Vulnerability-Lookup

CVE-2020-2099 (GCVE-0-2020-2099)

Vulnerability from cvelistv5 – Published: 2020-01-29 15:15 – Updated: 2024-08-04 07:01

Summary

Jenkins 2.213 and earlier, LTS 2.204.1 and earlier improperly reuses encryption key parameters in the Inbound TCP Agent Protocol/3, allowing unauthorized attackers with knowledge of agent names to obtain the connection secrets for those agents, which can be used to connect to Jenkins, impersonating those agents.

Severity ?

No CVSS data available.

Assigner

jenkins

References

6 references

URL	Tags
https://jenkins.io/security/advisory/2020-01-29/#…	x_refsource_CONFIRM
http://www.openwall.com/lists/oss-security/2020/01/29/1	mailing-listx_refsource_MLIST
https://access.redhat.com/errata/RHSA-2020:0681	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2020:0683	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHBA-2020:0402	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHBA-2020:0675	vendor-advisoryx_refsource_REDHAT

Impacted products

1 product

Vendor	Product	Version
Jenkins project	Jenkins	Affected: unspecified , ≤ 2.213 (custom) Affected: unspecified , ≤ LTS 2.204.1 (custom)

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T07:01:39.729Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://jenkins.io/security/advisory/2020-01-29/#SECURITY-1682"
          },
          {
            "name": "[oss-security] 20200129 Multiple vulnerabilities in Jenkins and Jenkins plugins",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2020/01/29/1"
          },
          {
            "name": "RHSA-2020:0681",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2020:0681"
          },
          {
            "name": "RHSA-2020:0683",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2020:0683"
          },
          {
            "name": "RHBA-2020:0402",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHBA-2020:0402"
          },
          {
            "name": "RHBA-2020:0675",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHBA-2020:0675"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Jenkins",
          "vendor": "Jenkins project",
          "versions": [
            {
              "lessThanOrEqual": "2.213",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            },
            {
              "lessThanOrEqual": "LTS 2.204.1",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Jenkins 2.213 and earlier, LTS 2.204.1 and earlier improperly reuses encryption key parameters in the Inbound TCP Agent Protocol/3, allowing unauthorized attackers with knowledge of agent names to obtain the connection secrets for those agents, which can be used to connect to Jenkins, impersonating those agents."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-10-24T16:04:53.193Z",
        "orgId": "39769cd5-e6e2-4dc8-927e-97b3aa056f5b",
        "shortName": "jenkins"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://jenkins.io/security/advisory/2020-01-29/#SECURITY-1682"
        },
        {
          "name": "[oss-security] 20200129 Multiple vulnerabilities in Jenkins and Jenkins plugins",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2020/01/29/1"
        },
        {
          "name": "RHSA-2020:0681",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2020:0681"
        },
        {
          "name": "RHSA-2020:0683",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2020:0683"
        },
        {
          "name": "RHBA-2020:0402",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHBA-2020:0402"
        },
        {
          "name": "RHBA-2020:0675",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHBA-2020:0675"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "jenkinsci-cert@googlegroups.com",
          "ID": "CVE-2020-2099",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Jenkins",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c=",
                            "version_value": "2.213"
                          },
                          {
                            "version_affected": "\u003c=",
                            "version_value": "LTS 2.204.1"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Jenkins project"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Jenkins 2.213 and earlier, LTS 2.204.1 and earlier improperly reuses encryption key parameters in the Inbound TCP Agent Protocol/3, allowing unauthorized attackers with knowledge of agent names to obtain the connection secrets for those agents, which can be used to connect to Jenkins, impersonating those agents."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-323: Reusing a Nonce, Key Pair in Encryption"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://jenkins.io/security/advisory/2020-01-29/#SECURITY-1682",
              "refsource": "CONFIRM",
              "url": "https://jenkins.io/security/advisory/2020-01-29/#SECURITY-1682"
            },
            {
              "name": "[oss-security] 20200129 Multiple vulnerabilities in Jenkins and Jenkins plugins",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2020/01/29/1"
            },
            {
              "name": "RHSA-2020:0681",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2020:0681"
            },
            {
              "name": "RHSA-2020:0683",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2020:0683"
            },
            {
              "name": "RHBA-2020:0402",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHBA-2020:0402"
            },
            {
              "name": "RHBA-2020:0675",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHBA-2020:0675"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "39769cd5-e6e2-4dc8-927e-97b3aa056f5b",
    "assignerShortName": "jenkins",
    "cveId": "CVE-2020-2099",
    "datePublished": "2020-01-29T15:15:27.000Z",
    "dateReserved": "2019-12-05T00:00:00.000Z",
    "dateUpdated": "2024-08-04T07:01:39.729Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "epss": {
      "cve": "CVE-2020-2099",
      "date": "2026-05-23",
      "epss": "0.00643",
      "percentile": "0.70892"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2020-2099\",\"sourceIdentifier\":\"jenkinsci-cert@googlegroups.com\",\"published\":\"2020-01-29T16:15:12.037\",\"lastModified\":\"2024-11-21T05:24:37.080\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Jenkins 2.213 and earlier, LTS 2.204.1 and earlier improperly reuses encryption key parameters in the Inbound TCP Agent Protocol/3, allowing unauthorized attackers with knowledge of agent names to obtain the connection secrets for those agents, which can be used to connect to Jenkins, impersonating those agents.\"},{\"lang\":\"es\",\"value\":\"Jenkins versiones 2.213 y anteriores, versiones LTS 2.204.1 y anteriores, reutilizan inapropiadamente los par\u00e1metros de clave de cifrado en el Inbound TCP Agent Protocol/3, permitiendo a atacantes no autorizados con conocimiento de los nombres de los agentes obtener los secretos de conexi\u00f3n para esos agentes, que pueden ser usados para conectar con Jenkins , haci\u00e9ndose pasar por esos agentes.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L\",\"baseScore\":8.6,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"LOW\",\"availabilityImpact\":\"LOW\"},\"exploitabilityScore\":3.9,\"impactScore\":4.7}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:P/I:P/A:P\",\"baseScore\":7.5,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":10.0,\"impactScore\":6.4,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-330\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:jenkins:jenkins:*:*:*:*:lts:*:*:*\",\"versionEndIncluding\":\"2.204.1\",\"matchCriteriaId\":\"EAACE161-BE2D-4BB8-9795-3D76F19433C1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:jenkins:jenkins:*:*:*:*:-:*:*:*\",\"versionEndIncluding\":\"2.218\",\"matchCriteriaId\":\"F0F83033-6C48-4AF2-BB2A-157A09D79538\"}]}]}],\"references\":[{\"url\":\"http://www.openwall.com/lists/oss-security/2020/01/29/1\",\"source\":\"jenkinsci-cert@googlegroups.com\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHBA-2020:0402\",\"source\":\"jenkinsci-cert@googlegroups.com\"},{\"url\":\"https://access.redhat.com/errata/RHBA-2020:0675\",\"source\":\"jenkinsci-cert@googlegroups.com\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2020:0681\",\"source\":\"jenkinsci-cert@googlegroups.com\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2020:0683\",\"source\":\"jenkinsci-cert@googlegroups.com\"},{\"url\":\"https://jenkins.io/security/advisory/2020-01-29/#SECURITY-1682\",\"source\":\"jenkinsci-cert@googlegroups.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2020/01/29/1\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHBA-2020:0402\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://access.redhat.com/errata/RHBA-2020:0675\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2020:0681\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2020:0683\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://jenkins.io/security/advisory/2020-01-29/#SECURITY-1682\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]}]}}"
  }
}

bit-jenkins-2020-2099

Vulnerability from bitnami_vulndb

Published

2024-03-06 11:07

Modified

2025-04-03 14:40

Summary

Details

JSON

To clipboard

{
  "affected": [
    {
      "package": {
        "ecosystem": "Bitnami",
        "name": "jenkins",
        "purl": "pkg:bitnami/jenkins"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "2.218.1"
            }
          ],
          "type": "SEMVER"
        }
      ],
      "severity": [
        {
          "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L",
          "type": "CVSS_V3"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2020-2099"
  ],
  "database_specific": {
    "cpes": [
      "cpe:2.3:a:jenkins:jenkins:*:*:*:*:-:*:*:*",
      "cpe:2.3:a:jenkins:jenkins:*:*:*:*:lts:*:*:*"
    ],
    "severity": "High"
  },
  "details": "Jenkins 2.213 and earlier, LTS 2.204.1 and earlier improperly reuses encryption key parameters in the Inbound TCP Agent Protocol/3, allowing unauthorized attackers with knowledge of agent names to obtain the connection secrets for those agents, which can be used to connect to Jenkins, impersonating those agents.",
  "id": "BIT-jenkins-2020-2099",
  "modified": "2025-04-03T14:40:37.652Z",
  "published": "2024-03-06T11:07:09.967Z",
  "references": [
    {
      "type": "WEB",
      "url": "http://www.openwall.com/lists/oss-security/2020/01/29/1"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHBA-2020:0402"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHBA-2020:0675"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2020:0681"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2020:0683"
    },
    {
      "type": "WEB",
      "url": "https://jenkins.io/security/advisory/2020-01-29/#SECURITY-1682"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-2099"
    }
  ],
  "schema_version": "1.5.0"
}

CNVD-2020-17200

Vulnerability from cnvd - Published: 2020-03-16

Title

CloudBees Jenkins存在未明漏洞

Description

CloudBees Jenkins是美国CloudBees公司的一套基于Java开发的持续集成工具。该产品主要用于监控持续的软件版本发布/测试项目和一些定时执行的任务。 Jenkins中存在安全漏洞。该漏洞是源于网络系统或产品中缺少身份验证、访问控制、权限管理等安全措施。攻击者可利用该漏了解代理名称，以获取这些代理的连接秘密，这些秘密可用于连接到Jenkins。，冒充代理商。

Severity

高

Patch Name

CloudBees Jenkins存在未明漏洞的补丁

Patch Description

Formal description

目前厂商已发布升级补丁以修复漏洞，补丁获取链接： https://jenkins.io/security/advisory/2020-01-29/

Reference

http://www.openwall.com/lists/oss-security/2020/01/29/1

Impacted products

Name
['CloudBees Jenkins <=2.213', 'CloudBees Jenkins LTS <=2.204.1']

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2020-2099",
      "cveUrl": "https://nvd.nist.gov/vuln/detail/CVE-2020-2099"
    }
  },
  "description": "CloudBees Jenkins\u662f\u7f8e\u56fdCloudBees\u516c\u53f8\u7684\u4e00\u5957\u57fa\u4e8eJava\u5f00\u53d1\u7684\u6301\u7eed\u96c6\u6210\u5de5\u5177\u3002\u8be5\u4ea7\u54c1\u4e3b\u8981\u7528\u4e8e\u76d1\u63a7\u6301\u7eed\u7684\u8f6f\u4ef6\u7248\u672c\u53d1\u5e03/\u6d4b\u8bd5\u9879\u76ee\u548c\u4e00\u4e9b\u5b9a\u65f6\u6267\u884c\u7684\u4efb\u52a1\u3002\n\nJenkins\u4e2d\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\u3002\u8be5\u6f0f\u6d1e\u662f\u6e90\u4e8e\u7f51\u7edc\u7cfb\u7edf\u6216\u4ea7\u54c1\u4e2d\u7f3a\u5c11\u8eab\u4efd\u9a8c\u8bc1\u3001\u8bbf\u95ee\u63a7\u5236\u3001\u6743\u9650\u7ba1\u7406\u7b49\u5b89\u5168\u63aa\u65bd\u3002\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u4e86\u89e3\u4ee3\u7406\u540d\u79f0\uff0c\u4ee5\u83b7\u53d6\u8fd9\u4e9b\u4ee3\u7406\u7684\u8fde\u63a5\u79d8\u5bc6\uff0c\u8fd9\u4e9b\u79d8\u5bc6\u53ef\u7528\u4e8e\u8fde\u63a5\u5230Jenkins\u3002 \uff0c\u5192\u5145\u4ee3\u7406\u5546\u3002",
  "formalWay": "\u76ee\u524d\u5382\u5546\u5df2\u53d1\u5e03\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u6f0f\u6d1e\uff0c\u8865\u4e01\u83b7\u53d6\u94fe\u63a5\uff1a\r\nhttps://jenkins.io/security/advisory/2020-01-29/",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2020-17200",
  "openTime": "2020-03-16",
  "patchDescription": "CloudBees Jenkins\u662f\u7f8e\u56fdCloudBees\u516c\u53f8\u7684\u4e00\u5957\u57fa\u4e8eJava\u5f00\u53d1\u7684\u6301\u7eed\u96c6\u6210\u5de5\u5177\u3002\u8be5\u4ea7\u54c1\u4e3b\u8981\u7528\u4e8e\u76d1\u63a7\u6301\u7eed\u7684\u8f6f\u4ef6\u7248\u672c\u53d1\u5e03/\u6d4b\u8bd5\u9879\u76ee\u548c\u4e00\u4e9b\u5b9a\u65f6\u6267\u884c\u7684\u4efb\u52a1\u3002\r\n\r\nJenkins\u4e2d\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\u3002\u8be5\u6f0f\u6d1e\u662f\u6e90\u4e8e\u7f51\u7edc\u7cfb\u7edf\u6216\u4ea7\u54c1\u4e2d\u7f3a\u5c11\u8eab\u4efd\u9a8c\u8bc1\u3001\u8bbf\u95ee\u63a7\u5236\u3001\u6743\u9650\u7ba1\u7406\u7b49\u5b89\u5168\u63aa\u65bd\u3002\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u4e86\u89e3\u4ee3\u7406\u540d\u79f0\uff0c\u4ee5\u83b7\u53d6\u8fd9\u4e9b\u4ee3\u7406\u7684\u8fde\u63a5\u79d8\u5bc6\uff0c\u8fd9\u4e9b\u79d8\u5bc6\u53ef\u7528\u4e8e\u8fde\u63a5\u5230Jenkins\uff0c\u5192\u5145\u4ee3\u7406\u5546\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "CloudBees Jenkins\u5b58\u5728\u672a\u660e\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": [
      "CloudBees Jenkins \u003c=2.213",
      "CloudBees Jenkins LTS \u003c=2.204.1"
    ]
  },
  "referenceLink": "http://www.openwall.com/lists/oss-security/2020/01/29/1",
  "serverity": "\u9ad8",
  "submitTime": "2020-02-14",
  "title": "CloudBees Jenkins\u5b58\u5728\u672a\u660e\u6f0f\u6d1e"
}

FKIE_CVE-2020-2099

Vulnerability from fkie_nvd - Published: 2020-01-29 16:15 - Updated: 2024-11-21 05:24

Severity ?

8.6 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L

Summary

References

URL	Tags
jenkinsci-cert@googlegroups.com	http://www.openwall.com/lists/oss-security/2020/01/29/1	Mailing List, Third Party Advisory
jenkinsci-cert@googlegroups.com	https://access.redhat.com/errata/RHBA-2020:0402
jenkinsci-cert@googlegroups.com	https://access.redhat.com/errata/RHBA-2020:0675
jenkinsci-cert@googlegroups.com	https://access.redhat.com/errata/RHSA-2020:0681
jenkinsci-cert@googlegroups.com	https://access.redhat.com/errata/RHSA-2020:0683
jenkinsci-cert@googlegroups.com	https://jenkins.io/security/advisory/2020-01-29/#SECURITY-1682	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.openwall.com/lists/oss-security/2020/01/29/1	Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://access.redhat.com/errata/RHBA-2020:0402
af854a3a-2127-422b-91ae-364da2661108	https://access.redhat.com/errata/RHBA-2020:0675
af854a3a-2127-422b-91ae-364da2661108	https://access.redhat.com/errata/RHSA-2020:0681
af854a3a-2127-422b-91ae-364da2661108	https://access.redhat.com/errata/RHSA-2020:0683
af854a3a-2127-422b-91ae-364da2661108	https://jenkins.io/security/advisory/2020-01-29/#SECURITY-1682	Vendor Advisory

Impacted products

	Vendor	Product	Version
	jenkins	jenkins	*
	jenkins	jenkins	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:jenkins:jenkins:*:*:*:*:lts:*:*:*",
              "matchCriteriaId": "EAACE161-BE2D-4BB8-9795-3D76F19433C1",
              "versionEndIncluding": "2.204.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:jenkins:jenkins:*:*:*:*:-:*:*:*",
              "matchCriteriaId": "F0F83033-6C48-4AF2-BB2A-157A09D79538",
              "versionEndIncluding": "2.218",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Jenkins 2.213 and earlier, LTS 2.204.1 and earlier improperly reuses encryption key parameters in the Inbound TCP Agent Protocol/3, allowing unauthorized attackers with knowledge of agent names to obtain the connection secrets for those agents, which can be used to connect to Jenkins, impersonating those agents."
    },
    {
      "lang": "es",
      "value": "Jenkins versiones 2.213 y anteriores, versiones LTS 2.204.1 y anteriores, reutilizan inapropiadamente los par\u00e1metros de clave de cifrado en el Inbound TCP Agent Protocol/3, permitiendo a atacantes no autorizados con conocimiento de los nombres de los agentes obtener los secretos de conexi\u00f3n para esos agentes, que pueden ser usados para conectar con Jenkins , haci\u00e9ndose pasar por esos agentes."
    }
  ],
  "id": "CVE-2020-2099",
  "lastModified": "2024-11-21T05:24:37.080",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 7.5,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "LOW",
          "baseScore": 8.6,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "LOW",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 4.7,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2020-01-29T16:15:12.037",
  "references": [
    {
      "source": "jenkinsci-cert@googlegroups.com",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://www.openwall.com/lists/oss-security/2020/01/29/1"
    },
    {
      "source": "jenkinsci-cert@googlegroups.com",
      "url": "https://access.redhat.com/errata/RHBA-2020:0402"
    },
    {
      "source": "jenkinsci-cert@googlegroups.com",
      "url": "https://access.redhat.com/errata/RHBA-2020:0675"
    },
    {
      "source": "jenkinsci-cert@googlegroups.com",
      "url": "https://access.redhat.com/errata/RHSA-2020:0681"
    },
    {
      "source": "jenkinsci-cert@googlegroups.com",
      "url": "https://access.redhat.com/errata/RHSA-2020:0683"
    },
    {
      "source": "jenkinsci-cert@googlegroups.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://jenkins.io/security/advisory/2020-01-29/#SECURITY-1682"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://www.openwall.com/lists/oss-security/2020/01/29/1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://access.redhat.com/errata/RHBA-2020:0402"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://access.redhat.com/errata/RHBA-2020:0675"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://access.redhat.com/errata/RHSA-2020:0681"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://access.redhat.com/errata/RHSA-2020:0683"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://jenkins.io/security/advisory/2020-01-29/#SECURITY-1682"
    }
  ],
  "sourceIdentifier": "jenkinsci-cert@googlegroups.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-330"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

GHSA-QP4F-2W67-C8HW

Vulnerability from github – Published: 2022-05-24 17:07 – Updated: 2022-12-16 22:56

Summary

Inbound TCP Agent Protocol/3 authentication bypass in Jenkins

Details

Jenkins 2.213 and earlier, LTS 2.204.1 and earlier includes support for the Inbound TCP Agent Protocol/3 for communication between controller and agents. While this protocol has been deprecated in 2018 and was recently removed from Jenkins in 2.214, it could still easily be enabled in Jenkins LTS 2.204.1, 2.213, and older.

This protocol incorrectly reuses encryption parameters which allow an unauthenticated remote attacker to determine the connection secret. This secret can then be used to connect attacker-controlled Jenkins agents to the Jenkins controller.

Jenkins 2.204.2 no longer allows for the use of Inbound TCP Agent Protocol/3 by default. The system property jenkins.slaves.JnlpSlaveAgentProtocol3.ALLOW_UNSAFE can be set to true to allow enabling the Inbound TCP Agent Protocol/3 in Jenkins 2.204.2, but doing so is strongly discouraged.

Inbound TCP Agent Protocol/3 was removed completely from Jenkins 2.214 and will not be part of Jenkins LTS after the end of the 2.204.x line.

Severity ?

8.6 (High)


                  
                    CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L

Show details on source website

JSON

To clipboard

{
  "affected": [
    {
      "package": {
        "ecosystem": "Maven",
        "name": "org.jenkins-ci.main:jenkins-core"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "2.204.2"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "Maven",
        "name": "org.jenkins-ci.main:jenkins-core"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "2.205"
            },
            {
              "fixed": "2.214"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2020-2099"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-323",
      "CWE-330"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2022-12-16T22:56:05Z",
    "nvd_published_at": "2020-01-29T16:15:00Z",
    "severity": "HIGH"
  },
  "details": "Jenkins 2.213 and earlier, LTS 2.204.1 and earlier includes support for the Inbound TCP Agent Protocol/3 for communication between controller and agents. While [this protocol has been deprecated in 2018](https://www.jenkins.io/changelog-old/#v2.128) and was recently removed from Jenkins in 2.214, it could still easily be enabled in Jenkins LTS 2.204.1, 2.213, and older.\n\nThis protocol incorrectly reuses encryption parameters which allow an unauthenticated remote attacker to determine the connection secret. This secret can then be used to connect attacker-controlled Jenkins agents to the Jenkins controller.\n\nJenkins 2.204.2 no longer allows for the use of Inbound TCP Agent Protocol/3 by default. The system property `jenkins.slaves.JnlpSlaveAgentProtocol3.ALLOW_UNSAFE` can be set to `true` to allow enabling the Inbound TCP Agent Protocol/3 in Jenkins 2.204.2, but doing so is strongly discouraged.\n\nInbound TCP Agent Protocol/3 was removed completely from Jenkins 2.214 and will not be part of Jenkins LTS after the end of the 2.204.x line.",
  "id": "GHSA-qp4f-2w67-c8hw",
  "modified": "2022-12-16T22:56:05Z",
  "published": "2022-05-24T17:07:40Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-2099"
    },
    {
      "type": "WEB",
      "url": "https://github.com/jenkinsci/jenkins/commit/5054bc6e12e1022993d719f66e289ab1d22ae854"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHBA-2020:0402"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHBA-2020:0675"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2020:0681"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2020:0683"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/jenkinsci/jenkins"
    },
    {
      "type": "WEB",
      "url": "https://jenkins.io/security/advisory/2020-01-29/#SECURITY-1682"
    },
    {
      "type": "WEB",
      "url": "http://www.openwall.com/lists/oss-security/2020/01/29/1"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L",
      "type": "CVSS_V3"
    }
  ],
  "summary": "Inbound TCP Agent Protocol/3 authentication bypass in Jenkins"
}

GSD-2020-2099

Vulnerability from gsd - Updated: 2023-12-13 01:21

Details

Aliases

CVE-2020-2099

Aliases

CVE-2020-2099

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2020-2099",
    "description": "Jenkins 2.213 and earlier, LTS 2.204.1 and earlier improperly reuses encryption key parameters in the Inbound TCP Agent Protocol/3, allowing unauthorized attackers with knowledge of agent names to obtain the connection secrets for those agents, which can be used to connect to Jenkins, impersonating those agents.",
    "id": "GSD-2020-2099",
    "references": [
      "https://access.redhat.com/errata/RHBA-2020:0675",
      "https://access.redhat.com/errata/RHBA-2020:0402"
    ]
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2020-2099"
      ],
      "details": "Jenkins 2.213 and earlier, LTS 2.204.1 and earlier improperly reuses encryption key parameters in the Inbound TCP Agent Protocol/3, allowing unauthorized attackers with knowledge of agent names to obtain the connection secrets for those agents, which can be used to connect to Jenkins, impersonating those agents.",
      "id": "GSD-2020-2099",
      "modified": "2023-12-13T01:21:51.141834Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "jenkinsci-cert@googlegroups.com",
        "ID": "CVE-2020-2099",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "Jenkins",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "\u003c=",
                          "version_name": "unspecified",
                          "version_value": "2.213"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "Jenkins project"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "Jenkins 2.213 and earlier, LTS 2.204.1 and earlier improperly reuses encryption key parameters in the Inbound TCP Agent Protocol/3, allowing unauthorized attackers with knowledge of agent names to obtain the connection secrets for those agents, which can be used to connect to Jenkins, impersonating those agents."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "https://jenkins.io/security/advisory/2020-01-29/#SECURITY-1682",
            "refsource": "MISC",
            "url": "https://jenkins.io/security/advisory/2020-01-29/#SECURITY-1682"
          },
          {
            "name": "http://www.openwall.com/lists/oss-security/2020/01/29/1",
            "refsource": "MISC",
            "url": "http://www.openwall.com/lists/oss-security/2020/01/29/1"
          },
          {
            "name": "https://access.redhat.com/errata/RHSA-2020:0681",
            "refsource": "MISC",
            "url": "https://access.redhat.com/errata/RHSA-2020:0681"
          },
          {
            "name": "https://access.redhat.com/errata/RHSA-2020:0683",
            "refsource": "MISC",
            "url": "https://access.redhat.com/errata/RHSA-2020:0683"
          },
          {
            "name": "https://access.redhat.com/errata/RHBA-2020:0402",
            "refsource": "MISC",
            "url": "https://access.redhat.com/errata/RHBA-2020:0402"
          },
          {
            "name": "https://access.redhat.com/errata/RHBA-2020:0675",
            "refsource": "MISC",
            "url": "https://access.redhat.com/errata/RHBA-2020:0675"
          }
        ]
      }
    },
    "gitlab.com": {
      "advisories": [
        {
          "affected_range": "(,2.218]",
          "affected_versions": "All versions up to 2.218",
          "cvss_v2": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
          "cvss_v3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L",
          "cwe_ids": [
            "CWE-1035",
            "CWE-330",
            "CWE-937"
          ],
          "date": "2020-03-17",
          "description": "Jenkins improperly reuses encryption key parameters in the Inbound TCP Agent Protocol/3, allowing unauthorized attackers with knowledge of agent names to obtain the connection secrets for those agents, which can be used to connect to Jenkins, impersonating those agents.",
          "fixed_versions": [
            "2.219"
          ],
          "identifier": "CVE-2020-2099",
          "identifiers": [
            "CVE-2020-2099"
          ],
          "not_impacted": "All versions after 2.218",
          "package_slug": "maven/org.jenkins-ci.main/jenkins-core",
          "pubdate": "2020-01-29",
          "solution": "Upgrade to version 2.219 or above.",
          "title": "Use of Insufficiently Random Values",
          "urls": [
            "https://nvd.nist.gov/vuln/detail/CVE-2020-2099",
            "https://jenkins.io/security/advisory/2020-01-29/#SECURITY-1682"
          ],
          "uuid": "13d690a1-75dd-448a-90d8-2451ed3a68b6"
        }
      ]
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:jenkins:jenkins:*:*:*:*:-:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "2.218",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:jenkins:jenkins:*:*:*:*:lts:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "2.204.1",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "jenkinsci-cert@googlegroups.com",
          "ID": "CVE-2020-2099"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "Jenkins 2.213 and earlier, LTS 2.204.1 and earlier improperly reuses encryption key parameters in the Inbound TCP Agent Protocol/3, allowing unauthorized attackers with knowledge of agent names to obtain the connection secrets for those agents, which can be used to connect to Jenkins, impersonating those agents."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-330"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://jenkins.io/security/advisory/2020-01-29/#SECURITY-1682",
              "refsource": "CONFIRM",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "https://jenkins.io/security/advisory/2020-01-29/#SECURITY-1682"
            },
            {
              "name": "[oss-security] 20200129 Multiple vulnerabilities in Jenkins and Jenkins plugins",
              "refsource": "MLIST",
              "tags": [
                "Mailing List",
                "Third Party Advisory"
              ],
              "url": "http://www.openwall.com/lists/oss-security/2020/01/29/1"
            },
            {
              "name": "RHBA-2020:0675",
              "refsource": "REDHAT",
              "tags": [],
              "url": "https://access.redhat.com/errata/RHBA-2020:0675"
            },
            {
              "name": "RHBA-2020:0402",
              "refsource": "REDHAT",
              "tags": [],
              "url": "https://access.redhat.com/errata/RHBA-2020:0402"
            },
            {
              "name": "RHSA-2020:0681",
              "refsource": "REDHAT",
              "tags": [],
              "url": "https://access.redhat.com/errata/RHSA-2020:0681"
            },
            {
              "name": "RHSA-2020:0683",
              "refsource": "REDHAT",
              "tags": [],
              "url": "https://access.redhat.com/errata/RHSA-2020:0683"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "acInsufInfo": false,
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 7.5,
            "confidentialityImpact": "PARTIAL",
            "integrityImpact": "PARTIAL",
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          "exploitabilityScore": 10.0,
          "impactScore": 6.4,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "HIGH",
          "userInteractionRequired": false
        },
        "baseMetricV3": {
          "cvssV3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 8.6,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L",
            "version": "3.1"
          },
          "exploitabilityScore": 3.9,
          "impactScore": 4.7
        }
      },
      "lastModifiedDate": "2023-10-25T18:16Z",
      "publishedDate": "2020-01-29T16:15Z"
    }
  }
}

RHBA-2020:0402

Vulnerability from csaf_redhat - Published: 2020-02-19 19:55 - Updated: 2026-05-14 18:25

Summary

Red Hat Bug Fix Advisory: OpenShift Container Platform 3.11 bug fix update

Severity

Important

Notes

Topic: Red Hat OpenShift Container Platform release 3.11.170 is now available with updates to packages and images that fix several bugs.

Details: Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the RPM packages for Red Hat OpenShift Container Platform 3.11.170. See the following advisory for the container images for this release: https://access.redhat.com/errata/RHBA-2020:0403 This release fixes the following bugs: * The Cluster Monitoring Operator playbook would reset the CMO ConfigMap every time it was executed, and manual changes to the ConfigMap were lost. Now, etcd monitoring can be configured with Ansible and changes made to the ConfigMap are now persistent when the playbook is executed. (BZ#1703032) * Prometheeus metrics for ElasticSearch were unavailable to users because the authentication class was instantiated multiple times and without the correct configuration. Now, SAR configuration has been added to the authentication_backend and the multi-tenant plugin executes SARs and allows access to metrics. (BZ#1728856) * The installer was picking the incorrect version of etcd, reverting to an older package version. Now, the install has been updated to use etcd v3.2.26. (BZ#1744900) * Redirection for ConfigMap was incorrect, leading to the console page instead of the ConfigMap details page. Now, the navigateResourceURL filter has been supplied with the namespace in the ConfigMap list page. Redirects will apply to the details page of the selected ConfigMap. (BZ#1782695) * Unexpected iptables rules were saved on the first master host. This was due to the cockpit role operations performed after openshift_sdn roles. Now, the cockpit role runs before the openshift_sdn role and unnecessary sdn rules are not saved during installation. (BZ#1783764) * Due to an incorrect statement in the heketi-template.yml.j2 template,the HEKETI_LVMWRAPPER environment variable was only included in deployments where Gluster runs on an external cluster, and not in the case where Gluster wass deployed on OpenShift in containers. The environment variable wass needed to specify a wrapper for LVM commands so that the commands can be run on the container node, outside the container. The missing variable results in less stability of the LVM configuration. Now, the statement in the heketi-template.yml.j2 template has been corrected and the HEKETI_LVMWRAPPER environment variable is now configured in the DeploymentConfig for the Heketi container. (BZ#1791667) All OpenShift Container Platform 3.11 users are advised to upgrade to these updated packages and images.

Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.

CVE-2019-11358

A Prototype Pollution vulnerability was found in jquery. Untrusted JSON passed to the `extend` function could lead to modifying objects up the prototype chain, including the global Object. A crafted JSON object passed to a vulnerable method could lead to denial of service or data injection, with various consequences.

5.6 (Medium)


                        
                          CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L

CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Affected products

Fixed 87 products

Product	Version	Remediation
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.src	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.170-1.git.1.91db82e.el7.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.170-1.git.1.91db82e.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.src	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.170-1.git.0.00cac56.el7.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.170-1.git.0.00cac56.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.170-1.git.0.00cac56.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.src	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.src	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.170-1.git.0.00cac56.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.170-1.git.1.55fab05.el7.src	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.170-1.git.1.55fab05.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.170-1.git.0.00cac56.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.170-1.git.0.00cac56.el7.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.170-1.git.0.00cac56.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.170-1.git.0.00cac56.el7.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.170-1.git.0.00cac56.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.170-1.git.0.00cac56.el7.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.170-1.git.0.00cac56.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.src	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.170-1.git.0.00cac56.el7.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.170-1.git.0.00cac56.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.src	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.170-1.git.0.00cac56.el7.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.170-1.git.0.00cac56.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.170-1.git.0.00cac56.el7.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.170-1.git.0.00cac56.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.src	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.170-1.git.0.00cac56.el7.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.170-1.git.0.00cac56.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.170-1.git.0.00cac56.el7.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.170-1.git.0.00cac56.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.src	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.src	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.src	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.src	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.170-1.git.1.51473b7.el7.src	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.170-1.git.1.227bc98.el7.src	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:jenkins-0:2.204.2.1580891656-1.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:jenkins-0:2.204.2.1580891656-1.el7.src	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1579107288-1.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1579107288-1.el7.src	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.170-2.git.5.8802564.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.170-2.git.5.8802564.el7.src	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.170-2.git.5.8802564.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.170-2.git.5.8802564.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.170-2.git.5.8802564.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.170-2.git.5.8802564.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.src	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.src	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-kuryr-0:3.11.170-1.git.1.7265da1.el7.src	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-kuryr-cni-0:3.11.170-1.git.1.7265da1.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-kuryr-common-0:3.11.170-1.git.1.7265da1.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-kuryr-controller-0:3.11.170-1.git.1.7265da1.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:prometheus-0:3.11.170-1.git.1.227bc98.el7.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:prometheus-0:3.11.170-1.git.1.227bc98.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.170-1.git.1.51473b7.el7.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.170-1.git.1.51473b7.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:python2-kuryr-kubernetes-0:3.11.170-1.git.1.7265da1.el7.noarch	—	Vendor Fix fix

Threats

Impact Moderate

CVE-2020-2099

A flaw was found in Jenkins. Encryption key parameters are improperly reused in the Inbound TCP Agent Protocol/3 allowing unauthorized attackers with knowledge of agent names to obtain the connection secrets for those agents. The highest threat from this vulnerability is to data confidentiality.

8.6 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L

CWE-305 - Authentication Bypass by Primary Weakness

Affected products

Fixed 87 products

Product	Version	Remediation
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.src	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.170-1.git.1.91db82e.el7.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.170-1.git.1.91db82e.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.src	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.170-1.git.0.00cac56.el7.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.170-1.git.0.00cac56.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.170-1.git.0.00cac56.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.src	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.src	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.170-1.git.0.00cac56.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.170-1.git.1.55fab05.el7.src	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.170-1.git.1.55fab05.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.170-1.git.0.00cac56.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.170-1.git.0.00cac56.el7.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.170-1.git.0.00cac56.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.170-1.git.0.00cac56.el7.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.170-1.git.0.00cac56.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.170-1.git.0.00cac56.el7.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.170-1.git.0.00cac56.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.src	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.170-1.git.0.00cac56.el7.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.170-1.git.0.00cac56.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.src	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.170-1.git.0.00cac56.el7.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.170-1.git.0.00cac56.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.170-1.git.0.00cac56.el7.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.170-1.git.0.00cac56.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.src	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.170-1.git.0.00cac56.el7.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.170-1.git.0.00cac56.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.170-1.git.0.00cac56.el7.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.170-1.git.0.00cac56.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.src	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.src	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.src	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.src	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.170-1.git.1.51473b7.el7.src	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.170-1.git.1.227bc98.el7.src	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:jenkins-0:2.204.2.1580891656-1.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:jenkins-0:2.204.2.1580891656-1.el7.src	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1579107288-1.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1579107288-1.el7.src	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.170-2.git.5.8802564.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.170-2.git.5.8802564.el7.src	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.170-2.git.5.8802564.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.170-2.git.5.8802564.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.170-2.git.5.8802564.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.170-2.git.5.8802564.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.src	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.src	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-kuryr-0:3.11.170-1.git.1.7265da1.el7.src	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-kuryr-cni-0:3.11.170-1.git.1.7265da1.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-kuryr-common-0:3.11.170-1.git.1.7265da1.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-kuryr-controller-0:3.11.170-1.git.1.7265da1.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:prometheus-0:3.11.170-1.git.1.227bc98.el7.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:prometheus-0:3.11.170-1.git.1.227bc98.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.170-1.git.1.51473b7.el7.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.170-1.git.1.51473b7.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:python2-kuryr-kubernetes-0:3.11.170-1.git.1.7265da1.el7.noarch	—	Vendor Fix fix

Threats

Impact Important

CVE-2020-2100

Jenkins 2.218 and earlier, LTS 2.204.1 and earlier was vulnerable to a UDP amplification reflection denial of service attack on port 33848.

5.8 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L

CWE-400 - Uncontrolled Resource Consumption

Affected products

Fixed 87 products

Product	Version	Remediation
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.src	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.170-1.git.1.91db82e.el7.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.170-1.git.1.91db82e.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.src	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.170-1.git.0.00cac56.el7.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.170-1.git.0.00cac56.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.170-1.git.0.00cac56.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.src	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.src	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.170-1.git.0.00cac56.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.170-1.git.1.55fab05.el7.src	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.170-1.git.1.55fab05.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.170-1.git.0.00cac56.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.170-1.git.0.00cac56.el7.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.170-1.git.0.00cac56.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.170-1.git.0.00cac56.el7.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.170-1.git.0.00cac56.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.170-1.git.0.00cac56.el7.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.170-1.git.0.00cac56.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.src	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.170-1.git.0.00cac56.el7.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.170-1.git.0.00cac56.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.src	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.170-1.git.0.00cac56.el7.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.170-1.git.0.00cac56.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.170-1.git.0.00cac56.el7.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.170-1.git.0.00cac56.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.src	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.170-1.git.0.00cac56.el7.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.170-1.git.0.00cac56.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.170-1.git.0.00cac56.el7.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.170-1.git.0.00cac56.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.src	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.src	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.src	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.src	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.170-1.git.1.51473b7.el7.src	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.170-1.git.1.227bc98.el7.src	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:jenkins-0:2.204.2.1580891656-1.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:jenkins-0:2.204.2.1580891656-1.el7.src	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1579107288-1.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1579107288-1.el7.src	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.170-2.git.5.8802564.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.170-2.git.5.8802564.el7.src	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.170-2.git.5.8802564.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.170-2.git.5.8802564.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.170-2.git.5.8802564.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.170-2.git.5.8802564.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.src	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.src	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-kuryr-0:3.11.170-1.git.1.7265da1.el7.src	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-kuryr-cni-0:3.11.170-1.git.1.7265da1.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-kuryr-common-0:3.11.170-1.git.1.7265da1.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-kuryr-controller-0:3.11.170-1.git.1.7265da1.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:prometheus-0:3.11.170-1.git.1.227bc98.el7.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:prometheus-0:3.11.170-1.git.1.227bc98.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.170-1.git.1.51473b7.el7.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.170-1.git.1.51473b7.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:python2-kuryr-kubernetes-0:3.11.170-1.git.1.7265da1.el7.noarch	—	Vendor Fix fix

Threats

Impact Moderate

CVE-2020-2101

Jenkins 2.218 and earlier, LTS 2.204.1 and earlier did not use a constant-time comparison function for validating connection secrets, which could potentially allow an attacker to use a timing attack to obtain this secret.

5.3 (Medium)


                        
                          CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N

CWE-385 - Covert Timing Channel

Affected products

Fixed 87 products

Product	Version	Remediation
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.src	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.170-1.git.1.91db82e.el7.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.170-1.git.1.91db82e.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.src	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.170-1.git.0.00cac56.el7.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.170-1.git.0.00cac56.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.170-1.git.0.00cac56.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.src	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.src	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.170-1.git.0.00cac56.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.170-1.git.1.55fab05.el7.src	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.170-1.git.1.55fab05.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.170-1.git.0.00cac56.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.170-1.git.0.00cac56.el7.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.170-1.git.0.00cac56.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.170-1.git.0.00cac56.el7.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.170-1.git.0.00cac56.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.170-1.git.0.00cac56.el7.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.170-1.git.0.00cac56.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.src	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.170-1.git.0.00cac56.el7.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.170-1.git.0.00cac56.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.src	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.170-1.git.0.00cac56.el7.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.170-1.git.0.00cac56.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.170-1.git.0.00cac56.el7.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.170-1.git.0.00cac56.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.src	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.170-1.git.0.00cac56.el7.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.170-1.git.0.00cac56.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.170-1.git.0.00cac56.el7.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.170-1.git.0.00cac56.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.src	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.src	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.src	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.src	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.170-1.git.1.51473b7.el7.src	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.170-1.git.1.227bc98.el7.src	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:jenkins-0:2.204.2.1580891656-1.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:jenkins-0:2.204.2.1580891656-1.el7.src	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1579107288-1.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1579107288-1.el7.src	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.170-2.git.5.8802564.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.170-2.git.5.8802564.el7.src	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.170-2.git.5.8802564.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.170-2.git.5.8802564.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.170-2.git.5.8802564.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.170-2.git.5.8802564.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.src	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.src	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-kuryr-0:3.11.170-1.git.1.7265da1.el7.src	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-kuryr-cni-0:3.11.170-1.git.1.7265da1.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-kuryr-common-0:3.11.170-1.git.1.7265da1.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-kuryr-controller-0:3.11.170-1.git.1.7265da1.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:prometheus-0:3.11.170-1.git.1.227bc98.el7.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:prometheus-0:3.11.170-1.git.1.227bc98.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.170-1.git.1.51473b7.el7.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.170-1.git.1.51473b7.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:python2-kuryr-kubernetes-0:3.11.170-1.git.1.7265da1.el7.noarch	—	Vendor Fix fix

Threats

Impact Moderate

CVE-2020-2102

Jenkins 2.218 and earlier, LTS 2.204.1 and earlier used a non-constant time comparison function when validating an HMAC.

5.3 (Medium)


                        
                          CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N

CWE-385 - Covert Timing Channel

Affected products

Fixed 87 products

Product	Version	Remediation
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.src	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.170-1.git.1.91db82e.el7.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.170-1.git.1.91db82e.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.src	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.170-1.git.0.00cac56.el7.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.170-1.git.0.00cac56.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.170-1.git.0.00cac56.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.src	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.src	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.170-1.git.0.00cac56.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.170-1.git.1.55fab05.el7.src	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.170-1.git.1.55fab05.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.170-1.git.0.00cac56.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.170-1.git.0.00cac56.el7.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.170-1.git.0.00cac56.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.170-1.git.0.00cac56.el7.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.170-1.git.0.00cac56.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.170-1.git.0.00cac56.el7.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.170-1.git.0.00cac56.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.src	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.170-1.git.0.00cac56.el7.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.170-1.git.0.00cac56.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.src	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.170-1.git.0.00cac56.el7.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.170-1.git.0.00cac56.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.170-1.git.0.00cac56.el7.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.170-1.git.0.00cac56.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.src	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.170-1.git.0.00cac56.el7.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.170-1.git.0.00cac56.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.170-1.git.0.00cac56.el7.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.170-1.git.0.00cac56.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.src	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.src	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.src	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.src	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.170-1.git.1.51473b7.el7.src	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.170-1.git.1.227bc98.el7.src	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:jenkins-0:2.204.2.1580891656-1.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:jenkins-0:2.204.2.1580891656-1.el7.src	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1579107288-1.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1579107288-1.el7.src	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.170-2.git.5.8802564.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.170-2.git.5.8802564.el7.src	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.170-2.git.5.8802564.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.170-2.git.5.8802564.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.170-2.git.5.8802564.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.170-2.git.5.8802564.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.src	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.src	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-kuryr-0:3.11.170-1.git.1.7265da1.el7.src	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-kuryr-cni-0:3.11.170-1.git.1.7265da1.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-kuryr-common-0:3.11.170-1.git.1.7265da1.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-kuryr-controller-0:3.11.170-1.git.1.7265da1.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:prometheus-0:3.11.170-1.git.1.227bc98.el7.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:prometheus-0:3.11.170-1.git.1.227bc98.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.170-1.git.1.51473b7.el7.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.170-1.git.1.51473b7.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:python2-kuryr-kubernetes-0:3.11.170-1.git.1.7265da1.el7.noarch	—	Vendor Fix fix

Threats

Impact Moderate

CVE-2020-2103

Jenkins 2.218 and earlier, LTS 2.204.1 and earlier exposed session identifiers on a user's detail object in the whoAmI diagnostic page.

4.4 (Medium)


                        
                          CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:N

CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor

Affected products

Fixed 87 products

Product	Version	Remediation
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.src	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.170-1.git.1.91db82e.el7.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.170-1.git.1.91db82e.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.src	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.170-1.git.0.00cac56.el7.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.170-1.git.0.00cac56.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.170-1.git.0.00cac56.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.src	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.src	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.170-1.git.0.00cac56.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.170-1.git.1.55fab05.el7.src	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.170-1.git.1.55fab05.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.170-1.git.0.00cac56.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.170-1.git.0.00cac56.el7.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.170-1.git.0.00cac56.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.170-1.git.0.00cac56.el7.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.170-1.git.0.00cac56.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.170-1.git.0.00cac56.el7.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.170-1.git.0.00cac56.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.src	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.170-1.git.0.00cac56.el7.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.170-1.git.0.00cac56.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.src	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.170-1.git.0.00cac56.el7.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.170-1.git.0.00cac56.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.170-1.git.0.00cac56.el7.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.170-1.git.0.00cac56.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.src	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.170-1.git.0.00cac56.el7.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.170-1.git.0.00cac56.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.170-1.git.0.00cac56.el7.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.170-1.git.0.00cac56.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.src	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.src	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.src	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.src	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.170-1.git.1.51473b7.el7.src	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.170-1.git.1.227bc98.el7.src	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:jenkins-0:2.204.2.1580891656-1.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:jenkins-0:2.204.2.1580891656-1.el7.src	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1579107288-1.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1579107288-1.el7.src	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.170-2.git.5.8802564.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.170-2.git.5.8802564.el7.src	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.170-2.git.5.8802564.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.170-2.git.5.8802564.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.170-2.git.5.8802564.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.170-2.git.5.8802564.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.src	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.src	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-kuryr-0:3.11.170-1.git.1.7265da1.el7.src	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-kuryr-cni-0:3.11.170-1.git.1.7265da1.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-kuryr-common-0:3.11.170-1.git.1.7265da1.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-kuryr-controller-0:3.11.170-1.git.1.7265da1.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:prometheus-0:3.11.170-1.git.1.227bc98.el7.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:prometheus-0:3.11.170-1.git.1.227bc98.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.170-1.git.1.51473b7.el7.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.170-1.git.1.51473b7.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:python2-kuryr-kubernetes-0:3.11.170-1.git.1.7265da1.el7.noarch	—	Vendor Fix fix

Threats

Impact Moderate

CVE-2020-2104

Jenkins 2.218 and earlier, LTS 2.204.1 and earlier allowed users with Overall/Read access to view a JVM memory usage chart.

4.3 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor

Affected products

Fixed 87 products

Product	Version	Remediation
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.src	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.170-1.git.1.91db82e.el7.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.170-1.git.1.91db82e.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.src	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.170-1.git.0.00cac56.el7.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.170-1.git.0.00cac56.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.170-1.git.0.00cac56.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.src	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.src	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.170-1.git.0.00cac56.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.170-1.git.1.55fab05.el7.src	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.170-1.git.1.55fab05.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.170-1.git.0.00cac56.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.170-1.git.0.00cac56.el7.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.170-1.git.0.00cac56.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.170-1.git.0.00cac56.el7.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.170-1.git.0.00cac56.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.170-1.git.0.00cac56.el7.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.170-1.git.0.00cac56.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.src	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.170-1.git.0.00cac56.el7.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.170-1.git.0.00cac56.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.src	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.170-1.git.0.00cac56.el7.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.170-1.git.0.00cac56.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.170-1.git.0.00cac56.el7.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.170-1.git.0.00cac56.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.src	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.170-1.git.0.00cac56.el7.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.170-1.git.0.00cac56.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.170-1.git.0.00cac56.el7.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.170-1.git.0.00cac56.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.src	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.src	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.src	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.src	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.170-1.git.1.51473b7.el7.src	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.170-1.git.1.227bc98.el7.src	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:jenkins-0:2.204.2.1580891656-1.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:jenkins-0:2.204.2.1580891656-1.el7.src	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1579107288-1.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1579107288-1.el7.src	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.170-2.git.5.8802564.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.170-2.git.5.8802564.el7.src	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.170-2.git.5.8802564.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.170-2.git.5.8802564.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.170-2.git.5.8802564.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.170-2.git.5.8802564.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.src	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.src	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-kuryr-0:3.11.170-1.git.1.7265da1.el7.src	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-kuryr-cni-0:3.11.170-1.git.1.7265da1.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-kuryr-common-0:3.11.170-1.git.1.7265da1.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-kuryr-controller-0:3.11.170-1.git.1.7265da1.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:prometheus-0:3.11.170-1.git.1.227bc98.el7.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:prometheus-0:3.11.170-1.git.1.227bc98.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.170-1.git.1.51473b7.el7.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.170-1.git.1.51473b7.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:python2-kuryr-kubernetes-0:3.11.170-1.git.1.7265da1.el7.noarch	—	Vendor Fix fix

Threats

Impact Low

CVE-2020-2105

REST API endpoints in Jenkins 2.218 and earlier, LTS 2.204.1 and earlier were vulnerable to clickjacking attacks.

3.1 (Low)


                        
                          CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N

CWE-1021 - Improper Restriction of Rendered UI Layers or Frames

Affected products

Fixed 87 products

Product	Version	Remediation
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.src	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.170-1.git.1.91db82e.el7.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.170-1.git.1.91db82e.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.src	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.170-1.git.0.00cac56.el7.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.170-1.git.0.00cac56.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.170-1.git.0.00cac56.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.src	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.src	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.170-1.git.0.00cac56.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.170-1.git.1.55fab05.el7.src	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.170-1.git.1.55fab05.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.170-1.git.0.00cac56.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.170-1.git.0.00cac56.el7.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.170-1.git.0.00cac56.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.170-1.git.0.00cac56.el7.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.170-1.git.0.00cac56.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.170-1.git.0.00cac56.el7.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.170-1.git.0.00cac56.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.src	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.170-1.git.0.00cac56.el7.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.170-1.git.0.00cac56.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.src	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.170-1.git.0.00cac56.el7.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.170-1.git.0.00cac56.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.170-1.git.0.00cac56.el7.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.170-1.git.0.00cac56.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.src	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.170-1.git.0.00cac56.el7.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.170-1.git.0.00cac56.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.170-1.git.0.00cac56.el7.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.170-1.git.0.00cac56.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.src	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.src	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.src	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.src	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.170-1.git.1.51473b7.el7.src	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.170-1.git.1.227bc98.el7.src	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:jenkins-0:2.204.2.1580891656-1.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:jenkins-0:2.204.2.1580891656-1.el7.src	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1579107288-1.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1579107288-1.el7.src	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.170-2.git.5.8802564.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.170-2.git.5.8802564.el7.src	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.170-2.git.5.8802564.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.170-2.git.5.8802564.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.170-2.git.5.8802564.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.170-2.git.5.8802564.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.src	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.src	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-kuryr-0:3.11.170-1.git.1.7265da1.el7.src	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-kuryr-cni-0:3.11.170-1.git.1.7265da1.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-kuryr-common-0:3.11.170-1.git.1.7265da1.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-kuryr-controller-0:3.11.170-1.git.1.7265da1.el7.noarch	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:prometheus-0:3.11.170-1.git.1.227bc98.el7.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:prometheus-0:3.11.170-1.git.1.227bc98.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.170-1.git.1.51473b7.el7.ppc64le	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.170-1.git.1.51473b7.el7.x86_64	—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-3.11:python2-kuryr-kubernetes-0:3.11.170-1.git.1.7265da1.el7.noarch	—	Vendor Fix fix

Threats

Impact Low

References

49 references

URL	Category
https://access.redhat.com/errata/RHBA-2020:0402	self
https://bugzilla.redhat.com/show_bug.cgi?id=1670380	external
https://bugzilla.redhat.com/show_bug.cgi?id=1670587	external
https://bugzilla.redhat.com/show_bug.cgi?id=1728856	external
https://bugzilla.redhat.com/show_bug.cgi?id=1744900	external
https://bugzilla.redhat.com/show_bug.cgi?id=1749765	external
https://bugzilla.redhat.com/show_bug.cgi?id=1757314	external
https://bugzilla.redhat.com/show_bug.cgi?id=1757938	external
https://bugzilla.redhat.com/show_bug.cgi?id=1782695	external
https://bugzilla.redhat.com/show_bug.cgi?id=1783764	external
https://bugzilla.redhat.com/show_bug.cgi?id=1791667	external
https://bugzilla.redhat.com/show_bug.cgi?id=1793628	external
https://bugzilla.redhat.com/show_bug.cgi?id=1795930	external
https://bugzilla.redhat.com/show_bug.cgi?id=1798365	external
https://security.access.redhat.com/data/csaf/v2/a…	self
https://access.redhat.com/security/cve/CVE-2019-11358	self
https://bugzilla.redhat.com/show_bug.cgi?id=1701972	external
https://www.cve.org/CVERecord?id=CVE-2019-11358	external
https://nvd.nist.gov/vuln/detail/CVE-2019-11358	external
https://blog.jquery.com/2019/04/10/jquery-3-4-0-r…	external
https://www.drupal.org/sa-core-2019-006	external
https://access.redhat.com/security/cve/CVE-2020-2099	self
https://bugzilla.redhat.com/show_bug.cgi?id=1797080	external
https://www.cve.org/CVERecord?id=CVE-2020-2099	external
https://nvd.nist.gov/vuln/detail/CVE-2020-2099	external
https://access.redhat.com/security/cve/CVE-2020-2100	self
https://bugzilla.redhat.com/show_bug.cgi?id=1797087	external
https://www.cve.org/CVERecord?id=CVE-2020-2100	external
https://nvd.nist.gov/vuln/detail/CVE-2020-2100	external
https://access.redhat.com/security/cve/CVE-2020-2101	self
https://bugzilla.redhat.com/show_bug.cgi?id=1797084	external
https://www.cve.org/CVERecord?id=CVE-2020-2101	external
https://nvd.nist.gov/vuln/detail/CVE-2020-2101	external
https://access.redhat.com/security/cve/CVE-2020-2102	self
https://bugzilla.redhat.com/show_bug.cgi?id=1797071	external
https://www.cve.org/CVERecord?id=CVE-2020-2102	external
https://nvd.nist.gov/vuln/detail/CVE-2020-2102	external
https://access.redhat.com/security/cve/CVE-2020-2103	self
https://bugzilla.redhat.com/show_bug.cgi?id=1797062	external
https://www.cve.org/CVERecord?id=CVE-2020-2103	external
https://nvd.nist.gov/vuln/detail/CVE-2020-2103	external
https://access.redhat.com/security/cve/CVE-2020-2104	self
https://bugzilla.redhat.com/show_bug.cgi?id=1797065	external
https://www.cve.org/CVERecord?id=CVE-2020-2104	external
https://nvd.nist.gov/vuln/detail/CVE-2020-2104	external
https://access.redhat.com/security/cve/CVE-2020-2105	self
https://bugzilla.redhat.com/show_bug.cgi?id=1797068	external
https://www.cve.org/CVERecord?id=CVE-2020-2105	external
https://nvd.nist.gov/vuln/detail/CVE-2020-2105	external

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://access.redhat.com/security/updates/classification/",
      "text": "Important"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "Red Hat OpenShift Container Platform release 3.11.170 is now available with\nupdates to packages and images that fix several bugs.",
        "title": "Topic"
      },
      {
        "category": "general",
        "text": "Red Hat OpenShift Container Platform is Red Hat\u0027s cloud computing\nKubernetes application platform solution designed for on-premise or private\ncloud deployments.\n\nThis advisory contains the RPM packages for Red Hat OpenShift Container\nPlatform 3.11.170. See the following advisory for the container images for\nthis release:\n\nhttps://access.redhat.com/errata/RHBA-2020:0403\n\nThis release fixes the following bugs:\n\n* The Cluster Monitoring Operator playbook would reset the CMO ConfigMap every time it was executed, and manual changes to the ConfigMap were lost. Now, etcd monitoring can be configured with Ansible and changes made to the ConfigMap are now persistent when the playbook is executed. (BZ#1703032)\n\n* Prometheeus metrics for ElasticSearch were unavailable to users because the authentication class was instantiated multiple times and without the correct configuration. Now, SAR configuration has been added to the authentication_backend and the multi-tenant plugin executes SARs and allows access to metrics. (BZ#1728856)\n\n* The installer was picking the incorrect version of etcd, reverting to an older package version. Now, the install has been updated to use etcd v3.2.26. (BZ#1744900)\n\n* Redirection for ConfigMap was incorrect, leading to the console page instead of the ConfigMap details page. Now, the navigateResourceURL filter has been supplied with the namespace in the ConfigMap list page. Redirects will apply to the details page of the selected ConfigMap. (BZ#1782695)\n\n* Unexpected iptables rules were saved on the first master host. This was due to the cockpit role operations performed after openshift_sdn roles. Now, the cockpit role runs before the openshift_sdn role and unnecessary sdn rules are not saved during installation. (BZ#1783764)\n\n* Due to an incorrect statement in the heketi-template.yml.j2 template,the HEKETI_LVMWRAPPER environment variable was only included in deployments where Gluster runs on an external cluster, and not in the case where Gluster wass deployed on OpenShift in containers. The environment variable wass needed to specify a wrapper for LVM commands so that the commands can be run on the container node, outside the container. The missing variable results in less stability of the LVM configuration. Now, the statement in the heketi-template.yml.j2 template has been corrected and the HEKETI_LVMWRAPPER environment variable is now configured in the DeploymentConfig for the Heketi container. (BZ#1791667)\n\nAll OpenShift Container Platform 3.11 users are advised to upgrade to these\nupdated packages and images.",
        "title": "Details"
      },
      {
        "category": "legal_disclaimer",
        "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
        "title": "Terms of Use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://access.redhat.com/security/team/contact/",
      "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
      "name": "Red Hat Product Security",
      "namespace": "https://www.redhat.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "https://access.redhat.com/errata/RHBA-2020:0402",
        "url": "https://access.redhat.com/errata/RHBA-2020:0402"
      },
      {
        "category": "external",
        "summary": "1670380",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1670380"
      },
      {
        "category": "external",
        "summary": "1670587",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1670587"
      },
      {
        "category": "external",
        "summary": "1728856",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1728856"
      },
      {
        "category": "external",
        "summary": "1744900",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1744900"
      },
      {
        "category": "external",
        "summary": "1749765",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1749765"
      },
      {
        "category": "external",
        "summary": "1757314",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1757314"
      },
      {
        "category": "external",
        "summary": "1757938",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1757938"
      },
      {
        "category": "external",
        "summary": "1782695",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1782695"
      },
      {
        "category": "external",
        "summary": "1783764",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1783764"
      },
      {
        "category": "external",
        "summary": "1791667",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1791667"
      },
      {
        "category": "external",
        "summary": "1793628",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1793628"
      },
      {
        "category": "external",
        "summary": "1795930",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1795930"
      },
      {
        "category": "external",
        "summary": "1798365",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1798365"
      },
      {
        "category": "self",
        "summary": "Canonical URL",
        "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2020/rhba-2020_0402.json"
      }
    ],
    "title": "Red Hat Bug Fix Advisory: OpenShift Container Platform 3.11 bug fix update",
    "tracking": {
      "current_release_date": "2026-05-14T18:25:12+00:00",
      "generator": {
        "date": "2026-05-14T18:25:12+00:00",
        "engine": {
          "name": "Red Hat SDEngine",
          "version": "4.8.0"
        }
      },
      "id": "RHBA-2020:0402",
      "initial_release_date": "2020-02-19T19:55:22+00:00",
      "revision_history": [
        {
          "date": "2020-02-19T19:55:22+00:00",
          "number": "1",
          "summary": "Initial version"
        },
        {
          "date": "2020-02-19T19:55:22+00:00",
          "number": "2",
          "summary": "Last updated version"
        },
        {
          "date": "2026-05-14T18:25:12+00:00",
          "number": "3",
          "summary": "Last generated version"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Red Hat OpenShift Container Platform 3.11",
                "product": {
                  "name": "Red Hat OpenShift Container Platform 3.11",
                  "product_id": "7Server-RH7-RHOSE-3.11",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:openshift:3.11::el7"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "Red Hat OpenShift Enterprise"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "jenkins-2-plugins-0:3.11.1579107288-1.el7.noarch",
                "product": {
                  "name": "jenkins-2-plugins-0:3.11.1579107288-1.el7.noarch",
                  "product_id": "jenkins-2-plugins-0:3.11.1579107288-1.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jenkins-2-plugins@3.11.1579107288-1.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openshift-kuryr-cni-0:3.11.170-1.git.1.7265da1.el7.noarch",
                "product": {
                  "name": "openshift-kuryr-cni-0:3.11.170-1.git.1.7265da1.el7.noarch",
                  "product_id": "openshift-kuryr-cni-0:3.11.170-1.git.1.7265da1.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/openshift-kuryr-cni@3.11.170-1.git.1.7265da1.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openshift-kuryr-common-0:3.11.170-1.git.1.7265da1.el7.noarch",
                "product": {
                  "name": "openshift-kuryr-common-0:3.11.170-1.git.1.7265da1.el7.noarch",
                  "product_id": "openshift-kuryr-common-0:3.11.170-1.git.1.7265da1.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/openshift-kuryr-common@3.11.170-1.git.1.7265da1.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openshift-kuryr-controller-0:3.11.170-1.git.1.7265da1.el7.noarch",
                "product": {
                  "name": "openshift-kuryr-controller-0:3.11.170-1.git.1.7265da1.el7.noarch",
                  "product_id": "openshift-kuryr-controller-0:3.11.170-1.git.1.7265da1.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/openshift-kuryr-controller@3.11.170-1.git.1.7265da1.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "python2-kuryr-kubernetes-0:3.11.170-1.git.1.7265da1.el7.noarch",
                "product": {
                  "name": "python2-kuryr-kubernetes-0:3.11.170-1.git.1.7265da1.el7.noarch",
                  "product_id": "python2-kuryr-kubernetes-0:3.11.170-1.git.1.7265da1.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/python2-kuryr-kubernetes@3.11.170-1.git.1.7265da1.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "atomic-openshift-docker-excluder-0:3.11.170-1.git.0.00cac56.el7.noarch",
                "product": {
                  "name": "atomic-openshift-docker-excluder-0:3.11.170-1.git.0.00cac56.el7.noarch",
                  "product_id": "atomic-openshift-docker-excluder-0:3.11.170-1.git.0.00cac56.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/atomic-openshift-docker-excluder@3.11.170-1.git.0.00cac56.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "atomic-openshift-excluder-0:3.11.170-1.git.0.00cac56.el7.noarch",
                "product": {
                  "name": "atomic-openshift-excluder-0:3.11.170-1.git.0.00cac56.el7.noarch",
                  "product_id": "atomic-openshift-excluder-0:3.11.170-1.git.0.00cac56.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/atomic-openshift-excluder@3.11.170-1.git.0.00cac56.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jenkins-0:2.204.2.1580891656-1.el7.noarch",
                "product": {
                  "name": "jenkins-0:2.204.2.1580891656-1.el7.noarch",
                  "product_id": "jenkins-0:2.204.2.1580891656-1.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jenkins@2.204.2.1580891656-1.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openshift-ansible-0:3.11.170-2.git.5.8802564.el7.noarch",
                "product": {
                  "name": "openshift-ansible-0:3.11.170-2.git.5.8802564.el7.noarch",
                  "product_id": "openshift-ansible-0:3.11.170-2.git.5.8802564.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/openshift-ansible@3.11.170-2.git.5.8802564.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openshift-ansible-docs-0:3.11.170-2.git.5.8802564.el7.noarch",
                "product": {
                  "name": "openshift-ansible-docs-0:3.11.170-2.git.5.8802564.el7.noarch",
                  "product_id": "openshift-ansible-docs-0:3.11.170-2.git.5.8802564.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/openshift-ansible-docs@3.11.170-2.git.5.8802564.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openshift-ansible-playbooks-0:3.11.170-2.git.5.8802564.el7.noarch",
                "product": {
                  "name": "openshift-ansible-playbooks-0:3.11.170-2.git.5.8802564.el7.noarch",
                  "product_id": "openshift-ansible-playbooks-0:3.11.170-2.git.5.8802564.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/openshift-ansible-playbooks@3.11.170-2.git.5.8802564.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openshift-ansible-roles-0:3.11.170-2.git.5.8802564.el7.noarch",
                "product": {
                  "name": "openshift-ansible-roles-0:3.11.170-2.git.5.8802564.el7.noarch",
                  "product_id": "openshift-ansible-roles-0:3.11.170-2.git.5.8802564.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/openshift-ansible-roles@3.11.170-2.git.5.8802564.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openshift-ansible-test-0:3.11.170-2.git.5.8802564.el7.noarch",
                "product": {
                  "name": "openshift-ansible-test-0:3.11.170-2.git.5.8802564.el7.noarch",
                  "product_id": "openshift-ansible-test-0:3.11.170-2.git.5.8802564.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/openshift-ansible-test@3.11.170-2.git.5.8802564.el7?arch=noarch"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "noarch"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "jenkins-2-plugins-0:3.11.1579107288-1.el7.src",
                "product": {
                  "name": "jenkins-2-plugins-0:3.11.1579107288-1.el7.src",
                  "product_id": "jenkins-2-plugins-0:3.11.1579107288-1.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jenkins-2-plugins@3.11.1579107288-1.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.src",
                "product": {
                  "name": "atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.src",
                  "product_id": "atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/atomic-openshift-metrics-server@3.11.170-1.git.1.357f177.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.src",
                "product": {
                  "name": "atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.src",
                  "product_id": "atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/atomic-enterprise-service-catalog@3.11.170-1.git.1.91db82e.el7?arch=src\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.src",
                "product": {
                  "name": "atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.src",
                  "product_id": "atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/atomic-openshift-cluster-autoscaler@3.11.170-1.git.1.0a0df6a.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.src",
                "product": {
                  "name": "atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.src",
                  "product_id": "atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/atomic-openshift-web-console@3.11.170-1.git.1.3d64e8b.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.src",
                "product": {
                  "name": "openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.src",
                  "product_id": "openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/openshift-enterprise-cluster-capacity@3.11.170-1.git.1.661684b.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.src",
                "product": {
                  "name": "golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.src",
                  "product_id": "golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/golang-github-openshift-oauth-proxy@3.11.170-1.git.1.b49be83.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "atomic-openshift-dockerregistry-0:3.11.170-1.git.1.55fab05.el7.src",
                "product": {
                  "name": "atomic-openshift-dockerregistry-0:3.11.170-1.git.1.55fab05.el7.src",
                  "product_id": "atomic-openshift-dockerregistry-0:3.11.170-1.git.1.55fab05.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/atomic-openshift-dockerregistry@3.11.170-1.git.1.55fab05.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "golang-github-prometheus-prometheus-0:3.11.170-1.git.1.227bc98.el7.src",
                "product": {
                  "name": "golang-github-prometheus-prometheus-0:3.11.170-1.git.1.227bc98.el7.src",
                  "product_id": "golang-github-prometheus-prometheus-0:3.11.170-1.git.1.227bc98.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/golang-github-prometheus-prometheus@3.11.170-1.git.1.227bc98.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.src",
                "product": {
                  "name": "atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.src",
                  "product_id": "atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/atomic-openshift-service-idler@3.11.170-1.git.1.8328979.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.src",
                "product": {
                  "name": "atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.src",
                  "product_id": "atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/atomic-openshift-descheduler@3.11.170-1.git.1.9ad83f2.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "golang-github-prometheus-node_exporter-0:3.11.170-1.git.1.51473b7.el7.src",
                "product": {
                  "name": "golang-github-prometheus-node_exporter-0:3.11.170-1.git.1.51473b7.el7.src",
                  "product_id": "golang-github-prometheus-node_exporter-0:3.11.170-1.git.1.51473b7.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/golang-github-prometheus-node_exporter@3.11.170-1.git.1.51473b7.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.src",
                "product": {
                  "name": "atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.src",
                  "product_id": "atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/atomic-openshift-node-problem-detector@3.11.170-1.git.1.b1f90a6.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.src",
                "product": {
                  "name": "openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.src",
                  "product_id": "openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/openshift-enterprise-autoheal@3.11.170-1.git.1.dfe6c52.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "golang-github-prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.src",
                "product": {
                  "name": "golang-github-prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.src",
                  "product_id": "golang-github-prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/golang-github-prometheus-alertmanager@3.11.170-1.git.1.61d7960.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openshift-kuryr-0:3.11.170-1.git.1.7265da1.el7.src",
                "product": {
                  "name": "openshift-kuryr-0:3.11.170-1.git.1.7265da1.el7.src",
                  "product_id": "openshift-kuryr-0:3.11.170-1.git.1.7265da1.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/openshift-kuryr@3.11.170-1.git.1.7265da1.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.src",
                "product": {
                  "name": "atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.src",
                  "product_id": "atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/atomic-openshift@3.11.170-1.git.0.00cac56.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jenkins-0:2.204.2.1580891656-1.el7.src",
                "product": {
                  "name": "jenkins-0:2.204.2.1580891656-1.el7.src",
                  "product_id": "jenkins-0:2.204.2.1580891656-1.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jenkins@2.204.2.1580891656-1.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openshift-ansible-0:3.11.170-2.git.5.8802564.el7.src",
                "product": {
                  "name": "openshift-ansible-0:3.11.170-2.git.5.8802564.el7.src",
                  "product_id": "openshift-ansible-0:3.11.170-2.git.5.8802564.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/openshift-ansible@3.11.170-2.git.5.8802564.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.src",
                "product": {
                  "name": "cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.src",
                  "product_id": "cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/cri-o@1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7?arch=src"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "src"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.ppc64le",
                "product": {
                  "name": "atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.ppc64le",
                  "product_id": "atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/atomic-openshift-metrics-server@3.11.170-1.git.1.357f177.el7?arch=ppc64le"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.ppc64le",
                "product": {
                  "name": "atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.ppc64le",
                  "product_id": "atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/atomic-enterprise-service-catalog@3.11.170-1.git.1.91db82e.el7?arch=ppc64le\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "atomic-enterprise-service-catalog-svcat-1:3.11.170-1.git.1.91db82e.el7.ppc64le",
                "product": {
                  "name": "atomic-enterprise-service-catalog-svcat-1:3.11.170-1.git.1.91db82e.el7.ppc64le",
                  "product_id": "atomic-enterprise-service-catalog-svcat-1:3.11.170-1.git.1.91db82e.el7.ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/atomic-enterprise-service-catalog-svcat@3.11.170-1.git.1.91db82e.el7?arch=ppc64le\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.ppc64le",
                "product": {
                  "name": "atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.ppc64le",
                  "product_id": "atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/atomic-openshift-cluster-autoscaler@3.11.170-1.git.1.0a0df6a.el7?arch=ppc64le"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.ppc64le",
                "product": {
                  "name": "atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.ppc64le",
                  "product_id": "atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/atomic-openshift-web-console@3.11.170-1.git.1.3d64e8b.el7?arch=ppc64le"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.ppc64le",
                "product": {
                  "name": "openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.ppc64le",
                  "product_id": "openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/openshift-enterprise-cluster-capacity@3.11.170-1.git.1.661684b.el7?arch=ppc64le"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.ppc64le",
                "product": {
                  "name": "golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.ppc64le",
                  "product_id": "golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/golang-github-openshift-oauth-proxy@3.11.170-1.git.1.b49be83.el7?arch=ppc64le"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "prometheus-0:3.11.170-1.git.1.227bc98.el7.ppc64le",
                "product": {
                  "name": "prometheus-0:3.11.170-1.git.1.227bc98.el7.ppc64le",
                  "product_id": "prometheus-0:3.11.170-1.git.1.227bc98.el7.ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/prometheus@3.11.170-1.git.1.227bc98.el7?arch=ppc64le"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.ppc64le",
                "product": {
                  "name": "atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.ppc64le",
                  "product_id": "atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/atomic-openshift-service-idler@3.11.170-1.git.1.8328979.el7?arch=ppc64le"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.ppc64le",
                "product": {
                  "name": "atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.ppc64le",
                  "product_id": "atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/atomic-openshift-descheduler@3.11.170-1.git.1.9ad83f2.el7?arch=ppc64le"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "prometheus-node-exporter-0:3.11.170-1.git.1.51473b7.el7.ppc64le",
                "product": {
                  "name": "prometheus-node-exporter-0:3.11.170-1.git.1.51473b7.el7.ppc64le",
                  "product_id": "prometheus-node-exporter-0:3.11.170-1.git.1.51473b7.el7.ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/prometheus-node-exporter@3.11.170-1.git.1.51473b7.el7?arch=ppc64le"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.ppc64le",
                "product": {
                  "name": "atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.ppc64le",
                  "product_id": "atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/atomic-openshift-node-problem-detector@3.11.170-1.git.1.b1f90a6.el7?arch=ppc64le"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.ppc64le",
                "product": {
                  "name": "openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.ppc64le",
                  "product_id": "openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/openshift-enterprise-autoheal@3.11.170-1.git.1.dfe6c52.el7?arch=ppc64le"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.ppc64le",
                "product": {
                  "name": "prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.ppc64le",
                  "product_id": "prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/prometheus-alertmanager@3.11.170-1.git.1.61d7960.el7?arch=ppc64le"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
                "product": {
                  "name": "atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
                  "product_id": "atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/atomic-openshift@3.11.170-1.git.0.00cac56.el7?arch=ppc64le"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "atomic-openshift-clients-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
                "product": {
                  "name": "atomic-openshift-clients-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
                  "product_id": "atomic-openshift-clients-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/atomic-openshift-clients@3.11.170-1.git.0.00cac56.el7?arch=ppc64le"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "atomic-openshift-hyperkube-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
                "product": {
                  "name": "atomic-openshift-hyperkube-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
                  "product_id": "atomic-openshift-hyperkube-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/atomic-openshift-hyperkube@3.11.170-1.git.0.00cac56.el7?arch=ppc64le"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "atomic-openshift-hypershift-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
                "product": {
                  "name": "atomic-openshift-hypershift-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
                  "product_id": "atomic-openshift-hypershift-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/atomic-openshift-hypershift@3.11.170-1.git.0.00cac56.el7?arch=ppc64le"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "atomic-openshift-master-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
                "product": {
                  "name": "atomic-openshift-master-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
                  "product_id": "atomic-openshift-master-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/atomic-openshift-master@3.11.170-1.git.0.00cac56.el7?arch=ppc64le"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "atomic-openshift-node-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
                "product": {
                  "name": "atomic-openshift-node-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
                  "product_id": "atomic-openshift-node-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/atomic-openshift-node@3.11.170-1.git.0.00cac56.el7?arch=ppc64le"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "atomic-openshift-pod-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
                "product": {
                  "name": "atomic-openshift-pod-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
                  "product_id": "atomic-openshift-pod-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/atomic-openshift-pod@3.11.170-1.git.0.00cac56.el7?arch=ppc64le"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "atomic-openshift-sdn-ovs-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
                "product": {
                  "name": "atomic-openshift-sdn-ovs-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
                  "product_id": "atomic-openshift-sdn-ovs-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/atomic-openshift-sdn-ovs@3.11.170-1.git.0.00cac56.el7?arch=ppc64le"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "atomic-openshift-template-service-broker-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
                "product": {
                  "name": "atomic-openshift-template-service-broker-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
                  "product_id": "atomic-openshift-template-service-broker-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/atomic-openshift-template-service-broker@3.11.170-1.git.0.00cac56.el7?arch=ppc64le"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "atomic-openshift-tests-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
                "product": {
                  "name": "atomic-openshift-tests-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
                  "product_id": "atomic-openshift-tests-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/atomic-openshift-tests@3.11.170-1.git.0.00cac56.el7?arch=ppc64le"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.ppc64le",
                "product": {
                  "name": "cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.ppc64le",
                  "product_id": "cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/cri-o@1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7?arch=ppc64le"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "cri-o-debuginfo-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.ppc64le",
                "product": {
                  "name": "cri-o-debuginfo-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.ppc64le",
                  "product_id": "cri-o-debuginfo-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/cri-o-debuginfo@1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7?arch=ppc64le"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "ppc64le"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.x86_64",
                "product": {
                  "name": "atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.x86_64",
                  "product_id": "atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/atomic-openshift-metrics-server@3.11.170-1.git.1.357f177.el7?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.x86_64",
                "product": {
                  "name": "atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.x86_64",
                  "product_id": "atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/atomic-enterprise-service-catalog@3.11.170-1.git.1.91db82e.el7?arch=x86_64\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "atomic-enterprise-service-catalog-svcat-1:3.11.170-1.git.1.91db82e.el7.x86_64",
                "product": {
                  "name": "atomic-enterprise-service-catalog-svcat-1:3.11.170-1.git.1.91db82e.el7.x86_64",
                  "product_id": "atomic-enterprise-service-catalog-svcat-1:3.11.170-1.git.1.91db82e.el7.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/atomic-enterprise-service-catalog-svcat@3.11.170-1.git.1.91db82e.el7?arch=x86_64\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.x86_64",
                "product": {
                  "name": "atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.x86_64",
                  "product_id": "atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/atomic-openshift-cluster-autoscaler@3.11.170-1.git.1.0a0df6a.el7?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.x86_64",
                "product": {
                  "name": "atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.x86_64",
                  "product_id": "atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/atomic-openshift-web-console@3.11.170-1.git.1.3d64e8b.el7?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.x86_64",
                "product": {
                  "name": "openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.x86_64",
                  "product_id": "openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/openshift-enterprise-cluster-capacity@3.11.170-1.git.1.661684b.el7?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.x86_64",
                "product": {
                  "name": "golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.x86_64",
                  "product_id": "golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/golang-github-openshift-oauth-proxy@3.11.170-1.git.1.b49be83.el7?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "atomic-openshift-dockerregistry-0:3.11.170-1.git.1.55fab05.el7.x86_64",
                "product": {
                  "name": "atomic-openshift-dockerregistry-0:3.11.170-1.git.1.55fab05.el7.x86_64",
                  "product_id": "atomic-openshift-dockerregistry-0:3.11.170-1.git.1.55fab05.el7.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/atomic-openshift-dockerregistry@3.11.170-1.git.1.55fab05.el7?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "prometheus-0:3.11.170-1.git.1.227bc98.el7.x86_64",
                "product": {
                  "name": "prometheus-0:3.11.170-1.git.1.227bc98.el7.x86_64",
                  "product_id": "prometheus-0:3.11.170-1.git.1.227bc98.el7.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/prometheus@3.11.170-1.git.1.227bc98.el7?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.x86_64",
                "product": {
                  "name": "atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.x86_64",
                  "product_id": "atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/atomic-openshift-service-idler@3.11.170-1.git.1.8328979.el7?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.x86_64",
                "product": {
                  "name": "atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.x86_64",
                  "product_id": "atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/atomic-openshift-descheduler@3.11.170-1.git.1.9ad83f2.el7?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "prometheus-node-exporter-0:3.11.170-1.git.1.51473b7.el7.x86_64",
                "product": {
                  "name": "prometheus-node-exporter-0:3.11.170-1.git.1.51473b7.el7.x86_64",
                  "product_id": "prometheus-node-exporter-0:3.11.170-1.git.1.51473b7.el7.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/prometheus-node-exporter@3.11.170-1.git.1.51473b7.el7?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.x86_64",
                "product": {
                  "name": "atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.x86_64",
                  "product_id": "atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/atomic-openshift-node-problem-detector@3.11.170-1.git.1.b1f90a6.el7?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.x86_64",
                "product": {
                  "name": "openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.x86_64",
                  "product_id": "openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/openshift-enterprise-autoheal@3.11.170-1.git.1.dfe6c52.el7?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.x86_64",
                "product": {
                  "name": "prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.x86_64",
                  "product_id": "prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/prometheus-alertmanager@3.11.170-1.git.1.61d7960.el7?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.x86_64",
                "product": {
                  "name": "atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.x86_64",
                  "product_id": "atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/atomic-openshift@3.11.170-1.git.0.00cac56.el7?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "atomic-openshift-clients-0:3.11.170-1.git.0.00cac56.el7.x86_64",
                "product": {
                  "name": "atomic-openshift-clients-0:3.11.170-1.git.0.00cac56.el7.x86_64",
                  "product_id": "atomic-openshift-clients-0:3.11.170-1.git.0.00cac56.el7.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/atomic-openshift-clients@3.11.170-1.git.0.00cac56.el7?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "atomic-openshift-clients-redistributable-0:3.11.170-1.git.0.00cac56.el7.x86_64",
                "product": {
                  "name": "atomic-openshift-clients-redistributable-0:3.11.170-1.git.0.00cac56.el7.x86_64",
                  "product_id": "atomic-openshift-clients-redistributable-0:3.11.170-1.git.0.00cac56.el7.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/atomic-openshift-clients-redistributable@3.11.170-1.git.0.00cac56.el7?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "atomic-openshift-hyperkube-0:3.11.170-1.git.0.00cac56.el7.x86_64",
                "product": {
                  "name": "atomic-openshift-hyperkube-0:3.11.170-1.git.0.00cac56.el7.x86_64",
                  "product_id": "atomic-openshift-hyperkube-0:3.11.170-1.git.0.00cac56.el7.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/atomic-openshift-hyperkube@3.11.170-1.git.0.00cac56.el7?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "atomic-openshift-hypershift-0:3.11.170-1.git.0.00cac56.el7.x86_64",
                "product": {
                  "name": "atomic-openshift-hypershift-0:3.11.170-1.git.0.00cac56.el7.x86_64",
                  "product_id": "atomic-openshift-hypershift-0:3.11.170-1.git.0.00cac56.el7.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/atomic-openshift-hypershift@3.11.170-1.git.0.00cac56.el7?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "atomic-openshift-master-0:3.11.170-1.git.0.00cac56.el7.x86_64",
                "product": {
                  "name": "atomic-openshift-master-0:3.11.170-1.git.0.00cac56.el7.x86_64",
                  "product_id": "atomic-openshift-master-0:3.11.170-1.git.0.00cac56.el7.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/atomic-openshift-master@3.11.170-1.git.0.00cac56.el7?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "atomic-openshift-node-0:3.11.170-1.git.0.00cac56.el7.x86_64",
                "product": {
                  "name": "atomic-openshift-node-0:3.11.170-1.git.0.00cac56.el7.x86_64",
                  "product_id": "atomic-openshift-node-0:3.11.170-1.git.0.00cac56.el7.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/atomic-openshift-node@3.11.170-1.git.0.00cac56.el7?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "atomic-openshift-pod-0:3.11.170-1.git.0.00cac56.el7.x86_64",
                "product": {
                  "name": "atomic-openshift-pod-0:3.11.170-1.git.0.00cac56.el7.x86_64",
                  "product_id": "atomic-openshift-pod-0:3.11.170-1.git.0.00cac56.el7.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/atomic-openshift-pod@3.11.170-1.git.0.00cac56.el7?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "atomic-openshift-sdn-ovs-0:3.11.170-1.git.0.00cac56.el7.x86_64",
                "product": {
                  "name": "atomic-openshift-sdn-ovs-0:3.11.170-1.git.0.00cac56.el7.x86_64",
                  "product_id": "atomic-openshift-sdn-ovs-0:3.11.170-1.git.0.00cac56.el7.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/atomic-openshift-sdn-ovs@3.11.170-1.git.0.00cac56.el7?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "atomic-openshift-template-service-broker-0:3.11.170-1.git.0.00cac56.el7.x86_64",
                "product": {
                  "name": "atomic-openshift-template-service-broker-0:3.11.170-1.git.0.00cac56.el7.x86_64",
                  "product_id": "atomic-openshift-template-service-broker-0:3.11.170-1.git.0.00cac56.el7.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/atomic-openshift-template-service-broker@3.11.170-1.git.0.00cac56.el7?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "atomic-openshift-tests-0:3.11.170-1.git.0.00cac56.el7.x86_64",
                "product": {
                  "name": "atomic-openshift-tests-0:3.11.170-1.git.0.00cac56.el7.x86_64",
                  "product_id": "atomic-openshift-tests-0:3.11.170-1.git.0.00cac56.el7.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/atomic-openshift-tests@3.11.170-1.git.0.00cac56.el7?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.x86_64",
                "product": {
                  "name": "cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.x86_64",
                  "product_id": "cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/cri-o@1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "cri-o-debuginfo-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.x86_64",
                "product": {
                  "name": "cri-o-debuginfo-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.x86_64",
                  "product_id": "cri-o-debuginfo-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/cri-o-debuginfo@1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7?arch=x86_64"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "x86_64"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11",
          "product_id": "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.ppc64le"
        },
        "product_reference": "atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.ppc64le",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.src as a component of Red Hat OpenShift Container Platform 3.11",
          "product_id": "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.src"
        },
        "product_reference": "atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.src",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11",
          "product_id": "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.x86_64"
        },
        "product_reference": "atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.x86_64",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "atomic-enterprise-service-catalog-svcat-1:3.11.170-1.git.1.91db82e.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11",
          "product_id": "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.170-1.git.1.91db82e.el7.ppc64le"
        },
        "product_reference": "atomic-enterprise-service-catalog-svcat-1:3.11.170-1.git.1.91db82e.el7.ppc64le",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "atomic-enterprise-service-catalog-svcat-1:3.11.170-1.git.1.91db82e.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11",
          "product_id": "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.170-1.git.1.91db82e.el7.x86_64"
        },
        "product_reference": "atomic-enterprise-service-catalog-svcat-1:3.11.170-1.git.1.91db82e.el7.x86_64",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11",
          "product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.ppc64le"
        },
        "product_reference": "atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.src as a component of Red Hat OpenShift Container Platform 3.11",
          "product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.src"
        },
        "product_reference": "atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.src",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11",
          "product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.x86_64"
        },
        "product_reference": "atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.x86_64",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "atomic-openshift-clients-0:3.11.170-1.git.0.00cac56.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11",
          "product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.170-1.git.0.00cac56.el7.ppc64le"
        },
        "product_reference": "atomic-openshift-clients-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "atomic-openshift-clients-0:3.11.170-1.git.0.00cac56.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11",
          "product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.170-1.git.0.00cac56.el7.x86_64"
        },
        "product_reference": "atomic-openshift-clients-0:3.11.170-1.git.0.00cac56.el7.x86_64",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "atomic-openshift-clients-redistributable-0:3.11.170-1.git.0.00cac56.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11",
          "product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.170-1.git.0.00cac56.el7.x86_64"
        },
        "product_reference": "atomic-openshift-clients-redistributable-0:3.11.170-1.git.0.00cac56.el7.x86_64",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11",
          "product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.ppc64le"
        },
        "product_reference": "atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.ppc64le",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.src as a component of Red Hat OpenShift Container Platform 3.11",
          "product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.src"
        },
        "product_reference": "atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.src",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11",
          "product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.x86_64"
        },
        "product_reference": "atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.x86_64",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11",
          "product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.ppc64le"
        },
        "product_reference": "atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.ppc64le",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.src as a component of Red Hat OpenShift Container Platform 3.11",
          "product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.src"
        },
        "product_reference": "atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.src",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11",
          "product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.x86_64"
        },
        "product_reference": "atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.x86_64",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "atomic-openshift-docker-excluder-0:3.11.170-1.git.0.00cac56.el7.noarch as a component of Red Hat OpenShift Container Platform 3.11",
          "product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.170-1.git.0.00cac56.el7.noarch"
        },
        "product_reference": "atomic-openshift-docker-excluder-0:3.11.170-1.git.0.00cac56.el7.noarch",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "atomic-openshift-dockerregistry-0:3.11.170-1.git.1.55fab05.el7.src as a component of Red Hat OpenShift Container Platform 3.11",
          "product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.170-1.git.1.55fab05.el7.src"
        },
        "product_reference": "atomic-openshift-dockerregistry-0:3.11.170-1.git.1.55fab05.el7.src",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "atomic-openshift-dockerregistry-0:3.11.170-1.git.1.55fab05.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11",
          "product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.170-1.git.1.55fab05.el7.x86_64"
        },
        "product_reference": "atomic-openshift-dockerregistry-0:3.11.170-1.git.1.55fab05.el7.x86_64",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "atomic-openshift-excluder-0:3.11.170-1.git.0.00cac56.el7.noarch as a component of Red Hat OpenShift Container Platform 3.11",
          "product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.170-1.git.0.00cac56.el7.noarch"
        },
        "product_reference": "atomic-openshift-excluder-0:3.11.170-1.git.0.00cac56.el7.noarch",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "atomic-openshift-hyperkube-0:3.11.170-1.git.0.00cac56.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11",
          "product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.170-1.git.0.00cac56.el7.ppc64le"
        },
        "product_reference": "atomic-openshift-hyperkube-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "atomic-openshift-hyperkube-0:3.11.170-1.git.0.00cac56.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11",
          "product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.170-1.git.0.00cac56.el7.x86_64"
        },
        "product_reference": "atomic-openshift-hyperkube-0:3.11.170-1.git.0.00cac56.el7.x86_64",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "atomic-openshift-hypershift-0:3.11.170-1.git.0.00cac56.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11",
          "product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.170-1.git.0.00cac56.el7.ppc64le"
        },
        "product_reference": "atomic-openshift-hypershift-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "atomic-openshift-hypershift-0:3.11.170-1.git.0.00cac56.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11",
          "product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.170-1.git.0.00cac56.el7.x86_64"
        },
        "product_reference": "atomic-openshift-hypershift-0:3.11.170-1.git.0.00cac56.el7.x86_64",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "atomic-openshift-master-0:3.11.170-1.git.0.00cac56.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11",
          "product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.170-1.git.0.00cac56.el7.ppc64le"
        },
        "product_reference": "atomic-openshift-master-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "atomic-openshift-master-0:3.11.170-1.git.0.00cac56.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11",
          "product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.170-1.git.0.00cac56.el7.x86_64"
        },
        "product_reference": "atomic-openshift-master-0:3.11.170-1.git.0.00cac56.el7.x86_64",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11",
          "product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.ppc64le"
        },
        "product_reference": "atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.ppc64le",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.src as a component of Red Hat OpenShift Container Platform 3.11",
          "product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.src"
        },
        "product_reference": "atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.src",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11",
          "product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.x86_64"
        },
        "product_reference": "atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.x86_64",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "atomic-openshift-node-0:3.11.170-1.git.0.00cac56.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11",
          "product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.170-1.git.0.00cac56.el7.ppc64le"
        },
        "product_reference": "atomic-openshift-node-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "atomic-openshift-node-0:3.11.170-1.git.0.00cac56.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11",
          "product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.170-1.git.0.00cac56.el7.x86_64"
        },
        "product_reference": "atomic-openshift-node-0:3.11.170-1.git.0.00cac56.el7.x86_64",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11",
          "product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.ppc64le"
        },
        "product_reference": "atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.ppc64le",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.src as a component of Red Hat OpenShift Container Platform 3.11",
          "product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.src"
        },
        "product_reference": "atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.src",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11",
          "product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.x86_64"
        },
        "product_reference": "atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.x86_64",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "atomic-openshift-pod-0:3.11.170-1.git.0.00cac56.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11",
          "product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.170-1.git.0.00cac56.el7.ppc64le"
        },
        "product_reference": "atomic-openshift-pod-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "atomic-openshift-pod-0:3.11.170-1.git.0.00cac56.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11",
          "product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.170-1.git.0.00cac56.el7.x86_64"
        },
        "product_reference": "atomic-openshift-pod-0:3.11.170-1.git.0.00cac56.el7.x86_64",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "atomic-openshift-sdn-ovs-0:3.11.170-1.git.0.00cac56.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11",
          "product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.170-1.git.0.00cac56.el7.ppc64le"
        },
        "product_reference": "atomic-openshift-sdn-ovs-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "atomic-openshift-sdn-ovs-0:3.11.170-1.git.0.00cac56.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11",
          "product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.170-1.git.0.00cac56.el7.x86_64"
        },
        "product_reference": "atomic-openshift-sdn-ovs-0:3.11.170-1.git.0.00cac56.el7.x86_64",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11",
          "product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.ppc64le"
        },
        "product_reference": "atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.ppc64le",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.src as a component of Red Hat OpenShift Container Platform 3.11",
          "product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.src"
        },
        "product_reference": "atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.src",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11",
          "product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.x86_64"
        },
        "product_reference": "atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.x86_64",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "atomic-openshift-template-service-broker-0:3.11.170-1.git.0.00cac56.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11",
          "product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.170-1.git.0.00cac56.el7.ppc64le"
        },
        "product_reference": "atomic-openshift-template-service-broker-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "atomic-openshift-template-service-broker-0:3.11.170-1.git.0.00cac56.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11",
          "product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.170-1.git.0.00cac56.el7.x86_64"
        },
        "product_reference": "atomic-openshift-template-service-broker-0:3.11.170-1.git.0.00cac56.el7.x86_64",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "atomic-openshift-tests-0:3.11.170-1.git.0.00cac56.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11",
          "product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.170-1.git.0.00cac56.el7.ppc64le"
        },
        "product_reference": "atomic-openshift-tests-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "atomic-openshift-tests-0:3.11.170-1.git.0.00cac56.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11",
          "product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.170-1.git.0.00cac56.el7.x86_64"
        },
        "product_reference": "atomic-openshift-tests-0:3.11.170-1.git.0.00cac56.el7.x86_64",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11",
          "product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.ppc64le"
        },
        "product_reference": "atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.ppc64le",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.src as a component of Red Hat OpenShift Container Platform 3.11",
          "product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.src"
        },
        "product_reference": "atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.src",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11",
          "product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.x86_64"
        },
        "product_reference": "atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.x86_64",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11",
          "product_id": "7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.ppc64le"
        },
        "product_reference": "cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.ppc64le",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.src as a component of Red Hat OpenShift Container Platform 3.11",
          "product_id": "7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.src"
        },
        "product_reference": "cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.src",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11",
          "product_id": "7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.x86_64"
        },
        "product_reference": "cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.x86_64",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "cri-o-debuginfo-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11",
          "product_id": "7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.ppc64le"
        },
        "product_reference": "cri-o-debuginfo-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.ppc64le",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "cri-o-debuginfo-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11",
          "product_id": "7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.x86_64"
        },
        "product_reference": "cri-o-debuginfo-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.x86_64",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11",
          "product_id": "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.ppc64le"
        },
        "product_reference": "golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.ppc64le",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.src as a component of Red Hat OpenShift Container Platform 3.11",
          "product_id": "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.src"
        },
        "product_reference": "golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.src",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11",
          "product_id": "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.x86_64"
        },
        "product_reference": "golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.x86_64",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "golang-github-prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.src as a component of Red Hat OpenShift Container Platform 3.11",
          "product_id": "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.src"
        },
        "product_reference": "golang-github-prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.src",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "golang-github-prometheus-node_exporter-0:3.11.170-1.git.1.51473b7.el7.src as a component of Red Hat OpenShift Container Platform 3.11",
          "product_id": "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.170-1.git.1.51473b7.el7.src"
        },
        "product_reference": "golang-github-prometheus-node_exporter-0:3.11.170-1.git.1.51473b7.el7.src",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "golang-github-prometheus-prometheus-0:3.11.170-1.git.1.227bc98.el7.src as a component of Red Hat OpenShift Container Platform 3.11",
          "product_id": "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.170-1.git.1.227bc98.el7.src"
        },
        "product_reference": "golang-github-prometheus-prometheus-0:3.11.170-1.git.1.227bc98.el7.src",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jenkins-0:2.204.2.1580891656-1.el7.noarch as a component of Red Hat OpenShift Container Platform 3.11",
          "product_id": "7Server-RH7-RHOSE-3.11:jenkins-0:2.204.2.1580891656-1.el7.noarch"
        },
        "product_reference": "jenkins-0:2.204.2.1580891656-1.el7.noarch",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jenkins-0:2.204.2.1580891656-1.el7.src as a component of Red Hat OpenShift Container Platform 3.11",
          "product_id": "7Server-RH7-RHOSE-3.11:jenkins-0:2.204.2.1580891656-1.el7.src"
        },
        "product_reference": "jenkins-0:2.204.2.1580891656-1.el7.src",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jenkins-2-plugins-0:3.11.1579107288-1.el7.noarch as a component of Red Hat OpenShift Container Platform 3.11",
          "product_id": "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1579107288-1.el7.noarch"
        },
        "product_reference": "jenkins-2-plugins-0:3.11.1579107288-1.el7.noarch",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jenkins-2-plugins-0:3.11.1579107288-1.el7.src as a component of Red Hat OpenShift Container Platform 3.11",
          "product_id": "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1579107288-1.el7.src"
        },
        "product_reference": "jenkins-2-plugins-0:3.11.1579107288-1.el7.src",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift-ansible-0:3.11.170-2.git.5.8802564.el7.noarch as a component of Red Hat OpenShift Container Platform 3.11",
          "product_id": "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.170-2.git.5.8802564.el7.noarch"
        },
        "product_reference": "openshift-ansible-0:3.11.170-2.git.5.8802564.el7.noarch",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift-ansible-0:3.11.170-2.git.5.8802564.el7.src as a component of Red Hat OpenShift Container Platform 3.11",
          "product_id": "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.170-2.git.5.8802564.el7.src"
        },
        "product_reference": "openshift-ansible-0:3.11.170-2.git.5.8802564.el7.src",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift-ansible-docs-0:3.11.170-2.git.5.8802564.el7.noarch as a component of Red Hat OpenShift Container Platform 3.11",
          "product_id": "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.170-2.git.5.8802564.el7.noarch"
        },
        "product_reference": "openshift-ansible-docs-0:3.11.170-2.git.5.8802564.el7.noarch",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift-ansible-playbooks-0:3.11.170-2.git.5.8802564.el7.noarch as a component of Red Hat OpenShift Container Platform 3.11",
          "product_id": "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.170-2.git.5.8802564.el7.noarch"
        },
        "product_reference": "openshift-ansible-playbooks-0:3.11.170-2.git.5.8802564.el7.noarch",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift-ansible-roles-0:3.11.170-2.git.5.8802564.el7.noarch as a component of Red Hat OpenShift Container Platform 3.11",
          "product_id": "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.170-2.git.5.8802564.el7.noarch"
        },
        "product_reference": "openshift-ansible-roles-0:3.11.170-2.git.5.8802564.el7.noarch",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift-ansible-test-0:3.11.170-2.git.5.8802564.el7.noarch as a component of Red Hat OpenShift Container Platform 3.11",
          "product_id": "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.170-2.git.5.8802564.el7.noarch"
        },
        "product_reference": "openshift-ansible-test-0:3.11.170-2.git.5.8802564.el7.noarch",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11",
          "product_id": "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.ppc64le"
        },
        "product_reference": "openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.ppc64le",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.src as a component of Red Hat OpenShift Container Platform 3.11",
          "product_id": "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.src"
        },
        "product_reference": "openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.src",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11",
          "product_id": "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.x86_64"
        },
        "product_reference": "openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.x86_64",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11",
          "product_id": "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.ppc64le"
        },
        "product_reference": "openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.ppc64le",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.src as a component of Red Hat OpenShift Container Platform 3.11",
          "product_id": "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.src"
        },
        "product_reference": "openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.src",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11",
          "product_id": "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.x86_64"
        },
        "product_reference": "openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.x86_64",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift-kuryr-0:3.11.170-1.git.1.7265da1.el7.src as a component of Red Hat OpenShift Container Platform 3.11",
          "product_id": "7Server-RH7-RHOSE-3.11:openshift-kuryr-0:3.11.170-1.git.1.7265da1.el7.src"
        },
        "product_reference": "openshift-kuryr-0:3.11.170-1.git.1.7265da1.el7.src",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift-kuryr-cni-0:3.11.170-1.git.1.7265da1.el7.noarch as a component of Red Hat OpenShift Container Platform 3.11",
          "product_id": "7Server-RH7-RHOSE-3.11:openshift-kuryr-cni-0:3.11.170-1.git.1.7265da1.el7.noarch"
        },
        "product_reference": "openshift-kuryr-cni-0:3.11.170-1.git.1.7265da1.el7.noarch",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift-kuryr-common-0:3.11.170-1.git.1.7265da1.el7.noarch as a component of Red Hat OpenShift Container Platform 3.11",
          "product_id": "7Server-RH7-RHOSE-3.11:openshift-kuryr-common-0:3.11.170-1.git.1.7265da1.el7.noarch"
        },
        "product_reference": "openshift-kuryr-common-0:3.11.170-1.git.1.7265da1.el7.noarch",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift-kuryr-controller-0:3.11.170-1.git.1.7265da1.el7.noarch as a component of Red Hat OpenShift Container Platform 3.11",
          "product_id": "7Server-RH7-RHOSE-3.11:openshift-kuryr-controller-0:3.11.170-1.git.1.7265da1.el7.noarch"
        },
        "product_reference": "openshift-kuryr-controller-0:3.11.170-1.git.1.7265da1.el7.noarch",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "prometheus-0:3.11.170-1.git.1.227bc98.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11",
          "product_id": "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.170-1.git.1.227bc98.el7.ppc64le"
        },
        "product_reference": "prometheus-0:3.11.170-1.git.1.227bc98.el7.ppc64le",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "prometheus-0:3.11.170-1.git.1.227bc98.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11",
          "product_id": "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.170-1.git.1.227bc98.el7.x86_64"
        },
        "product_reference": "prometheus-0:3.11.170-1.git.1.227bc98.el7.x86_64",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11",
          "product_id": "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.ppc64le"
        },
        "product_reference": "prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.ppc64le",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11",
          "product_id": "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.x86_64"
        },
        "product_reference": "prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.x86_64",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "prometheus-node-exporter-0:3.11.170-1.git.1.51473b7.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11",
          "product_id": "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.170-1.git.1.51473b7.el7.ppc64le"
        },
        "product_reference": "prometheus-node-exporter-0:3.11.170-1.git.1.51473b7.el7.ppc64le",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "prometheus-node-exporter-0:3.11.170-1.git.1.51473b7.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11",
          "product_id": "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.170-1.git.1.51473b7.el7.x86_64"
        },
        "product_reference": "prometheus-node-exporter-0:3.11.170-1.git.1.51473b7.el7.x86_64",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "python2-kuryr-kubernetes-0:3.11.170-1.git.1.7265da1.el7.noarch as a component of Red Hat OpenShift Container Platform 3.11",
          "product_id": "7Server-RH7-RHOSE-3.11:python2-kuryr-kubernetes-0:3.11.170-1.git.1.7265da1.el7.noarch"
        },
        "product_reference": "python2-kuryr-kubernetes-0:3.11.170-1.git.1.7265da1.el7.noarch",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2019-11358",
      "cwe": {
        "id": "CWE-79",
        "name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
      },
      "discovery_date": "2019-03-28T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1701972"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A Prototype Pollution vulnerability was found in jquery. Untrusted JSON passed to the `extend` function could lead to modifying objects up the prototype chain, including the global Object. A crafted JSON object passed to a vulnerable method could lead to denial of service or data injection, with various consequences.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "jquery: Prototype pollution in object\u0027s prototype leading to denial of service, remote code execution, or property injection",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "Red Hat Virtualization 4.2 EUS contains the affected version of bootstrap in the packages ovirt-js-dependencies and ovirt-engine-dashboard. These packages are deprecated in Red Hat Virtualization 4.3.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.src",
          "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.170-1.git.1.91db82e.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.170-1.git.1.91db82e.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.src",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.170-1.git.0.00cac56.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.170-1.git.0.00cac56.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.src",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.src",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.170-1.git.0.00cac56.el7.noarch",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.170-1.git.1.55fab05.el7.src",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.170-1.git.1.55fab05.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.170-1.git.0.00cac56.el7.noarch",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.170-1.git.0.00cac56.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.170-1.git.0.00cac56.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.170-1.git.0.00cac56.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.src",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.170-1.git.0.00cac56.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.src",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.170-1.git.0.00cac56.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.170-1.git.0.00cac56.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.src",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.170-1.git.0.00cac56.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.170-1.git.0.00cac56.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.src",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.src",
          "7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.src",
          "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.src",
          "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.170-1.git.1.51473b7.el7.src",
          "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.170-1.git.1.227bc98.el7.src",
          "7Server-RH7-RHOSE-3.11:jenkins-0:2.204.2.1580891656-1.el7.noarch",
          "7Server-RH7-RHOSE-3.11:jenkins-0:2.204.2.1580891656-1.el7.src",
          "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1579107288-1.el7.noarch",
          "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1579107288-1.el7.src",
          "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.170-2.git.5.8802564.el7.noarch",
          "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.170-2.git.5.8802564.el7.src",
          "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.170-2.git.5.8802564.el7.noarch",
          "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.170-2.git.5.8802564.el7.noarch",
          "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.170-2.git.5.8802564.el7.noarch",
          "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.170-2.git.5.8802564.el7.noarch",
          "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.src",
          "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.src",
          "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:openshift-kuryr-0:3.11.170-1.git.1.7265da1.el7.src",
          "7Server-RH7-RHOSE-3.11:openshift-kuryr-cni-0:3.11.170-1.git.1.7265da1.el7.noarch",
          "7Server-RH7-RHOSE-3.11:openshift-kuryr-common-0:3.11.170-1.git.1.7265da1.el7.noarch",
          "7Server-RH7-RHOSE-3.11:openshift-kuryr-controller-0:3.11.170-1.git.1.7265da1.el7.noarch",
          "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.170-1.git.1.227bc98.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.170-1.git.1.227bc98.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.170-1.git.1.51473b7.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.170-1.git.1.51473b7.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:python2-kuryr-kubernetes-0:3.11.170-1.git.1.7265da1.el7.noarch"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2019-11358"
        },
        {
          "category": "external",
          "summary": "RHBZ#1701972",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1701972"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2019-11358",
          "url": "https://www.cve.org/CVERecord?id=CVE-2019-11358"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-11358",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-11358"
        },
        {
          "category": "external",
          "summary": "https://blog.jquery.com/2019/04/10/jquery-3-4-0-released/",
          "url": "https://blog.jquery.com/2019/04/10/jquery-3-4-0-released/"
        },
        {
          "category": "external",
          "summary": "https://www.drupal.org/sa-core-2019-006",
          "url": "https://www.drupal.org/sa-core-2019-006"
        }
      ],
      "release_date": "2019-03-27T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2020-02-19T19:55:22+00:00",
          "details": "Before applying this update, ensure all previously released errata relevant\nto your system is applied.\n\nSee the following documentation, which will be updated shortly for release\n3.11.170, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/3.11/release_notes/ocp_3_11_release_notes.html\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/articles/11258.",
          "product_ids": [
            "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.170-1.git.1.91db82e.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.170-1.git.1.91db82e.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.170-1.git.0.00cac56.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.170-1.git.0.00cac56.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.170-1.git.0.00cac56.el7.noarch",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.170-1.git.1.55fab05.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.170-1.git.1.55fab05.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.170-1.git.0.00cac56.el7.noarch",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.170-1.git.0.00cac56.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.170-1.git.0.00cac56.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.170-1.git.0.00cac56.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.170-1.git.0.00cac56.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.170-1.git.0.00cac56.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.170-1.git.0.00cac56.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.170-1.git.0.00cac56.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.170-1.git.0.00cac56.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.src",
            "7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.src",
            "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.src",
            "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.170-1.git.1.51473b7.el7.src",
            "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.170-1.git.1.227bc98.el7.src",
            "7Server-RH7-RHOSE-3.11:jenkins-0:2.204.2.1580891656-1.el7.noarch",
            "7Server-RH7-RHOSE-3.11:jenkins-0:2.204.2.1580891656-1.el7.src",
            "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1579107288-1.el7.noarch",
            "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1579107288-1.el7.src",
            "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.170-2.git.5.8802564.el7.noarch",
            "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.170-2.git.5.8802564.el7.src",
            "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.170-2.git.5.8802564.el7.noarch",
            "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.170-2.git.5.8802564.el7.noarch",
            "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.170-2.git.5.8802564.el7.noarch",
            "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.170-2.git.5.8802564.el7.noarch",
            "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.src",
            "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.src",
            "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:openshift-kuryr-0:3.11.170-1.git.1.7265da1.el7.src",
            "7Server-RH7-RHOSE-3.11:openshift-kuryr-cni-0:3.11.170-1.git.1.7265da1.el7.noarch",
            "7Server-RH7-RHOSE-3.11:openshift-kuryr-common-0:3.11.170-1.git.1.7265da1.el7.noarch",
            "7Server-RH7-RHOSE-3.11:openshift-kuryr-controller-0:3.11.170-1.git.1.7265da1.el7.noarch",
            "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.170-1.git.1.227bc98.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.170-1.git.1.227bc98.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.170-1.git.1.51473b7.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.170-1.git.1.51473b7.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:python2-kuryr-kubernetes-0:3.11.170-1.git.1.7265da1.el7.noarch"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHBA-2020:0402"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 5.6,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L",
            "version": "3.0"
          },
          "products": [
            "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.170-1.git.1.91db82e.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.170-1.git.1.91db82e.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.170-1.git.0.00cac56.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.170-1.git.0.00cac56.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.170-1.git.0.00cac56.el7.noarch",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.170-1.git.1.55fab05.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.170-1.git.1.55fab05.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.170-1.git.0.00cac56.el7.noarch",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.170-1.git.0.00cac56.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.170-1.git.0.00cac56.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.170-1.git.0.00cac56.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.170-1.git.0.00cac56.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.170-1.git.0.00cac56.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.170-1.git.0.00cac56.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.170-1.git.0.00cac56.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.170-1.git.0.00cac56.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.src",
            "7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.src",
            "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.src",
            "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.170-1.git.1.51473b7.el7.src",
            "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.170-1.git.1.227bc98.el7.src",
            "7Server-RH7-RHOSE-3.11:jenkins-0:2.204.2.1580891656-1.el7.noarch",
            "7Server-RH7-RHOSE-3.11:jenkins-0:2.204.2.1580891656-1.el7.src",
            "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1579107288-1.el7.noarch",
            "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1579107288-1.el7.src",
            "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.170-2.git.5.8802564.el7.noarch",
            "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.170-2.git.5.8802564.el7.src",
            "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.170-2.git.5.8802564.el7.noarch",
            "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.170-2.git.5.8802564.el7.noarch",
            "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.170-2.git.5.8802564.el7.noarch",
            "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.170-2.git.5.8802564.el7.noarch",
            "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.src",
            "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.src",
            "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:openshift-kuryr-0:3.11.170-1.git.1.7265da1.el7.src",
            "7Server-RH7-RHOSE-3.11:openshift-kuryr-cni-0:3.11.170-1.git.1.7265da1.el7.noarch",
            "7Server-RH7-RHOSE-3.11:openshift-kuryr-common-0:3.11.170-1.git.1.7265da1.el7.noarch",
            "7Server-RH7-RHOSE-3.11:openshift-kuryr-controller-0:3.11.170-1.git.1.7265da1.el7.noarch",
            "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.170-1.git.1.227bc98.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.170-1.git.1.227bc98.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.170-1.git.1.51473b7.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.170-1.git.1.51473b7.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:python2-kuryr-kubernetes-0:3.11.170-1.git.1.7265da1.el7.noarch"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "jquery: Prototype pollution in object\u0027s prototype leading to denial of service, remote code execution, or property injection"
    },
    {
      "cve": "CVE-2020-2099",
      "cwe": {
        "id": "CWE-305",
        "name": "Authentication Bypass by Primary Weakness"
      },
      "discovery_date": "2020-01-29T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1797080"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in Jenkins. Encryption key parameters are improperly reused in the Inbound TCP Agent Protocol/3 allowing unauthorized attackers with knowledge of agent names to obtain the connection secrets for those agents. The highest threat from this vulnerability is to data confidentiality.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "jenkins: Inbound TCP Agent Protocol/3 authentication bypass",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.src",
          "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.170-1.git.1.91db82e.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.170-1.git.1.91db82e.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.src",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.170-1.git.0.00cac56.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.170-1.git.0.00cac56.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.src",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.src",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.170-1.git.0.00cac56.el7.noarch",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.170-1.git.1.55fab05.el7.src",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.170-1.git.1.55fab05.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.170-1.git.0.00cac56.el7.noarch",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.170-1.git.0.00cac56.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.170-1.git.0.00cac56.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.170-1.git.0.00cac56.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.src",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.170-1.git.0.00cac56.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.src",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.170-1.git.0.00cac56.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.170-1.git.0.00cac56.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.src",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.170-1.git.0.00cac56.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.170-1.git.0.00cac56.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.src",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.src",
          "7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.src",
          "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.src",
          "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.170-1.git.1.51473b7.el7.src",
          "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.170-1.git.1.227bc98.el7.src",
          "7Server-RH7-RHOSE-3.11:jenkins-0:2.204.2.1580891656-1.el7.noarch",
          "7Server-RH7-RHOSE-3.11:jenkins-0:2.204.2.1580891656-1.el7.src",
          "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1579107288-1.el7.noarch",
          "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1579107288-1.el7.src",
          "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.170-2.git.5.8802564.el7.noarch",
          "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.170-2.git.5.8802564.el7.src",
          "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.170-2.git.5.8802564.el7.noarch",
          "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.170-2.git.5.8802564.el7.noarch",
          "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.170-2.git.5.8802564.el7.noarch",
          "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.170-2.git.5.8802564.el7.noarch",
          "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.src",
          "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.src",
          "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:openshift-kuryr-0:3.11.170-1.git.1.7265da1.el7.src",
          "7Server-RH7-RHOSE-3.11:openshift-kuryr-cni-0:3.11.170-1.git.1.7265da1.el7.noarch",
          "7Server-RH7-RHOSE-3.11:openshift-kuryr-common-0:3.11.170-1.git.1.7265da1.el7.noarch",
          "7Server-RH7-RHOSE-3.11:openshift-kuryr-controller-0:3.11.170-1.git.1.7265da1.el7.noarch",
          "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.170-1.git.1.227bc98.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.170-1.git.1.227bc98.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.170-1.git.1.51473b7.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.170-1.git.1.51473b7.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:python2-kuryr-kubernetes-0:3.11.170-1.git.1.7265da1.el7.noarch"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2020-2099"
        },
        {
          "category": "external",
          "summary": "RHBZ#1797080",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1797080"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2020-2099",
          "url": "https://www.cve.org/CVERecord?id=CVE-2020-2099"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-2099",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-2099"
        }
      ],
      "release_date": "2020-01-29T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2020-02-19T19:55:22+00:00",
          "details": "Before applying this update, ensure all previously released errata relevant\nto your system is applied.\n\nSee the following documentation, which will be updated shortly for release\n3.11.170, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/3.11/release_notes/ocp_3_11_release_notes.html\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/articles/11258.",
          "product_ids": [
            "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.170-1.git.1.91db82e.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.170-1.git.1.91db82e.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.170-1.git.0.00cac56.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.170-1.git.0.00cac56.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.170-1.git.0.00cac56.el7.noarch",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.170-1.git.1.55fab05.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.170-1.git.1.55fab05.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.170-1.git.0.00cac56.el7.noarch",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.170-1.git.0.00cac56.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.170-1.git.0.00cac56.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.170-1.git.0.00cac56.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.170-1.git.0.00cac56.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.170-1.git.0.00cac56.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.170-1.git.0.00cac56.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.170-1.git.0.00cac56.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.170-1.git.0.00cac56.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.src",
            "7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.src",
            "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.src",
            "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.170-1.git.1.51473b7.el7.src",
            "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.170-1.git.1.227bc98.el7.src",
            "7Server-RH7-RHOSE-3.11:jenkins-0:2.204.2.1580891656-1.el7.noarch",
            "7Server-RH7-RHOSE-3.11:jenkins-0:2.204.2.1580891656-1.el7.src",
            "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1579107288-1.el7.noarch",
            "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1579107288-1.el7.src",
            "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.170-2.git.5.8802564.el7.noarch",
            "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.170-2.git.5.8802564.el7.src",
            "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.170-2.git.5.8802564.el7.noarch",
            "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.170-2.git.5.8802564.el7.noarch",
            "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.170-2.git.5.8802564.el7.noarch",
            "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.170-2.git.5.8802564.el7.noarch",
            "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.src",
            "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.src",
            "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:openshift-kuryr-0:3.11.170-1.git.1.7265da1.el7.src",
            "7Server-RH7-RHOSE-3.11:openshift-kuryr-cni-0:3.11.170-1.git.1.7265da1.el7.noarch",
            "7Server-RH7-RHOSE-3.11:openshift-kuryr-common-0:3.11.170-1.git.1.7265da1.el7.noarch",
            "7Server-RH7-RHOSE-3.11:openshift-kuryr-controller-0:3.11.170-1.git.1.7265da1.el7.noarch",
            "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.170-1.git.1.227bc98.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.170-1.git.1.227bc98.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.170-1.git.1.51473b7.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.170-1.git.1.51473b7.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:python2-kuryr-kubernetes-0:3.11.170-1.git.1.7265da1.el7.noarch"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHBA-2020:0402"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 8.6,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L",
            "version": "3.1"
          },
          "products": [
            "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.170-1.git.1.91db82e.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.170-1.git.1.91db82e.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.170-1.git.0.00cac56.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.170-1.git.0.00cac56.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.170-1.git.0.00cac56.el7.noarch",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.170-1.git.1.55fab05.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.170-1.git.1.55fab05.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.170-1.git.0.00cac56.el7.noarch",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.170-1.git.0.00cac56.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.170-1.git.0.00cac56.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.170-1.git.0.00cac56.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.170-1.git.0.00cac56.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.170-1.git.0.00cac56.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.170-1.git.0.00cac56.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.170-1.git.0.00cac56.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.170-1.git.0.00cac56.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.src",
            "7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.src",
            "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.src",
            "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.170-1.git.1.51473b7.el7.src",
            "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.170-1.git.1.227bc98.el7.src",
            "7Server-RH7-RHOSE-3.11:jenkins-0:2.204.2.1580891656-1.el7.noarch",
            "7Server-RH7-RHOSE-3.11:jenkins-0:2.204.2.1580891656-1.el7.src",
            "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1579107288-1.el7.noarch",
            "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1579107288-1.el7.src",
            "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.170-2.git.5.8802564.el7.noarch",
            "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.170-2.git.5.8802564.el7.src",
            "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.170-2.git.5.8802564.el7.noarch",
            "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.170-2.git.5.8802564.el7.noarch",
            "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.170-2.git.5.8802564.el7.noarch",
            "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.170-2.git.5.8802564.el7.noarch",
            "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.src",
            "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.src",
            "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:openshift-kuryr-0:3.11.170-1.git.1.7265da1.el7.src",
            "7Server-RH7-RHOSE-3.11:openshift-kuryr-cni-0:3.11.170-1.git.1.7265da1.el7.noarch",
            "7Server-RH7-RHOSE-3.11:openshift-kuryr-common-0:3.11.170-1.git.1.7265da1.el7.noarch",
            "7Server-RH7-RHOSE-3.11:openshift-kuryr-controller-0:3.11.170-1.git.1.7265da1.el7.noarch",
            "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.170-1.git.1.227bc98.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.170-1.git.1.227bc98.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.170-1.git.1.51473b7.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.170-1.git.1.51473b7.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:python2-kuryr-kubernetes-0:3.11.170-1.git.1.7265da1.el7.noarch"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "jenkins: Inbound TCP Agent Protocol/3 authentication bypass"
    },
    {
      "cve": "CVE-2020-2100",
      "cwe": {
        "id": "CWE-400",
        "name": "Uncontrolled Resource Consumption"
      },
      "discovery_date": "2020-01-29T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1797087"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "Jenkins 2.218 and earlier, LTS 2.204.1 and earlier was vulnerable to a UDP amplification reflection denial of service attack on port 33848.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "jenkins: UDP multicast/broadcast service amplification reflection attack",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.src",
          "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.170-1.git.1.91db82e.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.170-1.git.1.91db82e.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.src",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.170-1.git.0.00cac56.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.170-1.git.0.00cac56.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.src",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.src",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.170-1.git.0.00cac56.el7.noarch",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.170-1.git.1.55fab05.el7.src",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.170-1.git.1.55fab05.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.170-1.git.0.00cac56.el7.noarch",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.170-1.git.0.00cac56.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.170-1.git.0.00cac56.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.170-1.git.0.00cac56.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.src",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.170-1.git.0.00cac56.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.src",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.170-1.git.0.00cac56.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.170-1.git.0.00cac56.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.src",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.170-1.git.0.00cac56.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.170-1.git.0.00cac56.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.src",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.src",
          "7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.src",
          "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.src",
          "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.170-1.git.1.51473b7.el7.src",
          "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.170-1.git.1.227bc98.el7.src",
          "7Server-RH7-RHOSE-3.11:jenkins-0:2.204.2.1580891656-1.el7.noarch",
          "7Server-RH7-RHOSE-3.11:jenkins-0:2.204.2.1580891656-1.el7.src",
          "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1579107288-1.el7.noarch",
          "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1579107288-1.el7.src",
          "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.170-2.git.5.8802564.el7.noarch",
          "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.170-2.git.5.8802564.el7.src",
          "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.170-2.git.5.8802564.el7.noarch",
          "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.170-2.git.5.8802564.el7.noarch",
          "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.170-2.git.5.8802564.el7.noarch",
          "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.170-2.git.5.8802564.el7.noarch",
          "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.src",
          "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.src",
          "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:openshift-kuryr-0:3.11.170-1.git.1.7265da1.el7.src",
          "7Server-RH7-RHOSE-3.11:openshift-kuryr-cni-0:3.11.170-1.git.1.7265da1.el7.noarch",
          "7Server-RH7-RHOSE-3.11:openshift-kuryr-common-0:3.11.170-1.git.1.7265da1.el7.noarch",
          "7Server-RH7-RHOSE-3.11:openshift-kuryr-controller-0:3.11.170-1.git.1.7265da1.el7.noarch",
          "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.170-1.git.1.227bc98.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.170-1.git.1.227bc98.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.170-1.git.1.51473b7.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.170-1.git.1.51473b7.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:python2-kuryr-kubernetes-0:3.11.170-1.git.1.7265da1.el7.noarch"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2020-2100"
        },
        {
          "category": "external",
          "summary": "RHBZ#1797087",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1797087"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2020-2100",
          "url": "https://www.cve.org/CVERecord?id=CVE-2020-2100"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-2100",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-2100"
        }
      ],
      "release_date": "2020-01-29T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2020-02-19T19:55:22+00:00",
          "details": "Before applying this update, ensure all previously released errata relevant\nto your system is applied.\n\nSee the following documentation, which will be updated shortly for release\n3.11.170, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/3.11/release_notes/ocp_3_11_release_notes.html\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/articles/11258.",
          "product_ids": [
            "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.170-1.git.1.91db82e.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.170-1.git.1.91db82e.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.170-1.git.0.00cac56.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.170-1.git.0.00cac56.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.170-1.git.0.00cac56.el7.noarch",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.170-1.git.1.55fab05.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.170-1.git.1.55fab05.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.170-1.git.0.00cac56.el7.noarch",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.170-1.git.0.00cac56.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.170-1.git.0.00cac56.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.170-1.git.0.00cac56.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.170-1.git.0.00cac56.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.170-1.git.0.00cac56.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.170-1.git.0.00cac56.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.170-1.git.0.00cac56.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.170-1.git.0.00cac56.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.src",
            "7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.src",
            "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.src",
            "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.170-1.git.1.51473b7.el7.src",
            "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.170-1.git.1.227bc98.el7.src",
            "7Server-RH7-RHOSE-3.11:jenkins-0:2.204.2.1580891656-1.el7.noarch",
            "7Server-RH7-RHOSE-3.11:jenkins-0:2.204.2.1580891656-1.el7.src",
            "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1579107288-1.el7.noarch",
            "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1579107288-1.el7.src",
            "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.170-2.git.5.8802564.el7.noarch",
            "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.170-2.git.5.8802564.el7.src",
            "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.170-2.git.5.8802564.el7.noarch",
            "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.170-2.git.5.8802564.el7.noarch",
            "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.170-2.git.5.8802564.el7.noarch",
            "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.170-2.git.5.8802564.el7.noarch",
            "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.src",
            "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.src",
            "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:openshift-kuryr-0:3.11.170-1.git.1.7265da1.el7.src",
            "7Server-RH7-RHOSE-3.11:openshift-kuryr-cni-0:3.11.170-1.git.1.7265da1.el7.noarch",
            "7Server-RH7-RHOSE-3.11:openshift-kuryr-common-0:3.11.170-1.git.1.7265da1.el7.noarch",
            "7Server-RH7-RHOSE-3.11:openshift-kuryr-controller-0:3.11.170-1.git.1.7265da1.el7.noarch",
            "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.170-1.git.1.227bc98.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.170-1.git.1.227bc98.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.170-1.git.1.51473b7.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.170-1.git.1.51473b7.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:python2-kuryr-kubernetes-0:3.11.170-1.git.1.7265da1.el7.noarch"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHBA-2020:0402"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 5.8,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L",
            "version": "3.1"
          },
          "products": [
            "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.170-1.git.1.91db82e.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.170-1.git.1.91db82e.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.170-1.git.0.00cac56.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.170-1.git.0.00cac56.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.170-1.git.0.00cac56.el7.noarch",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.170-1.git.1.55fab05.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.170-1.git.1.55fab05.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.170-1.git.0.00cac56.el7.noarch",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.170-1.git.0.00cac56.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.170-1.git.0.00cac56.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.170-1.git.0.00cac56.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.170-1.git.0.00cac56.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.170-1.git.0.00cac56.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.170-1.git.0.00cac56.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.170-1.git.0.00cac56.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.170-1.git.0.00cac56.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.src",
            "7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.src",
            "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.src",
            "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.170-1.git.1.51473b7.el7.src",
            "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.170-1.git.1.227bc98.el7.src",
            "7Server-RH7-RHOSE-3.11:jenkins-0:2.204.2.1580891656-1.el7.noarch",
            "7Server-RH7-RHOSE-3.11:jenkins-0:2.204.2.1580891656-1.el7.src",
            "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1579107288-1.el7.noarch",
            "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1579107288-1.el7.src",
            "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.170-2.git.5.8802564.el7.noarch",
            "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.170-2.git.5.8802564.el7.src",
            "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.170-2.git.5.8802564.el7.noarch",
            "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.170-2.git.5.8802564.el7.noarch",
            "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.170-2.git.5.8802564.el7.noarch",
            "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.170-2.git.5.8802564.el7.noarch",
            "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.src",
            "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.src",
            "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:openshift-kuryr-0:3.11.170-1.git.1.7265da1.el7.src",
            "7Server-RH7-RHOSE-3.11:openshift-kuryr-cni-0:3.11.170-1.git.1.7265da1.el7.noarch",
            "7Server-RH7-RHOSE-3.11:openshift-kuryr-common-0:3.11.170-1.git.1.7265da1.el7.noarch",
            "7Server-RH7-RHOSE-3.11:openshift-kuryr-controller-0:3.11.170-1.git.1.7265da1.el7.noarch",
            "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.170-1.git.1.227bc98.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.170-1.git.1.227bc98.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.170-1.git.1.51473b7.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.170-1.git.1.51473b7.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:python2-kuryr-kubernetes-0:3.11.170-1.git.1.7265da1.el7.noarch"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "jenkins: UDP multicast/broadcast service amplification reflection attack"
    },
    {
      "cve": "CVE-2020-2101",
      "cwe": {
        "id": "CWE-385",
        "name": "Covert Timing Channel"
      },
      "discovery_date": "2020-01-29T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1797084"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "Jenkins 2.218 and earlier, LTS 2.204.1 and earlier did not use a constant-time comparison function for validating connection secrets, which could potentially allow an attacker to use a timing attack to obtain this secret.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "jenkins: Non-constant time comparison of inbound TCP agent connection secret",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.src",
          "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.170-1.git.1.91db82e.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.170-1.git.1.91db82e.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.src",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.170-1.git.0.00cac56.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.170-1.git.0.00cac56.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.src",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.src",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.170-1.git.0.00cac56.el7.noarch",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.170-1.git.1.55fab05.el7.src",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.170-1.git.1.55fab05.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.170-1.git.0.00cac56.el7.noarch",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.170-1.git.0.00cac56.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.170-1.git.0.00cac56.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.170-1.git.0.00cac56.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.src",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.170-1.git.0.00cac56.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.src",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.170-1.git.0.00cac56.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.170-1.git.0.00cac56.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.src",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.170-1.git.0.00cac56.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.170-1.git.0.00cac56.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.src",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.src",
          "7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.src",
          "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.src",
          "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.170-1.git.1.51473b7.el7.src",
          "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.170-1.git.1.227bc98.el7.src",
          "7Server-RH7-RHOSE-3.11:jenkins-0:2.204.2.1580891656-1.el7.noarch",
          "7Server-RH7-RHOSE-3.11:jenkins-0:2.204.2.1580891656-1.el7.src",
          "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1579107288-1.el7.noarch",
          "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1579107288-1.el7.src",
          "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.170-2.git.5.8802564.el7.noarch",
          "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.170-2.git.5.8802564.el7.src",
          "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.170-2.git.5.8802564.el7.noarch",
          "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.170-2.git.5.8802564.el7.noarch",
          "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.170-2.git.5.8802564.el7.noarch",
          "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.170-2.git.5.8802564.el7.noarch",
          "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.src",
          "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.src",
          "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:openshift-kuryr-0:3.11.170-1.git.1.7265da1.el7.src",
          "7Server-RH7-RHOSE-3.11:openshift-kuryr-cni-0:3.11.170-1.git.1.7265da1.el7.noarch",
          "7Server-RH7-RHOSE-3.11:openshift-kuryr-common-0:3.11.170-1.git.1.7265da1.el7.noarch",
          "7Server-RH7-RHOSE-3.11:openshift-kuryr-controller-0:3.11.170-1.git.1.7265da1.el7.noarch",
          "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.170-1.git.1.227bc98.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.170-1.git.1.227bc98.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.170-1.git.1.51473b7.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.170-1.git.1.51473b7.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:python2-kuryr-kubernetes-0:3.11.170-1.git.1.7265da1.el7.noarch"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2020-2101"
        },
        {
          "category": "external",
          "summary": "RHBZ#1797084",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1797084"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2020-2101",
          "url": "https://www.cve.org/CVERecord?id=CVE-2020-2101"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-2101",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-2101"
        }
      ],
      "release_date": "2020-01-29T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2020-02-19T19:55:22+00:00",
          "details": "Before applying this update, ensure all previously released errata relevant\nto your system is applied.\n\nSee the following documentation, which will be updated shortly for release\n3.11.170, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/3.11/release_notes/ocp_3_11_release_notes.html\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/articles/11258.",
          "product_ids": [
            "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.170-1.git.1.91db82e.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.170-1.git.1.91db82e.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.170-1.git.0.00cac56.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.170-1.git.0.00cac56.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.170-1.git.0.00cac56.el7.noarch",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.170-1.git.1.55fab05.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.170-1.git.1.55fab05.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.170-1.git.0.00cac56.el7.noarch",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.170-1.git.0.00cac56.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.170-1.git.0.00cac56.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.170-1.git.0.00cac56.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.170-1.git.0.00cac56.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.170-1.git.0.00cac56.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.170-1.git.0.00cac56.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.170-1.git.0.00cac56.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.170-1.git.0.00cac56.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.src",
            "7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.src",
            "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.src",
            "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.170-1.git.1.51473b7.el7.src",
            "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.170-1.git.1.227bc98.el7.src",
            "7Server-RH7-RHOSE-3.11:jenkins-0:2.204.2.1580891656-1.el7.noarch",
            "7Server-RH7-RHOSE-3.11:jenkins-0:2.204.2.1580891656-1.el7.src",
            "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1579107288-1.el7.noarch",
            "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1579107288-1.el7.src",
            "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.170-2.git.5.8802564.el7.noarch",
            "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.170-2.git.5.8802564.el7.src",
            "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.170-2.git.5.8802564.el7.noarch",
            "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.170-2.git.5.8802564.el7.noarch",
            "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.170-2.git.5.8802564.el7.noarch",
            "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.170-2.git.5.8802564.el7.noarch",
            "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.src",
            "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.src",
            "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:openshift-kuryr-0:3.11.170-1.git.1.7265da1.el7.src",
            "7Server-RH7-RHOSE-3.11:openshift-kuryr-cni-0:3.11.170-1.git.1.7265da1.el7.noarch",
            "7Server-RH7-RHOSE-3.11:openshift-kuryr-common-0:3.11.170-1.git.1.7265da1.el7.noarch",
            "7Server-RH7-RHOSE-3.11:openshift-kuryr-controller-0:3.11.170-1.git.1.7265da1.el7.noarch",
            "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.170-1.git.1.227bc98.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.170-1.git.1.227bc98.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.170-1.git.1.51473b7.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.170-1.git.1.51473b7.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:python2-kuryr-kubernetes-0:3.11.170-1.git.1.7265da1.el7.noarch"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHBA-2020:0402"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.170-1.git.1.91db82e.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.170-1.git.1.91db82e.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.170-1.git.0.00cac56.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.170-1.git.0.00cac56.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.170-1.git.0.00cac56.el7.noarch",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.170-1.git.1.55fab05.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.170-1.git.1.55fab05.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.170-1.git.0.00cac56.el7.noarch",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.170-1.git.0.00cac56.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.170-1.git.0.00cac56.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.170-1.git.0.00cac56.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.170-1.git.0.00cac56.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.170-1.git.0.00cac56.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.170-1.git.0.00cac56.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.170-1.git.0.00cac56.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.170-1.git.0.00cac56.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.src",
            "7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.src",
            "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.src",
            "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.170-1.git.1.51473b7.el7.src",
            "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.170-1.git.1.227bc98.el7.src",
            "7Server-RH7-RHOSE-3.11:jenkins-0:2.204.2.1580891656-1.el7.noarch",
            "7Server-RH7-RHOSE-3.11:jenkins-0:2.204.2.1580891656-1.el7.src",
            "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1579107288-1.el7.noarch",
            "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1579107288-1.el7.src",
            "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.170-2.git.5.8802564.el7.noarch",
            "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.170-2.git.5.8802564.el7.src",
            "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.170-2.git.5.8802564.el7.noarch",
            "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.170-2.git.5.8802564.el7.noarch",
            "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.170-2.git.5.8802564.el7.noarch",
            "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.170-2.git.5.8802564.el7.noarch",
            "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.src",
            "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.src",
            "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:openshift-kuryr-0:3.11.170-1.git.1.7265da1.el7.src",
            "7Server-RH7-RHOSE-3.11:openshift-kuryr-cni-0:3.11.170-1.git.1.7265da1.el7.noarch",
            "7Server-RH7-RHOSE-3.11:openshift-kuryr-common-0:3.11.170-1.git.1.7265da1.el7.noarch",
            "7Server-RH7-RHOSE-3.11:openshift-kuryr-controller-0:3.11.170-1.git.1.7265da1.el7.noarch",
            "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.170-1.git.1.227bc98.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.170-1.git.1.227bc98.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.170-1.git.1.51473b7.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.170-1.git.1.51473b7.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:python2-kuryr-kubernetes-0:3.11.170-1.git.1.7265da1.el7.noarch"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "jenkins: Non-constant time comparison of inbound TCP agent connection secret"
    },
    {
      "cve": "CVE-2020-2102",
      "cwe": {
        "id": "CWE-385",
        "name": "Covert Timing Channel"
      },
      "discovery_date": "2020-01-29T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1797071"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "Jenkins 2.218 and earlier, LTS 2.204.1 and earlier used a non-constant time comparison function when validating an HMAC.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "jenkins: Non-constant time HMAC comparison",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.src",
          "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.170-1.git.1.91db82e.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.170-1.git.1.91db82e.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.src",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.170-1.git.0.00cac56.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.170-1.git.0.00cac56.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.src",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.src",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.170-1.git.0.00cac56.el7.noarch",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.170-1.git.1.55fab05.el7.src",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.170-1.git.1.55fab05.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.170-1.git.0.00cac56.el7.noarch",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.170-1.git.0.00cac56.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.170-1.git.0.00cac56.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.170-1.git.0.00cac56.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.src",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.170-1.git.0.00cac56.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.src",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.170-1.git.0.00cac56.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.170-1.git.0.00cac56.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.src",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.170-1.git.0.00cac56.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.170-1.git.0.00cac56.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.src",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.src",
          "7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.src",
          "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.src",
          "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.170-1.git.1.51473b7.el7.src",
          "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.170-1.git.1.227bc98.el7.src",
          "7Server-RH7-RHOSE-3.11:jenkins-0:2.204.2.1580891656-1.el7.noarch",
          "7Server-RH7-RHOSE-3.11:jenkins-0:2.204.2.1580891656-1.el7.src",
          "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1579107288-1.el7.noarch",
          "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1579107288-1.el7.src",
          "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.170-2.git.5.8802564.el7.noarch",
          "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.170-2.git.5.8802564.el7.src",
          "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.170-2.git.5.8802564.el7.noarch",
          "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.170-2.git.5.8802564.el7.noarch",
          "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.170-2.git.5.8802564.el7.noarch",
          "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.170-2.git.5.8802564.el7.noarch",
          "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.src",
          "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.src",
          "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:openshift-kuryr-0:3.11.170-1.git.1.7265da1.el7.src",
          "7Server-RH7-RHOSE-3.11:openshift-kuryr-cni-0:3.11.170-1.git.1.7265da1.el7.noarch",
          "7Server-RH7-RHOSE-3.11:openshift-kuryr-common-0:3.11.170-1.git.1.7265da1.el7.noarch",
          "7Server-RH7-RHOSE-3.11:openshift-kuryr-controller-0:3.11.170-1.git.1.7265da1.el7.noarch",
          "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.170-1.git.1.227bc98.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.170-1.git.1.227bc98.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.170-1.git.1.51473b7.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.170-1.git.1.51473b7.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:python2-kuryr-kubernetes-0:3.11.170-1.git.1.7265da1.el7.noarch"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2020-2102"
        },
        {
          "category": "external",
          "summary": "RHBZ#1797071",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1797071"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2020-2102",
          "url": "https://www.cve.org/CVERecord?id=CVE-2020-2102"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-2102",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-2102"
        }
      ],
      "release_date": "2020-01-29T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2020-02-19T19:55:22+00:00",
          "details": "Before applying this update, ensure all previously released errata relevant\nto your system is applied.\n\nSee the following documentation, which will be updated shortly for release\n3.11.170, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/3.11/release_notes/ocp_3_11_release_notes.html\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/articles/11258.",
          "product_ids": [
            "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.170-1.git.1.91db82e.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.170-1.git.1.91db82e.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.170-1.git.0.00cac56.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.170-1.git.0.00cac56.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.170-1.git.0.00cac56.el7.noarch",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.170-1.git.1.55fab05.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.170-1.git.1.55fab05.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.170-1.git.0.00cac56.el7.noarch",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.170-1.git.0.00cac56.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.170-1.git.0.00cac56.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.170-1.git.0.00cac56.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.170-1.git.0.00cac56.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.170-1.git.0.00cac56.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.170-1.git.0.00cac56.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.170-1.git.0.00cac56.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.170-1.git.0.00cac56.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.src",
            "7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.src",
            "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.src",
            "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.170-1.git.1.51473b7.el7.src",
            "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.170-1.git.1.227bc98.el7.src",
            "7Server-RH7-RHOSE-3.11:jenkins-0:2.204.2.1580891656-1.el7.noarch",
            "7Server-RH7-RHOSE-3.11:jenkins-0:2.204.2.1580891656-1.el7.src",
            "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1579107288-1.el7.noarch",
            "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1579107288-1.el7.src",
            "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.170-2.git.5.8802564.el7.noarch",
            "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.170-2.git.5.8802564.el7.src",
            "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.170-2.git.5.8802564.el7.noarch",
            "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.170-2.git.5.8802564.el7.noarch",
            "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.170-2.git.5.8802564.el7.noarch",
            "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.170-2.git.5.8802564.el7.noarch",
            "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.src",
            "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.src",
            "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:openshift-kuryr-0:3.11.170-1.git.1.7265da1.el7.src",
            "7Server-RH7-RHOSE-3.11:openshift-kuryr-cni-0:3.11.170-1.git.1.7265da1.el7.noarch",
            "7Server-RH7-RHOSE-3.11:openshift-kuryr-common-0:3.11.170-1.git.1.7265da1.el7.noarch",
            "7Server-RH7-RHOSE-3.11:openshift-kuryr-controller-0:3.11.170-1.git.1.7265da1.el7.noarch",
            "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.170-1.git.1.227bc98.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.170-1.git.1.227bc98.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.170-1.git.1.51473b7.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.170-1.git.1.51473b7.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:python2-kuryr-kubernetes-0:3.11.170-1.git.1.7265da1.el7.noarch"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHBA-2020:0402"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.170-1.git.1.91db82e.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.170-1.git.1.91db82e.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.170-1.git.0.00cac56.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.170-1.git.0.00cac56.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.170-1.git.0.00cac56.el7.noarch",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.170-1.git.1.55fab05.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.170-1.git.1.55fab05.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.170-1.git.0.00cac56.el7.noarch",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.170-1.git.0.00cac56.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.170-1.git.0.00cac56.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.170-1.git.0.00cac56.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.170-1.git.0.00cac56.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.170-1.git.0.00cac56.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.170-1.git.0.00cac56.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.170-1.git.0.00cac56.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.170-1.git.0.00cac56.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.src",
            "7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.src",
            "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.src",
            "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.170-1.git.1.51473b7.el7.src",
            "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.170-1.git.1.227bc98.el7.src",
            "7Server-RH7-RHOSE-3.11:jenkins-0:2.204.2.1580891656-1.el7.noarch",
            "7Server-RH7-RHOSE-3.11:jenkins-0:2.204.2.1580891656-1.el7.src",
            "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1579107288-1.el7.noarch",
            "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1579107288-1.el7.src",
            "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.170-2.git.5.8802564.el7.noarch",
            "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.170-2.git.5.8802564.el7.src",
            "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.170-2.git.5.8802564.el7.noarch",
            "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.170-2.git.5.8802564.el7.noarch",
            "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.170-2.git.5.8802564.el7.noarch",
            "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.170-2.git.5.8802564.el7.noarch",
            "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.src",
            "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.src",
            "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:openshift-kuryr-0:3.11.170-1.git.1.7265da1.el7.src",
            "7Server-RH7-RHOSE-3.11:openshift-kuryr-cni-0:3.11.170-1.git.1.7265da1.el7.noarch",
            "7Server-RH7-RHOSE-3.11:openshift-kuryr-common-0:3.11.170-1.git.1.7265da1.el7.noarch",
            "7Server-RH7-RHOSE-3.11:openshift-kuryr-controller-0:3.11.170-1.git.1.7265da1.el7.noarch",
            "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.170-1.git.1.227bc98.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.170-1.git.1.227bc98.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.170-1.git.1.51473b7.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.170-1.git.1.51473b7.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:python2-kuryr-kubernetes-0:3.11.170-1.git.1.7265da1.el7.noarch"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "jenkins: Non-constant time HMAC comparison"
    },
    {
      "cve": "CVE-2020-2103",
      "cwe": {
        "id": "CWE-200",
        "name": "Exposure of Sensitive Information to an Unauthorized Actor"
      },
      "discovery_date": "2020-01-29T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1797062"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "Jenkins 2.218 and earlier, LTS 2.204.1 and earlier exposed session identifiers on a user\u0027s detail object in the whoAmI diagnostic page.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "jenkins: Exposed session identifiers on user detail object in the whoAmI diagnostic page",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.src",
          "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.170-1.git.1.91db82e.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.170-1.git.1.91db82e.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.src",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.170-1.git.0.00cac56.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.170-1.git.0.00cac56.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.src",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.src",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.170-1.git.0.00cac56.el7.noarch",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.170-1.git.1.55fab05.el7.src",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.170-1.git.1.55fab05.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.170-1.git.0.00cac56.el7.noarch",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.170-1.git.0.00cac56.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.170-1.git.0.00cac56.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.170-1.git.0.00cac56.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.src",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.170-1.git.0.00cac56.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.src",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.170-1.git.0.00cac56.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.170-1.git.0.00cac56.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.src",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.170-1.git.0.00cac56.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.170-1.git.0.00cac56.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.src",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.src",
          "7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.src",
          "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.src",
          "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.170-1.git.1.51473b7.el7.src",
          "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.170-1.git.1.227bc98.el7.src",
          "7Server-RH7-RHOSE-3.11:jenkins-0:2.204.2.1580891656-1.el7.noarch",
          "7Server-RH7-RHOSE-3.11:jenkins-0:2.204.2.1580891656-1.el7.src",
          "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1579107288-1.el7.noarch",
          "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1579107288-1.el7.src",
          "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.170-2.git.5.8802564.el7.noarch",
          "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.170-2.git.5.8802564.el7.src",
          "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.170-2.git.5.8802564.el7.noarch",
          "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.170-2.git.5.8802564.el7.noarch",
          "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.170-2.git.5.8802564.el7.noarch",
          "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.170-2.git.5.8802564.el7.noarch",
          "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.src",
          "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.src",
          "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:openshift-kuryr-0:3.11.170-1.git.1.7265da1.el7.src",
          "7Server-RH7-RHOSE-3.11:openshift-kuryr-cni-0:3.11.170-1.git.1.7265da1.el7.noarch",
          "7Server-RH7-RHOSE-3.11:openshift-kuryr-common-0:3.11.170-1.git.1.7265da1.el7.noarch",
          "7Server-RH7-RHOSE-3.11:openshift-kuryr-controller-0:3.11.170-1.git.1.7265da1.el7.noarch",
          "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.170-1.git.1.227bc98.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.170-1.git.1.227bc98.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.170-1.git.1.51473b7.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.170-1.git.1.51473b7.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:python2-kuryr-kubernetes-0:3.11.170-1.git.1.7265da1.el7.noarch"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2020-2103"
        },
        {
          "category": "external",
          "summary": "RHBZ#1797062",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1797062"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2020-2103",
          "url": "https://www.cve.org/CVERecord?id=CVE-2020-2103"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-2103",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-2103"
        }
      ],
      "release_date": "2020-01-29T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2020-02-19T19:55:22+00:00",
          "details": "Before applying this update, ensure all previously released errata relevant\nto your system is applied.\n\nSee the following documentation, which will be updated shortly for release\n3.11.170, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/3.11/release_notes/ocp_3_11_release_notes.html\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/articles/11258.",
          "product_ids": [
            "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.170-1.git.1.91db82e.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.170-1.git.1.91db82e.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.170-1.git.0.00cac56.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.170-1.git.0.00cac56.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.170-1.git.0.00cac56.el7.noarch",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.170-1.git.1.55fab05.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.170-1.git.1.55fab05.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.170-1.git.0.00cac56.el7.noarch",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.170-1.git.0.00cac56.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.170-1.git.0.00cac56.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.170-1.git.0.00cac56.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.170-1.git.0.00cac56.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.170-1.git.0.00cac56.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.170-1.git.0.00cac56.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.170-1.git.0.00cac56.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.170-1.git.0.00cac56.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.src",
            "7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.src",
            "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.src",
            "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.170-1.git.1.51473b7.el7.src",
            "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.170-1.git.1.227bc98.el7.src",
            "7Server-RH7-RHOSE-3.11:jenkins-0:2.204.2.1580891656-1.el7.noarch",
            "7Server-RH7-RHOSE-3.11:jenkins-0:2.204.2.1580891656-1.el7.src",
            "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1579107288-1.el7.noarch",
            "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1579107288-1.el7.src",
            "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.170-2.git.5.8802564.el7.noarch",
            "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.170-2.git.5.8802564.el7.src",
            "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.170-2.git.5.8802564.el7.noarch",
            "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.170-2.git.5.8802564.el7.noarch",
            "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.170-2.git.5.8802564.el7.noarch",
            "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.170-2.git.5.8802564.el7.noarch",
            "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.src",
            "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.src",
            "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:openshift-kuryr-0:3.11.170-1.git.1.7265da1.el7.src",
            "7Server-RH7-RHOSE-3.11:openshift-kuryr-cni-0:3.11.170-1.git.1.7265da1.el7.noarch",
            "7Server-RH7-RHOSE-3.11:openshift-kuryr-common-0:3.11.170-1.git.1.7265da1.el7.noarch",
            "7Server-RH7-RHOSE-3.11:openshift-kuryr-controller-0:3.11.170-1.git.1.7265da1.el7.noarch",
            "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.170-1.git.1.227bc98.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.170-1.git.1.227bc98.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.170-1.git.1.51473b7.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.170-1.git.1.51473b7.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:python2-kuryr-kubernetes-0:3.11.170-1.git.1.7265da1.el7.noarch"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHBA-2020:0402"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 4.4,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "LOW",
            "scope": "CHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.170-1.git.1.91db82e.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.170-1.git.1.91db82e.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.170-1.git.0.00cac56.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.170-1.git.0.00cac56.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.170-1.git.0.00cac56.el7.noarch",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.170-1.git.1.55fab05.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.170-1.git.1.55fab05.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.170-1.git.0.00cac56.el7.noarch",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.170-1.git.0.00cac56.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.170-1.git.0.00cac56.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.170-1.git.0.00cac56.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.170-1.git.0.00cac56.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.170-1.git.0.00cac56.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.170-1.git.0.00cac56.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.170-1.git.0.00cac56.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.170-1.git.0.00cac56.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.src",
            "7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.src",
            "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.src",
            "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.170-1.git.1.51473b7.el7.src",
            "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.170-1.git.1.227bc98.el7.src",
            "7Server-RH7-RHOSE-3.11:jenkins-0:2.204.2.1580891656-1.el7.noarch",
            "7Server-RH7-RHOSE-3.11:jenkins-0:2.204.2.1580891656-1.el7.src",
            "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1579107288-1.el7.noarch",
            "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1579107288-1.el7.src",
            "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.170-2.git.5.8802564.el7.noarch",
            "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.170-2.git.5.8802564.el7.src",
            "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.170-2.git.5.8802564.el7.noarch",
            "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.170-2.git.5.8802564.el7.noarch",
            "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.170-2.git.5.8802564.el7.noarch",
            "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.170-2.git.5.8802564.el7.noarch",
            "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.src",
            "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.src",
            "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:openshift-kuryr-0:3.11.170-1.git.1.7265da1.el7.src",
            "7Server-RH7-RHOSE-3.11:openshift-kuryr-cni-0:3.11.170-1.git.1.7265da1.el7.noarch",
            "7Server-RH7-RHOSE-3.11:openshift-kuryr-common-0:3.11.170-1.git.1.7265da1.el7.noarch",
            "7Server-RH7-RHOSE-3.11:openshift-kuryr-controller-0:3.11.170-1.git.1.7265da1.el7.noarch",
            "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.170-1.git.1.227bc98.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.170-1.git.1.227bc98.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.170-1.git.1.51473b7.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.170-1.git.1.51473b7.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:python2-kuryr-kubernetes-0:3.11.170-1.git.1.7265da1.el7.noarch"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "jenkins: Exposed session identifiers on user detail object in the whoAmI diagnostic page"
    },
    {
      "cve": "CVE-2020-2104",
      "cwe": {
        "id": "CWE-200",
        "name": "Exposure of Sensitive Information to an Unauthorized Actor"
      },
      "discovery_date": "2020-01-29T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1797065"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "Jenkins 2.218 and earlier, LTS 2.204.1 and earlier allowed users with Overall/Read access to view a JVM memory usage chart.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "jenkins: Memory usage graphs accessible to anyone with Overall/Read",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.src",
          "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.170-1.git.1.91db82e.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.170-1.git.1.91db82e.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.src",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.170-1.git.0.00cac56.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.170-1.git.0.00cac56.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.src",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.src",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.170-1.git.0.00cac56.el7.noarch",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.170-1.git.1.55fab05.el7.src",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.170-1.git.1.55fab05.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.170-1.git.0.00cac56.el7.noarch",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.170-1.git.0.00cac56.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.170-1.git.0.00cac56.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.170-1.git.0.00cac56.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.src",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.170-1.git.0.00cac56.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.src",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.170-1.git.0.00cac56.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.170-1.git.0.00cac56.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.src",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.170-1.git.0.00cac56.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.170-1.git.0.00cac56.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.src",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.src",
          "7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.src",
          "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.src",
          "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.170-1.git.1.51473b7.el7.src",
          "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.170-1.git.1.227bc98.el7.src",
          "7Server-RH7-RHOSE-3.11:jenkins-0:2.204.2.1580891656-1.el7.noarch",
          "7Server-RH7-RHOSE-3.11:jenkins-0:2.204.2.1580891656-1.el7.src",
          "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1579107288-1.el7.noarch",
          "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1579107288-1.el7.src",
          "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.170-2.git.5.8802564.el7.noarch",
          "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.170-2.git.5.8802564.el7.src",
          "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.170-2.git.5.8802564.el7.noarch",
          "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.170-2.git.5.8802564.el7.noarch",
          "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.170-2.git.5.8802564.el7.noarch",
          "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.170-2.git.5.8802564.el7.noarch",
          "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.src",
          "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.src",
          "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:openshift-kuryr-0:3.11.170-1.git.1.7265da1.el7.src",
          "7Server-RH7-RHOSE-3.11:openshift-kuryr-cni-0:3.11.170-1.git.1.7265da1.el7.noarch",
          "7Server-RH7-RHOSE-3.11:openshift-kuryr-common-0:3.11.170-1.git.1.7265da1.el7.noarch",
          "7Server-RH7-RHOSE-3.11:openshift-kuryr-controller-0:3.11.170-1.git.1.7265da1.el7.noarch",
          "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.170-1.git.1.227bc98.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.170-1.git.1.227bc98.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.170-1.git.1.51473b7.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.170-1.git.1.51473b7.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:python2-kuryr-kubernetes-0:3.11.170-1.git.1.7265da1.el7.noarch"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2020-2104"
        },
        {
          "category": "external",
          "summary": "RHBZ#1797065",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1797065"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2020-2104",
          "url": "https://www.cve.org/CVERecord?id=CVE-2020-2104"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-2104",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-2104"
        }
      ],
      "release_date": "2020-01-29T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2020-02-19T19:55:22+00:00",
          "details": "Before applying this update, ensure all previously released errata relevant\nto your system is applied.\n\nSee the following documentation, which will be updated shortly for release\n3.11.170, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/3.11/release_notes/ocp_3_11_release_notes.html\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/articles/11258.",
          "product_ids": [
            "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.170-1.git.1.91db82e.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.170-1.git.1.91db82e.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.170-1.git.0.00cac56.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.170-1.git.0.00cac56.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.170-1.git.0.00cac56.el7.noarch",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.170-1.git.1.55fab05.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.170-1.git.1.55fab05.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.170-1.git.0.00cac56.el7.noarch",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.170-1.git.0.00cac56.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.170-1.git.0.00cac56.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.170-1.git.0.00cac56.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.170-1.git.0.00cac56.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.170-1.git.0.00cac56.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.170-1.git.0.00cac56.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.170-1.git.0.00cac56.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.170-1.git.0.00cac56.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.src",
            "7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.src",
            "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.src",
            "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.170-1.git.1.51473b7.el7.src",
            "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.170-1.git.1.227bc98.el7.src",
            "7Server-RH7-RHOSE-3.11:jenkins-0:2.204.2.1580891656-1.el7.noarch",
            "7Server-RH7-RHOSE-3.11:jenkins-0:2.204.2.1580891656-1.el7.src",
            "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1579107288-1.el7.noarch",
            "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1579107288-1.el7.src",
            "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.170-2.git.5.8802564.el7.noarch",
            "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.170-2.git.5.8802564.el7.src",
            "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.170-2.git.5.8802564.el7.noarch",
            "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.170-2.git.5.8802564.el7.noarch",
            "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.170-2.git.5.8802564.el7.noarch",
            "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.170-2.git.5.8802564.el7.noarch",
            "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.src",
            "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.src",
            "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:openshift-kuryr-0:3.11.170-1.git.1.7265da1.el7.src",
            "7Server-RH7-RHOSE-3.11:openshift-kuryr-cni-0:3.11.170-1.git.1.7265da1.el7.noarch",
            "7Server-RH7-RHOSE-3.11:openshift-kuryr-common-0:3.11.170-1.git.1.7265da1.el7.noarch",
            "7Server-RH7-RHOSE-3.11:openshift-kuryr-controller-0:3.11.170-1.git.1.7265da1.el7.noarch",
            "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.170-1.git.1.227bc98.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.170-1.git.1.227bc98.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.170-1.git.1.51473b7.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.170-1.git.1.51473b7.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:python2-kuryr-kubernetes-0:3.11.170-1.git.1.7265da1.el7.noarch"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHBA-2020:0402"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 4.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.170-1.git.1.91db82e.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.170-1.git.1.91db82e.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.170-1.git.0.00cac56.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.170-1.git.0.00cac56.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.170-1.git.0.00cac56.el7.noarch",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.170-1.git.1.55fab05.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.170-1.git.1.55fab05.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.170-1.git.0.00cac56.el7.noarch",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.170-1.git.0.00cac56.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.170-1.git.0.00cac56.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.170-1.git.0.00cac56.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.170-1.git.0.00cac56.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.170-1.git.0.00cac56.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.170-1.git.0.00cac56.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.170-1.git.0.00cac56.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.170-1.git.0.00cac56.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.src",
            "7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.src",
            "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.src",
            "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.170-1.git.1.51473b7.el7.src",
            "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.170-1.git.1.227bc98.el7.src",
            "7Server-RH7-RHOSE-3.11:jenkins-0:2.204.2.1580891656-1.el7.noarch",
            "7Server-RH7-RHOSE-3.11:jenkins-0:2.204.2.1580891656-1.el7.src",
            "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1579107288-1.el7.noarch",
            "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1579107288-1.el7.src",
            "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.170-2.git.5.8802564.el7.noarch",
            "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.170-2.git.5.8802564.el7.src",
            "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.170-2.git.5.8802564.el7.noarch",
            "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.170-2.git.5.8802564.el7.noarch",
            "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.170-2.git.5.8802564.el7.noarch",
            "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.170-2.git.5.8802564.el7.noarch",
            "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.src",
            "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.src",
            "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:openshift-kuryr-0:3.11.170-1.git.1.7265da1.el7.src",
            "7Server-RH7-RHOSE-3.11:openshift-kuryr-cni-0:3.11.170-1.git.1.7265da1.el7.noarch",
            "7Server-RH7-RHOSE-3.11:openshift-kuryr-common-0:3.11.170-1.git.1.7265da1.el7.noarch",
            "7Server-RH7-RHOSE-3.11:openshift-kuryr-controller-0:3.11.170-1.git.1.7265da1.el7.noarch",
            "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.170-1.git.1.227bc98.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.170-1.git.1.227bc98.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.170-1.git.1.51473b7.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.170-1.git.1.51473b7.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:python2-kuryr-kubernetes-0:3.11.170-1.git.1.7265da1.el7.noarch"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Low"
        }
      ],
      "title": "jenkins: Memory usage graphs accessible to anyone with Overall/Read"
    },
    {
      "cve": "CVE-2020-2105",
      "cwe": {
        "id": "CWE-1021",
        "name": "Improper Restriction of Rendered UI Layers or Frames"
      },
      "discovery_date": "2020-01-29T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1797068"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "REST API endpoints in Jenkins 2.218 and earlier, LTS 2.204.1 and earlier were vulnerable to clickjacking attacks.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "jenkins: REST APIs vulnerable to clickjacking",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.src",
          "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.170-1.git.1.91db82e.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.170-1.git.1.91db82e.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.src",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.170-1.git.0.00cac56.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.170-1.git.0.00cac56.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.src",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.src",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.170-1.git.0.00cac56.el7.noarch",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.170-1.git.1.55fab05.el7.src",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.170-1.git.1.55fab05.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.170-1.git.0.00cac56.el7.noarch",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.170-1.git.0.00cac56.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.170-1.git.0.00cac56.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.170-1.git.0.00cac56.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.src",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.170-1.git.0.00cac56.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.src",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.170-1.git.0.00cac56.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.170-1.git.0.00cac56.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.src",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.170-1.git.0.00cac56.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.170-1.git.0.00cac56.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.src",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.src",
          "7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.src",
          "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.src",
          "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.170-1.git.1.51473b7.el7.src",
          "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.170-1.git.1.227bc98.el7.src",
          "7Server-RH7-RHOSE-3.11:jenkins-0:2.204.2.1580891656-1.el7.noarch",
          "7Server-RH7-RHOSE-3.11:jenkins-0:2.204.2.1580891656-1.el7.src",
          "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1579107288-1.el7.noarch",
          "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1579107288-1.el7.src",
          "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.170-2.git.5.8802564.el7.noarch",
          "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.170-2.git.5.8802564.el7.src",
          "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.170-2.git.5.8802564.el7.noarch",
          "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.170-2.git.5.8802564.el7.noarch",
          "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.170-2.git.5.8802564.el7.noarch",
          "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.170-2.git.5.8802564.el7.noarch",
          "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.src",
          "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.src",
          "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:openshift-kuryr-0:3.11.170-1.git.1.7265da1.el7.src",
          "7Server-RH7-RHOSE-3.11:openshift-kuryr-cni-0:3.11.170-1.git.1.7265da1.el7.noarch",
          "7Server-RH7-RHOSE-3.11:openshift-kuryr-common-0:3.11.170-1.git.1.7265da1.el7.noarch",
          "7Server-RH7-RHOSE-3.11:openshift-kuryr-controller-0:3.11.170-1.git.1.7265da1.el7.noarch",
          "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.170-1.git.1.227bc98.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.170-1.git.1.227bc98.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.170-1.git.1.51473b7.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.170-1.git.1.51473b7.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:python2-kuryr-kubernetes-0:3.11.170-1.git.1.7265da1.el7.noarch"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2020-2105"
        },
        {
          "category": "external",
          "summary": "RHBZ#1797068",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1797068"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2020-2105",
          "url": "https://www.cve.org/CVERecord?id=CVE-2020-2105"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-2105",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-2105"
        }
      ],
      "release_date": "2020-01-29T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2020-02-19T19:55:22+00:00",
          "details": "Before applying this update, ensure all previously released errata relevant\nto your system is applied.\n\nSee the following documentation, which will be updated shortly for release\n3.11.170, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/3.11/release_notes/ocp_3_11_release_notes.html\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/articles/11258.",
          "product_ids": [
            "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.170-1.git.1.91db82e.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.170-1.git.1.91db82e.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.170-1.git.0.00cac56.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.170-1.git.0.00cac56.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.170-1.git.0.00cac56.el7.noarch",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.170-1.git.1.55fab05.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.170-1.git.1.55fab05.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.170-1.git.0.00cac56.el7.noarch",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.170-1.git.0.00cac56.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.170-1.git.0.00cac56.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.170-1.git.0.00cac56.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.170-1.git.0.00cac56.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.170-1.git.0.00cac56.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.170-1.git.0.00cac56.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.170-1.git.0.00cac56.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.170-1.git.0.00cac56.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.src",
            "7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.src",
            "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.src",
            "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.170-1.git.1.51473b7.el7.src",
            "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.170-1.git.1.227bc98.el7.src",
            "7Server-RH7-RHOSE-3.11:jenkins-0:2.204.2.1580891656-1.el7.noarch",
            "7Server-RH7-RHOSE-3.11:jenkins-0:2.204.2.1580891656-1.el7.src",
            "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1579107288-1.el7.noarch",
            "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1579107288-1.el7.src",
            "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.170-2.git.5.8802564.el7.noarch",
            "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.170-2.git.5.8802564.el7.src",
            "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.170-2.git.5.8802564.el7.noarch",
            "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.170-2.git.5.8802564.el7.noarch",
            "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.170-2.git.5.8802564.el7.noarch",
            "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.170-2.git.5.8802564.el7.noarch",
            "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.src",
            "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.src",
            "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:openshift-kuryr-0:3.11.170-1.git.1.7265da1.el7.src",
            "7Server-RH7-RHOSE-3.11:openshift-kuryr-cni-0:3.11.170-1.git.1.7265da1.el7.noarch",
            "7Server-RH7-RHOSE-3.11:openshift-kuryr-common-0:3.11.170-1.git.1.7265da1.el7.noarch",
            "7Server-RH7-RHOSE-3.11:openshift-kuryr-controller-0:3.11.170-1.git.1.7265da1.el7.noarch",
            "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.170-1.git.1.227bc98.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.170-1.git.1.227bc98.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.170-1.git.1.51473b7.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.170-1.git.1.51473b7.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:python2-kuryr-kubernetes-0:3.11.170-1.git.1.7265da1.el7.noarch"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHBA-2020:0402"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 3.1,
            "baseSeverity": "LOW",
            "confidentialityImpact": "LOW",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.170-1.git.1.91db82e.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.170-1.git.1.91db82e.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.170-1.git.0.00cac56.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.170-1.git.0.00cac56.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.170-1.git.0.00cac56.el7.noarch",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.170-1.git.1.55fab05.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.170-1.git.1.55fab05.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.170-1.git.0.00cac56.el7.noarch",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.170-1.git.0.00cac56.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.170-1.git.0.00cac56.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.170-1.git.0.00cac56.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.170-1.git.0.00cac56.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.170-1.git.0.00cac56.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.170-1.git.0.00cac56.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.170-1.git.0.00cac56.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.170-1.git.0.00cac56.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.src",
            "7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.src",
            "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.src",
            "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.170-1.git.1.51473b7.el7.src",
            "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.170-1.git.1.227bc98.el7.src",
            "7Server-RH7-RHOSE-3.11:jenkins-0:2.204.2.1580891656-1.el7.noarch",
            "7Server-RH7-RHOSE-3.11:jenkins-0:2.204.2.1580891656-1.el7.src",
            "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1579107288-1.el7.noarch",
            "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1579107288-1.el7.src",
            "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.170-2.git.5.8802564.el7.noarch",
            "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.170-2.git.5.8802564.el7.src",
            "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.170-2.git.5.8802564.el7.noarch",
            "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.170-2.git.5.8802564.el7.noarch",
            "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.170-2.git.5.8802564.el7.noarch",
            "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.170-2.git.5.8802564.el7.noarch",
            "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.src",
            "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.src",
            "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:openshift-kuryr-0:3.11.170-1.git.1.7265da1.el7.src",
            "7Server-RH7-RHOSE-3.11:openshift-kuryr-cni-0:3.11.170-1.git.1.7265da1.el7.noarch",
            "7Server-RH7-RHOSE-3.11:openshift-kuryr-common-0:3.11.170-1.git.1.7265da1.el7.noarch",
            "7Server-RH7-RHOSE-3.11:openshift-kuryr-controller-0:3.11.170-1.git.1.7265da1.el7.noarch",
            "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.170-1.git.1.227bc98.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.170-1.git.1.227bc98.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.170-1.git.1.51473b7.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.170-1.git.1.51473b7.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:python2-kuryr-kubernetes-0:3.11.170-1.git.1.7265da1.el7.noarch"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Low"
        }
      ],
      "title": "jenkins: REST APIs vulnerable to clickjacking"
    }
  ]
}

RHBA-2020:0675

Vulnerability from csaf_redhat - Published: 2020-03-10 22:10 - Updated: 2026-04-27 21:10

Summary

Red Hat Bug Fix Advisory: OpenShift Container Platform 4.3.5 packages update

Severity

Important

Notes

Topic: Red Hat OpenShift Container Platform release 4.3.5 is now available with updates to packages and images that fix several bugs.

CVE-2020-2099

8.6 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L

CWE-305 - Authentication Bypass by Primary Weakness

Affected products

Fixed 2 products

Product	Identifier	Version	Remediation
Unresolved product id: 7Server-RH7-RHOSE-4.3:jenkins-0:2.204.2.1583446818-1.el7.noarch		—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-4.3:jenkins-0:2.204.2.1583446818-1.el7.src		—	Vendor Fix fix

Known not affected 60 products

Product	Identifier	Version	Remediation
Unresolved product id: 7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-1:4.3.5-202003020117.git.0.4eb885c.el7.src		—
Unresolved product id: 7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-1:4.3.5-202003020117.git.0.4eb885c.el7.x86_64		—
Unresolved product id: 7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-svcat-1:4.3.5-202003020117.git.0.4eb885c.el7.x86_64		—
Unresolved product id: 7Server-RH7-RHOSE-4.3:atomic-openshift-service-idler-0:4.3.5-202003020117.git.13.3ac2b0e.el7.src		—
Unresolved product id: 7Server-RH7-RHOSE-4.3:atomic-openshift-service-idler-0:4.3.5-202003020117.git.13.3ac2b0e.el7.x86_64		—
Unresolved product id: 7Server-RH7-RHOSE-4.3:cri-tools-0:1.17.0-1.el7.src		—
Unresolved product id: 7Server-RH7-RHOSE-4.3:cri-tools-0:1.17.0-1.el7.x86_64		—
Unresolved product id: 7Server-RH7-RHOSE-4.3:cri-tools-debuginfo-0:1.17.0-1.el7.x86_64		—
Unresolved product id: 7Server-RH7-RHOSE-4.3:jenkins-2-plugins-0:4.3.1583445947-1.el7.noarch		—
Unresolved product id: 7Server-RH7-RHOSE-4.3:jenkins-2-plugins-0:4.3.1583445947-1.el7.src		—
Unresolved product id: 7Server-RH7-RHOSE-4.3:openshift-0:4.3.5-202002280657.git.0.b3bfb5a.el7.src		—
Unresolved product id: 7Server-RH7-RHOSE-4.3:openshift-ansible-0:4.3.5-202002280657.git.1.e4f02b3.el7.noarch		—
Unresolved product id: 7Server-RH7-RHOSE-4.3:openshift-ansible-0:4.3.5-202002280657.git.1.e4f02b3.el7.src		—
Unresolved product id: 7Server-RH7-RHOSE-4.3:openshift-ansible-test-0:4.3.5-202002280657.git.1.e4f02b3.el7.noarch		—
Unresolved product id: 7Server-RH7-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el7.src		—
Unresolved product id: 7Server-RH7-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el7.x86_64		—
Unresolved product id: 7Server-RH7-RHOSE-4.3:openshift-clients-redistributable-0:4.3.5-202002280657.git.1.55a9334.el7.x86_64		—
Unresolved product id: 7Server-RH7-RHOSE-4.3:openshift-hyperkube-0:4.3.5-202002280657.git.0.b3bfb5a.el7.x86_64		—
Unresolved product id: 7Server-RH7-RHOSE-4.3:ovn2.12-0:2.12.0-32.el7fdn.src		—
Unresolved product id: 7Server-RH7-RHOSE-4.3:ovn2.12-0:2.12.0-32.el7fdn.x86_64		—
Unresolved product id: 7Server-RH7-RHOSE-4.3:ovn2.12-central-0:2.12.0-32.el7fdn.x86_64		—
Unresolved product id: 7Server-RH7-RHOSE-4.3:ovn2.12-debuginfo-0:2.12.0-32.el7fdn.x86_64		—
Unresolved product id: 7Server-RH7-RHOSE-4.3:ovn2.12-host-0:2.12.0-32.el7fdn.x86_64		—
Unresolved product id: 7Server-RH7-RHOSE-4.3:ovn2.12-vtep-0:2.12.0-32.el7fdn.x86_64		—
Unresolved product id: 8Base-RHOSE-4.3:buildah-0:1.11.6-4.el8.src		—
Unresolved product id: 8Base-RHOSE-4.3:buildah-0:1.11.6-4.el8.x86_64		—
Unresolved product id: 8Base-RHOSE-4.3:buildah-debuginfo-0:1.11.6-4.el8.x86_64		—
Unresolved product id: 8Base-RHOSE-4.3:buildah-debugsource-0:1.11.6-4.el8.x86_64		—
Unresolved product id: 8Base-RHOSE-4.3:buildah-tests-0:1.11.6-4.el8.x86_64		—
Unresolved product id: 8Base-RHOSE-4.3:buildah-tests-debuginfo-0:1.11.6-4.el8.x86_64		—
Unresolved product id: 8Base-RHOSE-4.3:containers-common-1:0.1.40-4.rhaos.el8.x86_64		—
Unresolved product id: 8Base-RHOSE-4.3:cri-o-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.src		—
Unresolved product id: 8Base-RHOSE-4.3:cri-o-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.x86_64		—
Unresolved product id: 8Base-RHOSE-4.3:cri-o-debuginfo-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.x86_64		—
Unresolved product id: 8Base-RHOSE-4.3:cri-o-debugsource-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.x86_64		—
Unresolved product id: 8Base-RHOSE-4.3:cri-tools-0:1.17.0-2.el8.src		—
Unresolved product id: 8Base-RHOSE-4.3:cri-tools-0:1.17.0-2.el8.x86_64		—
Unresolved product id: 8Base-RHOSE-4.3:cri-tools-debuginfo-0:1.17.0-2.el8.x86_64		—
Unresolved product id: 8Base-RHOSE-4.3:cri-tools-debugsource-0:1.17.0-2.el8.x86_64		—
Unresolved product id: 8Base-RHOSE-4.3:machine-config-daemon-0:4.3.5-202003020117.git.0.61e0e48.el8.src		—
Unresolved product id: 8Base-RHOSE-4.3:machine-config-daemon-0:4.3.5-202003020117.git.0.61e0e48.el8.x86_64		—
Unresolved product id: 8Base-RHOSE-4.3:openshift-0:4.3.5-202002280657.git.0.b3bfb5a.el8.src		—
Unresolved product id: 8Base-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el8.src		—
Unresolved product id: 8Base-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el8.x86_64		—
Unresolved product id: 8Base-RHOSE-4.3:openshift-clients-redistributable-0:4.3.5-202002280657.git.1.55a9334.el8.x86_64		—
Unresolved product id: 8Base-RHOSE-4.3:openshift-hyperkube-0:4.3.5-202002280657.git.0.b3bfb5a.el8.x86_64		—
Unresolved product id: 8Base-RHOSE-4.3:openshift-kuryr-0:4.3.5-202003020117.git.0.237579a.el8.src		—
Unresolved product id: 8Base-RHOSE-4.3:openshift-kuryr-cni-0:4.3.5-202003020117.git.0.237579a.el8.noarch		—
Unresolved product id: 8Base-RHOSE-4.3:openshift-kuryr-common-0:4.3.5-202003020117.git.0.237579a.el8.noarch		—
Unresolved product id: 8Base-RHOSE-4.3:openshift-kuryr-controller-0:4.3.5-202003020117.git.0.237579a.el8.noarch		—
Unresolved product id: 8Base-RHOSE-4.3:python3-kuryr-kubernetes-0:4.3.5-202003020117.git.0.237579a.el8.noarch		—
Unresolved product id: 8Base-RHOSE-4.3:runc-0:1.0.0-65.rc10.rhaos4.3.el8.src		—
Unresolved product id: 8Base-RHOSE-4.3:runc-0:1.0.0-65.rc10.rhaos4.3.el8.x86_64		—
Unresolved product id: 8Base-RHOSE-4.3:runc-debuginfo-0:1.0.0-65.rc10.rhaos4.3.el8.x86_64		—
Unresolved product id: 8Base-RHOSE-4.3:runc-debugsource-0:1.0.0-65.rc10.rhaos4.3.el8.x86_64		—
Unresolved product id: 8Base-RHOSE-4.3:skopeo-1:0.1.40-4.rhaos.el8.src		—
Unresolved product id: 8Base-RHOSE-4.3:skopeo-1:0.1.40-4.rhaos.el8.x86_64		—
Unresolved product id: 8Base-RHOSE-4.3:skopeo-debuginfo-1:0.1.40-4.rhaos.el8.x86_64		—
Unresolved product id: 8Base-RHOSE-4.3:skopeo-debugsource-1:0.1.40-4.rhaos.el8.x86_64		—
Unresolved product id: 8Base-RHOSE-4.3:skopeo-tests-1:0.1.40-4.rhaos.el8.x86_64		—

Threats

Impact Important

CVE-2020-2100

Jenkins 2.218 and earlier, LTS 2.204.1 and earlier was vulnerable to a UDP amplification reflection denial of service attack on port 33848.

5.8 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L

CWE-400 - Uncontrolled Resource Consumption

Affected products

Fixed 2 products

Product	Identifier	Version	Remediation
Unresolved product id: 7Server-RH7-RHOSE-4.3:jenkins-0:2.204.2.1583446818-1.el7.noarch		—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-4.3:jenkins-0:2.204.2.1583446818-1.el7.src		—	Vendor Fix fix

Known not affected 60 products

Product	Identifier	Version	Remediation
Unresolved product id: 7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-1:4.3.5-202003020117.git.0.4eb885c.el7.src		—
Unresolved product id: 7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-1:4.3.5-202003020117.git.0.4eb885c.el7.x86_64		—
Unresolved product id: 7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-svcat-1:4.3.5-202003020117.git.0.4eb885c.el7.x86_64		—
Unresolved product id: 7Server-RH7-RHOSE-4.3:atomic-openshift-service-idler-0:4.3.5-202003020117.git.13.3ac2b0e.el7.src		—
Unresolved product id: 7Server-RH7-RHOSE-4.3:atomic-openshift-service-idler-0:4.3.5-202003020117.git.13.3ac2b0e.el7.x86_64		—
Unresolved product id: 7Server-RH7-RHOSE-4.3:cri-tools-0:1.17.0-1.el7.src		—
Unresolved product id: 7Server-RH7-RHOSE-4.3:cri-tools-0:1.17.0-1.el7.x86_64		—
Unresolved product id: 7Server-RH7-RHOSE-4.3:cri-tools-debuginfo-0:1.17.0-1.el7.x86_64		—
Unresolved product id: 7Server-RH7-RHOSE-4.3:jenkins-2-plugins-0:4.3.1583445947-1.el7.noarch		—
Unresolved product id: 7Server-RH7-RHOSE-4.3:jenkins-2-plugins-0:4.3.1583445947-1.el7.src		—
Unresolved product id: 7Server-RH7-RHOSE-4.3:openshift-0:4.3.5-202002280657.git.0.b3bfb5a.el7.src		—
Unresolved product id: 7Server-RH7-RHOSE-4.3:openshift-ansible-0:4.3.5-202002280657.git.1.e4f02b3.el7.noarch		—
Unresolved product id: 7Server-RH7-RHOSE-4.3:openshift-ansible-0:4.3.5-202002280657.git.1.e4f02b3.el7.src		—
Unresolved product id: 7Server-RH7-RHOSE-4.3:openshift-ansible-test-0:4.3.5-202002280657.git.1.e4f02b3.el7.noarch		—
Unresolved product id: 7Server-RH7-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el7.src		—
Unresolved product id: 7Server-RH7-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el7.x86_64		—
Unresolved product id: 7Server-RH7-RHOSE-4.3:openshift-clients-redistributable-0:4.3.5-202002280657.git.1.55a9334.el7.x86_64		—
Unresolved product id: 7Server-RH7-RHOSE-4.3:openshift-hyperkube-0:4.3.5-202002280657.git.0.b3bfb5a.el7.x86_64		—
Unresolved product id: 7Server-RH7-RHOSE-4.3:ovn2.12-0:2.12.0-32.el7fdn.src		—
Unresolved product id: 7Server-RH7-RHOSE-4.3:ovn2.12-0:2.12.0-32.el7fdn.x86_64		—
Unresolved product id: 7Server-RH7-RHOSE-4.3:ovn2.12-central-0:2.12.0-32.el7fdn.x86_64		—
Unresolved product id: 7Server-RH7-RHOSE-4.3:ovn2.12-debuginfo-0:2.12.0-32.el7fdn.x86_64		—
Unresolved product id: 7Server-RH7-RHOSE-4.3:ovn2.12-host-0:2.12.0-32.el7fdn.x86_64		—
Unresolved product id: 7Server-RH7-RHOSE-4.3:ovn2.12-vtep-0:2.12.0-32.el7fdn.x86_64		—
Unresolved product id: 8Base-RHOSE-4.3:buildah-0:1.11.6-4.el8.src		—
Unresolved product id: 8Base-RHOSE-4.3:buildah-0:1.11.6-4.el8.x86_64		—
Unresolved product id: 8Base-RHOSE-4.3:buildah-debuginfo-0:1.11.6-4.el8.x86_64		—
Unresolved product id: 8Base-RHOSE-4.3:buildah-debugsource-0:1.11.6-4.el8.x86_64		—
Unresolved product id: 8Base-RHOSE-4.3:buildah-tests-0:1.11.6-4.el8.x86_64		—
Unresolved product id: 8Base-RHOSE-4.3:buildah-tests-debuginfo-0:1.11.6-4.el8.x86_64		—
Unresolved product id: 8Base-RHOSE-4.3:containers-common-1:0.1.40-4.rhaos.el8.x86_64		—
Unresolved product id: 8Base-RHOSE-4.3:cri-o-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.src		—
Unresolved product id: 8Base-RHOSE-4.3:cri-o-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.x86_64		—
Unresolved product id: 8Base-RHOSE-4.3:cri-o-debuginfo-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.x86_64		—
Unresolved product id: 8Base-RHOSE-4.3:cri-o-debugsource-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.x86_64		—
Unresolved product id: 8Base-RHOSE-4.3:cri-tools-0:1.17.0-2.el8.src		—
Unresolved product id: 8Base-RHOSE-4.3:cri-tools-0:1.17.0-2.el8.x86_64		—
Unresolved product id: 8Base-RHOSE-4.3:cri-tools-debuginfo-0:1.17.0-2.el8.x86_64		—
Unresolved product id: 8Base-RHOSE-4.3:cri-tools-debugsource-0:1.17.0-2.el8.x86_64		—
Unresolved product id: 8Base-RHOSE-4.3:machine-config-daemon-0:4.3.5-202003020117.git.0.61e0e48.el8.src		—
Unresolved product id: 8Base-RHOSE-4.3:machine-config-daemon-0:4.3.5-202003020117.git.0.61e0e48.el8.x86_64		—
Unresolved product id: 8Base-RHOSE-4.3:openshift-0:4.3.5-202002280657.git.0.b3bfb5a.el8.src		—
Unresolved product id: 8Base-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el8.src		—
Unresolved product id: 8Base-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el8.x86_64		—
Unresolved product id: 8Base-RHOSE-4.3:openshift-clients-redistributable-0:4.3.5-202002280657.git.1.55a9334.el8.x86_64		—
Unresolved product id: 8Base-RHOSE-4.3:openshift-hyperkube-0:4.3.5-202002280657.git.0.b3bfb5a.el8.x86_64		—
Unresolved product id: 8Base-RHOSE-4.3:openshift-kuryr-0:4.3.5-202003020117.git.0.237579a.el8.src		—
Unresolved product id: 8Base-RHOSE-4.3:openshift-kuryr-cni-0:4.3.5-202003020117.git.0.237579a.el8.noarch		—
Unresolved product id: 8Base-RHOSE-4.3:openshift-kuryr-common-0:4.3.5-202003020117.git.0.237579a.el8.noarch		—
Unresolved product id: 8Base-RHOSE-4.3:openshift-kuryr-controller-0:4.3.5-202003020117.git.0.237579a.el8.noarch		—
Unresolved product id: 8Base-RHOSE-4.3:python3-kuryr-kubernetes-0:4.3.5-202003020117.git.0.237579a.el8.noarch		—
Unresolved product id: 8Base-RHOSE-4.3:runc-0:1.0.0-65.rc10.rhaos4.3.el8.src		—
Unresolved product id: 8Base-RHOSE-4.3:runc-0:1.0.0-65.rc10.rhaos4.3.el8.x86_64		—
Unresolved product id: 8Base-RHOSE-4.3:runc-debuginfo-0:1.0.0-65.rc10.rhaos4.3.el8.x86_64		—
Unresolved product id: 8Base-RHOSE-4.3:runc-debugsource-0:1.0.0-65.rc10.rhaos4.3.el8.x86_64		—
Unresolved product id: 8Base-RHOSE-4.3:skopeo-1:0.1.40-4.rhaos.el8.src		—
Unresolved product id: 8Base-RHOSE-4.3:skopeo-1:0.1.40-4.rhaos.el8.x86_64		—
Unresolved product id: 8Base-RHOSE-4.3:skopeo-debuginfo-1:0.1.40-4.rhaos.el8.x86_64		—
Unresolved product id: 8Base-RHOSE-4.3:skopeo-debugsource-1:0.1.40-4.rhaos.el8.x86_64		—
Unresolved product id: 8Base-RHOSE-4.3:skopeo-tests-1:0.1.40-4.rhaos.el8.x86_64		—

Threats

Impact Moderate

CVE-2020-2101

5.3 (Medium)


                        
                          CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N

CWE-385 - Covert Timing Channel

Affected products

Fixed 2 products

Product	Identifier	Version	Remediation
Unresolved product id: 7Server-RH7-RHOSE-4.3:jenkins-0:2.204.2.1583446818-1.el7.noarch		—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-4.3:jenkins-0:2.204.2.1583446818-1.el7.src		—	Vendor Fix fix

Known not affected 60 products

Product	Identifier	Version	Remediation
Unresolved product id: 7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-1:4.3.5-202003020117.git.0.4eb885c.el7.src		—
Unresolved product id: 7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-1:4.3.5-202003020117.git.0.4eb885c.el7.x86_64		—
Unresolved product id: 7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-svcat-1:4.3.5-202003020117.git.0.4eb885c.el7.x86_64		—
Unresolved product id: 7Server-RH7-RHOSE-4.3:atomic-openshift-service-idler-0:4.3.5-202003020117.git.13.3ac2b0e.el7.src		—
Unresolved product id: 7Server-RH7-RHOSE-4.3:atomic-openshift-service-idler-0:4.3.5-202003020117.git.13.3ac2b0e.el7.x86_64		—
Unresolved product id: 7Server-RH7-RHOSE-4.3:cri-tools-0:1.17.0-1.el7.src		—
Unresolved product id: 7Server-RH7-RHOSE-4.3:cri-tools-0:1.17.0-1.el7.x86_64		—
Unresolved product id: 7Server-RH7-RHOSE-4.3:cri-tools-debuginfo-0:1.17.0-1.el7.x86_64		—
Unresolved product id: 7Server-RH7-RHOSE-4.3:jenkins-2-plugins-0:4.3.1583445947-1.el7.noarch		—
Unresolved product id: 7Server-RH7-RHOSE-4.3:jenkins-2-plugins-0:4.3.1583445947-1.el7.src		—
Unresolved product id: 7Server-RH7-RHOSE-4.3:openshift-0:4.3.5-202002280657.git.0.b3bfb5a.el7.src		—
Unresolved product id: 7Server-RH7-RHOSE-4.3:openshift-ansible-0:4.3.5-202002280657.git.1.e4f02b3.el7.noarch		—
Unresolved product id: 7Server-RH7-RHOSE-4.3:openshift-ansible-0:4.3.5-202002280657.git.1.e4f02b3.el7.src		—
Unresolved product id: 7Server-RH7-RHOSE-4.3:openshift-ansible-test-0:4.3.5-202002280657.git.1.e4f02b3.el7.noarch		—
Unresolved product id: 7Server-RH7-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el7.src		—
Unresolved product id: 7Server-RH7-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el7.x86_64		—
Unresolved product id: 7Server-RH7-RHOSE-4.3:openshift-clients-redistributable-0:4.3.5-202002280657.git.1.55a9334.el7.x86_64		—
Unresolved product id: 7Server-RH7-RHOSE-4.3:openshift-hyperkube-0:4.3.5-202002280657.git.0.b3bfb5a.el7.x86_64		—
Unresolved product id: 7Server-RH7-RHOSE-4.3:ovn2.12-0:2.12.0-32.el7fdn.src		—
Unresolved product id: 7Server-RH7-RHOSE-4.3:ovn2.12-0:2.12.0-32.el7fdn.x86_64		—
Unresolved product id: 7Server-RH7-RHOSE-4.3:ovn2.12-central-0:2.12.0-32.el7fdn.x86_64		—
Unresolved product id: 7Server-RH7-RHOSE-4.3:ovn2.12-debuginfo-0:2.12.0-32.el7fdn.x86_64		—
Unresolved product id: 7Server-RH7-RHOSE-4.3:ovn2.12-host-0:2.12.0-32.el7fdn.x86_64		—
Unresolved product id: 7Server-RH7-RHOSE-4.3:ovn2.12-vtep-0:2.12.0-32.el7fdn.x86_64		—
Unresolved product id: 8Base-RHOSE-4.3:buildah-0:1.11.6-4.el8.src		—
Unresolved product id: 8Base-RHOSE-4.3:buildah-0:1.11.6-4.el8.x86_64		—
Unresolved product id: 8Base-RHOSE-4.3:buildah-debuginfo-0:1.11.6-4.el8.x86_64		—
Unresolved product id: 8Base-RHOSE-4.3:buildah-debugsource-0:1.11.6-4.el8.x86_64		—
Unresolved product id: 8Base-RHOSE-4.3:buildah-tests-0:1.11.6-4.el8.x86_64		—
Unresolved product id: 8Base-RHOSE-4.3:buildah-tests-debuginfo-0:1.11.6-4.el8.x86_64		—
Unresolved product id: 8Base-RHOSE-4.3:containers-common-1:0.1.40-4.rhaos.el8.x86_64		—
Unresolved product id: 8Base-RHOSE-4.3:cri-o-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.src		—
Unresolved product id: 8Base-RHOSE-4.3:cri-o-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.x86_64		—
Unresolved product id: 8Base-RHOSE-4.3:cri-o-debuginfo-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.x86_64		—
Unresolved product id: 8Base-RHOSE-4.3:cri-o-debugsource-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.x86_64		—
Unresolved product id: 8Base-RHOSE-4.3:cri-tools-0:1.17.0-2.el8.src		—
Unresolved product id: 8Base-RHOSE-4.3:cri-tools-0:1.17.0-2.el8.x86_64		—
Unresolved product id: 8Base-RHOSE-4.3:cri-tools-debuginfo-0:1.17.0-2.el8.x86_64		—
Unresolved product id: 8Base-RHOSE-4.3:cri-tools-debugsource-0:1.17.0-2.el8.x86_64		—
Unresolved product id: 8Base-RHOSE-4.3:machine-config-daemon-0:4.3.5-202003020117.git.0.61e0e48.el8.src		—
Unresolved product id: 8Base-RHOSE-4.3:machine-config-daemon-0:4.3.5-202003020117.git.0.61e0e48.el8.x86_64		—
Unresolved product id: 8Base-RHOSE-4.3:openshift-0:4.3.5-202002280657.git.0.b3bfb5a.el8.src		—
Unresolved product id: 8Base-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el8.src		—
Unresolved product id: 8Base-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el8.x86_64		—
Unresolved product id: 8Base-RHOSE-4.3:openshift-clients-redistributable-0:4.3.5-202002280657.git.1.55a9334.el8.x86_64		—
Unresolved product id: 8Base-RHOSE-4.3:openshift-hyperkube-0:4.3.5-202002280657.git.0.b3bfb5a.el8.x86_64		—
Unresolved product id: 8Base-RHOSE-4.3:openshift-kuryr-0:4.3.5-202003020117.git.0.237579a.el8.src		—
Unresolved product id: 8Base-RHOSE-4.3:openshift-kuryr-cni-0:4.3.5-202003020117.git.0.237579a.el8.noarch		—
Unresolved product id: 8Base-RHOSE-4.3:openshift-kuryr-common-0:4.3.5-202003020117.git.0.237579a.el8.noarch		—
Unresolved product id: 8Base-RHOSE-4.3:openshift-kuryr-controller-0:4.3.5-202003020117.git.0.237579a.el8.noarch		—
Unresolved product id: 8Base-RHOSE-4.3:python3-kuryr-kubernetes-0:4.3.5-202003020117.git.0.237579a.el8.noarch		—
Unresolved product id: 8Base-RHOSE-4.3:runc-0:1.0.0-65.rc10.rhaos4.3.el8.src		—
Unresolved product id: 8Base-RHOSE-4.3:runc-0:1.0.0-65.rc10.rhaos4.3.el8.x86_64		—
Unresolved product id: 8Base-RHOSE-4.3:runc-debuginfo-0:1.0.0-65.rc10.rhaos4.3.el8.x86_64		—
Unresolved product id: 8Base-RHOSE-4.3:runc-debugsource-0:1.0.0-65.rc10.rhaos4.3.el8.x86_64		—
Unresolved product id: 8Base-RHOSE-4.3:skopeo-1:0.1.40-4.rhaos.el8.src		—
Unresolved product id: 8Base-RHOSE-4.3:skopeo-1:0.1.40-4.rhaos.el8.x86_64		—
Unresolved product id: 8Base-RHOSE-4.3:skopeo-debuginfo-1:0.1.40-4.rhaos.el8.x86_64		—
Unresolved product id: 8Base-RHOSE-4.3:skopeo-debugsource-1:0.1.40-4.rhaos.el8.x86_64		—
Unresolved product id: 8Base-RHOSE-4.3:skopeo-tests-1:0.1.40-4.rhaos.el8.x86_64		—

Threats

Impact Moderate

CVE-2020-2102

Jenkins 2.218 and earlier, LTS 2.204.1 and earlier used a non-constant time comparison function when validating an HMAC.

5.3 (Medium)


                        
                          CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N

CWE-385 - Covert Timing Channel

Affected products

Fixed 2 products

Product	Identifier	Version	Remediation
Unresolved product id: 7Server-RH7-RHOSE-4.3:jenkins-0:2.204.2.1583446818-1.el7.noarch		—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-4.3:jenkins-0:2.204.2.1583446818-1.el7.src		—	Vendor Fix fix

Known not affected 60 products

Product	Identifier	Version	Remediation
Unresolved product id: 7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-1:4.3.5-202003020117.git.0.4eb885c.el7.src		—
Unresolved product id: 7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-1:4.3.5-202003020117.git.0.4eb885c.el7.x86_64		—
Unresolved product id: 7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-svcat-1:4.3.5-202003020117.git.0.4eb885c.el7.x86_64		—
Unresolved product id: 7Server-RH7-RHOSE-4.3:atomic-openshift-service-idler-0:4.3.5-202003020117.git.13.3ac2b0e.el7.src		—
Unresolved product id: 7Server-RH7-RHOSE-4.3:atomic-openshift-service-idler-0:4.3.5-202003020117.git.13.3ac2b0e.el7.x86_64		—
Unresolved product id: 7Server-RH7-RHOSE-4.3:cri-tools-0:1.17.0-1.el7.src		—
Unresolved product id: 7Server-RH7-RHOSE-4.3:cri-tools-0:1.17.0-1.el7.x86_64		—
Unresolved product id: 7Server-RH7-RHOSE-4.3:cri-tools-debuginfo-0:1.17.0-1.el7.x86_64		—
Unresolved product id: 7Server-RH7-RHOSE-4.3:jenkins-2-plugins-0:4.3.1583445947-1.el7.noarch		—
Unresolved product id: 7Server-RH7-RHOSE-4.3:jenkins-2-plugins-0:4.3.1583445947-1.el7.src		—
Unresolved product id: 7Server-RH7-RHOSE-4.3:openshift-0:4.3.5-202002280657.git.0.b3bfb5a.el7.src		—
Unresolved product id: 7Server-RH7-RHOSE-4.3:openshift-ansible-0:4.3.5-202002280657.git.1.e4f02b3.el7.noarch		—
Unresolved product id: 7Server-RH7-RHOSE-4.3:openshift-ansible-0:4.3.5-202002280657.git.1.e4f02b3.el7.src		—
Unresolved product id: 7Server-RH7-RHOSE-4.3:openshift-ansible-test-0:4.3.5-202002280657.git.1.e4f02b3.el7.noarch		—
Unresolved product id: 7Server-RH7-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el7.src		—
Unresolved product id: 7Server-RH7-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el7.x86_64		—
Unresolved product id: 7Server-RH7-RHOSE-4.3:openshift-clients-redistributable-0:4.3.5-202002280657.git.1.55a9334.el7.x86_64		—
Unresolved product id: 7Server-RH7-RHOSE-4.3:openshift-hyperkube-0:4.3.5-202002280657.git.0.b3bfb5a.el7.x86_64		—
Unresolved product id: 7Server-RH7-RHOSE-4.3:ovn2.12-0:2.12.0-32.el7fdn.src		—
Unresolved product id: 7Server-RH7-RHOSE-4.3:ovn2.12-0:2.12.0-32.el7fdn.x86_64		—
Unresolved product id: 7Server-RH7-RHOSE-4.3:ovn2.12-central-0:2.12.0-32.el7fdn.x86_64		—
Unresolved product id: 7Server-RH7-RHOSE-4.3:ovn2.12-debuginfo-0:2.12.0-32.el7fdn.x86_64		—
Unresolved product id: 7Server-RH7-RHOSE-4.3:ovn2.12-host-0:2.12.0-32.el7fdn.x86_64		—
Unresolved product id: 7Server-RH7-RHOSE-4.3:ovn2.12-vtep-0:2.12.0-32.el7fdn.x86_64		—
Unresolved product id: 8Base-RHOSE-4.3:buildah-0:1.11.6-4.el8.src		—
Unresolved product id: 8Base-RHOSE-4.3:buildah-0:1.11.6-4.el8.x86_64		—
Unresolved product id: 8Base-RHOSE-4.3:buildah-debuginfo-0:1.11.6-4.el8.x86_64		—
Unresolved product id: 8Base-RHOSE-4.3:buildah-debugsource-0:1.11.6-4.el8.x86_64		—
Unresolved product id: 8Base-RHOSE-4.3:buildah-tests-0:1.11.6-4.el8.x86_64		—
Unresolved product id: 8Base-RHOSE-4.3:buildah-tests-debuginfo-0:1.11.6-4.el8.x86_64		—
Unresolved product id: 8Base-RHOSE-4.3:containers-common-1:0.1.40-4.rhaos.el8.x86_64		—
Unresolved product id: 8Base-RHOSE-4.3:cri-o-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.src		—
Unresolved product id: 8Base-RHOSE-4.3:cri-o-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.x86_64		—
Unresolved product id: 8Base-RHOSE-4.3:cri-o-debuginfo-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.x86_64		—
Unresolved product id: 8Base-RHOSE-4.3:cri-o-debugsource-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.x86_64		—
Unresolved product id: 8Base-RHOSE-4.3:cri-tools-0:1.17.0-2.el8.src		—
Unresolved product id: 8Base-RHOSE-4.3:cri-tools-0:1.17.0-2.el8.x86_64		—
Unresolved product id: 8Base-RHOSE-4.3:cri-tools-debuginfo-0:1.17.0-2.el8.x86_64		—
Unresolved product id: 8Base-RHOSE-4.3:cri-tools-debugsource-0:1.17.0-2.el8.x86_64		—
Unresolved product id: 8Base-RHOSE-4.3:machine-config-daemon-0:4.3.5-202003020117.git.0.61e0e48.el8.src		—
Unresolved product id: 8Base-RHOSE-4.3:machine-config-daemon-0:4.3.5-202003020117.git.0.61e0e48.el8.x86_64		—
Unresolved product id: 8Base-RHOSE-4.3:openshift-0:4.3.5-202002280657.git.0.b3bfb5a.el8.src		—
Unresolved product id: 8Base-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el8.src		—
Unresolved product id: 8Base-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el8.x86_64		—
Unresolved product id: 8Base-RHOSE-4.3:openshift-clients-redistributable-0:4.3.5-202002280657.git.1.55a9334.el8.x86_64		—
Unresolved product id: 8Base-RHOSE-4.3:openshift-hyperkube-0:4.3.5-202002280657.git.0.b3bfb5a.el8.x86_64		—
Unresolved product id: 8Base-RHOSE-4.3:openshift-kuryr-0:4.3.5-202003020117.git.0.237579a.el8.src		—
Unresolved product id: 8Base-RHOSE-4.3:openshift-kuryr-cni-0:4.3.5-202003020117.git.0.237579a.el8.noarch		—
Unresolved product id: 8Base-RHOSE-4.3:openshift-kuryr-common-0:4.3.5-202003020117.git.0.237579a.el8.noarch		—
Unresolved product id: 8Base-RHOSE-4.3:openshift-kuryr-controller-0:4.3.5-202003020117.git.0.237579a.el8.noarch		—
Unresolved product id: 8Base-RHOSE-4.3:python3-kuryr-kubernetes-0:4.3.5-202003020117.git.0.237579a.el8.noarch		—
Unresolved product id: 8Base-RHOSE-4.3:runc-0:1.0.0-65.rc10.rhaos4.3.el8.src		—
Unresolved product id: 8Base-RHOSE-4.3:runc-0:1.0.0-65.rc10.rhaos4.3.el8.x86_64		—
Unresolved product id: 8Base-RHOSE-4.3:runc-debuginfo-0:1.0.0-65.rc10.rhaos4.3.el8.x86_64		—
Unresolved product id: 8Base-RHOSE-4.3:runc-debugsource-0:1.0.0-65.rc10.rhaos4.3.el8.x86_64		—
Unresolved product id: 8Base-RHOSE-4.3:skopeo-1:0.1.40-4.rhaos.el8.src		—
Unresolved product id: 8Base-RHOSE-4.3:skopeo-1:0.1.40-4.rhaos.el8.x86_64		—
Unresolved product id: 8Base-RHOSE-4.3:skopeo-debuginfo-1:0.1.40-4.rhaos.el8.x86_64		—
Unresolved product id: 8Base-RHOSE-4.3:skopeo-debugsource-1:0.1.40-4.rhaos.el8.x86_64		—
Unresolved product id: 8Base-RHOSE-4.3:skopeo-tests-1:0.1.40-4.rhaos.el8.x86_64		—

Threats

Impact Moderate

CVE-2020-2103

Jenkins 2.218 and earlier, LTS 2.204.1 and earlier exposed session identifiers on a user's detail object in the whoAmI diagnostic page.

4.4 (Medium)


                        
                          CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:N

CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor

Affected products

Fixed 2 products

Product	Identifier	Version	Remediation
Unresolved product id: 7Server-RH7-RHOSE-4.3:jenkins-0:2.204.2.1583446818-1.el7.noarch		—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-4.3:jenkins-0:2.204.2.1583446818-1.el7.src		—	Vendor Fix fix

Known not affected 60 products

Product	Identifier	Version	Remediation
Unresolved product id: 7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-1:4.3.5-202003020117.git.0.4eb885c.el7.src		—
Unresolved product id: 7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-1:4.3.5-202003020117.git.0.4eb885c.el7.x86_64		—
Unresolved product id: 7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-svcat-1:4.3.5-202003020117.git.0.4eb885c.el7.x86_64		—
Unresolved product id: 7Server-RH7-RHOSE-4.3:atomic-openshift-service-idler-0:4.3.5-202003020117.git.13.3ac2b0e.el7.src		—
Unresolved product id: 7Server-RH7-RHOSE-4.3:atomic-openshift-service-idler-0:4.3.5-202003020117.git.13.3ac2b0e.el7.x86_64		—
Unresolved product id: 7Server-RH7-RHOSE-4.3:cri-tools-0:1.17.0-1.el7.src		—
Unresolved product id: 7Server-RH7-RHOSE-4.3:cri-tools-0:1.17.0-1.el7.x86_64		—
Unresolved product id: 7Server-RH7-RHOSE-4.3:cri-tools-debuginfo-0:1.17.0-1.el7.x86_64		—
Unresolved product id: 7Server-RH7-RHOSE-4.3:jenkins-2-plugins-0:4.3.1583445947-1.el7.noarch		—
Unresolved product id: 7Server-RH7-RHOSE-4.3:jenkins-2-plugins-0:4.3.1583445947-1.el7.src		—
Unresolved product id: 7Server-RH7-RHOSE-4.3:openshift-0:4.3.5-202002280657.git.0.b3bfb5a.el7.src		—
Unresolved product id: 7Server-RH7-RHOSE-4.3:openshift-ansible-0:4.3.5-202002280657.git.1.e4f02b3.el7.noarch		—
Unresolved product id: 7Server-RH7-RHOSE-4.3:openshift-ansible-0:4.3.5-202002280657.git.1.e4f02b3.el7.src		—
Unresolved product id: 7Server-RH7-RHOSE-4.3:openshift-ansible-test-0:4.3.5-202002280657.git.1.e4f02b3.el7.noarch		—
Unresolved product id: 7Server-RH7-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el7.src		—
Unresolved product id: 7Server-RH7-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el7.x86_64		—
Unresolved product id: 7Server-RH7-RHOSE-4.3:openshift-clients-redistributable-0:4.3.5-202002280657.git.1.55a9334.el7.x86_64		—
Unresolved product id: 7Server-RH7-RHOSE-4.3:openshift-hyperkube-0:4.3.5-202002280657.git.0.b3bfb5a.el7.x86_64		—
Unresolved product id: 7Server-RH7-RHOSE-4.3:ovn2.12-0:2.12.0-32.el7fdn.src		—
Unresolved product id: 7Server-RH7-RHOSE-4.3:ovn2.12-0:2.12.0-32.el7fdn.x86_64		—
Unresolved product id: 7Server-RH7-RHOSE-4.3:ovn2.12-central-0:2.12.0-32.el7fdn.x86_64		—
Unresolved product id: 7Server-RH7-RHOSE-4.3:ovn2.12-debuginfo-0:2.12.0-32.el7fdn.x86_64		—
Unresolved product id: 7Server-RH7-RHOSE-4.3:ovn2.12-host-0:2.12.0-32.el7fdn.x86_64		—
Unresolved product id: 7Server-RH7-RHOSE-4.3:ovn2.12-vtep-0:2.12.0-32.el7fdn.x86_64		—
Unresolved product id: 8Base-RHOSE-4.3:buildah-0:1.11.6-4.el8.src		—
Unresolved product id: 8Base-RHOSE-4.3:buildah-0:1.11.6-4.el8.x86_64		—
Unresolved product id: 8Base-RHOSE-4.3:buildah-debuginfo-0:1.11.6-4.el8.x86_64		—
Unresolved product id: 8Base-RHOSE-4.3:buildah-debugsource-0:1.11.6-4.el8.x86_64		—
Unresolved product id: 8Base-RHOSE-4.3:buildah-tests-0:1.11.6-4.el8.x86_64		—
Unresolved product id: 8Base-RHOSE-4.3:buildah-tests-debuginfo-0:1.11.6-4.el8.x86_64		—
Unresolved product id: 8Base-RHOSE-4.3:containers-common-1:0.1.40-4.rhaos.el8.x86_64		—
Unresolved product id: 8Base-RHOSE-4.3:cri-o-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.src		—
Unresolved product id: 8Base-RHOSE-4.3:cri-o-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.x86_64		—
Unresolved product id: 8Base-RHOSE-4.3:cri-o-debuginfo-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.x86_64		—
Unresolved product id: 8Base-RHOSE-4.3:cri-o-debugsource-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.x86_64		—
Unresolved product id: 8Base-RHOSE-4.3:cri-tools-0:1.17.0-2.el8.src		—
Unresolved product id: 8Base-RHOSE-4.3:cri-tools-0:1.17.0-2.el8.x86_64		—
Unresolved product id: 8Base-RHOSE-4.3:cri-tools-debuginfo-0:1.17.0-2.el8.x86_64		—
Unresolved product id: 8Base-RHOSE-4.3:cri-tools-debugsource-0:1.17.0-2.el8.x86_64		—
Unresolved product id: 8Base-RHOSE-4.3:machine-config-daemon-0:4.3.5-202003020117.git.0.61e0e48.el8.src		—
Unresolved product id: 8Base-RHOSE-4.3:machine-config-daemon-0:4.3.5-202003020117.git.0.61e0e48.el8.x86_64		—
Unresolved product id: 8Base-RHOSE-4.3:openshift-0:4.3.5-202002280657.git.0.b3bfb5a.el8.src		—
Unresolved product id: 8Base-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el8.src		—
Unresolved product id: 8Base-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el8.x86_64		—
Unresolved product id: 8Base-RHOSE-4.3:openshift-clients-redistributable-0:4.3.5-202002280657.git.1.55a9334.el8.x86_64		—
Unresolved product id: 8Base-RHOSE-4.3:openshift-hyperkube-0:4.3.5-202002280657.git.0.b3bfb5a.el8.x86_64		—
Unresolved product id: 8Base-RHOSE-4.3:openshift-kuryr-0:4.3.5-202003020117.git.0.237579a.el8.src		—
Unresolved product id: 8Base-RHOSE-4.3:openshift-kuryr-cni-0:4.3.5-202003020117.git.0.237579a.el8.noarch		—
Unresolved product id: 8Base-RHOSE-4.3:openshift-kuryr-common-0:4.3.5-202003020117.git.0.237579a.el8.noarch		—
Unresolved product id: 8Base-RHOSE-4.3:openshift-kuryr-controller-0:4.3.5-202003020117.git.0.237579a.el8.noarch		—
Unresolved product id: 8Base-RHOSE-4.3:python3-kuryr-kubernetes-0:4.3.5-202003020117.git.0.237579a.el8.noarch		—
Unresolved product id: 8Base-RHOSE-4.3:runc-0:1.0.0-65.rc10.rhaos4.3.el8.src		—
Unresolved product id: 8Base-RHOSE-4.3:runc-0:1.0.0-65.rc10.rhaos4.3.el8.x86_64		—
Unresolved product id: 8Base-RHOSE-4.3:runc-debuginfo-0:1.0.0-65.rc10.rhaos4.3.el8.x86_64		—
Unresolved product id: 8Base-RHOSE-4.3:runc-debugsource-0:1.0.0-65.rc10.rhaos4.3.el8.x86_64		—
Unresolved product id: 8Base-RHOSE-4.3:skopeo-1:0.1.40-4.rhaos.el8.src		—
Unresolved product id: 8Base-RHOSE-4.3:skopeo-1:0.1.40-4.rhaos.el8.x86_64		—
Unresolved product id: 8Base-RHOSE-4.3:skopeo-debuginfo-1:0.1.40-4.rhaos.el8.x86_64		—
Unresolved product id: 8Base-RHOSE-4.3:skopeo-debugsource-1:0.1.40-4.rhaos.el8.x86_64		—
Unresolved product id: 8Base-RHOSE-4.3:skopeo-tests-1:0.1.40-4.rhaos.el8.x86_64		—

Threats

Impact Moderate

CVE-2020-2104

Jenkins 2.218 and earlier, LTS 2.204.1 and earlier allowed users with Overall/Read access to view a JVM memory usage chart.

4.3 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor

Affected products

Fixed 2 products

Product	Identifier	Version	Remediation
Unresolved product id: 7Server-RH7-RHOSE-4.3:jenkins-0:2.204.2.1583446818-1.el7.noarch		—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-4.3:jenkins-0:2.204.2.1583446818-1.el7.src		—	Vendor Fix fix

Known not affected 60 products

Product	Identifier	Version	Remediation
Unresolved product id: 7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-1:4.3.5-202003020117.git.0.4eb885c.el7.src		—
Unresolved product id: 7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-1:4.3.5-202003020117.git.0.4eb885c.el7.x86_64		—
Unresolved product id: 7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-svcat-1:4.3.5-202003020117.git.0.4eb885c.el7.x86_64		—
Unresolved product id: 7Server-RH7-RHOSE-4.3:atomic-openshift-service-idler-0:4.3.5-202003020117.git.13.3ac2b0e.el7.src		—
Unresolved product id: 7Server-RH7-RHOSE-4.3:atomic-openshift-service-idler-0:4.3.5-202003020117.git.13.3ac2b0e.el7.x86_64		—
Unresolved product id: 7Server-RH7-RHOSE-4.3:cri-tools-0:1.17.0-1.el7.src		—
Unresolved product id: 7Server-RH7-RHOSE-4.3:cri-tools-0:1.17.0-1.el7.x86_64		—
Unresolved product id: 7Server-RH7-RHOSE-4.3:cri-tools-debuginfo-0:1.17.0-1.el7.x86_64		—
Unresolved product id: 7Server-RH7-RHOSE-4.3:jenkins-2-plugins-0:4.3.1583445947-1.el7.noarch		—
Unresolved product id: 7Server-RH7-RHOSE-4.3:jenkins-2-plugins-0:4.3.1583445947-1.el7.src		—
Unresolved product id: 7Server-RH7-RHOSE-4.3:openshift-0:4.3.5-202002280657.git.0.b3bfb5a.el7.src		—
Unresolved product id: 7Server-RH7-RHOSE-4.3:openshift-ansible-0:4.3.5-202002280657.git.1.e4f02b3.el7.noarch		—
Unresolved product id: 7Server-RH7-RHOSE-4.3:openshift-ansible-0:4.3.5-202002280657.git.1.e4f02b3.el7.src		—
Unresolved product id: 7Server-RH7-RHOSE-4.3:openshift-ansible-test-0:4.3.5-202002280657.git.1.e4f02b3.el7.noarch		—
Unresolved product id: 7Server-RH7-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el7.src		—
Unresolved product id: 7Server-RH7-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el7.x86_64		—
Unresolved product id: 7Server-RH7-RHOSE-4.3:openshift-clients-redistributable-0:4.3.5-202002280657.git.1.55a9334.el7.x86_64		—
Unresolved product id: 7Server-RH7-RHOSE-4.3:openshift-hyperkube-0:4.3.5-202002280657.git.0.b3bfb5a.el7.x86_64		—
Unresolved product id: 7Server-RH7-RHOSE-4.3:ovn2.12-0:2.12.0-32.el7fdn.src		—
Unresolved product id: 7Server-RH7-RHOSE-4.3:ovn2.12-0:2.12.0-32.el7fdn.x86_64		—
Unresolved product id: 7Server-RH7-RHOSE-4.3:ovn2.12-central-0:2.12.0-32.el7fdn.x86_64		—
Unresolved product id: 7Server-RH7-RHOSE-4.3:ovn2.12-debuginfo-0:2.12.0-32.el7fdn.x86_64		—
Unresolved product id: 7Server-RH7-RHOSE-4.3:ovn2.12-host-0:2.12.0-32.el7fdn.x86_64		—
Unresolved product id: 7Server-RH7-RHOSE-4.3:ovn2.12-vtep-0:2.12.0-32.el7fdn.x86_64		—
Unresolved product id: 8Base-RHOSE-4.3:buildah-0:1.11.6-4.el8.src		—
Unresolved product id: 8Base-RHOSE-4.3:buildah-0:1.11.6-4.el8.x86_64		—
Unresolved product id: 8Base-RHOSE-4.3:buildah-debuginfo-0:1.11.6-4.el8.x86_64		—
Unresolved product id: 8Base-RHOSE-4.3:buildah-debugsource-0:1.11.6-4.el8.x86_64		—
Unresolved product id: 8Base-RHOSE-4.3:buildah-tests-0:1.11.6-4.el8.x86_64		—
Unresolved product id: 8Base-RHOSE-4.3:buildah-tests-debuginfo-0:1.11.6-4.el8.x86_64		—
Unresolved product id: 8Base-RHOSE-4.3:containers-common-1:0.1.40-4.rhaos.el8.x86_64		—
Unresolved product id: 8Base-RHOSE-4.3:cri-o-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.src		—
Unresolved product id: 8Base-RHOSE-4.3:cri-o-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.x86_64		—
Unresolved product id: 8Base-RHOSE-4.3:cri-o-debuginfo-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.x86_64		—
Unresolved product id: 8Base-RHOSE-4.3:cri-o-debugsource-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.x86_64		—
Unresolved product id: 8Base-RHOSE-4.3:cri-tools-0:1.17.0-2.el8.src		—
Unresolved product id: 8Base-RHOSE-4.3:cri-tools-0:1.17.0-2.el8.x86_64		—
Unresolved product id: 8Base-RHOSE-4.3:cri-tools-debuginfo-0:1.17.0-2.el8.x86_64		—
Unresolved product id: 8Base-RHOSE-4.3:cri-tools-debugsource-0:1.17.0-2.el8.x86_64		—
Unresolved product id: 8Base-RHOSE-4.3:machine-config-daemon-0:4.3.5-202003020117.git.0.61e0e48.el8.src		—
Unresolved product id: 8Base-RHOSE-4.3:machine-config-daemon-0:4.3.5-202003020117.git.0.61e0e48.el8.x86_64		—
Unresolved product id: 8Base-RHOSE-4.3:openshift-0:4.3.5-202002280657.git.0.b3bfb5a.el8.src		—
Unresolved product id: 8Base-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el8.src		—
Unresolved product id: 8Base-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el8.x86_64		—
Unresolved product id: 8Base-RHOSE-4.3:openshift-clients-redistributable-0:4.3.5-202002280657.git.1.55a9334.el8.x86_64		—
Unresolved product id: 8Base-RHOSE-4.3:openshift-hyperkube-0:4.3.5-202002280657.git.0.b3bfb5a.el8.x86_64		—
Unresolved product id: 8Base-RHOSE-4.3:openshift-kuryr-0:4.3.5-202003020117.git.0.237579a.el8.src		—
Unresolved product id: 8Base-RHOSE-4.3:openshift-kuryr-cni-0:4.3.5-202003020117.git.0.237579a.el8.noarch		—
Unresolved product id: 8Base-RHOSE-4.3:openshift-kuryr-common-0:4.3.5-202003020117.git.0.237579a.el8.noarch		—
Unresolved product id: 8Base-RHOSE-4.3:openshift-kuryr-controller-0:4.3.5-202003020117.git.0.237579a.el8.noarch		—
Unresolved product id: 8Base-RHOSE-4.3:python3-kuryr-kubernetes-0:4.3.5-202003020117.git.0.237579a.el8.noarch		—
Unresolved product id: 8Base-RHOSE-4.3:runc-0:1.0.0-65.rc10.rhaos4.3.el8.src		—
Unresolved product id: 8Base-RHOSE-4.3:runc-0:1.0.0-65.rc10.rhaos4.3.el8.x86_64		—
Unresolved product id: 8Base-RHOSE-4.3:runc-debuginfo-0:1.0.0-65.rc10.rhaos4.3.el8.x86_64		—
Unresolved product id: 8Base-RHOSE-4.3:runc-debugsource-0:1.0.0-65.rc10.rhaos4.3.el8.x86_64		—
Unresolved product id: 8Base-RHOSE-4.3:skopeo-1:0.1.40-4.rhaos.el8.src		—
Unresolved product id: 8Base-RHOSE-4.3:skopeo-1:0.1.40-4.rhaos.el8.x86_64		—
Unresolved product id: 8Base-RHOSE-4.3:skopeo-debuginfo-1:0.1.40-4.rhaos.el8.x86_64		—
Unresolved product id: 8Base-RHOSE-4.3:skopeo-debugsource-1:0.1.40-4.rhaos.el8.x86_64		—
Unresolved product id: 8Base-RHOSE-4.3:skopeo-tests-1:0.1.40-4.rhaos.el8.x86_64		—

Threats

Impact Low

CVE-2020-2105

REST API endpoints in Jenkins 2.218 and earlier, LTS 2.204.1 and earlier were vulnerable to clickjacking attacks.

3.1 (Low)


                        
                          CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N

CWE-1021 - Improper Restriction of Rendered UI Layers or Frames

Affected products

Fixed 2 products

Product	Identifier	Version	Remediation
Unresolved product id: 7Server-RH7-RHOSE-4.3:jenkins-0:2.204.2.1583446818-1.el7.noarch		—	Vendor Fix fix
Unresolved product id: 7Server-RH7-RHOSE-4.3:jenkins-0:2.204.2.1583446818-1.el7.src		—	Vendor Fix fix

Known not affected 60 products

Product	Identifier	Version	Remediation
Unresolved product id: 7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-1:4.3.5-202003020117.git.0.4eb885c.el7.src		—
Unresolved product id: 7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-1:4.3.5-202003020117.git.0.4eb885c.el7.x86_64		—
Unresolved product id: 7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-svcat-1:4.3.5-202003020117.git.0.4eb885c.el7.x86_64		—
Unresolved product id: 7Server-RH7-RHOSE-4.3:atomic-openshift-service-idler-0:4.3.5-202003020117.git.13.3ac2b0e.el7.src		—
Unresolved product id: 7Server-RH7-RHOSE-4.3:atomic-openshift-service-idler-0:4.3.5-202003020117.git.13.3ac2b0e.el7.x86_64		—
Unresolved product id: 7Server-RH7-RHOSE-4.3:cri-tools-0:1.17.0-1.el7.src		—
Unresolved product id: 7Server-RH7-RHOSE-4.3:cri-tools-0:1.17.0-1.el7.x86_64		—
Unresolved product id: 7Server-RH7-RHOSE-4.3:cri-tools-debuginfo-0:1.17.0-1.el7.x86_64		—
Unresolved product id: 7Server-RH7-RHOSE-4.3:jenkins-2-plugins-0:4.3.1583445947-1.el7.noarch		—
Unresolved product id: 7Server-RH7-RHOSE-4.3:jenkins-2-plugins-0:4.3.1583445947-1.el7.src		—
Unresolved product id: 7Server-RH7-RHOSE-4.3:openshift-0:4.3.5-202002280657.git.0.b3bfb5a.el7.src		—
Unresolved product id: 7Server-RH7-RHOSE-4.3:openshift-ansible-0:4.3.5-202002280657.git.1.e4f02b3.el7.noarch		—
Unresolved product id: 7Server-RH7-RHOSE-4.3:openshift-ansible-0:4.3.5-202002280657.git.1.e4f02b3.el7.src		—
Unresolved product id: 7Server-RH7-RHOSE-4.3:openshift-ansible-test-0:4.3.5-202002280657.git.1.e4f02b3.el7.noarch		—
Unresolved product id: 7Server-RH7-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el7.src		—
Unresolved product id: 7Server-RH7-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el7.x86_64		—
Unresolved product id: 7Server-RH7-RHOSE-4.3:openshift-clients-redistributable-0:4.3.5-202002280657.git.1.55a9334.el7.x86_64		—
Unresolved product id: 7Server-RH7-RHOSE-4.3:openshift-hyperkube-0:4.3.5-202002280657.git.0.b3bfb5a.el7.x86_64		—
Unresolved product id: 7Server-RH7-RHOSE-4.3:ovn2.12-0:2.12.0-32.el7fdn.src		—
Unresolved product id: 7Server-RH7-RHOSE-4.3:ovn2.12-0:2.12.0-32.el7fdn.x86_64		—
Unresolved product id: 7Server-RH7-RHOSE-4.3:ovn2.12-central-0:2.12.0-32.el7fdn.x86_64		—
Unresolved product id: 7Server-RH7-RHOSE-4.3:ovn2.12-debuginfo-0:2.12.0-32.el7fdn.x86_64		—
Unresolved product id: 7Server-RH7-RHOSE-4.3:ovn2.12-host-0:2.12.0-32.el7fdn.x86_64		—
Unresolved product id: 7Server-RH7-RHOSE-4.3:ovn2.12-vtep-0:2.12.0-32.el7fdn.x86_64		—
Unresolved product id: 8Base-RHOSE-4.3:buildah-0:1.11.6-4.el8.src		—
Unresolved product id: 8Base-RHOSE-4.3:buildah-0:1.11.6-4.el8.x86_64		—
Unresolved product id: 8Base-RHOSE-4.3:buildah-debuginfo-0:1.11.6-4.el8.x86_64		—
Unresolved product id: 8Base-RHOSE-4.3:buildah-debugsource-0:1.11.6-4.el8.x86_64		—
Unresolved product id: 8Base-RHOSE-4.3:buildah-tests-0:1.11.6-4.el8.x86_64		—
Unresolved product id: 8Base-RHOSE-4.3:buildah-tests-debuginfo-0:1.11.6-4.el8.x86_64		—
Unresolved product id: 8Base-RHOSE-4.3:containers-common-1:0.1.40-4.rhaos.el8.x86_64		—
Unresolved product id: 8Base-RHOSE-4.3:cri-o-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.src		—
Unresolved product id: 8Base-RHOSE-4.3:cri-o-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.x86_64		—
Unresolved product id: 8Base-RHOSE-4.3:cri-o-debuginfo-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.x86_64		—
Unresolved product id: 8Base-RHOSE-4.3:cri-o-debugsource-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.x86_64		—
Unresolved product id: 8Base-RHOSE-4.3:cri-tools-0:1.17.0-2.el8.src		—
Unresolved product id: 8Base-RHOSE-4.3:cri-tools-0:1.17.0-2.el8.x86_64		—
Unresolved product id: 8Base-RHOSE-4.3:cri-tools-debuginfo-0:1.17.0-2.el8.x86_64		—
Unresolved product id: 8Base-RHOSE-4.3:cri-tools-debugsource-0:1.17.0-2.el8.x86_64		—
Unresolved product id: 8Base-RHOSE-4.3:machine-config-daemon-0:4.3.5-202003020117.git.0.61e0e48.el8.src		—
Unresolved product id: 8Base-RHOSE-4.3:machine-config-daemon-0:4.3.5-202003020117.git.0.61e0e48.el8.x86_64		—
Unresolved product id: 8Base-RHOSE-4.3:openshift-0:4.3.5-202002280657.git.0.b3bfb5a.el8.src		—
Unresolved product id: 8Base-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el8.src		—
Unresolved product id: 8Base-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el8.x86_64		—
Unresolved product id: 8Base-RHOSE-4.3:openshift-clients-redistributable-0:4.3.5-202002280657.git.1.55a9334.el8.x86_64		—
Unresolved product id: 8Base-RHOSE-4.3:openshift-hyperkube-0:4.3.5-202002280657.git.0.b3bfb5a.el8.x86_64		—
Unresolved product id: 8Base-RHOSE-4.3:openshift-kuryr-0:4.3.5-202003020117.git.0.237579a.el8.src		—
Unresolved product id: 8Base-RHOSE-4.3:openshift-kuryr-cni-0:4.3.5-202003020117.git.0.237579a.el8.noarch		—
Unresolved product id: 8Base-RHOSE-4.3:openshift-kuryr-common-0:4.3.5-202003020117.git.0.237579a.el8.noarch		—
Unresolved product id: 8Base-RHOSE-4.3:openshift-kuryr-controller-0:4.3.5-202003020117.git.0.237579a.el8.noarch		—
Unresolved product id: 8Base-RHOSE-4.3:python3-kuryr-kubernetes-0:4.3.5-202003020117.git.0.237579a.el8.noarch		—
Unresolved product id: 8Base-RHOSE-4.3:runc-0:1.0.0-65.rc10.rhaos4.3.el8.src		—
Unresolved product id: 8Base-RHOSE-4.3:runc-0:1.0.0-65.rc10.rhaos4.3.el8.x86_64		—
Unresolved product id: 8Base-RHOSE-4.3:runc-debuginfo-0:1.0.0-65.rc10.rhaos4.3.el8.x86_64		—
Unresolved product id: 8Base-RHOSE-4.3:runc-debugsource-0:1.0.0-65.rc10.rhaos4.3.el8.x86_64		—
Unresolved product id: 8Base-RHOSE-4.3:skopeo-1:0.1.40-4.rhaos.el8.src		—
Unresolved product id: 8Base-RHOSE-4.3:skopeo-1:0.1.40-4.rhaos.el8.x86_64		—
Unresolved product id: 8Base-RHOSE-4.3:skopeo-debuginfo-1:0.1.40-4.rhaos.el8.x86_64		—
Unresolved product id: 8Base-RHOSE-4.3:skopeo-debugsource-1:0.1.40-4.rhaos.el8.x86_64		—
Unresolved product id: 8Base-RHOSE-4.3:skopeo-tests-1:0.1.40-4.rhaos.el8.x86_64		—

Threats

Impact Low

References

31 references

URL	Category
https://access.redhat.com/errata/RHBA-2020:0675	self
https://bugzilla.redhat.com/show_bug.cgi?id=1804814	external
https://security.access.redhat.com/data/csaf/v2/a…	self
https://access.redhat.com/security/cve/CVE-2020-2099	self
https://bugzilla.redhat.com/show_bug.cgi?id=1797080	external
https://www.cve.org/CVERecord?id=CVE-2020-2099	external
https://nvd.nist.gov/vuln/detail/CVE-2020-2099	external
https://access.redhat.com/security/cve/CVE-2020-2100	self
https://bugzilla.redhat.com/show_bug.cgi?id=1797087	external
https://www.cve.org/CVERecord?id=CVE-2020-2100	external
https://nvd.nist.gov/vuln/detail/CVE-2020-2100	external
https://access.redhat.com/security/cve/CVE-2020-2101	self
https://bugzilla.redhat.com/show_bug.cgi?id=1797084	external
https://www.cve.org/CVERecord?id=CVE-2020-2101	external
https://nvd.nist.gov/vuln/detail/CVE-2020-2101	external
https://access.redhat.com/security/cve/CVE-2020-2102	self
https://bugzilla.redhat.com/show_bug.cgi?id=1797071	external
https://www.cve.org/CVERecord?id=CVE-2020-2102	external
https://nvd.nist.gov/vuln/detail/CVE-2020-2102	external
https://access.redhat.com/security/cve/CVE-2020-2103	self
https://bugzilla.redhat.com/show_bug.cgi?id=1797062	external
https://www.cve.org/CVERecord?id=CVE-2020-2103	external
https://nvd.nist.gov/vuln/detail/CVE-2020-2103	external
https://access.redhat.com/security/cve/CVE-2020-2104	self
https://bugzilla.redhat.com/show_bug.cgi?id=1797065	external
https://www.cve.org/CVERecord?id=CVE-2020-2104	external
https://nvd.nist.gov/vuln/detail/CVE-2020-2104	external
https://access.redhat.com/security/cve/CVE-2020-2105	self
https://bugzilla.redhat.com/show_bug.cgi?id=1797068	external
https://www.cve.org/CVERecord?id=CVE-2020-2105	external
https://nvd.nist.gov/vuln/detail/CVE-2020-2105	external

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://access.redhat.com/security/updates/classification/",
      "text": "Important"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "Red Hat OpenShift Container Platform release 4.3.5 is now available with\nupdates to packages and images that fix several bugs.",
        "title": "Topic"
      },
      {
        "category": "general",
        "text": "Red Hat OpenShift Container Platform is Red Hat\u0027s cloud computing\nKubernetes application platform solution designed for on-premise or private\ncloud deployments.\n\nThis advisory contains the RPM packages for Red Hat OpenShift Container\nPlatform 4.3.5. See the following advisory for the container images for\nthis release:\n\nhttps://access.redhat.com/errata/RHBA-2020:0676\n\nAll OpenShift Container Platform 4.3 users are advised to upgrade to these\nupdated packages and images.",
        "title": "Details"
      },
      {
        "category": "legal_disclaimer",
        "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
        "title": "Terms of Use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://access.redhat.com/security/team/contact/",
      "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
      "name": "Red Hat Product Security",
      "namespace": "https://www.redhat.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "https://access.redhat.com/errata/RHBA-2020:0675",
        "url": "https://access.redhat.com/errata/RHBA-2020:0675"
      },
      {
        "category": "external",
        "summary": "1804814",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1804814"
      },
      {
        "category": "self",
        "summary": "Canonical URL",
        "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2020/rhba-2020_0675.json"
      }
    ],
    "title": "Red Hat Bug Fix Advisory: OpenShift Container Platform 4.3.5 packages update",
    "tracking": {
      "current_release_date": "2026-04-27T21:10:02+00:00",
      "generator": {
        "date": "2026-04-27T21:10:02+00:00",
        "engine": {
          "name": "Red Hat SDEngine",
          "version": "4.7.5"
        }
      },
      "id": "RHBA-2020:0675",
      "initial_release_date": "2020-03-10T22:10:58+00:00",
      "revision_history": [
        {
          "date": "2020-03-10T22:10:58+00:00",
          "number": "1",
          "summary": "Initial version"
        },
        {
          "date": "2020-03-10T22:10:58+00:00",
          "number": "2",
          "summary": "Last updated version"
        },
        {
          "date": "2026-04-27T21:10:02+00:00",
          "number": "3",
          "summary": "Last generated version"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Red Hat OpenShift Container Platform 4.3",
                "product": {
                  "name": "Red Hat OpenShift Container Platform 4.3",
                  "product_id": "7Server-RH7-RHOSE-4.3",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:openshift:4.3::el7"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat OpenShift Container Platform 4.3",
                "product": {
                  "name": "Red Hat OpenShift Container Platform 4.3",
                  "product_id": "8Base-RHOSE-4.3",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:openshift:4.3::el8"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "Red Hat OpenShift Enterprise"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "cri-tools-0:1.17.0-1.el7.x86_64",
                "product": {
                  "name": "cri-tools-0:1.17.0-1.el7.x86_64",
                  "product_id": "cri-tools-0:1.17.0-1.el7.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/cri-tools@1.17.0-1.el7?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "cri-tools-debuginfo-0:1.17.0-1.el7.x86_64",
                "product": {
                  "name": "cri-tools-debuginfo-0:1.17.0-1.el7.x86_64",
                  "product_id": "cri-tools-debuginfo-0:1.17.0-1.el7.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/cri-tools-debuginfo@1.17.0-1.el7?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openshift-hyperkube-0:4.3.5-202002280657.git.0.b3bfb5a.el7.x86_64",
                "product": {
                  "name": "openshift-hyperkube-0:4.3.5-202002280657.git.0.b3bfb5a.el7.x86_64",
                  "product_id": "openshift-hyperkube-0:4.3.5-202002280657.git.0.b3bfb5a.el7.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/openshift-hyperkube@4.3.5-202002280657.git.0.b3bfb5a.el7?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el7.x86_64",
                "product": {
                  "name": "openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el7.x86_64",
                  "product_id": "openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el7.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/openshift-clients@4.3.5-202002280657.git.1.55a9334.el7?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openshift-clients-redistributable-0:4.3.5-202002280657.git.1.55a9334.el7.x86_64",
                "product": {
                  "name": "openshift-clients-redistributable-0:4.3.5-202002280657.git.1.55a9334.el7.x86_64",
                  "product_id": "openshift-clients-redistributable-0:4.3.5-202002280657.git.1.55a9334.el7.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/openshift-clients-redistributable@4.3.5-202002280657.git.1.55a9334.el7?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "atomic-openshift-service-idler-0:4.3.5-202003020117.git.13.3ac2b0e.el7.x86_64",
                "product": {
                  "name": "atomic-openshift-service-idler-0:4.3.5-202003020117.git.13.3ac2b0e.el7.x86_64",
                  "product_id": "atomic-openshift-service-idler-0:4.3.5-202003020117.git.13.3ac2b0e.el7.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/atomic-openshift-service-idler@4.3.5-202003020117.git.13.3ac2b0e.el7?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "atomic-enterprise-service-catalog-1:4.3.5-202003020117.git.0.4eb885c.el7.x86_64",
                "product": {
                  "name": "atomic-enterprise-service-catalog-1:4.3.5-202003020117.git.0.4eb885c.el7.x86_64",
                  "product_id": "atomic-enterprise-service-catalog-1:4.3.5-202003020117.git.0.4eb885c.el7.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/atomic-enterprise-service-catalog@4.3.5-202003020117.git.0.4eb885c.el7?arch=x86_64\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "atomic-enterprise-service-catalog-svcat-1:4.3.5-202003020117.git.0.4eb885c.el7.x86_64",
                "product": {
                  "name": "atomic-enterprise-service-catalog-svcat-1:4.3.5-202003020117.git.0.4eb885c.el7.x86_64",
                  "product_id": "atomic-enterprise-service-catalog-svcat-1:4.3.5-202003020117.git.0.4eb885c.el7.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/atomic-enterprise-service-catalog-svcat@4.3.5-202003020117.git.0.4eb885c.el7?arch=x86_64\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "ovn2.12-0:2.12.0-32.el7fdn.x86_64",
                "product": {
                  "name": "ovn2.12-0:2.12.0-32.el7fdn.x86_64",
                  "product_id": "ovn2.12-0:2.12.0-32.el7fdn.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/ovn2.12@2.12.0-32.el7fdn?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "ovn2.12-central-0:2.12.0-32.el7fdn.x86_64",
                "product": {
                  "name": "ovn2.12-central-0:2.12.0-32.el7fdn.x86_64",
                  "product_id": "ovn2.12-central-0:2.12.0-32.el7fdn.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/ovn2.12-central@2.12.0-32.el7fdn?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "ovn2.12-host-0:2.12.0-32.el7fdn.x86_64",
                "product": {
                  "name": "ovn2.12-host-0:2.12.0-32.el7fdn.x86_64",
                  "product_id": "ovn2.12-host-0:2.12.0-32.el7fdn.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/ovn2.12-host@2.12.0-32.el7fdn?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "ovn2.12-vtep-0:2.12.0-32.el7fdn.x86_64",
                "product": {
                  "name": "ovn2.12-vtep-0:2.12.0-32.el7fdn.x86_64",
                  "product_id": "ovn2.12-vtep-0:2.12.0-32.el7fdn.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/ovn2.12-vtep@2.12.0-32.el7fdn?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "ovn2.12-debuginfo-0:2.12.0-32.el7fdn.x86_64",
                "product": {
                  "name": "ovn2.12-debuginfo-0:2.12.0-32.el7fdn.x86_64",
                  "product_id": "ovn2.12-debuginfo-0:2.12.0-32.el7fdn.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/ovn2.12-debuginfo@2.12.0-32.el7fdn?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "runc-0:1.0.0-65.rc10.rhaos4.3.el8.x86_64",
                "product": {
                  "name": "runc-0:1.0.0-65.rc10.rhaos4.3.el8.x86_64",
                  "product_id": "runc-0:1.0.0-65.rc10.rhaos4.3.el8.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/runc@1.0.0-65.rc10.rhaos4.3.el8?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "runc-debugsource-0:1.0.0-65.rc10.rhaos4.3.el8.x86_64",
                "product": {
                  "name": "runc-debugsource-0:1.0.0-65.rc10.rhaos4.3.el8.x86_64",
                  "product_id": "runc-debugsource-0:1.0.0-65.rc10.rhaos4.3.el8.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/runc-debugsource@1.0.0-65.rc10.rhaos4.3.el8?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "runc-debuginfo-0:1.0.0-65.rc10.rhaos4.3.el8.x86_64",
                "product": {
                  "name": "runc-debuginfo-0:1.0.0-65.rc10.rhaos4.3.el8.x86_64",
                  "product_id": "runc-debuginfo-0:1.0.0-65.rc10.rhaos4.3.el8.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/runc-debuginfo@1.0.0-65.rc10.rhaos4.3.el8?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "cri-tools-0:1.17.0-2.el8.x86_64",
                "product": {
                  "name": "cri-tools-0:1.17.0-2.el8.x86_64",
                  "product_id": "cri-tools-0:1.17.0-2.el8.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/cri-tools@1.17.0-2.el8?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "cri-tools-debugsource-0:1.17.0-2.el8.x86_64",
                "product": {
                  "name": "cri-tools-debugsource-0:1.17.0-2.el8.x86_64",
                  "product_id": "cri-tools-debugsource-0:1.17.0-2.el8.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/cri-tools-debugsource@1.17.0-2.el8?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "cri-tools-debuginfo-0:1.17.0-2.el8.x86_64",
                "product": {
                  "name": "cri-tools-debuginfo-0:1.17.0-2.el8.x86_64",
                  "product_id": "cri-tools-debuginfo-0:1.17.0-2.el8.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/cri-tools-debuginfo@1.17.0-2.el8?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "containers-common-1:0.1.40-4.rhaos.el8.x86_64",
                "product": {
                  "name": "containers-common-1:0.1.40-4.rhaos.el8.x86_64",
                  "product_id": "containers-common-1:0.1.40-4.rhaos.el8.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/containers-common@0.1.40-4.rhaos.el8?arch=x86_64\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "skopeo-1:0.1.40-4.rhaos.el8.x86_64",
                "product": {
                  "name": "skopeo-1:0.1.40-4.rhaos.el8.x86_64",
                  "product_id": "skopeo-1:0.1.40-4.rhaos.el8.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/skopeo@0.1.40-4.rhaos.el8?arch=x86_64\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "skopeo-tests-1:0.1.40-4.rhaos.el8.x86_64",
                "product": {
                  "name": "skopeo-tests-1:0.1.40-4.rhaos.el8.x86_64",
                  "product_id": "skopeo-tests-1:0.1.40-4.rhaos.el8.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/skopeo-tests@0.1.40-4.rhaos.el8?arch=x86_64\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "skopeo-debugsource-1:0.1.40-4.rhaos.el8.x86_64",
                "product": {
                  "name": "skopeo-debugsource-1:0.1.40-4.rhaos.el8.x86_64",
                  "product_id": "skopeo-debugsource-1:0.1.40-4.rhaos.el8.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/skopeo-debugsource@0.1.40-4.rhaos.el8?arch=x86_64\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "skopeo-debuginfo-1:0.1.40-4.rhaos.el8.x86_64",
                "product": {
                  "name": "skopeo-debuginfo-1:0.1.40-4.rhaos.el8.x86_64",
                  "product_id": "skopeo-debuginfo-1:0.1.40-4.rhaos.el8.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/skopeo-debuginfo@0.1.40-4.rhaos.el8?arch=x86_64\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "cri-o-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.x86_64",
                "product": {
                  "name": "cri-o-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.x86_64",
                  "product_id": "cri-o-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/cri-o@1.16.3-22.dev.rhaos4.3.git11c04e3.el8?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "cri-o-debugsource-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.x86_64",
                "product": {
                  "name": "cri-o-debugsource-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.x86_64",
                  "product_id": "cri-o-debugsource-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/cri-o-debugsource@1.16.3-22.dev.rhaos4.3.git11c04e3.el8?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "cri-o-debuginfo-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.x86_64",
                "product": {
                  "name": "cri-o-debuginfo-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.x86_64",
                  "product_id": "cri-o-debuginfo-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/cri-o-debuginfo@1.16.3-22.dev.rhaos4.3.git11c04e3.el8?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "buildah-0:1.11.6-4.el8.x86_64",
                "product": {
                  "name": "buildah-0:1.11.6-4.el8.x86_64",
                  "product_id": "buildah-0:1.11.6-4.el8.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/buildah@1.11.6-4.el8?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "buildah-tests-0:1.11.6-4.el8.x86_64",
                "product": {
                  "name": "buildah-tests-0:1.11.6-4.el8.x86_64",
                  "product_id": "buildah-tests-0:1.11.6-4.el8.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/buildah-tests@1.11.6-4.el8?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "buildah-debugsource-0:1.11.6-4.el8.x86_64",
                "product": {
                  "name": "buildah-debugsource-0:1.11.6-4.el8.x86_64",
                  "product_id": "buildah-debugsource-0:1.11.6-4.el8.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/buildah-debugsource@1.11.6-4.el8?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "buildah-debuginfo-0:1.11.6-4.el8.x86_64",
                "product": {
                  "name": "buildah-debuginfo-0:1.11.6-4.el8.x86_64",
                  "product_id": "buildah-debuginfo-0:1.11.6-4.el8.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/buildah-debuginfo@1.11.6-4.el8?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "buildah-tests-debuginfo-0:1.11.6-4.el8.x86_64",
                "product": {
                  "name": "buildah-tests-debuginfo-0:1.11.6-4.el8.x86_64",
                  "product_id": "buildah-tests-debuginfo-0:1.11.6-4.el8.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/buildah-tests-debuginfo@1.11.6-4.el8?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openshift-hyperkube-0:4.3.5-202002280657.git.0.b3bfb5a.el8.x86_64",
                "product": {
                  "name": "openshift-hyperkube-0:4.3.5-202002280657.git.0.b3bfb5a.el8.x86_64",
                  "product_id": "openshift-hyperkube-0:4.3.5-202002280657.git.0.b3bfb5a.el8.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/openshift-hyperkube@4.3.5-202002280657.git.0.b3bfb5a.el8?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el8.x86_64",
                "product": {
                  "name": "openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el8.x86_64",
                  "product_id": "openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el8.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/openshift-clients@4.3.5-202002280657.git.1.55a9334.el8?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openshift-clients-redistributable-0:4.3.5-202002280657.git.1.55a9334.el8.x86_64",
                "product": {
                  "name": "openshift-clients-redistributable-0:4.3.5-202002280657.git.1.55a9334.el8.x86_64",
                  "product_id": "openshift-clients-redistributable-0:4.3.5-202002280657.git.1.55a9334.el8.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/openshift-clients-redistributable@4.3.5-202002280657.git.1.55a9334.el8?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "machine-config-daemon-0:4.3.5-202003020117.git.0.61e0e48.el8.x86_64",
                "product": {
                  "name": "machine-config-daemon-0:4.3.5-202003020117.git.0.61e0e48.el8.x86_64",
                  "product_id": "machine-config-daemon-0:4.3.5-202003020117.git.0.61e0e48.el8.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/machine-config-daemon@4.3.5-202003020117.git.0.61e0e48.el8?arch=x86_64"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "x86_64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "cri-tools-0:1.17.0-1.el7.src",
                "product": {
                  "name": "cri-tools-0:1.17.0-1.el7.src",
                  "product_id": "cri-tools-0:1.17.0-1.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/cri-tools@1.17.0-1.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openshift-0:4.3.5-202002280657.git.0.b3bfb5a.el7.src",
                "product": {
                  "name": "openshift-0:4.3.5-202002280657.git.0.b3bfb5a.el7.src",
                  "product_id": "openshift-0:4.3.5-202002280657.git.0.b3bfb5a.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/openshift@4.3.5-202002280657.git.0.b3bfb5a.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el7.src",
                "product": {
                  "name": "openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el7.src",
                  "product_id": "openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/openshift-clients@4.3.5-202002280657.git.1.55a9334.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openshift-ansible-0:4.3.5-202002280657.git.1.e4f02b3.el7.src",
                "product": {
                  "name": "openshift-ansible-0:4.3.5-202002280657.git.1.e4f02b3.el7.src",
                  "product_id": "openshift-ansible-0:4.3.5-202002280657.git.1.e4f02b3.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/openshift-ansible@4.3.5-202002280657.git.1.e4f02b3.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "atomic-openshift-service-idler-0:4.3.5-202003020117.git.13.3ac2b0e.el7.src",
                "product": {
                  "name": "atomic-openshift-service-idler-0:4.3.5-202003020117.git.13.3ac2b0e.el7.src",
                  "product_id": "atomic-openshift-service-idler-0:4.3.5-202003020117.git.13.3ac2b0e.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/atomic-openshift-service-idler@4.3.5-202003020117.git.13.3ac2b0e.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "atomic-enterprise-service-catalog-1:4.3.5-202003020117.git.0.4eb885c.el7.src",
                "product": {
                  "name": "atomic-enterprise-service-catalog-1:4.3.5-202003020117.git.0.4eb885c.el7.src",
                  "product_id": "atomic-enterprise-service-catalog-1:4.3.5-202003020117.git.0.4eb885c.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/atomic-enterprise-service-catalog@4.3.5-202003020117.git.0.4eb885c.el7?arch=src\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "ovn2.12-0:2.12.0-32.el7fdn.src",
                "product": {
                  "name": "ovn2.12-0:2.12.0-32.el7fdn.src",
                  "product_id": "ovn2.12-0:2.12.0-32.el7fdn.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/ovn2.12@2.12.0-32.el7fdn?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jenkins-2-plugins-0:4.3.1583445947-1.el7.src",
                "product": {
                  "name": "jenkins-2-plugins-0:4.3.1583445947-1.el7.src",
                  "product_id": "jenkins-2-plugins-0:4.3.1583445947-1.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jenkins-2-plugins@4.3.1583445947-1.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jenkins-0:2.204.2.1583446818-1.el7.src",
                "product": {
                  "name": "jenkins-0:2.204.2.1583446818-1.el7.src",
                  "product_id": "jenkins-0:2.204.2.1583446818-1.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jenkins@2.204.2.1583446818-1.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "runc-0:1.0.0-65.rc10.rhaos4.3.el8.src",
                "product": {
                  "name": "runc-0:1.0.0-65.rc10.rhaos4.3.el8.src",
                  "product_id": "runc-0:1.0.0-65.rc10.rhaos4.3.el8.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/runc@1.0.0-65.rc10.rhaos4.3.el8?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "cri-tools-0:1.17.0-2.el8.src",
                "product": {
                  "name": "cri-tools-0:1.17.0-2.el8.src",
                  "product_id": "cri-tools-0:1.17.0-2.el8.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/cri-tools@1.17.0-2.el8?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "skopeo-1:0.1.40-4.rhaos.el8.src",
                "product": {
                  "name": "skopeo-1:0.1.40-4.rhaos.el8.src",
                  "product_id": "skopeo-1:0.1.40-4.rhaos.el8.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/skopeo@0.1.40-4.rhaos.el8?arch=src\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "cri-o-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.src",
                "product": {
                  "name": "cri-o-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.src",
                  "product_id": "cri-o-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/cri-o@1.16.3-22.dev.rhaos4.3.git11c04e3.el8?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "buildah-0:1.11.6-4.el8.src",
                "product": {
                  "name": "buildah-0:1.11.6-4.el8.src",
                  "product_id": "buildah-0:1.11.6-4.el8.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/buildah@1.11.6-4.el8?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openshift-0:4.3.5-202002280657.git.0.b3bfb5a.el8.src",
                "product": {
                  "name": "openshift-0:4.3.5-202002280657.git.0.b3bfb5a.el8.src",
                  "product_id": "openshift-0:4.3.5-202002280657.git.0.b3bfb5a.el8.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/openshift@4.3.5-202002280657.git.0.b3bfb5a.el8?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el8.src",
                "product": {
                  "name": "openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el8.src",
                  "product_id": "openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el8.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/openshift-clients@4.3.5-202002280657.git.1.55a9334.el8?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "machine-config-daemon-0:4.3.5-202003020117.git.0.61e0e48.el8.src",
                "product": {
                  "name": "machine-config-daemon-0:4.3.5-202003020117.git.0.61e0e48.el8.src",
                  "product_id": "machine-config-daemon-0:4.3.5-202003020117.git.0.61e0e48.el8.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/machine-config-daemon@4.3.5-202003020117.git.0.61e0e48.el8?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openshift-kuryr-0:4.3.5-202003020117.git.0.237579a.el8.src",
                "product": {
                  "name": "openshift-kuryr-0:4.3.5-202003020117.git.0.237579a.el8.src",
                  "product_id": "openshift-kuryr-0:4.3.5-202003020117.git.0.237579a.el8.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/openshift-kuryr@4.3.5-202003020117.git.0.237579a.el8?arch=src"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "src"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "openshift-ansible-0:4.3.5-202002280657.git.1.e4f02b3.el7.noarch",
                "product": {
                  "name": "openshift-ansible-0:4.3.5-202002280657.git.1.e4f02b3.el7.noarch",
                  "product_id": "openshift-ansible-0:4.3.5-202002280657.git.1.e4f02b3.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/openshift-ansible@4.3.5-202002280657.git.1.e4f02b3.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openshift-ansible-test-0:4.3.5-202002280657.git.1.e4f02b3.el7.noarch",
                "product": {
                  "name": "openshift-ansible-test-0:4.3.5-202002280657.git.1.e4f02b3.el7.noarch",
                  "product_id": "openshift-ansible-test-0:4.3.5-202002280657.git.1.e4f02b3.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/openshift-ansible-test@4.3.5-202002280657.git.1.e4f02b3.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jenkins-2-plugins-0:4.3.1583445947-1.el7.noarch",
                "product": {
                  "name": "jenkins-2-plugins-0:4.3.1583445947-1.el7.noarch",
                  "product_id": "jenkins-2-plugins-0:4.3.1583445947-1.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jenkins-2-plugins@4.3.1583445947-1.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jenkins-0:2.204.2.1583446818-1.el7.noarch",
                "product": {
                  "name": "jenkins-0:2.204.2.1583446818-1.el7.noarch",
                  "product_id": "jenkins-0:2.204.2.1583446818-1.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jenkins@2.204.2.1583446818-1.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openshift-kuryr-cni-0:4.3.5-202003020117.git.0.237579a.el8.noarch",
                "product": {
                  "name": "openshift-kuryr-cni-0:4.3.5-202003020117.git.0.237579a.el8.noarch",
                  "product_id": "openshift-kuryr-cni-0:4.3.5-202003020117.git.0.237579a.el8.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/openshift-kuryr-cni@4.3.5-202003020117.git.0.237579a.el8?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openshift-kuryr-common-0:4.3.5-202003020117.git.0.237579a.el8.noarch",
                "product": {
                  "name": "openshift-kuryr-common-0:4.3.5-202003020117.git.0.237579a.el8.noarch",
                  "product_id": "openshift-kuryr-common-0:4.3.5-202003020117.git.0.237579a.el8.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/openshift-kuryr-common@4.3.5-202003020117.git.0.237579a.el8?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openshift-kuryr-controller-0:4.3.5-202003020117.git.0.237579a.el8.noarch",
                "product": {
                  "name": "openshift-kuryr-controller-0:4.3.5-202003020117.git.0.237579a.el8.noarch",
                  "product_id": "openshift-kuryr-controller-0:4.3.5-202003020117.git.0.237579a.el8.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/openshift-kuryr-controller@4.3.5-202003020117.git.0.237579a.el8?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "python3-kuryr-kubernetes-0:4.3.5-202003020117.git.0.237579a.el8.noarch",
                "product": {
                  "name": "python3-kuryr-kubernetes-0:4.3.5-202003020117.git.0.237579a.el8.noarch",
                  "product_id": "python3-kuryr-kubernetes-0:4.3.5-202003020117.git.0.237579a.el8.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/python3-kuryr-kubernetes@4.3.5-202003020117.git.0.237579a.el8?arch=noarch"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "noarch"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "atomic-enterprise-service-catalog-1:4.3.5-202003020117.git.0.4eb885c.el7.src as a component of Red Hat OpenShift Container Platform 4.3",
          "product_id": "7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-1:4.3.5-202003020117.git.0.4eb885c.el7.src"
        },
        "product_reference": "atomic-enterprise-service-catalog-1:4.3.5-202003020117.git.0.4eb885c.el7.src",
        "relates_to_product_reference": "7Server-RH7-RHOSE-4.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "atomic-enterprise-service-catalog-1:4.3.5-202003020117.git.0.4eb885c.el7.x86_64 as a component of Red Hat OpenShift Container Platform 4.3",
          "product_id": "7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-1:4.3.5-202003020117.git.0.4eb885c.el7.x86_64"
        },
        "product_reference": "atomic-enterprise-service-catalog-1:4.3.5-202003020117.git.0.4eb885c.el7.x86_64",
        "relates_to_product_reference": "7Server-RH7-RHOSE-4.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "atomic-enterprise-service-catalog-svcat-1:4.3.5-202003020117.git.0.4eb885c.el7.x86_64 as a component of Red Hat OpenShift Container Platform 4.3",
          "product_id": "7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-svcat-1:4.3.5-202003020117.git.0.4eb885c.el7.x86_64"
        },
        "product_reference": "atomic-enterprise-service-catalog-svcat-1:4.3.5-202003020117.git.0.4eb885c.el7.x86_64",
        "relates_to_product_reference": "7Server-RH7-RHOSE-4.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "atomic-openshift-service-idler-0:4.3.5-202003020117.git.13.3ac2b0e.el7.src as a component of Red Hat OpenShift Container Platform 4.3",
          "product_id": "7Server-RH7-RHOSE-4.3:atomic-openshift-service-idler-0:4.3.5-202003020117.git.13.3ac2b0e.el7.src"
        },
        "product_reference": "atomic-openshift-service-idler-0:4.3.5-202003020117.git.13.3ac2b0e.el7.src",
        "relates_to_product_reference": "7Server-RH7-RHOSE-4.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "atomic-openshift-service-idler-0:4.3.5-202003020117.git.13.3ac2b0e.el7.x86_64 as a component of Red Hat OpenShift Container Platform 4.3",
          "product_id": "7Server-RH7-RHOSE-4.3:atomic-openshift-service-idler-0:4.3.5-202003020117.git.13.3ac2b0e.el7.x86_64"
        },
        "product_reference": "atomic-openshift-service-idler-0:4.3.5-202003020117.git.13.3ac2b0e.el7.x86_64",
        "relates_to_product_reference": "7Server-RH7-RHOSE-4.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "cri-tools-0:1.17.0-1.el7.src as a component of Red Hat OpenShift Container Platform 4.3",
          "product_id": "7Server-RH7-RHOSE-4.3:cri-tools-0:1.17.0-1.el7.src"
        },
        "product_reference": "cri-tools-0:1.17.0-1.el7.src",
        "relates_to_product_reference": "7Server-RH7-RHOSE-4.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "cri-tools-0:1.17.0-1.el7.x86_64 as a component of Red Hat OpenShift Container Platform 4.3",
          "product_id": "7Server-RH7-RHOSE-4.3:cri-tools-0:1.17.0-1.el7.x86_64"
        },
        "product_reference": "cri-tools-0:1.17.0-1.el7.x86_64",
        "relates_to_product_reference": "7Server-RH7-RHOSE-4.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "cri-tools-debuginfo-0:1.17.0-1.el7.x86_64 as a component of Red Hat OpenShift Container Platform 4.3",
          "product_id": "7Server-RH7-RHOSE-4.3:cri-tools-debuginfo-0:1.17.0-1.el7.x86_64"
        },
        "product_reference": "cri-tools-debuginfo-0:1.17.0-1.el7.x86_64",
        "relates_to_product_reference": "7Server-RH7-RHOSE-4.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jenkins-0:2.204.2.1583446818-1.el7.noarch as a component of Red Hat OpenShift Container Platform 4.3",
          "product_id": "7Server-RH7-RHOSE-4.3:jenkins-0:2.204.2.1583446818-1.el7.noarch"
        },
        "product_reference": "jenkins-0:2.204.2.1583446818-1.el7.noarch",
        "relates_to_product_reference": "7Server-RH7-RHOSE-4.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jenkins-0:2.204.2.1583446818-1.el7.src as a component of Red Hat OpenShift Container Platform 4.3",
          "product_id": "7Server-RH7-RHOSE-4.3:jenkins-0:2.204.2.1583446818-1.el7.src"
        },
        "product_reference": "jenkins-0:2.204.2.1583446818-1.el7.src",
        "relates_to_product_reference": "7Server-RH7-RHOSE-4.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jenkins-2-plugins-0:4.3.1583445947-1.el7.noarch as a component of Red Hat OpenShift Container Platform 4.3",
          "product_id": "7Server-RH7-RHOSE-4.3:jenkins-2-plugins-0:4.3.1583445947-1.el7.noarch"
        },
        "product_reference": "jenkins-2-plugins-0:4.3.1583445947-1.el7.noarch",
        "relates_to_product_reference": "7Server-RH7-RHOSE-4.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jenkins-2-plugins-0:4.3.1583445947-1.el7.src as a component of Red Hat OpenShift Container Platform 4.3",
          "product_id": "7Server-RH7-RHOSE-4.3:jenkins-2-plugins-0:4.3.1583445947-1.el7.src"
        },
        "product_reference": "jenkins-2-plugins-0:4.3.1583445947-1.el7.src",
        "relates_to_product_reference": "7Server-RH7-RHOSE-4.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift-0:4.3.5-202002280657.git.0.b3bfb5a.el7.src as a component of Red Hat OpenShift Container Platform 4.3",
          "product_id": "7Server-RH7-RHOSE-4.3:openshift-0:4.3.5-202002280657.git.0.b3bfb5a.el7.src"
        },
        "product_reference": "openshift-0:4.3.5-202002280657.git.0.b3bfb5a.el7.src",
        "relates_to_product_reference": "7Server-RH7-RHOSE-4.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift-ansible-0:4.3.5-202002280657.git.1.e4f02b3.el7.noarch as a component of Red Hat OpenShift Container Platform 4.3",
          "product_id": "7Server-RH7-RHOSE-4.3:openshift-ansible-0:4.3.5-202002280657.git.1.e4f02b3.el7.noarch"
        },
        "product_reference": "openshift-ansible-0:4.3.5-202002280657.git.1.e4f02b3.el7.noarch",
        "relates_to_product_reference": "7Server-RH7-RHOSE-4.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift-ansible-0:4.3.5-202002280657.git.1.e4f02b3.el7.src as a component of Red Hat OpenShift Container Platform 4.3",
          "product_id": "7Server-RH7-RHOSE-4.3:openshift-ansible-0:4.3.5-202002280657.git.1.e4f02b3.el7.src"
        },
        "product_reference": "openshift-ansible-0:4.3.5-202002280657.git.1.e4f02b3.el7.src",
        "relates_to_product_reference": "7Server-RH7-RHOSE-4.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift-ansible-test-0:4.3.5-202002280657.git.1.e4f02b3.el7.noarch as a component of Red Hat OpenShift Container Platform 4.3",
          "product_id": "7Server-RH7-RHOSE-4.3:openshift-ansible-test-0:4.3.5-202002280657.git.1.e4f02b3.el7.noarch"
        },
        "product_reference": "openshift-ansible-test-0:4.3.5-202002280657.git.1.e4f02b3.el7.noarch",
        "relates_to_product_reference": "7Server-RH7-RHOSE-4.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el7.src as a component of Red Hat OpenShift Container Platform 4.3",
          "product_id": "7Server-RH7-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el7.src"
        },
        "product_reference": "openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el7.src",
        "relates_to_product_reference": "7Server-RH7-RHOSE-4.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el7.x86_64 as a component of Red Hat OpenShift Container Platform 4.3",
          "product_id": "7Server-RH7-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el7.x86_64"
        },
        "product_reference": "openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el7.x86_64",
        "relates_to_product_reference": "7Server-RH7-RHOSE-4.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift-clients-redistributable-0:4.3.5-202002280657.git.1.55a9334.el7.x86_64 as a component of Red Hat OpenShift Container Platform 4.3",
          "product_id": "7Server-RH7-RHOSE-4.3:openshift-clients-redistributable-0:4.3.5-202002280657.git.1.55a9334.el7.x86_64"
        },
        "product_reference": "openshift-clients-redistributable-0:4.3.5-202002280657.git.1.55a9334.el7.x86_64",
        "relates_to_product_reference": "7Server-RH7-RHOSE-4.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift-hyperkube-0:4.3.5-202002280657.git.0.b3bfb5a.el7.x86_64 as a component of Red Hat OpenShift Container Platform 4.3",
          "product_id": "7Server-RH7-RHOSE-4.3:openshift-hyperkube-0:4.3.5-202002280657.git.0.b3bfb5a.el7.x86_64"
        },
        "product_reference": "openshift-hyperkube-0:4.3.5-202002280657.git.0.b3bfb5a.el7.x86_64",
        "relates_to_product_reference": "7Server-RH7-RHOSE-4.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "ovn2.12-0:2.12.0-32.el7fdn.src as a component of Red Hat OpenShift Container Platform 4.3",
          "product_id": "7Server-RH7-RHOSE-4.3:ovn2.12-0:2.12.0-32.el7fdn.src"
        },
        "product_reference": "ovn2.12-0:2.12.0-32.el7fdn.src",
        "relates_to_product_reference": "7Server-RH7-RHOSE-4.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "ovn2.12-0:2.12.0-32.el7fdn.x86_64 as a component of Red Hat OpenShift Container Platform 4.3",
          "product_id": "7Server-RH7-RHOSE-4.3:ovn2.12-0:2.12.0-32.el7fdn.x86_64"
        },
        "product_reference": "ovn2.12-0:2.12.0-32.el7fdn.x86_64",
        "relates_to_product_reference": "7Server-RH7-RHOSE-4.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "ovn2.12-central-0:2.12.0-32.el7fdn.x86_64 as a component of Red Hat OpenShift Container Platform 4.3",
          "product_id": "7Server-RH7-RHOSE-4.3:ovn2.12-central-0:2.12.0-32.el7fdn.x86_64"
        },
        "product_reference": "ovn2.12-central-0:2.12.0-32.el7fdn.x86_64",
        "relates_to_product_reference": "7Server-RH7-RHOSE-4.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "ovn2.12-debuginfo-0:2.12.0-32.el7fdn.x86_64 as a component of Red Hat OpenShift Container Platform 4.3",
          "product_id": "7Server-RH7-RHOSE-4.3:ovn2.12-debuginfo-0:2.12.0-32.el7fdn.x86_64"
        },
        "product_reference": "ovn2.12-debuginfo-0:2.12.0-32.el7fdn.x86_64",
        "relates_to_product_reference": "7Server-RH7-RHOSE-4.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "ovn2.12-host-0:2.12.0-32.el7fdn.x86_64 as a component of Red Hat OpenShift Container Platform 4.3",
          "product_id": "7Server-RH7-RHOSE-4.3:ovn2.12-host-0:2.12.0-32.el7fdn.x86_64"
        },
        "product_reference": "ovn2.12-host-0:2.12.0-32.el7fdn.x86_64",
        "relates_to_product_reference": "7Server-RH7-RHOSE-4.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "ovn2.12-vtep-0:2.12.0-32.el7fdn.x86_64 as a component of Red Hat OpenShift Container Platform 4.3",
          "product_id": "7Server-RH7-RHOSE-4.3:ovn2.12-vtep-0:2.12.0-32.el7fdn.x86_64"
        },
        "product_reference": "ovn2.12-vtep-0:2.12.0-32.el7fdn.x86_64",
        "relates_to_product_reference": "7Server-RH7-RHOSE-4.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "buildah-0:1.11.6-4.el8.src as a component of Red Hat OpenShift Container Platform 4.3",
          "product_id": "8Base-RHOSE-4.3:buildah-0:1.11.6-4.el8.src"
        },
        "product_reference": "buildah-0:1.11.6-4.el8.src",
        "relates_to_product_reference": "8Base-RHOSE-4.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "buildah-0:1.11.6-4.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.3",
          "product_id": "8Base-RHOSE-4.3:buildah-0:1.11.6-4.el8.x86_64"
        },
        "product_reference": "buildah-0:1.11.6-4.el8.x86_64",
        "relates_to_product_reference": "8Base-RHOSE-4.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "buildah-debuginfo-0:1.11.6-4.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.3",
          "product_id": "8Base-RHOSE-4.3:buildah-debuginfo-0:1.11.6-4.el8.x86_64"
        },
        "product_reference": "buildah-debuginfo-0:1.11.6-4.el8.x86_64",
        "relates_to_product_reference": "8Base-RHOSE-4.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "buildah-debugsource-0:1.11.6-4.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.3",
          "product_id": "8Base-RHOSE-4.3:buildah-debugsource-0:1.11.6-4.el8.x86_64"
        },
        "product_reference": "buildah-debugsource-0:1.11.6-4.el8.x86_64",
        "relates_to_product_reference": "8Base-RHOSE-4.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "buildah-tests-0:1.11.6-4.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.3",
          "product_id": "8Base-RHOSE-4.3:buildah-tests-0:1.11.6-4.el8.x86_64"
        },
        "product_reference": "buildah-tests-0:1.11.6-4.el8.x86_64",
        "relates_to_product_reference": "8Base-RHOSE-4.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "buildah-tests-debuginfo-0:1.11.6-4.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.3",
          "product_id": "8Base-RHOSE-4.3:buildah-tests-debuginfo-0:1.11.6-4.el8.x86_64"
        },
        "product_reference": "buildah-tests-debuginfo-0:1.11.6-4.el8.x86_64",
        "relates_to_product_reference": "8Base-RHOSE-4.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "containers-common-1:0.1.40-4.rhaos.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.3",
          "product_id": "8Base-RHOSE-4.3:containers-common-1:0.1.40-4.rhaos.el8.x86_64"
        },
        "product_reference": "containers-common-1:0.1.40-4.rhaos.el8.x86_64",
        "relates_to_product_reference": "8Base-RHOSE-4.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "cri-o-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.src as a component of Red Hat OpenShift Container Platform 4.3",
          "product_id": "8Base-RHOSE-4.3:cri-o-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.src"
        },
        "product_reference": "cri-o-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.src",
        "relates_to_product_reference": "8Base-RHOSE-4.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "cri-o-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.3",
          "product_id": "8Base-RHOSE-4.3:cri-o-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.x86_64"
        },
        "product_reference": "cri-o-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.x86_64",
        "relates_to_product_reference": "8Base-RHOSE-4.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "cri-o-debuginfo-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.3",
          "product_id": "8Base-RHOSE-4.3:cri-o-debuginfo-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.x86_64"
        },
        "product_reference": "cri-o-debuginfo-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.x86_64",
        "relates_to_product_reference": "8Base-RHOSE-4.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "cri-o-debugsource-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.3",
          "product_id": "8Base-RHOSE-4.3:cri-o-debugsource-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.x86_64"
        },
        "product_reference": "cri-o-debugsource-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.x86_64",
        "relates_to_product_reference": "8Base-RHOSE-4.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "cri-tools-0:1.17.0-2.el8.src as a component of Red Hat OpenShift Container Platform 4.3",
          "product_id": "8Base-RHOSE-4.3:cri-tools-0:1.17.0-2.el8.src"
        },
        "product_reference": "cri-tools-0:1.17.0-2.el8.src",
        "relates_to_product_reference": "8Base-RHOSE-4.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "cri-tools-0:1.17.0-2.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.3",
          "product_id": "8Base-RHOSE-4.3:cri-tools-0:1.17.0-2.el8.x86_64"
        },
        "product_reference": "cri-tools-0:1.17.0-2.el8.x86_64",
        "relates_to_product_reference": "8Base-RHOSE-4.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "cri-tools-debuginfo-0:1.17.0-2.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.3",
          "product_id": "8Base-RHOSE-4.3:cri-tools-debuginfo-0:1.17.0-2.el8.x86_64"
        },
        "product_reference": "cri-tools-debuginfo-0:1.17.0-2.el8.x86_64",
        "relates_to_product_reference": "8Base-RHOSE-4.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "cri-tools-debugsource-0:1.17.0-2.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.3",
          "product_id": "8Base-RHOSE-4.3:cri-tools-debugsource-0:1.17.0-2.el8.x86_64"
        },
        "product_reference": "cri-tools-debugsource-0:1.17.0-2.el8.x86_64",
        "relates_to_product_reference": "8Base-RHOSE-4.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "machine-config-daemon-0:4.3.5-202003020117.git.0.61e0e48.el8.src as a component of Red Hat OpenShift Container Platform 4.3",
          "product_id": "8Base-RHOSE-4.3:machine-config-daemon-0:4.3.5-202003020117.git.0.61e0e48.el8.src"
        },
        "product_reference": "machine-config-daemon-0:4.3.5-202003020117.git.0.61e0e48.el8.src",
        "relates_to_product_reference": "8Base-RHOSE-4.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "machine-config-daemon-0:4.3.5-202003020117.git.0.61e0e48.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.3",
          "product_id": "8Base-RHOSE-4.3:machine-config-daemon-0:4.3.5-202003020117.git.0.61e0e48.el8.x86_64"
        },
        "product_reference": "machine-config-daemon-0:4.3.5-202003020117.git.0.61e0e48.el8.x86_64",
        "relates_to_product_reference": "8Base-RHOSE-4.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift-0:4.3.5-202002280657.git.0.b3bfb5a.el8.src as a component of Red Hat OpenShift Container Platform 4.3",
          "product_id": "8Base-RHOSE-4.3:openshift-0:4.3.5-202002280657.git.0.b3bfb5a.el8.src"
        },
        "product_reference": "openshift-0:4.3.5-202002280657.git.0.b3bfb5a.el8.src",
        "relates_to_product_reference": "8Base-RHOSE-4.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el8.src as a component of Red Hat OpenShift Container Platform 4.3",
          "product_id": "8Base-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el8.src"
        },
        "product_reference": "openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el8.src",
        "relates_to_product_reference": "8Base-RHOSE-4.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.3",
          "product_id": "8Base-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el8.x86_64"
        },
        "product_reference": "openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el8.x86_64",
        "relates_to_product_reference": "8Base-RHOSE-4.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift-clients-redistributable-0:4.3.5-202002280657.git.1.55a9334.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.3",
          "product_id": "8Base-RHOSE-4.3:openshift-clients-redistributable-0:4.3.5-202002280657.git.1.55a9334.el8.x86_64"
        },
        "product_reference": "openshift-clients-redistributable-0:4.3.5-202002280657.git.1.55a9334.el8.x86_64",
        "relates_to_product_reference": "8Base-RHOSE-4.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift-hyperkube-0:4.3.5-202002280657.git.0.b3bfb5a.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.3",
          "product_id": "8Base-RHOSE-4.3:openshift-hyperkube-0:4.3.5-202002280657.git.0.b3bfb5a.el8.x86_64"
        },
        "product_reference": "openshift-hyperkube-0:4.3.5-202002280657.git.0.b3bfb5a.el8.x86_64",
        "relates_to_product_reference": "8Base-RHOSE-4.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift-kuryr-0:4.3.5-202003020117.git.0.237579a.el8.src as a component of Red Hat OpenShift Container Platform 4.3",
          "product_id": "8Base-RHOSE-4.3:openshift-kuryr-0:4.3.5-202003020117.git.0.237579a.el8.src"
        },
        "product_reference": "openshift-kuryr-0:4.3.5-202003020117.git.0.237579a.el8.src",
        "relates_to_product_reference": "8Base-RHOSE-4.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift-kuryr-cni-0:4.3.5-202003020117.git.0.237579a.el8.noarch as a component of Red Hat OpenShift Container Platform 4.3",
          "product_id": "8Base-RHOSE-4.3:openshift-kuryr-cni-0:4.3.5-202003020117.git.0.237579a.el8.noarch"
        },
        "product_reference": "openshift-kuryr-cni-0:4.3.5-202003020117.git.0.237579a.el8.noarch",
        "relates_to_product_reference": "8Base-RHOSE-4.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift-kuryr-common-0:4.3.5-202003020117.git.0.237579a.el8.noarch as a component of Red Hat OpenShift Container Platform 4.3",
          "product_id": "8Base-RHOSE-4.3:openshift-kuryr-common-0:4.3.5-202003020117.git.0.237579a.el8.noarch"
        },
        "product_reference": "openshift-kuryr-common-0:4.3.5-202003020117.git.0.237579a.el8.noarch",
        "relates_to_product_reference": "8Base-RHOSE-4.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift-kuryr-controller-0:4.3.5-202003020117.git.0.237579a.el8.noarch as a component of Red Hat OpenShift Container Platform 4.3",
          "product_id": "8Base-RHOSE-4.3:openshift-kuryr-controller-0:4.3.5-202003020117.git.0.237579a.el8.noarch"
        },
        "product_reference": "openshift-kuryr-controller-0:4.3.5-202003020117.git.0.237579a.el8.noarch",
        "relates_to_product_reference": "8Base-RHOSE-4.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "python3-kuryr-kubernetes-0:4.3.5-202003020117.git.0.237579a.el8.noarch as a component of Red Hat OpenShift Container Platform 4.3",
          "product_id": "8Base-RHOSE-4.3:python3-kuryr-kubernetes-0:4.3.5-202003020117.git.0.237579a.el8.noarch"
        },
        "product_reference": "python3-kuryr-kubernetes-0:4.3.5-202003020117.git.0.237579a.el8.noarch",
        "relates_to_product_reference": "8Base-RHOSE-4.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "runc-0:1.0.0-65.rc10.rhaos4.3.el8.src as a component of Red Hat OpenShift Container Platform 4.3",
          "product_id": "8Base-RHOSE-4.3:runc-0:1.0.0-65.rc10.rhaos4.3.el8.src"
        },
        "product_reference": "runc-0:1.0.0-65.rc10.rhaos4.3.el8.src",
        "relates_to_product_reference": "8Base-RHOSE-4.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "runc-0:1.0.0-65.rc10.rhaos4.3.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.3",
          "product_id": "8Base-RHOSE-4.3:runc-0:1.0.0-65.rc10.rhaos4.3.el8.x86_64"
        },
        "product_reference": "runc-0:1.0.0-65.rc10.rhaos4.3.el8.x86_64",
        "relates_to_product_reference": "8Base-RHOSE-4.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "runc-debuginfo-0:1.0.0-65.rc10.rhaos4.3.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.3",
          "product_id": "8Base-RHOSE-4.3:runc-debuginfo-0:1.0.0-65.rc10.rhaos4.3.el8.x86_64"
        },
        "product_reference": "runc-debuginfo-0:1.0.0-65.rc10.rhaos4.3.el8.x86_64",
        "relates_to_product_reference": "8Base-RHOSE-4.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "runc-debugsource-0:1.0.0-65.rc10.rhaos4.3.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.3",
          "product_id": "8Base-RHOSE-4.3:runc-debugsource-0:1.0.0-65.rc10.rhaos4.3.el8.x86_64"
        },
        "product_reference": "runc-debugsource-0:1.0.0-65.rc10.rhaos4.3.el8.x86_64",
        "relates_to_product_reference": "8Base-RHOSE-4.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "skopeo-1:0.1.40-4.rhaos.el8.src as a component of Red Hat OpenShift Container Platform 4.3",
          "product_id": "8Base-RHOSE-4.3:skopeo-1:0.1.40-4.rhaos.el8.src"
        },
        "product_reference": "skopeo-1:0.1.40-4.rhaos.el8.src",
        "relates_to_product_reference": "8Base-RHOSE-4.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "skopeo-1:0.1.40-4.rhaos.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.3",
          "product_id": "8Base-RHOSE-4.3:skopeo-1:0.1.40-4.rhaos.el8.x86_64"
        },
        "product_reference": "skopeo-1:0.1.40-4.rhaos.el8.x86_64",
        "relates_to_product_reference": "8Base-RHOSE-4.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "skopeo-debuginfo-1:0.1.40-4.rhaos.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.3",
          "product_id": "8Base-RHOSE-4.3:skopeo-debuginfo-1:0.1.40-4.rhaos.el8.x86_64"
        },
        "product_reference": "skopeo-debuginfo-1:0.1.40-4.rhaos.el8.x86_64",
        "relates_to_product_reference": "8Base-RHOSE-4.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "skopeo-debugsource-1:0.1.40-4.rhaos.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.3",
          "product_id": "8Base-RHOSE-4.3:skopeo-debugsource-1:0.1.40-4.rhaos.el8.x86_64"
        },
        "product_reference": "skopeo-debugsource-1:0.1.40-4.rhaos.el8.x86_64",
        "relates_to_product_reference": "8Base-RHOSE-4.3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "skopeo-tests-1:0.1.40-4.rhaos.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.3",
          "product_id": "8Base-RHOSE-4.3:skopeo-tests-1:0.1.40-4.rhaos.el8.x86_64"
        },
        "product_reference": "skopeo-tests-1:0.1.40-4.rhaos.el8.x86_64",
        "relates_to_product_reference": "8Base-RHOSE-4.3"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2020-2099",
      "cwe": {
        "id": "CWE-305",
        "name": "Authentication Bypass by Primary Weakness"
      },
      "discovery_date": "2020-01-29T00:00:00+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-1:4.3.5-202003020117.git.0.4eb885c.el7.src",
            "7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-1:4.3.5-202003020117.git.0.4eb885c.el7.x86_64",
            "7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-svcat-1:4.3.5-202003020117.git.0.4eb885c.el7.x86_64",
            "7Server-RH7-RHOSE-4.3:atomic-openshift-service-idler-0:4.3.5-202003020117.git.13.3ac2b0e.el7.src",
            "7Server-RH7-RHOSE-4.3:atomic-openshift-service-idler-0:4.3.5-202003020117.git.13.3ac2b0e.el7.x86_64",
            "7Server-RH7-RHOSE-4.3:cri-tools-0:1.17.0-1.el7.src",
            "7Server-RH7-RHOSE-4.3:cri-tools-0:1.17.0-1.el7.x86_64",
            "7Server-RH7-RHOSE-4.3:cri-tools-debuginfo-0:1.17.0-1.el7.x86_64",
            "7Server-RH7-RHOSE-4.3:jenkins-2-plugins-0:4.3.1583445947-1.el7.noarch",
            "7Server-RH7-RHOSE-4.3:jenkins-2-plugins-0:4.3.1583445947-1.el7.src",
            "7Server-RH7-RHOSE-4.3:openshift-0:4.3.5-202002280657.git.0.b3bfb5a.el7.src",
            "7Server-RH7-RHOSE-4.3:openshift-ansible-0:4.3.5-202002280657.git.1.e4f02b3.el7.noarch",
            "7Server-RH7-RHOSE-4.3:openshift-ansible-0:4.3.5-202002280657.git.1.e4f02b3.el7.src",
            "7Server-RH7-RHOSE-4.3:openshift-ansible-test-0:4.3.5-202002280657.git.1.e4f02b3.el7.noarch",
            "7Server-RH7-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el7.src",
            "7Server-RH7-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el7.x86_64",
            "7Server-RH7-RHOSE-4.3:openshift-clients-redistributable-0:4.3.5-202002280657.git.1.55a9334.el7.x86_64",
            "7Server-RH7-RHOSE-4.3:openshift-hyperkube-0:4.3.5-202002280657.git.0.b3bfb5a.el7.x86_64",
            "7Server-RH7-RHOSE-4.3:ovn2.12-0:2.12.0-32.el7fdn.src",
            "7Server-RH7-RHOSE-4.3:ovn2.12-0:2.12.0-32.el7fdn.x86_64",
            "7Server-RH7-RHOSE-4.3:ovn2.12-central-0:2.12.0-32.el7fdn.x86_64",
            "7Server-RH7-RHOSE-4.3:ovn2.12-debuginfo-0:2.12.0-32.el7fdn.x86_64",
            "7Server-RH7-RHOSE-4.3:ovn2.12-host-0:2.12.0-32.el7fdn.x86_64",
            "7Server-RH7-RHOSE-4.3:ovn2.12-vtep-0:2.12.0-32.el7fdn.x86_64",
            "8Base-RHOSE-4.3:buildah-0:1.11.6-4.el8.src",
            "8Base-RHOSE-4.3:buildah-0:1.11.6-4.el8.x86_64",
            "8Base-RHOSE-4.3:buildah-debuginfo-0:1.11.6-4.el8.x86_64",
            "8Base-RHOSE-4.3:buildah-debugsource-0:1.11.6-4.el8.x86_64",
            "8Base-RHOSE-4.3:buildah-tests-0:1.11.6-4.el8.x86_64",
            "8Base-RHOSE-4.3:buildah-tests-debuginfo-0:1.11.6-4.el8.x86_64",
            "8Base-RHOSE-4.3:containers-common-1:0.1.40-4.rhaos.el8.x86_64",
            "8Base-RHOSE-4.3:cri-o-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.src",
            "8Base-RHOSE-4.3:cri-o-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.x86_64",
            "8Base-RHOSE-4.3:cri-o-debuginfo-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.x86_64",
            "8Base-RHOSE-4.3:cri-o-debugsource-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.x86_64",
            "8Base-RHOSE-4.3:cri-tools-0:1.17.0-2.el8.src",
            "8Base-RHOSE-4.3:cri-tools-0:1.17.0-2.el8.x86_64",
            "8Base-RHOSE-4.3:cri-tools-debuginfo-0:1.17.0-2.el8.x86_64",
            "8Base-RHOSE-4.3:cri-tools-debugsource-0:1.17.0-2.el8.x86_64",
            "8Base-RHOSE-4.3:machine-config-daemon-0:4.3.5-202003020117.git.0.61e0e48.el8.src",
            "8Base-RHOSE-4.3:machine-config-daemon-0:4.3.5-202003020117.git.0.61e0e48.el8.x86_64",
            "8Base-RHOSE-4.3:openshift-0:4.3.5-202002280657.git.0.b3bfb5a.el8.src",
            "8Base-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el8.src",
            "8Base-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el8.x86_64",
            "8Base-RHOSE-4.3:openshift-clients-redistributable-0:4.3.5-202002280657.git.1.55a9334.el8.x86_64",
            "8Base-RHOSE-4.3:openshift-hyperkube-0:4.3.5-202002280657.git.0.b3bfb5a.el8.x86_64",
            "8Base-RHOSE-4.3:openshift-kuryr-0:4.3.5-202003020117.git.0.237579a.el8.src",
            "8Base-RHOSE-4.3:openshift-kuryr-cni-0:4.3.5-202003020117.git.0.237579a.el8.noarch",
            "8Base-RHOSE-4.3:openshift-kuryr-common-0:4.3.5-202003020117.git.0.237579a.el8.noarch",
            "8Base-RHOSE-4.3:openshift-kuryr-controller-0:4.3.5-202003020117.git.0.237579a.el8.noarch",
            "8Base-RHOSE-4.3:python3-kuryr-kubernetes-0:4.3.5-202003020117.git.0.237579a.el8.noarch",
            "8Base-RHOSE-4.3:runc-0:1.0.0-65.rc10.rhaos4.3.el8.src",
            "8Base-RHOSE-4.3:runc-0:1.0.0-65.rc10.rhaos4.3.el8.x86_64",
            "8Base-RHOSE-4.3:runc-debuginfo-0:1.0.0-65.rc10.rhaos4.3.el8.x86_64",
            "8Base-RHOSE-4.3:runc-debugsource-0:1.0.0-65.rc10.rhaos4.3.el8.x86_64",
            "8Base-RHOSE-4.3:skopeo-1:0.1.40-4.rhaos.el8.src",
            "8Base-RHOSE-4.3:skopeo-1:0.1.40-4.rhaos.el8.x86_64",
            "8Base-RHOSE-4.3:skopeo-debuginfo-1:0.1.40-4.rhaos.el8.x86_64",
            "8Base-RHOSE-4.3:skopeo-debugsource-1:0.1.40-4.rhaos.el8.x86_64",
            "8Base-RHOSE-4.3:skopeo-tests-1:0.1.40-4.rhaos.el8.x86_64"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1797080"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in Jenkins. Encryption key parameters are improperly reused in the Inbound TCP Agent Protocol/3 allowing unauthorized attackers with knowledge of agent names to obtain the connection secrets for those agents. The highest threat from this vulnerability is to data confidentiality.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "jenkins: Inbound TCP Agent Protocol/3 authentication bypass",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "7Server-RH7-RHOSE-4.3:jenkins-0:2.204.2.1583446818-1.el7.noarch",
          "7Server-RH7-RHOSE-4.3:jenkins-0:2.204.2.1583446818-1.el7.src"
        ],
        "known_not_affected": [
          "7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-1:4.3.5-202003020117.git.0.4eb885c.el7.src",
          "7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-1:4.3.5-202003020117.git.0.4eb885c.el7.x86_64",
          "7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-svcat-1:4.3.5-202003020117.git.0.4eb885c.el7.x86_64",
          "7Server-RH7-RHOSE-4.3:atomic-openshift-service-idler-0:4.3.5-202003020117.git.13.3ac2b0e.el7.src",
          "7Server-RH7-RHOSE-4.3:atomic-openshift-service-idler-0:4.3.5-202003020117.git.13.3ac2b0e.el7.x86_64",
          "7Server-RH7-RHOSE-4.3:cri-tools-0:1.17.0-1.el7.src",
          "7Server-RH7-RHOSE-4.3:cri-tools-0:1.17.0-1.el7.x86_64",
          "7Server-RH7-RHOSE-4.3:cri-tools-debuginfo-0:1.17.0-1.el7.x86_64",
          "7Server-RH7-RHOSE-4.3:jenkins-2-plugins-0:4.3.1583445947-1.el7.noarch",
          "7Server-RH7-RHOSE-4.3:jenkins-2-plugins-0:4.3.1583445947-1.el7.src",
          "7Server-RH7-RHOSE-4.3:openshift-0:4.3.5-202002280657.git.0.b3bfb5a.el7.src",
          "7Server-RH7-RHOSE-4.3:openshift-ansible-0:4.3.5-202002280657.git.1.e4f02b3.el7.noarch",
          "7Server-RH7-RHOSE-4.3:openshift-ansible-0:4.3.5-202002280657.git.1.e4f02b3.el7.src",
          "7Server-RH7-RHOSE-4.3:openshift-ansible-test-0:4.3.5-202002280657.git.1.e4f02b3.el7.noarch",
          "7Server-RH7-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el7.src",
          "7Server-RH7-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el7.x86_64",
          "7Server-RH7-RHOSE-4.3:openshift-clients-redistributable-0:4.3.5-202002280657.git.1.55a9334.el7.x86_64",
          "7Server-RH7-RHOSE-4.3:openshift-hyperkube-0:4.3.5-202002280657.git.0.b3bfb5a.el7.x86_64",
          "7Server-RH7-RHOSE-4.3:ovn2.12-0:2.12.0-32.el7fdn.src",
          "7Server-RH7-RHOSE-4.3:ovn2.12-0:2.12.0-32.el7fdn.x86_64",
          "7Server-RH7-RHOSE-4.3:ovn2.12-central-0:2.12.0-32.el7fdn.x86_64",
          "7Server-RH7-RHOSE-4.3:ovn2.12-debuginfo-0:2.12.0-32.el7fdn.x86_64",
          "7Server-RH7-RHOSE-4.3:ovn2.12-host-0:2.12.0-32.el7fdn.x86_64",
          "7Server-RH7-RHOSE-4.3:ovn2.12-vtep-0:2.12.0-32.el7fdn.x86_64",
          "8Base-RHOSE-4.3:buildah-0:1.11.6-4.el8.src",
          "8Base-RHOSE-4.3:buildah-0:1.11.6-4.el8.x86_64",
          "8Base-RHOSE-4.3:buildah-debuginfo-0:1.11.6-4.el8.x86_64",
          "8Base-RHOSE-4.3:buildah-debugsource-0:1.11.6-4.el8.x86_64",
          "8Base-RHOSE-4.3:buildah-tests-0:1.11.6-4.el8.x86_64",
          "8Base-RHOSE-4.3:buildah-tests-debuginfo-0:1.11.6-4.el8.x86_64",
          "8Base-RHOSE-4.3:containers-common-1:0.1.40-4.rhaos.el8.x86_64",
          "8Base-RHOSE-4.3:cri-o-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.src",
          "8Base-RHOSE-4.3:cri-o-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.x86_64",
          "8Base-RHOSE-4.3:cri-o-debuginfo-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.x86_64",
          "8Base-RHOSE-4.3:cri-o-debugsource-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.x86_64",
          "8Base-RHOSE-4.3:cri-tools-0:1.17.0-2.el8.src",
          "8Base-RHOSE-4.3:cri-tools-0:1.17.0-2.el8.x86_64",
          "8Base-RHOSE-4.3:cri-tools-debuginfo-0:1.17.0-2.el8.x86_64",
          "8Base-RHOSE-4.3:cri-tools-debugsource-0:1.17.0-2.el8.x86_64",
          "8Base-RHOSE-4.3:machine-config-daemon-0:4.3.5-202003020117.git.0.61e0e48.el8.src",
          "8Base-RHOSE-4.3:machine-config-daemon-0:4.3.5-202003020117.git.0.61e0e48.el8.x86_64",
          "8Base-RHOSE-4.3:openshift-0:4.3.5-202002280657.git.0.b3bfb5a.el8.src",
          "8Base-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el8.src",
          "8Base-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el8.x86_64",
          "8Base-RHOSE-4.3:openshift-clients-redistributable-0:4.3.5-202002280657.git.1.55a9334.el8.x86_64",
          "8Base-RHOSE-4.3:openshift-hyperkube-0:4.3.5-202002280657.git.0.b3bfb5a.el8.x86_64",
          "8Base-RHOSE-4.3:openshift-kuryr-0:4.3.5-202003020117.git.0.237579a.el8.src",
          "8Base-RHOSE-4.3:openshift-kuryr-cni-0:4.3.5-202003020117.git.0.237579a.el8.noarch",
          "8Base-RHOSE-4.3:openshift-kuryr-common-0:4.3.5-202003020117.git.0.237579a.el8.noarch",
          "8Base-RHOSE-4.3:openshift-kuryr-controller-0:4.3.5-202003020117.git.0.237579a.el8.noarch",
          "8Base-RHOSE-4.3:python3-kuryr-kubernetes-0:4.3.5-202003020117.git.0.237579a.el8.noarch",
          "8Base-RHOSE-4.3:runc-0:1.0.0-65.rc10.rhaos4.3.el8.src",
          "8Base-RHOSE-4.3:runc-0:1.0.0-65.rc10.rhaos4.3.el8.x86_64",
          "8Base-RHOSE-4.3:runc-debuginfo-0:1.0.0-65.rc10.rhaos4.3.el8.x86_64",
          "8Base-RHOSE-4.3:runc-debugsource-0:1.0.0-65.rc10.rhaos4.3.el8.x86_64",
          "8Base-RHOSE-4.3:skopeo-1:0.1.40-4.rhaos.el8.src",
          "8Base-RHOSE-4.3:skopeo-1:0.1.40-4.rhaos.el8.x86_64",
          "8Base-RHOSE-4.3:skopeo-debuginfo-1:0.1.40-4.rhaos.el8.x86_64",
          "8Base-RHOSE-4.3:skopeo-debugsource-1:0.1.40-4.rhaos.el8.x86_64",
          "8Base-RHOSE-4.3:skopeo-tests-1:0.1.40-4.rhaos.el8.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2020-2099"
        },
        {
          "category": "external",
          "summary": "RHBZ#1797080",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1797080"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2020-2099",
          "url": "https://www.cve.org/CVERecord?id=CVE-2020-2099"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-2099",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-2099"
        }
      ],
      "release_date": "2020-01-29T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2020-03-10T22:10:58+00:00",
          "details": "Before applying this update, ensure all previously released errata relevant\nto your system have been applied.\n\nFor OpenShift Container Platform 4.3 see the following documentation, which\nwill be updated shortly for release 4.3.5, for important instructions on\nhow to upgrade your cluster and fully apply this asynchronous errata\nupdate:\n\nhttps://docs.openshift.com/container-platform/4.3/release_notes/ocp-4-3-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.3/updating/updating-cluster-cli.html.",
          "product_ids": [
            "7Server-RH7-RHOSE-4.3:jenkins-0:2.204.2.1583446818-1.el7.noarch",
            "7Server-RH7-RHOSE-4.3:jenkins-0:2.204.2.1583446818-1.el7.src"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHBA-2020:0675"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 8.6,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L",
            "version": "3.1"
          },
          "products": [
            "7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-1:4.3.5-202003020117.git.0.4eb885c.el7.src",
            "7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-1:4.3.5-202003020117.git.0.4eb885c.el7.x86_64",
            "7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-svcat-1:4.3.5-202003020117.git.0.4eb885c.el7.x86_64",
            "7Server-RH7-RHOSE-4.3:atomic-openshift-service-idler-0:4.3.5-202003020117.git.13.3ac2b0e.el7.src",
            "7Server-RH7-RHOSE-4.3:atomic-openshift-service-idler-0:4.3.5-202003020117.git.13.3ac2b0e.el7.x86_64",
            "7Server-RH7-RHOSE-4.3:cri-tools-0:1.17.0-1.el7.src",
            "7Server-RH7-RHOSE-4.3:cri-tools-0:1.17.0-1.el7.x86_64",
            "7Server-RH7-RHOSE-4.3:cri-tools-debuginfo-0:1.17.0-1.el7.x86_64",
            "7Server-RH7-RHOSE-4.3:jenkins-0:2.204.2.1583446818-1.el7.noarch",
            "7Server-RH7-RHOSE-4.3:jenkins-0:2.204.2.1583446818-1.el7.src",
            "7Server-RH7-RHOSE-4.3:jenkins-2-plugins-0:4.3.1583445947-1.el7.noarch",
            "7Server-RH7-RHOSE-4.3:jenkins-2-plugins-0:4.3.1583445947-1.el7.src",
            "7Server-RH7-RHOSE-4.3:openshift-0:4.3.5-202002280657.git.0.b3bfb5a.el7.src",
            "7Server-RH7-RHOSE-4.3:openshift-ansible-0:4.3.5-202002280657.git.1.e4f02b3.el7.noarch",
            "7Server-RH7-RHOSE-4.3:openshift-ansible-0:4.3.5-202002280657.git.1.e4f02b3.el7.src",
            "7Server-RH7-RHOSE-4.3:openshift-ansible-test-0:4.3.5-202002280657.git.1.e4f02b3.el7.noarch",
            "7Server-RH7-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el7.src",
            "7Server-RH7-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el7.x86_64",
            "7Server-RH7-RHOSE-4.3:openshift-clients-redistributable-0:4.3.5-202002280657.git.1.55a9334.el7.x86_64",
            "7Server-RH7-RHOSE-4.3:openshift-hyperkube-0:4.3.5-202002280657.git.0.b3bfb5a.el7.x86_64",
            "7Server-RH7-RHOSE-4.3:ovn2.12-0:2.12.0-32.el7fdn.src",
            "7Server-RH7-RHOSE-4.3:ovn2.12-0:2.12.0-32.el7fdn.x86_64",
            "7Server-RH7-RHOSE-4.3:ovn2.12-central-0:2.12.0-32.el7fdn.x86_64",
            "7Server-RH7-RHOSE-4.3:ovn2.12-debuginfo-0:2.12.0-32.el7fdn.x86_64",
            "7Server-RH7-RHOSE-4.3:ovn2.12-host-0:2.12.0-32.el7fdn.x86_64",
            "7Server-RH7-RHOSE-4.3:ovn2.12-vtep-0:2.12.0-32.el7fdn.x86_64",
            "8Base-RHOSE-4.3:buildah-0:1.11.6-4.el8.src",
            "8Base-RHOSE-4.3:buildah-0:1.11.6-4.el8.x86_64",
            "8Base-RHOSE-4.3:buildah-debuginfo-0:1.11.6-4.el8.x86_64",
            "8Base-RHOSE-4.3:buildah-debugsource-0:1.11.6-4.el8.x86_64",
            "8Base-RHOSE-4.3:buildah-tests-0:1.11.6-4.el8.x86_64",
            "8Base-RHOSE-4.3:buildah-tests-debuginfo-0:1.11.6-4.el8.x86_64",
            "8Base-RHOSE-4.3:containers-common-1:0.1.40-4.rhaos.el8.x86_64",
            "8Base-RHOSE-4.3:cri-o-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.src",
            "8Base-RHOSE-4.3:cri-o-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.x86_64",
            "8Base-RHOSE-4.3:cri-o-debuginfo-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.x86_64",
            "8Base-RHOSE-4.3:cri-o-debugsource-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.x86_64",
            "8Base-RHOSE-4.3:cri-tools-0:1.17.0-2.el8.src",
            "8Base-RHOSE-4.3:cri-tools-0:1.17.0-2.el8.x86_64",
            "8Base-RHOSE-4.3:cri-tools-debuginfo-0:1.17.0-2.el8.x86_64",
            "8Base-RHOSE-4.3:cri-tools-debugsource-0:1.17.0-2.el8.x86_64",
            "8Base-RHOSE-4.3:machine-config-daemon-0:4.3.5-202003020117.git.0.61e0e48.el8.src",
            "8Base-RHOSE-4.3:machine-config-daemon-0:4.3.5-202003020117.git.0.61e0e48.el8.x86_64",
            "8Base-RHOSE-4.3:openshift-0:4.3.5-202002280657.git.0.b3bfb5a.el8.src",
            "8Base-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el8.src",
            "8Base-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el8.x86_64",
            "8Base-RHOSE-4.3:openshift-clients-redistributable-0:4.3.5-202002280657.git.1.55a9334.el8.x86_64",
            "8Base-RHOSE-4.3:openshift-hyperkube-0:4.3.5-202002280657.git.0.b3bfb5a.el8.x86_64",
            "8Base-RHOSE-4.3:openshift-kuryr-0:4.3.5-202003020117.git.0.237579a.el8.src",
            "8Base-RHOSE-4.3:openshift-kuryr-cni-0:4.3.5-202003020117.git.0.237579a.el8.noarch",
            "8Base-RHOSE-4.3:openshift-kuryr-common-0:4.3.5-202003020117.git.0.237579a.el8.noarch",
            "8Base-RHOSE-4.3:openshift-kuryr-controller-0:4.3.5-202003020117.git.0.237579a.el8.noarch",
            "8Base-RHOSE-4.3:python3-kuryr-kubernetes-0:4.3.5-202003020117.git.0.237579a.el8.noarch",
            "8Base-RHOSE-4.3:runc-0:1.0.0-65.rc10.rhaos4.3.el8.src",
            "8Base-RHOSE-4.3:runc-0:1.0.0-65.rc10.rhaos4.3.el8.x86_64",
            "8Base-RHOSE-4.3:runc-debuginfo-0:1.0.0-65.rc10.rhaos4.3.el8.x86_64",
            "8Base-RHOSE-4.3:runc-debugsource-0:1.0.0-65.rc10.rhaos4.3.el8.x86_64",
            "8Base-RHOSE-4.3:skopeo-1:0.1.40-4.rhaos.el8.src",
            "8Base-RHOSE-4.3:skopeo-1:0.1.40-4.rhaos.el8.x86_64",
            "8Base-RHOSE-4.3:skopeo-debuginfo-1:0.1.40-4.rhaos.el8.x86_64",
            "8Base-RHOSE-4.3:skopeo-debugsource-1:0.1.40-4.rhaos.el8.x86_64",
            "8Base-RHOSE-4.3:skopeo-tests-1:0.1.40-4.rhaos.el8.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "jenkins: Inbound TCP Agent Protocol/3 authentication bypass"
    },
    {
      "cve": "CVE-2020-2100",
      "cwe": {
        "id": "CWE-400",
        "name": "Uncontrolled Resource Consumption"
      },
      "discovery_date": "2020-01-29T00:00:00+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-1:4.3.5-202003020117.git.0.4eb885c.el7.src",
            "7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-1:4.3.5-202003020117.git.0.4eb885c.el7.x86_64",
            "7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-svcat-1:4.3.5-202003020117.git.0.4eb885c.el7.x86_64",
            "7Server-RH7-RHOSE-4.3:atomic-openshift-service-idler-0:4.3.5-202003020117.git.13.3ac2b0e.el7.src",
            "7Server-RH7-RHOSE-4.3:atomic-openshift-service-idler-0:4.3.5-202003020117.git.13.3ac2b0e.el7.x86_64",
            "7Server-RH7-RHOSE-4.3:cri-tools-0:1.17.0-1.el7.src",
            "7Server-RH7-RHOSE-4.3:cri-tools-0:1.17.0-1.el7.x86_64",
            "7Server-RH7-RHOSE-4.3:cri-tools-debuginfo-0:1.17.0-1.el7.x86_64",
            "7Server-RH7-RHOSE-4.3:jenkins-2-plugins-0:4.3.1583445947-1.el7.noarch",
            "7Server-RH7-RHOSE-4.3:jenkins-2-plugins-0:4.3.1583445947-1.el7.src",
            "7Server-RH7-RHOSE-4.3:openshift-0:4.3.5-202002280657.git.0.b3bfb5a.el7.src",
            "7Server-RH7-RHOSE-4.3:openshift-ansible-0:4.3.5-202002280657.git.1.e4f02b3.el7.noarch",
            "7Server-RH7-RHOSE-4.3:openshift-ansible-0:4.3.5-202002280657.git.1.e4f02b3.el7.src",
            "7Server-RH7-RHOSE-4.3:openshift-ansible-test-0:4.3.5-202002280657.git.1.e4f02b3.el7.noarch",
            "7Server-RH7-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el7.src",
            "7Server-RH7-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el7.x86_64",
            "7Server-RH7-RHOSE-4.3:openshift-clients-redistributable-0:4.3.5-202002280657.git.1.55a9334.el7.x86_64",
            "7Server-RH7-RHOSE-4.3:openshift-hyperkube-0:4.3.5-202002280657.git.0.b3bfb5a.el7.x86_64",
            "7Server-RH7-RHOSE-4.3:ovn2.12-0:2.12.0-32.el7fdn.src",
            "7Server-RH7-RHOSE-4.3:ovn2.12-0:2.12.0-32.el7fdn.x86_64",
            "7Server-RH7-RHOSE-4.3:ovn2.12-central-0:2.12.0-32.el7fdn.x86_64",
            "7Server-RH7-RHOSE-4.3:ovn2.12-debuginfo-0:2.12.0-32.el7fdn.x86_64",
            "7Server-RH7-RHOSE-4.3:ovn2.12-host-0:2.12.0-32.el7fdn.x86_64",
            "7Server-RH7-RHOSE-4.3:ovn2.12-vtep-0:2.12.0-32.el7fdn.x86_64",
            "8Base-RHOSE-4.3:buildah-0:1.11.6-4.el8.src",
            "8Base-RHOSE-4.3:buildah-0:1.11.6-4.el8.x86_64",
            "8Base-RHOSE-4.3:buildah-debuginfo-0:1.11.6-4.el8.x86_64",
            "8Base-RHOSE-4.3:buildah-debugsource-0:1.11.6-4.el8.x86_64",
            "8Base-RHOSE-4.3:buildah-tests-0:1.11.6-4.el8.x86_64",
            "8Base-RHOSE-4.3:buildah-tests-debuginfo-0:1.11.6-4.el8.x86_64",
            "8Base-RHOSE-4.3:containers-common-1:0.1.40-4.rhaos.el8.x86_64",
            "8Base-RHOSE-4.3:cri-o-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.src",
            "8Base-RHOSE-4.3:cri-o-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.x86_64",
            "8Base-RHOSE-4.3:cri-o-debuginfo-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.x86_64",
            "8Base-RHOSE-4.3:cri-o-debugsource-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.x86_64",
            "8Base-RHOSE-4.3:cri-tools-0:1.17.0-2.el8.src",
            "8Base-RHOSE-4.3:cri-tools-0:1.17.0-2.el8.x86_64",
            "8Base-RHOSE-4.3:cri-tools-debuginfo-0:1.17.0-2.el8.x86_64",
            "8Base-RHOSE-4.3:cri-tools-debugsource-0:1.17.0-2.el8.x86_64",
            "8Base-RHOSE-4.3:machine-config-daemon-0:4.3.5-202003020117.git.0.61e0e48.el8.src",
            "8Base-RHOSE-4.3:machine-config-daemon-0:4.3.5-202003020117.git.0.61e0e48.el8.x86_64",
            "8Base-RHOSE-4.3:openshift-0:4.3.5-202002280657.git.0.b3bfb5a.el8.src",
            "8Base-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el8.src",
            "8Base-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el8.x86_64",
            "8Base-RHOSE-4.3:openshift-clients-redistributable-0:4.3.5-202002280657.git.1.55a9334.el8.x86_64",
            "8Base-RHOSE-4.3:openshift-hyperkube-0:4.3.5-202002280657.git.0.b3bfb5a.el8.x86_64",
            "8Base-RHOSE-4.3:openshift-kuryr-0:4.3.5-202003020117.git.0.237579a.el8.src",
            "8Base-RHOSE-4.3:openshift-kuryr-cni-0:4.3.5-202003020117.git.0.237579a.el8.noarch",
            "8Base-RHOSE-4.3:openshift-kuryr-common-0:4.3.5-202003020117.git.0.237579a.el8.noarch",
            "8Base-RHOSE-4.3:openshift-kuryr-controller-0:4.3.5-202003020117.git.0.237579a.el8.noarch",
            "8Base-RHOSE-4.3:python3-kuryr-kubernetes-0:4.3.5-202003020117.git.0.237579a.el8.noarch",
            "8Base-RHOSE-4.3:runc-0:1.0.0-65.rc10.rhaos4.3.el8.src",
            "8Base-RHOSE-4.3:runc-0:1.0.0-65.rc10.rhaos4.3.el8.x86_64",
            "8Base-RHOSE-4.3:runc-debuginfo-0:1.0.0-65.rc10.rhaos4.3.el8.x86_64",
            "8Base-RHOSE-4.3:runc-debugsource-0:1.0.0-65.rc10.rhaos4.3.el8.x86_64",
            "8Base-RHOSE-4.3:skopeo-1:0.1.40-4.rhaos.el8.src",
            "8Base-RHOSE-4.3:skopeo-1:0.1.40-4.rhaos.el8.x86_64",
            "8Base-RHOSE-4.3:skopeo-debuginfo-1:0.1.40-4.rhaos.el8.x86_64",
            "8Base-RHOSE-4.3:skopeo-debugsource-1:0.1.40-4.rhaos.el8.x86_64",
            "8Base-RHOSE-4.3:skopeo-tests-1:0.1.40-4.rhaos.el8.x86_64"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1797087"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "Jenkins 2.218 and earlier, LTS 2.204.1 and earlier was vulnerable to a UDP amplification reflection denial of service attack on port 33848.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "jenkins: UDP multicast/broadcast service amplification reflection attack",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "7Server-RH7-RHOSE-4.3:jenkins-0:2.204.2.1583446818-1.el7.noarch",
          "7Server-RH7-RHOSE-4.3:jenkins-0:2.204.2.1583446818-1.el7.src"
        ],
        "known_not_affected": [
          "7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-1:4.3.5-202003020117.git.0.4eb885c.el7.src",
          "7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-1:4.3.5-202003020117.git.0.4eb885c.el7.x86_64",
          "7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-svcat-1:4.3.5-202003020117.git.0.4eb885c.el7.x86_64",
          "7Server-RH7-RHOSE-4.3:atomic-openshift-service-idler-0:4.3.5-202003020117.git.13.3ac2b0e.el7.src",
          "7Server-RH7-RHOSE-4.3:atomic-openshift-service-idler-0:4.3.5-202003020117.git.13.3ac2b0e.el7.x86_64",
          "7Server-RH7-RHOSE-4.3:cri-tools-0:1.17.0-1.el7.src",
          "7Server-RH7-RHOSE-4.3:cri-tools-0:1.17.0-1.el7.x86_64",
          "7Server-RH7-RHOSE-4.3:cri-tools-debuginfo-0:1.17.0-1.el7.x86_64",
          "7Server-RH7-RHOSE-4.3:jenkins-2-plugins-0:4.3.1583445947-1.el7.noarch",
          "7Server-RH7-RHOSE-4.3:jenkins-2-plugins-0:4.3.1583445947-1.el7.src",
          "7Server-RH7-RHOSE-4.3:openshift-0:4.3.5-202002280657.git.0.b3bfb5a.el7.src",
          "7Server-RH7-RHOSE-4.3:openshift-ansible-0:4.3.5-202002280657.git.1.e4f02b3.el7.noarch",
          "7Server-RH7-RHOSE-4.3:openshift-ansible-0:4.3.5-202002280657.git.1.e4f02b3.el7.src",
          "7Server-RH7-RHOSE-4.3:openshift-ansible-test-0:4.3.5-202002280657.git.1.e4f02b3.el7.noarch",
          "7Server-RH7-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el7.src",
          "7Server-RH7-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el7.x86_64",
          "7Server-RH7-RHOSE-4.3:openshift-clients-redistributable-0:4.3.5-202002280657.git.1.55a9334.el7.x86_64",
          "7Server-RH7-RHOSE-4.3:openshift-hyperkube-0:4.3.5-202002280657.git.0.b3bfb5a.el7.x86_64",
          "7Server-RH7-RHOSE-4.3:ovn2.12-0:2.12.0-32.el7fdn.src",
          "7Server-RH7-RHOSE-4.3:ovn2.12-0:2.12.0-32.el7fdn.x86_64",
          "7Server-RH7-RHOSE-4.3:ovn2.12-central-0:2.12.0-32.el7fdn.x86_64",
          "7Server-RH7-RHOSE-4.3:ovn2.12-debuginfo-0:2.12.0-32.el7fdn.x86_64",
          "7Server-RH7-RHOSE-4.3:ovn2.12-host-0:2.12.0-32.el7fdn.x86_64",
          "7Server-RH7-RHOSE-4.3:ovn2.12-vtep-0:2.12.0-32.el7fdn.x86_64",
          "8Base-RHOSE-4.3:buildah-0:1.11.6-4.el8.src",
          "8Base-RHOSE-4.3:buildah-0:1.11.6-4.el8.x86_64",
          "8Base-RHOSE-4.3:buildah-debuginfo-0:1.11.6-4.el8.x86_64",
          "8Base-RHOSE-4.3:buildah-debugsource-0:1.11.6-4.el8.x86_64",
          "8Base-RHOSE-4.3:buildah-tests-0:1.11.6-4.el8.x86_64",
          "8Base-RHOSE-4.3:buildah-tests-debuginfo-0:1.11.6-4.el8.x86_64",
          "8Base-RHOSE-4.3:containers-common-1:0.1.40-4.rhaos.el8.x86_64",
          "8Base-RHOSE-4.3:cri-o-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.src",
          "8Base-RHOSE-4.3:cri-o-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.x86_64",
          "8Base-RHOSE-4.3:cri-o-debuginfo-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.x86_64",
          "8Base-RHOSE-4.3:cri-o-debugsource-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.x86_64",
          "8Base-RHOSE-4.3:cri-tools-0:1.17.0-2.el8.src",
          "8Base-RHOSE-4.3:cri-tools-0:1.17.0-2.el8.x86_64",
          "8Base-RHOSE-4.3:cri-tools-debuginfo-0:1.17.0-2.el8.x86_64",
          "8Base-RHOSE-4.3:cri-tools-debugsource-0:1.17.0-2.el8.x86_64",
          "8Base-RHOSE-4.3:machine-config-daemon-0:4.3.5-202003020117.git.0.61e0e48.el8.src",
          "8Base-RHOSE-4.3:machine-config-daemon-0:4.3.5-202003020117.git.0.61e0e48.el8.x86_64",
          "8Base-RHOSE-4.3:openshift-0:4.3.5-202002280657.git.0.b3bfb5a.el8.src",
          "8Base-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el8.src",
          "8Base-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el8.x86_64",
          "8Base-RHOSE-4.3:openshift-clients-redistributable-0:4.3.5-202002280657.git.1.55a9334.el8.x86_64",
          "8Base-RHOSE-4.3:openshift-hyperkube-0:4.3.5-202002280657.git.0.b3bfb5a.el8.x86_64",
          "8Base-RHOSE-4.3:openshift-kuryr-0:4.3.5-202003020117.git.0.237579a.el8.src",
          "8Base-RHOSE-4.3:openshift-kuryr-cni-0:4.3.5-202003020117.git.0.237579a.el8.noarch",
          "8Base-RHOSE-4.3:openshift-kuryr-common-0:4.3.5-202003020117.git.0.237579a.el8.noarch",
          "8Base-RHOSE-4.3:openshift-kuryr-controller-0:4.3.5-202003020117.git.0.237579a.el8.noarch",
          "8Base-RHOSE-4.3:python3-kuryr-kubernetes-0:4.3.5-202003020117.git.0.237579a.el8.noarch",
          "8Base-RHOSE-4.3:runc-0:1.0.0-65.rc10.rhaos4.3.el8.src",
          "8Base-RHOSE-4.3:runc-0:1.0.0-65.rc10.rhaos4.3.el8.x86_64",
          "8Base-RHOSE-4.3:runc-debuginfo-0:1.0.0-65.rc10.rhaos4.3.el8.x86_64",
          "8Base-RHOSE-4.3:runc-debugsource-0:1.0.0-65.rc10.rhaos4.3.el8.x86_64",
          "8Base-RHOSE-4.3:skopeo-1:0.1.40-4.rhaos.el8.src",
          "8Base-RHOSE-4.3:skopeo-1:0.1.40-4.rhaos.el8.x86_64",
          "8Base-RHOSE-4.3:skopeo-debuginfo-1:0.1.40-4.rhaos.el8.x86_64",
          "8Base-RHOSE-4.3:skopeo-debugsource-1:0.1.40-4.rhaos.el8.x86_64",
          "8Base-RHOSE-4.3:skopeo-tests-1:0.1.40-4.rhaos.el8.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2020-2100"
        },
        {
          "category": "external",
          "summary": "RHBZ#1797087",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1797087"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2020-2100",
          "url": "https://www.cve.org/CVERecord?id=CVE-2020-2100"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-2100",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-2100"
        }
      ],
      "release_date": "2020-01-29T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2020-03-10T22:10:58+00:00",
          "details": "Before applying this update, ensure all previously released errata relevant\nto your system have been applied.\n\nFor OpenShift Container Platform 4.3 see the following documentation, which\nwill be updated shortly for release 4.3.5, for important instructions on\nhow to upgrade your cluster and fully apply this asynchronous errata\nupdate:\n\nhttps://docs.openshift.com/container-platform/4.3/release_notes/ocp-4-3-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.3/updating/updating-cluster-cli.html.",
          "product_ids": [
            "7Server-RH7-RHOSE-4.3:jenkins-0:2.204.2.1583446818-1.el7.noarch",
            "7Server-RH7-RHOSE-4.3:jenkins-0:2.204.2.1583446818-1.el7.src"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHBA-2020:0675"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 5.8,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L",
            "version": "3.1"
          },
          "products": [
            "7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-1:4.3.5-202003020117.git.0.4eb885c.el7.src",
            "7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-1:4.3.5-202003020117.git.0.4eb885c.el7.x86_64",
            "7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-svcat-1:4.3.5-202003020117.git.0.4eb885c.el7.x86_64",
            "7Server-RH7-RHOSE-4.3:atomic-openshift-service-idler-0:4.3.5-202003020117.git.13.3ac2b0e.el7.src",
            "7Server-RH7-RHOSE-4.3:atomic-openshift-service-idler-0:4.3.5-202003020117.git.13.3ac2b0e.el7.x86_64",
            "7Server-RH7-RHOSE-4.3:cri-tools-0:1.17.0-1.el7.src",
            "7Server-RH7-RHOSE-4.3:cri-tools-0:1.17.0-1.el7.x86_64",
            "7Server-RH7-RHOSE-4.3:cri-tools-debuginfo-0:1.17.0-1.el7.x86_64",
            "7Server-RH7-RHOSE-4.3:jenkins-0:2.204.2.1583446818-1.el7.noarch",
            "7Server-RH7-RHOSE-4.3:jenkins-0:2.204.2.1583446818-1.el7.src",
            "7Server-RH7-RHOSE-4.3:jenkins-2-plugins-0:4.3.1583445947-1.el7.noarch",
            "7Server-RH7-RHOSE-4.3:jenkins-2-plugins-0:4.3.1583445947-1.el7.src",
            "7Server-RH7-RHOSE-4.3:openshift-0:4.3.5-202002280657.git.0.b3bfb5a.el7.src",
            "7Server-RH7-RHOSE-4.3:openshift-ansible-0:4.3.5-202002280657.git.1.e4f02b3.el7.noarch",
            "7Server-RH7-RHOSE-4.3:openshift-ansible-0:4.3.5-202002280657.git.1.e4f02b3.el7.src",
            "7Server-RH7-RHOSE-4.3:openshift-ansible-test-0:4.3.5-202002280657.git.1.e4f02b3.el7.noarch",
            "7Server-RH7-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el7.src",
            "7Server-RH7-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el7.x86_64",
            "7Server-RH7-RHOSE-4.3:openshift-clients-redistributable-0:4.3.5-202002280657.git.1.55a9334.el7.x86_64",
            "7Server-RH7-RHOSE-4.3:openshift-hyperkube-0:4.3.5-202002280657.git.0.b3bfb5a.el7.x86_64",
            "7Server-RH7-RHOSE-4.3:ovn2.12-0:2.12.0-32.el7fdn.src",
            "7Server-RH7-RHOSE-4.3:ovn2.12-0:2.12.0-32.el7fdn.x86_64",
            "7Server-RH7-RHOSE-4.3:ovn2.12-central-0:2.12.0-32.el7fdn.x86_64",
            "7Server-RH7-RHOSE-4.3:ovn2.12-debuginfo-0:2.12.0-32.el7fdn.x86_64",
            "7Server-RH7-RHOSE-4.3:ovn2.12-host-0:2.12.0-32.el7fdn.x86_64",
            "7Server-RH7-RHOSE-4.3:ovn2.12-vtep-0:2.12.0-32.el7fdn.x86_64",
            "8Base-RHOSE-4.3:buildah-0:1.11.6-4.el8.src",
            "8Base-RHOSE-4.3:buildah-0:1.11.6-4.el8.x86_64",
            "8Base-RHOSE-4.3:buildah-debuginfo-0:1.11.6-4.el8.x86_64",
            "8Base-RHOSE-4.3:buildah-debugsource-0:1.11.6-4.el8.x86_64",
            "8Base-RHOSE-4.3:buildah-tests-0:1.11.6-4.el8.x86_64",
            "8Base-RHOSE-4.3:buildah-tests-debuginfo-0:1.11.6-4.el8.x86_64",
            "8Base-RHOSE-4.3:containers-common-1:0.1.40-4.rhaos.el8.x86_64",
            "8Base-RHOSE-4.3:cri-o-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.src",
            "8Base-RHOSE-4.3:cri-o-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.x86_64",
            "8Base-RHOSE-4.3:cri-o-debuginfo-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.x86_64",
            "8Base-RHOSE-4.3:cri-o-debugsource-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.x86_64",
            "8Base-RHOSE-4.3:cri-tools-0:1.17.0-2.el8.src",
            "8Base-RHOSE-4.3:cri-tools-0:1.17.0-2.el8.x86_64",
            "8Base-RHOSE-4.3:cri-tools-debuginfo-0:1.17.0-2.el8.x86_64",
            "8Base-RHOSE-4.3:cri-tools-debugsource-0:1.17.0-2.el8.x86_64",
            "8Base-RHOSE-4.3:machine-config-daemon-0:4.3.5-202003020117.git.0.61e0e48.el8.src",
            "8Base-RHOSE-4.3:machine-config-daemon-0:4.3.5-202003020117.git.0.61e0e48.el8.x86_64",
            "8Base-RHOSE-4.3:openshift-0:4.3.5-202002280657.git.0.b3bfb5a.el8.src",
            "8Base-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el8.src",
            "8Base-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el8.x86_64",
            "8Base-RHOSE-4.3:openshift-clients-redistributable-0:4.3.5-202002280657.git.1.55a9334.el8.x86_64",
            "8Base-RHOSE-4.3:openshift-hyperkube-0:4.3.5-202002280657.git.0.b3bfb5a.el8.x86_64",
            "8Base-RHOSE-4.3:openshift-kuryr-0:4.3.5-202003020117.git.0.237579a.el8.src",
            "8Base-RHOSE-4.3:openshift-kuryr-cni-0:4.3.5-202003020117.git.0.237579a.el8.noarch",
            "8Base-RHOSE-4.3:openshift-kuryr-common-0:4.3.5-202003020117.git.0.237579a.el8.noarch",
            "8Base-RHOSE-4.3:openshift-kuryr-controller-0:4.3.5-202003020117.git.0.237579a.el8.noarch",
            "8Base-RHOSE-4.3:python3-kuryr-kubernetes-0:4.3.5-202003020117.git.0.237579a.el8.noarch",
            "8Base-RHOSE-4.3:runc-0:1.0.0-65.rc10.rhaos4.3.el8.src",
            "8Base-RHOSE-4.3:runc-0:1.0.0-65.rc10.rhaos4.3.el8.x86_64",
            "8Base-RHOSE-4.3:runc-debuginfo-0:1.0.0-65.rc10.rhaos4.3.el8.x86_64",
            "8Base-RHOSE-4.3:runc-debugsource-0:1.0.0-65.rc10.rhaos4.3.el8.x86_64",
            "8Base-RHOSE-4.3:skopeo-1:0.1.40-4.rhaos.el8.src",
            "8Base-RHOSE-4.3:skopeo-1:0.1.40-4.rhaos.el8.x86_64",
            "8Base-RHOSE-4.3:skopeo-debuginfo-1:0.1.40-4.rhaos.el8.x86_64",
            "8Base-RHOSE-4.3:skopeo-debugsource-1:0.1.40-4.rhaos.el8.x86_64",
            "8Base-RHOSE-4.3:skopeo-tests-1:0.1.40-4.rhaos.el8.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "jenkins: UDP multicast/broadcast service amplification reflection attack"
    },
    {
      "cve": "CVE-2020-2101",
      "cwe": {
        "id": "CWE-385",
        "name": "Covert Timing Channel"
      },
      "discovery_date": "2020-01-29T00:00:00+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-1:4.3.5-202003020117.git.0.4eb885c.el7.src",
            "7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-1:4.3.5-202003020117.git.0.4eb885c.el7.x86_64",
            "7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-svcat-1:4.3.5-202003020117.git.0.4eb885c.el7.x86_64",
            "7Server-RH7-RHOSE-4.3:atomic-openshift-service-idler-0:4.3.5-202003020117.git.13.3ac2b0e.el7.src",
            "7Server-RH7-RHOSE-4.3:atomic-openshift-service-idler-0:4.3.5-202003020117.git.13.3ac2b0e.el7.x86_64",
            "7Server-RH7-RHOSE-4.3:cri-tools-0:1.17.0-1.el7.src",
            "7Server-RH7-RHOSE-4.3:cri-tools-0:1.17.0-1.el7.x86_64",
            "7Server-RH7-RHOSE-4.3:cri-tools-debuginfo-0:1.17.0-1.el7.x86_64",
            "7Server-RH7-RHOSE-4.3:jenkins-2-plugins-0:4.3.1583445947-1.el7.noarch",
            "7Server-RH7-RHOSE-4.3:jenkins-2-plugins-0:4.3.1583445947-1.el7.src",
            "7Server-RH7-RHOSE-4.3:openshift-0:4.3.5-202002280657.git.0.b3bfb5a.el7.src",
            "7Server-RH7-RHOSE-4.3:openshift-ansible-0:4.3.5-202002280657.git.1.e4f02b3.el7.noarch",
            "7Server-RH7-RHOSE-4.3:openshift-ansible-0:4.3.5-202002280657.git.1.e4f02b3.el7.src",
            "7Server-RH7-RHOSE-4.3:openshift-ansible-test-0:4.3.5-202002280657.git.1.e4f02b3.el7.noarch",
            "7Server-RH7-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el7.src",
            "7Server-RH7-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el7.x86_64",
            "7Server-RH7-RHOSE-4.3:openshift-clients-redistributable-0:4.3.5-202002280657.git.1.55a9334.el7.x86_64",
            "7Server-RH7-RHOSE-4.3:openshift-hyperkube-0:4.3.5-202002280657.git.0.b3bfb5a.el7.x86_64",
            "7Server-RH7-RHOSE-4.3:ovn2.12-0:2.12.0-32.el7fdn.src",
            "7Server-RH7-RHOSE-4.3:ovn2.12-0:2.12.0-32.el7fdn.x86_64",
            "7Server-RH7-RHOSE-4.3:ovn2.12-central-0:2.12.0-32.el7fdn.x86_64",
            "7Server-RH7-RHOSE-4.3:ovn2.12-debuginfo-0:2.12.0-32.el7fdn.x86_64",
            "7Server-RH7-RHOSE-4.3:ovn2.12-host-0:2.12.0-32.el7fdn.x86_64",
            "7Server-RH7-RHOSE-4.3:ovn2.12-vtep-0:2.12.0-32.el7fdn.x86_64",
            "8Base-RHOSE-4.3:buildah-0:1.11.6-4.el8.src",
            "8Base-RHOSE-4.3:buildah-0:1.11.6-4.el8.x86_64",
            "8Base-RHOSE-4.3:buildah-debuginfo-0:1.11.6-4.el8.x86_64",
            "8Base-RHOSE-4.3:buildah-debugsource-0:1.11.6-4.el8.x86_64",
            "8Base-RHOSE-4.3:buildah-tests-0:1.11.6-4.el8.x86_64",
            "8Base-RHOSE-4.3:buildah-tests-debuginfo-0:1.11.6-4.el8.x86_64",
            "8Base-RHOSE-4.3:containers-common-1:0.1.40-4.rhaos.el8.x86_64",
            "8Base-RHOSE-4.3:cri-o-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.src",
            "8Base-RHOSE-4.3:cri-o-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.x86_64",
            "8Base-RHOSE-4.3:cri-o-debuginfo-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.x86_64",
            "8Base-RHOSE-4.3:cri-o-debugsource-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.x86_64",
            "8Base-RHOSE-4.3:cri-tools-0:1.17.0-2.el8.src",
            "8Base-RHOSE-4.3:cri-tools-0:1.17.0-2.el8.x86_64",
            "8Base-RHOSE-4.3:cri-tools-debuginfo-0:1.17.0-2.el8.x86_64",
            "8Base-RHOSE-4.3:cri-tools-debugsource-0:1.17.0-2.el8.x86_64",
            "8Base-RHOSE-4.3:machine-config-daemon-0:4.3.5-202003020117.git.0.61e0e48.el8.src",
            "8Base-RHOSE-4.3:machine-config-daemon-0:4.3.5-202003020117.git.0.61e0e48.el8.x86_64",
            "8Base-RHOSE-4.3:openshift-0:4.3.5-202002280657.git.0.b3bfb5a.el8.src",
            "8Base-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el8.src",
            "8Base-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el8.x86_64",
            "8Base-RHOSE-4.3:openshift-clients-redistributable-0:4.3.5-202002280657.git.1.55a9334.el8.x86_64",
            "8Base-RHOSE-4.3:openshift-hyperkube-0:4.3.5-202002280657.git.0.b3bfb5a.el8.x86_64",
            "8Base-RHOSE-4.3:openshift-kuryr-0:4.3.5-202003020117.git.0.237579a.el8.src",
            "8Base-RHOSE-4.3:openshift-kuryr-cni-0:4.3.5-202003020117.git.0.237579a.el8.noarch",
            "8Base-RHOSE-4.3:openshift-kuryr-common-0:4.3.5-202003020117.git.0.237579a.el8.noarch",
            "8Base-RHOSE-4.3:openshift-kuryr-controller-0:4.3.5-202003020117.git.0.237579a.el8.noarch",
            "8Base-RHOSE-4.3:python3-kuryr-kubernetes-0:4.3.5-202003020117.git.0.237579a.el8.noarch",
            "8Base-RHOSE-4.3:runc-0:1.0.0-65.rc10.rhaos4.3.el8.src",
            "8Base-RHOSE-4.3:runc-0:1.0.0-65.rc10.rhaos4.3.el8.x86_64",
            "8Base-RHOSE-4.3:runc-debuginfo-0:1.0.0-65.rc10.rhaos4.3.el8.x86_64",
            "8Base-RHOSE-4.3:runc-debugsource-0:1.0.0-65.rc10.rhaos4.3.el8.x86_64",
            "8Base-RHOSE-4.3:skopeo-1:0.1.40-4.rhaos.el8.src",
            "8Base-RHOSE-4.3:skopeo-1:0.1.40-4.rhaos.el8.x86_64",
            "8Base-RHOSE-4.3:skopeo-debuginfo-1:0.1.40-4.rhaos.el8.x86_64",
            "8Base-RHOSE-4.3:skopeo-debugsource-1:0.1.40-4.rhaos.el8.x86_64",
            "8Base-RHOSE-4.3:skopeo-tests-1:0.1.40-4.rhaos.el8.x86_64"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1797084"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "Jenkins 2.218 and earlier, LTS 2.204.1 and earlier did not use a constant-time comparison function for validating connection secrets, which could potentially allow an attacker to use a timing attack to obtain this secret.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "jenkins: Non-constant time comparison of inbound TCP agent connection secret",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "7Server-RH7-RHOSE-4.3:jenkins-0:2.204.2.1583446818-1.el7.noarch",
          "7Server-RH7-RHOSE-4.3:jenkins-0:2.204.2.1583446818-1.el7.src"
        ],
        "known_not_affected": [
          "7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-1:4.3.5-202003020117.git.0.4eb885c.el7.src",
          "7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-1:4.3.5-202003020117.git.0.4eb885c.el7.x86_64",
          "7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-svcat-1:4.3.5-202003020117.git.0.4eb885c.el7.x86_64",
          "7Server-RH7-RHOSE-4.3:atomic-openshift-service-idler-0:4.3.5-202003020117.git.13.3ac2b0e.el7.src",
          "7Server-RH7-RHOSE-4.3:atomic-openshift-service-idler-0:4.3.5-202003020117.git.13.3ac2b0e.el7.x86_64",
          "7Server-RH7-RHOSE-4.3:cri-tools-0:1.17.0-1.el7.src",
          "7Server-RH7-RHOSE-4.3:cri-tools-0:1.17.0-1.el7.x86_64",
          "7Server-RH7-RHOSE-4.3:cri-tools-debuginfo-0:1.17.0-1.el7.x86_64",
          "7Server-RH7-RHOSE-4.3:jenkins-2-plugins-0:4.3.1583445947-1.el7.noarch",
          "7Server-RH7-RHOSE-4.3:jenkins-2-plugins-0:4.3.1583445947-1.el7.src",
          "7Server-RH7-RHOSE-4.3:openshift-0:4.3.5-202002280657.git.0.b3bfb5a.el7.src",
          "7Server-RH7-RHOSE-4.3:openshift-ansible-0:4.3.5-202002280657.git.1.e4f02b3.el7.noarch",
          "7Server-RH7-RHOSE-4.3:openshift-ansible-0:4.3.5-202002280657.git.1.e4f02b3.el7.src",
          "7Server-RH7-RHOSE-4.3:openshift-ansible-test-0:4.3.5-202002280657.git.1.e4f02b3.el7.noarch",
          "7Server-RH7-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el7.src",
          "7Server-RH7-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el7.x86_64",
          "7Server-RH7-RHOSE-4.3:openshift-clients-redistributable-0:4.3.5-202002280657.git.1.55a9334.el7.x86_64",
          "7Server-RH7-RHOSE-4.3:openshift-hyperkube-0:4.3.5-202002280657.git.0.b3bfb5a.el7.x86_64",
          "7Server-RH7-RHOSE-4.3:ovn2.12-0:2.12.0-32.el7fdn.src",
          "7Server-RH7-RHOSE-4.3:ovn2.12-0:2.12.0-32.el7fdn.x86_64",
          "7Server-RH7-RHOSE-4.3:ovn2.12-central-0:2.12.0-32.el7fdn.x86_64",
          "7Server-RH7-RHOSE-4.3:ovn2.12-debuginfo-0:2.12.0-32.el7fdn.x86_64",
          "7Server-RH7-RHOSE-4.3:ovn2.12-host-0:2.12.0-32.el7fdn.x86_64",
          "7Server-RH7-RHOSE-4.3:ovn2.12-vtep-0:2.12.0-32.el7fdn.x86_64",
          "8Base-RHOSE-4.3:buildah-0:1.11.6-4.el8.src",
          "8Base-RHOSE-4.3:buildah-0:1.11.6-4.el8.x86_64",
          "8Base-RHOSE-4.3:buildah-debuginfo-0:1.11.6-4.el8.x86_64",
          "8Base-RHOSE-4.3:buildah-debugsource-0:1.11.6-4.el8.x86_64",
          "8Base-RHOSE-4.3:buildah-tests-0:1.11.6-4.el8.x86_64",
          "8Base-RHOSE-4.3:buildah-tests-debuginfo-0:1.11.6-4.el8.x86_64",
          "8Base-RHOSE-4.3:containers-common-1:0.1.40-4.rhaos.el8.x86_64",
          "8Base-RHOSE-4.3:cri-o-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.src",
          "8Base-RHOSE-4.3:cri-o-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.x86_64",
          "8Base-RHOSE-4.3:cri-o-debuginfo-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.x86_64",
          "8Base-RHOSE-4.3:cri-o-debugsource-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.x86_64",
          "8Base-RHOSE-4.3:cri-tools-0:1.17.0-2.el8.src",
          "8Base-RHOSE-4.3:cri-tools-0:1.17.0-2.el8.x86_64",
          "8Base-RHOSE-4.3:cri-tools-debuginfo-0:1.17.0-2.el8.x86_64",
          "8Base-RHOSE-4.3:cri-tools-debugsource-0:1.17.0-2.el8.x86_64",
          "8Base-RHOSE-4.3:machine-config-daemon-0:4.3.5-202003020117.git.0.61e0e48.el8.src",
          "8Base-RHOSE-4.3:machine-config-daemon-0:4.3.5-202003020117.git.0.61e0e48.el8.x86_64",
          "8Base-RHOSE-4.3:openshift-0:4.3.5-202002280657.git.0.b3bfb5a.el8.src",
          "8Base-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el8.src",
          "8Base-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el8.x86_64",
          "8Base-RHOSE-4.3:openshift-clients-redistributable-0:4.3.5-202002280657.git.1.55a9334.el8.x86_64",
          "8Base-RHOSE-4.3:openshift-hyperkube-0:4.3.5-202002280657.git.0.b3bfb5a.el8.x86_64",
          "8Base-RHOSE-4.3:openshift-kuryr-0:4.3.5-202003020117.git.0.237579a.el8.src",
          "8Base-RHOSE-4.3:openshift-kuryr-cni-0:4.3.5-202003020117.git.0.237579a.el8.noarch",
          "8Base-RHOSE-4.3:openshift-kuryr-common-0:4.3.5-202003020117.git.0.237579a.el8.noarch",
          "8Base-RHOSE-4.3:openshift-kuryr-controller-0:4.3.5-202003020117.git.0.237579a.el8.noarch",
          "8Base-RHOSE-4.3:python3-kuryr-kubernetes-0:4.3.5-202003020117.git.0.237579a.el8.noarch",
          "8Base-RHOSE-4.3:runc-0:1.0.0-65.rc10.rhaos4.3.el8.src",
          "8Base-RHOSE-4.3:runc-0:1.0.0-65.rc10.rhaos4.3.el8.x86_64",
          "8Base-RHOSE-4.3:runc-debuginfo-0:1.0.0-65.rc10.rhaos4.3.el8.x86_64",
          "8Base-RHOSE-4.3:runc-debugsource-0:1.0.0-65.rc10.rhaos4.3.el8.x86_64",
          "8Base-RHOSE-4.3:skopeo-1:0.1.40-4.rhaos.el8.src",
          "8Base-RHOSE-4.3:skopeo-1:0.1.40-4.rhaos.el8.x86_64",
          "8Base-RHOSE-4.3:skopeo-debuginfo-1:0.1.40-4.rhaos.el8.x86_64",
          "8Base-RHOSE-4.3:skopeo-debugsource-1:0.1.40-4.rhaos.el8.x86_64",
          "8Base-RHOSE-4.3:skopeo-tests-1:0.1.40-4.rhaos.el8.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2020-2101"
        },
        {
          "category": "external",
          "summary": "RHBZ#1797084",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1797084"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2020-2101",
          "url": "https://www.cve.org/CVERecord?id=CVE-2020-2101"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-2101",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-2101"
        }
      ],
      "release_date": "2020-01-29T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2020-03-10T22:10:58+00:00",
          "details": "Before applying this update, ensure all previously released errata relevant\nto your system have been applied.\n\nFor OpenShift Container Platform 4.3 see the following documentation, which\nwill be updated shortly for release 4.3.5, for important instructions on\nhow to upgrade your cluster and fully apply this asynchronous errata\nupdate:\n\nhttps://docs.openshift.com/container-platform/4.3/release_notes/ocp-4-3-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.3/updating/updating-cluster-cli.html.",
          "product_ids": [
            "7Server-RH7-RHOSE-4.3:jenkins-0:2.204.2.1583446818-1.el7.noarch",
            "7Server-RH7-RHOSE-4.3:jenkins-0:2.204.2.1583446818-1.el7.src"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHBA-2020:0675"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-1:4.3.5-202003020117.git.0.4eb885c.el7.src",
            "7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-1:4.3.5-202003020117.git.0.4eb885c.el7.x86_64",
            "7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-svcat-1:4.3.5-202003020117.git.0.4eb885c.el7.x86_64",
            "7Server-RH7-RHOSE-4.3:atomic-openshift-service-idler-0:4.3.5-202003020117.git.13.3ac2b0e.el7.src",
            "7Server-RH7-RHOSE-4.3:atomic-openshift-service-idler-0:4.3.5-202003020117.git.13.3ac2b0e.el7.x86_64",
            "7Server-RH7-RHOSE-4.3:cri-tools-0:1.17.0-1.el7.src",
            "7Server-RH7-RHOSE-4.3:cri-tools-0:1.17.0-1.el7.x86_64",
            "7Server-RH7-RHOSE-4.3:cri-tools-debuginfo-0:1.17.0-1.el7.x86_64",
            "7Server-RH7-RHOSE-4.3:jenkins-0:2.204.2.1583446818-1.el7.noarch",
            "7Server-RH7-RHOSE-4.3:jenkins-0:2.204.2.1583446818-1.el7.src",
            "7Server-RH7-RHOSE-4.3:jenkins-2-plugins-0:4.3.1583445947-1.el7.noarch",
            "7Server-RH7-RHOSE-4.3:jenkins-2-plugins-0:4.3.1583445947-1.el7.src",
            "7Server-RH7-RHOSE-4.3:openshift-0:4.3.5-202002280657.git.0.b3bfb5a.el7.src",
            "7Server-RH7-RHOSE-4.3:openshift-ansible-0:4.3.5-202002280657.git.1.e4f02b3.el7.noarch",
            "7Server-RH7-RHOSE-4.3:openshift-ansible-0:4.3.5-202002280657.git.1.e4f02b3.el7.src",
            "7Server-RH7-RHOSE-4.3:openshift-ansible-test-0:4.3.5-202002280657.git.1.e4f02b3.el7.noarch",
            "7Server-RH7-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el7.src",
            "7Server-RH7-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el7.x86_64",
            "7Server-RH7-RHOSE-4.3:openshift-clients-redistributable-0:4.3.5-202002280657.git.1.55a9334.el7.x86_64",
            "7Server-RH7-RHOSE-4.3:openshift-hyperkube-0:4.3.5-202002280657.git.0.b3bfb5a.el7.x86_64",
            "7Server-RH7-RHOSE-4.3:ovn2.12-0:2.12.0-32.el7fdn.src",
            "7Server-RH7-RHOSE-4.3:ovn2.12-0:2.12.0-32.el7fdn.x86_64",
            "7Server-RH7-RHOSE-4.3:ovn2.12-central-0:2.12.0-32.el7fdn.x86_64",
            "7Server-RH7-RHOSE-4.3:ovn2.12-debuginfo-0:2.12.0-32.el7fdn.x86_64",
            "7Server-RH7-RHOSE-4.3:ovn2.12-host-0:2.12.0-32.el7fdn.x86_64",
            "7Server-RH7-RHOSE-4.3:ovn2.12-vtep-0:2.12.0-32.el7fdn.x86_64",
            "8Base-RHOSE-4.3:buildah-0:1.11.6-4.el8.src",
            "8Base-RHOSE-4.3:buildah-0:1.11.6-4.el8.x86_64",
            "8Base-RHOSE-4.3:buildah-debuginfo-0:1.11.6-4.el8.x86_64",
            "8Base-RHOSE-4.3:buildah-debugsource-0:1.11.6-4.el8.x86_64",
            "8Base-RHOSE-4.3:buildah-tests-0:1.11.6-4.el8.x86_64",
            "8Base-RHOSE-4.3:buildah-tests-debuginfo-0:1.11.6-4.el8.x86_64",
            "8Base-RHOSE-4.3:containers-common-1:0.1.40-4.rhaos.el8.x86_64",
            "8Base-RHOSE-4.3:cri-o-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.src",
            "8Base-RHOSE-4.3:cri-o-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.x86_64",
            "8Base-RHOSE-4.3:cri-o-debuginfo-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.x86_64",
            "8Base-RHOSE-4.3:cri-o-debugsource-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.x86_64",
            "8Base-RHOSE-4.3:cri-tools-0:1.17.0-2.el8.src",
            "8Base-RHOSE-4.3:cri-tools-0:1.17.0-2.el8.x86_64",
            "8Base-RHOSE-4.3:cri-tools-debuginfo-0:1.17.0-2.el8.x86_64",
            "8Base-RHOSE-4.3:cri-tools-debugsource-0:1.17.0-2.el8.x86_64",
            "8Base-RHOSE-4.3:machine-config-daemon-0:4.3.5-202003020117.git.0.61e0e48.el8.src",
            "8Base-RHOSE-4.3:machine-config-daemon-0:4.3.5-202003020117.git.0.61e0e48.el8.x86_64",
            "8Base-RHOSE-4.3:openshift-0:4.3.5-202002280657.git.0.b3bfb5a.el8.src",
            "8Base-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el8.src",
            "8Base-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el8.x86_64",
            "8Base-RHOSE-4.3:openshift-clients-redistributable-0:4.3.5-202002280657.git.1.55a9334.el8.x86_64",
            "8Base-RHOSE-4.3:openshift-hyperkube-0:4.3.5-202002280657.git.0.b3bfb5a.el8.x86_64",
            "8Base-RHOSE-4.3:openshift-kuryr-0:4.3.5-202003020117.git.0.237579a.el8.src",
            "8Base-RHOSE-4.3:openshift-kuryr-cni-0:4.3.5-202003020117.git.0.237579a.el8.noarch",
            "8Base-RHOSE-4.3:openshift-kuryr-common-0:4.3.5-202003020117.git.0.237579a.el8.noarch",
            "8Base-RHOSE-4.3:openshift-kuryr-controller-0:4.3.5-202003020117.git.0.237579a.el8.noarch",
            "8Base-RHOSE-4.3:python3-kuryr-kubernetes-0:4.3.5-202003020117.git.0.237579a.el8.noarch",
            "8Base-RHOSE-4.3:runc-0:1.0.0-65.rc10.rhaos4.3.el8.src",
            "8Base-RHOSE-4.3:runc-0:1.0.0-65.rc10.rhaos4.3.el8.x86_64",
            "8Base-RHOSE-4.3:runc-debuginfo-0:1.0.0-65.rc10.rhaos4.3.el8.x86_64",
            "8Base-RHOSE-4.3:runc-debugsource-0:1.0.0-65.rc10.rhaos4.3.el8.x86_64",
            "8Base-RHOSE-4.3:skopeo-1:0.1.40-4.rhaos.el8.src",
            "8Base-RHOSE-4.3:skopeo-1:0.1.40-4.rhaos.el8.x86_64",
            "8Base-RHOSE-4.3:skopeo-debuginfo-1:0.1.40-4.rhaos.el8.x86_64",
            "8Base-RHOSE-4.3:skopeo-debugsource-1:0.1.40-4.rhaos.el8.x86_64",
            "8Base-RHOSE-4.3:skopeo-tests-1:0.1.40-4.rhaos.el8.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "jenkins: Non-constant time comparison of inbound TCP agent connection secret"
    },
    {
      "cve": "CVE-2020-2102",
      "cwe": {
        "id": "CWE-385",
        "name": "Covert Timing Channel"
      },
      "discovery_date": "2020-01-29T00:00:00+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-1:4.3.5-202003020117.git.0.4eb885c.el7.src",
            "7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-1:4.3.5-202003020117.git.0.4eb885c.el7.x86_64",
            "7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-svcat-1:4.3.5-202003020117.git.0.4eb885c.el7.x86_64",
            "7Server-RH7-RHOSE-4.3:atomic-openshift-service-idler-0:4.3.5-202003020117.git.13.3ac2b0e.el7.src",
            "7Server-RH7-RHOSE-4.3:atomic-openshift-service-idler-0:4.3.5-202003020117.git.13.3ac2b0e.el7.x86_64",
            "7Server-RH7-RHOSE-4.3:cri-tools-0:1.17.0-1.el7.src",
            "7Server-RH7-RHOSE-4.3:cri-tools-0:1.17.0-1.el7.x86_64",
            "7Server-RH7-RHOSE-4.3:cri-tools-debuginfo-0:1.17.0-1.el7.x86_64",
            "7Server-RH7-RHOSE-4.3:jenkins-2-plugins-0:4.3.1583445947-1.el7.noarch",
            "7Server-RH7-RHOSE-4.3:jenkins-2-plugins-0:4.3.1583445947-1.el7.src",
            "7Server-RH7-RHOSE-4.3:openshift-0:4.3.5-202002280657.git.0.b3bfb5a.el7.src",
            "7Server-RH7-RHOSE-4.3:openshift-ansible-0:4.3.5-202002280657.git.1.e4f02b3.el7.noarch",
            "7Server-RH7-RHOSE-4.3:openshift-ansible-0:4.3.5-202002280657.git.1.e4f02b3.el7.src",
            "7Server-RH7-RHOSE-4.3:openshift-ansible-test-0:4.3.5-202002280657.git.1.e4f02b3.el7.noarch",
            "7Server-RH7-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el7.src",
            "7Server-RH7-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el7.x86_64",
            "7Server-RH7-RHOSE-4.3:openshift-clients-redistributable-0:4.3.5-202002280657.git.1.55a9334.el7.x86_64",
            "7Server-RH7-RHOSE-4.3:openshift-hyperkube-0:4.3.5-202002280657.git.0.b3bfb5a.el7.x86_64",
            "7Server-RH7-RHOSE-4.3:ovn2.12-0:2.12.0-32.el7fdn.src",
            "7Server-RH7-RHOSE-4.3:ovn2.12-0:2.12.0-32.el7fdn.x86_64",
            "7Server-RH7-RHOSE-4.3:ovn2.12-central-0:2.12.0-32.el7fdn.x86_64",
            "7Server-RH7-RHOSE-4.3:ovn2.12-debuginfo-0:2.12.0-32.el7fdn.x86_64",
            "7Server-RH7-RHOSE-4.3:ovn2.12-host-0:2.12.0-32.el7fdn.x86_64",
            "7Server-RH7-RHOSE-4.3:ovn2.12-vtep-0:2.12.0-32.el7fdn.x86_64",
            "8Base-RHOSE-4.3:buildah-0:1.11.6-4.el8.src",
            "8Base-RHOSE-4.3:buildah-0:1.11.6-4.el8.x86_64",
            "8Base-RHOSE-4.3:buildah-debuginfo-0:1.11.6-4.el8.x86_64",
            "8Base-RHOSE-4.3:buildah-debugsource-0:1.11.6-4.el8.x86_64",
            "8Base-RHOSE-4.3:buildah-tests-0:1.11.6-4.el8.x86_64",
            "8Base-RHOSE-4.3:buildah-tests-debuginfo-0:1.11.6-4.el8.x86_64",
            "8Base-RHOSE-4.3:containers-common-1:0.1.40-4.rhaos.el8.x86_64",
            "8Base-RHOSE-4.3:cri-o-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.src",
            "8Base-RHOSE-4.3:cri-o-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.x86_64",
            "8Base-RHOSE-4.3:cri-o-debuginfo-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.x86_64",
            "8Base-RHOSE-4.3:cri-o-debugsource-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.x86_64",
            "8Base-RHOSE-4.3:cri-tools-0:1.17.0-2.el8.src",
            "8Base-RHOSE-4.3:cri-tools-0:1.17.0-2.el8.x86_64",
            "8Base-RHOSE-4.3:cri-tools-debuginfo-0:1.17.0-2.el8.x86_64",
            "8Base-RHOSE-4.3:cri-tools-debugsource-0:1.17.0-2.el8.x86_64",
            "8Base-RHOSE-4.3:machine-config-daemon-0:4.3.5-202003020117.git.0.61e0e48.el8.src",
            "8Base-RHOSE-4.3:machine-config-daemon-0:4.3.5-202003020117.git.0.61e0e48.el8.x86_64",
            "8Base-RHOSE-4.3:openshift-0:4.3.5-202002280657.git.0.b3bfb5a.el8.src",
            "8Base-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el8.src",
            "8Base-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el8.x86_64",
            "8Base-RHOSE-4.3:openshift-clients-redistributable-0:4.3.5-202002280657.git.1.55a9334.el8.x86_64",
            "8Base-RHOSE-4.3:openshift-hyperkube-0:4.3.5-202002280657.git.0.b3bfb5a.el8.x86_64",
            "8Base-RHOSE-4.3:openshift-kuryr-0:4.3.5-202003020117.git.0.237579a.el8.src",
            "8Base-RHOSE-4.3:openshift-kuryr-cni-0:4.3.5-202003020117.git.0.237579a.el8.noarch",
            "8Base-RHOSE-4.3:openshift-kuryr-common-0:4.3.5-202003020117.git.0.237579a.el8.noarch",
            "8Base-RHOSE-4.3:openshift-kuryr-controller-0:4.3.5-202003020117.git.0.237579a.el8.noarch",
            "8Base-RHOSE-4.3:python3-kuryr-kubernetes-0:4.3.5-202003020117.git.0.237579a.el8.noarch",
            "8Base-RHOSE-4.3:runc-0:1.0.0-65.rc10.rhaos4.3.el8.src",
            "8Base-RHOSE-4.3:runc-0:1.0.0-65.rc10.rhaos4.3.el8.x86_64",
            "8Base-RHOSE-4.3:runc-debuginfo-0:1.0.0-65.rc10.rhaos4.3.el8.x86_64",
            "8Base-RHOSE-4.3:runc-debugsource-0:1.0.0-65.rc10.rhaos4.3.el8.x86_64",
            "8Base-RHOSE-4.3:skopeo-1:0.1.40-4.rhaos.el8.src",
            "8Base-RHOSE-4.3:skopeo-1:0.1.40-4.rhaos.el8.x86_64",
            "8Base-RHOSE-4.3:skopeo-debuginfo-1:0.1.40-4.rhaos.el8.x86_64",
            "8Base-RHOSE-4.3:skopeo-debugsource-1:0.1.40-4.rhaos.el8.x86_64",
            "8Base-RHOSE-4.3:skopeo-tests-1:0.1.40-4.rhaos.el8.x86_64"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1797071"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "Jenkins 2.218 and earlier, LTS 2.204.1 and earlier used a non-constant time comparison function when validating an HMAC.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "jenkins: Non-constant time HMAC comparison",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "7Server-RH7-RHOSE-4.3:jenkins-0:2.204.2.1583446818-1.el7.noarch",
          "7Server-RH7-RHOSE-4.3:jenkins-0:2.204.2.1583446818-1.el7.src"
        ],
        "known_not_affected": [
          "7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-1:4.3.5-202003020117.git.0.4eb885c.el7.src",
          "7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-1:4.3.5-202003020117.git.0.4eb885c.el7.x86_64",
          "7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-svcat-1:4.3.5-202003020117.git.0.4eb885c.el7.x86_64",
          "7Server-RH7-RHOSE-4.3:atomic-openshift-service-idler-0:4.3.5-202003020117.git.13.3ac2b0e.el7.src",
          "7Server-RH7-RHOSE-4.3:atomic-openshift-service-idler-0:4.3.5-202003020117.git.13.3ac2b0e.el7.x86_64",
          "7Server-RH7-RHOSE-4.3:cri-tools-0:1.17.0-1.el7.src",
          "7Server-RH7-RHOSE-4.3:cri-tools-0:1.17.0-1.el7.x86_64",
          "7Server-RH7-RHOSE-4.3:cri-tools-debuginfo-0:1.17.0-1.el7.x86_64",
          "7Server-RH7-RHOSE-4.3:jenkins-2-plugins-0:4.3.1583445947-1.el7.noarch",
          "7Server-RH7-RHOSE-4.3:jenkins-2-plugins-0:4.3.1583445947-1.el7.src",
          "7Server-RH7-RHOSE-4.3:openshift-0:4.3.5-202002280657.git.0.b3bfb5a.el7.src",
          "7Server-RH7-RHOSE-4.3:openshift-ansible-0:4.3.5-202002280657.git.1.e4f02b3.el7.noarch",
          "7Server-RH7-RHOSE-4.3:openshift-ansible-0:4.3.5-202002280657.git.1.e4f02b3.el7.src",
          "7Server-RH7-RHOSE-4.3:openshift-ansible-test-0:4.3.5-202002280657.git.1.e4f02b3.el7.noarch",
          "7Server-RH7-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el7.src",
          "7Server-RH7-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el7.x86_64",
          "7Server-RH7-RHOSE-4.3:openshift-clients-redistributable-0:4.3.5-202002280657.git.1.55a9334.el7.x86_64",
          "7Server-RH7-RHOSE-4.3:openshift-hyperkube-0:4.3.5-202002280657.git.0.b3bfb5a.el7.x86_64",
          "7Server-RH7-RHOSE-4.3:ovn2.12-0:2.12.0-32.el7fdn.src",
          "7Server-RH7-RHOSE-4.3:ovn2.12-0:2.12.0-32.el7fdn.x86_64",
          "7Server-RH7-RHOSE-4.3:ovn2.12-central-0:2.12.0-32.el7fdn.x86_64",
          "7Server-RH7-RHOSE-4.3:ovn2.12-debuginfo-0:2.12.0-32.el7fdn.x86_64",
          "7Server-RH7-RHOSE-4.3:ovn2.12-host-0:2.12.0-32.el7fdn.x86_64",
          "7Server-RH7-RHOSE-4.3:ovn2.12-vtep-0:2.12.0-32.el7fdn.x86_64",
          "8Base-RHOSE-4.3:buildah-0:1.11.6-4.el8.src",
          "8Base-RHOSE-4.3:buildah-0:1.11.6-4.el8.x86_64",
          "8Base-RHOSE-4.3:buildah-debuginfo-0:1.11.6-4.el8.x86_64",
          "8Base-RHOSE-4.3:buildah-debugsource-0:1.11.6-4.el8.x86_64",
          "8Base-RHOSE-4.3:buildah-tests-0:1.11.6-4.el8.x86_64",
          "8Base-RHOSE-4.3:buildah-tests-debuginfo-0:1.11.6-4.el8.x86_64",
          "8Base-RHOSE-4.3:containers-common-1:0.1.40-4.rhaos.el8.x86_64",
          "8Base-RHOSE-4.3:cri-o-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.src",
          "8Base-RHOSE-4.3:cri-o-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.x86_64",
          "8Base-RHOSE-4.3:cri-o-debuginfo-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.x86_64",
          "8Base-RHOSE-4.3:cri-o-debugsource-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.x86_64",
          "8Base-RHOSE-4.3:cri-tools-0:1.17.0-2.el8.src",
          "8Base-RHOSE-4.3:cri-tools-0:1.17.0-2.el8.x86_64",
          "8Base-RHOSE-4.3:cri-tools-debuginfo-0:1.17.0-2.el8.x86_64",
          "8Base-RHOSE-4.3:cri-tools-debugsource-0:1.17.0-2.el8.x86_64",
          "8Base-RHOSE-4.3:machine-config-daemon-0:4.3.5-202003020117.git.0.61e0e48.el8.src",
          "8Base-RHOSE-4.3:machine-config-daemon-0:4.3.5-202003020117.git.0.61e0e48.el8.x86_64",
          "8Base-RHOSE-4.3:openshift-0:4.3.5-202002280657.git.0.b3bfb5a.el8.src",
          "8Base-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el8.src",
          "8Base-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el8.x86_64",
          "8Base-RHOSE-4.3:openshift-clients-redistributable-0:4.3.5-202002280657.git.1.55a9334.el8.x86_64",
          "8Base-RHOSE-4.3:openshift-hyperkube-0:4.3.5-202002280657.git.0.b3bfb5a.el8.x86_64",
          "8Base-RHOSE-4.3:openshift-kuryr-0:4.3.5-202003020117.git.0.237579a.el8.src",
          "8Base-RHOSE-4.3:openshift-kuryr-cni-0:4.3.5-202003020117.git.0.237579a.el8.noarch",
          "8Base-RHOSE-4.3:openshift-kuryr-common-0:4.3.5-202003020117.git.0.237579a.el8.noarch",
          "8Base-RHOSE-4.3:openshift-kuryr-controller-0:4.3.5-202003020117.git.0.237579a.el8.noarch",
          "8Base-RHOSE-4.3:python3-kuryr-kubernetes-0:4.3.5-202003020117.git.0.237579a.el8.noarch",
          "8Base-RHOSE-4.3:runc-0:1.0.0-65.rc10.rhaos4.3.el8.src",
          "8Base-RHOSE-4.3:runc-0:1.0.0-65.rc10.rhaos4.3.el8.x86_64",
          "8Base-RHOSE-4.3:runc-debuginfo-0:1.0.0-65.rc10.rhaos4.3.el8.x86_64",
          "8Base-RHOSE-4.3:runc-debugsource-0:1.0.0-65.rc10.rhaos4.3.el8.x86_64",
          "8Base-RHOSE-4.3:skopeo-1:0.1.40-4.rhaos.el8.src",
          "8Base-RHOSE-4.3:skopeo-1:0.1.40-4.rhaos.el8.x86_64",
          "8Base-RHOSE-4.3:skopeo-debuginfo-1:0.1.40-4.rhaos.el8.x86_64",
          "8Base-RHOSE-4.3:skopeo-debugsource-1:0.1.40-4.rhaos.el8.x86_64",
          "8Base-RHOSE-4.3:skopeo-tests-1:0.1.40-4.rhaos.el8.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2020-2102"
        },
        {
          "category": "external",
          "summary": "RHBZ#1797071",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1797071"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2020-2102",
          "url": "https://www.cve.org/CVERecord?id=CVE-2020-2102"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-2102",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-2102"
        }
      ],
      "release_date": "2020-01-29T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2020-03-10T22:10:58+00:00",
          "details": "Before applying this update, ensure all previously released errata relevant\nto your system have been applied.\n\nFor OpenShift Container Platform 4.3 see the following documentation, which\nwill be updated shortly for release 4.3.5, for important instructions on\nhow to upgrade your cluster and fully apply this asynchronous errata\nupdate:\n\nhttps://docs.openshift.com/container-platform/4.3/release_notes/ocp-4-3-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.3/updating/updating-cluster-cli.html.",
          "product_ids": [
            "7Server-RH7-RHOSE-4.3:jenkins-0:2.204.2.1583446818-1.el7.noarch",
            "7Server-RH7-RHOSE-4.3:jenkins-0:2.204.2.1583446818-1.el7.src"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHBA-2020:0675"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-1:4.3.5-202003020117.git.0.4eb885c.el7.src",
            "7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-1:4.3.5-202003020117.git.0.4eb885c.el7.x86_64",
            "7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-svcat-1:4.3.5-202003020117.git.0.4eb885c.el7.x86_64",
            "7Server-RH7-RHOSE-4.3:atomic-openshift-service-idler-0:4.3.5-202003020117.git.13.3ac2b0e.el7.src",
            "7Server-RH7-RHOSE-4.3:atomic-openshift-service-idler-0:4.3.5-202003020117.git.13.3ac2b0e.el7.x86_64",
            "7Server-RH7-RHOSE-4.3:cri-tools-0:1.17.0-1.el7.src",
            "7Server-RH7-RHOSE-4.3:cri-tools-0:1.17.0-1.el7.x86_64",
            "7Server-RH7-RHOSE-4.3:cri-tools-debuginfo-0:1.17.0-1.el7.x86_64",
            "7Server-RH7-RHOSE-4.3:jenkins-0:2.204.2.1583446818-1.el7.noarch",
            "7Server-RH7-RHOSE-4.3:jenkins-0:2.204.2.1583446818-1.el7.src",
            "7Server-RH7-RHOSE-4.3:jenkins-2-plugins-0:4.3.1583445947-1.el7.noarch",
            "7Server-RH7-RHOSE-4.3:jenkins-2-plugins-0:4.3.1583445947-1.el7.src",
            "7Server-RH7-RHOSE-4.3:openshift-0:4.3.5-202002280657.git.0.b3bfb5a.el7.src",
            "7Server-RH7-RHOSE-4.3:openshift-ansible-0:4.3.5-202002280657.git.1.e4f02b3.el7.noarch",
            "7Server-RH7-RHOSE-4.3:openshift-ansible-0:4.3.5-202002280657.git.1.e4f02b3.el7.src",
            "7Server-RH7-RHOSE-4.3:openshift-ansible-test-0:4.3.5-202002280657.git.1.e4f02b3.el7.noarch",
            "7Server-RH7-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el7.src",
            "7Server-RH7-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el7.x86_64",
            "7Server-RH7-RHOSE-4.3:openshift-clients-redistributable-0:4.3.5-202002280657.git.1.55a9334.el7.x86_64",
            "7Server-RH7-RHOSE-4.3:openshift-hyperkube-0:4.3.5-202002280657.git.0.b3bfb5a.el7.x86_64",
            "7Server-RH7-RHOSE-4.3:ovn2.12-0:2.12.0-32.el7fdn.src",
            "7Server-RH7-RHOSE-4.3:ovn2.12-0:2.12.0-32.el7fdn.x86_64",
            "7Server-RH7-RHOSE-4.3:ovn2.12-central-0:2.12.0-32.el7fdn.x86_64",
            "7Server-RH7-RHOSE-4.3:ovn2.12-debuginfo-0:2.12.0-32.el7fdn.x86_64",
            "7Server-RH7-RHOSE-4.3:ovn2.12-host-0:2.12.0-32.el7fdn.x86_64",
            "7Server-RH7-RHOSE-4.3:ovn2.12-vtep-0:2.12.0-32.el7fdn.x86_64",
            "8Base-RHOSE-4.3:buildah-0:1.11.6-4.el8.src",
            "8Base-RHOSE-4.3:buildah-0:1.11.6-4.el8.x86_64",
            "8Base-RHOSE-4.3:buildah-debuginfo-0:1.11.6-4.el8.x86_64",
            "8Base-RHOSE-4.3:buildah-debugsource-0:1.11.6-4.el8.x86_64",
            "8Base-RHOSE-4.3:buildah-tests-0:1.11.6-4.el8.x86_64",
            "8Base-RHOSE-4.3:buildah-tests-debuginfo-0:1.11.6-4.el8.x86_64",
            "8Base-RHOSE-4.3:containers-common-1:0.1.40-4.rhaos.el8.x86_64",
            "8Base-RHOSE-4.3:cri-o-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.src",
            "8Base-RHOSE-4.3:cri-o-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.x86_64",
            "8Base-RHOSE-4.3:cri-o-debuginfo-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.x86_64",
            "8Base-RHOSE-4.3:cri-o-debugsource-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.x86_64",
            "8Base-RHOSE-4.3:cri-tools-0:1.17.0-2.el8.src",
            "8Base-RHOSE-4.3:cri-tools-0:1.17.0-2.el8.x86_64",
            "8Base-RHOSE-4.3:cri-tools-debuginfo-0:1.17.0-2.el8.x86_64",
            "8Base-RHOSE-4.3:cri-tools-debugsource-0:1.17.0-2.el8.x86_64",
            "8Base-RHOSE-4.3:machine-config-daemon-0:4.3.5-202003020117.git.0.61e0e48.el8.src",
            "8Base-RHOSE-4.3:machine-config-daemon-0:4.3.5-202003020117.git.0.61e0e48.el8.x86_64",
            "8Base-RHOSE-4.3:openshift-0:4.3.5-202002280657.git.0.b3bfb5a.el8.src",
            "8Base-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el8.src",
            "8Base-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el8.x86_64",
            "8Base-RHOSE-4.3:openshift-clients-redistributable-0:4.3.5-202002280657.git.1.55a9334.el8.x86_64",
            "8Base-RHOSE-4.3:openshift-hyperkube-0:4.3.5-202002280657.git.0.b3bfb5a.el8.x86_64",
            "8Base-RHOSE-4.3:openshift-kuryr-0:4.3.5-202003020117.git.0.237579a.el8.src",
            "8Base-RHOSE-4.3:openshift-kuryr-cni-0:4.3.5-202003020117.git.0.237579a.el8.noarch",
            "8Base-RHOSE-4.3:openshift-kuryr-common-0:4.3.5-202003020117.git.0.237579a.el8.noarch",
            "8Base-RHOSE-4.3:openshift-kuryr-controller-0:4.3.5-202003020117.git.0.237579a.el8.noarch",
            "8Base-RHOSE-4.3:python3-kuryr-kubernetes-0:4.3.5-202003020117.git.0.237579a.el8.noarch",
            "8Base-RHOSE-4.3:runc-0:1.0.0-65.rc10.rhaos4.3.el8.src",
            "8Base-RHOSE-4.3:runc-0:1.0.0-65.rc10.rhaos4.3.el8.x86_64",
            "8Base-RHOSE-4.3:runc-debuginfo-0:1.0.0-65.rc10.rhaos4.3.el8.x86_64",
            "8Base-RHOSE-4.3:runc-debugsource-0:1.0.0-65.rc10.rhaos4.3.el8.x86_64",
            "8Base-RHOSE-4.3:skopeo-1:0.1.40-4.rhaos.el8.src",
            "8Base-RHOSE-4.3:skopeo-1:0.1.40-4.rhaos.el8.x86_64",
            "8Base-RHOSE-4.3:skopeo-debuginfo-1:0.1.40-4.rhaos.el8.x86_64",
            "8Base-RHOSE-4.3:skopeo-debugsource-1:0.1.40-4.rhaos.el8.x86_64",
            "8Base-RHOSE-4.3:skopeo-tests-1:0.1.40-4.rhaos.el8.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "jenkins: Non-constant time HMAC comparison"
    },
    {
      "cve": "CVE-2020-2103",
      "cwe": {
        "id": "CWE-200",
        "name": "Exposure of Sensitive Information to an Unauthorized Actor"
      },
      "discovery_date": "2020-01-29T00:00:00+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-1:4.3.5-202003020117.git.0.4eb885c.el7.src",
            "7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-1:4.3.5-202003020117.git.0.4eb885c.el7.x86_64",
            "7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-svcat-1:4.3.5-202003020117.git.0.4eb885c.el7.x86_64",
            "7Server-RH7-RHOSE-4.3:atomic-openshift-service-idler-0:4.3.5-202003020117.git.13.3ac2b0e.el7.src",
            "7Server-RH7-RHOSE-4.3:atomic-openshift-service-idler-0:4.3.5-202003020117.git.13.3ac2b0e.el7.x86_64",
            "7Server-RH7-RHOSE-4.3:cri-tools-0:1.17.0-1.el7.src",
            "7Server-RH7-RHOSE-4.3:cri-tools-0:1.17.0-1.el7.x86_64",
            "7Server-RH7-RHOSE-4.3:cri-tools-debuginfo-0:1.17.0-1.el7.x86_64",
            "7Server-RH7-RHOSE-4.3:jenkins-2-plugins-0:4.3.1583445947-1.el7.noarch",
            "7Server-RH7-RHOSE-4.3:jenkins-2-plugins-0:4.3.1583445947-1.el7.src",
            "7Server-RH7-RHOSE-4.3:openshift-0:4.3.5-202002280657.git.0.b3bfb5a.el7.src",
            "7Server-RH7-RHOSE-4.3:openshift-ansible-0:4.3.5-202002280657.git.1.e4f02b3.el7.noarch",
            "7Server-RH7-RHOSE-4.3:openshift-ansible-0:4.3.5-202002280657.git.1.e4f02b3.el7.src",
            "7Server-RH7-RHOSE-4.3:openshift-ansible-test-0:4.3.5-202002280657.git.1.e4f02b3.el7.noarch",
            "7Server-RH7-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el7.src",
            "7Server-RH7-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el7.x86_64",
            "7Server-RH7-RHOSE-4.3:openshift-clients-redistributable-0:4.3.5-202002280657.git.1.55a9334.el7.x86_64",
            "7Server-RH7-RHOSE-4.3:openshift-hyperkube-0:4.3.5-202002280657.git.0.b3bfb5a.el7.x86_64",
            "7Server-RH7-RHOSE-4.3:ovn2.12-0:2.12.0-32.el7fdn.src",
            "7Server-RH7-RHOSE-4.3:ovn2.12-0:2.12.0-32.el7fdn.x86_64",
            "7Server-RH7-RHOSE-4.3:ovn2.12-central-0:2.12.0-32.el7fdn.x86_64",
            "7Server-RH7-RHOSE-4.3:ovn2.12-debuginfo-0:2.12.0-32.el7fdn.x86_64",
            "7Server-RH7-RHOSE-4.3:ovn2.12-host-0:2.12.0-32.el7fdn.x86_64",
            "7Server-RH7-RHOSE-4.3:ovn2.12-vtep-0:2.12.0-32.el7fdn.x86_64",
            "8Base-RHOSE-4.3:buildah-0:1.11.6-4.el8.src",
            "8Base-RHOSE-4.3:buildah-0:1.11.6-4.el8.x86_64",
            "8Base-RHOSE-4.3:buildah-debuginfo-0:1.11.6-4.el8.x86_64",
            "8Base-RHOSE-4.3:buildah-debugsource-0:1.11.6-4.el8.x86_64",
            "8Base-RHOSE-4.3:buildah-tests-0:1.11.6-4.el8.x86_64",
            "8Base-RHOSE-4.3:buildah-tests-debuginfo-0:1.11.6-4.el8.x86_64",
            "8Base-RHOSE-4.3:containers-common-1:0.1.40-4.rhaos.el8.x86_64",
            "8Base-RHOSE-4.3:cri-o-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.src",
            "8Base-RHOSE-4.3:cri-o-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.x86_64",
            "8Base-RHOSE-4.3:cri-o-debuginfo-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.x86_64",
            "8Base-RHOSE-4.3:cri-o-debugsource-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.x86_64",
            "8Base-RHOSE-4.3:cri-tools-0:1.17.0-2.el8.src",
            "8Base-RHOSE-4.3:cri-tools-0:1.17.0-2.el8.x86_64",
            "8Base-RHOSE-4.3:cri-tools-debuginfo-0:1.17.0-2.el8.x86_64",
            "8Base-RHOSE-4.3:cri-tools-debugsource-0:1.17.0-2.el8.x86_64",
            "8Base-RHOSE-4.3:machine-config-daemon-0:4.3.5-202003020117.git.0.61e0e48.el8.src",
            "8Base-RHOSE-4.3:machine-config-daemon-0:4.3.5-202003020117.git.0.61e0e48.el8.x86_64",
            "8Base-RHOSE-4.3:openshift-0:4.3.5-202002280657.git.0.b3bfb5a.el8.src",
            "8Base-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el8.src",
            "8Base-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el8.x86_64",
            "8Base-RHOSE-4.3:openshift-clients-redistributable-0:4.3.5-202002280657.git.1.55a9334.el8.x86_64",
            "8Base-RHOSE-4.3:openshift-hyperkube-0:4.3.5-202002280657.git.0.b3bfb5a.el8.x86_64",
            "8Base-RHOSE-4.3:openshift-kuryr-0:4.3.5-202003020117.git.0.237579a.el8.src",
            "8Base-RHOSE-4.3:openshift-kuryr-cni-0:4.3.5-202003020117.git.0.237579a.el8.noarch",
            "8Base-RHOSE-4.3:openshift-kuryr-common-0:4.3.5-202003020117.git.0.237579a.el8.noarch",
            "8Base-RHOSE-4.3:openshift-kuryr-controller-0:4.3.5-202003020117.git.0.237579a.el8.noarch",
            "8Base-RHOSE-4.3:python3-kuryr-kubernetes-0:4.3.5-202003020117.git.0.237579a.el8.noarch",
            "8Base-RHOSE-4.3:runc-0:1.0.0-65.rc10.rhaos4.3.el8.src",
            "8Base-RHOSE-4.3:runc-0:1.0.0-65.rc10.rhaos4.3.el8.x86_64",
            "8Base-RHOSE-4.3:runc-debuginfo-0:1.0.0-65.rc10.rhaos4.3.el8.x86_64",
            "8Base-RHOSE-4.3:runc-debugsource-0:1.0.0-65.rc10.rhaos4.3.el8.x86_64",
            "8Base-RHOSE-4.3:skopeo-1:0.1.40-4.rhaos.el8.src",
            "8Base-RHOSE-4.3:skopeo-1:0.1.40-4.rhaos.el8.x86_64",
            "8Base-RHOSE-4.3:skopeo-debuginfo-1:0.1.40-4.rhaos.el8.x86_64",
            "8Base-RHOSE-4.3:skopeo-debugsource-1:0.1.40-4.rhaos.el8.x86_64",
            "8Base-RHOSE-4.3:skopeo-tests-1:0.1.40-4.rhaos.el8.x86_64"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1797062"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "Jenkins 2.218 and earlier, LTS 2.204.1 and earlier exposed session identifiers on a user\u0027s detail object in the whoAmI diagnostic page.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "jenkins: Exposed session identifiers on user detail object in the whoAmI diagnostic page",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "7Server-RH7-RHOSE-4.3:jenkins-0:2.204.2.1583446818-1.el7.noarch",
          "7Server-RH7-RHOSE-4.3:jenkins-0:2.204.2.1583446818-1.el7.src"
        ],
        "known_not_affected": [
          "7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-1:4.3.5-202003020117.git.0.4eb885c.el7.src",
          "7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-1:4.3.5-202003020117.git.0.4eb885c.el7.x86_64",
          "7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-svcat-1:4.3.5-202003020117.git.0.4eb885c.el7.x86_64",
          "7Server-RH7-RHOSE-4.3:atomic-openshift-service-idler-0:4.3.5-202003020117.git.13.3ac2b0e.el7.src",
          "7Server-RH7-RHOSE-4.3:atomic-openshift-service-idler-0:4.3.5-202003020117.git.13.3ac2b0e.el7.x86_64",
          "7Server-RH7-RHOSE-4.3:cri-tools-0:1.17.0-1.el7.src",
          "7Server-RH7-RHOSE-4.3:cri-tools-0:1.17.0-1.el7.x86_64",
          "7Server-RH7-RHOSE-4.3:cri-tools-debuginfo-0:1.17.0-1.el7.x86_64",
          "7Server-RH7-RHOSE-4.3:jenkins-2-plugins-0:4.3.1583445947-1.el7.noarch",
          "7Server-RH7-RHOSE-4.3:jenkins-2-plugins-0:4.3.1583445947-1.el7.src",
          "7Server-RH7-RHOSE-4.3:openshift-0:4.3.5-202002280657.git.0.b3bfb5a.el7.src",
          "7Server-RH7-RHOSE-4.3:openshift-ansible-0:4.3.5-202002280657.git.1.e4f02b3.el7.noarch",
          "7Server-RH7-RHOSE-4.3:openshift-ansible-0:4.3.5-202002280657.git.1.e4f02b3.el7.src",
          "7Server-RH7-RHOSE-4.3:openshift-ansible-test-0:4.3.5-202002280657.git.1.e4f02b3.el7.noarch",
          "7Server-RH7-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el7.src",
          "7Server-RH7-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el7.x86_64",
          "7Server-RH7-RHOSE-4.3:openshift-clients-redistributable-0:4.3.5-202002280657.git.1.55a9334.el7.x86_64",
          "7Server-RH7-RHOSE-4.3:openshift-hyperkube-0:4.3.5-202002280657.git.0.b3bfb5a.el7.x86_64",
          "7Server-RH7-RHOSE-4.3:ovn2.12-0:2.12.0-32.el7fdn.src",
          "7Server-RH7-RHOSE-4.3:ovn2.12-0:2.12.0-32.el7fdn.x86_64",
          "7Server-RH7-RHOSE-4.3:ovn2.12-central-0:2.12.0-32.el7fdn.x86_64",
          "7Server-RH7-RHOSE-4.3:ovn2.12-debuginfo-0:2.12.0-32.el7fdn.x86_64",
          "7Server-RH7-RHOSE-4.3:ovn2.12-host-0:2.12.0-32.el7fdn.x86_64",
          "7Server-RH7-RHOSE-4.3:ovn2.12-vtep-0:2.12.0-32.el7fdn.x86_64",
          "8Base-RHOSE-4.3:buildah-0:1.11.6-4.el8.src",
          "8Base-RHOSE-4.3:buildah-0:1.11.6-4.el8.x86_64",
          "8Base-RHOSE-4.3:buildah-debuginfo-0:1.11.6-4.el8.x86_64",
          "8Base-RHOSE-4.3:buildah-debugsource-0:1.11.6-4.el8.x86_64",
          "8Base-RHOSE-4.3:buildah-tests-0:1.11.6-4.el8.x86_64",
          "8Base-RHOSE-4.3:buildah-tests-debuginfo-0:1.11.6-4.el8.x86_64",
          "8Base-RHOSE-4.3:containers-common-1:0.1.40-4.rhaos.el8.x86_64",
          "8Base-RHOSE-4.3:cri-o-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.src",
          "8Base-RHOSE-4.3:cri-o-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.x86_64",
          "8Base-RHOSE-4.3:cri-o-debuginfo-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.x86_64",
          "8Base-RHOSE-4.3:cri-o-debugsource-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.x86_64",
          "8Base-RHOSE-4.3:cri-tools-0:1.17.0-2.el8.src",
          "8Base-RHOSE-4.3:cri-tools-0:1.17.0-2.el8.x86_64",
          "8Base-RHOSE-4.3:cri-tools-debuginfo-0:1.17.0-2.el8.x86_64",
          "8Base-RHOSE-4.3:cri-tools-debugsource-0:1.17.0-2.el8.x86_64",
          "8Base-RHOSE-4.3:machine-config-daemon-0:4.3.5-202003020117.git.0.61e0e48.el8.src",
          "8Base-RHOSE-4.3:machine-config-daemon-0:4.3.5-202003020117.git.0.61e0e48.el8.x86_64",
          "8Base-RHOSE-4.3:openshift-0:4.3.5-202002280657.git.0.b3bfb5a.el8.src",
          "8Base-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el8.src",
          "8Base-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el8.x86_64",
          "8Base-RHOSE-4.3:openshift-clients-redistributable-0:4.3.5-202002280657.git.1.55a9334.el8.x86_64",
          "8Base-RHOSE-4.3:openshift-hyperkube-0:4.3.5-202002280657.git.0.b3bfb5a.el8.x86_64",
          "8Base-RHOSE-4.3:openshift-kuryr-0:4.3.5-202003020117.git.0.237579a.el8.src",
          "8Base-RHOSE-4.3:openshift-kuryr-cni-0:4.3.5-202003020117.git.0.237579a.el8.noarch",
          "8Base-RHOSE-4.3:openshift-kuryr-common-0:4.3.5-202003020117.git.0.237579a.el8.noarch",
          "8Base-RHOSE-4.3:openshift-kuryr-controller-0:4.3.5-202003020117.git.0.237579a.el8.noarch",
          "8Base-RHOSE-4.3:python3-kuryr-kubernetes-0:4.3.5-202003020117.git.0.237579a.el8.noarch",
          "8Base-RHOSE-4.3:runc-0:1.0.0-65.rc10.rhaos4.3.el8.src",
          "8Base-RHOSE-4.3:runc-0:1.0.0-65.rc10.rhaos4.3.el8.x86_64",
          "8Base-RHOSE-4.3:runc-debuginfo-0:1.0.0-65.rc10.rhaos4.3.el8.x86_64",
          "8Base-RHOSE-4.3:runc-debugsource-0:1.0.0-65.rc10.rhaos4.3.el8.x86_64",
          "8Base-RHOSE-4.3:skopeo-1:0.1.40-4.rhaos.el8.src",
          "8Base-RHOSE-4.3:skopeo-1:0.1.40-4.rhaos.el8.x86_64",
          "8Base-RHOSE-4.3:skopeo-debuginfo-1:0.1.40-4.rhaos.el8.x86_64",
          "8Base-RHOSE-4.3:skopeo-debugsource-1:0.1.40-4.rhaos.el8.x86_64",
          "8Base-RHOSE-4.3:skopeo-tests-1:0.1.40-4.rhaos.el8.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2020-2103"
        },
        {
          "category": "external",
          "summary": "RHBZ#1797062",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1797062"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2020-2103",
          "url": "https://www.cve.org/CVERecord?id=CVE-2020-2103"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-2103",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-2103"
        }
      ],
      "release_date": "2020-01-29T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2020-03-10T22:10:58+00:00",
          "details": "Before applying this update, ensure all previously released errata relevant\nto your system have been applied.\n\nFor OpenShift Container Platform 4.3 see the following documentation, which\nwill be updated shortly for release 4.3.5, for important instructions on\nhow to upgrade your cluster and fully apply this asynchronous errata\nupdate:\n\nhttps://docs.openshift.com/container-platform/4.3/release_notes/ocp-4-3-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.3/updating/updating-cluster-cli.html.",
          "product_ids": [
            "7Server-RH7-RHOSE-4.3:jenkins-0:2.204.2.1583446818-1.el7.noarch",
            "7Server-RH7-RHOSE-4.3:jenkins-0:2.204.2.1583446818-1.el7.src"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHBA-2020:0675"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 4.4,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "LOW",
            "scope": "CHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-1:4.3.5-202003020117.git.0.4eb885c.el7.src",
            "7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-1:4.3.5-202003020117.git.0.4eb885c.el7.x86_64",
            "7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-svcat-1:4.3.5-202003020117.git.0.4eb885c.el7.x86_64",
            "7Server-RH7-RHOSE-4.3:atomic-openshift-service-idler-0:4.3.5-202003020117.git.13.3ac2b0e.el7.src",
            "7Server-RH7-RHOSE-4.3:atomic-openshift-service-idler-0:4.3.5-202003020117.git.13.3ac2b0e.el7.x86_64",
            "7Server-RH7-RHOSE-4.3:cri-tools-0:1.17.0-1.el7.src",
            "7Server-RH7-RHOSE-4.3:cri-tools-0:1.17.0-1.el7.x86_64",
            "7Server-RH7-RHOSE-4.3:cri-tools-debuginfo-0:1.17.0-1.el7.x86_64",
            "7Server-RH7-RHOSE-4.3:jenkins-0:2.204.2.1583446818-1.el7.noarch",
            "7Server-RH7-RHOSE-4.3:jenkins-0:2.204.2.1583446818-1.el7.src",
            "7Server-RH7-RHOSE-4.3:jenkins-2-plugins-0:4.3.1583445947-1.el7.noarch",
            "7Server-RH7-RHOSE-4.3:jenkins-2-plugins-0:4.3.1583445947-1.el7.src",
            "7Server-RH7-RHOSE-4.3:openshift-0:4.3.5-202002280657.git.0.b3bfb5a.el7.src",
            "7Server-RH7-RHOSE-4.3:openshift-ansible-0:4.3.5-202002280657.git.1.e4f02b3.el7.noarch",
            "7Server-RH7-RHOSE-4.3:openshift-ansible-0:4.3.5-202002280657.git.1.e4f02b3.el7.src",
            "7Server-RH7-RHOSE-4.3:openshift-ansible-test-0:4.3.5-202002280657.git.1.e4f02b3.el7.noarch",
            "7Server-RH7-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el7.src",
            "7Server-RH7-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el7.x86_64",
            "7Server-RH7-RHOSE-4.3:openshift-clients-redistributable-0:4.3.5-202002280657.git.1.55a9334.el7.x86_64",
            "7Server-RH7-RHOSE-4.3:openshift-hyperkube-0:4.3.5-202002280657.git.0.b3bfb5a.el7.x86_64",
            "7Server-RH7-RHOSE-4.3:ovn2.12-0:2.12.0-32.el7fdn.src",
            "7Server-RH7-RHOSE-4.3:ovn2.12-0:2.12.0-32.el7fdn.x86_64",
            "7Server-RH7-RHOSE-4.3:ovn2.12-central-0:2.12.0-32.el7fdn.x86_64",
            "7Server-RH7-RHOSE-4.3:ovn2.12-debuginfo-0:2.12.0-32.el7fdn.x86_64",
            "7Server-RH7-RHOSE-4.3:ovn2.12-host-0:2.12.0-32.el7fdn.x86_64",
            "7Server-RH7-RHOSE-4.3:ovn2.12-vtep-0:2.12.0-32.el7fdn.x86_64",
            "8Base-RHOSE-4.3:buildah-0:1.11.6-4.el8.src",
            "8Base-RHOSE-4.3:buildah-0:1.11.6-4.el8.x86_64",
            "8Base-RHOSE-4.3:buildah-debuginfo-0:1.11.6-4.el8.x86_64",
            "8Base-RHOSE-4.3:buildah-debugsource-0:1.11.6-4.el8.x86_64",
            "8Base-RHOSE-4.3:buildah-tests-0:1.11.6-4.el8.x86_64",
            "8Base-RHOSE-4.3:buildah-tests-debuginfo-0:1.11.6-4.el8.x86_64",
            "8Base-RHOSE-4.3:containers-common-1:0.1.40-4.rhaos.el8.x86_64",
            "8Base-RHOSE-4.3:cri-o-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.src",
            "8Base-RHOSE-4.3:cri-o-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.x86_64",
            "8Base-RHOSE-4.3:cri-o-debuginfo-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.x86_64",
            "8Base-RHOSE-4.3:cri-o-debugsource-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.x86_64",
            "8Base-RHOSE-4.3:cri-tools-0:1.17.0-2.el8.src",
            "8Base-RHOSE-4.3:cri-tools-0:1.17.0-2.el8.x86_64",
            "8Base-RHOSE-4.3:cri-tools-debuginfo-0:1.17.0-2.el8.x86_64",
            "8Base-RHOSE-4.3:cri-tools-debugsource-0:1.17.0-2.el8.x86_64",
            "8Base-RHOSE-4.3:machine-config-daemon-0:4.3.5-202003020117.git.0.61e0e48.el8.src",
            "8Base-RHOSE-4.3:machine-config-daemon-0:4.3.5-202003020117.git.0.61e0e48.el8.x86_64",
            "8Base-RHOSE-4.3:openshift-0:4.3.5-202002280657.git.0.b3bfb5a.el8.src",
            "8Base-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el8.src",
            "8Base-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el8.x86_64",
            "8Base-RHOSE-4.3:openshift-clients-redistributable-0:4.3.5-202002280657.git.1.55a9334.el8.x86_64",
            "8Base-RHOSE-4.3:openshift-hyperkube-0:4.3.5-202002280657.git.0.b3bfb5a.el8.x86_64",
            "8Base-RHOSE-4.3:openshift-kuryr-0:4.3.5-202003020117.git.0.237579a.el8.src",
            "8Base-RHOSE-4.3:openshift-kuryr-cni-0:4.3.5-202003020117.git.0.237579a.el8.noarch",
            "8Base-RHOSE-4.3:openshift-kuryr-common-0:4.3.5-202003020117.git.0.237579a.el8.noarch",
            "8Base-RHOSE-4.3:openshift-kuryr-controller-0:4.3.5-202003020117.git.0.237579a.el8.noarch",
            "8Base-RHOSE-4.3:python3-kuryr-kubernetes-0:4.3.5-202003020117.git.0.237579a.el8.noarch",
            "8Base-RHOSE-4.3:runc-0:1.0.0-65.rc10.rhaos4.3.el8.src",
            "8Base-RHOSE-4.3:runc-0:1.0.0-65.rc10.rhaos4.3.el8.x86_64",
            "8Base-RHOSE-4.3:runc-debuginfo-0:1.0.0-65.rc10.rhaos4.3.el8.x86_64",
            "8Base-RHOSE-4.3:runc-debugsource-0:1.0.0-65.rc10.rhaos4.3.el8.x86_64",
            "8Base-RHOSE-4.3:skopeo-1:0.1.40-4.rhaos.el8.src",
            "8Base-RHOSE-4.3:skopeo-1:0.1.40-4.rhaos.el8.x86_64",
            "8Base-RHOSE-4.3:skopeo-debuginfo-1:0.1.40-4.rhaos.el8.x86_64",
            "8Base-RHOSE-4.3:skopeo-debugsource-1:0.1.40-4.rhaos.el8.x86_64",
            "8Base-RHOSE-4.3:skopeo-tests-1:0.1.40-4.rhaos.el8.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "jenkins: Exposed session identifiers on user detail object in the whoAmI diagnostic page"
    },
    {
      "cve": "CVE-2020-2104",
      "cwe": {
        "id": "CWE-200",
        "name": "Exposure of Sensitive Information to an Unauthorized Actor"
      },
      "discovery_date": "2020-01-29T00:00:00+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-1:4.3.5-202003020117.git.0.4eb885c.el7.src",
            "7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-1:4.3.5-202003020117.git.0.4eb885c.el7.x86_64",
            "7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-svcat-1:4.3.5-202003020117.git.0.4eb885c.el7.x86_64",
            "7Server-RH7-RHOSE-4.3:atomic-openshift-service-idler-0:4.3.5-202003020117.git.13.3ac2b0e.el7.src",
            "7Server-RH7-RHOSE-4.3:atomic-openshift-service-idler-0:4.3.5-202003020117.git.13.3ac2b0e.el7.x86_64",
            "7Server-RH7-RHOSE-4.3:cri-tools-0:1.17.0-1.el7.src",
            "7Server-RH7-RHOSE-4.3:cri-tools-0:1.17.0-1.el7.x86_64",
            "7Server-RH7-RHOSE-4.3:cri-tools-debuginfo-0:1.17.0-1.el7.x86_64",
            "7Server-RH7-RHOSE-4.3:jenkins-2-plugins-0:4.3.1583445947-1.el7.noarch",
            "7Server-RH7-RHOSE-4.3:jenkins-2-plugins-0:4.3.1583445947-1.el7.src",
            "7Server-RH7-RHOSE-4.3:openshift-0:4.3.5-202002280657.git.0.b3bfb5a.el7.src",
            "7Server-RH7-RHOSE-4.3:openshift-ansible-0:4.3.5-202002280657.git.1.e4f02b3.el7.noarch",
            "7Server-RH7-RHOSE-4.3:openshift-ansible-0:4.3.5-202002280657.git.1.e4f02b3.el7.src",
            "7Server-RH7-RHOSE-4.3:openshift-ansible-test-0:4.3.5-202002280657.git.1.e4f02b3.el7.noarch",
            "7Server-RH7-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el7.src",
            "7Server-RH7-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el7.x86_64",
            "7Server-RH7-RHOSE-4.3:openshift-clients-redistributable-0:4.3.5-202002280657.git.1.55a9334.el7.x86_64",
            "7Server-RH7-RHOSE-4.3:openshift-hyperkube-0:4.3.5-202002280657.git.0.b3bfb5a.el7.x86_64",
            "7Server-RH7-RHOSE-4.3:ovn2.12-0:2.12.0-32.el7fdn.src",
            "7Server-RH7-RHOSE-4.3:ovn2.12-0:2.12.0-32.el7fdn.x86_64",
            "7Server-RH7-RHOSE-4.3:ovn2.12-central-0:2.12.0-32.el7fdn.x86_64",
            "7Server-RH7-RHOSE-4.3:ovn2.12-debuginfo-0:2.12.0-32.el7fdn.x86_64",
            "7Server-RH7-RHOSE-4.3:ovn2.12-host-0:2.12.0-32.el7fdn.x86_64",
            "7Server-RH7-RHOSE-4.3:ovn2.12-vtep-0:2.12.0-32.el7fdn.x86_64",
            "8Base-RHOSE-4.3:buildah-0:1.11.6-4.el8.src",
            "8Base-RHOSE-4.3:buildah-0:1.11.6-4.el8.x86_64",
            "8Base-RHOSE-4.3:buildah-debuginfo-0:1.11.6-4.el8.x86_64",
            "8Base-RHOSE-4.3:buildah-debugsource-0:1.11.6-4.el8.x86_64",
            "8Base-RHOSE-4.3:buildah-tests-0:1.11.6-4.el8.x86_64",
            "8Base-RHOSE-4.3:buildah-tests-debuginfo-0:1.11.6-4.el8.x86_64",
            "8Base-RHOSE-4.3:containers-common-1:0.1.40-4.rhaos.el8.x86_64",
            "8Base-RHOSE-4.3:cri-o-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.src",
            "8Base-RHOSE-4.3:cri-o-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.x86_64",
            "8Base-RHOSE-4.3:cri-o-debuginfo-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.x86_64",
            "8Base-RHOSE-4.3:cri-o-debugsource-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.x86_64",
            "8Base-RHOSE-4.3:cri-tools-0:1.17.0-2.el8.src",
            "8Base-RHOSE-4.3:cri-tools-0:1.17.0-2.el8.x86_64",
            "8Base-RHOSE-4.3:cri-tools-debuginfo-0:1.17.0-2.el8.x86_64",
            "8Base-RHOSE-4.3:cri-tools-debugsource-0:1.17.0-2.el8.x86_64",
            "8Base-RHOSE-4.3:machine-config-daemon-0:4.3.5-202003020117.git.0.61e0e48.el8.src",
            "8Base-RHOSE-4.3:machine-config-daemon-0:4.3.5-202003020117.git.0.61e0e48.el8.x86_64",
            "8Base-RHOSE-4.3:openshift-0:4.3.5-202002280657.git.0.b3bfb5a.el8.src",
            "8Base-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el8.src",
            "8Base-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el8.x86_64",
            "8Base-RHOSE-4.3:openshift-clients-redistributable-0:4.3.5-202002280657.git.1.55a9334.el8.x86_64",
            "8Base-RHOSE-4.3:openshift-hyperkube-0:4.3.5-202002280657.git.0.b3bfb5a.el8.x86_64",
            "8Base-RHOSE-4.3:openshift-kuryr-0:4.3.5-202003020117.git.0.237579a.el8.src",
            "8Base-RHOSE-4.3:openshift-kuryr-cni-0:4.3.5-202003020117.git.0.237579a.el8.noarch",
            "8Base-RHOSE-4.3:openshift-kuryr-common-0:4.3.5-202003020117.git.0.237579a.el8.noarch",
            "8Base-RHOSE-4.3:openshift-kuryr-controller-0:4.3.5-202003020117.git.0.237579a.el8.noarch",
            "8Base-RHOSE-4.3:python3-kuryr-kubernetes-0:4.3.5-202003020117.git.0.237579a.el8.noarch",
            "8Base-RHOSE-4.3:runc-0:1.0.0-65.rc10.rhaos4.3.el8.src",
            "8Base-RHOSE-4.3:runc-0:1.0.0-65.rc10.rhaos4.3.el8.x86_64",
            "8Base-RHOSE-4.3:runc-debuginfo-0:1.0.0-65.rc10.rhaos4.3.el8.x86_64",
            "8Base-RHOSE-4.3:runc-debugsource-0:1.0.0-65.rc10.rhaos4.3.el8.x86_64",
            "8Base-RHOSE-4.3:skopeo-1:0.1.40-4.rhaos.el8.src",
            "8Base-RHOSE-4.3:skopeo-1:0.1.40-4.rhaos.el8.x86_64",
            "8Base-RHOSE-4.3:skopeo-debuginfo-1:0.1.40-4.rhaos.el8.x86_64",
            "8Base-RHOSE-4.3:skopeo-debugsource-1:0.1.40-4.rhaos.el8.x86_64",
            "8Base-RHOSE-4.3:skopeo-tests-1:0.1.40-4.rhaos.el8.x86_64"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1797065"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "Jenkins 2.218 and earlier, LTS 2.204.1 and earlier allowed users with Overall/Read access to view a JVM memory usage chart.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "jenkins: Memory usage graphs accessible to anyone with Overall/Read",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "7Server-RH7-RHOSE-4.3:jenkins-0:2.204.2.1583446818-1.el7.noarch",
          "7Server-RH7-RHOSE-4.3:jenkins-0:2.204.2.1583446818-1.el7.src"
        ],
        "known_not_affected": [
          "7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-1:4.3.5-202003020117.git.0.4eb885c.el7.src",
          "7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-1:4.3.5-202003020117.git.0.4eb885c.el7.x86_64",
          "7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-svcat-1:4.3.5-202003020117.git.0.4eb885c.el7.x86_64",
          "7Server-RH7-RHOSE-4.3:atomic-openshift-service-idler-0:4.3.5-202003020117.git.13.3ac2b0e.el7.src",
          "7Server-RH7-RHOSE-4.3:atomic-openshift-service-idler-0:4.3.5-202003020117.git.13.3ac2b0e.el7.x86_64",
          "7Server-RH7-RHOSE-4.3:cri-tools-0:1.17.0-1.el7.src",
          "7Server-RH7-RHOSE-4.3:cri-tools-0:1.17.0-1.el7.x86_64",
          "7Server-RH7-RHOSE-4.3:cri-tools-debuginfo-0:1.17.0-1.el7.x86_64",
          "7Server-RH7-RHOSE-4.3:jenkins-2-plugins-0:4.3.1583445947-1.el7.noarch",
          "7Server-RH7-RHOSE-4.3:jenkins-2-plugins-0:4.3.1583445947-1.el7.src",
          "7Server-RH7-RHOSE-4.3:openshift-0:4.3.5-202002280657.git.0.b3bfb5a.el7.src",
          "7Server-RH7-RHOSE-4.3:openshift-ansible-0:4.3.5-202002280657.git.1.e4f02b3.el7.noarch",
          "7Server-RH7-RHOSE-4.3:openshift-ansible-0:4.3.5-202002280657.git.1.e4f02b3.el7.src",
          "7Server-RH7-RHOSE-4.3:openshift-ansible-test-0:4.3.5-202002280657.git.1.e4f02b3.el7.noarch",
          "7Server-RH7-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el7.src",
          "7Server-RH7-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el7.x86_64",
          "7Server-RH7-RHOSE-4.3:openshift-clients-redistributable-0:4.3.5-202002280657.git.1.55a9334.el7.x86_64",
          "7Server-RH7-RHOSE-4.3:openshift-hyperkube-0:4.3.5-202002280657.git.0.b3bfb5a.el7.x86_64",
          "7Server-RH7-RHOSE-4.3:ovn2.12-0:2.12.0-32.el7fdn.src",
          "7Server-RH7-RHOSE-4.3:ovn2.12-0:2.12.0-32.el7fdn.x86_64",
          "7Server-RH7-RHOSE-4.3:ovn2.12-central-0:2.12.0-32.el7fdn.x86_64",
          "7Server-RH7-RHOSE-4.3:ovn2.12-debuginfo-0:2.12.0-32.el7fdn.x86_64",
          "7Server-RH7-RHOSE-4.3:ovn2.12-host-0:2.12.0-32.el7fdn.x86_64",
          "7Server-RH7-RHOSE-4.3:ovn2.12-vtep-0:2.12.0-32.el7fdn.x86_64",
          "8Base-RHOSE-4.3:buildah-0:1.11.6-4.el8.src",
          "8Base-RHOSE-4.3:buildah-0:1.11.6-4.el8.x86_64",
          "8Base-RHOSE-4.3:buildah-debuginfo-0:1.11.6-4.el8.x86_64",
          "8Base-RHOSE-4.3:buildah-debugsource-0:1.11.6-4.el8.x86_64",
          "8Base-RHOSE-4.3:buildah-tests-0:1.11.6-4.el8.x86_64",
          "8Base-RHOSE-4.3:buildah-tests-debuginfo-0:1.11.6-4.el8.x86_64",
          "8Base-RHOSE-4.3:containers-common-1:0.1.40-4.rhaos.el8.x86_64",
          "8Base-RHOSE-4.3:cri-o-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.src",
          "8Base-RHOSE-4.3:cri-o-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.x86_64",
          "8Base-RHOSE-4.3:cri-o-debuginfo-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.x86_64",
          "8Base-RHOSE-4.3:cri-o-debugsource-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.x86_64",
          "8Base-RHOSE-4.3:cri-tools-0:1.17.0-2.el8.src",
          "8Base-RHOSE-4.3:cri-tools-0:1.17.0-2.el8.x86_64",
          "8Base-RHOSE-4.3:cri-tools-debuginfo-0:1.17.0-2.el8.x86_64",
          "8Base-RHOSE-4.3:cri-tools-debugsource-0:1.17.0-2.el8.x86_64",
          "8Base-RHOSE-4.3:machine-config-daemon-0:4.3.5-202003020117.git.0.61e0e48.el8.src",
          "8Base-RHOSE-4.3:machine-config-daemon-0:4.3.5-202003020117.git.0.61e0e48.el8.x86_64",
          "8Base-RHOSE-4.3:openshift-0:4.3.5-202002280657.git.0.b3bfb5a.el8.src",
          "8Base-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el8.src",
          "8Base-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el8.x86_64",
          "8Base-RHOSE-4.3:openshift-clients-redistributable-0:4.3.5-202002280657.git.1.55a9334.el8.x86_64",
          "8Base-RHOSE-4.3:openshift-hyperkube-0:4.3.5-202002280657.git.0.b3bfb5a.el8.x86_64",
          "8Base-RHOSE-4.3:openshift-kuryr-0:4.3.5-202003020117.git.0.237579a.el8.src",
          "8Base-RHOSE-4.3:openshift-kuryr-cni-0:4.3.5-202003020117.git.0.237579a.el8.noarch",
          "8Base-RHOSE-4.3:openshift-kuryr-common-0:4.3.5-202003020117.git.0.237579a.el8.noarch",
          "8Base-RHOSE-4.3:openshift-kuryr-controller-0:4.3.5-202003020117.git.0.237579a.el8.noarch",
          "8Base-RHOSE-4.3:python3-kuryr-kubernetes-0:4.3.5-202003020117.git.0.237579a.el8.noarch",
          "8Base-RHOSE-4.3:runc-0:1.0.0-65.rc10.rhaos4.3.el8.src",
          "8Base-RHOSE-4.3:runc-0:1.0.0-65.rc10.rhaos4.3.el8.x86_64",
          "8Base-RHOSE-4.3:runc-debuginfo-0:1.0.0-65.rc10.rhaos4.3.el8.x86_64",
          "8Base-RHOSE-4.3:runc-debugsource-0:1.0.0-65.rc10.rhaos4.3.el8.x86_64",
          "8Base-RHOSE-4.3:skopeo-1:0.1.40-4.rhaos.el8.src",
          "8Base-RHOSE-4.3:skopeo-1:0.1.40-4.rhaos.el8.x86_64",
          "8Base-RHOSE-4.3:skopeo-debuginfo-1:0.1.40-4.rhaos.el8.x86_64",
          "8Base-RHOSE-4.3:skopeo-debugsource-1:0.1.40-4.rhaos.el8.x86_64",
          "8Base-RHOSE-4.3:skopeo-tests-1:0.1.40-4.rhaos.el8.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2020-2104"
        },
        {
          "category": "external",
          "summary": "RHBZ#1797065",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1797065"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2020-2104",
          "url": "https://www.cve.org/CVERecord?id=CVE-2020-2104"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-2104",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-2104"
        }
      ],
      "release_date": "2020-01-29T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2020-03-10T22:10:58+00:00",
          "details": "Before applying this update, ensure all previously released errata relevant\nto your system have been applied.\n\nFor OpenShift Container Platform 4.3 see the following documentation, which\nwill be updated shortly for release 4.3.5, for important instructions on\nhow to upgrade your cluster and fully apply this asynchronous errata\nupdate:\n\nhttps://docs.openshift.com/container-platform/4.3/release_notes/ocp-4-3-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.3/updating/updating-cluster-cli.html.",
          "product_ids": [
            "7Server-RH7-RHOSE-4.3:jenkins-0:2.204.2.1583446818-1.el7.noarch",
            "7Server-RH7-RHOSE-4.3:jenkins-0:2.204.2.1583446818-1.el7.src"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHBA-2020:0675"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 4.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-1:4.3.5-202003020117.git.0.4eb885c.el7.src",
            "7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-1:4.3.5-202003020117.git.0.4eb885c.el7.x86_64",
            "7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-svcat-1:4.3.5-202003020117.git.0.4eb885c.el7.x86_64",
            "7Server-RH7-RHOSE-4.3:atomic-openshift-service-idler-0:4.3.5-202003020117.git.13.3ac2b0e.el7.src",
            "7Server-RH7-RHOSE-4.3:atomic-openshift-service-idler-0:4.3.5-202003020117.git.13.3ac2b0e.el7.x86_64",
            "7Server-RH7-RHOSE-4.3:cri-tools-0:1.17.0-1.el7.src",
            "7Server-RH7-RHOSE-4.3:cri-tools-0:1.17.0-1.el7.x86_64",
            "7Server-RH7-RHOSE-4.3:cri-tools-debuginfo-0:1.17.0-1.el7.x86_64",
            "7Server-RH7-RHOSE-4.3:jenkins-0:2.204.2.1583446818-1.el7.noarch",
            "7Server-RH7-RHOSE-4.3:jenkins-0:2.204.2.1583446818-1.el7.src",
            "7Server-RH7-RHOSE-4.3:jenkins-2-plugins-0:4.3.1583445947-1.el7.noarch",
            "7Server-RH7-RHOSE-4.3:jenkins-2-plugins-0:4.3.1583445947-1.el7.src",
            "7Server-RH7-RHOSE-4.3:openshift-0:4.3.5-202002280657.git.0.b3bfb5a.el7.src",
            "7Server-RH7-RHOSE-4.3:openshift-ansible-0:4.3.5-202002280657.git.1.e4f02b3.el7.noarch",
            "7Server-RH7-RHOSE-4.3:openshift-ansible-0:4.3.5-202002280657.git.1.e4f02b3.el7.src",
            "7Server-RH7-RHOSE-4.3:openshift-ansible-test-0:4.3.5-202002280657.git.1.e4f02b3.el7.noarch",
            "7Server-RH7-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el7.src",
            "7Server-RH7-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el7.x86_64",
            "7Server-RH7-RHOSE-4.3:openshift-clients-redistributable-0:4.3.5-202002280657.git.1.55a9334.el7.x86_64",
            "7Server-RH7-RHOSE-4.3:openshift-hyperkube-0:4.3.5-202002280657.git.0.b3bfb5a.el7.x86_64",
            "7Server-RH7-RHOSE-4.3:ovn2.12-0:2.12.0-32.el7fdn.src",
            "7Server-RH7-RHOSE-4.3:ovn2.12-0:2.12.0-32.el7fdn.x86_64",
            "7Server-RH7-RHOSE-4.3:ovn2.12-central-0:2.12.0-32.el7fdn.x86_64",
            "7Server-RH7-RHOSE-4.3:ovn2.12-debuginfo-0:2.12.0-32.el7fdn.x86_64",
            "7Server-RH7-RHOSE-4.3:ovn2.12-host-0:2.12.0-32.el7fdn.x86_64",
            "7Server-RH7-RHOSE-4.3:ovn2.12-vtep-0:2.12.0-32.el7fdn.x86_64",
            "8Base-RHOSE-4.3:buildah-0:1.11.6-4.el8.src",
            "8Base-RHOSE-4.3:buildah-0:1.11.6-4.el8.x86_64",
            "8Base-RHOSE-4.3:buildah-debuginfo-0:1.11.6-4.el8.x86_64",
            "8Base-RHOSE-4.3:buildah-debugsource-0:1.11.6-4.el8.x86_64",
            "8Base-RHOSE-4.3:buildah-tests-0:1.11.6-4.el8.x86_64",
            "8Base-RHOSE-4.3:buildah-tests-debuginfo-0:1.11.6-4.el8.x86_64",
            "8Base-RHOSE-4.3:containers-common-1:0.1.40-4.rhaos.el8.x86_64",
            "8Base-RHOSE-4.3:cri-o-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.src",
            "8Base-RHOSE-4.3:cri-o-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.x86_64",
            "8Base-RHOSE-4.3:cri-o-debuginfo-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.x86_64",
            "8Base-RHOSE-4.3:cri-o-debugsource-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.x86_64",
            "8Base-RHOSE-4.3:cri-tools-0:1.17.0-2.el8.src",
            "8Base-RHOSE-4.3:cri-tools-0:1.17.0-2.el8.x86_64",
            "8Base-RHOSE-4.3:cri-tools-debuginfo-0:1.17.0-2.el8.x86_64",
            "8Base-RHOSE-4.3:cri-tools-debugsource-0:1.17.0-2.el8.x86_64",
            "8Base-RHOSE-4.3:machine-config-daemon-0:4.3.5-202003020117.git.0.61e0e48.el8.src",
            "8Base-RHOSE-4.3:machine-config-daemon-0:4.3.5-202003020117.git.0.61e0e48.el8.x86_64",
            "8Base-RHOSE-4.3:openshift-0:4.3.5-202002280657.git.0.b3bfb5a.el8.src",
            "8Base-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el8.src",
            "8Base-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el8.x86_64",
            "8Base-RHOSE-4.3:openshift-clients-redistributable-0:4.3.5-202002280657.git.1.55a9334.el8.x86_64",
            "8Base-RHOSE-4.3:openshift-hyperkube-0:4.3.5-202002280657.git.0.b3bfb5a.el8.x86_64",
            "8Base-RHOSE-4.3:openshift-kuryr-0:4.3.5-202003020117.git.0.237579a.el8.src",
            "8Base-RHOSE-4.3:openshift-kuryr-cni-0:4.3.5-202003020117.git.0.237579a.el8.noarch",
            "8Base-RHOSE-4.3:openshift-kuryr-common-0:4.3.5-202003020117.git.0.237579a.el8.noarch",
            "8Base-RHOSE-4.3:openshift-kuryr-controller-0:4.3.5-202003020117.git.0.237579a.el8.noarch",
            "8Base-RHOSE-4.3:python3-kuryr-kubernetes-0:4.3.5-202003020117.git.0.237579a.el8.noarch",
            "8Base-RHOSE-4.3:runc-0:1.0.0-65.rc10.rhaos4.3.el8.src",
            "8Base-RHOSE-4.3:runc-0:1.0.0-65.rc10.rhaos4.3.el8.x86_64",
            "8Base-RHOSE-4.3:runc-debuginfo-0:1.0.0-65.rc10.rhaos4.3.el8.x86_64",
            "8Base-RHOSE-4.3:runc-debugsource-0:1.0.0-65.rc10.rhaos4.3.el8.x86_64",
            "8Base-RHOSE-4.3:skopeo-1:0.1.40-4.rhaos.el8.src",
            "8Base-RHOSE-4.3:skopeo-1:0.1.40-4.rhaos.el8.x86_64",
            "8Base-RHOSE-4.3:skopeo-debuginfo-1:0.1.40-4.rhaos.el8.x86_64",
            "8Base-RHOSE-4.3:skopeo-debugsource-1:0.1.40-4.rhaos.el8.x86_64",
            "8Base-RHOSE-4.3:skopeo-tests-1:0.1.40-4.rhaos.el8.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Low"
        }
      ],
      "title": "jenkins: Memory usage graphs accessible to anyone with Overall/Read"
    },
    {
      "cve": "CVE-2020-2105",
      "cwe": {
        "id": "CWE-1021",
        "name": "Improper Restriction of Rendered UI Layers or Frames"
      },
      "discovery_date": "2020-01-29T00:00:00+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-1:4.3.5-202003020117.git.0.4eb885c.el7.src",
            "7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-1:4.3.5-202003020117.git.0.4eb885c.el7.x86_64",
            "7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-svcat-1:4.3.5-202003020117.git.0.4eb885c.el7.x86_64",
            "7Server-RH7-RHOSE-4.3:atomic-openshift-service-idler-0:4.3.5-202003020117.git.13.3ac2b0e.el7.src",
            "7Server-RH7-RHOSE-4.3:atomic-openshift-service-idler-0:4.3.5-202003020117.git.13.3ac2b0e.el7.x86_64",
            "7Server-RH7-RHOSE-4.3:cri-tools-0:1.17.0-1.el7.src",
            "7Server-RH7-RHOSE-4.3:cri-tools-0:1.17.0-1.el7.x86_64",
            "7Server-RH7-RHOSE-4.3:cri-tools-debuginfo-0:1.17.0-1.el7.x86_64",
            "7Server-RH7-RHOSE-4.3:jenkins-2-plugins-0:4.3.1583445947-1.el7.noarch",
            "7Server-RH7-RHOSE-4.3:jenkins-2-plugins-0:4.3.1583445947-1.el7.src",
            "7Server-RH7-RHOSE-4.3:openshift-0:4.3.5-202002280657.git.0.b3bfb5a.el7.src",
            "7Server-RH7-RHOSE-4.3:openshift-ansible-0:4.3.5-202002280657.git.1.e4f02b3.el7.noarch",
            "7Server-RH7-RHOSE-4.3:openshift-ansible-0:4.3.5-202002280657.git.1.e4f02b3.el7.src",
            "7Server-RH7-RHOSE-4.3:openshift-ansible-test-0:4.3.5-202002280657.git.1.e4f02b3.el7.noarch",
            "7Server-RH7-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el7.src",
            "7Server-RH7-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el7.x86_64",
            "7Server-RH7-RHOSE-4.3:openshift-clients-redistributable-0:4.3.5-202002280657.git.1.55a9334.el7.x86_64",
            "7Server-RH7-RHOSE-4.3:openshift-hyperkube-0:4.3.5-202002280657.git.0.b3bfb5a.el7.x86_64",
            "7Server-RH7-RHOSE-4.3:ovn2.12-0:2.12.0-32.el7fdn.src",
            "7Server-RH7-RHOSE-4.3:ovn2.12-0:2.12.0-32.el7fdn.x86_64",
            "7Server-RH7-RHOSE-4.3:ovn2.12-central-0:2.12.0-32.el7fdn.x86_64",
            "7Server-RH7-RHOSE-4.3:ovn2.12-debuginfo-0:2.12.0-32.el7fdn.x86_64",
            "7Server-RH7-RHOSE-4.3:ovn2.12-host-0:2.12.0-32.el7fdn.x86_64",
            "7Server-RH7-RHOSE-4.3:ovn2.12-vtep-0:2.12.0-32.el7fdn.x86_64",
            "8Base-RHOSE-4.3:buildah-0:1.11.6-4.el8.src",
            "8Base-RHOSE-4.3:buildah-0:1.11.6-4.el8.x86_64",
            "8Base-RHOSE-4.3:buildah-debuginfo-0:1.11.6-4.el8.x86_64",
            "8Base-RHOSE-4.3:buildah-debugsource-0:1.11.6-4.el8.x86_64",
            "8Base-RHOSE-4.3:buildah-tests-0:1.11.6-4.el8.x86_64",
            "8Base-RHOSE-4.3:buildah-tests-debuginfo-0:1.11.6-4.el8.x86_64",
            "8Base-RHOSE-4.3:containers-common-1:0.1.40-4.rhaos.el8.x86_64",
            "8Base-RHOSE-4.3:cri-o-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.src",
            "8Base-RHOSE-4.3:cri-o-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.x86_64",
            "8Base-RHOSE-4.3:cri-o-debuginfo-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.x86_64",
            "8Base-RHOSE-4.3:cri-o-debugsource-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.x86_64",
            "8Base-RHOSE-4.3:cri-tools-0:1.17.0-2.el8.src",
            "8Base-RHOSE-4.3:cri-tools-0:1.17.0-2.el8.x86_64",
            "8Base-RHOSE-4.3:cri-tools-debuginfo-0:1.17.0-2.el8.x86_64",
            "8Base-RHOSE-4.3:cri-tools-debugsource-0:1.17.0-2.el8.x86_64",
            "8Base-RHOSE-4.3:machine-config-daemon-0:4.3.5-202003020117.git.0.61e0e48.el8.src",
            "8Base-RHOSE-4.3:machine-config-daemon-0:4.3.5-202003020117.git.0.61e0e48.el8.x86_64",
            "8Base-RHOSE-4.3:openshift-0:4.3.5-202002280657.git.0.b3bfb5a.el8.src",
            "8Base-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el8.src",
            "8Base-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el8.x86_64",
            "8Base-RHOSE-4.3:openshift-clients-redistributable-0:4.3.5-202002280657.git.1.55a9334.el8.x86_64",
            "8Base-RHOSE-4.3:openshift-hyperkube-0:4.3.5-202002280657.git.0.b3bfb5a.el8.x86_64",
            "8Base-RHOSE-4.3:openshift-kuryr-0:4.3.5-202003020117.git.0.237579a.el8.src",
            "8Base-RHOSE-4.3:openshift-kuryr-cni-0:4.3.5-202003020117.git.0.237579a.el8.noarch",
            "8Base-RHOSE-4.3:openshift-kuryr-common-0:4.3.5-202003020117.git.0.237579a.el8.noarch",
            "8Base-RHOSE-4.3:openshift-kuryr-controller-0:4.3.5-202003020117.git.0.237579a.el8.noarch",
            "8Base-RHOSE-4.3:python3-kuryr-kubernetes-0:4.3.5-202003020117.git.0.237579a.el8.noarch",
            "8Base-RHOSE-4.3:runc-0:1.0.0-65.rc10.rhaos4.3.el8.src",
            "8Base-RHOSE-4.3:runc-0:1.0.0-65.rc10.rhaos4.3.el8.x86_64",
            "8Base-RHOSE-4.3:runc-debuginfo-0:1.0.0-65.rc10.rhaos4.3.el8.x86_64",
            "8Base-RHOSE-4.3:runc-debugsource-0:1.0.0-65.rc10.rhaos4.3.el8.x86_64",
            "8Base-RHOSE-4.3:skopeo-1:0.1.40-4.rhaos.el8.src",
            "8Base-RHOSE-4.3:skopeo-1:0.1.40-4.rhaos.el8.x86_64",
            "8Base-RHOSE-4.3:skopeo-debuginfo-1:0.1.40-4.rhaos.el8.x86_64",
            "8Base-RHOSE-4.3:skopeo-debugsource-1:0.1.40-4.rhaos.el8.x86_64",
            "8Base-RHOSE-4.3:skopeo-tests-1:0.1.40-4.rhaos.el8.x86_64"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1797068"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "REST API endpoints in Jenkins 2.218 and earlier, LTS 2.204.1 and earlier were vulnerable to clickjacking attacks.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "jenkins: REST APIs vulnerable to clickjacking",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "7Server-RH7-RHOSE-4.3:jenkins-0:2.204.2.1583446818-1.el7.noarch",
          "7Server-RH7-RHOSE-4.3:jenkins-0:2.204.2.1583446818-1.el7.src"
        ],
        "known_not_affected": [
          "7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-1:4.3.5-202003020117.git.0.4eb885c.el7.src",
          "7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-1:4.3.5-202003020117.git.0.4eb885c.el7.x86_64",
          "7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-svcat-1:4.3.5-202003020117.git.0.4eb885c.el7.x86_64",
          "7Server-RH7-RHOSE-4.3:atomic-openshift-service-idler-0:4.3.5-202003020117.git.13.3ac2b0e.el7.src",
          "7Server-RH7-RHOSE-4.3:atomic-openshift-service-idler-0:4.3.5-202003020117.git.13.3ac2b0e.el7.x86_64",
          "7Server-RH7-RHOSE-4.3:cri-tools-0:1.17.0-1.el7.src",
          "7Server-RH7-RHOSE-4.3:cri-tools-0:1.17.0-1.el7.x86_64",
          "7Server-RH7-RHOSE-4.3:cri-tools-debuginfo-0:1.17.0-1.el7.x86_64",
          "7Server-RH7-RHOSE-4.3:jenkins-2-plugins-0:4.3.1583445947-1.el7.noarch",
          "7Server-RH7-RHOSE-4.3:jenkins-2-plugins-0:4.3.1583445947-1.el7.src",
          "7Server-RH7-RHOSE-4.3:openshift-0:4.3.5-202002280657.git.0.b3bfb5a.el7.src",
          "7Server-RH7-RHOSE-4.3:openshift-ansible-0:4.3.5-202002280657.git.1.e4f02b3.el7.noarch",
          "7Server-RH7-RHOSE-4.3:openshift-ansible-0:4.3.5-202002280657.git.1.e4f02b3.el7.src",
          "7Server-RH7-RHOSE-4.3:openshift-ansible-test-0:4.3.5-202002280657.git.1.e4f02b3.el7.noarch",
          "7Server-RH7-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el7.src",
          "7Server-RH7-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el7.x86_64",
          "7Server-RH7-RHOSE-4.3:openshift-clients-redistributable-0:4.3.5-202002280657.git.1.55a9334.el7.x86_64",
          "7Server-RH7-RHOSE-4.3:openshift-hyperkube-0:4.3.5-202002280657.git.0.b3bfb5a.el7.x86_64",
          "7Server-RH7-RHOSE-4.3:ovn2.12-0:2.12.0-32.el7fdn.src",
          "7Server-RH7-RHOSE-4.3:ovn2.12-0:2.12.0-32.el7fdn.x86_64",
          "7Server-RH7-RHOSE-4.3:ovn2.12-central-0:2.12.0-32.el7fdn.x86_64",
          "7Server-RH7-RHOSE-4.3:ovn2.12-debuginfo-0:2.12.0-32.el7fdn.x86_64",
          "7Server-RH7-RHOSE-4.3:ovn2.12-host-0:2.12.0-32.el7fdn.x86_64",
          "7Server-RH7-RHOSE-4.3:ovn2.12-vtep-0:2.12.0-32.el7fdn.x86_64",
          "8Base-RHOSE-4.3:buildah-0:1.11.6-4.el8.src",
          "8Base-RHOSE-4.3:buildah-0:1.11.6-4.el8.x86_64",
          "8Base-RHOSE-4.3:buildah-debuginfo-0:1.11.6-4.el8.x86_64",
          "8Base-RHOSE-4.3:buildah-debugsource-0:1.11.6-4.el8.x86_64",
          "8Base-RHOSE-4.3:buildah-tests-0:1.11.6-4.el8.x86_64",
          "8Base-RHOSE-4.3:buildah-tests-debuginfo-0:1.11.6-4.el8.x86_64",
          "8Base-RHOSE-4.3:containers-common-1:0.1.40-4.rhaos.el8.x86_64",
          "8Base-RHOSE-4.3:cri-o-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.src",
          "8Base-RHOSE-4.3:cri-o-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.x86_64",
          "8Base-RHOSE-4.3:cri-o-debuginfo-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.x86_64",
          "8Base-RHOSE-4.3:cri-o-debugsource-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.x86_64",
          "8Base-RHOSE-4.3:cri-tools-0:1.17.0-2.el8.src",
          "8Base-RHOSE-4.3:cri-tools-0:1.17.0-2.el8.x86_64",
          "8Base-RHOSE-4.3:cri-tools-debuginfo-0:1.17.0-2.el8.x86_64",
          "8Base-RHOSE-4.3:cri-tools-debugsource-0:1.17.0-2.el8.x86_64",
          "8Base-RHOSE-4.3:machine-config-daemon-0:4.3.5-202003020117.git.0.61e0e48.el8.src",
          "8Base-RHOSE-4.3:machine-config-daemon-0:4.3.5-202003020117.git.0.61e0e48.el8.x86_64",
          "8Base-RHOSE-4.3:openshift-0:4.3.5-202002280657.git.0.b3bfb5a.el8.src",
          "8Base-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el8.src",
          "8Base-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el8.x86_64",
          "8Base-RHOSE-4.3:openshift-clients-redistributable-0:4.3.5-202002280657.git.1.55a9334.el8.x86_64",
          "8Base-RHOSE-4.3:openshift-hyperkube-0:4.3.5-202002280657.git.0.b3bfb5a.el8.x86_64",
          "8Base-RHOSE-4.3:openshift-kuryr-0:4.3.5-202003020117.git.0.237579a.el8.src",
          "8Base-RHOSE-4.3:openshift-kuryr-cni-0:4.3.5-202003020117.git.0.237579a.el8.noarch",
          "8Base-RHOSE-4.3:openshift-kuryr-common-0:4.3.5-202003020117.git.0.237579a.el8.noarch",
          "8Base-RHOSE-4.3:openshift-kuryr-controller-0:4.3.5-202003020117.git.0.237579a.el8.noarch",
          "8Base-RHOSE-4.3:python3-kuryr-kubernetes-0:4.3.5-202003020117.git.0.237579a.el8.noarch",
          "8Base-RHOSE-4.3:runc-0:1.0.0-65.rc10.rhaos4.3.el8.src",
          "8Base-RHOSE-4.3:runc-0:1.0.0-65.rc10.rhaos4.3.el8.x86_64",
          "8Base-RHOSE-4.3:runc-debuginfo-0:1.0.0-65.rc10.rhaos4.3.el8.x86_64",
          "8Base-RHOSE-4.3:runc-debugsource-0:1.0.0-65.rc10.rhaos4.3.el8.x86_64",
          "8Base-RHOSE-4.3:skopeo-1:0.1.40-4.rhaos.el8.src",
          "8Base-RHOSE-4.3:skopeo-1:0.1.40-4.rhaos.el8.x86_64",
          "8Base-RHOSE-4.3:skopeo-debuginfo-1:0.1.40-4.rhaos.el8.x86_64",
          "8Base-RHOSE-4.3:skopeo-debugsource-1:0.1.40-4.rhaos.el8.x86_64",
          "8Base-RHOSE-4.3:skopeo-tests-1:0.1.40-4.rhaos.el8.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2020-2105"
        },
        {
          "category": "external",
          "summary": "RHBZ#1797068",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1797068"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2020-2105",
          "url": "https://www.cve.org/CVERecord?id=CVE-2020-2105"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-2105",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-2105"
        }
      ],
      "release_date": "2020-01-29T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2020-03-10T22:10:58+00:00",
          "details": "Before applying this update, ensure all previously released errata relevant\nto your system have been applied.\n\nFor OpenShift Container Platform 4.3 see the following documentation, which\nwill be updated shortly for release 4.3.5, for important instructions on\nhow to upgrade your cluster and fully apply this asynchronous errata\nupdate:\n\nhttps://docs.openshift.com/container-platform/4.3/release_notes/ocp-4-3-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.3/updating/updating-cluster-cli.html.",
          "product_ids": [
            "7Server-RH7-RHOSE-4.3:jenkins-0:2.204.2.1583446818-1.el7.noarch",
            "7Server-RH7-RHOSE-4.3:jenkins-0:2.204.2.1583446818-1.el7.src"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHBA-2020:0675"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 3.1,
            "baseSeverity": "LOW",
            "confidentialityImpact": "LOW",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-1:4.3.5-202003020117.git.0.4eb885c.el7.src",
            "7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-1:4.3.5-202003020117.git.0.4eb885c.el7.x86_64",
            "7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-svcat-1:4.3.5-202003020117.git.0.4eb885c.el7.x86_64",
            "7Server-RH7-RHOSE-4.3:atomic-openshift-service-idler-0:4.3.5-202003020117.git.13.3ac2b0e.el7.src",
            "7Server-RH7-RHOSE-4.3:atomic-openshift-service-idler-0:4.3.5-202003020117.git.13.3ac2b0e.el7.x86_64",
            "7Server-RH7-RHOSE-4.3:cri-tools-0:1.17.0-1.el7.src",
            "7Server-RH7-RHOSE-4.3:cri-tools-0:1.17.0-1.el7.x86_64",
            "7Server-RH7-RHOSE-4.3:cri-tools-debuginfo-0:1.17.0-1.el7.x86_64",
            "7Server-RH7-RHOSE-4.3:jenkins-0:2.204.2.1583446818-1.el7.noarch",
            "7Server-RH7-RHOSE-4.3:jenkins-0:2.204.2.1583446818-1.el7.src",
            "7Server-RH7-RHOSE-4.3:jenkins-2-plugins-0:4.3.1583445947-1.el7.noarch",
            "7Server-RH7-RHOSE-4.3:jenkins-2-plugins-0:4.3.1583445947-1.el7.src",
            "7Server-RH7-RHOSE-4.3:openshift-0:4.3.5-202002280657.git.0.b3bfb5a.el7.src",
            "7Server-RH7-RHOSE-4.3:openshift-ansible-0:4.3.5-202002280657.git.1.e4f02b3.el7.noarch",
            "7Server-RH7-RHOSE-4.3:openshift-ansible-0:4.3.5-202002280657.git.1.e4f02b3.el7.src",
            "7Server-RH7-RHOSE-4.3:openshift-ansible-test-0:4.3.5-202002280657.git.1.e4f02b3.el7.noarch",
            "7Server-RH7-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el7.src",
            "7Server-RH7-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el7.x86_64",
            "7Server-RH7-RHOSE-4.3:openshift-clients-redistributable-0:4.3.5-202002280657.git.1.55a9334.el7.x86_64",
            "7Server-RH7-RHOSE-4.3:openshift-hyperkube-0:4.3.5-202002280657.git.0.b3bfb5a.el7.x86_64",
            "7Server-RH7-RHOSE-4.3:ovn2.12-0:2.12.0-32.el7fdn.src",
            "7Server-RH7-RHOSE-4.3:ovn2.12-0:2.12.0-32.el7fdn.x86_64",
            "7Server-RH7-RHOSE-4.3:ovn2.12-central-0:2.12.0-32.el7fdn.x86_64",
            "7Server-RH7-RHOSE-4.3:ovn2.12-debuginfo-0:2.12.0-32.el7fdn.x86_64",
            "7Server-RH7-RHOSE-4.3:ovn2.12-host-0:2.12.0-32.el7fdn.x86_64",
            "7Server-RH7-RHOSE-4.3:ovn2.12-vtep-0:2.12.0-32.el7fdn.x86_64",
            "8Base-RHOSE-4.3:buildah-0:1.11.6-4.el8.src",
            "8Base-RHOSE-4.3:buildah-0:1.11.6-4.el8.x86_64",
            "8Base-RHOSE-4.3:buildah-debuginfo-0:1.11.6-4.el8.x86_64",
            "8Base-RHOSE-4.3:buildah-debugsource-0:1.11.6-4.el8.x86_64",
            "8Base-RHOSE-4.3:buildah-tests-0:1.11.6-4.el8.x86_64",
            "8Base-RHOSE-4.3:buildah-tests-debuginfo-0:1.11.6-4.el8.x86_64",
            "8Base-RHOSE-4.3:containers-common-1:0.1.40-4.rhaos.el8.x86_64",
            "8Base-RHOSE-4.3:cri-o-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.src",
            "8Base-RHOSE-4.3:cri-o-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.x86_64",
            "8Base-RHOSE-4.3:cri-o-debuginfo-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.x86_64",
            "8Base-RHOSE-4.3:cri-o-debugsource-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.x86_64",
            "8Base-RHOSE-4.3:cri-tools-0:1.17.0-2.el8.src",
            "8Base-RHOSE-4.3:cri-tools-0:1.17.0-2.el8.x86_64",
            "8Base-RHOSE-4.3:cri-tools-debuginfo-0:1.17.0-2.el8.x86_64",
            "8Base-RHOSE-4.3:cri-tools-debugsource-0:1.17.0-2.el8.x86_64",
            "8Base-RHOSE-4.3:machine-config-daemon-0:4.3.5-202003020117.git.0.61e0e48.el8.src",
            "8Base-RHOSE-4.3:machine-config-daemon-0:4.3.5-202003020117.git.0.61e0e48.el8.x86_64",
            "8Base-RHOSE-4.3:openshift-0:4.3.5-202002280657.git.0.b3bfb5a.el8.src",
            "8Base-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el8.src",
            "8Base-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el8.x86_64",
            "8Base-RHOSE-4.3:openshift-clients-redistributable-0:4.3.5-202002280657.git.1.55a9334.el8.x86_64",
            "8Base-RHOSE-4.3:openshift-hyperkube-0:4.3.5-202002280657.git.0.b3bfb5a.el8.x86_64",
            "8Base-RHOSE-4.3:openshift-kuryr-0:4.3.5-202003020117.git.0.237579a.el8.src",
            "8Base-RHOSE-4.3:openshift-kuryr-cni-0:4.3.5-202003020117.git.0.237579a.el8.noarch",
            "8Base-RHOSE-4.3:openshift-kuryr-common-0:4.3.5-202003020117.git.0.237579a.el8.noarch",
            "8Base-RHOSE-4.3:openshift-kuryr-controller-0:4.3.5-202003020117.git.0.237579a.el8.noarch",
            "8Base-RHOSE-4.3:python3-kuryr-kubernetes-0:4.3.5-202003020117.git.0.237579a.el8.noarch",
            "8Base-RHOSE-4.3:runc-0:1.0.0-65.rc10.rhaos4.3.el8.src",
            "8Base-RHOSE-4.3:runc-0:1.0.0-65.rc10.rhaos4.3.el8.x86_64",
            "8Base-RHOSE-4.3:runc-debuginfo-0:1.0.0-65.rc10.rhaos4.3.el8.x86_64",
            "8Base-RHOSE-4.3:runc-debugsource-0:1.0.0-65.rc10.rhaos4.3.el8.x86_64",
            "8Base-RHOSE-4.3:skopeo-1:0.1.40-4.rhaos.el8.src",
            "8Base-RHOSE-4.3:skopeo-1:0.1.40-4.rhaos.el8.x86_64",
            "8Base-RHOSE-4.3:skopeo-debuginfo-1:0.1.40-4.rhaos.el8.x86_64",
            "8Base-RHOSE-4.3:skopeo-debugsource-1:0.1.40-4.rhaos.el8.x86_64",
            "8Base-RHOSE-4.3:skopeo-tests-1:0.1.40-4.rhaos.el8.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Low"
        }
      ],
      "title": "jenkins: REST APIs vulnerable to clickjacking"
    }
  ]
}

Sightings

Author	Source	Type	Date	Other

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2020-2099 (GCVE-0-2020-2099)

bit-jenkins-2020-2099

Vulnerability from bitnami_vulndb

CNVD-2020-17200

FKIE_CVE-2020-2099

GHSA-QP4F-2W67-C8HW

GSD-2020-2099

RHBA-2020:0402

RHBA-2020:0675

Tags

Sightings

Nomenclature