@5.6.0-39.2279a46.5.6.el8?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "tini-0:0.18.0-5.el8.ppc64le",
"product": {
"name": "tini-0:0.18.0-5.el8.ppc64le",
"product_id": "tini-0:0.18.0-5.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/tini@0.18.0-5.el8?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "mcg-0:5.6.0-39.2279a46.5.6.el8.ppc64le",
"product": {
"name": "mcg-0:5.6.0-39.2279a46.5.6.el8.ppc64le",
"product_id": "mcg-0:5.6.0-39.2279a46.5.6.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mcg@5.6.0-39.2279a46.5.6.el8?arch=ppc64le"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "mcg-0:5.6.0-39.2279a46.5.6.el8.ppc64le as a component of Red Hat OpenShift Container Storage 4.6 on RHEL-8",
"product_id": "8Base-RH-OCS-4.6:mcg-0:5.6.0-39.2279a46.5.6.el8.ppc64le"
},
"product_reference": "mcg-0:5.6.0-39.2279a46.5.6.el8.ppc64le",
"relates_to_product_reference": "8Base-RH-OCS-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mcg-0:5.6.0-39.2279a46.5.6.el8.s390x as a component of Red Hat OpenShift Container Storage 4.6 on RHEL-8",
"product_id": "8Base-RH-OCS-4.6:mcg-0:5.6.0-39.2279a46.5.6.el8.s390x"
},
"product_reference": "mcg-0:5.6.0-39.2279a46.5.6.el8.s390x",
"relates_to_product_reference": "8Base-RH-OCS-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mcg-0:5.6.0-39.2279a46.5.6.el8.src as a component of Red Hat OpenShift Container Storage 4.6 on RHEL-8",
"product_id": "8Base-RH-OCS-4.6:mcg-0:5.6.0-39.2279a46.5.6.el8.src"
},
"product_reference": "mcg-0:5.6.0-39.2279a46.5.6.el8.src",
"relates_to_product_reference": "8Base-RH-OCS-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mcg-0:5.6.0-39.2279a46.5.6.el8.x86_64 as a component of Red Hat OpenShift Container Storage 4.6 on RHEL-8",
"product_id": "8Base-RH-OCS-4.6:mcg-0:5.6.0-39.2279a46.5.6.el8.x86_64"
},
"product_reference": "mcg-0:5.6.0-39.2279a46.5.6.el8.x86_64",
"relates_to_product_reference": "8Base-RH-OCS-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tini-0:0.18.0-5.el8.ppc64le as a component of Red Hat OpenShift Container Storage 4.6 on RHEL-8",
"product_id": "8Base-RH-OCS-4.6:tini-0:0.18.0-5.el8.ppc64le"
},
"product_reference": "tini-0:0.18.0-5.el8.ppc64le",
"relates_to_product_reference": "8Base-RH-OCS-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tini-0:0.18.0-5.el8.s390x as a component of Red Hat OpenShift Container Storage 4.6 on RHEL-8",
"product_id": "8Base-RH-OCS-4.6:tini-0:0.18.0-5.el8.s390x"
},
"product_reference": "tini-0:0.18.0-5.el8.s390x",
"relates_to_product_reference": "8Base-RH-OCS-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tini-0:0.18.0-5.el8.src as a component of Red Hat OpenShift Container Storage 4.6 on RHEL-8",
"product_id": "8Base-RH-OCS-4.6:tini-0:0.18.0-5.el8.src"
},
"product_reference": "tini-0:0.18.0-5.el8.src",
"relates_to_product_reference": "8Base-RH-OCS-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "tini-0:0.18.0-5.el8.x86_64 as a component of Red Hat OpenShift Container Storage 4.6 on RHEL-8",
"product_id": "8Base-RH-OCS-4.6:tini-0:0.18.0-5.el8.x86_64"
},
"product_reference": "tini-0:0.18.0-5.el8.x86_64",
"relates_to_product_reference": "8Base-RH-OCS-4.6"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2020-14040",
"cwe": {
"id": "CWE-835",
"name": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)"
},
"discovery_date": "2020-06-17T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RH-OCS-4.6:tini-0:0.18.0-5.el8.ppc64le",
"8Base-RH-OCS-4.6:tini-0:0.18.0-5.el8.s390x",
"8Base-RH-OCS-4.6:tini-0:0.18.0-5.el8.src",
"8Base-RH-OCS-4.6:tini-0:0.18.0-5.el8.x86_64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1853652"
}
],
"notes": [
{
"category": "description",
"text": "A denial of service vulnerability was found in the golang.org/x/text library. A library or application must use one of the vulnerable functions, such as unicode.Transform, transform.String, or transform.Byte, to be susceptible to this vulnerability. If an attacker is able to supply specific characters or strings to the vulnerable application, there is the potential to cause an infinite loop to occur using more memory, resulting in a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang.org/x/text: possibility to trigger an infinite loop in encoding/unicode could lead to crash",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "* OpenShift ServiceMesh (OSSM) 1.0 is Out Of Support Scope (OOSS) for Moderate and Low impact vulnerabilities. Jaeger was packaged with ServiceMesh in 1.0, and hence is also marked OOSS, but the Jaeger-Operator is a standalone product and is affected by this vulnerability.\n\n* Because Service Telemetry Framework does not directly use unicode.UTF16, no update will be provided at this time for STF\u0027s sg-core-container.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RH-OCS-4.6:mcg-0:5.6.0-39.2279a46.5.6.el8.ppc64le",
"8Base-RH-OCS-4.6:mcg-0:5.6.0-39.2279a46.5.6.el8.s390x",
"8Base-RH-OCS-4.6:mcg-0:5.6.0-39.2279a46.5.6.el8.src",
"8Base-RH-OCS-4.6:mcg-0:5.6.0-39.2279a46.5.6.el8.x86_64"
],
"known_not_affected": [
"8Base-RH-OCS-4.6:tini-0:0.18.0-5.el8.ppc64le",
"8Base-RH-OCS-4.6:tini-0:0.18.0-5.el8.s390x",
"8Base-RH-OCS-4.6:tini-0:0.18.0-5.el8.src",
"8Base-RH-OCS-4.6:tini-0:0.18.0-5.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-14040"
},
{
"category": "external",
"summary": "RHBZ#1853652",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1853652"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-14040",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14040"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-14040",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-14040"
},
{
"category": "external",
"summary": "https://github.com/golang/go/issues/39491",
"url": "https://github.com/golang/go/issues/39491"
},
{
"category": "external",
"summary": "https://groups.google.com/forum/#!topic/golang-announce/bXVeAmGOqz0",
"url": "https://groups.google.com/forum/#!topic/golang-announce/bXVeAmGOqz0"
}
],
"release_date": "2020-06-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-12-17T05:43:57+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RH-OCS-4.6:mcg-0:5.6.0-39.2279a46.5.6.el8.ppc64le",
"8Base-RH-OCS-4.6:mcg-0:5.6.0-39.2279a46.5.6.el8.s390x",
"8Base-RH-OCS-4.6:mcg-0:5.6.0-39.2279a46.5.6.el8.src",
"8Base-RH-OCS-4.6:mcg-0:5.6.0-39.2279a46.5.6.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:5606"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RH-OCS-4.6:mcg-0:5.6.0-39.2279a46.5.6.el8.ppc64le",
"8Base-RH-OCS-4.6:mcg-0:5.6.0-39.2279a46.5.6.el8.s390x",
"8Base-RH-OCS-4.6:mcg-0:5.6.0-39.2279a46.5.6.el8.src",
"8Base-RH-OCS-4.6:mcg-0:5.6.0-39.2279a46.5.6.el8.x86_64",
"8Base-RH-OCS-4.6:tini-0:0.18.0-5.el8.ppc64le",
"8Base-RH-OCS-4.6:tini-0:0.18.0-5.el8.s390x",
"8Base-RH-OCS-4.6:tini-0:0.18.0-5.el8.src",
"8Base-RH-OCS-4.6:tini-0:0.18.0-5.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang.org/x/text: possibility to trigger an infinite loop in encoding/unicode could lead to crash"
},
{
"cve": "CVE-2020-15586",
"cwe": {
"id": "CWE-362",
"name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
},
"discovery_date": "2020-07-14T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RH-OCS-4.6:tini-0:0.18.0-5.el8.ppc64le",
"8Base-RH-OCS-4.6:tini-0:0.18.0-5.el8.s390x",
"8Base-RH-OCS-4.6:tini-0:0.18.0-5.el8.src",
"8Base-RH-OCS-4.6:tini-0:0.18.0-5.el8.x86_64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1856953"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found Go\u0027s net/http package. Servers using ReverseProxy from net/http in the Go standard library are vulnerable to a data race that results in a denial of service. The highest threat from this vulnerability is to system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: data race in certain net/http servers including ReverseProxy can lead to DoS",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "OpenShift Container Platform (OCP) components are primarily written in Go, meaning that any component using the net/http package includes the vulnerable code. OCP server endpoints using ReverseProxy are protected by authentication, reducing the severity of this vulnerability to Low for OCP.\n\nSimilar to OCP, OpenShift ServiceMesh (OSSM), RedHat OpenShift Jaeger (RHOSJ) and OpenShift Virtualization are also primarily written in Go and are protected via authentication, reducing the severity of this vulnerability to Low.\n\nRed Hat Gluster Storage 3 and Red Hat Openshift Container Storage 4 components are built with the affected version of Go, however the vulnerable functionality is currently not used by these products and hence this issue has been rated as having a security impact of Low.\n\nRed Hat Ceph Storage 3 and 4 components are built with the affected version of Go, however the vulnerable functionality is currently not used by these products and hence this issue has been rated as having a security impact of Low.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RH-OCS-4.6:mcg-0:5.6.0-39.2279a46.5.6.el8.ppc64le",
"8Base-RH-OCS-4.6:mcg-0:5.6.0-39.2279a46.5.6.el8.s390x",
"8Base-RH-OCS-4.6:mcg-0:5.6.0-39.2279a46.5.6.el8.src",
"8Base-RH-OCS-4.6:mcg-0:5.6.0-39.2279a46.5.6.el8.x86_64"
],
"known_not_affected": [
"8Base-RH-OCS-4.6:tini-0:0.18.0-5.el8.ppc64le",
"8Base-RH-OCS-4.6:tini-0:0.18.0-5.el8.s390x",
"8Base-RH-OCS-4.6:tini-0:0.18.0-5.el8.src",
"8Base-RH-OCS-4.6:tini-0:0.18.0-5.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-15586"
},
{
"category": "external",
"summary": "RHBZ#1856953",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1856953"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-15586",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-15586"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-15586",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-15586"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/XZNfaiwgt2w/m/E6gHDs32AQAJ",
"url": "https://groups.google.com/g/golang-announce/c/XZNfaiwgt2w/m/E6gHDs32AQAJ"
}
],
"release_date": "2020-07-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-12-17T05:43:57+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RH-OCS-4.6:mcg-0:5.6.0-39.2279a46.5.6.el8.ppc64le",
"8Base-RH-OCS-4.6:mcg-0:5.6.0-39.2279a46.5.6.el8.s390x",
"8Base-RH-OCS-4.6:mcg-0:5.6.0-39.2279a46.5.6.el8.src",
"8Base-RH-OCS-4.6:mcg-0:5.6.0-39.2279a46.5.6.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:5606"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RH-OCS-4.6:mcg-0:5.6.0-39.2279a46.5.6.el8.ppc64le",
"8Base-RH-OCS-4.6:mcg-0:5.6.0-39.2279a46.5.6.el8.s390x",
"8Base-RH-OCS-4.6:mcg-0:5.6.0-39.2279a46.5.6.el8.src",
"8Base-RH-OCS-4.6:mcg-0:5.6.0-39.2279a46.5.6.el8.x86_64",
"8Base-RH-OCS-4.6:tini-0:0.18.0-5.el8.ppc64le",
"8Base-RH-OCS-4.6:tini-0:0.18.0-5.el8.s390x",
"8Base-RH-OCS-4.6:tini-0:0.18.0-5.el8.src",
"8Base-RH-OCS-4.6:tini-0:0.18.0-5.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "golang: data race in certain net/http servers including ReverseProxy can lead to DoS"
},
{
"cve": "CVE-2020-16845",
"cwe": {
"id": "CWE-835",
"name": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)"
},
"discovery_date": "2020-08-07T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RH-OCS-4.6:tini-0:0.18.0-5.el8.ppc64le",
"8Base-RH-OCS-4.6:tini-0:0.18.0-5.el8.s390x",
"8Base-RH-OCS-4.6:tini-0:0.18.0-5.el8.src",
"8Base-RH-OCS-4.6:tini-0:0.18.0-5.el8.x86_64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1867099"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Go encoding/binary package. Certain invalid inputs to the ReadUvarint or the ReadVarint causes those functions to read an unlimited number of bytes from the ByteReader argument before returning an error. This flaw possibly leads to processing more input than expected. The highest threat from this vulnerability is to system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: ReadUvarint and ReadVarint can read an unlimited number of bytes from invalid inputs",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "OpenShift Container Platform (OCP), OpenShift ServiceMesh (OSSM), RedHat OpenShift Jaeger (RHOSJ) and OpenShift Virtualization components are primarily written in Go, meaning that any component using the encoding/binary package includes the vulnerable code. The affected components are behind OpenShift OAuth authentication, therefore the impact is low.\n\nRed Hat Gluster Storage 3, Red Hat OpenShift Container Storage 4 and Red Hat Ceph Storage (3 and 4) components are built with the affected version of Go, however the vulnerable functionality is currently not used by these products and hence this issue has been rated as having a security impact of Low.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RH-OCS-4.6:mcg-0:5.6.0-39.2279a46.5.6.el8.ppc64le",
"8Base-RH-OCS-4.6:mcg-0:5.6.0-39.2279a46.5.6.el8.s390x",
"8Base-RH-OCS-4.6:mcg-0:5.6.0-39.2279a46.5.6.el8.src",
"8Base-RH-OCS-4.6:mcg-0:5.6.0-39.2279a46.5.6.el8.x86_64"
],
"known_not_affected": [
"8Base-RH-OCS-4.6:tini-0:0.18.0-5.el8.ppc64le",
"8Base-RH-OCS-4.6:tini-0:0.18.0-5.el8.s390x",
"8Base-RH-OCS-4.6:tini-0:0.18.0-5.el8.src",
"8Base-RH-OCS-4.6:tini-0:0.18.0-5.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-16845"
},
{
"category": "external",
"summary": "RHBZ#1867099",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1867099"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-16845",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-16845"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-16845",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-16845"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/NyPIaucMgXo",
"url": "https://groups.google.com/g/golang-announce/c/NyPIaucMgXo"
}
],
"release_date": "2020-08-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-12-17T05:43:57+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RH-OCS-4.6:mcg-0:5.6.0-39.2279a46.5.6.el8.ppc64le",
"8Base-RH-OCS-4.6:mcg-0:5.6.0-39.2279a46.5.6.el8.s390x",
"8Base-RH-OCS-4.6:mcg-0:5.6.0-39.2279a46.5.6.el8.src",
"8Base-RH-OCS-4.6:mcg-0:5.6.0-39.2279a46.5.6.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:5606"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RH-OCS-4.6:mcg-0:5.6.0-39.2279a46.5.6.el8.ppc64le",
"8Base-RH-OCS-4.6:mcg-0:5.6.0-39.2279a46.5.6.el8.s390x",
"8Base-RH-OCS-4.6:mcg-0:5.6.0-39.2279a46.5.6.el8.src",
"8Base-RH-OCS-4.6:mcg-0:5.6.0-39.2279a46.5.6.el8.x86_64",
"8Base-RH-OCS-4.6:tini-0:0.18.0-5.el8.ppc64le",
"8Base-RH-OCS-4.6:tini-0:0.18.0-5.el8.s390x",
"8Base-RH-OCS-4.6:tini-0:0.18.0-5.el8.src",
"8Base-RH-OCS-4.6:tini-0:0.18.0-5.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "golang: ReadUvarint and ReadVarint can read an unlimited number of bytes from invalid inputs"
}
]
}
RHSA-2020:5649
Vulnerability from csaf_redhat - Published: 2020-12-22 04:53 - Updated: 2026-03-27 08:38Summary
Red Hat Security Advisory: Red Hat OpenShift Service Mesh 1.1.11 security update
Severity
Low
Notes
Topic: An update is now available for OpenShift Service Mesh 1.1.
Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: Red Hat OpenShift Service Mesh is Red Hat's distribution of the Istio service mesh project, tailored for installation into an on-premise OpenShift Container Platform installation.
Security Fix(es):
* golang: data race in certain net/http servers including ReverseProxy can lead to DoS (CVE-2020-15586)
* golang: ReadUvarint and ReadVarint can read an unlimited number of bytes from invalid inputs (CVE-2020-16845)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found Go's net/http package. Servers using ReverseProxy from net/http in the Go standard library are vulnerable to a data race that results in a denial of service. The highest threat from this vulnerability is to system availability.
5.9 (Medium)
Affected products
Fixed
21 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-OSSM-1.1:ior-0:1.1.11-2.el8.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-OSSM-1.1:ior-0:1.1.11-2.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-OSSM-1.1:servicemesh-0:1.1.11-2.el8.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-OSSM-1.1:servicemesh-0:1.1.11-2.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-OSSM-1.1:servicemesh-citadel-0:1.1.11-2.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-OSSM-1.1:servicemesh-cni-0:1.1.11-2.el8.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-OSSM-1.1:servicemesh-cni-0:1.1.11-2.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-OSSM-1.1:servicemesh-galley-0:1.1.11-2.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-OSSM-1.1:servicemesh-grafana-0:6.4.3-19.el8.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-OSSM-1.1:servicemesh-grafana-0:6.4.3-19.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-OSSM-1.1:servicemesh-grafana-prometheus-0:6.4.3-19.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-OSSM-1.1:servicemesh-istioctl-0:1.1.11-2.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-OSSM-1.1:servicemesh-mixc-0:1.1.11-2.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-OSSM-1.1:servicemesh-mixs-0:1.1.11-2.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-OSSM-1.1:servicemesh-operator-0:1.1.11-3.el8.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-OSSM-1.1:servicemesh-operator-0:1.1.11-3.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-OSSM-1.1:servicemesh-pilot-agent-0:1.1.11-2.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-OSSM-1.1:servicemesh-pilot-discovery-0:1.1.11-2.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-OSSM-1.1:servicemesh-prometheus-0:2.14.0-20.el8.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-OSSM-1.1:servicemesh-prometheus-0:2.14.0-20.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-OSSM-1.1:servicemesh-sidecar-injector-0:1.1.11-2.el8.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Low
A flaw was found in the Go encoding/binary package. Certain invalid inputs to the ReadUvarint or the ReadVarint causes those functions to read an unlimited number of bytes from the ByteReader argument before returning an error. This flaw possibly leads to processing more input than expected. The highest threat from this vulnerability is to system availability.
7.5 (High)
Affected products
Fixed
21 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-OSSM-1.1:ior-0:1.1.11-2.el8.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-OSSM-1.1:ior-0:1.1.11-2.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-OSSM-1.1:servicemesh-0:1.1.11-2.el8.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-OSSM-1.1:servicemesh-0:1.1.11-2.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-OSSM-1.1:servicemesh-citadel-0:1.1.11-2.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-OSSM-1.1:servicemesh-cni-0:1.1.11-2.el8.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-OSSM-1.1:servicemesh-cni-0:1.1.11-2.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-OSSM-1.1:servicemesh-galley-0:1.1.11-2.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-OSSM-1.1:servicemesh-grafana-0:6.4.3-19.el8.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-OSSM-1.1:servicemesh-grafana-0:6.4.3-19.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-OSSM-1.1:servicemesh-grafana-prometheus-0:6.4.3-19.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-OSSM-1.1:servicemesh-istioctl-0:1.1.11-2.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-OSSM-1.1:servicemesh-mixc-0:1.1.11-2.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-OSSM-1.1:servicemesh-mixs-0:1.1.11-2.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-OSSM-1.1:servicemesh-operator-0:1.1.11-3.el8.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-OSSM-1.1:servicemesh-operator-0:1.1.11-3.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-OSSM-1.1:servicemesh-pilot-agent-0:1.1.11-2.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-OSSM-1.1:servicemesh-pilot-discovery-0:1.1.11-2.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-OSSM-1.1:servicemesh-prometheus-0:2.14.0-20.el8.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-OSSM-1.1:servicemesh-prometheus-0:2.14.0-20.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-OSSM-1.1:servicemesh-sidecar-injector-0:1.1.11-2.el8.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Low
References
15 references
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Low"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update is now available for OpenShift Service Mesh 1.1.\n\nRed Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat OpenShift Service Mesh is Red Hat\u0027s distribution of the Istio service mesh project, tailored for installation into an on-premise OpenShift Container Platform installation.\n\nSecurity Fix(es):\n\n* golang: data race in certain net/http servers including ReverseProxy can lead to DoS (CVE-2020-15586)\n\n* golang: ReadUvarint and ReadVarint can read an unlimited number of bytes from invalid inputs (CVE-2020-16845)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2020:5649",
"url": "https://access.redhat.com/errata/RHSA-2020:5649"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#low",
"url": "https://access.redhat.com/security/updates/classification/#low"
},
{
"category": "external",
"summary": "1856953",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1856953"
},
{
"category": "external",
"summary": "1867099",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1867099"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2020/rhsa-2020_5649.json"
}
],
"title": "Red Hat Security Advisory: Red Hat OpenShift Service Mesh 1.1.11 security update",
"tracking": {
"current_release_date": "2026-03-27T08:38:48+00:00",
"generator": {
"date": "2026-03-27T08:38:48+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.7.4"
}
},
"id": "RHSA-2020:5649",
"initial_release_date": "2020-12-22T04:53:46+00:00",
"revision_history": [
{
"date": "2020-12-22T04:53:46+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2020-12-22T04:53:46+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-03-27T08:38:48+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "OpenShift Service Mesh 1.1",
"product": {
"name": "OpenShift Service Mesh 1.1",
"product_id": "8Base-OSSM-1.1",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:service_mesh:1.1::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenShift Service Mesh"
},
{
"branches": [
{
"category": "product_version",
"name": "ior-0:1.1.11-2.el8.src",
"product": {
"name": "ior-0:1.1.11-2.el8.src",
"product_id": "ior-0:1.1.11-2.el8.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ior@1.1.11-2.el8?arch=src"
}
}
},
{
"category": "product_version",
"name": "servicemesh-prometheus-0:2.14.0-20.el8.src",
"product": {
"name": "servicemesh-prometheus-0:2.14.0-20.el8.src",
"product_id": "servicemesh-prometheus-0:2.14.0-20.el8.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/servicemesh-prometheus@2.14.0-20.el8?arch=src"
}
}
},
{
"category": "product_version",
"name": "servicemesh-cni-0:1.1.11-2.el8.src",
"product": {
"name": "servicemesh-cni-0:1.1.11-2.el8.src",
"product_id": "servicemesh-cni-0:1.1.11-2.el8.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/servicemesh-cni@1.1.11-2.el8?arch=src"
}
}
},
{
"category": "product_version",
"name": "servicemesh-0:1.1.11-2.el8.src",
"product": {
"name": "servicemesh-0:1.1.11-2.el8.src",
"product_id": "servicemesh-0:1.1.11-2.el8.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/servicemesh@1.1.11-2.el8?arch=src"
}
}
},
{
"category": "product_version",
"name": "servicemesh-grafana-0:6.4.3-19.el8.src",
"product": {
"name": "servicemesh-grafana-0:6.4.3-19.el8.src",
"product_id": "servicemesh-grafana-0:6.4.3-19.el8.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/servicemesh-grafana@6.4.3-19.el8?arch=src"
}
}
},
{
"category": "product_version",
"name": "servicemesh-operator-0:1.1.11-3.el8.src",
"product": {
"name": "servicemesh-operator-0:1.1.11-3.el8.src",
"product_id": "servicemesh-operator-0:1.1.11-3.el8.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/servicemesh-operator@1.1.11-3.el8?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "ior-0:1.1.11-2.el8.x86_64",
"product": {
"name": "ior-0:1.1.11-2.el8.x86_64",
"product_id": "ior-0:1.1.11-2.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ior@1.1.11-2.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "servicemesh-prometheus-0:2.14.0-20.el8.x86_64",
"product": {
"name": "servicemesh-prometheus-0:2.14.0-20.el8.x86_64",
"product_id": "servicemesh-prometheus-0:2.14.0-20.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/servicemesh-prometheus@2.14.0-20.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "servicemesh-cni-0:1.1.11-2.el8.x86_64",
"product": {
"name": "servicemesh-cni-0:1.1.11-2.el8.x86_64",
"product_id": "servicemesh-cni-0:1.1.11-2.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/servicemesh-cni@1.1.11-2.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "servicemesh-0:1.1.11-2.el8.x86_64",
"product": {
"name": "servicemesh-0:1.1.11-2.el8.x86_64",
"product_id": "servicemesh-0:1.1.11-2.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/servicemesh@1.1.11-2.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "servicemesh-citadel-0:1.1.11-2.el8.x86_64",
"product": {
"name": "servicemesh-citadel-0:1.1.11-2.el8.x86_64",
"product_id": "servicemesh-citadel-0:1.1.11-2.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/servicemesh-citadel@1.1.11-2.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "servicemesh-galley-0:1.1.11-2.el8.x86_64",
"product": {
"name": "servicemesh-galley-0:1.1.11-2.el8.x86_64",
"product_id": "servicemesh-galley-0:1.1.11-2.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/servicemesh-galley@1.1.11-2.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "servicemesh-istioctl-0:1.1.11-2.el8.x86_64",
"product": {
"name": "servicemesh-istioctl-0:1.1.11-2.el8.x86_64",
"product_id": "servicemesh-istioctl-0:1.1.11-2.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/servicemesh-istioctl@1.1.11-2.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "servicemesh-mixc-0:1.1.11-2.el8.x86_64",
"product": {
"name": "servicemesh-mixc-0:1.1.11-2.el8.x86_64",
"product_id": "servicemesh-mixc-0:1.1.11-2.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/servicemesh-mixc@1.1.11-2.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "servicemesh-mixs-0:1.1.11-2.el8.x86_64",
"product": {
"name": "servicemesh-mixs-0:1.1.11-2.el8.x86_64",
"product_id": "servicemesh-mixs-0:1.1.11-2.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/servicemesh-mixs@1.1.11-2.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "servicemesh-pilot-agent-0:1.1.11-2.el8.x86_64",
"product": {
"name": "servicemesh-pilot-agent-0:1.1.11-2.el8.x86_64",
"product_id": "servicemesh-pilot-agent-0:1.1.11-2.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/servicemesh-pilot-agent@1.1.11-2.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "servicemesh-pilot-discovery-0:1.1.11-2.el8.x86_64",
"product": {
"name": "servicemesh-pilot-discovery-0:1.1.11-2.el8.x86_64",
"product_id": "servicemesh-pilot-discovery-0:1.1.11-2.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/servicemesh-pilot-discovery@1.1.11-2.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "servicemesh-sidecar-injector-0:1.1.11-2.el8.x86_64",
"product": {
"name": "servicemesh-sidecar-injector-0:1.1.11-2.el8.x86_64",
"product_id": "servicemesh-sidecar-injector-0:1.1.11-2.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/servicemesh-sidecar-injector@1.1.11-2.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "servicemesh-grafana-0:6.4.3-19.el8.x86_64",
"product": {
"name": "servicemesh-grafana-0:6.4.3-19.el8.x86_64",
"product_id": "servicemesh-grafana-0:6.4.3-19.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/servicemesh-grafana@6.4.3-19.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "servicemesh-grafana-prometheus-0:6.4.3-19.el8.x86_64",
"product": {
"name": "servicemesh-grafana-prometheus-0:6.4.3-19.el8.x86_64",
"product_id": "servicemesh-grafana-prometheus-0:6.4.3-19.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/servicemesh-grafana-prometheus@6.4.3-19.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "servicemesh-operator-0:1.1.11-3.el8.x86_64",
"product": {
"name": "servicemesh-operator-0:1.1.11-3.el8.x86_64",
"product_id": "servicemesh-operator-0:1.1.11-3.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/servicemesh-operator@1.1.11-3.el8?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "ior-0:1.1.11-2.el8.src as a component of OpenShift Service Mesh 1.1",
"product_id": "8Base-OSSM-1.1:ior-0:1.1.11-2.el8.src"
},
"product_reference": "ior-0:1.1.11-2.el8.src",
"relates_to_product_reference": "8Base-OSSM-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ior-0:1.1.11-2.el8.x86_64 as a component of OpenShift Service Mesh 1.1",
"product_id": "8Base-OSSM-1.1:ior-0:1.1.11-2.el8.x86_64"
},
"product_reference": "ior-0:1.1.11-2.el8.x86_64",
"relates_to_product_reference": "8Base-OSSM-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "servicemesh-0:1.1.11-2.el8.src as a component of OpenShift Service Mesh 1.1",
"product_id": "8Base-OSSM-1.1:servicemesh-0:1.1.11-2.el8.src"
},
"product_reference": "servicemesh-0:1.1.11-2.el8.src",
"relates_to_product_reference": "8Base-OSSM-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "servicemesh-0:1.1.11-2.el8.x86_64 as a component of OpenShift Service Mesh 1.1",
"product_id": "8Base-OSSM-1.1:servicemesh-0:1.1.11-2.el8.x86_64"
},
"product_reference": "servicemesh-0:1.1.11-2.el8.x86_64",
"relates_to_product_reference": "8Base-OSSM-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "servicemesh-citadel-0:1.1.11-2.el8.x86_64 as a component of OpenShift Service Mesh 1.1",
"product_id": "8Base-OSSM-1.1:servicemesh-citadel-0:1.1.11-2.el8.x86_64"
},
"product_reference": "servicemesh-citadel-0:1.1.11-2.el8.x86_64",
"relates_to_product_reference": "8Base-OSSM-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "servicemesh-cni-0:1.1.11-2.el8.src as a component of OpenShift Service Mesh 1.1",
"product_id": "8Base-OSSM-1.1:servicemesh-cni-0:1.1.11-2.el8.src"
},
"product_reference": "servicemesh-cni-0:1.1.11-2.el8.src",
"relates_to_product_reference": "8Base-OSSM-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "servicemesh-cni-0:1.1.11-2.el8.x86_64 as a component of OpenShift Service Mesh 1.1",
"product_id": "8Base-OSSM-1.1:servicemesh-cni-0:1.1.11-2.el8.x86_64"
},
"product_reference": "servicemesh-cni-0:1.1.11-2.el8.x86_64",
"relates_to_product_reference": "8Base-OSSM-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "servicemesh-galley-0:1.1.11-2.el8.x86_64 as a component of OpenShift Service Mesh 1.1",
"product_id": "8Base-OSSM-1.1:servicemesh-galley-0:1.1.11-2.el8.x86_64"
},
"product_reference": "servicemesh-galley-0:1.1.11-2.el8.x86_64",
"relates_to_product_reference": "8Base-OSSM-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "servicemesh-grafana-0:6.4.3-19.el8.src as a component of OpenShift Service Mesh 1.1",
"product_id": "8Base-OSSM-1.1:servicemesh-grafana-0:6.4.3-19.el8.src"
},
"product_reference": "servicemesh-grafana-0:6.4.3-19.el8.src",
"relates_to_product_reference": "8Base-OSSM-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "servicemesh-grafana-0:6.4.3-19.el8.x86_64 as a component of OpenShift Service Mesh 1.1",
"product_id": "8Base-OSSM-1.1:servicemesh-grafana-0:6.4.3-19.el8.x86_64"
},
"product_reference": "servicemesh-grafana-0:6.4.3-19.el8.x86_64",
"relates_to_product_reference": "8Base-OSSM-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "servicemesh-grafana-prometheus-0:6.4.3-19.el8.x86_64 as a component of OpenShift Service Mesh 1.1",
"product_id": "8Base-OSSM-1.1:servicemesh-grafana-prometheus-0:6.4.3-19.el8.x86_64"
},
"product_reference": "servicemesh-grafana-prometheus-0:6.4.3-19.el8.x86_64",
"relates_to_product_reference": "8Base-OSSM-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "servicemesh-istioctl-0:1.1.11-2.el8.x86_64 as a component of OpenShift Service Mesh 1.1",
"product_id": "8Base-OSSM-1.1:servicemesh-istioctl-0:1.1.11-2.el8.x86_64"
},
"product_reference": "servicemesh-istioctl-0:1.1.11-2.el8.x86_64",
"relates_to_product_reference": "8Base-OSSM-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "servicemesh-mixc-0:1.1.11-2.el8.x86_64 as a component of OpenShift Service Mesh 1.1",
"product_id": "8Base-OSSM-1.1:servicemesh-mixc-0:1.1.11-2.el8.x86_64"
},
"product_reference": "servicemesh-mixc-0:1.1.11-2.el8.x86_64",
"relates_to_product_reference": "8Base-OSSM-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "servicemesh-mixs-0:1.1.11-2.el8.x86_64 as a component of OpenShift Service Mesh 1.1",
"product_id": "8Base-OSSM-1.1:servicemesh-mixs-0:1.1.11-2.el8.x86_64"
},
"product_reference": "servicemesh-mixs-0:1.1.11-2.el8.x86_64",
"relates_to_product_reference": "8Base-OSSM-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "servicemesh-operator-0:1.1.11-3.el8.src as a component of OpenShift Service Mesh 1.1",
"product_id": "8Base-OSSM-1.1:servicemesh-operator-0:1.1.11-3.el8.src"
},
"product_reference": "servicemesh-operator-0:1.1.11-3.el8.src",
"relates_to_product_reference": "8Base-OSSM-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "servicemesh-operator-0:1.1.11-3.el8.x86_64 as a component of OpenShift Service Mesh 1.1",
"product_id": "8Base-OSSM-1.1:servicemesh-operator-0:1.1.11-3.el8.x86_64"
},
"product_reference": "servicemesh-operator-0:1.1.11-3.el8.x86_64",
"relates_to_product_reference": "8Base-OSSM-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "servicemesh-pilot-agent-0:1.1.11-2.el8.x86_64 as a component of OpenShift Service Mesh 1.1",
"product_id": "8Base-OSSM-1.1:servicemesh-pilot-agent-0:1.1.11-2.el8.x86_64"
},
"product_reference": "servicemesh-pilot-agent-0:1.1.11-2.el8.x86_64",
"relates_to_product_reference": "8Base-OSSM-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "servicemesh-pilot-discovery-0:1.1.11-2.el8.x86_64 as a component of OpenShift Service Mesh 1.1",
"product_id": "8Base-OSSM-1.1:servicemesh-pilot-discovery-0:1.1.11-2.el8.x86_64"
},
"product_reference": "servicemesh-pilot-discovery-0:1.1.11-2.el8.x86_64",
"relates_to_product_reference": "8Base-OSSM-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "servicemesh-prometheus-0:2.14.0-20.el8.src as a component of OpenShift Service Mesh 1.1",
"product_id": "8Base-OSSM-1.1:servicemesh-prometheus-0:2.14.0-20.el8.src"
},
"product_reference": "servicemesh-prometheus-0:2.14.0-20.el8.src",
"relates_to_product_reference": "8Base-OSSM-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "servicemesh-prometheus-0:2.14.0-20.el8.x86_64 as a component of OpenShift Service Mesh 1.1",
"product_id": "8Base-OSSM-1.1:servicemesh-prometheus-0:2.14.0-20.el8.x86_64"
},
"product_reference": "servicemesh-prometheus-0:2.14.0-20.el8.x86_64",
"relates_to_product_reference": "8Base-OSSM-1.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "servicemesh-sidecar-injector-0:1.1.11-2.el8.x86_64 as a component of OpenShift Service Mesh 1.1",
"product_id": "8Base-OSSM-1.1:servicemesh-sidecar-injector-0:1.1.11-2.el8.x86_64"
},
"product_reference": "servicemesh-sidecar-injector-0:1.1.11-2.el8.x86_64",
"relates_to_product_reference": "8Base-OSSM-1.1"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2020-15586",
"cwe": {
"id": "CWE-362",
"name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
},
"discovery_date": "2020-07-14T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1856953"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found Go\u0027s net/http package. Servers using ReverseProxy from net/http in the Go standard library are vulnerable to a data race that results in a denial of service. The highest threat from this vulnerability is to system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: data race in certain net/http servers including ReverseProxy can lead to DoS",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "OpenShift Container Platform (OCP) components are primarily written in Go, meaning that any component using the net/http package includes the vulnerable code. OCP server endpoints using ReverseProxy are protected by authentication, reducing the severity of this vulnerability to Low for OCP.\n\nSimilar to OCP, OpenShift ServiceMesh (OSSM), RedHat OpenShift Jaeger (RHOSJ) and OpenShift Virtualization are also primarily written in Go and are protected via authentication, reducing the severity of this vulnerability to Low.\n\nRed Hat Gluster Storage 3 and Red Hat Openshift Container Storage 4 components are built with the affected version of Go, however the vulnerable functionality is currently not used by these products and hence this issue has been rated as having a security impact of Low.\n\nRed Hat Ceph Storage 3 and 4 components are built with the affected version of Go, however the vulnerable functionality is currently not used by these products and hence this issue has been rated as having a security impact of Low.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OSSM-1.1:ior-0:1.1.11-2.el8.src",
"8Base-OSSM-1.1:ior-0:1.1.11-2.el8.x86_64",
"8Base-OSSM-1.1:servicemesh-0:1.1.11-2.el8.src",
"8Base-OSSM-1.1:servicemesh-0:1.1.11-2.el8.x86_64",
"8Base-OSSM-1.1:servicemesh-citadel-0:1.1.11-2.el8.x86_64",
"8Base-OSSM-1.1:servicemesh-cni-0:1.1.11-2.el8.src",
"8Base-OSSM-1.1:servicemesh-cni-0:1.1.11-2.el8.x86_64",
"8Base-OSSM-1.1:servicemesh-galley-0:1.1.11-2.el8.x86_64",
"8Base-OSSM-1.1:servicemesh-grafana-0:6.4.3-19.el8.src",
"8Base-OSSM-1.1:servicemesh-grafana-0:6.4.3-19.el8.x86_64",
"8Base-OSSM-1.1:servicemesh-grafana-prometheus-0:6.4.3-19.el8.x86_64",
"8Base-OSSM-1.1:servicemesh-istioctl-0:1.1.11-2.el8.x86_64",
"8Base-OSSM-1.1:servicemesh-mixc-0:1.1.11-2.el8.x86_64",
"8Base-OSSM-1.1:servicemesh-mixs-0:1.1.11-2.el8.x86_64",
"8Base-OSSM-1.1:servicemesh-operator-0:1.1.11-3.el8.src",
"8Base-OSSM-1.1:servicemesh-operator-0:1.1.11-3.el8.x86_64",
"8Base-OSSM-1.1:servicemesh-pilot-agent-0:1.1.11-2.el8.x86_64",
"8Base-OSSM-1.1:servicemesh-pilot-discovery-0:1.1.11-2.el8.x86_64",
"8Base-OSSM-1.1:servicemesh-prometheus-0:2.14.0-20.el8.src",
"8Base-OSSM-1.1:servicemesh-prometheus-0:2.14.0-20.el8.x86_64",
"8Base-OSSM-1.1:servicemesh-sidecar-injector-0:1.1.11-2.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-15586"
},
{
"category": "external",
"summary": "RHBZ#1856953",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1856953"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-15586",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-15586"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-15586",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-15586"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/XZNfaiwgt2w/m/E6gHDs32AQAJ",
"url": "https://groups.google.com/g/golang-announce/c/XZNfaiwgt2w/m/E6gHDs32AQAJ"
}
],
"release_date": "2020-07-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-12-22T04:53:46+00:00",
"details": "The OpenShift Service Mesh release notes provide information on the features and known issues:\n\nhttps://docs.openshift.com/container-platform/latest/service_mesh/servicemesh-release-notes.html",
"product_ids": [
"8Base-OSSM-1.1:ior-0:1.1.11-2.el8.src",
"8Base-OSSM-1.1:ior-0:1.1.11-2.el8.x86_64",
"8Base-OSSM-1.1:servicemesh-0:1.1.11-2.el8.src",
"8Base-OSSM-1.1:servicemesh-0:1.1.11-2.el8.x86_64",
"8Base-OSSM-1.1:servicemesh-citadel-0:1.1.11-2.el8.x86_64",
"8Base-OSSM-1.1:servicemesh-cni-0:1.1.11-2.el8.src",
"8Base-OSSM-1.1:servicemesh-cni-0:1.1.11-2.el8.x86_64",
"8Base-OSSM-1.1:servicemesh-galley-0:1.1.11-2.el8.x86_64",
"8Base-OSSM-1.1:servicemesh-grafana-0:6.4.3-19.el8.src",
"8Base-OSSM-1.1:servicemesh-grafana-0:6.4.3-19.el8.x86_64",
"8Base-OSSM-1.1:servicemesh-grafana-prometheus-0:6.4.3-19.el8.x86_64",
"8Base-OSSM-1.1:servicemesh-istioctl-0:1.1.11-2.el8.x86_64",
"8Base-OSSM-1.1:servicemesh-mixc-0:1.1.11-2.el8.x86_64",
"8Base-OSSM-1.1:servicemesh-mixs-0:1.1.11-2.el8.x86_64",
"8Base-OSSM-1.1:servicemesh-operator-0:1.1.11-3.el8.src",
"8Base-OSSM-1.1:servicemesh-operator-0:1.1.11-3.el8.x86_64",
"8Base-OSSM-1.1:servicemesh-pilot-agent-0:1.1.11-2.el8.x86_64",
"8Base-OSSM-1.1:servicemesh-pilot-discovery-0:1.1.11-2.el8.x86_64",
"8Base-OSSM-1.1:servicemesh-prometheus-0:2.14.0-20.el8.src",
"8Base-OSSM-1.1:servicemesh-prometheus-0:2.14.0-20.el8.x86_64",
"8Base-OSSM-1.1:servicemesh-sidecar-injector-0:1.1.11-2.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:5649"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-OSSM-1.1:ior-0:1.1.11-2.el8.src",
"8Base-OSSM-1.1:ior-0:1.1.11-2.el8.x86_64",
"8Base-OSSM-1.1:servicemesh-0:1.1.11-2.el8.src",
"8Base-OSSM-1.1:servicemesh-0:1.1.11-2.el8.x86_64",
"8Base-OSSM-1.1:servicemesh-citadel-0:1.1.11-2.el8.x86_64",
"8Base-OSSM-1.1:servicemesh-cni-0:1.1.11-2.el8.src",
"8Base-OSSM-1.1:servicemesh-cni-0:1.1.11-2.el8.x86_64",
"8Base-OSSM-1.1:servicemesh-galley-0:1.1.11-2.el8.x86_64",
"8Base-OSSM-1.1:servicemesh-grafana-0:6.4.3-19.el8.src",
"8Base-OSSM-1.1:servicemesh-grafana-0:6.4.3-19.el8.x86_64",
"8Base-OSSM-1.1:servicemesh-grafana-prometheus-0:6.4.3-19.el8.x86_64",
"8Base-OSSM-1.1:servicemesh-istioctl-0:1.1.11-2.el8.x86_64",
"8Base-OSSM-1.1:servicemesh-mixc-0:1.1.11-2.el8.x86_64",
"8Base-OSSM-1.1:servicemesh-mixs-0:1.1.11-2.el8.x86_64",
"8Base-OSSM-1.1:servicemesh-operator-0:1.1.11-3.el8.src",
"8Base-OSSM-1.1:servicemesh-operator-0:1.1.11-3.el8.x86_64",
"8Base-OSSM-1.1:servicemesh-pilot-agent-0:1.1.11-2.el8.x86_64",
"8Base-OSSM-1.1:servicemesh-pilot-discovery-0:1.1.11-2.el8.x86_64",
"8Base-OSSM-1.1:servicemesh-prometheus-0:2.14.0-20.el8.src",
"8Base-OSSM-1.1:servicemesh-prometheus-0:2.14.0-20.el8.x86_64",
"8Base-OSSM-1.1:servicemesh-sidecar-injector-0:1.1.11-2.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "golang: data race in certain net/http servers including ReverseProxy can lead to DoS"
},
{
"cve": "CVE-2020-16845",
"cwe": {
"id": "CWE-835",
"name": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)"
},
"discovery_date": "2020-08-07T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1867099"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Go encoding/binary package. Certain invalid inputs to the ReadUvarint or the ReadVarint causes those functions to read an unlimited number of bytes from the ByteReader argument before returning an error. This flaw possibly leads to processing more input than expected. The highest threat from this vulnerability is to system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: ReadUvarint and ReadVarint can read an unlimited number of bytes from invalid inputs",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "OpenShift Container Platform (OCP), OpenShift ServiceMesh (OSSM), RedHat OpenShift Jaeger (RHOSJ) and OpenShift Virtualization components are primarily written in Go, meaning that any component using the encoding/binary package includes the vulnerable code. The affected components are behind OpenShift OAuth authentication, therefore the impact is low.\n\nRed Hat Gluster Storage 3, Red Hat OpenShift Container Storage 4 and Red Hat Ceph Storage (3 and 4) components are built with the affected version of Go, however the vulnerable functionality is currently not used by these products and hence this issue has been rated as having a security impact of Low.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OSSM-1.1:ior-0:1.1.11-2.el8.src",
"8Base-OSSM-1.1:ior-0:1.1.11-2.el8.x86_64",
"8Base-OSSM-1.1:servicemesh-0:1.1.11-2.el8.src",
"8Base-OSSM-1.1:servicemesh-0:1.1.11-2.el8.x86_64",
"8Base-OSSM-1.1:servicemesh-citadel-0:1.1.11-2.el8.x86_64",
"8Base-OSSM-1.1:servicemesh-cni-0:1.1.11-2.el8.src",
"8Base-OSSM-1.1:servicemesh-cni-0:1.1.11-2.el8.x86_64",
"8Base-OSSM-1.1:servicemesh-galley-0:1.1.11-2.el8.x86_64",
"8Base-OSSM-1.1:servicemesh-grafana-0:6.4.3-19.el8.src",
"8Base-OSSM-1.1:servicemesh-grafana-0:6.4.3-19.el8.x86_64",
"8Base-OSSM-1.1:servicemesh-grafana-prometheus-0:6.4.3-19.el8.x86_64",
"8Base-OSSM-1.1:servicemesh-istioctl-0:1.1.11-2.el8.x86_64",
"8Base-OSSM-1.1:servicemesh-mixc-0:1.1.11-2.el8.x86_64",
"8Base-OSSM-1.1:servicemesh-mixs-0:1.1.11-2.el8.x86_64",
"8Base-OSSM-1.1:servicemesh-operator-0:1.1.11-3.el8.src",
"8Base-OSSM-1.1:servicemesh-operator-0:1.1.11-3.el8.x86_64",
"8Base-OSSM-1.1:servicemesh-pilot-agent-0:1.1.11-2.el8.x86_64",
"8Base-OSSM-1.1:servicemesh-pilot-discovery-0:1.1.11-2.el8.x86_64",
"8Base-OSSM-1.1:servicemesh-prometheus-0:2.14.0-20.el8.src",
"8Base-OSSM-1.1:servicemesh-prometheus-0:2.14.0-20.el8.x86_64",
"8Base-OSSM-1.1:servicemesh-sidecar-injector-0:1.1.11-2.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-16845"
},
{
"category": "external",
"summary": "RHBZ#1867099",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1867099"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-16845",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-16845"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-16845",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-16845"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/NyPIaucMgXo",
"url": "https://groups.google.com/g/golang-announce/c/NyPIaucMgXo"
}
],
"release_date": "2020-08-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-12-22T04:53:46+00:00",
"details": "The OpenShift Service Mesh release notes provide information on the features and known issues:\n\nhttps://docs.openshift.com/container-platform/latest/service_mesh/servicemesh-release-notes.html",
"product_ids": [
"8Base-OSSM-1.1:ior-0:1.1.11-2.el8.src",
"8Base-OSSM-1.1:ior-0:1.1.11-2.el8.x86_64",
"8Base-OSSM-1.1:servicemesh-0:1.1.11-2.el8.src",
"8Base-OSSM-1.1:servicemesh-0:1.1.11-2.el8.x86_64",
"8Base-OSSM-1.1:servicemesh-citadel-0:1.1.11-2.el8.x86_64",
"8Base-OSSM-1.1:servicemesh-cni-0:1.1.11-2.el8.src",
"8Base-OSSM-1.1:servicemesh-cni-0:1.1.11-2.el8.x86_64",
"8Base-OSSM-1.1:servicemesh-galley-0:1.1.11-2.el8.x86_64",
"8Base-OSSM-1.1:servicemesh-grafana-0:6.4.3-19.el8.src",
"8Base-OSSM-1.1:servicemesh-grafana-0:6.4.3-19.el8.x86_64",
"8Base-OSSM-1.1:servicemesh-grafana-prometheus-0:6.4.3-19.el8.x86_64",
"8Base-OSSM-1.1:servicemesh-istioctl-0:1.1.11-2.el8.x86_64",
"8Base-OSSM-1.1:servicemesh-mixc-0:1.1.11-2.el8.x86_64",
"8Base-OSSM-1.1:servicemesh-mixs-0:1.1.11-2.el8.x86_64",
"8Base-OSSM-1.1:servicemesh-operator-0:1.1.11-3.el8.src",
"8Base-OSSM-1.1:servicemesh-operator-0:1.1.11-3.el8.x86_64",
"8Base-OSSM-1.1:servicemesh-pilot-agent-0:1.1.11-2.el8.x86_64",
"8Base-OSSM-1.1:servicemesh-pilot-discovery-0:1.1.11-2.el8.x86_64",
"8Base-OSSM-1.1:servicemesh-prometheus-0:2.14.0-20.el8.src",
"8Base-OSSM-1.1:servicemesh-prometheus-0:2.14.0-20.el8.x86_64",
"8Base-OSSM-1.1:servicemesh-sidecar-injector-0:1.1.11-2.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:5649"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-OSSM-1.1:ior-0:1.1.11-2.el8.src",
"8Base-OSSM-1.1:ior-0:1.1.11-2.el8.x86_64",
"8Base-OSSM-1.1:servicemesh-0:1.1.11-2.el8.src",
"8Base-OSSM-1.1:servicemesh-0:1.1.11-2.el8.x86_64",
"8Base-OSSM-1.1:servicemesh-citadel-0:1.1.11-2.el8.x86_64",
"8Base-OSSM-1.1:servicemesh-cni-0:1.1.11-2.el8.src",
"8Base-OSSM-1.1:servicemesh-cni-0:1.1.11-2.el8.x86_64",
"8Base-OSSM-1.1:servicemesh-galley-0:1.1.11-2.el8.x86_64",
"8Base-OSSM-1.1:servicemesh-grafana-0:6.4.3-19.el8.src",
"8Base-OSSM-1.1:servicemesh-grafana-0:6.4.3-19.el8.x86_64",
"8Base-OSSM-1.1:servicemesh-grafana-prometheus-0:6.4.3-19.el8.x86_64",
"8Base-OSSM-1.1:servicemesh-istioctl-0:1.1.11-2.el8.x86_64",
"8Base-OSSM-1.1:servicemesh-mixc-0:1.1.11-2.el8.x86_64",
"8Base-OSSM-1.1:servicemesh-mixs-0:1.1.11-2.el8.x86_64",
"8Base-OSSM-1.1:servicemesh-operator-0:1.1.11-3.el8.src",
"8Base-OSSM-1.1:servicemesh-operator-0:1.1.11-3.el8.x86_64",
"8Base-OSSM-1.1:servicemesh-pilot-agent-0:1.1.11-2.el8.x86_64",
"8Base-OSSM-1.1:servicemesh-pilot-discovery-0:1.1.11-2.el8.x86_64",
"8Base-OSSM-1.1:servicemesh-prometheus-0:2.14.0-20.el8.src",
"8Base-OSSM-1.1:servicemesh-prometheus-0:2.14.0-20.el8.x86_64",
"8Base-OSSM-1.1:servicemesh-sidecar-injector-0:1.1.11-2.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "golang: ReadUvarint and ReadVarint can read an unlimited number of bytes from invalid inputs"
}
]
}
RHSA-2021:0072
Vulnerability from csaf_redhat - Published: 2021-01-11 21:59 - Updated: 2026-03-27 08:38Summary
Red Hat Security Advisory: OpenShift Serverless 1.9.0 release and security update
Severity
Moderate
Notes
Topic: OpenShift Serverless 1.9.0 release and security update is now available.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: Red Hat OpenShift Serverless 1.9.0 is a generally available release of the OpenShift Serverless Operator. This version of the OpenShift Serverless Operator is supported on Red Hat OpenShift Container Platform version 4.5.
Security Fix(es):
* golang: data race in certain net/http servers including ReverseProxy can lead to DoS (CVE-2020-15586)
* golang: ReadUvarint and ReadVarint can read an unlimited number of bytes from invalid inputs (CVE-2020-16845)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found Go's net/http package. Servers using ReverseProxy from net/http in the Go standard library are vulnerable to a data race that results in a denial of service. The highest threat from this vulnerability is to system availability.
5.9 (Medium)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
OpenShift Serverless 1.9.0
Red Hat / Red Hat OpenShift Serverless
|
cpe:/a:redhat:serverless:1
|
— |
Vendor Fix
fix
|
Threats
Impact
Moderate
A flaw was found in the Go encoding/binary package. Certain invalid inputs to the ReadUvarint or the ReadVarint causes those functions to read an unlimited number of bytes from the ByteReader argument before returning an error. This flaw possibly leads to processing more input than expected. The highest threat from this vulnerability is to system availability.
7.5 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
OpenShift Serverless 1.9.0
Red Hat / Red Hat OpenShift Serverless
|
cpe:/a:redhat:serverless:1
|
— |
Vendor Fix
fix
|
Threats
Impact
Low
References
16 references
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "OpenShift Serverless 1.9.0 release and security update is now available.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat OpenShift Serverless 1.9.0 is a generally available release of the OpenShift Serverless Operator. This version of the OpenShift Serverless Operator is supported on Red Hat OpenShift Container Platform version 4.5.\n\nSecurity Fix(es):\n\n* golang: data race in certain net/http servers including ReverseProxy can lead to DoS (CVE-2020-15586)\n\n* golang: ReadUvarint and ReadVarint can read an unlimited number of bytes from invalid inputs (CVE-2020-16845)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2021:0072",
"url": "https://access.redhat.com/errata/RHSA-2021:0072"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/openshift_container_platform/4.5/html/serverless_applications/index",
"url": "https://access.redhat.com/documentation/en-us/openshift_container_platform/4.5/html/serverless_applications/index"
},
{
"category": "external",
"summary": "1856953",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1856953"
},
{
"category": "external",
"summary": "1867099",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1867099"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2021/rhsa-2021_0072.json"
}
],
"title": "Red Hat Security Advisory: OpenShift Serverless 1.9.0 release and security update",
"tracking": {
"current_release_date": "2026-03-27T08:38:48+00:00",
"generator": {
"date": "2026-03-27T08:38:48+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.7.4"
}
},
"id": "RHSA-2021:0072",
"initial_release_date": "2021-01-11T21:59:01+00:00",
"revision_history": [
{
"date": "2021-01-11T21:59:01+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2021-01-11T21:59:01+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-03-27T08:38:48+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "OpenShift Serverless 1.9.0",
"product": {
"name": "OpenShift Serverless 1.9.0",
"product_id": "OpenShift Serverless 1.9.0",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:serverless:1"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenShift Serverless"
}
],
"category": "vendor",
"name": "Red Hat"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2020-15586",
"cwe": {
"id": "CWE-362",
"name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
},
"discovery_date": "2020-07-14T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1856953"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found Go\u0027s net/http package. Servers using ReverseProxy from net/http in the Go standard library are vulnerable to a data race that results in a denial of service. The highest threat from this vulnerability is to system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: data race in certain net/http servers including ReverseProxy can lead to DoS",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "OpenShift Container Platform (OCP) components are primarily written in Go, meaning that any component using the net/http package includes the vulnerable code. OCP server endpoints using ReverseProxy are protected by authentication, reducing the severity of this vulnerability to Low for OCP.\n\nSimilar to OCP, OpenShift ServiceMesh (OSSM), RedHat OpenShift Jaeger (RHOSJ) and OpenShift Virtualization are also primarily written in Go and are protected via authentication, reducing the severity of this vulnerability to Low.\n\nRed Hat Gluster Storage 3 and Red Hat Openshift Container Storage 4 components are built with the affected version of Go, however the vulnerable functionality is currently not used by these products and hence this issue has been rated as having a security impact of Low.\n\nRed Hat Ceph Storage 3 and 4 components are built with the affected version of Go, however the vulnerable functionality is currently not used by these products and hence this issue has been rated as having a security impact of Low.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"OpenShift Serverless 1.9.0"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-15586"
},
{
"category": "external",
"summary": "RHBZ#1856953",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1856953"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-15586",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-15586"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-15586",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-15586"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/XZNfaiwgt2w/m/E6gHDs32AQAJ",
"url": "https://groups.google.com/g/golang-announce/c/XZNfaiwgt2w/m/E6gHDs32AQAJ"
}
],
"release_date": "2020-07-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-01-11T21:59:01+00:00",
"details": "See the documentation at:\nhttps://access.redhat.com/documentation/en-us/openshift_container_platform/4.5/html/serverless_applications/index",
"product_ids": [
"OpenShift Serverless 1.9.0"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:0072"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"OpenShift Serverless 1.9.0"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: data race in certain net/http servers including ReverseProxy can lead to DoS"
},
{
"cve": "CVE-2020-16845",
"cwe": {
"id": "CWE-835",
"name": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)"
},
"discovery_date": "2020-08-07T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1867099"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Go encoding/binary package. Certain invalid inputs to the ReadUvarint or the ReadVarint causes those functions to read an unlimited number of bytes from the ByteReader argument before returning an error. This flaw possibly leads to processing more input than expected. The highest threat from this vulnerability is to system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: ReadUvarint and ReadVarint can read an unlimited number of bytes from invalid inputs",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "OpenShift Container Platform (OCP), OpenShift ServiceMesh (OSSM), RedHat OpenShift Jaeger (RHOSJ) and OpenShift Virtualization components are primarily written in Go, meaning that any component using the encoding/binary package includes the vulnerable code. The affected components are behind OpenShift OAuth authentication, therefore the impact is low.\n\nRed Hat Gluster Storage 3, Red Hat OpenShift Container Storage 4 and Red Hat Ceph Storage (3 and 4) components are built with the affected version of Go, however the vulnerable functionality is currently not used by these products and hence this issue has been rated as having a security impact of Low.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"OpenShift Serverless 1.9.0"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-16845"
},
{
"category": "external",
"summary": "RHBZ#1867099",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1867099"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-16845",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-16845"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-16845",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-16845"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/NyPIaucMgXo",
"url": "https://groups.google.com/g/golang-announce/c/NyPIaucMgXo"
}
],
"release_date": "2020-08-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-01-11T21:59:01+00:00",
"details": "See the documentation at:\nhttps://access.redhat.com/documentation/en-us/openshift_container_platform/4.5/html/serverless_applications/index",
"product_ids": [
"OpenShift Serverless 1.9.0"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:0072"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"OpenShift Serverless 1.9.0"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "golang: ReadUvarint and ReadVarint can read an unlimited number of bytes from invalid inputs"
}
]
}
RHSA-2021:0172
Vulnerability from csaf_redhat - Published: 2021-01-25 19:45 - Updated: 2026-04-30 16:09Summary
Red Hat Security Advisory: OpenShift Container Platform 4.6.13 packages and security update
Severity
Moderate
Notes
Topic: Red Hat OpenShift Container Platform release 4.6.13 is now available with updates to packages and images that fix several bugs.
A security update for cri-o, openshift, openshift-clients, openshift-kuryr, and skopeo is now also available for Red Hat OpenShift Container Platform 4.6.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: Red Hat OpenShift Container Platform is Red Hat's cloud computing
Kubernetes application platform solution designed for on-premise or private
cloud deployments.
Security Fix(es):
* kubernetes: Docker config secrets leaked when file is malformed and loglevel >= 4 (CVE-2020-8564)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
This advisory contains the RPM packages for Red Hat OpenShift Container
Platform 4.6.13. See the following advisory for the container images for
this release:
https://access.redhat.com/errata/RHSA-2021:0171
All OpenShift Container Platform 4.6 users are advised to upgrade to these
updated packages and images when they are available in the appropriate
release channel. To check for available updates, use the OpenShift Console
or the CLI oc command. Instructions for upgrading a cluster are available
at
https://docs.openshift.com/container-platform/4.6/updating/updating-cluster-between-minor.html#understanding-upgrade-channels_updating-cluster-between-minor.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in kubernetes. In Kubernetes, if the logging level is to at least 4, processing a malformed docker config file will result in the contents of the docker config file being leaked, which can include pull secrets or other registry credentials. This can occur with client tools like `kubectl`, or other components that use registry credentials in a docker config file.
5.3 (Medium)
Affected products
Fixed
6 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 7Server-RH7-RHOSE-4.6:openshift-0:4.6.0-202101160934.p0.git.94242.fc5242e.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-4.6:openshift-hyperkube-0:4.6.0-202101160934.p0.git.94242.fc5242e.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.6:openshift-0:4.6.0-202101160934.p0.git.94242.fc5242e.el8.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.6:openshift-hyperkube-0:4.6.0-202101160934.p0.git.94242.fc5242e.el8.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.6:openshift-hyperkube-0:4.6.0-202101160934.p0.git.94242.fc5242e.el8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.6:openshift-hyperkube-0:4.6.0-202101160934.p0.git.94242.fc5242e.el8.x86_64 | — |
Vendor Fix
fix
|
Known not affected
39 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 7Server-RH7-RHOSE-4.6:openshift-clients-0:4.6.0-202101160934.p0.git.3808.a1bca2f.el7.src | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.6:openshift-clients-0:4.6.0-202101160934.p0.git.3808.a1bca2f.el7.x86_64 | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.6:openshift-clients-redistributable-0:4.6.0-202101160934.p0.git.3808.a1bca2f.el7.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.6:containers-common-1:1.1.1-3.rhaos4.6.el8.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.6:containers-common-1:1.1.1-3.rhaos4.6.el8.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.6:containers-common-1:1.1.1-3.rhaos4.6.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.6:cri-o-0:1.19.1-4.rhaos4.6.git3846aab.el8.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.6:cri-o-0:1.19.1-4.rhaos4.6.git3846aab.el8.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.6:cri-o-0:1.19.1-4.rhaos4.6.git3846aab.el8.src | — | ||
| Unresolved product id: 8Base-RHOSE-4.6:cri-o-0:1.19.1-4.rhaos4.6.git3846aab.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.6:cri-o-debuginfo-0:1.19.1-4.rhaos4.6.git3846aab.el8.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.6:cri-o-debuginfo-0:1.19.1-4.rhaos4.6.git3846aab.el8.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.6:cri-o-debuginfo-0:1.19.1-4.rhaos4.6.git3846aab.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.6:cri-o-debugsource-0:1.19.1-4.rhaos4.6.git3846aab.el8.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.6:cri-o-debugsource-0:1.19.1-4.rhaos4.6.git3846aab.el8.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.6:cri-o-debugsource-0:1.19.1-4.rhaos4.6.git3846aab.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202101160934.p0.git.3808.a1bca2f.el8.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202101160934.p0.git.3808.a1bca2f.el8.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202101160934.p0.git.3808.a1bca2f.el8.src | — | ||
| Unresolved product id: 8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202101160934.p0.git.3808.a1bca2f.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.6:openshift-clients-redistributable-0:4.6.0-202101160934.p0.git.3808.a1bca2f.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.6:openshift-kuryr-0:4.6.0-202101151835.p0.git.2220.40847e5.el8.src | — | ||
| Unresolved product id: 8Base-RHOSE-4.6:openshift-kuryr-cni-0:4.6.0-202101151835.p0.git.2220.40847e5.el8.noarch | — | ||
| Unresolved product id: 8Base-RHOSE-4.6:openshift-kuryr-common-0:4.6.0-202101151835.p0.git.2220.40847e5.el8.noarch | — | ||
| Unresolved product id: 8Base-RHOSE-4.6:openshift-kuryr-controller-0:4.6.0-202101151835.p0.git.2220.40847e5.el8.noarch | — | ||
| Unresolved product id: 8Base-RHOSE-4.6:python3-kuryr-kubernetes-0:4.6.0-202101151835.p0.git.2220.40847e5.el8.noarch | — | ||
| Unresolved product id: 8Base-RHOSE-4.6:skopeo-1:1.1.1-3.rhaos4.6.el8.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.6:skopeo-1:1.1.1-3.rhaos4.6.el8.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.6:skopeo-1:1.1.1-3.rhaos4.6.el8.src | — | ||
| Unresolved product id: 8Base-RHOSE-4.6:skopeo-1:1.1.1-3.rhaos4.6.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.6:skopeo-debuginfo-1:1.1.1-3.rhaos4.6.el8.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.6:skopeo-debuginfo-1:1.1.1-3.rhaos4.6.el8.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.6:skopeo-debuginfo-1:1.1.1-3.rhaos4.6.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.6:skopeo-debugsource-1:1.1.1-3.rhaos4.6.el8.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.6:skopeo-debugsource-1:1.1.1-3.rhaos4.6.el8.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.6:skopeo-debugsource-1:1.1.1-3.rhaos4.6.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.6:skopeo-tests-1:1.1.1-3.rhaos4.6.el8.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.6:skopeo-tests-1:1.1.1-3.rhaos4.6.el8.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.6:skopeo-tests-1:1.1.1-3.rhaos4.6.el8.x86_64 | — |
Threats
Impact
Moderate
A flaw was found Go's net/http package. Servers using ReverseProxy from net/http in the Go standard library are vulnerable to a data race that results in a denial of service. The highest threat from this vulnerability is to system availability.
5.9 (Medium)
Affected products
Fixed
16 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHOSE-4.6:containers-common-1:1.1.1-3.rhaos4.6.el8.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.6:containers-common-1:1.1.1-3.rhaos4.6.el8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.6:containers-common-1:1.1.1-3.rhaos4.6.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.6:skopeo-1:1.1.1-3.rhaos4.6.el8.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.6:skopeo-1:1.1.1-3.rhaos4.6.el8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.6:skopeo-1:1.1.1-3.rhaos4.6.el8.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.6:skopeo-1:1.1.1-3.rhaos4.6.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.6:skopeo-debuginfo-1:1.1.1-3.rhaos4.6.el8.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.6:skopeo-debuginfo-1:1.1.1-3.rhaos4.6.el8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.6:skopeo-debuginfo-1:1.1.1-3.rhaos4.6.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.6:skopeo-debugsource-1:1.1.1-3.rhaos4.6.el8.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.6:skopeo-debugsource-1:1.1.1-3.rhaos4.6.el8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.6:skopeo-debugsource-1:1.1.1-3.rhaos4.6.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.6:skopeo-tests-1:1.1.1-3.rhaos4.6.el8.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.6:skopeo-tests-1:1.1.1-3.rhaos4.6.el8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.6:skopeo-tests-1:1.1.1-3.rhaos4.6.el8.x86_64 | — |
Vendor Fix
fix
|
Known not affected
29 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 7Server-RH7-RHOSE-4.6:openshift-0:4.6.0-202101160934.p0.git.94242.fc5242e.el7.src | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.6:openshift-clients-0:4.6.0-202101160934.p0.git.3808.a1bca2f.el7.src | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.6:openshift-clients-0:4.6.0-202101160934.p0.git.3808.a1bca2f.el7.x86_64 | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.6:openshift-clients-redistributable-0:4.6.0-202101160934.p0.git.3808.a1bca2f.el7.x86_64 | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.6:openshift-hyperkube-0:4.6.0-202101160934.p0.git.94242.fc5242e.el7.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.6:cri-o-0:1.19.1-4.rhaos4.6.git3846aab.el8.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.6:cri-o-0:1.19.1-4.rhaos4.6.git3846aab.el8.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.6:cri-o-0:1.19.1-4.rhaos4.6.git3846aab.el8.src | — | ||
| Unresolved product id: 8Base-RHOSE-4.6:cri-o-0:1.19.1-4.rhaos4.6.git3846aab.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.6:cri-o-debuginfo-0:1.19.1-4.rhaos4.6.git3846aab.el8.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.6:cri-o-debuginfo-0:1.19.1-4.rhaos4.6.git3846aab.el8.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.6:cri-o-debuginfo-0:1.19.1-4.rhaos4.6.git3846aab.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.6:cri-o-debugsource-0:1.19.1-4.rhaos4.6.git3846aab.el8.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.6:cri-o-debugsource-0:1.19.1-4.rhaos4.6.git3846aab.el8.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.6:cri-o-debugsource-0:1.19.1-4.rhaos4.6.git3846aab.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.6:openshift-0:4.6.0-202101160934.p0.git.94242.fc5242e.el8.src | — | ||
| Unresolved product id: 8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202101160934.p0.git.3808.a1bca2f.el8.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202101160934.p0.git.3808.a1bca2f.el8.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202101160934.p0.git.3808.a1bca2f.el8.src | — | ||
| Unresolved product id: 8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202101160934.p0.git.3808.a1bca2f.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.6:openshift-clients-redistributable-0:4.6.0-202101160934.p0.git.3808.a1bca2f.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.6:openshift-hyperkube-0:4.6.0-202101160934.p0.git.94242.fc5242e.el8.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.6:openshift-hyperkube-0:4.6.0-202101160934.p0.git.94242.fc5242e.el8.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.6:openshift-hyperkube-0:4.6.0-202101160934.p0.git.94242.fc5242e.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.6:openshift-kuryr-0:4.6.0-202101151835.p0.git.2220.40847e5.el8.src | — | ||
| Unresolved product id: 8Base-RHOSE-4.6:openshift-kuryr-cni-0:4.6.0-202101151835.p0.git.2220.40847e5.el8.noarch | — | ||
| Unresolved product id: 8Base-RHOSE-4.6:openshift-kuryr-common-0:4.6.0-202101151835.p0.git.2220.40847e5.el8.noarch | — | ||
| Unresolved product id: 8Base-RHOSE-4.6:openshift-kuryr-controller-0:4.6.0-202101151835.p0.git.2220.40847e5.el8.noarch | — | ||
| Unresolved product id: 8Base-RHOSE-4.6:python3-kuryr-kubernetes-0:4.6.0-202101151835.p0.git.2220.40847e5.el8.noarch | — |
Threats
Impact
Low
A flaw was found in the Go encoding/binary package. Certain invalid inputs to the ReadUvarint or the ReadVarint causes those functions to read an unlimited number of bytes from the ByteReader argument before returning an error. This flaw possibly leads to processing more input than expected. The highest threat from this vulnerability is to system availability.
7.5 (High)
Affected products
Fixed
16 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHOSE-4.6:containers-common-1:1.1.1-3.rhaos4.6.el8.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.6:containers-common-1:1.1.1-3.rhaos4.6.el8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.6:containers-common-1:1.1.1-3.rhaos4.6.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.6:skopeo-1:1.1.1-3.rhaos4.6.el8.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.6:skopeo-1:1.1.1-3.rhaos4.6.el8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.6:skopeo-1:1.1.1-3.rhaos4.6.el8.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.6:skopeo-1:1.1.1-3.rhaos4.6.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.6:skopeo-debuginfo-1:1.1.1-3.rhaos4.6.el8.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.6:skopeo-debuginfo-1:1.1.1-3.rhaos4.6.el8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.6:skopeo-debuginfo-1:1.1.1-3.rhaos4.6.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.6:skopeo-debugsource-1:1.1.1-3.rhaos4.6.el8.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.6:skopeo-debugsource-1:1.1.1-3.rhaos4.6.el8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.6:skopeo-debugsource-1:1.1.1-3.rhaos4.6.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.6:skopeo-tests-1:1.1.1-3.rhaos4.6.el8.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.6:skopeo-tests-1:1.1.1-3.rhaos4.6.el8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.6:skopeo-tests-1:1.1.1-3.rhaos4.6.el8.x86_64 | — |
Vendor Fix
fix
|
Known not affected
29 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 7Server-RH7-RHOSE-4.6:openshift-0:4.6.0-202101160934.p0.git.94242.fc5242e.el7.src | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.6:openshift-clients-0:4.6.0-202101160934.p0.git.3808.a1bca2f.el7.src | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.6:openshift-clients-0:4.6.0-202101160934.p0.git.3808.a1bca2f.el7.x86_64 | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.6:openshift-clients-redistributable-0:4.6.0-202101160934.p0.git.3808.a1bca2f.el7.x86_64 | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.6:openshift-hyperkube-0:4.6.0-202101160934.p0.git.94242.fc5242e.el7.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.6:cri-o-0:1.19.1-4.rhaos4.6.git3846aab.el8.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.6:cri-o-0:1.19.1-4.rhaos4.6.git3846aab.el8.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.6:cri-o-0:1.19.1-4.rhaos4.6.git3846aab.el8.src | — | ||
| Unresolved product id: 8Base-RHOSE-4.6:cri-o-0:1.19.1-4.rhaos4.6.git3846aab.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.6:cri-o-debuginfo-0:1.19.1-4.rhaos4.6.git3846aab.el8.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.6:cri-o-debuginfo-0:1.19.1-4.rhaos4.6.git3846aab.el8.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.6:cri-o-debuginfo-0:1.19.1-4.rhaos4.6.git3846aab.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.6:cri-o-debugsource-0:1.19.1-4.rhaos4.6.git3846aab.el8.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.6:cri-o-debugsource-0:1.19.1-4.rhaos4.6.git3846aab.el8.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.6:cri-o-debugsource-0:1.19.1-4.rhaos4.6.git3846aab.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.6:openshift-0:4.6.0-202101160934.p0.git.94242.fc5242e.el8.src | — | ||
| Unresolved product id: 8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202101160934.p0.git.3808.a1bca2f.el8.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202101160934.p0.git.3808.a1bca2f.el8.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202101160934.p0.git.3808.a1bca2f.el8.src | — | ||
| Unresolved product id: 8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202101160934.p0.git.3808.a1bca2f.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.6:openshift-clients-redistributable-0:4.6.0-202101160934.p0.git.3808.a1bca2f.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.6:openshift-hyperkube-0:4.6.0-202101160934.p0.git.94242.fc5242e.el8.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.6:openshift-hyperkube-0:4.6.0-202101160934.p0.git.94242.fc5242e.el8.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.6:openshift-hyperkube-0:4.6.0-202101160934.p0.git.94242.fc5242e.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.6:openshift-kuryr-0:4.6.0-202101151835.p0.git.2220.40847e5.el8.src | — | ||
| Unresolved product id: 8Base-RHOSE-4.6:openshift-kuryr-cni-0:4.6.0-202101151835.p0.git.2220.40847e5.el8.noarch | — | ||
| Unresolved product id: 8Base-RHOSE-4.6:openshift-kuryr-common-0:4.6.0-202101151835.p0.git.2220.40847e5.el8.noarch | — | ||
| Unresolved product id: 8Base-RHOSE-4.6:openshift-kuryr-controller-0:4.6.0-202101151835.p0.git.2220.40847e5.el8.noarch | — | ||
| Unresolved product id: 8Base-RHOSE-4.6:python3-kuryr-kubernetes-0:4.6.0-202101151835.p0.git.2220.40847e5.el8.noarch | — |
Threats
Impact
Low
A flaw was found in the math/big package of Go's standard library that causes a denial of service. Applications written in Go that use math/big via cryptographic packages, including crypto/rsa and crypto/x509, are vulnerable and can potentially cause panic via a crafted certificate chain. The highest threat from this vulnerability is to system availability.
7.5 (High)
Affected products
Fixed
16 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHOSE-4.6:containers-common-1:1.1.1-3.rhaos4.6.el8.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.6:containers-common-1:1.1.1-3.rhaos4.6.el8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.6:containers-common-1:1.1.1-3.rhaos4.6.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.6:skopeo-1:1.1.1-3.rhaos4.6.el8.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.6:skopeo-1:1.1.1-3.rhaos4.6.el8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.6:skopeo-1:1.1.1-3.rhaos4.6.el8.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.6:skopeo-1:1.1.1-3.rhaos4.6.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.6:skopeo-debuginfo-1:1.1.1-3.rhaos4.6.el8.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.6:skopeo-debuginfo-1:1.1.1-3.rhaos4.6.el8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.6:skopeo-debuginfo-1:1.1.1-3.rhaos4.6.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.6:skopeo-debugsource-1:1.1.1-3.rhaos4.6.el8.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.6:skopeo-debugsource-1:1.1.1-3.rhaos4.6.el8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.6:skopeo-debugsource-1:1.1.1-3.rhaos4.6.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.6:skopeo-tests-1:1.1.1-3.rhaos4.6.el8.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.6:skopeo-tests-1:1.1.1-3.rhaos4.6.el8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.6:skopeo-tests-1:1.1.1-3.rhaos4.6.el8.x86_64 | — |
Vendor Fix
fix
|
Known not affected
29 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 7Server-RH7-RHOSE-4.6:openshift-0:4.6.0-202101160934.p0.git.94242.fc5242e.el7.src | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.6:openshift-clients-0:4.6.0-202101160934.p0.git.3808.a1bca2f.el7.src | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.6:openshift-clients-0:4.6.0-202101160934.p0.git.3808.a1bca2f.el7.x86_64 | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.6:openshift-clients-redistributable-0:4.6.0-202101160934.p0.git.3808.a1bca2f.el7.x86_64 | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.6:openshift-hyperkube-0:4.6.0-202101160934.p0.git.94242.fc5242e.el7.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.6:cri-o-0:1.19.1-4.rhaos4.6.git3846aab.el8.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.6:cri-o-0:1.19.1-4.rhaos4.6.git3846aab.el8.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.6:cri-o-0:1.19.1-4.rhaos4.6.git3846aab.el8.src | — | ||
| Unresolved product id: 8Base-RHOSE-4.6:cri-o-0:1.19.1-4.rhaos4.6.git3846aab.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.6:cri-o-debuginfo-0:1.19.1-4.rhaos4.6.git3846aab.el8.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.6:cri-o-debuginfo-0:1.19.1-4.rhaos4.6.git3846aab.el8.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.6:cri-o-debuginfo-0:1.19.1-4.rhaos4.6.git3846aab.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.6:cri-o-debugsource-0:1.19.1-4.rhaos4.6.git3846aab.el8.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.6:cri-o-debugsource-0:1.19.1-4.rhaos4.6.git3846aab.el8.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.6:cri-o-debugsource-0:1.19.1-4.rhaos4.6.git3846aab.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.6:openshift-0:4.6.0-202101160934.p0.git.94242.fc5242e.el8.src | — | ||
| Unresolved product id: 8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202101160934.p0.git.3808.a1bca2f.el8.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202101160934.p0.git.3808.a1bca2f.el8.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202101160934.p0.git.3808.a1bca2f.el8.src | — | ||
| Unresolved product id: 8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202101160934.p0.git.3808.a1bca2f.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.6:openshift-clients-redistributable-0:4.6.0-202101160934.p0.git.3808.a1bca2f.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.6:openshift-hyperkube-0:4.6.0-202101160934.p0.git.94242.fc5242e.el8.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.6:openshift-hyperkube-0:4.6.0-202101160934.p0.git.94242.fc5242e.el8.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.6:openshift-hyperkube-0:4.6.0-202101160934.p0.git.94242.fc5242e.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.6:openshift-kuryr-0:4.6.0-202101151835.p0.git.2220.40847e5.el8.src | — | ||
| Unresolved product id: 8Base-RHOSE-4.6:openshift-kuryr-cni-0:4.6.0-202101151835.p0.git.2220.40847e5.el8.noarch | — | ||
| Unresolved product id: 8Base-RHOSE-4.6:openshift-kuryr-common-0:4.6.0-202101151835.p0.git.2220.40847e5.el8.noarch | — | ||
| Unresolved product id: 8Base-RHOSE-4.6:openshift-kuryr-controller-0:4.6.0-202101151835.p0.git.2220.40847e5.el8.noarch | — | ||
| Unresolved product id: 8Base-RHOSE-4.6:python3-kuryr-kubernetes-0:4.6.0-202101151835.p0.git.2220.40847e5.el8.noarch | — |
Threats
Impact
Moderate
References
25 references
Acknowledgments
the Kubernetes Product Security Committee
Red Hat
Nikolaos Moraitis
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Red Hat OpenShift Container Platform release 4.6.13 is now available with updates to packages and images that fix several bugs.\n\nA security update for cri-o, openshift, openshift-clients, openshift-kuryr, and skopeo is now also available for Red Hat OpenShift Container Platform 4.6.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat OpenShift Container Platform is Red Hat\u0027s cloud computing\nKubernetes application platform solution designed for on-premise or private\ncloud deployments.\n\nSecurity Fix(es):\n\n* kubernetes: Docker config secrets leaked when file is malformed and loglevel \u003e= 4 (CVE-2020-8564)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nThis advisory contains the RPM packages for Red Hat OpenShift Container\nPlatform 4.6.13. See the following advisory for the container images for\nthis release:\n\nhttps://access.redhat.com/errata/RHSA-2021:0171\n\nAll OpenShift Container Platform 4.6 users are advised to upgrade to these\nupdated packages and images when they are available in the appropriate\nrelease channel. To check for available updates, use the OpenShift Console\nor the CLI oc command. Instructions for upgrading a cluster are available\nat\nhttps://docs.openshift.com/container-platform/4.6/updating/updating-cluster-between-minor.html#understanding-upgrade-channels_updating-cluster-between-minor.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2021:0172",
"url": "https://access.redhat.com/errata/RHSA-2021:0172"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "1886637",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1886637"
},
{
"category": "external",
"summary": "1917413",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1917413"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2021/rhsa-2021_0172.json"
}
],
"title": "Red Hat Security Advisory: OpenShift Container Platform 4.6.13 packages and security update",
"tracking": {
"current_release_date": "2026-04-30T16:09:17+00:00",
"generator": {
"date": "2026-04-30T16:09:17+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.7.7"
}
},
"id": "RHSA-2021:0172",
"initial_release_date": "2021-01-25T19:45:30+00:00",
"revision_history": [
{
"date": "2021-01-25T19:45:30+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2021-01-25T19:45:30+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-04-30T16:09:17+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat OpenShift Container Platform 4.6",
"product": {
"name": "Red Hat OpenShift Container Platform 4.6",
"product_id": "7Server-RH7-RHOSE-4.6",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift:4.6::el7"
}
}
},
{
"category": "product_name",
"name": "Red Hat OpenShift Container Platform 4.6",
"product": {
"name": "Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift:4.6::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenShift Enterprise"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-0:4.6.0-202101160934.p0.git.94242.fc5242e.el7.src",
"product": {
"name": "openshift-0:4.6.0-202101160934.p0.git.94242.fc5242e.el7.src",
"product_id": "openshift-0:4.6.0-202101160934.p0.git.94242.fc5242e.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift@4.6.0-202101160934.p0.git.94242.fc5242e.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "openshift-clients-0:4.6.0-202101160934.p0.git.3808.a1bca2f.el7.src",
"product": {
"name": "openshift-clients-0:4.6.0-202101160934.p0.git.3808.a1bca2f.el7.src",
"product_id": "openshift-clients-0:4.6.0-202101160934.p0.git.3808.a1bca2f.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-clients@4.6.0-202101160934.p0.git.3808.a1bca2f.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "skopeo-1:1.1.1-3.rhaos4.6.el8.src",
"product": {
"name": "skopeo-1:1.1.1-3.rhaos4.6.el8.src",
"product_id": "skopeo-1:1.1.1-3.rhaos4.6.el8.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/skopeo@1.1.1-3.rhaos4.6.el8?arch=src\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "cri-o-0:1.19.1-4.rhaos4.6.git3846aab.el8.src",
"product": {
"name": "cri-o-0:1.19.1-4.rhaos4.6.git3846aab.el8.src",
"product_id": "cri-o-0:1.19.1-4.rhaos4.6.git3846aab.el8.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cri-o@1.19.1-4.rhaos4.6.git3846aab.el8?arch=src"
}
}
},
{
"category": "product_version",
"name": "openshift-0:4.6.0-202101160934.p0.git.94242.fc5242e.el8.src",
"product": {
"name": "openshift-0:4.6.0-202101160934.p0.git.94242.fc5242e.el8.src",
"product_id": "openshift-0:4.6.0-202101160934.p0.git.94242.fc5242e.el8.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift@4.6.0-202101160934.p0.git.94242.fc5242e.el8?arch=src"
}
}
},
{
"category": "product_version",
"name": "openshift-clients-0:4.6.0-202101160934.p0.git.3808.a1bca2f.el8.src",
"product": {
"name": "openshift-clients-0:4.6.0-202101160934.p0.git.3808.a1bca2f.el8.src",
"product_id": "openshift-clients-0:4.6.0-202101160934.p0.git.3808.a1bca2f.el8.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-clients@4.6.0-202101160934.p0.git.3808.a1bca2f.el8?arch=src"
}
}
},
{
"category": "product_version",
"name": "openshift-kuryr-0:4.6.0-202101151835.p0.git.2220.40847e5.el8.src",
"product": {
"name": "openshift-kuryr-0:4.6.0-202101151835.p0.git.2220.40847e5.el8.src",
"product_id": "openshift-kuryr-0:4.6.0-202101151835.p0.git.2220.40847e5.el8.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-kuryr@4.6.0-202101151835.p0.git.2220.40847e5.el8?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-hyperkube-0:4.6.0-202101160934.p0.git.94242.fc5242e.el7.x86_64",
"product": {
"name": "openshift-hyperkube-0:4.6.0-202101160934.p0.git.94242.fc5242e.el7.x86_64",
"product_id": "openshift-hyperkube-0:4.6.0-202101160934.p0.git.94242.fc5242e.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-hyperkube@4.6.0-202101160934.p0.git.94242.fc5242e.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "openshift-clients-0:4.6.0-202101160934.p0.git.3808.a1bca2f.el7.x86_64",
"product": {
"name": "openshift-clients-0:4.6.0-202101160934.p0.git.3808.a1bca2f.el7.x86_64",
"product_id": "openshift-clients-0:4.6.0-202101160934.p0.git.3808.a1bca2f.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-clients@4.6.0-202101160934.p0.git.3808.a1bca2f.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "openshift-clients-redistributable-0:4.6.0-202101160934.p0.git.3808.a1bca2f.el7.x86_64",
"product": {
"name": "openshift-clients-redistributable-0:4.6.0-202101160934.p0.git.3808.a1bca2f.el7.x86_64",
"product_id": "openshift-clients-redistributable-0:4.6.0-202101160934.p0.git.3808.a1bca2f.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-clients-redistributable@4.6.0-202101160934.p0.git.3808.a1bca2f.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "containers-common-1:1.1.1-3.rhaos4.6.el8.x86_64",
"product": {
"name": "containers-common-1:1.1.1-3.rhaos4.6.el8.x86_64",
"product_id": "containers-common-1:1.1.1-3.rhaos4.6.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/containers-common@1.1.1-3.rhaos4.6.el8?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "skopeo-1:1.1.1-3.rhaos4.6.el8.x86_64",
"product": {
"name": "skopeo-1:1.1.1-3.rhaos4.6.el8.x86_64",
"product_id": "skopeo-1:1.1.1-3.rhaos4.6.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/skopeo@1.1.1-3.rhaos4.6.el8?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "skopeo-tests-1:1.1.1-3.rhaos4.6.el8.x86_64",
"product": {
"name": "skopeo-tests-1:1.1.1-3.rhaos4.6.el8.x86_64",
"product_id": "skopeo-tests-1:1.1.1-3.rhaos4.6.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/skopeo-tests@1.1.1-3.rhaos4.6.el8?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "skopeo-debugsource-1:1.1.1-3.rhaos4.6.el8.x86_64",
"product": {
"name": "skopeo-debugsource-1:1.1.1-3.rhaos4.6.el8.x86_64",
"product_id": "skopeo-debugsource-1:1.1.1-3.rhaos4.6.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/skopeo-debugsource@1.1.1-3.rhaos4.6.el8?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "skopeo-debuginfo-1:1.1.1-3.rhaos4.6.el8.x86_64",
"product": {
"name": "skopeo-debuginfo-1:1.1.1-3.rhaos4.6.el8.x86_64",
"product_id": "skopeo-debuginfo-1:1.1.1-3.rhaos4.6.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/skopeo-debuginfo@1.1.1-3.rhaos4.6.el8?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "cri-o-0:1.19.1-4.rhaos4.6.git3846aab.el8.x86_64",
"product": {
"name": "cri-o-0:1.19.1-4.rhaos4.6.git3846aab.el8.x86_64",
"product_id": "cri-o-0:1.19.1-4.rhaos4.6.git3846aab.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cri-o@1.19.1-4.rhaos4.6.git3846aab.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "cri-o-debugsource-0:1.19.1-4.rhaos4.6.git3846aab.el8.x86_64",
"product": {
"name": "cri-o-debugsource-0:1.19.1-4.rhaos4.6.git3846aab.el8.x86_64",
"product_id": "cri-o-debugsource-0:1.19.1-4.rhaos4.6.git3846aab.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cri-o-debugsource@1.19.1-4.rhaos4.6.git3846aab.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "cri-o-debuginfo-0:1.19.1-4.rhaos4.6.git3846aab.el8.x86_64",
"product": {
"name": "cri-o-debuginfo-0:1.19.1-4.rhaos4.6.git3846aab.el8.x86_64",
"product_id": "cri-o-debuginfo-0:1.19.1-4.rhaos4.6.git3846aab.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cri-o-debuginfo@1.19.1-4.rhaos4.6.git3846aab.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "openshift-hyperkube-0:4.6.0-202101160934.p0.git.94242.fc5242e.el8.x86_64",
"product": {
"name": "openshift-hyperkube-0:4.6.0-202101160934.p0.git.94242.fc5242e.el8.x86_64",
"product_id": "openshift-hyperkube-0:4.6.0-202101160934.p0.git.94242.fc5242e.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-hyperkube@4.6.0-202101160934.p0.git.94242.fc5242e.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "openshift-clients-0:4.6.0-202101160934.p0.git.3808.a1bca2f.el8.x86_64",
"product": {
"name": "openshift-clients-0:4.6.0-202101160934.p0.git.3808.a1bca2f.el8.x86_64",
"product_id": "openshift-clients-0:4.6.0-202101160934.p0.git.3808.a1bca2f.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-clients@4.6.0-202101160934.p0.git.3808.a1bca2f.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "openshift-clients-redistributable-0:4.6.0-202101160934.p0.git.3808.a1bca2f.el8.x86_64",
"product": {
"name": "openshift-clients-redistributable-0:4.6.0-202101160934.p0.git.3808.a1bca2f.el8.x86_64",
"product_id": "openshift-clients-redistributable-0:4.6.0-202101160934.p0.git.3808.a1bca2f.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-clients-redistributable@4.6.0-202101160934.p0.git.3808.a1bca2f.el8?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "containers-common-1:1.1.1-3.rhaos4.6.el8.ppc64le",
"product": {
"name": "containers-common-1:1.1.1-3.rhaos4.6.el8.ppc64le",
"product_id": "containers-common-1:1.1.1-3.rhaos4.6.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/containers-common@1.1.1-3.rhaos4.6.el8?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "skopeo-1:1.1.1-3.rhaos4.6.el8.ppc64le",
"product": {
"name": "skopeo-1:1.1.1-3.rhaos4.6.el8.ppc64le",
"product_id": "skopeo-1:1.1.1-3.rhaos4.6.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/skopeo@1.1.1-3.rhaos4.6.el8?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "skopeo-tests-1:1.1.1-3.rhaos4.6.el8.ppc64le",
"product": {
"name": "skopeo-tests-1:1.1.1-3.rhaos4.6.el8.ppc64le",
"product_id": "skopeo-tests-1:1.1.1-3.rhaos4.6.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/skopeo-tests@1.1.1-3.rhaos4.6.el8?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "skopeo-debugsource-1:1.1.1-3.rhaos4.6.el8.ppc64le",
"product": {
"name": "skopeo-debugsource-1:1.1.1-3.rhaos4.6.el8.ppc64le",
"product_id": "skopeo-debugsource-1:1.1.1-3.rhaos4.6.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/skopeo-debugsource@1.1.1-3.rhaos4.6.el8?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "skopeo-debuginfo-1:1.1.1-3.rhaos4.6.el8.ppc64le",
"product": {
"name": "skopeo-debuginfo-1:1.1.1-3.rhaos4.6.el8.ppc64le",
"product_id": "skopeo-debuginfo-1:1.1.1-3.rhaos4.6.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/skopeo-debuginfo@1.1.1-3.rhaos4.6.el8?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "cri-o-0:1.19.1-4.rhaos4.6.git3846aab.el8.ppc64le",
"product": {
"name": "cri-o-0:1.19.1-4.rhaos4.6.git3846aab.el8.ppc64le",
"product_id": "cri-o-0:1.19.1-4.rhaos4.6.git3846aab.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cri-o@1.19.1-4.rhaos4.6.git3846aab.el8?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "cri-o-debugsource-0:1.19.1-4.rhaos4.6.git3846aab.el8.ppc64le",
"product": {
"name": "cri-o-debugsource-0:1.19.1-4.rhaos4.6.git3846aab.el8.ppc64le",
"product_id": "cri-o-debugsource-0:1.19.1-4.rhaos4.6.git3846aab.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cri-o-debugsource@1.19.1-4.rhaos4.6.git3846aab.el8?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "cri-o-debuginfo-0:1.19.1-4.rhaos4.6.git3846aab.el8.ppc64le",
"product": {
"name": "cri-o-debuginfo-0:1.19.1-4.rhaos4.6.git3846aab.el8.ppc64le",
"product_id": "cri-o-debuginfo-0:1.19.1-4.rhaos4.6.git3846aab.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cri-o-debuginfo@1.19.1-4.rhaos4.6.git3846aab.el8?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "openshift-hyperkube-0:4.6.0-202101160934.p0.git.94242.fc5242e.el8.ppc64le",
"product": {
"name": "openshift-hyperkube-0:4.6.0-202101160934.p0.git.94242.fc5242e.el8.ppc64le",
"product_id": "openshift-hyperkube-0:4.6.0-202101160934.p0.git.94242.fc5242e.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-hyperkube@4.6.0-202101160934.p0.git.94242.fc5242e.el8?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "openshift-clients-0:4.6.0-202101160934.p0.git.3808.a1bca2f.el8.ppc64le",
"product": {
"name": "openshift-clients-0:4.6.0-202101160934.p0.git.3808.a1bca2f.el8.ppc64le",
"product_id": "openshift-clients-0:4.6.0-202101160934.p0.git.3808.a1bca2f.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-clients@4.6.0-202101160934.p0.git.3808.a1bca2f.el8?arch=ppc64le"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "containers-common-1:1.1.1-3.rhaos4.6.el8.s390x",
"product": {
"name": "containers-common-1:1.1.1-3.rhaos4.6.el8.s390x",
"product_id": "containers-common-1:1.1.1-3.rhaos4.6.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/containers-common@1.1.1-3.rhaos4.6.el8?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "skopeo-1:1.1.1-3.rhaos4.6.el8.s390x",
"product": {
"name": "skopeo-1:1.1.1-3.rhaos4.6.el8.s390x",
"product_id": "skopeo-1:1.1.1-3.rhaos4.6.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/skopeo@1.1.1-3.rhaos4.6.el8?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "skopeo-tests-1:1.1.1-3.rhaos4.6.el8.s390x",
"product": {
"name": "skopeo-tests-1:1.1.1-3.rhaos4.6.el8.s390x",
"product_id": "skopeo-tests-1:1.1.1-3.rhaos4.6.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/skopeo-tests@1.1.1-3.rhaos4.6.el8?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "skopeo-debugsource-1:1.1.1-3.rhaos4.6.el8.s390x",
"product": {
"name": "skopeo-debugsource-1:1.1.1-3.rhaos4.6.el8.s390x",
"product_id": "skopeo-debugsource-1:1.1.1-3.rhaos4.6.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/skopeo-debugsource@1.1.1-3.rhaos4.6.el8?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "skopeo-debuginfo-1:1.1.1-3.rhaos4.6.el8.s390x",
"product": {
"name": "skopeo-debuginfo-1:1.1.1-3.rhaos4.6.el8.s390x",
"product_id": "skopeo-debuginfo-1:1.1.1-3.rhaos4.6.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/skopeo-debuginfo@1.1.1-3.rhaos4.6.el8?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "cri-o-0:1.19.1-4.rhaos4.6.git3846aab.el8.s390x",
"product": {
"name": "cri-o-0:1.19.1-4.rhaos4.6.git3846aab.el8.s390x",
"product_id": "cri-o-0:1.19.1-4.rhaos4.6.git3846aab.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cri-o@1.19.1-4.rhaos4.6.git3846aab.el8?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "cri-o-debugsource-0:1.19.1-4.rhaos4.6.git3846aab.el8.s390x",
"product": {
"name": "cri-o-debugsource-0:1.19.1-4.rhaos4.6.git3846aab.el8.s390x",
"product_id": "cri-o-debugsource-0:1.19.1-4.rhaos4.6.git3846aab.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cri-o-debugsource@1.19.1-4.rhaos4.6.git3846aab.el8?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "cri-o-debuginfo-0:1.19.1-4.rhaos4.6.git3846aab.el8.s390x",
"product": {
"name": "cri-o-debuginfo-0:1.19.1-4.rhaos4.6.git3846aab.el8.s390x",
"product_id": "cri-o-debuginfo-0:1.19.1-4.rhaos4.6.git3846aab.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cri-o-debuginfo@1.19.1-4.rhaos4.6.git3846aab.el8?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "openshift-hyperkube-0:4.6.0-202101160934.p0.git.94242.fc5242e.el8.s390x",
"product": {
"name": "openshift-hyperkube-0:4.6.0-202101160934.p0.git.94242.fc5242e.el8.s390x",
"product_id": "openshift-hyperkube-0:4.6.0-202101160934.p0.git.94242.fc5242e.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-hyperkube@4.6.0-202101160934.p0.git.94242.fc5242e.el8?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "openshift-clients-0:4.6.0-202101160934.p0.git.3808.a1bca2f.el8.s390x",
"product": {
"name": "openshift-clients-0:4.6.0-202101160934.p0.git.3808.a1bca2f.el8.s390x",
"product_id": "openshift-clients-0:4.6.0-202101160934.p0.git.3808.a1bca2f.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-clients@4.6.0-202101160934.p0.git.3808.a1bca2f.el8?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-kuryr-cni-0:4.6.0-202101151835.p0.git.2220.40847e5.el8.noarch",
"product": {
"name": "openshift-kuryr-cni-0:4.6.0-202101151835.p0.git.2220.40847e5.el8.noarch",
"product_id": "openshift-kuryr-cni-0:4.6.0-202101151835.p0.git.2220.40847e5.el8.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-kuryr-cni@4.6.0-202101151835.p0.git.2220.40847e5.el8?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "openshift-kuryr-common-0:4.6.0-202101151835.p0.git.2220.40847e5.el8.noarch",
"product": {
"name": "openshift-kuryr-common-0:4.6.0-202101151835.p0.git.2220.40847e5.el8.noarch",
"product_id": "openshift-kuryr-common-0:4.6.0-202101151835.p0.git.2220.40847e5.el8.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-kuryr-common@4.6.0-202101151835.p0.git.2220.40847e5.el8?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "openshift-kuryr-controller-0:4.6.0-202101151835.p0.git.2220.40847e5.el8.noarch",
"product": {
"name": "openshift-kuryr-controller-0:4.6.0-202101151835.p0.git.2220.40847e5.el8.noarch",
"product_id": "openshift-kuryr-controller-0:4.6.0-202101151835.p0.git.2220.40847e5.el8.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-kuryr-controller@4.6.0-202101151835.p0.git.2220.40847e5.el8?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "python3-kuryr-kubernetes-0:4.6.0-202101151835.p0.git.2220.40847e5.el8.noarch",
"product": {
"name": "python3-kuryr-kubernetes-0:4.6.0-202101151835.p0.git.2220.40847e5.el8.noarch",
"product_id": "python3-kuryr-kubernetes-0:4.6.0-202101151835.p0.git.2220.40847e5.el8.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-kuryr-kubernetes@4.6.0-202101151835.p0.git.2220.40847e5.el8?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-0:4.6.0-202101160934.p0.git.94242.fc5242e.el7.src as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "7Server-RH7-RHOSE-4.6:openshift-0:4.6.0-202101160934.p0.git.94242.fc5242e.el7.src"
},
"product_reference": "openshift-0:4.6.0-202101160934.p0.git.94242.fc5242e.el7.src",
"relates_to_product_reference": "7Server-RH7-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-clients-0:4.6.0-202101160934.p0.git.3808.a1bca2f.el7.src as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "7Server-RH7-RHOSE-4.6:openshift-clients-0:4.6.0-202101160934.p0.git.3808.a1bca2f.el7.src"
},
"product_reference": "openshift-clients-0:4.6.0-202101160934.p0.git.3808.a1bca2f.el7.src",
"relates_to_product_reference": "7Server-RH7-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-clients-0:4.6.0-202101160934.p0.git.3808.a1bca2f.el7.x86_64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "7Server-RH7-RHOSE-4.6:openshift-clients-0:4.6.0-202101160934.p0.git.3808.a1bca2f.el7.x86_64"
},
"product_reference": "openshift-clients-0:4.6.0-202101160934.p0.git.3808.a1bca2f.el7.x86_64",
"relates_to_product_reference": "7Server-RH7-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-clients-redistributable-0:4.6.0-202101160934.p0.git.3808.a1bca2f.el7.x86_64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "7Server-RH7-RHOSE-4.6:openshift-clients-redistributable-0:4.6.0-202101160934.p0.git.3808.a1bca2f.el7.x86_64"
},
"product_reference": "openshift-clients-redistributable-0:4.6.0-202101160934.p0.git.3808.a1bca2f.el7.x86_64",
"relates_to_product_reference": "7Server-RH7-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-hyperkube-0:4.6.0-202101160934.p0.git.94242.fc5242e.el7.x86_64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "7Server-RH7-RHOSE-4.6:openshift-hyperkube-0:4.6.0-202101160934.p0.git.94242.fc5242e.el7.x86_64"
},
"product_reference": "openshift-hyperkube-0:4.6.0-202101160934.p0.git.94242.fc5242e.el7.x86_64",
"relates_to_product_reference": "7Server-RH7-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "containers-common-1:1.1.1-3.rhaos4.6.el8.ppc64le as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:containers-common-1:1.1.1-3.rhaos4.6.el8.ppc64le"
},
"product_reference": "containers-common-1:1.1.1-3.rhaos4.6.el8.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "containers-common-1:1.1.1-3.rhaos4.6.el8.s390x as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:containers-common-1:1.1.1-3.rhaos4.6.el8.s390x"
},
"product_reference": "containers-common-1:1.1.1-3.rhaos4.6.el8.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "containers-common-1:1.1.1-3.rhaos4.6.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:containers-common-1:1.1.1-3.rhaos4.6.el8.x86_64"
},
"product_reference": "containers-common-1:1.1.1-3.rhaos4.6.el8.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cri-o-0:1.19.1-4.rhaos4.6.git3846aab.el8.ppc64le as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:cri-o-0:1.19.1-4.rhaos4.6.git3846aab.el8.ppc64le"
},
"product_reference": "cri-o-0:1.19.1-4.rhaos4.6.git3846aab.el8.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cri-o-0:1.19.1-4.rhaos4.6.git3846aab.el8.s390x as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:cri-o-0:1.19.1-4.rhaos4.6.git3846aab.el8.s390x"
},
"product_reference": "cri-o-0:1.19.1-4.rhaos4.6.git3846aab.el8.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cri-o-0:1.19.1-4.rhaos4.6.git3846aab.el8.src as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:cri-o-0:1.19.1-4.rhaos4.6.git3846aab.el8.src"
},
"product_reference": "cri-o-0:1.19.1-4.rhaos4.6.git3846aab.el8.src",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cri-o-0:1.19.1-4.rhaos4.6.git3846aab.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:cri-o-0:1.19.1-4.rhaos4.6.git3846aab.el8.x86_64"
},
"product_reference": "cri-o-0:1.19.1-4.rhaos4.6.git3846aab.el8.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cri-o-debuginfo-0:1.19.1-4.rhaos4.6.git3846aab.el8.ppc64le as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:cri-o-debuginfo-0:1.19.1-4.rhaos4.6.git3846aab.el8.ppc64le"
},
"product_reference": "cri-o-debuginfo-0:1.19.1-4.rhaos4.6.git3846aab.el8.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cri-o-debuginfo-0:1.19.1-4.rhaos4.6.git3846aab.el8.s390x as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:cri-o-debuginfo-0:1.19.1-4.rhaos4.6.git3846aab.el8.s390x"
},
"product_reference": "cri-o-debuginfo-0:1.19.1-4.rhaos4.6.git3846aab.el8.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cri-o-debuginfo-0:1.19.1-4.rhaos4.6.git3846aab.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:cri-o-debuginfo-0:1.19.1-4.rhaos4.6.git3846aab.el8.x86_64"
},
"product_reference": "cri-o-debuginfo-0:1.19.1-4.rhaos4.6.git3846aab.el8.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cri-o-debugsource-0:1.19.1-4.rhaos4.6.git3846aab.el8.ppc64le as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:cri-o-debugsource-0:1.19.1-4.rhaos4.6.git3846aab.el8.ppc64le"
},
"product_reference": "cri-o-debugsource-0:1.19.1-4.rhaos4.6.git3846aab.el8.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cri-o-debugsource-0:1.19.1-4.rhaos4.6.git3846aab.el8.s390x as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:cri-o-debugsource-0:1.19.1-4.rhaos4.6.git3846aab.el8.s390x"
},
"product_reference": "cri-o-debugsource-0:1.19.1-4.rhaos4.6.git3846aab.el8.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cri-o-debugsource-0:1.19.1-4.rhaos4.6.git3846aab.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:cri-o-debugsource-0:1.19.1-4.rhaos4.6.git3846aab.el8.x86_64"
},
"product_reference": "cri-o-debugsource-0:1.19.1-4.rhaos4.6.git3846aab.el8.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-0:4.6.0-202101160934.p0.git.94242.fc5242e.el8.src as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift-0:4.6.0-202101160934.p0.git.94242.fc5242e.el8.src"
},
"product_reference": "openshift-0:4.6.0-202101160934.p0.git.94242.fc5242e.el8.src",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-clients-0:4.6.0-202101160934.p0.git.3808.a1bca2f.el8.ppc64le as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202101160934.p0.git.3808.a1bca2f.el8.ppc64le"
},
"product_reference": "openshift-clients-0:4.6.0-202101160934.p0.git.3808.a1bca2f.el8.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-clients-0:4.6.0-202101160934.p0.git.3808.a1bca2f.el8.s390x as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202101160934.p0.git.3808.a1bca2f.el8.s390x"
},
"product_reference": "openshift-clients-0:4.6.0-202101160934.p0.git.3808.a1bca2f.el8.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-clients-0:4.6.0-202101160934.p0.git.3808.a1bca2f.el8.src as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202101160934.p0.git.3808.a1bca2f.el8.src"
},
"product_reference": "openshift-clients-0:4.6.0-202101160934.p0.git.3808.a1bca2f.el8.src",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-clients-0:4.6.0-202101160934.p0.git.3808.a1bca2f.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202101160934.p0.git.3808.a1bca2f.el8.x86_64"
},
"product_reference": "openshift-clients-0:4.6.0-202101160934.p0.git.3808.a1bca2f.el8.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-clients-redistributable-0:4.6.0-202101160934.p0.git.3808.a1bca2f.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift-clients-redistributable-0:4.6.0-202101160934.p0.git.3808.a1bca2f.el8.x86_64"
},
"product_reference": "openshift-clients-redistributable-0:4.6.0-202101160934.p0.git.3808.a1bca2f.el8.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-hyperkube-0:4.6.0-202101160934.p0.git.94242.fc5242e.el8.ppc64le as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift-hyperkube-0:4.6.0-202101160934.p0.git.94242.fc5242e.el8.ppc64le"
},
"product_reference": "openshift-hyperkube-0:4.6.0-202101160934.p0.git.94242.fc5242e.el8.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-hyperkube-0:4.6.0-202101160934.p0.git.94242.fc5242e.el8.s390x as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift-hyperkube-0:4.6.0-202101160934.p0.git.94242.fc5242e.el8.s390x"
},
"product_reference": "openshift-hyperkube-0:4.6.0-202101160934.p0.git.94242.fc5242e.el8.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-hyperkube-0:4.6.0-202101160934.p0.git.94242.fc5242e.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift-hyperkube-0:4.6.0-202101160934.p0.git.94242.fc5242e.el8.x86_64"
},
"product_reference": "openshift-hyperkube-0:4.6.0-202101160934.p0.git.94242.fc5242e.el8.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-kuryr-0:4.6.0-202101151835.p0.git.2220.40847e5.el8.src as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift-kuryr-0:4.6.0-202101151835.p0.git.2220.40847e5.el8.src"
},
"product_reference": "openshift-kuryr-0:4.6.0-202101151835.p0.git.2220.40847e5.el8.src",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-kuryr-cni-0:4.6.0-202101151835.p0.git.2220.40847e5.el8.noarch as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift-kuryr-cni-0:4.6.0-202101151835.p0.git.2220.40847e5.el8.noarch"
},
"product_reference": "openshift-kuryr-cni-0:4.6.0-202101151835.p0.git.2220.40847e5.el8.noarch",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-kuryr-common-0:4.6.0-202101151835.p0.git.2220.40847e5.el8.noarch as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift-kuryr-common-0:4.6.0-202101151835.p0.git.2220.40847e5.el8.noarch"
},
"product_reference": "openshift-kuryr-common-0:4.6.0-202101151835.p0.git.2220.40847e5.el8.noarch",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-kuryr-controller-0:4.6.0-202101151835.p0.git.2220.40847e5.el8.noarch as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift-kuryr-controller-0:4.6.0-202101151835.p0.git.2220.40847e5.el8.noarch"
},
"product_reference": "openshift-kuryr-controller-0:4.6.0-202101151835.p0.git.2220.40847e5.el8.noarch",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-kuryr-kubernetes-0:4.6.0-202101151835.p0.git.2220.40847e5.el8.noarch as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:python3-kuryr-kubernetes-0:4.6.0-202101151835.p0.git.2220.40847e5.el8.noarch"
},
"product_reference": "python3-kuryr-kubernetes-0:4.6.0-202101151835.p0.git.2220.40847e5.el8.noarch",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "skopeo-1:1.1.1-3.rhaos4.6.el8.ppc64le as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:skopeo-1:1.1.1-3.rhaos4.6.el8.ppc64le"
},
"product_reference": "skopeo-1:1.1.1-3.rhaos4.6.el8.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "skopeo-1:1.1.1-3.rhaos4.6.el8.s390x as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:skopeo-1:1.1.1-3.rhaos4.6.el8.s390x"
},
"product_reference": "skopeo-1:1.1.1-3.rhaos4.6.el8.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "skopeo-1:1.1.1-3.rhaos4.6.el8.src as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:skopeo-1:1.1.1-3.rhaos4.6.el8.src"
},
"product_reference": "skopeo-1:1.1.1-3.rhaos4.6.el8.src",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "skopeo-1:1.1.1-3.rhaos4.6.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:skopeo-1:1.1.1-3.rhaos4.6.el8.x86_64"
},
"product_reference": "skopeo-1:1.1.1-3.rhaos4.6.el8.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "skopeo-debuginfo-1:1.1.1-3.rhaos4.6.el8.ppc64le as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:skopeo-debuginfo-1:1.1.1-3.rhaos4.6.el8.ppc64le"
},
"product_reference": "skopeo-debuginfo-1:1.1.1-3.rhaos4.6.el8.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "skopeo-debuginfo-1:1.1.1-3.rhaos4.6.el8.s390x as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:skopeo-debuginfo-1:1.1.1-3.rhaos4.6.el8.s390x"
},
"product_reference": "skopeo-debuginfo-1:1.1.1-3.rhaos4.6.el8.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "skopeo-debuginfo-1:1.1.1-3.rhaos4.6.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:skopeo-debuginfo-1:1.1.1-3.rhaos4.6.el8.x86_64"
},
"product_reference": "skopeo-debuginfo-1:1.1.1-3.rhaos4.6.el8.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "skopeo-debugsource-1:1.1.1-3.rhaos4.6.el8.ppc64le as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:skopeo-debugsource-1:1.1.1-3.rhaos4.6.el8.ppc64le"
},
"product_reference": "skopeo-debugsource-1:1.1.1-3.rhaos4.6.el8.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "skopeo-debugsource-1:1.1.1-3.rhaos4.6.el8.s390x as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:skopeo-debugsource-1:1.1.1-3.rhaos4.6.el8.s390x"
},
"product_reference": "skopeo-debugsource-1:1.1.1-3.rhaos4.6.el8.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "skopeo-debugsource-1:1.1.1-3.rhaos4.6.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:skopeo-debugsource-1:1.1.1-3.rhaos4.6.el8.x86_64"
},
"product_reference": "skopeo-debugsource-1:1.1.1-3.rhaos4.6.el8.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "skopeo-tests-1:1.1.1-3.rhaos4.6.el8.ppc64le as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:skopeo-tests-1:1.1.1-3.rhaos4.6.el8.ppc64le"
},
"product_reference": "skopeo-tests-1:1.1.1-3.rhaos4.6.el8.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "skopeo-tests-1:1.1.1-3.rhaos4.6.el8.s390x as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:skopeo-tests-1:1.1.1-3.rhaos4.6.el8.s390x"
},
"product_reference": "skopeo-tests-1:1.1.1-3.rhaos4.6.el8.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "skopeo-tests-1:1.1.1-3.rhaos4.6.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:skopeo-tests-1:1.1.1-3.rhaos4.6.el8.x86_64"
},
"product_reference": "skopeo-tests-1:1.1.1-3.rhaos4.6.el8.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
}
]
},
"vulnerabilities": [
{
"acknowledgments": [
{
"names": [
"the Kubernetes Product Security Committee"
]
},
{
"names": [
"Nikolaos Moraitis"
],
"organization": "Red Hat",
"summary": "Acknowledged by upstream."
}
],
"cve": "CVE-2020-8564",
"cwe": {
"id": "CWE-117",
"name": "Improper Output Neutralization for Logs"
},
"discovery_date": "2020-10-09T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"7Server-RH7-RHOSE-4.6:openshift-clients-0:4.6.0-202101160934.p0.git.3808.a1bca2f.el7.src",
"7Server-RH7-RHOSE-4.6:openshift-clients-0:4.6.0-202101160934.p0.git.3808.a1bca2f.el7.x86_64",
"7Server-RH7-RHOSE-4.6:openshift-clients-redistributable-0:4.6.0-202101160934.p0.git.3808.a1bca2f.el7.x86_64",
"8Base-RHOSE-4.6:containers-common-1:1.1.1-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:containers-common-1:1.1.1-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:containers-common-1:1.1.1-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:cri-o-0:1.19.1-4.rhaos4.6.git3846aab.el8.ppc64le",
"8Base-RHOSE-4.6:cri-o-0:1.19.1-4.rhaos4.6.git3846aab.el8.s390x",
"8Base-RHOSE-4.6:cri-o-0:1.19.1-4.rhaos4.6.git3846aab.el8.src",
"8Base-RHOSE-4.6:cri-o-0:1.19.1-4.rhaos4.6.git3846aab.el8.x86_64",
"8Base-RHOSE-4.6:cri-o-debuginfo-0:1.19.1-4.rhaos4.6.git3846aab.el8.ppc64le",
"8Base-RHOSE-4.6:cri-o-debuginfo-0:1.19.1-4.rhaos4.6.git3846aab.el8.s390x",
"8Base-RHOSE-4.6:cri-o-debuginfo-0:1.19.1-4.rhaos4.6.git3846aab.el8.x86_64",
"8Base-RHOSE-4.6:cri-o-debugsource-0:1.19.1-4.rhaos4.6.git3846aab.el8.ppc64le",
"8Base-RHOSE-4.6:cri-o-debugsource-0:1.19.1-4.rhaos4.6.git3846aab.el8.s390x",
"8Base-RHOSE-4.6:cri-o-debugsource-0:1.19.1-4.rhaos4.6.git3846aab.el8.x86_64",
"8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202101160934.p0.git.3808.a1bca2f.el8.ppc64le",
"8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202101160934.p0.git.3808.a1bca2f.el8.s390x",
"8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202101160934.p0.git.3808.a1bca2f.el8.src",
"8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202101160934.p0.git.3808.a1bca2f.el8.x86_64",
"8Base-RHOSE-4.6:openshift-clients-redistributable-0:4.6.0-202101160934.p0.git.3808.a1bca2f.el8.x86_64",
"8Base-RHOSE-4.6:openshift-kuryr-0:4.6.0-202101151835.p0.git.2220.40847e5.el8.src",
"8Base-RHOSE-4.6:openshift-kuryr-cni-0:4.6.0-202101151835.p0.git.2220.40847e5.el8.noarch",
"8Base-RHOSE-4.6:openshift-kuryr-common-0:4.6.0-202101151835.p0.git.2220.40847e5.el8.noarch",
"8Base-RHOSE-4.6:openshift-kuryr-controller-0:4.6.0-202101151835.p0.git.2220.40847e5.el8.noarch",
"8Base-RHOSE-4.6:python3-kuryr-kubernetes-0:4.6.0-202101151835.p0.git.2220.40847e5.el8.noarch",
"8Base-RHOSE-4.6:skopeo-1:1.1.1-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:skopeo-1:1.1.1-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:skopeo-1:1.1.1-3.rhaos4.6.el8.src",
"8Base-RHOSE-4.6:skopeo-1:1.1.1-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:skopeo-debuginfo-1:1.1.1-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:skopeo-debuginfo-1:1.1.1-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:skopeo-debuginfo-1:1.1.1-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:skopeo-debugsource-1:1.1.1-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:skopeo-debugsource-1:1.1.1-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:skopeo-debugsource-1:1.1.1-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:skopeo-tests-1:1.1.1-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:skopeo-tests-1:1.1.1-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:skopeo-tests-1:1.1.1-3.rhaos4.6.el8.x86_64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1886637"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in kubernetes. In Kubernetes, if the logging level is to at least 4, processing a malformed docker config file will result in the contents of the docker config file being leaked, which can include pull secrets or other registry credentials. This can occur with client tools like `kubectl`, or other components that use registry credentials in a docker config file.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kubernetes: Docker config secrets leaked when file is malformed and loglevel \u003e= 4",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RH7-RHOSE-4.6:openshift-0:4.6.0-202101160934.p0.git.94242.fc5242e.el7.src",
"7Server-RH7-RHOSE-4.6:openshift-hyperkube-0:4.6.0-202101160934.p0.git.94242.fc5242e.el7.x86_64",
"8Base-RHOSE-4.6:openshift-0:4.6.0-202101160934.p0.git.94242.fc5242e.el8.src",
"8Base-RHOSE-4.6:openshift-hyperkube-0:4.6.0-202101160934.p0.git.94242.fc5242e.el8.ppc64le",
"8Base-RHOSE-4.6:openshift-hyperkube-0:4.6.0-202101160934.p0.git.94242.fc5242e.el8.s390x",
"8Base-RHOSE-4.6:openshift-hyperkube-0:4.6.0-202101160934.p0.git.94242.fc5242e.el8.x86_64"
],
"known_not_affected": [
"7Server-RH7-RHOSE-4.6:openshift-clients-0:4.6.0-202101160934.p0.git.3808.a1bca2f.el7.src",
"7Server-RH7-RHOSE-4.6:openshift-clients-0:4.6.0-202101160934.p0.git.3808.a1bca2f.el7.x86_64",
"7Server-RH7-RHOSE-4.6:openshift-clients-redistributable-0:4.6.0-202101160934.p0.git.3808.a1bca2f.el7.x86_64",
"8Base-RHOSE-4.6:containers-common-1:1.1.1-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:containers-common-1:1.1.1-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:containers-common-1:1.1.1-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:cri-o-0:1.19.1-4.rhaos4.6.git3846aab.el8.ppc64le",
"8Base-RHOSE-4.6:cri-o-0:1.19.1-4.rhaos4.6.git3846aab.el8.s390x",
"8Base-RHOSE-4.6:cri-o-0:1.19.1-4.rhaos4.6.git3846aab.el8.src",
"8Base-RHOSE-4.6:cri-o-0:1.19.1-4.rhaos4.6.git3846aab.el8.x86_64",
"8Base-RHOSE-4.6:cri-o-debuginfo-0:1.19.1-4.rhaos4.6.git3846aab.el8.ppc64le",
"8Base-RHOSE-4.6:cri-o-debuginfo-0:1.19.1-4.rhaos4.6.git3846aab.el8.s390x",
"8Base-RHOSE-4.6:cri-o-debuginfo-0:1.19.1-4.rhaos4.6.git3846aab.el8.x86_64",
"8Base-RHOSE-4.6:cri-o-debugsource-0:1.19.1-4.rhaos4.6.git3846aab.el8.ppc64le",
"8Base-RHOSE-4.6:cri-o-debugsource-0:1.19.1-4.rhaos4.6.git3846aab.el8.s390x",
"8Base-RHOSE-4.6:cri-o-debugsource-0:1.19.1-4.rhaos4.6.git3846aab.el8.x86_64",
"8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202101160934.p0.git.3808.a1bca2f.el8.ppc64le",
"8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202101160934.p0.git.3808.a1bca2f.el8.s390x",
"8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202101160934.p0.git.3808.a1bca2f.el8.src",
"8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202101160934.p0.git.3808.a1bca2f.el8.x86_64",
"8Base-RHOSE-4.6:openshift-clients-redistributable-0:4.6.0-202101160934.p0.git.3808.a1bca2f.el8.x86_64",
"8Base-RHOSE-4.6:openshift-kuryr-0:4.6.0-202101151835.p0.git.2220.40847e5.el8.src",
"8Base-RHOSE-4.6:openshift-kuryr-cni-0:4.6.0-202101151835.p0.git.2220.40847e5.el8.noarch",
"8Base-RHOSE-4.6:openshift-kuryr-common-0:4.6.0-202101151835.p0.git.2220.40847e5.el8.noarch",
"8Base-RHOSE-4.6:openshift-kuryr-controller-0:4.6.0-202101151835.p0.git.2220.40847e5.el8.noarch",
"8Base-RHOSE-4.6:python3-kuryr-kubernetes-0:4.6.0-202101151835.p0.git.2220.40847e5.el8.noarch",
"8Base-RHOSE-4.6:skopeo-1:1.1.1-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:skopeo-1:1.1.1-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:skopeo-1:1.1.1-3.rhaos4.6.el8.src",
"8Base-RHOSE-4.6:skopeo-1:1.1.1-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:skopeo-debuginfo-1:1.1.1-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:skopeo-debuginfo-1:1.1.1-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:skopeo-debuginfo-1:1.1.1-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:skopeo-debugsource-1:1.1.1-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:skopeo-debugsource-1:1.1.1-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:skopeo-debugsource-1:1.1.1-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:skopeo-tests-1:1.1.1-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:skopeo-tests-1:1.1.1-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:skopeo-tests-1:1.1.1-3.rhaos4.6.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-8564"
},
{
"category": "external",
"summary": "RHBZ#1886637",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1886637"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-8564",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-8564"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-8564",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-8564"
},
{
"category": "external",
"summary": "https://github.com/kubernetes/kubernetes/issues/95622",
"url": "https://github.com/kubernetes/kubernetes/issues/95622"
},
{
"category": "external",
"summary": "https://groups.google.com/g/kubernetes-announce/c/ScdmyORnPDk",
"url": "https://groups.google.com/g/kubernetes-announce/c/ScdmyORnPDk"
}
],
"release_date": "2020-10-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-01-25T19:45:30+00:00",
"details": "For OpenShift Container Platform 4.6 see the following documentation, which\nwill be updated shortly for this release, for important instructions on how\nto upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.6/release_notes/ocp-4-6-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.6/updating/updating-cluster-cli.html.",
"product_ids": [
"7Server-RH7-RHOSE-4.6:openshift-0:4.6.0-202101160934.p0.git.94242.fc5242e.el7.src",
"7Server-RH7-RHOSE-4.6:openshift-hyperkube-0:4.6.0-202101160934.p0.git.94242.fc5242e.el7.x86_64",
"8Base-RHOSE-4.6:openshift-0:4.6.0-202101160934.p0.git.94242.fc5242e.el8.src",
"8Base-RHOSE-4.6:openshift-hyperkube-0:4.6.0-202101160934.p0.git.94242.fc5242e.el8.ppc64le",
"8Base-RHOSE-4.6:openshift-hyperkube-0:4.6.0-202101160934.p0.git.94242.fc5242e.el8.s390x",
"8Base-RHOSE-4.6:openshift-hyperkube-0:4.6.0-202101160934.p0.git.94242.fc5242e.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:0172"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"7Server-RH7-RHOSE-4.6:openshift-0:4.6.0-202101160934.p0.git.94242.fc5242e.el7.src",
"7Server-RH7-RHOSE-4.6:openshift-clients-0:4.6.0-202101160934.p0.git.3808.a1bca2f.el7.src",
"7Server-RH7-RHOSE-4.6:openshift-clients-0:4.6.0-202101160934.p0.git.3808.a1bca2f.el7.x86_64",
"7Server-RH7-RHOSE-4.6:openshift-clients-redistributable-0:4.6.0-202101160934.p0.git.3808.a1bca2f.el7.x86_64",
"7Server-RH7-RHOSE-4.6:openshift-hyperkube-0:4.6.0-202101160934.p0.git.94242.fc5242e.el7.x86_64",
"8Base-RHOSE-4.6:containers-common-1:1.1.1-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:containers-common-1:1.1.1-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:containers-common-1:1.1.1-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:cri-o-0:1.19.1-4.rhaos4.6.git3846aab.el8.ppc64le",
"8Base-RHOSE-4.6:cri-o-0:1.19.1-4.rhaos4.6.git3846aab.el8.s390x",
"8Base-RHOSE-4.6:cri-o-0:1.19.1-4.rhaos4.6.git3846aab.el8.src",
"8Base-RHOSE-4.6:cri-o-0:1.19.1-4.rhaos4.6.git3846aab.el8.x86_64",
"8Base-RHOSE-4.6:cri-o-debuginfo-0:1.19.1-4.rhaos4.6.git3846aab.el8.ppc64le",
"8Base-RHOSE-4.6:cri-o-debuginfo-0:1.19.1-4.rhaos4.6.git3846aab.el8.s390x",
"8Base-RHOSE-4.6:cri-o-debuginfo-0:1.19.1-4.rhaos4.6.git3846aab.el8.x86_64",
"8Base-RHOSE-4.6:cri-o-debugsource-0:1.19.1-4.rhaos4.6.git3846aab.el8.ppc64le",
"8Base-RHOSE-4.6:cri-o-debugsource-0:1.19.1-4.rhaos4.6.git3846aab.el8.s390x",
"8Base-RHOSE-4.6:cri-o-debugsource-0:1.19.1-4.rhaos4.6.git3846aab.el8.x86_64",
"8Base-RHOSE-4.6:openshift-0:4.6.0-202101160934.p0.git.94242.fc5242e.el8.src",
"8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202101160934.p0.git.3808.a1bca2f.el8.ppc64le",
"8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202101160934.p0.git.3808.a1bca2f.el8.s390x",
"8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202101160934.p0.git.3808.a1bca2f.el8.src",
"8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202101160934.p0.git.3808.a1bca2f.el8.x86_64",
"8Base-RHOSE-4.6:openshift-clients-redistributable-0:4.6.0-202101160934.p0.git.3808.a1bca2f.el8.x86_64",
"8Base-RHOSE-4.6:openshift-hyperkube-0:4.6.0-202101160934.p0.git.94242.fc5242e.el8.ppc64le",
"8Base-RHOSE-4.6:openshift-hyperkube-0:4.6.0-202101160934.p0.git.94242.fc5242e.el8.s390x",
"8Base-RHOSE-4.6:openshift-hyperkube-0:4.6.0-202101160934.p0.git.94242.fc5242e.el8.x86_64",
"8Base-RHOSE-4.6:openshift-kuryr-0:4.6.0-202101151835.p0.git.2220.40847e5.el8.src",
"8Base-RHOSE-4.6:openshift-kuryr-cni-0:4.6.0-202101151835.p0.git.2220.40847e5.el8.noarch",
"8Base-RHOSE-4.6:openshift-kuryr-common-0:4.6.0-202101151835.p0.git.2220.40847e5.el8.noarch",
"8Base-RHOSE-4.6:openshift-kuryr-controller-0:4.6.0-202101151835.p0.git.2220.40847e5.el8.noarch",
"8Base-RHOSE-4.6:python3-kuryr-kubernetes-0:4.6.0-202101151835.p0.git.2220.40847e5.el8.noarch",
"8Base-RHOSE-4.6:skopeo-1:1.1.1-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:skopeo-1:1.1.1-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:skopeo-1:1.1.1-3.rhaos4.6.el8.src",
"8Base-RHOSE-4.6:skopeo-1:1.1.1-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:skopeo-debuginfo-1:1.1.1-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:skopeo-debuginfo-1:1.1.1-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:skopeo-debuginfo-1:1.1.1-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:skopeo-debugsource-1:1.1.1-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:skopeo-debugsource-1:1.1.1-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:skopeo-debugsource-1:1.1.1-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:skopeo-tests-1:1.1.1-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:skopeo-tests-1:1.1.1-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:skopeo-tests-1:1.1.1-3.rhaos4.6.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kubernetes: Docker config secrets leaked when file is malformed and loglevel \u003e= 4"
},
{
"cve": "CVE-2020-15586",
"cwe": {
"id": "CWE-362",
"name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
},
"discovery_date": "2020-07-14T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"7Server-RH7-RHOSE-4.6:openshift-0:4.6.0-202101160934.p0.git.94242.fc5242e.el7.src",
"7Server-RH7-RHOSE-4.6:openshift-clients-0:4.6.0-202101160934.p0.git.3808.a1bca2f.el7.src",
"7Server-RH7-RHOSE-4.6:openshift-clients-0:4.6.0-202101160934.p0.git.3808.a1bca2f.el7.x86_64",
"7Server-RH7-RHOSE-4.6:openshift-clients-redistributable-0:4.6.0-202101160934.p0.git.3808.a1bca2f.el7.x86_64",
"7Server-RH7-RHOSE-4.6:openshift-hyperkube-0:4.6.0-202101160934.p0.git.94242.fc5242e.el7.x86_64",
"8Base-RHOSE-4.6:cri-o-0:1.19.1-4.rhaos4.6.git3846aab.el8.ppc64le",
"8Base-RHOSE-4.6:cri-o-0:1.19.1-4.rhaos4.6.git3846aab.el8.s390x",
"8Base-RHOSE-4.6:cri-o-0:1.19.1-4.rhaos4.6.git3846aab.el8.src",
"8Base-RHOSE-4.6:cri-o-0:1.19.1-4.rhaos4.6.git3846aab.el8.x86_64",
"8Base-RHOSE-4.6:cri-o-debuginfo-0:1.19.1-4.rhaos4.6.git3846aab.el8.ppc64le",
"8Base-RHOSE-4.6:cri-o-debuginfo-0:1.19.1-4.rhaos4.6.git3846aab.el8.s390x",
"8Base-RHOSE-4.6:cri-o-debuginfo-0:1.19.1-4.rhaos4.6.git3846aab.el8.x86_64",
"8Base-RHOSE-4.6:cri-o-debugsource-0:1.19.1-4.rhaos4.6.git3846aab.el8.ppc64le",
"8Base-RHOSE-4.6:cri-o-debugsource-0:1.19.1-4.rhaos4.6.git3846aab.el8.s390x",
"8Base-RHOSE-4.6:cri-o-debugsource-0:1.19.1-4.rhaos4.6.git3846aab.el8.x86_64",
"8Base-RHOSE-4.6:openshift-0:4.6.0-202101160934.p0.git.94242.fc5242e.el8.src",
"8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202101160934.p0.git.3808.a1bca2f.el8.ppc64le",
"8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202101160934.p0.git.3808.a1bca2f.el8.s390x",
"8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202101160934.p0.git.3808.a1bca2f.el8.src",
"8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202101160934.p0.git.3808.a1bca2f.el8.x86_64",
"8Base-RHOSE-4.6:openshift-clients-redistributable-0:4.6.0-202101160934.p0.git.3808.a1bca2f.el8.x86_64",
"8Base-RHOSE-4.6:openshift-hyperkube-0:4.6.0-202101160934.p0.git.94242.fc5242e.el8.ppc64le",
"8Base-RHOSE-4.6:openshift-hyperkube-0:4.6.0-202101160934.p0.git.94242.fc5242e.el8.s390x",
"8Base-RHOSE-4.6:openshift-hyperkube-0:4.6.0-202101160934.p0.git.94242.fc5242e.el8.x86_64",
"8Base-RHOSE-4.6:openshift-kuryr-0:4.6.0-202101151835.p0.git.2220.40847e5.el8.src",
"8Base-RHOSE-4.6:openshift-kuryr-cni-0:4.6.0-202101151835.p0.git.2220.40847e5.el8.noarch",
"8Base-RHOSE-4.6:openshift-kuryr-common-0:4.6.0-202101151835.p0.git.2220.40847e5.el8.noarch",
"8Base-RHOSE-4.6:openshift-kuryr-controller-0:4.6.0-202101151835.p0.git.2220.40847e5.el8.noarch",
"8Base-RHOSE-4.6:python3-kuryr-kubernetes-0:4.6.0-202101151835.p0.git.2220.40847e5.el8.noarch"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1856953"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found Go\u0027s net/http package. Servers using ReverseProxy from net/http in the Go standard library are vulnerable to a data race that results in a denial of service. The highest threat from this vulnerability is to system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: data race in certain net/http servers including ReverseProxy can lead to DoS",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "OpenShift Container Platform (OCP) components are primarily written in Go, meaning that any component using the net/http package includes the vulnerable code. OCP server endpoints using ReverseProxy are protected by authentication, reducing the severity of this vulnerability to Low for OCP.\n\nSimilar to OCP, OpenShift ServiceMesh (OSSM), RedHat OpenShift Jaeger (RHOSJ) and OpenShift Virtualization are also primarily written in Go and are protected via authentication, reducing the severity of this vulnerability to Low.\n\nRed Hat Gluster Storage 3 and Red Hat Openshift Container Storage 4 components are built with the affected version of Go, however the vulnerable functionality is currently not used by these products and hence this issue has been rated as having a security impact of Low.\n\nRed Hat Ceph Storage 3 and 4 components are built with the affected version of Go, however the vulnerable functionality is currently not used by these products and hence this issue has been rated as having a security impact of Low.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-4.6:containers-common-1:1.1.1-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:containers-common-1:1.1.1-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:containers-common-1:1.1.1-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:skopeo-1:1.1.1-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:skopeo-1:1.1.1-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:skopeo-1:1.1.1-3.rhaos4.6.el8.src",
"8Base-RHOSE-4.6:skopeo-1:1.1.1-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:skopeo-debuginfo-1:1.1.1-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:skopeo-debuginfo-1:1.1.1-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:skopeo-debuginfo-1:1.1.1-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:skopeo-debugsource-1:1.1.1-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:skopeo-debugsource-1:1.1.1-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:skopeo-debugsource-1:1.1.1-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:skopeo-tests-1:1.1.1-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:skopeo-tests-1:1.1.1-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:skopeo-tests-1:1.1.1-3.rhaos4.6.el8.x86_64"
],
"known_not_affected": [
"7Server-RH7-RHOSE-4.6:openshift-0:4.6.0-202101160934.p0.git.94242.fc5242e.el7.src",
"7Server-RH7-RHOSE-4.6:openshift-clients-0:4.6.0-202101160934.p0.git.3808.a1bca2f.el7.src",
"7Server-RH7-RHOSE-4.6:openshift-clients-0:4.6.0-202101160934.p0.git.3808.a1bca2f.el7.x86_64",
"7Server-RH7-RHOSE-4.6:openshift-clients-redistributable-0:4.6.0-202101160934.p0.git.3808.a1bca2f.el7.x86_64",
"7Server-RH7-RHOSE-4.6:openshift-hyperkube-0:4.6.0-202101160934.p0.git.94242.fc5242e.el7.x86_64",
"8Base-RHOSE-4.6:cri-o-0:1.19.1-4.rhaos4.6.git3846aab.el8.ppc64le",
"8Base-RHOSE-4.6:cri-o-0:1.19.1-4.rhaos4.6.git3846aab.el8.s390x",
"8Base-RHOSE-4.6:cri-o-0:1.19.1-4.rhaos4.6.git3846aab.el8.src",
"8Base-RHOSE-4.6:cri-o-0:1.19.1-4.rhaos4.6.git3846aab.el8.x86_64",
"8Base-RHOSE-4.6:cri-o-debuginfo-0:1.19.1-4.rhaos4.6.git3846aab.el8.ppc64le",
"8Base-RHOSE-4.6:cri-o-debuginfo-0:1.19.1-4.rhaos4.6.git3846aab.el8.s390x",
"8Base-RHOSE-4.6:cri-o-debuginfo-0:1.19.1-4.rhaos4.6.git3846aab.el8.x86_64",
"8Base-RHOSE-4.6:cri-o-debugsource-0:1.19.1-4.rhaos4.6.git3846aab.el8.ppc64le",
"8Base-RHOSE-4.6:cri-o-debugsource-0:1.19.1-4.rhaos4.6.git3846aab.el8.s390x",
"8Base-RHOSE-4.6:cri-o-debugsource-0:1.19.1-4.rhaos4.6.git3846aab.el8.x86_64",
"8Base-RHOSE-4.6:openshift-0:4.6.0-202101160934.p0.git.94242.fc5242e.el8.src",
"8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202101160934.p0.git.3808.a1bca2f.el8.ppc64le",
"8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202101160934.p0.git.3808.a1bca2f.el8.s390x",
"8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202101160934.p0.git.3808.a1bca2f.el8.src",
"8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202101160934.p0.git.3808.a1bca2f.el8.x86_64",
"8Base-RHOSE-4.6:openshift-clients-redistributable-0:4.6.0-202101160934.p0.git.3808.a1bca2f.el8.x86_64",
"8Base-RHOSE-4.6:openshift-hyperkube-0:4.6.0-202101160934.p0.git.94242.fc5242e.el8.ppc64le",
"8Base-RHOSE-4.6:openshift-hyperkube-0:4.6.0-202101160934.p0.git.94242.fc5242e.el8.s390x",
"8Base-RHOSE-4.6:openshift-hyperkube-0:4.6.0-202101160934.p0.git.94242.fc5242e.el8.x86_64",
"8Base-RHOSE-4.6:openshift-kuryr-0:4.6.0-202101151835.p0.git.2220.40847e5.el8.src",
"8Base-RHOSE-4.6:openshift-kuryr-cni-0:4.6.0-202101151835.p0.git.2220.40847e5.el8.noarch",
"8Base-RHOSE-4.6:openshift-kuryr-common-0:4.6.0-202101151835.p0.git.2220.40847e5.el8.noarch",
"8Base-RHOSE-4.6:openshift-kuryr-controller-0:4.6.0-202101151835.p0.git.2220.40847e5.el8.noarch",
"8Base-RHOSE-4.6:python3-kuryr-kubernetes-0:4.6.0-202101151835.p0.git.2220.40847e5.el8.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-15586"
},
{
"category": "external",
"summary": "RHBZ#1856953",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1856953"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-15586",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-15586"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-15586",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-15586"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/XZNfaiwgt2w/m/E6gHDs32AQAJ",
"url": "https://groups.google.com/g/golang-announce/c/XZNfaiwgt2w/m/E6gHDs32AQAJ"
}
],
"release_date": "2020-07-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-01-25T19:45:30+00:00",
"details": "For OpenShift Container Platform 4.6 see the following documentation, which\nwill be updated shortly for this release, for important instructions on how\nto upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.6/release_notes/ocp-4-6-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.6/updating/updating-cluster-cli.html.",
"product_ids": [
"8Base-RHOSE-4.6:containers-common-1:1.1.1-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:containers-common-1:1.1.1-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:containers-common-1:1.1.1-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:skopeo-1:1.1.1-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:skopeo-1:1.1.1-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:skopeo-1:1.1.1-3.rhaos4.6.el8.src",
"8Base-RHOSE-4.6:skopeo-1:1.1.1-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:skopeo-debuginfo-1:1.1.1-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:skopeo-debuginfo-1:1.1.1-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:skopeo-debuginfo-1:1.1.1-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:skopeo-debugsource-1:1.1.1-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:skopeo-debugsource-1:1.1.1-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:skopeo-debugsource-1:1.1.1-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:skopeo-tests-1:1.1.1-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:skopeo-tests-1:1.1.1-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:skopeo-tests-1:1.1.1-3.rhaos4.6.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:0172"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"7Server-RH7-RHOSE-4.6:openshift-0:4.6.0-202101160934.p0.git.94242.fc5242e.el7.src",
"7Server-RH7-RHOSE-4.6:openshift-clients-0:4.6.0-202101160934.p0.git.3808.a1bca2f.el7.src",
"7Server-RH7-RHOSE-4.6:openshift-clients-0:4.6.0-202101160934.p0.git.3808.a1bca2f.el7.x86_64",
"7Server-RH7-RHOSE-4.6:openshift-clients-redistributable-0:4.6.0-202101160934.p0.git.3808.a1bca2f.el7.x86_64",
"7Server-RH7-RHOSE-4.6:openshift-hyperkube-0:4.6.0-202101160934.p0.git.94242.fc5242e.el7.x86_64",
"8Base-RHOSE-4.6:containers-common-1:1.1.1-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:containers-common-1:1.1.1-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:containers-common-1:1.1.1-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:cri-o-0:1.19.1-4.rhaos4.6.git3846aab.el8.ppc64le",
"8Base-RHOSE-4.6:cri-o-0:1.19.1-4.rhaos4.6.git3846aab.el8.s390x",
"8Base-RHOSE-4.6:cri-o-0:1.19.1-4.rhaos4.6.git3846aab.el8.src",
"8Base-RHOSE-4.6:cri-o-0:1.19.1-4.rhaos4.6.git3846aab.el8.x86_64",
"8Base-RHOSE-4.6:cri-o-debuginfo-0:1.19.1-4.rhaos4.6.git3846aab.el8.ppc64le",
"8Base-RHOSE-4.6:cri-o-debuginfo-0:1.19.1-4.rhaos4.6.git3846aab.el8.s390x",
"8Base-RHOSE-4.6:cri-o-debuginfo-0:1.19.1-4.rhaos4.6.git3846aab.el8.x86_64",
"8Base-RHOSE-4.6:cri-o-debugsource-0:1.19.1-4.rhaos4.6.git3846aab.el8.ppc64le",
"8Base-RHOSE-4.6:cri-o-debugsource-0:1.19.1-4.rhaos4.6.git3846aab.el8.s390x",
"8Base-RHOSE-4.6:cri-o-debugsource-0:1.19.1-4.rhaos4.6.git3846aab.el8.x86_64",
"8Base-RHOSE-4.6:openshift-0:4.6.0-202101160934.p0.git.94242.fc5242e.el8.src",
"8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202101160934.p0.git.3808.a1bca2f.el8.ppc64le",
"8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202101160934.p0.git.3808.a1bca2f.el8.s390x",
"8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202101160934.p0.git.3808.a1bca2f.el8.src",
"8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202101160934.p0.git.3808.a1bca2f.el8.x86_64",
"8Base-RHOSE-4.6:openshift-clients-redistributable-0:4.6.0-202101160934.p0.git.3808.a1bca2f.el8.x86_64",
"8Base-RHOSE-4.6:openshift-hyperkube-0:4.6.0-202101160934.p0.git.94242.fc5242e.el8.ppc64le",
"8Base-RHOSE-4.6:openshift-hyperkube-0:4.6.0-202101160934.p0.git.94242.fc5242e.el8.s390x",
"8Base-RHOSE-4.6:openshift-hyperkube-0:4.6.0-202101160934.p0.git.94242.fc5242e.el8.x86_64",
"8Base-RHOSE-4.6:openshift-kuryr-0:4.6.0-202101151835.p0.git.2220.40847e5.el8.src",
"8Base-RHOSE-4.6:openshift-kuryr-cni-0:4.6.0-202101151835.p0.git.2220.40847e5.el8.noarch",
"8Base-RHOSE-4.6:openshift-kuryr-common-0:4.6.0-202101151835.p0.git.2220.40847e5.el8.noarch",
"8Base-RHOSE-4.6:openshift-kuryr-controller-0:4.6.0-202101151835.p0.git.2220.40847e5.el8.noarch",
"8Base-RHOSE-4.6:python3-kuryr-kubernetes-0:4.6.0-202101151835.p0.git.2220.40847e5.el8.noarch",
"8Base-RHOSE-4.6:skopeo-1:1.1.1-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:skopeo-1:1.1.1-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:skopeo-1:1.1.1-3.rhaos4.6.el8.src",
"8Base-RHOSE-4.6:skopeo-1:1.1.1-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:skopeo-debuginfo-1:1.1.1-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:skopeo-debuginfo-1:1.1.1-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:skopeo-debuginfo-1:1.1.1-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:skopeo-debugsource-1:1.1.1-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:skopeo-debugsource-1:1.1.1-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:skopeo-debugsource-1:1.1.1-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:skopeo-tests-1:1.1.1-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:skopeo-tests-1:1.1.1-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:skopeo-tests-1:1.1.1-3.rhaos4.6.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "golang: data race in certain net/http servers including ReverseProxy can lead to DoS"
},
{
"cve": "CVE-2020-16845",
"cwe": {
"id": "CWE-835",
"name": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)"
},
"discovery_date": "2020-08-07T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"7Server-RH7-RHOSE-4.6:openshift-0:4.6.0-202101160934.p0.git.94242.fc5242e.el7.src",
"7Server-RH7-RHOSE-4.6:openshift-clients-0:4.6.0-202101160934.p0.git.3808.a1bca2f.el7.src",
"7Server-RH7-RHOSE-4.6:openshift-clients-0:4.6.0-202101160934.p0.git.3808.a1bca2f.el7.x86_64",
"7Server-RH7-RHOSE-4.6:openshift-clients-redistributable-0:4.6.0-202101160934.p0.git.3808.a1bca2f.el7.x86_64",
"7Server-RH7-RHOSE-4.6:openshift-hyperkube-0:4.6.0-202101160934.p0.git.94242.fc5242e.el7.x86_64",
"8Base-RHOSE-4.6:cri-o-0:1.19.1-4.rhaos4.6.git3846aab.el8.ppc64le",
"8Base-RHOSE-4.6:cri-o-0:1.19.1-4.rhaos4.6.git3846aab.el8.s390x",
"8Base-RHOSE-4.6:cri-o-0:1.19.1-4.rhaos4.6.git3846aab.el8.src",
"8Base-RHOSE-4.6:cri-o-0:1.19.1-4.rhaos4.6.git3846aab.el8.x86_64",
"8Base-RHOSE-4.6:cri-o-debuginfo-0:1.19.1-4.rhaos4.6.git3846aab.el8.ppc64le",
"8Base-RHOSE-4.6:cri-o-debuginfo-0:1.19.1-4.rhaos4.6.git3846aab.el8.s390x",
"8Base-RHOSE-4.6:cri-o-debuginfo-0:1.19.1-4.rhaos4.6.git3846aab.el8.x86_64",
"8Base-RHOSE-4.6:cri-o-debugsource-0:1.19.1-4.rhaos4.6.git3846aab.el8.ppc64le",
"8Base-RHOSE-4.6:cri-o-debugsource-0:1.19.1-4.rhaos4.6.git3846aab.el8.s390x",
"8Base-RHOSE-4.6:cri-o-debugsource-0:1.19.1-4.rhaos4.6.git3846aab.el8.x86_64",
"8Base-RHOSE-4.6:openshift-0:4.6.0-202101160934.p0.git.94242.fc5242e.el8.src",
"8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202101160934.p0.git.3808.a1bca2f.el8.ppc64le",
"8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202101160934.p0.git.3808.a1bca2f.el8.s390x",
"8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202101160934.p0.git.3808.a1bca2f.el8.src",
"8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202101160934.p0.git.3808.a1bca2f.el8.x86_64",
"8Base-RHOSE-4.6:openshift-clients-redistributable-0:4.6.0-202101160934.p0.git.3808.a1bca2f.el8.x86_64",
"8Base-RHOSE-4.6:openshift-hyperkube-0:4.6.0-202101160934.p0.git.94242.fc5242e.el8.ppc64le",
"8Base-RHOSE-4.6:openshift-hyperkube-0:4.6.0-202101160934.p0.git.94242.fc5242e.el8.s390x",
"8Base-RHOSE-4.6:openshift-hyperkube-0:4.6.0-202101160934.p0.git.94242.fc5242e.el8.x86_64",
"8Base-RHOSE-4.6:openshift-kuryr-0:4.6.0-202101151835.p0.git.2220.40847e5.el8.src",
"8Base-RHOSE-4.6:openshift-kuryr-cni-0:4.6.0-202101151835.p0.git.2220.40847e5.el8.noarch",
"8Base-RHOSE-4.6:openshift-kuryr-common-0:4.6.0-202101151835.p0.git.2220.40847e5.el8.noarch",
"8Base-RHOSE-4.6:openshift-kuryr-controller-0:4.6.0-202101151835.p0.git.2220.40847e5.el8.noarch",
"8Base-RHOSE-4.6:python3-kuryr-kubernetes-0:4.6.0-202101151835.p0.git.2220.40847e5.el8.noarch"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1867099"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Go encoding/binary package. Certain invalid inputs to the ReadUvarint or the ReadVarint causes those functions to read an unlimited number of bytes from the ByteReader argument before returning an error. This flaw possibly leads to processing more input than expected. The highest threat from this vulnerability is to system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: ReadUvarint and ReadVarint can read an unlimited number of bytes from invalid inputs",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "OpenShift Container Platform (OCP), OpenShift ServiceMesh (OSSM), RedHat OpenShift Jaeger (RHOSJ) and OpenShift Virtualization components are primarily written in Go, meaning that any component using the encoding/binary package includes the vulnerable code. The affected components are behind OpenShift OAuth authentication, therefore the impact is low.\n\nRed Hat Gluster Storage 3, Red Hat OpenShift Container Storage 4 and Red Hat Ceph Storage (3 and 4) components are built with the affected version of Go, however the vulnerable functionality is currently not used by these products and hence this issue has been rated as having a security impact of Low.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-4.6:containers-common-1:1.1.1-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:containers-common-1:1.1.1-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:containers-common-1:1.1.1-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:skopeo-1:1.1.1-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:skopeo-1:1.1.1-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:skopeo-1:1.1.1-3.rhaos4.6.el8.src",
"8Base-RHOSE-4.6:skopeo-1:1.1.1-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:skopeo-debuginfo-1:1.1.1-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:skopeo-debuginfo-1:1.1.1-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:skopeo-debuginfo-1:1.1.1-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:skopeo-debugsource-1:1.1.1-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:skopeo-debugsource-1:1.1.1-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:skopeo-debugsource-1:1.1.1-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:skopeo-tests-1:1.1.1-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:skopeo-tests-1:1.1.1-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:skopeo-tests-1:1.1.1-3.rhaos4.6.el8.x86_64"
],
"known_not_affected": [
"7Server-RH7-RHOSE-4.6:openshift-0:4.6.0-202101160934.p0.git.94242.fc5242e.el7.src",
"7Server-RH7-RHOSE-4.6:openshift-clients-0:4.6.0-202101160934.p0.git.3808.a1bca2f.el7.src",
"7Server-RH7-RHOSE-4.6:openshift-clients-0:4.6.0-202101160934.p0.git.3808.a1bca2f.el7.x86_64",
"7Server-RH7-RHOSE-4.6:openshift-clients-redistributable-0:4.6.0-202101160934.p0.git.3808.a1bca2f.el7.x86_64",
"7Server-RH7-RHOSE-4.6:openshift-hyperkube-0:4.6.0-202101160934.p0.git.94242.fc5242e.el7.x86_64",
"8Base-RHOSE-4.6:cri-o-0:1.19.1-4.rhaos4.6.git3846aab.el8.ppc64le",
"8Base-RHOSE-4.6:cri-o-0:1.19.1-4.rhaos4.6.git3846aab.el8.s390x",
"8Base-RHOSE-4.6:cri-o-0:1.19.1-4.rhaos4.6.git3846aab.el8.src",
"8Base-RHOSE-4.6:cri-o-0:1.19.1-4.rhaos4.6.git3846aab.el8.x86_64",
"8Base-RHOSE-4.6:cri-o-debuginfo-0:1.19.1-4.rhaos4.6.git3846aab.el8.ppc64le",
"8Base-RHOSE-4.6:cri-o-debuginfo-0:1.19.1-4.rhaos4.6.git3846aab.el8.s390x",
"8Base-RHOSE-4.6:cri-o-debuginfo-0:1.19.1-4.rhaos4.6.git3846aab.el8.x86_64",
"8Base-RHOSE-4.6:cri-o-debugsource-0:1.19.1-4.rhaos4.6.git3846aab.el8.ppc64le",
"8Base-RHOSE-4.6:cri-o-debugsource-0:1.19.1-4.rhaos4.6.git3846aab.el8.s390x",
"8Base-RHOSE-4.6:cri-o-debugsource-0:1.19.1-4.rhaos4.6.git3846aab.el8.x86_64",
"8Base-RHOSE-4.6:openshift-0:4.6.0-202101160934.p0.git.94242.fc5242e.el8.src",
"8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202101160934.p0.git.3808.a1bca2f.el8.ppc64le",
"8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202101160934.p0.git.3808.a1bca2f.el8.s390x",
"8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202101160934.p0.git.3808.a1bca2f.el8.src",
"8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202101160934.p0.git.3808.a1bca2f.el8.x86_64",
"8Base-RHOSE-4.6:openshift-clients-redistributable-0:4.6.0-202101160934.p0.git.3808.a1bca2f.el8.x86_64",
"8Base-RHOSE-4.6:openshift-hyperkube-0:4.6.0-202101160934.p0.git.94242.fc5242e.el8.ppc64le",
"8Base-RHOSE-4.6:openshift-hyperkube-0:4.6.0-202101160934.p0.git.94242.fc5242e.el8.s390x",
"8Base-RHOSE-4.6:openshift-hyperkube-0:4.6.0-202101160934.p0.git.94242.fc5242e.el8.x86_64",
"8Base-RHOSE-4.6:openshift-kuryr-0:4.6.0-202101151835.p0.git.2220.40847e5.el8.src",
"8Base-RHOSE-4.6:openshift-kuryr-cni-0:4.6.0-202101151835.p0.git.2220.40847e5.el8.noarch",
"8Base-RHOSE-4.6:openshift-kuryr-common-0:4.6.0-202101151835.p0.git.2220.40847e5.el8.noarch",
"8Base-RHOSE-4.6:openshift-kuryr-controller-0:4.6.0-202101151835.p0.git.2220.40847e5.el8.noarch",
"8Base-RHOSE-4.6:python3-kuryr-kubernetes-0:4.6.0-202101151835.p0.git.2220.40847e5.el8.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-16845"
},
{
"category": "external",
"summary": "RHBZ#1867099",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1867099"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-16845",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-16845"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-16845",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-16845"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/NyPIaucMgXo",
"url": "https://groups.google.com/g/golang-announce/c/NyPIaucMgXo"
}
],
"release_date": "2020-08-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-01-25T19:45:30+00:00",
"details": "For OpenShift Container Platform 4.6 see the following documentation, which\nwill be updated shortly for this release, for important instructions on how\nto upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.6/release_notes/ocp-4-6-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.6/updating/updating-cluster-cli.html.",
"product_ids": [
"8Base-RHOSE-4.6:containers-common-1:1.1.1-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:containers-common-1:1.1.1-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:containers-common-1:1.1.1-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:skopeo-1:1.1.1-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:skopeo-1:1.1.1-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:skopeo-1:1.1.1-3.rhaos4.6.el8.src",
"8Base-RHOSE-4.6:skopeo-1:1.1.1-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:skopeo-debuginfo-1:1.1.1-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:skopeo-debuginfo-1:1.1.1-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:skopeo-debuginfo-1:1.1.1-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:skopeo-debugsource-1:1.1.1-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:skopeo-debugsource-1:1.1.1-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:skopeo-debugsource-1:1.1.1-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:skopeo-tests-1:1.1.1-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:skopeo-tests-1:1.1.1-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:skopeo-tests-1:1.1.1-3.rhaos4.6.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:0172"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"7Server-RH7-RHOSE-4.6:openshift-0:4.6.0-202101160934.p0.git.94242.fc5242e.el7.src",
"7Server-RH7-RHOSE-4.6:openshift-clients-0:4.6.0-202101160934.p0.git.3808.a1bca2f.el7.src",
"7Server-RH7-RHOSE-4.6:openshift-clients-0:4.6.0-202101160934.p0.git.3808.a1bca2f.el7.x86_64",
"7Server-RH7-RHOSE-4.6:openshift-clients-redistributable-0:4.6.0-202101160934.p0.git.3808.a1bca2f.el7.x86_64",
"7Server-RH7-RHOSE-4.6:openshift-hyperkube-0:4.6.0-202101160934.p0.git.94242.fc5242e.el7.x86_64",
"8Base-RHOSE-4.6:containers-common-1:1.1.1-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:containers-common-1:1.1.1-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:containers-common-1:1.1.1-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:cri-o-0:1.19.1-4.rhaos4.6.git3846aab.el8.ppc64le",
"8Base-RHOSE-4.6:cri-o-0:1.19.1-4.rhaos4.6.git3846aab.el8.s390x",
"8Base-RHOSE-4.6:cri-o-0:1.19.1-4.rhaos4.6.git3846aab.el8.src",
"8Base-RHOSE-4.6:cri-o-0:1.19.1-4.rhaos4.6.git3846aab.el8.x86_64",
"8Base-RHOSE-4.6:cri-o-debuginfo-0:1.19.1-4.rhaos4.6.git3846aab.el8.ppc64le",
"8Base-RHOSE-4.6:cri-o-debuginfo-0:1.19.1-4.rhaos4.6.git3846aab.el8.s390x",
"8Base-RHOSE-4.6:cri-o-debuginfo-0:1.19.1-4.rhaos4.6.git3846aab.el8.x86_64",
"8Base-RHOSE-4.6:cri-o-debugsource-0:1.19.1-4.rhaos4.6.git3846aab.el8.ppc64le",
"8Base-RHOSE-4.6:cri-o-debugsource-0:1.19.1-4.rhaos4.6.git3846aab.el8.s390x",
"8Base-RHOSE-4.6:cri-o-debugsource-0:1.19.1-4.rhaos4.6.git3846aab.el8.x86_64",
"8Base-RHOSE-4.6:openshift-0:4.6.0-202101160934.p0.git.94242.fc5242e.el8.src",
"8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202101160934.p0.git.3808.a1bca2f.el8.ppc64le",
"8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202101160934.p0.git.3808.a1bca2f.el8.s390x",
"8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202101160934.p0.git.3808.a1bca2f.el8.src",
"8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202101160934.p0.git.3808.a1bca2f.el8.x86_64",
"8Base-RHOSE-4.6:openshift-clients-redistributable-0:4.6.0-202101160934.p0.git.3808.a1bca2f.el8.x86_64",
"8Base-RHOSE-4.6:openshift-hyperkube-0:4.6.0-202101160934.p0.git.94242.fc5242e.el8.ppc64le",
"8Base-RHOSE-4.6:openshift-hyperkube-0:4.6.0-202101160934.p0.git.94242.fc5242e.el8.s390x",
"8Base-RHOSE-4.6:openshift-hyperkube-0:4.6.0-202101160934.p0.git.94242.fc5242e.el8.x86_64",
"8Base-RHOSE-4.6:openshift-kuryr-0:4.6.0-202101151835.p0.git.2220.40847e5.el8.src",
"8Base-RHOSE-4.6:openshift-kuryr-cni-0:4.6.0-202101151835.p0.git.2220.40847e5.el8.noarch",
"8Base-RHOSE-4.6:openshift-kuryr-common-0:4.6.0-202101151835.p0.git.2220.40847e5.el8.noarch",
"8Base-RHOSE-4.6:openshift-kuryr-controller-0:4.6.0-202101151835.p0.git.2220.40847e5.el8.noarch",
"8Base-RHOSE-4.6:python3-kuryr-kubernetes-0:4.6.0-202101151835.p0.git.2220.40847e5.el8.noarch",
"8Base-RHOSE-4.6:skopeo-1:1.1.1-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:skopeo-1:1.1.1-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:skopeo-1:1.1.1-3.rhaos4.6.el8.src",
"8Base-RHOSE-4.6:skopeo-1:1.1.1-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:skopeo-debuginfo-1:1.1.1-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:skopeo-debuginfo-1:1.1.1-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:skopeo-debuginfo-1:1.1.1-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:skopeo-debugsource-1:1.1.1-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:skopeo-debugsource-1:1.1.1-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:skopeo-debugsource-1:1.1.1-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:skopeo-tests-1:1.1.1-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:skopeo-tests-1:1.1.1-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:skopeo-tests-1:1.1.1-3.rhaos4.6.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "golang: ReadUvarint and ReadVarint can read an unlimited number of bytes from invalid inputs"
},
{
"cve": "CVE-2020-28362",
"cwe": {
"id": "CWE-295",
"name": "Improper Certificate Validation"
},
"discovery_date": "2020-11-12T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"7Server-RH7-RHOSE-4.6:openshift-0:4.6.0-202101160934.p0.git.94242.fc5242e.el7.src",
"7Server-RH7-RHOSE-4.6:openshift-clients-0:4.6.0-202101160934.p0.git.3808.a1bca2f.el7.src",
"7Server-RH7-RHOSE-4.6:openshift-clients-0:4.6.0-202101160934.p0.git.3808.a1bca2f.el7.x86_64",
"7Server-RH7-RHOSE-4.6:openshift-clients-redistributable-0:4.6.0-202101160934.p0.git.3808.a1bca2f.el7.x86_64",
"7Server-RH7-RHOSE-4.6:openshift-hyperkube-0:4.6.0-202101160934.p0.git.94242.fc5242e.el7.x86_64",
"8Base-RHOSE-4.6:cri-o-0:1.19.1-4.rhaos4.6.git3846aab.el8.ppc64le",
"8Base-RHOSE-4.6:cri-o-0:1.19.1-4.rhaos4.6.git3846aab.el8.s390x",
"8Base-RHOSE-4.6:cri-o-0:1.19.1-4.rhaos4.6.git3846aab.el8.src",
"8Base-RHOSE-4.6:cri-o-0:1.19.1-4.rhaos4.6.git3846aab.el8.x86_64",
"8Base-RHOSE-4.6:cri-o-debuginfo-0:1.19.1-4.rhaos4.6.git3846aab.el8.ppc64le",
"8Base-RHOSE-4.6:cri-o-debuginfo-0:1.19.1-4.rhaos4.6.git3846aab.el8.s390x",
"8Base-RHOSE-4.6:cri-o-debuginfo-0:1.19.1-4.rhaos4.6.git3846aab.el8.x86_64",
"8Base-RHOSE-4.6:cri-o-debugsource-0:1.19.1-4.rhaos4.6.git3846aab.el8.ppc64le",
"8Base-RHOSE-4.6:cri-o-debugsource-0:1.19.1-4.rhaos4.6.git3846aab.el8.s390x",
"8Base-RHOSE-4.6:cri-o-debugsource-0:1.19.1-4.rhaos4.6.git3846aab.el8.x86_64",
"8Base-RHOSE-4.6:openshift-0:4.6.0-202101160934.p0.git.94242.fc5242e.el8.src",
"8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202101160934.p0.git.3808.a1bca2f.el8.ppc64le",
"8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202101160934.p0.git.3808.a1bca2f.el8.s390x",
"8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202101160934.p0.git.3808.a1bca2f.el8.src",
"8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202101160934.p0.git.3808.a1bca2f.el8.x86_64",
"8Base-RHOSE-4.6:openshift-clients-redistributable-0:4.6.0-202101160934.p0.git.3808.a1bca2f.el8.x86_64",
"8Base-RHOSE-4.6:openshift-hyperkube-0:4.6.0-202101160934.p0.git.94242.fc5242e.el8.ppc64le",
"8Base-RHOSE-4.6:openshift-hyperkube-0:4.6.0-202101160934.p0.git.94242.fc5242e.el8.s390x",
"8Base-RHOSE-4.6:openshift-hyperkube-0:4.6.0-202101160934.p0.git.94242.fc5242e.el8.x86_64",
"8Base-RHOSE-4.6:openshift-kuryr-0:4.6.0-202101151835.p0.git.2220.40847e5.el8.src",
"8Base-RHOSE-4.6:openshift-kuryr-cni-0:4.6.0-202101151835.p0.git.2220.40847e5.el8.noarch",
"8Base-RHOSE-4.6:openshift-kuryr-common-0:4.6.0-202101151835.p0.git.2220.40847e5.el8.noarch",
"8Base-RHOSE-4.6:openshift-kuryr-controller-0:4.6.0-202101151835.p0.git.2220.40847e5.el8.noarch",
"8Base-RHOSE-4.6:python3-kuryr-kubernetes-0:4.6.0-202101151835.p0.git.2220.40847e5.el8.noarch"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1897635"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the math/big package of Go\u0027s standard library that causes a denial of service. Applications written in Go that use math/big via cryptographic packages, including crypto/rsa and crypto/x509, are vulnerable and can potentially cause panic via a crafted certificate chain. The highest threat from this vulnerability is to system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: math/big: panic during recursive division of very large numbers",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "OpenShift ServiceMesh (OSSM) 1.1 is Out Of Support Scope (OOSS) for Moderate and Low impact vulnerabilities because it is now in the Maintenance Phase of the support.\nOpenshift Virtualization 1 (formerly Container Native Virtualization) is Out Of Support Scope (OOSS) for Moderate and Low impact vulnerabilities.\n\nRed Hat Gluster Storage 3 shipped multi-cloud-object-gateway-cli and noobaa-operator container as a technical preview and is not currently planned to be addressed in future updates.\n\nOpenShift Container Platform (OCP) 4.5 and earlier are built with Go versions earlier than 1.14, which are not affected by this vulnerability. OCP 4.6 is built with Go 1.15 and is affected.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-4.6:containers-common-1:1.1.1-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:containers-common-1:1.1.1-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:containers-common-1:1.1.1-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:skopeo-1:1.1.1-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:skopeo-1:1.1.1-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:skopeo-1:1.1.1-3.rhaos4.6.el8.src",
"8Base-RHOSE-4.6:skopeo-1:1.1.1-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:skopeo-debuginfo-1:1.1.1-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:skopeo-debuginfo-1:1.1.1-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:skopeo-debuginfo-1:1.1.1-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:skopeo-debugsource-1:1.1.1-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:skopeo-debugsource-1:1.1.1-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:skopeo-debugsource-1:1.1.1-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:skopeo-tests-1:1.1.1-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:skopeo-tests-1:1.1.1-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:skopeo-tests-1:1.1.1-3.rhaos4.6.el8.x86_64"
],
"known_not_affected": [
"7Server-RH7-RHOSE-4.6:openshift-0:4.6.0-202101160934.p0.git.94242.fc5242e.el7.src",
"7Server-RH7-RHOSE-4.6:openshift-clients-0:4.6.0-202101160934.p0.git.3808.a1bca2f.el7.src",
"7Server-RH7-RHOSE-4.6:openshift-clients-0:4.6.0-202101160934.p0.git.3808.a1bca2f.el7.x86_64",
"7Server-RH7-RHOSE-4.6:openshift-clients-redistributable-0:4.6.0-202101160934.p0.git.3808.a1bca2f.el7.x86_64",
"7Server-RH7-RHOSE-4.6:openshift-hyperkube-0:4.6.0-202101160934.p0.git.94242.fc5242e.el7.x86_64",
"8Base-RHOSE-4.6:cri-o-0:1.19.1-4.rhaos4.6.git3846aab.el8.ppc64le",
"8Base-RHOSE-4.6:cri-o-0:1.19.1-4.rhaos4.6.git3846aab.el8.s390x",
"8Base-RHOSE-4.6:cri-o-0:1.19.1-4.rhaos4.6.git3846aab.el8.src",
"8Base-RHOSE-4.6:cri-o-0:1.19.1-4.rhaos4.6.git3846aab.el8.x86_64",
"8Base-RHOSE-4.6:cri-o-debuginfo-0:1.19.1-4.rhaos4.6.git3846aab.el8.ppc64le",
"8Base-RHOSE-4.6:cri-o-debuginfo-0:1.19.1-4.rhaos4.6.git3846aab.el8.s390x",
"8Base-RHOSE-4.6:cri-o-debuginfo-0:1.19.1-4.rhaos4.6.git3846aab.el8.x86_64",
"8Base-RHOSE-4.6:cri-o-debugsource-0:1.19.1-4.rhaos4.6.git3846aab.el8.ppc64le",
"8Base-RHOSE-4.6:cri-o-debugsource-0:1.19.1-4.rhaos4.6.git3846aab.el8.s390x",
"8Base-RHOSE-4.6:cri-o-debugsource-0:1.19.1-4.rhaos4.6.git3846aab.el8.x86_64",
"8Base-RHOSE-4.6:openshift-0:4.6.0-202101160934.p0.git.94242.fc5242e.el8.src",
"8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202101160934.p0.git.3808.a1bca2f.el8.ppc64le",
"8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202101160934.p0.git.3808.a1bca2f.el8.s390x",
"8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202101160934.p0.git.3808.a1bca2f.el8.src",
"8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202101160934.p0.git.3808.a1bca2f.el8.x86_64",
"8Base-RHOSE-4.6:openshift-clients-redistributable-0:4.6.0-202101160934.p0.git.3808.a1bca2f.el8.x86_64",
"8Base-RHOSE-4.6:openshift-hyperkube-0:4.6.0-202101160934.p0.git.94242.fc5242e.el8.ppc64le",
"8Base-RHOSE-4.6:openshift-hyperkube-0:4.6.0-202101160934.p0.git.94242.fc5242e.el8.s390x",
"8Base-RHOSE-4.6:openshift-hyperkube-0:4.6.0-202101160934.p0.git.94242.fc5242e.el8.x86_64",
"8Base-RHOSE-4.6:openshift-kuryr-0:4.6.0-202101151835.p0.git.2220.40847e5.el8.src",
"8Base-RHOSE-4.6:openshift-kuryr-cni-0:4.6.0-202101151835.p0.git.2220.40847e5.el8.noarch",
"8Base-RHOSE-4.6:openshift-kuryr-common-0:4.6.0-202101151835.p0.git.2220.40847e5.el8.noarch",
"8Base-RHOSE-4.6:openshift-kuryr-controller-0:4.6.0-202101151835.p0.git.2220.40847e5.el8.noarch",
"8Base-RHOSE-4.6:python3-kuryr-kubernetes-0:4.6.0-202101151835.p0.git.2220.40847e5.el8.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-28362"
},
{
"category": "external",
"summary": "RHBZ#1897635",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1897635"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-28362",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-28362"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-28362",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-28362"
}
],
"release_date": "2020-11-12T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-01-25T19:45:30+00:00",
"details": "For OpenShift Container Platform 4.6 see the following documentation, which\nwill be updated shortly for this release, for important instructions on how\nto upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.6/release_notes/ocp-4-6-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.6/updating/updating-cluster-cli.html.",
"product_ids": [
"8Base-RHOSE-4.6:containers-common-1:1.1.1-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:containers-common-1:1.1.1-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:containers-common-1:1.1.1-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:skopeo-1:1.1.1-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:skopeo-1:1.1.1-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:skopeo-1:1.1.1-3.rhaos4.6.el8.src",
"8Base-RHOSE-4.6:skopeo-1:1.1.1-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:skopeo-debuginfo-1:1.1.1-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:skopeo-debuginfo-1:1.1.1-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:skopeo-debuginfo-1:1.1.1-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:skopeo-debugsource-1:1.1.1-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:skopeo-debugsource-1:1.1.1-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:skopeo-debugsource-1:1.1.1-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:skopeo-tests-1:1.1.1-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:skopeo-tests-1:1.1.1-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:skopeo-tests-1:1.1.1-3.rhaos4.6.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:0172"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"7Server-RH7-RHOSE-4.6:openshift-0:4.6.0-202101160934.p0.git.94242.fc5242e.el7.src",
"7Server-RH7-RHOSE-4.6:openshift-clients-0:4.6.0-202101160934.p0.git.3808.a1bca2f.el7.src",
"7Server-RH7-RHOSE-4.6:openshift-clients-0:4.6.0-202101160934.p0.git.3808.a1bca2f.el7.x86_64",
"7Server-RH7-RHOSE-4.6:openshift-clients-redistributable-0:4.6.0-202101160934.p0.git.3808.a1bca2f.el7.x86_64",
"7Server-RH7-RHOSE-4.6:openshift-hyperkube-0:4.6.0-202101160934.p0.git.94242.fc5242e.el7.x86_64",
"8Base-RHOSE-4.6:containers-common-1:1.1.1-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:containers-common-1:1.1.1-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:containers-common-1:1.1.1-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:cri-o-0:1.19.1-4.rhaos4.6.git3846aab.el8.ppc64le",
"8Base-RHOSE-4.6:cri-o-0:1.19.1-4.rhaos4.6.git3846aab.el8.s390x",
"8Base-RHOSE-4.6:cri-o-0:1.19.1-4.rhaos4.6.git3846aab.el8.src",
"8Base-RHOSE-4.6:cri-o-0:1.19.1-4.rhaos4.6.git3846aab.el8.x86_64",
"8Base-RHOSE-4.6:cri-o-debuginfo-0:1.19.1-4.rhaos4.6.git3846aab.el8.ppc64le",
"8Base-RHOSE-4.6:cri-o-debuginfo-0:1.19.1-4.rhaos4.6.git3846aab.el8.s390x",
"8Base-RHOSE-4.6:cri-o-debuginfo-0:1.19.1-4.rhaos4.6.git3846aab.el8.x86_64",
"8Base-RHOSE-4.6:cri-o-debugsource-0:1.19.1-4.rhaos4.6.git3846aab.el8.ppc64le",
"8Base-RHOSE-4.6:cri-o-debugsource-0:1.19.1-4.rhaos4.6.git3846aab.el8.s390x",
"8Base-RHOSE-4.6:cri-o-debugsource-0:1.19.1-4.rhaos4.6.git3846aab.el8.x86_64",
"8Base-RHOSE-4.6:openshift-0:4.6.0-202101160934.p0.git.94242.fc5242e.el8.src",
"8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202101160934.p0.git.3808.a1bca2f.el8.ppc64le",
"8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202101160934.p0.git.3808.a1bca2f.el8.s390x",
"8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202101160934.p0.git.3808.a1bca2f.el8.src",
"8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202101160934.p0.git.3808.a1bca2f.el8.x86_64",
"8Base-RHOSE-4.6:openshift-clients-redistributable-0:4.6.0-202101160934.p0.git.3808.a1bca2f.el8.x86_64",
"8Base-RHOSE-4.6:openshift-hyperkube-0:4.6.0-202101160934.p0.git.94242.fc5242e.el8.ppc64le",
"8Base-RHOSE-4.6:openshift-hyperkube-0:4.6.0-202101160934.p0.git.94242.fc5242e.el8.s390x",
"8Base-RHOSE-4.6:openshift-hyperkube-0:4.6.0-202101160934.p0.git.94242.fc5242e.el8.x86_64",
"8Base-RHOSE-4.6:openshift-kuryr-0:4.6.0-202101151835.p0.git.2220.40847e5.el8.src",
"8Base-RHOSE-4.6:openshift-kuryr-cni-0:4.6.0-202101151835.p0.git.2220.40847e5.el8.noarch",
"8Base-RHOSE-4.6:openshift-kuryr-common-0:4.6.0-202101151835.p0.git.2220.40847e5.el8.noarch",
"8Base-RHOSE-4.6:openshift-kuryr-controller-0:4.6.0-202101151835.p0.git.2220.40847e5.el8.noarch",
"8Base-RHOSE-4.6:python3-kuryr-kubernetes-0:4.6.0-202101151835.p0.git.2220.40847e5.el8.noarch",
"8Base-RHOSE-4.6:skopeo-1:1.1.1-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:skopeo-1:1.1.1-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:skopeo-1:1.1.1-3.rhaos4.6.el8.src",
"8Base-RHOSE-4.6:skopeo-1:1.1.1-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:skopeo-debuginfo-1:1.1.1-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:skopeo-debuginfo-1:1.1.1-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:skopeo-debuginfo-1:1.1.1-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:skopeo-debugsource-1:1.1.1-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:skopeo-debugsource-1:1.1.1-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:skopeo-debugsource-1:1.1.1-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:skopeo-tests-1:1.1.1-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:skopeo-tests-1:1.1.1-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:skopeo-tests-1:1.1.1-3.rhaos4.6.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: math/big: panic during recursive division of very large numbers"
}
]
}
RHSA-2021:0713
Vulnerability from csaf_redhat - Published: 2021-03-11 04:48 - Updated: 2026-03-27 08:38Summary
Red Hat Security Advisory: OpenShift Container Platform 4.5.34 packages and security update
Severity
Low
Notes
Topic: Red Hat OpenShift Container Platform release 4.5.34 is now available with
updates to packages and images that fix several bugs and add enhancements.
This release also includes a security update for Red Hat OpenShift Container Platform 4.5.
Red Hat Product Security has rated this update as having a security impact
of Low. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available for each vulnerability
from the CVE link(s) in the References section.
Details: Red Hat OpenShift Container Platform is Red Hat's cloud computing
Kubernetes application platform solution designed for on-premise or private
cloud deployments.
Security Fix(es):
* golang: Data race in certain net/http servers including ReverseProxy can lead to DoS (CVE-2020-15586)
* golang: ReadUvarint and ReadVarint can read an unlimited number of bytes from invalid inputs (CVE-2020-16845)
For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.
This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.5.34. See the following advisory for the container images for this release:
https://access.redhat.com/errata/RHBA-2021:0714
All OpenShift Container Platform 4.5 users are advised to upgrade to these updated packages and images when they are available in the appropriate release channel. To check for available updates, use the OpenShift Console or the CLI oc command. Instructions for upgrading a cluster are available at https://docs.openshift.com/container-platform/4.5/updating/updating-cluster-between-minor.html#understanding-upgrade-channels_updating-cluster-between-minor.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found Go's net/http package. Servers using ReverseProxy from net/http in the Go standard library are vulnerable to a data race that results in a denial of service. The highest threat from this vulnerability is to system availability.
5.9 (Medium)
Affected products
Fixed
88 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 7Server-RH7-RHOSE-4.5:apb-0:2.0.3-3.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-4.5:apb-0:2.0.3-3.el7.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-4.5:apb-0:2.0.3-3.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-4.5:apb-0:2.0.3-3.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-4.5:apb-container-scripts-0:2.0.3-3.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-4.5:apb-devel-0:2.0.3-3.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-4.5:containernetworking-plugins-0:0.8.6-2.rhaos4.5.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-4.5:containernetworking-plugins-0:0.8.6-2.rhaos4.5.el7.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-4.5:containernetworking-plugins-0:0.8.6-2.rhaos4.5.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-4.5:containernetworking-plugins-0:0.8.6-2.rhaos4.5.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-4.5:containernetworking-plugins-debuginfo-0:0.8.6-2.rhaos4.5.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-4.5:containernetworking-plugins-debuginfo-0:0.8.6-2.rhaos4.5.el7.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-4.5:containernetworking-plugins-debuginfo-0:0.8.6-2.rhaos4.5.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-4.5:cri-o-0:1.18.4-7.rhaos4.5.git572d9f7.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-4.5:cri-o-0:1.18.4-7.rhaos4.5.git572d9f7.el7.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-4.5:cri-o-0:1.18.4-7.rhaos4.5.git572d9f7.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-4.5:cri-o-0:1.18.4-7.rhaos4.5.git572d9f7.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-4.5:cri-o-debuginfo-0:1.18.4-7.rhaos4.5.git572d9f7.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-4.5:cri-o-debuginfo-0:1.18.4-7.rhaos4.5.git572d9f7.el7.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-4.5:cri-o-debuginfo-0:1.18.4-7.rhaos4.5.git572d9f7.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-4.5:cri-tools-0:1.18.0-4.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-4.5:cri-tools-0:1.18.0-4.el7.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-4.5:cri-tools-0:1.18.0-4.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-4.5:cri-tools-0:1.18.0-4.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-4.5:cri-tools-debuginfo-0:1.18.0-4.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-4.5:cri-tools-debuginfo-0:1.18.0-4.el7.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-4.5:cri-tools-debuginfo-0:1.18.0-4.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-4.5:golang-github-prometheus-promu-0:0.5.0-3.git642a960.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-4.5:golang-github-prometheus-promu-0:0.5.0-3.git642a960.el7.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-4.5:golang-github-prometheus-promu-0:0.5.0-3.git642a960.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-4.5:golang-github-prometheus-promu-0:0.5.0-3.git642a960.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-4.5:openshift-0:4.5.0-202102261511.p0.git.0.f0229b9.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-4.5:openshift-hyperkube-0:4.5.0-202102261511.p0.git.0.f0229b9.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-4.5:openshift-hyperkube-0:4.5.0-202102261511.p0.git.0.f0229b9.el7.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-4.5:openshift-hyperkube-0:4.5.0-202102261511.p0.git.0.f0229b9.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-4.5:prometheus-promu-0:0.5.0-3.git642a960.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-4.5:prometheus-promu-0:0.5.0-3.git642a960.el7.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-4.5:prometheus-promu-0:0.5.0-3.git642a960.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.5:buildah-0:1.11.6-9.rhaos4.5.el8.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.5:buildah-0:1.11.6-9.rhaos4.5.el8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.5:buildah-0:1.11.6-9.rhaos4.5.el8.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.5:buildah-0:1.11.6-9.rhaos4.5.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.5:buildah-debuginfo-0:1.11.6-9.rhaos4.5.el8.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.5:buildah-debuginfo-0:1.11.6-9.rhaos4.5.el8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.5:buildah-debuginfo-0:1.11.6-9.rhaos4.5.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.5:buildah-debugsource-0:1.11.6-9.rhaos4.5.el8.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.5:buildah-debugsource-0:1.11.6-9.rhaos4.5.el8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.5:buildah-debugsource-0:1.11.6-9.rhaos4.5.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.5:buildah-tests-0:1.11.6-9.rhaos4.5.el8.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.5:buildah-tests-0:1.11.6-9.rhaos4.5.el8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.5:buildah-tests-0:1.11.6-9.rhaos4.5.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.5:buildah-tests-debuginfo-0:1.11.6-9.rhaos4.5.el8.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.5:buildah-tests-debuginfo-0:1.11.6-9.rhaos4.5.el8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.5:buildah-tests-debuginfo-0:1.11.6-9.rhaos4.5.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.5:containernetworking-plugins-0:0.8.6-2.rhaos4.5.el8.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.5:containernetworking-plugins-0:0.8.6-2.rhaos4.5.el8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.5:containernetworking-plugins-0:0.8.6-2.rhaos4.5.el8.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.5:containernetworking-plugins-0:0.8.6-2.rhaos4.5.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.5:containernetworking-plugins-debuginfo-0:0.8.6-2.rhaos4.5.el8.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.5:containernetworking-plugins-debuginfo-0:0.8.6-2.rhaos4.5.el8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.5:containernetworking-plugins-debuginfo-0:0.8.6-2.rhaos4.5.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.5:containernetworking-plugins-debugsource-0:0.8.6-2.rhaos4.5.el8.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.5:containernetworking-plugins-debugsource-0:0.8.6-2.rhaos4.5.el8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.5:containernetworking-plugins-debugsource-0:0.8.6-2.rhaos4.5.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.5:cri-o-0:1.18.4-7.rhaos4.5.git572d9f7.el8.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.5:cri-o-0:1.18.4-7.rhaos4.5.git572d9f7.el8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.5:cri-o-0:1.18.4-7.rhaos4.5.git572d9f7.el8.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.5:cri-o-0:1.18.4-7.rhaos4.5.git572d9f7.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.5:cri-o-debuginfo-0:1.18.4-7.rhaos4.5.git572d9f7.el8.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.5:cri-o-debuginfo-0:1.18.4-7.rhaos4.5.git572d9f7.el8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.5:cri-o-debuginfo-0:1.18.4-7.rhaos4.5.git572d9f7.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.5:cri-o-debugsource-0:1.18.4-7.rhaos4.5.git572d9f7.el8.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.5:cri-o-debugsource-0:1.18.4-7.rhaos4.5.git572d9f7.el8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.5:cri-o-debugsource-0:1.18.4-7.rhaos4.5.git572d9f7.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.5:cri-tools-0:1.18.0-4.el8.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.5:cri-tools-0:1.18.0-4.el8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.5:cri-tools-0:1.18.0-4.el8.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.5:cri-tools-0:1.18.0-4.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.5:cri-tools-debuginfo-0:1.18.0-4.el8.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.5:cri-tools-debuginfo-0:1.18.0-4.el8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.5:cri-tools-debuginfo-0:1.18.0-4.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.5:cri-tools-debugsource-0:1.18.0-4.el8.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.5:cri-tools-debugsource-0:1.18.0-4.el8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.5:cri-tools-debugsource-0:1.18.0-4.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.5:openshift-0:4.5.0-202102261511.p0.git.0.f0229b9.el8.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.5:openshift-hyperkube-0:4.5.0-202102261511.p0.git.0.f0229b9.el8.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.5:openshift-hyperkube-0:4.5.0-202102261511.p0.git.0.f0229b9.el8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.5:openshift-hyperkube-0:4.5.0-202102261511.p0.git.0.f0229b9.el8.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Low
A flaw was found in the Go encoding/binary package. Certain invalid inputs to the ReadUvarint or the ReadVarint causes those functions to read an unlimited number of bytes from the ByteReader argument before returning an error. This flaw possibly leads to processing more input than expected. The highest threat from this vulnerability is to system availability.
7.5 (High)
Affected products
Fixed
88 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 7Server-RH7-RHOSE-4.5:apb-0:2.0.3-3.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-4.5:apb-0:2.0.3-3.el7.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-4.5:apb-0:2.0.3-3.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-4.5:apb-0:2.0.3-3.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-4.5:apb-container-scripts-0:2.0.3-3.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-4.5:apb-devel-0:2.0.3-3.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-4.5:containernetworking-plugins-0:0.8.6-2.rhaos4.5.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-4.5:containernetworking-plugins-0:0.8.6-2.rhaos4.5.el7.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-4.5:containernetworking-plugins-0:0.8.6-2.rhaos4.5.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-4.5:containernetworking-plugins-0:0.8.6-2.rhaos4.5.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-4.5:containernetworking-plugins-debuginfo-0:0.8.6-2.rhaos4.5.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-4.5:containernetworking-plugins-debuginfo-0:0.8.6-2.rhaos4.5.el7.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-4.5:containernetworking-plugins-debuginfo-0:0.8.6-2.rhaos4.5.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-4.5:cri-o-0:1.18.4-7.rhaos4.5.git572d9f7.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-4.5:cri-o-0:1.18.4-7.rhaos4.5.git572d9f7.el7.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-4.5:cri-o-0:1.18.4-7.rhaos4.5.git572d9f7.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-4.5:cri-o-0:1.18.4-7.rhaos4.5.git572d9f7.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-4.5:cri-o-debuginfo-0:1.18.4-7.rhaos4.5.git572d9f7.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-4.5:cri-o-debuginfo-0:1.18.4-7.rhaos4.5.git572d9f7.el7.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-4.5:cri-o-debuginfo-0:1.18.4-7.rhaos4.5.git572d9f7.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-4.5:cri-tools-0:1.18.0-4.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-4.5:cri-tools-0:1.18.0-4.el7.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-4.5:cri-tools-0:1.18.0-4.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-4.5:cri-tools-0:1.18.0-4.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-4.5:cri-tools-debuginfo-0:1.18.0-4.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-4.5:cri-tools-debuginfo-0:1.18.0-4.el7.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-4.5:cri-tools-debuginfo-0:1.18.0-4.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-4.5:golang-github-prometheus-promu-0:0.5.0-3.git642a960.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-4.5:golang-github-prometheus-promu-0:0.5.0-3.git642a960.el7.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-4.5:golang-github-prometheus-promu-0:0.5.0-3.git642a960.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-4.5:golang-github-prometheus-promu-0:0.5.0-3.git642a960.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-4.5:openshift-0:4.5.0-202102261511.p0.git.0.f0229b9.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-4.5:openshift-hyperkube-0:4.5.0-202102261511.p0.git.0.f0229b9.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-4.5:openshift-hyperkube-0:4.5.0-202102261511.p0.git.0.f0229b9.el7.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-4.5:openshift-hyperkube-0:4.5.0-202102261511.p0.git.0.f0229b9.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-4.5:prometheus-promu-0:0.5.0-3.git642a960.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-4.5:prometheus-promu-0:0.5.0-3.git642a960.el7.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-4.5:prometheus-promu-0:0.5.0-3.git642a960.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.5:buildah-0:1.11.6-9.rhaos4.5.el8.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.5:buildah-0:1.11.6-9.rhaos4.5.el8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.5:buildah-0:1.11.6-9.rhaos4.5.el8.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.5:buildah-0:1.11.6-9.rhaos4.5.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.5:buildah-debuginfo-0:1.11.6-9.rhaos4.5.el8.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.5:buildah-debuginfo-0:1.11.6-9.rhaos4.5.el8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.5:buildah-debuginfo-0:1.11.6-9.rhaos4.5.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.5:buildah-debugsource-0:1.11.6-9.rhaos4.5.el8.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.5:buildah-debugsource-0:1.11.6-9.rhaos4.5.el8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.5:buildah-debugsource-0:1.11.6-9.rhaos4.5.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.5:buildah-tests-0:1.11.6-9.rhaos4.5.el8.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.5:buildah-tests-0:1.11.6-9.rhaos4.5.el8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.5:buildah-tests-0:1.11.6-9.rhaos4.5.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.5:buildah-tests-debuginfo-0:1.11.6-9.rhaos4.5.el8.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.5:buildah-tests-debuginfo-0:1.11.6-9.rhaos4.5.el8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.5:buildah-tests-debuginfo-0:1.11.6-9.rhaos4.5.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.5:containernetworking-plugins-0:0.8.6-2.rhaos4.5.el8.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.5:containernetworking-plugins-0:0.8.6-2.rhaos4.5.el8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.5:containernetworking-plugins-0:0.8.6-2.rhaos4.5.el8.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.5:containernetworking-plugins-0:0.8.6-2.rhaos4.5.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.5:containernetworking-plugins-debuginfo-0:0.8.6-2.rhaos4.5.el8.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.5:containernetworking-plugins-debuginfo-0:0.8.6-2.rhaos4.5.el8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.5:containernetworking-plugins-debuginfo-0:0.8.6-2.rhaos4.5.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.5:containernetworking-plugins-debugsource-0:0.8.6-2.rhaos4.5.el8.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.5:containernetworking-plugins-debugsource-0:0.8.6-2.rhaos4.5.el8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.5:containernetworking-plugins-debugsource-0:0.8.6-2.rhaos4.5.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.5:cri-o-0:1.18.4-7.rhaos4.5.git572d9f7.el8.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.5:cri-o-0:1.18.4-7.rhaos4.5.git572d9f7.el8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.5:cri-o-0:1.18.4-7.rhaos4.5.git572d9f7.el8.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.5:cri-o-0:1.18.4-7.rhaos4.5.git572d9f7.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.5:cri-o-debuginfo-0:1.18.4-7.rhaos4.5.git572d9f7.el8.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.5:cri-o-debuginfo-0:1.18.4-7.rhaos4.5.git572d9f7.el8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.5:cri-o-debuginfo-0:1.18.4-7.rhaos4.5.git572d9f7.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.5:cri-o-debugsource-0:1.18.4-7.rhaos4.5.git572d9f7.el8.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.5:cri-o-debugsource-0:1.18.4-7.rhaos4.5.git572d9f7.el8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.5:cri-o-debugsource-0:1.18.4-7.rhaos4.5.git572d9f7.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.5:cri-tools-0:1.18.0-4.el8.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.5:cri-tools-0:1.18.0-4.el8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.5:cri-tools-0:1.18.0-4.el8.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.5:cri-tools-0:1.18.0-4.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.5:cri-tools-debuginfo-0:1.18.0-4.el8.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.5:cri-tools-debuginfo-0:1.18.0-4.el8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.5:cri-tools-debuginfo-0:1.18.0-4.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.5:cri-tools-debugsource-0:1.18.0-4.el8.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.5:cri-tools-debugsource-0:1.18.0-4.el8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.5:cri-tools-debugsource-0:1.18.0-4.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.5:openshift-0:4.5.0-202102261511.p0.git.0.f0229b9.el8.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.5:openshift-hyperkube-0:4.5.0-202102261511.p0.git.0.f0229b9.el8.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.5:openshift-hyperkube-0:4.5.0-202102261511.p0.git.0.f0229b9.el8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.5:openshift-hyperkube-0:4.5.0-202102261511.p0.git.0.f0229b9.el8.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Low
References
16 references
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Low"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Red Hat OpenShift Container Platform release 4.5.34 is now available with\nupdates to packages and images that fix several bugs and add enhancements.\n\nThis release also includes a security update for Red Hat OpenShift Container Platform 4.5.\n\nRed Hat Product Security has rated this update as having a security impact\nof Low. A Common Vulnerability Scoring System (CVSS) base score,\nwhich gives a detailed severity rating, is available for each vulnerability\nfrom the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat OpenShift Container Platform is Red Hat\u0027s cloud computing\nKubernetes application platform solution designed for on-premise or private\ncloud deployments.\n\nSecurity Fix(es):\n\n* golang: Data race in certain net/http servers including ReverseProxy can lead to DoS (CVE-2020-15586)\n\n* golang: ReadUvarint and ReadVarint can read an unlimited number of bytes from invalid inputs (CVE-2020-16845)\n\nFor more details about the security issue(s), including the impact, a CVSS\nscore, acknowledgments, and other related information, refer to the CVE\npage(s) listed in the References section.\n\nThis advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.5.34. See the following advisory for the container images for this release:\n\nhttps://access.redhat.com/errata/RHBA-2021:0714\n\nAll OpenShift Container Platform 4.5 users are advised to upgrade to these updated packages and images when they are available in the appropriate release channel. To check for available updates, use the OpenShift Console or the CLI oc command. Instructions for upgrading a cluster are available at https://docs.openshift.com/container-platform/4.5/updating/updating-cluster-between-minor.html#understanding-upgrade-channels_updating-cluster-between-minor.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2021:0713",
"url": "https://access.redhat.com/errata/RHSA-2021:0713"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#low",
"url": "https://access.redhat.com/security/updates/classification/#low"
},
{
"category": "external",
"summary": "1856953",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1856953"
},
{
"category": "external",
"summary": "1867099",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1867099"
},
{
"category": "external",
"summary": "1934454",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1934454"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2021/rhsa-2021_0713.json"
}
],
"title": "Red Hat Security Advisory: OpenShift Container Platform 4.5.34 packages and security update",
"tracking": {
"current_release_date": "2026-03-27T08:38:50+00:00",
"generator": {
"date": "2026-03-27T08:38:50+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.7.4"
}
},
"id": "RHSA-2021:0713",
"initial_release_date": "2021-03-11T04:48:46+00:00",
"revision_history": [
{
"date": "2021-03-11T04:48:46+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2021-03-11T04:48:46+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-03-27T08:38:50+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat OpenShift Container Platform 4.5",
"product": {
"name": "Red Hat OpenShift Container Platform 4.5",
"product_id": "8Base-RHOSE-4.5",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift:4.5::el8"
}
}
},
{
"category": "product_name",
"name": "Red Hat OpenShift Container Platform 4.5",
"product": {
"name": "Red Hat OpenShift Container Platform 4.5",
"product_id": "7Server-RH7-RHOSE-4.5",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift:4.5::el7"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenShift Enterprise"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-0:4.5.0-202102261511.p0.git.0.f0229b9.el8.src",
"product": {
"name": "openshift-0:4.5.0-202102261511.p0.git.0.f0229b9.el8.src",
"product_id": "openshift-0:4.5.0-202102261511.p0.git.0.f0229b9.el8.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift@4.5.0-202102261511.p0.git.0.f0229b9.el8?arch=src"
}
}
},
{
"category": "product_version",
"name": "cri-o-0:1.18.4-7.rhaos4.5.git572d9f7.el8.src",
"product": {
"name": "cri-o-0:1.18.4-7.rhaos4.5.git572d9f7.el8.src",
"product_id": "cri-o-0:1.18.4-7.rhaos4.5.git572d9f7.el8.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cri-o@1.18.4-7.rhaos4.5.git572d9f7.el8?arch=src"
}
}
},
{
"category": "product_version",
"name": "cri-tools-0:1.18.0-4.el8.src",
"product": {
"name": "cri-tools-0:1.18.0-4.el8.src",
"product_id": "cri-tools-0:1.18.0-4.el8.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cri-tools@1.18.0-4.el8?arch=src"
}
}
},
{
"category": "product_version",
"name": "buildah-0:1.11.6-9.rhaos4.5.el8.src",
"product": {
"name": "buildah-0:1.11.6-9.rhaos4.5.el8.src",
"product_id": "buildah-0:1.11.6-9.rhaos4.5.el8.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/buildah@1.11.6-9.rhaos4.5.el8?arch=src"
}
}
},
{
"category": "product_version",
"name": "containernetworking-plugins-0:0.8.6-2.rhaos4.5.el8.src",
"product": {
"name": "containernetworking-plugins-0:0.8.6-2.rhaos4.5.el8.src",
"product_id": "containernetworking-plugins-0:0.8.6-2.rhaos4.5.el8.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/containernetworking-plugins@0.8.6-2.rhaos4.5.el8?arch=src"
}
}
},
{
"category": "product_version",
"name": "apb-0:2.0.3-3.el7.src",
"product": {
"name": "apb-0:2.0.3-3.el7.src",
"product_id": "apb-0:2.0.3-3.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/apb@2.0.3-3.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "cri-o-0:1.18.4-7.rhaos4.5.git572d9f7.el7.src",
"product": {
"name": "cri-o-0:1.18.4-7.rhaos4.5.git572d9f7.el7.src",
"product_id": "cri-o-0:1.18.4-7.rhaos4.5.git572d9f7.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cri-o@1.18.4-7.rhaos4.5.git572d9f7.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "cri-tools-0:1.18.0-4.el7.src",
"product": {
"name": "cri-tools-0:1.18.0-4.el7.src",
"product_id": "cri-tools-0:1.18.0-4.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cri-tools@1.18.0-4.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "golang-github-prometheus-promu-0:0.5.0-3.git642a960.el7.src",
"product": {
"name": "golang-github-prometheus-promu-0:0.5.0-3.git642a960.el7.src",
"product_id": "golang-github-prometheus-promu-0:0.5.0-3.git642a960.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-github-prometheus-promu@0.5.0-3.git642a960.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "containernetworking-plugins-0:0.8.6-2.rhaos4.5.el7.src",
"product": {
"name": "containernetworking-plugins-0:0.8.6-2.rhaos4.5.el7.src",
"product_id": "containernetworking-plugins-0:0.8.6-2.rhaos4.5.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/containernetworking-plugins@0.8.6-2.rhaos4.5.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "openshift-0:4.5.0-202102261511.p0.git.0.f0229b9.el7.src",
"product": {
"name": "openshift-0:4.5.0-202102261511.p0.git.0.f0229b9.el7.src",
"product_id": "openshift-0:4.5.0-202102261511.p0.git.0.f0229b9.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift@4.5.0-202102261511.p0.git.0.f0229b9.el7?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-hyperkube-0:4.5.0-202102261511.p0.git.0.f0229b9.el8.x86_64",
"product": {
"name": "openshift-hyperkube-0:4.5.0-202102261511.p0.git.0.f0229b9.el8.x86_64",
"product_id": "openshift-hyperkube-0:4.5.0-202102261511.p0.git.0.f0229b9.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-hyperkube@4.5.0-202102261511.p0.git.0.f0229b9.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "cri-o-0:1.18.4-7.rhaos4.5.git572d9f7.el8.x86_64",
"product": {
"name": "cri-o-0:1.18.4-7.rhaos4.5.git572d9f7.el8.x86_64",
"product_id": "cri-o-0:1.18.4-7.rhaos4.5.git572d9f7.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cri-o@1.18.4-7.rhaos4.5.git572d9f7.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "cri-o-debugsource-0:1.18.4-7.rhaos4.5.git572d9f7.el8.x86_64",
"product": {
"name": "cri-o-debugsource-0:1.18.4-7.rhaos4.5.git572d9f7.el8.x86_64",
"product_id": "cri-o-debugsource-0:1.18.4-7.rhaos4.5.git572d9f7.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cri-o-debugsource@1.18.4-7.rhaos4.5.git572d9f7.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "cri-o-debuginfo-0:1.18.4-7.rhaos4.5.git572d9f7.el8.x86_64",
"product": {
"name": "cri-o-debuginfo-0:1.18.4-7.rhaos4.5.git572d9f7.el8.x86_64",
"product_id": "cri-o-debuginfo-0:1.18.4-7.rhaos4.5.git572d9f7.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cri-o-debuginfo@1.18.4-7.rhaos4.5.git572d9f7.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "cri-tools-0:1.18.0-4.el8.x86_64",
"product": {
"name": "cri-tools-0:1.18.0-4.el8.x86_64",
"product_id": "cri-tools-0:1.18.0-4.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cri-tools@1.18.0-4.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "cri-tools-debugsource-0:1.18.0-4.el8.x86_64",
"product": {
"name": "cri-tools-debugsource-0:1.18.0-4.el8.x86_64",
"product_id": "cri-tools-debugsource-0:1.18.0-4.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cri-tools-debugsource@1.18.0-4.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "cri-tools-debuginfo-0:1.18.0-4.el8.x86_64",
"product": {
"name": "cri-tools-debuginfo-0:1.18.0-4.el8.x86_64",
"product_id": "cri-tools-debuginfo-0:1.18.0-4.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cri-tools-debuginfo@1.18.0-4.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "buildah-0:1.11.6-9.rhaos4.5.el8.x86_64",
"product": {
"name": "buildah-0:1.11.6-9.rhaos4.5.el8.x86_64",
"product_id": "buildah-0:1.11.6-9.rhaos4.5.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/buildah@1.11.6-9.rhaos4.5.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "buildah-tests-0:1.11.6-9.rhaos4.5.el8.x86_64",
"product": {
"name": "buildah-tests-0:1.11.6-9.rhaos4.5.el8.x86_64",
"product_id": "buildah-tests-0:1.11.6-9.rhaos4.5.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/buildah-tests@1.11.6-9.rhaos4.5.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "buildah-debugsource-0:1.11.6-9.rhaos4.5.el8.x86_64",
"product": {
"name": "buildah-debugsource-0:1.11.6-9.rhaos4.5.el8.x86_64",
"product_id": "buildah-debugsource-0:1.11.6-9.rhaos4.5.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/buildah-debugsource@1.11.6-9.rhaos4.5.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "buildah-debuginfo-0:1.11.6-9.rhaos4.5.el8.x86_64",
"product": {
"name": "buildah-debuginfo-0:1.11.6-9.rhaos4.5.el8.x86_64",
"product_id": "buildah-debuginfo-0:1.11.6-9.rhaos4.5.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/buildah-debuginfo@1.11.6-9.rhaos4.5.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "buildah-tests-debuginfo-0:1.11.6-9.rhaos4.5.el8.x86_64",
"product": {
"name": "buildah-tests-debuginfo-0:1.11.6-9.rhaos4.5.el8.x86_64",
"product_id": "buildah-tests-debuginfo-0:1.11.6-9.rhaos4.5.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/buildah-tests-debuginfo@1.11.6-9.rhaos4.5.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "containernetworking-plugins-0:0.8.6-2.rhaos4.5.el8.x86_64",
"product": {
"name": "containernetworking-plugins-0:0.8.6-2.rhaos4.5.el8.x86_64",
"product_id": "containernetworking-plugins-0:0.8.6-2.rhaos4.5.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/containernetworking-plugins@0.8.6-2.rhaos4.5.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "containernetworking-plugins-debugsource-0:0.8.6-2.rhaos4.5.el8.x86_64",
"product": {
"name": "containernetworking-plugins-debugsource-0:0.8.6-2.rhaos4.5.el8.x86_64",
"product_id": "containernetworking-plugins-debugsource-0:0.8.6-2.rhaos4.5.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/containernetworking-plugins-debugsource@0.8.6-2.rhaos4.5.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "containernetworking-plugins-debuginfo-0:0.8.6-2.rhaos4.5.el8.x86_64",
"product": {
"name": "containernetworking-plugins-debuginfo-0:0.8.6-2.rhaos4.5.el8.x86_64",
"product_id": "containernetworking-plugins-debuginfo-0:0.8.6-2.rhaos4.5.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/containernetworking-plugins-debuginfo@0.8.6-2.rhaos4.5.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "apb-0:2.0.3-3.el7.x86_64",
"product": {
"name": "apb-0:2.0.3-3.el7.x86_64",
"product_id": "apb-0:2.0.3-3.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/apb@2.0.3-3.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "cri-o-0:1.18.4-7.rhaos4.5.git572d9f7.el7.x86_64",
"product": {
"name": "cri-o-0:1.18.4-7.rhaos4.5.git572d9f7.el7.x86_64",
"product_id": "cri-o-0:1.18.4-7.rhaos4.5.git572d9f7.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cri-o@1.18.4-7.rhaos4.5.git572d9f7.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "cri-o-debuginfo-0:1.18.4-7.rhaos4.5.git572d9f7.el7.x86_64",
"product": {
"name": "cri-o-debuginfo-0:1.18.4-7.rhaos4.5.git572d9f7.el7.x86_64",
"product_id": "cri-o-debuginfo-0:1.18.4-7.rhaos4.5.git572d9f7.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cri-o-debuginfo@1.18.4-7.rhaos4.5.git572d9f7.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "cri-tools-0:1.18.0-4.el7.x86_64",
"product": {
"name": "cri-tools-0:1.18.0-4.el7.x86_64",
"product_id": "cri-tools-0:1.18.0-4.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cri-tools@1.18.0-4.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "cri-tools-debuginfo-0:1.18.0-4.el7.x86_64",
"product": {
"name": "cri-tools-debuginfo-0:1.18.0-4.el7.x86_64",
"product_id": "cri-tools-debuginfo-0:1.18.0-4.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cri-tools-debuginfo@1.18.0-4.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "golang-github-prometheus-promu-0:0.5.0-3.git642a960.el7.x86_64",
"product": {
"name": "golang-github-prometheus-promu-0:0.5.0-3.git642a960.el7.x86_64",
"product_id": "golang-github-prometheus-promu-0:0.5.0-3.git642a960.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-github-prometheus-promu@0.5.0-3.git642a960.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "prometheus-promu-0:0.5.0-3.git642a960.el7.x86_64",
"product": {
"name": "prometheus-promu-0:0.5.0-3.git642a960.el7.x86_64",
"product_id": "prometheus-promu-0:0.5.0-3.git642a960.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/prometheus-promu@0.5.0-3.git642a960.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "containernetworking-plugins-0:0.8.6-2.rhaos4.5.el7.x86_64",
"product": {
"name": "containernetworking-plugins-0:0.8.6-2.rhaos4.5.el7.x86_64",
"product_id": "containernetworking-plugins-0:0.8.6-2.rhaos4.5.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/containernetworking-plugins@0.8.6-2.rhaos4.5.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "containernetworking-plugins-debuginfo-0:0.8.6-2.rhaos4.5.el7.x86_64",
"product": {
"name": "containernetworking-plugins-debuginfo-0:0.8.6-2.rhaos4.5.el7.x86_64",
"product_id": "containernetworking-plugins-debuginfo-0:0.8.6-2.rhaos4.5.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/containernetworking-plugins-debuginfo@0.8.6-2.rhaos4.5.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "openshift-hyperkube-0:4.5.0-202102261511.p0.git.0.f0229b9.el7.x86_64",
"product": {
"name": "openshift-hyperkube-0:4.5.0-202102261511.p0.git.0.f0229b9.el7.x86_64",
"product_id": "openshift-hyperkube-0:4.5.0-202102261511.p0.git.0.f0229b9.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-hyperkube@4.5.0-202102261511.p0.git.0.f0229b9.el7?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-hyperkube-0:4.5.0-202102261511.p0.git.0.f0229b9.el8.ppc64le",
"product": {
"name": "openshift-hyperkube-0:4.5.0-202102261511.p0.git.0.f0229b9.el8.ppc64le",
"product_id": "openshift-hyperkube-0:4.5.0-202102261511.p0.git.0.f0229b9.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-hyperkube@4.5.0-202102261511.p0.git.0.f0229b9.el8?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "cri-o-0:1.18.4-7.rhaos4.5.git572d9f7.el8.ppc64le",
"product": {
"name": "cri-o-0:1.18.4-7.rhaos4.5.git572d9f7.el8.ppc64le",
"product_id": "cri-o-0:1.18.4-7.rhaos4.5.git572d9f7.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cri-o@1.18.4-7.rhaos4.5.git572d9f7.el8?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "cri-o-debugsource-0:1.18.4-7.rhaos4.5.git572d9f7.el8.ppc64le",
"product": {
"name": "cri-o-debugsource-0:1.18.4-7.rhaos4.5.git572d9f7.el8.ppc64le",
"product_id": "cri-o-debugsource-0:1.18.4-7.rhaos4.5.git572d9f7.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cri-o-debugsource@1.18.4-7.rhaos4.5.git572d9f7.el8?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "cri-o-debuginfo-0:1.18.4-7.rhaos4.5.git572d9f7.el8.ppc64le",
"product": {
"name": "cri-o-debuginfo-0:1.18.4-7.rhaos4.5.git572d9f7.el8.ppc64le",
"product_id": "cri-o-debuginfo-0:1.18.4-7.rhaos4.5.git572d9f7.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cri-o-debuginfo@1.18.4-7.rhaos4.5.git572d9f7.el8?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "cri-tools-0:1.18.0-4.el8.ppc64le",
"product": {
"name": "cri-tools-0:1.18.0-4.el8.ppc64le",
"product_id": "cri-tools-0:1.18.0-4.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cri-tools@1.18.0-4.el8?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "cri-tools-debugsource-0:1.18.0-4.el8.ppc64le",
"product": {
"name": "cri-tools-debugsource-0:1.18.0-4.el8.ppc64le",
"product_id": "cri-tools-debugsource-0:1.18.0-4.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cri-tools-debugsource@1.18.0-4.el8?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "cri-tools-debuginfo-0:1.18.0-4.el8.ppc64le",
"product": {
"name": "cri-tools-debuginfo-0:1.18.0-4.el8.ppc64le",
"product_id": "cri-tools-debuginfo-0:1.18.0-4.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cri-tools-debuginfo@1.18.0-4.el8?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "buildah-0:1.11.6-9.rhaos4.5.el8.ppc64le",
"product": {
"name": "buildah-0:1.11.6-9.rhaos4.5.el8.ppc64le",
"product_id": "buildah-0:1.11.6-9.rhaos4.5.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/buildah@1.11.6-9.rhaos4.5.el8?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "buildah-tests-0:1.11.6-9.rhaos4.5.el8.ppc64le",
"product": {
"name": "buildah-tests-0:1.11.6-9.rhaos4.5.el8.ppc64le",
"product_id": "buildah-tests-0:1.11.6-9.rhaos4.5.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/buildah-tests@1.11.6-9.rhaos4.5.el8?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "buildah-debugsource-0:1.11.6-9.rhaos4.5.el8.ppc64le",
"product": {
"name": "buildah-debugsource-0:1.11.6-9.rhaos4.5.el8.ppc64le",
"product_id": "buildah-debugsource-0:1.11.6-9.rhaos4.5.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/buildah-debugsource@1.11.6-9.rhaos4.5.el8?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "buildah-debuginfo-0:1.11.6-9.rhaos4.5.el8.ppc64le",
"product": {
"name": "buildah-debuginfo-0:1.11.6-9.rhaos4.5.el8.ppc64le",
"product_id": "buildah-debuginfo-0:1.11.6-9.rhaos4.5.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/buildah-debuginfo@1.11.6-9.rhaos4.5.el8?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "buildah-tests-debuginfo-0:1.11.6-9.rhaos4.5.el8.ppc64le",
"product": {
"name": "buildah-tests-debuginfo-0:1.11.6-9.rhaos4.5.el8.ppc64le",
"product_id": "buildah-tests-debuginfo-0:1.11.6-9.rhaos4.5.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/buildah-tests-debuginfo@1.11.6-9.rhaos4.5.el8?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "containernetworking-plugins-0:0.8.6-2.rhaos4.5.el8.ppc64le",
"product": {
"name": "containernetworking-plugins-0:0.8.6-2.rhaos4.5.el8.ppc64le",
"product_id": "containernetworking-plugins-0:0.8.6-2.rhaos4.5.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/containernetworking-plugins@0.8.6-2.rhaos4.5.el8?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "containernetworking-plugins-debugsource-0:0.8.6-2.rhaos4.5.el8.ppc64le",
"product": {
"name": "containernetworking-plugins-debugsource-0:0.8.6-2.rhaos4.5.el8.ppc64le",
"product_id": "containernetworking-plugins-debugsource-0:0.8.6-2.rhaos4.5.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/containernetworking-plugins-debugsource@0.8.6-2.rhaos4.5.el8?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "containernetworking-plugins-debuginfo-0:0.8.6-2.rhaos4.5.el8.ppc64le",
"product": {
"name": "containernetworking-plugins-debuginfo-0:0.8.6-2.rhaos4.5.el8.ppc64le",
"product_id": "containernetworking-plugins-debuginfo-0:0.8.6-2.rhaos4.5.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/containernetworking-plugins-debuginfo@0.8.6-2.rhaos4.5.el8?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "apb-0:2.0.3-3.el7.ppc64le",
"product": {
"name": "apb-0:2.0.3-3.el7.ppc64le",
"product_id": "apb-0:2.0.3-3.el7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/apb@2.0.3-3.el7?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "cri-o-0:1.18.4-7.rhaos4.5.git572d9f7.el7.ppc64le",
"product": {
"name": "cri-o-0:1.18.4-7.rhaos4.5.git572d9f7.el7.ppc64le",
"product_id": "cri-o-0:1.18.4-7.rhaos4.5.git572d9f7.el7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cri-o@1.18.4-7.rhaos4.5.git572d9f7.el7?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "cri-o-debuginfo-0:1.18.4-7.rhaos4.5.git572d9f7.el7.ppc64le",
"product": {
"name": "cri-o-debuginfo-0:1.18.4-7.rhaos4.5.git572d9f7.el7.ppc64le",
"product_id": "cri-o-debuginfo-0:1.18.4-7.rhaos4.5.git572d9f7.el7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cri-o-debuginfo@1.18.4-7.rhaos4.5.git572d9f7.el7?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "cri-tools-0:1.18.0-4.el7.ppc64le",
"product": {
"name": "cri-tools-0:1.18.0-4.el7.ppc64le",
"product_id": "cri-tools-0:1.18.0-4.el7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cri-tools@1.18.0-4.el7?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "cri-tools-debuginfo-0:1.18.0-4.el7.ppc64le",
"product": {
"name": "cri-tools-debuginfo-0:1.18.0-4.el7.ppc64le",
"product_id": "cri-tools-debuginfo-0:1.18.0-4.el7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cri-tools-debuginfo@1.18.0-4.el7?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "golang-github-prometheus-promu-0:0.5.0-3.git642a960.el7.ppc64le",
"product": {
"name": "golang-github-prometheus-promu-0:0.5.0-3.git642a960.el7.ppc64le",
"product_id": "golang-github-prometheus-promu-0:0.5.0-3.git642a960.el7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-github-prometheus-promu@0.5.0-3.git642a960.el7?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "prometheus-promu-0:0.5.0-3.git642a960.el7.ppc64le",
"product": {
"name": "prometheus-promu-0:0.5.0-3.git642a960.el7.ppc64le",
"product_id": "prometheus-promu-0:0.5.0-3.git642a960.el7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/prometheus-promu@0.5.0-3.git642a960.el7?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "containernetworking-plugins-0:0.8.6-2.rhaos4.5.el7.ppc64le",
"product": {
"name": "containernetworking-plugins-0:0.8.6-2.rhaos4.5.el7.ppc64le",
"product_id": "containernetworking-plugins-0:0.8.6-2.rhaos4.5.el7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/containernetworking-plugins@0.8.6-2.rhaos4.5.el7?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "containernetworking-plugins-debuginfo-0:0.8.6-2.rhaos4.5.el7.ppc64le",
"product": {
"name": "containernetworking-plugins-debuginfo-0:0.8.6-2.rhaos4.5.el7.ppc64le",
"product_id": "containernetworking-plugins-debuginfo-0:0.8.6-2.rhaos4.5.el7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/containernetworking-plugins-debuginfo@0.8.6-2.rhaos4.5.el7?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "openshift-hyperkube-0:4.5.0-202102261511.p0.git.0.f0229b9.el7.ppc64le",
"product": {
"name": "openshift-hyperkube-0:4.5.0-202102261511.p0.git.0.f0229b9.el7.ppc64le",
"product_id": "openshift-hyperkube-0:4.5.0-202102261511.p0.git.0.f0229b9.el7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-hyperkube@4.5.0-202102261511.p0.git.0.f0229b9.el7?arch=ppc64le"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-hyperkube-0:4.5.0-202102261511.p0.git.0.f0229b9.el8.s390x",
"product": {
"name": "openshift-hyperkube-0:4.5.0-202102261511.p0.git.0.f0229b9.el8.s390x",
"product_id": "openshift-hyperkube-0:4.5.0-202102261511.p0.git.0.f0229b9.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-hyperkube@4.5.0-202102261511.p0.git.0.f0229b9.el8?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "cri-o-0:1.18.4-7.rhaos4.5.git572d9f7.el8.s390x",
"product": {
"name": "cri-o-0:1.18.4-7.rhaos4.5.git572d9f7.el8.s390x",
"product_id": "cri-o-0:1.18.4-7.rhaos4.5.git572d9f7.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cri-o@1.18.4-7.rhaos4.5.git572d9f7.el8?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "cri-o-debugsource-0:1.18.4-7.rhaos4.5.git572d9f7.el8.s390x",
"product": {
"name": "cri-o-debugsource-0:1.18.4-7.rhaos4.5.git572d9f7.el8.s390x",
"product_id": "cri-o-debugsource-0:1.18.4-7.rhaos4.5.git572d9f7.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cri-o-debugsource@1.18.4-7.rhaos4.5.git572d9f7.el8?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "cri-o-debuginfo-0:1.18.4-7.rhaos4.5.git572d9f7.el8.s390x",
"product": {
"name": "cri-o-debuginfo-0:1.18.4-7.rhaos4.5.git572d9f7.el8.s390x",
"product_id": "cri-o-debuginfo-0:1.18.4-7.rhaos4.5.git572d9f7.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cri-o-debuginfo@1.18.4-7.rhaos4.5.git572d9f7.el8?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "cri-tools-0:1.18.0-4.el8.s390x",
"product": {
"name": "cri-tools-0:1.18.0-4.el8.s390x",
"product_id": "cri-tools-0:1.18.0-4.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cri-tools@1.18.0-4.el8?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "cri-tools-debugsource-0:1.18.0-4.el8.s390x",
"product": {
"name": "cri-tools-debugsource-0:1.18.0-4.el8.s390x",
"product_id": "cri-tools-debugsource-0:1.18.0-4.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cri-tools-debugsource@1.18.0-4.el8?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "cri-tools-debuginfo-0:1.18.0-4.el8.s390x",
"product": {
"name": "cri-tools-debuginfo-0:1.18.0-4.el8.s390x",
"product_id": "cri-tools-debuginfo-0:1.18.0-4.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cri-tools-debuginfo@1.18.0-4.el8?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "buildah-0:1.11.6-9.rhaos4.5.el8.s390x",
"product": {
"name": "buildah-0:1.11.6-9.rhaos4.5.el8.s390x",
"product_id": "buildah-0:1.11.6-9.rhaos4.5.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/buildah@1.11.6-9.rhaos4.5.el8?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "buildah-tests-0:1.11.6-9.rhaos4.5.el8.s390x",
"product": {
"name": "buildah-tests-0:1.11.6-9.rhaos4.5.el8.s390x",
"product_id": "buildah-tests-0:1.11.6-9.rhaos4.5.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/buildah-tests@1.11.6-9.rhaos4.5.el8?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "buildah-debugsource-0:1.11.6-9.rhaos4.5.el8.s390x",
"product": {
"name": "buildah-debugsource-0:1.11.6-9.rhaos4.5.el8.s390x",
"product_id": "buildah-debugsource-0:1.11.6-9.rhaos4.5.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/buildah-debugsource@1.11.6-9.rhaos4.5.el8?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "buildah-debuginfo-0:1.11.6-9.rhaos4.5.el8.s390x",
"product": {
"name": "buildah-debuginfo-0:1.11.6-9.rhaos4.5.el8.s390x",
"product_id": "buildah-debuginfo-0:1.11.6-9.rhaos4.5.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/buildah-debuginfo@1.11.6-9.rhaos4.5.el8?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "buildah-tests-debuginfo-0:1.11.6-9.rhaos4.5.el8.s390x",
"product": {
"name": "buildah-tests-debuginfo-0:1.11.6-9.rhaos4.5.el8.s390x",
"product_id": "buildah-tests-debuginfo-0:1.11.6-9.rhaos4.5.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/buildah-tests-debuginfo@1.11.6-9.rhaos4.5.el8?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "containernetworking-plugins-0:0.8.6-2.rhaos4.5.el8.s390x",
"product": {
"name": "containernetworking-plugins-0:0.8.6-2.rhaos4.5.el8.s390x",
"product_id": "containernetworking-plugins-0:0.8.6-2.rhaos4.5.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/containernetworking-plugins@0.8.6-2.rhaos4.5.el8?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "containernetworking-plugins-debugsource-0:0.8.6-2.rhaos4.5.el8.s390x",
"product": {
"name": "containernetworking-plugins-debugsource-0:0.8.6-2.rhaos4.5.el8.s390x",
"product_id": "containernetworking-plugins-debugsource-0:0.8.6-2.rhaos4.5.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/containernetworking-plugins-debugsource@0.8.6-2.rhaos4.5.el8?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "containernetworking-plugins-debuginfo-0:0.8.6-2.rhaos4.5.el8.s390x",
"product": {
"name": "containernetworking-plugins-debuginfo-0:0.8.6-2.rhaos4.5.el8.s390x",
"product_id": "containernetworking-plugins-debuginfo-0:0.8.6-2.rhaos4.5.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/containernetworking-plugins-debuginfo@0.8.6-2.rhaos4.5.el8?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "apb-0:2.0.3-3.el7.s390x",
"product": {
"name": "apb-0:2.0.3-3.el7.s390x",
"product_id": "apb-0:2.0.3-3.el7.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/apb@2.0.3-3.el7?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "cri-o-0:1.18.4-7.rhaos4.5.git572d9f7.el7.s390x",
"product": {
"name": "cri-o-0:1.18.4-7.rhaos4.5.git572d9f7.el7.s390x",
"product_id": "cri-o-0:1.18.4-7.rhaos4.5.git572d9f7.el7.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cri-o@1.18.4-7.rhaos4.5.git572d9f7.el7?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "cri-o-debuginfo-0:1.18.4-7.rhaos4.5.git572d9f7.el7.s390x",
"product": {
"name": "cri-o-debuginfo-0:1.18.4-7.rhaos4.5.git572d9f7.el7.s390x",
"product_id": "cri-o-debuginfo-0:1.18.4-7.rhaos4.5.git572d9f7.el7.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cri-o-debuginfo@1.18.4-7.rhaos4.5.git572d9f7.el7?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "cri-tools-0:1.18.0-4.el7.s390x",
"product": {
"name": "cri-tools-0:1.18.0-4.el7.s390x",
"product_id": "cri-tools-0:1.18.0-4.el7.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cri-tools@1.18.0-4.el7?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "cri-tools-debuginfo-0:1.18.0-4.el7.s390x",
"product": {
"name": "cri-tools-debuginfo-0:1.18.0-4.el7.s390x",
"product_id": "cri-tools-debuginfo-0:1.18.0-4.el7.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cri-tools-debuginfo@1.18.0-4.el7?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "golang-github-prometheus-promu-0:0.5.0-3.git642a960.el7.s390x",
"product": {
"name": "golang-github-prometheus-promu-0:0.5.0-3.git642a960.el7.s390x",
"product_id": "golang-github-prometheus-promu-0:0.5.0-3.git642a960.el7.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-github-prometheus-promu@0.5.0-3.git642a960.el7?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "prometheus-promu-0:0.5.0-3.git642a960.el7.s390x",
"product": {
"name": "prometheus-promu-0:0.5.0-3.git642a960.el7.s390x",
"product_id": "prometheus-promu-0:0.5.0-3.git642a960.el7.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/prometheus-promu@0.5.0-3.git642a960.el7?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "containernetworking-plugins-0:0.8.6-2.rhaos4.5.el7.s390x",
"product": {
"name": "containernetworking-plugins-0:0.8.6-2.rhaos4.5.el7.s390x",
"product_id": "containernetworking-plugins-0:0.8.6-2.rhaos4.5.el7.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/containernetworking-plugins@0.8.6-2.rhaos4.5.el7?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "containernetworking-plugins-debuginfo-0:0.8.6-2.rhaos4.5.el7.s390x",
"product": {
"name": "containernetworking-plugins-debuginfo-0:0.8.6-2.rhaos4.5.el7.s390x",
"product_id": "containernetworking-plugins-debuginfo-0:0.8.6-2.rhaos4.5.el7.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/containernetworking-plugins-debuginfo@0.8.6-2.rhaos4.5.el7?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "openshift-hyperkube-0:4.5.0-202102261511.p0.git.0.f0229b9.el7.s390x",
"product": {
"name": "openshift-hyperkube-0:4.5.0-202102261511.p0.git.0.f0229b9.el7.s390x",
"product_id": "openshift-hyperkube-0:4.5.0-202102261511.p0.git.0.f0229b9.el7.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-hyperkube@4.5.0-202102261511.p0.git.0.f0229b9.el7?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "apb-container-scripts-0:2.0.3-3.el7.noarch",
"product": {
"name": "apb-container-scripts-0:2.0.3-3.el7.noarch",
"product_id": "apb-container-scripts-0:2.0.3-3.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/apb-container-scripts@2.0.3-3.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "apb-devel-0:2.0.3-3.el7.noarch",
"product": {
"name": "apb-devel-0:2.0.3-3.el7.noarch",
"product_id": "apb-devel-0:2.0.3-3.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/apb-devel@2.0.3-3.el7?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "apb-0:2.0.3-3.el7.ppc64le as a component of Red Hat OpenShift Container Platform 4.5",
"product_id": "7Server-RH7-RHOSE-4.5:apb-0:2.0.3-3.el7.ppc64le"
},
"product_reference": "apb-0:2.0.3-3.el7.ppc64le",
"relates_to_product_reference": "7Server-RH7-RHOSE-4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apb-0:2.0.3-3.el7.s390x as a component of Red Hat OpenShift Container Platform 4.5",
"product_id": "7Server-RH7-RHOSE-4.5:apb-0:2.0.3-3.el7.s390x"
},
"product_reference": "apb-0:2.0.3-3.el7.s390x",
"relates_to_product_reference": "7Server-RH7-RHOSE-4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apb-0:2.0.3-3.el7.src as a component of Red Hat OpenShift Container Platform 4.5",
"product_id": "7Server-RH7-RHOSE-4.5:apb-0:2.0.3-3.el7.src"
},
"product_reference": "apb-0:2.0.3-3.el7.src",
"relates_to_product_reference": "7Server-RH7-RHOSE-4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apb-0:2.0.3-3.el7.x86_64 as a component of Red Hat OpenShift Container Platform 4.5",
"product_id": "7Server-RH7-RHOSE-4.5:apb-0:2.0.3-3.el7.x86_64"
},
"product_reference": "apb-0:2.0.3-3.el7.x86_64",
"relates_to_product_reference": "7Server-RH7-RHOSE-4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apb-container-scripts-0:2.0.3-3.el7.noarch as a component of Red Hat OpenShift Container Platform 4.5",
"product_id": "7Server-RH7-RHOSE-4.5:apb-container-scripts-0:2.0.3-3.el7.noarch"
},
"product_reference": "apb-container-scripts-0:2.0.3-3.el7.noarch",
"relates_to_product_reference": "7Server-RH7-RHOSE-4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apb-devel-0:2.0.3-3.el7.noarch as a component of Red Hat OpenShift Container Platform 4.5",
"product_id": "7Server-RH7-RHOSE-4.5:apb-devel-0:2.0.3-3.el7.noarch"
},
"product_reference": "apb-devel-0:2.0.3-3.el7.noarch",
"relates_to_product_reference": "7Server-RH7-RHOSE-4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "containernetworking-plugins-0:0.8.6-2.rhaos4.5.el7.ppc64le as a component of Red Hat OpenShift Container Platform 4.5",
"product_id": "7Server-RH7-RHOSE-4.5:containernetworking-plugins-0:0.8.6-2.rhaos4.5.el7.ppc64le"
},
"product_reference": "containernetworking-plugins-0:0.8.6-2.rhaos4.5.el7.ppc64le",
"relates_to_product_reference": "7Server-RH7-RHOSE-4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "containernetworking-plugins-0:0.8.6-2.rhaos4.5.el7.s390x as a component of Red Hat OpenShift Container Platform 4.5",
"product_id": "7Server-RH7-RHOSE-4.5:containernetworking-plugins-0:0.8.6-2.rhaos4.5.el7.s390x"
},
"product_reference": "containernetworking-plugins-0:0.8.6-2.rhaos4.5.el7.s390x",
"relates_to_product_reference": "7Server-RH7-RHOSE-4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "containernetworking-plugins-0:0.8.6-2.rhaos4.5.el7.src as a component of Red Hat OpenShift Container Platform 4.5",
"product_id": "7Server-RH7-RHOSE-4.5:containernetworking-plugins-0:0.8.6-2.rhaos4.5.el7.src"
},
"product_reference": "containernetworking-plugins-0:0.8.6-2.rhaos4.5.el7.src",
"relates_to_product_reference": "7Server-RH7-RHOSE-4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "containernetworking-plugins-0:0.8.6-2.rhaos4.5.el7.x86_64 as a component of Red Hat OpenShift Container Platform 4.5",
"product_id": "7Server-RH7-RHOSE-4.5:containernetworking-plugins-0:0.8.6-2.rhaos4.5.el7.x86_64"
},
"product_reference": "containernetworking-plugins-0:0.8.6-2.rhaos4.5.el7.x86_64",
"relates_to_product_reference": "7Server-RH7-RHOSE-4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "containernetworking-plugins-debuginfo-0:0.8.6-2.rhaos4.5.el7.ppc64le as a component of Red Hat OpenShift Container Platform 4.5",
"product_id": "7Server-RH7-RHOSE-4.5:containernetworking-plugins-debuginfo-0:0.8.6-2.rhaos4.5.el7.ppc64le"
},
"product_reference": "containernetworking-plugins-debuginfo-0:0.8.6-2.rhaos4.5.el7.ppc64le",
"relates_to_product_reference": "7Server-RH7-RHOSE-4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "containernetworking-plugins-debuginfo-0:0.8.6-2.rhaos4.5.el7.s390x as a component of Red Hat OpenShift Container Platform 4.5",
"product_id": "7Server-RH7-RHOSE-4.5:containernetworking-plugins-debuginfo-0:0.8.6-2.rhaos4.5.el7.s390x"
},
"product_reference": "containernetworking-plugins-debuginfo-0:0.8.6-2.rhaos4.5.el7.s390x",
"relates_to_product_reference": "7Server-RH7-RHOSE-4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "containernetworking-plugins-debuginfo-0:0.8.6-2.rhaos4.5.el7.x86_64 as a component of Red Hat OpenShift Container Platform 4.5",
"product_id": "7Server-RH7-RHOSE-4.5:containernetworking-plugins-debuginfo-0:0.8.6-2.rhaos4.5.el7.x86_64"
},
"product_reference": "containernetworking-plugins-debuginfo-0:0.8.6-2.rhaos4.5.el7.x86_64",
"relates_to_product_reference": "7Server-RH7-RHOSE-4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cri-o-0:1.18.4-7.rhaos4.5.git572d9f7.el7.ppc64le as a component of Red Hat OpenShift Container Platform 4.5",
"product_id": "7Server-RH7-RHOSE-4.5:cri-o-0:1.18.4-7.rhaos4.5.git572d9f7.el7.ppc64le"
},
"product_reference": "cri-o-0:1.18.4-7.rhaos4.5.git572d9f7.el7.ppc64le",
"relates_to_product_reference": "7Server-RH7-RHOSE-4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cri-o-0:1.18.4-7.rhaos4.5.git572d9f7.el7.s390x as a component of Red Hat OpenShift Container Platform 4.5",
"product_id": "7Server-RH7-RHOSE-4.5:cri-o-0:1.18.4-7.rhaos4.5.git572d9f7.el7.s390x"
},
"product_reference": "cri-o-0:1.18.4-7.rhaos4.5.git572d9f7.el7.s390x",
"relates_to_product_reference": "7Server-RH7-RHOSE-4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cri-o-0:1.18.4-7.rhaos4.5.git572d9f7.el7.src as a component of Red Hat OpenShift Container Platform 4.5",
"product_id": "7Server-RH7-RHOSE-4.5:cri-o-0:1.18.4-7.rhaos4.5.git572d9f7.el7.src"
},
"product_reference": "cri-o-0:1.18.4-7.rhaos4.5.git572d9f7.el7.src",
"relates_to_product_reference": "7Server-RH7-RHOSE-4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cri-o-0:1.18.4-7.rhaos4.5.git572d9f7.el7.x86_64 as a component of Red Hat OpenShift Container Platform 4.5",
"product_id": "7Server-RH7-RHOSE-4.5:cri-o-0:1.18.4-7.rhaos4.5.git572d9f7.el7.x86_64"
},
"product_reference": "cri-o-0:1.18.4-7.rhaos4.5.git572d9f7.el7.x86_64",
"relates_to_product_reference": "7Server-RH7-RHOSE-4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cri-o-debuginfo-0:1.18.4-7.rhaos4.5.git572d9f7.el7.ppc64le as a component of Red Hat OpenShift Container Platform 4.5",
"product_id": "7Server-RH7-RHOSE-4.5:cri-o-debuginfo-0:1.18.4-7.rhaos4.5.git572d9f7.el7.ppc64le"
},
"product_reference": "cri-o-debuginfo-0:1.18.4-7.rhaos4.5.git572d9f7.el7.ppc64le",
"relates_to_product_reference": "7Server-RH7-RHOSE-4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cri-o-debuginfo-0:1.18.4-7.rhaos4.5.git572d9f7.el7.s390x as a component of Red Hat OpenShift Container Platform 4.5",
"product_id": "7Server-RH7-RHOSE-4.5:cri-o-debuginfo-0:1.18.4-7.rhaos4.5.git572d9f7.el7.s390x"
},
"product_reference": "cri-o-debuginfo-0:1.18.4-7.rhaos4.5.git572d9f7.el7.s390x",
"relates_to_product_reference": "7Server-RH7-RHOSE-4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cri-o-debuginfo-0:1.18.4-7.rhaos4.5.git572d9f7.el7.x86_64 as a component of Red Hat OpenShift Container Platform 4.5",
"product_id": "7Server-RH7-RHOSE-4.5:cri-o-debuginfo-0:1.18.4-7.rhaos4.5.git572d9f7.el7.x86_64"
},
"product_reference": "cri-o-debuginfo-0:1.18.4-7.rhaos4.5.git572d9f7.el7.x86_64",
"relates_to_product_reference": "7Server-RH7-RHOSE-4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cri-tools-0:1.18.0-4.el7.ppc64le as a component of Red Hat OpenShift Container Platform 4.5",
"product_id": "7Server-RH7-RHOSE-4.5:cri-tools-0:1.18.0-4.el7.ppc64le"
},
"product_reference": "cri-tools-0:1.18.0-4.el7.ppc64le",
"relates_to_product_reference": "7Server-RH7-RHOSE-4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cri-tools-0:1.18.0-4.el7.s390x as a component of Red Hat OpenShift Container Platform 4.5",
"product_id": "7Server-RH7-RHOSE-4.5:cri-tools-0:1.18.0-4.el7.s390x"
},
"product_reference": "cri-tools-0:1.18.0-4.el7.s390x",
"relates_to_product_reference": "7Server-RH7-RHOSE-4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cri-tools-0:1.18.0-4.el7.src as a component of Red Hat OpenShift Container Platform 4.5",
"product_id": "7Server-RH7-RHOSE-4.5:cri-tools-0:1.18.0-4.el7.src"
},
"product_reference": "cri-tools-0:1.18.0-4.el7.src",
"relates_to_product_reference": "7Server-RH7-RHOSE-4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cri-tools-0:1.18.0-4.el7.x86_64 as a component of Red Hat OpenShift Container Platform 4.5",
"product_id": "7Server-RH7-RHOSE-4.5:cri-tools-0:1.18.0-4.el7.x86_64"
},
"product_reference": "cri-tools-0:1.18.0-4.el7.x86_64",
"relates_to_product_reference": "7Server-RH7-RHOSE-4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cri-tools-debuginfo-0:1.18.0-4.el7.ppc64le as a component of Red Hat OpenShift Container Platform 4.5",
"product_id": "7Server-RH7-RHOSE-4.5:cri-tools-debuginfo-0:1.18.0-4.el7.ppc64le"
},
"product_reference": "cri-tools-debuginfo-0:1.18.0-4.el7.ppc64le",
"relates_to_product_reference": "7Server-RH7-RHOSE-4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cri-tools-debuginfo-0:1.18.0-4.el7.s390x as a component of Red Hat OpenShift Container Platform 4.5",
"product_id": "7Server-RH7-RHOSE-4.5:cri-tools-debuginfo-0:1.18.0-4.el7.s390x"
},
"product_reference": "cri-tools-debuginfo-0:1.18.0-4.el7.s390x",
"relates_to_product_reference": "7Server-RH7-RHOSE-4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cri-tools-debuginfo-0:1.18.0-4.el7.x86_64 as a component of Red Hat OpenShift Container Platform 4.5",
"product_id": "7Server-RH7-RHOSE-4.5:cri-tools-debuginfo-0:1.18.0-4.el7.x86_64"
},
"product_reference": "cri-tools-debuginfo-0:1.18.0-4.el7.x86_64",
"relates_to_product_reference": "7Server-RH7-RHOSE-4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-promu-0:0.5.0-3.git642a960.el7.ppc64le as a component of Red Hat OpenShift Container Platform 4.5",
"product_id": "7Server-RH7-RHOSE-4.5:golang-github-prometheus-promu-0:0.5.0-3.git642a960.el7.ppc64le"
},
"product_reference": "golang-github-prometheus-promu-0:0.5.0-3.git642a960.el7.ppc64le",
"relates_to_product_reference": "7Server-RH7-RHOSE-4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-promu-0:0.5.0-3.git642a960.el7.s390x as a component of Red Hat OpenShift Container Platform 4.5",
"product_id": "7Server-RH7-RHOSE-4.5:golang-github-prometheus-promu-0:0.5.0-3.git642a960.el7.s390x"
},
"product_reference": "golang-github-prometheus-promu-0:0.5.0-3.git642a960.el7.s390x",
"relates_to_product_reference": "7Server-RH7-RHOSE-4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-promu-0:0.5.0-3.git642a960.el7.src as a component of Red Hat OpenShift Container Platform 4.5",
"product_id": "7Server-RH7-RHOSE-4.5:golang-github-prometheus-promu-0:0.5.0-3.git642a960.el7.src"
},
"product_reference": "golang-github-prometheus-promu-0:0.5.0-3.git642a960.el7.src",
"relates_to_product_reference": "7Server-RH7-RHOSE-4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-promu-0:0.5.0-3.git642a960.el7.x86_64 as a component of Red Hat OpenShift Container Platform 4.5",
"product_id": "7Server-RH7-RHOSE-4.5:golang-github-prometheus-promu-0:0.5.0-3.git642a960.el7.x86_64"
},
"product_reference": "golang-github-prometheus-promu-0:0.5.0-3.git642a960.el7.x86_64",
"relates_to_product_reference": "7Server-RH7-RHOSE-4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-0:4.5.0-202102261511.p0.git.0.f0229b9.el7.src as a component of Red Hat OpenShift Container Platform 4.5",
"product_id": "7Server-RH7-RHOSE-4.5:openshift-0:4.5.0-202102261511.p0.git.0.f0229b9.el7.src"
},
"product_reference": "openshift-0:4.5.0-202102261511.p0.git.0.f0229b9.el7.src",
"relates_to_product_reference": "7Server-RH7-RHOSE-4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-hyperkube-0:4.5.0-202102261511.p0.git.0.f0229b9.el7.ppc64le as a component of Red Hat OpenShift Container Platform 4.5",
"product_id": "7Server-RH7-RHOSE-4.5:openshift-hyperkube-0:4.5.0-202102261511.p0.git.0.f0229b9.el7.ppc64le"
},
"product_reference": "openshift-hyperkube-0:4.5.0-202102261511.p0.git.0.f0229b9.el7.ppc64le",
"relates_to_product_reference": "7Server-RH7-RHOSE-4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-hyperkube-0:4.5.0-202102261511.p0.git.0.f0229b9.el7.s390x as a component of Red Hat OpenShift Container Platform 4.5",
"product_id": "7Server-RH7-RHOSE-4.5:openshift-hyperkube-0:4.5.0-202102261511.p0.git.0.f0229b9.el7.s390x"
},
"product_reference": "openshift-hyperkube-0:4.5.0-202102261511.p0.git.0.f0229b9.el7.s390x",
"relates_to_product_reference": "7Server-RH7-RHOSE-4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-hyperkube-0:4.5.0-202102261511.p0.git.0.f0229b9.el7.x86_64 as a component of Red Hat OpenShift Container Platform 4.5",
"product_id": "7Server-RH7-RHOSE-4.5:openshift-hyperkube-0:4.5.0-202102261511.p0.git.0.f0229b9.el7.x86_64"
},
"product_reference": "openshift-hyperkube-0:4.5.0-202102261511.p0.git.0.f0229b9.el7.x86_64",
"relates_to_product_reference": "7Server-RH7-RHOSE-4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "prometheus-promu-0:0.5.0-3.git642a960.el7.ppc64le as a component of Red Hat OpenShift Container Platform 4.5",
"product_id": "7Server-RH7-RHOSE-4.5:prometheus-promu-0:0.5.0-3.git642a960.el7.ppc64le"
},
"product_reference": "prometheus-promu-0:0.5.0-3.git642a960.el7.ppc64le",
"relates_to_product_reference": "7Server-RH7-RHOSE-4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "prometheus-promu-0:0.5.0-3.git642a960.el7.s390x as a component of Red Hat OpenShift Container Platform 4.5",
"product_id": "7Server-RH7-RHOSE-4.5:prometheus-promu-0:0.5.0-3.git642a960.el7.s390x"
},
"product_reference": "prometheus-promu-0:0.5.0-3.git642a960.el7.s390x",
"relates_to_product_reference": "7Server-RH7-RHOSE-4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "prometheus-promu-0:0.5.0-3.git642a960.el7.x86_64 as a component of Red Hat OpenShift Container Platform 4.5",
"product_id": "7Server-RH7-RHOSE-4.5:prometheus-promu-0:0.5.0-3.git642a960.el7.x86_64"
},
"product_reference": "prometheus-promu-0:0.5.0-3.git642a960.el7.x86_64",
"relates_to_product_reference": "7Server-RH7-RHOSE-4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "buildah-0:1.11.6-9.rhaos4.5.el8.ppc64le as a component of Red Hat OpenShift Container Platform 4.5",
"product_id": "8Base-RHOSE-4.5:buildah-0:1.11.6-9.rhaos4.5.el8.ppc64le"
},
"product_reference": "buildah-0:1.11.6-9.rhaos4.5.el8.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "buildah-0:1.11.6-9.rhaos4.5.el8.s390x as a component of Red Hat OpenShift Container Platform 4.5",
"product_id": "8Base-RHOSE-4.5:buildah-0:1.11.6-9.rhaos4.5.el8.s390x"
},
"product_reference": "buildah-0:1.11.6-9.rhaos4.5.el8.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "buildah-0:1.11.6-9.rhaos4.5.el8.src as a component of Red Hat OpenShift Container Platform 4.5",
"product_id": "8Base-RHOSE-4.5:buildah-0:1.11.6-9.rhaos4.5.el8.src"
},
"product_reference": "buildah-0:1.11.6-9.rhaos4.5.el8.src",
"relates_to_product_reference": "8Base-RHOSE-4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "buildah-0:1.11.6-9.rhaos4.5.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.5",
"product_id": "8Base-RHOSE-4.5:buildah-0:1.11.6-9.rhaos4.5.el8.x86_64"
},
"product_reference": "buildah-0:1.11.6-9.rhaos4.5.el8.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "buildah-debuginfo-0:1.11.6-9.rhaos4.5.el8.ppc64le as a component of Red Hat OpenShift Container Platform 4.5",
"product_id": "8Base-RHOSE-4.5:buildah-debuginfo-0:1.11.6-9.rhaos4.5.el8.ppc64le"
},
"product_reference": "buildah-debuginfo-0:1.11.6-9.rhaos4.5.el8.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "buildah-debuginfo-0:1.11.6-9.rhaos4.5.el8.s390x as a component of Red Hat OpenShift Container Platform 4.5",
"product_id": "8Base-RHOSE-4.5:buildah-debuginfo-0:1.11.6-9.rhaos4.5.el8.s390x"
},
"product_reference": "buildah-debuginfo-0:1.11.6-9.rhaos4.5.el8.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "buildah-debuginfo-0:1.11.6-9.rhaos4.5.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.5",
"product_id": "8Base-RHOSE-4.5:buildah-debuginfo-0:1.11.6-9.rhaos4.5.el8.x86_64"
},
"product_reference": "buildah-debuginfo-0:1.11.6-9.rhaos4.5.el8.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "buildah-debugsource-0:1.11.6-9.rhaos4.5.el8.ppc64le as a component of Red Hat OpenShift Container Platform 4.5",
"product_id": "8Base-RHOSE-4.5:buildah-debugsource-0:1.11.6-9.rhaos4.5.el8.ppc64le"
},
"product_reference": "buildah-debugsource-0:1.11.6-9.rhaos4.5.el8.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "buildah-debugsource-0:1.11.6-9.rhaos4.5.el8.s390x as a component of Red Hat OpenShift Container Platform 4.5",
"product_id": "8Base-RHOSE-4.5:buildah-debugsource-0:1.11.6-9.rhaos4.5.el8.s390x"
},
"product_reference": "buildah-debugsource-0:1.11.6-9.rhaos4.5.el8.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "buildah-debugsource-0:1.11.6-9.rhaos4.5.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.5",
"product_id": "8Base-RHOSE-4.5:buildah-debugsource-0:1.11.6-9.rhaos4.5.el8.x86_64"
},
"product_reference": "buildah-debugsource-0:1.11.6-9.rhaos4.5.el8.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "buildah-tests-0:1.11.6-9.rhaos4.5.el8.ppc64le as a component of Red Hat OpenShift Container Platform 4.5",
"product_id": "8Base-RHOSE-4.5:buildah-tests-0:1.11.6-9.rhaos4.5.el8.ppc64le"
},
"product_reference": "buildah-tests-0:1.11.6-9.rhaos4.5.el8.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "buildah-tests-0:1.11.6-9.rhaos4.5.el8.s390x as a component of Red Hat OpenShift Container Platform 4.5",
"product_id": "8Base-RHOSE-4.5:buildah-tests-0:1.11.6-9.rhaos4.5.el8.s390x"
},
"product_reference": "buildah-tests-0:1.11.6-9.rhaos4.5.el8.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "buildah-tests-0:1.11.6-9.rhaos4.5.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.5",
"product_id": "8Base-RHOSE-4.5:buildah-tests-0:1.11.6-9.rhaos4.5.el8.x86_64"
},
"product_reference": "buildah-tests-0:1.11.6-9.rhaos4.5.el8.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "buildah-tests-debuginfo-0:1.11.6-9.rhaos4.5.el8.ppc64le as a component of Red Hat OpenShift Container Platform 4.5",
"product_id": "8Base-RHOSE-4.5:buildah-tests-debuginfo-0:1.11.6-9.rhaos4.5.el8.ppc64le"
},
"product_reference": "buildah-tests-debuginfo-0:1.11.6-9.rhaos4.5.el8.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "buildah-tests-debuginfo-0:1.11.6-9.rhaos4.5.el8.s390x as a component of Red Hat OpenShift Container Platform 4.5",
"product_id": "8Base-RHOSE-4.5:buildah-tests-debuginfo-0:1.11.6-9.rhaos4.5.el8.s390x"
},
"product_reference": "buildah-tests-debuginfo-0:1.11.6-9.rhaos4.5.el8.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "buildah-tests-debuginfo-0:1.11.6-9.rhaos4.5.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.5",
"product_id": "8Base-RHOSE-4.5:buildah-tests-debuginfo-0:1.11.6-9.rhaos4.5.el8.x86_64"
},
"product_reference": "buildah-tests-debuginfo-0:1.11.6-9.rhaos4.5.el8.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "containernetworking-plugins-0:0.8.6-2.rhaos4.5.el8.ppc64le as a component of Red Hat OpenShift Container Platform 4.5",
"product_id": "8Base-RHOSE-4.5:containernetworking-plugins-0:0.8.6-2.rhaos4.5.el8.ppc64le"
},
"product_reference": "containernetworking-plugins-0:0.8.6-2.rhaos4.5.el8.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "containernetworking-plugins-0:0.8.6-2.rhaos4.5.el8.s390x as a component of Red Hat OpenShift Container Platform 4.5",
"product_id": "8Base-RHOSE-4.5:containernetworking-plugins-0:0.8.6-2.rhaos4.5.el8.s390x"
},
"product_reference": "containernetworking-plugins-0:0.8.6-2.rhaos4.5.el8.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "containernetworking-plugins-0:0.8.6-2.rhaos4.5.el8.src as a component of Red Hat OpenShift Container Platform 4.5",
"product_id": "8Base-RHOSE-4.5:containernetworking-plugins-0:0.8.6-2.rhaos4.5.el8.src"
},
"product_reference": "containernetworking-plugins-0:0.8.6-2.rhaos4.5.el8.src",
"relates_to_product_reference": "8Base-RHOSE-4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "containernetworking-plugins-0:0.8.6-2.rhaos4.5.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.5",
"product_id": "8Base-RHOSE-4.5:containernetworking-plugins-0:0.8.6-2.rhaos4.5.el8.x86_64"
},
"product_reference": "containernetworking-plugins-0:0.8.6-2.rhaos4.5.el8.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "containernetworking-plugins-debuginfo-0:0.8.6-2.rhaos4.5.el8.ppc64le as a component of Red Hat OpenShift Container Platform 4.5",
"product_id": "8Base-RHOSE-4.5:containernetworking-plugins-debuginfo-0:0.8.6-2.rhaos4.5.el8.ppc64le"
},
"product_reference": "containernetworking-plugins-debuginfo-0:0.8.6-2.rhaos4.5.el8.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "containernetworking-plugins-debuginfo-0:0.8.6-2.rhaos4.5.el8.s390x as a component of Red Hat OpenShift Container Platform 4.5",
"product_id": "8Base-RHOSE-4.5:containernetworking-plugins-debuginfo-0:0.8.6-2.rhaos4.5.el8.s390x"
},
"product_reference": "containernetworking-plugins-debuginfo-0:0.8.6-2.rhaos4.5.el8.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "containernetworking-plugins-debuginfo-0:0.8.6-2.rhaos4.5.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.5",
"product_id": "8Base-RHOSE-4.5:containernetworking-plugins-debuginfo-0:0.8.6-2.rhaos4.5.el8.x86_64"
},
"product_reference": "containernetworking-plugins-debuginfo-0:0.8.6-2.rhaos4.5.el8.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "containernetworking-plugins-debugsource-0:0.8.6-2.rhaos4.5.el8.ppc64le as a component of Red Hat OpenShift Container Platform 4.5",
"product_id": "8Base-RHOSE-4.5:containernetworking-plugins-debugsource-0:0.8.6-2.rhaos4.5.el8.ppc64le"
},
"product_reference": "containernetworking-plugins-debugsource-0:0.8.6-2.rhaos4.5.el8.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "containernetworking-plugins-debugsource-0:0.8.6-2.rhaos4.5.el8.s390x as a component of Red Hat OpenShift Container Platform 4.5",
"product_id": "8Base-RHOSE-4.5:containernetworking-plugins-debugsource-0:0.8.6-2.rhaos4.5.el8.s390x"
},
"product_reference": "containernetworking-plugins-debugsource-0:0.8.6-2.rhaos4.5.el8.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "containernetworking-plugins-debugsource-0:0.8.6-2.rhaos4.5.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.5",
"product_id": "8Base-RHOSE-4.5:containernetworking-plugins-debugsource-0:0.8.6-2.rhaos4.5.el8.x86_64"
},
"product_reference": "containernetworking-plugins-debugsource-0:0.8.6-2.rhaos4.5.el8.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cri-o-0:1.18.4-7.rhaos4.5.git572d9f7.el8.ppc64le as a component of Red Hat OpenShift Container Platform 4.5",
"product_id": "8Base-RHOSE-4.5:cri-o-0:1.18.4-7.rhaos4.5.git572d9f7.el8.ppc64le"
},
"product_reference": "cri-o-0:1.18.4-7.rhaos4.5.git572d9f7.el8.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cri-o-0:1.18.4-7.rhaos4.5.git572d9f7.el8.s390x as a component of Red Hat OpenShift Container Platform 4.5",
"product_id": "8Base-RHOSE-4.5:cri-o-0:1.18.4-7.rhaos4.5.git572d9f7.el8.s390x"
},
"product_reference": "cri-o-0:1.18.4-7.rhaos4.5.git572d9f7.el8.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cri-o-0:1.18.4-7.rhaos4.5.git572d9f7.el8.src as a component of Red Hat OpenShift Container Platform 4.5",
"product_id": "8Base-RHOSE-4.5:cri-o-0:1.18.4-7.rhaos4.5.git572d9f7.el8.src"
},
"product_reference": "cri-o-0:1.18.4-7.rhaos4.5.git572d9f7.el8.src",
"relates_to_product_reference": "8Base-RHOSE-4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cri-o-0:1.18.4-7.rhaos4.5.git572d9f7.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.5",
"product_id": "8Base-RHOSE-4.5:cri-o-0:1.18.4-7.rhaos4.5.git572d9f7.el8.x86_64"
},
"product_reference": "cri-o-0:1.18.4-7.rhaos4.5.git572d9f7.el8.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cri-o-debuginfo-0:1.18.4-7.rhaos4.5.git572d9f7.el8.ppc64le as a component of Red Hat OpenShift Container Platform 4.5",
"product_id": "8Base-RHOSE-4.5:cri-o-debuginfo-0:1.18.4-7.rhaos4.5.git572d9f7.el8.ppc64le"
},
"product_reference": "cri-o-debuginfo-0:1.18.4-7.rhaos4.5.git572d9f7.el8.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cri-o-debuginfo-0:1.18.4-7.rhaos4.5.git572d9f7.el8.s390x as a component of Red Hat OpenShift Container Platform 4.5",
"product_id": "8Base-RHOSE-4.5:cri-o-debuginfo-0:1.18.4-7.rhaos4.5.git572d9f7.el8.s390x"
},
"product_reference": "cri-o-debuginfo-0:1.18.4-7.rhaos4.5.git572d9f7.el8.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cri-o-debuginfo-0:1.18.4-7.rhaos4.5.git572d9f7.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.5",
"product_id": "8Base-RHOSE-4.5:cri-o-debuginfo-0:1.18.4-7.rhaos4.5.git572d9f7.el8.x86_64"
},
"product_reference": "cri-o-debuginfo-0:1.18.4-7.rhaos4.5.git572d9f7.el8.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cri-o-debugsource-0:1.18.4-7.rhaos4.5.git572d9f7.el8.ppc64le as a component of Red Hat OpenShift Container Platform 4.5",
"product_id": "8Base-RHOSE-4.5:cri-o-debugsource-0:1.18.4-7.rhaos4.5.git572d9f7.el8.ppc64le"
},
"product_reference": "cri-o-debugsource-0:1.18.4-7.rhaos4.5.git572d9f7.el8.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cri-o-debugsource-0:1.18.4-7.rhaos4.5.git572d9f7.el8.s390x as a component of Red Hat OpenShift Container Platform 4.5",
"product_id": "8Base-RHOSE-4.5:cri-o-debugsource-0:1.18.4-7.rhaos4.5.git572d9f7.el8.s390x"
},
"product_reference": "cri-o-debugsource-0:1.18.4-7.rhaos4.5.git572d9f7.el8.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cri-o-debugsource-0:1.18.4-7.rhaos4.5.git572d9f7.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.5",
"product_id": "8Base-RHOSE-4.5:cri-o-debugsource-0:1.18.4-7.rhaos4.5.git572d9f7.el8.x86_64"
},
"product_reference": "cri-o-debugsource-0:1.18.4-7.rhaos4.5.git572d9f7.el8.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cri-tools-0:1.18.0-4.el8.ppc64le as a component of Red Hat OpenShift Container Platform 4.5",
"product_id": "8Base-RHOSE-4.5:cri-tools-0:1.18.0-4.el8.ppc64le"
},
"product_reference": "cri-tools-0:1.18.0-4.el8.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cri-tools-0:1.18.0-4.el8.s390x as a component of Red Hat OpenShift Container Platform 4.5",
"product_id": "8Base-RHOSE-4.5:cri-tools-0:1.18.0-4.el8.s390x"
},
"product_reference": "cri-tools-0:1.18.0-4.el8.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cri-tools-0:1.18.0-4.el8.src as a component of Red Hat OpenShift Container Platform 4.5",
"product_id": "8Base-RHOSE-4.5:cri-tools-0:1.18.0-4.el8.src"
},
"product_reference": "cri-tools-0:1.18.0-4.el8.src",
"relates_to_product_reference": "8Base-RHOSE-4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cri-tools-0:1.18.0-4.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.5",
"product_id": "8Base-RHOSE-4.5:cri-tools-0:1.18.0-4.el8.x86_64"
},
"product_reference": "cri-tools-0:1.18.0-4.el8.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cri-tools-debuginfo-0:1.18.0-4.el8.ppc64le as a component of Red Hat OpenShift Container Platform 4.5",
"product_id": "8Base-RHOSE-4.5:cri-tools-debuginfo-0:1.18.0-4.el8.ppc64le"
},
"product_reference": "cri-tools-debuginfo-0:1.18.0-4.el8.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cri-tools-debuginfo-0:1.18.0-4.el8.s390x as a component of Red Hat OpenShift Container Platform 4.5",
"product_id": "8Base-RHOSE-4.5:cri-tools-debuginfo-0:1.18.0-4.el8.s390x"
},
"product_reference": "cri-tools-debuginfo-0:1.18.0-4.el8.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cri-tools-debuginfo-0:1.18.0-4.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.5",
"product_id": "8Base-RHOSE-4.5:cri-tools-debuginfo-0:1.18.0-4.el8.x86_64"
},
"product_reference": "cri-tools-debuginfo-0:1.18.0-4.el8.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cri-tools-debugsource-0:1.18.0-4.el8.ppc64le as a component of Red Hat OpenShift Container Platform 4.5",
"product_id": "8Base-RHOSE-4.5:cri-tools-debugsource-0:1.18.0-4.el8.ppc64le"
},
"product_reference": "cri-tools-debugsource-0:1.18.0-4.el8.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cri-tools-debugsource-0:1.18.0-4.el8.s390x as a component of Red Hat OpenShift Container Platform 4.5",
"product_id": "8Base-RHOSE-4.5:cri-tools-debugsource-0:1.18.0-4.el8.s390x"
},
"product_reference": "cri-tools-debugsource-0:1.18.0-4.el8.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cri-tools-debugsource-0:1.18.0-4.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.5",
"product_id": "8Base-RHOSE-4.5:cri-tools-debugsource-0:1.18.0-4.el8.x86_64"
},
"product_reference": "cri-tools-debugsource-0:1.18.0-4.el8.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-0:4.5.0-202102261511.p0.git.0.f0229b9.el8.src as a component of Red Hat OpenShift Container Platform 4.5",
"product_id": "8Base-RHOSE-4.5:openshift-0:4.5.0-202102261511.p0.git.0.f0229b9.el8.src"
},
"product_reference": "openshift-0:4.5.0-202102261511.p0.git.0.f0229b9.el8.src",
"relates_to_product_reference": "8Base-RHOSE-4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-hyperkube-0:4.5.0-202102261511.p0.git.0.f0229b9.el8.ppc64le as a component of Red Hat OpenShift Container Platform 4.5",
"product_id": "8Base-RHOSE-4.5:openshift-hyperkube-0:4.5.0-202102261511.p0.git.0.f0229b9.el8.ppc64le"
},
"product_reference": "openshift-hyperkube-0:4.5.0-202102261511.p0.git.0.f0229b9.el8.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-hyperkube-0:4.5.0-202102261511.p0.git.0.f0229b9.el8.s390x as a component of Red Hat OpenShift Container Platform 4.5",
"product_id": "8Base-RHOSE-4.5:openshift-hyperkube-0:4.5.0-202102261511.p0.git.0.f0229b9.el8.s390x"
},
"product_reference": "openshift-hyperkube-0:4.5.0-202102261511.p0.git.0.f0229b9.el8.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-hyperkube-0:4.5.0-202102261511.p0.git.0.f0229b9.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.5",
"product_id": "8Base-RHOSE-4.5:openshift-hyperkube-0:4.5.0-202102261511.p0.git.0.f0229b9.el8.x86_64"
},
"product_reference": "openshift-hyperkube-0:4.5.0-202102261511.p0.git.0.f0229b9.el8.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.5"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2020-15586",
"cwe": {
"id": "CWE-362",
"name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
},
"discovery_date": "2020-07-14T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1856953"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found Go\u0027s net/http package. Servers using ReverseProxy from net/http in the Go standard library are vulnerable to a data race that results in a denial of service. The highest threat from this vulnerability is to system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: data race in certain net/http servers including ReverseProxy can lead to DoS",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "OpenShift Container Platform (OCP) components are primarily written in Go, meaning that any component using the net/http package includes the vulnerable code. OCP server endpoints using ReverseProxy are protected by authentication, reducing the severity of this vulnerability to Low for OCP.\n\nSimilar to OCP, OpenShift ServiceMesh (OSSM), RedHat OpenShift Jaeger (RHOSJ) and OpenShift Virtualization are also primarily written in Go and are protected via authentication, reducing the severity of this vulnerability to Low.\n\nRed Hat Gluster Storage 3 and Red Hat Openshift Container Storage 4 components are built with the affected version of Go, however the vulnerable functionality is currently not used by these products and hence this issue has been rated as having a security impact of Low.\n\nRed Hat Ceph Storage 3 and 4 components are built with the affected version of Go, however the vulnerable functionality is currently not used by these products and hence this issue has been rated as having a security impact of Low.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RH7-RHOSE-4.5:apb-0:2.0.3-3.el7.ppc64le",
"7Server-RH7-RHOSE-4.5:apb-0:2.0.3-3.el7.s390x",
"7Server-RH7-RHOSE-4.5:apb-0:2.0.3-3.el7.src",
"7Server-RH7-RHOSE-4.5:apb-0:2.0.3-3.el7.x86_64",
"7Server-RH7-RHOSE-4.5:apb-container-scripts-0:2.0.3-3.el7.noarch",
"7Server-RH7-RHOSE-4.5:apb-devel-0:2.0.3-3.el7.noarch",
"7Server-RH7-RHOSE-4.5:containernetworking-plugins-0:0.8.6-2.rhaos4.5.el7.ppc64le",
"7Server-RH7-RHOSE-4.5:containernetworking-plugins-0:0.8.6-2.rhaos4.5.el7.s390x",
"7Server-RH7-RHOSE-4.5:containernetworking-plugins-0:0.8.6-2.rhaos4.5.el7.src",
"7Server-RH7-RHOSE-4.5:containernetworking-plugins-0:0.8.6-2.rhaos4.5.el7.x86_64",
"7Server-RH7-RHOSE-4.5:containernetworking-plugins-debuginfo-0:0.8.6-2.rhaos4.5.el7.ppc64le",
"7Server-RH7-RHOSE-4.5:containernetworking-plugins-debuginfo-0:0.8.6-2.rhaos4.5.el7.s390x",
"7Server-RH7-RHOSE-4.5:containernetworking-plugins-debuginfo-0:0.8.6-2.rhaos4.5.el7.x86_64",
"7Server-RH7-RHOSE-4.5:cri-o-0:1.18.4-7.rhaos4.5.git572d9f7.el7.ppc64le",
"7Server-RH7-RHOSE-4.5:cri-o-0:1.18.4-7.rhaos4.5.git572d9f7.el7.s390x",
"7Server-RH7-RHOSE-4.5:cri-o-0:1.18.4-7.rhaos4.5.git572d9f7.el7.src",
"7Server-RH7-RHOSE-4.5:cri-o-0:1.18.4-7.rhaos4.5.git572d9f7.el7.x86_64",
"7Server-RH7-RHOSE-4.5:cri-o-debuginfo-0:1.18.4-7.rhaos4.5.git572d9f7.el7.ppc64le",
"7Server-RH7-RHOSE-4.5:cri-o-debuginfo-0:1.18.4-7.rhaos4.5.git572d9f7.el7.s390x",
"7Server-RH7-RHOSE-4.5:cri-o-debuginfo-0:1.18.4-7.rhaos4.5.git572d9f7.el7.x86_64",
"7Server-RH7-RHOSE-4.5:cri-tools-0:1.18.0-4.el7.ppc64le",
"7Server-RH7-RHOSE-4.5:cri-tools-0:1.18.0-4.el7.s390x",
"7Server-RH7-RHOSE-4.5:cri-tools-0:1.18.0-4.el7.src",
"7Server-RH7-RHOSE-4.5:cri-tools-0:1.18.0-4.el7.x86_64",
"7Server-RH7-RHOSE-4.5:cri-tools-debuginfo-0:1.18.0-4.el7.ppc64le",
"7Server-RH7-RHOSE-4.5:cri-tools-debuginfo-0:1.18.0-4.el7.s390x",
"7Server-RH7-RHOSE-4.5:cri-tools-debuginfo-0:1.18.0-4.el7.x86_64",
"7Server-RH7-RHOSE-4.5:golang-github-prometheus-promu-0:0.5.0-3.git642a960.el7.ppc64le",
"7Server-RH7-RHOSE-4.5:golang-github-prometheus-promu-0:0.5.0-3.git642a960.el7.s390x",
"7Server-RH7-RHOSE-4.5:golang-github-prometheus-promu-0:0.5.0-3.git642a960.el7.src",
"7Server-RH7-RHOSE-4.5:golang-github-prometheus-promu-0:0.5.0-3.git642a960.el7.x86_64",
"7Server-RH7-RHOSE-4.5:openshift-0:4.5.0-202102261511.p0.git.0.f0229b9.el7.src",
"7Server-RH7-RHOSE-4.5:openshift-hyperkube-0:4.5.0-202102261511.p0.git.0.f0229b9.el7.ppc64le",
"7Server-RH7-RHOSE-4.5:openshift-hyperkube-0:4.5.0-202102261511.p0.git.0.f0229b9.el7.s390x",
"7Server-RH7-RHOSE-4.5:openshift-hyperkube-0:4.5.0-202102261511.p0.git.0.f0229b9.el7.x86_64",
"7Server-RH7-RHOSE-4.5:prometheus-promu-0:0.5.0-3.git642a960.el7.ppc64le",
"7Server-RH7-RHOSE-4.5:prometheus-promu-0:0.5.0-3.git642a960.el7.s390x",
"7Server-RH7-RHOSE-4.5:prometheus-promu-0:0.5.0-3.git642a960.el7.x86_64",
"8Base-RHOSE-4.5:buildah-0:1.11.6-9.rhaos4.5.el8.ppc64le",
"8Base-RHOSE-4.5:buildah-0:1.11.6-9.rhaos4.5.el8.s390x",
"8Base-RHOSE-4.5:buildah-0:1.11.6-9.rhaos4.5.el8.src",
"8Base-RHOSE-4.5:buildah-0:1.11.6-9.rhaos4.5.el8.x86_64",
"8Base-RHOSE-4.5:buildah-debuginfo-0:1.11.6-9.rhaos4.5.el8.ppc64le",
"8Base-RHOSE-4.5:buildah-debuginfo-0:1.11.6-9.rhaos4.5.el8.s390x",
"8Base-RHOSE-4.5:buildah-debuginfo-0:1.11.6-9.rhaos4.5.el8.x86_64",
"8Base-RHOSE-4.5:buildah-debugsource-0:1.11.6-9.rhaos4.5.el8.ppc64le",
"8Base-RHOSE-4.5:buildah-debugsource-0:1.11.6-9.rhaos4.5.el8.s390x",
"8Base-RHOSE-4.5:buildah-debugsource-0:1.11.6-9.rhaos4.5.el8.x86_64",
"8Base-RHOSE-4.5:buildah-tests-0:1.11.6-9.rhaos4.5.el8.ppc64le",
"8Base-RHOSE-4.5:buildah-tests-0:1.11.6-9.rhaos4.5.el8.s390x",
"8Base-RHOSE-4.5:buildah-tests-0:1.11.6-9.rhaos4.5.el8.x86_64",
"8Base-RHOSE-4.5:buildah-tests-debuginfo-0:1.11.6-9.rhaos4.5.el8.ppc64le",
"8Base-RHOSE-4.5:buildah-tests-debuginfo-0:1.11.6-9.rhaos4.5.el8.s390x",
"8Base-RHOSE-4.5:buildah-tests-debuginfo-0:1.11.6-9.rhaos4.5.el8.x86_64",
"8Base-RHOSE-4.5:containernetworking-plugins-0:0.8.6-2.rhaos4.5.el8.ppc64le",
"8Base-RHOSE-4.5:containernetworking-plugins-0:0.8.6-2.rhaos4.5.el8.s390x",
"8Base-RHOSE-4.5:containernetworking-plugins-0:0.8.6-2.rhaos4.5.el8.src",
"8Base-RHOSE-4.5:containernetworking-plugins-0:0.8.6-2.rhaos4.5.el8.x86_64",
"8Base-RHOSE-4.5:containernetworking-plugins-debuginfo-0:0.8.6-2.rhaos4.5.el8.ppc64le",
"8Base-RHOSE-4.5:containernetworking-plugins-debuginfo-0:0.8.6-2.rhaos4.5.el8.s390x",
"8Base-RHOSE-4.5:containernetworking-plugins-debuginfo-0:0.8.6-2.rhaos4.5.el8.x86_64",
"8Base-RHOSE-4.5:containernetworking-plugins-debugsource-0:0.8.6-2.rhaos4.5.el8.ppc64le",
"8Base-RHOSE-4.5:containernetworking-plugins-debugsource-0:0.8.6-2.rhaos4.5.el8.s390x",
"8Base-RHOSE-4.5:containernetworking-plugins-debugsource-0:0.8.6-2.rhaos4.5.el8.x86_64",
"8Base-RHOSE-4.5:cri-o-0:1.18.4-7.rhaos4.5.git572d9f7.el8.ppc64le",
"8Base-RHOSE-4.5:cri-o-0:1.18.4-7.rhaos4.5.git572d9f7.el8.s390x",
"8Base-RHOSE-4.5:cri-o-0:1.18.4-7.rhaos4.5.git572d9f7.el8.src",
"8Base-RHOSE-4.5:cri-o-0:1.18.4-7.rhaos4.5.git572d9f7.el8.x86_64",
"8Base-RHOSE-4.5:cri-o-debuginfo-0:1.18.4-7.rhaos4.5.git572d9f7.el8.ppc64le",
"8Base-RHOSE-4.5:cri-o-debuginfo-0:1.18.4-7.rhaos4.5.git572d9f7.el8.s390x",
"8Base-RHOSE-4.5:cri-o-debuginfo-0:1.18.4-7.rhaos4.5.git572d9f7.el8.x86_64",
"8Base-RHOSE-4.5:cri-o-debugsource-0:1.18.4-7.rhaos4.5.git572d9f7.el8.ppc64le",
"8Base-RHOSE-4.5:cri-o-debugsource-0:1.18.4-7.rhaos4.5.git572d9f7.el8.s390x",
"8Base-RHOSE-4.5:cri-o-debugsource-0:1.18.4-7.rhaos4.5.git572d9f7.el8.x86_64",
"8Base-RHOSE-4.5:cri-tools-0:1.18.0-4.el8.ppc64le",
"8Base-RHOSE-4.5:cri-tools-0:1.18.0-4.el8.s390x",
"8Base-RHOSE-4.5:cri-tools-0:1.18.0-4.el8.src",
"8Base-RHOSE-4.5:cri-tools-0:1.18.0-4.el8.x86_64",
"8Base-RHOSE-4.5:cri-tools-debuginfo-0:1.18.0-4.el8.ppc64le",
"8Base-RHOSE-4.5:cri-tools-debuginfo-0:1.18.0-4.el8.s390x",
"8Base-RHOSE-4.5:cri-tools-debuginfo-0:1.18.0-4.el8.x86_64",
"8Base-RHOSE-4.5:cri-tools-debugsource-0:1.18.0-4.el8.ppc64le",
"8Base-RHOSE-4.5:cri-tools-debugsource-0:1.18.0-4.el8.s390x",
"8Base-RHOSE-4.5:cri-tools-debugsource-0:1.18.0-4.el8.x86_64",
"8Base-RHOSE-4.5:openshift-0:4.5.0-202102261511.p0.git.0.f0229b9.el8.src",
"8Base-RHOSE-4.5:openshift-hyperkube-0:4.5.0-202102261511.p0.git.0.f0229b9.el8.ppc64le",
"8Base-RHOSE-4.5:openshift-hyperkube-0:4.5.0-202102261511.p0.git.0.f0229b9.el8.s390x",
"8Base-RHOSE-4.5:openshift-hyperkube-0:4.5.0-202102261511.p0.git.0.f0229b9.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-15586"
},
{
"category": "external",
"summary": "RHBZ#1856953",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1856953"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-15586",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-15586"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-15586",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-15586"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/XZNfaiwgt2w/m/E6gHDs32AQAJ",
"url": "https://groups.google.com/g/golang-announce/c/XZNfaiwgt2w/m/E6gHDs32AQAJ"
}
],
"release_date": "2020-07-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-03-11T04:48:46+00:00",
"details": "For OpenShift Container Platform 4.5 see the following documentation, which\nwill be updated shortly for this release, for important instructions on how\nto upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.5/release_notes/ocp-4-5-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.5/updating/updating-cluster-cli.html.",
"product_ids": [
"7Server-RH7-RHOSE-4.5:apb-0:2.0.3-3.el7.ppc64le",
"7Server-RH7-RHOSE-4.5:apb-0:2.0.3-3.el7.s390x",
"7Server-RH7-RHOSE-4.5:apb-0:2.0.3-3.el7.src",
"7Server-RH7-RHOSE-4.5:apb-0:2.0.3-3.el7.x86_64",
"7Server-RH7-RHOSE-4.5:apb-container-scripts-0:2.0.3-3.el7.noarch",
"7Server-RH7-RHOSE-4.5:apb-devel-0:2.0.3-3.el7.noarch",
"7Server-RH7-RHOSE-4.5:containernetworking-plugins-0:0.8.6-2.rhaos4.5.el7.ppc64le",
"7Server-RH7-RHOSE-4.5:containernetworking-plugins-0:0.8.6-2.rhaos4.5.el7.s390x",
"7Server-RH7-RHOSE-4.5:containernetworking-plugins-0:0.8.6-2.rhaos4.5.el7.src",
"7Server-RH7-RHOSE-4.5:containernetworking-plugins-0:0.8.6-2.rhaos4.5.el7.x86_64",
"7Server-RH7-RHOSE-4.5:containernetworking-plugins-debuginfo-0:0.8.6-2.rhaos4.5.el7.ppc64le",
"7Server-RH7-RHOSE-4.5:containernetworking-plugins-debuginfo-0:0.8.6-2.rhaos4.5.el7.s390x",
"7Server-RH7-RHOSE-4.5:containernetworking-plugins-debuginfo-0:0.8.6-2.rhaos4.5.el7.x86_64",
"7Server-RH7-RHOSE-4.5:cri-o-0:1.18.4-7.rhaos4.5.git572d9f7.el7.ppc64le",
"7Server-RH7-RHOSE-4.5:cri-o-0:1.18.4-7.rhaos4.5.git572d9f7.el7.s390x",
"7Server-RH7-RHOSE-4.5:cri-o-0:1.18.4-7.rhaos4.5.git572d9f7.el7.src",
"7Server-RH7-RHOSE-4.5:cri-o-0:1.18.4-7.rhaos4.5.git572d9f7.el7.x86_64",
"7Server-RH7-RHOSE-4.5:cri-o-debuginfo-0:1.18.4-7.rhaos4.5.git572d9f7.el7.ppc64le",
"7Server-RH7-RHOSE-4.5:cri-o-debuginfo-0:1.18.4-7.rhaos4.5.git572d9f7.el7.s390x",
"7Server-RH7-RHOSE-4.5:cri-o-debuginfo-0:1.18.4-7.rhaos4.5.git572d9f7.el7.x86_64",
"7Server-RH7-RHOSE-4.5:cri-tools-0:1.18.0-4.el7.ppc64le",
"7Server-RH7-RHOSE-4.5:cri-tools-0:1.18.0-4.el7.s390x",
"7Server-RH7-RHOSE-4.5:cri-tools-0:1.18.0-4.el7.src",
"7Server-RH7-RHOSE-4.5:cri-tools-0:1.18.0-4.el7.x86_64",
"7Server-RH7-RHOSE-4.5:cri-tools-debuginfo-0:1.18.0-4.el7.ppc64le",
"7Server-RH7-RHOSE-4.5:cri-tools-debuginfo-0:1.18.0-4.el7.s390x",
"7Server-RH7-RHOSE-4.5:cri-tools-debuginfo-0:1.18.0-4.el7.x86_64",
"7Server-RH7-RHOSE-4.5:golang-github-prometheus-promu-0:0.5.0-3.git642a960.el7.ppc64le",
"7Server-RH7-RHOSE-4.5:golang-github-prometheus-promu-0:0.5.0-3.git642a960.el7.s390x",
"7Server-RH7-RHOSE-4.5:golang-github-prometheus-promu-0:0.5.0-3.git642a960.el7.src",
"7Server-RH7-RHOSE-4.5:golang-github-prometheus-promu-0:0.5.0-3.git642a960.el7.x86_64",
"7Server-RH7-RHOSE-4.5:openshift-0:4.5.0-202102261511.p0.git.0.f0229b9.el7.src",
"7Server-RH7-RHOSE-4.5:openshift-hyperkube-0:4.5.0-202102261511.p0.git.0.f0229b9.el7.ppc64le",
"7Server-RH7-RHOSE-4.5:openshift-hyperkube-0:4.5.0-202102261511.p0.git.0.f0229b9.el7.s390x",
"7Server-RH7-RHOSE-4.5:openshift-hyperkube-0:4.5.0-202102261511.p0.git.0.f0229b9.el7.x86_64",
"7Server-RH7-RHOSE-4.5:prometheus-promu-0:0.5.0-3.git642a960.el7.ppc64le",
"7Server-RH7-RHOSE-4.5:prometheus-promu-0:0.5.0-3.git642a960.el7.s390x",
"7Server-RH7-RHOSE-4.5:prometheus-promu-0:0.5.0-3.git642a960.el7.x86_64",
"8Base-RHOSE-4.5:buildah-0:1.11.6-9.rhaos4.5.el8.ppc64le",
"8Base-RHOSE-4.5:buildah-0:1.11.6-9.rhaos4.5.el8.s390x",
"8Base-RHOSE-4.5:buildah-0:1.11.6-9.rhaos4.5.el8.src",
"8Base-RHOSE-4.5:buildah-0:1.11.6-9.rhaos4.5.el8.x86_64",
"8Base-RHOSE-4.5:buildah-debuginfo-0:1.11.6-9.rhaos4.5.el8.ppc64le",
"8Base-RHOSE-4.5:buildah-debuginfo-0:1.11.6-9.rhaos4.5.el8.s390x",
"8Base-RHOSE-4.5:buildah-debuginfo-0:1.11.6-9.rhaos4.5.el8.x86_64",
"8Base-RHOSE-4.5:buildah-debugsource-0:1.11.6-9.rhaos4.5.el8.ppc64le",
"8Base-RHOSE-4.5:buildah-debugsource-0:1.11.6-9.rhaos4.5.el8.s390x",
"8Base-RHOSE-4.5:buildah-debugsource-0:1.11.6-9.rhaos4.5.el8.x86_64",
"8Base-RHOSE-4.5:buildah-tests-0:1.11.6-9.rhaos4.5.el8.ppc64le",
"8Base-RHOSE-4.5:buildah-tests-0:1.11.6-9.rhaos4.5.el8.s390x",
"8Base-RHOSE-4.5:buildah-tests-0:1.11.6-9.rhaos4.5.el8.x86_64",
"8Base-RHOSE-4.5:buildah-tests-debuginfo-0:1.11.6-9.rhaos4.5.el8.ppc64le",
"8Base-RHOSE-4.5:buildah-tests-debuginfo-0:1.11.6-9.rhaos4.5.el8.s390x",
"8Base-RHOSE-4.5:buildah-tests-debuginfo-0:1.11.6-9.rhaos4.5.el8.x86_64",
"8Base-RHOSE-4.5:containernetworking-plugins-0:0.8.6-2.rhaos4.5.el8.ppc64le",
"8Base-RHOSE-4.5:containernetworking-plugins-0:0.8.6-2.rhaos4.5.el8.s390x",
"8Base-RHOSE-4.5:containernetworking-plugins-0:0.8.6-2.rhaos4.5.el8.src",
"8Base-RHOSE-4.5:containernetworking-plugins-0:0.8.6-2.rhaos4.5.el8.x86_64",
"8Base-RHOSE-4.5:containernetworking-plugins-debuginfo-0:0.8.6-2.rhaos4.5.el8.ppc64le",
"8Base-RHOSE-4.5:containernetworking-plugins-debuginfo-0:0.8.6-2.rhaos4.5.el8.s390x",
"8Base-RHOSE-4.5:containernetworking-plugins-debuginfo-0:0.8.6-2.rhaos4.5.el8.x86_64",
"8Base-RHOSE-4.5:containernetworking-plugins-debugsource-0:0.8.6-2.rhaos4.5.el8.ppc64le",
"8Base-RHOSE-4.5:containernetworking-plugins-debugsource-0:0.8.6-2.rhaos4.5.el8.s390x",
"8Base-RHOSE-4.5:containernetworking-plugins-debugsource-0:0.8.6-2.rhaos4.5.el8.x86_64",
"8Base-RHOSE-4.5:cri-o-0:1.18.4-7.rhaos4.5.git572d9f7.el8.ppc64le",
"8Base-RHOSE-4.5:cri-o-0:1.18.4-7.rhaos4.5.git572d9f7.el8.s390x",
"8Base-RHOSE-4.5:cri-o-0:1.18.4-7.rhaos4.5.git572d9f7.el8.src",
"8Base-RHOSE-4.5:cri-o-0:1.18.4-7.rhaos4.5.git572d9f7.el8.x86_64",
"8Base-RHOSE-4.5:cri-o-debuginfo-0:1.18.4-7.rhaos4.5.git572d9f7.el8.ppc64le",
"8Base-RHOSE-4.5:cri-o-debuginfo-0:1.18.4-7.rhaos4.5.git572d9f7.el8.s390x",
"8Base-RHOSE-4.5:cri-o-debuginfo-0:1.18.4-7.rhaos4.5.git572d9f7.el8.x86_64",
"8Base-RHOSE-4.5:cri-o-debugsource-0:1.18.4-7.rhaos4.5.git572d9f7.el8.ppc64le",
"8Base-RHOSE-4.5:cri-o-debugsource-0:1.18.4-7.rhaos4.5.git572d9f7.el8.s390x",
"8Base-RHOSE-4.5:cri-o-debugsource-0:1.18.4-7.rhaos4.5.git572d9f7.el8.x86_64",
"8Base-RHOSE-4.5:cri-tools-0:1.18.0-4.el8.ppc64le",
"8Base-RHOSE-4.5:cri-tools-0:1.18.0-4.el8.s390x",
"8Base-RHOSE-4.5:cri-tools-0:1.18.0-4.el8.src",
"8Base-RHOSE-4.5:cri-tools-0:1.18.0-4.el8.x86_64",
"8Base-RHOSE-4.5:cri-tools-debuginfo-0:1.18.0-4.el8.ppc64le",
"8Base-RHOSE-4.5:cri-tools-debuginfo-0:1.18.0-4.el8.s390x",
"8Base-RHOSE-4.5:cri-tools-debuginfo-0:1.18.0-4.el8.x86_64",
"8Base-RHOSE-4.5:cri-tools-debugsource-0:1.18.0-4.el8.ppc64le",
"8Base-RHOSE-4.5:cri-tools-debugsource-0:1.18.0-4.el8.s390x",
"8Base-RHOSE-4.5:cri-tools-debugsource-0:1.18.0-4.el8.x86_64",
"8Base-RHOSE-4.5:openshift-0:4.5.0-202102261511.p0.git.0.f0229b9.el8.src",
"8Base-RHOSE-4.5:openshift-hyperkube-0:4.5.0-202102261511.p0.git.0.f0229b9.el8.ppc64le",
"8Base-RHOSE-4.5:openshift-hyperkube-0:4.5.0-202102261511.p0.git.0.f0229b9.el8.s390x",
"8Base-RHOSE-4.5:openshift-hyperkube-0:4.5.0-202102261511.p0.git.0.f0229b9.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:0713"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"7Server-RH7-RHOSE-4.5:apb-0:2.0.3-3.el7.ppc64le",
"7Server-RH7-RHOSE-4.5:apb-0:2.0.3-3.el7.s390x",
"7Server-RH7-RHOSE-4.5:apb-0:2.0.3-3.el7.src",
"7Server-RH7-RHOSE-4.5:apb-0:2.0.3-3.el7.x86_64",
"7Server-RH7-RHOSE-4.5:apb-container-scripts-0:2.0.3-3.el7.noarch",
"7Server-RH7-RHOSE-4.5:apb-devel-0:2.0.3-3.el7.noarch",
"7Server-RH7-RHOSE-4.5:containernetworking-plugins-0:0.8.6-2.rhaos4.5.el7.ppc64le",
"7Server-RH7-RHOSE-4.5:containernetworking-plugins-0:0.8.6-2.rhaos4.5.el7.s390x",
"7Server-RH7-RHOSE-4.5:containernetworking-plugins-0:0.8.6-2.rhaos4.5.el7.src",
"7Server-RH7-RHOSE-4.5:containernetworking-plugins-0:0.8.6-2.rhaos4.5.el7.x86_64",
"7Server-RH7-RHOSE-4.5:containernetworking-plugins-debuginfo-0:0.8.6-2.rhaos4.5.el7.ppc64le",
"7Server-RH7-RHOSE-4.5:containernetworking-plugins-debuginfo-0:0.8.6-2.rhaos4.5.el7.s390x",
"7Server-RH7-RHOSE-4.5:containernetworking-plugins-debuginfo-0:0.8.6-2.rhaos4.5.el7.x86_64",
"7Server-RH7-RHOSE-4.5:cri-o-0:1.18.4-7.rhaos4.5.git572d9f7.el7.ppc64le",
"7Server-RH7-RHOSE-4.5:cri-o-0:1.18.4-7.rhaos4.5.git572d9f7.el7.s390x",
"7Server-RH7-RHOSE-4.5:cri-o-0:1.18.4-7.rhaos4.5.git572d9f7.el7.src",
"7Server-RH7-RHOSE-4.5:cri-o-0:1.18.4-7.rhaos4.5.git572d9f7.el7.x86_64",
"7Server-RH7-RHOSE-4.5:cri-o-debuginfo-0:1.18.4-7.rhaos4.5.git572d9f7.el7.ppc64le",
"7Server-RH7-RHOSE-4.5:cri-o-debuginfo-0:1.18.4-7.rhaos4.5.git572d9f7.el7.s390x",
"7Server-RH7-RHOSE-4.5:cri-o-debuginfo-0:1.18.4-7.rhaos4.5.git572d9f7.el7.x86_64",
"7Server-RH7-RHOSE-4.5:cri-tools-0:1.18.0-4.el7.ppc64le",
"7Server-RH7-RHOSE-4.5:cri-tools-0:1.18.0-4.el7.s390x",
"7Server-RH7-RHOSE-4.5:cri-tools-0:1.18.0-4.el7.src",
"7Server-RH7-RHOSE-4.5:cri-tools-0:1.18.0-4.el7.x86_64",
"7Server-RH7-RHOSE-4.5:cri-tools-debuginfo-0:1.18.0-4.el7.ppc64le",
"7Server-RH7-RHOSE-4.5:cri-tools-debuginfo-0:1.18.0-4.el7.s390x",
"7Server-RH7-RHOSE-4.5:cri-tools-debuginfo-0:1.18.0-4.el7.x86_64",
"7Server-RH7-RHOSE-4.5:golang-github-prometheus-promu-0:0.5.0-3.git642a960.el7.ppc64le",
"7Server-RH7-RHOSE-4.5:golang-github-prometheus-promu-0:0.5.0-3.git642a960.el7.s390x",
"7Server-RH7-RHOSE-4.5:golang-github-prometheus-promu-0:0.5.0-3.git642a960.el7.src",
"7Server-RH7-RHOSE-4.5:golang-github-prometheus-promu-0:0.5.0-3.git642a960.el7.x86_64",
"7Server-RH7-RHOSE-4.5:openshift-0:4.5.0-202102261511.p0.git.0.f0229b9.el7.src",
"7Server-RH7-RHOSE-4.5:openshift-hyperkube-0:4.5.0-202102261511.p0.git.0.f0229b9.el7.ppc64le",
"7Server-RH7-RHOSE-4.5:openshift-hyperkube-0:4.5.0-202102261511.p0.git.0.f0229b9.el7.s390x",
"7Server-RH7-RHOSE-4.5:openshift-hyperkube-0:4.5.0-202102261511.p0.git.0.f0229b9.el7.x86_64",
"7Server-RH7-RHOSE-4.5:prometheus-promu-0:0.5.0-3.git642a960.el7.ppc64le",
"7Server-RH7-RHOSE-4.5:prometheus-promu-0:0.5.0-3.git642a960.el7.s390x",
"7Server-RH7-RHOSE-4.5:prometheus-promu-0:0.5.0-3.git642a960.el7.x86_64",
"8Base-RHOSE-4.5:buildah-0:1.11.6-9.rhaos4.5.el8.ppc64le",
"8Base-RHOSE-4.5:buildah-0:1.11.6-9.rhaos4.5.el8.s390x",
"8Base-RHOSE-4.5:buildah-0:1.11.6-9.rhaos4.5.el8.src",
"8Base-RHOSE-4.5:buildah-0:1.11.6-9.rhaos4.5.el8.x86_64",
"8Base-RHOSE-4.5:buildah-debuginfo-0:1.11.6-9.rhaos4.5.el8.ppc64le",
"8Base-RHOSE-4.5:buildah-debuginfo-0:1.11.6-9.rhaos4.5.el8.s390x",
"8Base-RHOSE-4.5:buildah-debuginfo-0:1.11.6-9.rhaos4.5.el8.x86_64",
"8Base-RHOSE-4.5:buildah-debugsource-0:1.11.6-9.rhaos4.5.el8.ppc64le",
"8Base-RHOSE-4.5:buildah-debugsource-0:1.11.6-9.rhaos4.5.el8.s390x",
"8Base-RHOSE-4.5:buildah-debugsource-0:1.11.6-9.rhaos4.5.el8.x86_64",
"8Base-RHOSE-4.5:buildah-tests-0:1.11.6-9.rhaos4.5.el8.ppc64le",
"8Base-RHOSE-4.5:buildah-tests-0:1.11.6-9.rhaos4.5.el8.s390x",
"8Base-RHOSE-4.5:buildah-tests-0:1.11.6-9.rhaos4.5.el8.x86_64",
"8Base-RHOSE-4.5:buildah-tests-debuginfo-0:1.11.6-9.rhaos4.5.el8.ppc64le",
"8Base-RHOSE-4.5:buildah-tests-debuginfo-0:1.11.6-9.rhaos4.5.el8.s390x",
"8Base-RHOSE-4.5:buildah-tests-debuginfo-0:1.11.6-9.rhaos4.5.el8.x86_64",
"8Base-RHOSE-4.5:containernetworking-plugins-0:0.8.6-2.rhaos4.5.el8.ppc64le",
"8Base-RHOSE-4.5:containernetworking-plugins-0:0.8.6-2.rhaos4.5.el8.s390x",
"8Base-RHOSE-4.5:containernetworking-plugins-0:0.8.6-2.rhaos4.5.el8.src",
"8Base-RHOSE-4.5:containernetworking-plugins-0:0.8.6-2.rhaos4.5.el8.x86_64",
"8Base-RHOSE-4.5:containernetworking-plugins-debuginfo-0:0.8.6-2.rhaos4.5.el8.ppc64le",
"8Base-RHOSE-4.5:containernetworking-plugins-debuginfo-0:0.8.6-2.rhaos4.5.el8.s390x",
"8Base-RHOSE-4.5:containernetworking-plugins-debuginfo-0:0.8.6-2.rhaos4.5.el8.x86_64",
"8Base-RHOSE-4.5:containernetworking-plugins-debugsource-0:0.8.6-2.rhaos4.5.el8.ppc64le",
"8Base-RHOSE-4.5:containernetworking-plugins-debugsource-0:0.8.6-2.rhaos4.5.el8.s390x",
"8Base-RHOSE-4.5:containernetworking-plugins-debugsource-0:0.8.6-2.rhaos4.5.el8.x86_64",
"8Base-RHOSE-4.5:cri-o-0:1.18.4-7.rhaos4.5.git572d9f7.el8.ppc64le",
"8Base-RHOSE-4.5:cri-o-0:1.18.4-7.rhaos4.5.git572d9f7.el8.s390x",
"8Base-RHOSE-4.5:cri-o-0:1.18.4-7.rhaos4.5.git572d9f7.el8.src",
"8Base-RHOSE-4.5:cri-o-0:1.18.4-7.rhaos4.5.git572d9f7.el8.x86_64",
"8Base-RHOSE-4.5:cri-o-debuginfo-0:1.18.4-7.rhaos4.5.git572d9f7.el8.ppc64le",
"8Base-RHOSE-4.5:cri-o-debuginfo-0:1.18.4-7.rhaos4.5.git572d9f7.el8.s390x",
"8Base-RHOSE-4.5:cri-o-debuginfo-0:1.18.4-7.rhaos4.5.git572d9f7.el8.x86_64",
"8Base-RHOSE-4.5:cri-o-debugsource-0:1.18.4-7.rhaos4.5.git572d9f7.el8.ppc64le",
"8Base-RHOSE-4.5:cri-o-debugsource-0:1.18.4-7.rhaos4.5.git572d9f7.el8.s390x",
"8Base-RHOSE-4.5:cri-o-debugsource-0:1.18.4-7.rhaos4.5.git572d9f7.el8.x86_64",
"8Base-RHOSE-4.5:cri-tools-0:1.18.0-4.el8.ppc64le",
"8Base-RHOSE-4.5:cri-tools-0:1.18.0-4.el8.s390x",
"8Base-RHOSE-4.5:cri-tools-0:1.18.0-4.el8.src",
"8Base-RHOSE-4.5:cri-tools-0:1.18.0-4.el8.x86_64",
"8Base-RHOSE-4.5:cri-tools-debuginfo-0:1.18.0-4.el8.ppc64le",
"8Base-RHOSE-4.5:cri-tools-debuginfo-0:1.18.0-4.el8.s390x",
"8Base-RHOSE-4.5:cri-tools-debuginfo-0:1.18.0-4.el8.x86_64",
"8Base-RHOSE-4.5:cri-tools-debugsource-0:1.18.0-4.el8.ppc64le",
"8Base-RHOSE-4.5:cri-tools-debugsource-0:1.18.0-4.el8.s390x",
"8Base-RHOSE-4.5:cri-tools-debugsource-0:1.18.0-4.el8.x86_64",
"8Base-RHOSE-4.5:openshift-0:4.5.0-202102261511.p0.git.0.f0229b9.el8.src",
"8Base-RHOSE-4.5:openshift-hyperkube-0:4.5.0-202102261511.p0.git.0.f0229b9.el8.ppc64le",
"8Base-RHOSE-4.5:openshift-hyperkube-0:4.5.0-202102261511.p0.git.0.f0229b9.el8.s390x",
"8Base-RHOSE-4.5:openshift-hyperkube-0:4.5.0-202102261511.p0.git.0.f0229b9.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "golang: data race in certain net/http servers including ReverseProxy can lead to DoS"
},
{
"cve": "CVE-2020-16845",
"cwe": {
"id": "CWE-835",
"name": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)"
},
"discovery_date": "2020-08-07T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1867099"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Go encoding/binary package. Certain invalid inputs to the ReadUvarint or the ReadVarint causes those functions to read an unlimited number of bytes from the ByteReader argument before returning an error. This flaw possibly leads to processing more input than expected. The highest threat from this vulnerability is to system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: ReadUvarint and ReadVarint can read an unlimited number of bytes from invalid inputs",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "OpenShift Container Platform (OCP), OpenShift ServiceMesh (OSSM), RedHat OpenShift Jaeger (RHOSJ) and OpenShift Virtualization components are primarily written in Go, meaning that any component using the encoding/binary package includes the vulnerable code. The affected components are behind OpenShift OAuth authentication, therefore the impact is low.\n\nRed Hat Gluster Storage 3, Red Hat OpenShift Container Storage 4 and Red Hat Ceph Storage (3 and 4) components are built with the affected version of Go, however the vulnerable functionality is currently not used by these products and hence this issue has been rated as having a security impact of Low.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RH7-RHOSE-4.5:apb-0:2.0.3-3.el7.ppc64le",
"7Server-RH7-RHOSE-4.5:apb-0:2.0.3-3.el7.s390x",
"7Server-RH7-RHOSE-4.5:apb-0:2.0.3-3.el7.src",
"7Server-RH7-RHOSE-4.5:apb-0:2.0.3-3.el7.x86_64",
"7Server-RH7-RHOSE-4.5:apb-container-scripts-0:2.0.3-3.el7.noarch",
"7Server-RH7-RHOSE-4.5:apb-devel-0:2.0.3-3.el7.noarch",
"7Server-RH7-RHOSE-4.5:containernetworking-plugins-0:0.8.6-2.rhaos4.5.el7.ppc64le",
"7Server-RH7-RHOSE-4.5:containernetworking-plugins-0:0.8.6-2.rhaos4.5.el7.s390x",
"7Server-RH7-RHOSE-4.5:containernetworking-plugins-0:0.8.6-2.rhaos4.5.el7.src",
"7Server-RH7-RHOSE-4.5:containernetworking-plugins-0:0.8.6-2.rhaos4.5.el7.x86_64",
"7Server-RH7-RHOSE-4.5:containernetworking-plugins-debuginfo-0:0.8.6-2.rhaos4.5.el7.ppc64le",
"7Server-RH7-RHOSE-4.5:containernetworking-plugins-debuginfo-0:0.8.6-2.rhaos4.5.el7.s390x",
"7Server-RH7-RHOSE-4.5:containernetworking-plugins-debuginfo-0:0.8.6-2.rhaos4.5.el7.x86_64",
"7Server-RH7-RHOSE-4.5:cri-o-0:1.18.4-7.rhaos4.5.git572d9f7.el7.ppc64le",
"7Server-RH7-RHOSE-4.5:cri-o-0:1.18.4-7.rhaos4.5.git572d9f7.el7.s390x",
"7Server-RH7-RHOSE-4.5:cri-o-0:1.18.4-7.rhaos4.5.git572d9f7.el7.src",
"7Server-RH7-RHOSE-4.5:cri-o-0:1.18.4-7.rhaos4.5.git572d9f7.el7.x86_64",
"7Server-RH7-RHOSE-4.5:cri-o-debuginfo-0:1.18.4-7.rhaos4.5.git572d9f7.el7.ppc64le",
"7Server-RH7-RHOSE-4.5:cri-o-debuginfo-0:1.18.4-7.rhaos4.5.git572d9f7.el7.s390x",
"7Server-RH7-RHOSE-4.5:cri-o-debuginfo-0:1.18.4-7.rhaos4.5.git572d9f7.el7.x86_64",
"7Server-RH7-RHOSE-4.5:cri-tools-0:1.18.0-4.el7.ppc64le",
"7Server-RH7-RHOSE-4.5:cri-tools-0:1.18.0-4.el7.s390x",
"7Server-RH7-RHOSE-4.5:cri-tools-0:1.18.0-4.el7.src",
"7Server-RH7-RHOSE-4.5:cri-tools-0:1.18.0-4.el7.x86_64",
"7Server-RH7-RHOSE-4.5:cri-tools-debuginfo-0:1.18.0-4.el7.ppc64le",
"7Server-RH7-RHOSE-4.5:cri-tools-debuginfo-0:1.18.0-4.el7.s390x",
"7Server-RH7-RHOSE-4.5:cri-tools-debuginfo-0:1.18.0-4.el7.x86_64",
"7Server-RH7-RHOSE-4.5:golang-github-prometheus-promu-0:0.5.0-3.git642a960.el7.ppc64le",
"7Server-RH7-RHOSE-4.5:golang-github-prometheus-promu-0:0.5.0-3.git642a960.el7.s390x",
"7Server-RH7-RHOSE-4.5:golang-github-prometheus-promu-0:0.5.0-3.git642a960.el7.src",
"7Server-RH7-RHOSE-4.5:golang-github-prometheus-promu-0:0.5.0-3.git642a960.el7.x86_64",
"7Server-RH7-RHOSE-4.5:openshift-0:4.5.0-202102261511.p0.git.0.f0229b9.el7.src",
"7Server-RH7-RHOSE-4.5:openshift-hyperkube-0:4.5.0-202102261511.p0.git.0.f0229b9.el7.ppc64le",
"7Server-RH7-RHOSE-4.5:openshift-hyperkube-0:4.5.0-202102261511.p0.git.0.f0229b9.el7.s390x",
"7Server-RH7-RHOSE-4.5:openshift-hyperkube-0:4.5.0-202102261511.p0.git.0.f0229b9.el7.x86_64",
"7Server-RH7-RHOSE-4.5:prometheus-promu-0:0.5.0-3.git642a960.el7.ppc64le",
"7Server-RH7-RHOSE-4.5:prometheus-promu-0:0.5.0-3.git642a960.el7.s390x",
"7Server-RH7-RHOSE-4.5:prometheus-promu-0:0.5.0-3.git642a960.el7.x86_64",
"8Base-RHOSE-4.5:buildah-0:1.11.6-9.rhaos4.5.el8.ppc64le",
"8Base-RHOSE-4.5:buildah-0:1.11.6-9.rhaos4.5.el8.s390x",
"8Base-RHOSE-4.5:buildah-0:1.11.6-9.rhaos4.5.el8.src",
"8Base-RHOSE-4.5:buildah-0:1.11.6-9.rhaos4.5.el8.x86_64",
"8Base-RHOSE-4.5:buildah-debuginfo-0:1.11.6-9.rhaos4.5.el8.ppc64le",
"8Base-RHOSE-4.5:buildah-debuginfo-0:1.11.6-9.rhaos4.5.el8.s390x",
"8Base-RHOSE-4.5:buildah-debuginfo-0:1.11.6-9.rhaos4.5.el8.x86_64",
"8Base-RHOSE-4.5:buildah-debugsource-0:1.11.6-9.rhaos4.5.el8.ppc64le",
"8Base-RHOSE-4.5:buildah-debugsource-0:1.11.6-9.rhaos4.5.el8.s390x",
"8Base-RHOSE-4.5:buildah-debugsource-0:1.11.6-9.rhaos4.5.el8.x86_64",
"8Base-RHOSE-4.5:buildah-tests-0:1.11.6-9.rhaos4.5.el8.ppc64le",
"8Base-RHOSE-4.5:buildah-tests-0:1.11.6-9.rhaos4.5.el8.s390x",
"8Base-RHOSE-4.5:buildah-tests-0:1.11.6-9.rhaos4.5.el8.x86_64",
"8Base-RHOSE-4.5:buildah-tests-debuginfo-0:1.11.6-9.rhaos4.5.el8.ppc64le",
"8Base-RHOSE-4.5:buildah-tests-debuginfo-0:1.11.6-9.rhaos4.5.el8.s390x",
"8Base-RHOSE-4.5:buildah-tests-debuginfo-0:1.11.6-9.rhaos4.5.el8.x86_64",
"8Base-RHOSE-4.5:containernetworking-plugins-0:0.8.6-2.rhaos4.5.el8.ppc64le",
"8Base-RHOSE-4.5:containernetworking-plugins-0:0.8.6-2.rhaos4.5.el8.s390x",
"8Base-RHOSE-4.5:containernetworking-plugins-0:0.8.6-2.rhaos4.5.el8.src",
"8Base-RHOSE-4.5:containernetworking-plugins-0:0.8.6-2.rhaos4.5.el8.x86_64",
"8Base-RHOSE-4.5:containernetworking-plugins-debuginfo-0:0.8.6-2.rhaos4.5.el8.ppc64le",
"8Base-RHOSE-4.5:containernetworking-plugins-debuginfo-0:0.8.6-2.rhaos4.5.el8.s390x",
"8Base-RHOSE-4.5:containernetworking-plugins-debuginfo-0:0.8.6-2.rhaos4.5.el8.x86_64",
"8Base-RHOSE-4.5:containernetworking-plugins-debugsource-0:0.8.6-2.rhaos4.5.el8.ppc64le",
"8Base-RHOSE-4.5:containernetworking-plugins-debugsource-0:0.8.6-2.rhaos4.5.el8.s390x",
"8Base-RHOSE-4.5:containernetworking-plugins-debugsource-0:0.8.6-2.rhaos4.5.el8.x86_64",
"8Base-RHOSE-4.5:cri-o-0:1.18.4-7.rhaos4.5.git572d9f7.el8.ppc64le",
"8Base-RHOSE-4.5:cri-o-0:1.18.4-7.rhaos4.5.git572d9f7.el8.s390x",
"8Base-RHOSE-4.5:cri-o-0:1.18.4-7.rhaos4.5.git572d9f7.el8.src",
"8Base-RHOSE-4.5:cri-o-0:1.18.4-7.rhaos4.5.git572d9f7.el8.x86_64",
"8Base-RHOSE-4.5:cri-o-debuginfo-0:1.18.4-7.rhaos4.5.git572d9f7.el8.ppc64le",
"8Base-RHOSE-4.5:cri-o-debuginfo-0:1.18.4-7.rhaos4.5.git572d9f7.el8.s390x",
"8Base-RHOSE-4.5:cri-o-debuginfo-0:1.18.4-7.rhaos4.5.git572d9f7.el8.x86_64",
"8Base-RHOSE-4.5:cri-o-debugsource-0:1.18.4-7.rhaos4.5.git572d9f7.el8.ppc64le",
"8Base-RHOSE-4.5:cri-o-debugsource-0:1.18.4-7.rhaos4.5.git572d9f7.el8.s390x",
"8Base-RHOSE-4.5:cri-o-debugsource-0:1.18.4-7.rhaos4.5.git572d9f7.el8.x86_64",
"8Base-RHOSE-4.5:cri-tools-0:1.18.0-4.el8.ppc64le",
"8Base-RHOSE-4.5:cri-tools-0:1.18.0-4.el8.s390x",
"8Base-RHOSE-4.5:cri-tools-0:1.18.0-4.el8.src",
"8Base-RHOSE-4.5:cri-tools-0:1.18.0-4.el8.x86_64",
"8Base-RHOSE-4.5:cri-tools-debuginfo-0:1.18.0-4.el8.ppc64le",
"8Base-RHOSE-4.5:cri-tools-debuginfo-0:1.18.0-4.el8.s390x",
"8Base-RHOSE-4.5:cri-tools-debuginfo-0:1.18.0-4.el8.x86_64",
"8Base-RHOSE-4.5:cri-tools-debugsource-0:1.18.0-4.el8.ppc64le",
"8Base-RHOSE-4.5:cri-tools-debugsource-0:1.18.0-4.el8.s390x",
"8Base-RHOSE-4.5:cri-tools-debugsource-0:1.18.0-4.el8.x86_64",
"8Base-RHOSE-4.5:openshift-0:4.5.0-202102261511.p0.git.0.f0229b9.el8.src",
"8Base-RHOSE-4.5:openshift-hyperkube-0:4.5.0-202102261511.p0.git.0.f0229b9.el8.ppc64le",
"8Base-RHOSE-4.5:openshift-hyperkube-0:4.5.0-202102261511.p0.git.0.f0229b9.el8.s390x",
"8Base-RHOSE-4.5:openshift-hyperkube-0:4.5.0-202102261511.p0.git.0.f0229b9.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-16845"
},
{
"category": "external",
"summary": "RHBZ#1867099",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1867099"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-16845",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-16845"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-16845",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-16845"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/NyPIaucMgXo",
"url": "https://groups.google.com/g/golang-announce/c/NyPIaucMgXo"
}
],
"release_date": "2020-08-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-03-11T04:48:46+00:00",
"details": "For OpenShift Container Platform 4.5 see the following documentation, which\nwill be updated shortly for this release, for important instructions on how\nto upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.5/release_notes/ocp-4-5-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.5/updating/updating-cluster-cli.html.",
"product_ids": [
"7Server-RH7-RHOSE-4.5:apb-0:2.0.3-3.el7.ppc64le",
"7Server-RH7-RHOSE-4.5:apb-0:2.0.3-3.el7.s390x",
"7Server-RH7-RHOSE-4.5:apb-0:2.0.3-3.el7.src",
"7Server-RH7-RHOSE-4.5:apb-0:2.0.3-3.el7.x86_64",
"7Server-RH7-RHOSE-4.5:apb-container-scripts-0:2.0.3-3.el7.noarch",
"7Server-RH7-RHOSE-4.5:apb-devel-0:2.0.3-3.el7.noarch",
"7Server-RH7-RHOSE-4.5:containernetworking-plugins-0:0.8.6-2.rhaos4.5.el7.ppc64le",
"7Server-RH7-RHOSE-4.5:containernetworking-plugins-0:0.8.6-2.rhaos4.5.el7.s390x",
"7Server-RH7-RHOSE-4.5:containernetworking-plugins-0:0.8.6-2.rhaos4.5.el7.src",
"7Server-RH7-RHOSE-4.5:containernetworking-plugins-0:0.8.6-2.rhaos4.5.el7.x86_64",
"7Server-RH7-RHOSE-4.5:containernetworking-plugins-debuginfo-0:0.8.6-2.rhaos4.5.el7.ppc64le",
"7Server-RH7-RHOSE-4.5:containernetworking-plugins-debuginfo-0:0.8.6-2.rhaos4.5.el7.s390x",
"7Server-RH7-RHOSE-4.5:containernetworking-plugins-debuginfo-0:0.8.6-2.rhaos4.5.el7.x86_64",
"7Server-RH7-RHOSE-4.5:cri-o-0:1.18.4-7.rhaos4.5.git572d9f7.el7.ppc64le",
"7Server-RH7-RHOSE-4.5:cri-o-0:1.18.4-7.rhaos4.5.git572d9f7.el7.s390x",
"7Server-RH7-RHOSE-4.5:cri-o-0:1.18.4-7.rhaos4.5.git572d9f7.el7.src",
"7Server-RH7-RHOSE-4.5:cri-o-0:1.18.4-7.rhaos4.5.git572d9f7.el7.x86_64",
"7Server-RH7-RHOSE-4.5:cri-o-debuginfo-0:1.18.4-7.rhaos4.5.git572d9f7.el7.ppc64le",
"7Server-RH7-RHOSE-4.5:cri-o-debuginfo-0:1.18.4-7.rhaos4.5.git572d9f7.el7.s390x",
"7Server-RH7-RHOSE-4.5:cri-o-debuginfo-0:1.18.4-7.rhaos4.5.git572d9f7.el7.x86_64",
"7Server-RH7-RHOSE-4.5:cri-tools-0:1.18.0-4.el7.ppc64le",
"7Server-RH7-RHOSE-4.5:cri-tools-0:1.18.0-4.el7.s390x",
"7Server-RH7-RHOSE-4.5:cri-tools-0:1.18.0-4.el7.src",
"7Server-RH7-RHOSE-4.5:cri-tools-0:1.18.0-4.el7.x86_64",
"7Server-RH7-RHOSE-4.5:cri-tools-debuginfo-0:1.18.0-4.el7.ppc64le",
"7Server-RH7-RHOSE-4.5:cri-tools-debuginfo-0:1.18.0-4.el7.s390x",
"7Server-RH7-RHOSE-4.5:cri-tools-debuginfo-0:1.18.0-4.el7.x86_64",
"7Server-RH7-RHOSE-4.5:golang-github-prometheus-promu-0:0.5.0-3.git642a960.el7.ppc64le",
"7Server-RH7-RHOSE-4.5:golang-github-prometheus-promu-0:0.5.0-3.git642a960.el7.s390x",
"7Server-RH7-RHOSE-4.5:golang-github-prometheus-promu-0:0.5.0-3.git642a960.el7.src",
"7Server-RH7-RHOSE-4.5:golang-github-prometheus-promu-0:0.5.0-3.git642a960.el7.x86_64",
"7Server-RH7-RHOSE-4.5:openshift-0:4.5.0-202102261511.p0.git.0.f0229b9.el7.src",
"7Server-RH7-RHOSE-4.5:openshift-hyperkube-0:4.5.0-202102261511.p0.git.0.f0229b9.el7.ppc64le",
"7Server-RH7-RHOSE-4.5:openshift-hyperkube-0:4.5.0-202102261511.p0.git.0.f0229b9.el7.s390x",
"7Server-RH7-RHOSE-4.5:openshift-hyperkube-0:4.5.0-202102261511.p0.git.0.f0229b9.el7.x86_64",
"7Server-RH7-RHOSE-4.5:prometheus-promu-0:0.5.0-3.git642a960.el7.ppc64le",
"7Server-RH7-RHOSE-4.5:prometheus-promu-0:0.5.0-3.git642a960.el7.s390x",
"7Server-RH7-RHOSE-4.5:prometheus-promu-0:0.5.0-3.git642a960.el7.x86_64",
"8Base-RHOSE-4.5:buildah-0:1.11.6-9.rhaos4.5.el8.ppc64le",
"8Base-RHOSE-4.5:buildah-0:1.11.6-9.rhaos4.5.el8.s390x",
"8Base-RHOSE-4.5:buildah-0:1.11.6-9.rhaos4.5.el8.src",
"8Base-RHOSE-4.5:buildah-0:1.11.6-9.rhaos4.5.el8.x86_64",
"8Base-RHOSE-4.5:buildah-debuginfo-0:1.11.6-9.rhaos4.5.el8.ppc64le",
"8Base-RHOSE-4.5:buildah-debuginfo-0:1.11.6-9.rhaos4.5.el8.s390x",
"8Base-RHOSE-4.5:buildah-debuginfo-0:1.11.6-9.rhaos4.5.el8.x86_64",
"8Base-RHOSE-4.5:buildah-debugsource-0:1.11.6-9.rhaos4.5.el8.ppc64le",
"8Base-RHOSE-4.5:buildah-debugsource-0:1.11.6-9.rhaos4.5.el8.s390x",
"8Base-RHOSE-4.5:buildah-debugsource-0:1.11.6-9.rhaos4.5.el8.x86_64",
"8Base-RHOSE-4.5:buildah-tests-0:1.11.6-9.rhaos4.5.el8.ppc64le",
"8Base-RHOSE-4.5:buildah-tests-0:1.11.6-9.rhaos4.5.el8.s390x",
"8Base-RHOSE-4.5:buildah-tests-0:1.11.6-9.rhaos4.5.el8.x86_64",
"8Base-RHOSE-4.5:buildah-tests-debuginfo-0:1.11.6-9.rhaos4.5.el8.ppc64le",
"8Base-RHOSE-4.5:buildah-tests-debuginfo-0:1.11.6-9.rhaos4.5.el8.s390x",
"8Base-RHOSE-4.5:buildah-tests-debuginfo-0:1.11.6-9.rhaos4.5.el8.x86_64",
"8Base-RHOSE-4.5:containernetworking-plugins-0:0.8.6-2.rhaos4.5.el8.ppc64le",
"8Base-RHOSE-4.5:containernetworking-plugins-0:0.8.6-2.rhaos4.5.el8.s390x",
"8Base-RHOSE-4.5:containernetworking-plugins-0:0.8.6-2.rhaos4.5.el8.src",
"8Base-RHOSE-4.5:containernetworking-plugins-0:0.8.6-2.rhaos4.5.el8.x86_64",
"8Base-RHOSE-4.5:containernetworking-plugins-debuginfo-0:0.8.6-2.rhaos4.5.el8.ppc64le",
"8Base-RHOSE-4.5:containernetworking-plugins-debuginfo-0:0.8.6-2.rhaos4.5.el8.s390x",
"8Base-RHOSE-4.5:containernetworking-plugins-debuginfo-0:0.8.6-2.rhaos4.5.el8.x86_64",
"8Base-RHOSE-4.5:containernetworking-plugins-debugsource-0:0.8.6-2.rhaos4.5.el8.ppc64le",
"8Base-RHOSE-4.5:containernetworking-plugins-debugsource-0:0.8.6-2.rhaos4.5.el8.s390x",
"8Base-RHOSE-4.5:containernetworking-plugins-debugsource-0:0.8.6-2.rhaos4.5.el8.x86_64",
"8Base-RHOSE-4.5:cri-o-0:1.18.4-7.rhaos4.5.git572d9f7.el8.ppc64le",
"8Base-RHOSE-4.5:cri-o-0:1.18.4-7.rhaos4.5.git572d9f7.el8.s390x",
"8Base-RHOSE-4.5:cri-o-0:1.18.4-7.rhaos4.5.git572d9f7.el8.src",
"8Base-RHOSE-4.5:cri-o-0:1.18.4-7.rhaos4.5.git572d9f7.el8.x86_64",
"8Base-RHOSE-4.5:cri-o-debuginfo-0:1.18.4-7.rhaos4.5.git572d9f7.el8.ppc64le",
"8Base-RHOSE-4.5:cri-o-debuginfo-0:1.18.4-7.rhaos4.5.git572d9f7.el8.s390x",
"8Base-RHOSE-4.5:cri-o-debuginfo-0:1.18.4-7.rhaos4.5.git572d9f7.el8.x86_64",
"8Base-RHOSE-4.5:cri-o-debugsource-0:1.18.4-7.rhaos4.5.git572d9f7.el8.ppc64le",
"8Base-RHOSE-4.5:cri-o-debugsource-0:1.18.4-7.rhaos4.5.git572d9f7.el8.s390x",
"8Base-RHOSE-4.5:cri-o-debugsource-0:1.18.4-7.rhaos4.5.git572d9f7.el8.x86_64",
"8Base-RHOSE-4.5:cri-tools-0:1.18.0-4.el8.ppc64le",
"8Base-RHOSE-4.5:cri-tools-0:1.18.0-4.el8.s390x",
"8Base-RHOSE-4.5:cri-tools-0:1.18.0-4.el8.src",
"8Base-RHOSE-4.5:cri-tools-0:1.18.0-4.el8.x86_64",
"8Base-RHOSE-4.5:cri-tools-debuginfo-0:1.18.0-4.el8.ppc64le",
"8Base-RHOSE-4.5:cri-tools-debuginfo-0:1.18.0-4.el8.s390x",
"8Base-RHOSE-4.5:cri-tools-debuginfo-0:1.18.0-4.el8.x86_64",
"8Base-RHOSE-4.5:cri-tools-debugsource-0:1.18.0-4.el8.ppc64le",
"8Base-RHOSE-4.5:cri-tools-debugsource-0:1.18.0-4.el8.s390x",
"8Base-RHOSE-4.5:cri-tools-debugsource-0:1.18.0-4.el8.x86_64",
"8Base-RHOSE-4.5:openshift-0:4.5.0-202102261511.p0.git.0.f0229b9.el8.src",
"8Base-RHOSE-4.5:openshift-hyperkube-0:4.5.0-202102261511.p0.git.0.f0229b9.el8.ppc64le",
"8Base-RHOSE-4.5:openshift-hyperkube-0:4.5.0-202102261511.p0.git.0.f0229b9.el8.s390x",
"8Base-RHOSE-4.5:openshift-hyperkube-0:4.5.0-202102261511.p0.git.0.f0229b9.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:0713"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"7Server-RH7-RHOSE-4.5:apb-0:2.0.3-3.el7.ppc64le",
"7Server-RH7-RHOSE-4.5:apb-0:2.0.3-3.el7.s390x",
"7Server-RH7-RHOSE-4.5:apb-0:2.0.3-3.el7.src",
"7Server-RH7-RHOSE-4.5:apb-0:2.0.3-3.el7.x86_64",
"7Server-RH7-RHOSE-4.5:apb-container-scripts-0:2.0.3-3.el7.noarch",
"7Server-RH7-RHOSE-4.5:apb-devel-0:2.0.3-3.el7.noarch",
"7Server-RH7-RHOSE-4.5:containernetworking-plugins-0:0.8.6-2.rhaos4.5.el7.ppc64le",
"7Server-RH7-RHOSE-4.5:containernetworking-plugins-0:0.8.6-2.rhaos4.5.el7.s390x",
"7Server-RH7-RHOSE-4.5:containernetworking-plugins-0:0.8.6-2.rhaos4.5.el7.src",
"7Server-RH7-RHOSE-4.5:containernetworking-plugins-0:0.8.6-2.rhaos4.5.el7.x86_64",
"7Server-RH7-RHOSE-4.5:containernetworking-plugins-debuginfo-0:0.8.6-2.rhaos4.5.el7.ppc64le",
"7Server-RH7-RHOSE-4.5:containernetworking-plugins-debuginfo-0:0.8.6-2.rhaos4.5.el7.s390x",
"7Server-RH7-RHOSE-4.5:containernetworking-plugins-debuginfo-0:0.8.6-2.rhaos4.5.el7.x86_64",
"7Server-RH7-RHOSE-4.5:cri-o-0:1.18.4-7.rhaos4.5.git572d9f7.el7.ppc64le",
"7Server-RH7-RHOSE-4.5:cri-o-0:1.18.4-7.rhaos4.5.git572d9f7.el7.s390x",
"7Server-RH7-RHOSE-4.5:cri-o-0:1.18.4-7.rhaos4.5.git572d9f7.el7.src",
"7Server-RH7-RHOSE-4.5:cri-o-0:1.18.4-7.rhaos4.5.git572d9f7.el7.x86_64",
"7Server-RH7-RHOSE-4.5:cri-o-debuginfo-0:1.18.4-7.rhaos4.5.git572d9f7.el7.ppc64le",
"7Server-RH7-RHOSE-4.5:cri-o-debuginfo-0:1.18.4-7.rhaos4.5.git572d9f7.el7.s390x",
"7Server-RH7-RHOSE-4.5:cri-o-debuginfo-0:1.18.4-7.rhaos4.5.git572d9f7.el7.x86_64",
"7Server-RH7-RHOSE-4.5:cri-tools-0:1.18.0-4.el7.ppc64le",
"7Server-RH7-RHOSE-4.5:cri-tools-0:1.18.0-4.el7.s390x",
"7Server-RH7-RHOSE-4.5:cri-tools-0:1.18.0-4.el7.src",
"7Server-RH7-RHOSE-4.5:cri-tools-0:1.18.0-4.el7.x86_64",
"7Server-RH7-RHOSE-4.5:cri-tools-debuginfo-0:1.18.0-4.el7.ppc64le",
"7Server-RH7-RHOSE-4.5:cri-tools-debuginfo-0:1.18.0-4.el7.s390x",
"7Server-RH7-RHOSE-4.5:cri-tools-debuginfo-0:1.18.0-4.el7.x86_64",
"7Server-RH7-RHOSE-4.5:golang-github-prometheus-promu-0:0.5.0-3.git642a960.el7.ppc64le",
"7Server-RH7-RHOSE-4.5:golang-github-prometheus-promu-0:0.5.0-3.git642a960.el7.s390x",
"7Server-RH7-RHOSE-4.5:golang-github-prometheus-promu-0:0.5.0-3.git642a960.el7.src",
"7Server-RH7-RHOSE-4.5:golang-github-prometheus-promu-0:0.5.0-3.git642a960.el7.x86_64",
"7Server-RH7-RHOSE-4.5:openshift-0:4.5.0-202102261511.p0.git.0.f0229b9.el7.src",
"7Server-RH7-RHOSE-4.5:openshift-hyperkube-0:4.5.0-202102261511.p0.git.0.f0229b9.el7.ppc64le",
"7Server-RH7-RHOSE-4.5:openshift-hyperkube-0:4.5.0-202102261511.p0.git.0.f0229b9.el7.s390x",
"7Server-RH7-RHOSE-4.5:openshift-hyperkube-0:4.5.0-202102261511.p0.git.0.f0229b9.el7.x86_64",
"7Server-RH7-RHOSE-4.5:prometheus-promu-0:0.5.0-3.git642a960.el7.ppc64le",
"7Server-RH7-RHOSE-4.5:prometheus-promu-0:0.5.0-3.git642a960.el7.s390x",
"7Server-RH7-RHOSE-4.5:prometheus-promu-0:0.5.0-3.git642a960.el7.x86_64",
"8Base-RHOSE-4.5:buildah-0:1.11.6-9.rhaos4.5.el8.ppc64le",
"8Base-RHOSE-4.5:buildah-0:1.11.6-9.rhaos4.5.el8.s390x",
"8Base-RHOSE-4.5:buildah-0:1.11.6-9.rhaos4.5.el8.src",
"8Base-RHOSE-4.5:buildah-0:1.11.6-9.rhaos4.5.el8.x86_64",
"8Base-RHOSE-4.5:buildah-debuginfo-0:1.11.6-9.rhaos4.5.el8.ppc64le",
"8Base-RHOSE-4.5:buildah-debuginfo-0:1.11.6-9.rhaos4.5.el8.s390x",
"8Base-RHOSE-4.5:buildah-debuginfo-0:1.11.6-9.rhaos4.5.el8.x86_64",
"8Base-RHOSE-4.5:buildah-debugsource-0:1.11.6-9.rhaos4.5.el8.ppc64le",
"8Base-RHOSE-4.5:buildah-debugsource-0:1.11.6-9.rhaos4.5.el8.s390x",
"8Base-RHOSE-4.5:buildah-debugsource-0:1.11.6-9.rhaos4.5.el8.x86_64",
"8Base-RHOSE-4.5:buildah-tests-0:1.11.6-9.rhaos4.5.el8.ppc64le",
"8Base-RHOSE-4.5:buildah-tests-0:1.11.6-9.rhaos4.5.el8.s390x",
"8Base-RHOSE-4.5:buildah-tests-0:1.11.6-9.rhaos4.5.el8.x86_64",
"8Base-RHOSE-4.5:buildah-tests-debuginfo-0:1.11.6-9.rhaos4.5.el8.ppc64le",
"8Base-RHOSE-4.5:buildah-tests-debuginfo-0:1.11.6-9.rhaos4.5.el8.s390x",
"8Base-RHOSE-4.5:buildah-tests-debuginfo-0:1.11.6-9.rhaos4.5.el8.x86_64",
"8Base-RHOSE-4.5:containernetworking-plugins-0:0.8.6-2.rhaos4.5.el8.ppc64le",
"8Base-RHOSE-4.5:containernetworking-plugins-0:0.8.6-2.rhaos4.5.el8.s390x",
"8Base-RHOSE-4.5:containernetworking-plugins-0:0.8.6-2.rhaos4.5.el8.src",
"8Base-RHOSE-4.5:containernetworking-plugins-0:0.8.6-2.rhaos4.5.el8.x86_64",
"8Base-RHOSE-4.5:containernetworking-plugins-debuginfo-0:0.8.6-2.rhaos4.5.el8.ppc64le",
"8Base-RHOSE-4.5:containernetworking-plugins-debuginfo-0:0.8.6-2.rhaos4.5.el8.s390x",
"8Base-RHOSE-4.5:containernetworking-plugins-debuginfo-0:0.8.6-2.rhaos4.5.el8.x86_64",
"8Base-RHOSE-4.5:containernetworking-plugins-debugsource-0:0.8.6-2.rhaos4.5.el8.ppc64le",
"8Base-RHOSE-4.5:containernetworking-plugins-debugsource-0:0.8.6-2.rhaos4.5.el8.s390x",
"8Base-RHOSE-4.5:containernetworking-plugins-debugsource-0:0.8.6-2.rhaos4.5.el8.x86_64",
"8Base-RHOSE-4.5:cri-o-0:1.18.4-7.rhaos4.5.git572d9f7.el8.ppc64le",
"8Base-RHOSE-4.5:cri-o-0:1.18.4-7.rhaos4.5.git572d9f7.el8.s390x",
"8Base-RHOSE-4.5:cri-o-0:1.18.4-7.rhaos4.5.git572d9f7.el8.src",
"8Base-RHOSE-4.5:cri-o-0:1.18.4-7.rhaos4.5.git572d9f7.el8.x86_64",
"8Base-RHOSE-4.5:cri-o-debuginfo-0:1.18.4-7.rhaos4.5.git572d9f7.el8.ppc64le",
"8Base-RHOSE-4.5:cri-o-debuginfo-0:1.18.4-7.rhaos4.5.git572d9f7.el8.s390x",
"8Base-RHOSE-4.5:cri-o-debuginfo-0:1.18.4-7.rhaos4.5.git572d9f7.el8.x86_64",
"8Base-RHOSE-4.5:cri-o-debugsource-0:1.18.4-7.rhaos4.5.git572d9f7.el8.ppc64le",
"8Base-RHOSE-4.5:cri-o-debugsource-0:1.18.4-7.rhaos4.5.git572d9f7.el8.s390x",
"8Base-RHOSE-4.5:cri-o-debugsource-0:1.18.4-7.rhaos4.5.git572d9f7.el8.x86_64",
"8Base-RHOSE-4.5:cri-tools-0:1.18.0-4.el8.ppc64le",
"8Base-RHOSE-4.5:cri-tools-0:1.18.0-4.el8.s390x",
"8Base-RHOSE-4.5:cri-tools-0:1.18.0-4.el8.src",
"8Base-RHOSE-4.5:cri-tools-0:1.18.0-4.el8.x86_64",
"8Base-RHOSE-4.5:cri-tools-debuginfo-0:1.18.0-4.el8.ppc64le",
"8Base-RHOSE-4.5:cri-tools-debuginfo-0:1.18.0-4.el8.s390x",
"8Base-RHOSE-4.5:cri-tools-debuginfo-0:1.18.0-4.el8.x86_64",
"8Base-RHOSE-4.5:cri-tools-debugsource-0:1.18.0-4.el8.ppc64le",
"8Base-RHOSE-4.5:cri-tools-debugsource-0:1.18.0-4.el8.s390x",
"8Base-RHOSE-4.5:cri-tools-debugsource-0:1.18.0-4.el8.x86_64",
"8Base-RHOSE-4.5:openshift-0:4.5.0-202102261511.p0.git.0.f0229b9.el8.src",
"8Base-RHOSE-4.5:openshift-hyperkube-0:4.5.0-202102261511.p0.git.0.f0229b9.el8.ppc64le",
"8Base-RHOSE-4.5:openshift-hyperkube-0:4.5.0-202102261511.p0.git.0.f0229b9.el8.s390x",
"8Base-RHOSE-4.5:openshift-hyperkube-0:4.5.0-202102261511.p0.git.0.f0229b9.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "golang: ReadUvarint and ReadVarint can read an unlimited number of bytes from invalid inputs"
}
]
}
RHSA-2021:0799
Vulnerability from csaf_redhat - Published: 2021-03-10 11:41 - Updated: 2026-05-15 02:04Summary
Red Hat Security Advisory: OpenShift Virtualization 2.6.0 security and bug fix update
Severity
Moderate
Notes
Topic: An update is now available for RHEL-8-CNV-2.6.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: OpenShift Virtualization is Red Hat's virtualization solution designed for Red Hat OpenShift Container Platform.
This advisory contains the following OpenShift Virtualization 2.6.0 images:
RHEL-8-CNV-2.6
==============
kubevirt-cpu-node-labeller-container-v2.6.0-5
kubevirt-cpu-model-nfd-plugin-container-v2.6.0-5
node-maintenance-operator-container-v2.6.0-13
kubevirt-vmware-container-v2.6.0-5
virtio-win-container-v2.6.0-5
kubevirt-kvm-info-nfd-plugin-container-v2.6.0-5
bridge-marker-container-v2.6.0-9
kubevirt-template-validator-container-v2.6.0-9
kubevirt-v2v-conversion-container-v2.6.0-6
kubemacpool-container-v2.6.0-13
kubevirt-ssp-operator-container-v2.6.0-40
hyperconverged-cluster-webhook-container-v2.6.0-73
hyperconverged-cluster-operator-container-v2.6.0-73
ovs-cni-plugin-container-v2.6.0-10
cnv-containernetworking-plugins-container-v2.6.0-10
ovs-cni-marker-container-v2.6.0-10
cluster-network-addons-operator-container-v2.6.0-16
hostpath-provisioner-container-v2.6.0-11
hostpath-provisioner-operator-container-v2.6.0-14
vm-import-virtv2v-container-v2.6.0-21
kubernetes-nmstate-handler-container-v2.6.0-19
vm-import-controller-container-v2.6.0-21
vm-import-operator-container-v2.6.0-21
virt-api-container-v2.6.0-111
virt-controller-container-v2.6.0-111
virt-handler-container-v2.6.0-111
virt-operator-container-v2.6.0-111
virt-launcher-container-v2.6.0-111
cnv-must-gather-container-v2.6.0-54
virt-cdi-importer-container-v2.6.0-24
virt-cdi-cloner-container-v2.6.0-24
virt-cdi-controller-container-v2.6.0-24
virt-cdi-uploadserver-container-v2.6.0-24
virt-cdi-apiserver-container-v2.6.0-24
virt-cdi-uploadproxy-container-v2.6.0-24
virt-cdi-operator-container-v2.6.0-24
hco-bundle-registry-container-v2.6.0-582
Security Fix(es):
* golang.org/x/crypto: Processing of crafted ssh-ed25519 public keys allows for panic (CVE-2020-9283)
* golang: crypto/ssh: crafted authentication request can lead to nil pointer dereference (CVE-2020-29652)
* gogo/protobuf: plugin/unmarshal/unmarshal.go lacks certain index validation (CVE-2021-3121)
* golang.org/x/text: possibility to trigger an infinite loop in encoding/unicode could lead to crash (CVE-2020-14040)
* golang: data race in certain net/http servers including ReverseProxy can lead to DoS (CVE-2020-15586)
* golang: ReadUvarint and ReadVarint can read an unlimited number of bytes from invalid inputs (CVE-2020-16845)
* jwt-go: access restriction bypass vulnerability (CVE-2020-26160)
* golang-github-gorilla-websocket: integer overflow leads to denial of service (CVE-2020-27813)
* golang: math/big: panic during recursive division of very large numbers (CVE-2020-28362)
* containernetworking-cni: Arbitrary path injection via type field in CNI configuration (CVE-2021-20206)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A denial of service vulnerability was found in the SSH package of the golang.org/x/crypto library. An attacker could exploit this flaw by supplying crafted SSH ed25519 keys to cause a crash in applications that use this package as either an SSH client or server.
7.5 (High)
Affected products
Fixed
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-CNV-2.6:container-native-virtualization/kubevirt-cpu-model-nfd-plugin@sha256:efb152ddc837945aad0163f96c9668cbb8271c2b14716b9fef5b798c27efbe48_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-CNV-2.6:container-native-virtualization/kubevirt-cpu-node-labeller@sha256:2b78b4854b18e53e388d2d30bf68803e39f8fbc9a0b3713885081af25abfb3f1_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-CNV-2.6:container-native-virtualization/kubevirt-kvm-info-nfd-plugin@sha256:2dcf59515b784d6decf484c1d756d5ddf4b65a38e78800a76ef1dab51020e553_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-CNV-2.6:container-native-virtualization/vm-import-controller-rhel8@sha256:ad9c84b90577d32229b803f7b8d014f39f517d0961de46de972fce3801fdfdc8_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-CNV-2.6:container-native-virtualization/vm-import-controller@sha256:ad9c84b90577d32229b803f7b8d014f39f517d0961de46de972fce3801fdfdc8_amd64 | — |
Vendor Fix
fix
|
Threats
Impact
Important
A denial of service vulnerability was found in the golang.org/x/text library. A library or application must use one of the vulnerable functions, such as unicode.Transform, transform.String, or transform.Byte, to be susceptible to this vulnerability. If an attacker is able to supply specific characters or strings to the vulnerable application, there is the potential to cause an infinite loop to occur using more memory, resulting in a denial of service.
7.5 (High)
Affected products
Fixed
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-CNV-2.6:container-native-virtualization/kubevirt-cpu-model-nfd-plugin@sha256:efb152ddc837945aad0163f96c9668cbb8271c2b14716b9fef5b798c27efbe48_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-CNV-2.6:container-native-virtualization/kubevirt-cpu-node-labeller@sha256:2b78b4854b18e53e388d2d30bf68803e39f8fbc9a0b3713885081af25abfb3f1_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-CNV-2.6:container-native-virtualization/kubevirt-kvm-info-nfd-plugin@sha256:2dcf59515b784d6decf484c1d756d5ddf4b65a38e78800a76ef1dab51020e553_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-CNV-2.6:container-native-virtualization/vm-import-controller-rhel8@sha256:ad9c84b90577d32229b803f7b8d014f39f517d0961de46de972fce3801fdfdc8_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-CNV-2.6:container-native-virtualization/vm-import-controller@sha256:ad9c84b90577d32229b803f7b8d014f39f517d0961de46de972fce3801fdfdc8_amd64 | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
A flaw was found Go's net/http package. Servers using ReverseProxy from net/http in the Go standard library are vulnerable to a data race that results in a denial of service. The highest threat from this vulnerability is to system availability.
5.9 (Medium)
Affected products
Fixed
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-CNV-2.6:container-native-virtualization/kubevirt-cpu-model-nfd-plugin@sha256:efb152ddc837945aad0163f96c9668cbb8271c2b14716b9fef5b798c27efbe48_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-CNV-2.6:container-native-virtualization/kubevirt-cpu-node-labeller@sha256:2b78b4854b18e53e388d2d30bf68803e39f8fbc9a0b3713885081af25abfb3f1_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-CNV-2.6:container-native-virtualization/kubevirt-kvm-info-nfd-plugin@sha256:2dcf59515b784d6decf484c1d756d5ddf4b65a38e78800a76ef1dab51020e553_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-CNV-2.6:container-native-virtualization/vm-import-controller-rhel8@sha256:ad9c84b90577d32229b803f7b8d014f39f517d0961de46de972fce3801fdfdc8_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-CNV-2.6:container-native-virtualization/vm-import-controller@sha256:ad9c84b90577d32229b803f7b8d014f39f517d0961de46de972fce3801fdfdc8_amd64 | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
A flaw was found in the Go encoding/binary package. Certain invalid inputs to the ReadUvarint or the ReadVarint causes those functions to read an unlimited number of bytes from the ByteReader argument before returning an error. This flaw possibly leads to processing more input than expected. The highest threat from this vulnerability is to system availability.
7.5 (High)
Affected products
Fixed
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-CNV-2.6:container-native-virtualization/kubevirt-cpu-model-nfd-plugin@sha256:efb152ddc837945aad0163f96c9668cbb8271c2b14716b9fef5b798c27efbe48_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-CNV-2.6:container-native-virtualization/kubevirt-cpu-node-labeller@sha256:2b78b4854b18e53e388d2d30bf68803e39f8fbc9a0b3713885081af25abfb3f1_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-CNV-2.6:container-native-virtualization/kubevirt-kvm-info-nfd-plugin@sha256:2dcf59515b784d6decf484c1d756d5ddf4b65a38e78800a76ef1dab51020e553_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-CNV-2.6:container-native-virtualization/vm-import-controller-rhel8@sha256:ad9c84b90577d32229b803f7b8d014f39f517d0961de46de972fce3801fdfdc8_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-CNV-2.6:container-native-virtualization/vm-import-controller@sha256:ad9c84b90577d32229b803f7b8d014f39f517d0961de46de972fce3801fdfdc8_amd64 | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
A vulnerability was found in jwt-go where it is vulnerable to Access Restriction Bypass if m["aud"] happens to be []string{}, as allowed by the spec, the type assertion fails and the value of aud is "". This can cause audience verification to succeed even if the audiences being passed are incorrect if required is set to false.
7.5 (High)
Affected products
Fixed
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-CNV-2.6:container-native-virtualization/kubevirt-cpu-model-nfd-plugin@sha256:efb152ddc837945aad0163f96c9668cbb8271c2b14716b9fef5b798c27efbe48_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-CNV-2.6:container-native-virtualization/kubevirt-cpu-node-labeller@sha256:2b78b4854b18e53e388d2d30bf68803e39f8fbc9a0b3713885081af25abfb3f1_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-CNV-2.6:container-native-virtualization/kubevirt-kvm-info-nfd-plugin@sha256:2dcf59515b784d6decf484c1d756d5ddf4b65a38e78800a76ef1dab51020e553_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-CNV-2.6:container-native-virtualization/vm-import-controller-rhel8@sha256:ad9c84b90577d32229b803f7b8d014f39f517d0961de46de972fce3801fdfdc8_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-CNV-2.6:container-native-virtualization/vm-import-controller@sha256:ad9c84b90577d32229b803f7b8d014f39f517d0961de46de972fce3801fdfdc8_amd64 | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
An integer overflow vulnerability exists with the length of websocket frames received via a websocket connection. An attacker could use this flaw to cause a denial of service attack on an HTTP Server allowing websocket connections.
7.5 (High)
Affected products
Fixed
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-CNV-2.6:container-native-virtualization/kubevirt-cpu-model-nfd-plugin@sha256:efb152ddc837945aad0163f96c9668cbb8271c2b14716b9fef5b798c27efbe48_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-CNV-2.6:container-native-virtualization/kubevirt-cpu-node-labeller@sha256:2b78b4854b18e53e388d2d30bf68803e39f8fbc9a0b3713885081af25abfb3f1_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-CNV-2.6:container-native-virtualization/kubevirt-kvm-info-nfd-plugin@sha256:2dcf59515b784d6decf484c1d756d5ddf4b65a38e78800a76ef1dab51020e553_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-CNV-2.6:container-native-virtualization/vm-import-controller-rhel8@sha256:ad9c84b90577d32229b803f7b8d014f39f517d0961de46de972fce3801fdfdc8_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-CNV-2.6:container-native-virtualization/vm-import-controller@sha256:ad9c84b90577d32229b803f7b8d014f39f517d0961de46de972fce3801fdfdc8_amd64 | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
A flaw was found in the math/big package of Go's standard library that causes a denial of service. Applications written in Go that use math/big via cryptographic packages, including crypto/rsa and crypto/x509, are vulnerable and can potentially cause panic via a crafted certificate chain. The highest threat from this vulnerability is to system availability.
7.5 (High)
Affected products
Fixed
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-CNV-2.6:container-native-virtualization/kubevirt-cpu-model-nfd-plugin@sha256:efb152ddc837945aad0163f96c9668cbb8271c2b14716b9fef5b798c27efbe48_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-CNV-2.6:container-native-virtualization/kubevirt-cpu-node-labeller@sha256:2b78b4854b18e53e388d2d30bf68803e39f8fbc9a0b3713885081af25abfb3f1_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-CNV-2.6:container-native-virtualization/kubevirt-kvm-info-nfd-plugin@sha256:2dcf59515b784d6decf484c1d756d5ddf4b65a38e78800a76ef1dab51020e553_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-CNV-2.6:container-native-virtualization/vm-import-controller-rhel8@sha256:ad9c84b90577d32229b803f7b8d014f39f517d0961de46de972fce3801fdfdc8_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-CNV-2.6:container-native-virtualization/vm-import-controller@sha256:ad9c84b90577d32229b803f7b8d014f39f517d0961de46de972fce3801fdfdc8_amd64 | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
A null pointer dereference vulnerability was found in golang. When using the library's ssh server without specifying an option for GSSAPIWithMICConfig, it is possible for an attacker to craft an ssh client connection using the `gssapi-with-mic` authentication method and cause the server to panic resulting in a denial of service. The highest threat from this vulnerability is to system availability.
7.5 (High)
Affected products
Fixed
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-CNV-2.6:container-native-virtualization/kubevirt-cpu-model-nfd-plugin@sha256:efb152ddc837945aad0163f96c9668cbb8271c2b14716b9fef5b798c27efbe48_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-CNV-2.6:container-native-virtualization/kubevirt-cpu-node-labeller@sha256:2b78b4854b18e53e388d2d30bf68803e39f8fbc9a0b3713885081af25abfb3f1_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-CNV-2.6:container-native-virtualization/kubevirt-kvm-info-nfd-plugin@sha256:2dcf59515b784d6decf484c1d756d5ddf4b65a38e78800a76ef1dab51020e553_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-CNV-2.6:container-native-virtualization/vm-import-controller-rhel8@sha256:ad9c84b90577d32229b803f7b8d014f39f517d0961de46de972fce3801fdfdc8_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-CNV-2.6:container-native-virtualization/vm-import-controller@sha256:ad9c84b90577d32229b803f7b8d014f39f517d0961de46de972fce3801fdfdc8_amd64 | — |
Vendor Fix
fix
|
Threats
Impact
Important
A flaw was found in github.com/gogo/protobuf before 1.3.2 that allows an out-of-bounds access when unmarshalling certain protobuf objects. This flaw allows a remote attacker to send crafted protobuf messages, causing panic and resulting in a denial of service. The highest threat from this vulnerability is to availability.
8.6 (High)
Affected products
Fixed
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-CNV-2.6:container-native-virtualization/kubevirt-cpu-model-nfd-plugin@sha256:efb152ddc837945aad0163f96c9668cbb8271c2b14716b9fef5b798c27efbe48_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-CNV-2.6:container-native-virtualization/kubevirt-cpu-node-labeller@sha256:2b78b4854b18e53e388d2d30bf68803e39f8fbc9a0b3713885081af25abfb3f1_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-CNV-2.6:container-native-virtualization/kubevirt-kvm-info-nfd-plugin@sha256:2dcf59515b784d6decf484c1d756d5ddf4b65a38e78800a76ef1dab51020e553_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-CNV-2.6:container-native-virtualization/vm-import-controller-rhel8@sha256:ad9c84b90577d32229b803f7b8d014f39f517d0961de46de972fce3801fdfdc8_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-CNV-2.6:container-native-virtualization/vm-import-controller@sha256:ad9c84b90577d32229b803f7b8d014f39f517d0961de46de972fce3801fdfdc8_amd64 | — |
Vendor Fix
fix
|
Threats
Impact
Important
An improper limitation of path name flaw was found in containernetworking/cni. When specifying the plugin to load in the `type` field in the network configuration, it is possible to use special elements such as "../" separators to reference binaries elsewhere on the system. This flaw allows an attacker to execute other existing binaries other than the cni plugins/types, such as `reboot`. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.
7.2 (High)
Affected products
Fixed
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-CNV-2.6:container-native-virtualization/kubevirt-cpu-model-nfd-plugin@sha256:efb152ddc837945aad0163f96c9668cbb8271c2b14716b9fef5b798c27efbe48_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-CNV-2.6:container-native-virtualization/kubevirt-cpu-node-labeller@sha256:2b78b4854b18e53e388d2d30bf68803e39f8fbc9a0b3713885081af25abfb3f1_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-CNV-2.6:container-native-virtualization/kubevirt-kvm-info-nfd-plugin@sha256:2dcf59515b784d6decf484c1d756d5ddf4b65a38e78800a76ef1dab51020e553_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-CNV-2.6:container-native-virtualization/vm-import-controller-rhel8@sha256:ad9c84b90577d32229b803f7b8d014f39f517d0961de46de972fce3801fdfdc8_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-CNV-2.6:container-native-virtualization/vm-import-controller@sha256:ad9c84b90577d32229b803f7b8d014f39f517d0961de46de972fce3801fdfdc8_amd64 | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
References
129 references
Acknowledgments
Red Hat
Casey Callendrello
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update is now available for RHEL-8-CNV-2.6.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "OpenShift Virtualization is Red Hat\u0027s virtualization solution designed for Red Hat OpenShift Container Platform.\n\nThis advisory contains the following OpenShift Virtualization 2.6.0 images:\n\nRHEL-8-CNV-2.6\n==============\nkubevirt-cpu-node-labeller-container-v2.6.0-5\nkubevirt-cpu-model-nfd-plugin-container-v2.6.0-5\nnode-maintenance-operator-container-v2.6.0-13\nkubevirt-vmware-container-v2.6.0-5\nvirtio-win-container-v2.6.0-5\nkubevirt-kvm-info-nfd-plugin-container-v2.6.0-5\nbridge-marker-container-v2.6.0-9\nkubevirt-template-validator-container-v2.6.0-9\nkubevirt-v2v-conversion-container-v2.6.0-6\nkubemacpool-container-v2.6.0-13\nkubevirt-ssp-operator-container-v2.6.0-40\nhyperconverged-cluster-webhook-container-v2.6.0-73\nhyperconverged-cluster-operator-container-v2.6.0-73\novs-cni-plugin-container-v2.6.0-10\ncnv-containernetworking-plugins-container-v2.6.0-10\novs-cni-marker-container-v2.6.0-10\ncluster-network-addons-operator-container-v2.6.0-16\nhostpath-provisioner-container-v2.6.0-11\nhostpath-provisioner-operator-container-v2.6.0-14\nvm-import-virtv2v-container-v2.6.0-21\nkubernetes-nmstate-handler-container-v2.6.0-19\nvm-import-controller-container-v2.6.0-21\nvm-import-operator-container-v2.6.0-21\nvirt-api-container-v2.6.0-111\nvirt-controller-container-v2.6.0-111\nvirt-handler-container-v2.6.0-111\nvirt-operator-container-v2.6.0-111\nvirt-launcher-container-v2.6.0-111\ncnv-must-gather-container-v2.6.0-54\nvirt-cdi-importer-container-v2.6.0-24\nvirt-cdi-cloner-container-v2.6.0-24\nvirt-cdi-controller-container-v2.6.0-24\nvirt-cdi-uploadserver-container-v2.6.0-24\nvirt-cdi-apiserver-container-v2.6.0-24\nvirt-cdi-uploadproxy-container-v2.6.0-24\nvirt-cdi-operator-container-v2.6.0-24\nhco-bundle-registry-container-v2.6.0-582\n\nSecurity Fix(es):\n\n* golang.org/x/crypto: Processing of crafted ssh-ed25519 public keys allows for panic (CVE-2020-9283)\n\n* golang: crypto/ssh: crafted authentication request can lead to nil pointer dereference (CVE-2020-29652)\n\n* gogo/protobuf: plugin/unmarshal/unmarshal.go lacks certain index validation (CVE-2021-3121)\n\n* golang.org/x/text: possibility to trigger an infinite loop in encoding/unicode could lead to crash (CVE-2020-14040)\n\n* golang: data race in certain net/http servers including ReverseProxy can lead to DoS (CVE-2020-15586)\n\n* golang: ReadUvarint and ReadVarint can read an unlimited number of bytes from invalid inputs (CVE-2020-16845)\n\n* jwt-go: access restriction bypass vulnerability (CVE-2020-26160)\n\n* golang-github-gorilla-websocket: integer overflow leads to denial of service (CVE-2020-27813)\n\n* golang: math/big: panic during recursive division of very large numbers (CVE-2020-28362)\n\n* containernetworking-cni: Arbitrary path injection via type field in CNI configuration (CVE-2021-20206)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2021:0799",
"url": "https://access.redhat.com/errata/RHSA-2021:0799"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "1732329",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1732329"
},
{
"category": "external",
"summary": "1783192",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1783192"
},
{
"category": "external",
"summary": "1791753",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1791753"
},
{
"category": "external",
"summary": "1804533",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1804533"
},
{
"category": "external",
"summary": "1848954",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1848954"
},
{
"category": "external",
"summary": "1848956",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1848956"
},
{
"category": "external",
"summary": "1853652",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1853652"
},
{
"category": "external",
"summary": "1853911",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1853911"
},
{
"category": "external",
"summary": "1854098",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1854098"
},
{
"category": "external",
"summary": "1856347",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1856347"
},
{
"category": "external",
"summary": "1856953",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1856953"
},
{
"category": "external",
"summary": "1859235",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1859235"
},
{
"category": "external",
"summary": "1860714",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1860714"
},
{
"category": "external",
"summary": "1860992",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1860992"
},
{
"category": "external",
"summary": "1864577",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1864577"
},
{
"category": "external",
"summary": "1866593",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1866593"
},
{
"category": "external",
"summary": "1867099",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1867099"
},
{
"category": "external",
"summary": "1868817",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1868817"
},
{
"category": "external",
"summary": "1873771",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1873771"
},
{
"category": "external",
"summary": "1874812",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1874812"
},
{
"category": "external",
"summary": "1878499",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1878499"
},
{
"category": "external",
"summary": "1879108",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1879108"
},
{
"category": "external",
"summary": "1881874",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1881874"
},
{
"category": "external",
"summary": "1883232",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1883232"
},
{
"category": "external",
"summary": "1883371",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1883371"
},
{
"category": "external",
"summary": "1885153",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1885153"
},
{
"category": "external",
"summary": "1885418",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1885418"
},
{
"category": "external",
"summary": "1887398",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1887398"
},
{
"category": "external",
"summary": "1889295",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1889295"
},
{
"category": "external",
"summary": "1891285",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1891285"
},
{
"category": "external",
"summary": "1891440",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1891440"
},
{
"category": "external",
"summary": "1892227",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1892227"
},
{
"category": "external",
"summary": "1893278",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1893278"
},
{
"category": "external",
"summary": "1893646",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1893646"
},
{
"category": "external",
"summary": "1894428",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1894428"
},
{
"category": "external",
"summary": "1894824",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1894824"
},
{
"category": "external",
"summary": "1894897",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1894897"
},
{
"category": "external",
"summary": "1895414",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1895414"
},
{
"category": "external",
"summary": "1897635",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1897635"
},
{
"category": "external",
"summary": "1898072",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1898072"
},
{
"category": "external",
"summary": "1898840",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1898840"
},
{
"category": "external",
"summary": "1899558",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1899558"
},
{
"category": "external",
"summary": "1901480",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1901480"
},
{
"category": "external",
"summary": "1902046",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1902046"
},
{
"category": "external",
"summary": "1902111",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1902111"
},
{
"category": "external",
"summary": "1903014",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1903014"
},
{
"category": "external",
"summary": "1903585",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1903585"
},
{
"category": "external",
"summary": "1904797",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1904797"
},
{
"category": "external",
"summary": "1906199",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1906199"
},
{
"category": "external",
"summary": "1907151",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1907151"
},
{
"category": "external",
"summary": "1907352",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1907352"
},
{
"category": "external",
"summary": "1907691",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1907691"
},
{
"category": "external",
"summary": "1907988",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1907988"
},
{
"category": "external",
"summary": "1908363",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1908363"
},
{
"category": "external",
"summary": "1908421",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1908421"
},
{
"category": "external",
"summary": "1908883",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1908883"
},
{
"category": "external",
"summary": "1909458",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1909458"
},
{
"category": "external",
"summary": "1910857",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1910857"
},
{
"category": "external",
"summary": "1911118",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1911118"
},
{
"category": "external",
"summary": "1911396",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1911396"
},
{
"category": "external",
"summary": "1911662",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1911662"
},
{
"category": "external",
"summary": "1912908",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1912908"
},
{
"category": "external",
"summary": "1913248",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1913248"
},
{
"category": "external",
"summary": "1913320",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1913320"
},
{
"category": "external",
"summary": "1913717",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1913717"
},
{
"category": "external",
"summary": "1913756",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1913756"
},
{
"category": "external",
"summary": "1914177",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1914177"
},
{
"category": "external",
"summary": "1914608",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1914608"
},
{
"category": "external",
"summary": "1914947",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1914947"
},
{
"category": "external",
"summary": "1917908",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1917908"
},
{
"category": "external",
"summary": "1917963",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1917963"
},
{
"category": "external",
"summary": "1919391",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1919391"
},
{
"category": "external",
"summary": "1920576",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1920576"
},
{
"category": "external",
"summary": "1920610",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1920610"
},
{
"category": "external",
"summary": "1921650",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1921650"
},
{
"category": "external",
"summary": "1923979",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1923979"
},
{
"category": "external",
"summary": "1927373",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1927373"
},
{
"category": "external",
"summary": "1931376",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1931376"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2021/rhsa-2021_0799.json"
}
],
"title": "Red Hat Security Advisory: OpenShift Virtualization 2.6.0 security and bug fix update",
"tracking": {
"current_release_date": "2026-05-15T02:04:30+00:00",
"generator": {
"date": "2026-05-15T02:04:30+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.8.0"
}
},
"id": "RHSA-2021:0799",
"initial_release_date": "2021-03-10T11:41:12+00:00",
"revision_history": [
{
"date": "2021-03-10T11:41:12+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2021-03-10T11:41:12+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-05-15T02:04:30+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "CNV 2.6 for RHEL 8",
"product": {
"name": "CNV 2.6 for RHEL 8",
"product_id": "8Base-CNV-2.6",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:container_native_virtualization:2.6::el8"
}
}
}
],
"category": "product_family",
"name": "OpenShift Virtualization"
},
{
"branches": [
{
"category": "product_version",
"name": "container-native-virtualization/kubevirt-cpu-model-nfd-plugin@sha256:efb152ddc837945aad0163f96c9668cbb8271c2b14716b9fef5b798c27efbe48_amd64",
"product": {
"name": "container-native-virtualization/kubevirt-cpu-model-nfd-plugin@sha256:efb152ddc837945aad0163f96c9668cbb8271c2b14716b9fef5b798c27efbe48_amd64",
"product_id": "container-native-virtualization/kubevirt-cpu-model-nfd-plugin@sha256:efb152ddc837945aad0163f96c9668cbb8271c2b14716b9fef5b798c27efbe48_amd64",
"product_identification_helper": {
"purl": "pkg:oci/kubevirt-cpu-model-nfd-plugin@sha256:efb152ddc837945aad0163f96c9668cbb8271c2b14716b9fef5b798c27efbe48?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/kubevirt-cpu-model-nfd-plugin\u0026tag=v2.6.0-9"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/kubevirt-cpu-node-labeller@sha256:2b78b4854b18e53e388d2d30bf68803e39f8fbc9a0b3713885081af25abfb3f1_amd64",
"product": {
"name": "container-native-virtualization/kubevirt-cpu-node-labeller@sha256:2b78b4854b18e53e388d2d30bf68803e39f8fbc9a0b3713885081af25abfb3f1_amd64",
"product_id": "container-native-virtualization/kubevirt-cpu-node-labeller@sha256:2b78b4854b18e53e388d2d30bf68803e39f8fbc9a0b3713885081af25abfb3f1_amd64",
"product_identification_helper": {
"purl": "pkg:oci/kubevirt-cpu-node-labeller@sha256:2b78b4854b18e53e388d2d30bf68803e39f8fbc9a0b3713885081af25abfb3f1?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/kubevirt-cpu-node-labeller\u0026tag=v2.6.0-7"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/kubevirt-kvm-info-nfd-plugin@sha256:2dcf59515b784d6decf484c1d756d5ddf4b65a38e78800a76ef1dab51020e553_amd64",
"product": {
"name": "container-native-virtualization/kubevirt-kvm-info-nfd-plugin@sha256:2dcf59515b784d6decf484c1d756d5ddf4b65a38e78800a76ef1dab51020e553_amd64",
"product_id": "container-native-virtualization/kubevirt-kvm-info-nfd-plugin@sha256:2dcf59515b784d6decf484c1d756d5ddf4b65a38e78800a76ef1dab51020e553_amd64",
"product_identification_helper": {
"purl": "pkg:oci/kubevirt-kvm-info-nfd-plugin@sha256:2dcf59515b784d6decf484c1d756d5ddf4b65a38e78800a76ef1dab51020e553?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/kubevirt-kvm-info-nfd-plugin\u0026tag=v2.6.0-7"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/vm-import-controller-rhel8@sha256:ad9c84b90577d32229b803f7b8d014f39f517d0961de46de972fce3801fdfdc8_amd64",
"product": {
"name": "container-native-virtualization/vm-import-controller-rhel8@sha256:ad9c84b90577d32229b803f7b8d014f39f517d0961de46de972fce3801fdfdc8_amd64",
"product_id": "container-native-virtualization/vm-import-controller-rhel8@sha256:ad9c84b90577d32229b803f7b8d014f39f517d0961de46de972fce3801fdfdc8_amd64",
"product_identification_helper": {
"purl": "pkg:oci/vm-import-controller-rhel8@sha256:ad9c84b90577d32229b803f7b8d014f39f517d0961de46de972fce3801fdfdc8?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/vm-import-controller-rhel8\u0026tag=v2.6.0-25"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/vm-import-controller@sha256:ad9c84b90577d32229b803f7b8d014f39f517d0961de46de972fce3801fdfdc8_amd64",
"product": {
"name": "container-native-virtualization/vm-import-controller@sha256:ad9c84b90577d32229b803f7b8d014f39f517d0961de46de972fce3801fdfdc8_amd64",
"product_id": "container-native-virtualization/vm-import-controller@sha256:ad9c84b90577d32229b803f7b8d014f39f517d0961de46de972fce3801fdfdc8_amd64",
"product_identification_helper": {
"purl": "pkg:oci/vm-import-controller@sha256:ad9c84b90577d32229b803f7b8d014f39f517d0961de46de972fce3801fdfdc8?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/vm-import-controller\u0026tag=v2.6.0-25"
}
}
}
],
"category": "architecture",
"name": "amd64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/kubevirt-cpu-model-nfd-plugin@sha256:efb152ddc837945aad0163f96c9668cbb8271c2b14716b9fef5b798c27efbe48_amd64 as a component of CNV 2.6 for RHEL 8",
"product_id": "8Base-CNV-2.6:container-native-virtualization/kubevirt-cpu-model-nfd-plugin@sha256:efb152ddc837945aad0163f96c9668cbb8271c2b14716b9fef5b798c27efbe48_amd64"
},
"product_reference": "container-native-virtualization/kubevirt-cpu-model-nfd-plugin@sha256:efb152ddc837945aad0163f96c9668cbb8271c2b14716b9fef5b798c27efbe48_amd64",
"relates_to_product_reference": "8Base-CNV-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/kubevirt-cpu-node-labeller@sha256:2b78b4854b18e53e388d2d30bf68803e39f8fbc9a0b3713885081af25abfb3f1_amd64 as a component of CNV 2.6 for RHEL 8",
"product_id": "8Base-CNV-2.6:container-native-virtualization/kubevirt-cpu-node-labeller@sha256:2b78b4854b18e53e388d2d30bf68803e39f8fbc9a0b3713885081af25abfb3f1_amd64"
},
"product_reference": "container-native-virtualization/kubevirt-cpu-node-labeller@sha256:2b78b4854b18e53e388d2d30bf68803e39f8fbc9a0b3713885081af25abfb3f1_amd64",
"relates_to_product_reference": "8Base-CNV-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/kubevirt-kvm-info-nfd-plugin@sha256:2dcf59515b784d6decf484c1d756d5ddf4b65a38e78800a76ef1dab51020e553_amd64 as a component of CNV 2.6 for RHEL 8",
"product_id": "8Base-CNV-2.6:container-native-virtualization/kubevirt-kvm-info-nfd-plugin@sha256:2dcf59515b784d6decf484c1d756d5ddf4b65a38e78800a76ef1dab51020e553_amd64"
},
"product_reference": "container-native-virtualization/kubevirt-kvm-info-nfd-plugin@sha256:2dcf59515b784d6decf484c1d756d5ddf4b65a38e78800a76ef1dab51020e553_amd64",
"relates_to_product_reference": "8Base-CNV-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/vm-import-controller-rhel8@sha256:ad9c84b90577d32229b803f7b8d014f39f517d0961de46de972fce3801fdfdc8_amd64 as a component of CNV 2.6 for RHEL 8",
"product_id": "8Base-CNV-2.6:container-native-virtualization/vm-import-controller-rhel8@sha256:ad9c84b90577d32229b803f7b8d014f39f517d0961de46de972fce3801fdfdc8_amd64"
},
"product_reference": "container-native-virtualization/vm-import-controller-rhel8@sha256:ad9c84b90577d32229b803f7b8d014f39f517d0961de46de972fce3801fdfdc8_amd64",
"relates_to_product_reference": "8Base-CNV-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/vm-import-controller@sha256:ad9c84b90577d32229b803f7b8d014f39f517d0961de46de972fce3801fdfdc8_amd64 as a component of CNV 2.6 for RHEL 8",
"product_id": "8Base-CNV-2.6:container-native-virtualization/vm-import-controller@sha256:ad9c84b90577d32229b803f7b8d014f39f517d0961de46de972fce3801fdfdc8_amd64"
},
"product_reference": "container-native-virtualization/vm-import-controller@sha256:ad9c84b90577d32229b803f7b8d014f39f517d0961de46de972fce3801fdfdc8_amd64",
"relates_to_product_reference": "8Base-CNV-2.6"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2020-9283",
"cwe": {
"id": "CWE-130",
"name": "Improper Handling of Length Parameter Inconsistency"
},
"discovery_date": "2020-02-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1804533"
}
],
"notes": [
{
"category": "description",
"text": "A denial of service vulnerability was found in the SSH package of the golang.org/x/crypto library. An attacker could exploit this flaw by supplying crafted SSH ed25519 keys to cause a crash in applications that use this package as either an SSH client or server.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang.org/x/crypto: Processing of crafted ssh-ed25519 public keys allows for panic",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "OpenShift Container Platform uses the vulnerable library in a number of components but strictly as an SSH client. The severity of this vulnerability is reduced for clients as it requires connections to malicious SSH servers, with the maximum impact only a client crash. This vulnerability is rated Low for OpenShift Container Platform.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-CNV-2.6:container-native-virtualization/kubevirt-cpu-model-nfd-plugin@sha256:efb152ddc837945aad0163f96c9668cbb8271c2b14716b9fef5b798c27efbe48_amd64",
"8Base-CNV-2.6:container-native-virtualization/kubevirt-cpu-node-labeller@sha256:2b78b4854b18e53e388d2d30bf68803e39f8fbc9a0b3713885081af25abfb3f1_amd64",
"8Base-CNV-2.6:container-native-virtualization/kubevirt-kvm-info-nfd-plugin@sha256:2dcf59515b784d6decf484c1d756d5ddf4b65a38e78800a76ef1dab51020e553_amd64",
"8Base-CNV-2.6:container-native-virtualization/vm-import-controller-rhel8@sha256:ad9c84b90577d32229b803f7b8d014f39f517d0961de46de972fce3801fdfdc8_amd64",
"8Base-CNV-2.6:container-native-virtualization/vm-import-controller@sha256:ad9c84b90577d32229b803f7b8d014f39f517d0961de46de972fce3801fdfdc8_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-9283"
},
{
"category": "external",
"summary": "RHBZ#1804533",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1804533"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-9283",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-9283"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-9283",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-9283"
},
{
"category": "external",
"summary": "https://groups.google.com/forum/#!topic/golang-announce/3L45YRc91SY",
"url": "https://groups.google.com/forum/#!topic/golang-announce/3L45YRc91SY"
}
],
"release_date": "2020-02-21T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-03-10T11:41:12+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-CNV-2.6:container-native-virtualization/kubevirt-cpu-model-nfd-plugin@sha256:efb152ddc837945aad0163f96c9668cbb8271c2b14716b9fef5b798c27efbe48_amd64",
"8Base-CNV-2.6:container-native-virtualization/kubevirt-cpu-node-labeller@sha256:2b78b4854b18e53e388d2d30bf68803e39f8fbc9a0b3713885081af25abfb3f1_amd64",
"8Base-CNV-2.6:container-native-virtualization/kubevirt-kvm-info-nfd-plugin@sha256:2dcf59515b784d6decf484c1d756d5ddf4b65a38e78800a76ef1dab51020e553_amd64",
"8Base-CNV-2.6:container-native-virtualization/vm-import-controller-rhel8@sha256:ad9c84b90577d32229b803f7b8d014f39f517d0961de46de972fce3801fdfdc8_amd64",
"8Base-CNV-2.6:container-native-virtualization/vm-import-controller@sha256:ad9c84b90577d32229b803f7b8d014f39f517d0961de46de972fce3801fdfdc8_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:0799"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-CNV-2.6:container-native-virtualization/kubevirt-cpu-model-nfd-plugin@sha256:efb152ddc837945aad0163f96c9668cbb8271c2b14716b9fef5b798c27efbe48_amd64",
"8Base-CNV-2.6:container-native-virtualization/kubevirt-cpu-node-labeller@sha256:2b78b4854b18e53e388d2d30bf68803e39f8fbc9a0b3713885081af25abfb3f1_amd64",
"8Base-CNV-2.6:container-native-virtualization/kubevirt-kvm-info-nfd-plugin@sha256:2dcf59515b784d6decf484c1d756d5ddf4b65a38e78800a76ef1dab51020e553_amd64",
"8Base-CNV-2.6:container-native-virtualization/vm-import-controller-rhel8@sha256:ad9c84b90577d32229b803f7b8d014f39f517d0961de46de972fce3801fdfdc8_amd64",
"8Base-CNV-2.6:container-native-virtualization/vm-import-controller@sha256:ad9c84b90577d32229b803f7b8d014f39f517d0961de46de972fce3801fdfdc8_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang.org/x/crypto: Processing of crafted ssh-ed25519 public keys allows for panic"
},
{
"cve": "CVE-2020-14040",
"cwe": {
"id": "CWE-835",
"name": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)"
},
"discovery_date": "2020-06-17T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1853652"
}
],
"notes": [
{
"category": "description",
"text": "A denial of service vulnerability was found in the golang.org/x/text library. A library or application must use one of the vulnerable functions, such as unicode.Transform, transform.String, or transform.Byte, to be susceptible to this vulnerability. If an attacker is able to supply specific characters or strings to the vulnerable application, there is the potential to cause an infinite loop to occur using more memory, resulting in a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang.org/x/text: possibility to trigger an infinite loop in encoding/unicode could lead to crash",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "* OpenShift ServiceMesh (OSSM) 1.0 is Out Of Support Scope (OOSS) for Moderate and Low impact vulnerabilities. Jaeger was packaged with ServiceMesh in 1.0, and hence is also marked OOSS, but the Jaeger-Operator is a standalone product and is affected by this vulnerability.\n\n* Because Service Telemetry Framework does not directly use unicode.UTF16, no update will be provided at this time for STF\u0027s sg-core-container.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-CNV-2.6:container-native-virtualization/kubevirt-cpu-model-nfd-plugin@sha256:efb152ddc837945aad0163f96c9668cbb8271c2b14716b9fef5b798c27efbe48_amd64",
"8Base-CNV-2.6:container-native-virtualization/kubevirt-cpu-node-labeller@sha256:2b78b4854b18e53e388d2d30bf68803e39f8fbc9a0b3713885081af25abfb3f1_amd64",
"8Base-CNV-2.6:container-native-virtualization/kubevirt-kvm-info-nfd-plugin@sha256:2dcf59515b784d6decf484c1d756d5ddf4b65a38e78800a76ef1dab51020e553_amd64",
"8Base-CNV-2.6:container-native-virtualization/vm-import-controller-rhel8@sha256:ad9c84b90577d32229b803f7b8d014f39f517d0961de46de972fce3801fdfdc8_amd64",
"8Base-CNV-2.6:container-native-virtualization/vm-import-controller@sha256:ad9c84b90577d32229b803f7b8d014f39f517d0961de46de972fce3801fdfdc8_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-14040"
},
{
"category": "external",
"summary": "RHBZ#1853652",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1853652"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-14040",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14040"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-14040",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-14040"
},
{
"category": "external",
"summary": "https://github.com/golang/go/issues/39491",
"url": "https://github.com/golang/go/issues/39491"
},
{
"category": "external",
"summary": "https://groups.google.com/forum/#!topic/golang-announce/bXVeAmGOqz0",
"url": "https://groups.google.com/forum/#!topic/golang-announce/bXVeAmGOqz0"
}
],
"release_date": "2020-06-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-03-10T11:41:12+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-CNV-2.6:container-native-virtualization/kubevirt-cpu-model-nfd-plugin@sha256:efb152ddc837945aad0163f96c9668cbb8271c2b14716b9fef5b798c27efbe48_amd64",
"8Base-CNV-2.6:container-native-virtualization/kubevirt-cpu-node-labeller@sha256:2b78b4854b18e53e388d2d30bf68803e39f8fbc9a0b3713885081af25abfb3f1_amd64",
"8Base-CNV-2.6:container-native-virtualization/kubevirt-kvm-info-nfd-plugin@sha256:2dcf59515b784d6decf484c1d756d5ddf4b65a38e78800a76ef1dab51020e553_amd64",
"8Base-CNV-2.6:container-native-virtualization/vm-import-controller-rhel8@sha256:ad9c84b90577d32229b803f7b8d014f39f517d0961de46de972fce3801fdfdc8_amd64",
"8Base-CNV-2.6:container-native-virtualization/vm-import-controller@sha256:ad9c84b90577d32229b803f7b8d014f39f517d0961de46de972fce3801fdfdc8_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:0799"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-CNV-2.6:container-native-virtualization/kubevirt-cpu-model-nfd-plugin@sha256:efb152ddc837945aad0163f96c9668cbb8271c2b14716b9fef5b798c27efbe48_amd64",
"8Base-CNV-2.6:container-native-virtualization/kubevirt-cpu-node-labeller@sha256:2b78b4854b18e53e388d2d30bf68803e39f8fbc9a0b3713885081af25abfb3f1_amd64",
"8Base-CNV-2.6:container-native-virtualization/kubevirt-kvm-info-nfd-plugin@sha256:2dcf59515b784d6decf484c1d756d5ddf4b65a38e78800a76ef1dab51020e553_amd64",
"8Base-CNV-2.6:container-native-virtualization/vm-import-controller-rhel8@sha256:ad9c84b90577d32229b803f7b8d014f39f517d0961de46de972fce3801fdfdc8_amd64",
"8Base-CNV-2.6:container-native-virtualization/vm-import-controller@sha256:ad9c84b90577d32229b803f7b8d014f39f517d0961de46de972fce3801fdfdc8_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang.org/x/text: possibility to trigger an infinite loop in encoding/unicode could lead to crash"
},
{
"cve": "CVE-2020-15586",
"cwe": {
"id": "CWE-362",
"name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
},
"discovery_date": "2020-07-14T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1856953"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found Go\u0027s net/http package. Servers using ReverseProxy from net/http in the Go standard library are vulnerable to a data race that results in a denial of service. The highest threat from this vulnerability is to system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: data race in certain net/http servers including ReverseProxy can lead to DoS",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "OpenShift Container Platform (OCP) components are primarily written in Go, meaning that any component using the net/http package includes the vulnerable code. OCP server endpoints using ReverseProxy are protected by authentication, reducing the severity of this vulnerability to Low for OCP.\n\nSimilar to OCP, OpenShift ServiceMesh (OSSM), RedHat OpenShift Jaeger (RHOSJ) and OpenShift Virtualization are also primarily written in Go and are protected via authentication, reducing the severity of this vulnerability to Low.\n\nRed Hat Gluster Storage 3 and Red Hat Openshift Container Storage 4 components are built with the affected version of Go, however the vulnerable functionality is currently not used by these products and hence this issue has been rated as having a security impact of Low.\n\nRed Hat Ceph Storage 3 and 4 components are built with the affected version of Go, however the vulnerable functionality is currently not used by these products and hence this issue has been rated as having a security impact of Low.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-CNV-2.6:container-native-virtualization/kubevirt-cpu-model-nfd-plugin@sha256:efb152ddc837945aad0163f96c9668cbb8271c2b14716b9fef5b798c27efbe48_amd64",
"8Base-CNV-2.6:container-native-virtualization/kubevirt-cpu-node-labeller@sha256:2b78b4854b18e53e388d2d30bf68803e39f8fbc9a0b3713885081af25abfb3f1_amd64",
"8Base-CNV-2.6:container-native-virtualization/kubevirt-kvm-info-nfd-plugin@sha256:2dcf59515b784d6decf484c1d756d5ddf4b65a38e78800a76ef1dab51020e553_amd64",
"8Base-CNV-2.6:container-native-virtualization/vm-import-controller-rhel8@sha256:ad9c84b90577d32229b803f7b8d014f39f517d0961de46de972fce3801fdfdc8_amd64",
"8Base-CNV-2.6:container-native-virtualization/vm-import-controller@sha256:ad9c84b90577d32229b803f7b8d014f39f517d0961de46de972fce3801fdfdc8_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-15586"
},
{
"category": "external",
"summary": "RHBZ#1856953",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1856953"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-15586",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-15586"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-15586",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-15586"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/XZNfaiwgt2w/m/E6gHDs32AQAJ",
"url": "https://groups.google.com/g/golang-announce/c/XZNfaiwgt2w/m/E6gHDs32AQAJ"
}
],
"release_date": "2020-07-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-03-10T11:41:12+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-CNV-2.6:container-native-virtualization/kubevirt-cpu-model-nfd-plugin@sha256:efb152ddc837945aad0163f96c9668cbb8271c2b14716b9fef5b798c27efbe48_amd64",
"8Base-CNV-2.6:container-native-virtualization/kubevirt-cpu-node-labeller@sha256:2b78b4854b18e53e388d2d30bf68803e39f8fbc9a0b3713885081af25abfb3f1_amd64",
"8Base-CNV-2.6:container-native-virtualization/kubevirt-kvm-info-nfd-plugin@sha256:2dcf59515b784d6decf484c1d756d5ddf4b65a38e78800a76ef1dab51020e553_amd64",
"8Base-CNV-2.6:container-native-virtualization/vm-import-controller-rhel8@sha256:ad9c84b90577d32229b803f7b8d014f39f517d0961de46de972fce3801fdfdc8_amd64",
"8Base-CNV-2.6:container-native-virtualization/vm-import-controller@sha256:ad9c84b90577d32229b803f7b8d014f39f517d0961de46de972fce3801fdfdc8_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:0799"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-CNV-2.6:container-native-virtualization/kubevirt-cpu-model-nfd-plugin@sha256:efb152ddc837945aad0163f96c9668cbb8271c2b14716b9fef5b798c27efbe48_amd64",
"8Base-CNV-2.6:container-native-virtualization/kubevirt-cpu-node-labeller@sha256:2b78b4854b18e53e388d2d30bf68803e39f8fbc9a0b3713885081af25abfb3f1_amd64",
"8Base-CNV-2.6:container-native-virtualization/kubevirt-kvm-info-nfd-plugin@sha256:2dcf59515b784d6decf484c1d756d5ddf4b65a38e78800a76ef1dab51020e553_amd64",
"8Base-CNV-2.6:container-native-virtualization/vm-import-controller-rhel8@sha256:ad9c84b90577d32229b803f7b8d014f39f517d0961de46de972fce3801fdfdc8_amd64",
"8Base-CNV-2.6:container-native-virtualization/vm-import-controller@sha256:ad9c84b90577d32229b803f7b8d014f39f517d0961de46de972fce3801fdfdc8_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: data race in certain net/http servers including ReverseProxy can lead to DoS"
},
{
"cve": "CVE-2020-16845",
"cwe": {
"id": "CWE-835",
"name": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)"
},
"discovery_date": "2020-08-07T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1867099"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Go encoding/binary package. Certain invalid inputs to the ReadUvarint or the ReadVarint causes those functions to read an unlimited number of bytes from the ByteReader argument before returning an error. This flaw possibly leads to processing more input than expected. The highest threat from this vulnerability is to system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: ReadUvarint and ReadVarint can read an unlimited number of bytes from invalid inputs",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "OpenShift Container Platform (OCP), OpenShift ServiceMesh (OSSM), RedHat OpenShift Jaeger (RHOSJ) and OpenShift Virtualization components are primarily written in Go, meaning that any component using the encoding/binary package includes the vulnerable code. The affected components are behind OpenShift OAuth authentication, therefore the impact is low.\n\nRed Hat Gluster Storage 3, Red Hat OpenShift Container Storage 4 and Red Hat Ceph Storage (3 and 4) components are built with the affected version of Go, however the vulnerable functionality is currently not used by these products and hence this issue has been rated as having a security impact of Low.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-CNV-2.6:container-native-virtualization/kubevirt-cpu-model-nfd-plugin@sha256:efb152ddc837945aad0163f96c9668cbb8271c2b14716b9fef5b798c27efbe48_amd64",
"8Base-CNV-2.6:container-native-virtualization/kubevirt-cpu-node-labeller@sha256:2b78b4854b18e53e388d2d30bf68803e39f8fbc9a0b3713885081af25abfb3f1_amd64",
"8Base-CNV-2.6:container-native-virtualization/kubevirt-kvm-info-nfd-plugin@sha256:2dcf59515b784d6decf484c1d756d5ddf4b65a38e78800a76ef1dab51020e553_amd64",
"8Base-CNV-2.6:container-native-virtualization/vm-import-controller-rhel8@sha256:ad9c84b90577d32229b803f7b8d014f39f517d0961de46de972fce3801fdfdc8_amd64",
"8Base-CNV-2.6:container-native-virtualization/vm-import-controller@sha256:ad9c84b90577d32229b803f7b8d014f39f517d0961de46de972fce3801fdfdc8_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-16845"
},
{
"category": "external",
"summary": "RHBZ#1867099",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1867099"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-16845",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-16845"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-16845",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-16845"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/NyPIaucMgXo",
"url": "https://groups.google.com/g/golang-announce/c/NyPIaucMgXo"
}
],
"release_date": "2020-08-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-03-10T11:41:12+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-CNV-2.6:container-native-virtualization/kubevirt-cpu-model-nfd-plugin@sha256:efb152ddc837945aad0163f96c9668cbb8271c2b14716b9fef5b798c27efbe48_amd64",
"8Base-CNV-2.6:container-native-virtualization/kubevirt-cpu-node-labeller@sha256:2b78b4854b18e53e388d2d30bf68803e39f8fbc9a0b3713885081af25abfb3f1_amd64",
"8Base-CNV-2.6:container-native-virtualization/kubevirt-kvm-info-nfd-plugin@sha256:2dcf59515b784d6decf484c1d756d5ddf4b65a38e78800a76ef1dab51020e553_amd64",
"8Base-CNV-2.6:container-native-virtualization/vm-import-controller-rhel8@sha256:ad9c84b90577d32229b803f7b8d014f39f517d0961de46de972fce3801fdfdc8_amd64",
"8Base-CNV-2.6:container-native-virtualization/vm-import-controller@sha256:ad9c84b90577d32229b803f7b8d014f39f517d0961de46de972fce3801fdfdc8_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:0799"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-CNV-2.6:container-native-virtualization/kubevirt-cpu-model-nfd-plugin@sha256:efb152ddc837945aad0163f96c9668cbb8271c2b14716b9fef5b798c27efbe48_amd64",
"8Base-CNV-2.6:container-native-virtualization/kubevirt-cpu-node-labeller@sha256:2b78b4854b18e53e388d2d30bf68803e39f8fbc9a0b3713885081af25abfb3f1_amd64",
"8Base-CNV-2.6:container-native-virtualization/kubevirt-kvm-info-nfd-plugin@sha256:2dcf59515b784d6decf484c1d756d5ddf4b65a38e78800a76ef1dab51020e553_amd64",
"8Base-CNV-2.6:container-native-virtualization/vm-import-controller-rhel8@sha256:ad9c84b90577d32229b803f7b8d014f39f517d0961de46de972fce3801fdfdc8_amd64",
"8Base-CNV-2.6:container-native-virtualization/vm-import-controller@sha256:ad9c84b90577d32229b803f7b8d014f39f517d0961de46de972fce3801fdfdc8_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: ReadUvarint and ReadVarint can read an unlimited number of bytes from invalid inputs"
},
{
"cve": "CVE-2020-26160",
"cwe": {
"id": "CWE-284",
"name": "Improper Access Control"
},
"discovery_date": "2020-09-23T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1883371"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in jwt-go where it is vulnerable to Access Restriction Bypass if m[\"aud\"] happens to be []string{}, as allowed by the spec, the type assertion fails and the value of aud is \"\". This can cause audience verification to succeed even if the audiences being passed are incorrect if required is set to false.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jwt-go: access restriction bypass vulnerability",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The github.com/dgrijalva/jwt-go module is an indirect dependency of the k8s.io/client-go module pulled into Quay Bridge, and Setup operators via the Operator\u0027s SDK generated code. The k8s.io/client-go module does not use jwt-go in an unsafe way [1]. Red Hat Quay components have been marked as wontfix. This may be fixed in the future.\n\nSimilar to Quay, multiple OpenShift Container Platform (OCP) containers include jwt-go as a transient dependency due to go-autorest [1]. As such, those containers do not use jwt-go in an unsafe way. They have been marked wontfix at this time and may be fixed in a future update.\n\nSame as Quay and OpenShift Container Platform, components shipped with Red Hat OpenShift Container Storage 4 do not use jwt-go in an unsafe way and hence this issue has been rated as having a security impact of Low. A future update may address this issue.\n\nRed Hat Gluster Storage 3 shipped multi-cloud-object-gateway-cli as a technical preview and is not currently planned to be addressed in future updates, hence the multi-cloud-object-gateway-cli package will not be fixed.\n\n[1] https://github.com/Azure/go-autorest/issues/568#issuecomment-703804062",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-CNV-2.6:container-native-virtualization/kubevirt-cpu-model-nfd-plugin@sha256:efb152ddc837945aad0163f96c9668cbb8271c2b14716b9fef5b798c27efbe48_amd64",
"8Base-CNV-2.6:container-native-virtualization/kubevirt-cpu-node-labeller@sha256:2b78b4854b18e53e388d2d30bf68803e39f8fbc9a0b3713885081af25abfb3f1_amd64",
"8Base-CNV-2.6:container-native-virtualization/kubevirt-kvm-info-nfd-plugin@sha256:2dcf59515b784d6decf484c1d756d5ddf4b65a38e78800a76ef1dab51020e553_amd64",
"8Base-CNV-2.6:container-native-virtualization/vm-import-controller-rhel8@sha256:ad9c84b90577d32229b803f7b8d014f39f517d0961de46de972fce3801fdfdc8_amd64",
"8Base-CNV-2.6:container-native-virtualization/vm-import-controller@sha256:ad9c84b90577d32229b803f7b8d014f39f517d0961de46de972fce3801fdfdc8_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-26160"
},
{
"category": "external",
"summary": "RHBZ#1883371",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1883371"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-26160",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-26160"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-26160",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-26160"
},
{
"category": "external",
"summary": "https://snyk.io/vuln/SNYK-GOLANG-GITHUBCOMDGRIJALVAJWTGO-596515",
"url": "https://snyk.io/vuln/SNYK-GOLANG-GITHUBCOMDGRIJALVAJWTGO-596515"
}
],
"release_date": "2020-09-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-03-10T11:41:12+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-CNV-2.6:container-native-virtualization/kubevirt-cpu-model-nfd-plugin@sha256:efb152ddc837945aad0163f96c9668cbb8271c2b14716b9fef5b798c27efbe48_amd64",
"8Base-CNV-2.6:container-native-virtualization/kubevirt-cpu-node-labeller@sha256:2b78b4854b18e53e388d2d30bf68803e39f8fbc9a0b3713885081af25abfb3f1_amd64",
"8Base-CNV-2.6:container-native-virtualization/kubevirt-kvm-info-nfd-plugin@sha256:2dcf59515b784d6decf484c1d756d5ddf4b65a38e78800a76ef1dab51020e553_amd64",
"8Base-CNV-2.6:container-native-virtualization/vm-import-controller-rhel8@sha256:ad9c84b90577d32229b803f7b8d014f39f517d0961de46de972fce3801fdfdc8_amd64",
"8Base-CNV-2.6:container-native-virtualization/vm-import-controller@sha256:ad9c84b90577d32229b803f7b8d014f39f517d0961de46de972fce3801fdfdc8_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:0799"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"8Base-CNV-2.6:container-native-virtualization/kubevirt-cpu-model-nfd-plugin@sha256:efb152ddc837945aad0163f96c9668cbb8271c2b14716b9fef5b798c27efbe48_amd64",
"8Base-CNV-2.6:container-native-virtualization/kubevirt-cpu-node-labeller@sha256:2b78b4854b18e53e388d2d30bf68803e39f8fbc9a0b3713885081af25abfb3f1_amd64",
"8Base-CNV-2.6:container-native-virtualization/kubevirt-kvm-info-nfd-plugin@sha256:2dcf59515b784d6decf484c1d756d5ddf4b65a38e78800a76ef1dab51020e553_amd64",
"8Base-CNV-2.6:container-native-virtualization/vm-import-controller-rhel8@sha256:ad9c84b90577d32229b803f7b8d014f39f517d0961de46de972fce3801fdfdc8_amd64",
"8Base-CNV-2.6:container-native-virtualization/vm-import-controller@sha256:ad9c84b90577d32229b803f7b8d014f39f517d0961de46de972fce3801fdfdc8_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jwt-go: access restriction bypass vulnerability"
},
{
"cve": "CVE-2020-27813",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2020-11-27T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1902111"
}
],
"notes": [
{
"category": "description",
"text": "An integer overflow vulnerability exists with the length of websocket frames received via a websocket connection. An attacker could use this flaw to cause a denial of service attack on an HTTP Server allowing websocket connections.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang-github-gorilla-websocket: integer overflow leads to denial of service",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-CNV-2.6:container-native-virtualization/kubevirt-cpu-model-nfd-plugin@sha256:efb152ddc837945aad0163f96c9668cbb8271c2b14716b9fef5b798c27efbe48_amd64",
"8Base-CNV-2.6:container-native-virtualization/kubevirt-cpu-node-labeller@sha256:2b78b4854b18e53e388d2d30bf68803e39f8fbc9a0b3713885081af25abfb3f1_amd64",
"8Base-CNV-2.6:container-native-virtualization/kubevirt-kvm-info-nfd-plugin@sha256:2dcf59515b784d6decf484c1d756d5ddf4b65a38e78800a76ef1dab51020e553_amd64",
"8Base-CNV-2.6:container-native-virtualization/vm-import-controller-rhel8@sha256:ad9c84b90577d32229b803f7b8d014f39f517d0961de46de972fce3801fdfdc8_amd64",
"8Base-CNV-2.6:container-native-virtualization/vm-import-controller@sha256:ad9c84b90577d32229b803f7b8d014f39f517d0961de46de972fce3801fdfdc8_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-27813"
},
{
"category": "external",
"summary": "RHBZ#1902111",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1902111"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-27813",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-27813"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-27813",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-27813"
},
{
"category": "external",
"summary": "https://github.com/gorilla/websocket/security/advisories/GHSA-jf24-p9p9-4rjh",
"url": "https://github.com/gorilla/websocket/security/advisories/GHSA-jf24-p9p9-4rjh"
}
],
"release_date": "2019-08-25T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-03-10T11:41:12+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-CNV-2.6:container-native-virtualization/kubevirt-cpu-model-nfd-plugin@sha256:efb152ddc837945aad0163f96c9668cbb8271c2b14716b9fef5b798c27efbe48_amd64",
"8Base-CNV-2.6:container-native-virtualization/kubevirt-cpu-node-labeller@sha256:2b78b4854b18e53e388d2d30bf68803e39f8fbc9a0b3713885081af25abfb3f1_amd64",
"8Base-CNV-2.6:container-native-virtualization/kubevirt-kvm-info-nfd-plugin@sha256:2dcf59515b784d6decf484c1d756d5ddf4b65a38e78800a76ef1dab51020e553_amd64",
"8Base-CNV-2.6:container-native-virtualization/vm-import-controller-rhel8@sha256:ad9c84b90577d32229b803f7b8d014f39f517d0961de46de972fce3801fdfdc8_amd64",
"8Base-CNV-2.6:container-native-virtualization/vm-import-controller@sha256:ad9c84b90577d32229b803f7b8d014f39f517d0961de46de972fce3801fdfdc8_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:0799"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-CNV-2.6:container-native-virtualization/kubevirt-cpu-model-nfd-plugin@sha256:efb152ddc837945aad0163f96c9668cbb8271c2b14716b9fef5b798c27efbe48_amd64",
"8Base-CNV-2.6:container-native-virtualization/kubevirt-cpu-node-labeller@sha256:2b78b4854b18e53e388d2d30bf68803e39f8fbc9a0b3713885081af25abfb3f1_amd64",
"8Base-CNV-2.6:container-native-virtualization/kubevirt-kvm-info-nfd-plugin@sha256:2dcf59515b784d6decf484c1d756d5ddf4b65a38e78800a76ef1dab51020e553_amd64",
"8Base-CNV-2.6:container-native-virtualization/vm-import-controller-rhel8@sha256:ad9c84b90577d32229b803f7b8d014f39f517d0961de46de972fce3801fdfdc8_amd64",
"8Base-CNV-2.6:container-native-virtualization/vm-import-controller@sha256:ad9c84b90577d32229b803f7b8d014f39f517d0961de46de972fce3801fdfdc8_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang-github-gorilla-websocket: integer overflow leads to denial of service"
},
{
"cve": "CVE-2020-28362",
"cwe": {
"id": "CWE-295",
"name": "Improper Certificate Validation"
},
"discovery_date": "2020-11-12T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1897635"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the math/big package of Go\u0027s standard library that causes a denial of service. Applications written in Go that use math/big via cryptographic packages, including crypto/rsa and crypto/x509, are vulnerable and can potentially cause panic via a crafted certificate chain. The highest threat from this vulnerability is to system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: math/big: panic during recursive division of very large numbers",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "OpenShift ServiceMesh (OSSM) 1.1 is Out Of Support Scope (OOSS) for Moderate and Low impact vulnerabilities because it is now in the Maintenance Phase of the support.\nOpenshift Virtualization 1 (formerly Container Native Virtualization) is Out Of Support Scope (OOSS) for Moderate and Low impact vulnerabilities.\n\nRed Hat Gluster Storage 3 shipped multi-cloud-object-gateway-cli and noobaa-operator container as a technical preview and is not currently planned to be addressed in future updates.\n\nOpenShift Container Platform (OCP) 4.5 and earlier are built with Go versions earlier than 1.14, which are not affected by this vulnerability. OCP 4.6 is built with Go 1.15 and is affected.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-CNV-2.6:container-native-virtualization/kubevirt-cpu-model-nfd-plugin@sha256:efb152ddc837945aad0163f96c9668cbb8271c2b14716b9fef5b798c27efbe48_amd64",
"8Base-CNV-2.6:container-native-virtualization/kubevirt-cpu-node-labeller@sha256:2b78b4854b18e53e388d2d30bf68803e39f8fbc9a0b3713885081af25abfb3f1_amd64",
"8Base-CNV-2.6:container-native-virtualization/kubevirt-kvm-info-nfd-plugin@sha256:2dcf59515b784d6decf484c1d756d5ddf4b65a38e78800a76ef1dab51020e553_amd64",
"8Base-CNV-2.6:container-native-virtualization/vm-import-controller-rhel8@sha256:ad9c84b90577d32229b803f7b8d014f39f517d0961de46de972fce3801fdfdc8_amd64",
"8Base-CNV-2.6:container-native-virtualization/vm-import-controller@sha256:ad9c84b90577d32229b803f7b8d014f39f517d0961de46de972fce3801fdfdc8_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-28362"
},
{
"category": "external",
"summary": "RHBZ#1897635",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1897635"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-28362",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-28362"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-28362",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-28362"
}
],
"release_date": "2020-11-12T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-03-10T11:41:12+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-CNV-2.6:container-native-virtualization/kubevirt-cpu-model-nfd-plugin@sha256:efb152ddc837945aad0163f96c9668cbb8271c2b14716b9fef5b798c27efbe48_amd64",
"8Base-CNV-2.6:container-native-virtualization/kubevirt-cpu-node-labeller@sha256:2b78b4854b18e53e388d2d30bf68803e39f8fbc9a0b3713885081af25abfb3f1_amd64",
"8Base-CNV-2.6:container-native-virtualization/kubevirt-kvm-info-nfd-plugin@sha256:2dcf59515b784d6decf484c1d756d5ddf4b65a38e78800a76ef1dab51020e553_amd64",
"8Base-CNV-2.6:container-native-virtualization/vm-import-controller-rhel8@sha256:ad9c84b90577d32229b803f7b8d014f39f517d0961de46de972fce3801fdfdc8_amd64",
"8Base-CNV-2.6:container-native-virtualization/vm-import-controller@sha256:ad9c84b90577d32229b803f7b8d014f39f517d0961de46de972fce3801fdfdc8_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:0799"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-CNV-2.6:container-native-virtualization/kubevirt-cpu-model-nfd-plugin@sha256:efb152ddc837945aad0163f96c9668cbb8271c2b14716b9fef5b798c27efbe48_amd64",
"8Base-CNV-2.6:container-native-virtualization/kubevirt-cpu-node-labeller@sha256:2b78b4854b18e53e388d2d30bf68803e39f8fbc9a0b3713885081af25abfb3f1_amd64",
"8Base-CNV-2.6:container-native-virtualization/kubevirt-kvm-info-nfd-plugin@sha256:2dcf59515b784d6decf484c1d756d5ddf4b65a38e78800a76ef1dab51020e553_amd64",
"8Base-CNV-2.6:container-native-virtualization/vm-import-controller-rhel8@sha256:ad9c84b90577d32229b803f7b8d014f39f517d0961de46de972fce3801fdfdc8_amd64",
"8Base-CNV-2.6:container-native-virtualization/vm-import-controller@sha256:ad9c84b90577d32229b803f7b8d014f39f517d0961de46de972fce3801fdfdc8_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: math/big: panic during recursive division of very large numbers"
},
{
"cve": "CVE-2020-29652",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"discovery_date": "2020-12-17T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1908883"
}
],
"notes": [
{
"category": "description",
"text": "A null pointer dereference vulnerability was found in golang. When using the library\u0027s ssh server without specifying an option for GSSAPIWithMICConfig, it is possible for an attacker to craft an ssh client connection using the `gssapi-with-mic` authentication method and cause the server to panic resulting in a denial of service. The highest threat from this vulnerability is to system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: crypto/ssh: crafted authentication request can lead to nil pointer dereference",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "A large number of products include the affected package, but do not make use of the vulnerable SSH server code. Accordingly, the flaw itself is rated as \"Important\", but these products themselves all have a \"Low\" severity rating.\n\nAdditionally, a number of products include golang.org/x/crypto (or even golang.org/x/crypto/ssh/terminal) but not specifically golang.org/x/crypto/ssh/server.go in the final build. As this would result in a very large number of entries of not affected products, only products which include the ssh server code (golang.org/x/crypto/ssh/server.go) have been represented here. \n\nRed Hat Enterprise Linux 8 container-tools:rhel8/containernetworking-plugins is not affected because although it uses some functionality from golang.org/x/crypto, it does not use or import anything from golang.org/x/crypto/ssh/*.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-CNV-2.6:container-native-virtualization/kubevirt-cpu-model-nfd-plugin@sha256:efb152ddc837945aad0163f96c9668cbb8271c2b14716b9fef5b798c27efbe48_amd64",
"8Base-CNV-2.6:container-native-virtualization/kubevirt-cpu-node-labeller@sha256:2b78b4854b18e53e388d2d30bf68803e39f8fbc9a0b3713885081af25abfb3f1_amd64",
"8Base-CNV-2.6:container-native-virtualization/kubevirt-kvm-info-nfd-plugin@sha256:2dcf59515b784d6decf484c1d756d5ddf4b65a38e78800a76ef1dab51020e553_amd64",
"8Base-CNV-2.6:container-native-virtualization/vm-import-controller-rhel8@sha256:ad9c84b90577d32229b803f7b8d014f39f517d0961de46de972fce3801fdfdc8_amd64",
"8Base-CNV-2.6:container-native-virtualization/vm-import-controller@sha256:ad9c84b90577d32229b803f7b8d014f39f517d0961de46de972fce3801fdfdc8_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-29652"
},
{
"category": "external",
"summary": "RHBZ#1908883",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1908883"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-29652",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-29652"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-29652",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-29652"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/ouZIlBimOsE?pli=1",
"url": "https://groups.google.com/g/golang-announce/c/ouZIlBimOsE?pli=1"
}
],
"release_date": "2020-12-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-03-10T11:41:12+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-CNV-2.6:container-native-virtualization/kubevirt-cpu-model-nfd-plugin@sha256:efb152ddc837945aad0163f96c9668cbb8271c2b14716b9fef5b798c27efbe48_amd64",
"8Base-CNV-2.6:container-native-virtualization/kubevirt-cpu-node-labeller@sha256:2b78b4854b18e53e388d2d30bf68803e39f8fbc9a0b3713885081af25abfb3f1_amd64",
"8Base-CNV-2.6:container-native-virtualization/kubevirt-kvm-info-nfd-plugin@sha256:2dcf59515b784d6decf484c1d756d5ddf4b65a38e78800a76ef1dab51020e553_amd64",
"8Base-CNV-2.6:container-native-virtualization/vm-import-controller-rhel8@sha256:ad9c84b90577d32229b803f7b8d014f39f517d0961de46de972fce3801fdfdc8_amd64",
"8Base-CNV-2.6:container-native-virtualization/vm-import-controller@sha256:ad9c84b90577d32229b803f7b8d014f39f517d0961de46de972fce3801fdfdc8_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:0799"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-CNV-2.6:container-native-virtualization/kubevirt-cpu-model-nfd-plugin@sha256:efb152ddc837945aad0163f96c9668cbb8271c2b14716b9fef5b798c27efbe48_amd64",
"8Base-CNV-2.6:container-native-virtualization/kubevirt-cpu-node-labeller@sha256:2b78b4854b18e53e388d2d30bf68803e39f8fbc9a0b3713885081af25abfb3f1_amd64",
"8Base-CNV-2.6:container-native-virtualization/kubevirt-kvm-info-nfd-plugin@sha256:2dcf59515b784d6decf484c1d756d5ddf4b65a38e78800a76ef1dab51020e553_amd64",
"8Base-CNV-2.6:container-native-virtualization/vm-import-controller-rhel8@sha256:ad9c84b90577d32229b803f7b8d014f39f517d0961de46de972fce3801fdfdc8_amd64",
"8Base-CNV-2.6:container-native-virtualization/vm-import-controller@sha256:ad9c84b90577d32229b803f7b8d014f39f517d0961de46de972fce3801fdfdc8_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang: crypto/ssh: crafted authentication request can lead to nil pointer dereference"
},
{
"cve": "CVE-2021-3121",
"cwe": {
"id": "CWE-129",
"name": "Improper Validation of Array Index"
},
"discovery_date": "2021-01-28T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1921650"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in github.com/gogo/protobuf before 1.3.2 that allows an out-of-bounds access when unmarshalling certain protobuf objects. This flaw allows a remote attacker to send crafted protobuf messages, causing panic and resulting in a denial of service. The highest threat from this vulnerability is to availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "gogo/protobuf: plugin/unmarshal/unmarshal.go lacks certain index validation",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "OpenShift Container Platform (OCP), OpenShift ServiceMesh (OSSM) and Red Hat OpenShift Jaeger (RHOSJ) all include code generated by github.com/gogo/protobuf to parse protobuf messages. However, no component is known to accept protobuf messages from unauthenticated sources, hence this vulnerability is rated Moderate for OCP, OSSM and RHOSJ.\n\nOpenShift Virtualization includes code generated by github.com/gogo/protobuf to parse protobuf messages. However, no component of OpenShift Virtualization is known to accept protobuf messages from unauthenticated sources, hence this vulnerability is rated Moderate.\n\nRed Hat Advanced Cluster Management for Kubernetes (RHACM) includes code generated by github.com/gogo/protobuf to parse protobuf messages. However, no RHACM component is accepting protobuf messages from unauthenticated sources and are used with a limited scope, hence this vulnerability is rated Moderate for RHACM.\n\nRed Hat Cluster Application Migration (CAM) includes code generated by github.com/gogo/protobuf to parse protobuf messages. However, no CAM component is known to accept protobuf messages from unauthenticated sources, hence this vulnerability is rated Moderate for CAM.\n\nCryostat-2 is affected as it does ship gogo/protobuf library with it\u0027s distribution but the only use for Protobuf would be the Kubernetes/OpenShift API server the operator communicates with and it should be authenticated hence it is affected with Moderate impact.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-CNV-2.6:container-native-virtualization/kubevirt-cpu-model-nfd-plugin@sha256:efb152ddc837945aad0163f96c9668cbb8271c2b14716b9fef5b798c27efbe48_amd64",
"8Base-CNV-2.6:container-native-virtualization/kubevirt-cpu-node-labeller@sha256:2b78b4854b18e53e388d2d30bf68803e39f8fbc9a0b3713885081af25abfb3f1_amd64",
"8Base-CNV-2.6:container-native-virtualization/kubevirt-kvm-info-nfd-plugin@sha256:2dcf59515b784d6decf484c1d756d5ddf4b65a38e78800a76ef1dab51020e553_amd64",
"8Base-CNV-2.6:container-native-virtualization/vm-import-controller-rhel8@sha256:ad9c84b90577d32229b803f7b8d014f39f517d0961de46de972fce3801fdfdc8_amd64",
"8Base-CNV-2.6:container-native-virtualization/vm-import-controller@sha256:ad9c84b90577d32229b803f7b8d014f39f517d0961de46de972fce3801fdfdc8_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-3121"
},
{
"category": "external",
"summary": "RHBZ#1921650",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1921650"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-3121",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3121"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-3121",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-3121"
}
],
"release_date": "2021-01-11T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-03-10T11:41:12+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-CNV-2.6:container-native-virtualization/kubevirt-cpu-model-nfd-plugin@sha256:efb152ddc837945aad0163f96c9668cbb8271c2b14716b9fef5b798c27efbe48_amd64",
"8Base-CNV-2.6:container-native-virtualization/kubevirt-cpu-node-labeller@sha256:2b78b4854b18e53e388d2d30bf68803e39f8fbc9a0b3713885081af25abfb3f1_amd64",
"8Base-CNV-2.6:container-native-virtualization/kubevirt-kvm-info-nfd-plugin@sha256:2dcf59515b784d6decf484c1d756d5ddf4b65a38e78800a76ef1dab51020e553_amd64",
"8Base-CNV-2.6:container-native-virtualization/vm-import-controller-rhel8@sha256:ad9c84b90577d32229b803f7b8d014f39f517d0961de46de972fce3801fdfdc8_amd64",
"8Base-CNV-2.6:container-native-virtualization/vm-import-controller@sha256:ad9c84b90577d32229b803f7b8d014f39f517d0961de46de972fce3801fdfdc8_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:0799"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"8Base-CNV-2.6:container-native-virtualization/kubevirt-cpu-model-nfd-plugin@sha256:efb152ddc837945aad0163f96c9668cbb8271c2b14716b9fef5b798c27efbe48_amd64",
"8Base-CNV-2.6:container-native-virtualization/kubevirt-cpu-node-labeller@sha256:2b78b4854b18e53e388d2d30bf68803e39f8fbc9a0b3713885081af25abfb3f1_amd64",
"8Base-CNV-2.6:container-native-virtualization/kubevirt-kvm-info-nfd-plugin@sha256:2dcf59515b784d6decf484c1d756d5ddf4b65a38e78800a76ef1dab51020e553_amd64",
"8Base-CNV-2.6:container-native-virtualization/vm-import-controller-rhel8@sha256:ad9c84b90577d32229b803f7b8d014f39f517d0961de46de972fce3801fdfdc8_amd64",
"8Base-CNV-2.6:container-native-virtualization/vm-import-controller@sha256:ad9c84b90577d32229b803f7b8d014f39f517d0961de46de972fce3801fdfdc8_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "gogo/protobuf: plugin/unmarshal/unmarshal.go lacks certain index validation"
},
{
"acknowledgments": [
{
"names": [
"Casey Callendrello"
],
"organization": "Red Hat",
"summary": "This issue was discovered by Red Hat."
}
],
"cve": "CVE-2021-20206",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"discovery_date": "2021-01-22T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1919391"
}
],
"notes": [
{
"category": "description",
"text": "An improper limitation of path name flaw was found in containernetworking/cni. When specifying the plugin to load in the `type` field in the network configuration, it is possible to use special elements such as \"../\" separators to reference binaries elsewhere on the system. This flaw allows an attacker to execute other existing binaries other than the cni plugins/types, such as `reboot`. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "containernetworking-cni: Arbitrary path injection via type field in CNI configuration",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "OpenShift ServiceMesh (OSSM) does package a vulnerable version of containernetworking/cni, however, the NetworkDefinitionAttachment is defined in code and cannot be easily changed except through a user who has access to the operator namespace such as cluster-admin. As such, for OSSM, the impact is Moderate.\n\nThe fix for podman was released as a part of OpenShift 4.8 and is included in future releases.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-CNV-2.6:container-native-virtualization/kubevirt-cpu-model-nfd-plugin@sha256:efb152ddc837945aad0163f96c9668cbb8271c2b14716b9fef5b798c27efbe48_amd64",
"8Base-CNV-2.6:container-native-virtualization/kubevirt-cpu-node-labeller@sha256:2b78b4854b18e53e388d2d30bf68803e39f8fbc9a0b3713885081af25abfb3f1_amd64",
"8Base-CNV-2.6:container-native-virtualization/kubevirt-kvm-info-nfd-plugin@sha256:2dcf59515b784d6decf484c1d756d5ddf4b65a38e78800a76ef1dab51020e553_amd64",
"8Base-CNV-2.6:container-native-virtualization/vm-import-controller-rhel8@sha256:ad9c84b90577d32229b803f7b8d014f39f517d0961de46de972fce3801fdfdc8_amd64",
"8Base-CNV-2.6:container-native-virtualization/vm-import-controller@sha256:ad9c84b90577d32229b803f7b8d014f39f517d0961de46de972fce3801fdfdc8_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-20206"
},
{
"category": "external",
"summary": "RHBZ#1919391",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1919391"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-20206",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20206"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-20206",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-20206"
}
],
"release_date": "2021-02-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-03-10T11:41:12+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-CNV-2.6:container-native-virtualization/kubevirt-cpu-model-nfd-plugin@sha256:efb152ddc837945aad0163f96c9668cbb8271c2b14716b9fef5b798c27efbe48_amd64",
"8Base-CNV-2.6:container-native-virtualization/kubevirt-cpu-node-labeller@sha256:2b78b4854b18e53e388d2d30bf68803e39f8fbc9a0b3713885081af25abfb3f1_amd64",
"8Base-CNV-2.6:container-native-virtualization/kubevirt-kvm-info-nfd-plugin@sha256:2dcf59515b784d6decf484c1d756d5ddf4b65a38e78800a76ef1dab51020e553_amd64",
"8Base-CNV-2.6:container-native-virtualization/vm-import-controller-rhel8@sha256:ad9c84b90577d32229b803f7b8d014f39f517d0961de46de972fce3801fdfdc8_amd64",
"8Base-CNV-2.6:container-native-virtualization/vm-import-controller@sha256:ad9c84b90577d32229b803f7b8d014f39f517d0961de46de972fce3801fdfdc8_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:0799"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-CNV-2.6:container-native-virtualization/kubevirt-cpu-model-nfd-plugin@sha256:efb152ddc837945aad0163f96c9668cbb8271c2b14716b9fef5b798c27efbe48_amd64",
"8Base-CNV-2.6:container-native-virtualization/kubevirt-cpu-node-labeller@sha256:2b78b4854b18e53e388d2d30bf68803e39f8fbc9a0b3713885081af25abfb3f1_amd64",
"8Base-CNV-2.6:container-native-virtualization/kubevirt-kvm-info-nfd-plugin@sha256:2dcf59515b784d6decf484c1d756d5ddf4b65a38e78800a76ef1dab51020e553_amd64",
"8Base-CNV-2.6:container-native-virtualization/vm-import-controller-rhel8@sha256:ad9c84b90577d32229b803f7b8d014f39f517d0961de46de972fce3801fdfdc8_amd64",
"8Base-CNV-2.6:container-native-virtualization/vm-import-controller@sha256:ad9c84b90577d32229b803f7b8d014f39f517d0961de46de972fce3801fdfdc8_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "containernetworking-cni: Arbitrary path injection via type field in CNI configuration"
}
]
}
RHSA-2021:0956
Vulnerability from csaf_redhat - Published: 2021-03-30 16:48 - Updated: 2026-04-30 16:09Summary
Red Hat Security Advisory: OpenShift Container Platform 4.6.23 security update
Severity
Low
Notes
Topic: Red Hat OpenShift Container Platform release 4.6.23 is now available with
updates to packages and images that fix several bugs and add enhancements.
Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: ed Hat OpenShift Container Platform is Red Hat's cloud computing
Kubernetes application platform solution designed for on-premise or private
cloud deployments.
This advisory contains the RPM packages for Red Hat OpenShift Container
Platform 4.6.23. See the following advisory for the container images for
this release:
https://access.redhat.com/errata/RHBA-2021:0952
All OpenShift Container Platform 4.6 users are advised to upgrade to these
updated packages and images when they are available in the appropriate
release channel. To check for available updates, use the OpenShift Console
or the CLI oc command. Instructions for upgrading a cluster are available
at
https://docs.openshift.com/container-platform/4.6/updating/updating-cluster
-between-minor.html#understanding-upgrade-channels_updating-cluster-between
-minor.
Security Fix(es):
* golang: data race in certain net/http servers including ReverseProxy can lead to DoS (CVE-2020-15586)
* golang: ReadUvarint and ReadVarint can read an unlimited number of bytes from invalid inputs (CVE-2020-16845)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found Go's net/http package. Servers using ReverseProxy from net/http in the Go standard library are vulnerable to a data race that results in a denial of service. The highest threat from this vulnerability is to system availability.
5.9 (Medium)
Affected products
Fixed
10 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHOSE-4.6:openshift-eventrouter-0:0.2-6.git7c289cc.el8.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.6:openshift-eventrouter-0:0.2-6.git7c289cc.el8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.6:openshift-eventrouter-0:0.2-6.git7c289cc.el8.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.6:openshift-eventrouter-0:0.2-6.git7c289cc.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.6:openshift-eventrouter-debuginfo-0:0.2-6.git7c289cc.el8.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.6:openshift-eventrouter-debuginfo-0:0.2-6.git7c289cc.el8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.6:openshift-eventrouter-debuginfo-0:0.2-6.git7c289cc.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.6:openshift-eventrouter-debugsource-0:0.2-6.git7c289cc.el8.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.6:openshift-eventrouter-debugsource-0:0.2-6.git7c289cc.el8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.6:openshift-eventrouter-debugsource-0:0.2-6.git7c289cc.el8.x86_64 | — |
Vendor Fix
fix
|
Known not affected
22 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 7Server-RH7-RHOSE-4.6:openshift-0:4.6.0-202103210832.p0.git.94284.834ccc7.el7.src | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.6:openshift-ansible-0:4.6.0-202103192141.p0.git.0.d1b612b.el7.noarch | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.6:openshift-ansible-0:4.6.0-202103192141.p0.git.0.d1b612b.el7.src | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.6:openshift-ansible-test-0:4.6.0-202103192141.p0.git.0.d1b612b.el7.noarch | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.6:openshift-clients-0:4.6.0-202103200039.p0.git.3841.3e951a5.el7.src | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.6:openshift-clients-0:4.6.0-202103200039.p0.git.3841.3e951a5.el7.x86_64 | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.6:openshift-clients-redistributable-0:4.6.0-202103200039.p0.git.3841.3e951a5.el7.x86_64 | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.6:openshift-hyperkube-0:4.6.0-202103210832.p0.git.94284.834ccc7.el7.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.6:openshift-0:4.6.0-202103210832.p0.git.94284.834ccc7.el8.src | — | ||
| Unresolved product id: 8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202103200039.p0.git.3841.3e951a5.el8.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202103200039.p0.git.3841.3e951a5.el8.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202103200039.p0.git.3841.3e951a5.el8.src | — | ||
| Unresolved product id: 8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202103200039.p0.git.3841.3e951a5.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.6:openshift-clients-redistributable-0:4.6.0-202103200039.p0.git.3841.3e951a5.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.6:openshift-hyperkube-0:4.6.0-202103210832.p0.git.94284.834ccc7.el8.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.6:openshift-hyperkube-0:4.6.0-202103210832.p0.git.94284.834ccc7.el8.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.6:openshift-hyperkube-0:4.6.0-202103210832.p0.git.94284.834ccc7.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.6:openshift-kuryr-0:4.6.0-202103192141.p0.git.2234.cba9525.el8.src | — | ||
| Unresolved product id: 8Base-RHOSE-4.6:openshift-kuryr-cni-0:4.6.0-202103192141.p0.git.2234.cba9525.el8.noarch | — | ||
| Unresolved product id: 8Base-RHOSE-4.6:openshift-kuryr-common-0:4.6.0-202103192141.p0.git.2234.cba9525.el8.noarch | — | ||
| Unresolved product id: 8Base-RHOSE-4.6:openshift-kuryr-controller-0:4.6.0-202103192141.p0.git.2234.cba9525.el8.noarch | — | ||
| Unresolved product id: 8Base-RHOSE-4.6:python3-kuryr-kubernetes-0:4.6.0-202103192141.p0.git.2234.cba9525.el8.noarch | — |
Threats
Impact
Low
A flaw was found in the Go encoding/binary package. Certain invalid inputs to the ReadUvarint or the ReadVarint causes those functions to read an unlimited number of bytes from the ByteReader argument before returning an error. This flaw possibly leads to processing more input than expected. The highest threat from this vulnerability is to system availability.
7.5 (High)
Affected products
Fixed
10 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHOSE-4.6:openshift-eventrouter-0:0.2-6.git7c289cc.el8.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.6:openshift-eventrouter-0:0.2-6.git7c289cc.el8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.6:openshift-eventrouter-0:0.2-6.git7c289cc.el8.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.6:openshift-eventrouter-0:0.2-6.git7c289cc.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.6:openshift-eventrouter-debuginfo-0:0.2-6.git7c289cc.el8.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.6:openshift-eventrouter-debuginfo-0:0.2-6.git7c289cc.el8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.6:openshift-eventrouter-debuginfo-0:0.2-6.git7c289cc.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.6:openshift-eventrouter-debugsource-0:0.2-6.git7c289cc.el8.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.6:openshift-eventrouter-debugsource-0:0.2-6.git7c289cc.el8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.6:openshift-eventrouter-debugsource-0:0.2-6.git7c289cc.el8.x86_64 | — |
Vendor Fix
fix
|
Known not affected
22 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 7Server-RH7-RHOSE-4.6:openshift-0:4.6.0-202103210832.p0.git.94284.834ccc7.el7.src | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.6:openshift-ansible-0:4.6.0-202103192141.p0.git.0.d1b612b.el7.noarch | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.6:openshift-ansible-0:4.6.0-202103192141.p0.git.0.d1b612b.el7.src | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.6:openshift-ansible-test-0:4.6.0-202103192141.p0.git.0.d1b612b.el7.noarch | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.6:openshift-clients-0:4.6.0-202103200039.p0.git.3841.3e951a5.el7.src | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.6:openshift-clients-0:4.6.0-202103200039.p0.git.3841.3e951a5.el7.x86_64 | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.6:openshift-clients-redistributable-0:4.6.0-202103200039.p0.git.3841.3e951a5.el7.x86_64 | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.6:openshift-hyperkube-0:4.6.0-202103210832.p0.git.94284.834ccc7.el7.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.6:openshift-0:4.6.0-202103210832.p0.git.94284.834ccc7.el8.src | — | ||
| Unresolved product id: 8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202103200039.p0.git.3841.3e951a5.el8.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202103200039.p0.git.3841.3e951a5.el8.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202103200039.p0.git.3841.3e951a5.el8.src | — | ||
| Unresolved product id: 8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202103200039.p0.git.3841.3e951a5.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.6:openshift-clients-redistributable-0:4.6.0-202103200039.p0.git.3841.3e951a5.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.6:openshift-hyperkube-0:4.6.0-202103210832.p0.git.94284.834ccc7.el8.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.6:openshift-hyperkube-0:4.6.0-202103210832.p0.git.94284.834ccc7.el8.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.6:openshift-hyperkube-0:4.6.0-202103210832.p0.git.94284.834ccc7.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.6:openshift-kuryr-0:4.6.0-202103192141.p0.git.2234.cba9525.el8.src | — | ||
| Unresolved product id: 8Base-RHOSE-4.6:openshift-kuryr-cni-0:4.6.0-202103192141.p0.git.2234.cba9525.el8.noarch | — | ||
| Unresolved product id: 8Base-RHOSE-4.6:openshift-kuryr-common-0:4.6.0-202103192141.p0.git.2234.cba9525.el8.noarch | — | ||
| Unresolved product id: 8Base-RHOSE-4.6:openshift-kuryr-controller-0:4.6.0-202103192141.p0.git.2234.cba9525.el8.noarch | — | ||
| Unresolved product id: 8Base-RHOSE-4.6:python3-kuryr-kubernetes-0:4.6.0-202103192141.p0.git.2234.cba9525.el8.noarch | — |
Threats
Impact
Low
A flaw was found in the math/big package of Go's standard library that causes a denial of service. Applications written in Go that use math/big via cryptographic packages, including crypto/rsa and crypto/x509, are vulnerable and can potentially cause panic via a crafted certificate chain. The highest threat from this vulnerability is to system availability.
7.5 (High)
Affected products
Fixed
10 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHOSE-4.6:openshift-eventrouter-0:0.2-6.git7c289cc.el8.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.6:openshift-eventrouter-0:0.2-6.git7c289cc.el8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.6:openshift-eventrouter-0:0.2-6.git7c289cc.el8.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.6:openshift-eventrouter-0:0.2-6.git7c289cc.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.6:openshift-eventrouter-debuginfo-0:0.2-6.git7c289cc.el8.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.6:openshift-eventrouter-debuginfo-0:0.2-6.git7c289cc.el8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.6:openshift-eventrouter-debuginfo-0:0.2-6.git7c289cc.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.6:openshift-eventrouter-debugsource-0:0.2-6.git7c289cc.el8.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.6:openshift-eventrouter-debugsource-0:0.2-6.git7c289cc.el8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.6:openshift-eventrouter-debugsource-0:0.2-6.git7c289cc.el8.x86_64 | — |
Vendor Fix
fix
|
Known not affected
22 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 7Server-RH7-RHOSE-4.6:openshift-0:4.6.0-202103210832.p0.git.94284.834ccc7.el7.src | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.6:openshift-ansible-0:4.6.0-202103192141.p0.git.0.d1b612b.el7.noarch | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.6:openshift-ansible-0:4.6.0-202103192141.p0.git.0.d1b612b.el7.src | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.6:openshift-ansible-test-0:4.6.0-202103192141.p0.git.0.d1b612b.el7.noarch | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.6:openshift-clients-0:4.6.0-202103200039.p0.git.3841.3e951a5.el7.src | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.6:openshift-clients-0:4.6.0-202103200039.p0.git.3841.3e951a5.el7.x86_64 | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.6:openshift-clients-redistributable-0:4.6.0-202103200039.p0.git.3841.3e951a5.el7.x86_64 | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.6:openshift-hyperkube-0:4.6.0-202103210832.p0.git.94284.834ccc7.el7.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.6:openshift-0:4.6.0-202103210832.p0.git.94284.834ccc7.el8.src | — | ||
| Unresolved product id: 8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202103200039.p0.git.3841.3e951a5.el8.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202103200039.p0.git.3841.3e951a5.el8.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202103200039.p0.git.3841.3e951a5.el8.src | — | ||
| Unresolved product id: 8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202103200039.p0.git.3841.3e951a5.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.6:openshift-clients-redistributable-0:4.6.0-202103200039.p0.git.3841.3e951a5.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.6:openshift-hyperkube-0:4.6.0-202103210832.p0.git.94284.834ccc7.el8.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.6:openshift-hyperkube-0:4.6.0-202103210832.p0.git.94284.834ccc7.el8.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.6:openshift-hyperkube-0:4.6.0-202103210832.p0.git.94284.834ccc7.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.6:openshift-kuryr-0:4.6.0-202103192141.p0.git.2234.cba9525.el8.src | — | ||
| Unresolved product id: 8Base-RHOSE-4.6:openshift-kuryr-cni-0:4.6.0-202103192141.p0.git.2234.cba9525.el8.noarch | — | ||
| Unresolved product id: 8Base-RHOSE-4.6:openshift-kuryr-common-0:4.6.0-202103192141.p0.git.2234.cba9525.el8.noarch | — | ||
| Unresolved product id: 8Base-RHOSE-4.6:openshift-kuryr-controller-0:4.6.0-202103192141.p0.git.2234.cba9525.el8.noarch | — | ||
| Unresolved product id: 8Base-RHOSE-4.6:python3-kuryr-kubernetes-0:4.6.0-202103192141.p0.git.2234.cba9525.el8.noarch | — |
Threats
Impact
Moderate
References
20 references
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Low"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Red Hat OpenShift Container Platform release 4.6.23 is now available with\nupdates to packages and images that fix several bugs and add enhancements.\n\nRed Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "ed Hat OpenShift Container Platform is Red Hat\u0027s cloud computing\nKubernetes application platform solution designed for on-premise or private\ncloud deployments.\n\nThis advisory contains the RPM packages for Red Hat OpenShift Container\nPlatform 4.6.23. See the following advisory for the container images for\nthis release:\n\nhttps://access.redhat.com/errata/RHBA-2021:0952\n\nAll OpenShift Container Platform 4.6 users are advised to upgrade to these\nupdated packages and images when they are available in the appropriate\nrelease channel. To check for available updates, use the OpenShift Console\nor the CLI oc command. Instructions for upgrading a cluster are available\nat\nhttps://docs.openshift.com/container-platform/4.6/updating/updating-cluster\n-between-minor.html#understanding-upgrade-channels_updating-cluster-between\n-minor.\n\nSecurity Fix(es):\n\n* golang: data race in certain net/http servers including ReverseProxy can lead to DoS (CVE-2020-15586)\n\n* golang: ReadUvarint and ReadVarint can read an unlimited number of bytes from invalid inputs (CVE-2020-16845)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2021:0956",
"url": "https://access.redhat.com/errata/RHSA-2021:0956"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#low",
"url": "https://access.redhat.com/security/updates/classification/#low"
},
{
"category": "external",
"summary": "1856953",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1856953"
},
{
"category": "external",
"summary": "1867099",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1867099"
},
{
"category": "external",
"summary": "1941433",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1941433"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2021/rhsa-2021_0956.json"
}
],
"title": "Red Hat Security Advisory: OpenShift Container Platform 4.6.23 security update",
"tracking": {
"current_release_date": "2026-04-30T16:09:22+00:00",
"generator": {
"date": "2026-04-30T16:09:22+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.7.7"
}
},
"id": "RHSA-2021:0956",
"initial_release_date": "2021-03-30T16:48:30+00:00",
"revision_history": [
{
"date": "2021-03-30T16:48:30+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2021-03-30T16:48:30+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-04-30T16:09:22+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat OpenShift Container Platform 4.6",
"product": {
"name": "Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift:4.6::el8"
}
}
},
{
"category": "product_name",
"name": "Red Hat OpenShift Container Platform 4.6",
"product": {
"name": "Red Hat OpenShift Container Platform 4.6",
"product_id": "7Server-RH7-RHOSE-4.6",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift:4.6::el7"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenShift Enterprise"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-clients-0:4.6.0-202103200039.p0.git.3841.3e951a5.el8.src",
"product": {
"name": "openshift-clients-0:4.6.0-202103200039.p0.git.3841.3e951a5.el8.src",
"product_id": "openshift-clients-0:4.6.0-202103200039.p0.git.3841.3e951a5.el8.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-clients@4.6.0-202103200039.p0.git.3841.3e951a5.el8?arch=src"
}
}
},
{
"category": "product_version",
"name": "openshift-kuryr-0:4.6.0-202103192141.p0.git.2234.cba9525.el8.src",
"product": {
"name": "openshift-kuryr-0:4.6.0-202103192141.p0.git.2234.cba9525.el8.src",
"product_id": "openshift-kuryr-0:4.6.0-202103192141.p0.git.2234.cba9525.el8.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-kuryr@4.6.0-202103192141.p0.git.2234.cba9525.el8?arch=src"
}
}
},
{
"category": "product_version",
"name": "openshift-0:4.6.0-202103210832.p0.git.94284.834ccc7.el8.src",
"product": {
"name": "openshift-0:4.6.0-202103210832.p0.git.94284.834ccc7.el8.src",
"product_id": "openshift-0:4.6.0-202103210832.p0.git.94284.834ccc7.el8.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift@4.6.0-202103210832.p0.git.94284.834ccc7.el8?arch=src"
}
}
},
{
"category": "product_version",
"name": "openshift-eventrouter-0:0.2-6.git7c289cc.el8.src",
"product": {
"name": "openshift-eventrouter-0:0.2-6.git7c289cc.el8.src",
"product_id": "openshift-eventrouter-0:0.2-6.git7c289cc.el8.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-eventrouter@0.2-6.git7c289cc.el8?arch=src"
}
}
},
{
"category": "product_version",
"name": "openshift-0:4.6.0-202103210832.p0.git.94284.834ccc7.el7.src",
"product": {
"name": "openshift-0:4.6.0-202103210832.p0.git.94284.834ccc7.el7.src",
"product_id": "openshift-0:4.6.0-202103210832.p0.git.94284.834ccc7.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift@4.6.0-202103210832.p0.git.94284.834ccc7.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "openshift-ansible-0:4.6.0-202103192141.p0.git.0.d1b612b.el7.src",
"product": {
"name": "openshift-ansible-0:4.6.0-202103192141.p0.git.0.d1b612b.el7.src",
"product_id": "openshift-ansible-0:4.6.0-202103192141.p0.git.0.d1b612b.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-ansible@4.6.0-202103192141.p0.git.0.d1b612b.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "openshift-clients-0:4.6.0-202103200039.p0.git.3841.3e951a5.el7.src",
"product": {
"name": "openshift-clients-0:4.6.0-202103200039.p0.git.3841.3e951a5.el7.src",
"product_id": "openshift-clients-0:4.6.0-202103200039.p0.git.3841.3e951a5.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-clients@4.6.0-202103200039.p0.git.3841.3e951a5.el7?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-clients-0:4.6.0-202103200039.p0.git.3841.3e951a5.el8.x86_64",
"product": {
"name": "openshift-clients-0:4.6.0-202103200039.p0.git.3841.3e951a5.el8.x86_64",
"product_id": "openshift-clients-0:4.6.0-202103200039.p0.git.3841.3e951a5.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-clients@4.6.0-202103200039.p0.git.3841.3e951a5.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "openshift-clients-redistributable-0:4.6.0-202103200039.p0.git.3841.3e951a5.el8.x86_64",
"product": {
"name": "openshift-clients-redistributable-0:4.6.0-202103200039.p0.git.3841.3e951a5.el8.x86_64",
"product_id": "openshift-clients-redistributable-0:4.6.0-202103200039.p0.git.3841.3e951a5.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-clients-redistributable@4.6.0-202103200039.p0.git.3841.3e951a5.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "openshift-hyperkube-0:4.6.0-202103210832.p0.git.94284.834ccc7.el8.x86_64",
"product": {
"name": "openshift-hyperkube-0:4.6.0-202103210832.p0.git.94284.834ccc7.el8.x86_64",
"product_id": "openshift-hyperkube-0:4.6.0-202103210832.p0.git.94284.834ccc7.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-hyperkube@4.6.0-202103210832.p0.git.94284.834ccc7.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "openshift-eventrouter-0:0.2-6.git7c289cc.el8.x86_64",
"product": {
"name": "openshift-eventrouter-0:0.2-6.git7c289cc.el8.x86_64",
"product_id": "openshift-eventrouter-0:0.2-6.git7c289cc.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-eventrouter@0.2-6.git7c289cc.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "openshift-eventrouter-debugsource-0:0.2-6.git7c289cc.el8.x86_64",
"product": {
"name": "openshift-eventrouter-debugsource-0:0.2-6.git7c289cc.el8.x86_64",
"product_id": "openshift-eventrouter-debugsource-0:0.2-6.git7c289cc.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-eventrouter-debugsource@0.2-6.git7c289cc.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "openshift-eventrouter-debuginfo-0:0.2-6.git7c289cc.el8.x86_64",
"product": {
"name": "openshift-eventrouter-debuginfo-0:0.2-6.git7c289cc.el8.x86_64",
"product_id": "openshift-eventrouter-debuginfo-0:0.2-6.git7c289cc.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-eventrouter-debuginfo@0.2-6.git7c289cc.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "openshift-hyperkube-0:4.6.0-202103210832.p0.git.94284.834ccc7.el7.x86_64",
"product": {
"name": "openshift-hyperkube-0:4.6.0-202103210832.p0.git.94284.834ccc7.el7.x86_64",
"product_id": "openshift-hyperkube-0:4.6.0-202103210832.p0.git.94284.834ccc7.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-hyperkube@4.6.0-202103210832.p0.git.94284.834ccc7.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "openshift-clients-0:4.6.0-202103200039.p0.git.3841.3e951a5.el7.x86_64",
"product": {
"name": "openshift-clients-0:4.6.0-202103200039.p0.git.3841.3e951a5.el7.x86_64",
"product_id": "openshift-clients-0:4.6.0-202103200039.p0.git.3841.3e951a5.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-clients@4.6.0-202103200039.p0.git.3841.3e951a5.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "openshift-clients-redistributable-0:4.6.0-202103200039.p0.git.3841.3e951a5.el7.x86_64",
"product": {
"name": "openshift-clients-redistributable-0:4.6.0-202103200039.p0.git.3841.3e951a5.el7.x86_64",
"product_id": "openshift-clients-redistributable-0:4.6.0-202103200039.p0.git.3841.3e951a5.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-clients-redistributable@4.6.0-202103200039.p0.git.3841.3e951a5.el7?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-clients-0:4.6.0-202103200039.p0.git.3841.3e951a5.el8.ppc64le",
"product": {
"name": "openshift-clients-0:4.6.0-202103200039.p0.git.3841.3e951a5.el8.ppc64le",
"product_id": "openshift-clients-0:4.6.0-202103200039.p0.git.3841.3e951a5.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-clients@4.6.0-202103200039.p0.git.3841.3e951a5.el8?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "openshift-hyperkube-0:4.6.0-202103210832.p0.git.94284.834ccc7.el8.ppc64le",
"product": {
"name": "openshift-hyperkube-0:4.6.0-202103210832.p0.git.94284.834ccc7.el8.ppc64le",
"product_id": "openshift-hyperkube-0:4.6.0-202103210832.p0.git.94284.834ccc7.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-hyperkube@4.6.0-202103210832.p0.git.94284.834ccc7.el8?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "openshift-eventrouter-0:0.2-6.git7c289cc.el8.ppc64le",
"product": {
"name": "openshift-eventrouter-0:0.2-6.git7c289cc.el8.ppc64le",
"product_id": "openshift-eventrouter-0:0.2-6.git7c289cc.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-eventrouter@0.2-6.git7c289cc.el8?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "openshift-eventrouter-debugsource-0:0.2-6.git7c289cc.el8.ppc64le",
"product": {
"name": "openshift-eventrouter-debugsource-0:0.2-6.git7c289cc.el8.ppc64le",
"product_id": "openshift-eventrouter-debugsource-0:0.2-6.git7c289cc.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-eventrouter-debugsource@0.2-6.git7c289cc.el8?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "openshift-eventrouter-debuginfo-0:0.2-6.git7c289cc.el8.ppc64le",
"product": {
"name": "openshift-eventrouter-debuginfo-0:0.2-6.git7c289cc.el8.ppc64le",
"product_id": "openshift-eventrouter-debuginfo-0:0.2-6.git7c289cc.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-eventrouter-debuginfo@0.2-6.git7c289cc.el8?arch=ppc64le"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-clients-0:4.6.0-202103200039.p0.git.3841.3e951a5.el8.s390x",
"product": {
"name": "openshift-clients-0:4.6.0-202103200039.p0.git.3841.3e951a5.el8.s390x",
"product_id": "openshift-clients-0:4.6.0-202103200039.p0.git.3841.3e951a5.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-clients@4.6.0-202103200039.p0.git.3841.3e951a5.el8?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "openshift-hyperkube-0:4.6.0-202103210832.p0.git.94284.834ccc7.el8.s390x",
"product": {
"name": "openshift-hyperkube-0:4.6.0-202103210832.p0.git.94284.834ccc7.el8.s390x",
"product_id": "openshift-hyperkube-0:4.6.0-202103210832.p0.git.94284.834ccc7.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-hyperkube@4.6.0-202103210832.p0.git.94284.834ccc7.el8?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "openshift-eventrouter-0:0.2-6.git7c289cc.el8.s390x",
"product": {
"name": "openshift-eventrouter-0:0.2-6.git7c289cc.el8.s390x",
"product_id": "openshift-eventrouter-0:0.2-6.git7c289cc.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-eventrouter@0.2-6.git7c289cc.el8?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "openshift-eventrouter-debugsource-0:0.2-6.git7c289cc.el8.s390x",
"product": {
"name": "openshift-eventrouter-debugsource-0:0.2-6.git7c289cc.el8.s390x",
"product_id": "openshift-eventrouter-debugsource-0:0.2-6.git7c289cc.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-eventrouter-debugsource@0.2-6.git7c289cc.el8?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "openshift-eventrouter-debuginfo-0:0.2-6.git7c289cc.el8.s390x",
"product": {
"name": "openshift-eventrouter-debuginfo-0:0.2-6.git7c289cc.el8.s390x",
"product_id": "openshift-eventrouter-debuginfo-0:0.2-6.git7c289cc.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-eventrouter-debuginfo@0.2-6.git7c289cc.el8?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-kuryr-cni-0:4.6.0-202103192141.p0.git.2234.cba9525.el8.noarch",
"product": {
"name": "openshift-kuryr-cni-0:4.6.0-202103192141.p0.git.2234.cba9525.el8.noarch",
"product_id": "openshift-kuryr-cni-0:4.6.0-202103192141.p0.git.2234.cba9525.el8.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-kuryr-cni@4.6.0-202103192141.p0.git.2234.cba9525.el8?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "openshift-kuryr-common-0:4.6.0-202103192141.p0.git.2234.cba9525.el8.noarch",
"product": {
"name": "openshift-kuryr-common-0:4.6.0-202103192141.p0.git.2234.cba9525.el8.noarch",
"product_id": "openshift-kuryr-common-0:4.6.0-202103192141.p0.git.2234.cba9525.el8.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-kuryr-common@4.6.0-202103192141.p0.git.2234.cba9525.el8?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "openshift-kuryr-controller-0:4.6.0-202103192141.p0.git.2234.cba9525.el8.noarch",
"product": {
"name": "openshift-kuryr-controller-0:4.6.0-202103192141.p0.git.2234.cba9525.el8.noarch",
"product_id": "openshift-kuryr-controller-0:4.6.0-202103192141.p0.git.2234.cba9525.el8.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-kuryr-controller@4.6.0-202103192141.p0.git.2234.cba9525.el8?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "python3-kuryr-kubernetes-0:4.6.0-202103192141.p0.git.2234.cba9525.el8.noarch",
"product": {
"name": "python3-kuryr-kubernetes-0:4.6.0-202103192141.p0.git.2234.cba9525.el8.noarch",
"product_id": "python3-kuryr-kubernetes-0:4.6.0-202103192141.p0.git.2234.cba9525.el8.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-kuryr-kubernetes@4.6.0-202103192141.p0.git.2234.cba9525.el8?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "openshift-ansible-0:4.6.0-202103192141.p0.git.0.d1b612b.el7.noarch",
"product": {
"name": "openshift-ansible-0:4.6.0-202103192141.p0.git.0.d1b612b.el7.noarch",
"product_id": "openshift-ansible-0:4.6.0-202103192141.p0.git.0.d1b612b.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-ansible@4.6.0-202103192141.p0.git.0.d1b612b.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "openshift-ansible-test-0:4.6.0-202103192141.p0.git.0.d1b612b.el7.noarch",
"product": {
"name": "openshift-ansible-test-0:4.6.0-202103192141.p0.git.0.d1b612b.el7.noarch",
"product_id": "openshift-ansible-test-0:4.6.0-202103192141.p0.git.0.d1b612b.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-ansible-test@4.6.0-202103192141.p0.git.0.d1b612b.el7?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-0:4.6.0-202103210832.p0.git.94284.834ccc7.el7.src as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "7Server-RH7-RHOSE-4.6:openshift-0:4.6.0-202103210832.p0.git.94284.834ccc7.el7.src"
},
"product_reference": "openshift-0:4.6.0-202103210832.p0.git.94284.834ccc7.el7.src",
"relates_to_product_reference": "7Server-RH7-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-ansible-0:4.6.0-202103192141.p0.git.0.d1b612b.el7.noarch as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "7Server-RH7-RHOSE-4.6:openshift-ansible-0:4.6.0-202103192141.p0.git.0.d1b612b.el7.noarch"
},
"product_reference": "openshift-ansible-0:4.6.0-202103192141.p0.git.0.d1b612b.el7.noarch",
"relates_to_product_reference": "7Server-RH7-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-ansible-0:4.6.0-202103192141.p0.git.0.d1b612b.el7.src as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "7Server-RH7-RHOSE-4.6:openshift-ansible-0:4.6.0-202103192141.p0.git.0.d1b612b.el7.src"
},
"product_reference": "openshift-ansible-0:4.6.0-202103192141.p0.git.0.d1b612b.el7.src",
"relates_to_product_reference": "7Server-RH7-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-ansible-test-0:4.6.0-202103192141.p0.git.0.d1b612b.el7.noarch as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "7Server-RH7-RHOSE-4.6:openshift-ansible-test-0:4.6.0-202103192141.p0.git.0.d1b612b.el7.noarch"
},
"product_reference": "openshift-ansible-test-0:4.6.0-202103192141.p0.git.0.d1b612b.el7.noarch",
"relates_to_product_reference": "7Server-RH7-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-clients-0:4.6.0-202103200039.p0.git.3841.3e951a5.el7.src as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "7Server-RH7-RHOSE-4.6:openshift-clients-0:4.6.0-202103200039.p0.git.3841.3e951a5.el7.src"
},
"product_reference": "openshift-clients-0:4.6.0-202103200039.p0.git.3841.3e951a5.el7.src",
"relates_to_product_reference": "7Server-RH7-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-clients-0:4.6.0-202103200039.p0.git.3841.3e951a5.el7.x86_64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "7Server-RH7-RHOSE-4.6:openshift-clients-0:4.6.0-202103200039.p0.git.3841.3e951a5.el7.x86_64"
},
"product_reference": "openshift-clients-0:4.6.0-202103200039.p0.git.3841.3e951a5.el7.x86_64",
"relates_to_product_reference": "7Server-RH7-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-clients-redistributable-0:4.6.0-202103200039.p0.git.3841.3e951a5.el7.x86_64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "7Server-RH7-RHOSE-4.6:openshift-clients-redistributable-0:4.6.0-202103200039.p0.git.3841.3e951a5.el7.x86_64"
},
"product_reference": "openshift-clients-redistributable-0:4.6.0-202103200039.p0.git.3841.3e951a5.el7.x86_64",
"relates_to_product_reference": "7Server-RH7-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-hyperkube-0:4.6.0-202103210832.p0.git.94284.834ccc7.el7.x86_64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "7Server-RH7-RHOSE-4.6:openshift-hyperkube-0:4.6.0-202103210832.p0.git.94284.834ccc7.el7.x86_64"
},
"product_reference": "openshift-hyperkube-0:4.6.0-202103210832.p0.git.94284.834ccc7.el7.x86_64",
"relates_to_product_reference": "7Server-RH7-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-0:4.6.0-202103210832.p0.git.94284.834ccc7.el8.src as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift-0:4.6.0-202103210832.p0.git.94284.834ccc7.el8.src"
},
"product_reference": "openshift-0:4.6.0-202103210832.p0.git.94284.834ccc7.el8.src",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-clients-0:4.6.0-202103200039.p0.git.3841.3e951a5.el8.ppc64le as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202103200039.p0.git.3841.3e951a5.el8.ppc64le"
},
"product_reference": "openshift-clients-0:4.6.0-202103200039.p0.git.3841.3e951a5.el8.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-clients-0:4.6.0-202103200039.p0.git.3841.3e951a5.el8.s390x as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202103200039.p0.git.3841.3e951a5.el8.s390x"
},
"product_reference": "openshift-clients-0:4.6.0-202103200039.p0.git.3841.3e951a5.el8.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-clients-0:4.6.0-202103200039.p0.git.3841.3e951a5.el8.src as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202103200039.p0.git.3841.3e951a5.el8.src"
},
"product_reference": "openshift-clients-0:4.6.0-202103200039.p0.git.3841.3e951a5.el8.src",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-clients-0:4.6.0-202103200039.p0.git.3841.3e951a5.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202103200039.p0.git.3841.3e951a5.el8.x86_64"
},
"product_reference": "openshift-clients-0:4.6.0-202103200039.p0.git.3841.3e951a5.el8.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-clients-redistributable-0:4.6.0-202103200039.p0.git.3841.3e951a5.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift-clients-redistributable-0:4.6.0-202103200039.p0.git.3841.3e951a5.el8.x86_64"
},
"product_reference": "openshift-clients-redistributable-0:4.6.0-202103200039.p0.git.3841.3e951a5.el8.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-eventrouter-0:0.2-6.git7c289cc.el8.ppc64le as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift-eventrouter-0:0.2-6.git7c289cc.el8.ppc64le"
},
"product_reference": "openshift-eventrouter-0:0.2-6.git7c289cc.el8.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-eventrouter-0:0.2-6.git7c289cc.el8.s390x as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift-eventrouter-0:0.2-6.git7c289cc.el8.s390x"
},
"product_reference": "openshift-eventrouter-0:0.2-6.git7c289cc.el8.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-eventrouter-0:0.2-6.git7c289cc.el8.src as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift-eventrouter-0:0.2-6.git7c289cc.el8.src"
},
"product_reference": "openshift-eventrouter-0:0.2-6.git7c289cc.el8.src",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-eventrouter-0:0.2-6.git7c289cc.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift-eventrouter-0:0.2-6.git7c289cc.el8.x86_64"
},
"product_reference": "openshift-eventrouter-0:0.2-6.git7c289cc.el8.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-eventrouter-debuginfo-0:0.2-6.git7c289cc.el8.ppc64le as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift-eventrouter-debuginfo-0:0.2-6.git7c289cc.el8.ppc64le"
},
"product_reference": "openshift-eventrouter-debuginfo-0:0.2-6.git7c289cc.el8.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-eventrouter-debuginfo-0:0.2-6.git7c289cc.el8.s390x as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift-eventrouter-debuginfo-0:0.2-6.git7c289cc.el8.s390x"
},
"product_reference": "openshift-eventrouter-debuginfo-0:0.2-6.git7c289cc.el8.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-eventrouter-debuginfo-0:0.2-6.git7c289cc.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift-eventrouter-debuginfo-0:0.2-6.git7c289cc.el8.x86_64"
},
"product_reference": "openshift-eventrouter-debuginfo-0:0.2-6.git7c289cc.el8.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-eventrouter-debugsource-0:0.2-6.git7c289cc.el8.ppc64le as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift-eventrouter-debugsource-0:0.2-6.git7c289cc.el8.ppc64le"
},
"product_reference": "openshift-eventrouter-debugsource-0:0.2-6.git7c289cc.el8.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-eventrouter-debugsource-0:0.2-6.git7c289cc.el8.s390x as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift-eventrouter-debugsource-0:0.2-6.git7c289cc.el8.s390x"
},
"product_reference": "openshift-eventrouter-debugsource-0:0.2-6.git7c289cc.el8.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-eventrouter-debugsource-0:0.2-6.git7c289cc.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift-eventrouter-debugsource-0:0.2-6.git7c289cc.el8.x86_64"
},
"product_reference": "openshift-eventrouter-debugsource-0:0.2-6.git7c289cc.el8.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-hyperkube-0:4.6.0-202103210832.p0.git.94284.834ccc7.el8.ppc64le as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift-hyperkube-0:4.6.0-202103210832.p0.git.94284.834ccc7.el8.ppc64le"
},
"product_reference": "openshift-hyperkube-0:4.6.0-202103210832.p0.git.94284.834ccc7.el8.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-hyperkube-0:4.6.0-202103210832.p0.git.94284.834ccc7.el8.s390x as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift-hyperkube-0:4.6.0-202103210832.p0.git.94284.834ccc7.el8.s390x"
},
"product_reference": "openshift-hyperkube-0:4.6.0-202103210832.p0.git.94284.834ccc7.el8.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-hyperkube-0:4.6.0-202103210832.p0.git.94284.834ccc7.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift-hyperkube-0:4.6.0-202103210832.p0.git.94284.834ccc7.el8.x86_64"
},
"product_reference": "openshift-hyperkube-0:4.6.0-202103210832.p0.git.94284.834ccc7.el8.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-kuryr-0:4.6.0-202103192141.p0.git.2234.cba9525.el8.src as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift-kuryr-0:4.6.0-202103192141.p0.git.2234.cba9525.el8.src"
},
"product_reference": "openshift-kuryr-0:4.6.0-202103192141.p0.git.2234.cba9525.el8.src",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-kuryr-cni-0:4.6.0-202103192141.p0.git.2234.cba9525.el8.noarch as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift-kuryr-cni-0:4.6.0-202103192141.p0.git.2234.cba9525.el8.noarch"
},
"product_reference": "openshift-kuryr-cni-0:4.6.0-202103192141.p0.git.2234.cba9525.el8.noarch",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-kuryr-common-0:4.6.0-202103192141.p0.git.2234.cba9525.el8.noarch as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift-kuryr-common-0:4.6.0-202103192141.p0.git.2234.cba9525.el8.noarch"
},
"product_reference": "openshift-kuryr-common-0:4.6.0-202103192141.p0.git.2234.cba9525.el8.noarch",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-kuryr-controller-0:4.6.0-202103192141.p0.git.2234.cba9525.el8.noarch as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift-kuryr-controller-0:4.6.0-202103192141.p0.git.2234.cba9525.el8.noarch"
},
"product_reference": "openshift-kuryr-controller-0:4.6.0-202103192141.p0.git.2234.cba9525.el8.noarch",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-kuryr-kubernetes-0:4.6.0-202103192141.p0.git.2234.cba9525.el8.noarch as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:python3-kuryr-kubernetes-0:4.6.0-202103192141.p0.git.2234.cba9525.el8.noarch"
},
"product_reference": "python3-kuryr-kubernetes-0:4.6.0-202103192141.p0.git.2234.cba9525.el8.noarch",
"relates_to_product_reference": "8Base-RHOSE-4.6"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2020-15586",
"cwe": {
"id": "CWE-362",
"name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
},
"discovery_date": "2020-07-14T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"7Server-RH7-RHOSE-4.6:openshift-0:4.6.0-202103210832.p0.git.94284.834ccc7.el7.src",
"7Server-RH7-RHOSE-4.6:openshift-ansible-0:4.6.0-202103192141.p0.git.0.d1b612b.el7.noarch",
"7Server-RH7-RHOSE-4.6:openshift-ansible-0:4.6.0-202103192141.p0.git.0.d1b612b.el7.src",
"7Server-RH7-RHOSE-4.6:openshift-ansible-test-0:4.6.0-202103192141.p0.git.0.d1b612b.el7.noarch",
"7Server-RH7-RHOSE-4.6:openshift-clients-0:4.6.0-202103200039.p0.git.3841.3e951a5.el7.src",
"7Server-RH7-RHOSE-4.6:openshift-clients-0:4.6.0-202103200039.p0.git.3841.3e951a5.el7.x86_64",
"7Server-RH7-RHOSE-4.6:openshift-clients-redistributable-0:4.6.0-202103200039.p0.git.3841.3e951a5.el7.x86_64",
"7Server-RH7-RHOSE-4.6:openshift-hyperkube-0:4.6.0-202103210832.p0.git.94284.834ccc7.el7.x86_64",
"8Base-RHOSE-4.6:openshift-0:4.6.0-202103210832.p0.git.94284.834ccc7.el8.src",
"8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202103200039.p0.git.3841.3e951a5.el8.ppc64le",
"8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202103200039.p0.git.3841.3e951a5.el8.s390x",
"8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202103200039.p0.git.3841.3e951a5.el8.src",
"8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202103200039.p0.git.3841.3e951a5.el8.x86_64",
"8Base-RHOSE-4.6:openshift-clients-redistributable-0:4.6.0-202103200039.p0.git.3841.3e951a5.el8.x86_64",
"8Base-RHOSE-4.6:openshift-hyperkube-0:4.6.0-202103210832.p0.git.94284.834ccc7.el8.ppc64le",
"8Base-RHOSE-4.6:openshift-hyperkube-0:4.6.0-202103210832.p0.git.94284.834ccc7.el8.s390x",
"8Base-RHOSE-4.6:openshift-hyperkube-0:4.6.0-202103210832.p0.git.94284.834ccc7.el8.x86_64",
"8Base-RHOSE-4.6:openshift-kuryr-0:4.6.0-202103192141.p0.git.2234.cba9525.el8.src",
"8Base-RHOSE-4.6:openshift-kuryr-cni-0:4.6.0-202103192141.p0.git.2234.cba9525.el8.noarch",
"8Base-RHOSE-4.6:openshift-kuryr-common-0:4.6.0-202103192141.p0.git.2234.cba9525.el8.noarch",
"8Base-RHOSE-4.6:openshift-kuryr-controller-0:4.6.0-202103192141.p0.git.2234.cba9525.el8.noarch",
"8Base-RHOSE-4.6:python3-kuryr-kubernetes-0:4.6.0-202103192141.p0.git.2234.cba9525.el8.noarch"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1856953"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found Go\u0027s net/http package. Servers using ReverseProxy from net/http in the Go standard library are vulnerable to a data race that results in a denial of service. The highest threat from this vulnerability is to system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: data race in certain net/http servers including ReverseProxy can lead to DoS",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "OpenShift Container Platform (OCP) components are primarily written in Go, meaning that any component using the net/http package includes the vulnerable code. OCP server endpoints using ReverseProxy are protected by authentication, reducing the severity of this vulnerability to Low for OCP.\n\nSimilar to OCP, OpenShift ServiceMesh (OSSM), RedHat OpenShift Jaeger (RHOSJ) and OpenShift Virtualization are also primarily written in Go and are protected via authentication, reducing the severity of this vulnerability to Low.\n\nRed Hat Gluster Storage 3 and Red Hat Openshift Container Storage 4 components are built with the affected version of Go, however the vulnerable functionality is currently not used by these products and hence this issue has been rated as having a security impact of Low.\n\nRed Hat Ceph Storage 3 and 4 components are built with the affected version of Go, however the vulnerable functionality is currently not used by these products and hence this issue has been rated as having a security impact of Low.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-4.6:openshift-eventrouter-0:0.2-6.git7c289cc.el8.ppc64le",
"8Base-RHOSE-4.6:openshift-eventrouter-0:0.2-6.git7c289cc.el8.s390x",
"8Base-RHOSE-4.6:openshift-eventrouter-0:0.2-6.git7c289cc.el8.src",
"8Base-RHOSE-4.6:openshift-eventrouter-0:0.2-6.git7c289cc.el8.x86_64",
"8Base-RHOSE-4.6:openshift-eventrouter-debuginfo-0:0.2-6.git7c289cc.el8.ppc64le",
"8Base-RHOSE-4.6:openshift-eventrouter-debuginfo-0:0.2-6.git7c289cc.el8.s390x",
"8Base-RHOSE-4.6:openshift-eventrouter-debuginfo-0:0.2-6.git7c289cc.el8.x86_64",
"8Base-RHOSE-4.6:openshift-eventrouter-debugsource-0:0.2-6.git7c289cc.el8.ppc64le",
"8Base-RHOSE-4.6:openshift-eventrouter-debugsource-0:0.2-6.git7c289cc.el8.s390x",
"8Base-RHOSE-4.6:openshift-eventrouter-debugsource-0:0.2-6.git7c289cc.el8.x86_64"
],
"known_not_affected": [
"7Server-RH7-RHOSE-4.6:openshift-0:4.6.0-202103210832.p0.git.94284.834ccc7.el7.src",
"7Server-RH7-RHOSE-4.6:openshift-ansible-0:4.6.0-202103192141.p0.git.0.d1b612b.el7.noarch",
"7Server-RH7-RHOSE-4.6:openshift-ansible-0:4.6.0-202103192141.p0.git.0.d1b612b.el7.src",
"7Server-RH7-RHOSE-4.6:openshift-ansible-test-0:4.6.0-202103192141.p0.git.0.d1b612b.el7.noarch",
"7Server-RH7-RHOSE-4.6:openshift-clients-0:4.6.0-202103200039.p0.git.3841.3e951a5.el7.src",
"7Server-RH7-RHOSE-4.6:openshift-clients-0:4.6.0-202103200039.p0.git.3841.3e951a5.el7.x86_64",
"7Server-RH7-RHOSE-4.6:openshift-clients-redistributable-0:4.6.0-202103200039.p0.git.3841.3e951a5.el7.x86_64",
"7Server-RH7-RHOSE-4.6:openshift-hyperkube-0:4.6.0-202103210832.p0.git.94284.834ccc7.el7.x86_64",
"8Base-RHOSE-4.6:openshift-0:4.6.0-202103210832.p0.git.94284.834ccc7.el8.src",
"8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202103200039.p0.git.3841.3e951a5.el8.ppc64le",
"8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202103200039.p0.git.3841.3e951a5.el8.s390x",
"8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202103200039.p0.git.3841.3e951a5.el8.src",
"8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202103200039.p0.git.3841.3e951a5.el8.x86_64",
"8Base-RHOSE-4.6:openshift-clients-redistributable-0:4.6.0-202103200039.p0.git.3841.3e951a5.el8.x86_64",
"8Base-RHOSE-4.6:openshift-hyperkube-0:4.6.0-202103210832.p0.git.94284.834ccc7.el8.ppc64le",
"8Base-RHOSE-4.6:openshift-hyperkube-0:4.6.0-202103210832.p0.git.94284.834ccc7.el8.s390x",
"8Base-RHOSE-4.6:openshift-hyperkube-0:4.6.0-202103210832.p0.git.94284.834ccc7.el8.x86_64",
"8Base-RHOSE-4.6:openshift-kuryr-0:4.6.0-202103192141.p0.git.2234.cba9525.el8.src",
"8Base-RHOSE-4.6:openshift-kuryr-cni-0:4.6.0-202103192141.p0.git.2234.cba9525.el8.noarch",
"8Base-RHOSE-4.6:openshift-kuryr-common-0:4.6.0-202103192141.p0.git.2234.cba9525.el8.noarch",
"8Base-RHOSE-4.6:openshift-kuryr-controller-0:4.6.0-202103192141.p0.git.2234.cba9525.el8.noarch",
"8Base-RHOSE-4.6:python3-kuryr-kubernetes-0:4.6.0-202103192141.p0.git.2234.cba9525.el8.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-15586"
},
{
"category": "external",
"summary": "RHBZ#1856953",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1856953"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-15586",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-15586"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-15586",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-15586"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/XZNfaiwgt2w/m/E6gHDs32AQAJ",
"url": "https://groups.google.com/g/golang-announce/c/XZNfaiwgt2w/m/E6gHDs32AQAJ"
}
],
"release_date": "2020-07-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-03-30T16:48:30+00:00",
"details": "For OpenShift Container Platform 4.6 see the following documentation, which\nwill be updated shortly for this release, for important instructions on how\nto upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.6/release_notes/ocp-4-6-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.6/updating/updating-cluster-cli.html.",
"product_ids": [
"8Base-RHOSE-4.6:openshift-eventrouter-0:0.2-6.git7c289cc.el8.ppc64le",
"8Base-RHOSE-4.6:openshift-eventrouter-0:0.2-6.git7c289cc.el8.s390x",
"8Base-RHOSE-4.6:openshift-eventrouter-0:0.2-6.git7c289cc.el8.src",
"8Base-RHOSE-4.6:openshift-eventrouter-0:0.2-6.git7c289cc.el8.x86_64",
"8Base-RHOSE-4.6:openshift-eventrouter-debuginfo-0:0.2-6.git7c289cc.el8.ppc64le",
"8Base-RHOSE-4.6:openshift-eventrouter-debuginfo-0:0.2-6.git7c289cc.el8.s390x",
"8Base-RHOSE-4.6:openshift-eventrouter-debuginfo-0:0.2-6.git7c289cc.el8.x86_64",
"8Base-RHOSE-4.6:openshift-eventrouter-debugsource-0:0.2-6.git7c289cc.el8.ppc64le",
"8Base-RHOSE-4.6:openshift-eventrouter-debugsource-0:0.2-6.git7c289cc.el8.s390x",
"8Base-RHOSE-4.6:openshift-eventrouter-debugsource-0:0.2-6.git7c289cc.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:0956"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"7Server-RH7-RHOSE-4.6:openshift-0:4.6.0-202103210832.p0.git.94284.834ccc7.el7.src",
"7Server-RH7-RHOSE-4.6:openshift-ansible-0:4.6.0-202103192141.p0.git.0.d1b612b.el7.noarch",
"7Server-RH7-RHOSE-4.6:openshift-ansible-0:4.6.0-202103192141.p0.git.0.d1b612b.el7.src",
"7Server-RH7-RHOSE-4.6:openshift-ansible-test-0:4.6.0-202103192141.p0.git.0.d1b612b.el7.noarch",
"7Server-RH7-RHOSE-4.6:openshift-clients-0:4.6.0-202103200039.p0.git.3841.3e951a5.el7.src",
"7Server-RH7-RHOSE-4.6:openshift-clients-0:4.6.0-202103200039.p0.git.3841.3e951a5.el7.x86_64",
"7Server-RH7-RHOSE-4.6:openshift-clients-redistributable-0:4.6.0-202103200039.p0.git.3841.3e951a5.el7.x86_64",
"7Server-RH7-RHOSE-4.6:openshift-hyperkube-0:4.6.0-202103210832.p0.git.94284.834ccc7.el7.x86_64",
"8Base-RHOSE-4.6:openshift-0:4.6.0-202103210832.p0.git.94284.834ccc7.el8.src",
"8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202103200039.p0.git.3841.3e951a5.el8.ppc64le",
"8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202103200039.p0.git.3841.3e951a5.el8.s390x",
"8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202103200039.p0.git.3841.3e951a5.el8.src",
"8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202103200039.p0.git.3841.3e951a5.el8.x86_64",
"8Base-RHOSE-4.6:openshift-clients-redistributable-0:4.6.0-202103200039.p0.git.3841.3e951a5.el8.x86_64",
"8Base-RHOSE-4.6:openshift-eventrouter-0:0.2-6.git7c289cc.el8.ppc64le",
"8Base-RHOSE-4.6:openshift-eventrouter-0:0.2-6.git7c289cc.el8.s390x",
"8Base-RHOSE-4.6:openshift-eventrouter-0:0.2-6.git7c289cc.el8.src",
"8Base-RHOSE-4.6:openshift-eventrouter-0:0.2-6.git7c289cc.el8.x86_64",
"8Base-RHOSE-4.6:openshift-eventrouter-debuginfo-0:0.2-6.git7c289cc.el8.ppc64le",
"8Base-RHOSE-4.6:openshift-eventrouter-debuginfo-0:0.2-6.git7c289cc.el8.s390x",
"8Base-RHOSE-4.6:openshift-eventrouter-debuginfo-0:0.2-6.git7c289cc.el8.x86_64",
"8Base-RHOSE-4.6:openshift-eventrouter-debugsource-0:0.2-6.git7c289cc.el8.ppc64le",
"8Base-RHOSE-4.6:openshift-eventrouter-debugsource-0:0.2-6.git7c289cc.el8.s390x",
"8Base-RHOSE-4.6:openshift-eventrouter-debugsource-0:0.2-6.git7c289cc.el8.x86_64",
"8Base-RHOSE-4.6:openshift-hyperkube-0:4.6.0-202103210832.p0.git.94284.834ccc7.el8.ppc64le",
"8Base-RHOSE-4.6:openshift-hyperkube-0:4.6.0-202103210832.p0.git.94284.834ccc7.el8.s390x",
"8Base-RHOSE-4.6:openshift-hyperkube-0:4.6.0-202103210832.p0.git.94284.834ccc7.el8.x86_64",
"8Base-RHOSE-4.6:openshift-kuryr-0:4.6.0-202103192141.p0.git.2234.cba9525.el8.src",
"8Base-RHOSE-4.6:openshift-kuryr-cni-0:4.6.0-202103192141.p0.git.2234.cba9525.el8.noarch",
"8Base-RHOSE-4.6:openshift-kuryr-common-0:4.6.0-202103192141.p0.git.2234.cba9525.el8.noarch",
"8Base-RHOSE-4.6:openshift-kuryr-controller-0:4.6.0-202103192141.p0.git.2234.cba9525.el8.noarch",
"8Base-RHOSE-4.6:python3-kuryr-kubernetes-0:4.6.0-202103192141.p0.git.2234.cba9525.el8.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "golang: data race in certain net/http servers including ReverseProxy can lead to DoS"
},
{
"cve": "CVE-2020-16845",
"cwe": {
"id": "CWE-835",
"name": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)"
},
"discovery_date": "2020-08-07T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"7Server-RH7-RHOSE-4.6:openshift-0:4.6.0-202103210832.p0.git.94284.834ccc7.el7.src",
"7Server-RH7-RHOSE-4.6:openshift-ansible-0:4.6.0-202103192141.p0.git.0.d1b612b.el7.noarch",
"7Server-RH7-RHOSE-4.6:openshift-ansible-0:4.6.0-202103192141.p0.git.0.d1b612b.el7.src",
"7Server-RH7-RHOSE-4.6:openshift-ansible-test-0:4.6.0-202103192141.p0.git.0.d1b612b.el7.noarch",
"7Server-RH7-RHOSE-4.6:openshift-clients-0:4.6.0-202103200039.p0.git.3841.3e951a5.el7.src",
"7Server-RH7-RHOSE-4.6:openshift-clients-0:4.6.0-202103200039.p0.git.3841.3e951a5.el7.x86_64",
"7Server-RH7-RHOSE-4.6:openshift-clients-redistributable-0:4.6.0-202103200039.p0.git.3841.3e951a5.el7.x86_64",
"7Server-RH7-RHOSE-4.6:openshift-hyperkube-0:4.6.0-202103210832.p0.git.94284.834ccc7.el7.x86_64",
"8Base-RHOSE-4.6:openshift-0:4.6.0-202103210832.p0.git.94284.834ccc7.el8.src",
"8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202103200039.p0.git.3841.3e951a5.el8.ppc64le",
"8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202103200039.p0.git.3841.3e951a5.el8.s390x",
"8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202103200039.p0.git.3841.3e951a5.el8.src",
"8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202103200039.p0.git.3841.3e951a5.el8.x86_64",
"8Base-RHOSE-4.6:openshift-clients-redistributable-0:4.6.0-202103200039.p0.git.3841.3e951a5.el8.x86_64",
"8Base-RHOSE-4.6:openshift-hyperkube-0:4.6.0-202103210832.p0.git.94284.834ccc7.el8.ppc64le",
"8Base-RHOSE-4.6:openshift-hyperkube-0:4.6.0-202103210832.p0.git.94284.834ccc7.el8.s390x",
"8Base-RHOSE-4.6:openshift-hyperkube-0:4.6.0-202103210832.p0.git.94284.834ccc7.el8.x86_64",
"8Base-RHOSE-4.6:openshift-kuryr-0:4.6.0-202103192141.p0.git.2234.cba9525.el8.src",
"8Base-RHOSE-4.6:openshift-kuryr-cni-0:4.6.0-202103192141.p0.git.2234.cba9525.el8.noarch",
"8Base-RHOSE-4.6:openshift-kuryr-common-0:4.6.0-202103192141.p0.git.2234.cba9525.el8.noarch",
"8Base-RHOSE-4.6:openshift-kuryr-controller-0:4.6.0-202103192141.p0.git.2234.cba9525.el8.noarch",
"8Base-RHOSE-4.6:python3-kuryr-kubernetes-0:4.6.0-202103192141.p0.git.2234.cba9525.el8.noarch"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1867099"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Go encoding/binary package. Certain invalid inputs to the ReadUvarint or the ReadVarint causes those functions to read an unlimited number of bytes from the ByteReader argument before returning an error. This flaw possibly leads to processing more input than expected. The highest threat from this vulnerability is to system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: ReadUvarint and ReadVarint can read an unlimited number of bytes from invalid inputs",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "OpenShift Container Platform (OCP), OpenShift ServiceMesh (OSSM), RedHat OpenShift Jaeger (RHOSJ) and OpenShift Virtualization components are primarily written in Go, meaning that any component using the encoding/binary package includes the vulnerable code. The affected components are behind OpenShift OAuth authentication, therefore the impact is low.\n\nRed Hat Gluster Storage 3, Red Hat OpenShift Container Storage 4 and Red Hat Ceph Storage (3 and 4) components are built with the affected version of Go, however the vulnerable functionality is currently not used by these products and hence this issue has been rated as having a security impact of Low.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-4.6:openshift-eventrouter-0:0.2-6.git7c289cc.el8.ppc64le",
"8Base-RHOSE-4.6:openshift-eventrouter-0:0.2-6.git7c289cc.el8.s390x",
"8Base-RHOSE-4.6:openshift-eventrouter-0:0.2-6.git7c289cc.el8.src",
"8Base-RHOSE-4.6:openshift-eventrouter-0:0.2-6.git7c289cc.el8.x86_64",
"8Base-RHOSE-4.6:openshift-eventrouter-debuginfo-0:0.2-6.git7c289cc.el8.ppc64le",
"8Base-RHOSE-4.6:openshift-eventrouter-debuginfo-0:0.2-6.git7c289cc.el8.s390x",
"8Base-RHOSE-4.6:openshift-eventrouter-debuginfo-0:0.2-6.git7c289cc.el8.x86_64",
"8Base-RHOSE-4.6:openshift-eventrouter-debugsource-0:0.2-6.git7c289cc.el8.ppc64le",
"8Base-RHOSE-4.6:openshift-eventrouter-debugsource-0:0.2-6.git7c289cc.el8.s390x",
"8Base-RHOSE-4.6:openshift-eventrouter-debugsource-0:0.2-6.git7c289cc.el8.x86_64"
],
"known_not_affected": [
"7Server-RH7-RHOSE-4.6:openshift-0:4.6.0-202103210832.p0.git.94284.834ccc7.el7.src",
"7Server-RH7-RHOSE-4.6:openshift-ansible-0:4.6.0-202103192141.p0.git.0.d1b612b.el7.noarch",
"7Server-RH7-RHOSE-4.6:openshift-ansible-0:4.6.0-202103192141.p0.git.0.d1b612b.el7.src",
"7Server-RH7-RHOSE-4.6:openshift-ansible-test-0:4.6.0-202103192141.p0.git.0.d1b612b.el7.noarch",
"7Server-RH7-RHOSE-4.6:openshift-clients-0:4.6.0-202103200039.p0.git.3841.3e951a5.el7.src",
"7Server-RH7-RHOSE-4.6:openshift-clients-0:4.6.0-202103200039.p0.git.3841.3e951a5.el7.x86_64",
"7Server-RH7-RHOSE-4.6:openshift-clients-redistributable-0:4.6.0-202103200039.p0.git.3841.3e951a5.el7.x86_64",
"7Server-RH7-RHOSE-4.6:openshift-hyperkube-0:4.6.0-202103210832.p0.git.94284.834ccc7.el7.x86_64",
"8Base-RHOSE-4.6:openshift-0:4.6.0-202103210832.p0.git.94284.834ccc7.el8.src",
"8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202103200039.p0.git.3841.3e951a5.el8.ppc64le",
"8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202103200039.p0.git.3841.3e951a5.el8.s390x",
"8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202103200039.p0.git.3841.3e951a5.el8.src",
"8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202103200039.p0.git.3841.3e951a5.el8.x86_64",
"8Base-RHOSE-4.6:openshift-clients-redistributable-0:4.6.0-202103200039.p0.git.3841.3e951a5.el8.x86_64",
"8Base-RHOSE-4.6:openshift-hyperkube-0:4.6.0-202103210832.p0.git.94284.834ccc7.el8.ppc64le",
"8Base-RHOSE-4.6:openshift-hyperkube-0:4.6.0-202103210832.p0.git.94284.834ccc7.el8.s390x",
"8Base-RHOSE-4.6:openshift-hyperkube-0:4.6.0-202103210832.p0.git.94284.834ccc7.el8.x86_64",
"8Base-RHOSE-4.6:openshift-kuryr-0:4.6.0-202103192141.p0.git.2234.cba9525.el8.src",
"8Base-RHOSE-4.6:openshift-kuryr-cni-0:4.6.0-202103192141.p0.git.2234.cba9525.el8.noarch",
"8Base-RHOSE-4.6:openshift-kuryr-common-0:4.6.0-202103192141.p0.git.2234.cba9525.el8.noarch",
"8Base-RHOSE-4.6:openshift-kuryr-controller-0:4.6.0-202103192141.p0.git.2234.cba9525.el8.noarch",
"8Base-RHOSE-4.6:python3-kuryr-kubernetes-0:4.6.0-202103192141.p0.git.2234.cba9525.el8.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-16845"
},
{
"category": "external",
"summary": "RHBZ#1867099",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1867099"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-16845",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-16845"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-16845",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-16845"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/NyPIaucMgXo",
"url": "https://groups.google.com/g/golang-announce/c/NyPIaucMgXo"
}
],
"release_date": "2020-08-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-03-30T16:48:30+00:00",
"details": "For OpenShift Container Platform 4.6 see the following documentation, which\nwill be updated shortly for this release, for important instructions on how\nto upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.6/release_notes/ocp-4-6-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.6/updating/updating-cluster-cli.html.",
"product_ids": [
"8Base-RHOSE-4.6:openshift-eventrouter-0:0.2-6.git7c289cc.el8.ppc64le",
"8Base-RHOSE-4.6:openshift-eventrouter-0:0.2-6.git7c289cc.el8.s390x",
"8Base-RHOSE-4.6:openshift-eventrouter-0:0.2-6.git7c289cc.el8.src",
"8Base-RHOSE-4.6:openshift-eventrouter-0:0.2-6.git7c289cc.el8.x86_64",
"8Base-RHOSE-4.6:openshift-eventrouter-debuginfo-0:0.2-6.git7c289cc.el8.ppc64le",
"8Base-RHOSE-4.6:openshift-eventrouter-debuginfo-0:0.2-6.git7c289cc.el8.s390x",
"8Base-RHOSE-4.6:openshift-eventrouter-debuginfo-0:0.2-6.git7c289cc.el8.x86_64",
"8Base-RHOSE-4.6:openshift-eventrouter-debugsource-0:0.2-6.git7c289cc.el8.ppc64le",
"8Base-RHOSE-4.6:openshift-eventrouter-debugsource-0:0.2-6.git7c289cc.el8.s390x",
"8Base-RHOSE-4.6:openshift-eventrouter-debugsource-0:0.2-6.git7c289cc.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:0956"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"7Server-RH7-RHOSE-4.6:openshift-0:4.6.0-202103210832.p0.git.94284.834ccc7.el7.src",
"7Server-RH7-RHOSE-4.6:openshift-ansible-0:4.6.0-202103192141.p0.git.0.d1b612b.el7.noarch",
"7Server-RH7-RHOSE-4.6:openshift-ansible-0:4.6.0-202103192141.p0.git.0.d1b612b.el7.src",
"7Server-RH7-RHOSE-4.6:openshift-ansible-test-0:4.6.0-202103192141.p0.git.0.d1b612b.el7.noarch",
"7Server-RH7-RHOSE-4.6:openshift-clients-0:4.6.0-202103200039.p0.git.3841.3e951a5.el7.src",
"7Server-RH7-RHOSE-4.6:openshift-clients-0:4.6.0-202103200039.p0.git.3841.3e951a5.el7.x86_64",
"7Server-RH7-RHOSE-4.6:openshift-clients-redistributable-0:4.6.0-202103200039.p0.git.3841.3e951a5.el7.x86_64",
"7Server-RH7-RHOSE-4.6:openshift-hyperkube-0:4.6.0-202103210832.p0.git.94284.834ccc7.el7.x86_64",
"8Base-RHOSE-4.6:openshift-0:4.6.0-202103210832.p0.git.94284.834ccc7.el8.src",
"8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202103200039.p0.git.3841.3e951a5.el8.ppc64le",
"8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202103200039.p0.git.3841.3e951a5.el8.s390x",
"8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202103200039.p0.git.3841.3e951a5.el8.src",
"8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202103200039.p0.git.3841.3e951a5.el8.x86_64",
"8Base-RHOSE-4.6:openshift-clients-redistributable-0:4.6.0-202103200039.p0.git.3841.3e951a5.el8.x86_64",
"8Base-RHOSE-4.6:openshift-eventrouter-0:0.2-6.git7c289cc.el8.ppc64le",
"8Base-RHOSE-4.6:openshift-eventrouter-0:0.2-6.git7c289cc.el8.s390x",
"8Base-RHOSE-4.6:openshift-eventrouter-0:0.2-6.git7c289cc.el8.src",
"8Base-RHOSE-4.6:openshift-eventrouter-0:0.2-6.git7c289cc.el8.x86_64",
"8Base-RHOSE-4.6:openshift-eventrouter-debuginfo-0:0.2-6.git7c289cc.el8.ppc64le",
"8Base-RHOSE-4.6:openshift-eventrouter-debuginfo-0:0.2-6.git7c289cc.el8.s390x",
"8Base-RHOSE-4.6:openshift-eventrouter-debuginfo-0:0.2-6.git7c289cc.el8.x86_64",
"8Base-RHOSE-4.6:openshift-eventrouter-debugsource-0:0.2-6.git7c289cc.el8.ppc64le",
"8Base-RHOSE-4.6:openshift-eventrouter-debugsource-0:0.2-6.git7c289cc.el8.s390x",
"8Base-RHOSE-4.6:openshift-eventrouter-debugsource-0:0.2-6.git7c289cc.el8.x86_64",
"8Base-RHOSE-4.6:openshift-hyperkube-0:4.6.0-202103210832.p0.git.94284.834ccc7.el8.ppc64le",
"8Base-RHOSE-4.6:openshift-hyperkube-0:4.6.0-202103210832.p0.git.94284.834ccc7.el8.s390x",
"8Base-RHOSE-4.6:openshift-hyperkube-0:4.6.0-202103210832.p0.git.94284.834ccc7.el8.x86_64",
"8Base-RHOSE-4.6:openshift-kuryr-0:4.6.0-202103192141.p0.git.2234.cba9525.el8.src",
"8Base-RHOSE-4.6:openshift-kuryr-cni-0:4.6.0-202103192141.p0.git.2234.cba9525.el8.noarch",
"8Base-RHOSE-4.6:openshift-kuryr-common-0:4.6.0-202103192141.p0.git.2234.cba9525.el8.noarch",
"8Base-RHOSE-4.6:openshift-kuryr-controller-0:4.6.0-202103192141.p0.git.2234.cba9525.el8.noarch",
"8Base-RHOSE-4.6:python3-kuryr-kubernetes-0:4.6.0-202103192141.p0.git.2234.cba9525.el8.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "golang: ReadUvarint and ReadVarint can read an unlimited number of bytes from invalid inputs"
},
{
"cve": "CVE-2020-28362",
"cwe": {
"id": "CWE-295",
"name": "Improper Certificate Validation"
},
"discovery_date": "2020-11-12T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"7Server-RH7-RHOSE-4.6:openshift-0:4.6.0-202103210832.p0.git.94284.834ccc7.el7.src",
"7Server-RH7-RHOSE-4.6:openshift-ansible-0:4.6.0-202103192141.p0.git.0.d1b612b.el7.noarch",
"7Server-RH7-RHOSE-4.6:openshift-ansible-0:4.6.0-202103192141.p0.git.0.d1b612b.el7.src",
"7Server-RH7-RHOSE-4.6:openshift-ansible-test-0:4.6.0-202103192141.p0.git.0.d1b612b.el7.noarch",
"7Server-RH7-RHOSE-4.6:openshift-clients-0:4.6.0-202103200039.p0.git.3841.3e951a5.el7.src",
"7Server-RH7-RHOSE-4.6:openshift-clients-0:4.6.0-202103200039.p0.git.3841.3e951a5.el7.x86_64",
"7Server-RH7-RHOSE-4.6:openshift-clients-redistributable-0:4.6.0-202103200039.p0.git.3841.3e951a5.el7.x86_64",
"7Server-RH7-RHOSE-4.6:openshift-hyperkube-0:4.6.0-202103210832.p0.git.94284.834ccc7.el7.x86_64",
"8Base-RHOSE-4.6:openshift-0:4.6.0-202103210832.p0.git.94284.834ccc7.el8.src",
"8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202103200039.p0.git.3841.3e951a5.el8.ppc64le",
"8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202103200039.p0.git.3841.3e951a5.el8.s390x",
"8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202103200039.p0.git.3841.3e951a5.el8.src",
"8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202103200039.p0.git.3841.3e951a5.el8.x86_64",
"8Base-RHOSE-4.6:openshift-clients-redistributable-0:4.6.0-202103200039.p0.git.3841.3e951a5.el8.x86_64",
"8Base-RHOSE-4.6:openshift-hyperkube-0:4.6.0-202103210832.p0.git.94284.834ccc7.el8.ppc64le",
"8Base-RHOSE-4.6:openshift-hyperkube-0:4.6.0-202103210832.p0.git.94284.834ccc7.el8.s390x",
"8Base-RHOSE-4.6:openshift-hyperkube-0:4.6.0-202103210832.p0.git.94284.834ccc7.el8.x86_64",
"8Base-RHOSE-4.6:openshift-kuryr-0:4.6.0-202103192141.p0.git.2234.cba9525.el8.src",
"8Base-RHOSE-4.6:openshift-kuryr-cni-0:4.6.0-202103192141.p0.git.2234.cba9525.el8.noarch",
"8Base-RHOSE-4.6:openshift-kuryr-common-0:4.6.0-202103192141.p0.git.2234.cba9525.el8.noarch",
"8Base-RHOSE-4.6:openshift-kuryr-controller-0:4.6.0-202103192141.p0.git.2234.cba9525.el8.noarch",
"8Base-RHOSE-4.6:python3-kuryr-kubernetes-0:4.6.0-202103192141.p0.git.2234.cba9525.el8.noarch"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1897635"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the math/big package of Go\u0027s standard library that causes a denial of service. Applications written in Go that use math/big via cryptographic packages, including crypto/rsa and crypto/x509, are vulnerable and can potentially cause panic via a crafted certificate chain. The highest threat from this vulnerability is to system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: math/big: panic during recursive division of very large numbers",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "OpenShift ServiceMesh (OSSM) 1.1 is Out Of Support Scope (OOSS) for Moderate and Low impact vulnerabilities because it is now in the Maintenance Phase of the support.\nOpenshift Virtualization 1 (formerly Container Native Virtualization) is Out Of Support Scope (OOSS) for Moderate and Low impact vulnerabilities.\n\nRed Hat Gluster Storage 3 shipped multi-cloud-object-gateway-cli and noobaa-operator container as a technical preview and is not currently planned to be addressed in future updates.\n\nOpenShift Container Platform (OCP) 4.5 and earlier are built with Go versions earlier than 1.14, which are not affected by this vulnerability. OCP 4.6 is built with Go 1.15 and is affected.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-4.6:openshift-eventrouter-0:0.2-6.git7c289cc.el8.ppc64le",
"8Base-RHOSE-4.6:openshift-eventrouter-0:0.2-6.git7c289cc.el8.s390x",
"8Base-RHOSE-4.6:openshift-eventrouter-0:0.2-6.git7c289cc.el8.src",
"8Base-RHOSE-4.6:openshift-eventrouter-0:0.2-6.git7c289cc.el8.x86_64",
"8Base-RHOSE-4.6:openshift-eventrouter-debuginfo-0:0.2-6.git7c289cc.el8.ppc64le",
"8Base-RHOSE-4.6:openshift-eventrouter-debuginfo-0:0.2-6.git7c289cc.el8.s390x",
"8Base-RHOSE-4.6:openshift-eventrouter-debuginfo-0:0.2-6.git7c289cc.el8.x86_64",
"8Base-RHOSE-4.6:openshift-eventrouter-debugsource-0:0.2-6.git7c289cc.el8.ppc64le",
"8Base-RHOSE-4.6:openshift-eventrouter-debugsource-0:0.2-6.git7c289cc.el8.s390x",
"8Base-RHOSE-4.6:openshift-eventrouter-debugsource-0:0.2-6.git7c289cc.el8.x86_64"
],
"known_not_affected": [
"7Server-RH7-RHOSE-4.6:openshift-0:4.6.0-202103210832.p0.git.94284.834ccc7.el7.src",
"7Server-RH7-RHOSE-4.6:openshift-ansible-0:4.6.0-202103192141.p0.git.0.d1b612b.el7.noarch",
"7Server-RH7-RHOSE-4.6:openshift-ansible-0:4.6.0-202103192141.p0.git.0.d1b612b.el7.src",
"7Server-RH7-RHOSE-4.6:openshift-ansible-test-0:4.6.0-202103192141.p0.git.0.d1b612b.el7.noarch",
"7Server-RH7-RHOSE-4.6:openshift-clients-0:4.6.0-202103200039.p0.git.3841.3e951a5.el7.src",
"7Server-RH7-RHOSE-4.6:openshift-clients-0:4.6.0-202103200039.p0.git.3841.3e951a5.el7.x86_64",
"7Server-RH7-RHOSE-4.6:openshift-clients-redistributable-0:4.6.0-202103200039.p0.git.3841.3e951a5.el7.x86_64",
"7Server-RH7-RHOSE-4.6:openshift-hyperkube-0:4.6.0-202103210832.p0.git.94284.834ccc7.el7.x86_64",
"8Base-RHOSE-4.6:openshift-0:4.6.0-202103210832.p0.git.94284.834ccc7.el8.src",
"8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202103200039.p0.git.3841.3e951a5.el8.ppc64le",
"8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202103200039.p0.git.3841.3e951a5.el8.s390x",
"8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202103200039.p0.git.3841.3e951a5.el8.src",
"8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202103200039.p0.git.3841.3e951a5.el8.x86_64",
"8Base-RHOSE-4.6:openshift-clients-redistributable-0:4.6.0-202103200039.p0.git.3841.3e951a5.el8.x86_64",
"8Base-RHOSE-4.6:openshift-hyperkube-0:4.6.0-202103210832.p0.git.94284.834ccc7.el8.ppc64le",
"8Base-RHOSE-4.6:openshift-hyperkube-0:4.6.0-202103210832.p0.git.94284.834ccc7.el8.s390x",
"8Base-RHOSE-4.6:openshift-hyperkube-0:4.6.0-202103210832.p0.git.94284.834ccc7.el8.x86_64",
"8Base-RHOSE-4.6:openshift-kuryr-0:4.6.0-202103192141.p0.git.2234.cba9525.el8.src",
"8Base-RHOSE-4.6:openshift-kuryr-cni-0:4.6.0-202103192141.p0.git.2234.cba9525.el8.noarch",
"8Base-RHOSE-4.6:openshift-kuryr-common-0:4.6.0-202103192141.p0.git.2234.cba9525.el8.noarch",
"8Base-RHOSE-4.6:openshift-kuryr-controller-0:4.6.0-202103192141.p0.git.2234.cba9525.el8.noarch",
"8Base-RHOSE-4.6:python3-kuryr-kubernetes-0:4.6.0-202103192141.p0.git.2234.cba9525.el8.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-28362"
},
{
"category": "external",
"summary": "RHBZ#1897635",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1897635"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-28362",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-28362"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-28362",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-28362"
}
],
"release_date": "2020-11-12T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-03-30T16:48:30+00:00",
"details": "For OpenShift Container Platform 4.6 see the following documentation, which\nwill be updated shortly for this release, for important instructions on how\nto upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.6/release_notes/ocp-4-6-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.6/updating/updating-cluster-cli.html.",
"product_ids": [
"8Base-RHOSE-4.6:openshift-eventrouter-0:0.2-6.git7c289cc.el8.ppc64le",
"8Base-RHOSE-4.6:openshift-eventrouter-0:0.2-6.git7c289cc.el8.s390x",
"8Base-RHOSE-4.6:openshift-eventrouter-0:0.2-6.git7c289cc.el8.src",
"8Base-RHOSE-4.6:openshift-eventrouter-0:0.2-6.git7c289cc.el8.x86_64",
"8Base-RHOSE-4.6:openshift-eventrouter-debuginfo-0:0.2-6.git7c289cc.el8.ppc64le",
"8Base-RHOSE-4.6:openshift-eventrouter-debuginfo-0:0.2-6.git7c289cc.el8.s390x",
"8Base-RHOSE-4.6:openshift-eventrouter-debuginfo-0:0.2-6.git7c289cc.el8.x86_64",
"8Base-RHOSE-4.6:openshift-eventrouter-debugsource-0:0.2-6.git7c289cc.el8.ppc64le",
"8Base-RHOSE-4.6:openshift-eventrouter-debugsource-0:0.2-6.git7c289cc.el8.s390x",
"8Base-RHOSE-4.6:openshift-eventrouter-debugsource-0:0.2-6.git7c289cc.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:0956"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"7Server-RH7-RHOSE-4.6:openshift-0:4.6.0-202103210832.p0.git.94284.834ccc7.el7.src",
"7Server-RH7-RHOSE-4.6:openshift-ansible-0:4.6.0-202103192141.p0.git.0.d1b612b.el7.noarch",
"7Server-RH7-RHOSE-4.6:openshift-ansible-0:4.6.0-202103192141.p0.git.0.d1b612b.el7.src",
"7Server-RH7-RHOSE-4.6:openshift-ansible-test-0:4.6.0-202103192141.p0.git.0.d1b612b.el7.noarch",
"7Server-RH7-RHOSE-4.6:openshift-clients-0:4.6.0-202103200039.p0.git.3841.3e951a5.el7.src",
"7Server-RH7-RHOSE-4.6:openshift-clients-0:4.6.0-202103200039.p0.git.3841.3e951a5.el7.x86_64",
"7Server-RH7-RHOSE-4.6:openshift-clients-redistributable-0:4.6.0-202103200039.p0.git.3841.3e951a5.el7.x86_64",
"7Server-RH7-RHOSE-4.6:openshift-hyperkube-0:4.6.0-202103210832.p0.git.94284.834ccc7.el7.x86_64",
"8Base-RHOSE-4.6:openshift-0:4.6.0-202103210832.p0.git.94284.834ccc7.el8.src",
"8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202103200039.p0.git.3841.3e951a5.el8.ppc64le",
"8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202103200039.p0.git.3841.3e951a5.el8.s390x",
"8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202103200039.p0.git.3841.3e951a5.el8.src",
"8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202103200039.p0.git.3841.3e951a5.el8.x86_64",
"8Base-RHOSE-4.6:openshift-clients-redistributable-0:4.6.0-202103200039.p0.git.3841.3e951a5.el8.x86_64",
"8Base-RHOSE-4.6:openshift-eventrouter-0:0.2-6.git7c289cc.el8.ppc64le",
"8Base-RHOSE-4.6:openshift-eventrouter-0:0.2-6.git7c289cc.el8.s390x",
"8Base-RHOSE-4.6:openshift-eventrouter-0:0.2-6.git7c289cc.el8.src",
"8Base-RHOSE-4.6:openshift-eventrouter-0:0.2-6.git7c289cc.el8.x86_64",
"8Base-RHOSE-4.6:openshift-eventrouter-debuginfo-0:0.2-6.git7c289cc.el8.ppc64le",
"8Base-RHOSE-4.6:openshift-eventrouter-debuginfo-0:0.2-6.git7c289cc.el8.s390x",
"8Base-RHOSE-4.6:openshift-eventrouter-debuginfo-0:0.2-6.git7c289cc.el8.x86_64",
"8Base-RHOSE-4.6:openshift-eventrouter-debugsource-0:0.2-6.git7c289cc.el8.ppc64le",
"8Base-RHOSE-4.6:openshift-eventrouter-debugsource-0:0.2-6.git7c289cc.el8.s390x",
"8Base-RHOSE-4.6:openshift-eventrouter-debugsource-0:0.2-6.git7c289cc.el8.x86_64",
"8Base-RHOSE-4.6:openshift-hyperkube-0:4.6.0-202103210832.p0.git.94284.834ccc7.el8.ppc64le",
"8Base-RHOSE-4.6:openshift-hyperkube-0:4.6.0-202103210832.p0.git.94284.834ccc7.el8.s390x",
"8Base-RHOSE-4.6:openshift-hyperkube-0:4.6.0-202103210832.p0.git.94284.834ccc7.el8.x86_64",
"8Base-RHOSE-4.6:openshift-kuryr-0:4.6.0-202103192141.p0.git.2234.cba9525.el8.src",
"8Base-RHOSE-4.6:openshift-kuryr-cni-0:4.6.0-202103192141.p0.git.2234.cba9525.el8.noarch",
"8Base-RHOSE-4.6:openshift-kuryr-common-0:4.6.0-202103192141.p0.git.2234.cba9525.el8.noarch",
"8Base-RHOSE-4.6:openshift-kuryr-controller-0:4.6.0-202103192141.p0.git.2234.cba9525.el8.noarch",
"8Base-RHOSE-4.6:python3-kuryr-kubernetes-0:4.6.0-202103192141.p0.git.2234.cba9525.el8.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: math/big: panic during recursive division of very large numbers"
}
]
}
RHSA-2021:1016
Vulnerability from csaf_redhat - Published: 2021-04-13 23:35 - Updated: 2026-03-27 08:38Summary
Red Hat Security Advisory: OpenShift Container Platform 4.5.37 security update
Severity
Low
Notes
Topic: Red Hat OpenShift Container Platform release 4.5.37 is now available with
updates to packages and images that fix several bugs and add enhancements.
Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments.
This advisory contains the RPM packages for Red Hat OpenShift Container
Platform 4.5.37. See the following advisory for the container images for
this release:
https://access.redhat.com/errata/RHBA-2021:1015
All OpenShift Container Platform 4.6 users are advised to upgrade to these
updated packages and images when they are available in the appropriate
release channel. To check for available updates, use the OpenShift Console
or the CLI oc command. Instructions for upgrading a cluster are available
at
https://docs.openshift.com/container-platform/4.6/updating/updating-cluster
-between-minor.html#understanding-upgrade-channels_updating-cluster-between
-minor
Security Fix(es):
* golang: data race in certain net/http servers including ReverseProxy can lead to DoS (CVE-2020-15586)
* golang: ReadUvarint and ReadVarint can read an unlimited number of bytes from invalid inputs (CVE-2020-16845)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found Go's net/http package. Servers using ReverseProxy from net/http in the Go standard library are vulnerable to a data race that results in a denial of service. The highest threat from this vulnerability is to system availability.
5.9 (Medium)
Affected products
Fixed
63 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 7Server-RH7-RHOSE-4.5:kubefed-client-0:4.5.0-202002271711.git.2.3bd46d6.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-4.5:kubefed-client-0:4.5.0-202002271711.git.2.3bd46d6.el7.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-4.5:kubefed-client-0:4.5.0-202002271711.git.2.3bd46d6.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-4.5:kubefed-client-0:4.5.0-202002271711.git.2.3bd46d6.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-4.5:openshift-eventrouter-0:0.2-5.git7c289cc.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-4.5:openshift-eventrouter-0:0.2-5.git7c289cc.el7.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-4.5:openshift-eventrouter-0:0.2-5.git7c289cc.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-4.5:openshift-eventrouter-0:0.2-5.git7c289cc.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-4.5:openshift-eventrouter-debuginfo-0:0.2-5.git7c289cc.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-4.5:openshift-eventrouter-debuginfo-0:0.2-5.git7c289cc.el7.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-4.5:openshift-eventrouter-debuginfo-0:0.2-5.git7c289cc.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.5:containers-common-1:1.1.1-2.rhaos4.5.el8.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.5:containers-common-1:1.1.1-2.rhaos4.5.el8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.5:containers-common-1:1.1.1-2.rhaos4.5.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.5:ignition-0:0.35.1-12.rhaos4.5.gitb4d18ad.el8.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.5:ignition-0:0.35.1-12.rhaos4.5.gitb4d18ad.el8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.5:ignition-0:0.35.1-12.rhaos4.5.gitb4d18ad.el8.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.5:ignition-0:0.35.1-12.rhaos4.5.gitb4d18ad.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.5:ignition-debuginfo-0:0.35.1-12.rhaos4.5.gitb4d18ad.el8.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.5:ignition-debuginfo-0:0.35.1-12.rhaos4.5.gitb4d18ad.el8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.5:ignition-debuginfo-0:0.35.1-12.rhaos4.5.gitb4d18ad.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.5:ignition-debugsource-0:0.35.1-12.rhaos4.5.gitb4d18ad.el8.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.5:ignition-debugsource-0:0.35.1-12.rhaos4.5.gitb4d18ad.el8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.5:ignition-debugsource-0:0.35.1-12.rhaos4.5.gitb4d18ad.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.5:ignition-validate-0:0.35.1-12.rhaos4.5.gitb4d18ad.el8.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.5:ignition-validate-0:0.35.1-12.rhaos4.5.gitb4d18ad.el8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.5:ignition-validate-0:0.35.1-12.rhaos4.5.gitb4d18ad.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.5:ignition-validate-debuginfo-0:0.35.1-12.rhaos4.5.gitb4d18ad.el8.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.5:ignition-validate-debuginfo-0:0.35.1-12.rhaos4.5.gitb4d18ad.el8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.5:ignition-validate-debuginfo-0:0.35.1-12.rhaos4.5.gitb4d18ad.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.5:podman-0:1.9.3-2.rhaos4.5.el8.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.5:podman-0:1.9.3-2.rhaos4.5.el8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.5:podman-0:1.9.3-2.rhaos4.5.el8.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.5:podman-0:1.9.3-2.rhaos4.5.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.5:podman-debuginfo-0:1.9.3-2.rhaos4.5.el8.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.5:podman-debuginfo-0:1.9.3-2.rhaos4.5.el8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.5:podman-debuginfo-0:1.9.3-2.rhaos4.5.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.5:podman-debugsource-0:1.9.3-2.rhaos4.5.el8.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.5:podman-debugsource-0:1.9.3-2.rhaos4.5.el8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.5:podman-debugsource-0:1.9.3-2.rhaos4.5.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.5:podman-docker-0:1.9.3-2.rhaos4.5.el8.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.5:podman-remote-0:1.9.3-2.rhaos4.5.el8.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.5:podman-remote-0:1.9.3-2.rhaos4.5.el8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.5:podman-remote-0:1.9.3-2.rhaos4.5.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.5:podman-remote-debuginfo-0:1.9.3-2.rhaos4.5.el8.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.5:podman-remote-debuginfo-0:1.9.3-2.rhaos4.5.el8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.5:podman-remote-debuginfo-0:1.9.3-2.rhaos4.5.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.5:podman-tests-0:1.9.3-2.rhaos4.5.el8.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.5:podman-tests-0:1.9.3-2.rhaos4.5.el8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.5:podman-tests-0:1.9.3-2.rhaos4.5.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.5:skopeo-1:1.1.1-2.rhaos4.5.el8.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.5:skopeo-1:1.1.1-2.rhaos4.5.el8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.5:skopeo-1:1.1.1-2.rhaos4.5.el8.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.5:skopeo-1:1.1.1-2.rhaos4.5.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.5:skopeo-debuginfo-1:1.1.1-2.rhaos4.5.el8.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.5:skopeo-debuginfo-1:1.1.1-2.rhaos4.5.el8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.5:skopeo-debuginfo-1:1.1.1-2.rhaos4.5.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.5:skopeo-debugsource-1:1.1.1-2.rhaos4.5.el8.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.5:skopeo-debugsource-1:1.1.1-2.rhaos4.5.el8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.5:skopeo-debugsource-1:1.1.1-2.rhaos4.5.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.5:skopeo-tests-1:1.1.1-2.rhaos4.5.el8.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.5:skopeo-tests-1:1.1.1-2.rhaos4.5.el8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.5:skopeo-tests-1:1.1.1-2.rhaos4.5.el8.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Low
A flaw was found in the Go encoding/binary package. Certain invalid inputs to the ReadUvarint or the ReadVarint causes those functions to read an unlimited number of bytes from the ByteReader argument before returning an error. This flaw possibly leads to processing more input than expected. The highest threat from this vulnerability is to system availability.
7.5 (High)
Affected products
Fixed
63 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 7Server-RH7-RHOSE-4.5:kubefed-client-0:4.5.0-202002271711.git.2.3bd46d6.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-4.5:kubefed-client-0:4.5.0-202002271711.git.2.3bd46d6.el7.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-4.5:kubefed-client-0:4.5.0-202002271711.git.2.3bd46d6.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-4.5:kubefed-client-0:4.5.0-202002271711.git.2.3bd46d6.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-4.5:openshift-eventrouter-0:0.2-5.git7c289cc.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-4.5:openshift-eventrouter-0:0.2-5.git7c289cc.el7.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-4.5:openshift-eventrouter-0:0.2-5.git7c289cc.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-4.5:openshift-eventrouter-0:0.2-5.git7c289cc.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-4.5:openshift-eventrouter-debuginfo-0:0.2-5.git7c289cc.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-4.5:openshift-eventrouter-debuginfo-0:0.2-5.git7c289cc.el7.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-4.5:openshift-eventrouter-debuginfo-0:0.2-5.git7c289cc.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.5:containers-common-1:1.1.1-2.rhaos4.5.el8.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.5:containers-common-1:1.1.1-2.rhaos4.5.el8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.5:containers-common-1:1.1.1-2.rhaos4.5.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.5:ignition-0:0.35.1-12.rhaos4.5.gitb4d18ad.el8.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.5:ignition-0:0.35.1-12.rhaos4.5.gitb4d18ad.el8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.5:ignition-0:0.35.1-12.rhaos4.5.gitb4d18ad.el8.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.5:ignition-0:0.35.1-12.rhaos4.5.gitb4d18ad.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.5:ignition-debuginfo-0:0.35.1-12.rhaos4.5.gitb4d18ad.el8.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.5:ignition-debuginfo-0:0.35.1-12.rhaos4.5.gitb4d18ad.el8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.5:ignition-debuginfo-0:0.35.1-12.rhaos4.5.gitb4d18ad.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.5:ignition-debugsource-0:0.35.1-12.rhaos4.5.gitb4d18ad.el8.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.5:ignition-debugsource-0:0.35.1-12.rhaos4.5.gitb4d18ad.el8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.5:ignition-debugsource-0:0.35.1-12.rhaos4.5.gitb4d18ad.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.5:ignition-validate-0:0.35.1-12.rhaos4.5.gitb4d18ad.el8.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.5:ignition-validate-0:0.35.1-12.rhaos4.5.gitb4d18ad.el8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.5:ignition-validate-0:0.35.1-12.rhaos4.5.gitb4d18ad.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.5:ignition-validate-debuginfo-0:0.35.1-12.rhaos4.5.gitb4d18ad.el8.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.5:ignition-validate-debuginfo-0:0.35.1-12.rhaos4.5.gitb4d18ad.el8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.5:ignition-validate-debuginfo-0:0.35.1-12.rhaos4.5.gitb4d18ad.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.5:podman-0:1.9.3-2.rhaos4.5.el8.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.5:podman-0:1.9.3-2.rhaos4.5.el8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.5:podman-0:1.9.3-2.rhaos4.5.el8.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.5:podman-0:1.9.3-2.rhaos4.5.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.5:podman-debuginfo-0:1.9.3-2.rhaos4.5.el8.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.5:podman-debuginfo-0:1.9.3-2.rhaos4.5.el8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.5:podman-debuginfo-0:1.9.3-2.rhaos4.5.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.5:podman-debugsource-0:1.9.3-2.rhaos4.5.el8.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.5:podman-debugsource-0:1.9.3-2.rhaos4.5.el8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.5:podman-debugsource-0:1.9.3-2.rhaos4.5.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.5:podman-docker-0:1.9.3-2.rhaos4.5.el8.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.5:podman-remote-0:1.9.3-2.rhaos4.5.el8.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.5:podman-remote-0:1.9.3-2.rhaos4.5.el8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.5:podman-remote-0:1.9.3-2.rhaos4.5.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.5:podman-remote-debuginfo-0:1.9.3-2.rhaos4.5.el8.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.5:podman-remote-debuginfo-0:1.9.3-2.rhaos4.5.el8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.5:podman-remote-debuginfo-0:1.9.3-2.rhaos4.5.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.5:podman-tests-0:1.9.3-2.rhaos4.5.el8.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.5:podman-tests-0:1.9.3-2.rhaos4.5.el8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.5:podman-tests-0:1.9.3-2.rhaos4.5.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.5:skopeo-1:1.1.1-2.rhaos4.5.el8.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.5:skopeo-1:1.1.1-2.rhaos4.5.el8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.5:skopeo-1:1.1.1-2.rhaos4.5.el8.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.5:skopeo-1:1.1.1-2.rhaos4.5.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.5:skopeo-debuginfo-1:1.1.1-2.rhaos4.5.el8.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.5:skopeo-debuginfo-1:1.1.1-2.rhaos4.5.el8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.5:skopeo-debuginfo-1:1.1.1-2.rhaos4.5.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.5:skopeo-debugsource-1:1.1.1-2.rhaos4.5.el8.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.5:skopeo-debugsource-1:1.1.1-2.rhaos4.5.el8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.5:skopeo-debugsource-1:1.1.1-2.rhaos4.5.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.5:skopeo-tests-1:1.1.1-2.rhaos4.5.el8.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.5:skopeo-tests-1:1.1.1-2.rhaos4.5.el8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.5:skopeo-tests-1:1.1.1-2.rhaos4.5.el8.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Low
References
16 references
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Low"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Red Hat OpenShift Container Platform release 4.5.37 is now available with\nupdates to packages and images that fix several bugs and add enhancements.\n\nRed Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat OpenShift Container Platform is Red Hat\u0027s cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments.\n\nThis advisory contains the RPM packages for Red Hat OpenShift Container\nPlatform 4.5.37. See the following advisory for the container images for\nthis release:\n\nhttps://access.redhat.com/errata/RHBA-2021:1015\n\nAll OpenShift Container Platform 4.6 users are advised to upgrade to these\nupdated packages and images when they are available in the appropriate\nrelease channel. To check for available updates, use the OpenShift Console\nor the CLI oc command. Instructions for upgrading a cluster are available\nat\nhttps://docs.openshift.com/container-platform/4.6/updating/updating-cluster\n-between-minor.html#understanding-upgrade-channels_updating-cluster-between\n-minor\n\nSecurity Fix(es):\n\n* golang: data race in certain net/http servers including ReverseProxy can lead to DoS (CVE-2020-15586)\n\n* golang: ReadUvarint and ReadVarint can read an unlimited number of bytes from invalid inputs (CVE-2020-16845)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2021:1016",
"url": "https://access.redhat.com/errata/RHSA-2021:1016"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#low",
"url": "https://access.redhat.com/security/updates/classification/#low"
},
{
"category": "external",
"summary": "1856953",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1856953"
},
{
"category": "external",
"summary": "1867099",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1867099"
},
{
"category": "external",
"summary": "1944040",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1944040"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2021/rhsa-2021_1016.json"
}
],
"title": "Red Hat Security Advisory: OpenShift Container Platform 4.5.37 security update",
"tracking": {
"current_release_date": "2026-03-27T08:38:51+00:00",
"generator": {
"date": "2026-03-27T08:38:51+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.7.4"
}
},
"id": "RHSA-2021:1016",
"initial_release_date": "2021-04-13T23:35:52+00:00",
"revision_history": [
{
"date": "2021-04-13T23:35:52+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2021-04-13T23:35:52+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-03-27T08:38:51+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat OpenShift Container Platform 4.5",
"product": {
"name": "Red Hat OpenShift Container Platform 4.5",
"product_id": "7Server-RH7-RHOSE-4.5",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift:4.5::el7"
}
}
},
{
"category": "product_name",
"name": "Red Hat OpenShift Container Platform 4.5",
"product": {
"name": "Red Hat OpenShift Container Platform 4.5",
"product_id": "8Base-RHOSE-4.5",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift:4.5::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenShift Enterprise"
},
{
"branches": [
{
"category": "product_version",
"name": "kubefed-client-0:4.5.0-202002271711.git.2.3bd46d6.el7.src",
"product": {
"name": "kubefed-client-0:4.5.0-202002271711.git.2.3bd46d6.el7.src",
"product_id": "kubefed-client-0:4.5.0-202002271711.git.2.3bd46d6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kubefed-client@4.5.0-202002271711.git.2.3bd46d6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "openshift-eventrouter-0:0.2-5.git7c289cc.el7.src",
"product": {
"name": "openshift-eventrouter-0:0.2-5.git7c289cc.el7.src",
"product_id": "openshift-eventrouter-0:0.2-5.git7c289cc.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-eventrouter@0.2-5.git7c289cc.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "ignition-0:0.35.1-12.rhaos4.5.gitb4d18ad.el8.src",
"product": {
"name": "ignition-0:0.35.1-12.rhaos4.5.gitb4d18ad.el8.src",
"product_id": "ignition-0:0.35.1-12.rhaos4.5.gitb4d18ad.el8.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ignition@0.35.1-12.rhaos4.5.gitb4d18ad.el8?arch=src"
}
}
},
{
"category": "product_version",
"name": "skopeo-1:1.1.1-2.rhaos4.5.el8.src",
"product": {
"name": "skopeo-1:1.1.1-2.rhaos4.5.el8.src",
"product_id": "skopeo-1:1.1.1-2.rhaos4.5.el8.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/skopeo@1.1.1-2.rhaos4.5.el8?arch=src\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "podman-0:1.9.3-2.rhaos4.5.el8.src",
"product": {
"name": "podman-0:1.9.3-2.rhaos4.5.el8.src",
"product_id": "podman-0:1.9.3-2.rhaos4.5.el8.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman@1.9.3-2.rhaos4.5.el8?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "kubefed-client-0:4.5.0-202002271711.git.2.3bd46d6.el7.x86_64",
"product": {
"name": "kubefed-client-0:4.5.0-202002271711.git.2.3bd46d6.el7.x86_64",
"product_id": "kubefed-client-0:4.5.0-202002271711.git.2.3bd46d6.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kubefed-client@4.5.0-202002271711.git.2.3bd46d6.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "openshift-eventrouter-0:0.2-5.git7c289cc.el7.x86_64",
"product": {
"name": "openshift-eventrouter-0:0.2-5.git7c289cc.el7.x86_64",
"product_id": "openshift-eventrouter-0:0.2-5.git7c289cc.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-eventrouter@0.2-5.git7c289cc.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "openshift-eventrouter-debuginfo-0:0.2-5.git7c289cc.el7.x86_64",
"product": {
"name": "openshift-eventrouter-debuginfo-0:0.2-5.git7c289cc.el7.x86_64",
"product_id": "openshift-eventrouter-debuginfo-0:0.2-5.git7c289cc.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-eventrouter-debuginfo@0.2-5.git7c289cc.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "ignition-0:0.35.1-12.rhaos4.5.gitb4d18ad.el8.x86_64",
"product": {
"name": "ignition-0:0.35.1-12.rhaos4.5.gitb4d18ad.el8.x86_64",
"product_id": "ignition-0:0.35.1-12.rhaos4.5.gitb4d18ad.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ignition@0.35.1-12.rhaos4.5.gitb4d18ad.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "ignition-validate-0:0.35.1-12.rhaos4.5.gitb4d18ad.el8.x86_64",
"product": {
"name": "ignition-validate-0:0.35.1-12.rhaos4.5.gitb4d18ad.el8.x86_64",
"product_id": "ignition-validate-0:0.35.1-12.rhaos4.5.gitb4d18ad.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ignition-validate@0.35.1-12.rhaos4.5.gitb4d18ad.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "ignition-debugsource-0:0.35.1-12.rhaos4.5.gitb4d18ad.el8.x86_64",
"product": {
"name": "ignition-debugsource-0:0.35.1-12.rhaos4.5.gitb4d18ad.el8.x86_64",
"product_id": "ignition-debugsource-0:0.35.1-12.rhaos4.5.gitb4d18ad.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ignition-debugsource@0.35.1-12.rhaos4.5.gitb4d18ad.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "ignition-debuginfo-0:0.35.1-12.rhaos4.5.gitb4d18ad.el8.x86_64",
"product": {
"name": "ignition-debuginfo-0:0.35.1-12.rhaos4.5.gitb4d18ad.el8.x86_64",
"product_id": "ignition-debuginfo-0:0.35.1-12.rhaos4.5.gitb4d18ad.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ignition-debuginfo@0.35.1-12.rhaos4.5.gitb4d18ad.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "ignition-validate-debuginfo-0:0.35.1-12.rhaos4.5.gitb4d18ad.el8.x86_64",
"product": {
"name": "ignition-validate-debuginfo-0:0.35.1-12.rhaos4.5.gitb4d18ad.el8.x86_64",
"product_id": "ignition-validate-debuginfo-0:0.35.1-12.rhaos4.5.gitb4d18ad.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ignition-validate-debuginfo@0.35.1-12.rhaos4.5.gitb4d18ad.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "containers-common-1:1.1.1-2.rhaos4.5.el8.x86_64",
"product": {
"name": "containers-common-1:1.1.1-2.rhaos4.5.el8.x86_64",
"product_id": "containers-common-1:1.1.1-2.rhaos4.5.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/containers-common@1.1.1-2.rhaos4.5.el8?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "skopeo-1:1.1.1-2.rhaos4.5.el8.x86_64",
"product": {
"name": "skopeo-1:1.1.1-2.rhaos4.5.el8.x86_64",
"product_id": "skopeo-1:1.1.1-2.rhaos4.5.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/skopeo@1.1.1-2.rhaos4.5.el8?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "skopeo-tests-1:1.1.1-2.rhaos4.5.el8.x86_64",
"product": {
"name": "skopeo-tests-1:1.1.1-2.rhaos4.5.el8.x86_64",
"product_id": "skopeo-tests-1:1.1.1-2.rhaos4.5.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/skopeo-tests@1.1.1-2.rhaos4.5.el8?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "skopeo-debugsource-1:1.1.1-2.rhaos4.5.el8.x86_64",
"product": {
"name": "skopeo-debugsource-1:1.1.1-2.rhaos4.5.el8.x86_64",
"product_id": "skopeo-debugsource-1:1.1.1-2.rhaos4.5.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/skopeo-debugsource@1.1.1-2.rhaos4.5.el8?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "skopeo-debuginfo-1:1.1.1-2.rhaos4.5.el8.x86_64",
"product": {
"name": "skopeo-debuginfo-1:1.1.1-2.rhaos4.5.el8.x86_64",
"product_id": "skopeo-debuginfo-1:1.1.1-2.rhaos4.5.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/skopeo-debuginfo@1.1.1-2.rhaos4.5.el8?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "podman-0:1.9.3-2.rhaos4.5.el8.x86_64",
"product": {
"name": "podman-0:1.9.3-2.rhaos4.5.el8.x86_64",
"product_id": "podman-0:1.9.3-2.rhaos4.5.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman@1.9.3-2.rhaos4.5.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "podman-remote-0:1.9.3-2.rhaos4.5.el8.x86_64",
"product": {
"name": "podman-remote-0:1.9.3-2.rhaos4.5.el8.x86_64",
"product_id": "podman-remote-0:1.9.3-2.rhaos4.5.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-remote@1.9.3-2.rhaos4.5.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "podman-tests-0:1.9.3-2.rhaos4.5.el8.x86_64",
"product": {
"name": "podman-tests-0:1.9.3-2.rhaos4.5.el8.x86_64",
"product_id": "podman-tests-0:1.9.3-2.rhaos4.5.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-tests@1.9.3-2.rhaos4.5.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "podman-debugsource-0:1.9.3-2.rhaos4.5.el8.x86_64",
"product": {
"name": "podman-debugsource-0:1.9.3-2.rhaos4.5.el8.x86_64",
"product_id": "podman-debugsource-0:1.9.3-2.rhaos4.5.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-debugsource@1.9.3-2.rhaos4.5.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "podman-debuginfo-0:1.9.3-2.rhaos4.5.el8.x86_64",
"product": {
"name": "podman-debuginfo-0:1.9.3-2.rhaos4.5.el8.x86_64",
"product_id": "podman-debuginfo-0:1.9.3-2.rhaos4.5.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-debuginfo@1.9.3-2.rhaos4.5.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "podman-remote-debuginfo-0:1.9.3-2.rhaos4.5.el8.x86_64",
"product": {
"name": "podman-remote-debuginfo-0:1.9.3-2.rhaos4.5.el8.x86_64",
"product_id": "podman-remote-debuginfo-0:1.9.3-2.rhaos4.5.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-remote-debuginfo@1.9.3-2.rhaos4.5.el8?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "kubefed-client-0:4.5.0-202002271711.git.2.3bd46d6.el7.s390x",
"product": {
"name": "kubefed-client-0:4.5.0-202002271711.git.2.3bd46d6.el7.s390x",
"product_id": "kubefed-client-0:4.5.0-202002271711.git.2.3bd46d6.el7.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kubefed-client@4.5.0-202002271711.git.2.3bd46d6.el7?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "openshift-eventrouter-0:0.2-5.git7c289cc.el7.s390x",
"product": {
"name": "openshift-eventrouter-0:0.2-5.git7c289cc.el7.s390x",
"product_id": "openshift-eventrouter-0:0.2-5.git7c289cc.el7.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-eventrouter@0.2-5.git7c289cc.el7?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "openshift-eventrouter-debuginfo-0:0.2-5.git7c289cc.el7.s390x",
"product": {
"name": "openshift-eventrouter-debuginfo-0:0.2-5.git7c289cc.el7.s390x",
"product_id": "openshift-eventrouter-debuginfo-0:0.2-5.git7c289cc.el7.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-eventrouter-debuginfo@0.2-5.git7c289cc.el7?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "ignition-0:0.35.1-12.rhaos4.5.gitb4d18ad.el8.s390x",
"product": {
"name": "ignition-0:0.35.1-12.rhaos4.5.gitb4d18ad.el8.s390x",
"product_id": "ignition-0:0.35.1-12.rhaos4.5.gitb4d18ad.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ignition@0.35.1-12.rhaos4.5.gitb4d18ad.el8?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "ignition-validate-0:0.35.1-12.rhaos4.5.gitb4d18ad.el8.s390x",
"product": {
"name": "ignition-validate-0:0.35.1-12.rhaos4.5.gitb4d18ad.el8.s390x",
"product_id": "ignition-validate-0:0.35.1-12.rhaos4.5.gitb4d18ad.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ignition-validate@0.35.1-12.rhaos4.5.gitb4d18ad.el8?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "ignition-debugsource-0:0.35.1-12.rhaos4.5.gitb4d18ad.el8.s390x",
"product": {
"name": "ignition-debugsource-0:0.35.1-12.rhaos4.5.gitb4d18ad.el8.s390x",
"product_id": "ignition-debugsource-0:0.35.1-12.rhaos4.5.gitb4d18ad.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ignition-debugsource@0.35.1-12.rhaos4.5.gitb4d18ad.el8?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "ignition-debuginfo-0:0.35.1-12.rhaos4.5.gitb4d18ad.el8.s390x",
"product": {
"name": "ignition-debuginfo-0:0.35.1-12.rhaos4.5.gitb4d18ad.el8.s390x",
"product_id": "ignition-debuginfo-0:0.35.1-12.rhaos4.5.gitb4d18ad.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ignition-debuginfo@0.35.1-12.rhaos4.5.gitb4d18ad.el8?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "ignition-validate-debuginfo-0:0.35.1-12.rhaos4.5.gitb4d18ad.el8.s390x",
"product": {
"name": "ignition-validate-debuginfo-0:0.35.1-12.rhaos4.5.gitb4d18ad.el8.s390x",
"product_id": "ignition-validate-debuginfo-0:0.35.1-12.rhaos4.5.gitb4d18ad.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ignition-validate-debuginfo@0.35.1-12.rhaos4.5.gitb4d18ad.el8?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "containers-common-1:1.1.1-2.rhaos4.5.el8.s390x",
"product": {
"name": "containers-common-1:1.1.1-2.rhaos4.5.el8.s390x",
"product_id": "containers-common-1:1.1.1-2.rhaos4.5.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/containers-common@1.1.1-2.rhaos4.5.el8?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "skopeo-1:1.1.1-2.rhaos4.5.el8.s390x",
"product": {
"name": "skopeo-1:1.1.1-2.rhaos4.5.el8.s390x",
"product_id": "skopeo-1:1.1.1-2.rhaos4.5.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/skopeo@1.1.1-2.rhaos4.5.el8?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "skopeo-tests-1:1.1.1-2.rhaos4.5.el8.s390x",
"product": {
"name": "skopeo-tests-1:1.1.1-2.rhaos4.5.el8.s390x",
"product_id": "skopeo-tests-1:1.1.1-2.rhaos4.5.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/skopeo-tests@1.1.1-2.rhaos4.5.el8?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "skopeo-debugsource-1:1.1.1-2.rhaos4.5.el8.s390x",
"product": {
"name": "skopeo-debugsource-1:1.1.1-2.rhaos4.5.el8.s390x",
"product_id": "skopeo-debugsource-1:1.1.1-2.rhaos4.5.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/skopeo-debugsource@1.1.1-2.rhaos4.5.el8?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "skopeo-debuginfo-1:1.1.1-2.rhaos4.5.el8.s390x",
"product": {
"name": "skopeo-debuginfo-1:1.1.1-2.rhaos4.5.el8.s390x",
"product_id": "skopeo-debuginfo-1:1.1.1-2.rhaos4.5.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/skopeo-debuginfo@1.1.1-2.rhaos4.5.el8?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "podman-0:1.9.3-2.rhaos4.5.el8.s390x",
"product": {
"name": "podman-0:1.9.3-2.rhaos4.5.el8.s390x",
"product_id": "podman-0:1.9.3-2.rhaos4.5.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman@1.9.3-2.rhaos4.5.el8?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "podman-remote-0:1.9.3-2.rhaos4.5.el8.s390x",
"product": {
"name": "podman-remote-0:1.9.3-2.rhaos4.5.el8.s390x",
"product_id": "podman-remote-0:1.9.3-2.rhaos4.5.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-remote@1.9.3-2.rhaos4.5.el8?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "podman-tests-0:1.9.3-2.rhaos4.5.el8.s390x",
"product": {
"name": "podman-tests-0:1.9.3-2.rhaos4.5.el8.s390x",
"product_id": "podman-tests-0:1.9.3-2.rhaos4.5.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-tests@1.9.3-2.rhaos4.5.el8?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "podman-debugsource-0:1.9.3-2.rhaos4.5.el8.s390x",
"product": {
"name": "podman-debugsource-0:1.9.3-2.rhaos4.5.el8.s390x",
"product_id": "podman-debugsource-0:1.9.3-2.rhaos4.5.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-debugsource@1.9.3-2.rhaos4.5.el8?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "podman-debuginfo-0:1.9.3-2.rhaos4.5.el8.s390x",
"product": {
"name": "podman-debuginfo-0:1.9.3-2.rhaos4.5.el8.s390x",
"product_id": "podman-debuginfo-0:1.9.3-2.rhaos4.5.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-debuginfo@1.9.3-2.rhaos4.5.el8?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "podman-remote-debuginfo-0:1.9.3-2.rhaos4.5.el8.s390x",
"product": {
"name": "podman-remote-debuginfo-0:1.9.3-2.rhaos4.5.el8.s390x",
"product_id": "podman-remote-debuginfo-0:1.9.3-2.rhaos4.5.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-remote-debuginfo@1.9.3-2.rhaos4.5.el8?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "kubefed-client-0:4.5.0-202002271711.git.2.3bd46d6.el7.ppc64le",
"product": {
"name": "kubefed-client-0:4.5.0-202002271711.git.2.3bd46d6.el7.ppc64le",
"product_id": "kubefed-client-0:4.5.0-202002271711.git.2.3bd46d6.el7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kubefed-client@4.5.0-202002271711.git.2.3bd46d6.el7?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "openshift-eventrouter-0:0.2-5.git7c289cc.el7.ppc64le",
"product": {
"name": "openshift-eventrouter-0:0.2-5.git7c289cc.el7.ppc64le",
"product_id": "openshift-eventrouter-0:0.2-5.git7c289cc.el7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-eventrouter@0.2-5.git7c289cc.el7?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "openshift-eventrouter-debuginfo-0:0.2-5.git7c289cc.el7.ppc64le",
"product": {
"name": "openshift-eventrouter-debuginfo-0:0.2-5.git7c289cc.el7.ppc64le",
"product_id": "openshift-eventrouter-debuginfo-0:0.2-5.git7c289cc.el7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-eventrouter-debuginfo@0.2-5.git7c289cc.el7?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "ignition-0:0.35.1-12.rhaos4.5.gitb4d18ad.el8.ppc64le",
"product": {
"name": "ignition-0:0.35.1-12.rhaos4.5.gitb4d18ad.el8.ppc64le",
"product_id": "ignition-0:0.35.1-12.rhaos4.5.gitb4d18ad.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ignition@0.35.1-12.rhaos4.5.gitb4d18ad.el8?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "ignition-validate-0:0.35.1-12.rhaos4.5.gitb4d18ad.el8.ppc64le",
"product": {
"name": "ignition-validate-0:0.35.1-12.rhaos4.5.gitb4d18ad.el8.ppc64le",
"product_id": "ignition-validate-0:0.35.1-12.rhaos4.5.gitb4d18ad.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ignition-validate@0.35.1-12.rhaos4.5.gitb4d18ad.el8?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "ignition-debugsource-0:0.35.1-12.rhaos4.5.gitb4d18ad.el8.ppc64le",
"product": {
"name": "ignition-debugsource-0:0.35.1-12.rhaos4.5.gitb4d18ad.el8.ppc64le",
"product_id": "ignition-debugsource-0:0.35.1-12.rhaos4.5.gitb4d18ad.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ignition-debugsource@0.35.1-12.rhaos4.5.gitb4d18ad.el8?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "ignition-debuginfo-0:0.35.1-12.rhaos4.5.gitb4d18ad.el8.ppc64le",
"product": {
"name": "ignition-debuginfo-0:0.35.1-12.rhaos4.5.gitb4d18ad.el8.ppc64le",
"product_id": "ignition-debuginfo-0:0.35.1-12.rhaos4.5.gitb4d18ad.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ignition-debuginfo@0.35.1-12.rhaos4.5.gitb4d18ad.el8?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "ignition-validate-debuginfo-0:0.35.1-12.rhaos4.5.gitb4d18ad.el8.ppc64le",
"product": {
"name": "ignition-validate-debuginfo-0:0.35.1-12.rhaos4.5.gitb4d18ad.el8.ppc64le",
"product_id": "ignition-validate-debuginfo-0:0.35.1-12.rhaos4.5.gitb4d18ad.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ignition-validate-debuginfo@0.35.1-12.rhaos4.5.gitb4d18ad.el8?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "containers-common-1:1.1.1-2.rhaos4.5.el8.ppc64le",
"product": {
"name": "containers-common-1:1.1.1-2.rhaos4.5.el8.ppc64le",
"product_id": "containers-common-1:1.1.1-2.rhaos4.5.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/containers-common@1.1.1-2.rhaos4.5.el8?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "skopeo-1:1.1.1-2.rhaos4.5.el8.ppc64le",
"product": {
"name": "skopeo-1:1.1.1-2.rhaos4.5.el8.ppc64le",
"product_id": "skopeo-1:1.1.1-2.rhaos4.5.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/skopeo@1.1.1-2.rhaos4.5.el8?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "skopeo-tests-1:1.1.1-2.rhaos4.5.el8.ppc64le",
"product": {
"name": "skopeo-tests-1:1.1.1-2.rhaos4.5.el8.ppc64le",
"product_id": "skopeo-tests-1:1.1.1-2.rhaos4.5.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/skopeo-tests@1.1.1-2.rhaos4.5.el8?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "skopeo-debugsource-1:1.1.1-2.rhaos4.5.el8.ppc64le",
"product": {
"name": "skopeo-debugsource-1:1.1.1-2.rhaos4.5.el8.ppc64le",
"product_id": "skopeo-debugsource-1:1.1.1-2.rhaos4.5.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/skopeo-debugsource@1.1.1-2.rhaos4.5.el8?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "skopeo-debuginfo-1:1.1.1-2.rhaos4.5.el8.ppc64le",
"product": {
"name": "skopeo-debuginfo-1:1.1.1-2.rhaos4.5.el8.ppc64le",
"product_id": "skopeo-debuginfo-1:1.1.1-2.rhaos4.5.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/skopeo-debuginfo@1.1.1-2.rhaos4.5.el8?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "podman-0:1.9.3-2.rhaos4.5.el8.ppc64le",
"product": {
"name": "podman-0:1.9.3-2.rhaos4.5.el8.ppc64le",
"product_id": "podman-0:1.9.3-2.rhaos4.5.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman@1.9.3-2.rhaos4.5.el8?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "podman-remote-0:1.9.3-2.rhaos4.5.el8.ppc64le",
"product": {
"name": "podman-remote-0:1.9.3-2.rhaos4.5.el8.ppc64le",
"product_id": "podman-remote-0:1.9.3-2.rhaos4.5.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-remote@1.9.3-2.rhaos4.5.el8?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "podman-tests-0:1.9.3-2.rhaos4.5.el8.ppc64le",
"product": {
"name": "podman-tests-0:1.9.3-2.rhaos4.5.el8.ppc64le",
"product_id": "podman-tests-0:1.9.3-2.rhaos4.5.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-tests@1.9.3-2.rhaos4.5.el8?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "podman-debugsource-0:1.9.3-2.rhaos4.5.el8.ppc64le",
"product": {
"name": "podman-debugsource-0:1.9.3-2.rhaos4.5.el8.ppc64le",
"product_id": "podman-debugsource-0:1.9.3-2.rhaos4.5.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-debugsource@1.9.3-2.rhaos4.5.el8?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "podman-debuginfo-0:1.9.3-2.rhaos4.5.el8.ppc64le",
"product": {
"name": "podman-debuginfo-0:1.9.3-2.rhaos4.5.el8.ppc64le",
"product_id": "podman-debuginfo-0:1.9.3-2.rhaos4.5.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-debuginfo@1.9.3-2.rhaos4.5.el8?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "podman-remote-debuginfo-0:1.9.3-2.rhaos4.5.el8.ppc64le",
"product": {
"name": "podman-remote-debuginfo-0:1.9.3-2.rhaos4.5.el8.ppc64le",
"product_id": "podman-remote-debuginfo-0:1.9.3-2.rhaos4.5.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-remote-debuginfo@1.9.3-2.rhaos4.5.el8?arch=ppc64le"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "podman-docker-0:1.9.3-2.rhaos4.5.el8.noarch",
"product": {
"name": "podman-docker-0:1.9.3-2.rhaos4.5.el8.noarch",
"product_id": "podman-docker-0:1.9.3-2.rhaos4.5.el8.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-docker@1.9.3-2.rhaos4.5.el8?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kubefed-client-0:4.5.0-202002271711.git.2.3bd46d6.el7.ppc64le as a component of Red Hat OpenShift Container Platform 4.5",
"product_id": "7Server-RH7-RHOSE-4.5:kubefed-client-0:4.5.0-202002271711.git.2.3bd46d6.el7.ppc64le"
},
"product_reference": "kubefed-client-0:4.5.0-202002271711.git.2.3bd46d6.el7.ppc64le",
"relates_to_product_reference": "7Server-RH7-RHOSE-4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubefed-client-0:4.5.0-202002271711.git.2.3bd46d6.el7.s390x as a component of Red Hat OpenShift Container Platform 4.5",
"product_id": "7Server-RH7-RHOSE-4.5:kubefed-client-0:4.5.0-202002271711.git.2.3bd46d6.el7.s390x"
},
"product_reference": "kubefed-client-0:4.5.0-202002271711.git.2.3bd46d6.el7.s390x",
"relates_to_product_reference": "7Server-RH7-RHOSE-4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubefed-client-0:4.5.0-202002271711.git.2.3bd46d6.el7.src as a component of Red Hat OpenShift Container Platform 4.5",
"product_id": "7Server-RH7-RHOSE-4.5:kubefed-client-0:4.5.0-202002271711.git.2.3bd46d6.el7.src"
},
"product_reference": "kubefed-client-0:4.5.0-202002271711.git.2.3bd46d6.el7.src",
"relates_to_product_reference": "7Server-RH7-RHOSE-4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubefed-client-0:4.5.0-202002271711.git.2.3bd46d6.el7.x86_64 as a component of Red Hat OpenShift Container Platform 4.5",
"product_id": "7Server-RH7-RHOSE-4.5:kubefed-client-0:4.5.0-202002271711.git.2.3bd46d6.el7.x86_64"
},
"product_reference": "kubefed-client-0:4.5.0-202002271711.git.2.3bd46d6.el7.x86_64",
"relates_to_product_reference": "7Server-RH7-RHOSE-4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-eventrouter-0:0.2-5.git7c289cc.el7.ppc64le as a component of Red Hat OpenShift Container Platform 4.5",
"product_id": "7Server-RH7-RHOSE-4.5:openshift-eventrouter-0:0.2-5.git7c289cc.el7.ppc64le"
},
"product_reference": "openshift-eventrouter-0:0.2-5.git7c289cc.el7.ppc64le",
"relates_to_product_reference": "7Server-RH7-RHOSE-4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-eventrouter-0:0.2-5.git7c289cc.el7.s390x as a component of Red Hat OpenShift Container Platform 4.5",
"product_id": "7Server-RH7-RHOSE-4.5:openshift-eventrouter-0:0.2-5.git7c289cc.el7.s390x"
},
"product_reference": "openshift-eventrouter-0:0.2-5.git7c289cc.el7.s390x",
"relates_to_product_reference": "7Server-RH7-RHOSE-4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-eventrouter-0:0.2-5.git7c289cc.el7.src as a component of Red Hat OpenShift Container Platform 4.5",
"product_id": "7Server-RH7-RHOSE-4.5:openshift-eventrouter-0:0.2-5.git7c289cc.el7.src"
},
"product_reference": "openshift-eventrouter-0:0.2-5.git7c289cc.el7.src",
"relates_to_product_reference": "7Server-RH7-RHOSE-4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-eventrouter-0:0.2-5.git7c289cc.el7.x86_64 as a component of Red Hat OpenShift Container Platform 4.5",
"product_id": "7Server-RH7-RHOSE-4.5:openshift-eventrouter-0:0.2-5.git7c289cc.el7.x86_64"
},
"product_reference": "openshift-eventrouter-0:0.2-5.git7c289cc.el7.x86_64",
"relates_to_product_reference": "7Server-RH7-RHOSE-4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-eventrouter-debuginfo-0:0.2-5.git7c289cc.el7.ppc64le as a component of Red Hat OpenShift Container Platform 4.5",
"product_id": "7Server-RH7-RHOSE-4.5:openshift-eventrouter-debuginfo-0:0.2-5.git7c289cc.el7.ppc64le"
},
"product_reference": "openshift-eventrouter-debuginfo-0:0.2-5.git7c289cc.el7.ppc64le",
"relates_to_product_reference": "7Server-RH7-RHOSE-4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-eventrouter-debuginfo-0:0.2-5.git7c289cc.el7.s390x as a component of Red Hat OpenShift Container Platform 4.5",
"product_id": "7Server-RH7-RHOSE-4.5:openshift-eventrouter-debuginfo-0:0.2-5.git7c289cc.el7.s390x"
},
"product_reference": "openshift-eventrouter-debuginfo-0:0.2-5.git7c289cc.el7.s390x",
"relates_to_product_reference": "7Server-RH7-RHOSE-4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-eventrouter-debuginfo-0:0.2-5.git7c289cc.el7.x86_64 as a component of Red Hat OpenShift Container Platform 4.5",
"product_id": "7Server-RH7-RHOSE-4.5:openshift-eventrouter-debuginfo-0:0.2-5.git7c289cc.el7.x86_64"
},
"product_reference": "openshift-eventrouter-debuginfo-0:0.2-5.git7c289cc.el7.x86_64",
"relates_to_product_reference": "7Server-RH7-RHOSE-4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "containers-common-1:1.1.1-2.rhaos4.5.el8.ppc64le as a component of Red Hat OpenShift Container Platform 4.5",
"product_id": "8Base-RHOSE-4.5:containers-common-1:1.1.1-2.rhaos4.5.el8.ppc64le"
},
"product_reference": "containers-common-1:1.1.1-2.rhaos4.5.el8.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "containers-common-1:1.1.1-2.rhaos4.5.el8.s390x as a component of Red Hat OpenShift Container Platform 4.5",
"product_id": "8Base-RHOSE-4.5:containers-common-1:1.1.1-2.rhaos4.5.el8.s390x"
},
"product_reference": "containers-common-1:1.1.1-2.rhaos4.5.el8.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "containers-common-1:1.1.1-2.rhaos4.5.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.5",
"product_id": "8Base-RHOSE-4.5:containers-common-1:1.1.1-2.rhaos4.5.el8.x86_64"
},
"product_reference": "containers-common-1:1.1.1-2.rhaos4.5.el8.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ignition-0:0.35.1-12.rhaos4.5.gitb4d18ad.el8.ppc64le as a component of Red Hat OpenShift Container Platform 4.5",
"product_id": "8Base-RHOSE-4.5:ignition-0:0.35.1-12.rhaos4.5.gitb4d18ad.el8.ppc64le"
},
"product_reference": "ignition-0:0.35.1-12.rhaos4.5.gitb4d18ad.el8.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ignition-0:0.35.1-12.rhaos4.5.gitb4d18ad.el8.s390x as a component of Red Hat OpenShift Container Platform 4.5",
"product_id": "8Base-RHOSE-4.5:ignition-0:0.35.1-12.rhaos4.5.gitb4d18ad.el8.s390x"
},
"product_reference": "ignition-0:0.35.1-12.rhaos4.5.gitb4d18ad.el8.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ignition-0:0.35.1-12.rhaos4.5.gitb4d18ad.el8.src as a component of Red Hat OpenShift Container Platform 4.5",
"product_id": "8Base-RHOSE-4.5:ignition-0:0.35.1-12.rhaos4.5.gitb4d18ad.el8.src"
},
"product_reference": "ignition-0:0.35.1-12.rhaos4.5.gitb4d18ad.el8.src",
"relates_to_product_reference": "8Base-RHOSE-4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ignition-0:0.35.1-12.rhaos4.5.gitb4d18ad.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.5",
"product_id": "8Base-RHOSE-4.5:ignition-0:0.35.1-12.rhaos4.5.gitb4d18ad.el8.x86_64"
},
"product_reference": "ignition-0:0.35.1-12.rhaos4.5.gitb4d18ad.el8.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ignition-debuginfo-0:0.35.1-12.rhaos4.5.gitb4d18ad.el8.ppc64le as a component of Red Hat OpenShift Container Platform 4.5",
"product_id": "8Base-RHOSE-4.5:ignition-debuginfo-0:0.35.1-12.rhaos4.5.gitb4d18ad.el8.ppc64le"
},
"product_reference": "ignition-debuginfo-0:0.35.1-12.rhaos4.5.gitb4d18ad.el8.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ignition-debuginfo-0:0.35.1-12.rhaos4.5.gitb4d18ad.el8.s390x as a component of Red Hat OpenShift Container Platform 4.5",
"product_id": "8Base-RHOSE-4.5:ignition-debuginfo-0:0.35.1-12.rhaos4.5.gitb4d18ad.el8.s390x"
},
"product_reference": "ignition-debuginfo-0:0.35.1-12.rhaos4.5.gitb4d18ad.el8.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ignition-debuginfo-0:0.35.1-12.rhaos4.5.gitb4d18ad.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.5",
"product_id": "8Base-RHOSE-4.5:ignition-debuginfo-0:0.35.1-12.rhaos4.5.gitb4d18ad.el8.x86_64"
},
"product_reference": "ignition-debuginfo-0:0.35.1-12.rhaos4.5.gitb4d18ad.el8.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ignition-debugsource-0:0.35.1-12.rhaos4.5.gitb4d18ad.el8.ppc64le as a component of Red Hat OpenShift Container Platform 4.5",
"product_id": "8Base-RHOSE-4.5:ignition-debugsource-0:0.35.1-12.rhaos4.5.gitb4d18ad.el8.ppc64le"
},
"product_reference": "ignition-debugsource-0:0.35.1-12.rhaos4.5.gitb4d18ad.el8.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ignition-debugsource-0:0.35.1-12.rhaos4.5.gitb4d18ad.el8.s390x as a component of Red Hat OpenShift Container Platform 4.5",
"product_id": "8Base-RHOSE-4.5:ignition-debugsource-0:0.35.1-12.rhaos4.5.gitb4d18ad.el8.s390x"
},
"product_reference": "ignition-debugsource-0:0.35.1-12.rhaos4.5.gitb4d18ad.el8.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ignition-debugsource-0:0.35.1-12.rhaos4.5.gitb4d18ad.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.5",
"product_id": "8Base-RHOSE-4.5:ignition-debugsource-0:0.35.1-12.rhaos4.5.gitb4d18ad.el8.x86_64"
},
"product_reference": "ignition-debugsource-0:0.35.1-12.rhaos4.5.gitb4d18ad.el8.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ignition-validate-0:0.35.1-12.rhaos4.5.gitb4d18ad.el8.ppc64le as a component of Red Hat OpenShift Container Platform 4.5",
"product_id": "8Base-RHOSE-4.5:ignition-validate-0:0.35.1-12.rhaos4.5.gitb4d18ad.el8.ppc64le"
},
"product_reference": "ignition-validate-0:0.35.1-12.rhaos4.5.gitb4d18ad.el8.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ignition-validate-0:0.35.1-12.rhaos4.5.gitb4d18ad.el8.s390x as a component of Red Hat OpenShift Container Platform 4.5",
"product_id": "8Base-RHOSE-4.5:ignition-validate-0:0.35.1-12.rhaos4.5.gitb4d18ad.el8.s390x"
},
"product_reference": "ignition-validate-0:0.35.1-12.rhaos4.5.gitb4d18ad.el8.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ignition-validate-0:0.35.1-12.rhaos4.5.gitb4d18ad.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.5",
"product_id": "8Base-RHOSE-4.5:ignition-validate-0:0.35.1-12.rhaos4.5.gitb4d18ad.el8.x86_64"
},
"product_reference": "ignition-validate-0:0.35.1-12.rhaos4.5.gitb4d18ad.el8.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ignition-validate-debuginfo-0:0.35.1-12.rhaos4.5.gitb4d18ad.el8.ppc64le as a component of Red Hat OpenShift Container Platform 4.5",
"product_id": "8Base-RHOSE-4.5:ignition-validate-debuginfo-0:0.35.1-12.rhaos4.5.gitb4d18ad.el8.ppc64le"
},
"product_reference": "ignition-validate-debuginfo-0:0.35.1-12.rhaos4.5.gitb4d18ad.el8.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ignition-validate-debuginfo-0:0.35.1-12.rhaos4.5.gitb4d18ad.el8.s390x as a component of Red Hat OpenShift Container Platform 4.5",
"product_id": "8Base-RHOSE-4.5:ignition-validate-debuginfo-0:0.35.1-12.rhaos4.5.gitb4d18ad.el8.s390x"
},
"product_reference": "ignition-validate-debuginfo-0:0.35.1-12.rhaos4.5.gitb4d18ad.el8.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ignition-validate-debuginfo-0:0.35.1-12.rhaos4.5.gitb4d18ad.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.5",
"product_id": "8Base-RHOSE-4.5:ignition-validate-debuginfo-0:0.35.1-12.rhaos4.5.gitb4d18ad.el8.x86_64"
},
"product_reference": "ignition-validate-debuginfo-0:0.35.1-12.rhaos4.5.gitb4d18ad.el8.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-0:1.9.3-2.rhaos4.5.el8.ppc64le as a component of Red Hat OpenShift Container Platform 4.5",
"product_id": "8Base-RHOSE-4.5:podman-0:1.9.3-2.rhaos4.5.el8.ppc64le"
},
"product_reference": "podman-0:1.9.3-2.rhaos4.5.el8.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-0:1.9.3-2.rhaos4.5.el8.s390x as a component of Red Hat OpenShift Container Platform 4.5",
"product_id": "8Base-RHOSE-4.5:podman-0:1.9.3-2.rhaos4.5.el8.s390x"
},
"product_reference": "podman-0:1.9.3-2.rhaos4.5.el8.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-0:1.9.3-2.rhaos4.5.el8.src as a component of Red Hat OpenShift Container Platform 4.5",
"product_id": "8Base-RHOSE-4.5:podman-0:1.9.3-2.rhaos4.5.el8.src"
},
"product_reference": "podman-0:1.9.3-2.rhaos4.5.el8.src",
"relates_to_product_reference": "8Base-RHOSE-4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-0:1.9.3-2.rhaos4.5.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.5",
"product_id": "8Base-RHOSE-4.5:podman-0:1.9.3-2.rhaos4.5.el8.x86_64"
},
"product_reference": "podman-0:1.9.3-2.rhaos4.5.el8.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-debuginfo-0:1.9.3-2.rhaos4.5.el8.ppc64le as a component of Red Hat OpenShift Container Platform 4.5",
"product_id": "8Base-RHOSE-4.5:podman-debuginfo-0:1.9.3-2.rhaos4.5.el8.ppc64le"
},
"product_reference": "podman-debuginfo-0:1.9.3-2.rhaos4.5.el8.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-debuginfo-0:1.9.3-2.rhaos4.5.el8.s390x as a component of Red Hat OpenShift Container Platform 4.5",
"product_id": "8Base-RHOSE-4.5:podman-debuginfo-0:1.9.3-2.rhaos4.5.el8.s390x"
},
"product_reference": "podman-debuginfo-0:1.9.3-2.rhaos4.5.el8.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-debuginfo-0:1.9.3-2.rhaos4.5.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.5",
"product_id": "8Base-RHOSE-4.5:podman-debuginfo-0:1.9.3-2.rhaos4.5.el8.x86_64"
},
"product_reference": "podman-debuginfo-0:1.9.3-2.rhaos4.5.el8.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-debugsource-0:1.9.3-2.rhaos4.5.el8.ppc64le as a component of Red Hat OpenShift Container Platform 4.5",
"product_id": "8Base-RHOSE-4.5:podman-debugsource-0:1.9.3-2.rhaos4.5.el8.ppc64le"
},
"product_reference": "podman-debugsource-0:1.9.3-2.rhaos4.5.el8.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-debugsource-0:1.9.3-2.rhaos4.5.el8.s390x as a component of Red Hat OpenShift Container Platform 4.5",
"product_id": "8Base-RHOSE-4.5:podman-debugsource-0:1.9.3-2.rhaos4.5.el8.s390x"
},
"product_reference": "podman-debugsource-0:1.9.3-2.rhaos4.5.el8.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-debugsource-0:1.9.3-2.rhaos4.5.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.5",
"product_id": "8Base-RHOSE-4.5:podman-debugsource-0:1.9.3-2.rhaos4.5.el8.x86_64"
},
"product_reference": "podman-debugsource-0:1.9.3-2.rhaos4.5.el8.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-docker-0:1.9.3-2.rhaos4.5.el8.noarch as a component of Red Hat OpenShift Container Platform 4.5",
"product_id": "8Base-RHOSE-4.5:podman-docker-0:1.9.3-2.rhaos4.5.el8.noarch"
},
"product_reference": "podman-docker-0:1.9.3-2.rhaos4.5.el8.noarch",
"relates_to_product_reference": "8Base-RHOSE-4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-remote-0:1.9.3-2.rhaos4.5.el8.ppc64le as a component of Red Hat OpenShift Container Platform 4.5",
"product_id": "8Base-RHOSE-4.5:podman-remote-0:1.9.3-2.rhaos4.5.el8.ppc64le"
},
"product_reference": "podman-remote-0:1.9.3-2.rhaos4.5.el8.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-remote-0:1.9.3-2.rhaos4.5.el8.s390x as a component of Red Hat OpenShift Container Platform 4.5",
"product_id": "8Base-RHOSE-4.5:podman-remote-0:1.9.3-2.rhaos4.5.el8.s390x"
},
"product_reference": "podman-remote-0:1.9.3-2.rhaos4.5.el8.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-remote-0:1.9.3-2.rhaos4.5.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.5",
"product_id": "8Base-RHOSE-4.5:podman-remote-0:1.9.3-2.rhaos4.5.el8.x86_64"
},
"product_reference": "podman-remote-0:1.9.3-2.rhaos4.5.el8.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-remote-debuginfo-0:1.9.3-2.rhaos4.5.el8.ppc64le as a component of Red Hat OpenShift Container Platform 4.5",
"product_id": "8Base-RHOSE-4.5:podman-remote-debuginfo-0:1.9.3-2.rhaos4.5.el8.ppc64le"
},
"product_reference": "podman-remote-debuginfo-0:1.9.3-2.rhaos4.5.el8.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-remote-debuginfo-0:1.9.3-2.rhaos4.5.el8.s390x as a component of Red Hat OpenShift Container Platform 4.5",
"product_id": "8Base-RHOSE-4.5:podman-remote-debuginfo-0:1.9.3-2.rhaos4.5.el8.s390x"
},
"product_reference": "podman-remote-debuginfo-0:1.9.3-2.rhaos4.5.el8.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-remote-debuginfo-0:1.9.3-2.rhaos4.5.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.5",
"product_id": "8Base-RHOSE-4.5:podman-remote-debuginfo-0:1.9.3-2.rhaos4.5.el8.x86_64"
},
"product_reference": "podman-remote-debuginfo-0:1.9.3-2.rhaos4.5.el8.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-tests-0:1.9.3-2.rhaos4.5.el8.ppc64le as a component of Red Hat OpenShift Container Platform 4.5",
"product_id": "8Base-RHOSE-4.5:podman-tests-0:1.9.3-2.rhaos4.5.el8.ppc64le"
},
"product_reference": "podman-tests-0:1.9.3-2.rhaos4.5.el8.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-tests-0:1.9.3-2.rhaos4.5.el8.s390x as a component of Red Hat OpenShift Container Platform 4.5",
"product_id": "8Base-RHOSE-4.5:podman-tests-0:1.9.3-2.rhaos4.5.el8.s390x"
},
"product_reference": "podman-tests-0:1.9.3-2.rhaos4.5.el8.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-tests-0:1.9.3-2.rhaos4.5.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.5",
"product_id": "8Base-RHOSE-4.5:podman-tests-0:1.9.3-2.rhaos4.5.el8.x86_64"
},
"product_reference": "podman-tests-0:1.9.3-2.rhaos4.5.el8.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "skopeo-1:1.1.1-2.rhaos4.5.el8.ppc64le as a component of Red Hat OpenShift Container Platform 4.5",
"product_id": "8Base-RHOSE-4.5:skopeo-1:1.1.1-2.rhaos4.5.el8.ppc64le"
},
"product_reference": "skopeo-1:1.1.1-2.rhaos4.5.el8.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "skopeo-1:1.1.1-2.rhaos4.5.el8.s390x as a component of Red Hat OpenShift Container Platform 4.5",
"product_id": "8Base-RHOSE-4.5:skopeo-1:1.1.1-2.rhaos4.5.el8.s390x"
},
"product_reference": "skopeo-1:1.1.1-2.rhaos4.5.el8.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "skopeo-1:1.1.1-2.rhaos4.5.el8.src as a component of Red Hat OpenShift Container Platform 4.5",
"product_id": "8Base-RHOSE-4.5:skopeo-1:1.1.1-2.rhaos4.5.el8.src"
},
"product_reference": "skopeo-1:1.1.1-2.rhaos4.5.el8.src",
"relates_to_product_reference": "8Base-RHOSE-4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "skopeo-1:1.1.1-2.rhaos4.5.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.5",
"product_id": "8Base-RHOSE-4.5:skopeo-1:1.1.1-2.rhaos4.5.el8.x86_64"
},
"product_reference": "skopeo-1:1.1.1-2.rhaos4.5.el8.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "skopeo-debuginfo-1:1.1.1-2.rhaos4.5.el8.ppc64le as a component of Red Hat OpenShift Container Platform 4.5",
"product_id": "8Base-RHOSE-4.5:skopeo-debuginfo-1:1.1.1-2.rhaos4.5.el8.ppc64le"
},
"product_reference": "skopeo-debuginfo-1:1.1.1-2.rhaos4.5.el8.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "skopeo-debuginfo-1:1.1.1-2.rhaos4.5.el8.s390x as a component of Red Hat OpenShift Container Platform 4.5",
"product_id": "8Base-RHOSE-4.5:skopeo-debuginfo-1:1.1.1-2.rhaos4.5.el8.s390x"
},
"product_reference": "skopeo-debuginfo-1:1.1.1-2.rhaos4.5.el8.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "skopeo-debuginfo-1:1.1.1-2.rhaos4.5.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.5",
"product_id": "8Base-RHOSE-4.5:skopeo-debuginfo-1:1.1.1-2.rhaos4.5.el8.x86_64"
},
"product_reference": "skopeo-debuginfo-1:1.1.1-2.rhaos4.5.el8.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "skopeo-debugsource-1:1.1.1-2.rhaos4.5.el8.ppc64le as a component of Red Hat OpenShift Container Platform 4.5",
"product_id": "8Base-RHOSE-4.5:skopeo-debugsource-1:1.1.1-2.rhaos4.5.el8.ppc64le"
},
"product_reference": "skopeo-debugsource-1:1.1.1-2.rhaos4.5.el8.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "skopeo-debugsource-1:1.1.1-2.rhaos4.5.el8.s390x as a component of Red Hat OpenShift Container Platform 4.5",
"product_id": "8Base-RHOSE-4.5:skopeo-debugsource-1:1.1.1-2.rhaos4.5.el8.s390x"
},
"product_reference": "skopeo-debugsource-1:1.1.1-2.rhaos4.5.el8.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "skopeo-debugsource-1:1.1.1-2.rhaos4.5.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.5",
"product_id": "8Base-RHOSE-4.5:skopeo-debugsource-1:1.1.1-2.rhaos4.5.el8.x86_64"
},
"product_reference": "skopeo-debugsource-1:1.1.1-2.rhaos4.5.el8.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "skopeo-tests-1:1.1.1-2.rhaos4.5.el8.ppc64le as a component of Red Hat OpenShift Container Platform 4.5",
"product_id": "8Base-RHOSE-4.5:skopeo-tests-1:1.1.1-2.rhaos4.5.el8.ppc64le"
},
"product_reference": "skopeo-tests-1:1.1.1-2.rhaos4.5.el8.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "skopeo-tests-1:1.1.1-2.rhaos4.5.el8.s390x as a component of Red Hat OpenShift Container Platform 4.5",
"product_id": "8Base-RHOSE-4.5:skopeo-tests-1:1.1.1-2.rhaos4.5.el8.s390x"
},
"product_reference": "skopeo-tests-1:1.1.1-2.rhaos4.5.el8.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "skopeo-tests-1:1.1.1-2.rhaos4.5.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.5",
"product_id": "8Base-RHOSE-4.5:skopeo-tests-1:1.1.1-2.rhaos4.5.el8.x86_64"
},
"product_reference": "skopeo-tests-1:1.1.1-2.rhaos4.5.el8.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.5"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2020-15586",
"cwe": {
"id": "CWE-362",
"name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
},
"discovery_date": "2020-07-14T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1856953"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found Go\u0027s net/http package. Servers using ReverseProxy from net/http in the Go standard library are vulnerable to a data race that results in a denial of service. The highest threat from this vulnerability is to system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: data race in certain net/http servers including ReverseProxy can lead to DoS",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "OpenShift Container Platform (OCP) components are primarily written in Go, meaning that any component using the net/http package includes the vulnerable code. OCP server endpoints using ReverseProxy are protected by authentication, reducing the severity of this vulnerability to Low for OCP.\n\nSimilar to OCP, OpenShift ServiceMesh (OSSM), RedHat OpenShift Jaeger (RHOSJ) and OpenShift Virtualization are also primarily written in Go and are protected via authentication, reducing the severity of this vulnerability to Low.\n\nRed Hat Gluster Storage 3 and Red Hat Openshift Container Storage 4 components are built with the affected version of Go, however the vulnerable functionality is currently not used by these products and hence this issue has been rated as having a security impact of Low.\n\nRed Hat Ceph Storage 3 and 4 components are built with the affected version of Go, however the vulnerable functionality is currently not used by these products and hence this issue has been rated as having a security impact of Low.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RH7-RHOSE-4.5:kubefed-client-0:4.5.0-202002271711.git.2.3bd46d6.el7.ppc64le",
"7Server-RH7-RHOSE-4.5:kubefed-client-0:4.5.0-202002271711.git.2.3bd46d6.el7.s390x",
"7Server-RH7-RHOSE-4.5:kubefed-client-0:4.5.0-202002271711.git.2.3bd46d6.el7.src",
"7Server-RH7-RHOSE-4.5:kubefed-client-0:4.5.0-202002271711.git.2.3bd46d6.el7.x86_64",
"7Server-RH7-RHOSE-4.5:openshift-eventrouter-0:0.2-5.git7c289cc.el7.ppc64le",
"7Server-RH7-RHOSE-4.5:openshift-eventrouter-0:0.2-5.git7c289cc.el7.s390x",
"7Server-RH7-RHOSE-4.5:openshift-eventrouter-0:0.2-5.git7c289cc.el7.src",
"7Server-RH7-RHOSE-4.5:openshift-eventrouter-0:0.2-5.git7c289cc.el7.x86_64",
"7Server-RH7-RHOSE-4.5:openshift-eventrouter-debuginfo-0:0.2-5.git7c289cc.el7.ppc64le",
"7Server-RH7-RHOSE-4.5:openshift-eventrouter-debuginfo-0:0.2-5.git7c289cc.el7.s390x",
"7Server-RH7-RHOSE-4.5:openshift-eventrouter-debuginfo-0:0.2-5.git7c289cc.el7.x86_64",
"8Base-RHOSE-4.5:containers-common-1:1.1.1-2.rhaos4.5.el8.ppc64le",
"8Base-RHOSE-4.5:containers-common-1:1.1.1-2.rhaos4.5.el8.s390x",
"8Base-RHOSE-4.5:containers-common-1:1.1.1-2.rhaos4.5.el8.x86_64",
"8Base-RHOSE-4.5:ignition-0:0.35.1-12.rhaos4.5.gitb4d18ad.el8.ppc64le",
"8Base-RHOSE-4.5:ignition-0:0.35.1-12.rhaos4.5.gitb4d18ad.el8.s390x",
"8Base-RHOSE-4.5:ignition-0:0.35.1-12.rhaos4.5.gitb4d18ad.el8.src",
"8Base-RHOSE-4.5:ignition-0:0.35.1-12.rhaos4.5.gitb4d18ad.el8.x86_64",
"8Base-RHOSE-4.5:ignition-debuginfo-0:0.35.1-12.rhaos4.5.gitb4d18ad.el8.ppc64le",
"8Base-RHOSE-4.5:ignition-debuginfo-0:0.35.1-12.rhaos4.5.gitb4d18ad.el8.s390x",
"8Base-RHOSE-4.5:ignition-debuginfo-0:0.35.1-12.rhaos4.5.gitb4d18ad.el8.x86_64",
"8Base-RHOSE-4.5:ignition-debugsource-0:0.35.1-12.rhaos4.5.gitb4d18ad.el8.ppc64le",
"8Base-RHOSE-4.5:ignition-debugsource-0:0.35.1-12.rhaos4.5.gitb4d18ad.el8.s390x",
"8Base-RHOSE-4.5:ignition-debugsource-0:0.35.1-12.rhaos4.5.gitb4d18ad.el8.x86_64",
"8Base-RHOSE-4.5:ignition-validate-0:0.35.1-12.rhaos4.5.gitb4d18ad.el8.ppc64le",
"8Base-RHOSE-4.5:ignition-validate-0:0.35.1-12.rhaos4.5.gitb4d18ad.el8.s390x",
"8Base-RHOSE-4.5:ignition-validate-0:0.35.1-12.rhaos4.5.gitb4d18ad.el8.x86_64",
"8Base-RHOSE-4.5:ignition-validate-debuginfo-0:0.35.1-12.rhaos4.5.gitb4d18ad.el8.ppc64le",
"8Base-RHOSE-4.5:ignition-validate-debuginfo-0:0.35.1-12.rhaos4.5.gitb4d18ad.el8.s390x",
"8Base-RHOSE-4.5:ignition-validate-debuginfo-0:0.35.1-12.rhaos4.5.gitb4d18ad.el8.x86_64",
"8Base-RHOSE-4.5:podman-0:1.9.3-2.rhaos4.5.el8.ppc64le",
"8Base-RHOSE-4.5:podman-0:1.9.3-2.rhaos4.5.el8.s390x",
"8Base-RHOSE-4.5:podman-0:1.9.3-2.rhaos4.5.el8.src",
"8Base-RHOSE-4.5:podman-0:1.9.3-2.rhaos4.5.el8.x86_64",
"8Base-RHOSE-4.5:podman-debuginfo-0:1.9.3-2.rhaos4.5.el8.ppc64le",
"8Base-RHOSE-4.5:podman-debuginfo-0:1.9.3-2.rhaos4.5.el8.s390x",
"8Base-RHOSE-4.5:podman-debuginfo-0:1.9.3-2.rhaos4.5.el8.x86_64",
"8Base-RHOSE-4.5:podman-debugsource-0:1.9.3-2.rhaos4.5.el8.ppc64le",
"8Base-RHOSE-4.5:podman-debugsource-0:1.9.3-2.rhaos4.5.el8.s390x",
"8Base-RHOSE-4.5:podman-debugsource-0:1.9.3-2.rhaos4.5.el8.x86_64",
"8Base-RHOSE-4.5:podman-docker-0:1.9.3-2.rhaos4.5.el8.noarch",
"8Base-RHOSE-4.5:podman-remote-0:1.9.3-2.rhaos4.5.el8.ppc64le",
"8Base-RHOSE-4.5:podman-remote-0:1.9.3-2.rhaos4.5.el8.s390x",
"8Base-RHOSE-4.5:podman-remote-0:1.9.3-2.rhaos4.5.el8.x86_64",
"8Base-RHOSE-4.5:podman-remote-debuginfo-0:1.9.3-2.rhaos4.5.el8.ppc64le",
"8Base-RHOSE-4.5:podman-remote-debuginfo-0:1.9.3-2.rhaos4.5.el8.s390x",
"8Base-RHOSE-4.5:podman-remote-debuginfo-0:1.9.3-2.rhaos4.5.el8.x86_64",
"8Base-RHOSE-4.5:podman-tests-0:1.9.3-2.rhaos4.5.el8.ppc64le",
"8Base-RHOSE-4.5:podman-tests-0:1.9.3-2.rhaos4.5.el8.s390x",
"8Base-RHOSE-4.5:podman-tests-0:1.9.3-2.rhaos4.5.el8.x86_64",
"8Base-RHOSE-4.5:skopeo-1:1.1.1-2.rhaos4.5.el8.ppc64le",
"8Base-RHOSE-4.5:skopeo-1:1.1.1-2.rhaos4.5.el8.s390x",
"8Base-RHOSE-4.5:skopeo-1:1.1.1-2.rhaos4.5.el8.src",
"8Base-RHOSE-4.5:skopeo-1:1.1.1-2.rhaos4.5.el8.x86_64",
"8Base-RHOSE-4.5:skopeo-debuginfo-1:1.1.1-2.rhaos4.5.el8.ppc64le",
"8Base-RHOSE-4.5:skopeo-debuginfo-1:1.1.1-2.rhaos4.5.el8.s390x",
"8Base-RHOSE-4.5:skopeo-debuginfo-1:1.1.1-2.rhaos4.5.el8.x86_64",
"8Base-RHOSE-4.5:skopeo-debugsource-1:1.1.1-2.rhaos4.5.el8.ppc64le",
"8Base-RHOSE-4.5:skopeo-debugsource-1:1.1.1-2.rhaos4.5.el8.s390x",
"8Base-RHOSE-4.5:skopeo-debugsource-1:1.1.1-2.rhaos4.5.el8.x86_64",
"8Base-RHOSE-4.5:skopeo-tests-1:1.1.1-2.rhaos4.5.el8.ppc64le",
"8Base-RHOSE-4.5:skopeo-tests-1:1.1.1-2.rhaos4.5.el8.s390x",
"8Base-RHOSE-4.5:skopeo-tests-1:1.1.1-2.rhaos4.5.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-15586"
},
{
"category": "external",
"summary": "RHBZ#1856953",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1856953"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-15586",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-15586"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-15586",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-15586"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/XZNfaiwgt2w/m/E6gHDs32AQAJ",
"url": "https://groups.google.com/g/golang-announce/c/XZNfaiwgt2w/m/E6gHDs32AQAJ"
}
],
"release_date": "2020-07-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-04-13T23:35:52+00:00",
"details": "For OpenShift Container Platform 4.5 see the following documentation, which\nwill be updated shortly for this release, for important instructions on how\nto upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.5/release_notes/ocp-4-5-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.5/updating/updating-cluster-cli.html",
"product_ids": [
"7Server-RH7-RHOSE-4.5:kubefed-client-0:4.5.0-202002271711.git.2.3bd46d6.el7.ppc64le",
"7Server-RH7-RHOSE-4.5:kubefed-client-0:4.5.0-202002271711.git.2.3bd46d6.el7.s390x",
"7Server-RH7-RHOSE-4.5:kubefed-client-0:4.5.0-202002271711.git.2.3bd46d6.el7.src",
"7Server-RH7-RHOSE-4.5:kubefed-client-0:4.5.0-202002271711.git.2.3bd46d6.el7.x86_64",
"7Server-RH7-RHOSE-4.5:openshift-eventrouter-0:0.2-5.git7c289cc.el7.ppc64le",
"7Server-RH7-RHOSE-4.5:openshift-eventrouter-0:0.2-5.git7c289cc.el7.s390x",
"7Server-RH7-RHOSE-4.5:openshift-eventrouter-0:0.2-5.git7c289cc.el7.src",
"7Server-RH7-RHOSE-4.5:openshift-eventrouter-0:0.2-5.git7c289cc.el7.x86_64",
"7Server-RH7-RHOSE-4.5:openshift-eventrouter-debuginfo-0:0.2-5.git7c289cc.el7.ppc64le",
"7Server-RH7-RHOSE-4.5:openshift-eventrouter-debuginfo-0:0.2-5.git7c289cc.el7.s390x",
"7Server-RH7-RHOSE-4.5:openshift-eventrouter-debuginfo-0:0.2-5.git7c289cc.el7.x86_64",
"8Base-RHOSE-4.5:containers-common-1:1.1.1-2.rhaos4.5.el8.ppc64le",
"8Base-RHOSE-4.5:containers-common-1:1.1.1-2.rhaos4.5.el8.s390x",
"8Base-RHOSE-4.5:containers-common-1:1.1.1-2.rhaos4.5.el8.x86_64",
"8Base-RHOSE-4.5:ignition-0:0.35.1-12.rhaos4.5.gitb4d18ad.el8.ppc64le",
"8Base-RHOSE-4.5:ignition-0:0.35.1-12.rhaos4.5.gitb4d18ad.el8.s390x",
"8Base-RHOSE-4.5:ignition-0:0.35.1-12.rhaos4.5.gitb4d18ad.el8.src",
"8Base-RHOSE-4.5:ignition-0:0.35.1-12.rhaos4.5.gitb4d18ad.el8.x86_64",
"8Base-RHOSE-4.5:ignition-debuginfo-0:0.35.1-12.rhaos4.5.gitb4d18ad.el8.ppc64le",
"8Base-RHOSE-4.5:ignition-debuginfo-0:0.35.1-12.rhaos4.5.gitb4d18ad.el8.s390x",
"8Base-RHOSE-4.5:ignition-debuginfo-0:0.35.1-12.rhaos4.5.gitb4d18ad.el8.x86_64",
"8Base-RHOSE-4.5:ignition-debugsource-0:0.35.1-12.rhaos4.5.gitb4d18ad.el8.ppc64le",
"8Base-RHOSE-4.5:ignition-debugsource-0:0.35.1-12.rhaos4.5.gitb4d18ad.el8.s390x",
"8Base-RHOSE-4.5:ignition-debugsource-0:0.35.1-12.rhaos4.5.gitb4d18ad.el8.x86_64",
"8Base-RHOSE-4.5:ignition-validate-0:0.35.1-12.rhaos4.5.gitb4d18ad.el8.ppc64le",
"8Base-RHOSE-4.5:ignition-validate-0:0.35.1-12.rhaos4.5.gitb4d18ad.el8.s390x",
"8Base-RHOSE-4.5:ignition-validate-0:0.35.1-12.rhaos4.5.gitb4d18ad.el8.x86_64",
"8Base-RHOSE-4.5:ignition-validate-debuginfo-0:0.35.1-12.rhaos4.5.gitb4d18ad.el8.ppc64le",
"8Base-RHOSE-4.5:ignition-validate-debuginfo-0:0.35.1-12.rhaos4.5.gitb4d18ad.el8.s390x",
"8Base-RHOSE-4.5:ignition-validate-debuginfo-0:0.35.1-12.rhaos4.5.gitb4d18ad.el8.x86_64",
"8Base-RHOSE-4.5:podman-0:1.9.3-2.rhaos4.5.el8.ppc64le",
"8Base-RHOSE-4.5:podman-0:1.9.3-2.rhaos4.5.el8.s390x",
"8Base-RHOSE-4.5:podman-0:1.9.3-2.rhaos4.5.el8.src",
"8Base-RHOSE-4.5:podman-0:1.9.3-2.rhaos4.5.el8.x86_64",
"8Base-RHOSE-4.5:podman-debuginfo-0:1.9.3-2.rhaos4.5.el8.ppc64le",
"8Base-RHOSE-4.5:podman-debuginfo-0:1.9.3-2.rhaos4.5.el8.s390x",
"8Base-RHOSE-4.5:podman-debuginfo-0:1.9.3-2.rhaos4.5.el8.x86_64",
"8Base-RHOSE-4.5:podman-debugsource-0:1.9.3-2.rhaos4.5.el8.ppc64le",
"8Base-RHOSE-4.5:podman-debugsource-0:1.9.3-2.rhaos4.5.el8.s390x",
"8Base-RHOSE-4.5:podman-debugsource-0:1.9.3-2.rhaos4.5.el8.x86_64",
"8Base-RHOSE-4.5:podman-docker-0:1.9.3-2.rhaos4.5.el8.noarch",
"8Base-RHOSE-4.5:podman-remote-0:1.9.3-2.rhaos4.5.el8.ppc64le",
"8Base-RHOSE-4.5:podman-remote-0:1.9.3-2.rhaos4.5.el8.s390x",
"8Base-RHOSE-4.5:podman-remote-0:1.9.3-2.rhaos4.5.el8.x86_64",
"8Base-RHOSE-4.5:podman-remote-debuginfo-0:1.9.3-2.rhaos4.5.el8.ppc64le",
"8Base-RHOSE-4.5:podman-remote-debuginfo-0:1.9.3-2.rhaos4.5.el8.s390x",
"8Base-RHOSE-4.5:podman-remote-debuginfo-0:1.9.3-2.rhaos4.5.el8.x86_64",
"8Base-RHOSE-4.5:podman-tests-0:1.9.3-2.rhaos4.5.el8.ppc64le",
"8Base-RHOSE-4.5:podman-tests-0:1.9.3-2.rhaos4.5.el8.s390x",
"8Base-RHOSE-4.5:podman-tests-0:1.9.3-2.rhaos4.5.el8.x86_64",
"8Base-RHOSE-4.5:skopeo-1:1.1.1-2.rhaos4.5.el8.ppc64le",
"8Base-RHOSE-4.5:skopeo-1:1.1.1-2.rhaos4.5.el8.s390x",
"8Base-RHOSE-4.5:skopeo-1:1.1.1-2.rhaos4.5.el8.src",
"8Base-RHOSE-4.5:skopeo-1:1.1.1-2.rhaos4.5.el8.x86_64",
"8Base-RHOSE-4.5:skopeo-debuginfo-1:1.1.1-2.rhaos4.5.el8.ppc64le",
"8Base-RHOSE-4.5:skopeo-debuginfo-1:1.1.1-2.rhaos4.5.el8.s390x",
"8Base-RHOSE-4.5:skopeo-debuginfo-1:1.1.1-2.rhaos4.5.el8.x86_64",
"8Base-RHOSE-4.5:skopeo-debugsource-1:1.1.1-2.rhaos4.5.el8.ppc64le",
"8Base-RHOSE-4.5:skopeo-debugsource-1:1.1.1-2.rhaos4.5.el8.s390x",
"8Base-RHOSE-4.5:skopeo-debugsource-1:1.1.1-2.rhaos4.5.el8.x86_64",
"8Base-RHOSE-4.5:skopeo-tests-1:1.1.1-2.rhaos4.5.el8.ppc64le",
"8Base-RHOSE-4.5:skopeo-tests-1:1.1.1-2.rhaos4.5.el8.s390x",
"8Base-RHOSE-4.5:skopeo-tests-1:1.1.1-2.rhaos4.5.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:1016"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"7Server-RH7-RHOSE-4.5:kubefed-client-0:4.5.0-202002271711.git.2.3bd46d6.el7.ppc64le",
"7Server-RH7-RHOSE-4.5:kubefed-client-0:4.5.0-202002271711.git.2.3bd46d6.el7.s390x",
"7Server-RH7-RHOSE-4.5:kubefed-client-0:4.5.0-202002271711.git.2.3bd46d6.el7.src",
"7Server-RH7-RHOSE-4.5:kubefed-client-0:4.5.0-202002271711.git.2.3bd46d6.el7.x86_64",
"7Server-RH7-RHOSE-4.5:openshift-eventrouter-0:0.2-5.git7c289cc.el7.ppc64le",
"7Server-RH7-RHOSE-4.5:openshift-eventrouter-0:0.2-5.git7c289cc.el7.s390x",
"7Server-RH7-RHOSE-4.5:openshift-eventrouter-0:0.2-5.git7c289cc.el7.src",
"7Server-RH7-RHOSE-4.5:openshift-eventrouter-0:0.2-5.git7c289cc.el7.x86_64",
"7Server-RH7-RHOSE-4.5:openshift-eventrouter-debuginfo-0:0.2-5.git7c289cc.el7.ppc64le",
"7Server-RH7-RHOSE-4.5:openshift-eventrouter-debuginfo-0:0.2-5.git7c289cc.el7.s390x",
"7Server-RH7-RHOSE-4.5:openshift-eventrouter-debuginfo-0:0.2-5.git7c289cc.el7.x86_64",
"8Base-RHOSE-4.5:containers-common-1:1.1.1-2.rhaos4.5.el8.ppc64le",
"8Base-RHOSE-4.5:containers-common-1:1.1.1-2.rhaos4.5.el8.s390x",
"8Base-RHOSE-4.5:containers-common-1:1.1.1-2.rhaos4.5.el8.x86_64",
"8Base-RHOSE-4.5:ignition-0:0.35.1-12.rhaos4.5.gitb4d18ad.el8.ppc64le",
"8Base-RHOSE-4.5:ignition-0:0.35.1-12.rhaos4.5.gitb4d18ad.el8.s390x",
"8Base-RHOSE-4.5:ignition-0:0.35.1-12.rhaos4.5.gitb4d18ad.el8.src",
"8Base-RHOSE-4.5:ignition-0:0.35.1-12.rhaos4.5.gitb4d18ad.el8.x86_64",
"8Base-RHOSE-4.5:ignition-debuginfo-0:0.35.1-12.rhaos4.5.gitb4d18ad.el8.ppc64le",
"8Base-RHOSE-4.5:ignition-debuginfo-0:0.35.1-12.rhaos4.5.gitb4d18ad.el8.s390x",
"8Base-RHOSE-4.5:ignition-debuginfo-0:0.35.1-12.rhaos4.5.gitb4d18ad.el8.x86_64",
"8Base-RHOSE-4.5:ignition-debugsource-0:0.35.1-12.rhaos4.5.gitb4d18ad.el8.ppc64le",
"8Base-RHOSE-4.5:ignition-debugsource-0:0.35.1-12.rhaos4.5.gitb4d18ad.el8.s390x",
"8Base-RHOSE-4.5:ignition-debugsource-0:0.35.1-12.rhaos4.5.gitb4d18ad.el8.x86_64",
"8Base-RHOSE-4.5:ignition-validate-0:0.35.1-12.rhaos4.5.gitb4d18ad.el8.ppc64le",
"8Base-RHOSE-4.5:ignition-validate-0:0.35.1-12.rhaos4.5.gitb4d18ad.el8.s390x",
"8Base-RHOSE-4.5:ignition-validate-0:0.35.1-12.rhaos4.5.gitb4d18ad.el8.x86_64",
"8Base-RHOSE-4.5:ignition-validate-debuginfo-0:0.35.1-12.rhaos4.5.gitb4d18ad.el8.ppc64le",
"8Base-RHOSE-4.5:ignition-validate-debuginfo-0:0.35.1-12.rhaos4.5.gitb4d18ad.el8.s390x",
"8Base-RHOSE-4.5:ignition-validate-debuginfo-0:0.35.1-12.rhaos4.5.gitb4d18ad.el8.x86_64",
"8Base-RHOSE-4.5:podman-0:1.9.3-2.rhaos4.5.el8.ppc64le",
"8Base-RHOSE-4.5:podman-0:1.9.3-2.rhaos4.5.el8.s390x",
"8Base-RHOSE-4.5:podman-0:1.9.3-2.rhaos4.5.el8.src",
"8Base-RHOSE-4.5:podman-0:1.9.3-2.rhaos4.5.el8.x86_64",
"8Base-RHOSE-4.5:podman-debuginfo-0:1.9.3-2.rhaos4.5.el8.ppc64le",
"8Base-RHOSE-4.5:podman-debuginfo-0:1.9.3-2.rhaos4.5.el8.s390x",
"8Base-RHOSE-4.5:podman-debuginfo-0:1.9.3-2.rhaos4.5.el8.x86_64",
"8Base-RHOSE-4.5:podman-debugsource-0:1.9.3-2.rhaos4.5.el8.ppc64le",
"8Base-RHOSE-4.5:podman-debugsource-0:1.9.3-2.rhaos4.5.el8.s390x",
"8Base-RHOSE-4.5:podman-debugsource-0:1.9.3-2.rhaos4.5.el8.x86_64",
"8Base-RHOSE-4.5:podman-docker-0:1.9.3-2.rhaos4.5.el8.noarch",
"8Base-RHOSE-4.5:podman-remote-0:1.9.3-2.rhaos4.5.el8.ppc64le",
"8Base-RHOSE-4.5:podman-remote-0:1.9.3-2.rhaos4.5.el8.s390x",
"8Base-RHOSE-4.5:podman-remote-0:1.9.3-2.rhaos4.5.el8.x86_64",
"8Base-RHOSE-4.5:podman-remote-debuginfo-0:1.9.3-2.rhaos4.5.el8.ppc64le",
"8Base-RHOSE-4.5:podman-remote-debuginfo-0:1.9.3-2.rhaos4.5.el8.s390x",
"8Base-RHOSE-4.5:podman-remote-debuginfo-0:1.9.3-2.rhaos4.5.el8.x86_64",
"8Base-RHOSE-4.5:podman-tests-0:1.9.3-2.rhaos4.5.el8.ppc64le",
"8Base-RHOSE-4.5:podman-tests-0:1.9.3-2.rhaos4.5.el8.s390x",
"8Base-RHOSE-4.5:podman-tests-0:1.9.3-2.rhaos4.5.el8.x86_64",
"8Base-RHOSE-4.5:skopeo-1:1.1.1-2.rhaos4.5.el8.ppc64le",
"8Base-RHOSE-4.5:skopeo-1:1.1.1-2.rhaos4.5.el8.s390x",
"8Base-RHOSE-4.5:skopeo-1:1.1.1-2.rhaos4.5.el8.src",
"8Base-RHOSE-4.5:skopeo-1:1.1.1-2.rhaos4.5.el8.x86_64",
"8Base-RHOSE-4.5:skopeo-debuginfo-1:1.1.1-2.rhaos4.5.el8.ppc64le",
"8Base-RHOSE-4.5:skopeo-debuginfo-1:1.1.1-2.rhaos4.5.el8.s390x",
"8Base-RHOSE-4.5:skopeo-debuginfo-1:1.1.1-2.rhaos4.5.el8.x86_64",
"8Base-RHOSE-4.5:skopeo-debugsource-1:1.1.1-2.rhaos4.5.el8.ppc64le",
"8Base-RHOSE-4.5:skopeo-debugsource-1:1.1.1-2.rhaos4.5.el8.s390x",
"8Base-RHOSE-4.5:skopeo-debugsource-1:1.1.1-2.rhaos4.5.el8.x86_64",
"8Base-RHOSE-4.5:skopeo-tests-1:1.1.1-2.rhaos4.5.el8.ppc64le",
"8Base-RHOSE-4.5:skopeo-tests-1:1.1.1-2.rhaos4.5.el8.s390x",
"8Base-RHOSE-4.5:skopeo-tests-1:1.1.1-2.rhaos4.5.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "golang: data race in certain net/http servers including ReverseProxy can lead to DoS"
},
{
"cve": "CVE-2020-16845",
"cwe": {
"id": "CWE-835",
"name": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)"
},
"discovery_date": "2020-08-07T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1867099"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Go encoding/binary package. Certain invalid inputs to the ReadUvarint or the ReadVarint causes those functions to read an unlimited number of bytes from the ByteReader argument before returning an error. This flaw possibly leads to processing more input than expected. The highest threat from this vulnerability is to system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: ReadUvarint and ReadVarint can read an unlimited number of bytes from invalid inputs",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "OpenShift Container Platform (OCP), OpenShift ServiceMesh (OSSM), RedHat OpenShift Jaeger (RHOSJ) and OpenShift Virtualization components are primarily written in Go, meaning that any component using the encoding/binary package includes the vulnerable code. The affected components are behind OpenShift OAuth authentication, therefore the impact is low.\n\nRed Hat Gluster Storage 3, Red Hat OpenShift Container Storage 4 and Red Hat Ceph Storage (3 and 4) components are built with the affected version of Go, however the vulnerable functionality is currently not used by these products and hence this issue has been rated as having a security impact of Low.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RH7-RHOSE-4.5:kubefed-client-0:4.5.0-202002271711.git.2.3bd46d6.el7.ppc64le",
"7Server-RH7-RHOSE-4.5:kubefed-client-0:4.5.0-202002271711.git.2.3bd46d6.el7.s390x",
"7Server-RH7-RHOSE-4.5:kubefed-client-0:4.5.0-202002271711.git.2.3bd46d6.el7.src",
"7Server-RH7-RHOSE-4.5:kubefed-client-0:4.5.0-202002271711.git.2.3bd46d6.el7.x86_64",
"7Server-RH7-RHOSE-4.5:openshift-eventrouter-0:0.2-5.git7c289cc.el7.ppc64le",
"7Server-RH7-RHOSE-4.5:openshift-eventrouter-0:0.2-5.git7c289cc.el7.s390x",
"7Server-RH7-RHOSE-4.5:openshift-eventrouter-0:0.2-5.git7c289cc.el7.src",
"7Server-RH7-RHOSE-4.5:openshift-eventrouter-0:0.2-5.git7c289cc.el7.x86_64",
"7Server-RH7-RHOSE-4.5:openshift-eventrouter-debuginfo-0:0.2-5.git7c289cc.el7.ppc64le",
"7Server-RH7-RHOSE-4.5:openshift-eventrouter-debuginfo-0:0.2-5.git7c289cc.el7.s390x",
"7Server-RH7-RHOSE-4.5:openshift-eventrouter-debuginfo-0:0.2-5.git7c289cc.el7.x86_64",
"8Base-RHOSE-4.5:containers-common-1:1.1.1-2.rhaos4.5.el8.ppc64le",
"8Base-RHOSE-4.5:containers-common-1:1.1.1-2.rhaos4.5.el8.s390x",
"8Base-RHOSE-4.5:containers-common-1:1.1.1-2.rhaos4.5.el8.x86_64",
"8Base-RHOSE-4.5:ignition-0:0.35.1-12.rhaos4.5.gitb4d18ad.el8.ppc64le",
"8Base-RHOSE-4.5:ignition-0:0.35.1-12.rhaos4.5.gitb4d18ad.el8.s390x",
"8Base-RHOSE-4.5:ignition-0:0.35.1-12.rhaos4.5.gitb4d18ad.el8.src",
"8Base-RHOSE-4.5:ignition-0:0.35.1-12.rhaos4.5.gitb4d18ad.el8.x86_64",
"8Base-RHOSE-4.5:ignition-debuginfo-0:0.35.1-12.rhaos4.5.gitb4d18ad.el8.ppc64le",
"8Base-RHOSE-4.5:ignition-debuginfo-0:0.35.1-12.rhaos4.5.gitb4d18ad.el8.s390x",
"8Base-RHOSE-4.5:ignition-debuginfo-0:0.35.1-12.rhaos4.5.gitb4d18ad.el8.x86_64",
"8Base-RHOSE-4.5:ignition-debugsource-0:0.35.1-12.rhaos4.5.gitb4d18ad.el8.ppc64le",
"8Base-RHOSE-4.5:ignition-debugsource-0:0.35.1-12.rhaos4.5.gitb4d18ad.el8.s390x",
"8Base-RHOSE-4.5:ignition-debugsource-0:0.35.1-12.rhaos4.5.gitb4d18ad.el8.x86_64",
"8Base-RHOSE-4.5:ignition-validate-0:0.35.1-12.rhaos4.5.gitb4d18ad.el8.ppc64le",
"8Base-RHOSE-4.5:ignition-validate-0:0.35.1-12.rhaos4.5.gitb4d18ad.el8.s390x",
"8Base-RHOSE-4.5:ignition-validate-0:0.35.1-12.rhaos4.5.gitb4d18ad.el8.x86_64",
"8Base-RHOSE-4.5:ignition-validate-debuginfo-0:0.35.1-12.rhaos4.5.gitb4d18ad.el8.ppc64le",
"8Base-RHOSE-4.5:ignition-validate-debuginfo-0:0.35.1-12.rhaos4.5.gitb4d18ad.el8.s390x",
"8Base-RHOSE-4.5:ignition-validate-debuginfo-0:0.35.1-12.rhaos4.5.gitb4d18ad.el8.x86_64",
"8Base-RHOSE-4.5:podman-0:1.9.3-2.rhaos4.5.el8.ppc64le",
"8Base-RHOSE-4.5:podman-0:1.9.3-2.rhaos4.5.el8.s390x",
"8Base-RHOSE-4.5:podman-0:1.9.3-2.rhaos4.5.el8.src",
"8Base-RHOSE-4.5:podman-0:1.9.3-2.rhaos4.5.el8.x86_64",
"8Base-RHOSE-4.5:podman-debuginfo-0:1.9.3-2.rhaos4.5.el8.ppc64le",
"8Base-RHOSE-4.5:podman-debuginfo-0:1.9.3-2.rhaos4.5.el8.s390x",
"8Base-RHOSE-4.5:podman-debuginfo-0:1.9.3-2.rhaos4.5.el8.x86_64",
"8Base-RHOSE-4.5:podman-debugsource-0:1.9.3-2.rhaos4.5.el8.ppc64le",
"8Base-RHOSE-4.5:podman-debugsource-0:1.9.3-2.rhaos4.5.el8.s390x",
"8Base-RHOSE-4.5:podman-debugsource-0:1.9.3-2.rhaos4.5.el8.x86_64",
"8Base-RHOSE-4.5:podman-docker-0:1.9.3-2.rhaos4.5.el8.noarch",
"8Base-RHOSE-4.5:podman-remote-0:1.9.3-2.rhaos4.5.el8.ppc64le",
"8Base-RHOSE-4.5:podman-remote-0:1.9.3-2.rhaos4.5.el8.s390x",
"8Base-RHOSE-4.5:podman-remote-0:1.9.3-2.rhaos4.5.el8.x86_64",
"8Base-RHOSE-4.5:podman-remote-debuginfo-0:1.9.3-2.rhaos4.5.el8.ppc64le",
"8Base-RHOSE-4.5:podman-remote-debuginfo-0:1.9.3-2.rhaos4.5.el8.s390x",
"8Base-RHOSE-4.5:podman-remote-debuginfo-0:1.9.3-2.rhaos4.5.el8.x86_64",
"8Base-RHOSE-4.5:podman-tests-0:1.9.3-2.rhaos4.5.el8.ppc64le",
"8Base-RHOSE-4.5:podman-tests-0:1.9.3-2.rhaos4.5.el8.s390x",
"8Base-RHOSE-4.5:podman-tests-0:1.9.3-2.rhaos4.5.el8.x86_64",
"8Base-RHOSE-4.5:skopeo-1:1.1.1-2.rhaos4.5.el8.ppc64le",
"8Base-RHOSE-4.5:skopeo-1:1.1.1-2.rhaos4.5.el8.s390x",
"8Base-RHOSE-4.5:skopeo-1:1.1.1-2.rhaos4.5.el8.src",
"8Base-RHOSE-4.5:skopeo-1:1.1.1-2.rhaos4.5.el8.x86_64",
"8Base-RHOSE-4.5:skopeo-debuginfo-1:1.1.1-2.rhaos4.5.el8.ppc64le",
"8Base-RHOSE-4.5:skopeo-debuginfo-1:1.1.1-2.rhaos4.5.el8.s390x",
"8Base-RHOSE-4.5:skopeo-debuginfo-1:1.1.1-2.rhaos4.5.el8.x86_64",
"8Base-RHOSE-4.5:skopeo-debugsource-1:1.1.1-2.rhaos4.5.el8.ppc64le",
"8Base-RHOSE-4.5:skopeo-debugsource-1:1.1.1-2.rhaos4.5.el8.s390x",
"8Base-RHOSE-4.5:skopeo-debugsource-1:1.1.1-2.rhaos4.5.el8.x86_64",
"8Base-RHOSE-4.5:skopeo-tests-1:1.1.1-2.rhaos4.5.el8.ppc64le",
"8Base-RHOSE-4.5:skopeo-tests-1:1.1.1-2.rhaos4.5.el8.s390x",
"8Base-RHOSE-4.5:skopeo-tests-1:1.1.1-2.rhaos4.5.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-16845"
},
{
"category": "external",
"summary": "RHBZ#1867099",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1867099"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-16845",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-16845"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-16845",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-16845"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/NyPIaucMgXo",
"url": "https://groups.google.com/g/golang-announce/c/NyPIaucMgXo"
}
],
"release_date": "2020-08-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-04-13T23:35:52+00:00",
"details": "For OpenShift Container Platform 4.5 see the following documentation, which\nwill be updated shortly for this release, for important instructions on how\nto upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.5/release_notes/ocp-4-5-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.5/updating/updating-cluster-cli.html",
"product_ids": [
"7Server-RH7-RHOSE-4.5:kubefed-client-0:4.5.0-202002271711.git.2.3bd46d6.el7.ppc64le",
"7Server-RH7-RHOSE-4.5:kubefed-client-0:4.5.0-202002271711.git.2.3bd46d6.el7.s390x",
"7Server-RH7-RHOSE-4.5:kubefed-client-0:4.5.0-202002271711.git.2.3bd46d6.el7.src",
"7Server-RH7-RHOSE-4.5:kubefed-client-0:4.5.0-202002271711.git.2.3bd46d6.el7.x86_64",
"7Server-RH7-RHOSE-4.5:openshift-eventrouter-0:0.2-5.git7c289cc.el7.ppc64le",
"7Server-RH7-RHOSE-4.5:openshift-eventrouter-0:0.2-5.git7c289cc.el7.s390x",
"7Server-RH7-RHOSE-4.5:openshift-eventrouter-0:0.2-5.git7c289cc.el7.src",
"7Server-RH7-RHOSE-4.5:openshift-eventrouter-0:0.2-5.git7c289cc.el7.x86_64",
"7Server-RH7-RHOSE-4.5:openshift-eventrouter-debuginfo-0:0.2-5.git7c289cc.el7.ppc64le",
"7Server-RH7-RHOSE-4.5:openshift-eventrouter-debuginfo-0:0.2-5.git7c289cc.el7.s390x",
"7Server-RH7-RHOSE-4.5:openshift-eventrouter-debuginfo-0:0.2-5.git7c289cc.el7.x86_64",
"8Base-RHOSE-4.5:containers-common-1:1.1.1-2.rhaos4.5.el8.ppc64le",
"8Base-RHOSE-4.5:containers-common-1:1.1.1-2.rhaos4.5.el8.s390x",
"8Base-RHOSE-4.5:containers-common-1:1.1.1-2.rhaos4.5.el8.x86_64",
"8Base-RHOSE-4.5:ignition-0:0.35.1-12.rhaos4.5.gitb4d18ad.el8.ppc64le",
"8Base-RHOSE-4.5:ignition-0:0.35.1-12.rhaos4.5.gitb4d18ad.el8.s390x",
"8Base-RHOSE-4.5:ignition-0:0.35.1-12.rhaos4.5.gitb4d18ad.el8.src",
"8Base-RHOSE-4.5:ignition-0:0.35.1-12.rhaos4.5.gitb4d18ad.el8.x86_64",
"8Base-RHOSE-4.5:ignition-debuginfo-0:0.35.1-12.rhaos4.5.gitb4d18ad.el8.ppc64le",
"8Base-RHOSE-4.5:ignition-debuginfo-0:0.35.1-12.rhaos4.5.gitb4d18ad.el8.s390x",
"8Base-RHOSE-4.5:ignition-debuginfo-0:0.35.1-12.rhaos4.5.gitb4d18ad.el8.x86_64",
"8Base-RHOSE-4.5:ignition-debugsource-0:0.35.1-12.rhaos4.5.gitb4d18ad.el8.ppc64le",
"8Base-RHOSE-4.5:ignition-debugsource-0:0.35.1-12.rhaos4.5.gitb4d18ad.el8.s390x",
"8Base-RHOSE-4.5:ignition-debugsource-0:0.35.1-12.rhaos4.5.gitb4d18ad.el8.x86_64",
"8Base-RHOSE-4.5:ignition-validate-0:0.35.1-12.rhaos4.5.gitb4d18ad.el8.ppc64le",
"8Base-RHOSE-4.5:ignition-validate-0:0.35.1-12.rhaos4.5.gitb4d18ad.el8.s390x",
"8Base-RHOSE-4.5:ignition-validate-0:0.35.1-12.rhaos4.5.gitb4d18ad.el8.x86_64",
"8Base-RHOSE-4.5:ignition-validate-debuginfo-0:0.35.1-12.rhaos4.5.gitb4d18ad.el8.ppc64le",
"8Base-RHOSE-4.5:ignition-validate-debuginfo-0:0.35.1-12.rhaos4.5.gitb4d18ad.el8.s390x",
"8Base-RHOSE-4.5:ignition-validate-debuginfo-0:0.35.1-12.rhaos4.5.gitb4d18ad.el8.x86_64",
"8Base-RHOSE-4.5:podman-0:1.9.3-2.rhaos4.5.el8.ppc64le",
"8Base-RHOSE-4.5:podman-0:1.9.3-2.rhaos4.5.el8.s390x",
"8Base-RHOSE-4.5:podman-0:1.9.3-2.rhaos4.5.el8.src",
"8Base-RHOSE-4.5:podman-0:1.9.3-2.rhaos4.5.el8.x86_64",
"8Base-RHOSE-4.5:podman-debuginfo-0:1.9.3-2.rhaos4.5.el8.ppc64le",
"8Base-RHOSE-4.5:podman-debuginfo-0:1.9.3-2.rhaos4.5.el8.s390x",
"8Base-RHOSE-4.5:podman-debuginfo-0:1.9.3-2.rhaos4.5.el8.x86_64",
"8Base-RHOSE-4.5:podman-debugsource-0:1.9.3-2.rhaos4.5.el8.ppc64le",
"8Base-RHOSE-4.5:podman-debugsource-0:1.9.3-2.rhaos4.5.el8.s390x",
"8Base-RHOSE-4.5:podman-debugsource-0:1.9.3-2.rhaos4.5.el8.x86_64",
"8Base-RHOSE-4.5:podman-docker-0:1.9.3-2.rhaos4.5.el8.noarch",
"8Base-RHOSE-4.5:podman-remote-0:1.9.3-2.rhaos4.5.el8.ppc64le",
"8Base-RHOSE-4.5:podman-remote-0:1.9.3-2.rhaos4.5.el8.s390x",
"8Base-RHOSE-4.5:podman-remote-0:1.9.3-2.rhaos4.5.el8.x86_64",
"8Base-RHOSE-4.5:podman-remote-debuginfo-0:1.9.3-2.rhaos4.5.el8.ppc64le",
"8Base-RHOSE-4.5:podman-remote-debuginfo-0:1.9.3-2.rhaos4.5.el8.s390x",
"8Base-RHOSE-4.5:podman-remote-debuginfo-0:1.9.3-2.rhaos4.5.el8.x86_64",
"8Base-RHOSE-4.5:podman-tests-0:1.9.3-2.rhaos4.5.el8.ppc64le",
"8Base-RHOSE-4.5:podman-tests-0:1.9.3-2.rhaos4.5.el8.s390x",
"8Base-RHOSE-4.5:podman-tests-0:1.9.3-2.rhaos4.5.el8.x86_64",
"8Base-RHOSE-4.5:skopeo-1:1.1.1-2.rhaos4.5.el8.ppc64le",
"8Base-RHOSE-4.5:skopeo-1:1.1.1-2.rhaos4.5.el8.s390x",
"8Base-RHOSE-4.5:skopeo-1:1.1.1-2.rhaos4.5.el8.src",
"8Base-RHOSE-4.5:skopeo-1:1.1.1-2.rhaos4.5.el8.x86_64",
"8Base-RHOSE-4.5:skopeo-debuginfo-1:1.1.1-2.rhaos4.5.el8.ppc64le",
"8Base-RHOSE-4.5:skopeo-debuginfo-1:1.1.1-2.rhaos4.5.el8.s390x",
"8Base-RHOSE-4.5:skopeo-debuginfo-1:1.1.1-2.rhaos4.5.el8.x86_64",
"8Base-RHOSE-4.5:skopeo-debugsource-1:1.1.1-2.rhaos4.5.el8.ppc64le",
"8Base-RHOSE-4.5:skopeo-debugsource-1:1.1.1-2.rhaos4.5.el8.s390x",
"8Base-RHOSE-4.5:skopeo-debugsource-1:1.1.1-2.rhaos4.5.el8.x86_64",
"8Base-RHOSE-4.5:skopeo-tests-1:1.1.1-2.rhaos4.5.el8.ppc64le",
"8Base-RHOSE-4.5:skopeo-tests-1:1.1.1-2.rhaos4.5.el8.s390x",
"8Base-RHOSE-4.5:skopeo-tests-1:1.1.1-2.rhaos4.5.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:1016"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"7Server-RH7-RHOSE-4.5:kubefed-client-0:4.5.0-202002271711.git.2.3bd46d6.el7.ppc64le",
"7Server-RH7-RHOSE-4.5:kubefed-client-0:4.5.0-202002271711.git.2.3bd46d6.el7.s390x",
"7Server-RH7-RHOSE-4.5:kubefed-client-0:4.5.0-202002271711.git.2.3bd46d6.el7.src",
"7Server-RH7-RHOSE-4.5:kubefed-client-0:4.5.0-202002271711.git.2.3bd46d6.el7.x86_64",
"7Server-RH7-RHOSE-4.5:openshift-eventrouter-0:0.2-5.git7c289cc.el7.ppc64le",
"7Server-RH7-RHOSE-4.5:openshift-eventrouter-0:0.2-5.git7c289cc.el7.s390x",
"7Server-RH7-RHOSE-4.5:openshift-eventrouter-0:0.2-5.git7c289cc.el7.src",
"7Server-RH7-RHOSE-4.5:openshift-eventrouter-0:0.2-5.git7c289cc.el7.x86_64",
"7Server-RH7-RHOSE-4.5:openshift-eventrouter-debuginfo-0:0.2-5.git7c289cc.el7.ppc64le",
"7Server-RH7-RHOSE-4.5:openshift-eventrouter-debuginfo-0:0.2-5.git7c289cc.el7.s390x",
"7Server-RH7-RHOSE-4.5:openshift-eventrouter-debuginfo-0:0.2-5.git7c289cc.el7.x86_64",
"8Base-RHOSE-4.5:containers-common-1:1.1.1-2.rhaos4.5.el8.ppc64le",
"8Base-RHOSE-4.5:containers-common-1:1.1.1-2.rhaos4.5.el8.s390x",
"8Base-RHOSE-4.5:containers-common-1:1.1.1-2.rhaos4.5.el8.x86_64",
"8Base-RHOSE-4.5:ignition-0:0.35.1-12.rhaos4.5.gitb4d18ad.el8.ppc64le",
"8Base-RHOSE-4.5:ignition-0:0.35.1-12.rhaos4.5.gitb4d18ad.el8.s390x",
"8Base-RHOSE-4.5:ignition-0:0.35.1-12.rhaos4.5.gitb4d18ad.el8.src",
"8Base-RHOSE-4.5:ignition-0:0.35.1-12.rhaos4.5.gitb4d18ad.el8.x86_64",
"8Base-RHOSE-4.5:ignition-debuginfo-0:0.35.1-12.rhaos4.5.gitb4d18ad.el8.ppc64le",
"8Base-RHOSE-4.5:ignition-debuginfo-0:0.35.1-12.rhaos4.5.gitb4d18ad.el8.s390x",
"8Base-RHOSE-4.5:ignition-debuginfo-0:0.35.1-12.rhaos4.5.gitb4d18ad.el8.x86_64",
"8Base-RHOSE-4.5:ignition-debugsource-0:0.35.1-12.rhaos4.5.gitb4d18ad.el8.ppc64le",
"8Base-RHOSE-4.5:ignition-debugsource-0:0.35.1-12.rhaos4.5.gitb4d18ad.el8.s390x",
"8Base-RHOSE-4.5:ignition-debugsource-0:0.35.1-12.rhaos4.5.gitb4d18ad.el8.x86_64",
"8Base-RHOSE-4.5:ignition-validate-0:0.35.1-12.rhaos4.5.gitb4d18ad.el8.ppc64le",
"8Base-RHOSE-4.5:ignition-validate-0:0.35.1-12.rhaos4.5.gitb4d18ad.el8.s390x",
"8Base-RHOSE-4.5:ignition-validate-0:0.35.1-12.rhaos4.5.gitb4d18ad.el8.x86_64",
"8Base-RHOSE-4.5:ignition-validate-debuginfo-0:0.35.1-12.rhaos4.5.gitb4d18ad.el8.ppc64le",
"8Base-RHOSE-4.5:ignition-validate-debuginfo-0:0.35.1-12.rhaos4.5.gitb4d18ad.el8.s390x",
"8Base-RHOSE-4.5:ignition-validate-debuginfo-0:0.35.1-12.rhaos4.5.gitb4d18ad.el8.x86_64",
"8Base-RHOSE-4.5:podman-0:1.9.3-2.rhaos4.5.el8.ppc64le",
"8Base-RHOSE-4.5:podman-0:1.9.3-2.rhaos4.5.el8.s390x",
"8Base-RHOSE-4.5:podman-0:1.9.3-2.rhaos4.5.el8.src",
"8Base-RHOSE-4.5:podman-0:1.9.3-2.rhaos4.5.el8.x86_64",
"8Base-RHOSE-4.5:podman-debuginfo-0:1.9.3-2.rhaos4.5.el8.ppc64le",
"8Base-RHOSE-4.5:podman-debuginfo-0:1.9.3-2.rhaos4.5.el8.s390x",
"8Base-RHOSE-4.5:podman-debuginfo-0:1.9.3-2.rhaos4.5.el8.x86_64",
"8Base-RHOSE-4.5:podman-debugsource-0:1.9.3-2.rhaos4.5.el8.ppc64le",
"8Base-RHOSE-4.5:podman-debugsource-0:1.9.3-2.rhaos4.5.el8.s390x",
"8Base-RHOSE-4.5:podman-debugsource-0:1.9.3-2.rhaos4.5.el8.x86_64",
"8Base-RHOSE-4.5:podman-docker-0:1.9.3-2.rhaos4.5.el8.noarch",
"8Base-RHOSE-4.5:podman-remote-0:1.9.3-2.rhaos4.5.el8.ppc64le",
"8Base-RHOSE-4.5:podman-remote-0:1.9.3-2.rhaos4.5.el8.s390x",
"8Base-RHOSE-4.5:podman-remote-0:1.9.3-2.rhaos4.5.el8.x86_64",
"8Base-RHOSE-4.5:podman-remote-debuginfo-0:1.9.3-2.rhaos4.5.el8.ppc64le",
"8Base-RHOSE-4.5:podman-remote-debuginfo-0:1.9.3-2.rhaos4.5.el8.s390x",
"8Base-RHOSE-4.5:podman-remote-debuginfo-0:1.9.3-2.rhaos4.5.el8.x86_64",
"8Base-RHOSE-4.5:podman-tests-0:1.9.3-2.rhaos4.5.el8.ppc64le",
"8Base-RHOSE-4.5:podman-tests-0:1.9.3-2.rhaos4.5.el8.s390x",
"8Base-RHOSE-4.5:podman-tests-0:1.9.3-2.rhaos4.5.el8.x86_64",
"8Base-RHOSE-4.5:skopeo-1:1.1.1-2.rhaos4.5.el8.ppc64le",
"8Base-RHOSE-4.5:skopeo-1:1.1.1-2.rhaos4.5.el8.s390x",
"8Base-RHOSE-4.5:skopeo-1:1.1.1-2.rhaos4.5.el8.src",
"8Base-RHOSE-4.5:skopeo-1:1.1.1-2.rhaos4.5.el8.x86_64",
"8Base-RHOSE-4.5:skopeo-debuginfo-1:1.1.1-2.rhaos4.5.el8.ppc64le",
"8Base-RHOSE-4.5:skopeo-debuginfo-1:1.1.1-2.rhaos4.5.el8.s390x",
"8Base-RHOSE-4.5:skopeo-debuginfo-1:1.1.1-2.rhaos4.5.el8.x86_64",
"8Base-RHOSE-4.5:skopeo-debugsource-1:1.1.1-2.rhaos4.5.el8.ppc64le",
"8Base-RHOSE-4.5:skopeo-debugsource-1:1.1.1-2.rhaos4.5.el8.s390x",
"8Base-RHOSE-4.5:skopeo-debugsource-1:1.1.1-2.rhaos4.5.el8.x86_64",
"8Base-RHOSE-4.5:skopeo-tests-1:1.1.1-2.rhaos4.5.el8.ppc64le",
"8Base-RHOSE-4.5:skopeo-tests-1:1.1.1-2.rhaos4.5.el8.s390x",
"8Base-RHOSE-4.5:skopeo-tests-1:1.1.1-2.rhaos4.5.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "golang: ReadUvarint and ReadVarint can read an unlimited number of bytes from invalid inputs"
}
]
}
RHSA-2021:1366
Vulnerability from csaf_redhat - Published: 2021-05-04 19:34 - Updated: 2026-04-30 16:09Summary
Red Hat Security Advisory: OpenShift Container Platform 4.7.9 packages and security update
Severity
Moderate
Notes
Topic: Red Hat OpenShift Container Platform release 4.7.9 is now available with
updates to packages and images that fix several bugs.
This release includes a security update for Red Hat OpenShift Container Platform 4.7.9.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: Red Hat OpenShift Container Platform is Red Hat's cloud computing
Kubernetes application platform solution designed for on-premise or private
cloud deployments.
This advisory contains the RPM packages for Red Hat OpenShift Container
Platform 4.7.9. See the following advisory for the container images for
this release:
https://access.redhat.com/errata/RHSA-2021:1365
All OpenShift Container Platform 4.7 users are advised to upgrade to these
updated packages and images when they are available in the appropriate
release channel. To check for available updates, use the OpenShift Console
or the CLI oc command. Instructions for upgrading a cluster are available
at
https://docs.openshift.com/container-platform/4.7/updating/updating-cluster
-between-minor.html#understanding-upgrade-channels_updating-cluster-between
-minor
Security Fix(es):
* golang: data race in certain net/http servers including ReverseProxy can lead to DoS (CVE-2020-15586)
* golang: ReadUvarint and ReadVarint can read an unlimited number of bytes from invalid inputs (CVE-2020-16845)
* golang: math/big: panic during recursive division of very large numbers (CVE-2020-28362)
* golang: crypto/elliptic: incorrect operations on the P-224 curve (CVE-2021-3114)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found Go's net/http package. Servers using ReverseProxy from net/http in the Go standard library are vulnerable to a data race that results in a denial of service. The highest threat from this vulnerability is to system availability.
5.9 (Medium)
Affected products
Fixed
7 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHOSE-4.7:golang-github-prometheus-promu-0:0.5.0-3.git642a960.el8.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.7:golang-github-prometheus-promu-0:0.5.0-3.git642a960.el8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.7:golang-github-prometheus-promu-0:0.5.0-3.git642a960.el8.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.7:golang-github-prometheus-promu-0:0.5.0-3.git642a960.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.7:prometheus-promu-0:0.5.0-3.git642a960.el8.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.7:prometheus-promu-0:0.5.0-3.git642a960.el8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.7:prometheus-promu-0:0.5.0-3.git642a960.el8.x86_64 | — |
Vendor Fix
fix
|
Known not affected
26 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 7Server-RH7-RHOSE-4.7:openshift-0:4.7.0-202104250659.p0.git.7d0a2b2.el7.src | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.7:openshift-ansible-0:4.7.0-202104250659.p0.git.e1b19c2.el7.noarch | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.7:openshift-ansible-0:4.7.0-202104250659.p0.git.e1b19c2.el7.src | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.7:openshift-ansible-test-0:4.7.0-202104250659.p0.git.e1b19c2.el7.noarch | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.7:openshift-clients-0:4.7.0-202104250659.p0.git.95881af.el7.src | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.7:openshift-clients-0:4.7.0-202104250659.p0.git.95881af.el7.x86_64 | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.7:openshift-clients-redistributable-0:4.7.0-202104250659.p0.git.95881af.el7.x86_64 | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.7:openshift-hyperkube-0:4.7.0-202104250659.p0.git.7d0a2b2.el7.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.7:atomic-openshift-service-idler-0:4.7.0-202104260636.p0.git.330c6ef.el8.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.7:atomic-openshift-service-idler-0:4.7.0-202104260636.p0.git.330c6ef.el8.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.7:atomic-openshift-service-idler-0:4.7.0-202104260636.p0.git.330c6ef.el8.src | — | ||
| Unresolved product id: 8Base-RHOSE-4.7:atomic-openshift-service-idler-0:4.7.0-202104260636.p0.git.330c6ef.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.7:openshift-0:4.7.0-202104250659.p0.git.7d0a2b2.el8.src | — | ||
| Unresolved product id: 8Base-RHOSE-4.7:openshift-clients-0:4.7.0-202104250659.p0.git.95881af.el8.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.7:openshift-clients-0:4.7.0-202104250659.p0.git.95881af.el8.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.7:openshift-clients-0:4.7.0-202104250659.p0.git.95881af.el8.src | — | ||
| Unresolved product id: 8Base-RHOSE-4.7:openshift-clients-0:4.7.0-202104250659.p0.git.95881af.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.7:openshift-clients-redistributable-0:4.7.0-202104250659.p0.git.95881af.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.7:openshift-hyperkube-0:4.7.0-202104250659.p0.git.7d0a2b2.el8.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.7:openshift-hyperkube-0:4.7.0-202104250659.p0.git.7d0a2b2.el8.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.7:openshift-hyperkube-0:4.7.0-202104250659.p0.git.7d0a2b2.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.7:openshift-kuryr-0:4.7.0-202104250659.p0.git.d49acc4.el8.src | — | ||
| Unresolved product id: 8Base-RHOSE-4.7:openshift-kuryr-cni-0:4.7.0-202104250659.p0.git.d49acc4.el8.noarch | — | ||
| Unresolved product id: 8Base-RHOSE-4.7:openshift-kuryr-common-0:4.7.0-202104250659.p0.git.d49acc4.el8.noarch | — | ||
| Unresolved product id: 8Base-RHOSE-4.7:openshift-kuryr-controller-0:4.7.0-202104250659.p0.git.d49acc4.el8.noarch | — | ||
| Unresolved product id: 8Base-RHOSE-4.7:python3-kuryr-kubernetes-0:4.7.0-202104250659.p0.git.d49acc4.el8.noarch | — |
Threats
Impact
Low
A flaw was found in the Go encoding/binary package. Certain invalid inputs to the ReadUvarint or the ReadVarint causes those functions to read an unlimited number of bytes from the ByteReader argument before returning an error. This flaw possibly leads to processing more input than expected. The highest threat from this vulnerability is to system availability.
7.5 (High)
Affected products
Fixed
7 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHOSE-4.7:golang-github-prometheus-promu-0:0.5.0-3.git642a960.el8.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.7:golang-github-prometheus-promu-0:0.5.0-3.git642a960.el8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.7:golang-github-prometheus-promu-0:0.5.0-3.git642a960.el8.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.7:golang-github-prometheus-promu-0:0.5.0-3.git642a960.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.7:prometheus-promu-0:0.5.0-3.git642a960.el8.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.7:prometheus-promu-0:0.5.0-3.git642a960.el8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.7:prometheus-promu-0:0.5.0-3.git642a960.el8.x86_64 | — |
Vendor Fix
fix
|
Known not affected
26 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 7Server-RH7-RHOSE-4.7:openshift-0:4.7.0-202104250659.p0.git.7d0a2b2.el7.src | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.7:openshift-ansible-0:4.7.0-202104250659.p0.git.e1b19c2.el7.noarch | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.7:openshift-ansible-0:4.7.0-202104250659.p0.git.e1b19c2.el7.src | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.7:openshift-ansible-test-0:4.7.0-202104250659.p0.git.e1b19c2.el7.noarch | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.7:openshift-clients-0:4.7.0-202104250659.p0.git.95881af.el7.src | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.7:openshift-clients-0:4.7.0-202104250659.p0.git.95881af.el7.x86_64 | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.7:openshift-clients-redistributable-0:4.7.0-202104250659.p0.git.95881af.el7.x86_64 | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.7:openshift-hyperkube-0:4.7.0-202104250659.p0.git.7d0a2b2.el7.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.7:atomic-openshift-service-idler-0:4.7.0-202104260636.p0.git.330c6ef.el8.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.7:atomic-openshift-service-idler-0:4.7.0-202104260636.p0.git.330c6ef.el8.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.7:atomic-openshift-service-idler-0:4.7.0-202104260636.p0.git.330c6ef.el8.src | — | ||
| Unresolved product id: 8Base-RHOSE-4.7:atomic-openshift-service-idler-0:4.7.0-202104260636.p0.git.330c6ef.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.7:openshift-0:4.7.0-202104250659.p0.git.7d0a2b2.el8.src | — | ||
| Unresolved product id: 8Base-RHOSE-4.7:openshift-clients-0:4.7.0-202104250659.p0.git.95881af.el8.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.7:openshift-clients-0:4.7.0-202104250659.p0.git.95881af.el8.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.7:openshift-clients-0:4.7.0-202104250659.p0.git.95881af.el8.src | — | ||
| Unresolved product id: 8Base-RHOSE-4.7:openshift-clients-0:4.7.0-202104250659.p0.git.95881af.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.7:openshift-clients-redistributable-0:4.7.0-202104250659.p0.git.95881af.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.7:openshift-hyperkube-0:4.7.0-202104250659.p0.git.7d0a2b2.el8.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.7:openshift-hyperkube-0:4.7.0-202104250659.p0.git.7d0a2b2.el8.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.7:openshift-hyperkube-0:4.7.0-202104250659.p0.git.7d0a2b2.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.7:openshift-kuryr-0:4.7.0-202104250659.p0.git.d49acc4.el8.src | — | ||
| Unresolved product id: 8Base-RHOSE-4.7:openshift-kuryr-cni-0:4.7.0-202104250659.p0.git.d49acc4.el8.noarch | — | ||
| Unresolved product id: 8Base-RHOSE-4.7:openshift-kuryr-common-0:4.7.0-202104250659.p0.git.d49acc4.el8.noarch | — | ||
| Unresolved product id: 8Base-RHOSE-4.7:openshift-kuryr-controller-0:4.7.0-202104250659.p0.git.d49acc4.el8.noarch | — | ||
| Unresolved product id: 8Base-RHOSE-4.7:python3-kuryr-kubernetes-0:4.7.0-202104250659.p0.git.d49acc4.el8.noarch | — |
Threats
Impact
Low
A flaw was found in the math/big package of Go's standard library that causes a denial of service. Applications written in Go that use math/big via cryptographic packages, including crypto/rsa and crypto/x509, are vulnerable and can potentially cause panic via a crafted certificate chain. The highest threat from this vulnerability is to system availability.
7.5 (High)
Affected products
Fixed
7 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHOSE-4.7:golang-github-prometheus-promu-0:0.5.0-3.git642a960.el8.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.7:golang-github-prometheus-promu-0:0.5.0-3.git642a960.el8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.7:golang-github-prometheus-promu-0:0.5.0-3.git642a960.el8.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.7:golang-github-prometheus-promu-0:0.5.0-3.git642a960.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.7:prometheus-promu-0:0.5.0-3.git642a960.el8.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.7:prometheus-promu-0:0.5.0-3.git642a960.el8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.7:prometheus-promu-0:0.5.0-3.git642a960.el8.x86_64 | — |
Vendor Fix
fix
|
Known not affected
26 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 7Server-RH7-RHOSE-4.7:openshift-0:4.7.0-202104250659.p0.git.7d0a2b2.el7.src | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.7:openshift-ansible-0:4.7.0-202104250659.p0.git.e1b19c2.el7.noarch | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.7:openshift-ansible-0:4.7.0-202104250659.p0.git.e1b19c2.el7.src | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.7:openshift-ansible-test-0:4.7.0-202104250659.p0.git.e1b19c2.el7.noarch | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.7:openshift-clients-0:4.7.0-202104250659.p0.git.95881af.el7.src | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.7:openshift-clients-0:4.7.0-202104250659.p0.git.95881af.el7.x86_64 | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.7:openshift-clients-redistributable-0:4.7.0-202104250659.p0.git.95881af.el7.x86_64 | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.7:openshift-hyperkube-0:4.7.0-202104250659.p0.git.7d0a2b2.el7.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.7:atomic-openshift-service-idler-0:4.7.0-202104260636.p0.git.330c6ef.el8.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.7:atomic-openshift-service-idler-0:4.7.0-202104260636.p0.git.330c6ef.el8.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.7:atomic-openshift-service-idler-0:4.7.0-202104260636.p0.git.330c6ef.el8.src | — | ||
| Unresolved product id: 8Base-RHOSE-4.7:atomic-openshift-service-idler-0:4.7.0-202104260636.p0.git.330c6ef.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.7:openshift-0:4.7.0-202104250659.p0.git.7d0a2b2.el8.src | — | ||
| Unresolved product id: 8Base-RHOSE-4.7:openshift-clients-0:4.7.0-202104250659.p0.git.95881af.el8.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.7:openshift-clients-0:4.7.0-202104250659.p0.git.95881af.el8.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.7:openshift-clients-0:4.7.0-202104250659.p0.git.95881af.el8.src | — | ||
| Unresolved product id: 8Base-RHOSE-4.7:openshift-clients-0:4.7.0-202104250659.p0.git.95881af.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.7:openshift-clients-redistributable-0:4.7.0-202104250659.p0.git.95881af.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.7:openshift-hyperkube-0:4.7.0-202104250659.p0.git.7d0a2b2.el8.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.7:openshift-hyperkube-0:4.7.0-202104250659.p0.git.7d0a2b2.el8.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.7:openshift-hyperkube-0:4.7.0-202104250659.p0.git.7d0a2b2.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.7:openshift-kuryr-0:4.7.0-202104250659.p0.git.d49acc4.el8.src | — | ||
| Unresolved product id: 8Base-RHOSE-4.7:openshift-kuryr-cni-0:4.7.0-202104250659.p0.git.d49acc4.el8.noarch | — | ||
| Unresolved product id: 8Base-RHOSE-4.7:openshift-kuryr-common-0:4.7.0-202104250659.p0.git.d49acc4.el8.noarch | — | ||
| Unresolved product id: 8Base-RHOSE-4.7:openshift-kuryr-controller-0:4.7.0-202104250659.p0.git.d49acc4.el8.noarch | — | ||
| Unresolved product id: 8Base-RHOSE-4.7:python3-kuryr-kubernetes-0:4.7.0-202104250659.p0.git.d49acc4.el8.noarch | — |
Threats
Impact
Moderate
A flaw detected in golang: crypto/elliptic, in which P-224 keys as generated can return incorrect inputs, reducing the strength of the cryptography. The highest threat from this vulnerability is confidentiality and integrity.
6.5 (Medium)
Affected products
Fixed
7 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHOSE-4.7:golang-github-prometheus-promu-0:0.5.0-3.git642a960.el8.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.7:golang-github-prometheus-promu-0:0.5.0-3.git642a960.el8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.7:golang-github-prometheus-promu-0:0.5.0-3.git642a960.el8.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.7:golang-github-prometheus-promu-0:0.5.0-3.git642a960.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.7:prometheus-promu-0:0.5.0-3.git642a960.el8.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.7:prometheus-promu-0:0.5.0-3.git642a960.el8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.7:prometheus-promu-0:0.5.0-3.git642a960.el8.x86_64 | — |
Vendor Fix
fix
|
Known not affected
26 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 7Server-RH7-RHOSE-4.7:openshift-0:4.7.0-202104250659.p0.git.7d0a2b2.el7.src | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.7:openshift-ansible-0:4.7.0-202104250659.p0.git.e1b19c2.el7.noarch | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.7:openshift-ansible-0:4.7.0-202104250659.p0.git.e1b19c2.el7.src | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.7:openshift-ansible-test-0:4.7.0-202104250659.p0.git.e1b19c2.el7.noarch | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.7:openshift-clients-0:4.7.0-202104250659.p0.git.95881af.el7.src | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.7:openshift-clients-0:4.7.0-202104250659.p0.git.95881af.el7.x86_64 | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.7:openshift-clients-redistributable-0:4.7.0-202104250659.p0.git.95881af.el7.x86_64 | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.7:openshift-hyperkube-0:4.7.0-202104250659.p0.git.7d0a2b2.el7.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.7:atomic-openshift-service-idler-0:4.7.0-202104260636.p0.git.330c6ef.el8.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.7:atomic-openshift-service-idler-0:4.7.0-202104260636.p0.git.330c6ef.el8.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.7:atomic-openshift-service-idler-0:4.7.0-202104260636.p0.git.330c6ef.el8.src | — | ||
| Unresolved product id: 8Base-RHOSE-4.7:atomic-openshift-service-idler-0:4.7.0-202104260636.p0.git.330c6ef.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.7:openshift-0:4.7.0-202104250659.p0.git.7d0a2b2.el8.src | — | ||
| Unresolved product id: 8Base-RHOSE-4.7:openshift-clients-0:4.7.0-202104250659.p0.git.95881af.el8.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.7:openshift-clients-0:4.7.0-202104250659.p0.git.95881af.el8.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.7:openshift-clients-0:4.7.0-202104250659.p0.git.95881af.el8.src | — | ||
| Unresolved product id: 8Base-RHOSE-4.7:openshift-clients-0:4.7.0-202104250659.p0.git.95881af.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.7:openshift-clients-redistributable-0:4.7.0-202104250659.p0.git.95881af.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.7:openshift-hyperkube-0:4.7.0-202104250659.p0.git.7d0a2b2.el8.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.7:openshift-hyperkube-0:4.7.0-202104250659.p0.git.7d0a2b2.el8.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.7:openshift-hyperkube-0:4.7.0-202104250659.p0.git.7d0a2b2.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.7:openshift-kuryr-0:4.7.0-202104250659.p0.git.d49acc4.el8.src | — | ||
| Unresolved product id: 8Base-RHOSE-4.7:openshift-kuryr-cni-0:4.7.0-202104250659.p0.git.d49acc4.el8.noarch | — | ||
| Unresolved product id: 8Base-RHOSE-4.7:openshift-kuryr-common-0:4.7.0-202104250659.p0.git.d49acc4.el8.noarch | — | ||
| Unresolved product id: 8Base-RHOSE-4.7:openshift-kuryr-controller-0:4.7.0-202104250659.p0.git.d49acc4.el8.noarch | — | ||
| Unresolved product id: 8Base-RHOSE-4.7:python3-kuryr-kubernetes-0:4.7.0-202104250659.p0.git.d49acc4.el8.noarch | — |
Threats
Impact
Moderate
References
27 references
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Red Hat OpenShift Container Platform release 4.7.9 is now available with\nupdates to packages and images that fix several bugs.\n\nThis release includes a security update for Red Hat OpenShift Container Platform 4.7.9.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat OpenShift Container Platform is Red Hat\u0027s cloud computing\nKubernetes application platform solution designed for on-premise or private\ncloud deployments.\n\nThis advisory contains the RPM packages for Red Hat OpenShift Container\nPlatform 4.7.9. See the following advisory for the container images for\nthis release:\n\nhttps://access.redhat.com/errata/RHSA-2021:1365\n\nAll OpenShift Container Platform 4.7 users are advised to upgrade to these\nupdated packages and images when they are available in the appropriate\nrelease channel. To check for available updates, use the OpenShift Console\nor the CLI oc command. Instructions for upgrading a cluster are available\nat\nhttps://docs.openshift.com/container-platform/4.7/updating/updating-cluster\n-between-minor.html#understanding-upgrade-channels_updating-cluster-between\n-minor\n\nSecurity Fix(es):\n\n* golang: data race in certain net/http servers including ReverseProxy can lead to DoS (CVE-2020-15586)\n\n* golang: ReadUvarint and ReadVarint can read an unlimited number of bytes from invalid inputs (CVE-2020-16845)\n\n* golang: math/big: panic during recursive division of very large numbers (CVE-2020-28362)\n\n* golang: crypto/elliptic: incorrect operations on the P-224 curve (CVE-2021-3114)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2021:1366",
"url": "https://access.redhat.com/errata/RHSA-2021:1366"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "1856953",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1856953"
},
{
"category": "external",
"summary": "1867099",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1867099"
},
{
"category": "external",
"summary": "1897635",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1897635"
},
{
"category": "external",
"summary": "1918750",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1918750"
},
{
"category": "external",
"summary": "1953464",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1953464"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2021/rhsa-2021_1366.json"
}
],
"title": "Red Hat Security Advisory: OpenShift Container Platform 4.7.9 packages and security update",
"tracking": {
"current_release_date": "2026-04-30T16:09:25+00:00",
"generator": {
"date": "2026-04-30T16:09:25+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.7.7"
}
},
"id": "RHSA-2021:1366",
"initial_release_date": "2021-05-04T19:34:17+00:00",
"revision_history": [
{
"date": "2021-05-04T19:34:17+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2021-05-04T19:34:17+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-04-30T16:09:25+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat OpenShift Container Platform 4.7",
"product": {
"name": "Red Hat OpenShift Container Platform 4.7",
"product_id": "7Server-RH7-RHOSE-4.7",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift:4.7::el7"
}
}
},
{
"category": "product_name",
"name": "Red Hat OpenShift Container Platform 4.7",
"product": {
"name": "Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift:4.7::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenShift Enterprise"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-0:4.7.0-202104250659.p0.git.7d0a2b2.el7.src",
"product": {
"name": "openshift-0:4.7.0-202104250659.p0.git.7d0a2b2.el7.src",
"product_id": "openshift-0:4.7.0-202104250659.p0.git.7d0a2b2.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift@4.7.0-202104250659.p0.git.7d0a2b2.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "openshift-clients-0:4.7.0-202104250659.p0.git.95881af.el7.src",
"product": {
"name": "openshift-clients-0:4.7.0-202104250659.p0.git.95881af.el7.src",
"product_id": "openshift-clients-0:4.7.0-202104250659.p0.git.95881af.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-clients@4.7.0-202104250659.p0.git.95881af.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "openshift-ansible-0:4.7.0-202104250659.p0.git.e1b19c2.el7.src",
"product": {
"name": "openshift-ansible-0:4.7.0-202104250659.p0.git.e1b19c2.el7.src",
"product_id": "openshift-ansible-0:4.7.0-202104250659.p0.git.e1b19c2.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-ansible@4.7.0-202104250659.p0.git.e1b19c2.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "openshift-clients-0:4.7.0-202104250659.p0.git.95881af.el8.src",
"product": {
"name": "openshift-clients-0:4.7.0-202104250659.p0.git.95881af.el8.src",
"product_id": "openshift-clients-0:4.7.0-202104250659.p0.git.95881af.el8.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-clients@4.7.0-202104250659.p0.git.95881af.el8?arch=src"
}
}
},
{
"category": "product_version",
"name": "openshift-0:4.7.0-202104250659.p0.git.7d0a2b2.el8.src",
"product": {
"name": "openshift-0:4.7.0-202104250659.p0.git.7d0a2b2.el8.src",
"product_id": "openshift-0:4.7.0-202104250659.p0.git.7d0a2b2.el8.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift@4.7.0-202104250659.p0.git.7d0a2b2.el8?arch=src"
}
}
},
{
"category": "product_version",
"name": "openshift-kuryr-0:4.7.0-202104250659.p0.git.d49acc4.el8.src",
"product": {
"name": "openshift-kuryr-0:4.7.0-202104250659.p0.git.d49acc4.el8.src",
"product_id": "openshift-kuryr-0:4.7.0-202104250659.p0.git.d49acc4.el8.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-kuryr@4.7.0-202104250659.p0.git.d49acc4.el8?arch=src"
}
}
},
{
"category": "product_version",
"name": "golang-github-prometheus-promu-0:0.5.0-3.git642a960.el8.src",
"product": {
"name": "golang-github-prometheus-promu-0:0.5.0-3.git642a960.el8.src",
"product_id": "golang-github-prometheus-promu-0:0.5.0-3.git642a960.el8.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-github-prometheus-promu@0.5.0-3.git642a960.el8?arch=src"
}
}
},
{
"category": "product_version",
"name": "atomic-openshift-service-idler-0:4.7.0-202104260636.p0.git.330c6ef.el8.src",
"product": {
"name": "atomic-openshift-service-idler-0:4.7.0-202104260636.p0.git.330c6ef.el8.src",
"product_id": "atomic-openshift-service-idler-0:4.7.0-202104260636.p0.git.330c6ef.el8.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/atomic-openshift-service-idler@4.7.0-202104260636.p0.git.330c6ef.el8?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-hyperkube-0:4.7.0-202104250659.p0.git.7d0a2b2.el7.x86_64",
"product": {
"name": "openshift-hyperkube-0:4.7.0-202104250659.p0.git.7d0a2b2.el7.x86_64",
"product_id": "openshift-hyperkube-0:4.7.0-202104250659.p0.git.7d0a2b2.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-hyperkube@4.7.0-202104250659.p0.git.7d0a2b2.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "openshift-clients-0:4.7.0-202104250659.p0.git.95881af.el7.x86_64",
"product": {
"name": "openshift-clients-0:4.7.0-202104250659.p0.git.95881af.el7.x86_64",
"product_id": "openshift-clients-0:4.7.0-202104250659.p0.git.95881af.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-clients@4.7.0-202104250659.p0.git.95881af.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "openshift-clients-redistributable-0:4.7.0-202104250659.p0.git.95881af.el7.x86_64",
"product": {
"name": "openshift-clients-redistributable-0:4.7.0-202104250659.p0.git.95881af.el7.x86_64",
"product_id": "openshift-clients-redistributable-0:4.7.0-202104250659.p0.git.95881af.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-clients-redistributable@4.7.0-202104250659.p0.git.95881af.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "openshift-clients-0:4.7.0-202104250659.p0.git.95881af.el8.x86_64",
"product": {
"name": "openshift-clients-0:4.7.0-202104250659.p0.git.95881af.el8.x86_64",
"product_id": "openshift-clients-0:4.7.0-202104250659.p0.git.95881af.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-clients@4.7.0-202104250659.p0.git.95881af.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "openshift-clients-redistributable-0:4.7.0-202104250659.p0.git.95881af.el8.x86_64",
"product": {
"name": "openshift-clients-redistributable-0:4.7.0-202104250659.p0.git.95881af.el8.x86_64",
"product_id": "openshift-clients-redistributable-0:4.7.0-202104250659.p0.git.95881af.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-clients-redistributable@4.7.0-202104250659.p0.git.95881af.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "openshift-hyperkube-0:4.7.0-202104250659.p0.git.7d0a2b2.el8.x86_64",
"product": {
"name": "openshift-hyperkube-0:4.7.0-202104250659.p0.git.7d0a2b2.el8.x86_64",
"product_id": "openshift-hyperkube-0:4.7.0-202104250659.p0.git.7d0a2b2.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-hyperkube@4.7.0-202104250659.p0.git.7d0a2b2.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "golang-github-prometheus-promu-0:0.5.0-3.git642a960.el8.x86_64",
"product": {
"name": "golang-github-prometheus-promu-0:0.5.0-3.git642a960.el8.x86_64",
"product_id": "golang-github-prometheus-promu-0:0.5.0-3.git642a960.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-github-prometheus-promu@0.5.0-3.git642a960.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "prometheus-promu-0:0.5.0-3.git642a960.el8.x86_64",
"product": {
"name": "prometheus-promu-0:0.5.0-3.git642a960.el8.x86_64",
"product_id": "prometheus-promu-0:0.5.0-3.git642a960.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/prometheus-promu@0.5.0-3.git642a960.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "atomic-openshift-service-idler-0:4.7.0-202104260636.p0.git.330c6ef.el8.x86_64",
"product": {
"name": "atomic-openshift-service-idler-0:4.7.0-202104260636.p0.git.330c6ef.el8.x86_64",
"product_id": "atomic-openshift-service-idler-0:4.7.0-202104260636.p0.git.330c6ef.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/atomic-openshift-service-idler@4.7.0-202104260636.p0.git.330c6ef.el8?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-ansible-0:4.7.0-202104250659.p0.git.e1b19c2.el7.noarch",
"product": {
"name": "openshift-ansible-0:4.7.0-202104250659.p0.git.e1b19c2.el7.noarch",
"product_id": "openshift-ansible-0:4.7.0-202104250659.p0.git.e1b19c2.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-ansible@4.7.0-202104250659.p0.git.e1b19c2.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "openshift-ansible-test-0:4.7.0-202104250659.p0.git.e1b19c2.el7.noarch",
"product": {
"name": "openshift-ansible-test-0:4.7.0-202104250659.p0.git.e1b19c2.el7.noarch",
"product_id": "openshift-ansible-test-0:4.7.0-202104250659.p0.git.e1b19c2.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-ansible-test@4.7.0-202104250659.p0.git.e1b19c2.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "openshift-kuryr-cni-0:4.7.0-202104250659.p0.git.d49acc4.el8.noarch",
"product": {
"name": "openshift-kuryr-cni-0:4.7.0-202104250659.p0.git.d49acc4.el8.noarch",
"product_id": "openshift-kuryr-cni-0:4.7.0-202104250659.p0.git.d49acc4.el8.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-kuryr-cni@4.7.0-202104250659.p0.git.d49acc4.el8?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "openshift-kuryr-common-0:4.7.0-202104250659.p0.git.d49acc4.el8.noarch",
"product": {
"name": "openshift-kuryr-common-0:4.7.0-202104250659.p0.git.d49acc4.el8.noarch",
"product_id": "openshift-kuryr-common-0:4.7.0-202104250659.p0.git.d49acc4.el8.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-kuryr-common@4.7.0-202104250659.p0.git.d49acc4.el8?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "openshift-kuryr-controller-0:4.7.0-202104250659.p0.git.d49acc4.el8.noarch",
"product": {
"name": "openshift-kuryr-controller-0:4.7.0-202104250659.p0.git.d49acc4.el8.noarch",
"product_id": "openshift-kuryr-controller-0:4.7.0-202104250659.p0.git.d49acc4.el8.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-kuryr-controller@4.7.0-202104250659.p0.git.d49acc4.el8?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "python3-kuryr-kubernetes-0:4.7.0-202104250659.p0.git.d49acc4.el8.noarch",
"product": {
"name": "python3-kuryr-kubernetes-0:4.7.0-202104250659.p0.git.d49acc4.el8.noarch",
"product_id": "python3-kuryr-kubernetes-0:4.7.0-202104250659.p0.git.d49acc4.el8.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-kuryr-kubernetes@4.7.0-202104250659.p0.git.d49acc4.el8?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-clients-0:4.7.0-202104250659.p0.git.95881af.el8.ppc64le",
"product": {
"name": "openshift-clients-0:4.7.0-202104250659.p0.git.95881af.el8.ppc64le",
"product_id": "openshift-clients-0:4.7.0-202104250659.p0.git.95881af.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-clients@4.7.0-202104250659.p0.git.95881af.el8?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "openshift-hyperkube-0:4.7.0-202104250659.p0.git.7d0a2b2.el8.ppc64le",
"product": {
"name": "openshift-hyperkube-0:4.7.0-202104250659.p0.git.7d0a2b2.el8.ppc64le",
"product_id": "openshift-hyperkube-0:4.7.0-202104250659.p0.git.7d0a2b2.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-hyperkube@4.7.0-202104250659.p0.git.7d0a2b2.el8?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "golang-github-prometheus-promu-0:0.5.0-3.git642a960.el8.ppc64le",
"product": {
"name": "golang-github-prometheus-promu-0:0.5.0-3.git642a960.el8.ppc64le",
"product_id": "golang-github-prometheus-promu-0:0.5.0-3.git642a960.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-github-prometheus-promu@0.5.0-3.git642a960.el8?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "prometheus-promu-0:0.5.0-3.git642a960.el8.ppc64le",
"product": {
"name": "prometheus-promu-0:0.5.0-3.git642a960.el8.ppc64le",
"product_id": "prometheus-promu-0:0.5.0-3.git642a960.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/prometheus-promu@0.5.0-3.git642a960.el8?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "atomic-openshift-service-idler-0:4.7.0-202104260636.p0.git.330c6ef.el8.ppc64le",
"product": {
"name": "atomic-openshift-service-idler-0:4.7.0-202104260636.p0.git.330c6ef.el8.ppc64le",
"product_id": "atomic-openshift-service-idler-0:4.7.0-202104260636.p0.git.330c6ef.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/atomic-openshift-service-idler@4.7.0-202104260636.p0.git.330c6ef.el8?arch=ppc64le"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-clients-0:4.7.0-202104250659.p0.git.95881af.el8.s390x",
"product": {
"name": "openshift-clients-0:4.7.0-202104250659.p0.git.95881af.el8.s390x",
"product_id": "openshift-clients-0:4.7.0-202104250659.p0.git.95881af.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-clients@4.7.0-202104250659.p0.git.95881af.el8?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "openshift-hyperkube-0:4.7.0-202104250659.p0.git.7d0a2b2.el8.s390x",
"product": {
"name": "openshift-hyperkube-0:4.7.0-202104250659.p0.git.7d0a2b2.el8.s390x",
"product_id": "openshift-hyperkube-0:4.7.0-202104250659.p0.git.7d0a2b2.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-hyperkube@4.7.0-202104250659.p0.git.7d0a2b2.el8?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "golang-github-prometheus-promu-0:0.5.0-3.git642a960.el8.s390x",
"product": {
"name": "golang-github-prometheus-promu-0:0.5.0-3.git642a960.el8.s390x",
"product_id": "golang-github-prometheus-promu-0:0.5.0-3.git642a960.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-github-prometheus-promu@0.5.0-3.git642a960.el8?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "prometheus-promu-0:0.5.0-3.git642a960.el8.s390x",
"product": {
"name": "prometheus-promu-0:0.5.0-3.git642a960.el8.s390x",
"product_id": "prometheus-promu-0:0.5.0-3.git642a960.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/prometheus-promu@0.5.0-3.git642a960.el8?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "atomic-openshift-service-idler-0:4.7.0-202104260636.p0.git.330c6ef.el8.s390x",
"product": {
"name": "atomic-openshift-service-idler-0:4.7.0-202104260636.p0.git.330c6ef.el8.s390x",
"product_id": "atomic-openshift-service-idler-0:4.7.0-202104260636.p0.git.330c6ef.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/atomic-openshift-service-idler@4.7.0-202104260636.p0.git.330c6ef.el8?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-0:4.7.0-202104250659.p0.git.7d0a2b2.el7.src as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "7Server-RH7-RHOSE-4.7:openshift-0:4.7.0-202104250659.p0.git.7d0a2b2.el7.src"
},
"product_reference": "openshift-0:4.7.0-202104250659.p0.git.7d0a2b2.el7.src",
"relates_to_product_reference": "7Server-RH7-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-ansible-0:4.7.0-202104250659.p0.git.e1b19c2.el7.noarch as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "7Server-RH7-RHOSE-4.7:openshift-ansible-0:4.7.0-202104250659.p0.git.e1b19c2.el7.noarch"
},
"product_reference": "openshift-ansible-0:4.7.0-202104250659.p0.git.e1b19c2.el7.noarch",
"relates_to_product_reference": "7Server-RH7-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-ansible-0:4.7.0-202104250659.p0.git.e1b19c2.el7.src as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "7Server-RH7-RHOSE-4.7:openshift-ansible-0:4.7.0-202104250659.p0.git.e1b19c2.el7.src"
},
"product_reference": "openshift-ansible-0:4.7.0-202104250659.p0.git.e1b19c2.el7.src",
"relates_to_product_reference": "7Server-RH7-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-ansible-test-0:4.7.0-202104250659.p0.git.e1b19c2.el7.noarch as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "7Server-RH7-RHOSE-4.7:openshift-ansible-test-0:4.7.0-202104250659.p0.git.e1b19c2.el7.noarch"
},
"product_reference": "openshift-ansible-test-0:4.7.0-202104250659.p0.git.e1b19c2.el7.noarch",
"relates_to_product_reference": "7Server-RH7-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-clients-0:4.7.0-202104250659.p0.git.95881af.el7.src as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "7Server-RH7-RHOSE-4.7:openshift-clients-0:4.7.0-202104250659.p0.git.95881af.el7.src"
},
"product_reference": "openshift-clients-0:4.7.0-202104250659.p0.git.95881af.el7.src",
"relates_to_product_reference": "7Server-RH7-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-clients-0:4.7.0-202104250659.p0.git.95881af.el7.x86_64 as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "7Server-RH7-RHOSE-4.7:openshift-clients-0:4.7.0-202104250659.p0.git.95881af.el7.x86_64"
},
"product_reference": "openshift-clients-0:4.7.0-202104250659.p0.git.95881af.el7.x86_64",
"relates_to_product_reference": "7Server-RH7-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-clients-redistributable-0:4.7.0-202104250659.p0.git.95881af.el7.x86_64 as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "7Server-RH7-RHOSE-4.7:openshift-clients-redistributable-0:4.7.0-202104250659.p0.git.95881af.el7.x86_64"
},
"product_reference": "openshift-clients-redistributable-0:4.7.0-202104250659.p0.git.95881af.el7.x86_64",
"relates_to_product_reference": "7Server-RH7-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-hyperkube-0:4.7.0-202104250659.p0.git.7d0a2b2.el7.x86_64 as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "7Server-RH7-RHOSE-4.7:openshift-hyperkube-0:4.7.0-202104250659.p0.git.7d0a2b2.el7.x86_64"
},
"product_reference": "openshift-hyperkube-0:4.7.0-202104250659.p0.git.7d0a2b2.el7.x86_64",
"relates_to_product_reference": "7Server-RH7-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "atomic-openshift-service-idler-0:4.7.0-202104260636.p0.git.330c6ef.el8.ppc64le as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:atomic-openshift-service-idler-0:4.7.0-202104260636.p0.git.330c6ef.el8.ppc64le"
},
"product_reference": "atomic-openshift-service-idler-0:4.7.0-202104260636.p0.git.330c6ef.el8.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "atomic-openshift-service-idler-0:4.7.0-202104260636.p0.git.330c6ef.el8.s390x as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:atomic-openshift-service-idler-0:4.7.0-202104260636.p0.git.330c6ef.el8.s390x"
},
"product_reference": "atomic-openshift-service-idler-0:4.7.0-202104260636.p0.git.330c6ef.el8.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "atomic-openshift-service-idler-0:4.7.0-202104260636.p0.git.330c6ef.el8.src as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:atomic-openshift-service-idler-0:4.7.0-202104260636.p0.git.330c6ef.el8.src"
},
"product_reference": "atomic-openshift-service-idler-0:4.7.0-202104260636.p0.git.330c6ef.el8.src",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "atomic-openshift-service-idler-0:4.7.0-202104260636.p0.git.330c6ef.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:atomic-openshift-service-idler-0:4.7.0-202104260636.p0.git.330c6ef.el8.x86_64"
},
"product_reference": "atomic-openshift-service-idler-0:4.7.0-202104260636.p0.git.330c6ef.el8.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-promu-0:0.5.0-3.git642a960.el8.ppc64le as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:golang-github-prometheus-promu-0:0.5.0-3.git642a960.el8.ppc64le"
},
"product_reference": "golang-github-prometheus-promu-0:0.5.0-3.git642a960.el8.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-promu-0:0.5.0-3.git642a960.el8.s390x as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:golang-github-prometheus-promu-0:0.5.0-3.git642a960.el8.s390x"
},
"product_reference": "golang-github-prometheus-promu-0:0.5.0-3.git642a960.el8.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-promu-0:0.5.0-3.git642a960.el8.src as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:golang-github-prometheus-promu-0:0.5.0-3.git642a960.el8.src"
},
"product_reference": "golang-github-prometheus-promu-0:0.5.0-3.git642a960.el8.src",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-promu-0:0.5.0-3.git642a960.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:golang-github-prometheus-promu-0:0.5.0-3.git642a960.el8.x86_64"
},
"product_reference": "golang-github-prometheus-promu-0:0.5.0-3.git642a960.el8.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-0:4.7.0-202104250659.p0.git.7d0a2b2.el8.src as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift-0:4.7.0-202104250659.p0.git.7d0a2b2.el8.src"
},
"product_reference": "openshift-0:4.7.0-202104250659.p0.git.7d0a2b2.el8.src",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-clients-0:4.7.0-202104250659.p0.git.95881af.el8.ppc64le as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift-clients-0:4.7.0-202104250659.p0.git.95881af.el8.ppc64le"
},
"product_reference": "openshift-clients-0:4.7.0-202104250659.p0.git.95881af.el8.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-clients-0:4.7.0-202104250659.p0.git.95881af.el8.s390x as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift-clients-0:4.7.0-202104250659.p0.git.95881af.el8.s390x"
},
"product_reference": "openshift-clients-0:4.7.0-202104250659.p0.git.95881af.el8.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-clients-0:4.7.0-202104250659.p0.git.95881af.el8.src as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift-clients-0:4.7.0-202104250659.p0.git.95881af.el8.src"
},
"product_reference": "openshift-clients-0:4.7.0-202104250659.p0.git.95881af.el8.src",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-clients-0:4.7.0-202104250659.p0.git.95881af.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift-clients-0:4.7.0-202104250659.p0.git.95881af.el8.x86_64"
},
"product_reference": "openshift-clients-0:4.7.0-202104250659.p0.git.95881af.el8.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-clients-redistributable-0:4.7.0-202104250659.p0.git.95881af.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift-clients-redistributable-0:4.7.0-202104250659.p0.git.95881af.el8.x86_64"
},
"product_reference": "openshift-clients-redistributable-0:4.7.0-202104250659.p0.git.95881af.el8.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-hyperkube-0:4.7.0-202104250659.p0.git.7d0a2b2.el8.ppc64le as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift-hyperkube-0:4.7.0-202104250659.p0.git.7d0a2b2.el8.ppc64le"
},
"product_reference": "openshift-hyperkube-0:4.7.0-202104250659.p0.git.7d0a2b2.el8.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-hyperkube-0:4.7.0-202104250659.p0.git.7d0a2b2.el8.s390x as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift-hyperkube-0:4.7.0-202104250659.p0.git.7d0a2b2.el8.s390x"
},
"product_reference": "openshift-hyperkube-0:4.7.0-202104250659.p0.git.7d0a2b2.el8.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-hyperkube-0:4.7.0-202104250659.p0.git.7d0a2b2.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift-hyperkube-0:4.7.0-202104250659.p0.git.7d0a2b2.el8.x86_64"
},
"product_reference": "openshift-hyperkube-0:4.7.0-202104250659.p0.git.7d0a2b2.el8.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-kuryr-0:4.7.0-202104250659.p0.git.d49acc4.el8.src as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift-kuryr-0:4.7.0-202104250659.p0.git.d49acc4.el8.src"
},
"product_reference": "openshift-kuryr-0:4.7.0-202104250659.p0.git.d49acc4.el8.src",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-kuryr-cni-0:4.7.0-202104250659.p0.git.d49acc4.el8.noarch as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift-kuryr-cni-0:4.7.0-202104250659.p0.git.d49acc4.el8.noarch"
},
"product_reference": "openshift-kuryr-cni-0:4.7.0-202104250659.p0.git.d49acc4.el8.noarch",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-kuryr-common-0:4.7.0-202104250659.p0.git.d49acc4.el8.noarch as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift-kuryr-common-0:4.7.0-202104250659.p0.git.d49acc4.el8.noarch"
},
"product_reference": "openshift-kuryr-common-0:4.7.0-202104250659.p0.git.d49acc4.el8.noarch",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-kuryr-controller-0:4.7.0-202104250659.p0.git.d49acc4.el8.noarch as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift-kuryr-controller-0:4.7.0-202104250659.p0.git.d49acc4.el8.noarch"
},
"product_reference": "openshift-kuryr-controller-0:4.7.0-202104250659.p0.git.d49acc4.el8.noarch",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "prometheus-promu-0:0.5.0-3.git642a960.el8.ppc64le as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:prometheus-promu-0:0.5.0-3.git642a960.el8.ppc64le"
},
"product_reference": "prometheus-promu-0:0.5.0-3.git642a960.el8.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "prometheus-promu-0:0.5.0-3.git642a960.el8.s390x as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:prometheus-promu-0:0.5.0-3.git642a960.el8.s390x"
},
"product_reference": "prometheus-promu-0:0.5.0-3.git642a960.el8.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "prometheus-promu-0:0.5.0-3.git642a960.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:prometheus-promu-0:0.5.0-3.git642a960.el8.x86_64"
},
"product_reference": "prometheus-promu-0:0.5.0-3.git642a960.el8.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-kuryr-kubernetes-0:4.7.0-202104250659.p0.git.d49acc4.el8.noarch as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:python3-kuryr-kubernetes-0:4.7.0-202104250659.p0.git.d49acc4.el8.noarch"
},
"product_reference": "python3-kuryr-kubernetes-0:4.7.0-202104250659.p0.git.d49acc4.el8.noarch",
"relates_to_product_reference": "8Base-RHOSE-4.7"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2020-15586",
"cwe": {
"id": "CWE-362",
"name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
},
"discovery_date": "2020-07-14T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"7Server-RH7-RHOSE-4.7:openshift-0:4.7.0-202104250659.p0.git.7d0a2b2.el7.src",
"7Server-RH7-RHOSE-4.7:openshift-ansible-0:4.7.0-202104250659.p0.git.e1b19c2.el7.noarch",
"7Server-RH7-RHOSE-4.7:openshift-ansible-0:4.7.0-202104250659.p0.git.e1b19c2.el7.src",
"7Server-RH7-RHOSE-4.7:openshift-ansible-test-0:4.7.0-202104250659.p0.git.e1b19c2.el7.noarch",
"7Server-RH7-RHOSE-4.7:openshift-clients-0:4.7.0-202104250659.p0.git.95881af.el7.src",
"7Server-RH7-RHOSE-4.7:openshift-clients-0:4.7.0-202104250659.p0.git.95881af.el7.x86_64",
"7Server-RH7-RHOSE-4.7:openshift-clients-redistributable-0:4.7.0-202104250659.p0.git.95881af.el7.x86_64",
"7Server-RH7-RHOSE-4.7:openshift-hyperkube-0:4.7.0-202104250659.p0.git.7d0a2b2.el7.x86_64",
"8Base-RHOSE-4.7:atomic-openshift-service-idler-0:4.7.0-202104260636.p0.git.330c6ef.el8.ppc64le",
"8Base-RHOSE-4.7:atomic-openshift-service-idler-0:4.7.0-202104260636.p0.git.330c6ef.el8.s390x",
"8Base-RHOSE-4.7:atomic-openshift-service-idler-0:4.7.0-202104260636.p0.git.330c6ef.el8.src",
"8Base-RHOSE-4.7:atomic-openshift-service-idler-0:4.7.0-202104260636.p0.git.330c6ef.el8.x86_64",
"8Base-RHOSE-4.7:openshift-0:4.7.0-202104250659.p0.git.7d0a2b2.el8.src",
"8Base-RHOSE-4.7:openshift-clients-0:4.7.0-202104250659.p0.git.95881af.el8.ppc64le",
"8Base-RHOSE-4.7:openshift-clients-0:4.7.0-202104250659.p0.git.95881af.el8.s390x",
"8Base-RHOSE-4.7:openshift-clients-0:4.7.0-202104250659.p0.git.95881af.el8.src",
"8Base-RHOSE-4.7:openshift-clients-0:4.7.0-202104250659.p0.git.95881af.el8.x86_64",
"8Base-RHOSE-4.7:openshift-clients-redistributable-0:4.7.0-202104250659.p0.git.95881af.el8.x86_64",
"8Base-RHOSE-4.7:openshift-hyperkube-0:4.7.0-202104250659.p0.git.7d0a2b2.el8.ppc64le",
"8Base-RHOSE-4.7:openshift-hyperkube-0:4.7.0-202104250659.p0.git.7d0a2b2.el8.s390x",
"8Base-RHOSE-4.7:openshift-hyperkube-0:4.7.0-202104250659.p0.git.7d0a2b2.el8.x86_64",
"8Base-RHOSE-4.7:openshift-kuryr-0:4.7.0-202104250659.p0.git.d49acc4.el8.src",
"8Base-RHOSE-4.7:openshift-kuryr-cni-0:4.7.0-202104250659.p0.git.d49acc4.el8.noarch",
"8Base-RHOSE-4.7:openshift-kuryr-common-0:4.7.0-202104250659.p0.git.d49acc4.el8.noarch",
"8Base-RHOSE-4.7:openshift-kuryr-controller-0:4.7.0-202104250659.p0.git.d49acc4.el8.noarch",
"8Base-RHOSE-4.7:python3-kuryr-kubernetes-0:4.7.0-202104250659.p0.git.d49acc4.el8.noarch"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1856953"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found Go\u0027s net/http package. Servers using ReverseProxy from net/http in the Go standard library are vulnerable to a data race that results in a denial of service. The highest threat from this vulnerability is to system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: data race in certain net/http servers including ReverseProxy can lead to DoS",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "OpenShift Container Platform (OCP) components are primarily written in Go, meaning that any component using the net/http package includes the vulnerable code. OCP server endpoints using ReverseProxy are protected by authentication, reducing the severity of this vulnerability to Low for OCP.\n\nSimilar to OCP, OpenShift ServiceMesh (OSSM), RedHat OpenShift Jaeger (RHOSJ) and OpenShift Virtualization are also primarily written in Go and are protected via authentication, reducing the severity of this vulnerability to Low.\n\nRed Hat Gluster Storage 3 and Red Hat Openshift Container Storage 4 components are built with the affected version of Go, however the vulnerable functionality is currently not used by these products and hence this issue has been rated as having a security impact of Low.\n\nRed Hat Ceph Storage 3 and 4 components are built with the affected version of Go, however the vulnerable functionality is currently not used by these products and hence this issue has been rated as having a security impact of Low.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-4.7:golang-github-prometheus-promu-0:0.5.0-3.git642a960.el8.ppc64le",
"8Base-RHOSE-4.7:golang-github-prometheus-promu-0:0.5.0-3.git642a960.el8.s390x",
"8Base-RHOSE-4.7:golang-github-prometheus-promu-0:0.5.0-3.git642a960.el8.src",
"8Base-RHOSE-4.7:golang-github-prometheus-promu-0:0.5.0-3.git642a960.el8.x86_64",
"8Base-RHOSE-4.7:prometheus-promu-0:0.5.0-3.git642a960.el8.ppc64le",
"8Base-RHOSE-4.7:prometheus-promu-0:0.5.0-3.git642a960.el8.s390x",
"8Base-RHOSE-4.7:prometheus-promu-0:0.5.0-3.git642a960.el8.x86_64"
],
"known_not_affected": [
"7Server-RH7-RHOSE-4.7:openshift-0:4.7.0-202104250659.p0.git.7d0a2b2.el7.src",
"7Server-RH7-RHOSE-4.7:openshift-ansible-0:4.7.0-202104250659.p0.git.e1b19c2.el7.noarch",
"7Server-RH7-RHOSE-4.7:openshift-ansible-0:4.7.0-202104250659.p0.git.e1b19c2.el7.src",
"7Server-RH7-RHOSE-4.7:openshift-ansible-test-0:4.7.0-202104250659.p0.git.e1b19c2.el7.noarch",
"7Server-RH7-RHOSE-4.7:openshift-clients-0:4.7.0-202104250659.p0.git.95881af.el7.src",
"7Server-RH7-RHOSE-4.7:openshift-clients-0:4.7.0-202104250659.p0.git.95881af.el7.x86_64",
"7Server-RH7-RHOSE-4.7:openshift-clients-redistributable-0:4.7.0-202104250659.p0.git.95881af.el7.x86_64",
"7Server-RH7-RHOSE-4.7:openshift-hyperkube-0:4.7.0-202104250659.p0.git.7d0a2b2.el7.x86_64",
"8Base-RHOSE-4.7:atomic-openshift-service-idler-0:4.7.0-202104260636.p0.git.330c6ef.el8.ppc64le",
"8Base-RHOSE-4.7:atomic-openshift-service-idler-0:4.7.0-202104260636.p0.git.330c6ef.el8.s390x",
"8Base-RHOSE-4.7:atomic-openshift-service-idler-0:4.7.0-202104260636.p0.git.330c6ef.el8.src",
"8Base-RHOSE-4.7:atomic-openshift-service-idler-0:4.7.0-202104260636.p0.git.330c6ef.el8.x86_64",
"8Base-RHOSE-4.7:openshift-0:4.7.0-202104250659.p0.git.7d0a2b2.el8.src",
"8Base-RHOSE-4.7:openshift-clients-0:4.7.0-202104250659.p0.git.95881af.el8.ppc64le",
"8Base-RHOSE-4.7:openshift-clients-0:4.7.0-202104250659.p0.git.95881af.el8.s390x",
"8Base-RHOSE-4.7:openshift-clients-0:4.7.0-202104250659.p0.git.95881af.el8.src",
"8Base-RHOSE-4.7:openshift-clients-0:4.7.0-202104250659.p0.git.95881af.el8.x86_64",
"8Base-RHOSE-4.7:openshift-clients-redistributable-0:4.7.0-202104250659.p0.git.95881af.el8.x86_64",
"8Base-RHOSE-4.7:openshift-hyperkube-0:4.7.0-202104250659.p0.git.7d0a2b2.el8.ppc64le",
"8Base-RHOSE-4.7:openshift-hyperkube-0:4.7.0-202104250659.p0.git.7d0a2b2.el8.s390x",
"8Base-RHOSE-4.7:openshift-hyperkube-0:4.7.0-202104250659.p0.git.7d0a2b2.el8.x86_64",
"8Base-RHOSE-4.7:openshift-kuryr-0:4.7.0-202104250659.p0.git.d49acc4.el8.src",
"8Base-RHOSE-4.7:openshift-kuryr-cni-0:4.7.0-202104250659.p0.git.d49acc4.el8.noarch",
"8Base-RHOSE-4.7:openshift-kuryr-common-0:4.7.0-202104250659.p0.git.d49acc4.el8.noarch",
"8Base-RHOSE-4.7:openshift-kuryr-controller-0:4.7.0-202104250659.p0.git.d49acc4.el8.noarch",
"8Base-RHOSE-4.7:python3-kuryr-kubernetes-0:4.7.0-202104250659.p0.git.d49acc4.el8.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-15586"
},
{
"category": "external",
"summary": "RHBZ#1856953",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1856953"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-15586",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-15586"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-15586",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-15586"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/XZNfaiwgt2w/m/E6gHDs32AQAJ",
"url": "https://groups.google.com/g/golang-announce/c/XZNfaiwgt2w/m/E6gHDs32AQAJ"
}
],
"release_date": "2020-07-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-05-04T19:34:17+00:00",
"details": "For OpenShift Container Platform 4.7 see the following documentation, which\nwill be updated shortly for this release, for important instructions on how\nto upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.7/release_notes/ocp-4-7-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.7/updating/updating-cluster-cli.html",
"product_ids": [
"8Base-RHOSE-4.7:golang-github-prometheus-promu-0:0.5.0-3.git642a960.el8.ppc64le",
"8Base-RHOSE-4.7:golang-github-prometheus-promu-0:0.5.0-3.git642a960.el8.s390x",
"8Base-RHOSE-4.7:golang-github-prometheus-promu-0:0.5.0-3.git642a960.el8.src",
"8Base-RHOSE-4.7:golang-github-prometheus-promu-0:0.5.0-3.git642a960.el8.x86_64",
"8Base-RHOSE-4.7:prometheus-promu-0:0.5.0-3.git642a960.el8.ppc64le",
"8Base-RHOSE-4.7:prometheus-promu-0:0.5.0-3.git642a960.el8.s390x",
"8Base-RHOSE-4.7:prometheus-promu-0:0.5.0-3.git642a960.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:1366"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"7Server-RH7-RHOSE-4.7:openshift-0:4.7.0-202104250659.p0.git.7d0a2b2.el7.src",
"7Server-RH7-RHOSE-4.7:openshift-ansible-0:4.7.0-202104250659.p0.git.e1b19c2.el7.noarch",
"7Server-RH7-RHOSE-4.7:openshift-ansible-0:4.7.0-202104250659.p0.git.e1b19c2.el7.src",
"7Server-RH7-RHOSE-4.7:openshift-ansible-test-0:4.7.0-202104250659.p0.git.e1b19c2.el7.noarch",
"7Server-RH7-RHOSE-4.7:openshift-clients-0:4.7.0-202104250659.p0.git.95881af.el7.src",
"7Server-RH7-RHOSE-4.7:openshift-clients-0:4.7.0-202104250659.p0.git.95881af.el7.x86_64",
"7Server-RH7-RHOSE-4.7:openshift-clients-redistributable-0:4.7.0-202104250659.p0.git.95881af.el7.x86_64",
"7Server-RH7-RHOSE-4.7:openshift-hyperkube-0:4.7.0-202104250659.p0.git.7d0a2b2.el7.x86_64",
"8Base-RHOSE-4.7:atomic-openshift-service-idler-0:4.7.0-202104260636.p0.git.330c6ef.el8.ppc64le",
"8Base-RHOSE-4.7:atomic-openshift-service-idler-0:4.7.0-202104260636.p0.git.330c6ef.el8.s390x",
"8Base-RHOSE-4.7:atomic-openshift-service-idler-0:4.7.0-202104260636.p0.git.330c6ef.el8.src",
"8Base-RHOSE-4.7:atomic-openshift-service-idler-0:4.7.0-202104260636.p0.git.330c6ef.el8.x86_64",
"8Base-RHOSE-4.7:golang-github-prometheus-promu-0:0.5.0-3.git642a960.el8.ppc64le",
"8Base-RHOSE-4.7:golang-github-prometheus-promu-0:0.5.0-3.git642a960.el8.s390x",
"8Base-RHOSE-4.7:golang-github-prometheus-promu-0:0.5.0-3.git642a960.el8.src",
"8Base-RHOSE-4.7:golang-github-prometheus-promu-0:0.5.0-3.git642a960.el8.x86_64",
"8Base-RHOSE-4.7:openshift-0:4.7.0-202104250659.p0.git.7d0a2b2.el8.src",
"8Base-RHOSE-4.7:openshift-clients-0:4.7.0-202104250659.p0.git.95881af.el8.ppc64le",
"8Base-RHOSE-4.7:openshift-clients-0:4.7.0-202104250659.p0.git.95881af.el8.s390x",
"8Base-RHOSE-4.7:openshift-clients-0:4.7.0-202104250659.p0.git.95881af.el8.src",
"8Base-RHOSE-4.7:openshift-clients-0:4.7.0-202104250659.p0.git.95881af.el8.x86_64",
"8Base-RHOSE-4.7:openshift-clients-redistributable-0:4.7.0-202104250659.p0.git.95881af.el8.x86_64",
"8Base-RHOSE-4.7:openshift-hyperkube-0:4.7.0-202104250659.p0.git.7d0a2b2.el8.ppc64le",
"8Base-RHOSE-4.7:openshift-hyperkube-0:4.7.0-202104250659.p0.git.7d0a2b2.el8.s390x",
"8Base-RHOSE-4.7:openshift-hyperkube-0:4.7.0-202104250659.p0.git.7d0a2b2.el8.x86_64",
"8Base-RHOSE-4.7:openshift-kuryr-0:4.7.0-202104250659.p0.git.d49acc4.el8.src",
"8Base-RHOSE-4.7:openshift-kuryr-cni-0:4.7.0-202104250659.p0.git.d49acc4.el8.noarch",
"8Base-RHOSE-4.7:openshift-kuryr-common-0:4.7.0-202104250659.p0.git.d49acc4.el8.noarch",
"8Base-RHOSE-4.7:openshift-kuryr-controller-0:4.7.0-202104250659.p0.git.d49acc4.el8.noarch",
"8Base-RHOSE-4.7:prometheus-promu-0:0.5.0-3.git642a960.el8.ppc64le",
"8Base-RHOSE-4.7:prometheus-promu-0:0.5.0-3.git642a960.el8.s390x",
"8Base-RHOSE-4.7:prometheus-promu-0:0.5.0-3.git642a960.el8.x86_64",
"8Base-RHOSE-4.7:python3-kuryr-kubernetes-0:4.7.0-202104250659.p0.git.d49acc4.el8.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "golang: data race in certain net/http servers including ReverseProxy can lead to DoS"
},
{
"cve": "CVE-2020-16845",
"cwe": {
"id": "CWE-835",
"name": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)"
},
"discovery_date": "2020-08-07T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"7Server-RH7-RHOSE-4.7:openshift-0:4.7.0-202104250659.p0.git.7d0a2b2.el7.src",
"7Server-RH7-RHOSE-4.7:openshift-ansible-0:4.7.0-202104250659.p0.git.e1b19c2.el7.noarch",
"7Server-RH7-RHOSE-4.7:openshift-ansible-0:4.7.0-202104250659.p0.git.e1b19c2.el7.src",
"7Server-RH7-RHOSE-4.7:openshift-ansible-test-0:4.7.0-202104250659.p0.git.e1b19c2.el7.noarch",
"7Server-RH7-RHOSE-4.7:openshift-clients-0:4.7.0-202104250659.p0.git.95881af.el7.src",
"7Server-RH7-RHOSE-4.7:openshift-clients-0:4.7.0-202104250659.p0.git.95881af.el7.x86_64",
"7Server-RH7-RHOSE-4.7:openshift-clients-redistributable-0:4.7.0-202104250659.p0.git.95881af.el7.x86_64",
"7Server-RH7-RHOSE-4.7:openshift-hyperkube-0:4.7.0-202104250659.p0.git.7d0a2b2.el7.x86_64",
"8Base-RHOSE-4.7:atomic-openshift-service-idler-0:4.7.0-202104260636.p0.git.330c6ef.el8.ppc64le",
"8Base-RHOSE-4.7:atomic-openshift-service-idler-0:4.7.0-202104260636.p0.git.330c6ef.el8.s390x",
"8Base-RHOSE-4.7:atomic-openshift-service-idler-0:4.7.0-202104260636.p0.git.330c6ef.el8.src",
"8Base-RHOSE-4.7:atomic-openshift-service-idler-0:4.7.0-202104260636.p0.git.330c6ef.el8.x86_64",
"8Base-RHOSE-4.7:openshift-0:4.7.0-202104250659.p0.git.7d0a2b2.el8.src",
"8Base-RHOSE-4.7:openshift-clients-0:4.7.0-202104250659.p0.git.95881af.el8.ppc64le",
"8Base-RHOSE-4.7:openshift-clients-0:4.7.0-202104250659.p0.git.95881af.el8.s390x",
"8Base-RHOSE-4.7:openshift-clients-0:4.7.0-202104250659.p0.git.95881af.el8.src",
"8Base-RHOSE-4.7:openshift-clients-0:4.7.0-202104250659.p0.git.95881af.el8.x86_64",
"8Base-RHOSE-4.7:openshift-clients-redistributable-0:4.7.0-202104250659.p0.git.95881af.el8.x86_64",
"8Base-RHOSE-4.7:openshift-hyperkube-0:4.7.0-202104250659.p0.git.7d0a2b2.el8.ppc64le",
"8Base-RHOSE-4.7:openshift-hyperkube-0:4.7.0-202104250659.p0.git.7d0a2b2.el8.s390x",
"8Base-RHOSE-4.7:openshift-hyperkube-0:4.7.0-202104250659.p0.git.7d0a2b2.el8.x86_64",
"8Base-RHOSE-4.7:openshift-kuryr-0:4.7.0-202104250659.p0.git.d49acc4.el8.src",
"8Base-RHOSE-4.7:openshift-kuryr-cni-0:4.7.0-202104250659.p0.git.d49acc4.el8.noarch",
"8Base-RHOSE-4.7:openshift-kuryr-common-0:4.7.0-202104250659.p0.git.d49acc4.el8.noarch",
"8Base-RHOSE-4.7:openshift-kuryr-controller-0:4.7.0-202104250659.p0.git.d49acc4.el8.noarch",
"8Base-RHOSE-4.7:python3-kuryr-kubernetes-0:4.7.0-202104250659.p0.git.d49acc4.el8.noarch"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1867099"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Go encoding/binary package. Certain invalid inputs to the ReadUvarint or the ReadVarint causes those functions to read an unlimited number of bytes from the ByteReader argument before returning an error. This flaw possibly leads to processing more input than expected. The highest threat from this vulnerability is to system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: ReadUvarint and ReadVarint can read an unlimited number of bytes from invalid inputs",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "OpenShift Container Platform (OCP), OpenShift ServiceMesh (OSSM), RedHat OpenShift Jaeger (RHOSJ) and OpenShift Virtualization components are primarily written in Go, meaning that any component using the encoding/binary package includes the vulnerable code. The affected components are behind OpenShift OAuth authentication, therefore the impact is low.\n\nRed Hat Gluster Storage 3, Red Hat OpenShift Container Storage 4 and Red Hat Ceph Storage (3 and 4) components are built with the affected version of Go, however the vulnerable functionality is currently not used by these products and hence this issue has been rated as having a security impact of Low.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-4.7:golang-github-prometheus-promu-0:0.5.0-3.git642a960.el8.ppc64le",
"8Base-RHOSE-4.7:golang-github-prometheus-promu-0:0.5.0-3.git642a960.el8.s390x",
"8Base-RHOSE-4.7:golang-github-prometheus-promu-0:0.5.0-3.git642a960.el8.src",
"8Base-RHOSE-4.7:golang-github-prometheus-promu-0:0.5.0-3.git642a960.el8.x86_64",
"8Base-RHOSE-4.7:prometheus-promu-0:0.5.0-3.git642a960.el8.ppc64le",
"8Base-RHOSE-4.7:prometheus-promu-0:0.5.0-3.git642a960.el8.s390x",
"8Base-RHOSE-4.7:prometheus-promu-0:0.5.0-3.git642a960.el8.x86_64"
],
"known_not_affected": [
"7Server-RH7-RHOSE-4.7:openshift-0:4.7.0-202104250659.p0.git.7d0a2b2.el7.src",
"7Server-RH7-RHOSE-4.7:openshift-ansible-0:4.7.0-202104250659.p0.git.e1b19c2.el7.noarch",
"7Server-RH7-RHOSE-4.7:openshift-ansible-0:4.7.0-202104250659.p0.git.e1b19c2.el7.src",
"7Server-RH7-RHOSE-4.7:openshift-ansible-test-0:4.7.0-202104250659.p0.git.e1b19c2.el7.noarch",
"7Server-RH7-RHOSE-4.7:openshift-clients-0:4.7.0-202104250659.p0.git.95881af.el7.src",
"7Server-RH7-RHOSE-4.7:openshift-clients-0:4.7.0-202104250659.p0.git.95881af.el7.x86_64",
"7Server-RH7-RHOSE-4.7:openshift-clients-redistributable-0:4.7.0-202104250659.p0.git.95881af.el7.x86_64",
"7Server-RH7-RHOSE-4.7:openshift-hyperkube-0:4.7.0-202104250659.p0.git.7d0a2b2.el7.x86_64",
"8Base-RHOSE-4.7:atomic-openshift-service-idler-0:4.7.0-202104260636.p0.git.330c6ef.el8.ppc64le",
"8Base-RHOSE-4.7:atomic-openshift-service-idler-0:4.7.0-202104260636.p0.git.330c6ef.el8.s390x",
"8Base-RHOSE-4.7:atomic-openshift-service-idler-0:4.7.0-202104260636.p0.git.330c6ef.el8.src",
"8Base-RHOSE-4.7:atomic-openshift-service-idler-0:4.7.0-202104260636.p0.git.330c6ef.el8.x86_64",
"8Base-RHOSE-4.7:openshift-0:4.7.0-202104250659.p0.git.7d0a2b2.el8.src",
"8Base-RHOSE-4.7:openshift-clients-0:4.7.0-202104250659.p0.git.95881af.el8.ppc64le",
"8Base-RHOSE-4.7:openshift-clients-0:4.7.0-202104250659.p0.git.95881af.el8.s390x",
"8Base-RHOSE-4.7:openshift-clients-0:4.7.0-202104250659.p0.git.95881af.el8.src",
"8Base-RHOSE-4.7:openshift-clients-0:4.7.0-202104250659.p0.git.95881af.el8.x86_64",
"8Base-RHOSE-4.7:openshift-clients-redistributable-0:4.7.0-202104250659.p0.git.95881af.el8.x86_64",
"8Base-RHOSE-4.7:openshift-hyperkube-0:4.7.0-202104250659.p0.git.7d0a2b2.el8.ppc64le",
"8Base-RHOSE-4.7:openshift-hyperkube-0:4.7.0-202104250659.p0.git.7d0a2b2.el8.s390x",
"8Base-RHOSE-4.7:openshift-hyperkube-0:4.7.0-202104250659.p0.git.7d0a2b2.el8.x86_64",
"8Base-RHOSE-4.7:openshift-kuryr-0:4.7.0-202104250659.p0.git.d49acc4.el8.src",
"8Base-RHOSE-4.7:openshift-kuryr-cni-0:4.7.0-202104250659.p0.git.d49acc4.el8.noarch",
"8Base-RHOSE-4.7:openshift-kuryr-common-0:4.7.0-202104250659.p0.git.d49acc4.el8.noarch",
"8Base-RHOSE-4.7:openshift-kuryr-controller-0:4.7.0-202104250659.p0.git.d49acc4.el8.noarch",
"8Base-RHOSE-4.7:python3-kuryr-kubernetes-0:4.7.0-202104250659.p0.git.d49acc4.el8.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-16845"
},
{
"category": "external",
"summary": "RHBZ#1867099",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1867099"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-16845",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-16845"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-16845",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-16845"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/NyPIaucMgXo",
"url": "https://groups.google.com/g/golang-announce/c/NyPIaucMgXo"
}
],
"release_date": "2020-08-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-05-04T19:34:17+00:00",
"details": "For OpenShift Container Platform 4.7 see the following documentation, which\nwill be updated shortly for this release, for important instructions on how\nto upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.7/release_notes/ocp-4-7-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.7/updating/updating-cluster-cli.html",
"product_ids": [
"8Base-RHOSE-4.7:golang-github-prometheus-promu-0:0.5.0-3.git642a960.el8.ppc64le",
"8Base-RHOSE-4.7:golang-github-prometheus-promu-0:0.5.0-3.git642a960.el8.s390x",
"8Base-RHOSE-4.7:golang-github-prometheus-promu-0:0.5.0-3.git642a960.el8.src",
"8Base-RHOSE-4.7:golang-github-prometheus-promu-0:0.5.0-3.git642a960.el8.x86_64",
"8Base-RHOSE-4.7:prometheus-promu-0:0.5.0-3.git642a960.el8.ppc64le",
"8Base-RHOSE-4.7:prometheus-promu-0:0.5.0-3.git642a960.el8.s390x",
"8Base-RHOSE-4.7:prometheus-promu-0:0.5.0-3.git642a960.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:1366"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"7Server-RH7-RHOSE-4.7:openshift-0:4.7.0-202104250659.p0.git.7d0a2b2.el7.src",
"7Server-RH7-RHOSE-4.7:openshift-ansible-0:4.7.0-202104250659.p0.git.e1b19c2.el7.noarch",
"7Server-RH7-RHOSE-4.7:openshift-ansible-0:4.7.0-202104250659.p0.git.e1b19c2.el7.src",
"7Server-RH7-RHOSE-4.7:openshift-ansible-test-0:4.7.0-202104250659.p0.git.e1b19c2.el7.noarch",
"7Server-RH7-RHOSE-4.7:openshift-clients-0:4.7.0-202104250659.p0.git.95881af.el7.src",
"7Server-RH7-RHOSE-4.7:openshift-clients-0:4.7.0-202104250659.p0.git.95881af.el7.x86_64",
"7Server-RH7-RHOSE-4.7:openshift-clients-redistributable-0:4.7.0-202104250659.p0.git.95881af.el7.x86_64",
"7Server-RH7-RHOSE-4.7:openshift-hyperkube-0:4.7.0-202104250659.p0.git.7d0a2b2.el7.x86_64",
"8Base-RHOSE-4.7:atomic-openshift-service-idler-0:4.7.0-202104260636.p0.git.330c6ef.el8.ppc64le",
"8Base-RHOSE-4.7:atomic-openshift-service-idler-0:4.7.0-202104260636.p0.git.330c6ef.el8.s390x",
"8Base-RHOSE-4.7:atomic-openshift-service-idler-0:4.7.0-202104260636.p0.git.330c6ef.el8.src",
"8Base-RHOSE-4.7:atomic-openshift-service-idler-0:4.7.0-202104260636.p0.git.330c6ef.el8.x86_64",
"8Base-RHOSE-4.7:golang-github-prometheus-promu-0:0.5.0-3.git642a960.el8.ppc64le",
"8Base-RHOSE-4.7:golang-github-prometheus-promu-0:0.5.0-3.git642a960.el8.s390x",
"8Base-RHOSE-4.7:golang-github-prometheus-promu-0:0.5.0-3.git642a960.el8.src",
"8Base-RHOSE-4.7:golang-github-prometheus-promu-0:0.5.0-3.git642a960.el8.x86_64",
"8Base-RHOSE-4.7:openshift-0:4.7.0-202104250659.p0.git.7d0a2b2.el8.src",
"8Base-RHOSE-4.7:openshift-clients-0:4.7.0-202104250659.p0.git.95881af.el8.ppc64le",
"8Base-RHOSE-4.7:openshift-clients-0:4.7.0-202104250659.p0.git.95881af.el8.s390x",
"8Base-RHOSE-4.7:openshift-clients-0:4.7.0-202104250659.p0.git.95881af.el8.src",
"8Base-RHOSE-4.7:openshift-clients-0:4.7.0-202104250659.p0.git.95881af.el8.x86_64",
"8Base-RHOSE-4.7:openshift-clients-redistributable-0:4.7.0-202104250659.p0.git.95881af.el8.x86_64",
"8Base-RHOSE-4.7:openshift-hyperkube-0:4.7.0-202104250659.p0.git.7d0a2b2.el8.ppc64le",
"8Base-RHOSE-4.7:openshift-hyperkube-0:4.7.0-202104250659.p0.git.7d0a2b2.el8.s390x",
"8Base-RHOSE-4.7:openshift-hyperkube-0:4.7.0-202104250659.p0.git.7d0a2b2.el8.x86_64",
"8Base-RHOSE-4.7:openshift-kuryr-0:4.7.0-202104250659.p0.git.d49acc4.el8.src",
"8Base-RHOSE-4.7:openshift-kuryr-cni-0:4.7.0-202104250659.p0.git.d49acc4.el8.noarch",
"8Base-RHOSE-4.7:openshift-kuryr-common-0:4.7.0-202104250659.p0.git.d49acc4.el8.noarch",
"8Base-RHOSE-4.7:openshift-kuryr-controller-0:4.7.0-202104250659.p0.git.d49acc4.el8.noarch",
"8Base-RHOSE-4.7:prometheus-promu-0:0.5.0-3.git642a960.el8.ppc64le",
"8Base-RHOSE-4.7:prometheus-promu-0:0.5.0-3.git642a960.el8.s390x",
"8Base-RHOSE-4.7:prometheus-promu-0:0.5.0-3.git642a960.el8.x86_64",
"8Base-RHOSE-4.7:python3-kuryr-kubernetes-0:4.7.0-202104250659.p0.git.d49acc4.el8.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "golang: ReadUvarint and ReadVarint can read an unlimited number of bytes from invalid inputs"
},
{
"cve": "CVE-2020-28362",
"cwe": {
"id": "CWE-295",
"name": "Improper Certificate Validation"
},
"discovery_date": "2020-11-12T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"7Server-RH7-RHOSE-4.7:openshift-0:4.7.0-202104250659.p0.git.7d0a2b2.el7.src",
"7Server-RH7-RHOSE-4.7:openshift-ansible-0:4.7.0-202104250659.p0.git.e1b19c2.el7.noarch",
"7Server-RH7-RHOSE-4.7:openshift-ansible-0:4.7.0-202104250659.p0.git.e1b19c2.el7.src",
"7Server-RH7-RHOSE-4.7:openshift-ansible-test-0:4.7.0-202104250659.p0.git.e1b19c2.el7.noarch",
"7Server-RH7-RHOSE-4.7:openshift-clients-0:4.7.0-202104250659.p0.git.95881af.el7.src",
"7Server-RH7-RHOSE-4.7:openshift-clients-0:4.7.0-202104250659.p0.git.95881af.el7.x86_64",
"7Server-RH7-RHOSE-4.7:openshift-clients-redistributable-0:4.7.0-202104250659.p0.git.95881af.el7.x86_64",
"7Server-RH7-RHOSE-4.7:openshift-hyperkube-0:4.7.0-202104250659.p0.git.7d0a2b2.el7.x86_64",
"8Base-RHOSE-4.7:atomic-openshift-service-idler-0:4.7.0-202104260636.p0.git.330c6ef.el8.ppc64le",
"8Base-RHOSE-4.7:atomic-openshift-service-idler-0:4.7.0-202104260636.p0.git.330c6ef.el8.s390x",
"8Base-RHOSE-4.7:atomic-openshift-service-idler-0:4.7.0-202104260636.p0.git.330c6ef.el8.src",
"8Base-RHOSE-4.7:atomic-openshift-service-idler-0:4.7.0-202104260636.p0.git.330c6ef.el8.x86_64",
"8Base-RHOSE-4.7:openshift-0:4.7.0-202104250659.p0.git.7d0a2b2.el8.src",
"8Base-RHOSE-4.7:openshift-clients-0:4.7.0-202104250659.p0.git.95881af.el8.ppc64le",
"8Base-RHOSE-4.7:openshift-clients-0:4.7.0-202104250659.p0.git.95881af.el8.s390x",
"8Base-RHOSE-4.7:openshift-clients-0:4.7.0-202104250659.p0.git.95881af.el8.src",
"8Base-RHOSE-4.7:openshift-clients-0:4.7.0-202104250659.p0.git.95881af.el8.x86_64",
"8Base-RHOSE-4.7:openshift-clients-redistributable-0:4.7.0-202104250659.p0.git.95881af.el8.x86_64",
"8Base-RHOSE-4.7:openshift-hyperkube-0:4.7.0-202104250659.p0.git.7d0a2b2.el8.ppc64le",
"8Base-RHOSE-4.7:openshift-hyperkube-0:4.7.0-202104250659.p0.git.7d0a2b2.el8.s390x",
"8Base-RHOSE-4.7:openshift-hyperkube-0:4.7.0-202104250659.p0.git.7d0a2b2.el8.x86_64",
"8Base-RHOSE-4.7:openshift-kuryr-0:4.7.0-202104250659.p0.git.d49acc4.el8.src",
"8Base-RHOSE-4.7:openshift-kuryr-cni-0:4.7.0-202104250659.p0.git.d49acc4.el8.noarch",
"8Base-RHOSE-4.7:openshift-kuryr-common-0:4.7.0-202104250659.p0.git.d49acc4.el8.noarch",
"8Base-RHOSE-4.7:openshift-kuryr-controller-0:4.7.0-202104250659.p0.git.d49acc4.el8.noarch",
"8Base-RHOSE-4.7:python3-kuryr-kubernetes-0:4.7.0-202104250659.p0.git.d49acc4.el8.noarch"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1897635"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the math/big package of Go\u0027s standard library that causes a denial of service. Applications written in Go that use math/big via cryptographic packages, including crypto/rsa and crypto/x509, are vulnerable and can potentially cause panic via a crafted certificate chain. The highest threat from this vulnerability is to system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: math/big: panic during recursive division of very large numbers",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "OpenShift ServiceMesh (OSSM) 1.1 is Out Of Support Scope (OOSS) for Moderate and Low impact vulnerabilities because it is now in the Maintenance Phase of the support.\nOpenshift Virtualization 1 (formerly Container Native Virtualization) is Out Of Support Scope (OOSS) for Moderate and Low impact vulnerabilities.\n\nRed Hat Gluster Storage 3 shipped multi-cloud-object-gateway-cli and noobaa-operator container as a technical preview and is not currently planned to be addressed in future updates.\n\nOpenShift Container Platform (OCP) 4.5 and earlier are built with Go versions earlier than 1.14, which are not affected by this vulnerability. OCP 4.6 is built with Go 1.15 and is affected.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-4.7:golang-github-prometheus-promu-0:0.5.0-3.git642a960.el8.ppc64le",
"8Base-RHOSE-4.7:golang-github-prometheus-promu-0:0.5.0-3.git642a960.el8.s390x",
"8Base-RHOSE-4.7:golang-github-prometheus-promu-0:0.5.0-3.git642a960.el8.src",
"8Base-RHOSE-4.7:golang-github-prometheus-promu-0:0.5.0-3.git642a960.el8.x86_64",
"8Base-RHOSE-4.7:prometheus-promu-0:0.5.0-3.git642a960.el8.ppc64le",
"8Base-RHOSE-4.7:prometheus-promu-0:0.5.0-3.git642a960.el8.s390x",
"8Base-RHOSE-4.7:prometheus-promu-0:0.5.0-3.git642a960.el8.x86_64"
],
"known_not_affected": [
"7Server-RH7-RHOSE-4.7:openshift-0:4.7.0-202104250659.p0.git.7d0a2b2.el7.src",
"7Server-RH7-RHOSE-4.7:openshift-ansible-0:4.7.0-202104250659.p0.git.e1b19c2.el7.noarch",
"7Server-RH7-RHOSE-4.7:openshift-ansible-0:4.7.0-202104250659.p0.git.e1b19c2.el7.src",
"7Server-RH7-RHOSE-4.7:openshift-ansible-test-0:4.7.0-202104250659.p0.git.e1b19c2.el7.noarch",
"7Server-RH7-RHOSE-4.7:openshift-clients-0:4.7.0-202104250659.p0.git.95881af.el7.src",
"7Server-RH7-RHOSE-4.7:openshift-clients-0:4.7.0-202104250659.p0.git.95881af.el7.x86_64",
"7Server-RH7-RHOSE-4.7:openshift-clients-redistributable-0:4.7.0-202104250659.p0.git.95881af.el7.x86_64",
"7Server-RH7-RHOSE-4.7:openshift-hyperkube-0:4.7.0-202104250659.p0.git.7d0a2b2.el7.x86_64",
"8Base-RHOSE-4.7:atomic-openshift-service-idler-0:4.7.0-202104260636.p0.git.330c6ef.el8.ppc64le",
"8Base-RHOSE-4.7:atomic-openshift-service-idler-0:4.7.0-202104260636.p0.git.330c6ef.el8.s390x",
"8Base-RHOSE-4.7:atomic-openshift-service-idler-0:4.7.0-202104260636.p0.git.330c6ef.el8.src",
"8Base-RHOSE-4.7:atomic-openshift-service-idler-0:4.7.0-202104260636.p0.git.330c6ef.el8.x86_64",
"8Base-RHOSE-4.7:openshift-0:4.7.0-202104250659.p0.git.7d0a2b2.el8.src",
"8Base-RHOSE-4.7:openshift-clients-0:4.7.0-202104250659.p0.git.95881af.el8.ppc64le",
"8Base-RHOSE-4.7:openshift-clients-0:4.7.0-202104250659.p0.git.95881af.el8.s390x",
"8Base-RHOSE-4.7:openshift-clients-0:4.7.0-202104250659.p0.git.95881af.el8.src",
"8Base-RHOSE-4.7:openshift-clients-0:4.7.0-202104250659.p0.git.95881af.el8.x86_64",
"8Base-RHOSE-4.7:openshift-clients-redistributable-0:4.7.0-202104250659.p0.git.95881af.el8.x86_64",
"8Base-RHOSE-4.7:openshift-hyperkube-0:4.7.0-202104250659.p0.git.7d0a2b2.el8.ppc64le",
"8Base-RHOSE-4.7:openshift-hyperkube-0:4.7.0-202104250659.p0.git.7d0a2b2.el8.s390x",
"8Base-RHOSE-4.7:openshift-hyperkube-0:4.7.0-202104250659.p0.git.7d0a2b2.el8.x86_64",
"8Base-RHOSE-4.7:openshift-kuryr-0:4.7.0-202104250659.p0.git.d49acc4.el8.src",
"8Base-RHOSE-4.7:openshift-kuryr-cni-0:4.7.0-202104250659.p0.git.d49acc4.el8.noarch",
"8Base-RHOSE-4.7:openshift-kuryr-common-0:4.7.0-202104250659.p0.git.d49acc4.el8.noarch",
"8Base-RHOSE-4.7:openshift-kuryr-controller-0:4.7.0-202104250659.p0.git.d49acc4.el8.noarch",
"8Base-RHOSE-4.7:python3-kuryr-kubernetes-0:4.7.0-202104250659.p0.git.d49acc4.el8.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-28362"
},
{
"category": "external",
"summary": "RHBZ#1897635",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1897635"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-28362",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-28362"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-28362",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-28362"
}
],
"release_date": "2020-11-12T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-05-04T19:34:17+00:00",
"details": "For OpenShift Container Platform 4.7 see the following documentation, which\nwill be updated shortly for this release, for important instructions on how\nto upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.7/release_notes/ocp-4-7-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.7/updating/updating-cluster-cli.html",
"product_ids": [
"8Base-RHOSE-4.7:golang-github-prometheus-promu-0:0.5.0-3.git642a960.el8.ppc64le",
"8Base-RHOSE-4.7:golang-github-prometheus-promu-0:0.5.0-3.git642a960.el8.s390x",
"8Base-RHOSE-4.7:golang-github-prometheus-promu-0:0.5.0-3.git642a960.el8.src",
"8Base-RHOSE-4.7:golang-github-prometheus-promu-0:0.5.0-3.git642a960.el8.x86_64",
"8Base-RHOSE-4.7:prometheus-promu-0:0.5.0-3.git642a960.el8.ppc64le",
"8Base-RHOSE-4.7:prometheus-promu-0:0.5.0-3.git642a960.el8.s390x",
"8Base-RHOSE-4.7:prometheus-promu-0:0.5.0-3.git642a960.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:1366"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"7Server-RH7-RHOSE-4.7:openshift-0:4.7.0-202104250659.p0.git.7d0a2b2.el7.src",
"7Server-RH7-RHOSE-4.7:openshift-ansible-0:4.7.0-202104250659.p0.git.e1b19c2.el7.noarch",
"7Server-RH7-RHOSE-4.7:openshift-ansible-0:4.7.0-202104250659.p0.git.e1b19c2.el7.src",
"7Server-RH7-RHOSE-4.7:openshift-ansible-test-0:4.7.0-202104250659.p0.git.e1b19c2.el7.noarch",
"7Server-RH7-RHOSE-4.7:openshift-clients-0:4.7.0-202104250659.p0.git.95881af.el7.src",
"7Server-RH7-RHOSE-4.7:openshift-clients-0:4.7.0-202104250659.p0.git.95881af.el7.x86_64",
"7Server-RH7-RHOSE-4.7:openshift-clients-redistributable-0:4.7.0-202104250659.p0.git.95881af.el7.x86_64",
"7Server-RH7-RHOSE-4.7:openshift-hyperkube-0:4.7.0-202104250659.p0.git.7d0a2b2.el7.x86_64",
"8Base-RHOSE-4.7:atomic-openshift-service-idler-0:4.7.0-202104260636.p0.git.330c6ef.el8.ppc64le",
"8Base-RHOSE-4.7:atomic-openshift-service-idler-0:4.7.0-202104260636.p0.git.330c6ef.el8.s390x",
"8Base-RHOSE-4.7:atomic-openshift-service-idler-0:4.7.0-202104260636.p0.git.330c6ef.el8.src",
"8Base-RHOSE-4.7:atomic-openshift-service-idler-0:4.7.0-202104260636.p0.git.330c6ef.el8.x86_64",
"8Base-RHOSE-4.7:golang-github-prometheus-promu-0:0.5.0-3.git642a960.el8.ppc64le",
"8Base-RHOSE-4.7:golang-github-prometheus-promu-0:0.5.0-3.git642a960.el8.s390x",
"8Base-RHOSE-4.7:golang-github-prometheus-promu-0:0.5.0-3.git642a960.el8.src",
"8Base-RHOSE-4.7:golang-github-prometheus-promu-0:0.5.0-3.git642a960.el8.x86_64",
"8Base-RHOSE-4.7:openshift-0:4.7.0-202104250659.p0.git.7d0a2b2.el8.src",
"8Base-RHOSE-4.7:openshift-clients-0:4.7.0-202104250659.p0.git.95881af.el8.ppc64le",
"8Base-RHOSE-4.7:openshift-clients-0:4.7.0-202104250659.p0.git.95881af.el8.s390x",
"8Base-RHOSE-4.7:openshift-clients-0:4.7.0-202104250659.p0.git.95881af.el8.src",
"8Base-RHOSE-4.7:openshift-clients-0:4.7.0-202104250659.p0.git.95881af.el8.x86_64",
"8Base-RHOSE-4.7:openshift-clients-redistributable-0:4.7.0-202104250659.p0.git.95881af.el8.x86_64",
"8Base-RHOSE-4.7:openshift-hyperkube-0:4.7.0-202104250659.p0.git.7d0a2b2.el8.ppc64le",
"8Base-RHOSE-4.7:openshift-hyperkube-0:4.7.0-202104250659.p0.git.7d0a2b2.el8.s390x",
"8Base-RHOSE-4.7:openshift-hyperkube-0:4.7.0-202104250659.p0.git.7d0a2b2.el8.x86_64",
"8Base-RHOSE-4.7:openshift-kuryr-0:4.7.0-202104250659.p0.git.d49acc4.el8.src",
"8Base-RHOSE-4.7:openshift-kuryr-cni-0:4.7.0-202104250659.p0.git.d49acc4.el8.noarch",
"8Base-RHOSE-4.7:openshift-kuryr-common-0:4.7.0-202104250659.p0.git.d49acc4.el8.noarch",
"8Base-RHOSE-4.7:openshift-kuryr-controller-0:4.7.0-202104250659.p0.git.d49acc4.el8.noarch",
"8Base-RHOSE-4.7:prometheus-promu-0:0.5.0-3.git642a960.el8.ppc64le",
"8Base-RHOSE-4.7:prometheus-promu-0:0.5.0-3.git642a960.el8.s390x",
"8Base-RHOSE-4.7:prometheus-promu-0:0.5.0-3.git642a960.el8.x86_64",
"8Base-RHOSE-4.7:python3-kuryr-kubernetes-0:4.7.0-202104250659.p0.git.d49acc4.el8.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: math/big: panic during recursive division of very large numbers"
},
{
"cve": "CVE-2021-3114",
"cwe": {
"id": "CWE-682",
"name": "Incorrect Calculation"
},
"discovery_date": "2021-01-21T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"7Server-RH7-RHOSE-4.7:openshift-0:4.7.0-202104250659.p0.git.7d0a2b2.el7.src",
"7Server-RH7-RHOSE-4.7:openshift-ansible-0:4.7.0-202104250659.p0.git.e1b19c2.el7.noarch",
"7Server-RH7-RHOSE-4.7:openshift-ansible-0:4.7.0-202104250659.p0.git.e1b19c2.el7.src",
"7Server-RH7-RHOSE-4.7:openshift-ansible-test-0:4.7.0-202104250659.p0.git.e1b19c2.el7.noarch",
"7Server-RH7-RHOSE-4.7:openshift-clients-0:4.7.0-202104250659.p0.git.95881af.el7.src",
"7Server-RH7-RHOSE-4.7:openshift-clients-0:4.7.0-202104250659.p0.git.95881af.el7.x86_64",
"7Server-RH7-RHOSE-4.7:openshift-clients-redistributable-0:4.7.0-202104250659.p0.git.95881af.el7.x86_64",
"7Server-RH7-RHOSE-4.7:openshift-hyperkube-0:4.7.0-202104250659.p0.git.7d0a2b2.el7.x86_64",
"8Base-RHOSE-4.7:atomic-openshift-service-idler-0:4.7.0-202104260636.p0.git.330c6ef.el8.ppc64le",
"8Base-RHOSE-4.7:atomic-openshift-service-idler-0:4.7.0-202104260636.p0.git.330c6ef.el8.s390x",
"8Base-RHOSE-4.7:atomic-openshift-service-idler-0:4.7.0-202104260636.p0.git.330c6ef.el8.src",
"8Base-RHOSE-4.7:atomic-openshift-service-idler-0:4.7.0-202104260636.p0.git.330c6ef.el8.x86_64",
"8Base-RHOSE-4.7:openshift-0:4.7.0-202104250659.p0.git.7d0a2b2.el8.src",
"8Base-RHOSE-4.7:openshift-clients-0:4.7.0-202104250659.p0.git.95881af.el8.ppc64le",
"8Base-RHOSE-4.7:openshift-clients-0:4.7.0-202104250659.p0.git.95881af.el8.s390x",
"8Base-RHOSE-4.7:openshift-clients-0:4.7.0-202104250659.p0.git.95881af.el8.src",
"8Base-RHOSE-4.7:openshift-clients-0:4.7.0-202104250659.p0.git.95881af.el8.x86_64",
"8Base-RHOSE-4.7:openshift-clients-redistributable-0:4.7.0-202104250659.p0.git.95881af.el8.x86_64",
"8Base-RHOSE-4.7:openshift-hyperkube-0:4.7.0-202104250659.p0.git.7d0a2b2.el8.ppc64le",
"8Base-RHOSE-4.7:openshift-hyperkube-0:4.7.0-202104250659.p0.git.7d0a2b2.el8.s390x",
"8Base-RHOSE-4.7:openshift-hyperkube-0:4.7.0-202104250659.p0.git.7d0a2b2.el8.x86_64",
"8Base-RHOSE-4.7:openshift-kuryr-0:4.7.0-202104250659.p0.git.d49acc4.el8.src",
"8Base-RHOSE-4.7:openshift-kuryr-cni-0:4.7.0-202104250659.p0.git.d49acc4.el8.noarch",
"8Base-RHOSE-4.7:openshift-kuryr-common-0:4.7.0-202104250659.p0.git.d49acc4.el8.noarch",
"8Base-RHOSE-4.7:openshift-kuryr-controller-0:4.7.0-202104250659.p0.git.d49acc4.el8.noarch",
"8Base-RHOSE-4.7:python3-kuryr-kubernetes-0:4.7.0-202104250659.p0.git.d49acc4.el8.noarch"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1918750"
}
],
"notes": [
{
"category": "description",
"text": "A flaw detected in golang: crypto/elliptic, in which P-224 keys as generated can return incorrect inputs, reducing the strength of the cryptography. The highest threat from this vulnerability is confidentiality and integrity.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: crypto/elliptic: incorrect operations on the P-224 curve",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "OpenShift ServiceMesh (OSSM) 1.1 is Out Of Support Scope (OOSS) for Moderate and Low impact vulnerabilities because it is now in the Maintenance Phase of the support.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-4.7:golang-github-prometheus-promu-0:0.5.0-3.git642a960.el8.ppc64le",
"8Base-RHOSE-4.7:golang-github-prometheus-promu-0:0.5.0-3.git642a960.el8.s390x",
"8Base-RHOSE-4.7:golang-github-prometheus-promu-0:0.5.0-3.git642a960.el8.src",
"8Base-RHOSE-4.7:golang-github-prometheus-promu-0:0.5.0-3.git642a960.el8.x86_64",
"8Base-RHOSE-4.7:prometheus-promu-0:0.5.0-3.git642a960.el8.ppc64le",
"8Base-RHOSE-4.7:prometheus-promu-0:0.5.0-3.git642a960.el8.s390x",
"8Base-RHOSE-4.7:prometheus-promu-0:0.5.0-3.git642a960.el8.x86_64"
],
"known_not_affected": [
"7Server-RH7-RHOSE-4.7:openshift-0:4.7.0-202104250659.p0.git.7d0a2b2.el7.src",
"7Server-RH7-RHOSE-4.7:openshift-ansible-0:4.7.0-202104250659.p0.git.e1b19c2.el7.noarch",
"7Server-RH7-RHOSE-4.7:openshift-ansible-0:4.7.0-202104250659.p0.git.e1b19c2.el7.src",
"7Server-RH7-RHOSE-4.7:openshift-ansible-test-0:4.7.0-202104250659.p0.git.e1b19c2.el7.noarch",
"7Server-RH7-RHOSE-4.7:openshift-clients-0:4.7.0-202104250659.p0.git.95881af.el7.src",
"7Server-RH7-RHOSE-4.7:openshift-clients-0:4.7.0-202104250659.p0.git.95881af.el7.x86_64",
"7Server-RH7-RHOSE-4.7:openshift-clients-redistributable-0:4.7.0-202104250659.p0.git.95881af.el7.x86_64",
"7Server-RH7-RHOSE-4.7:openshift-hyperkube-0:4.7.0-202104250659.p0.git.7d0a2b2.el7.x86_64",
"8Base-RHOSE-4.7:atomic-openshift-service-idler-0:4.7.0-202104260636.p0.git.330c6ef.el8.ppc64le",
"8Base-RHOSE-4.7:atomic-openshift-service-idler-0:4.7.0-202104260636.p0.git.330c6ef.el8.s390x",
"8Base-RHOSE-4.7:atomic-openshift-service-idler-0:4.7.0-202104260636.p0.git.330c6ef.el8.src",
"8Base-RHOSE-4.7:atomic-openshift-service-idler-0:4.7.0-202104260636.p0.git.330c6ef.el8.x86_64",
"8Base-RHOSE-4.7:openshift-0:4.7.0-202104250659.p0.git.7d0a2b2.el8.src",
"8Base-RHOSE-4.7:openshift-clients-0:4.7.0-202104250659.p0.git.95881af.el8.ppc64le",
"8Base-RHOSE-4.7:openshift-clients-0:4.7.0-202104250659.p0.git.95881af.el8.s390x",
"8Base-RHOSE-4.7:openshift-clients-0:4.7.0-202104250659.p0.git.95881af.el8.src",
"8Base-RHOSE-4.7:openshift-clients-0:4.7.0-202104250659.p0.git.95881af.el8.x86_64",
"8Base-RHOSE-4.7:openshift-clients-redistributable-0:4.7.0-202104250659.p0.git.95881af.el8.x86_64",
"8Base-RHOSE-4.7:openshift-hyperkube-0:4.7.0-202104250659.p0.git.7d0a2b2.el8.ppc64le",
"8Base-RHOSE-4.7:openshift-hyperkube-0:4.7.0-202104250659.p0.git.7d0a2b2.el8.s390x",
"8Base-RHOSE-4.7:openshift-hyperkube-0:4.7.0-202104250659.p0.git.7d0a2b2.el8.x86_64",
"8Base-RHOSE-4.7:openshift-kuryr-0:4.7.0-202104250659.p0.git.d49acc4.el8.src",
"8Base-RHOSE-4.7:openshift-kuryr-cni-0:4.7.0-202104250659.p0.git.d49acc4.el8.noarch",
"8Base-RHOSE-4.7:openshift-kuryr-common-0:4.7.0-202104250659.p0.git.d49acc4.el8.noarch",
"8Base-RHOSE-4.7:openshift-kuryr-controller-0:4.7.0-202104250659.p0.git.d49acc4.el8.noarch",
"8Base-RHOSE-4.7:python3-kuryr-kubernetes-0:4.7.0-202104250659.p0.git.d49acc4.el8.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-3114"
},
{
"category": "external",
"summary": "RHBZ#1918750",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1918750"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-3114",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3114"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-3114",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-3114"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/mperVMGa98w",
"url": "https://groups.google.com/g/golang-announce/c/mperVMGa98w"
}
],
"release_date": "2021-01-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-05-04T19:34:17+00:00",
"details": "For OpenShift Container Platform 4.7 see the following documentation, which\nwill be updated shortly for this release, for important instructions on how\nto upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.7/release_notes/ocp-4-7-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.7/updating/updating-cluster-cli.html",
"product_ids": [
"8Base-RHOSE-4.7:golang-github-prometheus-promu-0:0.5.0-3.git642a960.el8.ppc64le",
"8Base-RHOSE-4.7:golang-github-prometheus-promu-0:0.5.0-3.git642a960.el8.s390x",
"8Base-RHOSE-4.7:golang-github-prometheus-promu-0:0.5.0-3.git642a960.el8.src",
"8Base-RHOSE-4.7:golang-github-prometheus-promu-0:0.5.0-3.git642a960.el8.x86_64",
"8Base-RHOSE-4.7:prometheus-promu-0:0.5.0-3.git642a960.el8.ppc64le",
"8Base-RHOSE-4.7:prometheus-promu-0:0.5.0-3.git642a960.el8.s390x",
"8Base-RHOSE-4.7:prometheus-promu-0:0.5.0-3.git642a960.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:1366"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"7Server-RH7-RHOSE-4.7:openshift-0:4.7.0-202104250659.p0.git.7d0a2b2.el7.src",
"7Server-RH7-RHOSE-4.7:openshift-ansible-0:4.7.0-202104250659.p0.git.e1b19c2.el7.noarch",
"7Server-RH7-RHOSE-4.7:openshift-ansible-0:4.7.0-202104250659.p0.git.e1b19c2.el7.src",
"7Server-RH7-RHOSE-4.7:openshift-ansible-test-0:4.7.0-202104250659.p0.git.e1b19c2.el7.noarch",
"7Server-RH7-RHOSE-4.7:openshift-clients-0:4.7.0-202104250659.p0.git.95881af.el7.src",
"7Server-RH7-RHOSE-4.7:openshift-clients-0:4.7.0-202104250659.p0.git.95881af.el7.x86_64",
"7Server-RH7-RHOSE-4.7:openshift-clients-redistributable-0:4.7.0-202104250659.p0.git.95881af.el7.x86_64",
"7Server-RH7-RHOSE-4.7:openshift-hyperkube-0:4.7.0-202104250659.p0.git.7d0a2b2.el7.x86_64",
"8Base-RHOSE-4.7:atomic-openshift-service-idler-0:4.7.0-202104260636.p0.git.330c6ef.el8.ppc64le",
"8Base-RHOSE-4.7:atomic-openshift-service-idler-0:4.7.0-202104260636.p0.git.330c6ef.el8.s390x",
"8Base-RHOSE-4.7:atomic-openshift-service-idler-0:4.7.0-202104260636.p0.git.330c6ef.el8.src",
"8Base-RHOSE-4.7:atomic-openshift-service-idler-0:4.7.0-202104260636.p0.git.330c6ef.el8.x86_64",
"8Base-RHOSE-4.7:golang-github-prometheus-promu-0:0.5.0-3.git642a960.el8.ppc64le",
"8Base-RHOSE-4.7:golang-github-prometheus-promu-0:0.5.0-3.git642a960.el8.s390x",
"8Base-RHOSE-4.7:golang-github-prometheus-promu-0:0.5.0-3.git642a960.el8.src",
"8Base-RHOSE-4.7:golang-github-prometheus-promu-0:0.5.0-3.git642a960.el8.x86_64",
"8Base-RHOSE-4.7:openshift-0:4.7.0-202104250659.p0.git.7d0a2b2.el8.src",
"8Base-RHOSE-4.7:openshift-clients-0:4.7.0-202104250659.p0.git.95881af.el8.ppc64le",
"8Base-RHOSE-4.7:openshift-clients-0:4.7.0-202104250659.p0.git.95881af.el8.s390x",
"8Base-RHOSE-4.7:openshift-clients-0:4.7.0-202104250659.p0.git.95881af.el8.src",
"8Base-RHOSE-4.7:openshift-clients-0:4.7.0-202104250659.p0.git.95881af.el8.x86_64",
"8Base-RHOSE-4.7:openshift-clients-redistributable-0:4.7.0-202104250659.p0.git.95881af.el8.x86_64",
"8Base-RHOSE-4.7:openshift-hyperkube-0:4.7.0-202104250659.p0.git.7d0a2b2.el8.ppc64le",
"8Base-RHOSE-4.7:openshift-hyperkube-0:4.7.0-202104250659.p0.git.7d0a2b2.el8.s390x",
"8Base-RHOSE-4.7:openshift-hyperkube-0:4.7.0-202104250659.p0.git.7d0a2b2.el8.x86_64",
"8Base-RHOSE-4.7:openshift-kuryr-0:4.7.0-202104250659.p0.git.d49acc4.el8.src",
"8Base-RHOSE-4.7:openshift-kuryr-cni-0:4.7.0-202104250659.p0.git.d49acc4.el8.noarch",
"8Base-RHOSE-4.7:openshift-kuryr-common-0:4.7.0-202104250659.p0.git.d49acc4.el8.noarch",
"8Base-RHOSE-4.7:openshift-kuryr-controller-0:4.7.0-202104250659.p0.git.d49acc4.el8.noarch",
"8Base-RHOSE-4.7:prometheus-promu-0:0.5.0-3.git642a960.el8.ppc64le",
"8Base-RHOSE-4.7:prometheus-promu-0:0.5.0-3.git642a960.el8.s390x",
"8Base-RHOSE-4.7:prometheus-promu-0:0.5.0-3.git642a960.el8.x86_64",
"8Base-RHOSE-4.7:python3-kuryr-kubernetes-0:4.7.0-202104250659.p0.git.d49acc4.el8.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: crypto/elliptic: incorrect operations on the P-224 curve"
}
]
}
RHSA-2021:1515
Vulnerability from csaf_redhat - Published: 2021-05-06 13:38 - Updated: 2026-05-14 18:26Summary
Red Hat Security Advisory: Openshift Logging Bug Fix Release (5.0.3)
Severity
Important
Notes
Topic: Openshift Logging Bug Fix Release (5.0.3)
This release includes a security update.
Red Hat Product Security has rated this update as having a security impact
of Important. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available for each vulnerability
from the CVE link(s) in the References section.
Details: Openshift Logging Bug Fix Release (5.0.3)
Security Fix(es):
* jackson-databind: arbitrary code execution in slf4j-ext class
(CVE-2018-14718)
* jackson-databind: arbitrary code execution in blaze-ds-opt and
blaze-ds-core classes (CVE-2018-14719)
* jackson-databind: improper polymorphic deserialization in
axis2-transport-jms class (CVE-2018-19360)
* jackson-databind: improper polymorphic deserialization in openjpa class
(CVE-2018-19361)
* jackson-databind: improper polymorphic deserialization in
jboss-common-core class (CVE-2018-19362)
* jackson-databind: default typing mishandling leading to remote code
execution (CVE-2019-14379)
* jackson-databind: Serialization gadgets in
com.pastdev.httpcomponents.configuration.JndiConfiguration (CVE-2020-24750)
* jackson-databind: mishandles the interaction between serialization
gadgets and typing, related to
org.apache.commons.dbcp2.datasources.PerUserPoolDataSource (CVE-2020-35490)
* jackson-databind: mishandles the interaction between serialization
gadgets and typing, related to
org.apache.commons.dbcp2.datasources.SharedPoolDataSource (CVE-2020-35491)
* jackson-databind: mishandles the interaction between serialization
gadgets and typing, related to
com.oracle.wls.shaded.org.apache.xalan.lib.sql.JNDIConnectionPool
(CVE-2020-35728)
* jackson-databind: mishandles the interaction between serialization
gadgets and typing, related to
oadd.org.apache.commons.dbcp.cpdsadapter.DriverAdapterCPDS (CVE-2020-36179)
* jackson-databind: mishandles the interaction between serialization
gadgets and typing, related to
org.apache.commons.dbcp2.cpdsadapter.DriverAdapterCPDS (CVE-2020-36180)
* jackson-databind: mishandles the interaction between serialization
gadgets and typing, related to
org.apache.tomcat.dbcp.dbcp.cpdsadapter.DriverAdapterCPDS (CVE-2020-36181)
* jackson-databind: mishandles the interaction between serialization
gadgets and typing, related to
org.apache.tomcat.dbcp.dbcp2.cpdsadapter.DriverAdapterCPDS (CVE-2020-36182)
* jackson-databind: mishandles the interaction between serialization
gadgets and typing, related to
org.docx4j.org.apache.xalan.lib.sql.JNDIConnectionPool (CVE-2020-36183)
* jackson-databind: mishandles the interaction between serialization
gadgets and typing, related to
org.apache.tomcat.dbcp.dbcp2.datasources.PerUserPoolDataSource
(CVE-2020-36184)
* jackson-databind: mishandles the interaction between serialization
gadgets and typing, related to
org.apache.tomcat.dbcp.dbcp2.datasources.SharedPoolDataSource
(CVE-2020-36185)
* jackson-databind: mishandles the interaction between serialization
gadgets and typing, related to
org.apache.tomcat.dbcp.dbcp.datasources.PerUserPoolDataSource
(CVE-2020-36186)
* jackson-databind: mishandles the interaction between serialization
gadgets and typing, related to
org.apache.tomcat.dbcp.dbcp.datasources.SharedPoolDataSource
(CVE-2020-36187)
* jackson-databind: mishandles the interaction between serialization
gadgets and typing, related to
com.newrelic.agent.deps.ch.qos.logback.core.db.JNDIConnectionSource
(CVE-2020-36188)
* jackson-databind: mishandles the interaction between serialization
gadgets and typing, related to
com.newrelic.agent.deps.ch.qos.logback.core.db.DriverManagerConnectionSourc
e (CVE-2020-36189)
* jackson-databind: mishandles the interaction between serialization
gadgets and typing, related to javax.swing (CVE-2021-20190)
* jackson-databind: exfiltration/XXE in some JDK classes (CVE-2018-14720)
* jackson-databind: server-side request forgery (SSRF) in axis2-jaxws class
(CVE-2018-14721)
* golang: data race in certain net/http servers including ReverseProxy can lead to DoS (CVE-2020-15586)
* golang: ReadUvarint and ReadVarint can read an unlimited number of bytes from invalid inputs (CVE-2020-16845)
For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was discovered in jackson-databind, where it would permit polymorphic deserialization of a malicious object using slf4j classes. An attacker could use this flaw to execute arbitrary code.
8.1 (High)
Affected products
Fixed
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:30491b87e69ba242c3eacb607c71c13a9957962c0ae75d63fbb1f7aff12e268b_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:614d1860d95c7e9a84ee68bb507f9970d0af63a7df3e744bd5e5a08a2a617914_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:9dbe9316331f9b7725f39d00dc2bc8433482750c8178066b002682894f92ed87_s390x | — |
Vendor Fix
fix
|
Known not affected
23 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-operator-bundle@sha256:523e689589595cff9ee11393506309c00d23bf8fb945e1475aeeffea3d517897_amd64 | — | ||
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:0b3edcd073a1f331c011ebcd4aaa8371f9114b78a48e590df450e1e9006404c3_ppc64le | — | ||
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:c143f6d1ec4d3d9a917a99c65815752e24e93a5be212c8d41a7f945ffffa67cf_amd64 | — | ||
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:f42594e7760bf45ccba9d0494391b07b355d147a8ccfae3db602bceb74d8e35f_s390x | — | ||
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-operator-bundle@sha256:1a88af8ae614593144ab405214444d954aa97ba13baa6ccf3b3498b424f983df_amd64 | — | ||
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:667a65330c7ed33805c30896ff9fa979c1aeed8883eb31750af9802f6feb7034_s390x | — | ||
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:a78c13c0c3f17432dee6d22756d6656afffe33081a1db5fad0ab68798fb92580_amd64 | — | ||
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:b2359332ffb463d8af90bcc6871b0a5ff4e79ce82243ba89ace96e18e05964fa_ppc64le | — | ||
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0264dd99af5af4a7a30c2b5830e52980fc59d050cc940f191b32e09df284292a_ppc64le | — | ||
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0dc6a56baad15c9fa6d0669f6f59ba1c6b444ef75e5d2893fa4bdd970bdfe88b_s390x | — | ||
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:af5c18868820a4d139ad9c7d6a1d0a78396d96deb455b00a918c7eaf2ffbaa8b_amd64 | — | ||
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:3b08518f62a113a06a16ca3bcccbc128703f34815d66162426daabfd9740b2c4_ppc64le | — | ||
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:4e8a4d0bf152d8f50114d13ce51868506570825123b8df4eed426f524c01bde3_s390x | — | ||
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:7a17b1b04fd0d9ae66ad0dfaacbf9bebe44f77449763cd82bd172551c8dd5906_amd64 | — | ||
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:508186184b17d924659ad9dcaa468cd4086bbe958b4dac1a6297e7cd4f88a418_amd64 | — | ||
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:c9d56d0bfd800bd72c990829b81676a261c288f783ab44788feffdaa00bd069c_s390x | — | ||
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:ea0fb56298089dfd6ea04c4933e6e15668fe422b60b521cf1388783797ac7852_ppc64le | — | ||
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:06f31605e19bd7f702e403b815b961f125d92466e208428547069b3712c7a20e_s390x | — | ||
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:6348d3a07a76aa6eb90d1689cdf67a45559e752aec70d06261596f09d7ebca4f_amd64 | — | ||
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:c140c1da34f8cb38864f92201ac8c9aa6981318d1bd4ebf87cea698fdb80a6d7_ppc64le | — | ||
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:7904a53e3117acf2baeae3911c6d1cdfb78964080bf5ff3ff5bff531ca6ef366_ppc64le | — | ||
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:adbab231c9403261c85b6e4ff2c81c0d19e206106df60fd1551c9e30cb2d83f7_s390x | — | ||
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:bb16d7f7ef2310afacf12a11808c3b792ed1f30929ef9a62ff9b094d3d8512cc_amd64 | — |
Threats
Impact
Important
A flaw was discovered in jackson-databind, where it would permit polymorphic deserialization of a malicious object using blaze classes. An attacker could use this flaw to execute arbitrary code.
8.1 (High)
Affected products
Fixed
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:30491b87e69ba242c3eacb607c71c13a9957962c0ae75d63fbb1f7aff12e268b_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:614d1860d95c7e9a84ee68bb507f9970d0af63a7df3e744bd5e5a08a2a617914_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:9dbe9316331f9b7725f39d00dc2bc8433482750c8178066b002682894f92ed87_s390x | — |
Vendor Fix
fix
|
Known not affected
23 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-operator-bundle@sha256:523e689589595cff9ee11393506309c00d23bf8fb945e1475aeeffea3d517897_amd64 | — | ||
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:0b3edcd073a1f331c011ebcd4aaa8371f9114b78a48e590df450e1e9006404c3_ppc64le | — | ||
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:c143f6d1ec4d3d9a917a99c65815752e24e93a5be212c8d41a7f945ffffa67cf_amd64 | — | ||
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:f42594e7760bf45ccba9d0494391b07b355d147a8ccfae3db602bceb74d8e35f_s390x | — | ||
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-operator-bundle@sha256:1a88af8ae614593144ab405214444d954aa97ba13baa6ccf3b3498b424f983df_amd64 | — | ||
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:667a65330c7ed33805c30896ff9fa979c1aeed8883eb31750af9802f6feb7034_s390x | — | ||
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:a78c13c0c3f17432dee6d22756d6656afffe33081a1db5fad0ab68798fb92580_amd64 | — | ||
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:b2359332ffb463d8af90bcc6871b0a5ff4e79ce82243ba89ace96e18e05964fa_ppc64le | — | ||
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0264dd99af5af4a7a30c2b5830e52980fc59d050cc940f191b32e09df284292a_ppc64le | — | ||
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0dc6a56baad15c9fa6d0669f6f59ba1c6b444ef75e5d2893fa4bdd970bdfe88b_s390x | — | ||
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:af5c18868820a4d139ad9c7d6a1d0a78396d96deb455b00a918c7eaf2ffbaa8b_amd64 | — | ||
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:3b08518f62a113a06a16ca3bcccbc128703f34815d66162426daabfd9740b2c4_ppc64le | — | ||
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:4e8a4d0bf152d8f50114d13ce51868506570825123b8df4eed426f524c01bde3_s390x | — | ||
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:7a17b1b04fd0d9ae66ad0dfaacbf9bebe44f77449763cd82bd172551c8dd5906_amd64 | — | ||
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:508186184b17d924659ad9dcaa468cd4086bbe958b4dac1a6297e7cd4f88a418_amd64 | — | ||
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:c9d56d0bfd800bd72c990829b81676a261c288f783ab44788feffdaa00bd069c_s390x | — | ||
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:ea0fb56298089dfd6ea04c4933e6e15668fe422b60b521cf1388783797ac7852_ppc64le | — | ||
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:06f31605e19bd7f702e403b815b961f125d92466e208428547069b3712c7a20e_s390x | — | ||
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:6348d3a07a76aa6eb90d1689cdf67a45559e752aec70d06261596f09d7ebca4f_amd64 | — | ||
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:c140c1da34f8cb38864f92201ac8c9aa6981318d1bd4ebf87cea698fdb80a6d7_ppc64le | — | ||
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:7904a53e3117acf2baeae3911c6d1cdfb78964080bf5ff3ff5bff531ca6ef366_ppc64le | — | ||
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:adbab231c9403261c85b6e4ff2c81c0d19e206106df60fd1551c9e30cb2d83f7_s390x | — | ||
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:bb16d7f7ef2310afacf12a11808c3b792ed1f30929ef9a62ff9b094d3d8512cc_amd64 | — |
Threats
Impact
Important
A flaw was discovered in FasterXML jackson-databind, where it would permit polymorphic deserialization of malicious objects using the slf4j, flex messaging, sun DRSHelper and JAX-WS gadgets when used in conjunction with polymorphic type handling methods such as `enableDefaultTyping()` or when @JsonTypeInfo is using `Id.CLASS` or `Id.MINIMAL_CLASS` or in any other way which ObjectMapper.readValue might instantiate objects from unsafe sources. An attacker could use this flaw to execute arbitrary code.
7.5 (High)
Affected products
Fixed
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:30491b87e69ba242c3eacb607c71c13a9957962c0ae75d63fbb1f7aff12e268b_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:614d1860d95c7e9a84ee68bb507f9970d0af63a7df3e744bd5e5a08a2a617914_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:9dbe9316331f9b7725f39d00dc2bc8433482750c8178066b002682894f92ed87_s390x | — |
Vendor Fix
fix
Workaround
|
Known not affected
23 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-operator-bundle@sha256:523e689589595cff9ee11393506309c00d23bf8fb945e1475aeeffea3d517897_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:0b3edcd073a1f331c011ebcd4aaa8371f9114b78a48e590df450e1e9006404c3_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:c143f6d1ec4d3d9a917a99c65815752e24e93a5be212c8d41a7f945ffffa67cf_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:f42594e7760bf45ccba9d0494391b07b355d147a8ccfae3db602bceb74d8e35f_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-operator-bundle@sha256:1a88af8ae614593144ab405214444d954aa97ba13baa6ccf3b3498b424f983df_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:667a65330c7ed33805c30896ff9fa979c1aeed8883eb31750af9802f6feb7034_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:a78c13c0c3f17432dee6d22756d6656afffe33081a1db5fad0ab68798fb92580_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:b2359332ffb463d8af90bcc6871b0a5ff4e79ce82243ba89ace96e18e05964fa_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0264dd99af5af4a7a30c2b5830e52980fc59d050cc940f191b32e09df284292a_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0dc6a56baad15c9fa6d0669f6f59ba1c6b444ef75e5d2893fa4bdd970bdfe88b_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:af5c18868820a4d139ad9c7d6a1d0a78396d96deb455b00a918c7eaf2ffbaa8b_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:3b08518f62a113a06a16ca3bcccbc128703f34815d66162426daabfd9740b2c4_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:4e8a4d0bf152d8f50114d13ce51868506570825123b8df4eed426f524c01bde3_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:7a17b1b04fd0d9ae66ad0dfaacbf9bebe44f77449763cd82bd172551c8dd5906_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:508186184b17d924659ad9dcaa468cd4086bbe958b4dac1a6297e7cd4f88a418_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:c9d56d0bfd800bd72c990829b81676a261c288f783ab44788feffdaa00bd069c_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:ea0fb56298089dfd6ea04c4933e6e15668fe422b60b521cf1388783797ac7852_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:06f31605e19bd7f702e403b815b961f125d92466e208428547069b3712c7a20e_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:6348d3a07a76aa6eb90d1689cdf67a45559e752aec70d06261596f09d7ebca4f_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:c140c1da34f8cb38864f92201ac8c9aa6981318d1bd4ebf87cea698fdb80a6d7_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:7904a53e3117acf2baeae3911c6d1cdfb78964080bf5ff3ff5bff531ca6ef366_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:adbab231c9403261c85b6e4ff2c81c0d19e206106df60fd1551c9e30cb2d83f7_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:bb16d7f7ef2310afacf12a11808c3b792ed1f30929ef9a62ff9b094d3d8512cc_amd64 | — |
Workaround
|
Threats
Impact
Moderate
FasterXML jackson-databind 2.x before 2.9.7 might allow remote attackers to conduct server-side request forgery (SSRF) attacks by leveraging failure to block the axis2-jaxws class from polymorphic deserialization.
6.8 (Medium)
Affected products
Fixed
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:30491b87e69ba242c3eacb607c71c13a9957962c0ae75d63fbb1f7aff12e268b_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:614d1860d95c7e9a84ee68bb507f9970d0af63a7df3e744bd5e5a08a2a617914_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:9dbe9316331f9b7725f39d00dc2bc8433482750c8178066b002682894f92ed87_s390x | — |
Vendor Fix
fix
|
Known not affected
23 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-operator-bundle@sha256:523e689589595cff9ee11393506309c00d23bf8fb945e1475aeeffea3d517897_amd64 | — | ||
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:0b3edcd073a1f331c011ebcd4aaa8371f9114b78a48e590df450e1e9006404c3_ppc64le | — | ||
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:c143f6d1ec4d3d9a917a99c65815752e24e93a5be212c8d41a7f945ffffa67cf_amd64 | — | ||
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:f42594e7760bf45ccba9d0494391b07b355d147a8ccfae3db602bceb74d8e35f_s390x | — | ||
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-operator-bundle@sha256:1a88af8ae614593144ab405214444d954aa97ba13baa6ccf3b3498b424f983df_amd64 | — | ||
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:667a65330c7ed33805c30896ff9fa979c1aeed8883eb31750af9802f6feb7034_s390x | — | ||
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:a78c13c0c3f17432dee6d22756d6656afffe33081a1db5fad0ab68798fb92580_amd64 | — | ||
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:b2359332ffb463d8af90bcc6871b0a5ff4e79ce82243ba89ace96e18e05964fa_ppc64le | — | ||
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0264dd99af5af4a7a30c2b5830e52980fc59d050cc940f191b32e09df284292a_ppc64le | — | ||
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0dc6a56baad15c9fa6d0669f6f59ba1c6b444ef75e5d2893fa4bdd970bdfe88b_s390x | — | ||
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:af5c18868820a4d139ad9c7d6a1d0a78396d96deb455b00a918c7eaf2ffbaa8b_amd64 | — | ||
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:3b08518f62a113a06a16ca3bcccbc128703f34815d66162426daabfd9740b2c4_ppc64le | — | ||
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:4e8a4d0bf152d8f50114d13ce51868506570825123b8df4eed426f524c01bde3_s390x | — | ||
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:7a17b1b04fd0d9ae66ad0dfaacbf9bebe44f77449763cd82bd172551c8dd5906_amd64 | — | ||
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:508186184b17d924659ad9dcaa468cd4086bbe958b4dac1a6297e7cd4f88a418_amd64 | — | ||
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:c9d56d0bfd800bd72c990829b81676a261c288f783ab44788feffdaa00bd069c_s390x | — | ||
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:ea0fb56298089dfd6ea04c4933e6e15668fe422b60b521cf1388783797ac7852_ppc64le | — | ||
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:06f31605e19bd7f702e403b815b961f125d92466e208428547069b3712c7a20e_s390x | — | ||
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:6348d3a07a76aa6eb90d1689cdf67a45559e752aec70d06261596f09d7ebca4f_amd64 | — | ||
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:c140c1da34f8cb38864f92201ac8c9aa6981318d1bd4ebf87cea698fdb80a6d7_ppc64le | — | ||
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:7904a53e3117acf2baeae3911c6d1cdfb78964080bf5ff3ff5bff531ca6ef366_ppc64le | — | ||
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:adbab231c9403261c85b6e4ff2c81c0d19e206106df60fd1551c9e30cb2d83f7_s390x | — | ||
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:bb16d7f7ef2310afacf12a11808c3b792ed1f30929ef9a62ff9b094d3d8512cc_amd64 | — |
Threats
Impact
Moderate
A flaw was discovered in jackson-databind, where it would permit polymorphic deserialization of a malicious object using the axis2-transport-jms class. An attacker could use this flaw to execute arbitrary code.
7.3 (High)
Affected products
Fixed
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:30491b87e69ba242c3eacb607c71c13a9957962c0ae75d63fbb1f7aff12e268b_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:614d1860d95c7e9a84ee68bb507f9970d0af63a7df3e744bd5e5a08a2a617914_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:9dbe9316331f9b7725f39d00dc2bc8433482750c8178066b002682894f92ed87_s390x | — |
Vendor Fix
fix
|
Known not affected
23 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-operator-bundle@sha256:523e689589595cff9ee11393506309c00d23bf8fb945e1475aeeffea3d517897_amd64 | — | ||
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:0b3edcd073a1f331c011ebcd4aaa8371f9114b78a48e590df450e1e9006404c3_ppc64le | — | ||
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:c143f6d1ec4d3d9a917a99c65815752e24e93a5be212c8d41a7f945ffffa67cf_amd64 | — | ||
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:f42594e7760bf45ccba9d0494391b07b355d147a8ccfae3db602bceb74d8e35f_s390x | — | ||
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-operator-bundle@sha256:1a88af8ae614593144ab405214444d954aa97ba13baa6ccf3b3498b424f983df_amd64 | — | ||
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:667a65330c7ed33805c30896ff9fa979c1aeed8883eb31750af9802f6feb7034_s390x | — | ||
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:a78c13c0c3f17432dee6d22756d6656afffe33081a1db5fad0ab68798fb92580_amd64 | — | ||
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:b2359332ffb463d8af90bcc6871b0a5ff4e79ce82243ba89ace96e18e05964fa_ppc64le | — | ||
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0264dd99af5af4a7a30c2b5830e52980fc59d050cc940f191b32e09df284292a_ppc64le | — | ||
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0dc6a56baad15c9fa6d0669f6f59ba1c6b444ef75e5d2893fa4bdd970bdfe88b_s390x | — | ||
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:af5c18868820a4d139ad9c7d6a1d0a78396d96deb455b00a918c7eaf2ffbaa8b_amd64 | — | ||
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:3b08518f62a113a06a16ca3bcccbc128703f34815d66162426daabfd9740b2c4_ppc64le | — | ||
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:4e8a4d0bf152d8f50114d13ce51868506570825123b8df4eed426f524c01bde3_s390x | — | ||
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:7a17b1b04fd0d9ae66ad0dfaacbf9bebe44f77449763cd82bd172551c8dd5906_amd64 | — | ||
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:508186184b17d924659ad9dcaa468cd4086bbe958b4dac1a6297e7cd4f88a418_amd64 | — | ||
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:c9d56d0bfd800bd72c990829b81676a261c288f783ab44788feffdaa00bd069c_s390x | — | ||
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:ea0fb56298089dfd6ea04c4933e6e15668fe422b60b521cf1388783797ac7852_ppc64le | — | ||
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:06f31605e19bd7f702e403b815b961f125d92466e208428547069b3712c7a20e_s390x | — | ||
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:6348d3a07a76aa6eb90d1689cdf67a45559e752aec70d06261596f09d7ebca4f_amd64 | — | ||
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:c140c1da34f8cb38864f92201ac8c9aa6981318d1bd4ebf87cea698fdb80a6d7_ppc64le | — | ||
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:7904a53e3117acf2baeae3911c6d1cdfb78964080bf5ff3ff5bff531ca6ef366_ppc64le | — | ||
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:adbab231c9403261c85b6e4ff2c81c0d19e206106df60fd1551c9e30cb2d83f7_s390x | — | ||
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:bb16d7f7ef2310afacf12a11808c3b792ed1f30929ef9a62ff9b094d3d8512cc_amd64 | — |
Threats
Impact
Important
A flaw was discovered in jackson-databind, where it would permit polymorphic deserialization of a malicious object using the OpenJPA class. An attacker could use this flaw to execute arbitrary code.
7.3 (High)
Affected products
Fixed
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:30491b87e69ba242c3eacb607c71c13a9957962c0ae75d63fbb1f7aff12e268b_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:614d1860d95c7e9a84ee68bb507f9970d0af63a7df3e744bd5e5a08a2a617914_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:9dbe9316331f9b7725f39d00dc2bc8433482750c8178066b002682894f92ed87_s390x | — |
Vendor Fix
fix
|
Known not affected
23 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-operator-bundle@sha256:523e689589595cff9ee11393506309c00d23bf8fb945e1475aeeffea3d517897_amd64 | — | ||
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:0b3edcd073a1f331c011ebcd4aaa8371f9114b78a48e590df450e1e9006404c3_ppc64le | — | ||
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:c143f6d1ec4d3d9a917a99c65815752e24e93a5be212c8d41a7f945ffffa67cf_amd64 | — | ||
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:f42594e7760bf45ccba9d0494391b07b355d147a8ccfae3db602bceb74d8e35f_s390x | — | ||
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-operator-bundle@sha256:1a88af8ae614593144ab405214444d954aa97ba13baa6ccf3b3498b424f983df_amd64 | — | ||
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:667a65330c7ed33805c30896ff9fa979c1aeed8883eb31750af9802f6feb7034_s390x | — | ||
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:a78c13c0c3f17432dee6d22756d6656afffe33081a1db5fad0ab68798fb92580_amd64 | — | ||
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:b2359332ffb463d8af90bcc6871b0a5ff4e79ce82243ba89ace96e18e05964fa_ppc64le | — | ||
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0264dd99af5af4a7a30c2b5830e52980fc59d050cc940f191b32e09df284292a_ppc64le | — | ||
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0dc6a56baad15c9fa6d0669f6f59ba1c6b444ef75e5d2893fa4bdd970bdfe88b_s390x | — | ||
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:af5c18868820a4d139ad9c7d6a1d0a78396d96deb455b00a918c7eaf2ffbaa8b_amd64 | — | ||
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:3b08518f62a113a06a16ca3bcccbc128703f34815d66162426daabfd9740b2c4_ppc64le | — | ||
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:4e8a4d0bf152d8f50114d13ce51868506570825123b8df4eed426f524c01bde3_s390x | — | ||
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:7a17b1b04fd0d9ae66ad0dfaacbf9bebe44f77449763cd82bd172551c8dd5906_amd64 | — | ||
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:508186184b17d924659ad9dcaa468cd4086bbe958b4dac1a6297e7cd4f88a418_amd64 | — | ||
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:c9d56d0bfd800bd72c990829b81676a261c288f783ab44788feffdaa00bd069c_s390x | — | ||
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:ea0fb56298089dfd6ea04c4933e6e15668fe422b60b521cf1388783797ac7852_ppc64le | — | ||
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:06f31605e19bd7f702e403b815b961f125d92466e208428547069b3712c7a20e_s390x | — | ||
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:6348d3a07a76aa6eb90d1689cdf67a45559e752aec70d06261596f09d7ebca4f_amd64 | — | ||
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:c140c1da34f8cb38864f92201ac8c9aa6981318d1bd4ebf87cea698fdb80a6d7_ppc64le | — | ||
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:7904a53e3117acf2baeae3911c6d1cdfb78964080bf5ff3ff5bff531ca6ef366_ppc64le | — | ||
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:adbab231c9403261c85b6e4ff2c81c0d19e206106df60fd1551c9e30cb2d83f7_s390x | — | ||
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:bb16d7f7ef2310afacf12a11808c3b792ed1f30929ef9a62ff9b094d3d8512cc_amd64 | — |
Threats
Impact
Important
A flaw was discovered in jackson-databind, where it would permit polymorphic deserialization of a malicious object using the jboss-common-core class. An attacker could use this flaw to execute arbitrary code.
7.3 (High)
Affected products
Fixed
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:30491b87e69ba242c3eacb607c71c13a9957962c0ae75d63fbb1f7aff12e268b_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:614d1860d95c7e9a84ee68bb507f9970d0af63a7df3e744bd5e5a08a2a617914_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:9dbe9316331f9b7725f39d00dc2bc8433482750c8178066b002682894f92ed87_s390x | — |
Vendor Fix
fix
|
Known not affected
23 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-operator-bundle@sha256:523e689589595cff9ee11393506309c00d23bf8fb945e1475aeeffea3d517897_amd64 | — | ||
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:0b3edcd073a1f331c011ebcd4aaa8371f9114b78a48e590df450e1e9006404c3_ppc64le | — | ||
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:c143f6d1ec4d3d9a917a99c65815752e24e93a5be212c8d41a7f945ffffa67cf_amd64 | — | ||
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:f42594e7760bf45ccba9d0494391b07b355d147a8ccfae3db602bceb74d8e35f_s390x | — | ||
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-operator-bundle@sha256:1a88af8ae614593144ab405214444d954aa97ba13baa6ccf3b3498b424f983df_amd64 | — | ||
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:667a65330c7ed33805c30896ff9fa979c1aeed8883eb31750af9802f6feb7034_s390x | — | ||
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:a78c13c0c3f17432dee6d22756d6656afffe33081a1db5fad0ab68798fb92580_amd64 | — | ||
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:b2359332ffb463d8af90bcc6871b0a5ff4e79ce82243ba89ace96e18e05964fa_ppc64le | — | ||
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0264dd99af5af4a7a30c2b5830e52980fc59d050cc940f191b32e09df284292a_ppc64le | — | ||
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0dc6a56baad15c9fa6d0669f6f59ba1c6b444ef75e5d2893fa4bdd970bdfe88b_s390x | — | ||
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:af5c18868820a4d139ad9c7d6a1d0a78396d96deb455b00a918c7eaf2ffbaa8b_amd64 | — | ||
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:3b08518f62a113a06a16ca3bcccbc128703f34815d66162426daabfd9740b2c4_ppc64le | — | ||
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:4e8a4d0bf152d8f50114d13ce51868506570825123b8df4eed426f524c01bde3_s390x | — | ||
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:7a17b1b04fd0d9ae66ad0dfaacbf9bebe44f77449763cd82bd172551c8dd5906_amd64 | — | ||
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:508186184b17d924659ad9dcaa468cd4086bbe958b4dac1a6297e7cd4f88a418_amd64 | — | ||
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:c9d56d0bfd800bd72c990829b81676a261c288f783ab44788feffdaa00bd069c_s390x | — | ||
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:ea0fb56298089dfd6ea04c4933e6e15668fe422b60b521cf1388783797ac7852_ppc64le | — | ||
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:06f31605e19bd7f702e403b815b961f125d92466e208428547069b3712c7a20e_s390x | — | ||
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:6348d3a07a76aa6eb90d1689cdf67a45559e752aec70d06261596f09d7ebca4f_amd64 | — | ||
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:c140c1da34f8cb38864f92201ac8c9aa6981318d1bd4ebf87cea698fdb80a6d7_ppc64le | — | ||
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:7904a53e3117acf2baeae3911c6d1cdfb78964080bf5ff3ff5bff531ca6ef366_ppc64le | — | ||
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:adbab231c9403261c85b6e4ff2c81c0d19e206106df60fd1551c9e30cb2d83f7_s390x | — | ||
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:bb16d7f7ef2310afacf12a11808c3b792ed1f30929ef9a62ff9b094d3d8512cc_amd64 | — |
Threats
Impact
Important
A flaw was discovered in FasterXML jackson-databind, where it would permit polymorphic deserialization of malicious objects using the ehcache and logback JNDI gadgets when used in conjunction with polymorphic type handling methods such as `enableDefaultTyping()` or when @JsonTypeInfo is using `Id.CLASS` or `Id.MINIMAL_CLASS` or in any other way which ObjectMapper.readValue might instantiate objects from unsafe sources. An attacker could use this flaw to execute arbitrary code.
9.8 (Critical)
Affected products
Fixed
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:30491b87e69ba242c3eacb607c71c13a9957962c0ae75d63fbb1f7aff12e268b_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:614d1860d95c7e9a84ee68bb507f9970d0af63a7df3e744bd5e5a08a2a617914_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:9dbe9316331f9b7725f39d00dc2bc8433482750c8178066b002682894f92ed87_s390x | — |
Vendor Fix
fix
Workaround
|
Known not affected
23 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-operator-bundle@sha256:523e689589595cff9ee11393506309c00d23bf8fb945e1475aeeffea3d517897_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:0b3edcd073a1f331c011ebcd4aaa8371f9114b78a48e590df450e1e9006404c3_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:c143f6d1ec4d3d9a917a99c65815752e24e93a5be212c8d41a7f945ffffa67cf_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:f42594e7760bf45ccba9d0494391b07b355d147a8ccfae3db602bceb74d8e35f_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-operator-bundle@sha256:1a88af8ae614593144ab405214444d954aa97ba13baa6ccf3b3498b424f983df_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:667a65330c7ed33805c30896ff9fa979c1aeed8883eb31750af9802f6feb7034_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:a78c13c0c3f17432dee6d22756d6656afffe33081a1db5fad0ab68798fb92580_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:b2359332ffb463d8af90bcc6871b0a5ff4e79ce82243ba89ace96e18e05964fa_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0264dd99af5af4a7a30c2b5830e52980fc59d050cc940f191b32e09df284292a_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0dc6a56baad15c9fa6d0669f6f59ba1c6b444ef75e5d2893fa4bdd970bdfe88b_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:af5c18868820a4d139ad9c7d6a1d0a78396d96deb455b00a918c7eaf2ffbaa8b_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:3b08518f62a113a06a16ca3bcccbc128703f34815d66162426daabfd9740b2c4_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:4e8a4d0bf152d8f50114d13ce51868506570825123b8df4eed426f524c01bde3_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:7a17b1b04fd0d9ae66ad0dfaacbf9bebe44f77449763cd82bd172551c8dd5906_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:508186184b17d924659ad9dcaa468cd4086bbe958b4dac1a6297e7cd4f88a418_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:c9d56d0bfd800bd72c990829b81676a261c288f783ab44788feffdaa00bd069c_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:ea0fb56298089dfd6ea04c4933e6e15668fe422b60b521cf1388783797ac7852_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:06f31605e19bd7f702e403b815b961f125d92466e208428547069b3712c7a20e_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:6348d3a07a76aa6eb90d1689cdf67a45559e752aec70d06261596f09d7ebca4f_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:c140c1da34f8cb38864f92201ac8c9aa6981318d1bd4ebf87cea698fdb80a6d7_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:7904a53e3117acf2baeae3911c6d1cdfb78964080bf5ff3ff5bff531ca6ef366_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:adbab231c9403261c85b6e4ff2c81c0d19e206106df60fd1551c9e30cb2d83f7_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:bb16d7f7ef2310afacf12a11808c3b792ed1f30929ef9a62ff9b094d3d8512cc_amd64 | — |
Workaround
|
Threats
Impact
Important
A flaw was found Go's net/http package. Servers using ReverseProxy from net/http in the Go standard library are vulnerable to a data race that results in a denial of service. The highest threat from this vulnerability is to system availability.
5.9 (Medium)
Affected products
Fixed
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:3b08518f62a113a06a16ca3bcccbc128703f34815d66162426daabfd9740b2c4_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:4e8a4d0bf152d8f50114d13ce51868506570825123b8df4eed426f524c01bde3_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:7a17b1b04fd0d9ae66ad0dfaacbf9bebe44f77449763cd82bd172551c8dd5906_amd64 | — |
Vendor Fix
fix
|
Known not affected
23 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-operator-bundle@sha256:523e689589595cff9ee11393506309c00d23bf8fb945e1475aeeffea3d517897_amd64 | — | ||
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:0b3edcd073a1f331c011ebcd4aaa8371f9114b78a48e590df450e1e9006404c3_ppc64le | — | ||
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:c143f6d1ec4d3d9a917a99c65815752e24e93a5be212c8d41a7f945ffffa67cf_amd64 | — | ||
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:f42594e7760bf45ccba9d0494391b07b355d147a8ccfae3db602bceb74d8e35f_s390x | — | ||
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-operator-bundle@sha256:1a88af8ae614593144ab405214444d954aa97ba13baa6ccf3b3498b424f983df_amd64 | — | ||
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:667a65330c7ed33805c30896ff9fa979c1aeed8883eb31750af9802f6feb7034_s390x | — | ||
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:a78c13c0c3f17432dee6d22756d6656afffe33081a1db5fad0ab68798fb92580_amd64 | — | ||
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:b2359332ffb463d8af90bcc6871b0a5ff4e79ce82243ba89ace96e18e05964fa_ppc64le | — | ||
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0264dd99af5af4a7a30c2b5830e52980fc59d050cc940f191b32e09df284292a_ppc64le | — | ||
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0dc6a56baad15c9fa6d0669f6f59ba1c6b444ef75e5d2893fa4bdd970bdfe88b_s390x | — | ||
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:af5c18868820a4d139ad9c7d6a1d0a78396d96deb455b00a918c7eaf2ffbaa8b_amd64 | — | ||
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:30491b87e69ba242c3eacb607c71c13a9957962c0ae75d63fbb1f7aff12e268b_ppc64le | — | ||
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:614d1860d95c7e9a84ee68bb507f9970d0af63a7df3e744bd5e5a08a2a617914_amd64 | — | ||
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:9dbe9316331f9b7725f39d00dc2bc8433482750c8178066b002682894f92ed87_s390x | — | ||
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:508186184b17d924659ad9dcaa468cd4086bbe958b4dac1a6297e7cd4f88a418_amd64 | — | ||
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:c9d56d0bfd800bd72c990829b81676a261c288f783ab44788feffdaa00bd069c_s390x | — | ||
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:ea0fb56298089dfd6ea04c4933e6e15668fe422b60b521cf1388783797ac7852_ppc64le | — | ||
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:06f31605e19bd7f702e403b815b961f125d92466e208428547069b3712c7a20e_s390x | — | ||
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:6348d3a07a76aa6eb90d1689cdf67a45559e752aec70d06261596f09d7ebca4f_amd64 | — | ||
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:c140c1da34f8cb38864f92201ac8c9aa6981318d1bd4ebf87cea698fdb80a6d7_ppc64le | — | ||
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:7904a53e3117acf2baeae3911c6d1cdfb78964080bf5ff3ff5bff531ca6ef366_ppc64le | — | ||
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:adbab231c9403261c85b6e4ff2c81c0d19e206106df60fd1551c9e30cb2d83f7_s390x | — | ||
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:bb16d7f7ef2310afacf12a11808c3b792ed1f30929ef9a62ff9b094d3d8512cc_amd64 | — |
Threats
Impact
Moderate
A flaw was found in the Go encoding/binary package. Certain invalid inputs to the ReadUvarint or the ReadVarint causes those functions to read an unlimited number of bytes from the ByteReader argument before returning an error. This flaw possibly leads to processing more input than expected. The highest threat from this vulnerability is to system availability.
7.5 (High)
Affected products
Fixed
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:3b08518f62a113a06a16ca3bcccbc128703f34815d66162426daabfd9740b2c4_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:4e8a4d0bf152d8f50114d13ce51868506570825123b8df4eed426f524c01bde3_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:7a17b1b04fd0d9ae66ad0dfaacbf9bebe44f77449763cd82bd172551c8dd5906_amd64 | — |
Vendor Fix
fix
|
Known not affected
23 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-operator-bundle@sha256:523e689589595cff9ee11393506309c00d23bf8fb945e1475aeeffea3d517897_amd64 | — | ||
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:0b3edcd073a1f331c011ebcd4aaa8371f9114b78a48e590df450e1e9006404c3_ppc64le | — | ||
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:c143f6d1ec4d3d9a917a99c65815752e24e93a5be212c8d41a7f945ffffa67cf_amd64 | — | ||
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:f42594e7760bf45ccba9d0494391b07b355d147a8ccfae3db602bceb74d8e35f_s390x | — | ||
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-operator-bundle@sha256:1a88af8ae614593144ab405214444d954aa97ba13baa6ccf3b3498b424f983df_amd64 | — | ||
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:667a65330c7ed33805c30896ff9fa979c1aeed8883eb31750af9802f6feb7034_s390x | — | ||
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:a78c13c0c3f17432dee6d22756d6656afffe33081a1db5fad0ab68798fb92580_amd64 | — | ||
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:b2359332ffb463d8af90bcc6871b0a5ff4e79ce82243ba89ace96e18e05964fa_ppc64le | — | ||
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0264dd99af5af4a7a30c2b5830e52980fc59d050cc940f191b32e09df284292a_ppc64le | — | ||
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0dc6a56baad15c9fa6d0669f6f59ba1c6b444ef75e5d2893fa4bdd970bdfe88b_s390x | — | ||
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:af5c18868820a4d139ad9c7d6a1d0a78396d96deb455b00a918c7eaf2ffbaa8b_amd64 | — | ||
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:30491b87e69ba242c3eacb607c71c13a9957962c0ae75d63fbb1f7aff12e268b_ppc64le | — | ||
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:614d1860d95c7e9a84ee68bb507f9970d0af63a7df3e744bd5e5a08a2a617914_amd64 | — | ||
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:9dbe9316331f9b7725f39d00dc2bc8433482750c8178066b002682894f92ed87_s390x | — | ||
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:508186184b17d924659ad9dcaa468cd4086bbe958b4dac1a6297e7cd4f88a418_amd64 | — | ||
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:c9d56d0bfd800bd72c990829b81676a261c288f783ab44788feffdaa00bd069c_s390x | — | ||
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:ea0fb56298089dfd6ea04c4933e6e15668fe422b60b521cf1388783797ac7852_ppc64le | — | ||
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:06f31605e19bd7f702e403b815b961f125d92466e208428547069b3712c7a20e_s390x | — | ||
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:6348d3a07a76aa6eb90d1689cdf67a45559e752aec70d06261596f09d7ebca4f_amd64 | — | ||
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:c140c1da34f8cb38864f92201ac8c9aa6981318d1bd4ebf87cea698fdb80a6d7_ppc64le | — | ||
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:7904a53e3117acf2baeae3911c6d1cdfb78964080bf5ff3ff5bff531ca6ef366_ppc64le | — | ||
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:adbab231c9403261c85b6e4ff2c81c0d19e206106df60fd1551c9e30cb2d83f7_s390x | — | ||
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:bb16d7f7ef2310afacf12a11808c3b792ed1f30929ef9a62ff9b094d3d8512cc_amd64 | — |
Threats
Impact
Moderate
A flaw was found in jackson-databind 2.x in versions prior to 2.9.10.6. The interaction between serialization gadgets and typing is mishandled. The highest threat from this vulnerability is to data confidentiality and system availability.
8.1 (High)
Affected products
Fixed
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:30491b87e69ba242c3eacb607c71c13a9957962c0ae75d63fbb1f7aff12e268b_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:614d1860d95c7e9a84ee68bb507f9970d0af63a7df3e744bd5e5a08a2a617914_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:9dbe9316331f9b7725f39d00dc2bc8433482750c8178066b002682894f92ed87_s390x | — |
Vendor Fix
fix
Workaround
|
Known not affected
23 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-operator-bundle@sha256:523e689589595cff9ee11393506309c00d23bf8fb945e1475aeeffea3d517897_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:0b3edcd073a1f331c011ebcd4aaa8371f9114b78a48e590df450e1e9006404c3_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:c143f6d1ec4d3d9a917a99c65815752e24e93a5be212c8d41a7f945ffffa67cf_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:f42594e7760bf45ccba9d0494391b07b355d147a8ccfae3db602bceb74d8e35f_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-operator-bundle@sha256:1a88af8ae614593144ab405214444d954aa97ba13baa6ccf3b3498b424f983df_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:667a65330c7ed33805c30896ff9fa979c1aeed8883eb31750af9802f6feb7034_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:a78c13c0c3f17432dee6d22756d6656afffe33081a1db5fad0ab68798fb92580_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:b2359332ffb463d8af90bcc6871b0a5ff4e79ce82243ba89ace96e18e05964fa_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0264dd99af5af4a7a30c2b5830e52980fc59d050cc940f191b32e09df284292a_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0dc6a56baad15c9fa6d0669f6f59ba1c6b444ef75e5d2893fa4bdd970bdfe88b_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:af5c18868820a4d139ad9c7d6a1d0a78396d96deb455b00a918c7eaf2ffbaa8b_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:3b08518f62a113a06a16ca3bcccbc128703f34815d66162426daabfd9740b2c4_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:4e8a4d0bf152d8f50114d13ce51868506570825123b8df4eed426f524c01bde3_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:7a17b1b04fd0d9ae66ad0dfaacbf9bebe44f77449763cd82bd172551c8dd5906_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:508186184b17d924659ad9dcaa468cd4086bbe958b4dac1a6297e7cd4f88a418_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:c9d56d0bfd800bd72c990829b81676a261c288f783ab44788feffdaa00bd069c_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:ea0fb56298089dfd6ea04c4933e6e15668fe422b60b521cf1388783797ac7852_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:06f31605e19bd7f702e403b815b961f125d92466e208428547069b3712c7a20e_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:6348d3a07a76aa6eb90d1689cdf67a45559e752aec70d06261596f09d7ebca4f_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:c140c1da34f8cb38864f92201ac8c9aa6981318d1bd4ebf87cea698fdb80a6d7_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:7904a53e3117acf2baeae3911c6d1cdfb78964080bf5ff3ff5bff531ca6ef366_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:adbab231c9403261c85b6e4ff2c81c0d19e206106df60fd1551c9e30cb2d83f7_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:bb16d7f7ef2310afacf12a11808c3b792ed1f30929ef9a62ff9b094d3d8512cc_amd64 | — |
Workaround
|
Threats
Impact
Important
A flaw was found in jackson-databind. FasterXML mishandles the interaction between serialization gadgets and typing. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
8.1 (High)
Affected products
Fixed
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:30491b87e69ba242c3eacb607c71c13a9957962c0ae75d63fbb1f7aff12e268b_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:614d1860d95c7e9a84ee68bb507f9970d0af63a7df3e744bd5e5a08a2a617914_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:9dbe9316331f9b7725f39d00dc2bc8433482750c8178066b002682894f92ed87_s390x | — |
Vendor Fix
fix
Workaround
|
Known not affected
23 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-operator-bundle@sha256:523e689589595cff9ee11393506309c00d23bf8fb945e1475aeeffea3d517897_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:0b3edcd073a1f331c011ebcd4aaa8371f9114b78a48e590df450e1e9006404c3_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:c143f6d1ec4d3d9a917a99c65815752e24e93a5be212c8d41a7f945ffffa67cf_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:f42594e7760bf45ccba9d0494391b07b355d147a8ccfae3db602bceb74d8e35f_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-operator-bundle@sha256:1a88af8ae614593144ab405214444d954aa97ba13baa6ccf3b3498b424f983df_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:667a65330c7ed33805c30896ff9fa979c1aeed8883eb31750af9802f6feb7034_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:a78c13c0c3f17432dee6d22756d6656afffe33081a1db5fad0ab68798fb92580_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:b2359332ffb463d8af90bcc6871b0a5ff4e79ce82243ba89ace96e18e05964fa_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0264dd99af5af4a7a30c2b5830e52980fc59d050cc940f191b32e09df284292a_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0dc6a56baad15c9fa6d0669f6f59ba1c6b444ef75e5d2893fa4bdd970bdfe88b_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:af5c18868820a4d139ad9c7d6a1d0a78396d96deb455b00a918c7eaf2ffbaa8b_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:3b08518f62a113a06a16ca3bcccbc128703f34815d66162426daabfd9740b2c4_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:4e8a4d0bf152d8f50114d13ce51868506570825123b8df4eed426f524c01bde3_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:7a17b1b04fd0d9ae66ad0dfaacbf9bebe44f77449763cd82bd172551c8dd5906_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:508186184b17d924659ad9dcaa468cd4086bbe958b4dac1a6297e7cd4f88a418_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:c9d56d0bfd800bd72c990829b81676a261c288f783ab44788feffdaa00bd069c_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:ea0fb56298089dfd6ea04c4933e6e15668fe422b60b521cf1388783797ac7852_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:06f31605e19bd7f702e403b815b961f125d92466e208428547069b3712c7a20e_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:6348d3a07a76aa6eb90d1689cdf67a45559e752aec70d06261596f09d7ebca4f_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:c140c1da34f8cb38864f92201ac8c9aa6981318d1bd4ebf87cea698fdb80a6d7_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:7904a53e3117acf2baeae3911c6d1cdfb78964080bf5ff3ff5bff531ca6ef366_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:adbab231c9403261c85b6e4ff2c81c0d19e206106df60fd1551c9e30cb2d83f7_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:bb16d7f7ef2310afacf12a11808c3b792ed1f30929ef9a62ff9b094d3d8512cc_amd64 | — |
Workaround
|
Threats
Impact
Important
A flaw was found in jackson-databind. FasterXML mishandles the interaction between serialization gadgets and typing. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
8.1 (High)
Affected products
Fixed
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:30491b87e69ba242c3eacb607c71c13a9957962c0ae75d63fbb1f7aff12e268b_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:614d1860d95c7e9a84ee68bb507f9970d0af63a7df3e744bd5e5a08a2a617914_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:9dbe9316331f9b7725f39d00dc2bc8433482750c8178066b002682894f92ed87_s390x | — |
Vendor Fix
fix
Workaround
|
Known not affected
23 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-operator-bundle@sha256:523e689589595cff9ee11393506309c00d23bf8fb945e1475aeeffea3d517897_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:0b3edcd073a1f331c011ebcd4aaa8371f9114b78a48e590df450e1e9006404c3_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:c143f6d1ec4d3d9a917a99c65815752e24e93a5be212c8d41a7f945ffffa67cf_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:f42594e7760bf45ccba9d0494391b07b355d147a8ccfae3db602bceb74d8e35f_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-operator-bundle@sha256:1a88af8ae614593144ab405214444d954aa97ba13baa6ccf3b3498b424f983df_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:667a65330c7ed33805c30896ff9fa979c1aeed8883eb31750af9802f6feb7034_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:a78c13c0c3f17432dee6d22756d6656afffe33081a1db5fad0ab68798fb92580_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:b2359332ffb463d8af90bcc6871b0a5ff4e79ce82243ba89ace96e18e05964fa_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0264dd99af5af4a7a30c2b5830e52980fc59d050cc940f191b32e09df284292a_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0dc6a56baad15c9fa6d0669f6f59ba1c6b444ef75e5d2893fa4bdd970bdfe88b_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:af5c18868820a4d139ad9c7d6a1d0a78396d96deb455b00a918c7eaf2ffbaa8b_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:3b08518f62a113a06a16ca3bcccbc128703f34815d66162426daabfd9740b2c4_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:4e8a4d0bf152d8f50114d13ce51868506570825123b8df4eed426f524c01bde3_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:7a17b1b04fd0d9ae66ad0dfaacbf9bebe44f77449763cd82bd172551c8dd5906_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:508186184b17d924659ad9dcaa468cd4086bbe958b4dac1a6297e7cd4f88a418_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:c9d56d0bfd800bd72c990829b81676a261c288f783ab44788feffdaa00bd069c_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:ea0fb56298089dfd6ea04c4933e6e15668fe422b60b521cf1388783797ac7852_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:06f31605e19bd7f702e403b815b961f125d92466e208428547069b3712c7a20e_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:6348d3a07a76aa6eb90d1689cdf67a45559e752aec70d06261596f09d7ebca4f_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:c140c1da34f8cb38864f92201ac8c9aa6981318d1bd4ebf87cea698fdb80a6d7_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:7904a53e3117acf2baeae3911c6d1cdfb78964080bf5ff3ff5bff531ca6ef366_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:adbab231c9403261c85b6e4ff2c81c0d19e206106df60fd1551c9e30cb2d83f7_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:bb16d7f7ef2310afacf12a11808c3b792ed1f30929ef9a62ff9b094d3d8512cc_amd64 | — |
Workaround
|
Threats
Impact
Important
A flaw was found in jackson-databind. FasterXML mishandles the interaction between serialization gadgets and typing. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
8.1 (High)
Affected products
Fixed
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:30491b87e69ba242c3eacb607c71c13a9957962c0ae75d63fbb1f7aff12e268b_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:614d1860d95c7e9a84ee68bb507f9970d0af63a7df3e744bd5e5a08a2a617914_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:9dbe9316331f9b7725f39d00dc2bc8433482750c8178066b002682894f92ed87_s390x | — |
Vendor Fix
fix
Workaround
|
Known not affected
23 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-operator-bundle@sha256:523e689589595cff9ee11393506309c00d23bf8fb945e1475aeeffea3d517897_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:0b3edcd073a1f331c011ebcd4aaa8371f9114b78a48e590df450e1e9006404c3_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:c143f6d1ec4d3d9a917a99c65815752e24e93a5be212c8d41a7f945ffffa67cf_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:f42594e7760bf45ccba9d0494391b07b355d147a8ccfae3db602bceb74d8e35f_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-operator-bundle@sha256:1a88af8ae614593144ab405214444d954aa97ba13baa6ccf3b3498b424f983df_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:667a65330c7ed33805c30896ff9fa979c1aeed8883eb31750af9802f6feb7034_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:a78c13c0c3f17432dee6d22756d6656afffe33081a1db5fad0ab68798fb92580_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:b2359332ffb463d8af90bcc6871b0a5ff4e79ce82243ba89ace96e18e05964fa_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0264dd99af5af4a7a30c2b5830e52980fc59d050cc940f191b32e09df284292a_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0dc6a56baad15c9fa6d0669f6f59ba1c6b444ef75e5d2893fa4bdd970bdfe88b_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:af5c18868820a4d139ad9c7d6a1d0a78396d96deb455b00a918c7eaf2ffbaa8b_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:3b08518f62a113a06a16ca3bcccbc128703f34815d66162426daabfd9740b2c4_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:4e8a4d0bf152d8f50114d13ce51868506570825123b8df4eed426f524c01bde3_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:7a17b1b04fd0d9ae66ad0dfaacbf9bebe44f77449763cd82bd172551c8dd5906_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:508186184b17d924659ad9dcaa468cd4086bbe958b4dac1a6297e7cd4f88a418_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:c9d56d0bfd800bd72c990829b81676a261c288f783ab44788feffdaa00bd069c_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:ea0fb56298089dfd6ea04c4933e6e15668fe422b60b521cf1388783797ac7852_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:06f31605e19bd7f702e403b815b961f125d92466e208428547069b3712c7a20e_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:6348d3a07a76aa6eb90d1689cdf67a45559e752aec70d06261596f09d7ebca4f_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:c140c1da34f8cb38864f92201ac8c9aa6981318d1bd4ebf87cea698fdb80a6d7_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:7904a53e3117acf2baeae3911c6d1cdfb78964080bf5ff3ff5bff531ca6ef366_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:adbab231c9403261c85b6e4ff2c81c0d19e206106df60fd1551c9e30cb2d83f7_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:bb16d7f7ef2310afacf12a11808c3b792ed1f30929ef9a62ff9b094d3d8512cc_amd64 | — |
Workaround
|
Threats
Impact
Important
A flaw was found in jackson-databind. FasterXML mishandles the interaction between serialization gadgets and typing. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
8.1 (High)
Affected products
Fixed
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:30491b87e69ba242c3eacb607c71c13a9957962c0ae75d63fbb1f7aff12e268b_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:614d1860d95c7e9a84ee68bb507f9970d0af63a7df3e744bd5e5a08a2a617914_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:9dbe9316331f9b7725f39d00dc2bc8433482750c8178066b002682894f92ed87_s390x | — |
Vendor Fix
fix
Workaround
|
Known not affected
23 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-operator-bundle@sha256:523e689589595cff9ee11393506309c00d23bf8fb945e1475aeeffea3d517897_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:0b3edcd073a1f331c011ebcd4aaa8371f9114b78a48e590df450e1e9006404c3_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:c143f6d1ec4d3d9a917a99c65815752e24e93a5be212c8d41a7f945ffffa67cf_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:f42594e7760bf45ccba9d0494391b07b355d147a8ccfae3db602bceb74d8e35f_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-operator-bundle@sha256:1a88af8ae614593144ab405214444d954aa97ba13baa6ccf3b3498b424f983df_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:667a65330c7ed33805c30896ff9fa979c1aeed8883eb31750af9802f6feb7034_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:a78c13c0c3f17432dee6d22756d6656afffe33081a1db5fad0ab68798fb92580_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:b2359332ffb463d8af90bcc6871b0a5ff4e79ce82243ba89ace96e18e05964fa_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0264dd99af5af4a7a30c2b5830e52980fc59d050cc940f191b32e09df284292a_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0dc6a56baad15c9fa6d0669f6f59ba1c6b444ef75e5d2893fa4bdd970bdfe88b_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:af5c18868820a4d139ad9c7d6a1d0a78396d96deb455b00a918c7eaf2ffbaa8b_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:3b08518f62a113a06a16ca3bcccbc128703f34815d66162426daabfd9740b2c4_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:4e8a4d0bf152d8f50114d13ce51868506570825123b8df4eed426f524c01bde3_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:7a17b1b04fd0d9ae66ad0dfaacbf9bebe44f77449763cd82bd172551c8dd5906_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:508186184b17d924659ad9dcaa468cd4086bbe958b4dac1a6297e7cd4f88a418_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:c9d56d0bfd800bd72c990829b81676a261c288f783ab44788feffdaa00bd069c_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:ea0fb56298089dfd6ea04c4933e6e15668fe422b60b521cf1388783797ac7852_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:06f31605e19bd7f702e403b815b961f125d92466e208428547069b3712c7a20e_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:6348d3a07a76aa6eb90d1689cdf67a45559e752aec70d06261596f09d7ebca4f_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:c140c1da34f8cb38864f92201ac8c9aa6981318d1bd4ebf87cea698fdb80a6d7_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:7904a53e3117acf2baeae3911c6d1cdfb78964080bf5ff3ff5bff531ca6ef366_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:adbab231c9403261c85b6e4ff2c81c0d19e206106df60fd1551c9e30cb2d83f7_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:bb16d7f7ef2310afacf12a11808c3b792ed1f30929ef9a62ff9b094d3d8512cc_amd64 | — |
Workaround
|
Threats
Impact
Important
A flaw was found in jackson-databind. FasterXML mishandles the interaction between serialization gadgets and typing. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
8.1 (High)
Affected products
Fixed
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:30491b87e69ba242c3eacb607c71c13a9957962c0ae75d63fbb1f7aff12e268b_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:614d1860d95c7e9a84ee68bb507f9970d0af63a7df3e744bd5e5a08a2a617914_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:9dbe9316331f9b7725f39d00dc2bc8433482750c8178066b002682894f92ed87_s390x | — |
Vendor Fix
fix
Workaround
|
Known not affected
23 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-operator-bundle@sha256:523e689589595cff9ee11393506309c00d23bf8fb945e1475aeeffea3d517897_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:0b3edcd073a1f331c011ebcd4aaa8371f9114b78a48e590df450e1e9006404c3_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:c143f6d1ec4d3d9a917a99c65815752e24e93a5be212c8d41a7f945ffffa67cf_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:f42594e7760bf45ccba9d0494391b07b355d147a8ccfae3db602bceb74d8e35f_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-operator-bundle@sha256:1a88af8ae614593144ab405214444d954aa97ba13baa6ccf3b3498b424f983df_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:667a65330c7ed33805c30896ff9fa979c1aeed8883eb31750af9802f6feb7034_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:a78c13c0c3f17432dee6d22756d6656afffe33081a1db5fad0ab68798fb92580_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:b2359332ffb463d8af90bcc6871b0a5ff4e79ce82243ba89ace96e18e05964fa_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0264dd99af5af4a7a30c2b5830e52980fc59d050cc940f191b32e09df284292a_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0dc6a56baad15c9fa6d0669f6f59ba1c6b444ef75e5d2893fa4bdd970bdfe88b_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:af5c18868820a4d139ad9c7d6a1d0a78396d96deb455b00a918c7eaf2ffbaa8b_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:3b08518f62a113a06a16ca3bcccbc128703f34815d66162426daabfd9740b2c4_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:4e8a4d0bf152d8f50114d13ce51868506570825123b8df4eed426f524c01bde3_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:7a17b1b04fd0d9ae66ad0dfaacbf9bebe44f77449763cd82bd172551c8dd5906_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:508186184b17d924659ad9dcaa468cd4086bbe958b4dac1a6297e7cd4f88a418_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:c9d56d0bfd800bd72c990829b81676a261c288f783ab44788feffdaa00bd069c_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:ea0fb56298089dfd6ea04c4933e6e15668fe422b60b521cf1388783797ac7852_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:06f31605e19bd7f702e403b815b961f125d92466e208428547069b3712c7a20e_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:6348d3a07a76aa6eb90d1689cdf67a45559e752aec70d06261596f09d7ebca4f_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:c140c1da34f8cb38864f92201ac8c9aa6981318d1bd4ebf87cea698fdb80a6d7_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:7904a53e3117acf2baeae3911c6d1cdfb78964080bf5ff3ff5bff531ca6ef366_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:adbab231c9403261c85b6e4ff2c81c0d19e206106df60fd1551c9e30cb2d83f7_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:bb16d7f7ef2310afacf12a11808c3b792ed1f30929ef9a62ff9b094d3d8512cc_amd64 | — |
Workaround
|
Threats
Impact
Important
A flaw was found in jackson-databind. FasterXML mishandles the interaction between serialization gadgets and typing. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
8.1 (High)
Affected products
Fixed
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:30491b87e69ba242c3eacb607c71c13a9957962c0ae75d63fbb1f7aff12e268b_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:614d1860d95c7e9a84ee68bb507f9970d0af63a7df3e744bd5e5a08a2a617914_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:9dbe9316331f9b7725f39d00dc2bc8433482750c8178066b002682894f92ed87_s390x | — |
Vendor Fix
fix
Workaround
|
Known not affected
23 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-operator-bundle@sha256:523e689589595cff9ee11393506309c00d23bf8fb945e1475aeeffea3d517897_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:0b3edcd073a1f331c011ebcd4aaa8371f9114b78a48e590df450e1e9006404c3_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:c143f6d1ec4d3d9a917a99c65815752e24e93a5be212c8d41a7f945ffffa67cf_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:f42594e7760bf45ccba9d0494391b07b355d147a8ccfae3db602bceb74d8e35f_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-operator-bundle@sha256:1a88af8ae614593144ab405214444d954aa97ba13baa6ccf3b3498b424f983df_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:667a65330c7ed33805c30896ff9fa979c1aeed8883eb31750af9802f6feb7034_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:a78c13c0c3f17432dee6d22756d6656afffe33081a1db5fad0ab68798fb92580_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:b2359332ffb463d8af90bcc6871b0a5ff4e79ce82243ba89ace96e18e05964fa_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0264dd99af5af4a7a30c2b5830e52980fc59d050cc940f191b32e09df284292a_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0dc6a56baad15c9fa6d0669f6f59ba1c6b444ef75e5d2893fa4bdd970bdfe88b_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:af5c18868820a4d139ad9c7d6a1d0a78396d96deb455b00a918c7eaf2ffbaa8b_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:3b08518f62a113a06a16ca3bcccbc128703f34815d66162426daabfd9740b2c4_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:4e8a4d0bf152d8f50114d13ce51868506570825123b8df4eed426f524c01bde3_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:7a17b1b04fd0d9ae66ad0dfaacbf9bebe44f77449763cd82bd172551c8dd5906_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:508186184b17d924659ad9dcaa468cd4086bbe958b4dac1a6297e7cd4f88a418_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:c9d56d0bfd800bd72c990829b81676a261c288f783ab44788feffdaa00bd069c_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:ea0fb56298089dfd6ea04c4933e6e15668fe422b60b521cf1388783797ac7852_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:06f31605e19bd7f702e403b815b961f125d92466e208428547069b3712c7a20e_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:6348d3a07a76aa6eb90d1689cdf67a45559e752aec70d06261596f09d7ebca4f_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:c140c1da34f8cb38864f92201ac8c9aa6981318d1bd4ebf87cea698fdb80a6d7_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:7904a53e3117acf2baeae3911c6d1cdfb78964080bf5ff3ff5bff531ca6ef366_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:adbab231c9403261c85b6e4ff2c81c0d19e206106df60fd1551c9e30cb2d83f7_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:bb16d7f7ef2310afacf12a11808c3b792ed1f30929ef9a62ff9b094d3d8512cc_amd64 | — |
Workaround
|
Threats
Impact
Important
A flaw was found in jackson-databind. FasterXML mishandles the interaction between serialization gadgets and typing. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
8.1 (High)
Affected products
Fixed
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:30491b87e69ba242c3eacb607c71c13a9957962c0ae75d63fbb1f7aff12e268b_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:614d1860d95c7e9a84ee68bb507f9970d0af63a7df3e744bd5e5a08a2a617914_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:9dbe9316331f9b7725f39d00dc2bc8433482750c8178066b002682894f92ed87_s390x | — |
Vendor Fix
fix
Workaround
|
Known not affected
23 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-operator-bundle@sha256:523e689589595cff9ee11393506309c00d23bf8fb945e1475aeeffea3d517897_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:0b3edcd073a1f331c011ebcd4aaa8371f9114b78a48e590df450e1e9006404c3_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:c143f6d1ec4d3d9a917a99c65815752e24e93a5be212c8d41a7f945ffffa67cf_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:f42594e7760bf45ccba9d0494391b07b355d147a8ccfae3db602bceb74d8e35f_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-operator-bundle@sha256:1a88af8ae614593144ab405214444d954aa97ba13baa6ccf3b3498b424f983df_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:667a65330c7ed33805c30896ff9fa979c1aeed8883eb31750af9802f6feb7034_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:a78c13c0c3f17432dee6d22756d6656afffe33081a1db5fad0ab68798fb92580_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:b2359332ffb463d8af90bcc6871b0a5ff4e79ce82243ba89ace96e18e05964fa_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0264dd99af5af4a7a30c2b5830e52980fc59d050cc940f191b32e09df284292a_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0dc6a56baad15c9fa6d0669f6f59ba1c6b444ef75e5d2893fa4bdd970bdfe88b_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:af5c18868820a4d139ad9c7d6a1d0a78396d96deb455b00a918c7eaf2ffbaa8b_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:3b08518f62a113a06a16ca3bcccbc128703f34815d66162426daabfd9740b2c4_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:4e8a4d0bf152d8f50114d13ce51868506570825123b8df4eed426f524c01bde3_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:7a17b1b04fd0d9ae66ad0dfaacbf9bebe44f77449763cd82bd172551c8dd5906_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:508186184b17d924659ad9dcaa468cd4086bbe958b4dac1a6297e7cd4f88a418_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:c9d56d0bfd800bd72c990829b81676a261c288f783ab44788feffdaa00bd069c_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:ea0fb56298089dfd6ea04c4933e6e15668fe422b60b521cf1388783797ac7852_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:06f31605e19bd7f702e403b815b961f125d92466e208428547069b3712c7a20e_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:6348d3a07a76aa6eb90d1689cdf67a45559e752aec70d06261596f09d7ebca4f_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:c140c1da34f8cb38864f92201ac8c9aa6981318d1bd4ebf87cea698fdb80a6d7_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:7904a53e3117acf2baeae3911c6d1cdfb78964080bf5ff3ff5bff531ca6ef366_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:adbab231c9403261c85b6e4ff2c81c0d19e206106df60fd1551c9e30cb2d83f7_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:bb16d7f7ef2310afacf12a11808c3b792ed1f30929ef9a62ff9b094d3d8512cc_amd64 | — |
Workaround
|
Threats
Impact
Important
A flaw was found in jackson-databind. FasterXML mishandles the interaction between serialization gadgets and typing. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
8.1 (High)
Affected products
Fixed
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:30491b87e69ba242c3eacb607c71c13a9957962c0ae75d63fbb1f7aff12e268b_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:614d1860d95c7e9a84ee68bb507f9970d0af63a7df3e744bd5e5a08a2a617914_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:9dbe9316331f9b7725f39d00dc2bc8433482750c8178066b002682894f92ed87_s390x | — |
Vendor Fix
fix
Workaround
|
Known not affected
23 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-operator-bundle@sha256:523e689589595cff9ee11393506309c00d23bf8fb945e1475aeeffea3d517897_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:0b3edcd073a1f331c011ebcd4aaa8371f9114b78a48e590df450e1e9006404c3_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:c143f6d1ec4d3d9a917a99c65815752e24e93a5be212c8d41a7f945ffffa67cf_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:f42594e7760bf45ccba9d0494391b07b355d147a8ccfae3db602bceb74d8e35f_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-operator-bundle@sha256:1a88af8ae614593144ab405214444d954aa97ba13baa6ccf3b3498b424f983df_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:667a65330c7ed33805c30896ff9fa979c1aeed8883eb31750af9802f6feb7034_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:a78c13c0c3f17432dee6d22756d6656afffe33081a1db5fad0ab68798fb92580_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:b2359332ffb463d8af90bcc6871b0a5ff4e79ce82243ba89ace96e18e05964fa_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0264dd99af5af4a7a30c2b5830e52980fc59d050cc940f191b32e09df284292a_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0dc6a56baad15c9fa6d0669f6f59ba1c6b444ef75e5d2893fa4bdd970bdfe88b_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:af5c18868820a4d139ad9c7d6a1d0a78396d96deb455b00a918c7eaf2ffbaa8b_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:3b08518f62a113a06a16ca3bcccbc128703f34815d66162426daabfd9740b2c4_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:4e8a4d0bf152d8f50114d13ce51868506570825123b8df4eed426f524c01bde3_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:7a17b1b04fd0d9ae66ad0dfaacbf9bebe44f77449763cd82bd172551c8dd5906_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:508186184b17d924659ad9dcaa468cd4086bbe958b4dac1a6297e7cd4f88a418_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:c9d56d0bfd800bd72c990829b81676a261c288f783ab44788feffdaa00bd069c_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:ea0fb56298089dfd6ea04c4933e6e15668fe422b60b521cf1388783797ac7852_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:06f31605e19bd7f702e403b815b961f125d92466e208428547069b3712c7a20e_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:6348d3a07a76aa6eb90d1689cdf67a45559e752aec70d06261596f09d7ebca4f_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:c140c1da34f8cb38864f92201ac8c9aa6981318d1bd4ebf87cea698fdb80a6d7_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:7904a53e3117acf2baeae3911c6d1cdfb78964080bf5ff3ff5bff531ca6ef366_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:adbab231c9403261c85b6e4ff2c81c0d19e206106df60fd1551c9e30cb2d83f7_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:bb16d7f7ef2310afacf12a11808c3b792ed1f30929ef9a62ff9b094d3d8512cc_amd64 | — |
Workaround
|
Threats
Impact
Important
A flaw was found in jackson-databind. FasterXML mishandles the interaction between serialization gadgets and typing. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
8.1 (High)
Affected products
Fixed
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:30491b87e69ba242c3eacb607c71c13a9957962c0ae75d63fbb1f7aff12e268b_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:614d1860d95c7e9a84ee68bb507f9970d0af63a7df3e744bd5e5a08a2a617914_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:9dbe9316331f9b7725f39d00dc2bc8433482750c8178066b002682894f92ed87_s390x | — |
Vendor Fix
fix
Workaround
|
Known not affected
23 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-operator-bundle@sha256:523e689589595cff9ee11393506309c00d23bf8fb945e1475aeeffea3d517897_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:0b3edcd073a1f331c011ebcd4aaa8371f9114b78a48e590df450e1e9006404c3_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:c143f6d1ec4d3d9a917a99c65815752e24e93a5be212c8d41a7f945ffffa67cf_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:f42594e7760bf45ccba9d0494391b07b355d147a8ccfae3db602bceb74d8e35f_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-operator-bundle@sha256:1a88af8ae614593144ab405214444d954aa97ba13baa6ccf3b3498b424f983df_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:667a65330c7ed33805c30896ff9fa979c1aeed8883eb31750af9802f6feb7034_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:a78c13c0c3f17432dee6d22756d6656afffe33081a1db5fad0ab68798fb92580_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:b2359332ffb463d8af90bcc6871b0a5ff4e79ce82243ba89ace96e18e05964fa_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0264dd99af5af4a7a30c2b5830e52980fc59d050cc940f191b32e09df284292a_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0dc6a56baad15c9fa6d0669f6f59ba1c6b444ef75e5d2893fa4bdd970bdfe88b_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:af5c18868820a4d139ad9c7d6a1d0a78396d96deb455b00a918c7eaf2ffbaa8b_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:3b08518f62a113a06a16ca3bcccbc128703f34815d66162426daabfd9740b2c4_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:4e8a4d0bf152d8f50114d13ce51868506570825123b8df4eed426f524c01bde3_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:7a17b1b04fd0d9ae66ad0dfaacbf9bebe44f77449763cd82bd172551c8dd5906_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:508186184b17d924659ad9dcaa468cd4086bbe958b4dac1a6297e7cd4f88a418_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:c9d56d0bfd800bd72c990829b81676a261c288f783ab44788feffdaa00bd069c_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:ea0fb56298089dfd6ea04c4933e6e15668fe422b60b521cf1388783797ac7852_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:06f31605e19bd7f702e403b815b961f125d92466e208428547069b3712c7a20e_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:6348d3a07a76aa6eb90d1689cdf67a45559e752aec70d06261596f09d7ebca4f_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:c140c1da34f8cb38864f92201ac8c9aa6981318d1bd4ebf87cea698fdb80a6d7_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:7904a53e3117acf2baeae3911c6d1cdfb78964080bf5ff3ff5bff531ca6ef366_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:adbab231c9403261c85b6e4ff2c81c0d19e206106df60fd1551c9e30cb2d83f7_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:bb16d7f7ef2310afacf12a11808c3b792ed1f30929ef9a62ff9b094d3d8512cc_amd64 | — |
Workaround
|
Threats
Impact
Important
A flaw was found in jackson-databind. FasterXML mishandles the interaction between serialization gadgets and typing. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
8.1 (High)
Affected products
Fixed
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:30491b87e69ba242c3eacb607c71c13a9957962c0ae75d63fbb1f7aff12e268b_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:614d1860d95c7e9a84ee68bb507f9970d0af63a7df3e744bd5e5a08a2a617914_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:9dbe9316331f9b7725f39d00dc2bc8433482750c8178066b002682894f92ed87_s390x | — |
Vendor Fix
fix
Workaround
|
Known not affected
23 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-operator-bundle@sha256:523e689589595cff9ee11393506309c00d23bf8fb945e1475aeeffea3d517897_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:0b3edcd073a1f331c011ebcd4aaa8371f9114b78a48e590df450e1e9006404c3_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:c143f6d1ec4d3d9a917a99c65815752e24e93a5be212c8d41a7f945ffffa67cf_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:f42594e7760bf45ccba9d0494391b07b355d147a8ccfae3db602bceb74d8e35f_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-operator-bundle@sha256:1a88af8ae614593144ab405214444d954aa97ba13baa6ccf3b3498b424f983df_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:667a65330c7ed33805c30896ff9fa979c1aeed8883eb31750af9802f6feb7034_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:a78c13c0c3f17432dee6d22756d6656afffe33081a1db5fad0ab68798fb92580_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:b2359332ffb463d8af90bcc6871b0a5ff4e79ce82243ba89ace96e18e05964fa_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0264dd99af5af4a7a30c2b5830e52980fc59d050cc940f191b32e09df284292a_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0dc6a56baad15c9fa6d0669f6f59ba1c6b444ef75e5d2893fa4bdd970bdfe88b_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:af5c18868820a4d139ad9c7d6a1d0a78396d96deb455b00a918c7eaf2ffbaa8b_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:3b08518f62a113a06a16ca3bcccbc128703f34815d66162426daabfd9740b2c4_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:4e8a4d0bf152d8f50114d13ce51868506570825123b8df4eed426f524c01bde3_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:7a17b1b04fd0d9ae66ad0dfaacbf9bebe44f77449763cd82bd172551c8dd5906_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:508186184b17d924659ad9dcaa468cd4086bbe958b4dac1a6297e7cd4f88a418_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:c9d56d0bfd800bd72c990829b81676a261c288f783ab44788feffdaa00bd069c_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:ea0fb56298089dfd6ea04c4933e6e15668fe422b60b521cf1388783797ac7852_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:06f31605e19bd7f702e403b815b961f125d92466e208428547069b3712c7a20e_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:6348d3a07a76aa6eb90d1689cdf67a45559e752aec70d06261596f09d7ebca4f_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:c140c1da34f8cb38864f92201ac8c9aa6981318d1bd4ebf87cea698fdb80a6d7_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:7904a53e3117acf2baeae3911c6d1cdfb78964080bf5ff3ff5bff531ca6ef366_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:adbab231c9403261c85b6e4ff2c81c0d19e206106df60fd1551c9e30cb2d83f7_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:bb16d7f7ef2310afacf12a11808c3b792ed1f30929ef9a62ff9b094d3d8512cc_amd64 | — |
Workaround
|
Threats
Impact
Important
A flaw was found in jackson-databind. FasterXML mishandles the interaction between serialization gadgets and typing. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
8.1 (High)
Affected products
Fixed
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:30491b87e69ba242c3eacb607c71c13a9957962c0ae75d63fbb1f7aff12e268b_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:614d1860d95c7e9a84ee68bb507f9970d0af63a7df3e744bd5e5a08a2a617914_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:9dbe9316331f9b7725f39d00dc2bc8433482750c8178066b002682894f92ed87_s390x | — |
Vendor Fix
fix
Workaround
|
Known not affected
23 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-operator-bundle@sha256:523e689589595cff9ee11393506309c00d23bf8fb945e1475aeeffea3d517897_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:0b3edcd073a1f331c011ebcd4aaa8371f9114b78a48e590df450e1e9006404c3_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:c143f6d1ec4d3d9a917a99c65815752e24e93a5be212c8d41a7f945ffffa67cf_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:f42594e7760bf45ccba9d0494391b07b355d147a8ccfae3db602bceb74d8e35f_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-operator-bundle@sha256:1a88af8ae614593144ab405214444d954aa97ba13baa6ccf3b3498b424f983df_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:667a65330c7ed33805c30896ff9fa979c1aeed8883eb31750af9802f6feb7034_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:a78c13c0c3f17432dee6d22756d6656afffe33081a1db5fad0ab68798fb92580_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:b2359332ffb463d8af90bcc6871b0a5ff4e79ce82243ba89ace96e18e05964fa_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0264dd99af5af4a7a30c2b5830e52980fc59d050cc940f191b32e09df284292a_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0dc6a56baad15c9fa6d0669f6f59ba1c6b444ef75e5d2893fa4bdd970bdfe88b_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:af5c18868820a4d139ad9c7d6a1d0a78396d96deb455b00a918c7eaf2ffbaa8b_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:3b08518f62a113a06a16ca3bcccbc128703f34815d66162426daabfd9740b2c4_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:4e8a4d0bf152d8f50114d13ce51868506570825123b8df4eed426f524c01bde3_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:7a17b1b04fd0d9ae66ad0dfaacbf9bebe44f77449763cd82bd172551c8dd5906_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:508186184b17d924659ad9dcaa468cd4086bbe958b4dac1a6297e7cd4f88a418_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:c9d56d0bfd800bd72c990829b81676a261c288f783ab44788feffdaa00bd069c_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:ea0fb56298089dfd6ea04c4933e6e15668fe422b60b521cf1388783797ac7852_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:06f31605e19bd7f702e403b815b961f125d92466e208428547069b3712c7a20e_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:6348d3a07a76aa6eb90d1689cdf67a45559e752aec70d06261596f09d7ebca4f_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:c140c1da34f8cb38864f92201ac8c9aa6981318d1bd4ebf87cea698fdb80a6d7_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:7904a53e3117acf2baeae3911c6d1cdfb78964080bf5ff3ff5bff531ca6ef366_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:adbab231c9403261c85b6e4ff2c81c0d19e206106df60fd1551c9e30cb2d83f7_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:bb16d7f7ef2310afacf12a11808c3b792ed1f30929ef9a62ff9b094d3d8512cc_amd64 | — |
Workaround
|
Threats
Impact
Important
A flaw was found in jackson-databind. FasterXML mishandles the interaction between serialization gadgets and typing. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
8.1 (High)
Affected products
Fixed
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:30491b87e69ba242c3eacb607c71c13a9957962c0ae75d63fbb1f7aff12e268b_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:614d1860d95c7e9a84ee68bb507f9970d0af63a7df3e744bd5e5a08a2a617914_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:9dbe9316331f9b7725f39d00dc2bc8433482750c8178066b002682894f92ed87_s390x | — |
Vendor Fix
fix
Workaround
|
Known not affected
23 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-operator-bundle@sha256:523e689589595cff9ee11393506309c00d23bf8fb945e1475aeeffea3d517897_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:0b3edcd073a1f331c011ebcd4aaa8371f9114b78a48e590df450e1e9006404c3_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:c143f6d1ec4d3d9a917a99c65815752e24e93a5be212c8d41a7f945ffffa67cf_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:f42594e7760bf45ccba9d0494391b07b355d147a8ccfae3db602bceb74d8e35f_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-operator-bundle@sha256:1a88af8ae614593144ab405214444d954aa97ba13baa6ccf3b3498b424f983df_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:667a65330c7ed33805c30896ff9fa979c1aeed8883eb31750af9802f6feb7034_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:a78c13c0c3f17432dee6d22756d6656afffe33081a1db5fad0ab68798fb92580_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:b2359332ffb463d8af90bcc6871b0a5ff4e79ce82243ba89ace96e18e05964fa_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0264dd99af5af4a7a30c2b5830e52980fc59d050cc940f191b32e09df284292a_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0dc6a56baad15c9fa6d0669f6f59ba1c6b444ef75e5d2893fa4bdd970bdfe88b_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:af5c18868820a4d139ad9c7d6a1d0a78396d96deb455b00a918c7eaf2ffbaa8b_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:3b08518f62a113a06a16ca3bcccbc128703f34815d66162426daabfd9740b2c4_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:4e8a4d0bf152d8f50114d13ce51868506570825123b8df4eed426f524c01bde3_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:7a17b1b04fd0d9ae66ad0dfaacbf9bebe44f77449763cd82bd172551c8dd5906_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:508186184b17d924659ad9dcaa468cd4086bbe958b4dac1a6297e7cd4f88a418_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:c9d56d0bfd800bd72c990829b81676a261c288f783ab44788feffdaa00bd069c_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:ea0fb56298089dfd6ea04c4933e6e15668fe422b60b521cf1388783797ac7852_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:06f31605e19bd7f702e403b815b961f125d92466e208428547069b3712c7a20e_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:6348d3a07a76aa6eb90d1689cdf67a45559e752aec70d06261596f09d7ebca4f_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:c140c1da34f8cb38864f92201ac8c9aa6981318d1bd4ebf87cea698fdb80a6d7_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:7904a53e3117acf2baeae3911c6d1cdfb78964080bf5ff3ff5bff531ca6ef366_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:adbab231c9403261c85b6e4ff2c81c0d19e206106df60fd1551c9e30cb2d83f7_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:bb16d7f7ef2310afacf12a11808c3b792ed1f30929ef9a62ff9b094d3d8512cc_amd64 | — |
Workaround
|
Threats
Impact
Important
A flaw was found in jackson-databind. FasterXML mishandles the interaction between serialization gadgets and typing. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
8.1 (High)
Affected products
Fixed
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:30491b87e69ba242c3eacb607c71c13a9957962c0ae75d63fbb1f7aff12e268b_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:614d1860d95c7e9a84ee68bb507f9970d0af63a7df3e744bd5e5a08a2a617914_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:9dbe9316331f9b7725f39d00dc2bc8433482750c8178066b002682894f92ed87_s390x | — |
Vendor Fix
fix
Workaround
|
Known not affected
23 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-operator-bundle@sha256:523e689589595cff9ee11393506309c00d23bf8fb945e1475aeeffea3d517897_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:0b3edcd073a1f331c011ebcd4aaa8371f9114b78a48e590df450e1e9006404c3_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:c143f6d1ec4d3d9a917a99c65815752e24e93a5be212c8d41a7f945ffffa67cf_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:f42594e7760bf45ccba9d0494391b07b355d147a8ccfae3db602bceb74d8e35f_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-operator-bundle@sha256:1a88af8ae614593144ab405214444d954aa97ba13baa6ccf3b3498b424f983df_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:667a65330c7ed33805c30896ff9fa979c1aeed8883eb31750af9802f6feb7034_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:a78c13c0c3f17432dee6d22756d6656afffe33081a1db5fad0ab68798fb92580_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:b2359332ffb463d8af90bcc6871b0a5ff4e79ce82243ba89ace96e18e05964fa_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0264dd99af5af4a7a30c2b5830e52980fc59d050cc940f191b32e09df284292a_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0dc6a56baad15c9fa6d0669f6f59ba1c6b444ef75e5d2893fa4bdd970bdfe88b_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:af5c18868820a4d139ad9c7d6a1d0a78396d96deb455b00a918c7eaf2ffbaa8b_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:3b08518f62a113a06a16ca3bcccbc128703f34815d66162426daabfd9740b2c4_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:4e8a4d0bf152d8f50114d13ce51868506570825123b8df4eed426f524c01bde3_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:7a17b1b04fd0d9ae66ad0dfaacbf9bebe44f77449763cd82bd172551c8dd5906_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:508186184b17d924659ad9dcaa468cd4086bbe958b4dac1a6297e7cd4f88a418_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:c9d56d0bfd800bd72c990829b81676a261c288f783ab44788feffdaa00bd069c_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:ea0fb56298089dfd6ea04c4933e6e15668fe422b60b521cf1388783797ac7852_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:06f31605e19bd7f702e403b815b961f125d92466e208428547069b3712c7a20e_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:6348d3a07a76aa6eb90d1689cdf67a45559e752aec70d06261596f09d7ebca4f_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:c140c1da34f8cb38864f92201ac8c9aa6981318d1bd4ebf87cea698fdb80a6d7_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:7904a53e3117acf2baeae3911c6d1cdfb78964080bf5ff3ff5bff531ca6ef366_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:adbab231c9403261c85b6e4ff2c81c0d19e206106df60fd1551c9e30cb2d83f7_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:bb16d7f7ef2310afacf12a11808c3b792ed1f30929ef9a62ff9b094d3d8512cc_amd64 | — |
Workaround
|
Threats
Impact
Important
A flaw was found in jackson-databind. FasterXML mishandles the interaction between serialization gadgets and typing. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
8.1 (High)
Affected products
Fixed
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:30491b87e69ba242c3eacb607c71c13a9957962c0ae75d63fbb1f7aff12e268b_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:614d1860d95c7e9a84ee68bb507f9970d0af63a7df3e744bd5e5a08a2a617914_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:9dbe9316331f9b7725f39d00dc2bc8433482750c8178066b002682894f92ed87_s390x | — |
Vendor Fix
fix
Workaround
|
Known not affected
23 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-operator-bundle@sha256:523e689589595cff9ee11393506309c00d23bf8fb945e1475aeeffea3d517897_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:0b3edcd073a1f331c011ebcd4aaa8371f9114b78a48e590df450e1e9006404c3_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:c143f6d1ec4d3d9a917a99c65815752e24e93a5be212c8d41a7f945ffffa67cf_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:f42594e7760bf45ccba9d0494391b07b355d147a8ccfae3db602bceb74d8e35f_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-operator-bundle@sha256:1a88af8ae614593144ab405214444d954aa97ba13baa6ccf3b3498b424f983df_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:667a65330c7ed33805c30896ff9fa979c1aeed8883eb31750af9802f6feb7034_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:a78c13c0c3f17432dee6d22756d6656afffe33081a1db5fad0ab68798fb92580_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:b2359332ffb463d8af90bcc6871b0a5ff4e79ce82243ba89ace96e18e05964fa_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0264dd99af5af4a7a30c2b5830e52980fc59d050cc940f191b32e09df284292a_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0dc6a56baad15c9fa6d0669f6f59ba1c6b444ef75e5d2893fa4bdd970bdfe88b_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:af5c18868820a4d139ad9c7d6a1d0a78396d96deb455b00a918c7eaf2ffbaa8b_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:3b08518f62a113a06a16ca3bcccbc128703f34815d66162426daabfd9740b2c4_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:4e8a4d0bf152d8f50114d13ce51868506570825123b8df4eed426f524c01bde3_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:7a17b1b04fd0d9ae66ad0dfaacbf9bebe44f77449763cd82bd172551c8dd5906_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:508186184b17d924659ad9dcaa468cd4086bbe958b4dac1a6297e7cd4f88a418_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:c9d56d0bfd800bd72c990829b81676a261c288f783ab44788feffdaa00bd069c_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:ea0fb56298089dfd6ea04c4933e6e15668fe422b60b521cf1388783797ac7852_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:06f31605e19bd7f702e403b815b961f125d92466e208428547069b3712c7a20e_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:6348d3a07a76aa6eb90d1689cdf67a45559e752aec70d06261596f09d7ebca4f_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:c140c1da34f8cb38864f92201ac8c9aa6981318d1bd4ebf87cea698fdb80a6d7_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:7904a53e3117acf2baeae3911c6d1cdfb78964080bf5ff3ff5bff531ca6ef366_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:adbab231c9403261c85b6e4ff2c81c0d19e206106df60fd1551c9e30cb2d83f7_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:bb16d7f7ef2310afacf12a11808c3b792ed1f30929ef9a62ff9b094d3d8512cc_amd64 | — |
Workaround
|
Threats
Impact
Important
A flaw was found in jackson-databind. FasterXML mishandles the interaction between serialization gadgets and typing. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
8.1 (High)
Affected products
Fixed
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:30491b87e69ba242c3eacb607c71c13a9957962c0ae75d63fbb1f7aff12e268b_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:614d1860d95c7e9a84ee68bb507f9970d0af63a7df3e744bd5e5a08a2a617914_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:9dbe9316331f9b7725f39d00dc2bc8433482750c8178066b002682894f92ed87_s390x | — |
Vendor Fix
fix
Workaround
|
Known not affected
23 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-operator-bundle@sha256:523e689589595cff9ee11393506309c00d23bf8fb945e1475aeeffea3d517897_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:0b3edcd073a1f331c011ebcd4aaa8371f9114b78a48e590df450e1e9006404c3_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:c143f6d1ec4d3d9a917a99c65815752e24e93a5be212c8d41a7f945ffffa67cf_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:f42594e7760bf45ccba9d0494391b07b355d147a8ccfae3db602bceb74d8e35f_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-operator-bundle@sha256:1a88af8ae614593144ab405214444d954aa97ba13baa6ccf3b3498b424f983df_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:667a65330c7ed33805c30896ff9fa979c1aeed8883eb31750af9802f6feb7034_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:a78c13c0c3f17432dee6d22756d6656afffe33081a1db5fad0ab68798fb92580_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:b2359332ffb463d8af90bcc6871b0a5ff4e79ce82243ba89ace96e18e05964fa_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0264dd99af5af4a7a30c2b5830e52980fc59d050cc940f191b32e09df284292a_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0dc6a56baad15c9fa6d0669f6f59ba1c6b444ef75e5d2893fa4bdd970bdfe88b_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:af5c18868820a4d139ad9c7d6a1d0a78396d96deb455b00a918c7eaf2ffbaa8b_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:3b08518f62a113a06a16ca3bcccbc128703f34815d66162426daabfd9740b2c4_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:4e8a4d0bf152d8f50114d13ce51868506570825123b8df4eed426f524c01bde3_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:7a17b1b04fd0d9ae66ad0dfaacbf9bebe44f77449763cd82bd172551c8dd5906_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:508186184b17d924659ad9dcaa468cd4086bbe958b4dac1a6297e7cd4f88a418_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:c9d56d0bfd800bd72c990829b81676a261c288f783ab44788feffdaa00bd069c_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:ea0fb56298089dfd6ea04c4933e6e15668fe422b60b521cf1388783797ac7852_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:06f31605e19bd7f702e403b815b961f125d92466e208428547069b3712c7a20e_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:6348d3a07a76aa6eb90d1689cdf67a45559e752aec70d06261596f09d7ebca4f_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:c140c1da34f8cb38864f92201ac8c9aa6981318d1bd4ebf87cea698fdb80a6d7_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:7904a53e3117acf2baeae3911c6d1cdfb78964080bf5ff3ff5bff531ca6ef366_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:adbab231c9403261c85b6e4ff2c81c0d19e206106df60fd1551c9e30cb2d83f7_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:bb16d7f7ef2310afacf12a11808c3b792ed1f30929ef9a62ff9b094d3d8512cc_amd64 | — |
Workaround
|
Threats
Impact
Important
References
122 references
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Openshift Logging Bug Fix Release (5.0.3)\nThis release includes a security update.\n\nRed Hat Product Security has rated this update as having a security impact\nof Important. A Common Vulnerability Scoring System (CVSS) base score,\nwhich gives a detailed severity rating, is available for each vulnerability\nfrom the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Openshift Logging Bug Fix Release (5.0.3)\n\nSecurity Fix(es):\n\n* jackson-databind: arbitrary code execution in slf4j-ext class\n(CVE-2018-14718)\n\n* jackson-databind: arbitrary code execution in blaze-ds-opt and\nblaze-ds-core classes (CVE-2018-14719)\n\n* jackson-databind: improper polymorphic deserialization in\naxis2-transport-jms class (CVE-2018-19360)\n\n* jackson-databind: improper polymorphic deserialization in openjpa class\n(CVE-2018-19361)\n\n* jackson-databind: improper polymorphic deserialization in\njboss-common-core class (CVE-2018-19362)\n\n* jackson-databind: default typing mishandling leading to remote code\nexecution (CVE-2019-14379)\n\n* jackson-databind: Serialization gadgets in\ncom.pastdev.httpcomponents.configuration.JndiConfiguration (CVE-2020-24750)\n\n* jackson-databind: mishandles the interaction between serialization\ngadgets and typing, related to\norg.apache.commons.dbcp2.datasources.PerUserPoolDataSource (CVE-2020-35490)\n\n* jackson-databind: mishandles the interaction between serialization\ngadgets and typing, related to\norg.apache.commons.dbcp2.datasources.SharedPoolDataSource (CVE-2020-35491)\n\n* jackson-databind: mishandles the interaction between serialization\ngadgets and typing, related to\ncom.oracle.wls.shaded.org.apache.xalan.lib.sql.JNDIConnectionPool\n(CVE-2020-35728)\n\n* jackson-databind: mishandles the interaction between serialization\ngadgets and typing, related to\noadd.org.apache.commons.dbcp.cpdsadapter.DriverAdapterCPDS (CVE-2020-36179)\n\n* jackson-databind: mishandles the interaction between serialization\ngadgets and typing, related to\norg.apache.commons.dbcp2.cpdsadapter.DriverAdapterCPDS (CVE-2020-36180)\n\n* jackson-databind: mishandles the interaction between serialization\ngadgets and typing, related to\norg.apache.tomcat.dbcp.dbcp.cpdsadapter.DriverAdapterCPDS (CVE-2020-36181)\n\n* jackson-databind: mishandles the interaction between serialization\ngadgets and typing, related to\norg.apache.tomcat.dbcp.dbcp2.cpdsadapter.DriverAdapterCPDS (CVE-2020-36182)\n\n* jackson-databind: mishandles the interaction between serialization\ngadgets and typing, related to\norg.docx4j.org.apache.xalan.lib.sql.JNDIConnectionPool (CVE-2020-36183)\n\n* jackson-databind: mishandles the interaction between serialization\ngadgets and typing, related to\norg.apache.tomcat.dbcp.dbcp2.datasources.PerUserPoolDataSource\n(CVE-2020-36184)\n\n* jackson-databind: mishandles the interaction between serialization\ngadgets and typing, related to\norg.apache.tomcat.dbcp.dbcp2.datasources.SharedPoolDataSource\n(CVE-2020-36185)\n\n* jackson-databind: mishandles the interaction between serialization\ngadgets and typing, related to\norg.apache.tomcat.dbcp.dbcp.datasources.PerUserPoolDataSource\n(CVE-2020-36186)\n\n* jackson-databind: mishandles the interaction between serialization\ngadgets and typing, related to\norg.apache.tomcat.dbcp.dbcp.datasources.SharedPoolDataSource\n(CVE-2020-36187)\n\n* jackson-databind: mishandles the interaction between serialization\ngadgets and typing, related to\ncom.newrelic.agent.deps.ch.qos.logback.core.db.JNDIConnectionSource\n(CVE-2020-36188)\n\n* jackson-databind: mishandles the interaction between serialization\ngadgets and typing, related to\ncom.newrelic.agent.deps.ch.qos.logback.core.db.DriverManagerConnectionSourc\ne (CVE-2020-36189)\n\n* jackson-databind: mishandles the interaction between serialization\ngadgets and typing, related to javax.swing (CVE-2021-20190)\n\n* jackson-databind: exfiltration/XXE in some JDK classes (CVE-2018-14720)\n\n* jackson-databind: server-side request forgery (SSRF) in axis2-jaxws class\n(CVE-2018-14721)\n\n* golang: data race in certain net/http servers including ReverseProxy can lead to DoS (CVE-2020-15586)\n\n* golang: ReadUvarint and ReadVarint can read an unlimited number of bytes from invalid inputs (CVE-2020-16845)\n\nFor more details about the security issue(s), including the impact, a CVSS\nscore, acknowledgments, and other related information, refer to the CVE\npage(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2021:1515",
"url": "https://access.redhat.com/errata/RHSA-2021:1515"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "LOG-1224",
"url": "https://issues.redhat.com/browse/LOG-1224"
},
{
"category": "external",
"summary": "LOG-1232",
"url": "https://issues.redhat.com/browse/LOG-1232"
},
{
"category": "external",
"summary": "LOG-1234",
"url": "https://issues.redhat.com/browse/LOG-1234"
},
{
"category": "external",
"summary": "LOG-1299",
"url": "https://issues.redhat.com/browse/LOG-1299"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2021/rhsa-2021_1515.json"
}
],
"title": "Red Hat Security Advisory: Openshift Logging Bug Fix Release (5.0.3)",
"tracking": {
"current_release_date": "2026-05-14T18:26:34+00:00",
"generator": {
"date": "2026-05-14T18:26:34+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.8.0"
}
},
"id": "RHSA-2021:1515",
"initial_release_date": "2021-05-06T13:38:14+00:00",
"revision_history": [
{
"date": "2021-05-06T13:38:14+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2021-05-06T13:38:14+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-05-14T18:26:34+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "OpenShift Logging 5.0",
"product": {
"name": "OpenShift Logging 5.0",
"product_id": "8Base-OSE-LOGGING-5.0",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:logging:5.0::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenShift Enterprise"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-logging/cluster-logging-rhel8-operator@sha256:f42594e7760bf45ccba9d0494391b07b355d147a8ccfae3db602bceb74d8e35f_s390x",
"product": {
"name": "openshift-logging/cluster-logging-rhel8-operator@sha256:f42594e7760bf45ccba9d0494391b07b355d147a8ccfae3db602bceb74d8e35f_s390x",
"product_id": "openshift-logging/cluster-logging-rhel8-operator@sha256:f42594e7760bf45ccba9d0494391b07b355d147a8ccfae3db602bceb74d8e35f_s390x",
"product_identification_helper": {
"purl": "pkg:oci/cluster-logging-rhel8-operator@sha256:f42594e7760bf45ccba9d0494391b07b355d147a8ccfae3db602bceb74d8e35f?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/cluster-logging-rhel8-operator\u0026tag=v5.0.3-2"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch-rhel8-operator@sha256:0dc6a56baad15c9fa6d0669f6f59ba1c6b444ef75e5d2893fa4bdd970bdfe88b_s390x",
"product": {
"name": "openshift-logging/elasticsearch-rhel8-operator@sha256:0dc6a56baad15c9fa6d0669f6f59ba1c6b444ef75e5d2893fa4bdd970bdfe88b_s390x",
"product_id": "openshift-logging/elasticsearch-rhel8-operator@sha256:0dc6a56baad15c9fa6d0669f6f59ba1c6b444ef75e5d2893fa4bdd970bdfe88b_s390x",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch-rhel8-operator@sha256:0dc6a56baad15c9fa6d0669f6f59ba1c6b444ef75e5d2893fa4bdd970bdfe88b?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch-rhel8-operator\u0026tag=v5.0.3-2"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:667a65330c7ed33805c30896ff9fa979c1aeed8883eb31750af9802f6feb7034_s390x",
"product": {
"name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:667a65330c7ed33805c30896ff9fa979c1aeed8883eb31750af9802f6feb7034_s390x",
"product_id": "openshift-logging/elasticsearch-proxy-rhel8@sha256:667a65330c7ed33805c30896ff9fa979c1aeed8883eb31750af9802f6feb7034_s390x",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch-proxy-rhel8@sha256:667a65330c7ed33805c30896ff9fa979c1aeed8883eb31750af9802f6feb7034?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch-proxy-rhel8\u0026tag=v5.0.3-1"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/logging-curator5-rhel8@sha256:adbab231c9403261c85b6e4ff2c81c0d19e206106df60fd1551c9e30cb2d83f7_s390x",
"product": {
"name": "openshift-logging/logging-curator5-rhel8@sha256:adbab231c9403261c85b6e4ff2c81c0d19e206106df60fd1551c9e30cb2d83f7_s390x",
"product_id": "openshift-logging/logging-curator5-rhel8@sha256:adbab231c9403261c85b6e4ff2c81c0d19e206106df60fd1551c9e30cb2d83f7_s390x",
"product_identification_helper": {
"purl": "pkg:oci/logging-curator5-rhel8@sha256:adbab231c9403261c85b6e4ff2c81c0d19e206106df60fd1551c9e30cb2d83f7?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/logging-curator5-rhel8\u0026tag=v5.0.3-1"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch6-rhel8@sha256:9dbe9316331f9b7725f39d00dc2bc8433482750c8178066b002682894f92ed87_s390x",
"product": {
"name": "openshift-logging/elasticsearch6-rhel8@sha256:9dbe9316331f9b7725f39d00dc2bc8433482750c8178066b002682894f92ed87_s390x",
"product_id": "openshift-logging/elasticsearch6-rhel8@sha256:9dbe9316331f9b7725f39d00dc2bc8433482750c8178066b002682894f92ed87_s390x",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch6-rhel8@sha256:9dbe9316331f9b7725f39d00dc2bc8433482750c8178066b002682894f92ed87?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch6-rhel8\u0026tag=v5.0.3-1"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/eventrouter-rhel8@sha256:4e8a4d0bf152d8f50114d13ce51868506570825123b8df4eed426f524c01bde3_s390x",
"product": {
"name": "openshift-logging/eventrouter-rhel8@sha256:4e8a4d0bf152d8f50114d13ce51868506570825123b8df4eed426f524c01bde3_s390x",
"product_id": "openshift-logging/eventrouter-rhel8@sha256:4e8a4d0bf152d8f50114d13ce51868506570825123b8df4eed426f524c01bde3_s390x",
"product_identification_helper": {
"purl": "pkg:oci/eventrouter-rhel8@sha256:4e8a4d0bf152d8f50114d13ce51868506570825123b8df4eed426f524c01bde3?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/eventrouter-rhel8\u0026tag=v5.0.3-1"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/fluentd-rhel8@sha256:c9d56d0bfd800bd72c990829b81676a261c288f783ab44788feffdaa00bd069c_s390x",
"product": {
"name": "openshift-logging/fluentd-rhel8@sha256:c9d56d0bfd800bd72c990829b81676a261c288f783ab44788feffdaa00bd069c_s390x",
"product_id": "openshift-logging/fluentd-rhel8@sha256:c9d56d0bfd800bd72c990829b81676a261c288f783ab44788feffdaa00bd069c_s390x",
"product_identification_helper": {
"purl": "pkg:oci/fluentd-rhel8@sha256:c9d56d0bfd800bd72c990829b81676a261c288f783ab44788feffdaa00bd069c?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/fluentd-rhel8\u0026tag=v5.0.3-1"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/kibana6-rhel8@sha256:06f31605e19bd7f702e403b815b961f125d92466e208428547069b3712c7a20e_s390x",
"product": {
"name": "openshift-logging/kibana6-rhel8@sha256:06f31605e19bd7f702e403b815b961f125d92466e208428547069b3712c7a20e_s390x",
"product_id": "openshift-logging/kibana6-rhel8@sha256:06f31605e19bd7f702e403b815b961f125d92466e208428547069b3712c7a20e_s390x",
"product_identification_helper": {
"purl": "pkg:oci/kibana6-rhel8@sha256:06f31605e19bd7f702e403b815b961f125d92466e208428547069b3712c7a20e?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/kibana6-rhel8\u0026tag=v5.0.3-1"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-logging/cluster-logging-rhel8-operator@sha256:c143f6d1ec4d3d9a917a99c65815752e24e93a5be212c8d41a7f945ffffa67cf_amd64",
"product": {
"name": "openshift-logging/cluster-logging-rhel8-operator@sha256:c143f6d1ec4d3d9a917a99c65815752e24e93a5be212c8d41a7f945ffffa67cf_amd64",
"product_id": "openshift-logging/cluster-logging-rhel8-operator@sha256:c143f6d1ec4d3d9a917a99c65815752e24e93a5be212c8d41a7f945ffffa67cf_amd64",
"product_identification_helper": {
"purl": "pkg:oci/cluster-logging-rhel8-operator@sha256:c143f6d1ec4d3d9a917a99c65815752e24e93a5be212c8d41a7f945ffffa67cf?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/cluster-logging-rhel8-operator\u0026tag=v5.0.3-2"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/cluster-logging-operator-bundle@sha256:523e689589595cff9ee11393506309c00d23bf8fb945e1475aeeffea3d517897_amd64",
"product": {
"name": "openshift-logging/cluster-logging-operator-bundle@sha256:523e689589595cff9ee11393506309c00d23bf8fb945e1475aeeffea3d517897_amd64",
"product_id": "openshift-logging/cluster-logging-operator-bundle@sha256:523e689589595cff9ee11393506309c00d23bf8fb945e1475aeeffea3d517897_amd64",
"product_identification_helper": {
"purl": "pkg:oci/cluster-logging-operator-bundle@sha256:523e689589595cff9ee11393506309c00d23bf8fb945e1475aeeffea3d517897?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/cluster-logging-operator-bundle\u0026tag=v5.0.3-6"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch-rhel8-operator@sha256:af5c18868820a4d139ad9c7d6a1d0a78396d96deb455b00a918c7eaf2ffbaa8b_amd64",
"product": {
"name": "openshift-logging/elasticsearch-rhel8-operator@sha256:af5c18868820a4d139ad9c7d6a1d0a78396d96deb455b00a918c7eaf2ffbaa8b_amd64",
"product_id": "openshift-logging/elasticsearch-rhel8-operator@sha256:af5c18868820a4d139ad9c7d6a1d0a78396d96deb455b00a918c7eaf2ffbaa8b_amd64",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch-rhel8-operator@sha256:af5c18868820a4d139ad9c7d6a1d0a78396d96deb455b00a918c7eaf2ffbaa8b?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch-rhel8-operator\u0026tag=v5.0.3-2"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch-operator-bundle@sha256:1a88af8ae614593144ab405214444d954aa97ba13baa6ccf3b3498b424f983df_amd64",
"product": {
"name": "openshift-logging/elasticsearch-operator-bundle@sha256:1a88af8ae614593144ab405214444d954aa97ba13baa6ccf3b3498b424f983df_amd64",
"product_id": "openshift-logging/elasticsearch-operator-bundle@sha256:1a88af8ae614593144ab405214444d954aa97ba13baa6ccf3b3498b424f983df_amd64",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch-operator-bundle@sha256:1a88af8ae614593144ab405214444d954aa97ba13baa6ccf3b3498b424f983df?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch-operator-bundle\u0026tag=v5.0.3-6"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:a78c13c0c3f17432dee6d22756d6656afffe33081a1db5fad0ab68798fb92580_amd64",
"product": {
"name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:a78c13c0c3f17432dee6d22756d6656afffe33081a1db5fad0ab68798fb92580_amd64",
"product_id": "openshift-logging/elasticsearch-proxy-rhel8@sha256:a78c13c0c3f17432dee6d22756d6656afffe33081a1db5fad0ab68798fb92580_amd64",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch-proxy-rhel8@sha256:a78c13c0c3f17432dee6d22756d6656afffe33081a1db5fad0ab68798fb92580?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch-proxy-rhel8\u0026tag=v5.0.3-1"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/logging-curator5-rhel8@sha256:bb16d7f7ef2310afacf12a11808c3b792ed1f30929ef9a62ff9b094d3d8512cc_amd64",
"product": {
"name": "openshift-logging/logging-curator5-rhel8@sha256:bb16d7f7ef2310afacf12a11808c3b792ed1f30929ef9a62ff9b094d3d8512cc_amd64",
"product_id": "openshift-logging/logging-curator5-rhel8@sha256:bb16d7f7ef2310afacf12a11808c3b792ed1f30929ef9a62ff9b094d3d8512cc_amd64",
"product_identification_helper": {
"purl": "pkg:oci/logging-curator5-rhel8@sha256:bb16d7f7ef2310afacf12a11808c3b792ed1f30929ef9a62ff9b094d3d8512cc?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/logging-curator5-rhel8\u0026tag=v5.0.3-1"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch6-rhel8@sha256:614d1860d95c7e9a84ee68bb507f9970d0af63a7df3e744bd5e5a08a2a617914_amd64",
"product": {
"name": "openshift-logging/elasticsearch6-rhel8@sha256:614d1860d95c7e9a84ee68bb507f9970d0af63a7df3e744bd5e5a08a2a617914_amd64",
"product_id": "openshift-logging/elasticsearch6-rhel8@sha256:614d1860d95c7e9a84ee68bb507f9970d0af63a7df3e744bd5e5a08a2a617914_amd64",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch6-rhel8@sha256:614d1860d95c7e9a84ee68bb507f9970d0af63a7df3e744bd5e5a08a2a617914?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch6-rhel8\u0026tag=v5.0.3-1"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/eventrouter-rhel8@sha256:7a17b1b04fd0d9ae66ad0dfaacbf9bebe44f77449763cd82bd172551c8dd5906_amd64",
"product": {
"name": "openshift-logging/eventrouter-rhel8@sha256:7a17b1b04fd0d9ae66ad0dfaacbf9bebe44f77449763cd82bd172551c8dd5906_amd64",
"product_id": "openshift-logging/eventrouter-rhel8@sha256:7a17b1b04fd0d9ae66ad0dfaacbf9bebe44f77449763cd82bd172551c8dd5906_amd64",
"product_identification_helper": {
"purl": "pkg:oci/eventrouter-rhel8@sha256:7a17b1b04fd0d9ae66ad0dfaacbf9bebe44f77449763cd82bd172551c8dd5906?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/eventrouter-rhel8\u0026tag=v5.0.3-1"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/fluentd-rhel8@sha256:508186184b17d924659ad9dcaa468cd4086bbe958b4dac1a6297e7cd4f88a418_amd64",
"product": {
"name": "openshift-logging/fluentd-rhel8@sha256:508186184b17d924659ad9dcaa468cd4086bbe958b4dac1a6297e7cd4f88a418_amd64",
"product_id": "openshift-logging/fluentd-rhel8@sha256:508186184b17d924659ad9dcaa468cd4086bbe958b4dac1a6297e7cd4f88a418_amd64",
"product_identification_helper": {
"purl": "pkg:oci/fluentd-rhel8@sha256:508186184b17d924659ad9dcaa468cd4086bbe958b4dac1a6297e7cd4f88a418?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/fluentd-rhel8\u0026tag=v5.0.3-1"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/kibana6-rhel8@sha256:6348d3a07a76aa6eb90d1689cdf67a45559e752aec70d06261596f09d7ebca4f_amd64",
"product": {
"name": "openshift-logging/kibana6-rhel8@sha256:6348d3a07a76aa6eb90d1689cdf67a45559e752aec70d06261596f09d7ebca4f_amd64",
"product_id": "openshift-logging/kibana6-rhel8@sha256:6348d3a07a76aa6eb90d1689cdf67a45559e752aec70d06261596f09d7ebca4f_amd64",
"product_identification_helper": {
"purl": "pkg:oci/kibana6-rhel8@sha256:6348d3a07a76aa6eb90d1689cdf67a45559e752aec70d06261596f09d7ebca4f?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/kibana6-rhel8\u0026tag=v5.0.3-1"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-logging/cluster-logging-rhel8-operator@sha256:0b3edcd073a1f331c011ebcd4aaa8371f9114b78a48e590df450e1e9006404c3_ppc64le",
"product": {
"name": "openshift-logging/cluster-logging-rhel8-operator@sha256:0b3edcd073a1f331c011ebcd4aaa8371f9114b78a48e590df450e1e9006404c3_ppc64le",
"product_id": "openshift-logging/cluster-logging-rhel8-operator@sha256:0b3edcd073a1f331c011ebcd4aaa8371f9114b78a48e590df450e1e9006404c3_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/cluster-logging-rhel8-operator@sha256:0b3edcd073a1f331c011ebcd4aaa8371f9114b78a48e590df450e1e9006404c3?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/cluster-logging-rhel8-operator\u0026tag=v5.0.3-2"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch-rhel8-operator@sha256:0264dd99af5af4a7a30c2b5830e52980fc59d050cc940f191b32e09df284292a_ppc64le",
"product": {
"name": "openshift-logging/elasticsearch-rhel8-operator@sha256:0264dd99af5af4a7a30c2b5830e52980fc59d050cc940f191b32e09df284292a_ppc64le",
"product_id": "openshift-logging/elasticsearch-rhel8-operator@sha256:0264dd99af5af4a7a30c2b5830e52980fc59d050cc940f191b32e09df284292a_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch-rhel8-operator@sha256:0264dd99af5af4a7a30c2b5830e52980fc59d050cc940f191b32e09df284292a?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch-rhel8-operator\u0026tag=v5.0.3-2"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:b2359332ffb463d8af90bcc6871b0a5ff4e79ce82243ba89ace96e18e05964fa_ppc64le",
"product": {
"name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:b2359332ffb463d8af90bcc6871b0a5ff4e79ce82243ba89ace96e18e05964fa_ppc64le",
"product_id": "openshift-logging/elasticsearch-proxy-rhel8@sha256:b2359332ffb463d8af90bcc6871b0a5ff4e79ce82243ba89ace96e18e05964fa_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch-proxy-rhel8@sha256:b2359332ffb463d8af90bcc6871b0a5ff4e79ce82243ba89ace96e18e05964fa?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch-proxy-rhel8\u0026tag=v5.0.3-1"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/logging-curator5-rhel8@sha256:7904a53e3117acf2baeae3911c6d1cdfb78964080bf5ff3ff5bff531ca6ef366_ppc64le",
"product": {
"name": "openshift-logging/logging-curator5-rhel8@sha256:7904a53e3117acf2baeae3911c6d1cdfb78964080bf5ff3ff5bff531ca6ef366_ppc64le",
"product_id": "openshift-logging/logging-curator5-rhel8@sha256:7904a53e3117acf2baeae3911c6d1cdfb78964080bf5ff3ff5bff531ca6ef366_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/logging-curator5-rhel8@sha256:7904a53e3117acf2baeae3911c6d1cdfb78964080bf5ff3ff5bff531ca6ef366?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/logging-curator5-rhel8\u0026tag=v5.0.3-1"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch6-rhel8@sha256:30491b87e69ba242c3eacb607c71c13a9957962c0ae75d63fbb1f7aff12e268b_ppc64le",
"product": {
"name": "openshift-logging/elasticsearch6-rhel8@sha256:30491b87e69ba242c3eacb607c71c13a9957962c0ae75d63fbb1f7aff12e268b_ppc64le",
"product_id": "openshift-logging/elasticsearch6-rhel8@sha256:30491b87e69ba242c3eacb607c71c13a9957962c0ae75d63fbb1f7aff12e268b_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch6-rhel8@sha256:30491b87e69ba242c3eacb607c71c13a9957962c0ae75d63fbb1f7aff12e268b?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch6-rhel8\u0026tag=v5.0.3-1"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/eventrouter-rhel8@sha256:3b08518f62a113a06a16ca3bcccbc128703f34815d66162426daabfd9740b2c4_ppc64le",
"product": {
"name": "openshift-logging/eventrouter-rhel8@sha256:3b08518f62a113a06a16ca3bcccbc128703f34815d66162426daabfd9740b2c4_ppc64le",
"product_id": "openshift-logging/eventrouter-rhel8@sha256:3b08518f62a113a06a16ca3bcccbc128703f34815d66162426daabfd9740b2c4_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/eventrouter-rhel8@sha256:3b08518f62a113a06a16ca3bcccbc128703f34815d66162426daabfd9740b2c4?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/eventrouter-rhel8\u0026tag=v5.0.3-1"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/fluentd-rhel8@sha256:ea0fb56298089dfd6ea04c4933e6e15668fe422b60b521cf1388783797ac7852_ppc64le",
"product": {
"name": "openshift-logging/fluentd-rhel8@sha256:ea0fb56298089dfd6ea04c4933e6e15668fe422b60b521cf1388783797ac7852_ppc64le",
"product_id": "openshift-logging/fluentd-rhel8@sha256:ea0fb56298089dfd6ea04c4933e6e15668fe422b60b521cf1388783797ac7852_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/fluentd-rhel8@sha256:ea0fb56298089dfd6ea04c4933e6e15668fe422b60b521cf1388783797ac7852?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/fluentd-rhel8\u0026tag=v5.0.3-1"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/kibana6-rhel8@sha256:c140c1da34f8cb38864f92201ac8c9aa6981318d1bd4ebf87cea698fdb80a6d7_ppc64le",
"product": {
"name": "openshift-logging/kibana6-rhel8@sha256:c140c1da34f8cb38864f92201ac8c9aa6981318d1bd4ebf87cea698fdb80a6d7_ppc64le",
"product_id": "openshift-logging/kibana6-rhel8@sha256:c140c1da34f8cb38864f92201ac8c9aa6981318d1bd4ebf87cea698fdb80a6d7_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/kibana6-rhel8@sha256:c140c1da34f8cb38864f92201ac8c9aa6981318d1bd4ebf87cea698fdb80a6d7?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/kibana6-rhel8\u0026tag=v5.0.3-1"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/cluster-logging-operator-bundle@sha256:523e689589595cff9ee11393506309c00d23bf8fb945e1475aeeffea3d517897_amd64 as a component of OpenShift Logging 5.0",
"product_id": "8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-operator-bundle@sha256:523e689589595cff9ee11393506309c00d23bf8fb945e1475aeeffea3d517897_amd64"
},
"product_reference": "openshift-logging/cluster-logging-operator-bundle@sha256:523e689589595cff9ee11393506309c00d23bf8fb945e1475aeeffea3d517897_amd64",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/cluster-logging-rhel8-operator@sha256:0b3edcd073a1f331c011ebcd4aaa8371f9114b78a48e590df450e1e9006404c3_ppc64le as a component of OpenShift Logging 5.0",
"product_id": "8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:0b3edcd073a1f331c011ebcd4aaa8371f9114b78a48e590df450e1e9006404c3_ppc64le"
},
"product_reference": "openshift-logging/cluster-logging-rhel8-operator@sha256:0b3edcd073a1f331c011ebcd4aaa8371f9114b78a48e590df450e1e9006404c3_ppc64le",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/cluster-logging-rhel8-operator@sha256:c143f6d1ec4d3d9a917a99c65815752e24e93a5be212c8d41a7f945ffffa67cf_amd64 as a component of OpenShift Logging 5.0",
"product_id": "8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:c143f6d1ec4d3d9a917a99c65815752e24e93a5be212c8d41a7f945ffffa67cf_amd64"
},
"product_reference": "openshift-logging/cluster-logging-rhel8-operator@sha256:c143f6d1ec4d3d9a917a99c65815752e24e93a5be212c8d41a7f945ffffa67cf_amd64",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/cluster-logging-rhel8-operator@sha256:f42594e7760bf45ccba9d0494391b07b355d147a8ccfae3db602bceb74d8e35f_s390x as a component of OpenShift Logging 5.0",
"product_id": "8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:f42594e7760bf45ccba9d0494391b07b355d147a8ccfae3db602bceb74d8e35f_s390x"
},
"product_reference": "openshift-logging/cluster-logging-rhel8-operator@sha256:f42594e7760bf45ccba9d0494391b07b355d147a8ccfae3db602bceb74d8e35f_s390x",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch-operator-bundle@sha256:1a88af8ae614593144ab405214444d954aa97ba13baa6ccf3b3498b424f983df_amd64 as a component of OpenShift Logging 5.0",
"product_id": "8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-operator-bundle@sha256:1a88af8ae614593144ab405214444d954aa97ba13baa6ccf3b3498b424f983df_amd64"
},
"product_reference": "openshift-logging/elasticsearch-operator-bundle@sha256:1a88af8ae614593144ab405214444d954aa97ba13baa6ccf3b3498b424f983df_amd64",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:667a65330c7ed33805c30896ff9fa979c1aeed8883eb31750af9802f6feb7034_s390x as a component of OpenShift Logging 5.0",
"product_id": "8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:667a65330c7ed33805c30896ff9fa979c1aeed8883eb31750af9802f6feb7034_s390x"
},
"product_reference": "openshift-logging/elasticsearch-proxy-rhel8@sha256:667a65330c7ed33805c30896ff9fa979c1aeed8883eb31750af9802f6feb7034_s390x",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:a78c13c0c3f17432dee6d22756d6656afffe33081a1db5fad0ab68798fb92580_amd64 as a component of OpenShift Logging 5.0",
"product_id": "8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:a78c13c0c3f17432dee6d22756d6656afffe33081a1db5fad0ab68798fb92580_amd64"
},
"product_reference": "openshift-logging/elasticsearch-proxy-rhel8@sha256:a78c13c0c3f17432dee6d22756d6656afffe33081a1db5fad0ab68798fb92580_amd64",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:b2359332ffb463d8af90bcc6871b0a5ff4e79ce82243ba89ace96e18e05964fa_ppc64le as a component of OpenShift Logging 5.0",
"product_id": "8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:b2359332ffb463d8af90bcc6871b0a5ff4e79ce82243ba89ace96e18e05964fa_ppc64le"
},
"product_reference": "openshift-logging/elasticsearch-proxy-rhel8@sha256:b2359332ffb463d8af90bcc6871b0a5ff4e79ce82243ba89ace96e18e05964fa_ppc64le",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch-rhel8-operator@sha256:0264dd99af5af4a7a30c2b5830e52980fc59d050cc940f191b32e09df284292a_ppc64le as a component of OpenShift Logging 5.0",
"product_id": "8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0264dd99af5af4a7a30c2b5830e52980fc59d050cc940f191b32e09df284292a_ppc64le"
},
"product_reference": "openshift-logging/elasticsearch-rhel8-operator@sha256:0264dd99af5af4a7a30c2b5830e52980fc59d050cc940f191b32e09df284292a_ppc64le",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch-rhel8-operator@sha256:0dc6a56baad15c9fa6d0669f6f59ba1c6b444ef75e5d2893fa4bdd970bdfe88b_s390x as a component of OpenShift Logging 5.0",
"product_id": "8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0dc6a56baad15c9fa6d0669f6f59ba1c6b444ef75e5d2893fa4bdd970bdfe88b_s390x"
},
"product_reference": "openshift-logging/elasticsearch-rhel8-operator@sha256:0dc6a56baad15c9fa6d0669f6f59ba1c6b444ef75e5d2893fa4bdd970bdfe88b_s390x",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch-rhel8-operator@sha256:af5c18868820a4d139ad9c7d6a1d0a78396d96deb455b00a918c7eaf2ffbaa8b_amd64 as a component of OpenShift Logging 5.0",
"product_id": "8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:af5c18868820a4d139ad9c7d6a1d0a78396d96deb455b00a918c7eaf2ffbaa8b_amd64"
},
"product_reference": "openshift-logging/elasticsearch-rhel8-operator@sha256:af5c18868820a4d139ad9c7d6a1d0a78396d96deb455b00a918c7eaf2ffbaa8b_amd64",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch6-rhel8@sha256:30491b87e69ba242c3eacb607c71c13a9957962c0ae75d63fbb1f7aff12e268b_ppc64le as a component of OpenShift Logging 5.0",
"product_id": "8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:30491b87e69ba242c3eacb607c71c13a9957962c0ae75d63fbb1f7aff12e268b_ppc64le"
},
"product_reference": "openshift-logging/elasticsearch6-rhel8@sha256:30491b87e69ba242c3eacb607c71c13a9957962c0ae75d63fbb1f7aff12e268b_ppc64le",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch6-rhel8@sha256:614d1860d95c7e9a84ee68bb507f9970d0af63a7df3e744bd5e5a08a2a617914_amd64 as a component of OpenShift Logging 5.0",
"product_id": "8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:614d1860d95c7e9a84ee68bb507f9970d0af63a7df3e744bd5e5a08a2a617914_amd64"
},
"product_reference": "openshift-logging/elasticsearch6-rhel8@sha256:614d1860d95c7e9a84ee68bb507f9970d0af63a7df3e744bd5e5a08a2a617914_amd64",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch6-rhel8@sha256:9dbe9316331f9b7725f39d00dc2bc8433482750c8178066b002682894f92ed87_s390x as a component of OpenShift Logging 5.0",
"product_id": "8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:9dbe9316331f9b7725f39d00dc2bc8433482750c8178066b002682894f92ed87_s390x"
},
"product_reference": "openshift-logging/elasticsearch6-rhel8@sha256:9dbe9316331f9b7725f39d00dc2bc8433482750c8178066b002682894f92ed87_s390x",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/eventrouter-rhel8@sha256:3b08518f62a113a06a16ca3bcccbc128703f34815d66162426daabfd9740b2c4_ppc64le as a component of OpenShift Logging 5.0",
"product_id": "8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:3b08518f62a113a06a16ca3bcccbc128703f34815d66162426daabfd9740b2c4_ppc64le"
},
"product_reference": "openshift-logging/eventrouter-rhel8@sha256:3b08518f62a113a06a16ca3bcccbc128703f34815d66162426daabfd9740b2c4_ppc64le",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/eventrouter-rhel8@sha256:4e8a4d0bf152d8f50114d13ce51868506570825123b8df4eed426f524c01bde3_s390x as a component of OpenShift Logging 5.0",
"product_id": "8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:4e8a4d0bf152d8f50114d13ce51868506570825123b8df4eed426f524c01bde3_s390x"
},
"product_reference": "openshift-logging/eventrouter-rhel8@sha256:4e8a4d0bf152d8f50114d13ce51868506570825123b8df4eed426f524c01bde3_s390x",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/eventrouter-rhel8@sha256:7a17b1b04fd0d9ae66ad0dfaacbf9bebe44f77449763cd82bd172551c8dd5906_amd64 as a component of OpenShift Logging 5.0",
"product_id": "8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:7a17b1b04fd0d9ae66ad0dfaacbf9bebe44f77449763cd82bd172551c8dd5906_amd64"
},
"product_reference": "openshift-logging/eventrouter-rhel8@sha256:7a17b1b04fd0d9ae66ad0dfaacbf9bebe44f77449763cd82bd172551c8dd5906_amd64",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/fluentd-rhel8@sha256:508186184b17d924659ad9dcaa468cd4086bbe958b4dac1a6297e7cd4f88a418_amd64 as a component of OpenShift Logging 5.0",
"product_id": "8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:508186184b17d924659ad9dcaa468cd4086bbe958b4dac1a6297e7cd4f88a418_amd64"
},
"product_reference": "openshift-logging/fluentd-rhel8@sha256:508186184b17d924659ad9dcaa468cd4086bbe958b4dac1a6297e7cd4f88a418_amd64",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/fluentd-rhel8@sha256:c9d56d0bfd800bd72c990829b81676a261c288f783ab44788feffdaa00bd069c_s390x as a component of OpenShift Logging 5.0",
"product_id": "8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:c9d56d0bfd800bd72c990829b81676a261c288f783ab44788feffdaa00bd069c_s390x"
},
"product_reference": "openshift-logging/fluentd-rhel8@sha256:c9d56d0bfd800bd72c990829b81676a261c288f783ab44788feffdaa00bd069c_s390x",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/fluentd-rhel8@sha256:ea0fb56298089dfd6ea04c4933e6e15668fe422b60b521cf1388783797ac7852_ppc64le as a component of OpenShift Logging 5.0",
"product_id": "8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:ea0fb56298089dfd6ea04c4933e6e15668fe422b60b521cf1388783797ac7852_ppc64le"
},
"product_reference": "openshift-logging/fluentd-rhel8@sha256:ea0fb56298089dfd6ea04c4933e6e15668fe422b60b521cf1388783797ac7852_ppc64le",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/kibana6-rhel8@sha256:06f31605e19bd7f702e403b815b961f125d92466e208428547069b3712c7a20e_s390x as a component of OpenShift Logging 5.0",
"product_id": "8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:06f31605e19bd7f702e403b815b961f125d92466e208428547069b3712c7a20e_s390x"
},
"product_reference": "openshift-logging/kibana6-rhel8@sha256:06f31605e19bd7f702e403b815b961f125d92466e208428547069b3712c7a20e_s390x",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/kibana6-rhel8@sha256:6348d3a07a76aa6eb90d1689cdf67a45559e752aec70d06261596f09d7ebca4f_amd64 as a component of OpenShift Logging 5.0",
"product_id": "8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:6348d3a07a76aa6eb90d1689cdf67a45559e752aec70d06261596f09d7ebca4f_amd64"
},
"product_reference": "openshift-logging/kibana6-rhel8@sha256:6348d3a07a76aa6eb90d1689cdf67a45559e752aec70d06261596f09d7ebca4f_amd64",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/kibana6-rhel8@sha256:c140c1da34f8cb38864f92201ac8c9aa6981318d1bd4ebf87cea698fdb80a6d7_ppc64le as a component of OpenShift Logging 5.0",
"product_id": "8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:c140c1da34f8cb38864f92201ac8c9aa6981318d1bd4ebf87cea698fdb80a6d7_ppc64le"
},
"product_reference": "openshift-logging/kibana6-rhel8@sha256:c140c1da34f8cb38864f92201ac8c9aa6981318d1bd4ebf87cea698fdb80a6d7_ppc64le",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/logging-curator5-rhel8@sha256:7904a53e3117acf2baeae3911c6d1cdfb78964080bf5ff3ff5bff531ca6ef366_ppc64le as a component of OpenShift Logging 5.0",
"product_id": "8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:7904a53e3117acf2baeae3911c6d1cdfb78964080bf5ff3ff5bff531ca6ef366_ppc64le"
},
"product_reference": "openshift-logging/logging-curator5-rhel8@sha256:7904a53e3117acf2baeae3911c6d1cdfb78964080bf5ff3ff5bff531ca6ef366_ppc64le",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/logging-curator5-rhel8@sha256:adbab231c9403261c85b6e4ff2c81c0d19e206106df60fd1551c9e30cb2d83f7_s390x as a component of OpenShift Logging 5.0",
"product_id": "8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:adbab231c9403261c85b6e4ff2c81c0d19e206106df60fd1551c9e30cb2d83f7_s390x"
},
"product_reference": "openshift-logging/logging-curator5-rhel8@sha256:adbab231c9403261c85b6e4ff2c81c0d19e206106df60fd1551c9e30cb2d83f7_s390x",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/logging-curator5-rhel8@sha256:bb16d7f7ef2310afacf12a11808c3b792ed1f30929ef9a62ff9b094d3d8512cc_amd64 as a component of OpenShift Logging 5.0",
"product_id": "8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:bb16d7f7ef2310afacf12a11808c3b792ed1f30929ef9a62ff9b094d3d8512cc_amd64"
},
"product_reference": "openshift-logging/logging-curator5-rhel8@sha256:bb16d7f7ef2310afacf12a11808c3b792ed1f30929ef9a62ff9b094d3d8512cc_amd64",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.0"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2018-14718",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2019-01-02T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-operator-bundle@sha256:523e689589595cff9ee11393506309c00d23bf8fb945e1475aeeffea3d517897_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:0b3edcd073a1f331c011ebcd4aaa8371f9114b78a48e590df450e1e9006404c3_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:c143f6d1ec4d3d9a917a99c65815752e24e93a5be212c8d41a7f945ffffa67cf_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:f42594e7760bf45ccba9d0494391b07b355d147a8ccfae3db602bceb74d8e35f_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-operator-bundle@sha256:1a88af8ae614593144ab405214444d954aa97ba13baa6ccf3b3498b424f983df_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:667a65330c7ed33805c30896ff9fa979c1aeed8883eb31750af9802f6feb7034_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:a78c13c0c3f17432dee6d22756d6656afffe33081a1db5fad0ab68798fb92580_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:b2359332ffb463d8af90bcc6871b0a5ff4e79ce82243ba89ace96e18e05964fa_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0264dd99af5af4a7a30c2b5830e52980fc59d050cc940f191b32e09df284292a_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0dc6a56baad15c9fa6d0669f6f59ba1c6b444ef75e5d2893fa4bdd970bdfe88b_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:af5c18868820a4d139ad9c7d6a1d0a78396d96deb455b00a918c7eaf2ffbaa8b_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:3b08518f62a113a06a16ca3bcccbc128703f34815d66162426daabfd9740b2c4_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:4e8a4d0bf152d8f50114d13ce51868506570825123b8df4eed426f524c01bde3_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:7a17b1b04fd0d9ae66ad0dfaacbf9bebe44f77449763cd82bd172551c8dd5906_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:508186184b17d924659ad9dcaa468cd4086bbe958b4dac1a6297e7cd4f88a418_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:c9d56d0bfd800bd72c990829b81676a261c288f783ab44788feffdaa00bd069c_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:ea0fb56298089dfd6ea04c4933e6e15668fe422b60b521cf1388783797ac7852_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:06f31605e19bd7f702e403b815b961f125d92466e208428547069b3712c7a20e_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:6348d3a07a76aa6eb90d1689cdf67a45559e752aec70d06261596f09d7ebca4f_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:c140c1da34f8cb38864f92201ac8c9aa6981318d1bd4ebf87cea698fdb80a6d7_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:7904a53e3117acf2baeae3911c6d1cdfb78964080bf5ff3ff5bff531ca6ef366_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:adbab231c9403261c85b6e4ff2c81c0d19e206106df60fd1551c9e30cb2d83f7_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:bb16d7f7ef2310afacf12a11808c3b792ed1f30929ef9a62ff9b094d3d8512cc_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1666415"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was discovered in jackson-databind, where it would permit polymorphic deserialization of a malicious object using slf4j classes. An attacker could use this flaw to execute arbitrary code.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: arbitrary code execution in slf4j-ext class",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability in jackson-databind involves exploiting CVE-2018-1088 against slf4j, which was fixed in Red Hat products through the errata referenced at https://access.redhat.com/security/cve/cve-2018-8088. Applications that link only slf4j versions including that fix are not vulnerable to this vulnerability.\n\nRed Hat Satellite 6 is not affected by this issue, since its candlepin component doesn\u0027t bundle slf4j-ext jar.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:30491b87e69ba242c3eacb607c71c13a9957962c0ae75d63fbb1f7aff12e268b_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:614d1860d95c7e9a84ee68bb507f9970d0af63a7df3e744bd5e5a08a2a617914_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:9dbe9316331f9b7725f39d00dc2bc8433482750c8178066b002682894f92ed87_s390x"
],
"known_not_affected": [
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-operator-bundle@sha256:523e689589595cff9ee11393506309c00d23bf8fb945e1475aeeffea3d517897_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:0b3edcd073a1f331c011ebcd4aaa8371f9114b78a48e590df450e1e9006404c3_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:c143f6d1ec4d3d9a917a99c65815752e24e93a5be212c8d41a7f945ffffa67cf_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:f42594e7760bf45ccba9d0494391b07b355d147a8ccfae3db602bceb74d8e35f_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-operator-bundle@sha256:1a88af8ae614593144ab405214444d954aa97ba13baa6ccf3b3498b424f983df_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:667a65330c7ed33805c30896ff9fa979c1aeed8883eb31750af9802f6feb7034_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:a78c13c0c3f17432dee6d22756d6656afffe33081a1db5fad0ab68798fb92580_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:b2359332ffb463d8af90bcc6871b0a5ff4e79ce82243ba89ace96e18e05964fa_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0264dd99af5af4a7a30c2b5830e52980fc59d050cc940f191b32e09df284292a_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0dc6a56baad15c9fa6d0669f6f59ba1c6b444ef75e5d2893fa4bdd970bdfe88b_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:af5c18868820a4d139ad9c7d6a1d0a78396d96deb455b00a918c7eaf2ffbaa8b_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:3b08518f62a113a06a16ca3bcccbc128703f34815d66162426daabfd9740b2c4_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:4e8a4d0bf152d8f50114d13ce51868506570825123b8df4eed426f524c01bde3_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:7a17b1b04fd0d9ae66ad0dfaacbf9bebe44f77449763cd82bd172551c8dd5906_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:508186184b17d924659ad9dcaa468cd4086bbe958b4dac1a6297e7cd4f88a418_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:c9d56d0bfd800bd72c990829b81676a261c288f783ab44788feffdaa00bd069c_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:ea0fb56298089dfd6ea04c4933e6e15668fe422b60b521cf1388783797ac7852_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:06f31605e19bd7f702e403b815b961f125d92466e208428547069b3712c7a20e_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:6348d3a07a76aa6eb90d1689cdf67a45559e752aec70d06261596f09d7ebca4f_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:c140c1da34f8cb38864f92201ac8c9aa6981318d1bd4ebf87cea698fdb80a6d7_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:7904a53e3117acf2baeae3911c6d1cdfb78964080bf5ff3ff5bff531ca6ef366_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:adbab231c9403261c85b6e4ff2c81c0d19e206106df60fd1551c9e30cb2d83f7_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:bb16d7f7ef2310afacf12a11808c3b792ed1f30929ef9a62ff9b094d3d8512cc_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-14718"
},
{
"category": "external",
"summary": "RHBZ#1666415",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1666415"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-14718",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14718"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-14718",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-14718"
}
],
"release_date": "2018-07-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-05-06T13:38:14+00:00",
"details": "For OpenShift Container Platform 4.7 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:\n\nhttps://docs.openshift.com/container-platform/4.7/release_notes/ocp-4-7-release-notes.html\n\nFor Red Hat OpenShift Logging 5.0, see the following instructions to apply this update:\n\nhttps://docs.openshift.com/container-platform/4.7/logging/cluster-logging-upgrading.html",
"product_ids": [
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:30491b87e69ba242c3eacb607c71c13a9957962c0ae75d63fbb1f7aff12e268b_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:614d1860d95c7e9a84ee68bb507f9970d0af63a7df3e744bd5e5a08a2a617914_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:9dbe9316331f9b7725f39d00dc2bc8433482750c8178066b002682894f92ed87_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:1515"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-operator-bundle@sha256:523e689589595cff9ee11393506309c00d23bf8fb945e1475aeeffea3d517897_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:0b3edcd073a1f331c011ebcd4aaa8371f9114b78a48e590df450e1e9006404c3_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:c143f6d1ec4d3d9a917a99c65815752e24e93a5be212c8d41a7f945ffffa67cf_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:f42594e7760bf45ccba9d0494391b07b355d147a8ccfae3db602bceb74d8e35f_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-operator-bundle@sha256:1a88af8ae614593144ab405214444d954aa97ba13baa6ccf3b3498b424f983df_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:667a65330c7ed33805c30896ff9fa979c1aeed8883eb31750af9802f6feb7034_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:a78c13c0c3f17432dee6d22756d6656afffe33081a1db5fad0ab68798fb92580_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:b2359332ffb463d8af90bcc6871b0a5ff4e79ce82243ba89ace96e18e05964fa_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0264dd99af5af4a7a30c2b5830e52980fc59d050cc940f191b32e09df284292a_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0dc6a56baad15c9fa6d0669f6f59ba1c6b444ef75e5d2893fa4bdd970bdfe88b_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:af5c18868820a4d139ad9c7d6a1d0a78396d96deb455b00a918c7eaf2ffbaa8b_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:30491b87e69ba242c3eacb607c71c13a9957962c0ae75d63fbb1f7aff12e268b_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:614d1860d95c7e9a84ee68bb507f9970d0af63a7df3e744bd5e5a08a2a617914_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:9dbe9316331f9b7725f39d00dc2bc8433482750c8178066b002682894f92ed87_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:3b08518f62a113a06a16ca3bcccbc128703f34815d66162426daabfd9740b2c4_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:4e8a4d0bf152d8f50114d13ce51868506570825123b8df4eed426f524c01bde3_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:7a17b1b04fd0d9ae66ad0dfaacbf9bebe44f77449763cd82bd172551c8dd5906_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:508186184b17d924659ad9dcaa468cd4086bbe958b4dac1a6297e7cd4f88a418_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:c9d56d0bfd800bd72c990829b81676a261c288f783ab44788feffdaa00bd069c_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:ea0fb56298089dfd6ea04c4933e6e15668fe422b60b521cf1388783797ac7852_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:06f31605e19bd7f702e403b815b961f125d92466e208428547069b3712c7a20e_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:6348d3a07a76aa6eb90d1689cdf67a45559e752aec70d06261596f09d7ebca4f_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:c140c1da34f8cb38864f92201ac8c9aa6981318d1bd4ebf87cea698fdb80a6d7_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:7904a53e3117acf2baeae3911c6d1cdfb78964080bf5ff3ff5bff531ca6ef366_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:adbab231c9403261c85b6e4ff2c81c0d19e206106df60fd1551c9e30cb2d83f7_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:bb16d7f7ef2310afacf12a11808c3b792ed1f30929ef9a62ff9b094d3d8512cc_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "jackson-databind: arbitrary code execution in slf4j-ext class"
},
{
"cve": "CVE-2018-14719",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2019-01-02T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-operator-bundle@sha256:523e689589595cff9ee11393506309c00d23bf8fb945e1475aeeffea3d517897_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:0b3edcd073a1f331c011ebcd4aaa8371f9114b78a48e590df450e1e9006404c3_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:c143f6d1ec4d3d9a917a99c65815752e24e93a5be212c8d41a7f945ffffa67cf_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:f42594e7760bf45ccba9d0494391b07b355d147a8ccfae3db602bceb74d8e35f_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-operator-bundle@sha256:1a88af8ae614593144ab405214444d954aa97ba13baa6ccf3b3498b424f983df_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:667a65330c7ed33805c30896ff9fa979c1aeed8883eb31750af9802f6feb7034_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:a78c13c0c3f17432dee6d22756d6656afffe33081a1db5fad0ab68798fb92580_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:b2359332ffb463d8af90bcc6871b0a5ff4e79ce82243ba89ace96e18e05964fa_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0264dd99af5af4a7a30c2b5830e52980fc59d050cc940f191b32e09df284292a_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0dc6a56baad15c9fa6d0669f6f59ba1c6b444ef75e5d2893fa4bdd970bdfe88b_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:af5c18868820a4d139ad9c7d6a1d0a78396d96deb455b00a918c7eaf2ffbaa8b_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:3b08518f62a113a06a16ca3bcccbc128703f34815d66162426daabfd9740b2c4_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:4e8a4d0bf152d8f50114d13ce51868506570825123b8df4eed426f524c01bde3_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:7a17b1b04fd0d9ae66ad0dfaacbf9bebe44f77449763cd82bd172551c8dd5906_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:508186184b17d924659ad9dcaa468cd4086bbe958b4dac1a6297e7cd4f88a418_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:c9d56d0bfd800bd72c990829b81676a261c288f783ab44788feffdaa00bd069c_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:ea0fb56298089dfd6ea04c4933e6e15668fe422b60b521cf1388783797ac7852_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:06f31605e19bd7f702e403b815b961f125d92466e208428547069b3712c7a20e_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:6348d3a07a76aa6eb90d1689cdf67a45559e752aec70d06261596f09d7ebca4f_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:c140c1da34f8cb38864f92201ac8c9aa6981318d1bd4ebf87cea698fdb80a6d7_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:7904a53e3117acf2baeae3911c6d1cdfb78964080bf5ff3ff5bff531ca6ef366_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:adbab231c9403261c85b6e4ff2c81c0d19e206106df60fd1551c9e30cb2d83f7_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:bb16d7f7ef2310afacf12a11808c3b792ed1f30929ef9a62ff9b094d3d8512cc_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1666418"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was discovered in jackson-databind, where it would permit polymorphic deserialization of a malicious object using blaze classes. An attacker could use this flaw to execute arbitrary code.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: arbitrary code execution in blaze-ds-opt and blaze-ds-core classes",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The following Red Hat products are not affected by this issue as they do not bundle or provide the requisite gadget jars to exploit this vulnerability:\nRed Hat Satellite 6\nRed Hat Enterprise Virtualization 4\nRed Hat Fuse 6, 7, and Fuse Integration Services 2\nRed Hat A-MQ 6",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:30491b87e69ba242c3eacb607c71c13a9957962c0ae75d63fbb1f7aff12e268b_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:614d1860d95c7e9a84ee68bb507f9970d0af63a7df3e744bd5e5a08a2a617914_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:9dbe9316331f9b7725f39d00dc2bc8433482750c8178066b002682894f92ed87_s390x"
],
"known_not_affected": [
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-operator-bundle@sha256:523e689589595cff9ee11393506309c00d23bf8fb945e1475aeeffea3d517897_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:0b3edcd073a1f331c011ebcd4aaa8371f9114b78a48e590df450e1e9006404c3_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:c143f6d1ec4d3d9a917a99c65815752e24e93a5be212c8d41a7f945ffffa67cf_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:f42594e7760bf45ccba9d0494391b07b355d147a8ccfae3db602bceb74d8e35f_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-operator-bundle@sha256:1a88af8ae614593144ab405214444d954aa97ba13baa6ccf3b3498b424f983df_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:667a65330c7ed33805c30896ff9fa979c1aeed8883eb31750af9802f6feb7034_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:a78c13c0c3f17432dee6d22756d6656afffe33081a1db5fad0ab68798fb92580_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:b2359332ffb463d8af90bcc6871b0a5ff4e79ce82243ba89ace96e18e05964fa_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0264dd99af5af4a7a30c2b5830e52980fc59d050cc940f191b32e09df284292a_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0dc6a56baad15c9fa6d0669f6f59ba1c6b444ef75e5d2893fa4bdd970bdfe88b_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:af5c18868820a4d139ad9c7d6a1d0a78396d96deb455b00a918c7eaf2ffbaa8b_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:3b08518f62a113a06a16ca3bcccbc128703f34815d66162426daabfd9740b2c4_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:4e8a4d0bf152d8f50114d13ce51868506570825123b8df4eed426f524c01bde3_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:7a17b1b04fd0d9ae66ad0dfaacbf9bebe44f77449763cd82bd172551c8dd5906_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:508186184b17d924659ad9dcaa468cd4086bbe958b4dac1a6297e7cd4f88a418_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:c9d56d0bfd800bd72c990829b81676a261c288f783ab44788feffdaa00bd069c_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:ea0fb56298089dfd6ea04c4933e6e15668fe422b60b521cf1388783797ac7852_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:06f31605e19bd7f702e403b815b961f125d92466e208428547069b3712c7a20e_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:6348d3a07a76aa6eb90d1689cdf67a45559e752aec70d06261596f09d7ebca4f_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:c140c1da34f8cb38864f92201ac8c9aa6981318d1bd4ebf87cea698fdb80a6d7_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:7904a53e3117acf2baeae3911c6d1cdfb78964080bf5ff3ff5bff531ca6ef366_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:adbab231c9403261c85b6e4ff2c81c0d19e206106df60fd1551c9e30cb2d83f7_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:bb16d7f7ef2310afacf12a11808c3b792ed1f30929ef9a62ff9b094d3d8512cc_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-14719"
},
{
"category": "external",
"summary": "RHBZ#1666418",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1666418"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-14719",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14719"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-14719",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-14719"
}
],
"release_date": "2018-07-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-05-06T13:38:14+00:00",
"details": "For OpenShift Container Platform 4.7 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:\n\nhttps://docs.openshift.com/container-platform/4.7/release_notes/ocp-4-7-release-notes.html\n\nFor Red Hat OpenShift Logging 5.0, see the following instructions to apply this update:\n\nhttps://docs.openshift.com/container-platform/4.7/logging/cluster-logging-upgrading.html",
"product_ids": [
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:30491b87e69ba242c3eacb607c71c13a9957962c0ae75d63fbb1f7aff12e268b_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:614d1860d95c7e9a84ee68bb507f9970d0af63a7df3e744bd5e5a08a2a617914_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:9dbe9316331f9b7725f39d00dc2bc8433482750c8178066b002682894f92ed87_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:1515"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-operator-bundle@sha256:523e689589595cff9ee11393506309c00d23bf8fb945e1475aeeffea3d517897_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:0b3edcd073a1f331c011ebcd4aaa8371f9114b78a48e590df450e1e9006404c3_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:c143f6d1ec4d3d9a917a99c65815752e24e93a5be212c8d41a7f945ffffa67cf_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:f42594e7760bf45ccba9d0494391b07b355d147a8ccfae3db602bceb74d8e35f_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-operator-bundle@sha256:1a88af8ae614593144ab405214444d954aa97ba13baa6ccf3b3498b424f983df_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:667a65330c7ed33805c30896ff9fa979c1aeed8883eb31750af9802f6feb7034_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:a78c13c0c3f17432dee6d22756d6656afffe33081a1db5fad0ab68798fb92580_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:b2359332ffb463d8af90bcc6871b0a5ff4e79ce82243ba89ace96e18e05964fa_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0264dd99af5af4a7a30c2b5830e52980fc59d050cc940f191b32e09df284292a_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0dc6a56baad15c9fa6d0669f6f59ba1c6b444ef75e5d2893fa4bdd970bdfe88b_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:af5c18868820a4d139ad9c7d6a1d0a78396d96deb455b00a918c7eaf2ffbaa8b_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:30491b87e69ba242c3eacb607c71c13a9957962c0ae75d63fbb1f7aff12e268b_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:614d1860d95c7e9a84ee68bb507f9970d0af63a7df3e744bd5e5a08a2a617914_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:9dbe9316331f9b7725f39d00dc2bc8433482750c8178066b002682894f92ed87_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:3b08518f62a113a06a16ca3bcccbc128703f34815d66162426daabfd9740b2c4_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:4e8a4d0bf152d8f50114d13ce51868506570825123b8df4eed426f524c01bde3_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:7a17b1b04fd0d9ae66ad0dfaacbf9bebe44f77449763cd82bd172551c8dd5906_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:508186184b17d924659ad9dcaa468cd4086bbe958b4dac1a6297e7cd4f88a418_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:c9d56d0bfd800bd72c990829b81676a261c288f783ab44788feffdaa00bd069c_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:ea0fb56298089dfd6ea04c4933e6e15668fe422b60b521cf1388783797ac7852_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:06f31605e19bd7f702e403b815b961f125d92466e208428547069b3712c7a20e_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:6348d3a07a76aa6eb90d1689cdf67a45559e752aec70d06261596f09d7ebca4f_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:c140c1da34f8cb38864f92201ac8c9aa6981318d1bd4ebf87cea698fdb80a6d7_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:7904a53e3117acf2baeae3911c6d1cdfb78964080bf5ff3ff5bff531ca6ef366_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:adbab231c9403261c85b6e4ff2c81c0d19e206106df60fd1551c9e30cb2d83f7_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:bb16d7f7ef2310afacf12a11808c3b792ed1f30929ef9a62ff9b094d3d8512cc_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "jackson-databind: arbitrary code execution in blaze-ds-opt and blaze-ds-core classes"
},
{
"cve": "CVE-2018-14720",
"cwe": {
"id": "CWE-611",
"name": "Improper Restriction of XML External Entity Reference"
},
"discovery_date": "2019-01-02T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-operator-bundle@sha256:523e689589595cff9ee11393506309c00d23bf8fb945e1475aeeffea3d517897_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:0b3edcd073a1f331c011ebcd4aaa8371f9114b78a48e590df450e1e9006404c3_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:c143f6d1ec4d3d9a917a99c65815752e24e93a5be212c8d41a7f945ffffa67cf_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:f42594e7760bf45ccba9d0494391b07b355d147a8ccfae3db602bceb74d8e35f_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-operator-bundle@sha256:1a88af8ae614593144ab405214444d954aa97ba13baa6ccf3b3498b424f983df_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:667a65330c7ed33805c30896ff9fa979c1aeed8883eb31750af9802f6feb7034_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:a78c13c0c3f17432dee6d22756d6656afffe33081a1db5fad0ab68798fb92580_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:b2359332ffb463d8af90bcc6871b0a5ff4e79ce82243ba89ace96e18e05964fa_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0264dd99af5af4a7a30c2b5830e52980fc59d050cc940f191b32e09df284292a_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0dc6a56baad15c9fa6d0669f6f59ba1c6b444ef75e5d2893fa4bdd970bdfe88b_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:af5c18868820a4d139ad9c7d6a1d0a78396d96deb455b00a918c7eaf2ffbaa8b_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:3b08518f62a113a06a16ca3bcccbc128703f34815d66162426daabfd9740b2c4_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:4e8a4d0bf152d8f50114d13ce51868506570825123b8df4eed426f524c01bde3_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:7a17b1b04fd0d9ae66ad0dfaacbf9bebe44f77449763cd82bd172551c8dd5906_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:508186184b17d924659ad9dcaa468cd4086bbe958b4dac1a6297e7cd4f88a418_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:c9d56d0bfd800bd72c990829b81676a261c288f783ab44788feffdaa00bd069c_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:ea0fb56298089dfd6ea04c4933e6e15668fe422b60b521cf1388783797ac7852_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:06f31605e19bd7f702e403b815b961f125d92466e208428547069b3712c7a20e_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:6348d3a07a76aa6eb90d1689cdf67a45559e752aec70d06261596f09d7ebca4f_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:c140c1da34f8cb38864f92201ac8c9aa6981318d1bd4ebf87cea698fdb80a6d7_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:7904a53e3117acf2baeae3911c6d1cdfb78964080bf5ff3ff5bff531ca6ef366_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:adbab231c9403261c85b6e4ff2c81c0d19e206106df60fd1551c9e30cb2d83f7_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:bb16d7f7ef2310afacf12a11808c3b792ed1f30929ef9a62ff9b094d3d8512cc_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1666423"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was discovered in FasterXML jackson-databind, where it would permit polymorphic deserialization of malicious objects using the slf4j, flex messaging, sun DRSHelper and JAX-WS gadgets when used in conjunction with polymorphic type handling methods such as `enableDefaultTyping()` or when @JsonTypeInfo is using `Id.CLASS` or `Id.MINIMAL_CLASS` or in any other way which ObjectMapper.readValue might instantiate objects from unsafe sources. An attacker could use this flaw to execute arbitrary code.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: exfiltration/XXE in some JDK classes",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Satellite 6 is not affected by this issue, since its only supported Java runtime (openJDK) doesn\u0027t bundle the com.sun.deploy.security.ruleset.DRSHelper class.\n\nRed Hat Enterprise Virtualization 4 is not affected by this issue, since its only supported Java runtime (openJDK) doesn\u0027t bundle the com.sun.deploy.security.ruleset.DRSHelper class.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:30491b87e69ba242c3eacb607c71c13a9957962c0ae75d63fbb1f7aff12e268b_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:614d1860d95c7e9a84ee68bb507f9970d0af63a7df3e744bd5e5a08a2a617914_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:9dbe9316331f9b7725f39d00dc2bc8433482750c8178066b002682894f92ed87_s390x"
],
"known_not_affected": [
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-operator-bundle@sha256:523e689589595cff9ee11393506309c00d23bf8fb945e1475aeeffea3d517897_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:0b3edcd073a1f331c011ebcd4aaa8371f9114b78a48e590df450e1e9006404c3_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:c143f6d1ec4d3d9a917a99c65815752e24e93a5be212c8d41a7f945ffffa67cf_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:f42594e7760bf45ccba9d0494391b07b355d147a8ccfae3db602bceb74d8e35f_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-operator-bundle@sha256:1a88af8ae614593144ab405214444d954aa97ba13baa6ccf3b3498b424f983df_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:667a65330c7ed33805c30896ff9fa979c1aeed8883eb31750af9802f6feb7034_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:a78c13c0c3f17432dee6d22756d6656afffe33081a1db5fad0ab68798fb92580_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:b2359332ffb463d8af90bcc6871b0a5ff4e79ce82243ba89ace96e18e05964fa_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0264dd99af5af4a7a30c2b5830e52980fc59d050cc940f191b32e09df284292a_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0dc6a56baad15c9fa6d0669f6f59ba1c6b444ef75e5d2893fa4bdd970bdfe88b_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:af5c18868820a4d139ad9c7d6a1d0a78396d96deb455b00a918c7eaf2ffbaa8b_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:3b08518f62a113a06a16ca3bcccbc128703f34815d66162426daabfd9740b2c4_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:4e8a4d0bf152d8f50114d13ce51868506570825123b8df4eed426f524c01bde3_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:7a17b1b04fd0d9ae66ad0dfaacbf9bebe44f77449763cd82bd172551c8dd5906_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:508186184b17d924659ad9dcaa468cd4086bbe958b4dac1a6297e7cd4f88a418_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:c9d56d0bfd800bd72c990829b81676a261c288f783ab44788feffdaa00bd069c_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:ea0fb56298089dfd6ea04c4933e6e15668fe422b60b521cf1388783797ac7852_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:06f31605e19bd7f702e403b815b961f125d92466e208428547069b3712c7a20e_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:6348d3a07a76aa6eb90d1689cdf67a45559e752aec70d06261596f09d7ebca4f_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:c140c1da34f8cb38864f92201ac8c9aa6981318d1bd4ebf87cea698fdb80a6d7_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:7904a53e3117acf2baeae3911c6d1cdfb78964080bf5ff3ff5bff531ca6ef366_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:adbab231c9403261c85b6e4ff2c81c0d19e206106df60fd1551c9e30cb2d83f7_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:bb16d7f7ef2310afacf12a11808c3b792ed1f30929ef9a62ff9b094d3d8512cc_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-14720"
},
{
"category": "external",
"summary": "RHBZ#1666423",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1666423"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-14720",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14720"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-14720",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-14720"
}
],
"release_date": "2018-07-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-05-06T13:38:14+00:00",
"details": "For OpenShift Container Platform 4.7 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:\n\nhttps://docs.openshift.com/container-platform/4.7/release_notes/ocp-4-7-release-notes.html\n\nFor Red Hat OpenShift Logging 5.0, see the following instructions to apply this update:\n\nhttps://docs.openshift.com/container-platform/4.7/logging/cluster-logging-upgrading.html",
"product_ids": [
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:30491b87e69ba242c3eacb607c71c13a9957962c0ae75d63fbb1f7aff12e268b_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:614d1860d95c7e9a84ee68bb507f9970d0af63a7df3e744bd5e5a08a2a617914_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:9dbe9316331f9b7725f39d00dc2bc8433482750c8178066b002682894f92ed87_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:1515"
},
{
"category": "workaround",
"details": "The following conditions are needed for an exploit, we recommend avoiding all if possible \n* Deserialization from sources you do not control\n* `enableDefaultTyping()`\n* `@JsonTypeInfo using `id.CLASS` or `id.MINIMAL_CLASS`",
"product_ids": [
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-operator-bundle@sha256:523e689589595cff9ee11393506309c00d23bf8fb945e1475aeeffea3d517897_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:0b3edcd073a1f331c011ebcd4aaa8371f9114b78a48e590df450e1e9006404c3_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:c143f6d1ec4d3d9a917a99c65815752e24e93a5be212c8d41a7f945ffffa67cf_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:f42594e7760bf45ccba9d0494391b07b355d147a8ccfae3db602bceb74d8e35f_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-operator-bundle@sha256:1a88af8ae614593144ab405214444d954aa97ba13baa6ccf3b3498b424f983df_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:667a65330c7ed33805c30896ff9fa979c1aeed8883eb31750af9802f6feb7034_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:a78c13c0c3f17432dee6d22756d6656afffe33081a1db5fad0ab68798fb92580_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:b2359332ffb463d8af90bcc6871b0a5ff4e79ce82243ba89ace96e18e05964fa_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0264dd99af5af4a7a30c2b5830e52980fc59d050cc940f191b32e09df284292a_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0dc6a56baad15c9fa6d0669f6f59ba1c6b444ef75e5d2893fa4bdd970bdfe88b_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:af5c18868820a4d139ad9c7d6a1d0a78396d96deb455b00a918c7eaf2ffbaa8b_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:30491b87e69ba242c3eacb607c71c13a9957962c0ae75d63fbb1f7aff12e268b_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:614d1860d95c7e9a84ee68bb507f9970d0af63a7df3e744bd5e5a08a2a617914_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:9dbe9316331f9b7725f39d00dc2bc8433482750c8178066b002682894f92ed87_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:3b08518f62a113a06a16ca3bcccbc128703f34815d66162426daabfd9740b2c4_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:4e8a4d0bf152d8f50114d13ce51868506570825123b8df4eed426f524c01bde3_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:7a17b1b04fd0d9ae66ad0dfaacbf9bebe44f77449763cd82bd172551c8dd5906_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:508186184b17d924659ad9dcaa468cd4086bbe958b4dac1a6297e7cd4f88a418_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:c9d56d0bfd800bd72c990829b81676a261c288f783ab44788feffdaa00bd069c_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:ea0fb56298089dfd6ea04c4933e6e15668fe422b60b521cf1388783797ac7852_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:06f31605e19bd7f702e403b815b961f125d92466e208428547069b3712c7a20e_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:6348d3a07a76aa6eb90d1689cdf67a45559e752aec70d06261596f09d7ebca4f_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:c140c1da34f8cb38864f92201ac8c9aa6981318d1bd4ebf87cea698fdb80a6d7_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:7904a53e3117acf2baeae3911c6d1cdfb78964080bf5ff3ff5bff531ca6ef366_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:adbab231c9403261c85b6e4ff2c81c0d19e206106df60fd1551c9e30cb2d83f7_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:bb16d7f7ef2310afacf12a11808c3b792ed1f30929ef9a62ff9b094d3d8512cc_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-operator-bundle@sha256:523e689589595cff9ee11393506309c00d23bf8fb945e1475aeeffea3d517897_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:0b3edcd073a1f331c011ebcd4aaa8371f9114b78a48e590df450e1e9006404c3_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:c143f6d1ec4d3d9a917a99c65815752e24e93a5be212c8d41a7f945ffffa67cf_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:f42594e7760bf45ccba9d0494391b07b355d147a8ccfae3db602bceb74d8e35f_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-operator-bundle@sha256:1a88af8ae614593144ab405214444d954aa97ba13baa6ccf3b3498b424f983df_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:667a65330c7ed33805c30896ff9fa979c1aeed8883eb31750af9802f6feb7034_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:a78c13c0c3f17432dee6d22756d6656afffe33081a1db5fad0ab68798fb92580_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:b2359332ffb463d8af90bcc6871b0a5ff4e79ce82243ba89ace96e18e05964fa_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0264dd99af5af4a7a30c2b5830e52980fc59d050cc940f191b32e09df284292a_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0dc6a56baad15c9fa6d0669f6f59ba1c6b444ef75e5d2893fa4bdd970bdfe88b_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:af5c18868820a4d139ad9c7d6a1d0a78396d96deb455b00a918c7eaf2ffbaa8b_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:30491b87e69ba242c3eacb607c71c13a9957962c0ae75d63fbb1f7aff12e268b_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:614d1860d95c7e9a84ee68bb507f9970d0af63a7df3e744bd5e5a08a2a617914_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:9dbe9316331f9b7725f39d00dc2bc8433482750c8178066b002682894f92ed87_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:3b08518f62a113a06a16ca3bcccbc128703f34815d66162426daabfd9740b2c4_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:4e8a4d0bf152d8f50114d13ce51868506570825123b8df4eed426f524c01bde3_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:7a17b1b04fd0d9ae66ad0dfaacbf9bebe44f77449763cd82bd172551c8dd5906_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:508186184b17d924659ad9dcaa468cd4086bbe958b4dac1a6297e7cd4f88a418_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:c9d56d0bfd800bd72c990829b81676a261c288f783ab44788feffdaa00bd069c_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:ea0fb56298089dfd6ea04c4933e6e15668fe422b60b521cf1388783797ac7852_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:06f31605e19bd7f702e403b815b961f125d92466e208428547069b3712c7a20e_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:6348d3a07a76aa6eb90d1689cdf67a45559e752aec70d06261596f09d7ebca4f_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:c140c1da34f8cb38864f92201ac8c9aa6981318d1bd4ebf87cea698fdb80a6d7_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:7904a53e3117acf2baeae3911c6d1cdfb78964080bf5ff3ff5bff531ca6ef366_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:adbab231c9403261c85b6e4ff2c81c0d19e206106df60fd1551c9e30cb2d83f7_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:bb16d7f7ef2310afacf12a11808c3b792ed1f30929ef9a62ff9b094d3d8512cc_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jackson-databind: exfiltration/XXE in some JDK classes"
},
{
"cve": "CVE-2018-14721",
"cwe": {
"id": "CWE-352",
"name": "Cross-Site Request Forgery (CSRF)"
},
"discovery_date": "2019-01-02T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-operator-bundle@sha256:523e689589595cff9ee11393506309c00d23bf8fb945e1475aeeffea3d517897_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:0b3edcd073a1f331c011ebcd4aaa8371f9114b78a48e590df450e1e9006404c3_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:c143f6d1ec4d3d9a917a99c65815752e24e93a5be212c8d41a7f945ffffa67cf_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:f42594e7760bf45ccba9d0494391b07b355d147a8ccfae3db602bceb74d8e35f_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-operator-bundle@sha256:1a88af8ae614593144ab405214444d954aa97ba13baa6ccf3b3498b424f983df_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:667a65330c7ed33805c30896ff9fa979c1aeed8883eb31750af9802f6feb7034_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:a78c13c0c3f17432dee6d22756d6656afffe33081a1db5fad0ab68798fb92580_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:b2359332ffb463d8af90bcc6871b0a5ff4e79ce82243ba89ace96e18e05964fa_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0264dd99af5af4a7a30c2b5830e52980fc59d050cc940f191b32e09df284292a_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0dc6a56baad15c9fa6d0669f6f59ba1c6b444ef75e5d2893fa4bdd970bdfe88b_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:af5c18868820a4d139ad9c7d6a1d0a78396d96deb455b00a918c7eaf2ffbaa8b_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:3b08518f62a113a06a16ca3bcccbc128703f34815d66162426daabfd9740b2c4_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:4e8a4d0bf152d8f50114d13ce51868506570825123b8df4eed426f524c01bde3_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:7a17b1b04fd0d9ae66ad0dfaacbf9bebe44f77449763cd82bd172551c8dd5906_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:508186184b17d924659ad9dcaa468cd4086bbe958b4dac1a6297e7cd4f88a418_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:c9d56d0bfd800bd72c990829b81676a261c288f783ab44788feffdaa00bd069c_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:ea0fb56298089dfd6ea04c4933e6e15668fe422b60b521cf1388783797ac7852_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:06f31605e19bd7f702e403b815b961f125d92466e208428547069b3712c7a20e_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:6348d3a07a76aa6eb90d1689cdf67a45559e752aec70d06261596f09d7ebca4f_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:c140c1da34f8cb38864f92201ac8c9aa6981318d1bd4ebf87cea698fdb80a6d7_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:7904a53e3117acf2baeae3911c6d1cdfb78964080bf5ff3ff5bff531ca6ef366_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:adbab231c9403261c85b6e4ff2c81c0d19e206106df60fd1551c9e30cb2d83f7_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:bb16d7f7ef2310afacf12a11808c3b792ed1f30929ef9a62ff9b094d3d8512cc_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1666428"
}
],
"notes": [
{
"category": "description",
"text": "FasterXML jackson-databind 2.x before 2.9.7 might allow remote attackers to conduct server-side request forgery (SSRF) attacks by leveraging failure to block the axis2-jaxws class from polymorphic deserialization.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: server-side request forgery (SSRF) in axis2-jaxws class",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Satellite 6 is not affected by this issue, since its candlepin component doesn\u0027t bundle axis2-jaxws jar.\n\nRed Hat Virtualization is not affected by this issue, since its does not bundle axis2-jaxws jar.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:30491b87e69ba242c3eacb607c71c13a9957962c0ae75d63fbb1f7aff12e268b_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:614d1860d95c7e9a84ee68bb507f9970d0af63a7df3e744bd5e5a08a2a617914_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:9dbe9316331f9b7725f39d00dc2bc8433482750c8178066b002682894f92ed87_s390x"
],
"known_not_affected": [
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-operator-bundle@sha256:523e689589595cff9ee11393506309c00d23bf8fb945e1475aeeffea3d517897_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:0b3edcd073a1f331c011ebcd4aaa8371f9114b78a48e590df450e1e9006404c3_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:c143f6d1ec4d3d9a917a99c65815752e24e93a5be212c8d41a7f945ffffa67cf_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:f42594e7760bf45ccba9d0494391b07b355d147a8ccfae3db602bceb74d8e35f_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-operator-bundle@sha256:1a88af8ae614593144ab405214444d954aa97ba13baa6ccf3b3498b424f983df_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:667a65330c7ed33805c30896ff9fa979c1aeed8883eb31750af9802f6feb7034_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:a78c13c0c3f17432dee6d22756d6656afffe33081a1db5fad0ab68798fb92580_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:b2359332ffb463d8af90bcc6871b0a5ff4e79ce82243ba89ace96e18e05964fa_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0264dd99af5af4a7a30c2b5830e52980fc59d050cc940f191b32e09df284292a_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0dc6a56baad15c9fa6d0669f6f59ba1c6b444ef75e5d2893fa4bdd970bdfe88b_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:af5c18868820a4d139ad9c7d6a1d0a78396d96deb455b00a918c7eaf2ffbaa8b_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:3b08518f62a113a06a16ca3bcccbc128703f34815d66162426daabfd9740b2c4_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:4e8a4d0bf152d8f50114d13ce51868506570825123b8df4eed426f524c01bde3_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:7a17b1b04fd0d9ae66ad0dfaacbf9bebe44f77449763cd82bd172551c8dd5906_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:508186184b17d924659ad9dcaa468cd4086bbe958b4dac1a6297e7cd4f88a418_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:c9d56d0bfd800bd72c990829b81676a261c288f783ab44788feffdaa00bd069c_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:ea0fb56298089dfd6ea04c4933e6e15668fe422b60b521cf1388783797ac7852_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:06f31605e19bd7f702e403b815b961f125d92466e208428547069b3712c7a20e_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:6348d3a07a76aa6eb90d1689cdf67a45559e752aec70d06261596f09d7ebca4f_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:c140c1da34f8cb38864f92201ac8c9aa6981318d1bd4ebf87cea698fdb80a6d7_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:7904a53e3117acf2baeae3911c6d1cdfb78964080bf5ff3ff5bff531ca6ef366_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:adbab231c9403261c85b6e4ff2c81c0d19e206106df60fd1551c9e30cb2d83f7_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:bb16d7f7ef2310afacf12a11808c3b792ed1f30929ef9a62ff9b094d3d8512cc_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-14721"
},
{
"category": "external",
"summary": "RHBZ#1666428",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1666428"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-14721",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14721"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-14721",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-14721"
}
],
"release_date": "2018-07-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-05-06T13:38:14+00:00",
"details": "For OpenShift Container Platform 4.7 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:\n\nhttps://docs.openshift.com/container-platform/4.7/release_notes/ocp-4-7-release-notes.html\n\nFor Red Hat OpenShift Logging 5.0, see the following instructions to apply this update:\n\nhttps://docs.openshift.com/container-platform/4.7/logging/cluster-logging-upgrading.html",
"product_ids": [
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:30491b87e69ba242c3eacb607c71c13a9957962c0ae75d63fbb1f7aff12e268b_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:614d1860d95c7e9a84ee68bb507f9970d0af63a7df3e744bd5e5a08a2a617914_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:9dbe9316331f9b7725f39d00dc2bc8433482750c8178066b002682894f92ed87_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:1515"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-operator-bundle@sha256:523e689589595cff9ee11393506309c00d23bf8fb945e1475aeeffea3d517897_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:0b3edcd073a1f331c011ebcd4aaa8371f9114b78a48e590df450e1e9006404c3_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:c143f6d1ec4d3d9a917a99c65815752e24e93a5be212c8d41a7f945ffffa67cf_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:f42594e7760bf45ccba9d0494391b07b355d147a8ccfae3db602bceb74d8e35f_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-operator-bundle@sha256:1a88af8ae614593144ab405214444d954aa97ba13baa6ccf3b3498b424f983df_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:667a65330c7ed33805c30896ff9fa979c1aeed8883eb31750af9802f6feb7034_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:a78c13c0c3f17432dee6d22756d6656afffe33081a1db5fad0ab68798fb92580_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:b2359332ffb463d8af90bcc6871b0a5ff4e79ce82243ba89ace96e18e05964fa_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0264dd99af5af4a7a30c2b5830e52980fc59d050cc940f191b32e09df284292a_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0dc6a56baad15c9fa6d0669f6f59ba1c6b444ef75e5d2893fa4bdd970bdfe88b_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:af5c18868820a4d139ad9c7d6a1d0a78396d96deb455b00a918c7eaf2ffbaa8b_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:30491b87e69ba242c3eacb607c71c13a9957962c0ae75d63fbb1f7aff12e268b_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:614d1860d95c7e9a84ee68bb507f9970d0af63a7df3e744bd5e5a08a2a617914_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:9dbe9316331f9b7725f39d00dc2bc8433482750c8178066b002682894f92ed87_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:3b08518f62a113a06a16ca3bcccbc128703f34815d66162426daabfd9740b2c4_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:4e8a4d0bf152d8f50114d13ce51868506570825123b8df4eed426f524c01bde3_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:7a17b1b04fd0d9ae66ad0dfaacbf9bebe44f77449763cd82bd172551c8dd5906_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:508186184b17d924659ad9dcaa468cd4086bbe958b4dac1a6297e7cd4f88a418_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:c9d56d0bfd800bd72c990829b81676a261c288f783ab44788feffdaa00bd069c_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:ea0fb56298089dfd6ea04c4933e6e15668fe422b60b521cf1388783797ac7852_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:06f31605e19bd7f702e403b815b961f125d92466e208428547069b3712c7a20e_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:6348d3a07a76aa6eb90d1689cdf67a45559e752aec70d06261596f09d7ebca4f_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:c140c1da34f8cb38864f92201ac8c9aa6981318d1bd4ebf87cea698fdb80a6d7_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:7904a53e3117acf2baeae3911c6d1cdfb78964080bf5ff3ff5bff531ca6ef366_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:adbab231c9403261c85b6e4ff2c81c0d19e206106df60fd1551c9e30cb2d83f7_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:bb16d7f7ef2310afacf12a11808c3b792ed1f30929ef9a62ff9b094d3d8512cc_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jackson-databind: server-side request forgery (SSRF) in axis2-jaxws class"
},
{
"cve": "CVE-2018-19360",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2019-01-02T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-operator-bundle@sha256:523e689589595cff9ee11393506309c00d23bf8fb945e1475aeeffea3d517897_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:0b3edcd073a1f331c011ebcd4aaa8371f9114b78a48e590df450e1e9006404c3_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:c143f6d1ec4d3d9a917a99c65815752e24e93a5be212c8d41a7f945ffffa67cf_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:f42594e7760bf45ccba9d0494391b07b355d147a8ccfae3db602bceb74d8e35f_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-operator-bundle@sha256:1a88af8ae614593144ab405214444d954aa97ba13baa6ccf3b3498b424f983df_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:667a65330c7ed33805c30896ff9fa979c1aeed8883eb31750af9802f6feb7034_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:a78c13c0c3f17432dee6d22756d6656afffe33081a1db5fad0ab68798fb92580_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:b2359332ffb463d8af90bcc6871b0a5ff4e79ce82243ba89ace96e18e05964fa_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0264dd99af5af4a7a30c2b5830e52980fc59d050cc940f191b32e09df284292a_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0dc6a56baad15c9fa6d0669f6f59ba1c6b444ef75e5d2893fa4bdd970bdfe88b_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:af5c18868820a4d139ad9c7d6a1d0a78396d96deb455b00a918c7eaf2ffbaa8b_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:3b08518f62a113a06a16ca3bcccbc128703f34815d66162426daabfd9740b2c4_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:4e8a4d0bf152d8f50114d13ce51868506570825123b8df4eed426f524c01bde3_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:7a17b1b04fd0d9ae66ad0dfaacbf9bebe44f77449763cd82bd172551c8dd5906_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:508186184b17d924659ad9dcaa468cd4086bbe958b4dac1a6297e7cd4f88a418_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:c9d56d0bfd800bd72c990829b81676a261c288f783ab44788feffdaa00bd069c_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:ea0fb56298089dfd6ea04c4933e6e15668fe422b60b521cf1388783797ac7852_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:06f31605e19bd7f702e403b815b961f125d92466e208428547069b3712c7a20e_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:6348d3a07a76aa6eb90d1689cdf67a45559e752aec70d06261596f09d7ebca4f_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:c140c1da34f8cb38864f92201ac8c9aa6981318d1bd4ebf87cea698fdb80a6d7_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:7904a53e3117acf2baeae3911c6d1cdfb78964080bf5ff3ff5bff531ca6ef366_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:adbab231c9403261c85b6e4ff2c81c0d19e206106df60fd1551c9e30cb2d83f7_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:bb16d7f7ef2310afacf12a11808c3b792ed1f30929ef9a62ff9b094d3d8512cc_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1666482"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was discovered in jackson-databind, where it would permit polymorphic deserialization of a malicious object using the axis2-transport-jms class. An attacker could use this flaw to execute arbitrary code.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: improper polymorphic deserialization in axis2-transport-jms class",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Satellite 6 is not affected by this issue, since its candlepin component doesn\u0027t include axis2-transport-jms jar.\n\nRed Hat Virtualization 4 is not affected by this issue, since it does not include axis2-transport-jms jar.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:30491b87e69ba242c3eacb607c71c13a9957962c0ae75d63fbb1f7aff12e268b_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:614d1860d95c7e9a84ee68bb507f9970d0af63a7df3e744bd5e5a08a2a617914_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:9dbe9316331f9b7725f39d00dc2bc8433482750c8178066b002682894f92ed87_s390x"
],
"known_not_affected": [
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-operator-bundle@sha256:523e689589595cff9ee11393506309c00d23bf8fb945e1475aeeffea3d517897_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:0b3edcd073a1f331c011ebcd4aaa8371f9114b78a48e590df450e1e9006404c3_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:c143f6d1ec4d3d9a917a99c65815752e24e93a5be212c8d41a7f945ffffa67cf_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:f42594e7760bf45ccba9d0494391b07b355d147a8ccfae3db602bceb74d8e35f_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-operator-bundle@sha256:1a88af8ae614593144ab405214444d954aa97ba13baa6ccf3b3498b424f983df_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:667a65330c7ed33805c30896ff9fa979c1aeed8883eb31750af9802f6feb7034_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:a78c13c0c3f17432dee6d22756d6656afffe33081a1db5fad0ab68798fb92580_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:b2359332ffb463d8af90bcc6871b0a5ff4e79ce82243ba89ace96e18e05964fa_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0264dd99af5af4a7a30c2b5830e52980fc59d050cc940f191b32e09df284292a_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0dc6a56baad15c9fa6d0669f6f59ba1c6b444ef75e5d2893fa4bdd970bdfe88b_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:af5c18868820a4d139ad9c7d6a1d0a78396d96deb455b00a918c7eaf2ffbaa8b_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:3b08518f62a113a06a16ca3bcccbc128703f34815d66162426daabfd9740b2c4_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:4e8a4d0bf152d8f50114d13ce51868506570825123b8df4eed426f524c01bde3_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:7a17b1b04fd0d9ae66ad0dfaacbf9bebe44f77449763cd82bd172551c8dd5906_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:508186184b17d924659ad9dcaa468cd4086bbe958b4dac1a6297e7cd4f88a418_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:c9d56d0bfd800bd72c990829b81676a261c288f783ab44788feffdaa00bd069c_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:ea0fb56298089dfd6ea04c4933e6e15668fe422b60b521cf1388783797ac7852_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:06f31605e19bd7f702e403b815b961f125d92466e208428547069b3712c7a20e_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:6348d3a07a76aa6eb90d1689cdf67a45559e752aec70d06261596f09d7ebca4f_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:c140c1da34f8cb38864f92201ac8c9aa6981318d1bd4ebf87cea698fdb80a6d7_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:7904a53e3117acf2baeae3911c6d1cdfb78964080bf5ff3ff5bff531ca6ef366_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:adbab231c9403261c85b6e4ff2c81c0d19e206106df60fd1551c9e30cb2d83f7_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:bb16d7f7ef2310afacf12a11808c3b792ed1f30929ef9a62ff9b094d3d8512cc_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-19360"
},
{
"category": "external",
"summary": "RHBZ#1666482",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1666482"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-19360",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-19360"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-19360",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-19360"
}
],
"release_date": "2018-11-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-05-06T13:38:14+00:00",
"details": "For OpenShift Container Platform 4.7 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:\n\nhttps://docs.openshift.com/container-platform/4.7/release_notes/ocp-4-7-release-notes.html\n\nFor Red Hat OpenShift Logging 5.0, see the following instructions to apply this update:\n\nhttps://docs.openshift.com/container-platform/4.7/logging/cluster-logging-upgrading.html",
"product_ids": [
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:30491b87e69ba242c3eacb607c71c13a9957962c0ae75d63fbb1f7aff12e268b_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:614d1860d95c7e9a84ee68bb507f9970d0af63a7df3e744bd5e5a08a2a617914_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:9dbe9316331f9b7725f39d00dc2bc8433482750c8178066b002682894f92ed87_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:1515"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.0"
},
"products": [
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-operator-bundle@sha256:523e689589595cff9ee11393506309c00d23bf8fb945e1475aeeffea3d517897_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:0b3edcd073a1f331c011ebcd4aaa8371f9114b78a48e590df450e1e9006404c3_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:c143f6d1ec4d3d9a917a99c65815752e24e93a5be212c8d41a7f945ffffa67cf_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:f42594e7760bf45ccba9d0494391b07b355d147a8ccfae3db602bceb74d8e35f_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-operator-bundle@sha256:1a88af8ae614593144ab405214444d954aa97ba13baa6ccf3b3498b424f983df_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:667a65330c7ed33805c30896ff9fa979c1aeed8883eb31750af9802f6feb7034_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:a78c13c0c3f17432dee6d22756d6656afffe33081a1db5fad0ab68798fb92580_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:b2359332ffb463d8af90bcc6871b0a5ff4e79ce82243ba89ace96e18e05964fa_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0264dd99af5af4a7a30c2b5830e52980fc59d050cc940f191b32e09df284292a_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0dc6a56baad15c9fa6d0669f6f59ba1c6b444ef75e5d2893fa4bdd970bdfe88b_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:af5c18868820a4d139ad9c7d6a1d0a78396d96deb455b00a918c7eaf2ffbaa8b_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:30491b87e69ba242c3eacb607c71c13a9957962c0ae75d63fbb1f7aff12e268b_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:614d1860d95c7e9a84ee68bb507f9970d0af63a7df3e744bd5e5a08a2a617914_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:9dbe9316331f9b7725f39d00dc2bc8433482750c8178066b002682894f92ed87_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:3b08518f62a113a06a16ca3bcccbc128703f34815d66162426daabfd9740b2c4_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:4e8a4d0bf152d8f50114d13ce51868506570825123b8df4eed426f524c01bde3_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:7a17b1b04fd0d9ae66ad0dfaacbf9bebe44f77449763cd82bd172551c8dd5906_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:508186184b17d924659ad9dcaa468cd4086bbe958b4dac1a6297e7cd4f88a418_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:c9d56d0bfd800bd72c990829b81676a261c288f783ab44788feffdaa00bd069c_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:ea0fb56298089dfd6ea04c4933e6e15668fe422b60b521cf1388783797ac7852_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:06f31605e19bd7f702e403b815b961f125d92466e208428547069b3712c7a20e_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:6348d3a07a76aa6eb90d1689cdf67a45559e752aec70d06261596f09d7ebca4f_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:c140c1da34f8cb38864f92201ac8c9aa6981318d1bd4ebf87cea698fdb80a6d7_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:7904a53e3117acf2baeae3911c6d1cdfb78964080bf5ff3ff5bff531ca6ef366_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:adbab231c9403261c85b6e4ff2c81c0d19e206106df60fd1551c9e30cb2d83f7_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:bb16d7f7ef2310afacf12a11808c3b792ed1f30929ef9a62ff9b094d3d8512cc_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "jackson-databind: improper polymorphic deserialization in axis2-transport-jms class"
},
{
"cve": "CVE-2018-19361",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2019-01-02T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-operator-bundle@sha256:523e689589595cff9ee11393506309c00d23bf8fb945e1475aeeffea3d517897_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:0b3edcd073a1f331c011ebcd4aaa8371f9114b78a48e590df450e1e9006404c3_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:c143f6d1ec4d3d9a917a99c65815752e24e93a5be212c8d41a7f945ffffa67cf_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:f42594e7760bf45ccba9d0494391b07b355d147a8ccfae3db602bceb74d8e35f_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-operator-bundle@sha256:1a88af8ae614593144ab405214444d954aa97ba13baa6ccf3b3498b424f983df_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:667a65330c7ed33805c30896ff9fa979c1aeed8883eb31750af9802f6feb7034_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:a78c13c0c3f17432dee6d22756d6656afffe33081a1db5fad0ab68798fb92580_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:b2359332ffb463d8af90bcc6871b0a5ff4e79ce82243ba89ace96e18e05964fa_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0264dd99af5af4a7a30c2b5830e52980fc59d050cc940f191b32e09df284292a_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0dc6a56baad15c9fa6d0669f6f59ba1c6b444ef75e5d2893fa4bdd970bdfe88b_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:af5c18868820a4d139ad9c7d6a1d0a78396d96deb455b00a918c7eaf2ffbaa8b_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:3b08518f62a113a06a16ca3bcccbc128703f34815d66162426daabfd9740b2c4_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:4e8a4d0bf152d8f50114d13ce51868506570825123b8df4eed426f524c01bde3_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:7a17b1b04fd0d9ae66ad0dfaacbf9bebe44f77449763cd82bd172551c8dd5906_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:508186184b17d924659ad9dcaa468cd4086bbe958b4dac1a6297e7cd4f88a418_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:c9d56d0bfd800bd72c990829b81676a261c288f783ab44788feffdaa00bd069c_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:ea0fb56298089dfd6ea04c4933e6e15668fe422b60b521cf1388783797ac7852_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:06f31605e19bd7f702e403b815b961f125d92466e208428547069b3712c7a20e_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:6348d3a07a76aa6eb90d1689cdf67a45559e752aec70d06261596f09d7ebca4f_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:c140c1da34f8cb38864f92201ac8c9aa6981318d1bd4ebf87cea698fdb80a6d7_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:7904a53e3117acf2baeae3911c6d1cdfb78964080bf5ff3ff5bff531ca6ef366_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:adbab231c9403261c85b6e4ff2c81c0d19e206106df60fd1551c9e30cb2d83f7_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:bb16d7f7ef2310afacf12a11808c3b792ed1f30929ef9a62ff9b094d3d8512cc_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1666484"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was discovered in jackson-databind, where it would permit polymorphic deserialization of a malicious object using the OpenJPA class. An attacker could use this flaw to execute arbitrary code.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: improper polymorphic deserialization in openjpa class",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Satellite 6 is not affected by this issue, since its candlepin component doesn\u0027t bundle openjpa jar.\n\nRed Hat Virtualization 4 is not affected by this issue, since its candlepin component doesn\u0027t bundle openjpa jar.\n\nRed Hat OpenStack Platform ships OpenDaylight, which contains the vulnerable jackson-databind. However, OpenDaylight does not expose jackson-databind in a way that would make it vulnerable, lowering the impact of the vulnerability for OpenDaylight. As such, Red Hat will not be providing a fix for OpenDaylight at this time.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:30491b87e69ba242c3eacb607c71c13a9957962c0ae75d63fbb1f7aff12e268b_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:614d1860d95c7e9a84ee68bb507f9970d0af63a7df3e744bd5e5a08a2a617914_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:9dbe9316331f9b7725f39d00dc2bc8433482750c8178066b002682894f92ed87_s390x"
],
"known_not_affected": [
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-operator-bundle@sha256:523e689589595cff9ee11393506309c00d23bf8fb945e1475aeeffea3d517897_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:0b3edcd073a1f331c011ebcd4aaa8371f9114b78a48e590df450e1e9006404c3_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:c143f6d1ec4d3d9a917a99c65815752e24e93a5be212c8d41a7f945ffffa67cf_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:f42594e7760bf45ccba9d0494391b07b355d147a8ccfae3db602bceb74d8e35f_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-operator-bundle@sha256:1a88af8ae614593144ab405214444d954aa97ba13baa6ccf3b3498b424f983df_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:667a65330c7ed33805c30896ff9fa979c1aeed8883eb31750af9802f6feb7034_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:a78c13c0c3f17432dee6d22756d6656afffe33081a1db5fad0ab68798fb92580_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:b2359332ffb463d8af90bcc6871b0a5ff4e79ce82243ba89ace96e18e05964fa_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0264dd99af5af4a7a30c2b5830e52980fc59d050cc940f191b32e09df284292a_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0dc6a56baad15c9fa6d0669f6f59ba1c6b444ef75e5d2893fa4bdd970bdfe88b_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:af5c18868820a4d139ad9c7d6a1d0a78396d96deb455b00a918c7eaf2ffbaa8b_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:3b08518f62a113a06a16ca3bcccbc128703f34815d66162426daabfd9740b2c4_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:4e8a4d0bf152d8f50114d13ce51868506570825123b8df4eed426f524c01bde3_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:7a17b1b04fd0d9ae66ad0dfaacbf9bebe44f77449763cd82bd172551c8dd5906_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:508186184b17d924659ad9dcaa468cd4086bbe958b4dac1a6297e7cd4f88a418_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:c9d56d0bfd800bd72c990829b81676a261c288f783ab44788feffdaa00bd069c_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:ea0fb56298089dfd6ea04c4933e6e15668fe422b60b521cf1388783797ac7852_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:06f31605e19bd7f702e403b815b961f125d92466e208428547069b3712c7a20e_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:6348d3a07a76aa6eb90d1689cdf67a45559e752aec70d06261596f09d7ebca4f_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:c140c1da34f8cb38864f92201ac8c9aa6981318d1bd4ebf87cea698fdb80a6d7_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:7904a53e3117acf2baeae3911c6d1cdfb78964080bf5ff3ff5bff531ca6ef366_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:adbab231c9403261c85b6e4ff2c81c0d19e206106df60fd1551c9e30cb2d83f7_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:bb16d7f7ef2310afacf12a11808c3b792ed1f30929ef9a62ff9b094d3d8512cc_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-19361"
},
{
"category": "external",
"summary": "RHBZ#1666484",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1666484"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-19361",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-19361"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-19361",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-19361"
}
],
"release_date": "2018-11-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-05-06T13:38:14+00:00",
"details": "For OpenShift Container Platform 4.7 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:\n\nhttps://docs.openshift.com/container-platform/4.7/release_notes/ocp-4-7-release-notes.html\n\nFor Red Hat OpenShift Logging 5.0, see the following instructions to apply this update:\n\nhttps://docs.openshift.com/container-platform/4.7/logging/cluster-logging-upgrading.html",
"product_ids": [
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:30491b87e69ba242c3eacb607c71c13a9957962c0ae75d63fbb1f7aff12e268b_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:614d1860d95c7e9a84ee68bb507f9970d0af63a7df3e744bd5e5a08a2a617914_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:9dbe9316331f9b7725f39d00dc2bc8433482750c8178066b002682894f92ed87_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:1515"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.0"
},
"products": [
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-operator-bundle@sha256:523e689589595cff9ee11393506309c00d23bf8fb945e1475aeeffea3d517897_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:0b3edcd073a1f331c011ebcd4aaa8371f9114b78a48e590df450e1e9006404c3_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:c143f6d1ec4d3d9a917a99c65815752e24e93a5be212c8d41a7f945ffffa67cf_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:f42594e7760bf45ccba9d0494391b07b355d147a8ccfae3db602bceb74d8e35f_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-operator-bundle@sha256:1a88af8ae614593144ab405214444d954aa97ba13baa6ccf3b3498b424f983df_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:667a65330c7ed33805c30896ff9fa979c1aeed8883eb31750af9802f6feb7034_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:a78c13c0c3f17432dee6d22756d6656afffe33081a1db5fad0ab68798fb92580_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:b2359332ffb463d8af90bcc6871b0a5ff4e79ce82243ba89ace96e18e05964fa_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0264dd99af5af4a7a30c2b5830e52980fc59d050cc940f191b32e09df284292a_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0dc6a56baad15c9fa6d0669f6f59ba1c6b444ef75e5d2893fa4bdd970bdfe88b_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:af5c18868820a4d139ad9c7d6a1d0a78396d96deb455b00a918c7eaf2ffbaa8b_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:30491b87e69ba242c3eacb607c71c13a9957962c0ae75d63fbb1f7aff12e268b_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:614d1860d95c7e9a84ee68bb507f9970d0af63a7df3e744bd5e5a08a2a617914_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:9dbe9316331f9b7725f39d00dc2bc8433482750c8178066b002682894f92ed87_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:3b08518f62a113a06a16ca3bcccbc128703f34815d66162426daabfd9740b2c4_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:4e8a4d0bf152d8f50114d13ce51868506570825123b8df4eed426f524c01bde3_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:7a17b1b04fd0d9ae66ad0dfaacbf9bebe44f77449763cd82bd172551c8dd5906_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:508186184b17d924659ad9dcaa468cd4086bbe958b4dac1a6297e7cd4f88a418_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:c9d56d0bfd800bd72c990829b81676a261c288f783ab44788feffdaa00bd069c_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:ea0fb56298089dfd6ea04c4933e6e15668fe422b60b521cf1388783797ac7852_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:06f31605e19bd7f702e403b815b961f125d92466e208428547069b3712c7a20e_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:6348d3a07a76aa6eb90d1689cdf67a45559e752aec70d06261596f09d7ebca4f_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:c140c1da34f8cb38864f92201ac8c9aa6981318d1bd4ebf87cea698fdb80a6d7_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:7904a53e3117acf2baeae3911c6d1cdfb78964080bf5ff3ff5bff531ca6ef366_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:adbab231c9403261c85b6e4ff2c81c0d19e206106df60fd1551c9e30cb2d83f7_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:bb16d7f7ef2310afacf12a11808c3b792ed1f30929ef9a62ff9b094d3d8512cc_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "jackson-databind: improper polymorphic deserialization in openjpa class"
},
{
"cve": "CVE-2018-19362",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2019-01-02T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-operator-bundle@sha256:523e689589595cff9ee11393506309c00d23bf8fb945e1475aeeffea3d517897_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:0b3edcd073a1f331c011ebcd4aaa8371f9114b78a48e590df450e1e9006404c3_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:c143f6d1ec4d3d9a917a99c65815752e24e93a5be212c8d41a7f945ffffa67cf_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:f42594e7760bf45ccba9d0494391b07b355d147a8ccfae3db602bceb74d8e35f_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-operator-bundle@sha256:1a88af8ae614593144ab405214444d954aa97ba13baa6ccf3b3498b424f983df_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:667a65330c7ed33805c30896ff9fa979c1aeed8883eb31750af9802f6feb7034_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:a78c13c0c3f17432dee6d22756d6656afffe33081a1db5fad0ab68798fb92580_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:b2359332ffb463d8af90bcc6871b0a5ff4e79ce82243ba89ace96e18e05964fa_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0264dd99af5af4a7a30c2b5830e52980fc59d050cc940f191b32e09df284292a_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0dc6a56baad15c9fa6d0669f6f59ba1c6b444ef75e5d2893fa4bdd970bdfe88b_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:af5c18868820a4d139ad9c7d6a1d0a78396d96deb455b00a918c7eaf2ffbaa8b_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:3b08518f62a113a06a16ca3bcccbc128703f34815d66162426daabfd9740b2c4_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:4e8a4d0bf152d8f50114d13ce51868506570825123b8df4eed426f524c01bde3_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:7a17b1b04fd0d9ae66ad0dfaacbf9bebe44f77449763cd82bd172551c8dd5906_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:508186184b17d924659ad9dcaa468cd4086bbe958b4dac1a6297e7cd4f88a418_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:c9d56d0bfd800bd72c990829b81676a261c288f783ab44788feffdaa00bd069c_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:ea0fb56298089dfd6ea04c4933e6e15668fe422b60b521cf1388783797ac7852_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:06f31605e19bd7f702e403b815b961f125d92466e208428547069b3712c7a20e_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:6348d3a07a76aa6eb90d1689cdf67a45559e752aec70d06261596f09d7ebca4f_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:c140c1da34f8cb38864f92201ac8c9aa6981318d1bd4ebf87cea698fdb80a6d7_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:7904a53e3117acf2baeae3911c6d1cdfb78964080bf5ff3ff5bff531ca6ef366_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:adbab231c9403261c85b6e4ff2c81c0d19e206106df60fd1551c9e30cb2d83f7_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:bb16d7f7ef2310afacf12a11808c3b792ed1f30929ef9a62ff9b094d3d8512cc_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1666489"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was discovered in jackson-databind, where it would permit polymorphic deserialization of a malicious object using the jboss-common-core class. An attacker could use this flaw to execute arbitrary code.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: improper polymorphic deserialization in jboss-common-core class",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Satellite 6 is not affected by this issue, since its candlepin component doesn\u0027t bundle jboss-common-core jar.\n\nRed Hat Virtualization 4 is not affected by this issue, since its candlepin component doesn\u0027t bundle jboss-common-core jar.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:30491b87e69ba242c3eacb607c71c13a9957962c0ae75d63fbb1f7aff12e268b_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:614d1860d95c7e9a84ee68bb507f9970d0af63a7df3e744bd5e5a08a2a617914_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:9dbe9316331f9b7725f39d00dc2bc8433482750c8178066b002682894f92ed87_s390x"
],
"known_not_affected": [
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-operator-bundle@sha256:523e689589595cff9ee11393506309c00d23bf8fb945e1475aeeffea3d517897_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:0b3edcd073a1f331c011ebcd4aaa8371f9114b78a48e590df450e1e9006404c3_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:c143f6d1ec4d3d9a917a99c65815752e24e93a5be212c8d41a7f945ffffa67cf_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:f42594e7760bf45ccba9d0494391b07b355d147a8ccfae3db602bceb74d8e35f_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-operator-bundle@sha256:1a88af8ae614593144ab405214444d954aa97ba13baa6ccf3b3498b424f983df_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:667a65330c7ed33805c30896ff9fa979c1aeed8883eb31750af9802f6feb7034_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:a78c13c0c3f17432dee6d22756d6656afffe33081a1db5fad0ab68798fb92580_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:b2359332ffb463d8af90bcc6871b0a5ff4e79ce82243ba89ace96e18e05964fa_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0264dd99af5af4a7a30c2b5830e52980fc59d050cc940f191b32e09df284292a_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0dc6a56baad15c9fa6d0669f6f59ba1c6b444ef75e5d2893fa4bdd970bdfe88b_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:af5c18868820a4d139ad9c7d6a1d0a78396d96deb455b00a918c7eaf2ffbaa8b_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:3b08518f62a113a06a16ca3bcccbc128703f34815d66162426daabfd9740b2c4_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:4e8a4d0bf152d8f50114d13ce51868506570825123b8df4eed426f524c01bde3_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:7a17b1b04fd0d9ae66ad0dfaacbf9bebe44f77449763cd82bd172551c8dd5906_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:508186184b17d924659ad9dcaa468cd4086bbe958b4dac1a6297e7cd4f88a418_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:c9d56d0bfd800bd72c990829b81676a261c288f783ab44788feffdaa00bd069c_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:ea0fb56298089dfd6ea04c4933e6e15668fe422b60b521cf1388783797ac7852_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:06f31605e19bd7f702e403b815b961f125d92466e208428547069b3712c7a20e_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:6348d3a07a76aa6eb90d1689cdf67a45559e752aec70d06261596f09d7ebca4f_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:c140c1da34f8cb38864f92201ac8c9aa6981318d1bd4ebf87cea698fdb80a6d7_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:7904a53e3117acf2baeae3911c6d1cdfb78964080bf5ff3ff5bff531ca6ef366_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:adbab231c9403261c85b6e4ff2c81c0d19e206106df60fd1551c9e30cb2d83f7_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:bb16d7f7ef2310afacf12a11808c3b792ed1f30929ef9a62ff9b094d3d8512cc_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-19362"
},
{
"category": "external",
"summary": "RHBZ#1666489",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1666489"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-19362",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-19362"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-19362",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-19362"
}
],
"release_date": "2018-11-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-05-06T13:38:14+00:00",
"details": "For OpenShift Container Platform 4.7 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:\n\nhttps://docs.openshift.com/container-platform/4.7/release_notes/ocp-4-7-release-notes.html\n\nFor Red Hat OpenShift Logging 5.0, see the following instructions to apply this update:\n\nhttps://docs.openshift.com/container-platform/4.7/logging/cluster-logging-upgrading.html",
"product_ids": [
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:30491b87e69ba242c3eacb607c71c13a9957962c0ae75d63fbb1f7aff12e268b_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:614d1860d95c7e9a84ee68bb507f9970d0af63a7df3e744bd5e5a08a2a617914_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:9dbe9316331f9b7725f39d00dc2bc8433482750c8178066b002682894f92ed87_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:1515"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.0"
},
"products": [
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-operator-bundle@sha256:523e689589595cff9ee11393506309c00d23bf8fb945e1475aeeffea3d517897_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:0b3edcd073a1f331c011ebcd4aaa8371f9114b78a48e590df450e1e9006404c3_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:c143f6d1ec4d3d9a917a99c65815752e24e93a5be212c8d41a7f945ffffa67cf_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:f42594e7760bf45ccba9d0494391b07b355d147a8ccfae3db602bceb74d8e35f_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-operator-bundle@sha256:1a88af8ae614593144ab405214444d954aa97ba13baa6ccf3b3498b424f983df_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:667a65330c7ed33805c30896ff9fa979c1aeed8883eb31750af9802f6feb7034_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:a78c13c0c3f17432dee6d22756d6656afffe33081a1db5fad0ab68798fb92580_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:b2359332ffb463d8af90bcc6871b0a5ff4e79ce82243ba89ace96e18e05964fa_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0264dd99af5af4a7a30c2b5830e52980fc59d050cc940f191b32e09df284292a_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0dc6a56baad15c9fa6d0669f6f59ba1c6b444ef75e5d2893fa4bdd970bdfe88b_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:af5c18868820a4d139ad9c7d6a1d0a78396d96deb455b00a918c7eaf2ffbaa8b_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:30491b87e69ba242c3eacb607c71c13a9957962c0ae75d63fbb1f7aff12e268b_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:614d1860d95c7e9a84ee68bb507f9970d0af63a7df3e744bd5e5a08a2a617914_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:9dbe9316331f9b7725f39d00dc2bc8433482750c8178066b002682894f92ed87_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:3b08518f62a113a06a16ca3bcccbc128703f34815d66162426daabfd9740b2c4_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:4e8a4d0bf152d8f50114d13ce51868506570825123b8df4eed426f524c01bde3_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:7a17b1b04fd0d9ae66ad0dfaacbf9bebe44f77449763cd82bd172551c8dd5906_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:508186184b17d924659ad9dcaa468cd4086bbe958b4dac1a6297e7cd4f88a418_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:c9d56d0bfd800bd72c990829b81676a261c288f783ab44788feffdaa00bd069c_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:ea0fb56298089dfd6ea04c4933e6e15668fe422b60b521cf1388783797ac7852_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:06f31605e19bd7f702e403b815b961f125d92466e208428547069b3712c7a20e_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:6348d3a07a76aa6eb90d1689cdf67a45559e752aec70d06261596f09d7ebca4f_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:c140c1da34f8cb38864f92201ac8c9aa6981318d1bd4ebf87cea698fdb80a6d7_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:7904a53e3117acf2baeae3911c6d1cdfb78964080bf5ff3ff5bff531ca6ef366_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:adbab231c9403261c85b6e4ff2c81c0d19e206106df60fd1551c9e30cb2d83f7_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:bb16d7f7ef2310afacf12a11808c3b792ed1f30929ef9a62ff9b094d3d8512cc_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "jackson-databind: improper polymorphic deserialization in jboss-common-core class"
},
{
"cve": "CVE-2019-14379",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2019-07-29T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-operator-bundle@sha256:523e689589595cff9ee11393506309c00d23bf8fb945e1475aeeffea3d517897_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:0b3edcd073a1f331c011ebcd4aaa8371f9114b78a48e590df450e1e9006404c3_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:c143f6d1ec4d3d9a917a99c65815752e24e93a5be212c8d41a7f945ffffa67cf_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:f42594e7760bf45ccba9d0494391b07b355d147a8ccfae3db602bceb74d8e35f_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-operator-bundle@sha256:1a88af8ae614593144ab405214444d954aa97ba13baa6ccf3b3498b424f983df_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:667a65330c7ed33805c30896ff9fa979c1aeed8883eb31750af9802f6feb7034_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:a78c13c0c3f17432dee6d22756d6656afffe33081a1db5fad0ab68798fb92580_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:b2359332ffb463d8af90bcc6871b0a5ff4e79ce82243ba89ace96e18e05964fa_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0264dd99af5af4a7a30c2b5830e52980fc59d050cc940f191b32e09df284292a_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0dc6a56baad15c9fa6d0669f6f59ba1c6b444ef75e5d2893fa4bdd970bdfe88b_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:af5c18868820a4d139ad9c7d6a1d0a78396d96deb455b00a918c7eaf2ffbaa8b_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:3b08518f62a113a06a16ca3bcccbc128703f34815d66162426daabfd9740b2c4_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:4e8a4d0bf152d8f50114d13ce51868506570825123b8df4eed426f524c01bde3_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:7a17b1b04fd0d9ae66ad0dfaacbf9bebe44f77449763cd82bd172551c8dd5906_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:508186184b17d924659ad9dcaa468cd4086bbe958b4dac1a6297e7cd4f88a418_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:c9d56d0bfd800bd72c990829b81676a261c288f783ab44788feffdaa00bd069c_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:ea0fb56298089dfd6ea04c4933e6e15668fe422b60b521cf1388783797ac7852_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:06f31605e19bd7f702e403b815b961f125d92466e208428547069b3712c7a20e_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:6348d3a07a76aa6eb90d1689cdf67a45559e752aec70d06261596f09d7ebca4f_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:c140c1da34f8cb38864f92201ac8c9aa6981318d1bd4ebf87cea698fdb80a6d7_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:7904a53e3117acf2baeae3911c6d1cdfb78964080bf5ff3ff5bff531ca6ef366_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:adbab231c9403261c85b6e4ff2c81c0d19e206106df60fd1551c9e30cb2d83f7_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:bb16d7f7ef2310afacf12a11808c3b792ed1f30929ef9a62ff9b094d3d8512cc_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1737517"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was discovered in FasterXML jackson-databind, where it would permit polymorphic deserialization of malicious objects using the ehcache and logback JNDI gadgets when used in conjunction with polymorphic type handling methods such as `enableDefaultTyping()` or when @JsonTypeInfo is using `Id.CLASS` or `Id.MINIMAL_CLASS` or in any other way which ObjectMapper.readValue might instantiate objects from unsafe sources. An attacker could use this flaw to execute arbitrary code.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: default typing mishandling leading to remote code execution",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "While OpenShift Container Platform\u0027s elasticsearch plugins do ship the vulnerable component, it doesn\u0027t do any of the unsafe things described in https://access.redhat.com/solutions/3279231. We may update the jackson-databind dependency in a future release.\n\nSimilarly, Satellite 6 does not enable polymorphic unmarshmalling, which is a required configuration for the vulnerability to be used. We may update the jackson-databind dependency in a future release.\n\nRed Hat OpenStack Platform ships OpenDaylight, which contains the vulnerable jackson-databind. However, OpenDaylight does not expose jackson-databind in a way that would make it vulnerable, lowering the impact of the vulnerability for OpenDaylight. As such, Red Hat will not be providing a fix for OpenDaylight at this time.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:30491b87e69ba242c3eacb607c71c13a9957962c0ae75d63fbb1f7aff12e268b_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:614d1860d95c7e9a84ee68bb507f9970d0af63a7df3e744bd5e5a08a2a617914_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:9dbe9316331f9b7725f39d00dc2bc8433482750c8178066b002682894f92ed87_s390x"
],
"known_not_affected": [
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-operator-bundle@sha256:523e689589595cff9ee11393506309c00d23bf8fb945e1475aeeffea3d517897_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:0b3edcd073a1f331c011ebcd4aaa8371f9114b78a48e590df450e1e9006404c3_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:c143f6d1ec4d3d9a917a99c65815752e24e93a5be212c8d41a7f945ffffa67cf_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:f42594e7760bf45ccba9d0494391b07b355d147a8ccfae3db602bceb74d8e35f_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-operator-bundle@sha256:1a88af8ae614593144ab405214444d954aa97ba13baa6ccf3b3498b424f983df_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:667a65330c7ed33805c30896ff9fa979c1aeed8883eb31750af9802f6feb7034_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:a78c13c0c3f17432dee6d22756d6656afffe33081a1db5fad0ab68798fb92580_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:b2359332ffb463d8af90bcc6871b0a5ff4e79ce82243ba89ace96e18e05964fa_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0264dd99af5af4a7a30c2b5830e52980fc59d050cc940f191b32e09df284292a_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0dc6a56baad15c9fa6d0669f6f59ba1c6b444ef75e5d2893fa4bdd970bdfe88b_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:af5c18868820a4d139ad9c7d6a1d0a78396d96deb455b00a918c7eaf2ffbaa8b_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:3b08518f62a113a06a16ca3bcccbc128703f34815d66162426daabfd9740b2c4_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:4e8a4d0bf152d8f50114d13ce51868506570825123b8df4eed426f524c01bde3_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:7a17b1b04fd0d9ae66ad0dfaacbf9bebe44f77449763cd82bd172551c8dd5906_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:508186184b17d924659ad9dcaa468cd4086bbe958b4dac1a6297e7cd4f88a418_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:c9d56d0bfd800bd72c990829b81676a261c288f783ab44788feffdaa00bd069c_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:ea0fb56298089dfd6ea04c4933e6e15668fe422b60b521cf1388783797ac7852_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:06f31605e19bd7f702e403b815b961f125d92466e208428547069b3712c7a20e_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:6348d3a07a76aa6eb90d1689cdf67a45559e752aec70d06261596f09d7ebca4f_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:c140c1da34f8cb38864f92201ac8c9aa6981318d1bd4ebf87cea698fdb80a6d7_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:7904a53e3117acf2baeae3911c6d1cdfb78964080bf5ff3ff5bff531ca6ef366_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:adbab231c9403261c85b6e4ff2c81c0d19e206106df60fd1551c9e30cb2d83f7_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:bb16d7f7ef2310afacf12a11808c3b792ed1f30929ef9a62ff9b094d3d8512cc_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-14379"
},
{
"category": "external",
"summary": "RHBZ#1737517",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1737517"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-14379",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-14379"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-14379",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-14379"
}
],
"release_date": "2019-07-23T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-05-06T13:38:14+00:00",
"details": "For OpenShift Container Platform 4.7 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:\n\nhttps://docs.openshift.com/container-platform/4.7/release_notes/ocp-4-7-release-notes.html\n\nFor Red Hat OpenShift Logging 5.0, see the following instructions to apply this update:\n\nhttps://docs.openshift.com/container-platform/4.7/logging/cluster-logging-upgrading.html",
"product_ids": [
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:30491b87e69ba242c3eacb607c71c13a9957962c0ae75d63fbb1f7aff12e268b_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:614d1860d95c7e9a84ee68bb507f9970d0af63a7df3e744bd5e5a08a2a617914_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:9dbe9316331f9b7725f39d00dc2bc8433482750c8178066b002682894f92ed87_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:1515"
},
{
"category": "workaround",
"details": "The following conditions are needed for an exploit, we recommend avoiding all if possible\n* Deserialization from sources you do not control\n* `enableDefaultTyping()`\n* `@JsonTypeInfo using `id.CLASS` or `id.MINIMAL_CLASS`",
"product_ids": [
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-operator-bundle@sha256:523e689589595cff9ee11393506309c00d23bf8fb945e1475aeeffea3d517897_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:0b3edcd073a1f331c011ebcd4aaa8371f9114b78a48e590df450e1e9006404c3_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:c143f6d1ec4d3d9a917a99c65815752e24e93a5be212c8d41a7f945ffffa67cf_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:f42594e7760bf45ccba9d0494391b07b355d147a8ccfae3db602bceb74d8e35f_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-operator-bundle@sha256:1a88af8ae614593144ab405214444d954aa97ba13baa6ccf3b3498b424f983df_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:667a65330c7ed33805c30896ff9fa979c1aeed8883eb31750af9802f6feb7034_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:a78c13c0c3f17432dee6d22756d6656afffe33081a1db5fad0ab68798fb92580_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:b2359332ffb463d8af90bcc6871b0a5ff4e79ce82243ba89ace96e18e05964fa_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0264dd99af5af4a7a30c2b5830e52980fc59d050cc940f191b32e09df284292a_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0dc6a56baad15c9fa6d0669f6f59ba1c6b444ef75e5d2893fa4bdd970bdfe88b_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:af5c18868820a4d139ad9c7d6a1d0a78396d96deb455b00a918c7eaf2ffbaa8b_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:30491b87e69ba242c3eacb607c71c13a9957962c0ae75d63fbb1f7aff12e268b_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:614d1860d95c7e9a84ee68bb507f9970d0af63a7df3e744bd5e5a08a2a617914_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:9dbe9316331f9b7725f39d00dc2bc8433482750c8178066b002682894f92ed87_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:3b08518f62a113a06a16ca3bcccbc128703f34815d66162426daabfd9740b2c4_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:4e8a4d0bf152d8f50114d13ce51868506570825123b8df4eed426f524c01bde3_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:7a17b1b04fd0d9ae66ad0dfaacbf9bebe44f77449763cd82bd172551c8dd5906_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:508186184b17d924659ad9dcaa468cd4086bbe958b4dac1a6297e7cd4f88a418_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:c9d56d0bfd800bd72c990829b81676a261c288f783ab44788feffdaa00bd069c_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:ea0fb56298089dfd6ea04c4933e6e15668fe422b60b521cf1388783797ac7852_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:06f31605e19bd7f702e403b815b961f125d92466e208428547069b3712c7a20e_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:6348d3a07a76aa6eb90d1689cdf67a45559e752aec70d06261596f09d7ebca4f_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:c140c1da34f8cb38864f92201ac8c9aa6981318d1bd4ebf87cea698fdb80a6d7_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:7904a53e3117acf2baeae3911c6d1cdfb78964080bf5ff3ff5bff531ca6ef366_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:adbab231c9403261c85b6e4ff2c81c0d19e206106df60fd1551c9e30cb2d83f7_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:bb16d7f7ef2310afacf12a11808c3b792ed1f30929ef9a62ff9b094d3d8512cc_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-operator-bundle@sha256:523e689589595cff9ee11393506309c00d23bf8fb945e1475aeeffea3d517897_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:0b3edcd073a1f331c011ebcd4aaa8371f9114b78a48e590df450e1e9006404c3_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:c143f6d1ec4d3d9a917a99c65815752e24e93a5be212c8d41a7f945ffffa67cf_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:f42594e7760bf45ccba9d0494391b07b355d147a8ccfae3db602bceb74d8e35f_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-operator-bundle@sha256:1a88af8ae614593144ab405214444d954aa97ba13baa6ccf3b3498b424f983df_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:667a65330c7ed33805c30896ff9fa979c1aeed8883eb31750af9802f6feb7034_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:a78c13c0c3f17432dee6d22756d6656afffe33081a1db5fad0ab68798fb92580_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:b2359332ffb463d8af90bcc6871b0a5ff4e79ce82243ba89ace96e18e05964fa_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0264dd99af5af4a7a30c2b5830e52980fc59d050cc940f191b32e09df284292a_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0dc6a56baad15c9fa6d0669f6f59ba1c6b444ef75e5d2893fa4bdd970bdfe88b_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:af5c18868820a4d139ad9c7d6a1d0a78396d96deb455b00a918c7eaf2ffbaa8b_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:30491b87e69ba242c3eacb607c71c13a9957962c0ae75d63fbb1f7aff12e268b_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:614d1860d95c7e9a84ee68bb507f9970d0af63a7df3e744bd5e5a08a2a617914_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:9dbe9316331f9b7725f39d00dc2bc8433482750c8178066b002682894f92ed87_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:3b08518f62a113a06a16ca3bcccbc128703f34815d66162426daabfd9740b2c4_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:4e8a4d0bf152d8f50114d13ce51868506570825123b8df4eed426f524c01bde3_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:7a17b1b04fd0d9ae66ad0dfaacbf9bebe44f77449763cd82bd172551c8dd5906_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:508186184b17d924659ad9dcaa468cd4086bbe958b4dac1a6297e7cd4f88a418_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:c9d56d0bfd800bd72c990829b81676a261c288f783ab44788feffdaa00bd069c_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:ea0fb56298089dfd6ea04c4933e6e15668fe422b60b521cf1388783797ac7852_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:06f31605e19bd7f702e403b815b961f125d92466e208428547069b3712c7a20e_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:6348d3a07a76aa6eb90d1689cdf67a45559e752aec70d06261596f09d7ebca4f_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:c140c1da34f8cb38864f92201ac8c9aa6981318d1bd4ebf87cea698fdb80a6d7_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:7904a53e3117acf2baeae3911c6d1cdfb78964080bf5ff3ff5bff531ca6ef366_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:adbab231c9403261c85b6e4ff2c81c0d19e206106df60fd1551c9e30cb2d83f7_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:bb16d7f7ef2310afacf12a11808c3b792ed1f30929ef9a62ff9b094d3d8512cc_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "jackson-databind: default typing mishandling leading to remote code execution"
},
{
"cve": "CVE-2020-15586",
"cwe": {
"id": "CWE-362",
"name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
},
"discovery_date": "2020-07-14T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-operator-bundle@sha256:523e689589595cff9ee11393506309c00d23bf8fb945e1475aeeffea3d517897_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:0b3edcd073a1f331c011ebcd4aaa8371f9114b78a48e590df450e1e9006404c3_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:c143f6d1ec4d3d9a917a99c65815752e24e93a5be212c8d41a7f945ffffa67cf_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:f42594e7760bf45ccba9d0494391b07b355d147a8ccfae3db602bceb74d8e35f_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-operator-bundle@sha256:1a88af8ae614593144ab405214444d954aa97ba13baa6ccf3b3498b424f983df_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:667a65330c7ed33805c30896ff9fa979c1aeed8883eb31750af9802f6feb7034_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:a78c13c0c3f17432dee6d22756d6656afffe33081a1db5fad0ab68798fb92580_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:b2359332ffb463d8af90bcc6871b0a5ff4e79ce82243ba89ace96e18e05964fa_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0264dd99af5af4a7a30c2b5830e52980fc59d050cc940f191b32e09df284292a_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0dc6a56baad15c9fa6d0669f6f59ba1c6b444ef75e5d2893fa4bdd970bdfe88b_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:af5c18868820a4d139ad9c7d6a1d0a78396d96deb455b00a918c7eaf2ffbaa8b_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:30491b87e69ba242c3eacb607c71c13a9957962c0ae75d63fbb1f7aff12e268b_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:614d1860d95c7e9a84ee68bb507f9970d0af63a7df3e744bd5e5a08a2a617914_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:9dbe9316331f9b7725f39d00dc2bc8433482750c8178066b002682894f92ed87_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:508186184b17d924659ad9dcaa468cd4086bbe958b4dac1a6297e7cd4f88a418_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:c9d56d0bfd800bd72c990829b81676a261c288f783ab44788feffdaa00bd069c_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:ea0fb56298089dfd6ea04c4933e6e15668fe422b60b521cf1388783797ac7852_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:06f31605e19bd7f702e403b815b961f125d92466e208428547069b3712c7a20e_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:6348d3a07a76aa6eb90d1689cdf67a45559e752aec70d06261596f09d7ebca4f_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:c140c1da34f8cb38864f92201ac8c9aa6981318d1bd4ebf87cea698fdb80a6d7_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:7904a53e3117acf2baeae3911c6d1cdfb78964080bf5ff3ff5bff531ca6ef366_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:adbab231c9403261c85b6e4ff2c81c0d19e206106df60fd1551c9e30cb2d83f7_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:bb16d7f7ef2310afacf12a11808c3b792ed1f30929ef9a62ff9b094d3d8512cc_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1856953"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found Go\u0027s net/http package. Servers using ReverseProxy from net/http in the Go standard library are vulnerable to a data race that results in a denial of service. The highest threat from this vulnerability is to system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: data race in certain net/http servers including ReverseProxy can lead to DoS",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "OpenShift Container Platform (OCP) components are primarily written in Go, meaning that any component using the net/http package includes the vulnerable code. OCP server endpoints using ReverseProxy are protected by authentication, reducing the severity of this vulnerability to Low for OCP.\n\nSimilar to OCP, OpenShift ServiceMesh (OSSM), RedHat OpenShift Jaeger (RHOSJ) and OpenShift Virtualization are also primarily written in Go and are protected via authentication, reducing the severity of this vulnerability to Low.\n\nRed Hat Gluster Storage 3 and Red Hat Openshift Container Storage 4 components are built with the affected version of Go, however the vulnerable functionality is currently not used by these products and hence this issue has been rated as having a security impact of Low.\n\nRed Hat Ceph Storage 3 and 4 components are built with the affected version of Go, however the vulnerable functionality is currently not used by these products and hence this issue has been rated as having a security impact of Low.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:3b08518f62a113a06a16ca3bcccbc128703f34815d66162426daabfd9740b2c4_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:4e8a4d0bf152d8f50114d13ce51868506570825123b8df4eed426f524c01bde3_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:7a17b1b04fd0d9ae66ad0dfaacbf9bebe44f77449763cd82bd172551c8dd5906_amd64"
],
"known_not_affected": [
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-operator-bundle@sha256:523e689589595cff9ee11393506309c00d23bf8fb945e1475aeeffea3d517897_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:0b3edcd073a1f331c011ebcd4aaa8371f9114b78a48e590df450e1e9006404c3_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:c143f6d1ec4d3d9a917a99c65815752e24e93a5be212c8d41a7f945ffffa67cf_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:f42594e7760bf45ccba9d0494391b07b355d147a8ccfae3db602bceb74d8e35f_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-operator-bundle@sha256:1a88af8ae614593144ab405214444d954aa97ba13baa6ccf3b3498b424f983df_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:667a65330c7ed33805c30896ff9fa979c1aeed8883eb31750af9802f6feb7034_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:a78c13c0c3f17432dee6d22756d6656afffe33081a1db5fad0ab68798fb92580_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:b2359332ffb463d8af90bcc6871b0a5ff4e79ce82243ba89ace96e18e05964fa_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0264dd99af5af4a7a30c2b5830e52980fc59d050cc940f191b32e09df284292a_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0dc6a56baad15c9fa6d0669f6f59ba1c6b444ef75e5d2893fa4bdd970bdfe88b_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:af5c18868820a4d139ad9c7d6a1d0a78396d96deb455b00a918c7eaf2ffbaa8b_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:30491b87e69ba242c3eacb607c71c13a9957962c0ae75d63fbb1f7aff12e268b_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:614d1860d95c7e9a84ee68bb507f9970d0af63a7df3e744bd5e5a08a2a617914_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:9dbe9316331f9b7725f39d00dc2bc8433482750c8178066b002682894f92ed87_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:508186184b17d924659ad9dcaa468cd4086bbe958b4dac1a6297e7cd4f88a418_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:c9d56d0bfd800bd72c990829b81676a261c288f783ab44788feffdaa00bd069c_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:ea0fb56298089dfd6ea04c4933e6e15668fe422b60b521cf1388783797ac7852_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:06f31605e19bd7f702e403b815b961f125d92466e208428547069b3712c7a20e_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:6348d3a07a76aa6eb90d1689cdf67a45559e752aec70d06261596f09d7ebca4f_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:c140c1da34f8cb38864f92201ac8c9aa6981318d1bd4ebf87cea698fdb80a6d7_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:7904a53e3117acf2baeae3911c6d1cdfb78964080bf5ff3ff5bff531ca6ef366_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:adbab231c9403261c85b6e4ff2c81c0d19e206106df60fd1551c9e30cb2d83f7_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:bb16d7f7ef2310afacf12a11808c3b792ed1f30929ef9a62ff9b094d3d8512cc_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-15586"
},
{
"category": "external",
"summary": "RHBZ#1856953",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1856953"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-15586",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-15586"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-15586",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-15586"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/XZNfaiwgt2w/m/E6gHDs32AQAJ",
"url": "https://groups.google.com/g/golang-announce/c/XZNfaiwgt2w/m/E6gHDs32AQAJ"
}
],
"release_date": "2020-07-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-05-06T13:38:14+00:00",
"details": "For OpenShift Container Platform 4.7 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:\n\nhttps://docs.openshift.com/container-platform/4.7/release_notes/ocp-4-7-release-notes.html\n\nFor Red Hat OpenShift Logging 5.0, see the following instructions to apply this update:\n\nhttps://docs.openshift.com/container-platform/4.7/logging/cluster-logging-upgrading.html",
"product_ids": [
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:3b08518f62a113a06a16ca3bcccbc128703f34815d66162426daabfd9740b2c4_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:4e8a4d0bf152d8f50114d13ce51868506570825123b8df4eed426f524c01bde3_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:7a17b1b04fd0d9ae66ad0dfaacbf9bebe44f77449763cd82bd172551c8dd5906_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:1515"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-operator-bundle@sha256:523e689589595cff9ee11393506309c00d23bf8fb945e1475aeeffea3d517897_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:0b3edcd073a1f331c011ebcd4aaa8371f9114b78a48e590df450e1e9006404c3_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:c143f6d1ec4d3d9a917a99c65815752e24e93a5be212c8d41a7f945ffffa67cf_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:f42594e7760bf45ccba9d0494391b07b355d147a8ccfae3db602bceb74d8e35f_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-operator-bundle@sha256:1a88af8ae614593144ab405214444d954aa97ba13baa6ccf3b3498b424f983df_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:667a65330c7ed33805c30896ff9fa979c1aeed8883eb31750af9802f6feb7034_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:a78c13c0c3f17432dee6d22756d6656afffe33081a1db5fad0ab68798fb92580_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:b2359332ffb463d8af90bcc6871b0a5ff4e79ce82243ba89ace96e18e05964fa_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0264dd99af5af4a7a30c2b5830e52980fc59d050cc940f191b32e09df284292a_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0dc6a56baad15c9fa6d0669f6f59ba1c6b444ef75e5d2893fa4bdd970bdfe88b_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:af5c18868820a4d139ad9c7d6a1d0a78396d96deb455b00a918c7eaf2ffbaa8b_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:30491b87e69ba242c3eacb607c71c13a9957962c0ae75d63fbb1f7aff12e268b_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:614d1860d95c7e9a84ee68bb507f9970d0af63a7df3e744bd5e5a08a2a617914_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:9dbe9316331f9b7725f39d00dc2bc8433482750c8178066b002682894f92ed87_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:3b08518f62a113a06a16ca3bcccbc128703f34815d66162426daabfd9740b2c4_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:4e8a4d0bf152d8f50114d13ce51868506570825123b8df4eed426f524c01bde3_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:7a17b1b04fd0d9ae66ad0dfaacbf9bebe44f77449763cd82bd172551c8dd5906_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:508186184b17d924659ad9dcaa468cd4086bbe958b4dac1a6297e7cd4f88a418_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:c9d56d0bfd800bd72c990829b81676a261c288f783ab44788feffdaa00bd069c_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:ea0fb56298089dfd6ea04c4933e6e15668fe422b60b521cf1388783797ac7852_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:06f31605e19bd7f702e403b815b961f125d92466e208428547069b3712c7a20e_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:6348d3a07a76aa6eb90d1689cdf67a45559e752aec70d06261596f09d7ebca4f_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:c140c1da34f8cb38864f92201ac8c9aa6981318d1bd4ebf87cea698fdb80a6d7_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:7904a53e3117acf2baeae3911c6d1cdfb78964080bf5ff3ff5bff531ca6ef366_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:adbab231c9403261c85b6e4ff2c81c0d19e206106df60fd1551c9e30cb2d83f7_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:bb16d7f7ef2310afacf12a11808c3b792ed1f30929ef9a62ff9b094d3d8512cc_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: data race in certain net/http servers including ReverseProxy can lead to DoS"
},
{
"cve": "CVE-2020-16845",
"cwe": {
"id": "CWE-835",
"name": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)"
},
"discovery_date": "2020-08-07T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-operator-bundle@sha256:523e689589595cff9ee11393506309c00d23bf8fb945e1475aeeffea3d517897_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:0b3edcd073a1f331c011ebcd4aaa8371f9114b78a48e590df450e1e9006404c3_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:c143f6d1ec4d3d9a917a99c65815752e24e93a5be212c8d41a7f945ffffa67cf_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:f42594e7760bf45ccba9d0494391b07b355d147a8ccfae3db602bceb74d8e35f_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-operator-bundle@sha256:1a88af8ae614593144ab405214444d954aa97ba13baa6ccf3b3498b424f983df_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:667a65330c7ed33805c30896ff9fa979c1aeed8883eb31750af9802f6feb7034_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:a78c13c0c3f17432dee6d22756d6656afffe33081a1db5fad0ab68798fb92580_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:b2359332ffb463d8af90bcc6871b0a5ff4e79ce82243ba89ace96e18e05964fa_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0264dd99af5af4a7a30c2b5830e52980fc59d050cc940f191b32e09df284292a_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0dc6a56baad15c9fa6d0669f6f59ba1c6b444ef75e5d2893fa4bdd970bdfe88b_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:af5c18868820a4d139ad9c7d6a1d0a78396d96deb455b00a918c7eaf2ffbaa8b_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:30491b87e69ba242c3eacb607c71c13a9957962c0ae75d63fbb1f7aff12e268b_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:614d1860d95c7e9a84ee68bb507f9970d0af63a7df3e744bd5e5a08a2a617914_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:9dbe9316331f9b7725f39d00dc2bc8433482750c8178066b002682894f92ed87_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:508186184b17d924659ad9dcaa468cd4086bbe958b4dac1a6297e7cd4f88a418_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:c9d56d0bfd800bd72c990829b81676a261c288f783ab44788feffdaa00bd069c_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:ea0fb56298089dfd6ea04c4933e6e15668fe422b60b521cf1388783797ac7852_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:06f31605e19bd7f702e403b815b961f125d92466e208428547069b3712c7a20e_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:6348d3a07a76aa6eb90d1689cdf67a45559e752aec70d06261596f09d7ebca4f_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:c140c1da34f8cb38864f92201ac8c9aa6981318d1bd4ebf87cea698fdb80a6d7_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:7904a53e3117acf2baeae3911c6d1cdfb78964080bf5ff3ff5bff531ca6ef366_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:adbab231c9403261c85b6e4ff2c81c0d19e206106df60fd1551c9e30cb2d83f7_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:bb16d7f7ef2310afacf12a11808c3b792ed1f30929ef9a62ff9b094d3d8512cc_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1867099"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Go encoding/binary package. Certain invalid inputs to the ReadUvarint or the ReadVarint causes those functions to read an unlimited number of bytes from the ByteReader argument before returning an error. This flaw possibly leads to processing more input than expected. The highest threat from this vulnerability is to system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: ReadUvarint and ReadVarint can read an unlimited number of bytes from invalid inputs",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "OpenShift Container Platform (OCP), OpenShift ServiceMesh (OSSM), RedHat OpenShift Jaeger (RHOSJ) and OpenShift Virtualization components are primarily written in Go, meaning that any component using the encoding/binary package includes the vulnerable code. The affected components are behind OpenShift OAuth authentication, therefore the impact is low.\n\nRed Hat Gluster Storage 3, Red Hat OpenShift Container Storage 4 and Red Hat Ceph Storage (3 and 4) components are built with the affected version of Go, however the vulnerable functionality is currently not used by these products and hence this issue has been rated as having a security impact of Low.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:3b08518f62a113a06a16ca3bcccbc128703f34815d66162426daabfd9740b2c4_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:4e8a4d0bf152d8f50114d13ce51868506570825123b8df4eed426f524c01bde3_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:7a17b1b04fd0d9ae66ad0dfaacbf9bebe44f77449763cd82bd172551c8dd5906_amd64"
],
"known_not_affected": [
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-operator-bundle@sha256:523e689589595cff9ee11393506309c00d23bf8fb945e1475aeeffea3d517897_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:0b3edcd073a1f331c011ebcd4aaa8371f9114b78a48e590df450e1e9006404c3_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:c143f6d1ec4d3d9a917a99c65815752e24e93a5be212c8d41a7f945ffffa67cf_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:f42594e7760bf45ccba9d0494391b07b355d147a8ccfae3db602bceb74d8e35f_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-operator-bundle@sha256:1a88af8ae614593144ab405214444d954aa97ba13baa6ccf3b3498b424f983df_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:667a65330c7ed33805c30896ff9fa979c1aeed8883eb31750af9802f6feb7034_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:a78c13c0c3f17432dee6d22756d6656afffe33081a1db5fad0ab68798fb92580_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:b2359332ffb463d8af90bcc6871b0a5ff4e79ce82243ba89ace96e18e05964fa_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0264dd99af5af4a7a30c2b5830e52980fc59d050cc940f191b32e09df284292a_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0dc6a56baad15c9fa6d0669f6f59ba1c6b444ef75e5d2893fa4bdd970bdfe88b_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:af5c18868820a4d139ad9c7d6a1d0a78396d96deb455b00a918c7eaf2ffbaa8b_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:30491b87e69ba242c3eacb607c71c13a9957962c0ae75d63fbb1f7aff12e268b_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:614d1860d95c7e9a84ee68bb507f9970d0af63a7df3e744bd5e5a08a2a617914_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:9dbe9316331f9b7725f39d00dc2bc8433482750c8178066b002682894f92ed87_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:508186184b17d924659ad9dcaa468cd4086bbe958b4dac1a6297e7cd4f88a418_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:c9d56d0bfd800bd72c990829b81676a261c288f783ab44788feffdaa00bd069c_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:ea0fb56298089dfd6ea04c4933e6e15668fe422b60b521cf1388783797ac7852_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:06f31605e19bd7f702e403b815b961f125d92466e208428547069b3712c7a20e_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:6348d3a07a76aa6eb90d1689cdf67a45559e752aec70d06261596f09d7ebca4f_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:c140c1da34f8cb38864f92201ac8c9aa6981318d1bd4ebf87cea698fdb80a6d7_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:7904a53e3117acf2baeae3911c6d1cdfb78964080bf5ff3ff5bff531ca6ef366_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:adbab231c9403261c85b6e4ff2c81c0d19e206106df60fd1551c9e30cb2d83f7_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:bb16d7f7ef2310afacf12a11808c3b792ed1f30929ef9a62ff9b094d3d8512cc_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-16845"
},
{
"category": "external",
"summary": "RHBZ#1867099",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1867099"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-16845",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-16845"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-16845",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-16845"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/NyPIaucMgXo",
"url": "https://groups.google.com/g/golang-announce/c/NyPIaucMgXo"
}
],
"release_date": "2020-08-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-05-06T13:38:14+00:00",
"details": "For OpenShift Container Platform 4.7 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:\n\nhttps://docs.openshift.com/container-platform/4.7/release_notes/ocp-4-7-release-notes.html\n\nFor Red Hat OpenShift Logging 5.0, see the following instructions to apply this update:\n\nhttps://docs.openshift.com/container-platform/4.7/logging/cluster-logging-upgrading.html",
"product_ids": [
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:3b08518f62a113a06a16ca3bcccbc128703f34815d66162426daabfd9740b2c4_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:4e8a4d0bf152d8f50114d13ce51868506570825123b8df4eed426f524c01bde3_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:7a17b1b04fd0d9ae66ad0dfaacbf9bebe44f77449763cd82bd172551c8dd5906_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:1515"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-operator-bundle@sha256:523e689589595cff9ee11393506309c00d23bf8fb945e1475aeeffea3d517897_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:0b3edcd073a1f331c011ebcd4aaa8371f9114b78a48e590df450e1e9006404c3_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:c143f6d1ec4d3d9a917a99c65815752e24e93a5be212c8d41a7f945ffffa67cf_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:f42594e7760bf45ccba9d0494391b07b355d147a8ccfae3db602bceb74d8e35f_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-operator-bundle@sha256:1a88af8ae614593144ab405214444d954aa97ba13baa6ccf3b3498b424f983df_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:667a65330c7ed33805c30896ff9fa979c1aeed8883eb31750af9802f6feb7034_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:a78c13c0c3f17432dee6d22756d6656afffe33081a1db5fad0ab68798fb92580_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:b2359332ffb463d8af90bcc6871b0a5ff4e79ce82243ba89ace96e18e05964fa_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0264dd99af5af4a7a30c2b5830e52980fc59d050cc940f191b32e09df284292a_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0dc6a56baad15c9fa6d0669f6f59ba1c6b444ef75e5d2893fa4bdd970bdfe88b_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:af5c18868820a4d139ad9c7d6a1d0a78396d96deb455b00a918c7eaf2ffbaa8b_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:30491b87e69ba242c3eacb607c71c13a9957962c0ae75d63fbb1f7aff12e268b_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:614d1860d95c7e9a84ee68bb507f9970d0af63a7df3e744bd5e5a08a2a617914_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:9dbe9316331f9b7725f39d00dc2bc8433482750c8178066b002682894f92ed87_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:3b08518f62a113a06a16ca3bcccbc128703f34815d66162426daabfd9740b2c4_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:4e8a4d0bf152d8f50114d13ce51868506570825123b8df4eed426f524c01bde3_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:7a17b1b04fd0d9ae66ad0dfaacbf9bebe44f77449763cd82bd172551c8dd5906_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:508186184b17d924659ad9dcaa468cd4086bbe958b4dac1a6297e7cd4f88a418_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:c9d56d0bfd800bd72c990829b81676a261c288f783ab44788feffdaa00bd069c_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:ea0fb56298089dfd6ea04c4933e6e15668fe422b60b521cf1388783797ac7852_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:06f31605e19bd7f702e403b815b961f125d92466e208428547069b3712c7a20e_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:6348d3a07a76aa6eb90d1689cdf67a45559e752aec70d06261596f09d7ebca4f_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:c140c1da34f8cb38864f92201ac8c9aa6981318d1bd4ebf87cea698fdb80a6d7_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:7904a53e3117acf2baeae3911c6d1cdfb78964080bf5ff3ff5bff531ca6ef366_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:adbab231c9403261c85b6e4ff2c81c0d19e206106df60fd1551c9e30cb2d83f7_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:bb16d7f7ef2310afacf12a11808c3b792ed1f30929ef9a62ff9b094d3d8512cc_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: ReadUvarint and ReadVarint can read an unlimited number of bytes from invalid inputs"
},
{
"cve": "CVE-2020-24750",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2020-09-18T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-operator-bundle@sha256:523e689589595cff9ee11393506309c00d23bf8fb945e1475aeeffea3d517897_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:0b3edcd073a1f331c011ebcd4aaa8371f9114b78a48e590df450e1e9006404c3_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:c143f6d1ec4d3d9a917a99c65815752e24e93a5be212c8d41a7f945ffffa67cf_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:f42594e7760bf45ccba9d0494391b07b355d147a8ccfae3db602bceb74d8e35f_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-operator-bundle@sha256:1a88af8ae614593144ab405214444d954aa97ba13baa6ccf3b3498b424f983df_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:667a65330c7ed33805c30896ff9fa979c1aeed8883eb31750af9802f6feb7034_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:a78c13c0c3f17432dee6d22756d6656afffe33081a1db5fad0ab68798fb92580_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:b2359332ffb463d8af90bcc6871b0a5ff4e79ce82243ba89ace96e18e05964fa_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0264dd99af5af4a7a30c2b5830e52980fc59d050cc940f191b32e09df284292a_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0dc6a56baad15c9fa6d0669f6f59ba1c6b444ef75e5d2893fa4bdd970bdfe88b_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:af5c18868820a4d139ad9c7d6a1d0a78396d96deb455b00a918c7eaf2ffbaa8b_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:3b08518f62a113a06a16ca3bcccbc128703f34815d66162426daabfd9740b2c4_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:4e8a4d0bf152d8f50114d13ce51868506570825123b8df4eed426f524c01bde3_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:7a17b1b04fd0d9ae66ad0dfaacbf9bebe44f77449763cd82bd172551c8dd5906_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:508186184b17d924659ad9dcaa468cd4086bbe958b4dac1a6297e7cd4f88a418_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:c9d56d0bfd800bd72c990829b81676a261c288f783ab44788feffdaa00bd069c_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:ea0fb56298089dfd6ea04c4933e6e15668fe422b60b521cf1388783797ac7852_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:06f31605e19bd7f702e403b815b961f125d92466e208428547069b3712c7a20e_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:6348d3a07a76aa6eb90d1689cdf67a45559e752aec70d06261596f09d7ebca4f_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:c140c1da34f8cb38864f92201ac8c9aa6981318d1bd4ebf87cea698fdb80a6d7_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:7904a53e3117acf2baeae3911c6d1cdfb78964080bf5ff3ff5bff531ca6ef366_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:adbab231c9403261c85b6e4ff2c81c0d19e206106df60fd1551c9e30cb2d83f7_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:bb16d7f7ef2310afacf12a11808c3b792ed1f30929ef9a62ff9b094d3d8512cc_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1882310"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in jackson-databind 2.x in versions prior to 2.9.10.6. The interaction between serialization gadgets and typing is mishandled. The highest threat from this vulnerability is to data confidentiality and system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: Serialization gadgets in com.pastdev.httpcomponents.configuration.JndiConfiguration",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The following Red Hat products do ship the vulnerable component, but do not enable the unsafe conditions needed to exploit:\n* JBoss Data Grid 7\n* Business Process Management Suite 6\n* Business Rules Management Suite 6\n* JBoss Data Virtualization 6\n* OpenShift Container Platform\nThese products may update the jackson-databind dependency in a future release.\n\nThe following Red Hat products ship OpenDaylight, which contains the vulnerable jackson-databind, but do not expose jackson-databind in a way that would make it exploitable\n* Red Hat OpenStack Platform 13\nAs such, Red Hat will not be providing a fix for OpenDaylight at this time.\n\nThe following Red Hat products are not affected by this flaw because they use a more recent version of jackson-databind that does not contain the vulnerable code:\n* CodeReady Studio 12.16.0\n* Red Hat Enterprise Linux 8\n* Red Hat Enterprise Virtualization\n* Red Hat Satellite 6",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:30491b87e69ba242c3eacb607c71c13a9957962c0ae75d63fbb1f7aff12e268b_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:614d1860d95c7e9a84ee68bb507f9970d0af63a7df3e744bd5e5a08a2a617914_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:9dbe9316331f9b7725f39d00dc2bc8433482750c8178066b002682894f92ed87_s390x"
],
"known_not_affected": [
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-operator-bundle@sha256:523e689589595cff9ee11393506309c00d23bf8fb945e1475aeeffea3d517897_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:0b3edcd073a1f331c011ebcd4aaa8371f9114b78a48e590df450e1e9006404c3_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:c143f6d1ec4d3d9a917a99c65815752e24e93a5be212c8d41a7f945ffffa67cf_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:f42594e7760bf45ccba9d0494391b07b355d147a8ccfae3db602bceb74d8e35f_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-operator-bundle@sha256:1a88af8ae614593144ab405214444d954aa97ba13baa6ccf3b3498b424f983df_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:667a65330c7ed33805c30896ff9fa979c1aeed8883eb31750af9802f6feb7034_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:a78c13c0c3f17432dee6d22756d6656afffe33081a1db5fad0ab68798fb92580_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:b2359332ffb463d8af90bcc6871b0a5ff4e79ce82243ba89ace96e18e05964fa_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0264dd99af5af4a7a30c2b5830e52980fc59d050cc940f191b32e09df284292a_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0dc6a56baad15c9fa6d0669f6f59ba1c6b444ef75e5d2893fa4bdd970bdfe88b_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:af5c18868820a4d139ad9c7d6a1d0a78396d96deb455b00a918c7eaf2ffbaa8b_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:3b08518f62a113a06a16ca3bcccbc128703f34815d66162426daabfd9740b2c4_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:4e8a4d0bf152d8f50114d13ce51868506570825123b8df4eed426f524c01bde3_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:7a17b1b04fd0d9ae66ad0dfaacbf9bebe44f77449763cd82bd172551c8dd5906_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:508186184b17d924659ad9dcaa468cd4086bbe958b4dac1a6297e7cd4f88a418_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:c9d56d0bfd800bd72c990829b81676a261c288f783ab44788feffdaa00bd069c_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:ea0fb56298089dfd6ea04c4933e6e15668fe422b60b521cf1388783797ac7852_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:06f31605e19bd7f702e403b815b961f125d92466e208428547069b3712c7a20e_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:6348d3a07a76aa6eb90d1689cdf67a45559e752aec70d06261596f09d7ebca4f_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:c140c1da34f8cb38864f92201ac8c9aa6981318d1bd4ebf87cea698fdb80a6d7_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:7904a53e3117acf2baeae3911c6d1cdfb78964080bf5ff3ff5bff531ca6ef366_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:adbab231c9403261c85b6e4ff2c81c0d19e206106df60fd1551c9e30cb2d83f7_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:bb16d7f7ef2310afacf12a11808c3b792ed1f30929ef9a62ff9b094d3d8512cc_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-24750"
},
{
"category": "external",
"summary": "RHBZ#1882310",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1882310"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-24750",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-24750"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-24750",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-24750"
}
],
"release_date": "2020-09-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-05-06T13:38:14+00:00",
"details": "For OpenShift Container Platform 4.7 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:\n\nhttps://docs.openshift.com/container-platform/4.7/release_notes/ocp-4-7-release-notes.html\n\nFor Red Hat OpenShift Logging 5.0, see the following instructions to apply this update:\n\nhttps://docs.openshift.com/container-platform/4.7/logging/cluster-logging-upgrading.html",
"product_ids": [
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:30491b87e69ba242c3eacb607c71c13a9957962c0ae75d63fbb1f7aff12e268b_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:614d1860d95c7e9a84ee68bb507f9970d0af63a7df3e744bd5e5a08a2a617914_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:9dbe9316331f9b7725f39d00dc2bc8433482750c8178066b002682894f92ed87_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:1515"
},
{
"category": "workaround",
"details": "The following conditions are needed for an exploit, we recommend avoiding all if possible:\n* Deserialization from sources you do not control\n* `enableDefaultTyping()`\n* `@JsonTypeInfo using `id.CLASS` or `id.MINIMAL_CLASS`\n* avoid com.pastdev.httpcomponents in the classpath",
"product_ids": [
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-operator-bundle@sha256:523e689589595cff9ee11393506309c00d23bf8fb945e1475aeeffea3d517897_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:0b3edcd073a1f331c011ebcd4aaa8371f9114b78a48e590df450e1e9006404c3_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:c143f6d1ec4d3d9a917a99c65815752e24e93a5be212c8d41a7f945ffffa67cf_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:f42594e7760bf45ccba9d0494391b07b355d147a8ccfae3db602bceb74d8e35f_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-operator-bundle@sha256:1a88af8ae614593144ab405214444d954aa97ba13baa6ccf3b3498b424f983df_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:667a65330c7ed33805c30896ff9fa979c1aeed8883eb31750af9802f6feb7034_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:a78c13c0c3f17432dee6d22756d6656afffe33081a1db5fad0ab68798fb92580_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:b2359332ffb463d8af90bcc6871b0a5ff4e79ce82243ba89ace96e18e05964fa_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0264dd99af5af4a7a30c2b5830e52980fc59d050cc940f191b32e09df284292a_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0dc6a56baad15c9fa6d0669f6f59ba1c6b444ef75e5d2893fa4bdd970bdfe88b_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:af5c18868820a4d139ad9c7d6a1d0a78396d96deb455b00a918c7eaf2ffbaa8b_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:30491b87e69ba242c3eacb607c71c13a9957962c0ae75d63fbb1f7aff12e268b_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:614d1860d95c7e9a84ee68bb507f9970d0af63a7df3e744bd5e5a08a2a617914_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:9dbe9316331f9b7725f39d00dc2bc8433482750c8178066b002682894f92ed87_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:3b08518f62a113a06a16ca3bcccbc128703f34815d66162426daabfd9740b2c4_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:4e8a4d0bf152d8f50114d13ce51868506570825123b8df4eed426f524c01bde3_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:7a17b1b04fd0d9ae66ad0dfaacbf9bebe44f77449763cd82bd172551c8dd5906_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:508186184b17d924659ad9dcaa468cd4086bbe958b4dac1a6297e7cd4f88a418_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:c9d56d0bfd800bd72c990829b81676a261c288f783ab44788feffdaa00bd069c_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:ea0fb56298089dfd6ea04c4933e6e15668fe422b60b521cf1388783797ac7852_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:06f31605e19bd7f702e403b815b961f125d92466e208428547069b3712c7a20e_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:6348d3a07a76aa6eb90d1689cdf67a45559e752aec70d06261596f09d7ebca4f_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:c140c1da34f8cb38864f92201ac8c9aa6981318d1bd4ebf87cea698fdb80a6d7_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:7904a53e3117acf2baeae3911c6d1cdfb78964080bf5ff3ff5bff531ca6ef366_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:adbab231c9403261c85b6e4ff2c81c0d19e206106df60fd1551c9e30cb2d83f7_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:bb16d7f7ef2310afacf12a11808c3b792ed1f30929ef9a62ff9b094d3d8512cc_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-operator-bundle@sha256:523e689589595cff9ee11393506309c00d23bf8fb945e1475aeeffea3d517897_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:0b3edcd073a1f331c011ebcd4aaa8371f9114b78a48e590df450e1e9006404c3_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:c143f6d1ec4d3d9a917a99c65815752e24e93a5be212c8d41a7f945ffffa67cf_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:f42594e7760bf45ccba9d0494391b07b355d147a8ccfae3db602bceb74d8e35f_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-operator-bundle@sha256:1a88af8ae614593144ab405214444d954aa97ba13baa6ccf3b3498b424f983df_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:667a65330c7ed33805c30896ff9fa979c1aeed8883eb31750af9802f6feb7034_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:a78c13c0c3f17432dee6d22756d6656afffe33081a1db5fad0ab68798fb92580_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:b2359332ffb463d8af90bcc6871b0a5ff4e79ce82243ba89ace96e18e05964fa_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0264dd99af5af4a7a30c2b5830e52980fc59d050cc940f191b32e09df284292a_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0dc6a56baad15c9fa6d0669f6f59ba1c6b444ef75e5d2893fa4bdd970bdfe88b_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:af5c18868820a4d139ad9c7d6a1d0a78396d96deb455b00a918c7eaf2ffbaa8b_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:30491b87e69ba242c3eacb607c71c13a9957962c0ae75d63fbb1f7aff12e268b_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:614d1860d95c7e9a84ee68bb507f9970d0af63a7df3e744bd5e5a08a2a617914_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:9dbe9316331f9b7725f39d00dc2bc8433482750c8178066b002682894f92ed87_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:3b08518f62a113a06a16ca3bcccbc128703f34815d66162426daabfd9740b2c4_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:4e8a4d0bf152d8f50114d13ce51868506570825123b8df4eed426f524c01bde3_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:7a17b1b04fd0d9ae66ad0dfaacbf9bebe44f77449763cd82bd172551c8dd5906_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:508186184b17d924659ad9dcaa468cd4086bbe958b4dac1a6297e7cd4f88a418_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:c9d56d0bfd800bd72c990829b81676a261c288f783ab44788feffdaa00bd069c_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:ea0fb56298089dfd6ea04c4933e6e15668fe422b60b521cf1388783797ac7852_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:06f31605e19bd7f702e403b815b961f125d92466e208428547069b3712c7a20e_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:6348d3a07a76aa6eb90d1689cdf67a45559e752aec70d06261596f09d7ebca4f_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:c140c1da34f8cb38864f92201ac8c9aa6981318d1bd4ebf87cea698fdb80a6d7_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:7904a53e3117acf2baeae3911c6d1cdfb78964080bf5ff3ff5bff531ca6ef366_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:adbab231c9403261c85b6e4ff2c81c0d19e206106df60fd1551c9e30cb2d83f7_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:bb16d7f7ef2310afacf12a11808c3b792ed1f30929ef9a62ff9b094d3d8512cc_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "jackson-databind: Serialization gadgets in com.pastdev.httpcomponents.configuration.JndiConfiguration"
},
{
"cve": "CVE-2020-35490",
"cwe": {
"id": "CWE-96",
"name": "Improper Neutralization of Directives in Statically Saved Code (\u0027Static Code Injection\u0027)"
},
"discovery_date": "2020-12-17T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-operator-bundle@sha256:523e689589595cff9ee11393506309c00d23bf8fb945e1475aeeffea3d517897_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:0b3edcd073a1f331c011ebcd4aaa8371f9114b78a48e590df450e1e9006404c3_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:c143f6d1ec4d3d9a917a99c65815752e24e93a5be212c8d41a7f945ffffa67cf_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:f42594e7760bf45ccba9d0494391b07b355d147a8ccfae3db602bceb74d8e35f_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-operator-bundle@sha256:1a88af8ae614593144ab405214444d954aa97ba13baa6ccf3b3498b424f983df_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:667a65330c7ed33805c30896ff9fa979c1aeed8883eb31750af9802f6feb7034_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:a78c13c0c3f17432dee6d22756d6656afffe33081a1db5fad0ab68798fb92580_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:b2359332ffb463d8af90bcc6871b0a5ff4e79ce82243ba89ace96e18e05964fa_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0264dd99af5af4a7a30c2b5830e52980fc59d050cc940f191b32e09df284292a_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0dc6a56baad15c9fa6d0669f6f59ba1c6b444ef75e5d2893fa4bdd970bdfe88b_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:af5c18868820a4d139ad9c7d6a1d0a78396d96deb455b00a918c7eaf2ffbaa8b_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:3b08518f62a113a06a16ca3bcccbc128703f34815d66162426daabfd9740b2c4_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:4e8a4d0bf152d8f50114d13ce51868506570825123b8df4eed426f524c01bde3_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:7a17b1b04fd0d9ae66ad0dfaacbf9bebe44f77449763cd82bd172551c8dd5906_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:508186184b17d924659ad9dcaa468cd4086bbe958b4dac1a6297e7cd4f88a418_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:c9d56d0bfd800bd72c990829b81676a261c288f783ab44788feffdaa00bd069c_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:ea0fb56298089dfd6ea04c4933e6e15668fe422b60b521cf1388783797ac7852_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:06f31605e19bd7f702e403b815b961f125d92466e208428547069b3712c7a20e_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:6348d3a07a76aa6eb90d1689cdf67a45559e752aec70d06261596f09d7ebca4f_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:c140c1da34f8cb38864f92201ac8c9aa6981318d1bd4ebf87cea698fdb80a6d7_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:7904a53e3117acf2baeae3911c6d1cdfb78964080bf5ff3ff5bff531ca6ef366_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:adbab231c9403261c85b6e4ff2c81c0d19e206106df60fd1551c9e30cb2d83f7_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:bb16d7f7ef2310afacf12a11808c3b792ed1f30929ef9a62ff9b094d3d8512cc_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1909266"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in jackson-databind. FasterXML mishandles the interaction between serialization gadgets and typing. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: mishandles the interaction between serialization gadgets and typing, related to org.apache.commons.dbcp2.datasources.PerUserPoolDataSource",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The following Red Hat products do ship the vulnerable component, but do not enable the unsafe conditions needed to exploit, lowering their vulnerability impact:\n* JBoss Data Grid 7\n* Business Process Management Suite 6\n* Business Rules Management Suite 6\n* JBoss Data Virtualization 6\n* Red Hat Fuse Service Works 6\n* Red Hat OpenStack Platform\n* Red Hat OpenShift containers: ose-metering-hadoop, ose-metering-hive, ose-logging-elasticsearch5, ose-logging-elasticsearch6 \nThese products may update the jackson-databind dependency in a future release.\n\nIn Red Hat Openshift 4 there are no plans to maintain the ose-logging-elasticsearch5 container, hence it has been marked wontfix at this time and may be fixed in a future update.\n\nThe following Red Hat products ship OpenDaylight, which contains the vulnerable jackson-databind, but do not expose jackson-databind in a way that would make it exploitable\n* Red Hat OpenStack Platform 13\nAs such, Red Hat will not be providing a fix for OpenDaylight at this time.\n\nThe following Red Hat products are not affected by this flaw because they use a more recent version of jackson-databind that does not contain the vulnerable code:\n* CodeReady Studio 12.16.0\n* Red Hat Enterprise Linux 8\n* Red Hat Enterprise Virtualization\n* Red Hat Satellite 6\n* Red Hat OpenShift container: ose-metering-presto",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:30491b87e69ba242c3eacb607c71c13a9957962c0ae75d63fbb1f7aff12e268b_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:614d1860d95c7e9a84ee68bb507f9970d0af63a7df3e744bd5e5a08a2a617914_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:9dbe9316331f9b7725f39d00dc2bc8433482750c8178066b002682894f92ed87_s390x"
],
"known_not_affected": [
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-operator-bundle@sha256:523e689589595cff9ee11393506309c00d23bf8fb945e1475aeeffea3d517897_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:0b3edcd073a1f331c011ebcd4aaa8371f9114b78a48e590df450e1e9006404c3_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:c143f6d1ec4d3d9a917a99c65815752e24e93a5be212c8d41a7f945ffffa67cf_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:f42594e7760bf45ccba9d0494391b07b355d147a8ccfae3db602bceb74d8e35f_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-operator-bundle@sha256:1a88af8ae614593144ab405214444d954aa97ba13baa6ccf3b3498b424f983df_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:667a65330c7ed33805c30896ff9fa979c1aeed8883eb31750af9802f6feb7034_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:a78c13c0c3f17432dee6d22756d6656afffe33081a1db5fad0ab68798fb92580_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:b2359332ffb463d8af90bcc6871b0a5ff4e79ce82243ba89ace96e18e05964fa_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0264dd99af5af4a7a30c2b5830e52980fc59d050cc940f191b32e09df284292a_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0dc6a56baad15c9fa6d0669f6f59ba1c6b444ef75e5d2893fa4bdd970bdfe88b_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:af5c18868820a4d139ad9c7d6a1d0a78396d96deb455b00a918c7eaf2ffbaa8b_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:3b08518f62a113a06a16ca3bcccbc128703f34815d66162426daabfd9740b2c4_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:4e8a4d0bf152d8f50114d13ce51868506570825123b8df4eed426f524c01bde3_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:7a17b1b04fd0d9ae66ad0dfaacbf9bebe44f77449763cd82bd172551c8dd5906_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:508186184b17d924659ad9dcaa468cd4086bbe958b4dac1a6297e7cd4f88a418_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:c9d56d0bfd800bd72c990829b81676a261c288f783ab44788feffdaa00bd069c_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:ea0fb56298089dfd6ea04c4933e6e15668fe422b60b521cf1388783797ac7852_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:06f31605e19bd7f702e403b815b961f125d92466e208428547069b3712c7a20e_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:6348d3a07a76aa6eb90d1689cdf67a45559e752aec70d06261596f09d7ebca4f_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:c140c1da34f8cb38864f92201ac8c9aa6981318d1bd4ebf87cea698fdb80a6d7_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:7904a53e3117acf2baeae3911c6d1cdfb78964080bf5ff3ff5bff531ca6ef366_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:adbab231c9403261c85b6e4ff2c81c0d19e206106df60fd1551c9e30cb2d83f7_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:bb16d7f7ef2310afacf12a11808c3b792ed1f30929ef9a62ff9b094d3d8512cc_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-35490"
},
{
"category": "external",
"summary": "RHBZ#1909266",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1909266"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-35490",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-35490"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-35490",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-35490"
},
{
"category": "external",
"summary": "https://cowtowncoder.medium.com/on-jackson-cves-dont-panic-here-is-what-you-need-to-know-54cd0d6e8062",
"url": "https://cowtowncoder.medium.com/on-jackson-cves-dont-panic-here-is-what-you-need-to-know-54cd0d6e8062"
},
{
"category": "external",
"summary": "https://github.com/FasterXML/jackson-databind/issues/2986",
"url": "https://github.com/FasterXML/jackson-databind/issues/2986"
}
],
"release_date": "2020-12-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-05-06T13:38:14+00:00",
"details": "For OpenShift Container Platform 4.7 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:\n\nhttps://docs.openshift.com/container-platform/4.7/release_notes/ocp-4-7-release-notes.html\n\nFor Red Hat OpenShift Logging 5.0, see the following instructions to apply this update:\n\nhttps://docs.openshift.com/container-platform/4.7/logging/cluster-logging-upgrading.html",
"product_ids": [
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:30491b87e69ba242c3eacb607c71c13a9957962c0ae75d63fbb1f7aff12e268b_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:614d1860d95c7e9a84ee68bb507f9970d0af63a7df3e744bd5e5a08a2a617914_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:9dbe9316331f9b7725f39d00dc2bc8433482750c8178066b002682894f92ed87_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:1515"
},
{
"category": "workaround",
"details": "The following conditions are needed for an exploit, we recommend avoiding all if possible:\n* Deserialization from sources you do not control\n* `enableDefaultTyping()`\n* `@JsonTypeInfo using `id.CLASS` or `id.MINIMAL_CLASS`\n* avoid org.apache.commons.dbcp2.datasources.PerUserPoolDataSource and org.apache.commons.dbcp2.datasources.SharedPoolDataSource in the classpath",
"product_ids": [
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-operator-bundle@sha256:523e689589595cff9ee11393506309c00d23bf8fb945e1475aeeffea3d517897_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:0b3edcd073a1f331c011ebcd4aaa8371f9114b78a48e590df450e1e9006404c3_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:c143f6d1ec4d3d9a917a99c65815752e24e93a5be212c8d41a7f945ffffa67cf_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:f42594e7760bf45ccba9d0494391b07b355d147a8ccfae3db602bceb74d8e35f_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-operator-bundle@sha256:1a88af8ae614593144ab405214444d954aa97ba13baa6ccf3b3498b424f983df_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:667a65330c7ed33805c30896ff9fa979c1aeed8883eb31750af9802f6feb7034_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:a78c13c0c3f17432dee6d22756d6656afffe33081a1db5fad0ab68798fb92580_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:b2359332ffb463d8af90bcc6871b0a5ff4e79ce82243ba89ace96e18e05964fa_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0264dd99af5af4a7a30c2b5830e52980fc59d050cc940f191b32e09df284292a_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0dc6a56baad15c9fa6d0669f6f59ba1c6b444ef75e5d2893fa4bdd970bdfe88b_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:af5c18868820a4d139ad9c7d6a1d0a78396d96deb455b00a918c7eaf2ffbaa8b_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:30491b87e69ba242c3eacb607c71c13a9957962c0ae75d63fbb1f7aff12e268b_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:614d1860d95c7e9a84ee68bb507f9970d0af63a7df3e744bd5e5a08a2a617914_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:9dbe9316331f9b7725f39d00dc2bc8433482750c8178066b002682894f92ed87_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:3b08518f62a113a06a16ca3bcccbc128703f34815d66162426daabfd9740b2c4_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:4e8a4d0bf152d8f50114d13ce51868506570825123b8df4eed426f524c01bde3_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:7a17b1b04fd0d9ae66ad0dfaacbf9bebe44f77449763cd82bd172551c8dd5906_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:508186184b17d924659ad9dcaa468cd4086bbe958b4dac1a6297e7cd4f88a418_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:c9d56d0bfd800bd72c990829b81676a261c288f783ab44788feffdaa00bd069c_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:ea0fb56298089dfd6ea04c4933e6e15668fe422b60b521cf1388783797ac7852_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:06f31605e19bd7f702e403b815b961f125d92466e208428547069b3712c7a20e_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:6348d3a07a76aa6eb90d1689cdf67a45559e752aec70d06261596f09d7ebca4f_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:c140c1da34f8cb38864f92201ac8c9aa6981318d1bd4ebf87cea698fdb80a6d7_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:7904a53e3117acf2baeae3911c6d1cdfb78964080bf5ff3ff5bff531ca6ef366_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:adbab231c9403261c85b6e4ff2c81c0d19e206106df60fd1551c9e30cb2d83f7_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:bb16d7f7ef2310afacf12a11808c3b792ed1f30929ef9a62ff9b094d3d8512cc_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-operator-bundle@sha256:523e689589595cff9ee11393506309c00d23bf8fb945e1475aeeffea3d517897_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:0b3edcd073a1f331c011ebcd4aaa8371f9114b78a48e590df450e1e9006404c3_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:c143f6d1ec4d3d9a917a99c65815752e24e93a5be212c8d41a7f945ffffa67cf_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:f42594e7760bf45ccba9d0494391b07b355d147a8ccfae3db602bceb74d8e35f_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-operator-bundle@sha256:1a88af8ae614593144ab405214444d954aa97ba13baa6ccf3b3498b424f983df_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:667a65330c7ed33805c30896ff9fa979c1aeed8883eb31750af9802f6feb7034_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:a78c13c0c3f17432dee6d22756d6656afffe33081a1db5fad0ab68798fb92580_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:b2359332ffb463d8af90bcc6871b0a5ff4e79ce82243ba89ace96e18e05964fa_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0264dd99af5af4a7a30c2b5830e52980fc59d050cc940f191b32e09df284292a_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0dc6a56baad15c9fa6d0669f6f59ba1c6b444ef75e5d2893fa4bdd970bdfe88b_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:af5c18868820a4d139ad9c7d6a1d0a78396d96deb455b00a918c7eaf2ffbaa8b_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:30491b87e69ba242c3eacb607c71c13a9957962c0ae75d63fbb1f7aff12e268b_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:614d1860d95c7e9a84ee68bb507f9970d0af63a7df3e744bd5e5a08a2a617914_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:9dbe9316331f9b7725f39d00dc2bc8433482750c8178066b002682894f92ed87_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:3b08518f62a113a06a16ca3bcccbc128703f34815d66162426daabfd9740b2c4_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:4e8a4d0bf152d8f50114d13ce51868506570825123b8df4eed426f524c01bde3_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:7a17b1b04fd0d9ae66ad0dfaacbf9bebe44f77449763cd82bd172551c8dd5906_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:508186184b17d924659ad9dcaa468cd4086bbe958b4dac1a6297e7cd4f88a418_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:c9d56d0bfd800bd72c990829b81676a261c288f783ab44788feffdaa00bd069c_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:ea0fb56298089dfd6ea04c4933e6e15668fe422b60b521cf1388783797ac7852_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:06f31605e19bd7f702e403b815b961f125d92466e208428547069b3712c7a20e_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:6348d3a07a76aa6eb90d1689cdf67a45559e752aec70d06261596f09d7ebca4f_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:c140c1da34f8cb38864f92201ac8c9aa6981318d1bd4ebf87cea698fdb80a6d7_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:7904a53e3117acf2baeae3911c6d1cdfb78964080bf5ff3ff5bff531ca6ef366_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:adbab231c9403261c85b6e4ff2c81c0d19e206106df60fd1551c9e30cb2d83f7_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:bb16d7f7ef2310afacf12a11808c3b792ed1f30929ef9a62ff9b094d3d8512cc_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "jackson-databind: mishandles the interaction between serialization gadgets and typing, related to org.apache.commons.dbcp2.datasources.PerUserPoolDataSource"
},
{
"cve": "CVE-2020-35491",
"cwe": {
"id": "CWE-96",
"name": "Improper Neutralization of Directives in Statically Saved Code (\u0027Static Code Injection\u0027)"
},
"discovery_date": "2020-12-17T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-operator-bundle@sha256:523e689589595cff9ee11393506309c00d23bf8fb945e1475aeeffea3d517897_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:0b3edcd073a1f331c011ebcd4aaa8371f9114b78a48e590df450e1e9006404c3_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:c143f6d1ec4d3d9a917a99c65815752e24e93a5be212c8d41a7f945ffffa67cf_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:f42594e7760bf45ccba9d0494391b07b355d147a8ccfae3db602bceb74d8e35f_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-operator-bundle@sha256:1a88af8ae614593144ab405214444d954aa97ba13baa6ccf3b3498b424f983df_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:667a65330c7ed33805c30896ff9fa979c1aeed8883eb31750af9802f6feb7034_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:a78c13c0c3f17432dee6d22756d6656afffe33081a1db5fad0ab68798fb92580_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:b2359332ffb463d8af90bcc6871b0a5ff4e79ce82243ba89ace96e18e05964fa_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0264dd99af5af4a7a30c2b5830e52980fc59d050cc940f191b32e09df284292a_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0dc6a56baad15c9fa6d0669f6f59ba1c6b444ef75e5d2893fa4bdd970bdfe88b_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:af5c18868820a4d139ad9c7d6a1d0a78396d96deb455b00a918c7eaf2ffbaa8b_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:3b08518f62a113a06a16ca3bcccbc128703f34815d66162426daabfd9740b2c4_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:4e8a4d0bf152d8f50114d13ce51868506570825123b8df4eed426f524c01bde3_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:7a17b1b04fd0d9ae66ad0dfaacbf9bebe44f77449763cd82bd172551c8dd5906_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:508186184b17d924659ad9dcaa468cd4086bbe958b4dac1a6297e7cd4f88a418_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:c9d56d0bfd800bd72c990829b81676a261c288f783ab44788feffdaa00bd069c_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:ea0fb56298089dfd6ea04c4933e6e15668fe422b60b521cf1388783797ac7852_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:06f31605e19bd7f702e403b815b961f125d92466e208428547069b3712c7a20e_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:6348d3a07a76aa6eb90d1689cdf67a45559e752aec70d06261596f09d7ebca4f_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:c140c1da34f8cb38864f92201ac8c9aa6981318d1bd4ebf87cea698fdb80a6d7_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:7904a53e3117acf2baeae3911c6d1cdfb78964080bf5ff3ff5bff531ca6ef366_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:adbab231c9403261c85b6e4ff2c81c0d19e206106df60fd1551c9e30cb2d83f7_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:bb16d7f7ef2310afacf12a11808c3b792ed1f30929ef9a62ff9b094d3d8512cc_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1909269"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in jackson-databind. FasterXML mishandles the interaction between serialization gadgets and typing. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: mishandles the interaction between serialization gadgets and typing, related to org.apache.commons.dbcp2.datasources.SharedPoolDataSource",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The following Red Hat products do ship the vulnerable component, but do not enable the unsafe conditions needed to exploit, lowering their vulnerability impact:\n* JBoss Data Grid 7\n* Business Process Management Suite 6\n* Business Rules Management Suite 6\n* JBoss Data Virtualization 6\n* Red Hat Fuse Service Works 6\n* Red Hat OpenStack Platform\n* Red Hat OpenShift containers: ose-metering-hadoop, ose-metering-hive, ose-logging-elasticsearch5, ose-logging-elasticsearch6 \nThese products may update the jackson-databind dependency in a future release.\n\nIn Red Hat Openshift 4 there are no plans to maintain the ose-logging-elasticsearch5 container, hence it has been marked wontfix at this time and may be fixed in a future update. \n\nThe following Red Hat products ship OpenDaylight, which contains the vulnerable jackson-databind, but do not expose jackson-databind in a way that would make it exploitable\n* Red Hat OpenStack Platform 13\nAs such, Red Hat will not be providing a fix for OpenDaylight at this time.\n\nThe following Red Hat products are not affected by this flaw because they use a more recent version of jackson-databind that does not contain the vulnerable code:\n* CodeReady Studio 12.16.0\n* Red Hat Enterprise Linux 8\n* Red Hat Enterprise Virtualization\n* Red Hat Satellite 6\n* Red Hat OpenShift container: ose-metering-presto",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:30491b87e69ba242c3eacb607c71c13a9957962c0ae75d63fbb1f7aff12e268b_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:614d1860d95c7e9a84ee68bb507f9970d0af63a7df3e744bd5e5a08a2a617914_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:9dbe9316331f9b7725f39d00dc2bc8433482750c8178066b002682894f92ed87_s390x"
],
"known_not_affected": [
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-operator-bundle@sha256:523e689589595cff9ee11393506309c00d23bf8fb945e1475aeeffea3d517897_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:0b3edcd073a1f331c011ebcd4aaa8371f9114b78a48e590df450e1e9006404c3_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:c143f6d1ec4d3d9a917a99c65815752e24e93a5be212c8d41a7f945ffffa67cf_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:f42594e7760bf45ccba9d0494391b07b355d147a8ccfae3db602bceb74d8e35f_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-operator-bundle@sha256:1a88af8ae614593144ab405214444d954aa97ba13baa6ccf3b3498b424f983df_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:667a65330c7ed33805c30896ff9fa979c1aeed8883eb31750af9802f6feb7034_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:a78c13c0c3f17432dee6d22756d6656afffe33081a1db5fad0ab68798fb92580_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:b2359332ffb463d8af90bcc6871b0a5ff4e79ce82243ba89ace96e18e05964fa_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0264dd99af5af4a7a30c2b5830e52980fc59d050cc940f191b32e09df284292a_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0dc6a56baad15c9fa6d0669f6f59ba1c6b444ef75e5d2893fa4bdd970bdfe88b_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:af5c18868820a4d139ad9c7d6a1d0a78396d96deb455b00a918c7eaf2ffbaa8b_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:3b08518f62a113a06a16ca3bcccbc128703f34815d66162426daabfd9740b2c4_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:4e8a4d0bf152d8f50114d13ce51868506570825123b8df4eed426f524c01bde3_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:7a17b1b04fd0d9ae66ad0dfaacbf9bebe44f77449763cd82bd172551c8dd5906_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:508186184b17d924659ad9dcaa468cd4086bbe958b4dac1a6297e7cd4f88a418_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:c9d56d0bfd800bd72c990829b81676a261c288f783ab44788feffdaa00bd069c_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:ea0fb56298089dfd6ea04c4933e6e15668fe422b60b521cf1388783797ac7852_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:06f31605e19bd7f702e403b815b961f125d92466e208428547069b3712c7a20e_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:6348d3a07a76aa6eb90d1689cdf67a45559e752aec70d06261596f09d7ebca4f_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:c140c1da34f8cb38864f92201ac8c9aa6981318d1bd4ebf87cea698fdb80a6d7_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:7904a53e3117acf2baeae3911c6d1cdfb78964080bf5ff3ff5bff531ca6ef366_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:adbab231c9403261c85b6e4ff2c81c0d19e206106df60fd1551c9e30cb2d83f7_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:bb16d7f7ef2310afacf12a11808c3b792ed1f30929ef9a62ff9b094d3d8512cc_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-35491"
},
{
"category": "external",
"summary": "RHBZ#1909269",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1909269"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-35491",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-35491"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-35491",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-35491"
},
{
"category": "external",
"summary": "https://cowtowncoder.medium.com/on-jackson-cves-dont-panic-here-is-what-you-need-to-know-54cd0d6e8062",
"url": "https://cowtowncoder.medium.com/on-jackson-cves-dont-panic-here-is-what-you-need-to-know-54cd0d6e8062"
},
{
"category": "external",
"summary": "https://github.com/FasterXML/jackson-databind/issues/2986",
"url": "https://github.com/FasterXML/jackson-databind/issues/2986"
}
],
"release_date": "2020-12-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-05-06T13:38:14+00:00",
"details": "For OpenShift Container Platform 4.7 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:\n\nhttps://docs.openshift.com/container-platform/4.7/release_notes/ocp-4-7-release-notes.html\n\nFor Red Hat OpenShift Logging 5.0, see the following instructions to apply this update:\n\nhttps://docs.openshift.com/container-platform/4.7/logging/cluster-logging-upgrading.html",
"product_ids": [
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:30491b87e69ba242c3eacb607c71c13a9957962c0ae75d63fbb1f7aff12e268b_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:614d1860d95c7e9a84ee68bb507f9970d0af63a7df3e744bd5e5a08a2a617914_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:9dbe9316331f9b7725f39d00dc2bc8433482750c8178066b002682894f92ed87_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:1515"
},
{
"category": "workaround",
"details": "The following conditions are needed for an exploit, we recommend avoiding all if possible:\n* Deserialization from sources you do not control\n* `enableDefaultTyping()`\n* `@JsonTypeInfo using `id.CLASS` or `id.MINIMAL_CLASS`\n* avoid org.apache.commons.dbcp2.datasources.PerUserPoolDataSource and org.apache.commons.dbcp2.datasources.SharedPoolDataSource in the classpath",
"product_ids": [
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-operator-bundle@sha256:523e689589595cff9ee11393506309c00d23bf8fb945e1475aeeffea3d517897_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:0b3edcd073a1f331c011ebcd4aaa8371f9114b78a48e590df450e1e9006404c3_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:c143f6d1ec4d3d9a917a99c65815752e24e93a5be212c8d41a7f945ffffa67cf_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:f42594e7760bf45ccba9d0494391b07b355d147a8ccfae3db602bceb74d8e35f_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-operator-bundle@sha256:1a88af8ae614593144ab405214444d954aa97ba13baa6ccf3b3498b424f983df_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:667a65330c7ed33805c30896ff9fa979c1aeed8883eb31750af9802f6feb7034_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:a78c13c0c3f17432dee6d22756d6656afffe33081a1db5fad0ab68798fb92580_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:b2359332ffb463d8af90bcc6871b0a5ff4e79ce82243ba89ace96e18e05964fa_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0264dd99af5af4a7a30c2b5830e52980fc59d050cc940f191b32e09df284292a_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0dc6a56baad15c9fa6d0669f6f59ba1c6b444ef75e5d2893fa4bdd970bdfe88b_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:af5c18868820a4d139ad9c7d6a1d0a78396d96deb455b00a918c7eaf2ffbaa8b_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:30491b87e69ba242c3eacb607c71c13a9957962c0ae75d63fbb1f7aff12e268b_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:614d1860d95c7e9a84ee68bb507f9970d0af63a7df3e744bd5e5a08a2a617914_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:9dbe9316331f9b7725f39d00dc2bc8433482750c8178066b002682894f92ed87_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:3b08518f62a113a06a16ca3bcccbc128703f34815d66162426daabfd9740b2c4_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:4e8a4d0bf152d8f50114d13ce51868506570825123b8df4eed426f524c01bde3_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:7a17b1b04fd0d9ae66ad0dfaacbf9bebe44f77449763cd82bd172551c8dd5906_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:508186184b17d924659ad9dcaa468cd4086bbe958b4dac1a6297e7cd4f88a418_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:c9d56d0bfd800bd72c990829b81676a261c288f783ab44788feffdaa00bd069c_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:ea0fb56298089dfd6ea04c4933e6e15668fe422b60b521cf1388783797ac7852_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:06f31605e19bd7f702e403b815b961f125d92466e208428547069b3712c7a20e_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:6348d3a07a76aa6eb90d1689cdf67a45559e752aec70d06261596f09d7ebca4f_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:c140c1da34f8cb38864f92201ac8c9aa6981318d1bd4ebf87cea698fdb80a6d7_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:7904a53e3117acf2baeae3911c6d1cdfb78964080bf5ff3ff5bff531ca6ef366_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:adbab231c9403261c85b6e4ff2c81c0d19e206106df60fd1551c9e30cb2d83f7_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:bb16d7f7ef2310afacf12a11808c3b792ed1f30929ef9a62ff9b094d3d8512cc_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-operator-bundle@sha256:523e689589595cff9ee11393506309c00d23bf8fb945e1475aeeffea3d517897_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:0b3edcd073a1f331c011ebcd4aaa8371f9114b78a48e590df450e1e9006404c3_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:c143f6d1ec4d3d9a917a99c65815752e24e93a5be212c8d41a7f945ffffa67cf_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:f42594e7760bf45ccba9d0494391b07b355d147a8ccfae3db602bceb74d8e35f_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-operator-bundle@sha256:1a88af8ae614593144ab405214444d954aa97ba13baa6ccf3b3498b424f983df_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:667a65330c7ed33805c30896ff9fa979c1aeed8883eb31750af9802f6feb7034_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:a78c13c0c3f17432dee6d22756d6656afffe33081a1db5fad0ab68798fb92580_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:b2359332ffb463d8af90bcc6871b0a5ff4e79ce82243ba89ace96e18e05964fa_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0264dd99af5af4a7a30c2b5830e52980fc59d050cc940f191b32e09df284292a_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0dc6a56baad15c9fa6d0669f6f59ba1c6b444ef75e5d2893fa4bdd970bdfe88b_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:af5c18868820a4d139ad9c7d6a1d0a78396d96deb455b00a918c7eaf2ffbaa8b_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:30491b87e69ba242c3eacb607c71c13a9957962c0ae75d63fbb1f7aff12e268b_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:614d1860d95c7e9a84ee68bb507f9970d0af63a7df3e744bd5e5a08a2a617914_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:9dbe9316331f9b7725f39d00dc2bc8433482750c8178066b002682894f92ed87_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:3b08518f62a113a06a16ca3bcccbc128703f34815d66162426daabfd9740b2c4_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:4e8a4d0bf152d8f50114d13ce51868506570825123b8df4eed426f524c01bde3_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:7a17b1b04fd0d9ae66ad0dfaacbf9bebe44f77449763cd82bd172551c8dd5906_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:508186184b17d924659ad9dcaa468cd4086bbe958b4dac1a6297e7cd4f88a418_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:c9d56d0bfd800bd72c990829b81676a261c288f783ab44788feffdaa00bd069c_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:ea0fb56298089dfd6ea04c4933e6e15668fe422b60b521cf1388783797ac7852_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:06f31605e19bd7f702e403b815b961f125d92466e208428547069b3712c7a20e_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:6348d3a07a76aa6eb90d1689cdf67a45559e752aec70d06261596f09d7ebca4f_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:c140c1da34f8cb38864f92201ac8c9aa6981318d1bd4ebf87cea698fdb80a6d7_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:7904a53e3117acf2baeae3911c6d1cdfb78964080bf5ff3ff5bff531ca6ef366_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:adbab231c9403261c85b6e4ff2c81c0d19e206106df60fd1551c9e30cb2d83f7_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:bb16d7f7ef2310afacf12a11808c3b792ed1f30929ef9a62ff9b094d3d8512cc_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "jackson-databind: mishandles the interaction between serialization gadgets and typing, related to org.apache.commons.dbcp2.datasources.SharedPoolDataSource"
},
{
"cve": "CVE-2020-35728",
"cwe": {
"id": "CWE-96",
"name": "Improper Neutralization of Directives in Statically Saved Code (\u0027Static Code Injection\u0027)"
},
"discovery_date": "2020-12-27T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-operator-bundle@sha256:523e689589595cff9ee11393506309c00d23bf8fb945e1475aeeffea3d517897_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:0b3edcd073a1f331c011ebcd4aaa8371f9114b78a48e590df450e1e9006404c3_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:c143f6d1ec4d3d9a917a99c65815752e24e93a5be212c8d41a7f945ffffa67cf_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:f42594e7760bf45ccba9d0494391b07b355d147a8ccfae3db602bceb74d8e35f_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-operator-bundle@sha256:1a88af8ae614593144ab405214444d954aa97ba13baa6ccf3b3498b424f983df_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:667a65330c7ed33805c30896ff9fa979c1aeed8883eb31750af9802f6feb7034_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:a78c13c0c3f17432dee6d22756d6656afffe33081a1db5fad0ab68798fb92580_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:b2359332ffb463d8af90bcc6871b0a5ff4e79ce82243ba89ace96e18e05964fa_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0264dd99af5af4a7a30c2b5830e52980fc59d050cc940f191b32e09df284292a_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0dc6a56baad15c9fa6d0669f6f59ba1c6b444ef75e5d2893fa4bdd970bdfe88b_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:af5c18868820a4d139ad9c7d6a1d0a78396d96deb455b00a918c7eaf2ffbaa8b_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:3b08518f62a113a06a16ca3bcccbc128703f34815d66162426daabfd9740b2c4_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:4e8a4d0bf152d8f50114d13ce51868506570825123b8df4eed426f524c01bde3_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:7a17b1b04fd0d9ae66ad0dfaacbf9bebe44f77449763cd82bd172551c8dd5906_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:508186184b17d924659ad9dcaa468cd4086bbe958b4dac1a6297e7cd4f88a418_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:c9d56d0bfd800bd72c990829b81676a261c288f783ab44788feffdaa00bd069c_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:ea0fb56298089dfd6ea04c4933e6e15668fe422b60b521cf1388783797ac7852_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:06f31605e19bd7f702e403b815b961f125d92466e208428547069b3712c7a20e_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:6348d3a07a76aa6eb90d1689cdf67a45559e752aec70d06261596f09d7ebca4f_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:c140c1da34f8cb38864f92201ac8c9aa6981318d1bd4ebf87cea698fdb80a6d7_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:7904a53e3117acf2baeae3911c6d1cdfb78964080bf5ff3ff5bff531ca6ef366_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:adbab231c9403261c85b6e4ff2c81c0d19e206106df60fd1551c9e30cb2d83f7_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:bb16d7f7ef2310afacf12a11808c3b792ed1f30929ef9a62ff9b094d3d8512cc_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1911502"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in jackson-databind. FasterXML mishandles the interaction between serialization gadgets and typing. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: mishandles the interaction between serialization gadgets and typing, related to com.oracle.wls.shaded.org.apache.xalan.lib.sql.JNDIConnectionPool",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The following Red Hat Products ship jackson-databind version 2.10.0 or later which is not considered affected by this CVE (see https://medium.com/@cowtowncoder/jackson-2-10-safe-default-typing-2d018f0ce2ba) \n* JBoss Data Grid 7\n* JBoss Data Grid 8\n* Enterprise Application Platform 7\n* Red Hat Decision Manager 7\n* Red Hat Process Automation Manager 7\n* Red Hat Single Sign-On (RH-SSO) 7\n* Red Hat JBoss Fuse 7\n* Red Hat JBoss A-MQ\n* Red Hat Enterprise Linux 8\n* Red Hat Satellite 6.6\n* Red Hat Satellite 6.7\n* Red Hat Satellite 6.8\n* Red Hat CodeReady Studio 12\n\nRed Hat OpenShift Container Platform and Red Hat OpenStack Platform does ship the vulnerable components, but does not enable the unsafe conditions needed to exploit, lowering their vulnerability impact.\n\nIn Red Hat Openshift 4 there are no plans to maintain the ose-logging-elasticsearch5 container, hence it has been marked wontfix at this time and may be fixed in a future update.\n\nRed Hat OpenStack Platform 13 ships OpenDaylight, which contains the vulnerable jackson-databind, but does not expose jackson-databind in a way that would make it exploitable. As such, Red Hat will not be providing a fix for OpenDaylight at this time.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:30491b87e69ba242c3eacb607c71c13a9957962c0ae75d63fbb1f7aff12e268b_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:614d1860d95c7e9a84ee68bb507f9970d0af63a7df3e744bd5e5a08a2a617914_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:9dbe9316331f9b7725f39d00dc2bc8433482750c8178066b002682894f92ed87_s390x"
],
"known_not_affected": [
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-operator-bundle@sha256:523e689589595cff9ee11393506309c00d23bf8fb945e1475aeeffea3d517897_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:0b3edcd073a1f331c011ebcd4aaa8371f9114b78a48e590df450e1e9006404c3_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:c143f6d1ec4d3d9a917a99c65815752e24e93a5be212c8d41a7f945ffffa67cf_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:f42594e7760bf45ccba9d0494391b07b355d147a8ccfae3db602bceb74d8e35f_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-operator-bundle@sha256:1a88af8ae614593144ab405214444d954aa97ba13baa6ccf3b3498b424f983df_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:667a65330c7ed33805c30896ff9fa979c1aeed8883eb31750af9802f6feb7034_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:a78c13c0c3f17432dee6d22756d6656afffe33081a1db5fad0ab68798fb92580_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:b2359332ffb463d8af90bcc6871b0a5ff4e79ce82243ba89ace96e18e05964fa_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0264dd99af5af4a7a30c2b5830e52980fc59d050cc940f191b32e09df284292a_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0dc6a56baad15c9fa6d0669f6f59ba1c6b444ef75e5d2893fa4bdd970bdfe88b_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:af5c18868820a4d139ad9c7d6a1d0a78396d96deb455b00a918c7eaf2ffbaa8b_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:3b08518f62a113a06a16ca3bcccbc128703f34815d66162426daabfd9740b2c4_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:4e8a4d0bf152d8f50114d13ce51868506570825123b8df4eed426f524c01bde3_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:7a17b1b04fd0d9ae66ad0dfaacbf9bebe44f77449763cd82bd172551c8dd5906_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:508186184b17d924659ad9dcaa468cd4086bbe958b4dac1a6297e7cd4f88a418_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:c9d56d0bfd800bd72c990829b81676a261c288f783ab44788feffdaa00bd069c_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:ea0fb56298089dfd6ea04c4933e6e15668fe422b60b521cf1388783797ac7852_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:06f31605e19bd7f702e403b815b961f125d92466e208428547069b3712c7a20e_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:6348d3a07a76aa6eb90d1689cdf67a45559e752aec70d06261596f09d7ebca4f_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:c140c1da34f8cb38864f92201ac8c9aa6981318d1bd4ebf87cea698fdb80a6d7_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:7904a53e3117acf2baeae3911c6d1cdfb78964080bf5ff3ff5bff531ca6ef366_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:adbab231c9403261c85b6e4ff2c81c0d19e206106df60fd1551c9e30cb2d83f7_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:bb16d7f7ef2310afacf12a11808c3b792ed1f30929ef9a62ff9b094d3d8512cc_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-35728"
},
{
"category": "external",
"summary": "RHBZ#1911502",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1911502"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-35728",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-35728"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-35728",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-35728"
},
{
"category": "external",
"summary": "https://cowtowncoder.medium.com/on-jackson-cves-dont-panic-here-is-what-you-need-to-know-54cd0d6e8062",
"url": "https://cowtowncoder.medium.com/on-jackson-cves-dont-panic-here-is-what-you-need-to-know-54cd0d6e8062"
},
{
"category": "external",
"summary": "https://github.com/FasterXML/jackson-databind/issues/2999",
"url": "https://github.com/FasterXML/jackson-databind/issues/2999"
}
],
"release_date": "2020-12-23T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-05-06T13:38:14+00:00",
"details": "For OpenShift Container Platform 4.7 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:\n\nhttps://docs.openshift.com/container-platform/4.7/release_notes/ocp-4-7-release-notes.html\n\nFor Red Hat OpenShift Logging 5.0, see the following instructions to apply this update:\n\nhttps://docs.openshift.com/container-platform/4.7/logging/cluster-logging-upgrading.html",
"product_ids": [
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:30491b87e69ba242c3eacb607c71c13a9957962c0ae75d63fbb1f7aff12e268b_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:614d1860d95c7e9a84ee68bb507f9970d0af63a7df3e744bd5e5a08a2a617914_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:9dbe9316331f9b7725f39d00dc2bc8433482750c8178066b002682894f92ed87_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:1515"
},
{
"category": "workaround",
"details": "The following conditions are needed for an exploit, we recommend avoiding all if possible:\n* Deserialization from sources you do not control\n* `enableDefaultTyping()`\n* `@JsonTypeInfo using `id.CLASS` or `id.MINIMAL_CLASS`\n* avoid com.oracle.wls.shaded.org.apache.xalan.lib.sql.JNDIConnectionPool in the classpath",
"product_ids": [
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-operator-bundle@sha256:523e689589595cff9ee11393506309c00d23bf8fb945e1475aeeffea3d517897_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:0b3edcd073a1f331c011ebcd4aaa8371f9114b78a48e590df450e1e9006404c3_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:c143f6d1ec4d3d9a917a99c65815752e24e93a5be212c8d41a7f945ffffa67cf_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:f42594e7760bf45ccba9d0494391b07b355d147a8ccfae3db602bceb74d8e35f_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-operator-bundle@sha256:1a88af8ae614593144ab405214444d954aa97ba13baa6ccf3b3498b424f983df_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:667a65330c7ed33805c30896ff9fa979c1aeed8883eb31750af9802f6feb7034_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:a78c13c0c3f17432dee6d22756d6656afffe33081a1db5fad0ab68798fb92580_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:b2359332ffb463d8af90bcc6871b0a5ff4e79ce82243ba89ace96e18e05964fa_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0264dd99af5af4a7a30c2b5830e52980fc59d050cc940f191b32e09df284292a_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0dc6a56baad15c9fa6d0669f6f59ba1c6b444ef75e5d2893fa4bdd970bdfe88b_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:af5c18868820a4d139ad9c7d6a1d0a78396d96deb455b00a918c7eaf2ffbaa8b_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:30491b87e69ba242c3eacb607c71c13a9957962c0ae75d63fbb1f7aff12e268b_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:614d1860d95c7e9a84ee68bb507f9970d0af63a7df3e744bd5e5a08a2a617914_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:9dbe9316331f9b7725f39d00dc2bc8433482750c8178066b002682894f92ed87_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:3b08518f62a113a06a16ca3bcccbc128703f34815d66162426daabfd9740b2c4_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:4e8a4d0bf152d8f50114d13ce51868506570825123b8df4eed426f524c01bde3_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:7a17b1b04fd0d9ae66ad0dfaacbf9bebe44f77449763cd82bd172551c8dd5906_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:508186184b17d924659ad9dcaa468cd4086bbe958b4dac1a6297e7cd4f88a418_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:c9d56d0bfd800bd72c990829b81676a261c288f783ab44788feffdaa00bd069c_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:ea0fb56298089dfd6ea04c4933e6e15668fe422b60b521cf1388783797ac7852_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:06f31605e19bd7f702e403b815b961f125d92466e208428547069b3712c7a20e_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:6348d3a07a76aa6eb90d1689cdf67a45559e752aec70d06261596f09d7ebca4f_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:c140c1da34f8cb38864f92201ac8c9aa6981318d1bd4ebf87cea698fdb80a6d7_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:7904a53e3117acf2baeae3911c6d1cdfb78964080bf5ff3ff5bff531ca6ef366_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:adbab231c9403261c85b6e4ff2c81c0d19e206106df60fd1551c9e30cb2d83f7_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:bb16d7f7ef2310afacf12a11808c3b792ed1f30929ef9a62ff9b094d3d8512cc_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-operator-bundle@sha256:523e689589595cff9ee11393506309c00d23bf8fb945e1475aeeffea3d517897_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:0b3edcd073a1f331c011ebcd4aaa8371f9114b78a48e590df450e1e9006404c3_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:c143f6d1ec4d3d9a917a99c65815752e24e93a5be212c8d41a7f945ffffa67cf_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:f42594e7760bf45ccba9d0494391b07b355d147a8ccfae3db602bceb74d8e35f_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-operator-bundle@sha256:1a88af8ae614593144ab405214444d954aa97ba13baa6ccf3b3498b424f983df_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:667a65330c7ed33805c30896ff9fa979c1aeed8883eb31750af9802f6feb7034_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:a78c13c0c3f17432dee6d22756d6656afffe33081a1db5fad0ab68798fb92580_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:b2359332ffb463d8af90bcc6871b0a5ff4e79ce82243ba89ace96e18e05964fa_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0264dd99af5af4a7a30c2b5830e52980fc59d050cc940f191b32e09df284292a_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0dc6a56baad15c9fa6d0669f6f59ba1c6b444ef75e5d2893fa4bdd970bdfe88b_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:af5c18868820a4d139ad9c7d6a1d0a78396d96deb455b00a918c7eaf2ffbaa8b_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:30491b87e69ba242c3eacb607c71c13a9957962c0ae75d63fbb1f7aff12e268b_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:614d1860d95c7e9a84ee68bb507f9970d0af63a7df3e744bd5e5a08a2a617914_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:9dbe9316331f9b7725f39d00dc2bc8433482750c8178066b002682894f92ed87_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:3b08518f62a113a06a16ca3bcccbc128703f34815d66162426daabfd9740b2c4_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:4e8a4d0bf152d8f50114d13ce51868506570825123b8df4eed426f524c01bde3_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:7a17b1b04fd0d9ae66ad0dfaacbf9bebe44f77449763cd82bd172551c8dd5906_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:508186184b17d924659ad9dcaa468cd4086bbe958b4dac1a6297e7cd4f88a418_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:c9d56d0bfd800bd72c990829b81676a261c288f783ab44788feffdaa00bd069c_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:ea0fb56298089dfd6ea04c4933e6e15668fe422b60b521cf1388783797ac7852_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:06f31605e19bd7f702e403b815b961f125d92466e208428547069b3712c7a20e_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:6348d3a07a76aa6eb90d1689cdf67a45559e752aec70d06261596f09d7ebca4f_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:c140c1da34f8cb38864f92201ac8c9aa6981318d1bd4ebf87cea698fdb80a6d7_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:7904a53e3117acf2baeae3911c6d1cdfb78964080bf5ff3ff5bff531ca6ef366_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:adbab231c9403261c85b6e4ff2c81c0d19e206106df60fd1551c9e30cb2d83f7_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:bb16d7f7ef2310afacf12a11808c3b792ed1f30929ef9a62ff9b094d3d8512cc_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "jackson-databind: mishandles the interaction between serialization gadgets and typing, related to com.oracle.wls.shaded.org.apache.xalan.lib.sql.JNDIConnectionPool"
},
{
"cve": "CVE-2020-36179",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2021-01-06T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-operator-bundle@sha256:523e689589595cff9ee11393506309c00d23bf8fb945e1475aeeffea3d517897_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:0b3edcd073a1f331c011ebcd4aaa8371f9114b78a48e590df450e1e9006404c3_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:c143f6d1ec4d3d9a917a99c65815752e24e93a5be212c8d41a7f945ffffa67cf_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:f42594e7760bf45ccba9d0494391b07b355d147a8ccfae3db602bceb74d8e35f_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-operator-bundle@sha256:1a88af8ae614593144ab405214444d954aa97ba13baa6ccf3b3498b424f983df_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:667a65330c7ed33805c30896ff9fa979c1aeed8883eb31750af9802f6feb7034_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:a78c13c0c3f17432dee6d22756d6656afffe33081a1db5fad0ab68798fb92580_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:b2359332ffb463d8af90bcc6871b0a5ff4e79ce82243ba89ace96e18e05964fa_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0264dd99af5af4a7a30c2b5830e52980fc59d050cc940f191b32e09df284292a_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0dc6a56baad15c9fa6d0669f6f59ba1c6b444ef75e5d2893fa4bdd970bdfe88b_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:af5c18868820a4d139ad9c7d6a1d0a78396d96deb455b00a918c7eaf2ffbaa8b_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:3b08518f62a113a06a16ca3bcccbc128703f34815d66162426daabfd9740b2c4_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:4e8a4d0bf152d8f50114d13ce51868506570825123b8df4eed426f524c01bde3_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:7a17b1b04fd0d9ae66ad0dfaacbf9bebe44f77449763cd82bd172551c8dd5906_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:508186184b17d924659ad9dcaa468cd4086bbe958b4dac1a6297e7cd4f88a418_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:c9d56d0bfd800bd72c990829b81676a261c288f783ab44788feffdaa00bd069c_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:ea0fb56298089dfd6ea04c4933e6e15668fe422b60b521cf1388783797ac7852_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:06f31605e19bd7f702e403b815b961f125d92466e208428547069b3712c7a20e_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:6348d3a07a76aa6eb90d1689cdf67a45559e752aec70d06261596f09d7ebca4f_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:c140c1da34f8cb38864f92201ac8c9aa6981318d1bd4ebf87cea698fdb80a6d7_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:7904a53e3117acf2baeae3911c6d1cdfb78964080bf5ff3ff5bff531ca6ef366_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:adbab231c9403261c85b6e4ff2c81c0d19e206106df60fd1551c9e30cb2d83f7_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:bb16d7f7ef2310afacf12a11808c3b792ed1f30929ef9a62ff9b094d3d8512cc_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1913871"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in jackson-databind. FasterXML mishandles the interaction between serialization gadgets and typing. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: mishandles the interaction between serialization gadgets and typing, related to oadd.org.apache.commons.dbcp.cpdsadapter.DriverAdapterCPDS",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The following Red Hat products do ship the vulnerable component, but do not enable the unsafe conditions needed to exploit, lowering their vulnerability impact:\n* JBoss Data Grid 7\n* Business Process Management Suite 6\n* Business Rules Management Suite 6\n* JBoss Data Virtualization 6\n* Red Hat Fuse Service Works 6\n* Red Hat OpenStack Platform\n* Red Hat OpenShift containers: ose-metering-hadoop, ose-metering-hive, ose-logging-elasticsearch5, ose-logging-elasticsearch6 \nThese products may update the jackson-databind dependency in a future release.\n\nIn Red Hat Openshift 4 there are no plans to maintain the ose-logging-elasticsearch5 container, therefore it has been marked wontfix at this time and may be fixed in a future update. \n\nThe following Red Hat products ship OpenDaylight, which contains the vulnerable jackson-databind, but do not expose jackson-databind in a way that would make it exploitable:\n* Red Hat OpenStack Platform 13\nAs such, Red Hat will not be providing a fix for OpenDaylight at this time.\n\nThe following Red Hat products are not affected by this flaw because they use a more recent version of jackson-databind that does not contain the vulnerable code:\n* CodeReady Studio 12.16.0\n* Red Hat Enterprise Linux 8\n* Red Hat Enterprise Virtualization\n* Red Hat Satellite 6\n* Red Hat OpenShift container: ose-metering-presto",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:30491b87e69ba242c3eacb607c71c13a9957962c0ae75d63fbb1f7aff12e268b_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:614d1860d95c7e9a84ee68bb507f9970d0af63a7df3e744bd5e5a08a2a617914_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:9dbe9316331f9b7725f39d00dc2bc8433482750c8178066b002682894f92ed87_s390x"
],
"known_not_affected": [
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-operator-bundle@sha256:523e689589595cff9ee11393506309c00d23bf8fb945e1475aeeffea3d517897_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:0b3edcd073a1f331c011ebcd4aaa8371f9114b78a48e590df450e1e9006404c3_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:c143f6d1ec4d3d9a917a99c65815752e24e93a5be212c8d41a7f945ffffa67cf_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:f42594e7760bf45ccba9d0494391b07b355d147a8ccfae3db602bceb74d8e35f_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-operator-bundle@sha256:1a88af8ae614593144ab405214444d954aa97ba13baa6ccf3b3498b424f983df_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:667a65330c7ed33805c30896ff9fa979c1aeed8883eb31750af9802f6feb7034_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:a78c13c0c3f17432dee6d22756d6656afffe33081a1db5fad0ab68798fb92580_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:b2359332ffb463d8af90bcc6871b0a5ff4e79ce82243ba89ace96e18e05964fa_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0264dd99af5af4a7a30c2b5830e52980fc59d050cc940f191b32e09df284292a_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0dc6a56baad15c9fa6d0669f6f59ba1c6b444ef75e5d2893fa4bdd970bdfe88b_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:af5c18868820a4d139ad9c7d6a1d0a78396d96deb455b00a918c7eaf2ffbaa8b_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:3b08518f62a113a06a16ca3bcccbc128703f34815d66162426daabfd9740b2c4_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:4e8a4d0bf152d8f50114d13ce51868506570825123b8df4eed426f524c01bde3_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:7a17b1b04fd0d9ae66ad0dfaacbf9bebe44f77449763cd82bd172551c8dd5906_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:508186184b17d924659ad9dcaa468cd4086bbe958b4dac1a6297e7cd4f88a418_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:c9d56d0bfd800bd72c990829b81676a261c288f783ab44788feffdaa00bd069c_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:ea0fb56298089dfd6ea04c4933e6e15668fe422b60b521cf1388783797ac7852_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:06f31605e19bd7f702e403b815b961f125d92466e208428547069b3712c7a20e_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:6348d3a07a76aa6eb90d1689cdf67a45559e752aec70d06261596f09d7ebca4f_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:c140c1da34f8cb38864f92201ac8c9aa6981318d1bd4ebf87cea698fdb80a6d7_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:7904a53e3117acf2baeae3911c6d1cdfb78964080bf5ff3ff5bff531ca6ef366_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:adbab231c9403261c85b6e4ff2c81c0d19e206106df60fd1551c9e30cb2d83f7_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:bb16d7f7ef2310afacf12a11808c3b792ed1f30929ef9a62ff9b094d3d8512cc_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-36179"
},
{
"category": "external",
"summary": "RHBZ#1913871",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1913871"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-36179",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-36179"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-36179",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-36179"
},
{
"category": "external",
"summary": "https://github.com/FasterXML/jackson-databind/issues/3004",
"url": "https://github.com/FasterXML/jackson-databind/issues/3004"
}
],
"release_date": "2020-12-31T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-05-06T13:38:14+00:00",
"details": "For OpenShift Container Platform 4.7 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:\n\nhttps://docs.openshift.com/container-platform/4.7/release_notes/ocp-4-7-release-notes.html\n\nFor Red Hat OpenShift Logging 5.0, see the following instructions to apply this update:\n\nhttps://docs.openshift.com/container-platform/4.7/logging/cluster-logging-upgrading.html",
"product_ids": [
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:30491b87e69ba242c3eacb607c71c13a9957962c0ae75d63fbb1f7aff12e268b_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:614d1860d95c7e9a84ee68bb507f9970d0af63a7df3e744bd5e5a08a2a617914_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:9dbe9316331f9b7725f39d00dc2bc8433482750c8178066b002682894f92ed87_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:1515"
},
{
"category": "workaround",
"details": "The following conditions are needed for an exploit, we recommend avoiding all if possible:\n* Deserialization from sources you do not control\n* `enableDefaultTyping()`\n* `@JsonTypeInfo using `id.CLASS` or `id.MINIMAL_CLASS`\n* avoid: oadd.org.apache.commons.dbcp.cpdsadapter.DriverAdapterCPDS, org.apache.commons.dbcp2.cpdsadapter.DriverAdapterCPDS, org.apache.tomcat.dbcp.dbcp.cpdsadapter.DriverAdapterCPDS, org.apache.tomcat.dbcp.dbcp2.cpdsadapter.DriverAdapterCPDS, org.docx4j.org.apache.xalan.lib.sql.JNDIConnectionPool, org.apache.tomcat.dbcp.dbcp2.datasources.PerUserPoolDataSource, org.apache.tomcat.dbcp.dbcp2.datasources.SharedPoolDataSource, org.apache.tomcat.dbcp.dbcp.datasources.PerUserPoolDataSource, org.apache.tomcat.dbcp.dbcp.datasources.SharedPoolDataSource, com.newrelic.agent.deps.ch.qos.logback.core.db.JNDIConnectionSource, com.newrelic.agent.deps.ch.qos.logback.core.db.DriverManagerConnectionSource\nin the classpath",
"product_ids": [
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-operator-bundle@sha256:523e689589595cff9ee11393506309c00d23bf8fb945e1475aeeffea3d517897_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:0b3edcd073a1f331c011ebcd4aaa8371f9114b78a48e590df450e1e9006404c3_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:c143f6d1ec4d3d9a917a99c65815752e24e93a5be212c8d41a7f945ffffa67cf_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:f42594e7760bf45ccba9d0494391b07b355d147a8ccfae3db602bceb74d8e35f_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-operator-bundle@sha256:1a88af8ae614593144ab405214444d954aa97ba13baa6ccf3b3498b424f983df_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:667a65330c7ed33805c30896ff9fa979c1aeed8883eb31750af9802f6feb7034_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:a78c13c0c3f17432dee6d22756d6656afffe33081a1db5fad0ab68798fb92580_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:b2359332ffb463d8af90bcc6871b0a5ff4e79ce82243ba89ace96e18e05964fa_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0264dd99af5af4a7a30c2b5830e52980fc59d050cc940f191b32e09df284292a_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0dc6a56baad15c9fa6d0669f6f59ba1c6b444ef75e5d2893fa4bdd970bdfe88b_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:af5c18868820a4d139ad9c7d6a1d0a78396d96deb455b00a918c7eaf2ffbaa8b_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:30491b87e69ba242c3eacb607c71c13a9957962c0ae75d63fbb1f7aff12e268b_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:614d1860d95c7e9a84ee68bb507f9970d0af63a7df3e744bd5e5a08a2a617914_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:9dbe9316331f9b7725f39d00dc2bc8433482750c8178066b002682894f92ed87_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:3b08518f62a113a06a16ca3bcccbc128703f34815d66162426daabfd9740b2c4_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:4e8a4d0bf152d8f50114d13ce51868506570825123b8df4eed426f524c01bde3_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:7a17b1b04fd0d9ae66ad0dfaacbf9bebe44f77449763cd82bd172551c8dd5906_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:508186184b17d924659ad9dcaa468cd4086bbe958b4dac1a6297e7cd4f88a418_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:c9d56d0bfd800bd72c990829b81676a261c288f783ab44788feffdaa00bd069c_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:ea0fb56298089dfd6ea04c4933e6e15668fe422b60b521cf1388783797ac7852_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:06f31605e19bd7f702e403b815b961f125d92466e208428547069b3712c7a20e_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:6348d3a07a76aa6eb90d1689cdf67a45559e752aec70d06261596f09d7ebca4f_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:c140c1da34f8cb38864f92201ac8c9aa6981318d1bd4ebf87cea698fdb80a6d7_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:7904a53e3117acf2baeae3911c6d1cdfb78964080bf5ff3ff5bff531ca6ef366_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:adbab231c9403261c85b6e4ff2c81c0d19e206106df60fd1551c9e30cb2d83f7_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:bb16d7f7ef2310afacf12a11808c3b792ed1f30929ef9a62ff9b094d3d8512cc_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-operator-bundle@sha256:523e689589595cff9ee11393506309c00d23bf8fb945e1475aeeffea3d517897_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:0b3edcd073a1f331c011ebcd4aaa8371f9114b78a48e590df450e1e9006404c3_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:c143f6d1ec4d3d9a917a99c65815752e24e93a5be212c8d41a7f945ffffa67cf_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:f42594e7760bf45ccba9d0494391b07b355d147a8ccfae3db602bceb74d8e35f_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-operator-bundle@sha256:1a88af8ae614593144ab405214444d954aa97ba13baa6ccf3b3498b424f983df_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:667a65330c7ed33805c30896ff9fa979c1aeed8883eb31750af9802f6feb7034_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:a78c13c0c3f17432dee6d22756d6656afffe33081a1db5fad0ab68798fb92580_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:b2359332ffb463d8af90bcc6871b0a5ff4e79ce82243ba89ace96e18e05964fa_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0264dd99af5af4a7a30c2b5830e52980fc59d050cc940f191b32e09df284292a_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0dc6a56baad15c9fa6d0669f6f59ba1c6b444ef75e5d2893fa4bdd970bdfe88b_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:af5c18868820a4d139ad9c7d6a1d0a78396d96deb455b00a918c7eaf2ffbaa8b_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:30491b87e69ba242c3eacb607c71c13a9957962c0ae75d63fbb1f7aff12e268b_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:614d1860d95c7e9a84ee68bb507f9970d0af63a7df3e744bd5e5a08a2a617914_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:9dbe9316331f9b7725f39d00dc2bc8433482750c8178066b002682894f92ed87_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:3b08518f62a113a06a16ca3bcccbc128703f34815d66162426daabfd9740b2c4_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:4e8a4d0bf152d8f50114d13ce51868506570825123b8df4eed426f524c01bde3_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:7a17b1b04fd0d9ae66ad0dfaacbf9bebe44f77449763cd82bd172551c8dd5906_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:508186184b17d924659ad9dcaa468cd4086bbe958b4dac1a6297e7cd4f88a418_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:c9d56d0bfd800bd72c990829b81676a261c288f783ab44788feffdaa00bd069c_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:ea0fb56298089dfd6ea04c4933e6e15668fe422b60b521cf1388783797ac7852_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:06f31605e19bd7f702e403b815b961f125d92466e208428547069b3712c7a20e_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:6348d3a07a76aa6eb90d1689cdf67a45559e752aec70d06261596f09d7ebca4f_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:c140c1da34f8cb38864f92201ac8c9aa6981318d1bd4ebf87cea698fdb80a6d7_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:7904a53e3117acf2baeae3911c6d1cdfb78964080bf5ff3ff5bff531ca6ef366_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:adbab231c9403261c85b6e4ff2c81c0d19e206106df60fd1551c9e30cb2d83f7_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:bb16d7f7ef2310afacf12a11808c3b792ed1f30929ef9a62ff9b094d3d8512cc_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "jackson-databind: mishandles the interaction between serialization gadgets and typing, related to oadd.org.apache.commons.dbcp.cpdsadapter.DriverAdapterCPDS"
},
{
"cve": "CVE-2020-36180",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2021-01-06T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-operator-bundle@sha256:523e689589595cff9ee11393506309c00d23bf8fb945e1475aeeffea3d517897_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:0b3edcd073a1f331c011ebcd4aaa8371f9114b78a48e590df450e1e9006404c3_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:c143f6d1ec4d3d9a917a99c65815752e24e93a5be212c8d41a7f945ffffa67cf_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:f42594e7760bf45ccba9d0494391b07b355d147a8ccfae3db602bceb74d8e35f_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-operator-bundle@sha256:1a88af8ae614593144ab405214444d954aa97ba13baa6ccf3b3498b424f983df_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:667a65330c7ed33805c30896ff9fa979c1aeed8883eb31750af9802f6feb7034_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:a78c13c0c3f17432dee6d22756d6656afffe33081a1db5fad0ab68798fb92580_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:b2359332ffb463d8af90bcc6871b0a5ff4e79ce82243ba89ace96e18e05964fa_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0264dd99af5af4a7a30c2b5830e52980fc59d050cc940f191b32e09df284292a_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0dc6a56baad15c9fa6d0669f6f59ba1c6b444ef75e5d2893fa4bdd970bdfe88b_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:af5c18868820a4d139ad9c7d6a1d0a78396d96deb455b00a918c7eaf2ffbaa8b_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:3b08518f62a113a06a16ca3bcccbc128703f34815d66162426daabfd9740b2c4_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:4e8a4d0bf152d8f50114d13ce51868506570825123b8df4eed426f524c01bde3_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:7a17b1b04fd0d9ae66ad0dfaacbf9bebe44f77449763cd82bd172551c8dd5906_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:508186184b17d924659ad9dcaa468cd4086bbe958b4dac1a6297e7cd4f88a418_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:c9d56d0bfd800bd72c990829b81676a261c288f783ab44788feffdaa00bd069c_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:ea0fb56298089dfd6ea04c4933e6e15668fe422b60b521cf1388783797ac7852_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:06f31605e19bd7f702e403b815b961f125d92466e208428547069b3712c7a20e_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:6348d3a07a76aa6eb90d1689cdf67a45559e752aec70d06261596f09d7ebca4f_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:c140c1da34f8cb38864f92201ac8c9aa6981318d1bd4ebf87cea698fdb80a6d7_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:7904a53e3117acf2baeae3911c6d1cdfb78964080bf5ff3ff5bff531ca6ef366_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:adbab231c9403261c85b6e4ff2c81c0d19e206106df60fd1551c9e30cb2d83f7_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:bb16d7f7ef2310afacf12a11808c3b792ed1f30929ef9a62ff9b094d3d8512cc_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1913872"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in jackson-databind. FasterXML mishandles the interaction between serialization gadgets and typing. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: mishandles the interaction between serialization gadgets and typing, related to org.apache.commons.dbcp2.cpdsadapter.DriverAdapterCPDS",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The following Red Hat products do ship the vulnerable component, but do not enable the unsafe conditions needed to exploit, lowering their vulnerability impact:\n* JBoss Data Grid 7\n* Business Process Management Suite 6\n* Business Rules Management Suite 6\n* JBoss Data Virtualization 6\n* Red Hat Fuse Service Works 6\n* Red Hat OpenStack Platform\n* Red Hat OpenShift containers: ose-metering-hadoop, ose-metering-hive, ose-logging-elasticsearch5, ose-logging-elasticsearch6 \nThese products may update the jackson-databind dependency in a future release.\n\nIn Red Hat Openshift 4 there are no plans to maintain the ose-logging-elasticsearch5 container, therefore it has been marked wontfix at this time and may be fixed in a future update. \n\nThe following Red Hat products ship OpenDaylight, which contains the vulnerable jackson-databind, but do not expose jackson-databind in a way that would make it exploitable:\n* Red Hat OpenStack Platform 13\nAs such, Red Hat will not be providing a fix for OpenDaylight at this time.\n\nThe following Red Hat products are not affected by this flaw because they use a more recent version of jackson-databind that does not contain the vulnerable code:\n* CodeReady Studio 12.16.0\n* Red Hat Enterprise Linux 8\n* Red Hat Enterprise Virtualization\n* Red Hat Satellite 6\n* Red Hat OpenShift container: ose-metering-presto",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:30491b87e69ba242c3eacb607c71c13a9957962c0ae75d63fbb1f7aff12e268b_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:614d1860d95c7e9a84ee68bb507f9970d0af63a7df3e744bd5e5a08a2a617914_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:9dbe9316331f9b7725f39d00dc2bc8433482750c8178066b002682894f92ed87_s390x"
],
"known_not_affected": [
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-operator-bundle@sha256:523e689589595cff9ee11393506309c00d23bf8fb945e1475aeeffea3d517897_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:0b3edcd073a1f331c011ebcd4aaa8371f9114b78a48e590df450e1e9006404c3_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:c143f6d1ec4d3d9a917a99c65815752e24e93a5be212c8d41a7f945ffffa67cf_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:f42594e7760bf45ccba9d0494391b07b355d147a8ccfae3db602bceb74d8e35f_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-operator-bundle@sha256:1a88af8ae614593144ab405214444d954aa97ba13baa6ccf3b3498b424f983df_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:667a65330c7ed33805c30896ff9fa979c1aeed8883eb31750af9802f6feb7034_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:a78c13c0c3f17432dee6d22756d6656afffe33081a1db5fad0ab68798fb92580_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:b2359332ffb463d8af90bcc6871b0a5ff4e79ce82243ba89ace96e18e05964fa_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0264dd99af5af4a7a30c2b5830e52980fc59d050cc940f191b32e09df284292a_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0dc6a56baad15c9fa6d0669f6f59ba1c6b444ef75e5d2893fa4bdd970bdfe88b_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:af5c18868820a4d139ad9c7d6a1d0a78396d96deb455b00a918c7eaf2ffbaa8b_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:3b08518f62a113a06a16ca3bcccbc128703f34815d66162426daabfd9740b2c4_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:4e8a4d0bf152d8f50114d13ce51868506570825123b8df4eed426f524c01bde3_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:7a17b1b04fd0d9ae66ad0dfaacbf9bebe44f77449763cd82bd172551c8dd5906_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:508186184b17d924659ad9dcaa468cd4086bbe958b4dac1a6297e7cd4f88a418_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:c9d56d0bfd800bd72c990829b81676a261c288f783ab44788feffdaa00bd069c_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:ea0fb56298089dfd6ea04c4933e6e15668fe422b60b521cf1388783797ac7852_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:06f31605e19bd7f702e403b815b961f125d92466e208428547069b3712c7a20e_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:6348d3a07a76aa6eb90d1689cdf67a45559e752aec70d06261596f09d7ebca4f_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:c140c1da34f8cb38864f92201ac8c9aa6981318d1bd4ebf87cea698fdb80a6d7_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:7904a53e3117acf2baeae3911c6d1cdfb78964080bf5ff3ff5bff531ca6ef366_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:adbab231c9403261c85b6e4ff2c81c0d19e206106df60fd1551c9e30cb2d83f7_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:bb16d7f7ef2310afacf12a11808c3b792ed1f30929ef9a62ff9b094d3d8512cc_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-36180"
},
{
"category": "external",
"summary": "RHBZ#1913872",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1913872"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-36180",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-36180"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-36180",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-36180"
},
{
"category": "external",
"summary": "https://github.com/FasterXML/jackson-databind/issues/3004",
"url": "https://github.com/FasterXML/jackson-databind/issues/3004"
}
],
"release_date": "2020-12-31T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-05-06T13:38:14+00:00",
"details": "For OpenShift Container Platform 4.7 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:\n\nhttps://docs.openshift.com/container-platform/4.7/release_notes/ocp-4-7-release-notes.html\n\nFor Red Hat OpenShift Logging 5.0, see the following instructions to apply this update:\n\nhttps://docs.openshift.com/container-platform/4.7/logging/cluster-logging-upgrading.html",
"product_ids": [
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:30491b87e69ba242c3eacb607c71c13a9957962c0ae75d63fbb1f7aff12e268b_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:614d1860d95c7e9a84ee68bb507f9970d0af63a7df3e744bd5e5a08a2a617914_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:9dbe9316331f9b7725f39d00dc2bc8433482750c8178066b002682894f92ed87_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:1515"
},
{
"category": "workaround",
"details": "The following conditions are needed for an exploit, we recommend avoiding all if possible:\n* Deserialization from sources you do not control\n* `enableDefaultTyping()`\n* `@JsonTypeInfo using `id.CLASS` or `id.MINIMAL_CLASS`\n* avoid: oadd.org.apache.commons.dbcp.cpdsadapter.DriverAdapterCPDS, org.apache.commons.dbcp2.cpdsadapter.DriverAdapterCPDS, org.apache.tomcat.dbcp.dbcp.cpdsadapter.DriverAdapterCPDS, org.apache.tomcat.dbcp.dbcp2.cpdsadapter.DriverAdapterCPDS, org.docx4j.org.apache.xalan.lib.sql.JNDIConnectionPool, org.apache.tomcat.dbcp.dbcp2.datasources.PerUserPoolDataSource, org.apache.tomcat.dbcp.dbcp2.datasources.SharedPoolDataSource, org.apache.tomcat.dbcp.dbcp.datasources.PerUserPoolDataSource, org.apache.tomcat.dbcp.dbcp.datasources.SharedPoolDataSource, com.newrelic.agent.deps.ch.qos.logback.core.db.JNDIConnectionSource, com.newrelic.agent.deps.ch.qos.logback.core.db.DriverManagerConnectionSource\nin the classpath",
"product_ids": [
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-operator-bundle@sha256:523e689589595cff9ee11393506309c00d23bf8fb945e1475aeeffea3d517897_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:0b3edcd073a1f331c011ebcd4aaa8371f9114b78a48e590df450e1e9006404c3_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:c143f6d1ec4d3d9a917a99c65815752e24e93a5be212c8d41a7f945ffffa67cf_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:f42594e7760bf45ccba9d0494391b07b355d147a8ccfae3db602bceb74d8e35f_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-operator-bundle@sha256:1a88af8ae614593144ab405214444d954aa97ba13baa6ccf3b3498b424f983df_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:667a65330c7ed33805c30896ff9fa979c1aeed8883eb31750af9802f6feb7034_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:a78c13c0c3f17432dee6d22756d6656afffe33081a1db5fad0ab68798fb92580_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:b2359332ffb463d8af90bcc6871b0a5ff4e79ce82243ba89ace96e18e05964fa_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0264dd99af5af4a7a30c2b5830e52980fc59d050cc940f191b32e09df284292a_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0dc6a56baad15c9fa6d0669f6f59ba1c6b444ef75e5d2893fa4bdd970bdfe88b_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:af5c18868820a4d139ad9c7d6a1d0a78396d96deb455b00a918c7eaf2ffbaa8b_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:30491b87e69ba242c3eacb607c71c13a9957962c0ae75d63fbb1f7aff12e268b_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:614d1860d95c7e9a84ee68bb507f9970d0af63a7df3e744bd5e5a08a2a617914_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:9dbe9316331f9b7725f39d00dc2bc8433482750c8178066b002682894f92ed87_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:3b08518f62a113a06a16ca3bcccbc128703f34815d66162426daabfd9740b2c4_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:4e8a4d0bf152d8f50114d13ce51868506570825123b8df4eed426f524c01bde3_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:7a17b1b04fd0d9ae66ad0dfaacbf9bebe44f77449763cd82bd172551c8dd5906_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:508186184b17d924659ad9dcaa468cd4086bbe958b4dac1a6297e7cd4f88a418_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:c9d56d0bfd800bd72c990829b81676a261c288f783ab44788feffdaa00bd069c_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:ea0fb56298089dfd6ea04c4933e6e15668fe422b60b521cf1388783797ac7852_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:06f31605e19bd7f702e403b815b961f125d92466e208428547069b3712c7a20e_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:6348d3a07a76aa6eb90d1689cdf67a45559e752aec70d06261596f09d7ebca4f_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:c140c1da34f8cb38864f92201ac8c9aa6981318d1bd4ebf87cea698fdb80a6d7_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:7904a53e3117acf2baeae3911c6d1cdfb78964080bf5ff3ff5bff531ca6ef366_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:adbab231c9403261c85b6e4ff2c81c0d19e206106df60fd1551c9e30cb2d83f7_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:bb16d7f7ef2310afacf12a11808c3b792ed1f30929ef9a62ff9b094d3d8512cc_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-operator-bundle@sha256:523e689589595cff9ee11393506309c00d23bf8fb945e1475aeeffea3d517897_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:0b3edcd073a1f331c011ebcd4aaa8371f9114b78a48e590df450e1e9006404c3_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:c143f6d1ec4d3d9a917a99c65815752e24e93a5be212c8d41a7f945ffffa67cf_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:f42594e7760bf45ccba9d0494391b07b355d147a8ccfae3db602bceb74d8e35f_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-operator-bundle@sha256:1a88af8ae614593144ab405214444d954aa97ba13baa6ccf3b3498b424f983df_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:667a65330c7ed33805c30896ff9fa979c1aeed8883eb31750af9802f6feb7034_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:a78c13c0c3f17432dee6d22756d6656afffe33081a1db5fad0ab68798fb92580_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:b2359332ffb463d8af90bcc6871b0a5ff4e79ce82243ba89ace96e18e05964fa_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0264dd99af5af4a7a30c2b5830e52980fc59d050cc940f191b32e09df284292a_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0dc6a56baad15c9fa6d0669f6f59ba1c6b444ef75e5d2893fa4bdd970bdfe88b_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:af5c18868820a4d139ad9c7d6a1d0a78396d96deb455b00a918c7eaf2ffbaa8b_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:30491b87e69ba242c3eacb607c71c13a9957962c0ae75d63fbb1f7aff12e268b_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:614d1860d95c7e9a84ee68bb507f9970d0af63a7df3e744bd5e5a08a2a617914_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:9dbe9316331f9b7725f39d00dc2bc8433482750c8178066b002682894f92ed87_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:3b08518f62a113a06a16ca3bcccbc128703f34815d66162426daabfd9740b2c4_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:4e8a4d0bf152d8f50114d13ce51868506570825123b8df4eed426f524c01bde3_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:7a17b1b04fd0d9ae66ad0dfaacbf9bebe44f77449763cd82bd172551c8dd5906_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:508186184b17d924659ad9dcaa468cd4086bbe958b4dac1a6297e7cd4f88a418_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:c9d56d0bfd800bd72c990829b81676a261c288f783ab44788feffdaa00bd069c_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:ea0fb56298089dfd6ea04c4933e6e15668fe422b60b521cf1388783797ac7852_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:06f31605e19bd7f702e403b815b961f125d92466e208428547069b3712c7a20e_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:6348d3a07a76aa6eb90d1689cdf67a45559e752aec70d06261596f09d7ebca4f_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:c140c1da34f8cb38864f92201ac8c9aa6981318d1bd4ebf87cea698fdb80a6d7_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:7904a53e3117acf2baeae3911c6d1cdfb78964080bf5ff3ff5bff531ca6ef366_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:adbab231c9403261c85b6e4ff2c81c0d19e206106df60fd1551c9e30cb2d83f7_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:bb16d7f7ef2310afacf12a11808c3b792ed1f30929ef9a62ff9b094d3d8512cc_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "jackson-databind: mishandles the interaction between serialization gadgets and typing, related to org.apache.commons.dbcp2.cpdsadapter.DriverAdapterCPDS"
},
{
"cve": "CVE-2020-36181",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2021-01-06T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-operator-bundle@sha256:523e689589595cff9ee11393506309c00d23bf8fb945e1475aeeffea3d517897_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:0b3edcd073a1f331c011ebcd4aaa8371f9114b78a48e590df450e1e9006404c3_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:c143f6d1ec4d3d9a917a99c65815752e24e93a5be212c8d41a7f945ffffa67cf_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:f42594e7760bf45ccba9d0494391b07b355d147a8ccfae3db602bceb74d8e35f_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-operator-bundle@sha256:1a88af8ae614593144ab405214444d954aa97ba13baa6ccf3b3498b424f983df_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:667a65330c7ed33805c30896ff9fa979c1aeed8883eb31750af9802f6feb7034_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:a78c13c0c3f17432dee6d22756d6656afffe33081a1db5fad0ab68798fb92580_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:b2359332ffb463d8af90bcc6871b0a5ff4e79ce82243ba89ace96e18e05964fa_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0264dd99af5af4a7a30c2b5830e52980fc59d050cc940f191b32e09df284292a_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0dc6a56baad15c9fa6d0669f6f59ba1c6b444ef75e5d2893fa4bdd970bdfe88b_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:af5c18868820a4d139ad9c7d6a1d0a78396d96deb455b00a918c7eaf2ffbaa8b_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:3b08518f62a113a06a16ca3bcccbc128703f34815d66162426daabfd9740b2c4_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:4e8a4d0bf152d8f50114d13ce51868506570825123b8df4eed426f524c01bde3_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:7a17b1b04fd0d9ae66ad0dfaacbf9bebe44f77449763cd82bd172551c8dd5906_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:508186184b17d924659ad9dcaa468cd4086bbe958b4dac1a6297e7cd4f88a418_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:c9d56d0bfd800bd72c990829b81676a261c288f783ab44788feffdaa00bd069c_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:ea0fb56298089dfd6ea04c4933e6e15668fe422b60b521cf1388783797ac7852_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:06f31605e19bd7f702e403b815b961f125d92466e208428547069b3712c7a20e_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:6348d3a07a76aa6eb90d1689cdf67a45559e752aec70d06261596f09d7ebca4f_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:c140c1da34f8cb38864f92201ac8c9aa6981318d1bd4ebf87cea698fdb80a6d7_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:7904a53e3117acf2baeae3911c6d1cdfb78964080bf5ff3ff5bff531ca6ef366_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:adbab231c9403261c85b6e4ff2c81c0d19e206106df60fd1551c9e30cb2d83f7_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:bb16d7f7ef2310afacf12a11808c3b792ed1f30929ef9a62ff9b094d3d8512cc_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1913874"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in jackson-databind. FasterXML mishandles the interaction between serialization gadgets and typing. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp.cpdsadapter.DriverAdapterCPDS",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The following Red Hat products do ship the vulnerable component, but do not enable the unsafe conditions needed to exploit, lowering their vulnerability impact:\n* JBoss Data Grid 7\n* Business Process Management Suite 6\n* Business Rules Management Suite 6\n* JBoss Data Virtualization 6\n* Red Hat Fuse Service Works 6\n* Red Hat OpenStack Platform\n* Red Hat OpenShift containers: ose-metering-hadoop, ose-metering-hive, ose-logging-elasticsearch5, ose-logging-elasticsearch6 \nThese products may update the jackson-databind dependency in a future release.\n\nIn Red Hat Openshift 4 there are no plans to maintain the ose-logging-elasticsearch5 container, therefore it has been marked wontfix at this time and may be fixed in a future update. \n\nThe following Red Hat products ship OpenDaylight, which contains the vulnerable jackson-databind, but does not expose jackson-databind in a way that would make it exploitable:\n* Red Hat OpenStack Platform 13\nAs such, Red Hat will not be providing a fix for OpenDaylight at this time.\n\nThe following Red Hat products are not affected by this flaw because they use a more recent version of jackson-databind that does not contain the vulnerable code:\n* CodeReady Studio 12.16.0\n* Red Hat Enterprise Linux 8\n* Red Hat Enterprise Virtualization\n* Red Hat Satellite 6\n* Red Hat OpenShift container: ose-metering-presto",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:30491b87e69ba242c3eacb607c71c13a9957962c0ae75d63fbb1f7aff12e268b_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:614d1860d95c7e9a84ee68bb507f9970d0af63a7df3e744bd5e5a08a2a617914_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:9dbe9316331f9b7725f39d00dc2bc8433482750c8178066b002682894f92ed87_s390x"
],
"known_not_affected": [
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-operator-bundle@sha256:523e689589595cff9ee11393506309c00d23bf8fb945e1475aeeffea3d517897_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:0b3edcd073a1f331c011ebcd4aaa8371f9114b78a48e590df450e1e9006404c3_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:c143f6d1ec4d3d9a917a99c65815752e24e93a5be212c8d41a7f945ffffa67cf_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:f42594e7760bf45ccba9d0494391b07b355d147a8ccfae3db602bceb74d8e35f_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-operator-bundle@sha256:1a88af8ae614593144ab405214444d954aa97ba13baa6ccf3b3498b424f983df_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:667a65330c7ed33805c30896ff9fa979c1aeed8883eb31750af9802f6feb7034_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:a78c13c0c3f17432dee6d22756d6656afffe33081a1db5fad0ab68798fb92580_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:b2359332ffb463d8af90bcc6871b0a5ff4e79ce82243ba89ace96e18e05964fa_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0264dd99af5af4a7a30c2b5830e52980fc59d050cc940f191b32e09df284292a_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0dc6a56baad15c9fa6d0669f6f59ba1c6b444ef75e5d2893fa4bdd970bdfe88b_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:af5c18868820a4d139ad9c7d6a1d0a78396d96deb455b00a918c7eaf2ffbaa8b_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:3b08518f62a113a06a16ca3bcccbc128703f34815d66162426daabfd9740b2c4_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:4e8a4d0bf152d8f50114d13ce51868506570825123b8df4eed426f524c01bde3_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:7a17b1b04fd0d9ae66ad0dfaacbf9bebe44f77449763cd82bd172551c8dd5906_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:508186184b17d924659ad9dcaa468cd4086bbe958b4dac1a6297e7cd4f88a418_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:c9d56d0bfd800bd72c990829b81676a261c288f783ab44788feffdaa00bd069c_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:ea0fb56298089dfd6ea04c4933e6e15668fe422b60b521cf1388783797ac7852_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:06f31605e19bd7f702e403b815b961f125d92466e208428547069b3712c7a20e_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:6348d3a07a76aa6eb90d1689cdf67a45559e752aec70d06261596f09d7ebca4f_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:c140c1da34f8cb38864f92201ac8c9aa6981318d1bd4ebf87cea698fdb80a6d7_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:7904a53e3117acf2baeae3911c6d1cdfb78964080bf5ff3ff5bff531ca6ef366_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:adbab231c9403261c85b6e4ff2c81c0d19e206106df60fd1551c9e30cb2d83f7_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:bb16d7f7ef2310afacf12a11808c3b792ed1f30929ef9a62ff9b094d3d8512cc_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-36181"
},
{
"category": "external",
"summary": "RHBZ#1913874",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1913874"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-36181",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-36181"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-36181",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-36181"
},
{
"category": "external",
"summary": "https://github.com/FasterXML/jackson-databind/issues/3004",
"url": "https://github.com/FasterXML/jackson-databind/issues/3004"
}
],
"release_date": "2020-12-31T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-05-06T13:38:14+00:00",
"details": "For OpenShift Container Platform 4.7 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:\n\nhttps://docs.openshift.com/container-platform/4.7/release_notes/ocp-4-7-release-notes.html\n\nFor Red Hat OpenShift Logging 5.0, see the following instructions to apply this update:\n\nhttps://docs.openshift.com/container-platform/4.7/logging/cluster-logging-upgrading.html",
"product_ids": [
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:30491b87e69ba242c3eacb607c71c13a9957962c0ae75d63fbb1f7aff12e268b_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:614d1860d95c7e9a84ee68bb507f9970d0af63a7df3e744bd5e5a08a2a617914_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:9dbe9316331f9b7725f39d00dc2bc8433482750c8178066b002682894f92ed87_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:1515"
},
{
"category": "workaround",
"details": "The following conditions are needed for an exploit, we recommend avoiding all if possible:\n* Deserialization from sources you do not control\n* `enableDefaultTyping()`\n* `@JsonTypeInfo using `id.CLASS` or `id.MINIMAL_CLASS`\n* avoid: oadd.org.apache.commons.dbcp.cpdsadapter.DriverAdapterCPDS, org.apache.commons.dbcp2.cpdsadapter.DriverAdapterCPDS, org.apache.tomcat.dbcp.dbcp.cpdsadapter.DriverAdapterCPDS, org.apache.tomcat.dbcp.dbcp2.cpdsadapter.DriverAdapterCPDS, org.docx4j.org.apache.xalan.lib.sql.JNDIConnectionPool, org.apache.tomcat.dbcp.dbcp2.datasources.PerUserPoolDataSource, org.apache.tomcat.dbcp.dbcp2.datasources.SharedPoolDataSource, org.apache.tomcat.dbcp.dbcp.datasources.PerUserPoolDataSource, org.apache.tomcat.dbcp.dbcp.datasources.SharedPoolDataSource, com.newrelic.agent.deps.ch.qos.logback.core.db.JNDIConnectionSource, com.newrelic.agent.deps.ch.qos.logback.core.db.DriverManagerConnectionSource\nin the classpath",
"product_ids": [
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-operator-bundle@sha256:523e689589595cff9ee11393506309c00d23bf8fb945e1475aeeffea3d517897_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:0b3edcd073a1f331c011ebcd4aaa8371f9114b78a48e590df450e1e9006404c3_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:c143f6d1ec4d3d9a917a99c65815752e24e93a5be212c8d41a7f945ffffa67cf_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:f42594e7760bf45ccba9d0494391b07b355d147a8ccfae3db602bceb74d8e35f_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-operator-bundle@sha256:1a88af8ae614593144ab405214444d954aa97ba13baa6ccf3b3498b424f983df_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:667a65330c7ed33805c30896ff9fa979c1aeed8883eb31750af9802f6feb7034_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:a78c13c0c3f17432dee6d22756d6656afffe33081a1db5fad0ab68798fb92580_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:b2359332ffb463d8af90bcc6871b0a5ff4e79ce82243ba89ace96e18e05964fa_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0264dd99af5af4a7a30c2b5830e52980fc59d050cc940f191b32e09df284292a_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0dc6a56baad15c9fa6d0669f6f59ba1c6b444ef75e5d2893fa4bdd970bdfe88b_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:af5c18868820a4d139ad9c7d6a1d0a78396d96deb455b00a918c7eaf2ffbaa8b_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:30491b87e69ba242c3eacb607c71c13a9957962c0ae75d63fbb1f7aff12e268b_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:614d1860d95c7e9a84ee68bb507f9970d0af63a7df3e744bd5e5a08a2a617914_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:9dbe9316331f9b7725f39d00dc2bc8433482750c8178066b002682894f92ed87_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:3b08518f62a113a06a16ca3bcccbc128703f34815d66162426daabfd9740b2c4_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:4e8a4d0bf152d8f50114d13ce51868506570825123b8df4eed426f524c01bde3_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:7a17b1b04fd0d9ae66ad0dfaacbf9bebe44f77449763cd82bd172551c8dd5906_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:508186184b17d924659ad9dcaa468cd4086bbe958b4dac1a6297e7cd4f88a418_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:c9d56d0bfd800bd72c990829b81676a261c288f783ab44788feffdaa00bd069c_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:ea0fb56298089dfd6ea04c4933e6e15668fe422b60b521cf1388783797ac7852_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:06f31605e19bd7f702e403b815b961f125d92466e208428547069b3712c7a20e_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:6348d3a07a76aa6eb90d1689cdf67a45559e752aec70d06261596f09d7ebca4f_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:c140c1da34f8cb38864f92201ac8c9aa6981318d1bd4ebf87cea698fdb80a6d7_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:7904a53e3117acf2baeae3911c6d1cdfb78964080bf5ff3ff5bff531ca6ef366_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:adbab231c9403261c85b6e4ff2c81c0d19e206106df60fd1551c9e30cb2d83f7_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:bb16d7f7ef2310afacf12a11808c3b792ed1f30929ef9a62ff9b094d3d8512cc_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-operator-bundle@sha256:523e689589595cff9ee11393506309c00d23bf8fb945e1475aeeffea3d517897_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:0b3edcd073a1f331c011ebcd4aaa8371f9114b78a48e590df450e1e9006404c3_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:c143f6d1ec4d3d9a917a99c65815752e24e93a5be212c8d41a7f945ffffa67cf_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:f42594e7760bf45ccba9d0494391b07b355d147a8ccfae3db602bceb74d8e35f_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-operator-bundle@sha256:1a88af8ae614593144ab405214444d954aa97ba13baa6ccf3b3498b424f983df_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:667a65330c7ed33805c30896ff9fa979c1aeed8883eb31750af9802f6feb7034_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:a78c13c0c3f17432dee6d22756d6656afffe33081a1db5fad0ab68798fb92580_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:b2359332ffb463d8af90bcc6871b0a5ff4e79ce82243ba89ace96e18e05964fa_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0264dd99af5af4a7a30c2b5830e52980fc59d050cc940f191b32e09df284292a_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0dc6a56baad15c9fa6d0669f6f59ba1c6b444ef75e5d2893fa4bdd970bdfe88b_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:af5c18868820a4d139ad9c7d6a1d0a78396d96deb455b00a918c7eaf2ffbaa8b_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:30491b87e69ba242c3eacb607c71c13a9957962c0ae75d63fbb1f7aff12e268b_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:614d1860d95c7e9a84ee68bb507f9970d0af63a7df3e744bd5e5a08a2a617914_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:9dbe9316331f9b7725f39d00dc2bc8433482750c8178066b002682894f92ed87_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:3b08518f62a113a06a16ca3bcccbc128703f34815d66162426daabfd9740b2c4_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:4e8a4d0bf152d8f50114d13ce51868506570825123b8df4eed426f524c01bde3_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:7a17b1b04fd0d9ae66ad0dfaacbf9bebe44f77449763cd82bd172551c8dd5906_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:508186184b17d924659ad9dcaa468cd4086bbe958b4dac1a6297e7cd4f88a418_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:c9d56d0bfd800bd72c990829b81676a261c288f783ab44788feffdaa00bd069c_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:ea0fb56298089dfd6ea04c4933e6e15668fe422b60b521cf1388783797ac7852_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:06f31605e19bd7f702e403b815b961f125d92466e208428547069b3712c7a20e_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:6348d3a07a76aa6eb90d1689cdf67a45559e752aec70d06261596f09d7ebca4f_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:c140c1da34f8cb38864f92201ac8c9aa6981318d1bd4ebf87cea698fdb80a6d7_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:7904a53e3117acf2baeae3911c6d1cdfb78964080bf5ff3ff5bff531ca6ef366_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:adbab231c9403261c85b6e4ff2c81c0d19e206106df60fd1551c9e30cb2d83f7_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:bb16d7f7ef2310afacf12a11808c3b792ed1f30929ef9a62ff9b094d3d8512cc_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "jackson-databind: mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp.cpdsadapter.DriverAdapterCPDS"
},
{
"cve": "CVE-2020-36182",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2021-01-06T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-operator-bundle@sha256:523e689589595cff9ee11393506309c00d23bf8fb945e1475aeeffea3d517897_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:0b3edcd073a1f331c011ebcd4aaa8371f9114b78a48e590df450e1e9006404c3_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:c143f6d1ec4d3d9a917a99c65815752e24e93a5be212c8d41a7f945ffffa67cf_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:f42594e7760bf45ccba9d0494391b07b355d147a8ccfae3db602bceb74d8e35f_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-operator-bundle@sha256:1a88af8ae614593144ab405214444d954aa97ba13baa6ccf3b3498b424f983df_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:667a65330c7ed33805c30896ff9fa979c1aeed8883eb31750af9802f6feb7034_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:a78c13c0c3f17432dee6d22756d6656afffe33081a1db5fad0ab68798fb92580_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:b2359332ffb463d8af90bcc6871b0a5ff4e79ce82243ba89ace96e18e05964fa_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0264dd99af5af4a7a30c2b5830e52980fc59d050cc940f191b32e09df284292a_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0dc6a56baad15c9fa6d0669f6f59ba1c6b444ef75e5d2893fa4bdd970bdfe88b_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:af5c18868820a4d139ad9c7d6a1d0a78396d96deb455b00a918c7eaf2ffbaa8b_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:3b08518f62a113a06a16ca3bcccbc128703f34815d66162426daabfd9740b2c4_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:4e8a4d0bf152d8f50114d13ce51868506570825123b8df4eed426f524c01bde3_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:7a17b1b04fd0d9ae66ad0dfaacbf9bebe44f77449763cd82bd172551c8dd5906_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:508186184b17d924659ad9dcaa468cd4086bbe958b4dac1a6297e7cd4f88a418_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:c9d56d0bfd800bd72c990829b81676a261c288f783ab44788feffdaa00bd069c_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:ea0fb56298089dfd6ea04c4933e6e15668fe422b60b521cf1388783797ac7852_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:06f31605e19bd7f702e403b815b961f125d92466e208428547069b3712c7a20e_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:6348d3a07a76aa6eb90d1689cdf67a45559e752aec70d06261596f09d7ebca4f_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:c140c1da34f8cb38864f92201ac8c9aa6981318d1bd4ebf87cea698fdb80a6d7_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:7904a53e3117acf2baeae3911c6d1cdfb78964080bf5ff3ff5bff531ca6ef366_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:adbab231c9403261c85b6e4ff2c81c0d19e206106df60fd1551c9e30cb2d83f7_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:bb16d7f7ef2310afacf12a11808c3b792ed1f30929ef9a62ff9b094d3d8512cc_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1913926"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in jackson-databind. FasterXML mishandles the interaction between serialization gadgets and typing. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp2.cpdsadapter.DriverAdapterCPDS",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The following Red Hat products do ship the vulnerable component, but do not enable the unsafe conditions needed to exploit, lowering their vulnerability impact:\n* JBoss Data Grid 7\n* Business Process Management Suite 6\n* Business Rules Management Suite 6\n* JBoss Data Virtualization 6\n* Red Hat Fuse Service Works 6\n* Red Hat OpenStack Platform\n* Red Hat OpenShift containers: ose-metering-hadoop, ose-metering-hive, ose-logging-elasticsearch5, ose-logging-elasticsearch6 \nThese products may update the jackson-databind dependency in a future release.\n\nIn Red Hat Openshift 4 there are no plans to maintain the ose-logging-elasticsearch5 container, therefore it has been marked wontfix at this time and may be fixed in a future update. \n\nThe following Red Hat products ship OpenDaylight, which contains the vulnerable jackson-databind, but do not expose jackson-databind in a way that would make it exploitable:\n* Red Hat OpenStack Platform 13\nAs such, Red Hat will not be providing a fix for OpenDaylight at this time.\n\nThe following Red Hat products are not affected by this flaw because they use a more recent version of jackson-databind that does not contain the vulnerable code:\n* CodeReady Studio 12.16.0\n* Red Hat Enterprise Linux 8\n* Red Hat Enterprise Virtualization\n* Red Hat Satellite 6\n* Red Hat OpenShift container: ose-metering-presto",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:30491b87e69ba242c3eacb607c71c13a9957962c0ae75d63fbb1f7aff12e268b_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:614d1860d95c7e9a84ee68bb507f9970d0af63a7df3e744bd5e5a08a2a617914_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:9dbe9316331f9b7725f39d00dc2bc8433482750c8178066b002682894f92ed87_s390x"
],
"known_not_affected": [
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-operator-bundle@sha256:523e689589595cff9ee11393506309c00d23bf8fb945e1475aeeffea3d517897_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:0b3edcd073a1f331c011ebcd4aaa8371f9114b78a48e590df450e1e9006404c3_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:c143f6d1ec4d3d9a917a99c65815752e24e93a5be212c8d41a7f945ffffa67cf_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:f42594e7760bf45ccba9d0494391b07b355d147a8ccfae3db602bceb74d8e35f_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-operator-bundle@sha256:1a88af8ae614593144ab405214444d954aa97ba13baa6ccf3b3498b424f983df_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:667a65330c7ed33805c30896ff9fa979c1aeed8883eb31750af9802f6feb7034_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:a78c13c0c3f17432dee6d22756d6656afffe33081a1db5fad0ab68798fb92580_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:b2359332ffb463d8af90bcc6871b0a5ff4e79ce82243ba89ace96e18e05964fa_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0264dd99af5af4a7a30c2b5830e52980fc59d050cc940f191b32e09df284292a_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0dc6a56baad15c9fa6d0669f6f59ba1c6b444ef75e5d2893fa4bdd970bdfe88b_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:af5c18868820a4d139ad9c7d6a1d0a78396d96deb455b00a918c7eaf2ffbaa8b_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:3b08518f62a113a06a16ca3bcccbc128703f34815d66162426daabfd9740b2c4_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:4e8a4d0bf152d8f50114d13ce51868506570825123b8df4eed426f524c01bde3_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:7a17b1b04fd0d9ae66ad0dfaacbf9bebe44f77449763cd82bd172551c8dd5906_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:508186184b17d924659ad9dcaa468cd4086bbe958b4dac1a6297e7cd4f88a418_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:c9d56d0bfd800bd72c990829b81676a261c288f783ab44788feffdaa00bd069c_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:ea0fb56298089dfd6ea04c4933e6e15668fe422b60b521cf1388783797ac7852_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:06f31605e19bd7f702e403b815b961f125d92466e208428547069b3712c7a20e_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:6348d3a07a76aa6eb90d1689cdf67a45559e752aec70d06261596f09d7ebca4f_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:c140c1da34f8cb38864f92201ac8c9aa6981318d1bd4ebf87cea698fdb80a6d7_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:7904a53e3117acf2baeae3911c6d1cdfb78964080bf5ff3ff5bff531ca6ef366_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:adbab231c9403261c85b6e4ff2c81c0d19e206106df60fd1551c9e30cb2d83f7_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:bb16d7f7ef2310afacf12a11808c3b792ed1f30929ef9a62ff9b094d3d8512cc_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-36182"
},
{
"category": "external",
"summary": "RHBZ#1913926",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1913926"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-36182",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-36182"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-36182",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-36182"
},
{
"category": "external",
"summary": "https://github.com/FasterXML/jackson-databind/issues/3004",
"url": "https://github.com/FasterXML/jackson-databind/issues/3004"
}
],
"release_date": "2020-12-31T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-05-06T13:38:14+00:00",
"details": "For OpenShift Container Platform 4.7 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:\n\nhttps://docs.openshift.com/container-platform/4.7/release_notes/ocp-4-7-release-notes.html\n\nFor Red Hat OpenShift Logging 5.0, see the following instructions to apply this update:\n\nhttps://docs.openshift.com/container-platform/4.7/logging/cluster-logging-upgrading.html",
"product_ids": [
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:30491b87e69ba242c3eacb607c71c13a9957962c0ae75d63fbb1f7aff12e268b_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:614d1860d95c7e9a84ee68bb507f9970d0af63a7df3e744bd5e5a08a2a617914_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:9dbe9316331f9b7725f39d00dc2bc8433482750c8178066b002682894f92ed87_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:1515"
},
{
"category": "workaround",
"details": "The following conditions are needed for an exploit, we recommend avoiding all if possible:\n* Deserialization from sources you do not control\n* `enableDefaultTyping()`\n* `@JsonTypeInfo using `id.CLASS` or `id.MINIMAL_CLASS`\n* avoid: oadd.org.apache.commons.dbcp.cpdsadapter.DriverAdapterCPDS, org.apache.commons.dbcp2.cpdsadapter.DriverAdapterCPDS, org.apache.tomcat.dbcp.dbcp.cpdsadapter.DriverAdapterCPDS, org.apache.tomcat.dbcp.dbcp2.cpdsadapter.DriverAdapterCPDS, org.docx4j.org.apache.xalan.lib.sql.JNDIConnectionPool, org.apache.tomcat.dbcp.dbcp2.datasources.PerUserPoolDataSource, org.apache.tomcat.dbcp.dbcp2.datasources.SharedPoolDataSource, org.apache.tomcat.dbcp.dbcp.datasources.PerUserPoolDataSource, org.apache.tomcat.dbcp.dbcp.datasources.SharedPoolDataSource, com.newrelic.agent.deps.ch.qos.logback.core.db.JNDIConnectionSource, com.newrelic.agent.deps.ch.qos.logback.core.db.DriverManagerConnectionSource\nin the classpath",
"product_ids": [
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-operator-bundle@sha256:523e689589595cff9ee11393506309c00d23bf8fb945e1475aeeffea3d517897_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:0b3edcd073a1f331c011ebcd4aaa8371f9114b78a48e590df450e1e9006404c3_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:c143f6d1ec4d3d9a917a99c65815752e24e93a5be212c8d41a7f945ffffa67cf_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:f42594e7760bf45ccba9d0494391b07b355d147a8ccfae3db602bceb74d8e35f_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-operator-bundle@sha256:1a88af8ae614593144ab405214444d954aa97ba13baa6ccf3b3498b424f983df_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:667a65330c7ed33805c30896ff9fa979c1aeed8883eb31750af9802f6feb7034_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:a78c13c0c3f17432dee6d22756d6656afffe33081a1db5fad0ab68798fb92580_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:b2359332ffb463d8af90bcc6871b0a5ff4e79ce82243ba89ace96e18e05964fa_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0264dd99af5af4a7a30c2b5830e52980fc59d050cc940f191b32e09df284292a_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0dc6a56baad15c9fa6d0669f6f59ba1c6b444ef75e5d2893fa4bdd970bdfe88b_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:af5c18868820a4d139ad9c7d6a1d0a78396d96deb455b00a918c7eaf2ffbaa8b_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:30491b87e69ba242c3eacb607c71c13a9957962c0ae75d63fbb1f7aff12e268b_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:614d1860d95c7e9a84ee68bb507f9970d0af63a7df3e744bd5e5a08a2a617914_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:9dbe9316331f9b7725f39d00dc2bc8433482750c8178066b002682894f92ed87_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:3b08518f62a113a06a16ca3bcccbc128703f34815d66162426daabfd9740b2c4_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:4e8a4d0bf152d8f50114d13ce51868506570825123b8df4eed426f524c01bde3_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:7a17b1b04fd0d9ae66ad0dfaacbf9bebe44f77449763cd82bd172551c8dd5906_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:508186184b17d924659ad9dcaa468cd4086bbe958b4dac1a6297e7cd4f88a418_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:c9d56d0bfd800bd72c990829b81676a261c288f783ab44788feffdaa00bd069c_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:ea0fb56298089dfd6ea04c4933e6e15668fe422b60b521cf1388783797ac7852_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:06f31605e19bd7f702e403b815b961f125d92466e208428547069b3712c7a20e_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:6348d3a07a76aa6eb90d1689cdf67a45559e752aec70d06261596f09d7ebca4f_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:c140c1da34f8cb38864f92201ac8c9aa6981318d1bd4ebf87cea698fdb80a6d7_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:7904a53e3117acf2baeae3911c6d1cdfb78964080bf5ff3ff5bff531ca6ef366_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:adbab231c9403261c85b6e4ff2c81c0d19e206106df60fd1551c9e30cb2d83f7_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:bb16d7f7ef2310afacf12a11808c3b792ed1f30929ef9a62ff9b094d3d8512cc_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-operator-bundle@sha256:523e689589595cff9ee11393506309c00d23bf8fb945e1475aeeffea3d517897_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:0b3edcd073a1f331c011ebcd4aaa8371f9114b78a48e590df450e1e9006404c3_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:c143f6d1ec4d3d9a917a99c65815752e24e93a5be212c8d41a7f945ffffa67cf_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:f42594e7760bf45ccba9d0494391b07b355d147a8ccfae3db602bceb74d8e35f_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-operator-bundle@sha256:1a88af8ae614593144ab405214444d954aa97ba13baa6ccf3b3498b424f983df_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:667a65330c7ed33805c30896ff9fa979c1aeed8883eb31750af9802f6feb7034_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:a78c13c0c3f17432dee6d22756d6656afffe33081a1db5fad0ab68798fb92580_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:b2359332ffb463d8af90bcc6871b0a5ff4e79ce82243ba89ace96e18e05964fa_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0264dd99af5af4a7a30c2b5830e52980fc59d050cc940f191b32e09df284292a_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0dc6a56baad15c9fa6d0669f6f59ba1c6b444ef75e5d2893fa4bdd970bdfe88b_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:af5c18868820a4d139ad9c7d6a1d0a78396d96deb455b00a918c7eaf2ffbaa8b_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:30491b87e69ba242c3eacb607c71c13a9957962c0ae75d63fbb1f7aff12e268b_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:614d1860d95c7e9a84ee68bb507f9970d0af63a7df3e744bd5e5a08a2a617914_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:9dbe9316331f9b7725f39d00dc2bc8433482750c8178066b002682894f92ed87_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:3b08518f62a113a06a16ca3bcccbc128703f34815d66162426daabfd9740b2c4_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:4e8a4d0bf152d8f50114d13ce51868506570825123b8df4eed426f524c01bde3_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:7a17b1b04fd0d9ae66ad0dfaacbf9bebe44f77449763cd82bd172551c8dd5906_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:508186184b17d924659ad9dcaa468cd4086bbe958b4dac1a6297e7cd4f88a418_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:c9d56d0bfd800bd72c990829b81676a261c288f783ab44788feffdaa00bd069c_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:ea0fb56298089dfd6ea04c4933e6e15668fe422b60b521cf1388783797ac7852_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:06f31605e19bd7f702e403b815b961f125d92466e208428547069b3712c7a20e_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:6348d3a07a76aa6eb90d1689cdf67a45559e752aec70d06261596f09d7ebca4f_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:c140c1da34f8cb38864f92201ac8c9aa6981318d1bd4ebf87cea698fdb80a6d7_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:7904a53e3117acf2baeae3911c6d1cdfb78964080bf5ff3ff5bff531ca6ef366_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:adbab231c9403261c85b6e4ff2c81c0d19e206106df60fd1551c9e30cb2d83f7_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:bb16d7f7ef2310afacf12a11808c3b792ed1f30929ef9a62ff9b094d3d8512cc_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "jackson-databind: mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp2.cpdsadapter.DriverAdapterCPDS"
},
{
"cve": "CVE-2020-36183",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2021-01-06T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-operator-bundle@sha256:523e689589595cff9ee11393506309c00d23bf8fb945e1475aeeffea3d517897_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:0b3edcd073a1f331c011ebcd4aaa8371f9114b78a48e590df450e1e9006404c3_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:c143f6d1ec4d3d9a917a99c65815752e24e93a5be212c8d41a7f945ffffa67cf_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:f42594e7760bf45ccba9d0494391b07b355d147a8ccfae3db602bceb74d8e35f_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-operator-bundle@sha256:1a88af8ae614593144ab405214444d954aa97ba13baa6ccf3b3498b424f983df_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:667a65330c7ed33805c30896ff9fa979c1aeed8883eb31750af9802f6feb7034_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:a78c13c0c3f17432dee6d22756d6656afffe33081a1db5fad0ab68798fb92580_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:b2359332ffb463d8af90bcc6871b0a5ff4e79ce82243ba89ace96e18e05964fa_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0264dd99af5af4a7a30c2b5830e52980fc59d050cc940f191b32e09df284292a_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0dc6a56baad15c9fa6d0669f6f59ba1c6b444ef75e5d2893fa4bdd970bdfe88b_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:af5c18868820a4d139ad9c7d6a1d0a78396d96deb455b00a918c7eaf2ffbaa8b_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:3b08518f62a113a06a16ca3bcccbc128703f34815d66162426daabfd9740b2c4_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:4e8a4d0bf152d8f50114d13ce51868506570825123b8df4eed426f524c01bde3_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:7a17b1b04fd0d9ae66ad0dfaacbf9bebe44f77449763cd82bd172551c8dd5906_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:508186184b17d924659ad9dcaa468cd4086bbe958b4dac1a6297e7cd4f88a418_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:c9d56d0bfd800bd72c990829b81676a261c288f783ab44788feffdaa00bd069c_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:ea0fb56298089dfd6ea04c4933e6e15668fe422b60b521cf1388783797ac7852_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:06f31605e19bd7f702e403b815b961f125d92466e208428547069b3712c7a20e_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:6348d3a07a76aa6eb90d1689cdf67a45559e752aec70d06261596f09d7ebca4f_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:c140c1da34f8cb38864f92201ac8c9aa6981318d1bd4ebf87cea698fdb80a6d7_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:7904a53e3117acf2baeae3911c6d1cdfb78964080bf5ff3ff5bff531ca6ef366_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:adbab231c9403261c85b6e4ff2c81c0d19e206106df60fd1551c9e30cb2d83f7_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:bb16d7f7ef2310afacf12a11808c3b792ed1f30929ef9a62ff9b094d3d8512cc_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1913927"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in jackson-databind. FasterXML mishandles the interaction between serialization gadgets and typing. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: mishandles the interaction between serialization gadgets and typing, related to org.docx4j.org.apache.xalan.lib.sql.JNDIConnectionPool",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The following Red Hat products do ship the vulnerable component, but do not enable the unsafe conditions needed to exploit, lowering their vulnerability impact:\n* JBoss Data Grid 7\n* Business Process Management Suite 6\n* Business Rules Management Suite 6\n* JBoss Data Virtualization 6\n* Red Hat Fuse Service Works 6\n* Red Hat OpenStack Platform\n* Red Hat OpenShift containers: ose-metering-hadoop, ose-metering-hive, ose-logging-elasticsearch5, ose-logging-elasticsearch6 \nThese products may update the jackson-databind dependency in a future release.\n\nIn Red Hat Openshift 4 there are no plans to maintain the ose-logging-elasticsearch5 container, therefore it has been marked wontfix at this time and may be fixed in a future update. \n\nThe following Red Hat products ship OpenDaylight, which contains the vulnerable jackson-databind, but do not expose jackson-databind in a way that would make it exploitable:\n* Red Hat OpenStack Platform 13\nAs such, Red Hat will not be providing a fix for OpenDaylight at this time.\n\nThe following Red Hat products are not affected by this flaw because they use a more recent version of jackson-databind that does not contain the vulnerable code:\n* CodeReady Studio 12.16.0\n* Red Hat Enterprise Linux 8\n* Red Hat Enterprise Virtualization\n* Red Hat Satellite 6\n* Red Hat OpenShift container: ose-metering-presto",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:30491b87e69ba242c3eacb607c71c13a9957962c0ae75d63fbb1f7aff12e268b_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:614d1860d95c7e9a84ee68bb507f9970d0af63a7df3e744bd5e5a08a2a617914_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:9dbe9316331f9b7725f39d00dc2bc8433482750c8178066b002682894f92ed87_s390x"
],
"known_not_affected": [
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-operator-bundle@sha256:523e689589595cff9ee11393506309c00d23bf8fb945e1475aeeffea3d517897_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:0b3edcd073a1f331c011ebcd4aaa8371f9114b78a48e590df450e1e9006404c3_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:c143f6d1ec4d3d9a917a99c65815752e24e93a5be212c8d41a7f945ffffa67cf_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:f42594e7760bf45ccba9d0494391b07b355d147a8ccfae3db602bceb74d8e35f_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-operator-bundle@sha256:1a88af8ae614593144ab405214444d954aa97ba13baa6ccf3b3498b424f983df_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:667a65330c7ed33805c30896ff9fa979c1aeed8883eb31750af9802f6feb7034_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:a78c13c0c3f17432dee6d22756d6656afffe33081a1db5fad0ab68798fb92580_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:b2359332ffb463d8af90bcc6871b0a5ff4e79ce82243ba89ace96e18e05964fa_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0264dd99af5af4a7a30c2b5830e52980fc59d050cc940f191b32e09df284292a_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0dc6a56baad15c9fa6d0669f6f59ba1c6b444ef75e5d2893fa4bdd970bdfe88b_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:af5c18868820a4d139ad9c7d6a1d0a78396d96deb455b00a918c7eaf2ffbaa8b_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:3b08518f62a113a06a16ca3bcccbc128703f34815d66162426daabfd9740b2c4_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:4e8a4d0bf152d8f50114d13ce51868506570825123b8df4eed426f524c01bde3_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:7a17b1b04fd0d9ae66ad0dfaacbf9bebe44f77449763cd82bd172551c8dd5906_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:508186184b17d924659ad9dcaa468cd4086bbe958b4dac1a6297e7cd4f88a418_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:c9d56d0bfd800bd72c990829b81676a261c288f783ab44788feffdaa00bd069c_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:ea0fb56298089dfd6ea04c4933e6e15668fe422b60b521cf1388783797ac7852_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:06f31605e19bd7f702e403b815b961f125d92466e208428547069b3712c7a20e_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:6348d3a07a76aa6eb90d1689cdf67a45559e752aec70d06261596f09d7ebca4f_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:c140c1da34f8cb38864f92201ac8c9aa6981318d1bd4ebf87cea698fdb80a6d7_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:7904a53e3117acf2baeae3911c6d1cdfb78964080bf5ff3ff5bff531ca6ef366_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:adbab231c9403261c85b6e4ff2c81c0d19e206106df60fd1551c9e30cb2d83f7_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:bb16d7f7ef2310afacf12a11808c3b792ed1f30929ef9a62ff9b094d3d8512cc_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-36183"
},
{
"category": "external",
"summary": "RHBZ#1913927",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1913927"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-36183",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-36183"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-36183",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-36183"
},
{
"category": "external",
"summary": "https://github.com/FasterXML/jackson-databind/issues/3003",
"url": "https://github.com/FasterXML/jackson-databind/issues/3003"
}
],
"release_date": "2020-12-31T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-05-06T13:38:14+00:00",
"details": "For OpenShift Container Platform 4.7 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:\n\nhttps://docs.openshift.com/container-platform/4.7/release_notes/ocp-4-7-release-notes.html\n\nFor Red Hat OpenShift Logging 5.0, see the following instructions to apply this update:\n\nhttps://docs.openshift.com/container-platform/4.7/logging/cluster-logging-upgrading.html",
"product_ids": [
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:30491b87e69ba242c3eacb607c71c13a9957962c0ae75d63fbb1f7aff12e268b_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:614d1860d95c7e9a84ee68bb507f9970d0af63a7df3e744bd5e5a08a2a617914_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:9dbe9316331f9b7725f39d00dc2bc8433482750c8178066b002682894f92ed87_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:1515"
},
{
"category": "workaround",
"details": "The following conditions are needed for an exploit, we recommend avoiding all if possible:\n* Deserialization from sources you do not control\n* `enableDefaultTyping()`\n* `@JsonTypeInfo using `id.CLASS` or `id.MINIMAL_CLASS`\n* avoid: oadd.org.apache.commons.dbcp.cpdsadapter.DriverAdapterCPDS, org.apache.commons.dbcp2.cpdsadapter.DriverAdapterCPDS, org.apache.tomcat.dbcp.dbcp.cpdsadapter.DriverAdapterCPDS, org.apache.tomcat.dbcp.dbcp2.cpdsadapter.DriverAdapterCPDS, org.docx4j.org.apache.xalan.lib.sql.JNDIConnectionPool, org.apache.tomcat.dbcp.dbcp2.datasources.PerUserPoolDataSource, org.apache.tomcat.dbcp.dbcp2.datasources.SharedPoolDataSource, org.apache.tomcat.dbcp.dbcp.datasources.PerUserPoolDataSource, org.apache.tomcat.dbcp.dbcp.datasources.SharedPoolDataSource, com.newrelic.agent.deps.ch.qos.logback.core.db.JNDIConnectionSource, com.newrelic.agent.deps.ch.qos.logback.core.db.DriverManagerConnectionSource\nin the classpath",
"product_ids": [
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-operator-bundle@sha256:523e689589595cff9ee11393506309c00d23bf8fb945e1475aeeffea3d517897_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:0b3edcd073a1f331c011ebcd4aaa8371f9114b78a48e590df450e1e9006404c3_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:c143f6d1ec4d3d9a917a99c65815752e24e93a5be212c8d41a7f945ffffa67cf_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:f42594e7760bf45ccba9d0494391b07b355d147a8ccfae3db602bceb74d8e35f_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-operator-bundle@sha256:1a88af8ae614593144ab405214444d954aa97ba13baa6ccf3b3498b424f983df_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:667a65330c7ed33805c30896ff9fa979c1aeed8883eb31750af9802f6feb7034_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:a78c13c0c3f17432dee6d22756d6656afffe33081a1db5fad0ab68798fb92580_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:b2359332ffb463d8af90bcc6871b0a5ff4e79ce82243ba89ace96e18e05964fa_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0264dd99af5af4a7a30c2b5830e52980fc59d050cc940f191b32e09df284292a_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0dc6a56baad15c9fa6d0669f6f59ba1c6b444ef75e5d2893fa4bdd970bdfe88b_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:af5c18868820a4d139ad9c7d6a1d0a78396d96deb455b00a918c7eaf2ffbaa8b_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:30491b87e69ba242c3eacb607c71c13a9957962c0ae75d63fbb1f7aff12e268b_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:614d1860d95c7e9a84ee68bb507f9970d0af63a7df3e744bd5e5a08a2a617914_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:9dbe9316331f9b7725f39d00dc2bc8433482750c8178066b002682894f92ed87_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:3b08518f62a113a06a16ca3bcccbc128703f34815d66162426daabfd9740b2c4_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:4e8a4d0bf152d8f50114d13ce51868506570825123b8df4eed426f524c01bde3_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:7a17b1b04fd0d9ae66ad0dfaacbf9bebe44f77449763cd82bd172551c8dd5906_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:508186184b17d924659ad9dcaa468cd4086bbe958b4dac1a6297e7cd4f88a418_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:c9d56d0bfd800bd72c990829b81676a261c288f783ab44788feffdaa00bd069c_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:ea0fb56298089dfd6ea04c4933e6e15668fe422b60b521cf1388783797ac7852_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:06f31605e19bd7f702e403b815b961f125d92466e208428547069b3712c7a20e_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:6348d3a07a76aa6eb90d1689cdf67a45559e752aec70d06261596f09d7ebca4f_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:c140c1da34f8cb38864f92201ac8c9aa6981318d1bd4ebf87cea698fdb80a6d7_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:7904a53e3117acf2baeae3911c6d1cdfb78964080bf5ff3ff5bff531ca6ef366_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:adbab231c9403261c85b6e4ff2c81c0d19e206106df60fd1551c9e30cb2d83f7_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:bb16d7f7ef2310afacf12a11808c3b792ed1f30929ef9a62ff9b094d3d8512cc_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-operator-bundle@sha256:523e689589595cff9ee11393506309c00d23bf8fb945e1475aeeffea3d517897_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:0b3edcd073a1f331c011ebcd4aaa8371f9114b78a48e590df450e1e9006404c3_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:c143f6d1ec4d3d9a917a99c65815752e24e93a5be212c8d41a7f945ffffa67cf_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:f42594e7760bf45ccba9d0494391b07b355d147a8ccfae3db602bceb74d8e35f_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-operator-bundle@sha256:1a88af8ae614593144ab405214444d954aa97ba13baa6ccf3b3498b424f983df_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:667a65330c7ed33805c30896ff9fa979c1aeed8883eb31750af9802f6feb7034_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:a78c13c0c3f17432dee6d22756d6656afffe33081a1db5fad0ab68798fb92580_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:b2359332ffb463d8af90bcc6871b0a5ff4e79ce82243ba89ace96e18e05964fa_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0264dd99af5af4a7a30c2b5830e52980fc59d050cc940f191b32e09df284292a_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0dc6a56baad15c9fa6d0669f6f59ba1c6b444ef75e5d2893fa4bdd970bdfe88b_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:af5c18868820a4d139ad9c7d6a1d0a78396d96deb455b00a918c7eaf2ffbaa8b_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:30491b87e69ba242c3eacb607c71c13a9957962c0ae75d63fbb1f7aff12e268b_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:614d1860d95c7e9a84ee68bb507f9970d0af63a7df3e744bd5e5a08a2a617914_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:9dbe9316331f9b7725f39d00dc2bc8433482750c8178066b002682894f92ed87_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:3b08518f62a113a06a16ca3bcccbc128703f34815d66162426daabfd9740b2c4_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:4e8a4d0bf152d8f50114d13ce51868506570825123b8df4eed426f524c01bde3_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:7a17b1b04fd0d9ae66ad0dfaacbf9bebe44f77449763cd82bd172551c8dd5906_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:508186184b17d924659ad9dcaa468cd4086bbe958b4dac1a6297e7cd4f88a418_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:c9d56d0bfd800bd72c990829b81676a261c288f783ab44788feffdaa00bd069c_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:ea0fb56298089dfd6ea04c4933e6e15668fe422b60b521cf1388783797ac7852_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:06f31605e19bd7f702e403b815b961f125d92466e208428547069b3712c7a20e_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:6348d3a07a76aa6eb90d1689cdf67a45559e752aec70d06261596f09d7ebca4f_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:c140c1da34f8cb38864f92201ac8c9aa6981318d1bd4ebf87cea698fdb80a6d7_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:7904a53e3117acf2baeae3911c6d1cdfb78964080bf5ff3ff5bff531ca6ef366_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:adbab231c9403261c85b6e4ff2c81c0d19e206106df60fd1551c9e30cb2d83f7_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:bb16d7f7ef2310afacf12a11808c3b792ed1f30929ef9a62ff9b094d3d8512cc_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "jackson-databind: mishandles the interaction between serialization gadgets and typing, related to org.docx4j.org.apache.xalan.lib.sql.JNDIConnectionPool"
},
{
"cve": "CVE-2020-36184",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2021-01-06T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-operator-bundle@sha256:523e689589595cff9ee11393506309c00d23bf8fb945e1475aeeffea3d517897_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:0b3edcd073a1f331c011ebcd4aaa8371f9114b78a48e590df450e1e9006404c3_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:c143f6d1ec4d3d9a917a99c65815752e24e93a5be212c8d41a7f945ffffa67cf_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:f42594e7760bf45ccba9d0494391b07b355d147a8ccfae3db602bceb74d8e35f_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-operator-bundle@sha256:1a88af8ae614593144ab405214444d954aa97ba13baa6ccf3b3498b424f983df_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:667a65330c7ed33805c30896ff9fa979c1aeed8883eb31750af9802f6feb7034_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:a78c13c0c3f17432dee6d22756d6656afffe33081a1db5fad0ab68798fb92580_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:b2359332ffb463d8af90bcc6871b0a5ff4e79ce82243ba89ace96e18e05964fa_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0264dd99af5af4a7a30c2b5830e52980fc59d050cc940f191b32e09df284292a_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0dc6a56baad15c9fa6d0669f6f59ba1c6b444ef75e5d2893fa4bdd970bdfe88b_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:af5c18868820a4d139ad9c7d6a1d0a78396d96deb455b00a918c7eaf2ffbaa8b_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:3b08518f62a113a06a16ca3bcccbc128703f34815d66162426daabfd9740b2c4_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:4e8a4d0bf152d8f50114d13ce51868506570825123b8df4eed426f524c01bde3_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:7a17b1b04fd0d9ae66ad0dfaacbf9bebe44f77449763cd82bd172551c8dd5906_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:508186184b17d924659ad9dcaa468cd4086bbe958b4dac1a6297e7cd4f88a418_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:c9d56d0bfd800bd72c990829b81676a261c288f783ab44788feffdaa00bd069c_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:ea0fb56298089dfd6ea04c4933e6e15668fe422b60b521cf1388783797ac7852_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:06f31605e19bd7f702e403b815b961f125d92466e208428547069b3712c7a20e_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:6348d3a07a76aa6eb90d1689cdf67a45559e752aec70d06261596f09d7ebca4f_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:c140c1da34f8cb38864f92201ac8c9aa6981318d1bd4ebf87cea698fdb80a6d7_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:7904a53e3117acf2baeae3911c6d1cdfb78964080bf5ff3ff5bff531ca6ef366_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:adbab231c9403261c85b6e4ff2c81c0d19e206106df60fd1551c9e30cb2d83f7_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:bb16d7f7ef2310afacf12a11808c3b792ed1f30929ef9a62ff9b094d3d8512cc_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1913928"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in jackson-databind. FasterXML mishandles the interaction between serialization gadgets and typing. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp2.datasources.PerUserPoolDataSource",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The following Red Hat products do ship the vulnerable component, but do not enable the unsafe conditions needed to exploit, lowering their vulnerability impact:\n* JBoss Data Grid 7\n* Business Process Management Suite 6\n* Business Rules Management Suite 6\n* JBoss Data Virtualization 6\n* Red Hat Fuse Service Works 6\n* Red Hat OpenStack Platform\n* Red Hat OpenShift containers: ose-metering-hadoop, ose-metering-hive, ose-logging-elasticsearch5, ose-logging-elasticsearch6 \nThese products may update the jackson-databind dependency in a future release.\n\nIn Red Hat Openshift 4 there are no plans to maintain the ose-logging-elasticsearch5 container, therefore it has been marked wontfix at this time and may be fixed in a future update. \n\nThe following Red Hat products ship OpenDaylight, which contains the vulnerable jackson-databind, but do not expose jackson-databind in a way that would make it exploitable:\n* Red Hat OpenStack Platform 13\nAs such, Red Hat will not be providing a fix for OpenDaylight at this time.\n\nThe following Red Hat products are not affected by this flaw because they use a more recent version of jackson-databind that does not contain the vulnerable code:\n* CodeReady Studio 12.16.0\n* Red Hat Enterprise Linux 8\n* Red Hat Enterprise Virtualization\n* Red Hat Satellite 6\n* Red Hat OpenShift container: ose-metering-presto",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:30491b87e69ba242c3eacb607c71c13a9957962c0ae75d63fbb1f7aff12e268b_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:614d1860d95c7e9a84ee68bb507f9970d0af63a7df3e744bd5e5a08a2a617914_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:9dbe9316331f9b7725f39d00dc2bc8433482750c8178066b002682894f92ed87_s390x"
],
"known_not_affected": [
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-operator-bundle@sha256:523e689589595cff9ee11393506309c00d23bf8fb945e1475aeeffea3d517897_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:0b3edcd073a1f331c011ebcd4aaa8371f9114b78a48e590df450e1e9006404c3_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:c143f6d1ec4d3d9a917a99c65815752e24e93a5be212c8d41a7f945ffffa67cf_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:f42594e7760bf45ccba9d0494391b07b355d147a8ccfae3db602bceb74d8e35f_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-operator-bundle@sha256:1a88af8ae614593144ab405214444d954aa97ba13baa6ccf3b3498b424f983df_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:667a65330c7ed33805c30896ff9fa979c1aeed8883eb31750af9802f6feb7034_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:a78c13c0c3f17432dee6d22756d6656afffe33081a1db5fad0ab68798fb92580_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:b2359332ffb463d8af90bcc6871b0a5ff4e79ce82243ba89ace96e18e05964fa_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0264dd99af5af4a7a30c2b5830e52980fc59d050cc940f191b32e09df284292a_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0dc6a56baad15c9fa6d0669f6f59ba1c6b444ef75e5d2893fa4bdd970bdfe88b_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:af5c18868820a4d139ad9c7d6a1d0a78396d96deb455b00a918c7eaf2ffbaa8b_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:3b08518f62a113a06a16ca3bcccbc128703f34815d66162426daabfd9740b2c4_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:4e8a4d0bf152d8f50114d13ce51868506570825123b8df4eed426f524c01bde3_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:7a17b1b04fd0d9ae66ad0dfaacbf9bebe44f77449763cd82bd172551c8dd5906_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:508186184b17d924659ad9dcaa468cd4086bbe958b4dac1a6297e7cd4f88a418_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:c9d56d0bfd800bd72c990829b81676a261c288f783ab44788feffdaa00bd069c_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:ea0fb56298089dfd6ea04c4933e6e15668fe422b60b521cf1388783797ac7852_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:06f31605e19bd7f702e403b815b961f125d92466e208428547069b3712c7a20e_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:6348d3a07a76aa6eb90d1689cdf67a45559e752aec70d06261596f09d7ebca4f_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:c140c1da34f8cb38864f92201ac8c9aa6981318d1bd4ebf87cea698fdb80a6d7_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:7904a53e3117acf2baeae3911c6d1cdfb78964080bf5ff3ff5bff531ca6ef366_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:adbab231c9403261c85b6e4ff2c81c0d19e206106df60fd1551c9e30cb2d83f7_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:bb16d7f7ef2310afacf12a11808c3b792ed1f30929ef9a62ff9b094d3d8512cc_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-36184"
},
{
"category": "external",
"summary": "RHBZ#1913928",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1913928"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-36184",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-36184"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-36184",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-36184"
},
{
"category": "external",
"summary": "https://github.com/FasterXML/jackson-databind/issues/2998",
"url": "https://github.com/FasterXML/jackson-databind/issues/2998"
}
],
"release_date": "2020-12-23T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-05-06T13:38:14+00:00",
"details": "For OpenShift Container Platform 4.7 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:\n\nhttps://docs.openshift.com/container-platform/4.7/release_notes/ocp-4-7-release-notes.html\n\nFor Red Hat OpenShift Logging 5.0, see the following instructions to apply this update:\n\nhttps://docs.openshift.com/container-platform/4.7/logging/cluster-logging-upgrading.html",
"product_ids": [
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:30491b87e69ba242c3eacb607c71c13a9957962c0ae75d63fbb1f7aff12e268b_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:614d1860d95c7e9a84ee68bb507f9970d0af63a7df3e744bd5e5a08a2a617914_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:9dbe9316331f9b7725f39d00dc2bc8433482750c8178066b002682894f92ed87_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:1515"
},
{
"category": "workaround",
"details": "The following conditions are needed for an exploit, we recommend avoiding all if possible:\n* Deserialization from sources you do not control\n* `enableDefaultTyping()`\n* `@JsonTypeInfo using `id.CLASS` or `id.MINIMAL_CLASS`\n* avoid: oadd.org.apache.commons.dbcp.cpdsadapter.DriverAdapterCPDS, org.apache.commons.dbcp2.cpdsadapter.DriverAdapterCPDS, org.apache.tomcat.dbcp.dbcp.cpdsadapter.DriverAdapterCPDS, org.apache.tomcat.dbcp.dbcp2.cpdsadapter.DriverAdapterCPDS, org.docx4j.org.apache.xalan.lib.sql.JNDIConnectionPool, org.apache.tomcat.dbcp.dbcp2.datasources.PerUserPoolDataSource, org.apache.tomcat.dbcp.dbcp2.datasources.SharedPoolDataSource, org.apache.tomcat.dbcp.dbcp.datasources.PerUserPoolDataSource, org.apache.tomcat.dbcp.dbcp.datasources.SharedPoolDataSource, com.newrelic.agent.deps.ch.qos.logback.core.db.JNDIConnectionSource, com.newrelic.agent.deps.ch.qos.logback.core.db.DriverManagerConnectionSource\nin the classpath",
"product_ids": [
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-operator-bundle@sha256:523e689589595cff9ee11393506309c00d23bf8fb945e1475aeeffea3d517897_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:0b3edcd073a1f331c011ebcd4aaa8371f9114b78a48e590df450e1e9006404c3_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:c143f6d1ec4d3d9a917a99c65815752e24e93a5be212c8d41a7f945ffffa67cf_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:f42594e7760bf45ccba9d0494391b07b355d147a8ccfae3db602bceb74d8e35f_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-operator-bundle@sha256:1a88af8ae614593144ab405214444d954aa97ba13baa6ccf3b3498b424f983df_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:667a65330c7ed33805c30896ff9fa979c1aeed8883eb31750af9802f6feb7034_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:a78c13c0c3f17432dee6d22756d6656afffe33081a1db5fad0ab68798fb92580_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:b2359332ffb463d8af90bcc6871b0a5ff4e79ce82243ba89ace96e18e05964fa_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0264dd99af5af4a7a30c2b5830e52980fc59d050cc940f191b32e09df284292a_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0dc6a56baad15c9fa6d0669f6f59ba1c6b444ef75e5d2893fa4bdd970bdfe88b_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:af5c18868820a4d139ad9c7d6a1d0a78396d96deb455b00a918c7eaf2ffbaa8b_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:30491b87e69ba242c3eacb607c71c13a9957962c0ae75d63fbb1f7aff12e268b_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:614d1860d95c7e9a84ee68bb507f9970d0af63a7df3e744bd5e5a08a2a617914_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:9dbe9316331f9b7725f39d00dc2bc8433482750c8178066b002682894f92ed87_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:3b08518f62a113a06a16ca3bcccbc128703f34815d66162426daabfd9740b2c4_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:4e8a4d0bf152d8f50114d13ce51868506570825123b8df4eed426f524c01bde3_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:7a17b1b04fd0d9ae66ad0dfaacbf9bebe44f77449763cd82bd172551c8dd5906_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:508186184b17d924659ad9dcaa468cd4086bbe958b4dac1a6297e7cd4f88a418_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:c9d56d0bfd800bd72c990829b81676a261c288f783ab44788feffdaa00bd069c_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:ea0fb56298089dfd6ea04c4933e6e15668fe422b60b521cf1388783797ac7852_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:06f31605e19bd7f702e403b815b961f125d92466e208428547069b3712c7a20e_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:6348d3a07a76aa6eb90d1689cdf67a45559e752aec70d06261596f09d7ebca4f_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:c140c1da34f8cb38864f92201ac8c9aa6981318d1bd4ebf87cea698fdb80a6d7_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:7904a53e3117acf2baeae3911c6d1cdfb78964080bf5ff3ff5bff531ca6ef366_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:adbab231c9403261c85b6e4ff2c81c0d19e206106df60fd1551c9e30cb2d83f7_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:bb16d7f7ef2310afacf12a11808c3b792ed1f30929ef9a62ff9b094d3d8512cc_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-operator-bundle@sha256:523e689589595cff9ee11393506309c00d23bf8fb945e1475aeeffea3d517897_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:0b3edcd073a1f331c011ebcd4aaa8371f9114b78a48e590df450e1e9006404c3_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:c143f6d1ec4d3d9a917a99c65815752e24e93a5be212c8d41a7f945ffffa67cf_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:f42594e7760bf45ccba9d0494391b07b355d147a8ccfae3db602bceb74d8e35f_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-operator-bundle@sha256:1a88af8ae614593144ab405214444d954aa97ba13baa6ccf3b3498b424f983df_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:667a65330c7ed33805c30896ff9fa979c1aeed8883eb31750af9802f6feb7034_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:a78c13c0c3f17432dee6d22756d6656afffe33081a1db5fad0ab68798fb92580_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:b2359332ffb463d8af90bcc6871b0a5ff4e79ce82243ba89ace96e18e05964fa_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0264dd99af5af4a7a30c2b5830e52980fc59d050cc940f191b32e09df284292a_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0dc6a56baad15c9fa6d0669f6f59ba1c6b444ef75e5d2893fa4bdd970bdfe88b_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:af5c18868820a4d139ad9c7d6a1d0a78396d96deb455b00a918c7eaf2ffbaa8b_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:30491b87e69ba242c3eacb607c71c13a9957962c0ae75d63fbb1f7aff12e268b_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:614d1860d95c7e9a84ee68bb507f9970d0af63a7df3e744bd5e5a08a2a617914_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:9dbe9316331f9b7725f39d00dc2bc8433482750c8178066b002682894f92ed87_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:3b08518f62a113a06a16ca3bcccbc128703f34815d66162426daabfd9740b2c4_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:4e8a4d0bf152d8f50114d13ce51868506570825123b8df4eed426f524c01bde3_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:7a17b1b04fd0d9ae66ad0dfaacbf9bebe44f77449763cd82bd172551c8dd5906_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:508186184b17d924659ad9dcaa468cd4086bbe958b4dac1a6297e7cd4f88a418_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:c9d56d0bfd800bd72c990829b81676a261c288f783ab44788feffdaa00bd069c_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:ea0fb56298089dfd6ea04c4933e6e15668fe422b60b521cf1388783797ac7852_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:06f31605e19bd7f702e403b815b961f125d92466e208428547069b3712c7a20e_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:6348d3a07a76aa6eb90d1689cdf67a45559e752aec70d06261596f09d7ebca4f_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:c140c1da34f8cb38864f92201ac8c9aa6981318d1bd4ebf87cea698fdb80a6d7_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:7904a53e3117acf2baeae3911c6d1cdfb78964080bf5ff3ff5bff531ca6ef366_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:adbab231c9403261c85b6e4ff2c81c0d19e206106df60fd1551c9e30cb2d83f7_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:bb16d7f7ef2310afacf12a11808c3b792ed1f30929ef9a62ff9b094d3d8512cc_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "jackson-databind: mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp2.datasources.PerUserPoolDataSource"
},
{
"cve": "CVE-2020-36185",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2021-01-06T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-operator-bundle@sha256:523e689589595cff9ee11393506309c00d23bf8fb945e1475aeeffea3d517897_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:0b3edcd073a1f331c011ebcd4aaa8371f9114b78a48e590df450e1e9006404c3_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:c143f6d1ec4d3d9a917a99c65815752e24e93a5be212c8d41a7f945ffffa67cf_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:f42594e7760bf45ccba9d0494391b07b355d147a8ccfae3db602bceb74d8e35f_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-operator-bundle@sha256:1a88af8ae614593144ab405214444d954aa97ba13baa6ccf3b3498b424f983df_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:667a65330c7ed33805c30896ff9fa979c1aeed8883eb31750af9802f6feb7034_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:a78c13c0c3f17432dee6d22756d6656afffe33081a1db5fad0ab68798fb92580_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:b2359332ffb463d8af90bcc6871b0a5ff4e79ce82243ba89ace96e18e05964fa_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0264dd99af5af4a7a30c2b5830e52980fc59d050cc940f191b32e09df284292a_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0dc6a56baad15c9fa6d0669f6f59ba1c6b444ef75e5d2893fa4bdd970bdfe88b_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:af5c18868820a4d139ad9c7d6a1d0a78396d96deb455b00a918c7eaf2ffbaa8b_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:3b08518f62a113a06a16ca3bcccbc128703f34815d66162426daabfd9740b2c4_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:4e8a4d0bf152d8f50114d13ce51868506570825123b8df4eed426f524c01bde3_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:7a17b1b04fd0d9ae66ad0dfaacbf9bebe44f77449763cd82bd172551c8dd5906_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:508186184b17d924659ad9dcaa468cd4086bbe958b4dac1a6297e7cd4f88a418_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:c9d56d0bfd800bd72c990829b81676a261c288f783ab44788feffdaa00bd069c_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:ea0fb56298089dfd6ea04c4933e6e15668fe422b60b521cf1388783797ac7852_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:06f31605e19bd7f702e403b815b961f125d92466e208428547069b3712c7a20e_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:6348d3a07a76aa6eb90d1689cdf67a45559e752aec70d06261596f09d7ebca4f_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:c140c1da34f8cb38864f92201ac8c9aa6981318d1bd4ebf87cea698fdb80a6d7_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:7904a53e3117acf2baeae3911c6d1cdfb78964080bf5ff3ff5bff531ca6ef366_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:adbab231c9403261c85b6e4ff2c81c0d19e206106df60fd1551c9e30cb2d83f7_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:bb16d7f7ef2310afacf12a11808c3b792ed1f30929ef9a62ff9b094d3d8512cc_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1913929"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in jackson-databind. FasterXML mishandles the interaction between serialization gadgets and typing. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp2.datasources.SharedPoolDataSource",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The following Red Hat products do ship the vulnerable component, but do not enable the unsafe conditions needed to exploit, lowering their vulnerability impact:\n* JBoss Data Grid 7\n* Business Process Management Suite 6\n* Business Rules Management Suite 6\n* JBoss Data Virtualization 6\n* Red Hat Fuse Service Works 6\n* Red Hat OpenStack Platform\n* Red Hat OpenShift containers: ose-metering-hadoop, ose-metering-hive, ose-logging-elasticsearch5, ose-logging-elasticsearch6 \nThese products may update the jackson-databind dependency in a future release.\n\nIn Red Hat Openshift 4 there are no plans to maintain the ose-logging-elasticsearch5 container, therefore it has been marked wontfix at this time and maybe fixed in a future update. \n\nThe following Red Hat products ship OpenDaylight, which contains the vulnerable jackson-databind, but do not expose jackson-databind in a way that would make it exploitable:\n* Red Hat OpenStack Platform 13\nAs such, Red Hat will not be providing a fix for OpenDaylight at this time.\n\nThe following Red Hat products are not affected by this flaw because they use a more recent version of jackson-databind that does not contain the vulnerable code:\n* CodeReady Studio 12.16.0\n* Red Hat Enterprise Linux 8\n* Red Hat Enterprise Virtualization\n* Red Hat Satellite 6\n* Red Hat OpenShift container: ose-metering-presto",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:30491b87e69ba242c3eacb607c71c13a9957962c0ae75d63fbb1f7aff12e268b_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:614d1860d95c7e9a84ee68bb507f9970d0af63a7df3e744bd5e5a08a2a617914_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:9dbe9316331f9b7725f39d00dc2bc8433482750c8178066b002682894f92ed87_s390x"
],
"known_not_affected": [
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-operator-bundle@sha256:523e689589595cff9ee11393506309c00d23bf8fb945e1475aeeffea3d517897_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:0b3edcd073a1f331c011ebcd4aaa8371f9114b78a48e590df450e1e9006404c3_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:c143f6d1ec4d3d9a917a99c65815752e24e93a5be212c8d41a7f945ffffa67cf_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:f42594e7760bf45ccba9d0494391b07b355d147a8ccfae3db602bceb74d8e35f_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-operator-bundle@sha256:1a88af8ae614593144ab405214444d954aa97ba13baa6ccf3b3498b424f983df_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:667a65330c7ed33805c30896ff9fa979c1aeed8883eb31750af9802f6feb7034_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:a78c13c0c3f17432dee6d22756d6656afffe33081a1db5fad0ab68798fb92580_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:b2359332ffb463d8af90bcc6871b0a5ff4e79ce82243ba89ace96e18e05964fa_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0264dd99af5af4a7a30c2b5830e52980fc59d050cc940f191b32e09df284292a_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0dc6a56baad15c9fa6d0669f6f59ba1c6b444ef75e5d2893fa4bdd970bdfe88b_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:af5c18868820a4d139ad9c7d6a1d0a78396d96deb455b00a918c7eaf2ffbaa8b_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:3b08518f62a113a06a16ca3bcccbc128703f34815d66162426daabfd9740b2c4_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:4e8a4d0bf152d8f50114d13ce51868506570825123b8df4eed426f524c01bde3_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:7a17b1b04fd0d9ae66ad0dfaacbf9bebe44f77449763cd82bd172551c8dd5906_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:508186184b17d924659ad9dcaa468cd4086bbe958b4dac1a6297e7cd4f88a418_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:c9d56d0bfd800bd72c990829b81676a261c288f783ab44788feffdaa00bd069c_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:ea0fb56298089dfd6ea04c4933e6e15668fe422b60b521cf1388783797ac7852_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:06f31605e19bd7f702e403b815b961f125d92466e208428547069b3712c7a20e_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:6348d3a07a76aa6eb90d1689cdf67a45559e752aec70d06261596f09d7ebca4f_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:c140c1da34f8cb38864f92201ac8c9aa6981318d1bd4ebf87cea698fdb80a6d7_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:7904a53e3117acf2baeae3911c6d1cdfb78964080bf5ff3ff5bff531ca6ef366_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:adbab231c9403261c85b6e4ff2c81c0d19e206106df60fd1551c9e30cb2d83f7_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:bb16d7f7ef2310afacf12a11808c3b792ed1f30929ef9a62ff9b094d3d8512cc_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-36185"
},
{
"category": "external",
"summary": "RHBZ#1913929",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1913929"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-36185",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-36185"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-36185",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-36185"
},
{
"category": "external",
"summary": "https://github.com/FasterXML/jackson-databind/issues/2998",
"url": "https://github.com/FasterXML/jackson-databind/issues/2998"
}
],
"release_date": "2020-12-23T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-05-06T13:38:14+00:00",
"details": "For OpenShift Container Platform 4.7 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:\n\nhttps://docs.openshift.com/container-platform/4.7/release_notes/ocp-4-7-release-notes.html\n\nFor Red Hat OpenShift Logging 5.0, see the following instructions to apply this update:\n\nhttps://docs.openshift.com/container-platform/4.7/logging/cluster-logging-upgrading.html",
"product_ids": [
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:30491b87e69ba242c3eacb607c71c13a9957962c0ae75d63fbb1f7aff12e268b_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:614d1860d95c7e9a84ee68bb507f9970d0af63a7df3e744bd5e5a08a2a617914_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:9dbe9316331f9b7725f39d00dc2bc8433482750c8178066b002682894f92ed87_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:1515"
},
{
"category": "workaround",
"details": "The following conditions are needed for an exploit, we recommend avoiding all if possible:\n* Deserialization from sources you do not control\n* `enableDefaultTyping()`\n* `@JsonTypeInfo using `id.CLASS` or `id.MINIMAL_CLASS`\n* avoid: oadd.org.apache.commons.dbcp.cpdsadapter.DriverAdapterCPDS, org.apache.commons.dbcp2.cpdsadapter.DriverAdapterCPDS, org.apache.tomcat.dbcp.dbcp.cpdsadapter.DriverAdapterCPDS, org.apache.tomcat.dbcp.dbcp2.cpdsadapter.DriverAdapterCPDS, org.docx4j.org.apache.xalan.lib.sql.JNDIConnectionPool, org.apache.tomcat.dbcp.dbcp2.datasources.PerUserPoolDataSource, org.apache.tomcat.dbcp.dbcp2.datasources.SharedPoolDataSource, org.apache.tomcat.dbcp.dbcp.datasources.PerUserPoolDataSource, org.apache.tomcat.dbcp.dbcp.datasources.SharedPoolDataSource, com.newrelic.agent.deps.ch.qos.logback.core.db.JNDIConnectionSource, com.newrelic.agent.deps.ch.qos.logback.core.db.DriverManagerConnectionSource\nin the classpath",
"product_ids": [
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-operator-bundle@sha256:523e689589595cff9ee11393506309c00d23bf8fb945e1475aeeffea3d517897_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:0b3edcd073a1f331c011ebcd4aaa8371f9114b78a48e590df450e1e9006404c3_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:c143f6d1ec4d3d9a917a99c65815752e24e93a5be212c8d41a7f945ffffa67cf_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:f42594e7760bf45ccba9d0494391b07b355d147a8ccfae3db602bceb74d8e35f_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-operator-bundle@sha256:1a88af8ae614593144ab405214444d954aa97ba13baa6ccf3b3498b424f983df_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:667a65330c7ed33805c30896ff9fa979c1aeed8883eb31750af9802f6feb7034_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:a78c13c0c3f17432dee6d22756d6656afffe33081a1db5fad0ab68798fb92580_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:b2359332ffb463d8af90bcc6871b0a5ff4e79ce82243ba89ace96e18e05964fa_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0264dd99af5af4a7a30c2b5830e52980fc59d050cc940f191b32e09df284292a_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0dc6a56baad15c9fa6d0669f6f59ba1c6b444ef75e5d2893fa4bdd970bdfe88b_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:af5c18868820a4d139ad9c7d6a1d0a78396d96deb455b00a918c7eaf2ffbaa8b_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:30491b87e69ba242c3eacb607c71c13a9957962c0ae75d63fbb1f7aff12e268b_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:614d1860d95c7e9a84ee68bb507f9970d0af63a7df3e744bd5e5a08a2a617914_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:9dbe9316331f9b7725f39d00dc2bc8433482750c8178066b002682894f92ed87_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:3b08518f62a113a06a16ca3bcccbc128703f34815d66162426daabfd9740b2c4_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:4e8a4d0bf152d8f50114d13ce51868506570825123b8df4eed426f524c01bde3_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:7a17b1b04fd0d9ae66ad0dfaacbf9bebe44f77449763cd82bd172551c8dd5906_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:508186184b17d924659ad9dcaa468cd4086bbe958b4dac1a6297e7cd4f88a418_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:c9d56d0bfd800bd72c990829b81676a261c288f783ab44788feffdaa00bd069c_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:ea0fb56298089dfd6ea04c4933e6e15668fe422b60b521cf1388783797ac7852_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:06f31605e19bd7f702e403b815b961f125d92466e208428547069b3712c7a20e_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:6348d3a07a76aa6eb90d1689cdf67a45559e752aec70d06261596f09d7ebca4f_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:c140c1da34f8cb38864f92201ac8c9aa6981318d1bd4ebf87cea698fdb80a6d7_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:7904a53e3117acf2baeae3911c6d1cdfb78964080bf5ff3ff5bff531ca6ef366_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:adbab231c9403261c85b6e4ff2c81c0d19e206106df60fd1551c9e30cb2d83f7_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:bb16d7f7ef2310afacf12a11808c3b792ed1f30929ef9a62ff9b094d3d8512cc_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-operator-bundle@sha256:523e689589595cff9ee11393506309c00d23bf8fb945e1475aeeffea3d517897_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:0b3edcd073a1f331c011ebcd4aaa8371f9114b78a48e590df450e1e9006404c3_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:c143f6d1ec4d3d9a917a99c65815752e24e93a5be212c8d41a7f945ffffa67cf_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:f42594e7760bf45ccba9d0494391b07b355d147a8ccfae3db602bceb74d8e35f_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-operator-bundle@sha256:1a88af8ae614593144ab405214444d954aa97ba13baa6ccf3b3498b424f983df_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:667a65330c7ed33805c30896ff9fa979c1aeed8883eb31750af9802f6feb7034_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:a78c13c0c3f17432dee6d22756d6656afffe33081a1db5fad0ab68798fb92580_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:b2359332ffb463d8af90bcc6871b0a5ff4e79ce82243ba89ace96e18e05964fa_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0264dd99af5af4a7a30c2b5830e52980fc59d050cc940f191b32e09df284292a_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0dc6a56baad15c9fa6d0669f6f59ba1c6b444ef75e5d2893fa4bdd970bdfe88b_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:af5c18868820a4d139ad9c7d6a1d0a78396d96deb455b00a918c7eaf2ffbaa8b_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:30491b87e69ba242c3eacb607c71c13a9957962c0ae75d63fbb1f7aff12e268b_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:614d1860d95c7e9a84ee68bb507f9970d0af63a7df3e744bd5e5a08a2a617914_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:9dbe9316331f9b7725f39d00dc2bc8433482750c8178066b002682894f92ed87_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:3b08518f62a113a06a16ca3bcccbc128703f34815d66162426daabfd9740b2c4_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:4e8a4d0bf152d8f50114d13ce51868506570825123b8df4eed426f524c01bde3_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:7a17b1b04fd0d9ae66ad0dfaacbf9bebe44f77449763cd82bd172551c8dd5906_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:508186184b17d924659ad9dcaa468cd4086bbe958b4dac1a6297e7cd4f88a418_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:c9d56d0bfd800bd72c990829b81676a261c288f783ab44788feffdaa00bd069c_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:ea0fb56298089dfd6ea04c4933e6e15668fe422b60b521cf1388783797ac7852_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:06f31605e19bd7f702e403b815b961f125d92466e208428547069b3712c7a20e_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:6348d3a07a76aa6eb90d1689cdf67a45559e752aec70d06261596f09d7ebca4f_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:c140c1da34f8cb38864f92201ac8c9aa6981318d1bd4ebf87cea698fdb80a6d7_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:7904a53e3117acf2baeae3911c6d1cdfb78964080bf5ff3ff5bff531ca6ef366_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:adbab231c9403261c85b6e4ff2c81c0d19e206106df60fd1551c9e30cb2d83f7_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:bb16d7f7ef2310afacf12a11808c3b792ed1f30929ef9a62ff9b094d3d8512cc_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "jackson-databind: mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp2.datasources.SharedPoolDataSource"
},
{
"cve": "CVE-2020-36186",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2021-01-06T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-operator-bundle@sha256:523e689589595cff9ee11393506309c00d23bf8fb945e1475aeeffea3d517897_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:0b3edcd073a1f331c011ebcd4aaa8371f9114b78a48e590df450e1e9006404c3_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:c143f6d1ec4d3d9a917a99c65815752e24e93a5be212c8d41a7f945ffffa67cf_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:f42594e7760bf45ccba9d0494391b07b355d147a8ccfae3db602bceb74d8e35f_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-operator-bundle@sha256:1a88af8ae614593144ab405214444d954aa97ba13baa6ccf3b3498b424f983df_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:667a65330c7ed33805c30896ff9fa979c1aeed8883eb31750af9802f6feb7034_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:a78c13c0c3f17432dee6d22756d6656afffe33081a1db5fad0ab68798fb92580_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:b2359332ffb463d8af90bcc6871b0a5ff4e79ce82243ba89ace96e18e05964fa_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0264dd99af5af4a7a30c2b5830e52980fc59d050cc940f191b32e09df284292a_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0dc6a56baad15c9fa6d0669f6f59ba1c6b444ef75e5d2893fa4bdd970bdfe88b_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:af5c18868820a4d139ad9c7d6a1d0a78396d96deb455b00a918c7eaf2ffbaa8b_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:3b08518f62a113a06a16ca3bcccbc128703f34815d66162426daabfd9740b2c4_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:4e8a4d0bf152d8f50114d13ce51868506570825123b8df4eed426f524c01bde3_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:7a17b1b04fd0d9ae66ad0dfaacbf9bebe44f77449763cd82bd172551c8dd5906_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:508186184b17d924659ad9dcaa468cd4086bbe958b4dac1a6297e7cd4f88a418_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:c9d56d0bfd800bd72c990829b81676a261c288f783ab44788feffdaa00bd069c_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:ea0fb56298089dfd6ea04c4933e6e15668fe422b60b521cf1388783797ac7852_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:06f31605e19bd7f702e403b815b961f125d92466e208428547069b3712c7a20e_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:6348d3a07a76aa6eb90d1689cdf67a45559e752aec70d06261596f09d7ebca4f_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:c140c1da34f8cb38864f92201ac8c9aa6981318d1bd4ebf87cea698fdb80a6d7_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:7904a53e3117acf2baeae3911c6d1cdfb78964080bf5ff3ff5bff531ca6ef366_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:adbab231c9403261c85b6e4ff2c81c0d19e206106df60fd1551c9e30cb2d83f7_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:bb16d7f7ef2310afacf12a11808c3b792ed1f30929ef9a62ff9b094d3d8512cc_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1913931"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in jackson-databind. FasterXML mishandles the interaction between serialization gadgets and typing. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp.datasources.PerUserPoolDataSource",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The following Red Hat products do ship the vulnerable component, but do not enable the unsafe conditions needed to exploit, lowering their vulnerability impact:\n* JBoss Data Grid 7\n* Business Process Management Suite 6\n* Business Rules Management Suite 6\n* JBoss Data Virtualization 6\n* Red Hat Fuse Service Works 6\n* Red Hat OpenStack Platform\n* Red Hat OpenShift containers: ose-metering-hadoop, ose-metering-hive, ose-logging-elasticsearch5, ose-logging-elasticsearch6 \nThese products may update the jackson-databind dependency in a future release.\n\nIn Red Hat Openshift 4 there are no plans to maintain the ose-logging-elasticsearch5 container, therefore it has been marked wontfix at this time and maybe fixed in a future update. \n\nThe following Red Hat products ship OpenDaylight, which contain the vulnerable jackson-databind, but do not expose jackson-databind in a way that would make it exploitable:\n* Red Hat OpenStack Platform 13\nAs such, Red Hat will not be providing a fix for OpenDaylight at this time.\n\nThe following Red Hat products are not affected by this flaw because they use a more recent version of jackson-databind that does not contain the vulnerable code:\n* CodeReady Studio 12.16.0\n* Red Hat Enterprise Linux 8\n* Red Hat Enterprise Virtualization\n* Red Hat Satellite 6\n* Red Hat OpenShift container: ose-metering-presto",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:30491b87e69ba242c3eacb607c71c13a9957962c0ae75d63fbb1f7aff12e268b_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:614d1860d95c7e9a84ee68bb507f9970d0af63a7df3e744bd5e5a08a2a617914_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:9dbe9316331f9b7725f39d00dc2bc8433482750c8178066b002682894f92ed87_s390x"
],
"known_not_affected": [
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-operator-bundle@sha256:523e689589595cff9ee11393506309c00d23bf8fb945e1475aeeffea3d517897_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:0b3edcd073a1f331c011ebcd4aaa8371f9114b78a48e590df450e1e9006404c3_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:c143f6d1ec4d3d9a917a99c65815752e24e93a5be212c8d41a7f945ffffa67cf_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:f42594e7760bf45ccba9d0494391b07b355d147a8ccfae3db602bceb74d8e35f_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-operator-bundle@sha256:1a88af8ae614593144ab405214444d954aa97ba13baa6ccf3b3498b424f983df_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:667a65330c7ed33805c30896ff9fa979c1aeed8883eb31750af9802f6feb7034_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:a78c13c0c3f17432dee6d22756d6656afffe33081a1db5fad0ab68798fb92580_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:b2359332ffb463d8af90bcc6871b0a5ff4e79ce82243ba89ace96e18e05964fa_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0264dd99af5af4a7a30c2b5830e52980fc59d050cc940f191b32e09df284292a_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0dc6a56baad15c9fa6d0669f6f59ba1c6b444ef75e5d2893fa4bdd970bdfe88b_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:af5c18868820a4d139ad9c7d6a1d0a78396d96deb455b00a918c7eaf2ffbaa8b_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:3b08518f62a113a06a16ca3bcccbc128703f34815d66162426daabfd9740b2c4_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:4e8a4d0bf152d8f50114d13ce51868506570825123b8df4eed426f524c01bde3_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:7a17b1b04fd0d9ae66ad0dfaacbf9bebe44f77449763cd82bd172551c8dd5906_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:508186184b17d924659ad9dcaa468cd4086bbe958b4dac1a6297e7cd4f88a418_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:c9d56d0bfd800bd72c990829b81676a261c288f783ab44788feffdaa00bd069c_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:ea0fb56298089dfd6ea04c4933e6e15668fe422b60b521cf1388783797ac7852_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:06f31605e19bd7f702e403b815b961f125d92466e208428547069b3712c7a20e_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:6348d3a07a76aa6eb90d1689cdf67a45559e752aec70d06261596f09d7ebca4f_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:c140c1da34f8cb38864f92201ac8c9aa6981318d1bd4ebf87cea698fdb80a6d7_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:7904a53e3117acf2baeae3911c6d1cdfb78964080bf5ff3ff5bff531ca6ef366_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:adbab231c9403261c85b6e4ff2c81c0d19e206106df60fd1551c9e30cb2d83f7_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:bb16d7f7ef2310afacf12a11808c3b792ed1f30929ef9a62ff9b094d3d8512cc_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-36186"
},
{
"category": "external",
"summary": "RHBZ#1913931",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1913931"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-36186",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-36186"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-36186",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-36186"
},
{
"category": "external",
"summary": "https://github.com/FasterXML/jackson-databind/issues/2997",
"url": "https://github.com/FasterXML/jackson-databind/issues/2997"
}
],
"release_date": "2020-12-23T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-05-06T13:38:14+00:00",
"details": "For OpenShift Container Platform 4.7 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:\n\nhttps://docs.openshift.com/container-platform/4.7/release_notes/ocp-4-7-release-notes.html\n\nFor Red Hat OpenShift Logging 5.0, see the following instructions to apply this update:\n\nhttps://docs.openshift.com/container-platform/4.7/logging/cluster-logging-upgrading.html",
"product_ids": [
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:30491b87e69ba242c3eacb607c71c13a9957962c0ae75d63fbb1f7aff12e268b_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:614d1860d95c7e9a84ee68bb507f9970d0af63a7df3e744bd5e5a08a2a617914_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:9dbe9316331f9b7725f39d00dc2bc8433482750c8178066b002682894f92ed87_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:1515"
},
{
"category": "workaround",
"details": "The following conditions are needed for an exploit, we recommend avoiding all if possible:\n* Deserialization from sources you do not control\n* `enableDefaultTyping()`\n* `@JsonTypeInfo using `id.CLASS` or `id.MINIMAL_CLASS`\n* avoid: oadd.org.apache.commons.dbcp.cpdsadapter.DriverAdapterCPDS, org.apache.commons.dbcp2.cpdsadapter.DriverAdapterCPDS, org.apache.tomcat.dbcp.dbcp.cpdsadapter.DriverAdapterCPDS, org.apache.tomcat.dbcp.dbcp2.cpdsadapter.DriverAdapterCPDS, org.docx4j.org.apache.xalan.lib.sql.JNDIConnectionPool, org.apache.tomcat.dbcp.dbcp2.datasources.PerUserPoolDataSource, org.apache.tomcat.dbcp.dbcp2.datasources.SharedPoolDataSource, org.apache.tomcat.dbcp.dbcp.datasources.PerUserPoolDataSource, org.apache.tomcat.dbcp.dbcp.datasources.SharedPoolDataSource, com.newrelic.agent.deps.ch.qos.logback.core.db.JNDIConnectionSource, com.newrelic.agent.deps.ch.qos.logback.core.db.DriverManagerConnectionSource\nin the classpath",
"product_ids": [
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-operator-bundle@sha256:523e689589595cff9ee11393506309c00d23bf8fb945e1475aeeffea3d517897_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:0b3edcd073a1f331c011ebcd4aaa8371f9114b78a48e590df450e1e9006404c3_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:c143f6d1ec4d3d9a917a99c65815752e24e93a5be212c8d41a7f945ffffa67cf_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:f42594e7760bf45ccba9d0494391b07b355d147a8ccfae3db602bceb74d8e35f_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-operator-bundle@sha256:1a88af8ae614593144ab405214444d954aa97ba13baa6ccf3b3498b424f983df_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:667a65330c7ed33805c30896ff9fa979c1aeed8883eb31750af9802f6feb7034_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:a78c13c0c3f17432dee6d22756d6656afffe33081a1db5fad0ab68798fb92580_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:b2359332ffb463d8af90bcc6871b0a5ff4e79ce82243ba89ace96e18e05964fa_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0264dd99af5af4a7a30c2b5830e52980fc59d050cc940f191b32e09df284292a_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0dc6a56baad15c9fa6d0669f6f59ba1c6b444ef75e5d2893fa4bdd970bdfe88b_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:af5c18868820a4d139ad9c7d6a1d0a78396d96deb455b00a918c7eaf2ffbaa8b_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:30491b87e69ba242c3eacb607c71c13a9957962c0ae75d63fbb1f7aff12e268b_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:614d1860d95c7e9a84ee68bb507f9970d0af63a7df3e744bd5e5a08a2a617914_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:9dbe9316331f9b7725f39d00dc2bc8433482750c8178066b002682894f92ed87_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:3b08518f62a113a06a16ca3bcccbc128703f34815d66162426daabfd9740b2c4_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:4e8a4d0bf152d8f50114d13ce51868506570825123b8df4eed426f524c01bde3_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:7a17b1b04fd0d9ae66ad0dfaacbf9bebe44f77449763cd82bd172551c8dd5906_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:508186184b17d924659ad9dcaa468cd4086bbe958b4dac1a6297e7cd4f88a418_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:c9d56d0bfd800bd72c990829b81676a261c288f783ab44788feffdaa00bd069c_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:ea0fb56298089dfd6ea04c4933e6e15668fe422b60b521cf1388783797ac7852_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:06f31605e19bd7f702e403b815b961f125d92466e208428547069b3712c7a20e_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:6348d3a07a76aa6eb90d1689cdf67a45559e752aec70d06261596f09d7ebca4f_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:c140c1da34f8cb38864f92201ac8c9aa6981318d1bd4ebf87cea698fdb80a6d7_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:7904a53e3117acf2baeae3911c6d1cdfb78964080bf5ff3ff5bff531ca6ef366_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:adbab231c9403261c85b6e4ff2c81c0d19e206106df60fd1551c9e30cb2d83f7_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:bb16d7f7ef2310afacf12a11808c3b792ed1f30929ef9a62ff9b094d3d8512cc_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-operator-bundle@sha256:523e689589595cff9ee11393506309c00d23bf8fb945e1475aeeffea3d517897_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:0b3edcd073a1f331c011ebcd4aaa8371f9114b78a48e590df450e1e9006404c3_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:c143f6d1ec4d3d9a917a99c65815752e24e93a5be212c8d41a7f945ffffa67cf_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:f42594e7760bf45ccba9d0494391b07b355d147a8ccfae3db602bceb74d8e35f_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-operator-bundle@sha256:1a88af8ae614593144ab405214444d954aa97ba13baa6ccf3b3498b424f983df_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:667a65330c7ed33805c30896ff9fa979c1aeed8883eb31750af9802f6feb7034_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:a78c13c0c3f17432dee6d22756d6656afffe33081a1db5fad0ab68798fb92580_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:b2359332ffb463d8af90bcc6871b0a5ff4e79ce82243ba89ace96e18e05964fa_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0264dd99af5af4a7a30c2b5830e52980fc59d050cc940f191b32e09df284292a_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0dc6a56baad15c9fa6d0669f6f59ba1c6b444ef75e5d2893fa4bdd970bdfe88b_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:af5c18868820a4d139ad9c7d6a1d0a78396d96deb455b00a918c7eaf2ffbaa8b_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:30491b87e69ba242c3eacb607c71c13a9957962c0ae75d63fbb1f7aff12e268b_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:614d1860d95c7e9a84ee68bb507f9970d0af63a7df3e744bd5e5a08a2a617914_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:9dbe9316331f9b7725f39d00dc2bc8433482750c8178066b002682894f92ed87_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:3b08518f62a113a06a16ca3bcccbc128703f34815d66162426daabfd9740b2c4_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:4e8a4d0bf152d8f50114d13ce51868506570825123b8df4eed426f524c01bde3_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:7a17b1b04fd0d9ae66ad0dfaacbf9bebe44f77449763cd82bd172551c8dd5906_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:508186184b17d924659ad9dcaa468cd4086bbe958b4dac1a6297e7cd4f88a418_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:c9d56d0bfd800bd72c990829b81676a261c288f783ab44788feffdaa00bd069c_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:ea0fb56298089dfd6ea04c4933e6e15668fe422b60b521cf1388783797ac7852_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:06f31605e19bd7f702e403b815b961f125d92466e208428547069b3712c7a20e_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:6348d3a07a76aa6eb90d1689cdf67a45559e752aec70d06261596f09d7ebca4f_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:c140c1da34f8cb38864f92201ac8c9aa6981318d1bd4ebf87cea698fdb80a6d7_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:7904a53e3117acf2baeae3911c6d1cdfb78964080bf5ff3ff5bff531ca6ef366_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:adbab231c9403261c85b6e4ff2c81c0d19e206106df60fd1551c9e30cb2d83f7_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:bb16d7f7ef2310afacf12a11808c3b792ed1f30929ef9a62ff9b094d3d8512cc_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "jackson-databind: mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp.datasources.PerUserPoolDataSource"
},
{
"cve": "CVE-2020-36187",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2021-01-06T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-operator-bundle@sha256:523e689589595cff9ee11393506309c00d23bf8fb945e1475aeeffea3d517897_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:0b3edcd073a1f331c011ebcd4aaa8371f9114b78a48e590df450e1e9006404c3_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:c143f6d1ec4d3d9a917a99c65815752e24e93a5be212c8d41a7f945ffffa67cf_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:f42594e7760bf45ccba9d0494391b07b355d147a8ccfae3db602bceb74d8e35f_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-operator-bundle@sha256:1a88af8ae614593144ab405214444d954aa97ba13baa6ccf3b3498b424f983df_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:667a65330c7ed33805c30896ff9fa979c1aeed8883eb31750af9802f6feb7034_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:a78c13c0c3f17432dee6d22756d6656afffe33081a1db5fad0ab68798fb92580_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:b2359332ffb463d8af90bcc6871b0a5ff4e79ce82243ba89ace96e18e05964fa_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0264dd99af5af4a7a30c2b5830e52980fc59d050cc940f191b32e09df284292a_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0dc6a56baad15c9fa6d0669f6f59ba1c6b444ef75e5d2893fa4bdd970bdfe88b_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:af5c18868820a4d139ad9c7d6a1d0a78396d96deb455b00a918c7eaf2ffbaa8b_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:3b08518f62a113a06a16ca3bcccbc128703f34815d66162426daabfd9740b2c4_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:4e8a4d0bf152d8f50114d13ce51868506570825123b8df4eed426f524c01bde3_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:7a17b1b04fd0d9ae66ad0dfaacbf9bebe44f77449763cd82bd172551c8dd5906_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:508186184b17d924659ad9dcaa468cd4086bbe958b4dac1a6297e7cd4f88a418_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:c9d56d0bfd800bd72c990829b81676a261c288f783ab44788feffdaa00bd069c_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:ea0fb56298089dfd6ea04c4933e6e15668fe422b60b521cf1388783797ac7852_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:06f31605e19bd7f702e403b815b961f125d92466e208428547069b3712c7a20e_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:6348d3a07a76aa6eb90d1689cdf67a45559e752aec70d06261596f09d7ebca4f_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:c140c1da34f8cb38864f92201ac8c9aa6981318d1bd4ebf87cea698fdb80a6d7_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:7904a53e3117acf2baeae3911c6d1cdfb78964080bf5ff3ff5bff531ca6ef366_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:adbab231c9403261c85b6e4ff2c81c0d19e206106df60fd1551c9e30cb2d83f7_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:bb16d7f7ef2310afacf12a11808c3b792ed1f30929ef9a62ff9b094d3d8512cc_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1913933"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in jackson-databind. FasterXML mishandles the interaction between serialization gadgets and typing. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp.datasources.SharedPoolDataSource",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The following Red Hat products do ship the vulnerable component, but do not enable the unsafe conditions needed to exploit, lowering their vulnerability impact:\n* JBoss Data Grid 7\n* Business Process Management Suite 6\n* Business Rules Management Suite 6\n* JBoss Data Virtualization 6\n* Red Hat Fuse Service Works 6\n* Red Hat OpenStack Platform\n* Red Hat OpenShift containers: ose-metering-hadoop, ose-metering-hive, ose-logging-elasticsearch5, ose-logging-elasticsearch6 \nThese products may update the jackson-databind dependency in a future release.\n\nIn Red Hat Openshift 4 there are no plans to maintain the ose-logging-elasticsearch5 container, therefore it has been marked wontfix at this time and maybe fixed in a future update. \n\nThe following Red Hat products ship OpenDaylight, which contain the vulnerable jackson-databind, but do not expose jackson-databind in a way that would make it exploitable:\n* Red Hat OpenStack Platform 13\nAs such, Red Hat will not be providing a fix for OpenDaylight at this time.\n\nThe following Red Hat products are not affected by this flaw because they use a more recent version of jackson-databind that does not contain the vulnerable code:\n* CodeReady Studio 12.16.0\n* Red Hat Enterprise Linux 8\n* Red Hat Enterprise Virtualization\n* Red Hat Satellite 6\n* Red Hat OpenShift container: ose-metering-presto",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:30491b87e69ba242c3eacb607c71c13a9957962c0ae75d63fbb1f7aff12e268b_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:614d1860d95c7e9a84ee68bb507f9970d0af63a7df3e744bd5e5a08a2a617914_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:9dbe9316331f9b7725f39d00dc2bc8433482750c8178066b002682894f92ed87_s390x"
],
"known_not_affected": [
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-operator-bundle@sha256:523e689589595cff9ee11393506309c00d23bf8fb945e1475aeeffea3d517897_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:0b3edcd073a1f331c011ebcd4aaa8371f9114b78a48e590df450e1e9006404c3_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:c143f6d1ec4d3d9a917a99c65815752e24e93a5be212c8d41a7f945ffffa67cf_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:f42594e7760bf45ccba9d0494391b07b355d147a8ccfae3db602bceb74d8e35f_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-operator-bundle@sha256:1a88af8ae614593144ab405214444d954aa97ba13baa6ccf3b3498b424f983df_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:667a65330c7ed33805c30896ff9fa979c1aeed8883eb31750af9802f6feb7034_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:a78c13c0c3f17432dee6d22756d6656afffe33081a1db5fad0ab68798fb92580_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:b2359332ffb463d8af90bcc6871b0a5ff4e79ce82243ba89ace96e18e05964fa_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0264dd99af5af4a7a30c2b5830e52980fc59d050cc940f191b32e09df284292a_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0dc6a56baad15c9fa6d0669f6f59ba1c6b444ef75e5d2893fa4bdd970bdfe88b_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:af5c18868820a4d139ad9c7d6a1d0a78396d96deb455b00a918c7eaf2ffbaa8b_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:3b08518f62a113a06a16ca3bcccbc128703f34815d66162426daabfd9740b2c4_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:4e8a4d0bf152d8f50114d13ce51868506570825123b8df4eed426f524c01bde3_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:7a17b1b04fd0d9ae66ad0dfaacbf9bebe44f77449763cd82bd172551c8dd5906_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:508186184b17d924659ad9dcaa468cd4086bbe958b4dac1a6297e7cd4f88a418_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:c9d56d0bfd800bd72c990829b81676a261c288f783ab44788feffdaa00bd069c_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:ea0fb56298089dfd6ea04c4933e6e15668fe422b60b521cf1388783797ac7852_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:06f31605e19bd7f702e403b815b961f125d92466e208428547069b3712c7a20e_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:6348d3a07a76aa6eb90d1689cdf67a45559e752aec70d06261596f09d7ebca4f_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:c140c1da34f8cb38864f92201ac8c9aa6981318d1bd4ebf87cea698fdb80a6d7_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:7904a53e3117acf2baeae3911c6d1cdfb78964080bf5ff3ff5bff531ca6ef366_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:adbab231c9403261c85b6e4ff2c81c0d19e206106df60fd1551c9e30cb2d83f7_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:bb16d7f7ef2310afacf12a11808c3b792ed1f30929ef9a62ff9b094d3d8512cc_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-36187"
},
{
"category": "external",
"summary": "RHBZ#1913933",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1913933"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-36187",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-36187"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-36187",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-36187"
},
{
"category": "external",
"summary": "https://github.com/FasterXML/jackson-databind/issues/2997",
"url": "https://github.com/FasterXML/jackson-databind/issues/2997"
}
],
"release_date": "2020-12-23T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-05-06T13:38:14+00:00",
"details": "For OpenShift Container Platform 4.7 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:\n\nhttps://docs.openshift.com/container-platform/4.7/release_notes/ocp-4-7-release-notes.html\n\nFor Red Hat OpenShift Logging 5.0, see the following instructions to apply this update:\n\nhttps://docs.openshift.com/container-platform/4.7/logging/cluster-logging-upgrading.html",
"product_ids": [
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:30491b87e69ba242c3eacb607c71c13a9957962c0ae75d63fbb1f7aff12e268b_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:614d1860d95c7e9a84ee68bb507f9970d0af63a7df3e744bd5e5a08a2a617914_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:9dbe9316331f9b7725f39d00dc2bc8433482750c8178066b002682894f92ed87_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:1515"
},
{
"category": "workaround",
"details": "The following conditions are needed for an exploit, we recommend avoiding all if possible:\n* Deserialization from sources you do not control\n* `enableDefaultTyping()`\n* `@JsonTypeInfo using `id.CLASS` or `id.MINIMAL_CLASS`\n* avoid: oadd.org.apache.commons.dbcp.cpdsadapter.DriverAdapterCPDS, org.apache.commons.dbcp2.cpdsadapter.DriverAdapterCPDS, org.apache.tomcat.dbcp.dbcp.cpdsadapter.DriverAdapterCPDS, org.apache.tomcat.dbcp.dbcp2.cpdsadapter.DriverAdapterCPDS, org.docx4j.org.apache.xalan.lib.sql.JNDIConnectionPool, org.apache.tomcat.dbcp.dbcp2.datasources.PerUserPoolDataSource, org.apache.tomcat.dbcp.dbcp2.datasources.SharedPoolDataSource, org.apache.tomcat.dbcp.dbcp.datasources.PerUserPoolDataSource, org.apache.tomcat.dbcp.dbcp.datasources.SharedPoolDataSource, com.newrelic.agent.deps.ch.qos.logback.core.db.JNDIConnectionSource, com.newrelic.agent.deps.ch.qos.logback.core.db.DriverManagerConnectionSource\nin the classpath",
"product_ids": [
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-operator-bundle@sha256:523e689589595cff9ee11393506309c00d23bf8fb945e1475aeeffea3d517897_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:0b3edcd073a1f331c011ebcd4aaa8371f9114b78a48e590df450e1e9006404c3_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:c143f6d1ec4d3d9a917a99c65815752e24e93a5be212c8d41a7f945ffffa67cf_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:f42594e7760bf45ccba9d0494391b07b355d147a8ccfae3db602bceb74d8e35f_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-operator-bundle@sha256:1a88af8ae614593144ab405214444d954aa97ba13baa6ccf3b3498b424f983df_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:667a65330c7ed33805c30896ff9fa979c1aeed8883eb31750af9802f6feb7034_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:a78c13c0c3f17432dee6d22756d6656afffe33081a1db5fad0ab68798fb92580_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:b2359332ffb463d8af90bcc6871b0a5ff4e79ce82243ba89ace96e18e05964fa_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0264dd99af5af4a7a30c2b5830e52980fc59d050cc940f191b32e09df284292a_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0dc6a56baad15c9fa6d0669f6f59ba1c6b444ef75e5d2893fa4bdd970bdfe88b_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:af5c18868820a4d139ad9c7d6a1d0a78396d96deb455b00a918c7eaf2ffbaa8b_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:30491b87e69ba242c3eacb607c71c13a9957962c0ae75d63fbb1f7aff12e268b_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:614d1860d95c7e9a84ee68bb507f9970d0af63a7df3e744bd5e5a08a2a617914_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:9dbe9316331f9b7725f39d00dc2bc8433482750c8178066b002682894f92ed87_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:3b08518f62a113a06a16ca3bcccbc128703f34815d66162426daabfd9740b2c4_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:4e8a4d0bf152d8f50114d13ce51868506570825123b8df4eed426f524c01bde3_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:7a17b1b04fd0d9ae66ad0dfaacbf9bebe44f77449763cd82bd172551c8dd5906_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:508186184b17d924659ad9dcaa468cd4086bbe958b4dac1a6297e7cd4f88a418_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:c9d56d0bfd800bd72c990829b81676a261c288f783ab44788feffdaa00bd069c_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:ea0fb56298089dfd6ea04c4933e6e15668fe422b60b521cf1388783797ac7852_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:06f31605e19bd7f702e403b815b961f125d92466e208428547069b3712c7a20e_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:6348d3a07a76aa6eb90d1689cdf67a45559e752aec70d06261596f09d7ebca4f_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:c140c1da34f8cb38864f92201ac8c9aa6981318d1bd4ebf87cea698fdb80a6d7_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:7904a53e3117acf2baeae3911c6d1cdfb78964080bf5ff3ff5bff531ca6ef366_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:adbab231c9403261c85b6e4ff2c81c0d19e206106df60fd1551c9e30cb2d83f7_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:bb16d7f7ef2310afacf12a11808c3b792ed1f30929ef9a62ff9b094d3d8512cc_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-operator-bundle@sha256:523e689589595cff9ee11393506309c00d23bf8fb945e1475aeeffea3d517897_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:0b3edcd073a1f331c011ebcd4aaa8371f9114b78a48e590df450e1e9006404c3_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:c143f6d1ec4d3d9a917a99c65815752e24e93a5be212c8d41a7f945ffffa67cf_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:f42594e7760bf45ccba9d0494391b07b355d147a8ccfae3db602bceb74d8e35f_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-operator-bundle@sha256:1a88af8ae614593144ab405214444d954aa97ba13baa6ccf3b3498b424f983df_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:667a65330c7ed33805c30896ff9fa979c1aeed8883eb31750af9802f6feb7034_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:a78c13c0c3f17432dee6d22756d6656afffe33081a1db5fad0ab68798fb92580_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:b2359332ffb463d8af90bcc6871b0a5ff4e79ce82243ba89ace96e18e05964fa_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0264dd99af5af4a7a30c2b5830e52980fc59d050cc940f191b32e09df284292a_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0dc6a56baad15c9fa6d0669f6f59ba1c6b444ef75e5d2893fa4bdd970bdfe88b_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:af5c18868820a4d139ad9c7d6a1d0a78396d96deb455b00a918c7eaf2ffbaa8b_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:30491b87e69ba242c3eacb607c71c13a9957962c0ae75d63fbb1f7aff12e268b_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:614d1860d95c7e9a84ee68bb507f9970d0af63a7df3e744bd5e5a08a2a617914_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:9dbe9316331f9b7725f39d00dc2bc8433482750c8178066b002682894f92ed87_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:3b08518f62a113a06a16ca3bcccbc128703f34815d66162426daabfd9740b2c4_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:4e8a4d0bf152d8f50114d13ce51868506570825123b8df4eed426f524c01bde3_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:7a17b1b04fd0d9ae66ad0dfaacbf9bebe44f77449763cd82bd172551c8dd5906_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:508186184b17d924659ad9dcaa468cd4086bbe958b4dac1a6297e7cd4f88a418_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:c9d56d0bfd800bd72c990829b81676a261c288f783ab44788feffdaa00bd069c_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:ea0fb56298089dfd6ea04c4933e6e15668fe422b60b521cf1388783797ac7852_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:06f31605e19bd7f702e403b815b961f125d92466e208428547069b3712c7a20e_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:6348d3a07a76aa6eb90d1689cdf67a45559e752aec70d06261596f09d7ebca4f_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:c140c1da34f8cb38864f92201ac8c9aa6981318d1bd4ebf87cea698fdb80a6d7_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:7904a53e3117acf2baeae3911c6d1cdfb78964080bf5ff3ff5bff531ca6ef366_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:adbab231c9403261c85b6e4ff2c81c0d19e206106df60fd1551c9e30cb2d83f7_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:bb16d7f7ef2310afacf12a11808c3b792ed1f30929ef9a62ff9b094d3d8512cc_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "jackson-databind: mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp.datasources.SharedPoolDataSource"
},
{
"cve": "CVE-2020-36188",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2021-01-06T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-operator-bundle@sha256:523e689589595cff9ee11393506309c00d23bf8fb945e1475aeeffea3d517897_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:0b3edcd073a1f331c011ebcd4aaa8371f9114b78a48e590df450e1e9006404c3_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:c143f6d1ec4d3d9a917a99c65815752e24e93a5be212c8d41a7f945ffffa67cf_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:f42594e7760bf45ccba9d0494391b07b355d147a8ccfae3db602bceb74d8e35f_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-operator-bundle@sha256:1a88af8ae614593144ab405214444d954aa97ba13baa6ccf3b3498b424f983df_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:667a65330c7ed33805c30896ff9fa979c1aeed8883eb31750af9802f6feb7034_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:a78c13c0c3f17432dee6d22756d6656afffe33081a1db5fad0ab68798fb92580_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:b2359332ffb463d8af90bcc6871b0a5ff4e79ce82243ba89ace96e18e05964fa_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0264dd99af5af4a7a30c2b5830e52980fc59d050cc940f191b32e09df284292a_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0dc6a56baad15c9fa6d0669f6f59ba1c6b444ef75e5d2893fa4bdd970bdfe88b_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:af5c18868820a4d139ad9c7d6a1d0a78396d96deb455b00a918c7eaf2ffbaa8b_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:3b08518f62a113a06a16ca3bcccbc128703f34815d66162426daabfd9740b2c4_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:4e8a4d0bf152d8f50114d13ce51868506570825123b8df4eed426f524c01bde3_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:7a17b1b04fd0d9ae66ad0dfaacbf9bebe44f77449763cd82bd172551c8dd5906_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:508186184b17d924659ad9dcaa468cd4086bbe958b4dac1a6297e7cd4f88a418_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:c9d56d0bfd800bd72c990829b81676a261c288f783ab44788feffdaa00bd069c_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:ea0fb56298089dfd6ea04c4933e6e15668fe422b60b521cf1388783797ac7852_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:06f31605e19bd7f702e403b815b961f125d92466e208428547069b3712c7a20e_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:6348d3a07a76aa6eb90d1689cdf67a45559e752aec70d06261596f09d7ebca4f_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:c140c1da34f8cb38864f92201ac8c9aa6981318d1bd4ebf87cea698fdb80a6d7_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:7904a53e3117acf2baeae3911c6d1cdfb78964080bf5ff3ff5bff531ca6ef366_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:adbab231c9403261c85b6e4ff2c81c0d19e206106df60fd1551c9e30cb2d83f7_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:bb16d7f7ef2310afacf12a11808c3b792ed1f30929ef9a62ff9b094d3d8512cc_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1913934"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in jackson-databind. FasterXML mishandles the interaction between serialization gadgets and typing. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: mishandles the interaction between serialization gadgets and typing, related to com.newrelic.agent.deps.ch.qos.logback.core.db.JNDIConnectionSource",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The following Red Hat products do ship the vulnerable component, but do not enable the unsafe conditions needed to exploit, lowering their vulnerability impact:\n* JBoss Data Grid 7\n* Business Process Management Suite 6\n* Business Rules Management Suite 6\n* JBoss Data Virtualization 6\n* Red Hat Fuse Service Works 6\n* Red Hat OpenStack Platform\n* Red Hat OpenShift containers: ose-metering-hadoop, ose-metering-hive, ose-logging-elasticsearch5, ose-logging-elasticsearch6 \nThese products may update the jackson-databind dependency in a future release.\n\nIn Red Hat Openshift 4 there are no plans to maintain the ose-logging-elasticsearch5 container, hence it has been marked wontfix at this time and maybe fixed in a future update. \n\nThe following Red Hat products ship OpenDaylight, which contains the vulnerable jackson-databind, but they do not expose jackson-databind in a way that would make it exploitable:\n* Red Hat OpenStack Platform 13\nAs such, Red Hat will not be providing a fix for OpenDaylight at this time.\n\nThe following Red Hat products are not affected by this flaw because they use a more recent version of jackson-databind that does not contain the vulnerable code:\n* CodeReady Studio 12.16.0\n* Red Hat Enterprise Linux 8\n* Red Hat Enterprise Virtualization\n* Red Hat Satellite 6\n* Red Hat OpenShift container: ose-metering-presto",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:30491b87e69ba242c3eacb607c71c13a9957962c0ae75d63fbb1f7aff12e268b_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:614d1860d95c7e9a84ee68bb507f9970d0af63a7df3e744bd5e5a08a2a617914_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:9dbe9316331f9b7725f39d00dc2bc8433482750c8178066b002682894f92ed87_s390x"
],
"known_not_affected": [
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-operator-bundle@sha256:523e689589595cff9ee11393506309c00d23bf8fb945e1475aeeffea3d517897_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:0b3edcd073a1f331c011ebcd4aaa8371f9114b78a48e590df450e1e9006404c3_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:c143f6d1ec4d3d9a917a99c65815752e24e93a5be212c8d41a7f945ffffa67cf_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:f42594e7760bf45ccba9d0494391b07b355d147a8ccfae3db602bceb74d8e35f_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-operator-bundle@sha256:1a88af8ae614593144ab405214444d954aa97ba13baa6ccf3b3498b424f983df_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:667a65330c7ed33805c30896ff9fa979c1aeed8883eb31750af9802f6feb7034_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:a78c13c0c3f17432dee6d22756d6656afffe33081a1db5fad0ab68798fb92580_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:b2359332ffb463d8af90bcc6871b0a5ff4e79ce82243ba89ace96e18e05964fa_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0264dd99af5af4a7a30c2b5830e52980fc59d050cc940f191b32e09df284292a_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0dc6a56baad15c9fa6d0669f6f59ba1c6b444ef75e5d2893fa4bdd970bdfe88b_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:af5c18868820a4d139ad9c7d6a1d0a78396d96deb455b00a918c7eaf2ffbaa8b_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:3b08518f62a113a06a16ca3bcccbc128703f34815d66162426daabfd9740b2c4_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:4e8a4d0bf152d8f50114d13ce51868506570825123b8df4eed426f524c01bde3_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:7a17b1b04fd0d9ae66ad0dfaacbf9bebe44f77449763cd82bd172551c8dd5906_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:508186184b17d924659ad9dcaa468cd4086bbe958b4dac1a6297e7cd4f88a418_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:c9d56d0bfd800bd72c990829b81676a261c288f783ab44788feffdaa00bd069c_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:ea0fb56298089dfd6ea04c4933e6e15668fe422b60b521cf1388783797ac7852_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:06f31605e19bd7f702e403b815b961f125d92466e208428547069b3712c7a20e_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:6348d3a07a76aa6eb90d1689cdf67a45559e752aec70d06261596f09d7ebca4f_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:c140c1da34f8cb38864f92201ac8c9aa6981318d1bd4ebf87cea698fdb80a6d7_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:7904a53e3117acf2baeae3911c6d1cdfb78964080bf5ff3ff5bff531ca6ef366_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:adbab231c9403261c85b6e4ff2c81c0d19e206106df60fd1551c9e30cb2d83f7_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:bb16d7f7ef2310afacf12a11808c3b792ed1f30929ef9a62ff9b094d3d8512cc_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-36188"
},
{
"category": "external",
"summary": "RHBZ#1913934",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1913934"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-36188",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-36188"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-36188",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-36188"
},
{
"category": "external",
"summary": "https://github.com/FasterXML/jackson-databind/issues/2996",
"url": "https://github.com/FasterXML/jackson-databind/issues/2996"
}
],
"release_date": "2020-12-23T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-05-06T13:38:14+00:00",
"details": "For OpenShift Container Platform 4.7 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:\n\nhttps://docs.openshift.com/container-platform/4.7/release_notes/ocp-4-7-release-notes.html\n\nFor Red Hat OpenShift Logging 5.0, see the following instructions to apply this update:\n\nhttps://docs.openshift.com/container-platform/4.7/logging/cluster-logging-upgrading.html",
"product_ids": [
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:30491b87e69ba242c3eacb607c71c13a9957962c0ae75d63fbb1f7aff12e268b_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:614d1860d95c7e9a84ee68bb507f9970d0af63a7df3e744bd5e5a08a2a617914_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:9dbe9316331f9b7725f39d00dc2bc8433482750c8178066b002682894f92ed87_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:1515"
},
{
"category": "workaround",
"details": "The following conditions are needed for an exploit, we recommend avoiding all if possible:\n* Deserialization from sources you do not control\n* `enableDefaultTyping()`\n* `@JsonTypeInfo using `id.CLASS` or `id.MINIMAL_CLASS`\n* avoid: oadd.org.apache.commons.dbcp.cpdsadapter.DriverAdapterCPDS, org.apache.commons.dbcp2.cpdsadapter.DriverAdapterCPDS, org.apache.tomcat.dbcp.dbcp.cpdsadapter.DriverAdapterCPDS, org.apache.tomcat.dbcp.dbcp2.cpdsadapter.DriverAdapterCPDS, org.docx4j.org.apache.xalan.lib.sql.JNDIConnectionPool, org.apache.tomcat.dbcp.dbcp2.datasources.PerUserPoolDataSource, org.apache.tomcat.dbcp.dbcp2.datasources.SharedPoolDataSource, org.apache.tomcat.dbcp.dbcp.datasources.PerUserPoolDataSource, org.apache.tomcat.dbcp.dbcp.datasources.SharedPoolDataSource, com.newrelic.agent.deps.ch.qos.logback.core.db.JNDIConnectionSource, com.newrelic.agent.deps.ch.qos.logback.core.db.DriverManagerConnectionSource\nin the classpath",
"product_ids": [
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-operator-bundle@sha256:523e689589595cff9ee11393506309c00d23bf8fb945e1475aeeffea3d517897_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:0b3edcd073a1f331c011ebcd4aaa8371f9114b78a48e590df450e1e9006404c3_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:c143f6d1ec4d3d9a917a99c65815752e24e93a5be212c8d41a7f945ffffa67cf_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:f42594e7760bf45ccba9d0494391b07b355d147a8ccfae3db602bceb74d8e35f_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-operator-bundle@sha256:1a88af8ae614593144ab405214444d954aa97ba13baa6ccf3b3498b424f983df_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:667a65330c7ed33805c30896ff9fa979c1aeed8883eb31750af9802f6feb7034_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:a78c13c0c3f17432dee6d22756d6656afffe33081a1db5fad0ab68798fb92580_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:b2359332ffb463d8af90bcc6871b0a5ff4e79ce82243ba89ace96e18e05964fa_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0264dd99af5af4a7a30c2b5830e52980fc59d050cc940f191b32e09df284292a_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0dc6a56baad15c9fa6d0669f6f59ba1c6b444ef75e5d2893fa4bdd970bdfe88b_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:af5c18868820a4d139ad9c7d6a1d0a78396d96deb455b00a918c7eaf2ffbaa8b_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:30491b87e69ba242c3eacb607c71c13a9957962c0ae75d63fbb1f7aff12e268b_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:614d1860d95c7e9a84ee68bb507f9970d0af63a7df3e744bd5e5a08a2a617914_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:9dbe9316331f9b7725f39d00dc2bc8433482750c8178066b002682894f92ed87_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:3b08518f62a113a06a16ca3bcccbc128703f34815d66162426daabfd9740b2c4_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:4e8a4d0bf152d8f50114d13ce51868506570825123b8df4eed426f524c01bde3_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:7a17b1b04fd0d9ae66ad0dfaacbf9bebe44f77449763cd82bd172551c8dd5906_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:508186184b17d924659ad9dcaa468cd4086bbe958b4dac1a6297e7cd4f88a418_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:c9d56d0bfd800bd72c990829b81676a261c288f783ab44788feffdaa00bd069c_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:ea0fb56298089dfd6ea04c4933e6e15668fe422b60b521cf1388783797ac7852_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:06f31605e19bd7f702e403b815b961f125d92466e208428547069b3712c7a20e_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:6348d3a07a76aa6eb90d1689cdf67a45559e752aec70d06261596f09d7ebca4f_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:c140c1da34f8cb38864f92201ac8c9aa6981318d1bd4ebf87cea698fdb80a6d7_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:7904a53e3117acf2baeae3911c6d1cdfb78964080bf5ff3ff5bff531ca6ef366_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:adbab231c9403261c85b6e4ff2c81c0d19e206106df60fd1551c9e30cb2d83f7_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:bb16d7f7ef2310afacf12a11808c3b792ed1f30929ef9a62ff9b094d3d8512cc_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-operator-bundle@sha256:523e689589595cff9ee11393506309c00d23bf8fb945e1475aeeffea3d517897_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:0b3edcd073a1f331c011ebcd4aaa8371f9114b78a48e590df450e1e9006404c3_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:c143f6d1ec4d3d9a917a99c65815752e24e93a5be212c8d41a7f945ffffa67cf_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:f42594e7760bf45ccba9d0494391b07b355d147a8ccfae3db602bceb74d8e35f_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-operator-bundle@sha256:1a88af8ae614593144ab405214444d954aa97ba13baa6ccf3b3498b424f983df_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:667a65330c7ed33805c30896ff9fa979c1aeed8883eb31750af9802f6feb7034_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:a78c13c0c3f17432dee6d22756d6656afffe33081a1db5fad0ab68798fb92580_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:b2359332ffb463d8af90bcc6871b0a5ff4e79ce82243ba89ace96e18e05964fa_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0264dd99af5af4a7a30c2b5830e52980fc59d050cc940f191b32e09df284292a_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0dc6a56baad15c9fa6d0669f6f59ba1c6b444ef75e5d2893fa4bdd970bdfe88b_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:af5c18868820a4d139ad9c7d6a1d0a78396d96deb455b00a918c7eaf2ffbaa8b_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:30491b87e69ba242c3eacb607c71c13a9957962c0ae75d63fbb1f7aff12e268b_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:614d1860d95c7e9a84ee68bb507f9970d0af63a7df3e744bd5e5a08a2a617914_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:9dbe9316331f9b7725f39d00dc2bc8433482750c8178066b002682894f92ed87_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:3b08518f62a113a06a16ca3bcccbc128703f34815d66162426daabfd9740b2c4_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:4e8a4d0bf152d8f50114d13ce51868506570825123b8df4eed426f524c01bde3_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:7a17b1b04fd0d9ae66ad0dfaacbf9bebe44f77449763cd82bd172551c8dd5906_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:508186184b17d924659ad9dcaa468cd4086bbe958b4dac1a6297e7cd4f88a418_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:c9d56d0bfd800bd72c990829b81676a261c288f783ab44788feffdaa00bd069c_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:ea0fb56298089dfd6ea04c4933e6e15668fe422b60b521cf1388783797ac7852_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:06f31605e19bd7f702e403b815b961f125d92466e208428547069b3712c7a20e_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:6348d3a07a76aa6eb90d1689cdf67a45559e752aec70d06261596f09d7ebca4f_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:c140c1da34f8cb38864f92201ac8c9aa6981318d1bd4ebf87cea698fdb80a6d7_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:7904a53e3117acf2baeae3911c6d1cdfb78964080bf5ff3ff5bff531ca6ef366_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:adbab231c9403261c85b6e4ff2c81c0d19e206106df60fd1551c9e30cb2d83f7_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:bb16d7f7ef2310afacf12a11808c3b792ed1f30929ef9a62ff9b094d3d8512cc_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "jackson-databind: mishandles the interaction between serialization gadgets and typing, related to com.newrelic.agent.deps.ch.qos.logback.core.db.JNDIConnectionSource"
},
{
"cve": "CVE-2020-36189",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2021-01-06T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-operator-bundle@sha256:523e689589595cff9ee11393506309c00d23bf8fb945e1475aeeffea3d517897_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:0b3edcd073a1f331c011ebcd4aaa8371f9114b78a48e590df450e1e9006404c3_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:c143f6d1ec4d3d9a917a99c65815752e24e93a5be212c8d41a7f945ffffa67cf_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:f42594e7760bf45ccba9d0494391b07b355d147a8ccfae3db602bceb74d8e35f_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-operator-bundle@sha256:1a88af8ae614593144ab405214444d954aa97ba13baa6ccf3b3498b424f983df_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:667a65330c7ed33805c30896ff9fa979c1aeed8883eb31750af9802f6feb7034_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:a78c13c0c3f17432dee6d22756d6656afffe33081a1db5fad0ab68798fb92580_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:b2359332ffb463d8af90bcc6871b0a5ff4e79ce82243ba89ace96e18e05964fa_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0264dd99af5af4a7a30c2b5830e52980fc59d050cc940f191b32e09df284292a_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0dc6a56baad15c9fa6d0669f6f59ba1c6b444ef75e5d2893fa4bdd970bdfe88b_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:af5c18868820a4d139ad9c7d6a1d0a78396d96deb455b00a918c7eaf2ffbaa8b_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:3b08518f62a113a06a16ca3bcccbc128703f34815d66162426daabfd9740b2c4_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:4e8a4d0bf152d8f50114d13ce51868506570825123b8df4eed426f524c01bde3_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:7a17b1b04fd0d9ae66ad0dfaacbf9bebe44f77449763cd82bd172551c8dd5906_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:508186184b17d924659ad9dcaa468cd4086bbe958b4dac1a6297e7cd4f88a418_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:c9d56d0bfd800bd72c990829b81676a261c288f783ab44788feffdaa00bd069c_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:ea0fb56298089dfd6ea04c4933e6e15668fe422b60b521cf1388783797ac7852_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:06f31605e19bd7f702e403b815b961f125d92466e208428547069b3712c7a20e_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:6348d3a07a76aa6eb90d1689cdf67a45559e752aec70d06261596f09d7ebca4f_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:c140c1da34f8cb38864f92201ac8c9aa6981318d1bd4ebf87cea698fdb80a6d7_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:7904a53e3117acf2baeae3911c6d1cdfb78964080bf5ff3ff5bff531ca6ef366_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:adbab231c9403261c85b6e4ff2c81c0d19e206106df60fd1551c9e30cb2d83f7_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:bb16d7f7ef2310afacf12a11808c3b792ed1f30929ef9a62ff9b094d3d8512cc_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1913937"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in jackson-databind. FasterXML mishandles the interaction between serialization gadgets and typing. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: mishandles the interaction between serialization gadgets and typing, related to com.newrelic.agent.deps.ch.qos.logback.core.db.DriverManagerConnectionSource",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The following Red Hat products do ship the vulnerable component, but do not enable the unsafe conditions needed to exploit, lowering their vulnerability impact:\n* JBoss Data Grid 7\n* Business Process Management Suite 6\n* Business Rules Management Suite 6\n* JBoss Data Virtualization 6\n* Red Hat Fuse Service Works 6\n* Red Hat OpenStack Platform\n* Red Hat OpenShift containers: ose-metering-hadoop, ose-metering-hive, ose-logging-elasticsearch5, ose-logging-elasticsearch6 \nThese products may update the jackson-databind dependency in a future release.\n\nIn Red Hat Openshift 4 there are no plans to maintain the ose-logging-elasticsearch5 container, therefore it has been marked wontfix at this time and maybe fixed in a future update. \n\nThe following Red Hat products ship OpenDaylight, which contains the vulnerable jackson-databind, but do not expose jackson-databind in a way that would make it exploitable:\n* Red Hat OpenStack Platform 13\nAs such, Red Hat will not be providing a fix for OpenDaylight at this time.\n\nThe following Red Hat products are not affected by this flaw because they use a more recent version of jackson-databind that does not contain the vulnerable code:\n* CodeReady Studio 12.16.0\n* Red Hat Enterprise Linux 8\n* Red Hat Enterprise Virtualization\n* Red Hat Satellite 6\n* Red Hat OpenShift container: ose-metering-presto",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:30491b87e69ba242c3eacb607c71c13a9957962c0ae75d63fbb1f7aff12e268b_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:614d1860d95c7e9a84ee68bb507f9970d0af63a7df3e744bd5e5a08a2a617914_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:9dbe9316331f9b7725f39d00dc2bc8433482750c8178066b002682894f92ed87_s390x"
],
"known_not_affected": [
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-operator-bundle@sha256:523e689589595cff9ee11393506309c00d23bf8fb945e1475aeeffea3d517897_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:0b3edcd073a1f331c011ebcd4aaa8371f9114b78a48e590df450e1e9006404c3_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:c143f6d1ec4d3d9a917a99c65815752e24e93a5be212c8d41a7f945ffffa67cf_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:f42594e7760bf45ccba9d0494391b07b355d147a8ccfae3db602bceb74d8e35f_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-operator-bundle@sha256:1a88af8ae614593144ab405214444d954aa97ba13baa6ccf3b3498b424f983df_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:667a65330c7ed33805c30896ff9fa979c1aeed8883eb31750af9802f6feb7034_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:a78c13c0c3f17432dee6d22756d6656afffe33081a1db5fad0ab68798fb92580_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:b2359332ffb463d8af90bcc6871b0a5ff4e79ce82243ba89ace96e18e05964fa_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0264dd99af5af4a7a30c2b5830e52980fc59d050cc940f191b32e09df284292a_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0dc6a56baad15c9fa6d0669f6f59ba1c6b444ef75e5d2893fa4bdd970bdfe88b_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:af5c18868820a4d139ad9c7d6a1d0a78396d96deb455b00a918c7eaf2ffbaa8b_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:3b08518f62a113a06a16ca3bcccbc128703f34815d66162426daabfd9740b2c4_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:4e8a4d0bf152d8f50114d13ce51868506570825123b8df4eed426f524c01bde3_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:7a17b1b04fd0d9ae66ad0dfaacbf9bebe44f77449763cd82bd172551c8dd5906_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:508186184b17d924659ad9dcaa468cd4086bbe958b4dac1a6297e7cd4f88a418_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:c9d56d0bfd800bd72c990829b81676a261c288f783ab44788feffdaa00bd069c_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:ea0fb56298089dfd6ea04c4933e6e15668fe422b60b521cf1388783797ac7852_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:06f31605e19bd7f702e403b815b961f125d92466e208428547069b3712c7a20e_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:6348d3a07a76aa6eb90d1689cdf67a45559e752aec70d06261596f09d7ebca4f_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:c140c1da34f8cb38864f92201ac8c9aa6981318d1bd4ebf87cea698fdb80a6d7_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:7904a53e3117acf2baeae3911c6d1cdfb78964080bf5ff3ff5bff531ca6ef366_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:adbab231c9403261c85b6e4ff2c81c0d19e206106df60fd1551c9e30cb2d83f7_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:bb16d7f7ef2310afacf12a11808c3b792ed1f30929ef9a62ff9b094d3d8512cc_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-36189"
},
{
"category": "external",
"summary": "RHBZ#1913937",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1913937"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-36189",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-36189"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-36189",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-36189"
},
{
"category": "external",
"summary": "https://github.com/FasterXML/jackson-databind/issues/2996",
"url": "https://github.com/FasterXML/jackson-databind/issues/2996"
}
],
"release_date": "2020-12-23T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-05-06T13:38:14+00:00",
"details": "For OpenShift Container Platform 4.7 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:\n\nhttps://docs.openshift.com/container-platform/4.7/release_notes/ocp-4-7-release-notes.html\n\nFor Red Hat OpenShift Logging 5.0, see the following instructions to apply this update:\n\nhttps://docs.openshift.com/container-platform/4.7/logging/cluster-logging-upgrading.html",
"product_ids": [
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:30491b87e69ba242c3eacb607c71c13a9957962c0ae75d63fbb1f7aff12e268b_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:614d1860d95c7e9a84ee68bb507f9970d0af63a7df3e744bd5e5a08a2a617914_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:9dbe9316331f9b7725f39d00dc2bc8433482750c8178066b002682894f92ed87_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:1515"
},
{
"category": "workaround",
"details": "The following conditions are needed for an exploit, we recommend avoiding all if possible:\n* Deserialization from sources you do not control\n* `enableDefaultTyping()`\n* `@JsonTypeInfo using `id.CLASS` or `id.MINIMAL_CLASS`\n* avoid: oadd.org.apache.commons.dbcp.cpdsadapter.DriverAdapterCPDS, org.apache.commons.dbcp2.cpdsadapter.DriverAdapterCPDS, org.apache.tomcat.dbcp.dbcp.cpdsadapter.DriverAdapterCPDS, org.apache.tomcat.dbcp.dbcp2.cpdsadapter.DriverAdapterCPDS, org.docx4j.org.apache.xalan.lib.sql.JNDIConnectionPool, org.apache.tomcat.dbcp.dbcp2.datasources.PerUserPoolDataSource, org.apache.tomcat.dbcp.dbcp2.datasources.SharedPoolDataSource, org.apache.tomcat.dbcp.dbcp.datasources.PerUserPoolDataSource, org.apache.tomcat.dbcp.dbcp.datasources.SharedPoolDataSource, com.newrelic.agent.deps.ch.qos.logback.core.db.JNDIConnectionSource, com.newrelic.agent.deps.ch.qos.logback.core.db.DriverManagerConnectionSource\nin the classpath",
"product_ids": [
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-operator-bundle@sha256:523e689589595cff9ee11393506309c00d23bf8fb945e1475aeeffea3d517897_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:0b3edcd073a1f331c011ebcd4aaa8371f9114b78a48e590df450e1e9006404c3_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:c143f6d1ec4d3d9a917a99c65815752e24e93a5be212c8d41a7f945ffffa67cf_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:f42594e7760bf45ccba9d0494391b07b355d147a8ccfae3db602bceb74d8e35f_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-operator-bundle@sha256:1a88af8ae614593144ab405214444d954aa97ba13baa6ccf3b3498b424f983df_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:667a65330c7ed33805c30896ff9fa979c1aeed8883eb31750af9802f6feb7034_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:a78c13c0c3f17432dee6d22756d6656afffe33081a1db5fad0ab68798fb92580_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:b2359332ffb463d8af90bcc6871b0a5ff4e79ce82243ba89ace96e18e05964fa_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0264dd99af5af4a7a30c2b5830e52980fc59d050cc940f191b32e09df284292a_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0dc6a56baad15c9fa6d0669f6f59ba1c6b444ef75e5d2893fa4bdd970bdfe88b_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:af5c18868820a4d139ad9c7d6a1d0a78396d96deb455b00a918c7eaf2ffbaa8b_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:30491b87e69ba242c3eacb607c71c13a9957962c0ae75d63fbb1f7aff12e268b_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:614d1860d95c7e9a84ee68bb507f9970d0af63a7df3e744bd5e5a08a2a617914_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:9dbe9316331f9b7725f39d00dc2bc8433482750c8178066b002682894f92ed87_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:3b08518f62a113a06a16ca3bcccbc128703f34815d66162426daabfd9740b2c4_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:4e8a4d0bf152d8f50114d13ce51868506570825123b8df4eed426f524c01bde3_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:7a17b1b04fd0d9ae66ad0dfaacbf9bebe44f77449763cd82bd172551c8dd5906_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:508186184b17d924659ad9dcaa468cd4086bbe958b4dac1a6297e7cd4f88a418_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:c9d56d0bfd800bd72c990829b81676a261c288f783ab44788feffdaa00bd069c_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:ea0fb56298089dfd6ea04c4933e6e15668fe422b60b521cf1388783797ac7852_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:06f31605e19bd7f702e403b815b961f125d92466e208428547069b3712c7a20e_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:6348d3a07a76aa6eb90d1689cdf67a45559e752aec70d06261596f09d7ebca4f_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:c140c1da34f8cb38864f92201ac8c9aa6981318d1bd4ebf87cea698fdb80a6d7_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:7904a53e3117acf2baeae3911c6d1cdfb78964080bf5ff3ff5bff531ca6ef366_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:adbab231c9403261c85b6e4ff2c81c0d19e206106df60fd1551c9e30cb2d83f7_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:bb16d7f7ef2310afacf12a11808c3b792ed1f30929ef9a62ff9b094d3d8512cc_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-operator-bundle@sha256:523e689589595cff9ee11393506309c00d23bf8fb945e1475aeeffea3d517897_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:0b3edcd073a1f331c011ebcd4aaa8371f9114b78a48e590df450e1e9006404c3_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:c143f6d1ec4d3d9a917a99c65815752e24e93a5be212c8d41a7f945ffffa67cf_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:f42594e7760bf45ccba9d0494391b07b355d147a8ccfae3db602bceb74d8e35f_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-operator-bundle@sha256:1a88af8ae614593144ab405214444d954aa97ba13baa6ccf3b3498b424f983df_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:667a65330c7ed33805c30896ff9fa979c1aeed8883eb31750af9802f6feb7034_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:a78c13c0c3f17432dee6d22756d6656afffe33081a1db5fad0ab68798fb92580_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:b2359332ffb463d8af90bcc6871b0a5ff4e79ce82243ba89ace96e18e05964fa_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0264dd99af5af4a7a30c2b5830e52980fc59d050cc940f191b32e09df284292a_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0dc6a56baad15c9fa6d0669f6f59ba1c6b444ef75e5d2893fa4bdd970bdfe88b_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:af5c18868820a4d139ad9c7d6a1d0a78396d96deb455b00a918c7eaf2ffbaa8b_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:30491b87e69ba242c3eacb607c71c13a9957962c0ae75d63fbb1f7aff12e268b_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:614d1860d95c7e9a84ee68bb507f9970d0af63a7df3e744bd5e5a08a2a617914_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:9dbe9316331f9b7725f39d00dc2bc8433482750c8178066b002682894f92ed87_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:3b08518f62a113a06a16ca3bcccbc128703f34815d66162426daabfd9740b2c4_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:4e8a4d0bf152d8f50114d13ce51868506570825123b8df4eed426f524c01bde3_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:7a17b1b04fd0d9ae66ad0dfaacbf9bebe44f77449763cd82bd172551c8dd5906_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:508186184b17d924659ad9dcaa468cd4086bbe958b4dac1a6297e7cd4f88a418_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:c9d56d0bfd800bd72c990829b81676a261c288f783ab44788feffdaa00bd069c_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:ea0fb56298089dfd6ea04c4933e6e15668fe422b60b521cf1388783797ac7852_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:06f31605e19bd7f702e403b815b961f125d92466e208428547069b3712c7a20e_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:6348d3a07a76aa6eb90d1689cdf67a45559e752aec70d06261596f09d7ebca4f_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:c140c1da34f8cb38864f92201ac8c9aa6981318d1bd4ebf87cea698fdb80a6d7_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:7904a53e3117acf2baeae3911c6d1cdfb78964080bf5ff3ff5bff531ca6ef366_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:adbab231c9403261c85b6e4ff2c81c0d19e206106df60fd1551c9e30cb2d83f7_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:bb16d7f7ef2310afacf12a11808c3b792ed1f30929ef9a62ff9b094d3d8512cc_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "jackson-databind: mishandles the interaction between serialization gadgets and typing, related to com.newrelic.agent.deps.ch.qos.logback.core.db.DriverManagerConnectionSource"
},
{
"cve": "CVE-2021-20190",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2020-01-04T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-operator-bundle@sha256:523e689589595cff9ee11393506309c00d23bf8fb945e1475aeeffea3d517897_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:0b3edcd073a1f331c011ebcd4aaa8371f9114b78a48e590df450e1e9006404c3_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:c143f6d1ec4d3d9a917a99c65815752e24e93a5be212c8d41a7f945ffffa67cf_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:f42594e7760bf45ccba9d0494391b07b355d147a8ccfae3db602bceb74d8e35f_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-operator-bundle@sha256:1a88af8ae614593144ab405214444d954aa97ba13baa6ccf3b3498b424f983df_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:667a65330c7ed33805c30896ff9fa979c1aeed8883eb31750af9802f6feb7034_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:a78c13c0c3f17432dee6d22756d6656afffe33081a1db5fad0ab68798fb92580_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:b2359332ffb463d8af90bcc6871b0a5ff4e79ce82243ba89ace96e18e05964fa_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0264dd99af5af4a7a30c2b5830e52980fc59d050cc940f191b32e09df284292a_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0dc6a56baad15c9fa6d0669f6f59ba1c6b444ef75e5d2893fa4bdd970bdfe88b_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:af5c18868820a4d139ad9c7d6a1d0a78396d96deb455b00a918c7eaf2ffbaa8b_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:3b08518f62a113a06a16ca3bcccbc128703f34815d66162426daabfd9740b2c4_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:4e8a4d0bf152d8f50114d13ce51868506570825123b8df4eed426f524c01bde3_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:7a17b1b04fd0d9ae66ad0dfaacbf9bebe44f77449763cd82bd172551c8dd5906_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:508186184b17d924659ad9dcaa468cd4086bbe958b4dac1a6297e7cd4f88a418_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:c9d56d0bfd800bd72c990829b81676a261c288f783ab44788feffdaa00bd069c_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:ea0fb56298089dfd6ea04c4933e6e15668fe422b60b521cf1388783797ac7852_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:06f31605e19bd7f702e403b815b961f125d92466e208428547069b3712c7a20e_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:6348d3a07a76aa6eb90d1689cdf67a45559e752aec70d06261596f09d7ebca4f_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:c140c1da34f8cb38864f92201ac8c9aa6981318d1bd4ebf87cea698fdb80a6d7_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:7904a53e3117acf2baeae3911c6d1cdfb78964080bf5ff3ff5bff531ca6ef366_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:adbab231c9403261c85b6e4ff2c81c0d19e206106df60fd1551c9e30cb2d83f7_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:bb16d7f7ef2310afacf12a11808c3b792ed1f30929ef9a62ff9b094d3d8512cc_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1916633"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in jackson-databind. FasterXML mishandles the interaction between serialization gadgets and typing. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: mishandles the interaction between serialization gadgets and typing, related to javax.swing",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The following Red Hat products do ship the vulnerable component, but do not enable the unsafe conditions needed to exploit, lowering their vulnerability impact:\n* JBoss Data Grid 7\n* Business Process Management Suite 6\n* Business Rules Management Suite 6\n* JBoss Data Virtualization 6\n* Red Hat Fuse Service Works 6\n* Red Hat OpenStack Platform\n* Red Hat OpenShift containers: ose-metering-hadoop, ose-metering-hive, ose-logging-elasticsearch5, ose-logging-elasticsearch6 \nThese products may update the jackson-databind dependency in a future release.\n\nIn Red Hat Openshift 4 there are no plans to maintain the ose-logging-elasticsearch5 container, therefore it has been marked wontfix at this time and may be fixed in a future update. \n\nThe following Red Hat products ship OpenDaylight, which contains the vulnerable jackson-databind, but do not expose jackson-databind in a way that would make it exploitable:\n* Red Hat OpenStack Platform 13\nAs such, Red Hat will not be providing a fix for OpenDaylight at this time.\n\nThe following Red Hat products are not affected by this flaw because they use a more recent version of jackson-databind that does not contain the vulnerable code:\n* CodeReady Studio 12.16.0\n* CodeReady WorkSpaces Server Container\n* Red Hat Enterprise Linux 8\n* Red Hat Enterprise Virtualization\n* Red Hat Satellite 6\n* Red Hat OpenShift container: ose-metering-presto",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:30491b87e69ba242c3eacb607c71c13a9957962c0ae75d63fbb1f7aff12e268b_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:614d1860d95c7e9a84ee68bb507f9970d0af63a7df3e744bd5e5a08a2a617914_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:9dbe9316331f9b7725f39d00dc2bc8433482750c8178066b002682894f92ed87_s390x"
],
"known_not_affected": [
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-operator-bundle@sha256:523e689589595cff9ee11393506309c00d23bf8fb945e1475aeeffea3d517897_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:0b3edcd073a1f331c011ebcd4aaa8371f9114b78a48e590df450e1e9006404c3_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:c143f6d1ec4d3d9a917a99c65815752e24e93a5be212c8d41a7f945ffffa67cf_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:f42594e7760bf45ccba9d0494391b07b355d147a8ccfae3db602bceb74d8e35f_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-operator-bundle@sha256:1a88af8ae614593144ab405214444d954aa97ba13baa6ccf3b3498b424f983df_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:667a65330c7ed33805c30896ff9fa979c1aeed8883eb31750af9802f6feb7034_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:a78c13c0c3f17432dee6d22756d6656afffe33081a1db5fad0ab68798fb92580_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:b2359332ffb463d8af90bcc6871b0a5ff4e79ce82243ba89ace96e18e05964fa_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0264dd99af5af4a7a30c2b5830e52980fc59d050cc940f191b32e09df284292a_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0dc6a56baad15c9fa6d0669f6f59ba1c6b444ef75e5d2893fa4bdd970bdfe88b_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:af5c18868820a4d139ad9c7d6a1d0a78396d96deb455b00a918c7eaf2ffbaa8b_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:3b08518f62a113a06a16ca3bcccbc128703f34815d66162426daabfd9740b2c4_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:4e8a4d0bf152d8f50114d13ce51868506570825123b8df4eed426f524c01bde3_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:7a17b1b04fd0d9ae66ad0dfaacbf9bebe44f77449763cd82bd172551c8dd5906_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:508186184b17d924659ad9dcaa468cd4086bbe958b4dac1a6297e7cd4f88a418_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:c9d56d0bfd800bd72c990829b81676a261c288f783ab44788feffdaa00bd069c_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:ea0fb56298089dfd6ea04c4933e6e15668fe422b60b521cf1388783797ac7852_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:06f31605e19bd7f702e403b815b961f125d92466e208428547069b3712c7a20e_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:6348d3a07a76aa6eb90d1689cdf67a45559e752aec70d06261596f09d7ebca4f_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:c140c1da34f8cb38864f92201ac8c9aa6981318d1bd4ebf87cea698fdb80a6d7_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:7904a53e3117acf2baeae3911c6d1cdfb78964080bf5ff3ff5bff531ca6ef366_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:adbab231c9403261c85b6e4ff2c81c0d19e206106df60fd1551c9e30cb2d83f7_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:bb16d7f7ef2310afacf12a11808c3b792ed1f30929ef9a62ff9b094d3d8512cc_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-20190"
},
{
"category": "external",
"summary": "RHBZ#1916633",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1916633"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-20190",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20190"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-20190",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-20190"
},
{
"category": "external",
"summary": "https://github.com/advisories/GHSA-5949-rw7g-wx7w",
"url": "https://github.com/advisories/GHSA-5949-rw7g-wx7w"
}
],
"release_date": "2021-01-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-05-06T13:38:14+00:00",
"details": "For OpenShift Container Platform 4.7 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:\n\nhttps://docs.openshift.com/container-platform/4.7/release_notes/ocp-4-7-release-notes.html\n\nFor Red Hat OpenShift Logging 5.0, see the following instructions to apply this update:\n\nhttps://docs.openshift.com/container-platform/4.7/logging/cluster-logging-upgrading.html",
"product_ids": [
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:30491b87e69ba242c3eacb607c71c13a9957962c0ae75d63fbb1f7aff12e268b_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:614d1860d95c7e9a84ee68bb507f9970d0af63a7df3e744bd5e5a08a2a617914_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:9dbe9316331f9b7725f39d00dc2bc8433482750c8178066b002682894f92ed87_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:1515"
},
{
"category": "workaround",
"details": "The following conditions are needed for an exploit, we recommend avoiding all if possible:\n* Deserialization from sources you do not control\n* `enableDefaultTyping()`\n* `@JsonTypeInfo using `id.CLASS` or `id.MINIMAL_CLASS`\n* avoid javax.swing in the classpath",
"product_ids": [
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-operator-bundle@sha256:523e689589595cff9ee11393506309c00d23bf8fb945e1475aeeffea3d517897_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:0b3edcd073a1f331c011ebcd4aaa8371f9114b78a48e590df450e1e9006404c3_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:c143f6d1ec4d3d9a917a99c65815752e24e93a5be212c8d41a7f945ffffa67cf_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:f42594e7760bf45ccba9d0494391b07b355d147a8ccfae3db602bceb74d8e35f_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-operator-bundle@sha256:1a88af8ae614593144ab405214444d954aa97ba13baa6ccf3b3498b424f983df_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:667a65330c7ed33805c30896ff9fa979c1aeed8883eb31750af9802f6feb7034_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:a78c13c0c3f17432dee6d22756d6656afffe33081a1db5fad0ab68798fb92580_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:b2359332ffb463d8af90bcc6871b0a5ff4e79ce82243ba89ace96e18e05964fa_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0264dd99af5af4a7a30c2b5830e52980fc59d050cc940f191b32e09df284292a_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0dc6a56baad15c9fa6d0669f6f59ba1c6b444ef75e5d2893fa4bdd970bdfe88b_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:af5c18868820a4d139ad9c7d6a1d0a78396d96deb455b00a918c7eaf2ffbaa8b_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:30491b87e69ba242c3eacb607c71c13a9957962c0ae75d63fbb1f7aff12e268b_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:614d1860d95c7e9a84ee68bb507f9970d0af63a7df3e744bd5e5a08a2a617914_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:9dbe9316331f9b7725f39d00dc2bc8433482750c8178066b002682894f92ed87_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:3b08518f62a113a06a16ca3bcccbc128703f34815d66162426daabfd9740b2c4_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:4e8a4d0bf152d8f50114d13ce51868506570825123b8df4eed426f524c01bde3_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:7a17b1b04fd0d9ae66ad0dfaacbf9bebe44f77449763cd82bd172551c8dd5906_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:508186184b17d924659ad9dcaa468cd4086bbe958b4dac1a6297e7cd4f88a418_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:c9d56d0bfd800bd72c990829b81676a261c288f783ab44788feffdaa00bd069c_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:ea0fb56298089dfd6ea04c4933e6e15668fe422b60b521cf1388783797ac7852_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:06f31605e19bd7f702e403b815b961f125d92466e208428547069b3712c7a20e_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:6348d3a07a76aa6eb90d1689cdf67a45559e752aec70d06261596f09d7ebca4f_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:c140c1da34f8cb38864f92201ac8c9aa6981318d1bd4ebf87cea698fdb80a6d7_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:7904a53e3117acf2baeae3911c6d1cdfb78964080bf5ff3ff5bff531ca6ef366_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:adbab231c9403261c85b6e4ff2c81c0d19e206106df60fd1551c9e30cb2d83f7_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:bb16d7f7ef2310afacf12a11808c3b792ed1f30929ef9a62ff9b094d3d8512cc_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-operator-bundle@sha256:523e689589595cff9ee11393506309c00d23bf8fb945e1475aeeffea3d517897_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:0b3edcd073a1f331c011ebcd4aaa8371f9114b78a48e590df450e1e9006404c3_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:c143f6d1ec4d3d9a917a99c65815752e24e93a5be212c8d41a7f945ffffa67cf_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:f42594e7760bf45ccba9d0494391b07b355d147a8ccfae3db602bceb74d8e35f_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-operator-bundle@sha256:1a88af8ae614593144ab405214444d954aa97ba13baa6ccf3b3498b424f983df_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:667a65330c7ed33805c30896ff9fa979c1aeed8883eb31750af9802f6feb7034_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:a78c13c0c3f17432dee6d22756d6656afffe33081a1db5fad0ab68798fb92580_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:b2359332ffb463d8af90bcc6871b0a5ff4e79ce82243ba89ace96e18e05964fa_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0264dd99af5af4a7a30c2b5830e52980fc59d050cc940f191b32e09df284292a_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0dc6a56baad15c9fa6d0669f6f59ba1c6b444ef75e5d2893fa4bdd970bdfe88b_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:af5c18868820a4d139ad9c7d6a1d0a78396d96deb455b00a918c7eaf2ffbaa8b_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:30491b87e69ba242c3eacb607c71c13a9957962c0ae75d63fbb1f7aff12e268b_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:614d1860d95c7e9a84ee68bb507f9970d0af63a7df3e744bd5e5a08a2a617914_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:9dbe9316331f9b7725f39d00dc2bc8433482750c8178066b002682894f92ed87_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:3b08518f62a113a06a16ca3bcccbc128703f34815d66162426daabfd9740b2c4_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:4e8a4d0bf152d8f50114d13ce51868506570825123b8df4eed426f524c01bde3_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:7a17b1b04fd0d9ae66ad0dfaacbf9bebe44f77449763cd82bd172551c8dd5906_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:508186184b17d924659ad9dcaa468cd4086bbe958b4dac1a6297e7cd4f88a418_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:c9d56d0bfd800bd72c990829b81676a261c288f783ab44788feffdaa00bd069c_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:ea0fb56298089dfd6ea04c4933e6e15668fe422b60b521cf1388783797ac7852_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:06f31605e19bd7f702e403b815b961f125d92466e208428547069b3712c7a20e_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:6348d3a07a76aa6eb90d1689cdf67a45559e752aec70d06261596f09d7ebca4f_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:c140c1da34f8cb38864f92201ac8c9aa6981318d1bd4ebf87cea698fdb80a6d7_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:7904a53e3117acf2baeae3911c6d1cdfb78964080bf5ff3ff5bff531ca6ef366_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:adbab231c9403261c85b6e4ff2c81c0d19e206106df60fd1551c9e30cb2d83f7_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:bb16d7f7ef2310afacf12a11808c3b792ed1f30929ef9a62ff9b094d3d8512cc_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "jackson-databind: mishandles the interaction between serialization gadgets and typing, related to javax.swing"
}
]
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…