Vulnerability-Lookup

CVE-2020-8554 (GCVE-0-2020-8554)

Vulnerability from cvelistv5 – Published: 2021-01-21 17:09 – Updated: 2024-09-17 00:40

Title

Kubernetes man in the middle using LoadBalancer or ExternalIPs

Summary

Kubernetes API server in all versions allow an attacker who is able to create a ClusterIP service and set the spec.externalIPs field, to intercept traffic to that IP address. Additionally, an attacker who is able to patch the status (which is considered a privileged operation and should not typically be granted to users) of a LoadBalancer service can set the status.loadBalancer.ingress.ip to similar effect.

Severity ?

6.3 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

CWE

CWE-283 - Unverified Ownership

Assigner

kubernetes

References

URL

	Vendor	Product	Version
	Kubernetes	Kubernetes	Affected: Kubernetes all versions

MSRC_CVE-2020-8554

Vulnerability from csaf_microsoft - Published: 2021-01-02 00:00 - Updated: 2024-06-30 07:00

Summary

Kubernetes man in the middle using LoadBalancer or ExternalIPs

Notes

Additional Resources

To determine the support lifecycle for your software, see the Microsoft Support Lifecycle: https://support.microsoft.com/lifecycle

Disclaimer

The information provided in the Microsoft Knowledge Base is provided \"as is\" without warranty of any kind. Microsoft disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose. In no event shall Microsoft Corporation or its suppliers be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages, even if Microsoft Corporation or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation may not apply.

JSON

To clipboard

{
  "document": {
    "category": "csaf_vex",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Public",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en-US",
    "notes": [
      {
        "category": "general",
        "text": "To determine the support lifecycle for your software, see the Microsoft Support Lifecycle: https://support.microsoft.com/lifecycle",
        "title": "Additional Resources"
      },
      {
        "category": "legal_disclaimer",
        "text": "The information provided in the Microsoft Knowledge Base is provided \\\"as is\\\" without warranty of any kind. Microsoft disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose. In no event shall Microsoft Corporation or its suppliers be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages, even if Microsoft Corporation or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation may not apply.",
        "title": "Disclaimer"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "secure@microsoft.com",
      "name": "Microsoft Security Response Center",
      "namespace": "https://msrc.microsoft.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "CVE-2020-8554 Kubernetes man in the middle using LoadBalancer or ExternalIPs - VEX",
        "url": "https://msrc.microsoft.com/csaf/vex/2021/msrc_cve-2020-8554.json"
      },
      {
        "category": "external",
        "summary": "Microsoft Support Lifecycle",
        "url": "https://support.microsoft.com/lifecycle"
      },
      {
        "category": "external",
        "summary": "Common Vulnerability Scoring System",
        "url": "https://www.first.org/cvss"
      }
    ],
    "title": "Kubernetes man in the middle using LoadBalancer or ExternalIPs",
    "tracking": {
      "current_release_date": "2024-06-30T07:00:00.000Z",
      "generator": {
        "date": "2025-12-27T19:12:19.358Z",
        "engine": {
          "name": "MSRC Generator",
          "version": "1.0"
        }
      },
      "id": "msrc_CVE-2020-8554",
      "initial_release_date": "2021-01-02T00:00:00.000Z",
      "revision_history": [
        {
          "date": "2023-11-01T00:00:00.000Z",
          "legacy_version": "1",
          "number": "1",
          "summary": "Information published."
        },
        {
          "date": "2024-06-30T07:00:00.000Z",
          "legacy_version": "1.1",
          "number": "2",
          "summary": "Information published."
        }
      ],
      "status": "final",
      "version": "2"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "3.0",
                "product": {
                  "name": "Azure Linux 3.0",
                  "product_id": "17084"
                }
              },
              {
                "category": "product_version",
                "name": "1.0",
                "product": {
                  "name": "CBL Mariner 1.0",
                  "product_id": "16820"
                }
              },
              {
                "category": "product_version",
                "name": "2.0",
                "product": {
                  "name": "CBL Mariner 2.0",
                  "product_id": "17086"
                }
              }
            ],
            "category": "product_name",
            "name": "Azure Linux"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003cazl3 kubernetes 1.30.10-7",
                "product": {
                  "name": "\u003cazl3 kubernetes 1.30.10-7",
                  "product_id": "1"
                }
              },
              {
                "category": "product_version",
                "name": "azl3 kubernetes 1.30.10-7",
                "product": {
                  "name": "azl3 kubernetes 1.30.10-7",
                  "product_id": "19340"
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003ccm1 kubernetes 1.22.4-2",
                "product": {
                  "name": "\u003ccm1 kubernetes 1.22.4-2",
                  "product_id": "6"
                }
              },
              {
                "category": "product_version",
                "name": "cm1 kubernetes 1.22.4-2",
                "product": {
                  "name": "cm1 kubernetes 1.22.4-2",
                  "product_id": "19099"
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003ccbl2 kubernetes 1.28.3-1",
                "product": {
                  "name": "\u003ccbl2 kubernetes 1.28.3-1",
                  "product_id": "5"
                }
              },
              {
                "category": "product_version",
                "name": "cbl2 kubernetes 1.28.3-1",
                "product": {
                  "name": "cbl2 kubernetes 1.28.3-1",
                  "product_id": "19100"
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003cazl3 kubernetes 1.28.3-2",
                "product": {
                  "name": "\u003cazl3 kubernetes 1.28.3-2",
                  "product_id": "2"
                }
              },
              {
                "category": "product_version",
                "name": "azl3 kubernetes 1.28.3-2",
                "product": {
                  "name": "azl3 kubernetes 1.28.3-2",
                  "product_id": "19103"
                }
              }
            ],
            "category": "product_name",
            "name": "kubernetes"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003ccbl2 python-kubernetes 21.7.0-1",
                "product": {
                  "name": "\u003ccbl2 python-kubernetes 21.7.0-1",
                  "product_id": "4"
                }
              },
              {
                "category": "product_version",
                "name": "cbl2 python-kubernetes 21.7.0-1",
                "product": {
                  "name": "cbl2 python-kubernetes 21.7.0-1",
                  "product_id": "19101"
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003cazl3 python-kubernetes 21.7.0-1",
                "product": {
                  "name": "\u003cazl3 python-kubernetes 21.7.0-1",
                  "product_id": "3"
                }
              },
              {
                "category": "product_version",
                "name": "azl3 python-kubernetes 21.7.0-1",
                "product": {
                  "name": "azl3 python-kubernetes 21.7.0-1",
                  "product_id": "19102"
                }
              }
            ],
            "category": "product_name",
            "name": "python-kubernetes"
          }
        ],
        "category": "vendor",
        "name": "Microsoft"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "\u003cazl3 kubernetes 1.30.10-7 as a component of Azure Linux 3.0",
          "product_id": "17084-1"
        },
        "product_reference": "1",
        "relates_to_product_reference": "17084"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "azl3 kubernetes 1.30.10-7 as a component of Azure Linux 3.0",
          "product_id": "19340-17084"
        },
        "product_reference": "19340",
        "relates_to_product_reference": "17084"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "\u003ccm1 kubernetes 1.22.4-2 as a component of CBL Mariner 1.0",
          "product_id": "16820-6"
        },
        "product_reference": "6",
        "relates_to_product_reference": "16820"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "cm1 kubernetes 1.22.4-2 as a component of CBL Mariner 1.0",
          "product_id": "19099-16820"
        },
        "product_reference": "19099",
        "relates_to_product_reference": "16820"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "\u003ccbl2 kubernetes 1.28.3-1 as a component of CBL Mariner 2.0",
          "product_id": "17086-5"
        },
        "product_reference": "5",
        "relates_to_product_reference": "17086"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "cbl2 kubernetes 1.28.3-1 as a component of CBL Mariner 2.0",
          "product_id": "19100-17086"
        },
        "product_reference": "19100",
        "relates_to_product_reference": "17086"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "\u003ccbl2 python-kubernetes 21.7.0-1 as a component of CBL Mariner 2.0",
          "product_id": "17086-4"
        },
        "product_reference": "4",
        "relates_to_product_reference": "17086"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "cbl2 python-kubernetes 21.7.0-1 as a component of CBL Mariner 2.0",
          "product_id": "19101-17086"
        },
        "product_reference": "19101",
        "relates_to_product_reference": "17086"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "\u003cazl3 python-kubernetes 21.7.0-1 as a component of Azure Linux 3.0",
          "product_id": "17084-3"
        },
        "product_reference": "3",
        "relates_to_product_reference": "17084"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "azl3 python-kubernetes 21.7.0-1 as a component of Azure Linux 3.0",
          "product_id": "19102-17084"
        },
        "product_reference": "19102",
        "relates_to_product_reference": "17084"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "\u003cazl3 kubernetes 1.28.3-2 as a component of Azure Linux 3.0",
          "product_id": "17084-2"
        },
        "product_reference": "2",
        "relates_to_product_reference": "17084"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "azl3 kubernetes 1.28.3-2 as a component of Azure Linux 3.0",
          "product_id": "19103-17084"
        },
        "product_reference": "19103",
        "relates_to_product_reference": "17084"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2020-8554",
      "cwe": {
        "id": "CWE-283",
        "name": "Unverified Ownership"
      },
      "notes": [
        {
          "category": "general",
          "text": "kubernetes",
          "title": "Assigning CNA"
        }
      ],
      "product_status": {
        "fixed": [
          "19340-17084",
          "19099-16820",
          "19100-17086",
          "19101-17086",
          "19102-17084",
          "19103-17084"
        ],
        "known_affected": [
          "17084-1",
          "16820-6",
          "17086-5",
          "17086-4",
          "17084-3",
          "17084-2"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2020-8554 Kubernetes man in the middle using LoadBalancer or ExternalIPs - VEX",
          "url": "https://msrc.microsoft.com/csaf/vex/2021/msrc_cve-2020-8554.json"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2023-11-01T00:00:00.000Z",
          "details": "1.28.3-2:Security Update:https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade",
          "product_ids": [
            "17084-1",
            "17084-2"
          ],
          "url": "https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade"
        },
        {
          "category": "vendor_fix",
          "date": "2023-11-01T00:00:00.000Z",
          "details": "1.22.4-2:Security Update:https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade",
          "product_ids": [
            "16820-6"
          ],
          "url": "https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade"
        },
        {
          "category": "vendor_fix",
          "date": "2023-11-01T00:00:00.000Z",
          "details": "1.28.3-1:Security Update:https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade",
          "product_ids": [
            "17086-5"
          ],
          "url": "https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade"
        },
        {
          "category": "vendor_fix",
          "date": "2023-11-01T00:00:00.000Z",
          "details": "21.7.0-1:Security Update:https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade",
          "product_ids": [
            "17086-4",
            "17084-3"
          ],
          "url": "https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 5.0,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "environmentalsScore": 0.0,
            "integrityImpact": "LOW",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "temporalScore": 5.0,
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L",
            "version": "3.1"
          },
          "products": [
            "17084-1",
            "16820-6",
            "17086-5",
            "17086-4",
            "17084-3",
            "17084-2"
          ]
        }
      ],
      "title": "Kubernetes man in the middle using LoadBalancer or ExternalIPs"
    }
  ]
}

CERTFR-2022-AVI-591

Vulnerability from certfr_avis - Published: 2022-06-30 - Updated: 2022-06-30

De multiples vulnérabilités ont été découvertes dans les produits IBM. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire, un déni de service à distance et un contournement de la politique de sécurité.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
IBM	Spectrum	IBM Spectrum Protect Plus versions antérieures à 10.1.11
IBM	Spectrum	IBM Spectrum Protect Client versions antérieures à 8.1.1.15
IBM	N/A	IBM® Db2® et Db2 Warehouse® sur Cloud Pak for Data versions antérieures à 4.5.0
IBM	Db2	IBM® Db2® sur Openshift versions antérieures à 11.5.7.0-cn5

References

Title

Publication Time

GHSA-J9WF-VVM6-4R9W

Vulnerability from github – Published: 2022-02-08 21:50 – Updated: 2022-10-31 15:56

Summary

Unverified Ownership in Kubernetes

Details

Severity ?

5.0 (Medium)


                  
                    CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L

Show details on source website

JSON

To clipboard

{
  "affected": [
    {
      "package": {
        "ecosystem": "Go",
        "name": "k8s.io/kubernetes"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "last_affected": "1.22.0"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2020-8554"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-283"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2021-05-12T21:42:11Z",
    "nvd_published_at": "2021-01-21T17:15:00Z",
    "severity": "MODERATE"
  },
  "details": "Kubernetes API server in all versions allow an attacker who is able to create a ClusterIP service and set the spec.externalIPs field, to intercept traffic to that IP address. Additionally, an attacker who is able to patch the status (which is considered a privileged operation and should not typically be granted to users) of a LoadBalancer service can set the status.loadBalancer.ingress.ip to similar effect.",
  "id": "GHSA-j9wf-vvm6-4r9w",
  "modified": "2022-10-31T15:56:21Z",
  "published": "2022-02-08T21:50:34Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-8554"
    },
    {
      "type": "WEB",
      "url": "https://github.com/kubernetes/kubernetes/issues/97076"
    },
    {
      "type": "WEB",
      "url": "https://github.com/kubernetes/kubernetes/issues/97110"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/kubernetes/kubernetes"
    },
    {
      "type": "WEB",
      "url": "https://groups.google.com/g/kubernetes-security-announce/c/iZWsF9nbKE8"
    },
    {
      "type": "WEB",
      "url": "https://lists.apache.org/thread.html/r0c76b3d0be348f788cd947054141de0229af00c540564711e828fd40@%3Ccommits.druid.apache.org%3E"
    },
    {
      "type": "WEB",
      "url": "https://lists.apache.org/thread.html/r1975078e44d96f2a199aa90aa874b57a202eaf7f25f2fde6d1c44942@%3Ccommits.druid.apache.org%3E"
    },
    {
      "type": "WEB",
      "url": "https://lists.apache.org/thread.html/rcafa485d63550657f068775801aeb706b7a07140a8ebbdef822b3bb3@%3Ccommits.druid.apache.org%3E"
    },
    {
      "type": "WEB",
      "url": "https://lists.apache.org/thread.html/rdb223e1b82e3d7d8e4eaddce8dd1ab87252e3935cc41c859f49767b6@%3Ccommits.druid.apache.org%3E"
    },
    {
      "type": "WEB",
      "url": "https://www.oracle.com//security-alerts/cpujul2021.html"
    },
    {
      "type": "WEB",
      "url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
    },
    {
      "type": "WEB",
      "url": "https://www.oracle.com/security-alerts/cpujan2022.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L",
      "type": "CVSS_V3"
    }
  ],
  "summary": "Unverified Ownership in Kubernetes"
}

RHSA-2021:0079

Vulnerability from csaf_redhat - Published: 2021-01-20 16:54 - Updated: 2026-01-08 12:09

Summary

Red Hat Security Advisory: OpenShift Container Platform 3.11.374 bug fix and security update

Notes

Topic

Red Hat OpenShift Container Platform release 3.11.374 is now available with updates to packages and images that fix several bugs. This release also includes a security update for Red Hat OpenShift Container Platform 3.11. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Details

Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the RPM packages for Red Hat OpenShift Container Platform 3.11.374. See the following advisory for the container images for this release: https://access.redhat.com/errata/RHBA-2021:0080 Security Fix(es): * golang.org/x/crypto: Keystream loop in amd64 assembly when overflowing 32-bit counter (CVE-2019-11840) * kubernetes: MITM using LoadBalancer or ExternalIPs (CVE-2020-8554) * python-urllib3: CRLF injection via HTTP request method (CVE-2020-26137) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://access.redhat.com/security/updates/classification/",
      "text": "Moderate"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "Red Hat OpenShift Container Platform release 3.11.374 is now available with updates to packages and images that fix several bugs.\n\nThis release also includes a security update for Red Hat OpenShift Container Platform 3.11.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
        "title": "Topic"
      },
      {
        "category": "general",
        "text": "Red Hat OpenShift Container Platform is Red Hat\u0027s cloud computing\nKubernetes application platform solution designed for on-premise or private\ncloud deployments.\n\nThis advisory contains the RPM packages for Red Hat OpenShift Container\nPlatform 3.11.374. See the following advisory for the container images for\nthis release:\n\nhttps://access.redhat.com/errata/RHBA-2021:0080\n\nSecurity Fix(es):\n\n* golang.org/x/crypto: Keystream loop in amd64 assembly when overflowing 32-bit counter (CVE-2019-11840)\n\n* kubernetes: MITM using LoadBalancer or ExternalIPs (CVE-2020-8554)\n\n* python-urllib3: CRLF injection via HTTP request method (CVE-2020-26137)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
        "title": "Details"
      },
      {
        "category": "legal_disclaimer",
        "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
        "title": "Terms of Use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://access.redhat.com/security/team/contact/",
      "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
      "name": "Red Hat Product Security",
      "namespace": "https://www.redhat.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "https://access.redhat.com/errata/RHSA-2021:0079",
        "url": "https://access.redhat.com/errata/RHSA-2021:0079"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/updates/classification/#moderate",
        "url": "https://access.redhat.com/security/updates/classification/#moderate"
      },
      {
        "category": "external",
        "summary": "1691529",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1691529"
      },
      {
        "category": "external",
        "summary": "1866789",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1866789"
      },
      {
        "category": "external",
        "summary": "1870050",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1870050"
      },
      {
        "category": "external",
        "summary": "1881319",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1881319"
      },
      {
        "category": "external",
        "summary": "1883632",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1883632"
      },
      {
        "category": "external",
        "summary": "1891051",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1891051"
      },
      {
        "category": "self",
        "summary": "Canonical URL",
        "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2021/rhsa-2021_0079.json"
      }
    ],
    "title": "Red Hat Security Advisory: OpenShift Container Platform 3.11.374 bug fix and security update",
    "tracking": {
      "current_release_date": "2026-01-08T12:09:49+00:00",
      "generator": {
        "date": "2026-01-08T12:09:49+00:00",
        "engine": {
          "name": "Red Hat SDEngine",
          "version": "4.6.14"
        }
      },
      "id": "RHSA-2021:0079",
      "initial_release_date": "2021-01-20T16:54:28+00:00",
      "revision_history": [
        {
          "date": "2021-01-20T16:54:28+00:00",
          "number": "1",
          "summary": "Initial version"
        },
        {
          "date": "2021-01-20T16:54:28+00:00",
          "number": "2",
          "summary": "Last updated version"
        },
        {
          "date": "2026-01-08T12:09:49+00:00",
          "number": "3",
          "summary": "Last generated version"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Red Hat OpenShift Container Platform 3.11",
                "product": {
                  "name": "Red Hat OpenShift Container Platform 3.11",
                  "product_id": "7Server-RH7-RHOSE-3.11",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:openshift:3.11::el7"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "Red Hat OpenShift Enterprise"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "atomic-openshift-0:3.11.374-1.git.0.ebd3ee9.el7.src",
                "product": {
                  "name": "atomic-openshift-0:3.11.374-1.git.0.ebd3ee9.el7.src",
                  "product_id": "atomic-openshift-0:3.11.374-1.git.0.ebd3ee9.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/atomic-openshift@3.11.374-1.git.0.ebd3ee9.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "atomic-openshift-descheduler-0:3.11.374-1.git.299.f128e96.el7.src",
                "product": {
                  "name": "atomic-openshift-descheduler-0:3.11.374-1.git.299.f128e96.el7.src",
                  "product_id": "atomic-openshift-descheduler-0:3.11.374-1.git.299.f128e96.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/atomic-openshift-descheduler@3.11.374-1.git.299.f128e96.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "golang-github-prometheus-alertmanager-0:3.11.374-1.git.0.3abd2a5.el7.src",
                "product": {
                  "name": "golang-github-prometheus-alertmanager-0:3.11.374-1.git.0.3abd2a5.el7.src",
                  "product_id": "golang-github-prometheus-alertmanager-0:3.11.374-1.git.0.3abd2a5.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/golang-github-prometheus-alertmanager@3.11.374-1.git.0.3abd2a5.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "atomic-openshift-node-problem-detector-0:3.11.374-1.git.263.28335fb.el7.src",
                "product": {
                  "name": "atomic-openshift-node-problem-detector-0:3.11.374-1.git.263.28335fb.el7.src",
                  "product_id": "atomic-openshift-node-problem-detector-0:3.11.374-1.git.263.28335fb.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/atomic-openshift-node-problem-detector@3.11.374-1.git.263.28335fb.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "atomic-enterprise-service-catalog-1:3.11.374-1.git.1675.738abcc.el7.src",
                "product": {
                  "name": "atomic-enterprise-service-catalog-1:3.11.374-1.git.1675.738abcc.el7.src",
                  "product_id": "atomic-enterprise-service-catalog-1:3.11.374-1.git.1675.738abcc.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/atomic-enterprise-service-catalog@3.11.374-1.git.1675.738abcc.el7?arch=src\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "golang-github-openshift-oauth-proxy-0:3.11.374-1.git.439.966c536.el7.src",
                "product": {
                  "name": "golang-github-openshift-oauth-proxy-0:3.11.374-1.git.439.966c536.el7.src",
                  "product_id": "golang-github-openshift-oauth-proxy-0:3.11.374-1.git.439.966c536.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/golang-github-openshift-oauth-proxy@3.11.374-1.git.439.966c536.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "golang-github-prometheus-prometheus-0:3.11.374-1.git.5026.29379c4.el7.src",
                "product": {
                  "name": "golang-github-prometheus-prometheus-0:3.11.374-1.git.5026.29379c4.el7.src",
                  "product_id": "golang-github-prometheus-prometheus-0:3.11.374-1.git.5026.29379c4.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/golang-github-prometheus-prometheus@3.11.374-1.git.5026.29379c4.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "atomic-openshift-dockerregistry-0:3.11.374-1.git.481.e6a880c.el7.src",
                "product": {
                  "name": "atomic-openshift-dockerregistry-0:3.11.374-1.git.481.e6a880c.el7.src",
                  "product_id": "atomic-openshift-dockerregistry-0:3.11.374-1.git.481.e6a880c.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/atomic-openshift-dockerregistry@3.11.374-1.git.481.e6a880c.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "atomic-openshift-service-idler-0:3.11.374-1.git.15.523a1f7.el7.src",
                "product": {
                  "name": "atomic-openshift-service-idler-0:3.11.374-1.git.15.523a1f7.el7.src",
                  "product_id": "atomic-openshift-service-idler-0:3.11.374-1.git.15.523a1f7.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/atomic-openshift-service-idler@3.11.374-1.git.15.523a1f7.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openshift-enterprise-autoheal-0:3.11.374-1.git.218.9cf7939.el7.src",
                "product": {
                  "name": "openshift-enterprise-autoheal-0:3.11.374-1.git.218.9cf7939.el7.src",
                  "product_id": "openshift-enterprise-autoheal-0:3.11.374-1.git.218.9cf7939.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/openshift-enterprise-autoheal@3.11.374-1.git.218.9cf7939.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "atomic-openshift-web-console-0:3.11.374-1.git.647.9e78d83.el7.src",
                "product": {
                  "name": "atomic-openshift-web-console-0:3.11.374-1.git.647.9e78d83.el7.src",
                  "product_id": "atomic-openshift-web-console-0:3.11.374-1.git.647.9e78d83.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/atomic-openshift-web-console@3.11.374-1.git.647.9e78d83.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openshift-enterprise-cluster-capacity-0:3.11.374-1.git.379.80bd08f.el7.src",
                "product": {
                  "name": "openshift-enterprise-cluster-capacity-0:3.11.374-1.git.379.80bd08f.el7.src",
                  "product_id": "openshift-enterprise-cluster-capacity-0:3.11.374-1.git.379.80bd08f.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/openshift-enterprise-cluster-capacity@3.11.374-1.git.379.80bd08f.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "atomic-openshift-metrics-server-0:3.11.374-1.git.53.9df25a9.el7.src",
                "product": {
                  "name": "atomic-openshift-metrics-server-0:3.11.374-1.git.53.9df25a9.el7.src",
                  "product_id": "atomic-openshift-metrics-server-0:3.11.374-1.git.53.9df25a9.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/atomic-openshift-metrics-server@3.11.374-1.git.53.9df25a9.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "atomic-openshift-cluster-autoscaler-0:3.11.374-1.git.0.2996f62.el7.src",
                "product": {
                  "name": "atomic-openshift-cluster-autoscaler-0:3.11.374-1.git.0.2996f62.el7.src",
                  "product_id": "atomic-openshift-cluster-autoscaler-0:3.11.374-1.git.0.2996f62.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/atomic-openshift-cluster-autoscaler@3.11.374-1.git.0.2996f62.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "golang-github-prometheus-node_exporter-0:3.11.374-1.git.1062.490d6d5.el7.src",
                "product": {
                  "name": "golang-github-prometheus-node_exporter-0:3.11.374-1.git.1062.490d6d5.el7.src",
                  "product_id": "golang-github-prometheus-node_exporter-0:3.11.374-1.git.1062.490d6d5.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/golang-github-prometheus-node_exporter@3.11.374-1.git.1062.490d6d5.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openshift-kuryr-0:3.11.374-1.git.1478.ef11824.el7.src",
                "product": {
                  "name": "openshift-kuryr-0:3.11.374-1.git.1478.ef11824.el7.src",
                  "product_id": "openshift-kuryr-0:3.11.374-1.git.1478.ef11824.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/openshift-kuryr@3.11.374-1.git.1478.ef11824.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openshift-ansible-0:3.11.374-1.git.0.92f5956.el7.src",
                "product": {
                  "name": "openshift-ansible-0:3.11.374-1.git.0.92f5956.el7.src",
                  "product_id": "openshift-ansible-0:3.11.374-1.git.0.92f5956.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/openshift-ansible@3.11.374-1.git.0.92f5956.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "python-urllib3-0:1.26.2-1.el7.src",
                "product": {
                  "name": "python-urllib3-0:1.26.2-1.el7.src",
                  "product_id": "python-urllib3-0:1.26.2-1.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/python-urllib3@1.26.2-1.el7?arch=src"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "src"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "atomic-openshift-0:3.11.374-1.git.0.ebd3ee9.el7.x86_64",
                "product": {
                  "name": "atomic-openshift-0:3.11.374-1.git.0.ebd3ee9.el7.x86_64",
                  "product_id": "atomic-openshift-0:3.11.374-1.git.0.ebd3ee9.el7.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/atomic-openshift@3.11.374-1.git.0.ebd3ee9.el7?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "atomic-openshift-clients-0:3.11.374-1.git.0.ebd3ee9.el7.x86_64",
                "product": {
                  "name": "atomic-openshift-clients-0:3.11.374-1.git.0.ebd3ee9.el7.x86_64",
                  "product_id": "atomic-openshift-clients-0:3.11.374-1.git.0.ebd3ee9.el7.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/atomic-openshift-clients@3.11.374-1.git.0.ebd3ee9.el7?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "atomic-openshift-clients-redistributable-0:3.11.374-1.git.0.ebd3ee9.el7.x86_64",
                "product": {
                  "name": "atomic-openshift-clients-redistributable-0:3.11.374-1.git.0.ebd3ee9.el7.x86_64",
                  "product_id": "atomic-openshift-clients-redistributable-0:3.11.374-1.git.0.ebd3ee9.el7.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/atomic-openshift-clients-redistributable@3.11.374-1.git.0.ebd3ee9.el7?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "atomic-openshift-hyperkube-0:3.11.374-1.git.0.ebd3ee9.el7.x86_64",
                "product": {
                  "name": "atomic-openshift-hyperkube-0:3.11.374-1.git.0.ebd3ee9.el7.x86_64",
                  "product_id": "atomic-openshift-hyperkube-0:3.11.374-1.git.0.ebd3ee9.el7.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/atomic-openshift-hyperkube@3.11.374-1.git.0.ebd3ee9.el7?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "atomic-openshift-hypershift-0:3.11.374-1.git.0.ebd3ee9.el7.x86_64",
                "product": {
                  "name": "atomic-openshift-hypershift-0:3.11.374-1.git.0.ebd3ee9.el7.x86_64",
                  "product_id": "atomic-openshift-hypershift-0:3.11.374-1.git.0.ebd3ee9.el7.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/atomic-openshift-hypershift@3.11.374-1.git.0.ebd3ee9.el7?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "atomic-openshift-master-0:3.11.374-1.git.0.ebd3ee9.el7.x86_64",
                "product": {
                  "name": "atomic-openshift-master-0:3.11.374-1.git.0.ebd3ee9.el7.x86_64",
                  "product_id": "atomic-openshift-master-0:3.11.374-1.git.0.ebd3ee9.el7.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/atomic-openshift-master@3.11.374-1.git.0.ebd3ee9.el7?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "atomic-openshift-node-0:3.11.374-1.git.0.ebd3ee9.el7.x86_64",
                "product": {
                  "name": "atomic-openshift-node-0:3.11.374-1.git.0.ebd3ee9.el7.x86_64",
                  "product_id": "atomic-openshift-node-0:3.11.374-1.git.0.ebd3ee9.el7.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/atomic-openshift-node@3.11.374-1.git.0.ebd3ee9.el7?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "atomic-openshift-pod-0:3.11.374-1.git.0.ebd3ee9.el7.x86_64",
                "product": {
                  "name": "atomic-openshift-pod-0:3.11.374-1.git.0.ebd3ee9.el7.x86_64",
                  "product_id": "atomic-openshift-pod-0:3.11.374-1.git.0.ebd3ee9.el7.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/atomic-openshift-pod@3.11.374-1.git.0.ebd3ee9.el7?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "atomic-openshift-sdn-ovs-0:3.11.374-1.git.0.ebd3ee9.el7.x86_64",
                "product": {
                  "name": "atomic-openshift-sdn-ovs-0:3.11.374-1.git.0.ebd3ee9.el7.x86_64",
                  "product_id": "atomic-openshift-sdn-ovs-0:3.11.374-1.git.0.ebd3ee9.el7.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/atomic-openshift-sdn-ovs@3.11.374-1.git.0.ebd3ee9.el7?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "atomic-openshift-template-service-broker-0:3.11.374-1.git.0.ebd3ee9.el7.x86_64",
                "product": {
                  "name": "atomic-openshift-template-service-broker-0:3.11.374-1.git.0.ebd3ee9.el7.x86_64",
                  "product_id": "atomic-openshift-template-service-broker-0:3.11.374-1.git.0.ebd3ee9.el7.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/atomic-openshift-template-service-broker@3.11.374-1.git.0.ebd3ee9.el7?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "atomic-openshift-tests-0:3.11.374-1.git.0.ebd3ee9.el7.x86_64",
                "product": {
                  "name": "atomic-openshift-tests-0:3.11.374-1.git.0.ebd3ee9.el7.x86_64",
                  "product_id": "atomic-openshift-tests-0:3.11.374-1.git.0.ebd3ee9.el7.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/atomic-openshift-tests@3.11.374-1.git.0.ebd3ee9.el7?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "atomic-openshift-descheduler-0:3.11.374-1.git.299.f128e96.el7.x86_64",
                "product": {
                  "name": "atomic-openshift-descheduler-0:3.11.374-1.git.299.f128e96.el7.x86_64",
                  "product_id": "atomic-openshift-descheduler-0:3.11.374-1.git.299.f128e96.el7.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/atomic-openshift-descheduler@3.11.374-1.git.299.f128e96.el7?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "prometheus-alertmanager-0:3.11.374-1.git.0.3abd2a5.el7.x86_64",
                "product": {
                  "name": "prometheus-alertmanager-0:3.11.374-1.git.0.3abd2a5.el7.x86_64",
                  "product_id": "prometheus-alertmanager-0:3.11.374-1.git.0.3abd2a5.el7.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/prometheus-alertmanager@3.11.374-1.git.0.3abd2a5.el7?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "atomic-openshift-node-problem-detector-0:3.11.374-1.git.263.28335fb.el7.x86_64",
                "product": {
                  "name": "atomic-openshift-node-problem-detector-0:3.11.374-1.git.263.28335fb.el7.x86_64",
                  "product_id": "atomic-openshift-node-problem-detector-0:3.11.374-1.git.263.28335fb.el7.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/atomic-openshift-node-problem-detector@3.11.374-1.git.263.28335fb.el7?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "atomic-enterprise-service-catalog-1:3.11.374-1.git.1675.738abcc.el7.x86_64",
                "product": {
                  "name": "atomic-enterprise-service-catalog-1:3.11.374-1.git.1675.738abcc.el7.x86_64",
                  "product_id": "atomic-enterprise-service-catalog-1:3.11.374-1.git.1675.738abcc.el7.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/atomic-enterprise-service-catalog@3.11.374-1.git.1675.738abcc.el7?arch=x86_64\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "atomic-enterprise-service-catalog-svcat-1:3.11.374-1.git.1675.738abcc.el7.x86_64",
                "product": {
                  "name": "atomic-enterprise-service-catalog-svcat-1:3.11.374-1.git.1675.738abcc.el7.x86_64",
                  "product_id": "atomic-enterprise-service-catalog-svcat-1:3.11.374-1.git.1675.738abcc.el7.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/atomic-enterprise-service-catalog-svcat@3.11.374-1.git.1675.738abcc.el7?arch=x86_64\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "golang-github-openshift-oauth-proxy-0:3.11.374-1.git.439.966c536.el7.x86_64",
                "product": {
                  "name": "golang-github-openshift-oauth-proxy-0:3.11.374-1.git.439.966c536.el7.x86_64",
                  "product_id": "golang-github-openshift-oauth-proxy-0:3.11.374-1.git.439.966c536.el7.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/golang-github-openshift-oauth-proxy@3.11.374-1.git.439.966c536.el7?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "prometheus-0:3.11.374-1.git.5026.29379c4.el7.x86_64",
                "product": {
                  "name": "prometheus-0:3.11.374-1.git.5026.29379c4.el7.x86_64",
                  "product_id": "prometheus-0:3.11.374-1.git.5026.29379c4.el7.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/prometheus@3.11.374-1.git.5026.29379c4.el7?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "atomic-openshift-dockerregistry-0:3.11.374-1.git.481.e6a880c.el7.x86_64",
                "product": {
                  "name": "atomic-openshift-dockerregistry-0:3.11.374-1.git.481.e6a880c.el7.x86_64",
                  "product_id": "atomic-openshift-dockerregistry-0:3.11.374-1.git.481.e6a880c.el7.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/atomic-openshift-dockerregistry@3.11.374-1.git.481.e6a880c.el7?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "atomic-openshift-service-idler-0:3.11.374-1.git.15.523a1f7.el7.x86_64",
                "product": {
                  "name": "atomic-openshift-service-idler-0:3.11.374-1.git.15.523a1f7.el7.x86_64",
                  "product_id": "atomic-openshift-service-idler-0:3.11.374-1.git.15.523a1f7.el7.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/atomic-openshift-service-idler@3.11.374-1.git.15.523a1f7.el7?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openshift-enterprise-autoheal-0:3.11.374-1.git.218.9cf7939.el7.x86_64",
                "product": {
                  "name": "openshift-enterprise-autoheal-0:3.11.374-1.git.218.9cf7939.el7.x86_64",
                  "product_id": "openshift-enterprise-autoheal-0:3.11.374-1.git.218.9cf7939.el7.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/openshift-enterprise-autoheal@3.11.374-1.git.218.9cf7939.el7?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "atomic-openshift-web-console-0:3.11.374-1.git.647.9e78d83.el7.x86_64",
                "product": {
                  "name": "atomic-openshift-web-console-0:3.11.374-1.git.647.9e78d83.el7.x86_64",
                  "product_id": "atomic-openshift-web-console-0:3.11.374-1.git.647.9e78d83.el7.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/atomic-openshift-web-console@3.11.374-1.git.647.9e78d83.el7?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openshift-enterprise-cluster-capacity-0:3.11.374-1.git.379.80bd08f.el7.x86_64",
                "product": {
                  "name": "openshift-enterprise-cluster-capacity-0:3.11.374-1.git.379.80bd08f.el7.x86_64",
                  "product_id": "openshift-enterprise-cluster-capacity-0:3.11.374-1.git.379.80bd08f.el7.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/openshift-enterprise-cluster-capacity@3.11.374-1.git.379.80bd08f.el7?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "atomic-openshift-metrics-server-0:3.11.374-1.git.53.9df25a9.el7.x86_64",
                "product": {
                  "name": "atomic-openshift-metrics-server-0:3.11.374-1.git.53.9df25a9.el7.x86_64",
                  "product_id": "atomic-openshift-metrics-server-0:3.11.374-1.git.53.9df25a9.el7.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/atomic-openshift-metrics-server@3.11.374-1.git.53.9df25a9.el7?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "atomic-openshift-cluster-autoscaler-0:3.11.374-1.git.0.2996f62.el7.x86_64",
                "product": {
                  "name": "atomic-openshift-cluster-autoscaler-0:3.11.374-1.git.0.2996f62.el7.x86_64",
                  "product_id": "atomic-openshift-cluster-autoscaler-0:3.11.374-1.git.0.2996f62.el7.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/atomic-openshift-cluster-autoscaler@3.11.374-1.git.0.2996f62.el7?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "prometheus-node-exporter-0:3.11.374-1.git.1062.490d6d5.el7.x86_64",
                "product": {
                  "name": "prometheus-node-exporter-0:3.11.374-1.git.1062.490d6d5.el7.x86_64",
                  "product_id": "prometheus-node-exporter-0:3.11.374-1.git.1062.490d6d5.el7.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/prometheus-node-exporter@3.11.374-1.git.1062.490d6d5.el7?arch=x86_64"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "x86_64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "atomic-openshift-0:3.11.374-1.git.0.ebd3ee9.el7.ppc64le",
                "product": {
                  "name": "atomic-openshift-0:3.11.374-1.git.0.ebd3ee9.el7.ppc64le",
                  "product_id": "atomic-openshift-0:3.11.374-1.git.0.ebd3ee9.el7.ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/atomic-openshift@3.11.374-1.git.0.ebd3ee9.el7?arch=ppc64le"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "atomic-openshift-clients-0:3.11.374-1.git.0.ebd3ee9.el7.ppc64le",
                "product": {
                  "name": "atomic-openshift-clients-0:3.11.374-1.git.0.ebd3ee9.el7.ppc64le",
                  "product_id": "atomic-openshift-clients-0:3.11.374-1.git.0.ebd3ee9.el7.ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/atomic-openshift-clients@3.11.374-1.git.0.ebd3ee9.el7?arch=ppc64le"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "atomic-openshift-hyperkube-0:3.11.374-1.git.0.ebd3ee9.el7.ppc64le",
                "product": {
                  "name": "atomic-openshift-hyperkube-0:3.11.374-1.git.0.ebd3ee9.el7.ppc64le",
                  "product_id": "atomic-openshift-hyperkube-0:3.11.374-1.git.0.ebd3ee9.el7.ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/atomic-openshift-hyperkube@3.11.374-1.git.0.ebd3ee9.el7?arch=ppc64le"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "atomic-openshift-hypershift-0:3.11.374-1.git.0.ebd3ee9.el7.ppc64le",
                "product": {
                  "name": "atomic-openshift-hypershift-0:3.11.374-1.git.0.ebd3ee9.el7.ppc64le",
                  "product_id": "atomic-openshift-hypershift-0:3.11.374-1.git.0.ebd3ee9.el7.ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/atomic-openshift-hypershift@3.11.374-1.git.0.ebd3ee9.el7?arch=ppc64le"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "atomic-openshift-master-0:3.11.374-1.git.0.ebd3ee9.el7.ppc64le",
                "product": {
                  "name": "atomic-openshift-master-0:3.11.374-1.git.0.ebd3ee9.el7.ppc64le",
                  "product_id": "atomic-openshift-master-0:3.11.374-1.git.0.ebd3ee9.el7.ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/atomic-openshift-master@3.11.374-1.git.0.ebd3ee9.el7?arch=ppc64le"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "atomic-openshift-node-0:3.11.374-1.git.0.ebd3ee9.el7.ppc64le",
                "product": {
                  "name": "atomic-openshift-node-0:3.11.374-1.git.0.ebd3ee9.el7.ppc64le",
                  "product_id": "atomic-openshift-node-0:3.11.374-1.git.0.ebd3ee9.el7.ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/atomic-openshift-node@3.11.374-1.git.0.ebd3ee9.el7?arch=ppc64le"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "atomic-openshift-pod-0:3.11.374-1.git.0.ebd3ee9.el7.ppc64le",
                "product": {
                  "name": "atomic-openshift-pod-0:3.11.374-1.git.0.ebd3ee9.el7.ppc64le",
                  "product_id": "atomic-openshift-pod-0:3.11.374-1.git.0.ebd3ee9.el7.ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/atomic-openshift-pod@3.11.374-1.git.0.ebd3ee9.el7?arch=ppc64le"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "atomic-openshift-sdn-ovs-0:3.11.374-1.git.0.ebd3ee9.el7.ppc64le",
                "product": {
                  "name": "atomic-openshift-sdn-ovs-0:3.11.374-1.git.0.ebd3ee9.el7.ppc64le",
                  "product_id": "atomic-openshift-sdn-ovs-0:3.11.374-1.git.0.ebd3ee9.el7.ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/atomic-openshift-sdn-ovs@3.11.374-1.git.0.ebd3ee9.el7?arch=ppc64le"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "atomic-openshift-template-service-broker-0:3.11.374-1.git.0.ebd3ee9.el7.ppc64le",
                "product": {
                  "name": "atomic-openshift-template-service-broker-0:3.11.374-1.git.0.ebd3ee9.el7.ppc64le",
                  "product_id": "atomic-openshift-template-service-broker-0:3.11.374-1.git.0.ebd3ee9.el7.ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/atomic-openshift-template-service-broker@3.11.374-1.git.0.ebd3ee9.el7?arch=ppc64le"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "atomic-openshift-tests-0:3.11.374-1.git.0.ebd3ee9.el7.ppc64le",
                "product": {
                  "name": "atomic-openshift-tests-0:3.11.374-1.git.0.ebd3ee9.el7.ppc64le",
                  "product_id": "atomic-openshift-tests-0:3.11.374-1.git.0.ebd3ee9.el7.ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/atomic-openshift-tests@3.11.374-1.git.0.ebd3ee9.el7?arch=ppc64le"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "atomic-openshift-descheduler-0:3.11.374-1.git.299.f128e96.el7.ppc64le",
                "product": {
                  "name": "atomic-openshift-descheduler-0:3.11.374-1.git.299.f128e96.el7.ppc64le",
                  "product_id": "atomic-openshift-descheduler-0:3.11.374-1.git.299.f128e96.el7.ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/atomic-openshift-descheduler@3.11.374-1.git.299.f128e96.el7?arch=ppc64le"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "prometheus-alertmanager-0:3.11.374-1.git.0.3abd2a5.el7.ppc64le",
                "product": {
                  "name": "prometheus-alertmanager-0:3.11.374-1.git.0.3abd2a5.el7.ppc64le",
                  "product_id": "prometheus-alertmanager-0:3.11.374-1.git.0.3abd2a5.el7.ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/prometheus-alertmanager@3.11.374-1.git.0.3abd2a5.el7?arch=ppc64le"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "atomic-openshift-node-problem-detector-0:3.11.374-1.git.263.28335fb.el7.ppc64le",
                "product": {
                  "name": "atomic-openshift-node-problem-detector-0:3.11.374-1.git.263.28335fb.el7.ppc64le",
                  "product_id": "atomic-openshift-node-problem-detector-0:3.11.374-1.git.263.28335fb.el7.ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/atomic-openshift-node-problem-detector@3.11.374-1.git.263.28335fb.el7?arch=ppc64le"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "atomic-enterprise-service-catalog-1:3.11.374-1.git.1675.738abcc.el7.ppc64le",
                "product": {
                  "name": "atomic-enterprise-service-catalog-1:3.11.374-1.git.1675.738abcc.el7.ppc64le",
                  "product_id": "atomic-enterprise-service-catalog-1:3.11.374-1.git.1675.738abcc.el7.ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/atomic-enterprise-service-catalog@3.11.374-1.git.1675.738abcc.el7?arch=ppc64le\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "atomic-enterprise-service-catalog-svcat-1:3.11.374-1.git.1675.738abcc.el7.ppc64le",
                "product": {
                  "name": "atomic-enterprise-service-catalog-svcat-1:3.11.374-1.git.1675.738abcc.el7.ppc64le",
                  "product_id": "atomic-enterprise-service-catalog-svcat-1:3.11.374-1.git.1675.738abcc.el7.ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/atomic-enterprise-service-catalog-svcat@3.11.374-1.git.1675.738abcc.el7?arch=ppc64le\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "golang-github-openshift-oauth-proxy-0:3.11.374-1.git.439.966c536.el7.ppc64le",
                "product": {
                  "name": "golang-github-openshift-oauth-proxy-0:3.11.374-1.git.439.966c536.el7.ppc64le",
                  "product_id": "golang-github-openshift-oauth-proxy-0:3.11.374-1.git.439.966c536.el7.ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/golang-github-openshift-oauth-proxy@3.11.374-1.git.439.966c536.el7?arch=ppc64le"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "prometheus-0:3.11.374-1.git.5026.29379c4.el7.ppc64le",
                "product": {
                  "name": "prometheus-0:3.11.374-1.git.5026.29379c4.el7.ppc64le",
                  "product_id": "prometheus-0:3.11.374-1.git.5026.29379c4.el7.ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/prometheus@3.11.374-1.git.5026.29379c4.el7?arch=ppc64le"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "atomic-openshift-service-idler-0:3.11.374-1.git.15.523a1f7.el7.ppc64le",
                "product": {
                  "name": "atomic-openshift-service-idler-0:3.11.374-1.git.15.523a1f7.el7.ppc64le",
                  "product_id": "atomic-openshift-service-idler-0:3.11.374-1.git.15.523a1f7.el7.ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/atomic-openshift-service-idler@3.11.374-1.git.15.523a1f7.el7?arch=ppc64le"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openshift-enterprise-autoheal-0:3.11.374-1.git.218.9cf7939.el7.ppc64le",
                "product": {
                  "name": "openshift-enterprise-autoheal-0:3.11.374-1.git.218.9cf7939.el7.ppc64le",
                  "product_id": "openshift-enterprise-autoheal-0:3.11.374-1.git.218.9cf7939.el7.ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/openshift-enterprise-autoheal@3.11.374-1.git.218.9cf7939.el7?arch=ppc64le"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "atomic-openshift-web-console-0:3.11.374-1.git.647.9e78d83.el7.ppc64le",
                "product": {
                  "name": "atomic-openshift-web-console-0:3.11.374-1.git.647.9e78d83.el7.ppc64le",
                  "product_id": "atomic-openshift-web-console-0:3.11.374-1.git.647.9e78d83.el7.ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/atomic-openshift-web-console@3.11.374-1.git.647.9e78d83.el7?arch=ppc64le"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openshift-enterprise-cluster-capacity-0:3.11.374-1.git.379.80bd08f.el7.ppc64le",
                "product": {
                  "name": "openshift-enterprise-cluster-capacity-0:3.11.374-1.git.379.80bd08f.el7.ppc64le",
                  "product_id": "openshift-enterprise-cluster-capacity-0:3.11.374-1.git.379.80bd08f.el7.ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/openshift-enterprise-cluster-capacity@3.11.374-1.git.379.80bd08f.el7?arch=ppc64le"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "atomic-openshift-metrics-server-0:3.11.374-1.git.53.9df25a9.el7.ppc64le",
                "product": {
                  "name": "atomic-openshift-metrics-server-0:3.11.374-1.git.53.9df25a9.el7.ppc64le",
                  "product_id": "atomic-openshift-metrics-server-0:3.11.374-1.git.53.9df25a9.el7.ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/atomic-openshift-metrics-server@3.11.374-1.git.53.9df25a9.el7?arch=ppc64le"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "atomic-openshift-cluster-autoscaler-0:3.11.374-1.git.0.2996f62.el7.ppc64le",
                "product": {
                  "name": "atomic-openshift-cluster-autoscaler-0:3.11.374-1.git.0.2996f62.el7.ppc64le",
                  "product_id": "atomic-openshift-cluster-autoscaler-0:3.11.374-1.git.0.2996f62.el7.ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/atomic-openshift-cluster-autoscaler@3.11.374-1.git.0.2996f62.el7?arch=ppc64le"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "prometheus-node-exporter-0:3.11.374-1.git.1062.490d6d5.el7.ppc64le",
                "product": {
                  "name": "prometheus-node-exporter-0:3.11.374-1.git.1062.490d6d5.el7.ppc64le",
                  "product_id": "prometheus-node-exporter-0:3.11.374-1.git.1062.490d6d5.el7.ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/prometheus-node-exporter@3.11.374-1.git.1062.490d6d5.el7?arch=ppc64le"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "ppc64le"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "atomic-openshift-docker-excluder-0:3.11.374-1.git.0.ebd3ee9.el7.noarch",
                "product": {
                  "name": "atomic-openshift-docker-excluder-0:3.11.374-1.git.0.ebd3ee9.el7.noarch",
                  "product_id": "atomic-openshift-docker-excluder-0:3.11.374-1.git.0.ebd3ee9.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/atomic-openshift-docker-excluder@3.11.374-1.git.0.ebd3ee9.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "atomic-openshift-excluder-0:3.11.374-1.git.0.ebd3ee9.el7.noarch",
                "product": {
                  "name": "atomic-openshift-excluder-0:3.11.374-1.git.0.ebd3ee9.el7.noarch",
                  "product_id": "atomic-openshift-excluder-0:3.11.374-1.git.0.ebd3ee9.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/atomic-openshift-excluder@3.11.374-1.git.0.ebd3ee9.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openshift-kuryr-cni-0:3.11.374-1.git.1478.ef11824.el7.noarch",
                "product": {
                  "name": "openshift-kuryr-cni-0:3.11.374-1.git.1478.ef11824.el7.noarch",
                  "product_id": "openshift-kuryr-cni-0:3.11.374-1.git.1478.ef11824.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/openshift-kuryr-cni@3.11.374-1.git.1478.ef11824.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openshift-kuryr-common-0:3.11.374-1.git.1478.ef11824.el7.noarch",
                "product": {
                  "name": "openshift-kuryr-common-0:3.11.374-1.git.1478.ef11824.el7.noarch",
                  "product_id": "openshift-kuryr-common-0:3.11.374-1.git.1478.ef11824.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/openshift-kuryr-common@3.11.374-1.git.1478.ef11824.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openshift-kuryr-controller-0:3.11.374-1.git.1478.ef11824.el7.noarch",
                "product": {
                  "name": "openshift-kuryr-controller-0:3.11.374-1.git.1478.ef11824.el7.noarch",
                  "product_id": "openshift-kuryr-controller-0:3.11.374-1.git.1478.ef11824.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/openshift-kuryr-controller@3.11.374-1.git.1478.ef11824.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "python2-kuryr-kubernetes-0:3.11.374-1.git.1478.ef11824.el7.noarch",
                "product": {
                  "name": "python2-kuryr-kubernetes-0:3.11.374-1.git.1478.ef11824.el7.noarch",
                  "product_id": "python2-kuryr-kubernetes-0:3.11.374-1.git.1478.ef11824.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/python2-kuryr-kubernetes@3.11.374-1.git.1478.ef11824.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openshift-ansible-0:3.11.374-1.git.0.92f5956.el7.noarch",
                "product": {
                  "name": "openshift-ansible-0:3.11.374-1.git.0.92f5956.el7.noarch",
                  "product_id": "openshift-ansible-0:3.11.374-1.git.0.92f5956.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/openshift-ansible@3.11.374-1.git.0.92f5956.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openshift-ansible-docs-0:3.11.374-1.git.0.92f5956.el7.noarch",
                "product": {
                  "name": "openshift-ansible-docs-0:3.11.374-1.git.0.92f5956.el7.noarch",
                  "product_id": "openshift-ansible-docs-0:3.11.374-1.git.0.92f5956.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/openshift-ansible-docs@3.11.374-1.git.0.92f5956.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openshift-ansible-playbooks-0:3.11.374-1.git.0.92f5956.el7.noarch",
                "product": {
                  "name": "openshift-ansible-playbooks-0:3.11.374-1.git.0.92f5956.el7.noarch",
                  "product_id": "openshift-ansible-playbooks-0:3.11.374-1.git.0.92f5956.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/openshift-ansible-playbooks@3.11.374-1.git.0.92f5956.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openshift-ansible-roles-0:3.11.374-1.git.0.92f5956.el7.noarch",
                "product": {
                  "name": "openshift-ansible-roles-0:3.11.374-1.git.0.92f5956.el7.noarch",
                  "product_id": "openshift-ansible-roles-0:3.11.374-1.git.0.92f5956.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/openshift-ansible-roles@3.11.374-1.git.0.92f5956.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "openshift-ansible-test-0:3.11.374-1.git.0.92f5956.el7.noarch",
                "product": {
                  "name": "openshift-ansible-test-0:3.11.374-1.git.0.92f5956.el7.noarch",
                  "product_id": "openshift-ansible-test-0:3.11.374-1.git.0.92f5956.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/openshift-ansible-test@3.11.374-1.git.0.92f5956.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "python2-urllib3-0:1.26.2-1.el7.noarch",
                "product": {
                  "name": "python2-urllib3-0:1.26.2-1.el7.noarch",
                  "product_id": "python2-urllib3-0:1.26.2-1.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/python2-urllib3@1.26.2-1.el7?arch=noarch"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "noarch"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "atomic-enterprise-service-catalog-1:3.11.374-1.git.1675.738abcc.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11",
          "product_id": "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.374-1.git.1675.738abcc.el7.ppc64le"
        },
        "product_reference": "atomic-enterprise-service-catalog-1:3.11.374-1.git.1675.738abcc.el7.ppc64le",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "atomic-enterprise-service-catalog-1:3.11.374-1.git.1675.738abcc.el7.src as a component of Red Hat OpenShift Container Platform 3.11",
          "product_id": "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.374-1.git.1675.738abcc.el7.src"
        },
        "product_reference": "atomic-enterprise-service-catalog-1:3.11.374-1.git.1675.738abcc.el7.src",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "atomic-enterprise-service-catalog-1:3.11.374-1.git.1675.738abcc.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11",
          "product_id": "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.374-1.git.1675.738abcc.el7.x86_64"
        },
        "product_reference": "atomic-enterprise-service-catalog-1:3.11.374-1.git.1675.738abcc.el7.x86_64",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "atomic-enterprise-service-catalog-svcat-1:3.11.374-1.git.1675.738abcc.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11",
          "product_id": "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.374-1.git.1675.738abcc.el7.ppc64le"
        },
        "product_reference": "atomic-enterprise-service-catalog-svcat-1:3.11.374-1.git.1675.738abcc.el7.ppc64le",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "atomic-enterprise-service-catalog-svcat-1:3.11.374-1.git.1675.738abcc.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11",
          "product_id": "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.374-1.git.1675.738abcc.el7.x86_64"
        },
        "product_reference": "atomic-enterprise-service-catalog-svcat-1:3.11.374-1.git.1675.738abcc.el7.x86_64",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "atomic-openshift-0:3.11.374-1.git.0.ebd3ee9.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11",
          "product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.374-1.git.0.ebd3ee9.el7.ppc64le"
        },
        "product_reference": "atomic-openshift-0:3.11.374-1.git.0.ebd3ee9.el7.ppc64le",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "atomic-openshift-0:3.11.374-1.git.0.ebd3ee9.el7.src as a component of Red Hat OpenShift Container Platform 3.11",
          "product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.374-1.git.0.ebd3ee9.el7.src"
        },
        "product_reference": "atomic-openshift-0:3.11.374-1.git.0.ebd3ee9.el7.src",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "atomic-openshift-0:3.11.374-1.git.0.ebd3ee9.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11",
          "product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.374-1.git.0.ebd3ee9.el7.x86_64"
        },
        "product_reference": "atomic-openshift-0:3.11.374-1.git.0.ebd3ee9.el7.x86_64",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "atomic-openshift-clients-0:3.11.374-1.git.0.ebd3ee9.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11",
          "product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.374-1.git.0.ebd3ee9.el7.ppc64le"
        },
        "product_reference": "atomic-openshift-clients-0:3.11.374-1.git.0.ebd3ee9.el7.ppc64le",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "atomic-openshift-clients-0:3.11.374-1.git.0.ebd3ee9.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11",
          "product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.374-1.git.0.ebd3ee9.el7.x86_64"
        },
        "product_reference": "atomic-openshift-clients-0:3.11.374-1.git.0.ebd3ee9.el7.x86_64",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "atomic-openshift-clients-redistributable-0:3.11.374-1.git.0.ebd3ee9.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11",
          "product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.374-1.git.0.ebd3ee9.el7.x86_64"
        },
        "product_reference": "atomic-openshift-clients-redistributable-0:3.11.374-1.git.0.ebd3ee9.el7.x86_64",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "atomic-openshift-cluster-autoscaler-0:3.11.374-1.git.0.2996f62.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11",
          "product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.374-1.git.0.2996f62.el7.ppc64le"
        },
        "product_reference": "atomic-openshift-cluster-autoscaler-0:3.11.374-1.git.0.2996f62.el7.ppc64le",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "atomic-openshift-cluster-autoscaler-0:3.11.374-1.git.0.2996f62.el7.src as a component of Red Hat OpenShift Container Platform 3.11",
          "product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.374-1.git.0.2996f62.el7.src"
        },
        "product_reference": "atomic-openshift-cluster-autoscaler-0:3.11.374-1.git.0.2996f62.el7.src",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "atomic-openshift-cluster-autoscaler-0:3.11.374-1.git.0.2996f62.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11",
          "product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.374-1.git.0.2996f62.el7.x86_64"
        },
        "product_reference": "atomic-openshift-cluster-autoscaler-0:3.11.374-1.git.0.2996f62.el7.x86_64",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "atomic-openshift-descheduler-0:3.11.374-1.git.299.f128e96.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11",
          "product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.374-1.git.299.f128e96.el7.ppc64le"
        },
        "product_reference": "atomic-openshift-descheduler-0:3.11.374-1.git.299.f128e96.el7.ppc64le",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "atomic-openshift-descheduler-0:3.11.374-1.git.299.f128e96.el7.src as a component of Red Hat OpenShift Container Platform 3.11",
          "product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.374-1.git.299.f128e96.el7.src"
        },
        "product_reference": "atomic-openshift-descheduler-0:3.11.374-1.git.299.f128e96.el7.src",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "atomic-openshift-descheduler-0:3.11.374-1.git.299.f128e96.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11",
          "product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.374-1.git.299.f128e96.el7.x86_64"
        },
        "product_reference": "atomic-openshift-descheduler-0:3.11.374-1.git.299.f128e96.el7.x86_64",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "atomic-openshift-docker-excluder-0:3.11.374-1.git.0.ebd3ee9.el7.noarch as a component of Red Hat OpenShift Container Platform 3.11",
          "product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.374-1.git.0.ebd3ee9.el7.noarch"
        },
        "product_reference": "atomic-openshift-docker-excluder-0:3.11.374-1.git.0.ebd3ee9.el7.noarch",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "atomic-openshift-dockerregistry-0:3.11.374-1.git.481.e6a880c.el7.src as a component of Red Hat OpenShift Container Platform 3.11",
          "product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.374-1.git.481.e6a880c.el7.src"
        },
        "product_reference": "atomic-openshift-dockerregistry-0:3.11.374-1.git.481.e6a880c.el7.src",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "atomic-openshift-dockerregistry-0:3.11.374-1.git.481.e6a880c.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11",
          "product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.374-1.git.481.e6a880c.el7.x86_64"
        },
        "product_reference": "atomic-openshift-dockerregistry-0:3.11.374-1.git.481.e6a880c.el7.x86_64",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "atomic-openshift-excluder-0:3.11.374-1.git.0.ebd3ee9.el7.noarch as a component of Red Hat OpenShift Container Platform 3.11",
          "product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.374-1.git.0.ebd3ee9.el7.noarch"
        },
        "product_reference": "atomic-openshift-excluder-0:3.11.374-1.git.0.ebd3ee9.el7.noarch",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "atomic-openshift-hyperkube-0:3.11.374-1.git.0.ebd3ee9.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11",
          "product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.374-1.git.0.ebd3ee9.el7.ppc64le"
        },
        "product_reference": "atomic-openshift-hyperkube-0:3.11.374-1.git.0.ebd3ee9.el7.ppc64le",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "atomic-openshift-hyperkube-0:3.11.374-1.git.0.ebd3ee9.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11",
          "product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.374-1.git.0.ebd3ee9.el7.x86_64"
        },
        "product_reference": "atomic-openshift-hyperkube-0:3.11.374-1.git.0.ebd3ee9.el7.x86_64",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "atomic-openshift-hypershift-0:3.11.374-1.git.0.ebd3ee9.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11",
          "product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.374-1.git.0.ebd3ee9.el7.ppc64le"
        },
        "product_reference": "atomic-openshift-hypershift-0:3.11.374-1.git.0.ebd3ee9.el7.ppc64le",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "atomic-openshift-hypershift-0:3.11.374-1.git.0.ebd3ee9.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11",
          "product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.374-1.git.0.ebd3ee9.el7.x86_64"
        },
        "product_reference": "atomic-openshift-hypershift-0:3.11.374-1.git.0.ebd3ee9.el7.x86_64",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "atomic-openshift-master-0:3.11.374-1.git.0.ebd3ee9.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11",
          "product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.374-1.git.0.ebd3ee9.el7.ppc64le"
        },
        "product_reference": "atomic-openshift-master-0:3.11.374-1.git.0.ebd3ee9.el7.ppc64le",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "atomic-openshift-master-0:3.11.374-1.git.0.ebd3ee9.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11",
          "product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.374-1.git.0.ebd3ee9.el7.x86_64"
        },
        "product_reference": "atomic-openshift-master-0:3.11.374-1.git.0.ebd3ee9.el7.x86_64",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "atomic-openshift-metrics-server-0:3.11.374-1.git.53.9df25a9.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11",
          "product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.374-1.git.53.9df25a9.el7.ppc64le"
        },
        "product_reference": "atomic-openshift-metrics-server-0:3.11.374-1.git.53.9df25a9.el7.ppc64le",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "atomic-openshift-metrics-server-0:3.11.374-1.git.53.9df25a9.el7.src as a component of Red Hat OpenShift Container Platform 3.11",
          "product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.374-1.git.53.9df25a9.el7.src"
        },
        "product_reference": "atomic-openshift-metrics-server-0:3.11.374-1.git.53.9df25a9.el7.src",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "atomic-openshift-metrics-server-0:3.11.374-1.git.53.9df25a9.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11",
          "product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.374-1.git.53.9df25a9.el7.x86_64"
        },
        "product_reference": "atomic-openshift-metrics-server-0:3.11.374-1.git.53.9df25a9.el7.x86_64",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "atomic-openshift-node-0:3.11.374-1.git.0.ebd3ee9.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11",
          "product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.374-1.git.0.ebd3ee9.el7.ppc64le"
        },
        "product_reference": "atomic-openshift-node-0:3.11.374-1.git.0.ebd3ee9.el7.ppc64le",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "atomic-openshift-node-0:3.11.374-1.git.0.ebd3ee9.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11",
          "product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.374-1.git.0.ebd3ee9.el7.x86_64"
        },
        "product_reference": "atomic-openshift-node-0:3.11.374-1.git.0.ebd3ee9.el7.x86_64",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "atomic-openshift-node-problem-detector-0:3.11.374-1.git.263.28335fb.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11",
          "product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.374-1.git.263.28335fb.el7.ppc64le"
        },
        "product_reference": "atomic-openshift-node-problem-detector-0:3.11.374-1.git.263.28335fb.el7.ppc64le",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "atomic-openshift-node-problem-detector-0:3.11.374-1.git.263.28335fb.el7.src as a component of Red Hat OpenShift Container Platform 3.11",
          "product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.374-1.git.263.28335fb.el7.src"
        },
        "product_reference": "atomic-openshift-node-problem-detector-0:3.11.374-1.git.263.28335fb.el7.src",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "atomic-openshift-node-problem-detector-0:3.11.374-1.git.263.28335fb.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11",
          "product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.374-1.git.263.28335fb.el7.x86_64"
        },
        "product_reference": "atomic-openshift-node-problem-detector-0:3.11.374-1.git.263.28335fb.el7.x86_64",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "atomic-openshift-pod-0:3.11.374-1.git.0.ebd3ee9.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11",
          "product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.374-1.git.0.ebd3ee9.el7.ppc64le"
        },
        "product_reference": "atomic-openshift-pod-0:3.11.374-1.git.0.ebd3ee9.el7.ppc64le",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "atomic-openshift-pod-0:3.11.374-1.git.0.ebd3ee9.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11",
          "product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.374-1.git.0.ebd3ee9.el7.x86_64"
        },
        "product_reference": "atomic-openshift-pod-0:3.11.374-1.git.0.ebd3ee9.el7.x86_64",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "atomic-openshift-sdn-ovs-0:3.11.374-1.git.0.ebd3ee9.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11",
          "product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.374-1.git.0.ebd3ee9.el7.ppc64le"
        },
        "product_reference": "atomic-openshift-sdn-ovs-0:3.11.374-1.git.0.ebd3ee9.el7.ppc64le",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "atomic-openshift-sdn-ovs-0:3.11.374-1.git.0.ebd3ee9.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11",
          "product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.374-1.git.0.ebd3ee9.el7.x86_64"
        },
        "product_reference": "atomic-openshift-sdn-ovs-0:3.11.374-1.git.0.ebd3ee9.el7.x86_64",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "atomic-openshift-service-idler-0:3.11.374-1.git.15.523a1f7.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11",
          "product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.374-1.git.15.523a1f7.el7.ppc64le"
        },
        "product_reference": "atomic-openshift-service-idler-0:3.11.374-1.git.15.523a1f7.el7.ppc64le",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "atomic-openshift-service-idler-0:3.11.374-1.git.15.523a1f7.el7.src as a component of Red Hat OpenShift Container Platform 3.11",
          "product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.374-1.git.15.523a1f7.el7.src"
        },
        "product_reference": "atomic-openshift-service-idler-0:3.11.374-1.git.15.523a1f7.el7.src",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "atomic-openshift-service-idler-0:3.11.374-1.git.15.523a1f7.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11",
          "product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.374-1.git.15.523a1f7.el7.x86_64"
        },
        "product_reference": "atomic-openshift-service-idler-0:3.11.374-1.git.15.523a1f7.el7.x86_64",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "atomic-openshift-template-service-broker-0:3.11.374-1.git.0.ebd3ee9.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11",
          "product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.374-1.git.0.ebd3ee9.el7.ppc64le"
        },
        "product_reference": "atomic-openshift-template-service-broker-0:3.11.374-1.git.0.ebd3ee9.el7.ppc64le",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "atomic-openshift-template-service-broker-0:3.11.374-1.git.0.ebd3ee9.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11",
          "product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.374-1.git.0.ebd3ee9.el7.x86_64"
        },
        "product_reference": "atomic-openshift-template-service-broker-0:3.11.374-1.git.0.ebd3ee9.el7.x86_64",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "atomic-openshift-tests-0:3.11.374-1.git.0.ebd3ee9.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11",
          "product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.374-1.git.0.ebd3ee9.el7.ppc64le"
        },
        "product_reference": "atomic-openshift-tests-0:3.11.374-1.git.0.ebd3ee9.el7.ppc64le",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "atomic-openshift-tests-0:3.11.374-1.git.0.ebd3ee9.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11",
          "product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.374-1.git.0.ebd3ee9.el7.x86_64"
        },
        "product_reference": "atomic-openshift-tests-0:3.11.374-1.git.0.ebd3ee9.el7.x86_64",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "atomic-openshift-web-console-0:3.11.374-1.git.647.9e78d83.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11",
          "product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.374-1.git.647.9e78d83.el7.ppc64le"
        },
        "product_reference": "atomic-openshift-web-console-0:3.11.374-1.git.647.9e78d83.el7.ppc64le",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "atomic-openshift-web-console-0:3.11.374-1.git.647.9e78d83.el7.src as a component of Red Hat OpenShift Container Platform 3.11",
          "product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.374-1.git.647.9e78d83.el7.src"
        },
        "product_reference": "atomic-openshift-web-console-0:3.11.374-1.git.647.9e78d83.el7.src",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "atomic-openshift-web-console-0:3.11.374-1.git.647.9e78d83.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11",
          "product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.374-1.git.647.9e78d83.el7.x86_64"
        },
        "product_reference": "atomic-openshift-web-console-0:3.11.374-1.git.647.9e78d83.el7.x86_64",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "golang-github-openshift-oauth-proxy-0:3.11.374-1.git.439.966c536.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11",
          "product_id": "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.374-1.git.439.966c536.el7.ppc64le"
        },
        "product_reference": "golang-github-openshift-oauth-proxy-0:3.11.374-1.git.439.966c536.el7.ppc64le",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "golang-github-openshift-oauth-proxy-0:3.11.374-1.git.439.966c536.el7.src as a component of Red Hat OpenShift Container Platform 3.11",
          "product_id": "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.374-1.git.439.966c536.el7.src"
        },
        "product_reference": "golang-github-openshift-oauth-proxy-0:3.11.374-1.git.439.966c536.el7.src",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "golang-github-openshift-oauth-proxy-0:3.11.374-1.git.439.966c536.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11",
          "product_id": "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.374-1.git.439.966c536.el7.x86_64"
        },
        "product_reference": "golang-github-openshift-oauth-proxy-0:3.11.374-1.git.439.966c536.el7.x86_64",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "golang-github-prometheus-alertmanager-0:3.11.374-1.git.0.3abd2a5.el7.src as a component of Red Hat OpenShift Container Platform 3.11",
          "product_id": "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.374-1.git.0.3abd2a5.el7.src"
        },
        "product_reference": "golang-github-prometheus-alertmanager-0:3.11.374-1.git.0.3abd2a5.el7.src",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "golang-github-prometheus-node_exporter-0:3.11.374-1.git.1062.490d6d5.el7.src as a component of Red Hat OpenShift Container Platform 3.11",
          "product_id": "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.374-1.git.1062.490d6d5.el7.src"
        },
        "product_reference": "golang-github-prometheus-node_exporter-0:3.11.374-1.git.1062.490d6d5.el7.src",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "golang-github-prometheus-prometheus-0:3.11.374-1.git.5026.29379c4.el7.src as a component of Red Hat OpenShift Container Platform 3.11",
          "product_id": "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.374-1.git.5026.29379c4.el7.src"
        },
        "product_reference": "golang-github-prometheus-prometheus-0:3.11.374-1.git.5026.29379c4.el7.src",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift-ansible-0:3.11.374-1.git.0.92f5956.el7.noarch as a component of Red Hat OpenShift Container Platform 3.11",
          "product_id": "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.374-1.git.0.92f5956.el7.noarch"
        },
        "product_reference": "openshift-ansible-0:3.11.374-1.git.0.92f5956.el7.noarch",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift-ansible-0:3.11.374-1.git.0.92f5956.el7.src as a component of Red Hat OpenShift Container Platform 3.11",
          "product_id": "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.374-1.git.0.92f5956.el7.src"
        },
        "product_reference": "openshift-ansible-0:3.11.374-1.git.0.92f5956.el7.src",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift-ansible-docs-0:3.11.374-1.git.0.92f5956.el7.noarch as a component of Red Hat OpenShift Container Platform 3.11",
          "product_id": "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.374-1.git.0.92f5956.el7.noarch"
        },
        "product_reference": "openshift-ansible-docs-0:3.11.374-1.git.0.92f5956.el7.noarch",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift-ansible-playbooks-0:3.11.374-1.git.0.92f5956.el7.noarch as a component of Red Hat OpenShift Container Platform 3.11",
          "product_id": "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.374-1.git.0.92f5956.el7.noarch"
        },
        "product_reference": "openshift-ansible-playbooks-0:3.11.374-1.git.0.92f5956.el7.noarch",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift-ansible-roles-0:3.11.374-1.git.0.92f5956.el7.noarch as a component of Red Hat OpenShift Container Platform 3.11",
          "product_id": "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.374-1.git.0.92f5956.el7.noarch"
        },
        "product_reference": "openshift-ansible-roles-0:3.11.374-1.git.0.92f5956.el7.noarch",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift-ansible-test-0:3.11.374-1.git.0.92f5956.el7.noarch as a component of Red Hat OpenShift Container Platform 3.11",
          "product_id": "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.374-1.git.0.92f5956.el7.noarch"
        },
        "product_reference": "openshift-ansible-test-0:3.11.374-1.git.0.92f5956.el7.noarch",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift-enterprise-autoheal-0:3.11.374-1.git.218.9cf7939.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11",
          "product_id": "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.374-1.git.218.9cf7939.el7.ppc64le"
        },
        "product_reference": "openshift-enterprise-autoheal-0:3.11.374-1.git.218.9cf7939.el7.ppc64le",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift-enterprise-autoheal-0:3.11.374-1.git.218.9cf7939.el7.src as a component of Red Hat OpenShift Container Platform 3.11",
          "product_id": "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.374-1.git.218.9cf7939.el7.src"
        },
        "product_reference": "openshift-enterprise-autoheal-0:3.11.374-1.git.218.9cf7939.el7.src",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift-enterprise-autoheal-0:3.11.374-1.git.218.9cf7939.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11",
          "product_id": "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.374-1.git.218.9cf7939.el7.x86_64"
        },
        "product_reference": "openshift-enterprise-autoheal-0:3.11.374-1.git.218.9cf7939.el7.x86_64",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift-enterprise-cluster-capacity-0:3.11.374-1.git.379.80bd08f.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11",
          "product_id": "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.374-1.git.379.80bd08f.el7.ppc64le"
        },
        "product_reference": "openshift-enterprise-cluster-capacity-0:3.11.374-1.git.379.80bd08f.el7.ppc64le",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift-enterprise-cluster-capacity-0:3.11.374-1.git.379.80bd08f.el7.src as a component of Red Hat OpenShift Container Platform 3.11",
          "product_id": "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.374-1.git.379.80bd08f.el7.src"
        },
        "product_reference": "openshift-enterprise-cluster-capacity-0:3.11.374-1.git.379.80bd08f.el7.src",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift-enterprise-cluster-capacity-0:3.11.374-1.git.379.80bd08f.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11",
          "product_id": "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.374-1.git.379.80bd08f.el7.x86_64"
        },
        "product_reference": "openshift-enterprise-cluster-capacity-0:3.11.374-1.git.379.80bd08f.el7.x86_64",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift-kuryr-0:3.11.374-1.git.1478.ef11824.el7.src as a component of Red Hat OpenShift Container Platform 3.11",
          "product_id": "7Server-RH7-RHOSE-3.11:openshift-kuryr-0:3.11.374-1.git.1478.ef11824.el7.src"
        },
        "product_reference": "openshift-kuryr-0:3.11.374-1.git.1478.ef11824.el7.src",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift-kuryr-cni-0:3.11.374-1.git.1478.ef11824.el7.noarch as a component of Red Hat OpenShift Container Platform 3.11",
          "product_id": "7Server-RH7-RHOSE-3.11:openshift-kuryr-cni-0:3.11.374-1.git.1478.ef11824.el7.noarch"
        },
        "product_reference": "openshift-kuryr-cni-0:3.11.374-1.git.1478.ef11824.el7.noarch",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift-kuryr-common-0:3.11.374-1.git.1478.ef11824.el7.noarch as a component of Red Hat OpenShift Container Platform 3.11",
          "product_id": "7Server-RH7-RHOSE-3.11:openshift-kuryr-common-0:3.11.374-1.git.1478.ef11824.el7.noarch"
        },
        "product_reference": "openshift-kuryr-common-0:3.11.374-1.git.1478.ef11824.el7.noarch",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "openshift-kuryr-controller-0:3.11.374-1.git.1478.ef11824.el7.noarch as a component of Red Hat OpenShift Container Platform 3.11",
          "product_id": "7Server-RH7-RHOSE-3.11:openshift-kuryr-controller-0:3.11.374-1.git.1478.ef11824.el7.noarch"
        },
        "product_reference": "openshift-kuryr-controller-0:3.11.374-1.git.1478.ef11824.el7.noarch",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "prometheus-0:3.11.374-1.git.5026.29379c4.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11",
          "product_id": "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.374-1.git.5026.29379c4.el7.ppc64le"
        },
        "product_reference": "prometheus-0:3.11.374-1.git.5026.29379c4.el7.ppc64le",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "prometheus-0:3.11.374-1.git.5026.29379c4.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11",
          "product_id": "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.374-1.git.5026.29379c4.el7.x86_64"
        },
        "product_reference": "prometheus-0:3.11.374-1.git.5026.29379c4.el7.x86_64",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "prometheus-alertmanager-0:3.11.374-1.git.0.3abd2a5.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11",
          "product_id": "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.374-1.git.0.3abd2a5.el7.ppc64le"
        },
        "product_reference": "prometheus-alertmanager-0:3.11.374-1.git.0.3abd2a5.el7.ppc64le",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "prometheus-alertmanager-0:3.11.374-1.git.0.3abd2a5.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11",
          "product_id": "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.374-1.git.0.3abd2a5.el7.x86_64"
        },
        "product_reference": "prometheus-alertmanager-0:3.11.374-1.git.0.3abd2a5.el7.x86_64",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "prometheus-node-exporter-0:3.11.374-1.git.1062.490d6d5.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11",
          "product_id": "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.374-1.git.1062.490d6d5.el7.ppc64le"
        },
        "product_reference": "prometheus-node-exporter-0:3.11.374-1.git.1062.490d6d5.el7.ppc64le",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "prometheus-node-exporter-0:3.11.374-1.git.1062.490d6d5.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11",
          "product_id": "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.374-1.git.1062.490d6d5.el7.x86_64"
        },
        "product_reference": "prometheus-node-exporter-0:3.11.374-1.git.1062.490d6d5.el7.x86_64",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "python-urllib3-0:1.26.2-1.el7.src as a component of Red Hat OpenShift Container Platform 3.11",
          "product_id": "7Server-RH7-RHOSE-3.11:python-urllib3-0:1.26.2-1.el7.src"
        },
        "product_reference": "python-urllib3-0:1.26.2-1.el7.src",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "python2-kuryr-kubernetes-0:3.11.374-1.git.1478.ef11824.el7.noarch as a component of Red Hat OpenShift Container Platform 3.11",
          "product_id": "7Server-RH7-RHOSE-3.11:python2-kuryr-kubernetes-0:3.11.374-1.git.1478.ef11824.el7.noarch"
        },
        "product_reference": "python2-kuryr-kubernetes-0:3.11.374-1.git.1478.ef11824.el7.noarch",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "python2-urllib3-0:1.26.2-1.el7.noarch as a component of Red Hat OpenShift Container Platform 3.11",
          "product_id": "7Server-RH7-RHOSE-3.11:python2-urllib3-0:1.26.2-1.el7.noarch"
        },
        "product_reference": "python2-urllib3-0:1.26.2-1.el7.noarch",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2019-11840",
      "cwe": {
        "id": "CWE-330",
        "name": "Use of Insufficiently Random Values"
      },
      "discovery_date": "2019-03-21T00:00:00+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.374-1.git.0.92f5956.el7.noarch",
            "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.374-1.git.0.92f5956.el7.src",
            "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.374-1.git.0.92f5956.el7.noarch",
            "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.374-1.git.0.92f5956.el7.noarch",
            "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.374-1.git.0.92f5956.el7.noarch",
            "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.374-1.git.0.92f5956.el7.noarch",
            "7Server-RH7-RHOSE-3.11:openshift-kuryr-0:3.11.374-1.git.1478.ef11824.el7.src",
            "7Server-RH7-RHOSE-3.11:openshift-kuryr-cni-0:3.11.374-1.git.1478.ef11824.el7.noarch",
            "7Server-RH7-RHOSE-3.11:openshift-kuryr-common-0:3.11.374-1.git.1478.ef11824.el7.noarch",
            "7Server-RH7-RHOSE-3.11:openshift-kuryr-controller-0:3.11.374-1.git.1478.ef11824.el7.noarch",
            "7Server-RH7-RHOSE-3.11:python-urllib3-0:1.26.2-1.el7.src",
            "7Server-RH7-RHOSE-3.11:python2-kuryr-kubernetes-0:3.11.374-1.git.1478.ef11824.el7.noarch",
            "7Server-RH7-RHOSE-3.11:python2-urllib3-0:1.26.2-1.el7.noarch"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1691529"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "No description is available for this CVE.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "golang.org/x/crypto: Keystream loop in amd64 assembly when overflowing 32-bit counter",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.374-1.git.1675.738abcc.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.374-1.git.1675.738abcc.el7.src",
          "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.374-1.git.1675.738abcc.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.374-1.git.1675.738abcc.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.374-1.git.1675.738abcc.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.374-1.git.0.ebd3ee9.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.374-1.git.0.ebd3ee9.el7.src",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.374-1.git.0.ebd3ee9.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.374-1.git.0.ebd3ee9.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.374-1.git.0.ebd3ee9.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.374-1.git.0.ebd3ee9.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.374-1.git.0.2996f62.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.374-1.git.0.2996f62.el7.src",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.374-1.git.0.2996f62.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.374-1.git.299.f128e96.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.374-1.git.299.f128e96.el7.src",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.374-1.git.299.f128e96.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.374-1.git.0.ebd3ee9.el7.noarch",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.374-1.git.481.e6a880c.el7.src",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.374-1.git.481.e6a880c.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.374-1.git.0.ebd3ee9.el7.noarch",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.374-1.git.0.ebd3ee9.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.374-1.git.0.ebd3ee9.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.374-1.git.0.ebd3ee9.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.374-1.git.0.ebd3ee9.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.374-1.git.0.ebd3ee9.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.374-1.git.0.ebd3ee9.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.374-1.git.53.9df25a9.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.374-1.git.53.9df25a9.el7.src",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.374-1.git.53.9df25a9.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.374-1.git.0.ebd3ee9.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.374-1.git.0.ebd3ee9.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.374-1.git.263.28335fb.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.374-1.git.263.28335fb.el7.src",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.374-1.git.263.28335fb.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.374-1.git.0.ebd3ee9.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.374-1.git.0.ebd3ee9.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.374-1.git.0.ebd3ee9.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.374-1.git.0.ebd3ee9.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.374-1.git.15.523a1f7.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.374-1.git.15.523a1f7.el7.src",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.374-1.git.15.523a1f7.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.374-1.git.0.ebd3ee9.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.374-1.git.0.ebd3ee9.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.374-1.git.0.ebd3ee9.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.374-1.git.0.ebd3ee9.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.374-1.git.647.9e78d83.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.374-1.git.647.9e78d83.el7.src",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.374-1.git.647.9e78d83.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.374-1.git.439.966c536.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.374-1.git.439.966c536.el7.src",
          "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.374-1.git.439.966c536.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.374-1.git.0.3abd2a5.el7.src",
          "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.374-1.git.1062.490d6d5.el7.src",
          "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.374-1.git.5026.29379c4.el7.src",
          "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.374-1.git.218.9cf7939.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.374-1.git.218.9cf7939.el7.src",
          "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.374-1.git.218.9cf7939.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.374-1.git.379.80bd08f.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.374-1.git.379.80bd08f.el7.src",
          "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.374-1.git.379.80bd08f.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.374-1.git.5026.29379c4.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.374-1.git.5026.29379c4.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.374-1.git.0.3abd2a5.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.374-1.git.0.3abd2a5.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.374-1.git.1062.490d6d5.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.374-1.git.1062.490d6d5.el7.x86_64"
        ],
        "known_not_affected": [
          "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.374-1.git.0.92f5956.el7.noarch",
          "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.374-1.git.0.92f5956.el7.src",
          "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.374-1.git.0.92f5956.el7.noarch",
          "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.374-1.git.0.92f5956.el7.noarch",
          "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.374-1.git.0.92f5956.el7.noarch",
          "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.374-1.git.0.92f5956.el7.noarch",
          "7Server-RH7-RHOSE-3.11:openshift-kuryr-0:3.11.374-1.git.1478.ef11824.el7.src",
          "7Server-RH7-RHOSE-3.11:openshift-kuryr-cni-0:3.11.374-1.git.1478.ef11824.el7.noarch",
          "7Server-RH7-RHOSE-3.11:openshift-kuryr-common-0:3.11.374-1.git.1478.ef11824.el7.noarch",
          "7Server-RH7-RHOSE-3.11:openshift-kuryr-controller-0:3.11.374-1.git.1478.ef11824.el7.noarch",
          "7Server-RH7-RHOSE-3.11:python-urllib3-0:1.26.2-1.el7.src",
          "7Server-RH7-RHOSE-3.11:python2-kuryr-kubernetes-0:3.11.374-1.git.1478.ef11824.el7.noarch",
          "7Server-RH7-RHOSE-3.11:python2-urllib3-0:1.26.2-1.el7.noarch"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2019-11840"
        },
        {
          "category": "external",
          "summary": "RHBZ#1691529",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1691529"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2019-11840",
          "url": "https://www.cve.org/CVERecord?id=CVE-2019-11840"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-11840",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-11840"
        },
        {
          "category": "external",
          "summary": "https://groups.google.com/forum/#!msg/golang-announce/tjyNcJxb2vQ/n0NRBziSCAAJ",
          "url": "https://groups.google.com/forum/#!msg/golang-announce/tjyNcJxb2vQ/n0NRBziSCAAJ"
        }
      ],
      "release_date": "2019-03-20T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2021-01-20T16:54:28+00:00",
          "details": "See the following documentation, which will be updated shortly for release\n3.11.374, for important instructions on how to upgrade your cluster and fully\napply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/3.11/release_notes/ocp_3_11_release_notes.html\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/articles/11258.",
          "product_ids": [
            "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.374-1.git.1675.738abcc.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.374-1.git.1675.738abcc.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.374-1.git.1675.738abcc.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.374-1.git.1675.738abcc.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.374-1.git.1675.738abcc.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.374-1.git.0.ebd3ee9.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.374-1.git.0.ebd3ee9.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.374-1.git.0.ebd3ee9.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.374-1.git.0.ebd3ee9.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.374-1.git.0.ebd3ee9.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.374-1.git.0.ebd3ee9.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.374-1.git.0.2996f62.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.374-1.git.0.2996f62.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.374-1.git.0.2996f62.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.374-1.git.299.f128e96.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.374-1.git.299.f128e96.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.374-1.git.299.f128e96.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.374-1.git.0.ebd3ee9.el7.noarch",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.374-1.git.481.e6a880c.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.374-1.git.481.e6a880c.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.374-1.git.0.ebd3ee9.el7.noarch",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.374-1.git.0.ebd3ee9.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.374-1.git.0.ebd3ee9.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.374-1.git.0.ebd3ee9.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.374-1.git.0.ebd3ee9.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.374-1.git.0.ebd3ee9.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.374-1.git.0.ebd3ee9.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.374-1.git.53.9df25a9.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.374-1.git.53.9df25a9.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.374-1.git.53.9df25a9.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.374-1.git.0.ebd3ee9.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.374-1.git.0.ebd3ee9.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.374-1.git.263.28335fb.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.374-1.git.263.28335fb.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.374-1.git.263.28335fb.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.374-1.git.0.ebd3ee9.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.374-1.git.0.ebd3ee9.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.374-1.git.0.ebd3ee9.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.374-1.git.0.ebd3ee9.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.374-1.git.15.523a1f7.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.374-1.git.15.523a1f7.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.374-1.git.15.523a1f7.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.374-1.git.0.ebd3ee9.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.374-1.git.0.ebd3ee9.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.374-1.git.0.ebd3ee9.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.374-1.git.0.ebd3ee9.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.374-1.git.647.9e78d83.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.374-1.git.647.9e78d83.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.374-1.git.647.9e78d83.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.374-1.git.439.966c536.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.374-1.git.439.966c536.el7.src",
            "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.374-1.git.439.966c536.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.374-1.git.0.3abd2a5.el7.src",
            "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.374-1.git.1062.490d6d5.el7.src",
            "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.374-1.git.5026.29379c4.el7.src",
            "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.374-1.git.218.9cf7939.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.374-1.git.218.9cf7939.el7.src",
            "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.374-1.git.218.9cf7939.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.374-1.git.379.80bd08f.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.374-1.git.379.80bd08f.el7.src",
            "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.374-1.git.379.80bd08f.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.374-1.git.5026.29379c4.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.374-1.git.5026.29379c4.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.374-1.git.0.3abd2a5.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.374-1.git.0.3abd2a5.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.374-1.git.1062.490d6d5.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.374-1.git.1062.490d6d5.el7.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2021:0079"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.374-1.git.1675.738abcc.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.374-1.git.1675.738abcc.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.374-1.git.1675.738abcc.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.374-1.git.1675.738abcc.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.374-1.git.1675.738abcc.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.374-1.git.0.ebd3ee9.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.374-1.git.0.ebd3ee9.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.374-1.git.0.ebd3ee9.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.374-1.git.0.ebd3ee9.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.374-1.git.0.ebd3ee9.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.374-1.git.0.ebd3ee9.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.374-1.git.0.2996f62.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.374-1.git.0.2996f62.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.374-1.git.0.2996f62.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.374-1.git.299.f128e96.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.374-1.git.299.f128e96.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.374-1.git.299.f128e96.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.374-1.git.0.ebd3ee9.el7.noarch",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.374-1.git.481.e6a880c.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.374-1.git.481.e6a880c.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.374-1.git.0.ebd3ee9.el7.noarch",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.374-1.git.0.ebd3ee9.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.374-1.git.0.ebd3ee9.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.374-1.git.0.ebd3ee9.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.374-1.git.0.ebd3ee9.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.374-1.git.0.ebd3ee9.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.374-1.git.0.ebd3ee9.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.374-1.git.53.9df25a9.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.374-1.git.53.9df25a9.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.374-1.git.53.9df25a9.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.374-1.git.0.ebd3ee9.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.374-1.git.0.ebd3ee9.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.374-1.git.263.28335fb.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.374-1.git.263.28335fb.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.374-1.git.263.28335fb.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.374-1.git.0.ebd3ee9.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.374-1.git.0.ebd3ee9.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.374-1.git.0.ebd3ee9.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.374-1.git.0.ebd3ee9.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.374-1.git.15.523a1f7.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.374-1.git.15.523a1f7.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.374-1.git.15.523a1f7.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.374-1.git.0.ebd3ee9.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.374-1.git.0.ebd3ee9.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.374-1.git.0.ebd3ee9.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.374-1.git.0.ebd3ee9.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.374-1.git.647.9e78d83.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.374-1.git.647.9e78d83.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.374-1.git.647.9e78d83.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.374-1.git.439.966c536.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.374-1.git.439.966c536.el7.src",
            "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.374-1.git.439.966c536.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.374-1.git.0.3abd2a5.el7.src",
            "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.374-1.git.1062.490d6d5.el7.src",
            "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.374-1.git.5026.29379c4.el7.src",
            "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.374-1.git.0.92f5956.el7.noarch",
            "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.374-1.git.0.92f5956.el7.src",
            "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.374-1.git.0.92f5956.el7.noarch",
            "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.374-1.git.0.92f5956.el7.noarch",
            "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.374-1.git.0.92f5956.el7.noarch",
            "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.374-1.git.0.92f5956.el7.noarch",
            "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.374-1.git.218.9cf7939.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.374-1.git.218.9cf7939.el7.src",
            "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.374-1.git.218.9cf7939.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.374-1.git.379.80bd08f.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.374-1.git.379.80bd08f.el7.src",
            "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.374-1.git.379.80bd08f.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:openshift-kuryr-0:3.11.374-1.git.1478.ef11824.el7.src",
            "7Server-RH7-RHOSE-3.11:openshift-kuryr-cni-0:3.11.374-1.git.1478.ef11824.el7.noarch",
            "7Server-RH7-RHOSE-3.11:openshift-kuryr-common-0:3.11.374-1.git.1478.ef11824.el7.noarch",
            "7Server-RH7-RHOSE-3.11:openshift-kuryr-controller-0:3.11.374-1.git.1478.ef11824.el7.noarch",
            "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.374-1.git.5026.29379c4.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.374-1.git.5026.29379c4.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.374-1.git.0.3abd2a5.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.374-1.git.0.3abd2a5.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.374-1.git.1062.490d6d5.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.374-1.git.1062.490d6d5.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:python-urllib3-0:1.26.2-1.el7.src",
            "7Server-RH7-RHOSE-3.11:python2-kuryr-kubernetes-0:3.11.374-1.git.1478.ef11824.el7.noarch",
            "7Server-RH7-RHOSE-3.11:python2-urllib3-0:1.26.2-1.el7.noarch"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "golang.org/x/crypto: Keystream loop in amd64 assembly when overflowing 32-bit counter"
    },
    {
      "acknowledgments": [
        {
          "names": [
            "the Kubernetes Product Security Committee"
          ]
        },
        {
          "names": [
            "Etienne Champetier"
          ],
          "organization": "Anevia",
          "summary": "Acknowledged by upstream."
        }
      ],
      "cve": "CVE-2020-8554",
      "cwe": {
        "id": "CWE-200",
        "name": "Exposure of Sensitive Information to an Unauthorized Actor"
      },
      "discovery_date": "2020-10-22T00:00:00+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.374-1.git.1675.738abcc.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.374-1.git.1675.738abcc.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.374-1.git.1675.738abcc.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.374-1.git.1675.738abcc.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.374-1.git.1675.738abcc.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.374-1.git.0.2996f62.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.374-1.git.0.2996f62.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.374-1.git.0.2996f62.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.374-1.git.299.f128e96.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.374-1.git.299.f128e96.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.374-1.git.299.f128e96.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.374-1.git.481.e6a880c.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.374-1.git.481.e6a880c.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.374-1.git.53.9df25a9.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.374-1.git.53.9df25a9.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.374-1.git.53.9df25a9.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.374-1.git.263.28335fb.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.374-1.git.263.28335fb.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.374-1.git.263.28335fb.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.374-1.git.15.523a1f7.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.374-1.git.15.523a1f7.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.374-1.git.15.523a1f7.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.374-1.git.647.9e78d83.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.374-1.git.647.9e78d83.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.374-1.git.647.9e78d83.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.374-1.git.439.966c536.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.374-1.git.439.966c536.el7.src",
            "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.374-1.git.439.966c536.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.374-1.git.0.3abd2a5.el7.src",
            "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.374-1.git.1062.490d6d5.el7.src",
            "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.374-1.git.5026.29379c4.el7.src",
            "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.374-1.git.0.92f5956.el7.noarch",
            "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.374-1.git.0.92f5956.el7.src",
            "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.374-1.git.0.92f5956.el7.noarch",
            "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.374-1.git.0.92f5956.el7.noarch",
            "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.374-1.git.0.92f5956.el7.noarch",
            "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.374-1.git.0.92f5956.el7.noarch",
            "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.374-1.git.218.9cf7939.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.374-1.git.218.9cf7939.el7.src",
            "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.374-1.git.218.9cf7939.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.374-1.git.379.80bd08f.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.374-1.git.379.80bd08f.el7.src",
            "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.374-1.git.379.80bd08f.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:openshift-kuryr-0:3.11.374-1.git.1478.ef11824.el7.src",
            "7Server-RH7-RHOSE-3.11:openshift-kuryr-cni-0:3.11.374-1.git.1478.ef11824.el7.noarch",
            "7Server-RH7-RHOSE-3.11:openshift-kuryr-common-0:3.11.374-1.git.1478.ef11824.el7.noarch",
            "7Server-RH7-RHOSE-3.11:openshift-kuryr-controller-0:3.11.374-1.git.1478.ef11824.el7.noarch",
            "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.374-1.git.5026.29379c4.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.374-1.git.5026.29379c4.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.374-1.git.0.3abd2a5.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.374-1.git.0.3abd2a5.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.374-1.git.1062.490d6d5.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.374-1.git.1062.490d6d5.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:python-urllib3-0:1.26.2-1.el7.src",
            "7Server-RH7-RHOSE-3.11:python2-kuryr-kubernetes-0:3.11.374-1.git.1478.ef11824.el7.noarch",
            "7Server-RH7-RHOSE-3.11:python2-urllib3-0:1.26.2-1.el7.noarch"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1891051"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in kubernetes. If a potential attacker can already create or edit services and pods, then they may be able to intercept traffic from other pods (or nodes) in the cluster.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "kubernetes: MITM using LoadBalancer or ExternalIPs",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "OpenShift Container Platform (OCP) includes a builtin externalIP admission plugin, which restricts the use of Service eternalIPs to those configured by a cluster-admin. In OCP4 all externalIP ranges are disabled by default. In OCP 3.11, the default range is \"0.0.0.0/0\", which allows all IP addresses.\n\nThe second attack vector, via patching the Status of a LoadBalancer Service, is not possible unless permission to patch service/status is granted. OCP does not grant this permission to users who are not cluster-admins.\n\nOCP 4 is not affected by this vulnerability as it is secure by default. OCP 3.11 is affected, however the vulnerability can be by mitigated by configuring the builtin externalIP admission plugin.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.374-1.git.0.ebd3ee9.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.374-1.git.0.ebd3ee9.el7.src",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.374-1.git.0.ebd3ee9.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.374-1.git.0.ebd3ee9.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.374-1.git.0.ebd3ee9.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.374-1.git.0.ebd3ee9.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.374-1.git.0.ebd3ee9.el7.noarch",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.374-1.git.0.ebd3ee9.el7.noarch",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.374-1.git.0.ebd3ee9.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.374-1.git.0.ebd3ee9.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.374-1.git.0.ebd3ee9.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.374-1.git.0.ebd3ee9.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.374-1.git.0.ebd3ee9.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.374-1.git.0.ebd3ee9.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.374-1.git.0.ebd3ee9.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.374-1.git.0.ebd3ee9.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.374-1.git.0.ebd3ee9.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.374-1.git.0.ebd3ee9.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.374-1.git.0.ebd3ee9.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.374-1.git.0.ebd3ee9.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.374-1.git.0.ebd3ee9.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.374-1.git.0.ebd3ee9.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.374-1.git.0.ebd3ee9.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.374-1.git.0.ebd3ee9.el7.x86_64"
        ],
        "known_not_affected": [
          "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.374-1.git.1675.738abcc.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.374-1.git.1675.738abcc.el7.src",
          "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.374-1.git.1675.738abcc.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.374-1.git.1675.738abcc.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.374-1.git.1675.738abcc.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.374-1.git.0.2996f62.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.374-1.git.0.2996f62.el7.src",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.374-1.git.0.2996f62.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.374-1.git.299.f128e96.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.374-1.git.299.f128e96.el7.src",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.374-1.git.299.f128e96.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.374-1.git.481.e6a880c.el7.src",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.374-1.git.481.e6a880c.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.374-1.git.53.9df25a9.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.374-1.git.53.9df25a9.el7.src",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.374-1.git.53.9df25a9.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.374-1.git.263.28335fb.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.374-1.git.263.28335fb.el7.src",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.374-1.git.263.28335fb.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.374-1.git.15.523a1f7.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.374-1.git.15.523a1f7.el7.src",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.374-1.git.15.523a1f7.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.374-1.git.647.9e78d83.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.374-1.git.647.9e78d83.el7.src",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.374-1.git.647.9e78d83.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.374-1.git.439.966c536.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.374-1.git.439.966c536.el7.src",
          "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.374-1.git.439.966c536.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.374-1.git.0.3abd2a5.el7.src",
          "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.374-1.git.1062.490d6d5.el7.src",
          "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.374-1.git.5026.29379c4.el7.src",
          "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.374-1.git.0.92f5956.el7.noarch",
          "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.374-1.git.0.92f5956.el7.src",
          "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.374-1.git.0.92f5956.el7.noarch",
          "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.374-1.git.0.92f5956.el7.noarch",
          "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.374-1.git.0.92f5956.el7.noarch",
          "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.374-1.git.0.92f5956.el7.noarch",
          "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.374-1.git.218.9cf7939.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.374-1.git.218.9cf7939.el7.src",
          "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.374-1.git.218.9cf7939.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.374-1.git.379.80bd08f.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.374-1.git.379.80bd08f.el7.src",
          "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.374-1.git.379.80bd08f.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:openshift-kuryr-0:3.11.374-1.git.1478.ef11824.el7.src",
          "7Server-RH7-RHOSE-3.11:openshift-kuryr-cni-0:3.11.374-1.git.1478.ef11824.el7.noarch",
          "7Server-RH7-RHOSE-3.11:openshift-kuryr-common-0:3.11.374-1.git.1478.ef11824.el7.noarch",
          "7Server-RH7-RHOSE-3.11:openshift-kuryr-controller-0:3.11.374-1.git.1478.ef11824.el7.noarch",
          "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.374-1.git.5026.29379c4.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.374-1.git.5026.29379c4.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.374-1.git.0.3abd2a5.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.374-1.git.0.3abd2a5.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.374-1.git.1062.490d6d5.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.374-1.git.1062.490d6d5.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:python-urllib3-0:1.26.2-1.el7.src",
          "7Server-RH7-RHOSE-3.11:python2-kuryr-kubernetes-0:3.11.374-1.git.1478.ef11824.el7.noarch",
          "7Server-RH7-RHOSE-3.11:python2-urllib3-0:1.26.2-1.el7.noarch"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2020-8554"
        },
        {
          "category": "external",
          "summary": "RHBZ#1891051",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1891051"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2020-8554",
          "url": "https://www.cve.org/CVERecord?id=CVE-2020-8554"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-8554",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-8554"
        },
        {
          "category": "external",
          "summary": "https://blog.champtar.fr/K8S_MITM_LoadBalancer_ExternalIPs/",
          "url": "https://blog.champtar.fr/K8S_MITM_LoadBalancer_ExternalIPs/"
        },
        {
          "category": "external",
          "summary": "https://groups.google.com/g/kubernetes-security-announce/c/iZWsF9nbKE8",
          "url": "https://groups.google.com/g/kubernetes-security-announce/c/iZWsF9nbKE8"
        }
      ],
      "release_date": "2020-12-07T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2021-01-20T16:54:28+00:00",
          "details": "See the following documentation, which will be updated shortly for release\n3.11.374, for important instructions on how to upgrade your cluster and fully\napply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/3.11/release_notes/ocp_3_11_release_notes.html\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/articles/11258.",
          "product_ids": [
            "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.374-1.git.0.ebd3ee9.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.374-1.git.0.ebd3ee9.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.374-1.git.0.ebd3ee9.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.374-1.git.0.ebd3ee9.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.374-1.git.0.ebd3ee9.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.374-1.git.0.ebd3ee9.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.374-1.git.0.ebd3ee9.el7.noarch",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.374-1.git.0.ebd3ee9.el7.noarch",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.374-1.git.0.ebd3ee9.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.374-1.git.0.ebd3ee9.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.374-1.git.0.ebd3ee9.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.374-1.git.0.ebd3ee9.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.374-1.git.0.ebd3ee9.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.374-1.git.0.ebd3ee9.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.374-1.git.0.ebd3ee9.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.374-1.git.0.ebd3ee9.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.374-1.git.0.ebd3ee9.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.374-1.git.0.ebd3ee9.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.374-1.git.0.ebd3ee9.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.374-1.git.0.ebd3ee9.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.374-1.git.0.ebd3ee9.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.374-1.git.0.ebd3ee9.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.374-1.git.0.ebd3ee9.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.374-1.git.0.ebd3ee9.el7.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2021:0079"
        },
        {
          "category": "workaround",
          "details": "ExternalIP addresses ranges can be configured as described below. OCP 4 is secure by default, though cluster-admins can whitelist externalIP addresses as needed. OCP 3.11 can be secured by changing `externalIPNetworkCIDR` to \"0.0.0.0/32\", which blocks all externalIP address values.\n\nhttps://docs.openshift.com/container-platform/4.6/networking/configuring_ingress_cluster_traffic/configuring-externalip.html\nhttps://docs.openshift.com/container-platform/3.11/admin_guide/tcp_ingress_external_ports.html#service-externalip\n\nUsers can check if they have permission to patch the Status of a LoadBalancer Service with the command: `kubectl auth can-i patch service --subresource=status`. In OCP, by default only cluster-admins are granted this permission.",
          "product_ids": [
            "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.374-1.git.1675.738abcc.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.374-1.git.1675.738abcc.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.374-1.git.1675.738abcc.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.374-1.git.1675.738abcc.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.374-1.git.1675.738abcc.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.374-1.git.0.ebd3ee9.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.374-1.git.0.ebd3ee9.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.374-1.git.0.ebd3ee9.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.374-1.git.0.ebd3ee9.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.374-1.git.0.ebd3ee9.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.374-1.git.0.ebd3ee9.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.374-1.git.0.2996f62.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.374-1.git.0.2996f62.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.374-1.git.0.2996f62.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.374-1.git.299.f128e96.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.374-1.git.299.f128e96.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.374-1.git.299.f128e96.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.374-1.git.0.ebd3ee9.el7.noarch",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.374-1.git.481.e6a880c.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.374-1.git.481.e6a880c.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.374-1.git.0.ebd3ee9.el7.noarch",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.374-1.git.0.ebd3ee9.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.374-1.git.0.ebd3ee9.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.374-1.git.0.ebd3ee9.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.374-1.git.0.ebd3ee9.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.374-1.git.0.ebd3ee9.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.374-1.git.0.ebd3ee9.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.374-1.git.53.9df25a9.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.374-1.git.53.9df25a9.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.374-1.git.53.9df25a9.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.374-1.git.0.ebd3ee9.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.374-1.git.0.ebd3ee9.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.374-1.git.263.28335fb.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.374-1.git.263.28335fb.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.374-1.git.263.28335fb.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.374-1.git.0.ebd3ee9.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.374-1.git.0.ebd3ee9.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.374-1.git.0.ebd3ee9.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.374-1.git.0.ebd3ee9.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.374-1.git.15.523a1f7.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.374-1.git.15.523a1f7.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.374-1.git.15.523a1f7.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.374-1.git.0.ebd3ee9.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.374-1.git.0.ebd3ee9.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.374-1.git.0.ebd3ee9.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.374-1.git.0.ebd3ee9.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.374-1.git.647.9e78d83.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.374-1.git.647.9e78d83.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.374-1.git.647.9e78d83.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.374-1.git.439.966c536.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.374-1.git.439.966c536.el7.src",
            "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.374-1.git.439.966c536.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.374-1.git.0.3abd2a5.el7.src",
            "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.374-1.git.1062.490d6d5.el7.src",
            "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.374-1.git.5026.29379c4.el7.src",
            "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.374-1.git.0.92f5956.el7.noarch",
            "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.374-1.git.0.92f5956.el7.src",
            "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.374-1.git.0.92f5956.el7.noarch",
            "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.374-1.git.0.92f5956.el7.noarch",
            "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.374-1.git.0.92f5956.el7.noarch",
            "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.374-1.git.0.92f5956.el7.noarch",
            "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.374-1.git.218.9cf7939.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.374-1.git.218.9cf7939.el7.src",
            "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.374-1.git.218.9cf7939.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.374-1.git.379.80bd08f.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.374-1.git.379.80bd08f.el7.src",
            "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.374-1.git.379.80bd08f.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:openshift-kuryr-0:3.11.374-1.git.1478.ef11824.el7.src",
            "7Server-RH7-RHOSE-3.11:openshift-kuryr-cni-0:3.11.374-1.git.1478.ef11824.el7.noarch",
            "7Server-RH7-RHOSE-3.11:openshift-kuryr-common-0:3.11.374-1.git.1478.ef11824.el7.noarch",
            "7Server-RH7-RHOSE-3.11:openshift-kuryr-controller-0:3.11.374-1.git.1478.ef11824.el7.noarch",
            "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.374-1.git.5026.29379c4.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.374-1.git.5026.29379c4.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.374-1.git.0.3abd2a5.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.374-1.git.0.3abd2a5.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.374-1.git.1062.490d6d5.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.374-1.git.1062.490d6d5.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:python-urllib3-0:1.26.2-1.el7.src",
            "7Server-RH7-RHOSE-3.11:python2-kuryr-kubernetes-0:3.11.374-1.git.1478.ef11824.el7.noarch",
            "7Server-RH7-RHOSE-3.11:python2-urllib3-0:1.26.2-1.el7.noarch"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 6.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
            "version": "3.1"
          },
          "products": [
            "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.374-1.git.1675.738abcc.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.374-1.git.1675.738abcc.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.374-1.git.1675.738abcc.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.374-1.git.1675.738abcc.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.374-1.git.1675.738abcc.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.374-1.git.0.ebd3ee9.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.374-1.git.0.ebd3ee9.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.374-1.git.0.ebd3ee9.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.374-1.git.0.ebd3ee9.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.374-1.git.0.ebd3ee9.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.374-1.git.0.ebd3ee9.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.374-1.git.0.2996f62.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.374-1.git.0.2996f62.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.374-1.git.0.2996f62.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.374-1.git.299.f128e96.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.374-1.git.299.f128e96.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.374-1.git.299.f128e96.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.374-1.git.0.ebd3ee9.el7.noarch",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.374-1.git.481.e6a880c.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.374-1.git.481.e6a880c.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.374-1.git.0.ebd3ee9.el7.noarch",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.374-1.git.0.ebd3ee9.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.374-1.git.0.ebd3ee9.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.374-1.git.0.ebd3ee9.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.374-1.git.0.ebd3ee9.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.374-1.git.0.ebd3ee9.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.374-1.git.0.ebd3ee9.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.374-1.git.53.9df25a9.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.374-1.git.53.9df25a9.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.374-1.git.53.9df25a9.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.374-1.git.0.ebd3ee9.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.374-1.git.0.ebd3ee9.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.374-1.git.263.28335fb.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.374-1.git.263.28335fb.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.374-1.git.263.28335fb.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.374-1.git.0.ebd3ee9.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.374-1.git.0.ebd3ee9.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.374-1.git.0.ebd3ee9.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.374-1.git.0.ebd3ee9.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.374-1.git.15.523a1f7.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.374-1.git.15.523a1f7.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.374-1.git.15.523a1f7.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.374-1.git.0.ebd3ee9.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.374-1.git.0.ebd3ee9.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.374-1.git.0.ebd3ee9.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.374-1.git.0.ebd3ee9.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.374-1.git.647.9e78d83.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.374-1.git.647.9e78d83.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.374-1.git.647.9e78d83.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.374-1.git.439.966c536.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.374-1.git.439.966c536.el7.src",
            "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.374-1.git.439.966c536.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.374-1.git.0.3abd2a5.el7.src",
            "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.374-1.git.1062.490d6d5.el7.src",
            "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.374-1.git.5026.29379c4.el7.src",
            "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.374-1.git.0.92f5956.el7.noarch",
            "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.374-1.git.0.92f5956.el7.src",
            "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.374-1.git.0.92f5956.el7.noarch",
            "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.374-1.git.0.92f5956.el7.noarch",
            "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.374-1.git.0.92f5956.el7.noarch",
            "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.374-1.git.0.92f5956.el7.noarch",
            "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.374-1.git.218.9cf7939.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.374-1.git.218.9cf7939.el7.src",
            "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.374-1.git.218.9cf7939.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.374-1.git.379.80bd08f.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.374-1.git.379.80bd08f.el7.src",
            "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.374-1.git.379.80bd08f.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:openshift-kuryr-0:3.11.374-1.git.1478.ef11824.el7.src",
            "7Server-RH7-RHOSE-3.11:openshift-kuryr-cni-0:3.11.374-1.git.1478.ef11824.el7.noarch",
            "7Server-RH7-RHOSE-3.11:openshift-kuryr-common-0:3.11.374-1.git.1478.ef11824.el7.noarch",
            "7Server-RH7-RHOSE-3.11:openshift-kuryr-controller-0:3.11.374-1.git.1478.ef11824.el7.noarch",
            "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.374-1.git.5026.29379c4.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.374-1.git.5026.29379c4.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.374-1.git.0.3abd2a5.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.374-1.git.0.3abd2a5.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.374-1.git.1062.490d6d5.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.374-1.git.1062.490d6d5.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:python-urllib3-0:1.26.2-1.el7.src",
            "7Server-RH7-RHOSE-3.11:python2-kuryr-kubernetes-0:3.11.374-1.git.1478.ef11824.el7.noarch",
            "7Server-RH7-RHOSE-3.11:python2-urllib3-0:1.26.2-1.el7.noarch"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "kubernetes: MITM using LoadBalancer or ExternalIPs"
    },
    {
      "cve": "CVE-2020-26137",
      "cwe": {
        "id": "CWE-113",
        "name": "Improper Neutralization of CRLF Sequences in HTTP Headers (\u0027HTTP Request/Response Splitting\u0027)"
      },
      "discovery_date": "2020-09-09T00:00:00+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.374-1.git.1675.738abcc.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.374-1.git.1675.738abcc.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.374-1.git.1675.738abcc.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.374-1.git.1675.738abcc.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.374-1.git.1675.738abcc.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.374-1.git.0.ebd3ee9.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.374-1.git.0.ebd3ee9.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.374-1.git.0.ebd3ee9.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.374-1.git.0.ebd3ee9.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.374-1.git.0.ebd3ee9.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.374-1.git.0.ebd3ee9.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.374-1.git.0.2996f62.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.374-1.git.0.2996f62.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.374-1.git.0.2996f62.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.374-1.git.299.f128e96.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.374-1.git.299.f128e96.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.374-1.git.299.f128e96.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.374-1.git.0.ebd3ee9.el7.noarch",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.374-1.git.481.e6a880c.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.374-1.git.481.e6a880c.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.374-1.git.0.ebd3ee9.el7.noarch",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.374-1.git.0.ebd3ee9.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.374-1.git.0.ebd3ee9.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.374-1.git.0.ebd3ee9.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.374-1.git.0.ebd3ee9.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.374-1.git.0.ebd3ee9.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.374-1.git.0.ebd3ee9.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.374-1.git.53.9df25a9.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.374-1.git.53.9df25a9.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.374-1.git.53.9df25a9.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.374-1.git.0.ebd3ee9.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.374-1.git.0.ebd3ee9.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.374-1.git.263.28335fb.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.374-1.git.263.28335fb.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.374-1.git.263.28335fb.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.374-1.git.0.ebd3ee9.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.374-1.git.0.ebd3ee9.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.374-1.git.0.ebd3ee9.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.374-1.git.0.ebd3ee9.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.374-1.git.15.523a1f7.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.374-1.git.15.523a1f7.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.374-1.git.15.523a1f7.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.374-1.git.0.ebd3ee9.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.374-1.git.0.ebd3ee9.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.374-1.git.0.ebd3ee9.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.374-1.git.0.ebd3ee9.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.374-1.git.647.9e78d83.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.374-1.git.647.9e78d83.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.374-1.git.647.9e78d83.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.374-1.git.439.966c536.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.374-1.git.439.966c536.el7.src",
            "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.374-1.git.439.966c536.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.374-1.git.0.3abd2a5.el7.src",
            "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.374-1.git.1062.490d6d5.el7.src",
            "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.374-1.git.5026.29379c4.el7.src",
            "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.374-1.git.0.92f5956.el7.noarch",
            "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.374-1.git.0.92f5956.el7.src",
            "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.374-1.git.0.92f5956.el7.noarch",
            "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.374-1.git.0.92f5956.el7.noarch",
            "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.374-1.git.0.92f5956.el7.noarch",
            "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.374-1.git.0.92f5956.el7.noarch",
            "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.374-1.git.218.9cf7939.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.374-1.git.218.9cf7939.el7.src",
            "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.374-1.git.218.9cf7939.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.374-1.git.379.80bd08f.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.374-1.git.379.80bd08f.el7.src",
            "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.374-1.git.379.80bd08f.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:openshift-kuryr-0:3.11.374-1.git.1478.ef11824.el7.src",
            "7Server-RH7-RHOSE-3.11:openshift-kuryr-cni-0:3.11.374-1.git.1478.ef11824.el7.noarch",
            "7Server-RH7-RHOSE-3.11:openshift-kuryr-common-0:3.11.374-1.git.1478.ef11824.el7.noarch",
            "7Server-RH7-RHOSE-3.11:openshift-kuryr-controller-0:3.11.374-1.git.1478.ef11824.el7.noarch",
            "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.374-1.git.5026.29379c4.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.374-1.git.5026.29379c4.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.374-1.git.0.3abd2a5.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.374-1.git.0.3abd2a5.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.374-1.git.1062.490d6d5.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.374-1.git.1062.490d6d5.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:python2-kuryr-kubernetes-0:3.11.374-1.git.1478.ef11824.el7.noarch"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1883632"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in python-urllib3. The HTTPConnection.request() does not properly validate CRLF sequences in the HTTP request method, potentially allowing manipulation of the request by injecting additional HTTP headers. The highest threat from this vulnerability is to confidentiality and integrity.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "python-urllib3: CRLF injection via HTTP request method",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "* Red Hat OpenShift Container Platform (OCP) 4 delivers the python-urllib3 package, which includes a vulnerable version of the urllib3 module, however from OCP 4.6, the python-urllib3 package is no longer shipped and will not be fixed.\n* In Red Hat OpenStack Platform, because the flaw has a lower impact and the fix would require a substantial amount of development, no update will be provided at this time for the RHOSP python-urllib3 package.\n\nNote: Versions of `python-pip` are marked as not affected because there is no way for a pip user to control the HTTP request method.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "7Server-RH7-RHOSE-3.11:python-urllib3-0:1.26.2-1.el7.src",
          "7Server-RH7-RHOSE-3.11:python2-urllib3-0:1.26.2-1.el7.noarch"
        ],
        "known_not_affected": [
          "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.374-1.git.1675.738abcc.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.374-1.git.1675.738abcc.el7.src",
          "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.374-1.git.1675.738abcc.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.374-1.git.1675.738abcc.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.374-1.git.1675.738abcc.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.374-1.git.0.ebd3ee9.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.374-1.git.0.ebd3ee9.el7.src",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.374-1.git.0.ebd3ee9.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.374-1.git.0.ebd3ee9.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.374-1.git.0.ebd3ee9.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.374-1.git.0.ebd3ee9.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.374-1.git.0.2996f62.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.374-1.git.0.2996f62.el7.src",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.374-1.git.0.2996f62.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.374-1.git.299.f128e96.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.374-1.git.299.f128e96.el7.src",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.374-1.git.299.f128e96.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.374-1.git.0.ebd3ee9.el7.noarch",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.374-1.git.481.e6a880c.el7.src",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.374-1.git.481.e6a880c.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.374-1.git.0.ebd3ee9.el7.noarch",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.374-1.git.0.ebd3ee9.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.374-1.git.0.ebd3ee9.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.374-1.git.0.ebd3ee9.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.374-1.git.0.ebd3ee9.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.374-1.git.0.ebd3ee9.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.374-1.git.0.ebd3ee9.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.374-1.git.53.9df25a9.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.374-1.git.53.9df25a9.el7.src",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.374-1.git.53.9df25a9.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.374-1.git.0.ebd3ee9.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.374-1.git.0.ebd3ee9.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.374-1.git.263.28335fb.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.374-1.git.263.28335fb.el7.src",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.374-1.git.263.28335fb.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.374-1.git.0.ebd3ee9.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.374-1.git.0.ebd3ee9.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.374-1.git.0.ebd3ee9.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.374-1.git.0.ebd3ee9.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.374-1.git.15.523a1f7.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.374-1.git.15.523a1f7.el7.src",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.374-1.git.15.523a1f7.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.374-1.git.0.ebd3ee9.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.374-1.git.0.ebd3ee9.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.374-1.git.0.ebd3ee9.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.374-1.git.0.ebd3ee9.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.374-1.git.647.9e78d83.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.374-1.git.647.9e78d83.el7.src",
          "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.374-1.git.647.9e78d83.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.374-1.git.439.966c536.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.374-1.git.439.966c536.el7.src",
          "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.374-1.git.439.966c536.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.374-1.git.0.3abd2a5.el7.src",
          "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.374-1.git.1062.490d6d5.el7.src",
          "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.374-1.git.5026.29379c4.el7.src",
          "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.374-1.git.0.92f5956.el7.noarch",
          "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.374-1.git.0.92f5956.el7.src",
          "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.374-1.git.0.92f5956.el7.noarch",
          "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.374-1.git.0.92f5956.el7.noarch",
          "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.374-1.git.0.92f5956.el7.noarch",
          "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.374-1.git.0.92f5956.el7.noarch",
          "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.374-1.git.218.9cf7939.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.374-1.git.218.9cf7939.el7.src",
          "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.374-1.git.218.9cf7939.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.374-1.git.379.80bd08f.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.374-1.git.379.80bd08f.el7.src",
          "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.374-1.git.379.80bd08f.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:openshift-kuryr-0:3.11.374-1.git.1478.ef11824.el7.src",
          "7Server-RH7-RHOSE-3.11:openshift-kuryr-cni-0:3.11.374-1.git.1478.ef11824.el7.noarch",
          "7Server-RH7-RHOSE-3.11:openshift-kuryr-common-0:3.11.374-1.git.1478.ef11824.el7.noarch",
          "7Server-RH7-RHOSE-3.11:openshift-kuryr-controller-0:3.11.374-1.git.1478.ef11824.el7.noarch",
          "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.374-1.git.5026.29379c4.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.374-1.git.5026.29379c4.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.374-1.git.0.3abd2a5.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.374-1.git.0.3abd2a5.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.374-1.git.1062.490d6d5.el7.ppc64le",
          "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.374-1.git.1062.490d6d5.el7.x86_64",
          "7Server-RH7-RHOSE-3.11:python2-kuryr-kubernetes-0:3.11.374-1.git.1478.ef11824.el7.noarch"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2020-26137"
        },
        {
          "category": "external",
          "summary": "RHBZ#1883632",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1883632"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2020-26137",
          "url": "https://www.cve.org/CVERecord?id=CVE-2020-26137"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-26137",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-26137"
        }
      ],
      "release_date": "2020-02-10T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2021-01-20T16:54:28+00:00",
          "details": "See the following documentation, which will be updated shortly for release\n3.11.374, for important instructions on how to upgrade your cluster and fully\napply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/3.11/release_notes/ocp_3_11_release_notes.html\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/articles/11258.",
          "product_ids": [
            "7Server-RH7-RHOSE-3.11:python-urllib3-0:1.26.2-1.el7.src",
            "7Server-RH7-RHOSE-3.11:python2-urllib3-0:1.26.2-1.el7.noarch"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2021:0079"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.374-1.git.1675.738abcc.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.374-1.git.1675.738abcc.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.374-1.git.1675.738abcc.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.374-1.git.1675.738abcc.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.374-1.git.1675.738abcc.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.374-1.git.0.ebd3ee9.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.374-1.git.0.ebd3ee9.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.374-1.git.0.ebd3ee9.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.374-1.git.0.ebd3ee9.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.374-1.git.0.ebd3ee9.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.374-1.git.0.ebd3ee9.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.374-1.git.0.2996f62.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.374-1.git.0.2996f62.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.374-1.git.0.2996f62.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.374-1.git.299.f128e96.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.374-1.git.299.f128e96.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.374-1.git.299.f128e96.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.374-1.git.0.ebd3ee9.el7.noarch",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.374-1.git.481.e6a880c.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.374-1.git.481.e6a880c.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.374-1.git.0.ebd3ee9.el7.noarch",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.374-1.git.0.ebd3ee9.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.374-1.git.0.ebd3ee9.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.374-1.git.0.ebd3ee9.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.374-1.git.0.ebd3ee9.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.374-1.git.0.ebd3ee9.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.374-1.git.0.ebd3ee9.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.374-1.git.53.9df25a9.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.374-1.git.53.9df25a9.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.374-1.git.53.9df25a9.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.374-1.git.0.ebd3ee9.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.374-1.git.0.ebd3ee9.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.374-1.git.263.28335fb.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.374-1.git.263.28335fb.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.374-1.git.263.28335fb.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.374-1.git.0.ebd3ee9.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.374-1.git.0.ebd3ee9.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.374-1.git.0.ebd3ee9.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.374-1.git.0.ebd3ee9.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.374-1.git.15.523a1f7.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.374-1.git.15.523a1f7.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.374-1.git.15.523a1f7.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.374-1.git.0.ebd3ee9.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.374-1.git.0.ebd3ee9.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.374-1.git.0.ebd3ee9.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.374-1.git.0.ebd3ee9.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.374-1.git.647.9e78d83.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.374-1.git.647.9e78d83.el7.src",
            "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.374-1.git.647.9e78d83.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.374-1.git.439.966c536.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.374-1.git.439.966c536.el7.src",
            "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.374-1.git.439.966c536.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.374-1.git.0.3abd2a5.el7.src",
            "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.374-1.git.1062.490d6d5.el7.src",
            "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.374-1.git.5026.29379c4.el7.src",
            "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.374-1.git.0.92f5956.el7.noarch",
            "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.374-1.git.0.92f5956.el7.src",
            "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.374-1.git.0.92f5956.el7.noarch",
            "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.374-1.git.0.92f5956.el7.noarch",
            "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.374-1.git.0.92f5956.el7.noarch",
            "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.374-1.git.0.92f5956.el7.noarch",
            "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.374-1.git.218.9cf7939.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.374-1.git.218.9cf7939.el7.src",
            "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.374-1.git.218.9cf7939.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.374-1.git.379.80bd08f.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.374-1.git.379.80bd08f.el7.src",
            "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.374-1.git.379.80bd08f.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:openshift-kuryr-0:3.11.374-1.git.1478.ef11824.el7.src",
            "7Server-RH7-RHOSE-3.11:openshift-kuryr-cni-0:3.11.374-1.git.1478.ef11824.el7.noarch",
            "7Server-RH7-RHOSE-3.11:openshift-kuryr-common-0:3.11.374-1.git.1478.ef11824.el7.noarch",
            "7Server-RH7-RHOSE-3.11:openshift-kuryr-controller-0:3.11.374-1.git.1478.ef11824.el7.noarch",
            "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.374-1.git.5026.29379c4.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.374-1.git.5026.29379c4.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.374-1.git.0.3abd2a5.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.374-1.git.0.3abd2a5.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.374-1.git.1062.490d6d5.el7.ppc64le",
            "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.374-1.git.1062.490d6d5.el7.x86_64",
            "7Server-RH7-RHOSE-3.11:python-urllib3-0:1.26.2-1.el7.src",
            "7Server-RH7-RHOSE-3.11:python2-kuryr-kubernetes-0:3.11.374-1.git.1478.ef11824.el7.noarch",
            "7Server-RH7-RHOSE-3.11:python2-urllib3-0:1.26.2-1.el7.noarch"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "python-urllib3: CRLF injection via HTTP request method"
    }
  ]
}

FKIE_CVE-2020-8554

Vulnerability from fkie_nvd - Published: 2021-01-21 17:15 - Updated: 2024-11-21 05:39

Severity ?

6.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
5.0 (Medium) - CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L

Summary

References

URL	Tags
jordan@liggitt.net	https://github.com/kubernetes/kubernetes/issues/97076	Exploit, Third Party Advisory
jordan@liggitt.net	https://groups.google.com/g/kubernetes-security-announce/c/iZWsF9nbKE8	Mailing List, Third Party Advisory
jordan@liggitt.net	https://lists.apache.org/thread.html/r0c76b3d0be348f788cd947054141de0229af00c540564711e828fd40%40%3Ccommits.druid.apache.org%3E
jordan@liggitt.net	https://lists.apache.org/thread.html/r1975078e44d96f2a199aa90aa874b57a202eaf7f25f2fde6d1c44942%40%3Ccommits.druid.apache.org%3E
jordan@liggitt.net	https://lists.apache.org/thread.html/rcafa485d63550657f068775801aeb706b7a07140a8ebbdef822b3bb3%40%3Ccommits.druid.apache.org%3E
jordan@liggitt.net	https://lists.apache.org/thread.html/rdb223e1b82e3d7d8e4eaddce8dd1ab87252e3935cc41c859f49767b6%40%3Ccommits.druid.apache.org%3E
jordan@liggitt.net	https://www.oracle.com//security-alerts/cpujul2021.html	Patch, Third Party Advisory
jordan@liggitt.net	https://www.oracle.com/security-alerts/cpuapr2022.html	Patch, Third Party Advisory
jordan@liggitt.net	https://www.oracle.com/security-alerts/cpujan2022.html	Patch, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://github.com/kubernetes/kubernetes/issues/97076	Exploit, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://groups.google.com/g/kubernetes-security-announce/c/iZWsF9nbKE8	Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://lists.apache.org/thread.html/r0c76b3d0be348f788cd947054141de0229af00c540564711e828fd40%40%3Ccommits.druid.apache.org%3E
af854a3a-2127-422b-91ae-364da2661108	https://lists.apache.org/thread.html/r1975078e44d96f2a199aa90aa874b57a202eaf7f25f2fde6d1c44942%40%3Ccommits.druid.apache.org%3E
af854a3a-2127-422b-91ae-364da2661108	https://lists.apache.org/thread.html/rcafa485d63550657f068775801aeb706b7a07140a8ebbdef822b3bb3%40%3Ccommits.druid.apache.org%3E
af854a3a-2127-422b-91ae-364da2661108	https://lists.apache.org/thread.html/rdb223e1b82e3d7d8e4eaddce8dd1ab87252e3935cc41c859f49767b6%40%3Ccommits.druid.apache.org%3E
af854a3a-2127-422b-91ae-364da2661108	https://www.oracle.com//security-alerts/cpujul2021.html	Patch, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://www.oracle.com/security-alerts/cpuapr2022.html	Patch, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://www.oracle.com/security-alerts/cpujan2022.html	Patch, Third Party Advisory

Impacted products

Vendor	Product	Version
kubernetes	kubernetes	*
oracle	communications_cloud_native_core_network_slice_selection_function	1.2.1
oracle	communications_cloud_native_core_policy	1.15.0
oracle	communications_cloud_native_core_service_communication_proxy	1.14.0

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:kubernetes:kubernetes:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "044D3402-749F-4BEA-9F7E-16F7839654FE",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:oracle:communications_cloud_native_core_network_slice_selection_function:1.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "ADE6EF8F-1F05-429B-A916-76FDB20CEB81",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:communications_cloud_native_core_policy:1.15.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "B4367D9B-BF81-47AD-A840-AC46317C774D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:1.14.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "0AB059F2-FEC4-4180-8A90-39965495055E",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Kubernetes API server in all versions allow an attacker who is able to create a ClusterIP service and set the spec.externalIPs field, to intercept traffic to that IP address. Additionally, an attacker who is able to patch the status (which is considered a privileged operation and should not typically be granted to users) of a LoadBalancer service can set the status.loadBalancer.ingress.ip to similar effect."
    },
    {
      "lang": "es",
      "value": "El servidor de la API de Kubernetes en todas las versiones permite a un atacante que puede crear un servicio ClusterIP y establecer el campo spec.externalIPs, interceptar el tr\u00e1fico a esa direcci\u00f3n IP. Adicionalmente, un atacante que sea capaz de parchear el estado (que se considera una operaci\u00f3n privilegiada y no se debe t\u00edpicamente otorgar a los usuarios) de un servicio LoadBalancer puede configurar el status.loadBalancer.ingress.ip con un efecto similar"
    }
  ],
  "id": "CVE-2020-8554",
  "lastModified": "2024-11-21T05:39:01.370",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "SINGLE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 6.0,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:M/Au:S/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 6.8,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "LOW",
          "baseScore": 6.3,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "LOW",
          "integrityImpact": "LOW",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 3.4,
        "source": "jordan@liggitt.net",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "HIGH",
          "attackVector": "NETWORK",
          "availabilityImpact": "LOW",
          "baseScore": 5.0,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "LOW",
          "integrityImpact": "LOW",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L",
          "version": "3.1"
        },
        "exploitabilityScore": 1.6,
        "impactScore": 3.4,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2021-01-21T17:15:13.843",
  "references": [
    {
      "source": "jordan@liggitt.net",
      "tags": [
        "Exploit",
        "Third Party Advisory"
      ],
      "url": "https://github.com/kubernetes/kubernetes/issues/97076"
    },
    {
      "source": "jordan@liggitt.net",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "https://groups.google.com/g/kubernetes-security-announce/c/iZWsF9nbKE8"
    },
    {
      "source": "jordan@liggitt.net",
      "url": "https://lists.apache.org/thread.html/r0c76b3d0be348f788cd947054141de0229af00c540564711e828fd40%40%3Ccommits.druid.apache.org%3E"
    },
    {
      "source": "jordan@liggitt.net",
      "url": "https://lists.apache.org/thread.html/r1975078e44d96f2a199aa90aa874b57a202eaf7f25f2fde6d1c44942%40%3Ccommits.druid.apache.org%3E"
    },
    {
      "source": "jordan@liggitt.net",
      "url": "https://lists.apache.org/thread.html/rcafa485d63550657f068775801aeb706b7a07140a8ebbdef822b3bb3%40%3Ccommits.druid.apache.org%3E"
    },
    {
      "source": "jordan@liggitt.net",
      "url": "https://lists.apache.org/thread.html/rdb223e1b82e3d7d8e4eaddce8dd1ab87252e3935cc41c859f49767b6%40%3Ccommits.druid.apache.org%3E"
    },
    {
      "source": "jordan@liggitt.net",
      "tags": [
        "Patch",
        "Third Party Advisory"
      ],
      "url": "https://www.oracle.com//security-alerts/cpujul2021.html"
    },
    {
      "source": "jordan@liggitt.net",
      "tags": [
        "Patch",
        "Third Party Advisory"
      ],
      "url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
    },
    {
      "source": "jordan@liggitt.net",
      "tags": [
        "Patch",
        "Third Party Advisory"
      ],
      "url": "https://www.oracle.com/security-alerts/cpujan2022.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Third Party Advisory"
      ],
      "url": "https://github.com/kubernetes/kubernetes/issues/97076"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "https://groups.google.com/g/kubernetes-security-announce/c/iZWsF9nbKE8"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://lists.apache.org/thread.html/r0c76b3d0be348f788cd947054141de0229af00c540564711e828fd40%40%3Ccommits.druid.apache.org%3E"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://lists.apache.org/thread.html/r1975078e44d96f2a199aa90aa874b57a202eaf7f25f2fde6d1c44942%40%3Ccommits.druid.apache.org%3E"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://lists.apache.org/thread.html/rcafa485d63550657f068775801aeb706b7a07140a8ebbdef822b3bb3%40%3Ccommits.druid.apache.org%3E"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://lists.apache.org/thread.html/rdb223e1b82e3d7d8e4eaddce8dd1ab87252e3935cc41c859f49767b6%40%3Ccommits.druid.apache.org%3E"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Third Party Advisory"
      ],
      "url": "https://www.oracle.com//security-alerts/cpujul2021.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Third Party Advisory"
      ],
      "url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Third Party Advisory"
      ],
      "url": "https://www.oracle.com/security-alerts/cpujan2022.html"
    }
  ],
  "sourceIdentifier": "jordan@liggitt.net",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-283"
        }
      ],
      "source": "jordan@liggitt.net",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-noinfo"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

GSD-2020-8554

Vulnerability from gsd - Updated: 2023-12-13 01:21

Details

Aliases

CVE-2020-8554

Aliases

CVE-2020-8554

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2020-8554",
    "description": "Kubernetes API server in all versions allow an attacker who is able to create a ClusterIP service and set the spec.externalIPs field, to intercept traffic to that IP address. Additionally, an attacker who is able to patch the status (which is considered a privileged operation and should not typically be granted to users) of a LoadBalancer service can set the status.loadBalancer.ingress.ip to similar effect.",
    "id": "GSD-2020-8554",
    "references": [
      "https://www.suse.com/security/cve/CVE-2020-8554.html",
      "https://access.redhat.com/errata/RHSA-2021:0079",
      "https://linux.oracle.com/cve/CVE-2020-8554.html"
    ]
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2020-8554"
      ],
      "details": "Kubernetes API server in all versions allow an attacker who is able to create a ClusterIP service and set the spec.externalIPs field, to intercept traffic to that IP address. Additionally, an attacker who is able to patch the status (which is considered a privileged operation and should not typically be granted to users) of a LoadBalancer service can set the status.loadBalancer.ingress.ip to similar effect.",
      "id": "GSD-2020-8554",
      "modified": "2023-12-13T01:21:54.006371Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "security@kubernetes.io",
        "DATE_PUBLIC": "2020-12-07T17:00:00.000Z",
        "ID": "CVE-2020-8554",
        "STATE": "PUBLIC",
        "TITLE": "Kubernetes man in the middle using LoadBalancer or ExternalIPs"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "Kubernetes",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "=",
                          "version_name": "Kubernetes",
                          "version_value": "all versions"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "Kubernetes"
            }
          ]
        }
      },
      "credit": [
        {
          "lang": "eng",
          "value": "Etienne Champetier (@champtar) of Anevia"
        }
      ],
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "Kubernetes API server in all versions allow an attacker who is able to create a ClusterIP service and set the spec.externalIPs field, to intercept traffic to that IP address. Additionally, an attacker who is able to patch the status (which is considered a privileged operation and should not typically be granted to users) of a LoadBalancer service can set the status.loadBalancer.ingress.ip to similar effect."
          }
        ]
      },
      "generator": {
        "engine": "Vulnogram 0.0.9"
      },
      "impact": {
        "cvss": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "LOW",
          "baseScore": 6.3,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "LOW",
          "integrityImpact": "LOW",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
          "version": "3.1"
        }
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "CWE-283 Unverified Ownership"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "https://groups.google.com/g/kubernetes-security-announce/c/iZWsF9nbKE8",
            "refsource": "MISC",
            "url": "https://groups.google.com/g/kubernetes-security-announce/c/iZWsF9nbKE8"
          },
          {
            "name": "https://github.com/kubernetes/kubernetes/issues/97076",
            "refsource": "MISC",
            "url": "https://github.com/kubernetes/kubernetes/issues/97076"
          },
          {
            "name": "[druid-commits] 20210201 [GitHub] [druid] jon-wei opened a new pull request #10826: Address CVE-2020-8570, suppress CVE-2020-8554",
            "refsource": "MLIST",
            "url": "https://lists.apache.org/thread.html/rcafa485d63550657f068775801aeb706b7a07140a8ebbdef822b3bb3@%3Ccommits.druid.apache.org%3E"
          },
          {
            "name": "[druid-commits] 20210202 [GitHub] [druid] jon-wei opened a new pull request #10826: Address CVE-2020-8570, suppress CVE-2020-8554",
            "refsource": "MLIST",
            "url": "https://lists.apache.org/thread.html/r0c76b3d0be348f788cd947054141de0229af00c540564711e828fd40@%3Ccommits.druid.apache.org%3E"
          },
          {
            "name": "[druid-commits] 20210203 [GitHub] [druid] jihoonson commented on pull request #10826: Address CVE-2020-8570, suppress CVE-2020-8554",
            "refsource": "MLIST",
            "url": "https://lists.apache.org/thread.html/rdb223e1b82e3d7d8e4eaddce8dd1ab87252e3935cc41c859f49767b6@%3Ccommits.druid.apache.org%3E"
          },
          {
            "name": "[druid-commits] 20210203 [GitHub] [druid] jihoonson merged pull request #10826: Address CVE-2020-8570, suppress CVE-2020-8554",
            "refsource": "MLIST",
            "url": "https://lists.apache.org/thread.html/r1975078e44d96f2a199aa90aa874b57a202eaf7f25f2fde6d1c44942@%3Ccommits.druid.apache.org%3E"
          },
          {
            "name": "https://www.oracle.com//security-alerts/cpujul2021.html",
            "refsource": "MISC",
            "url": "https://www.oracle.com//security-alerts/cpujul2021.html"
          },
          {
            "name": "https://www.oracle.com/security-alerts/cpujan2022.html",
            "refsource": "MISC",
            "url": "https://www.oracle.com/security-alerts/cpujan2022.html"
          },
          {
            "name": "https://www.oracle.com/security-alerts/cpuapr2022.html",
            "refsource": "MISC",
            "url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
          }
        ]
      },
      "source": {
        "defect": [
          "https://github.com/kubernetes/kubernetes/issues/97076"
        ],
        "discovery": "EXTERNAL"
      },
      "work_around": [
        {
          "lang": "eng",
          "value": "To restrict the use of external IPs we are providing an admission webhook container: k8s.gcr.io/multitenancy/externalip-webhook:v1.0.0. The source code and deployment instructions are published at https://github.com/kubernetes-sigs/externalip-webhook.\n\nAlternatively, external IPs can be restricted using OPA Gatekeeper. A sample ConstraintTemplate and Constraint can be found here: https://github.com/open-policy-agent/gatekeeper-library/tree/master/library/general/externalip."
        }
      ]
    },
    "gitlab.com": {
      "advisories": [
        {
          "affected_range": "",
          "affected_versions": "All versions",
          "cvss_v2": "AV:N/AC:M/Au:S/C:P/I:P/A:P",
          "cvss_v3": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L",
          "cwe_ids": [
            "CWE-1035",
            "CWE-863",
            "CWE-937"
          ],
          "date": "2021-07-20",
          "description": "Kubernetes API server in all versions allow an attacker who is able to create a ClusterIP service and set the `spec.externalIPs` field, to intercept traffic to that IP address. Additionally, an attacker who is able to patch the status (which is considered a privileged operation and should not typically be granted to users) of a LoadBalancer service can set the `status.loadBalancer.ingress.ip` to similar effect.",
          "fixed_versions": [],
          "identifier": "CVE-2020-8554",
          "identifiers": [
            "CVE-2020-8554"
          ],
          "not_impacted": "",
          "package_slug": "go/github.com/kubernetes/kubelet",
          "pubdate": "2021-01-21",
          "solution": "Unfortunately, there is no solution available yet.",
          "title": "Incorrect Authorization",
          "urls": [
            "https://nvd.nist.gov/vuln/detail/CVE-2020-8554"
          ],
          "uuid": "6fbc8a2c-243d-4478-a034-8329a4d161e4",
          "versions": []
        },
        {
          "affected_range": "",
          "affected_versions": "All versions",
          "cvss_v2": "AV:N/AC:M/Au:S/C:P/I:P/A:P",
          "cvss_v3": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L",
          "cwe_ids": [
            "CWE-1035",
            "CWE-863",
            "CWE-937"
          ],
          "date": "2021-07-20",
          "description": "Kubernetes API server in all versions allow an attacker who is able to create a ClusterIP service and set the `spec.externalIPs` field, to intercept traffic to that IP address. Additionally, an attacker who is able to patch the status (which is considered a privileged operation and should not typically be granted to users) of a LoadBalancer service can set the `status.loadBalancer.ingress.ip` to similar effect.",
          "fixed_versions": [],
          "identifier": "CVE-2020-8554",
          "identifiers": [
            "CVE-2020-8554"
          ],
          "not_impacted": "",
          "package_slug": "go/github.com/kubernetes/kubernetes",
          "pubdate": "2021-01-21",
          "solution": "Unfortunately, there is no solution available yet.",
          "title": "Incorrect Authorization",
          "urls": [
            "https://nvd.nist.gov/vuln/detail/CVE-2020-8554"
          ],
          "uuid": "7b6bee0b-7842-472b-bbc8-612ecc28f318",
          "versions": []
        },
        {
          "affected_range": "",
          "affected_versions": "All versions",
          "cvss_v2": "AV:N/AC:M/Au:S/C:P/I:P/A:P",
          "cvss_v3": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L",
          "cwe_ids": [
            "CWE-1035",
            "CWE-863",
            "CWE-937"
          ],
          "date": "2021-07-20",
          "description": "Kubernetes API server in all versions allow an attacker who is able to create a ClusterIP service and set the `spec.externalIPs` field, to intercept traffic to that IP address. Additionally, an attacker who is able to patch the status (which is considered a privileged operation and should not typically be granted to users) of a LoadBalancer service can set the `status.loadBalancer.ingress.ip` to similar effect.",
          "fixed_versions": [],
          "identifier": "CVE-2020-8554",
          "identifiers": [
            "CVE-2020-8554"
          ],
          "not_impacted": "",
          "package_slug": "go/github.com/kubernetes/pkg/kubelet/server",
          "pubdate": "2021-01-21",
          "solution": "Unfortunately, there is no solution available yet.",
          "title": "Incorrect Authorization",
          "urls": [
            "https://nvd.nist.gov/vuln/detail/CVE-2020-8554"
          ],
          "uuid": "3bf6b84e-c304-4603-b2f7-a986ffed3b30"
        },
        {
          "affected_range": "\u003c=1.22.0",
          "affected_versions": "All versions up to 1.22.0",
          "cvss_v2": "AV:N/AC:M/Au:S/C:P/I:P/A:P",
          "cvss_v3": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L",
          "cwe_ids": [
            "CWE-1035",
            "CWE-863",
            "CWE-937"
          ],
          "date": "2022-04-20",
          "description": "Kubernetes API server in all versions allow an attacker who is able to create a ClusterIP service and set the spec.externalIPs field, to intercept traffic to that IP address. Additionally, an attacker who is able to patch the status (which is considered a privileged operation and should not typically be granted to users) of a LoadBalancer service can set the status.loadBalancer.ingress.ip to similar effect.",
          "fixed_versions": [],
          "identifier": "CVE-2020-8554",
          "identifiers": [
            "GHSA-j9wf-vvm6-4r9w",
            "CVE-2020-8554"
          ],
          "not_impacted": "",
          "package_slug": "go/k8s.io/kubernetes",
          "pubdate": "2022-02-08",
          "solution": "Unfortunately, there is no solution available yet.",
          "title": "Incorrect Authorization",
          "urls": [
            "https://nvd.nist.gov/vuln/detail/CVE-2020-8554",
            "https://github.com/kubernetes/kubernetes/issues/97076",
            "https://github.com/kubernetes/kubernetes/issues/97110",
            "https://groups.google.com/g/kubernetes-security-announce/c/iZWsF9nbKE8",
            "https://lists.apache.org/thread.html/r0c76b3d0be348f788cd947054141de0229af00c540564711e828fd40@%3Ccommits.druid.apache.org%3E",
            "https://lists.apache.org/thread.html/r1975078e44d96f2a199aa90aa874b57a202eaf7f25f2fde6d1c44942@%3Ccommits.druid.apache.org%3E",
            "https://lists.apache.org/thread.html/rcafa485d63550657f068775801aeb706b7a07140a8ebbdef822b3bb3@%3Ccommits.druid.apache.org%3E",
            "https://lists.apache.org/thread.html/rdb223e1b82e3d7d8e4eaddce8dd1ab87252e3935cc41c859f49767b6@%3Ccommits.druid.apache.org%3E",
            "https://www.oracle.com//security-alerts/cpujul2021.html",
            "https://www.oracle.com/security-alerts/cpujan2022.html",
            "https://github.com/advisories/GHSA-j9wf-vvm6-4r9w"
          ],
          "uuid": "951cef45-b97d-4855-a2b5-c64b632d1a03"
        },
        {
          "affected_range": "",
          "affected_versions": "All versions",
          "cvss_v2": "AV:N/AC:M/Au:S/C:P/I:P/A:P",
          "cvss_v3": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L",
          "cwe_ids": [
            "CWE-1035",
            "CWE-863",
            "CWE-937"
          ],
          "date": "2021-07-20",
          "description": "Kubernetes API server in all versions allow an attacker who is able to create a ClusterIP service and set the spec.externalIPs field, to intercept traffic to that IP address. Additionally, an attacker who is able to patch the status (which is considered a privileged operation and should not typically be granted to users) of a LoadBalancer service can set the status.loadBalancer.ingress.ip to similar effect.",
          "fixed_versions": [],
          "identifier": "CVE-2020-8554",
          "identifiers": [
            "CVE-2020-8554"
          ],
          "not_impacted": "",
          "package_slug": "go/k8s.io/kubernetes/pkg/apis/apps/validation",
          "pubdate": "2021-01-21",
          "solution": "Unfortunately, there is no solution available yet.",
          "title": "Incorrect Authorization",
          "urls": [
            "https://nvd.nist.gov/vuln/detail/CVE-2020-8554"
          ],
          "uuid": "e1d85f92-4619-4fbf-8260-ef505577fbc7"
        },
        {
          "affected_range": "",
          "affected_versions": "All versions",
          "cvss_v2": "AV:N/AC:M/Au:S/C:P/I:P/A:P",
          "cvss_v3": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L",
          "cwe_ids": [
            "CWE-1035",
            "CWE-863",
            "CWE-937"
          ],
          "date": "2021-07-20",
          "description": "Kubernetes API server in all versions allow an attacker who is able to create a ClusterIP service and set the `spec.externalIPs` field, to intercept traffic to that IP address. Additionally, an attacker who is able to patch the status (which is considered a privileged operation and should not typically be granted to users) of a LoadBalancer service can set the `status.loadBalancer.ingress.ip` to similar effect.",
          "fixed_versions": [],
          "identifier": "CVE-2020-8554",
          "identifiers": [
            "CVE-2020-8554"
          ],
          "not_impacted": "",
          "package_slug": "go/k8s.io/kubernetes/pkg/kubelet/server",
          "pubdate": "2021-01-21",
          "solution": "Unfortunately, there is no solution available yet.",
          "title": "Incorrect Authorization",
          "urls": [
            "https://nvd.nist.gov/vuln/detail/CVE-2020-8554"
          ],
          "uuid": "20ef5fc7-f153-4c88-9b90-41f8f6fbe971"
        }
      ]
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:kubernetes:kubernetes:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          },
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:oracle:communications_cloud_native_core_network_slice_selection_function:1.2.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:communications_cloud_native_core_service_communication_proxy:1.14.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:communications_cloud_native_core_policy:1.15.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "security@kubernetes.io",
          "ID": "CVE-2020-8554"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "Kubernetes API server in all versions allow an attacker who is able to create a ClusterIP service and set the spec.externalIPs field, to intercept traffic to that IP address. Additionally, an attacker who is able to patch the status (which is considered a privileged operation and should not typically be granted to users) of a LoadBalancer service can set the status.loadBalancer.ingress.ip to similar effect."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "NVD-CWE-noinfo"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "N/A",
              "refsource": "CONFIRM",
              "tags": [
                "Exploit",
                "Third Party Advisory"
              ],
              "url": "https://github.com/kubernetes/kubernetes/issues/97076"
            },
            {
              "name": "N/A",
              "refsource": "MLIST",
              "tags": [
                "Mailing List",
                "Third Party Advisory"
              ],
              "url": "https://groups.google.com/g/kubernetes-security-announce/c/iZWsF9nbKE8"
            },
            {
              "name": "[druid-commits] 20210201 [GitHub] [druid] jon-wei opened a new pull request #10826: Address CVE-2020-8570, suppress CVE-2020-8554",
              "refsource": "MLIST",
              "tags": [
                "Mailing List",
                "Patch",
                "Third Party Advisory"
              ],
              "url": "https://lists.apache.org/thread.html/rcafa485d63550657f068775801aeb706b7a07140a8ebbdef822b3bb3@%3Ccommits.druid.apache.org%3E"
            },
            {
              "name": "[druid-commits] 20210202 [GitHub] [druid] jon-wei opened a new pull request #10826: Address CVE-2020-8570, suppress CVE-2020-8554",
              "refsource": "MLIST",
              "tags": [
                "Mailing List",
                "Patch",
                "Third Party Advisory"
              ],
              "url": "https://lists.apache.org/thread.html/r0c76b3d0be348f788cd947054141de0229af00c540564711e828fd40@%3Ccommits.druid.apache.org%3E"
            },
            {
              "name": "[druid-commits] 20210203 [GitHub] [druid] jihoonson commented on pull request #10826: Address CVE-2020-8570, suppress CVE-2020-8554",
              "refsource": "MLIST",
              "tags": [
                "Mailing List",
                "Patch",
                "Third Party Advisory"
              ],
              "url": "https://lists.apache.org/thread.html/rdb223e1b82e3d7d8e4eaddce8dd1ab87252e3935cc41c859f49767b6@%3Ccommits.druid.apache.org%3E"
            },
            {
              "name": "[druid-commits] 20210203 [GitHub] [druid] jihoonson merged pull request #10826: Address CVE-2020-8570, suppress CVE-2020-8554",
              "refsource": "MLIST",
              "tags": [
                "Mailing List",
                "Patch",
                "Third Party Advisory"
              ],
              "url": "https://lists.apache.org/thread.html/r1975078e44d96f2a199aa90aa874b57a202eaf7f25f2fde6d1c44942@%3Ccommits.druid.apache.org%3E"
            },
            {
              "name": "N/A",
              "refsource": "N/A",
              "tags": [
                "Patch",
                "Third Party Advisory"
              ],
              "url": "https://www.oracle.com//security-alerts/cpujul2021.html"
            },
            {
              "name": "https://www.oracle.com/security-alerts/cpujan2022.html",
              "refsource": "MISC",
              "tags": [
                "Patch",
                "Third Party Advisory"
              ],
              "url": "https://www.oracle.com/security-alerts/cpujan2022.html"
            },
            {
              "name": "https://www.oracle.com/security-alerts/cpuapr2022.html",
              "refsource": "MISC",
              "tags": [
                "Patch",
                "Third Party Advisory"
              ],
              "url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "acInsufInfo": false,
          "cvssV2": {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "SINGLE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 6.0,
            "confidentialityImpact": "PARTIAL",
            "integrityImpact": "PARTIAL",
            "vectorString": "AV:N/AC:M/Au:S/C:P/I:P/A:P",
            "version": "2.0"
          },
          "exploitabilityScore": 6.8,
          "impactScore": 6.4,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "MEDIUM",
          "userInteractionRequired": false
        },
        "baseMetricV3": {
          "cvssV3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 5.0,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L",
            "version": "3.1"
          },
          "exploitabilityScore": 1.6,
          "impactScore": 3.4
        }
      },
      "lastModifiedDate": "2022-10-29T02:41Z",
      "publishedDate": "2021-01-21T17:15Z"
    }
  }
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2020-8554 (GCVE-0-2020-8554)

MSRC_CVE-2020-8554

CERTFR-2022-AVI-591

Solution

GHSA-J9WF-VVM6-4R9W

RHSA-2021:0079

FKIE_CVE-2020-8554

GSD-2020-8554

Tags

Sightings

Nomenclature