Action not permitted
Modal body text goes here.
CVE-2020-14336
Vulnerability from cvelistv5
Published
2021-06-02 11:48
Modified
2024-08-04 12:39
Severity
Summary
A flaw was found in the Restricted Security Context Constraints (SCC), where it allows pods to craft custom network packets. This flaw allows an attacker to cause a denial of service attack on an OpenShift Container Platform cluster if they can deploy pods. The highest threat from this vulnerability is to system availability.
References
Source | URL | Tags |
---|---|---|
secalert@redhat.com | https://bugzilla.redhat.com/show_bug.cgi?id=1858981 | Issue Tracking, Mitigation, Vendor Advisory |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-04T12:39:36.450Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1858981" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Openshift", "vendor": "n/a", "versions": [ { "status": "affected", "version": "Red Hat OpenShift Container Platform 4.6 and Red Hat OpenShift Container Platform 4.5.16" } ] } ], "descriptions": [ { "lang": "en", "value": "A flaw was found in the Restricted Security Context Constraints (SCC), where it allows pods to craft custom network packets. This flaw allows an attacker to cause a denial of service attack on an OpenShift Container Platform cluster if they can deploy pods. The highest threat from this vulnerability is to system availability." } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-770", "description": "CWE-770", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2021-06-02T11:48:44", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1858981" } ] } }, "cveMetadata": { "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2020-14336", "datePublished": "2021-06-02T11:48:44", "dateReserved": "2020-06-17T00:00:00", "dateUpdated": "2024-08-04T12:39:36.450Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1", "meta": { "nvd": "{\"cve\":{\"id\":\"CVE-2020-14336\",\"sourceIdentifier\":\"secalert@redhat.com\",\"published\":\"2021-06-02T12:15:08.807\",\"lastModified\":\"2023-02-12T23:40:21.450\",\"vulnStatus\":\"Modified\",\"descriptions\":[{\"lang\":\"en\",\"value\":\"A flaw was found in the Restricted Security Context Constraints (SCC), where it allows pods to craft custom network packets. This flaw allows an attacker to cause a denial of service attack on an OpenShift Container Platform cluster if they can deploy pods. The highest threat from this vulnerability is to system availability.\"},{\"lang\":\"es\",\"value\":\"Se ha encontrado un fallo en las Restricciones de Contexto de Seguridad (SCC), que permite a los pods dise\u00f1ar paquetes de red personalizados. Este fallo permite a un atacante causar un ataque de Denegaci\u00f3n de Servicio en un cl\u00faster de OpenShift Container Platform si pueden desplegar pods. La mayor amenaza de esta vulnerabilidad es la disponibilidad del sistema\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\",\"baseScore\":6.5,\"baseSeverity\":\"MEDIUM\"},\"exploitabilityScore\":2.8,\"impactScore\":3.6}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:S/C:N/I:N/A:P\",\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"SINGLE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"PARTIAL\",\"baseScore\":4.0},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":8.0,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"secalert@redhat.com\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-770\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:openshift_container_platform:3.11:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2F87326E-0B56-4356-A889-73D026DB1D4B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:openshift_container_platform:4.5.16:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FECE9CCD-E26F-4FAA-8ADC-8AAC7116FE5B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:openshift_container_platform:4.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6B62E762-2878-455A-93C9-A5DB430D7BB5\"}]}]}],\"references\":[{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=1858981\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Issue Tracking\",\"Mitigation\",\"Vendor Advisory\"]}]}}" } }
gsd-2020-14336
Vulnerability from gsd
Modified
2023-12-13 01:21
Details
A flaw was found in the Restricted Security Context Constraints (SCC), where it allows pods to craft custom network packets. This flaw allows an attacker to cause a denial of service attack on an OpenShift Container Platform cluster if they can deploy pods. The highest threat from this vulnerability is to system availability.
Aliases
Aliases
{ "GSD": { "alias": "CVE-2020-14336", "description": "A flaw was found in the Restricted Security Context Constraints (SCC), where it allows pods to craft custom network packets. This flaw allows an attacker to cause a denial of service attack on an OpenShift Container Platform cluster if they can deploy pods. The highest threat from this vulnerability is to system availability.", "id": "GSD-2020-14336", "references": [ "https://access.redhat.com/errata/RHSA-2020:4320", "https://access.redhat.com/errata/RHSA-2020:4298" ] }, "gsd": { "metadata": { "exploitCode": "unknown", "remediation": "unknown", "reportConfidence": "confirmed", "type": "vulnerability" }, "osvSchema": { "aliases": [ "CVE-2020-14336" ], "details": "A flaw was found in the Restricted Security Context Constraints (SCC), where it allows pods to craft custom network packets. This flaw allows an attacker to cause a denial of service attack on an OpenShift Container Platform cluster if they can deploy pods. The highest threat from this vulnerability is to system availability.", "id": "GSD-2020-14336", "modified": "2023-12-13T01:21:59.929976Z", "schema_version": "1.4.0" } }, "namespaces": { "cve.org": { "CVE_data_meta": { "ASSIGNER": "secalert@redhat.com", "ID": "CVE-2020-14336", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Openshift", "version": { "version_data": [ { "version_affected": "=", "version_value": "Red Hat OpenShift Container Platform 4.6 and Red Hat OpenShift Container Platform 4.5.16" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "A flaw was found in the Restricted Security Context Constraints (SCC), where it allows pods to craft custom network packets. This flaw allows an attacker to cause a denial of service attack on an OpenShift Container Platform cluster if they can deploy pods. The highest threat from this vulnerability is to system availability." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "cweId": "CWE-770", "lang": "eng", "value": "CWE-770" } ] } ] }, "references": { "reference_data": [ { "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1858981", "refsource": "MISC", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1858981" } ] } }, "nvd.nist.gov": { "configurations": { "CVE_data_version": "4.0", "nodes": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:redhat:openshift_container_platform:3.11:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:redhat:openshift_container_platform:4.6:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:redhat:openshift_container_platform:4.5.16:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" } ] }, "cve": { "CVE_data_meta": { "ASSIGNER": "secalert@redhat.com", "ID": "CVE-2020-14336" }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "en", "value": "A flaw was found in the Restricted Security Context Constraints (SCC), where it allows pods to craft custom network packets. This flaw allows an attacker to cause a denial of service attack on an OpenShift Container Platform cluster if they can deploy pods. The highest threat from this vulnerability is to system availability." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "en", "value": "CWE-770" } ] } ] }, "references": { "reference_data": [ { "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1858981", "refsource": "MISC", "tags": [ "Issue Tracking", "Mitigation", "Vendor Advisory" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1858981" } ] } }, "impact": { "baseMetricV2": { "acInsufInfo": false, "cvssV2": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "PARTIAL", "baseScore": 4.0, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:P", "version": "2.0" }, "exploitabilityScore": 8.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "MEDIUM", "userInteractionRequired": false }, "baseMetricV3": { "cvssV3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "exploitabilityScore": 2.8, "impactScore": 3.6 } }, "lastModifiedDate": "2023-02-12T23:40Z", "publishedDate": "2021-06-02T12:15Z" } } }
rhsa-2020_4320
Vulnerability from csaf_redhat
Published
2020-10-26 14:41
Modified
2024-09-16 04:54
Summary
Red Hat Security Advisory: OpenShift Container Platform 4.5.16 security update
Notes
Topic
Red Hat OpenShift Container Platform release 4.5.16 is now available with
updates to packages and images that fix several bugs and add enhancements.
Red Hat Product Security has rated this update as having a security impact
of Low. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available for each vulnerability
from the CVE link(s) in the References section.
Details
Red Hat OpenShift Container Platform is Red Hat's cloud computing
Kubernetes application platform solution designed for on-premise or private
cloud deployments.
Security Fix(es):
* openshift: Restricted SCC allows pods to craft custom network packets (CVE-2020-14336)
For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Low" }, "category": "csaf_vex", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "Red Hat OpenShift Container Platform release 4.5.16 is now available with\nupdates to packages and images that fix several bugs and add enhancements.\n\nRed Hat Product Security has rated this update as having a security impact\nof Low. A Common Vulnerability Scoring System (CVSS) base score,\nwhich gives a detailed severity rating, is available for each vulnerability\nfrom the CVE link(s) in the References section.", "title": "Topic" }, { "category": "general", "text": "Red Hat OpenShift Container Platform is Red Hat\u0027s cloud computing\nKubernetes application platform solution designed for on-premise or private\ncloud deployments.\n\nSecurity Fix(es):\n\n* openshift: Restricted SCC allows pods to craft custom network packets (CVE-2020-14336)\n\nFor more details about the security issue(s), including the impact, a CVSS\nscore, acknowledgments, and other related information, refer to the CVE\npage(s) listed in the References section.", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat offerings.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2020:4320", "url": "https://access.redhat.com/errata/RHSA-2020:4320" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#low", "url": "https://access.redhat.com/security/updates/classification/#low" }, { "category": "external", "summary": "1856529", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1856529" }, { "category": "external", "summary": "1858981", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1858981" }, { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/data/csaf/v2/advisories/2020/rhsa-2020_4320.json" } ], "title": "Red Hat Security Advisory: OpenShift Container Platform 4.5.16 security update", "tracking": { "current_release_date": "2024-09-16T04:54:43+00:00", "generator": { "date": "2024-09-16T04:54:43+00:00", "engine": { "name": "Red Hat SDEngine", "version": "3.33.3" } }, "id": "RHSA-2020:4320", "initial_release_date": "2020-10-26T14:41:36+00:00", "revision_history": [ { "date": "2020-10-26T14:41:36+00:00", "number": "1", "summary": "Initial version" }, { "date": "2020-10-26T14:41:37+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-09-16T04:54:43+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat OpenShift Container Platform 4.5", "product": { "name": "Red Hat OpenShift Container Platform 4.5", "product_id": "7Server-RH7-RHOSE-4.5", "product_identification_helper": { "cpe": "cpe:/a:redhat:openshift:4.5::el7" } } } ], "category": "product_family", "name": "Red Hat OpenShift Enterprise" }, { "branches": [ { "category": "product_version", "name": "openshift4/ose-machine-config-operator@sha256:0d08b01798a96cb124e07a40e6953ad220bc2055f926e27517c2fe202beae812_ppc64le", "product": { "name": "openshift4/ose-machine-config-operator@sha256:0d08b01798a96cb124e07a40e6953ad220bc2055f926e27517c2fe202beae812_ppc64le", "product_id": "openshift4/ose-machine-config-operator@sha256:0d08b01798a96cb124e07a40e6953ad220bc2055f926e27517c2fe202beae812_ppc64le", "product_identification_helper": { "purl": "pkg:oci/ose-machine-config-operator@sha256:0d08b01798a96cb124e07a40e6953ad220bc2055f926e27517c2fe202beae812?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-machine-config-operator\u0026tag=v4.5.0-202010160047.p0" } } } ], "category": "architecture", "name": "ppc64le" }, { "branches": [ { "category": "product_version", "name": "openshift4/ose-machine-config-operator@sha256:2ac7d8e5a4a1a8a0cbb06ac6302a146b256e413f54d62dca553c11e1dcc0661d_amd64", "product": { "name": "openshift4/ose-machine-config-operator@sha256:2ac7d8e5a4a1a8a0cbb06ac6302a146b256e413f54d62dca553c11e1dcc0661d_amd64", "product_id": "openshift4/ose-machine-config-operator@sha256:2ac7d8e5a4a1a8a0cbb06ac6302a146b256e413f54d62dca553c11e1dcc0661d_amd64", "product_identification_helper": { "purl": "pkg:oci/ose-machine-config-operator@sha256:2ac7d8e5a4a1a8a0cbb06ac6302a146b256e413f54d62dca553c11e1dcc0661d?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-machine-config-operator\u0026tag=v4.5.0-202010160047.p0" } } } ], "category": "architecture", "name": "amd64" }, { "branches": [ { "category": "product_version", "name": "openshift4/ose-machine-config-operator@sha256:56347b9b9aa202c3ea4ee5fc6c6d4e78bb5aa20d3cc358ef41c5640c45d7538f_s390x", "product": { "name": "openshift4/ose-machine-config-operator@sha256:56347b9b9aa202c3ea4ee5fc6c6d4e78bb5aa20d3cc358ef41c5640c45d7538f_s390x", "product_id": "openshift4/ose-machine-config-operator@sha256:56347b9b9aa202c3ea4ee5fc6c6d4e78bb5aa20d3cc358ef41c5640c45d7538f_s390x", "product_identification_helper": { "purl": "pkg:oci/ose-machine-config-operator@sha256:56347b9b9aa202c3ea4ee5fc6c6d4e78bb5aa20d3cc358ef41c5640c45d7538f?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-machine-config-operator\u0026tag=v4.5.0-202010160047.p0" } } } ], "category": "architecture", "name": "s390x" } ], "category": "vendor", "name": "Red Hat" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-machine-config-operator@sha256:0d08b01798a96cb124e07a40e6953ad220bc2055f926e27517c2fe202beae812_ppc64le as a component of Red Hat OpenShift Container Platform 4.5", "product_id": "7Server-RH7-RHOSE-4.5:openshift4/ose-machine-config-operator@sha256:0d08b01798a96cb124e07a40e6953ad220bc2055f926e27517c2fe202beae812_ppc64le" }, "product_reference": "openshift4/ose-machine-config-operator@sha256:0d08b01798a96cb124e07a40e6953ad220bc2055f926e27517c2fe202beae812_ppc64le", "relates_to_product_reference": "7Server-RH7-RHOSE-4.5" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-machine-config-operator@sha256:2ac7d8e5a4a1a8a0cbb06ac6302a146b256e413f54d62dca553c11e1dcc0661d_amd64 as a component of Red Hat OpenShift Container Platform 4.5", "product_id": "7Server-RH7-RHOSE-4.5:openshift4/ose-machine-config-operator@sha256:2ac7d8e5a4a1a8a0cbb06ac6302a146b256e413f54d62dca553c11e1dcc0661d_amd64" }, "product_reference": "openshift4/ose-machine-config-operator@sha256:2ac7d8e5a4a1a8a0cbb06ac6302a146b256e413f54d62dca553c11e1dcc0661d_amd64", "relates_to_product_reference": "7Server-RH7-RHOSE-4.5" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-machine-config-operator@sha256:56347b9b9aa202c3ea4ee5fc6c6d4e78bb5aa20d3cc358ef41c5640c45d7538f_s390x as a component of Red Hat OpenShift Container Platform 4.5", "product_id": "7Server-RH7-RHOSE-4.5:openshift4/ose-machine-config-operator@sha256:56347b9b9aa202c3ea4ee5fc6c6d4e78bb5aa20d3cc358ef41c5640c45d7538f_s390x" }, "product_reference": "openshift4/ose-machine-config-operator@sha256:56347b9b9aa202c3ea4ee5fc6c6d4e78bb5aa20d3cc358ef41c5640c45d7538f_s390x", "relates_to_product_reference": "7Server-RH7-RHOSE-4.5" } ] }, "vulnerabilities": [ { "acknowledgments": [ { "names": [ "Yuval Kashtan" ], "organization": "Red Hat", "summary": "This issue was discovered by Red Hat." } ], "cve": "CVE-2020-14336", "cwe": { "id": "CWE-770", "name": "Allocation of Resources Without Limits or Throttling" }, "discovery_date": "2020-06-25T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1858981" } ], "notes": [ { "category": "description", "text": "A flaw was found in the Restricted Security Context Constraints (SCC), where it allows pods to craft custom network packets. This flaw allows an attacker to cause a denial of service attack on an OpenShift Container Platform cluster if they can deploy pods. The highest threat from this vulnerability is to system availability.", "title": "Vulnerability description" }, { "category": "summary", "text": "openshift: restricted SCC allows pods to craft custom network packets", "title": "Vulnerability summary" }, { "category": "other", "text": "By default, the OpenShift Container Platform uses the OpenShift SDN network interface. This interface makes this attack impractical by implementing IPTable rules on the host side of the virtual network interface, isolating network traffic to within the pod.\n\nIf the OpenShift Container Platform has the sriov-network-operator deployed, it is at a greater risk for exploitation. \n\nIf installing a new OCP 4.6 cluster no changes are required. If upgrading a cluster from an earlier version to 4.5.16 be sure to delete 99-worker-generated-crio-capabilities and 99-master-generated-crio-capabilities machine controllers once you have tested that dropping NET_RAW does not break your cluster workload.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-RH7-RHOSE-4.5:openshift4/ose-machine-config-operator@sha256:0d08b01798a96cb124e07a40e6953ad220bc2055f926e27517c2fe202beae812_ppc64le", "7Server-RH7-RHOSE-4.5:openshift4/ose-machine-config-operator@sha256:2ac7d8e5a4a1a8a0cbb06ac6302a146b256e413f54d62dca553c11e1dcc0661d_amd64", "7Server-RH7-RHOSE-4.5:openshift4/ose-machine-config-operator@sha256:56347b9b9aa202c3ea4ee5fc6c6d4e78bb5aa20d3cc358ef41c5640c45d7538f_s390x" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2020-14336" }, { "category": "external", "summary": "RHBZ#1858981", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1858981" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2020-14336", "url": "https://www.cve.org/CVERecord?id=CVE-2020-14336" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-14336", "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-14336" } ], "release_date": "2020-07-13T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "details": "For OpenShift Container Platform 4.5 see the following documentation, which\nwill be updated shortly for this release, for important instructions on how\nto upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.5/release_notes/ocp-4-5-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.5/updating/updating-cluster-cli.html.", "product_ids": [ "7Server-RH7-RHOSE-4.5:openshift4/ose-machine-config-operator@sha256:0d08b01798a96cb124e07a40e6953ad220bc2055f926e27517c2fe202beae812_ppc64le", "7Server-RH7-RHOSE-4.5:openshift4/ose-machine-config-operator@sha256:2ac7d8e5a4a1a8a0cbb06ac6302a146b256e413f54d62dca553c11e1dcc0661d_amd64", "7Server-RH7-RHOSE-4.5:openshift4/ose-machine-config-operator@sha256:56347b9b9aa202c3ea4ee5fc6c6d4e78bb5aa20d3cc358ef41c5640c45d7538f_s390x" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:4320" }, { "category": "workaround", "details": "On OCP 3.11 create a custom SCC based on \u0027restricted\u0027 and also drop the NET_RAW capability[1]. Assign this custom SCC to any users, or groups which create pods you want to protect. See the documentation for more information [2]. \n[1] https://access.redhat.com/solutions/5611521\n[2] https://docs.openshift.com/container-platform/3.11/admin_guide/manage_scc.html", "product_ids": [ "7Server-RH7-RHOSE-4.5:openshift4/ose-machine-config-operator@sha256:0d08b01798a96cb124e07a40e6953ad220bc2055f926e27517c2fe202beae812_ppc64le", "7Server-RH7-RHOSE-4.5:openshift4/ose-machine-config-operator@sha256:2ac7d8e5a4a1a8a0cbb06ac6302a146b256e413f54d62dca553c11e1dcc0661d_amd64", "7Server-RH7-RHOSE-4.5:openshift4/ose-machine-config-operator@sha256:56347b9b9aa202c3ea4ee5fc6c6d4e78bb5aa20d3cc358ef41c5640c45d7538f_s390x" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 3.1, "baseSeverity": "LOW", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L", "version": "3.1" }, "products": [ "7Server-RH7-RHOSE-4.5:openshift4/ose-machine-config-operator@sha256:0d08b01798a96cb124e07a40e6953ad220bc2055f926e27517c2fe202beae812_ppc64le", "7Server-RH7-RHOSE-4.5:openshift4/ose-machine-config-operator@sha256:2ac7d8e5a4a1a8a0cbb06ac6302a146b256e413f54d62dca553c11e1dcc0661d_amd64", "7Server-RH7-RHOSE-4.5:openshift4/ose-machine-config-operator@sha256:56347b9b9aa202c3ea4ee5fc6c6d4e78bb5aa20d3cc358ef41c5640c45d7538f_s390x" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "openshift: restricted SCC allows pods to craft custom network packets" } ] }
rhsa-2020_4298
Vulnerability from csaf_redhat
Published
2020-10-27 16:22
Modified
2020-10-28 00:41
Summary
Red Hat Security Advisory: OpenShift Container Platform 4.6.1 image security update
Notes
Topic
An update is now available for Red Hat OpenShift Container Platform 4.6.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat OpenShift Container Platform is Red Hat's cloud computing
Kubernetes application platform solution designed for on-premise or private
cloud deployments.
Security Fix(es):
* golang.org/x/crypto: Processing of crafted ssh-ed25519 public keys allows for panic (CVE-2020-9283)
* SSL/TLS: CBC padding timing attack (lucky-13) (CVE-2013-0169)
* grafana: XSS vulnerability via a column style on the "Dashboard > Table Panel" screen (CVE-2018-18624)
* js-jquery: prototype pollution in object's prototype leading to denial of service or remote code execution or property injection (CVE-2019-11358)
* npm-serialize-javascript: XSS via unsafe characters in serialized regular expressions (CVE-2019-16769)
* kibana: Prototype pollution in TSVB could result in arbitrary code execution (ESA-2020-06) (CVE-2020-7013)
* nodejs-minimist: prototype pollution allows adding or modifying properties of Object.prototype using a constructor or __proto__ payload (CVE-2020-7598)
* npmjs-websocket-extensions: ReDoS vulnerability in Sec-WebSocket-Extensions parser (CVE-2020-7662)
* nodejs-lodash: prototype pollution in zipObjectDeep function (CVE-2020-8203)
* jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method (CVE-2020-11022)
* jQuery: passing HTML containing <option> elements to manipulation methods could result in untrusted code execution (CVE-2020-11023)
* grafana: stored XSS (CVE-2020-11110)
* grafana: XSS annotation popup vulnerability (CVE-2020-12052)
* grafana: XSS via column.title or cellLinkTooltip (CVE-2020-12245)
* nodejs-elliptic: improper encoding checks allows a certain degree of signature malleability in ECDSA signatures (CVE-2020-13822)
* golang.org/x/text: possibility to trigger an infinite loop in encoding/unicode could lead to crash (CVE-2020-14040)
* nodejs-ajv: prototype pollution via crafted JSON schema in ajv.validate function (CVE-2020-15366)
* openshift/console: text injection on error page via crafted url (CVE-2020-10715)
* kibana: X-Frame-Option not set by default might lead to clickjacking (CVE-2020-10743)
* openshift: restricted SCC allows pods to craft custom network packets (CVE-2020-14336)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Moderate" }, "category": "csaf_vex", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 2023 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "An update is now available for Red Hat OpenShift Container Platform 4.6.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", "title": "Topic" }, { "category": "general", "text": "Red Hat OpenShift Container Platform is Red Hat\u0027s cloud computing\nKubernetes application platform solution designed for on-premise or private\ncloud deployments.\n\nSecurity Fix(es):\n\n* golang.org/x/crypto: Processing of crafted ssh-ed25519 public keys allows for panic (CVE-2020-9283)\n\n* SSL/TLS: CBC padding timing attack (lucky-13) (CVE-2013-0169)\n\n* grafana: XSS vulnerability via a column style on the \"Dashboard \u003e Table Panel\" screen (CVE-2018-18624)\n\n* js-jquery: prototype pollution in object\u0027s prototype leading to denial of service or remote code execution or property injection (CVE-2019-11358)\n\n* npm-serialize-javascript: XSS via unsafe characters in serialized regular expressions (CVE-2019-16769)\n\n* kibana: Prototype pollution in TSVB could result in arbitrary code execution (ESA-2020-06) (CVE-2020-7013)\n\n* nodejs-minimist: prototype pollution allows adding or modifying properties of Object.prototype using a constructor or __proto__ payload (CVE-2020-7598)\n\n* npmjs-websocket-extensions: ReDoS vulnerability in Sec-WebSocket-Extensions parser (CVE-2020-7662)\n\n* nodejs-lodash: prototype pollution in zipObjectDeep function (CVE-2020-8203)\n\n* jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method (CVE-2020-11022)\n\n* jQuery: passing HTML containing \u003coption\u003e elements to manipulation methods could result in untrusted code execution (CVE-2020-11023)\n\n* grafana: stored XSS (CVE-2020-11110)\n\n* grafana: XSS annotation popup vulnerability (CVE-2020-12052)\n\n* grafana: XSS via column.title or cellLinkTooltip (CVE-2020-12245)\n\n* nodejs-elliptic: improper encoding checks allows a certain degree of signature malleability in ECDSA signatures (CVE-2020-13822)\n\n* golang.org/x/text: possibility to trigger an infinite loop in encoding/unicode could lead to crash (CVE-2020-14040)\n\n* nodejs-ajv: prototype pollution via crafted JSON schema in ajv.validate function (CVE-2020-15366)\n\n* openshift/console: text injection on error page via crafted url (CVE-2020-10715)\n\n* kibana: X-Frame-Option not set by default might lead to clickjacking (CVE-2020-10743)\n\n* openshift: restricted SCC allows pods to craft custom network packets (CVE-2020-14336)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat offerings.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2020:4298", "url": "https://access.redhat.com/errata/RHSA-2020:4298" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#moderate", "url": "https://access.redhat.com/security/updates/classification/#moderate" }, { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/data/csaf/v2/advisories/2020/rhsa-2020_4298.json" } ], "title": "Red Hat Security Advisory: OpenShift Container Platform 4.6.1 image security update", "tracking": { "current_release_date": "2020-10-28T00:41:00Z", "generator": { "date": "2023-07-01T04:17:00Z", "engine": { "name": "Red Hat SDEngine", "version": "3.18.0" } }, "id": "RHSA-2020:4298", "initial_release_date": "2020-10-27T16:22:00Z", "revision_history": [ { "date": "2020-10-28T00:41:00Z", "number": "1", "summary": "Current version" } ], "status": "final", "version": "1" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat OpenShift Container Platform 4.6", "product": { "name": "Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6", "product_identification_helper": { "cpe": "cpe:/a:redhat:openshift:4.6::el8" } } } ], "category": "product_family", "name": "Red Hat OpenShift Enterprise" }, { "category": "product_version", "name": "openshift4/ose-ansible-operator:v4.6.0-202010200139.p0", "product": { "name": "openshift4/ose-ansible-operator:v4.6.0-202010200139.p0", "product_id": "openshift4/ose-ansible-operator:v4.6.0-202010200139.p0" } }, { "category": "product_version", "name": "openshift4/ose-aws-machine-controllers:v4.6.0-202010061132.p0", "product": { "name": "openshift4/ose-aws-machine-controllers:v4.6.0-202010061132.p0", "product_id": "openshift4/ose-aws-machine-controllers:v4.6.0-202010061132.p0" } }, { "category": "product_version", "name": "openshift4/ose-azure-machine-controllers:v4.6.0-202010061132.p0", "product": { "name": "openshift4/ose-azure-machine-controllers:v4.6.0-202010061132.p0", "product_id": "openshift4/ose-azure-machine-controllers:v4.6.0-202010061132.p0" } }, { "category": "product_version", "name": "openshift4/ose-baremetal-machine-controllers:v4.6.0-202010061132.p0", "product": { "name": "openshift4/ose-baremetal-machine-controllers:v4.6.0-202010061132.p0", "product_id": "openshift4/ose-baremetal-machine-controllers:v4.6.0-202010061132.p0" } }, { "category": "product_version", "name": "openshift4/ose-baremetal-rhel8-operator:v4.6.0-202010061132.p0", "product": { "name": "openshift4/ose-baremetal-rhel8-operator:v4.6.0-202010061132.p0", "product_id": "openshift4/ose-baremetal-rhel8-operator:v4.6.0-202010061132.p0" } }, { "category": "product_version", "name": "openshift4/ose-baremetal-runtimecfg-rhel8:v4.6.0-202010061132.p0", "product": { "name": "openshift4/ose-baremetal-runtimecfg-rhel8:v4.6.0-202010061132.p0", "product_id": "openshift4/ose-baremetal-runtimecfg-rhel8:v4.6.0-202010061132.p0" } }, { "category": "product_version", "name": "openshift4/ose-cli-artifacts:v4.6.0-202010080605.p0", "product": { "name": "openshift4/ose-cli-artifacts:v4.6.0-202010080605.p0", "product_id": "openshift4/ose-cli-artifacts:v4.6.0-202010080605.p0" } }, { "category": "product_version", "name": "openshift4/ose-cli:v4.6.0-202010080605.p0", "product": { "name": "openshift4/ose-cli:v4.6.0-202010080605.p0", "product_id": "openshift4/ose-cli:v4.6.0-202010080605.p0" } }, { "category": "product_version", "name": "openshift4/ose-cloud-credential-operator:v4.6.0-202010061132.p0", "product": { "name": "openshift4/ose-cloud-credential-operator:v4.6.0-202010061132.p0", "product_id": "openshift4/ose-cloud-credential-operator:v4.6.0-202010061132.p0" } }, { "category": "product_version", "name": "openshift4/ose-cluster-authentication-operator:v4.6.0-202010061132.p0", "product": { "name": "openshift4/ose-cluster-authentication-operator:v4.6.0-202010061132.p0", "product_id": "openshift4/ose-cluster-authentication-operator:v4.6.0-202010061132.p0" } }, { "category": "product_version", "name": "openshift4/ose-cluster-autoscaler-operator:v4.6.0-202010061132.p0", "product": { "name": "openshift4/ose-cluster-autoscaler-operator:v4.6.0-202010061132.p0", "product_id": "openshift4/ose-cluster-autoscaler-operator:v4.6.0-202010061132.p0" } }, { "category": "product_version", "name": "openshift4/ose-cluster-autoscaler:v4.6.0-202009291152.p0", "product": { "name": "openshift4/ose-cluster-autoscaler:v4.6.0-202009291152.p0", "product_id": "openshift4/ose-cluster-autoscaler:v4.6.0-202009291152.p0" } }, { "category": "product_version", "name": "openshift4/ose-cluster-capacity:v4.6.0-202010200139.p0", "product": { "name": "openshift4/ose-cluster-capacity:v4.6.0-202010200139.p0", "product_id": "openshift4/ose-cluster-capacity:v4.6.0-202010200139.p0" } }, { "category": "product_version", "name": "openshift4/ose-cluster-config-operator:v4.6.0-202010061132.p0", "product": { "name": "openshift4/ose-cluster-config-operator:v4.6.0-202010061132.p0", "product_id": "openshift4/ose-cluster-config-operator:v4.6.0-202010061132.p0" } }, { "category": "product_version", "name": "openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator:v4.6.0-202010061132.p0", "product": { "name": "openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator:v4.6.0-202010061132.p0", "product_id": "openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator:v4.6.0-202010061132.p0" } }, { "category": "product_version", "name": "openshift4/ose-cluster-dns-operator:v4.6.0-202010061132.p0", "product": { "name": "openshift4/ose-cluster-dns-operator:v4.6.0-202010061132.p0", "product_id": "openshift4/ose-cluster-dns-operator:v4.6.0-202010061132.p0" } }, { "category": "product_version", "name": "openshift4/ose-cluster-etcd-rhel8-operator:v4.6.0-202010062159.p0", "product": { "name": "openshift4/ose-cluster-etcd-rhel8-operator:v4.6.0-202010062159.p0", "product_id": "openshift4/ose-cluster-etcd-rhel8-operator:v4.6.0-202010062159.p0" } }, { "category": "product_version", "name": "openshift4/ose-cluster-image-registry-operator:v4.6.0-202010061132.p0", "product": { "name": "openshift4/ose-cluster-image-registry-operator:v4.6.0-202010061132.p0", "product_id": "openshift4/ose-cluster-image-registry-operator:v4.6.0-202010061132.p0" } }, { "category": "product_version", "name": "openshift4/ose-cluster-kube-apiserver-operator:v4.6.0-202010090300.p0", "product": { "name": "openshift4/ose-cluster-kube-apiserver-operator:v4.6.0-202010090300.p0", "product_id": "openshift4/ose-cluster-kube-apiserver-operator:v4.6.0-202010090300.p0" } }, { "category": "product_version", "name": "openshift4/ose-cluster-kube-controller-manager-operator:v4.6.0-202010081538.p0", "product": { "name": "openshift4/ose-cluster-kube-controller-manager-operator:v4.6.0-202010081538.p0", "product_id": "openshift4/ose-cluster-kube-controller-manager-operator:v4.6.0-202010081538.p0" } }, { "category": "product_version", "name": "openshift4/ose-cluster-kube-descheduler-operator:v4.6.0-202010200139.p0", "product": { "name": "openshift4/ose-cluster-kube-descheduler-operator:v4.6.0-202010200139.p0", "product_id": "openshift4/ose-cluster-kube-descheduler-operator:v4.6.0-202010200139.p0" } }, { "category": "product_version", "name": "openshift4/ose-cluster-kube-descheduler-rhel8-operator:v4.6.0-202010200139.p0", "product": { "name": "openshift4/ose-cluster-kube-descheduler-rhel8-operator:v4.6.0-202010200139.p0", "product_id": "openshift4/ose-cluster-kube-descheduler-rhel8-operator:v4.6.0-202010200139.p0" } }, { "category": "product_version", "name": "openshift4/ose-cluster-kube-scheduler-operator:v4.6.0-202010061132.p0", "product": { "name": "openshift4/ose-cluster-kube-scheduler-operator:v4.6.0-202010061132.p0", "product_id": "openshift4/ose-cluster-kube-scheduler-operator:v4.6.0-202010061132.p0" } }, { "category": "product_version", "name": "openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator:v4.6.0-202010061132.p0", "product": { "name": "openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator:v4.6.0-202010061132.p0", "product_id": "openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator:v4.6.0-202010061132.p0" } }, { "category": "product_version", "name": "openshift4/ose-cluster-machine-approver:v4.6.0-202010061132.p0", "product": { "name": "openshift4/ose-cluster-machine-approver:v4.6.0-202010061132.p0", "product_id": "openshift4/ose-cluster-machine-approver:v4.6.0-202010061132.p0" } }, { "category": "product_version", "name": "openshift4/ose-cluster-openshift-apiserver-operator:v4.6.0-202010061132.p0", "product": { "name": "openshift4/ose-cluster-openshift-apiserver-operator:v4.6.0-202010061132.p0", "product_id": "openshift4/ose-cluster-openshift-apiserver-operator:v4.6.0-202010061132.p0" } }, { "category": "product_version", "name": "openshift4/ose-cluster-openshift-controller-manager-operator:v4.6.0-202010061132.p0", "product": { "name": "openshift4/ose-cluster-openshift-controller-manager-operator:v4.6.0-202010061132.p0", "product_id": "openshift4/ose-cluster-openshift-controller-manager-operator:v4.6.0-202010061132.p0" } }, { "category": "product_version", "name": "openshift4/ose-cluster-policy-controller-rhel8:v4.6.0-202010061132.p0", "product": { "name": "openshift4/ose-cluster-policy-controller-rhel8:v4.6.0-202010061132.p0", "product_id": "openshift4/ose-cluster-policy-controller-rhel8:v4.6.0-202010061132.p0" } }, { "category": "product_version", "name": "openshift4/ose-cluster-samples-operator:v4.6.0-202009290409.p0", "product": { "name": "openshift4/ose-cluster-samples-operator:v4.6.0-202009290409.p0", "product_id": "openshift4/ose-cluster-samples-operator:v4.6.0-202009290409.p0" } }, { "category": "product_version", "name": "openshift4/ose-cluster-storage-operator:v4.6.0-202010061132.p0", "product": { "name": "openshift4/ose-cluster-storage-operator:v4.6.0-202010061132.p0", "product_id": "openshift4/ose-cluster-storage-operator:v4.6.0-202010061132.p0" } }, { "category": "product_version", "name": "openshift4/ose-console-operator:v4.6.0-202010061132.p0", "product": { "name": "openshift4/ose-console-operator:v4.6.0-202010061132.p0", "product_id": "openshift4/ose-console-operator:v4.6.0-202010061132.p0" } }, { "category": "product_version", "name": "openshift4/ose-console:v4.6.0-202010100121.p0", "product": { "name": "openshift4/ose-console:v4.6.0-202010100121.p0", "product_id": "openshift4/ose-console:v4.6.0-202010100121.p0" } }, { "category": "product_version", "name": "openshift4/ose-coredns:v4.6.0-202010061132.p0", "product": { "name": "openshift4/ose-coredns:v4.6.0-202010061132.p0", "product_id": "openshift4/ose-coredns:v4.6.0-202010061132.p0" } }, { "category": "product_version", "name": "openshift4/ose-csi-external-attacher-rhel8:v4.6.0-202010061132.p0", "product": { "name": "openshift4/ose-csi-external-attacher-rhel8:v4.6.0-202010061132.p0", "product_id": "openshift4/ose-csi-external-attacher-rhel8:v4.6.0-202010061132.p0" } }, { "category": "product_version", "name": "openshift4/ose-csi-external-attacher:v4.6.0-202010061132.p0", "product": { "name": "openshift4/ose-csi-external-attacher:v4.6.0-202010061132.p0", "product_id": "openshift4/ose-csi-external-attacher:v4.6.0-202010061132.p0" } }, { "category": "product_version", "name": "openshift4/ose-csi-external-provisioner-rhel8:v4.6.0-202010061132.p0", "product": { "name": "openshift4/ose-csi-external-provisioner-rhel8:v4.6.0-202010061132.p0", "product_id": "openshift4/ose-csi-external-provisioner-rhel8:v4.6.0-202010061132.p0" } }, { "category": "product_version", "name": "openshift4/ose-csi-external-provisioner:v4.6.0-202010061132.p0", "product": { "name": "openshift4/ose-csi-external-provisioner:v4.6.0-202010061132.p0", "product_id": "openshift4/ose-csi-external-provisioner:v4.6.0-202010061132.p0" } }, { "category": "product_version", "name": "openshift4/ose-csi-external-resizer-rhel8:v4.6.0-202010061132.p0", "product": { "name": "openshift4/ose-csi-external-resizer-rhel8:v4.6.0-202010061132.p0", "product_id": "openshift4/ose-csi-external-resizer-rhel8:v4.6.0-202010061132.p0" } }, { "category": "product_version", "name": "openshift4/ose-csi-external-resizer:v4.6.0-202010061132.p0", "product": { "name": "openshift4/ose-csi-external-resizer:v4.6.0-202010061132.p0", "product_id": "openshift4/ose-csi-external-resizer:v4.6.0-202010061132.p0" } }, { "category": "product_version", "name": "openshift4/ose-csi-external-snapshotter-rhel8:v4.6.0-202010061132.p0", "product": { "name": "openshift4/ose-csi-external-snapshotter-rhel8:v4.6.0-202010061132.p0", "product_id": "openshift4/ose-csi-external-snapshotter-rhel8:v4.6.0-202010061132.p0" } }, { "category": "product_version", "name": "openshift4/ose-csi-external-snapshotter:v4.6.0-202010061132.p0", "product": { "name": "openshift4/ose-csi-external-snapshotter:v4.6.0-202010061132.p0", "product_id": "openshift4/ose-csi-external-snapshotter:v4.6.0-202010061132.p0" } }, { "category": "product_version", "name": "openshift4/ose-csi-livenessprobe-rhel8:v4.6.0-202010061132.p0", "product": { "name": "openshift4/ose-csi-livenessprobe-rhel8:v4.6.0-202010061132.p0", "product_id": "openshift4/ose-csi-livenessprobe-rhel8:v4.6.0-202010061132.p0" } }, { "category": "product_version", "name": "openshift4/ose-csi-livenessprobe:v4.6.0-202010061132.p0", "product": { "name": "openshift4/ose-csi-livenessprobe:v4.6.0-202010061132.p0", "product_id": "openshift4/ose-csi-livenessprobe:v4.6.0-202010061132.p0" } }, { "category": "product_version", "name": "openshift4/ose-csi-node-driver-registrar-rhel8:v4.6.0-202010061132.p0", "product": { "name": "openshift4/ose-csi-node-driver-registrar-rhel8:v4.6.0-202010061132.p0", "product_id": "openshift4/ose-csi-node-driver-registrar-rhel8:v4.6.0-202010061132.p0" } }, { "category": "product_version", "name": "openshift4/ose-csi-node-driver-registrar:v4.6.0-202010061132.p0", "product": { "name": "openshift4/ose-csi-node-driver-registrar:v4.6.0-202010061132.p0", "product_id": "openshift4/ose-csi-node-driver-registrar:v4.6.0-202010061132.p0" } }, { "category": "product_version", "name": "openshift4/ose-csi-snapshot-controller-rhel8:v4.6.0-202010061132.p0", "product": { "name": "openshift4/ose-csi-snapshot-controller-rhel8:v4.6.0-202010061132.p0", "product_id": "openshift4/ose-csi-snapshot-controller-rhel8:v4.6.0-202010061132.p0" } }, { "category": "product_version", "name": "openshift4/ose-csi-snapshot-controller:v4.6.0-202010061132.p0", "product": { "name": "openshift4/ose-csi-snapshot-controller:v4.6.0-202010061132.p0", "product_id": "openshift4/ose-csi-snapshot-controller:v4.6.0-202010061132.p0" } }, { "category": "product_version", "name": "openshift4/ose-descheduler:v4.6.0-202010200139.p0", "product": { "name": "openshift4/ose-descheduler:v4.6.0-202010200139.p0", "product_id": "openshift4/ose-descheduler:v4.6.0-202010200139.p0" } }, { "category": "product_version", "name": "openshift4/ose-docker-builder:v4.6.0-202010120952.p0", "product": { "name": "openshift4/ose-docker-builder:v4.6.0-202010120952.p0", "product_id": "openshift4/ose-docker-builder:v4.6.0-202010120952.p0" } }, { "category": "product_version", "name": "openshift4/ose-docker-registry:v4.6.0-202010061132.p0", "product": { "name": "openshift4/ose-docker-registry:v4.6.0-202010061132.p0", "product_id": "openshift4/ose-docker-registry:v4.6.0-202010061132.p0" } }, { "category": "product_version", "name": "openshift4/ose-elasticsearch-operator:v4.6.0-202010200139.p0", "product": { "name": "openshift4/ose-elasticsearch-operator:v4.6.0-202010200139.p0", "product_id": "openshift4/ose-elasticsearch-operator:v4.6.0-202010200139.p0" } }, { "category": "product_version", "name": "openshift4/ose-etcd:v4.6.0-202010061132.p0", "product": { "name": "openshift4/ose-etcd:v4.6.0-202010061132.p0", "product_id": "openshift4/ose-etcd:v4.6.0-202010061132.p0" } }, { "category": "product_version", "name": "openshift4/ose-gcp-machine-controllers-rhel8:v4.6.0-202010061132.p0", "product": { "name": "openshift4/ose-gcp-machine-controllers-rhel8:v4.6.0-202010061132.p0", "product_id": "openshift4/ose-gcp-machine-controllers-rhel8:v4.6.0-202010061132.p0" } }, { "category": "product_version", "name": "openshift4/ose-grafana:v4.6.0-202010061132.p0", "product": { "name": "openshift4/ose-grafana:v4.6.0-202010061132.p0", "product_id": "openshift4/ose-grafana:v4.6.0-202010061132.p0" } }, { "category": "product_version", "name": "openshift4/ose-hyperkube:v4.6.0-202010081843.p0", "product": { "name": "openshift4/ose-hyperkube:v4.6.0-202010081843.p0", "product_id": "openshift4/ose-hyperkube:v4.6.0-202010081843.p0" } }, { "category": "product_version", "name": "openshift4/ose-installer:v4.6.0-202010081843.p0", "product": { "name": "openshift4/ose-installer:v4.6.0-202010081843.p0", "product_id": "openshift4/ose-installer:v4.6.0-202010081843.p0" } }, { "category": "product_version", "name": "openshift4/ose-kube-rbac-proxy:v4.6.0-202010061132.p0", "product": { "name": "openshift4/ose-kube-rbac-proxy:v4.6.0-202010061132.p0", "product_id": "openshift4/ose-kube-rbac-proxy:v4.6.0-202010061132.p0" } }, { "category": "product_version", "name": "openshift4/ose-kube-storage-version-migrator-rhel8:v4.6.0-202010061132.p0", "product": { "name": "openshift4/ose-kube-storage-version-migrator-rhel8:v4.6.0-202010061132.p0", "product_id": "openshift4/ose-kube-storage-version-migrator-rhel8:v4.6.0-202010061132.p0" } }, { "category": "product_version", "name": "openshift4/ose-local-storage-diskmaker:v4.6.0-202010200139.p0", "product": { "name": "openshift4/ose-local-storage-diskmaker:v4.6.0-202010200139.p0", "product_id": "openshift4/ose-local-storage-diskmaker:v4.6.0-202010200139.p0" } }, { "category": "product_version", "name": "openshift4/ose-local-storage-static-provisioner:v4.6.0-202010061132.p0", "product": { "name": "openshift4/ose-local-storage-static-provisioner:v4.6.0-202010061132.p0", "product_id": "openshift4/ose-local-storage-static-provisioner:v4.6.0-202010061132.p0" } }, { "category": "product_version", "name": "openshift4/ose-logging-kibana6:v4.6.0-202010200139.p0", "product": { "name": "openshift4/ose-logging-kibana6:v4.6.0-202010200139.p0", "product_id": "openshift4/ose-logging-kibana6:v4.6.0-202010200139.p0" } }, { "category": "product_version", "name": "openshift4/ose-machine-config-operator:v4.6.0-202010220220.p0", "product": { "name": "openshift4/ose-machine-config-operator:v4.6.0-202010220220.p0", "product_id": "openshift4/ose-machine-config-operator:v4.6.0-202010220220.p0" } }, { "category": "product_version", "name": "openshift4/ose-mdns-publisher-rhel8:v4.6.0-202010061132.p0", "product": { "name": "openshift4/ose-mdns-publisher-rhel8:v4.6.0-202010061132.p0", "product_id": "openshift4/ose-mdns-publisher-rhel8:v4.6.0-202010061132.p0" } }, { "category": "product_version", "name": "openshift4/ose-metering-presto:v4.6.0-202010200139.p0", "product": { "name": "openshift4/ose-metering-presto:v4.6.0-202010200139.p0", "product_id": "openshift4/ose-metering-presto:v4.6.0-202010200139.p0" } }, { "category": "product_version", "name": "openshift4/ose-metering-reporting-operator:v4.6.0-202010200139.p0", "product": { "name": "openshift4/ose-metering-reporting-operator:v4.6.0-202010200139.p0", "product_id": "openshift4/ose-metering-reporting-operator:v4.6.0-202010200139.p0" } }, { "category": "product_version", "name": "openshift4/ose-multus-admission-controller:v4.6.0-202010061132.p0", "product": { "name": "openshift4/ose-multus-admission-controller:v4.6.0-202010061132.p0", "product_id": "openshift4/ose-multus-admission-controller:v4.6.0-202010061132.p0" } }, { "category": "product_version", "name": "openshift4/ose-multus-cni:v4.6.0-202010061132.p0", "product": { "name": "openshift4/ose-multus-cni:v4.6.0-202010061132.p0", "product_id": "openshift4/ose-multus-cni:v4.6.0-202010061132.p0" } }, { "category": "product_version", "name": "openshift4/ose-multus-route-override-cni-rhel8:v4.6.0-202010012244.p0", "product": { "name": "openshift4/ose-multus-route-override-cni-rhel8:v4.6.0-202010012244.p0", "product_id": "openshift4/ose-multus-route-override-cni-rhel8:v4.6.0-202010012244.p0" } }, { "category": "product_version", "name": "openshift4/ose-multus-whereabouts-ipam-cni-rhel8:v4.6.0-202010011936.p0", "product": { "name": "openshift4/ose-multus-whereabouts-ipam-cni-rhel8:v4.6.0-202010011936.p0", "product_id": "openshift4/ose-multus-whereabouts-ipam-cni-rhel8:v4.6.0-202010011936.p0" } }, { "category": "product_version", "name": "openshift4/ose-network-metrics-daemon-rhel8:v4.6.0-202010061132.p0", "product": { "name": "openshift4/ose-network-metrics-daemon-rhel8:v4.6.0-202010061132.p0", "product_id": "openshift4/ose-network-metrics-daemon-rhel8:v4.6.0-202010061132.p0" } }, { "category": "product_version", "name": "openshift4/ose-oauth-apiserver-rhel8:v4.6.0-202010061132.p0", "product": { "name": "openshift4/ose-oauth-apiserver-rhel8:v4.6.0-202010061132.p0", "product_id": "openshift4/ose-oauth-apiserver-rhel8:v4.6.0-202010061132.p0" } }, { "category": "product_version", "name": "openshift4/ose-oauth-proxy:v4.6.0-202010010929.p0", "product": { "name": "openshift4/ose-oauth-proxy:v4.6.0-202010010929.p0", "product_id": "openshift4/ose-oauth-proxy:v4.6.0-202010010929.p0" } }, { "category": "product_version", "name": "openshift4/ose-openshift-apiserver-rhel8:v4.6.0-202010061132.p0", "product": { "name": "openshift4/ose-openshift-apiserver-rhel8:v4.6.0-202010061132.p0", "product_id": "openshift4/ose-openshift-apiserver-rhel8:v4.6.0-202010061132.p0" } }, { "category": "product_version", "name": "openshift4/ose-openshift-controller-manager-rhel8:v4.6.0-202010061132.p0", "product": { "name": "openshift4/ose-openshift-controller-manager-rhel8:v4.6.0-202010061132.p0", "product_id": "openshift4/ose-openshift-controller-manager-rhel8:v4.6.0-202010061132.p0" } }, { "category": "product_version", "name": "openshift4/ose-operator-lifecycle-manager:v4.6.0-202010130555.p0", "product": { "name": "openshift4/ose-operator-lifecycle-manager:v4.6.0-202010130555.p0", "product_id": "openshift4/ose-operator-lifecycle-manager:v4.6.0-202010130555.p0" } }, { "category": "product_version", "name": "openshift4/ose-operator-marketplace:v4.6.0-202010081538.p0", "product": { "name": "openshift4/ose-operator-marketplace:v4.6.0-202010081538.p0", "product_id": "openshift4/ose-operator-marketplace:v4.6.0-202010081538.p0" } }, { "category": "product_version", "name": "openshift4/ose-operator-registry:v4.6.0-202010061132.p0", "product": { "name": "openshift4/ose-operator-registry:v4.6.0-202010061132.p0", "product_id": "openshift4/ose-operator-registry:v4.6.0-202010061132.p0" } }, { "category": "product_version", "name": "openshift4/ose-prometheus:v4.6.0-202009290409.p0", "product": { "name": "openshift4/ose-prometheus:v4.6.0-202009290409.p0", "product_id": "openshift4/ose-prometheus:v4.6.0-202009290409.p0" } }, { "category": "product_version", "name": "openshift4/ose-ptp-operator:v4.6.0-202010200139.p0", "product": { "name": "openshift4/ose-ptp-operator:v4.6.0-202010200139.p0", "product_id": "openshift4/ose-ptp-operator:v4.6.0-202010200139.p0" } }, { "category": "product_version", "name": "openshift4/ose-ptp:v4.6.0-202010200139.p0", "product": { "name": "openshift4/ose-ptp:v4.6.0-202010200139.p0", "product_id": "openshift4/ose-ptp:v4.6.0-202010200139.p0" } }, { "category": "product_version", "name": "openshift4/ose-service-ca-operator:v4.6.0-202010061132.p0", "product": { "name": "openshift4/ose-service-ca-operator:v4.6.0-202010061132.p0", "product_id": "openshift4/ose-service-ca-operator:v4.6.0-202010061132.p0" } }, { "category": "product_version", "name": "openshift4/ose-sriov-dp-admission-controller:v4.6.0-202010200139.p0", "product": { "name": "openshift4/ose-sriov-dp-admission-controller:v4.6.0-202010200139.p0", "product_id": "openshift4/ose-sriov-dp-admission-controller:v4.6.0-202010200139.p0" } }, { "category": "product_version", "name": "openshift4/ose-sriov-network-config-daemon:v4.6.0-202010200139.p0", "product": { "name": "openshift4/ose-sriov-network-config-daemon:v4.6.0-202010200139.p0", "product_id": "openshift4/ose-sriov-network-config-daemon:v4.6.0-202010200139.p0" } }, { "category": "product_version", "name": "openshift4/ose-sriov-network-device-plugin:v4.6.0-202010200139.p0", "product": { "name": "openshift4/ose-sriov-network-device-plugin:v4.6.0-202010200139.p0", "product_id": "openshift4/ose-sriov-network-device-plugin:v4.6.0-202010200139.p0" } }, { "category": "product_version", "name": "openshift4/ose-sriov-network-webhook:v4.6.0-202010200139.p0", "product": { "name": "openshift4/ose-sriov-network-webhook:v4.6.0-202010200139.p0", "product_id": "openshift4/ose-sriov-network-webhook:v4.6.0-202010200139.p0" } }, { "category": "product_version", "name": "openshift4/ose-tests:v4.6.0-202010120952.p0", "product": { "name": "openshift4/ose-tests:v4.6.0-202010120952.p0", "product_id": "openshift4/ose-tests:v4.6.0-202010120952.p0" } } ], "category": "vendor", "name": "Red Hat" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-ansible-operator:v4.6.0-202010200139.p0 as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-ansible-operator:v4.6.0-202010200139.p0" }, "product_reference": "openshift4/ose-ansible-operator:v4.6.0-202010200139.p0", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-aws-machine-controllers:v4.6.0-202010061132.p0 as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-aws-machine-controllers:v4.6.0-202010061132.p0" }, "product_reference": "openshift4/ose-aws-machine-controllers:v4.6.0-202010061132.p0", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-azure-machine-controllers:v4.6.0-202010061132.p0 as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-azure-machine-controllers:v4.6.0-202010061132.p0" }, "product_reference": "openshift4/ose-azure-machine-controllers:v4.6.0-202010061132.p0", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-baremetal-machine-controllers:v4.6.0-202010061132.p0 as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers:v4.6.0-202010061132.p0" }, "product_reference": "openshift4/ose-baremetal-machine-controllers:v4.6.0-202010061132.p0", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-baremetal-rhel8-operator:v4.6.0-202010061132.p0 as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator:v4.6.0-202010061132.p0" }, "product_reference": "openshift4/ose-baremetal-rhel8-operator:v4.6.0-202010061132.p0", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-baremetal-runtimecfg-rhel8:v4.6.0-202010061132.p0 as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8:v4.6.0-202010061132.p0" }, "product_reference": "openshift4/ose-baremetal-runtimecfg-rhel8:v4.6.0-202010061132.p0", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-cli-artifacts:v4.6.0-202010080605.p0 as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-cli-artifacts:v4.6.0-202010080605.p0" }, "product_reference": "openshift4/ose-cli-artifacts:v4.6.0-202010080605.p0", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-cli:v4.6.0-202010080605.p0 as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-cli:v4.6.0-202010080605.p0" }, "product_reference": "openshift4/ose-cli:v4.6.0-202010080605.p0", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-cloud-credential-operator:v4.6.0-202010061132.p0 as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator:v4.6.0-202010061132.p0" }, "product_reference": "openshift4/ose-cloud-credential-operator:v4.6.0-202010061132.p0", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-cluster-authentication-operator:v4.6.0-202010061132.p0 as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator:v4.6.0-202010061132.p0" }, "product_reference": "openshift4/ose-cluster-authentication-operator:v4.6.0-202010061132.p0", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-cluster-autoscaler-operator:v4.6.0-202010061132.p0 as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator:v4.6.0-202010061132.p0" }, "product_reference": "openshift4/ose-cluster-autoscaler-operator:v4.6.0-202010061132.p0", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-cluster-autoscaler:v4.6.0-202009291152.p0 as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler:v4.6.0-202009291152.p0" }, "product_reference": "openshift4/ose-cluster-autoscaler:v4.6.0-202009291152.p0", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-cluster-capacity:v4.6.0-202010200139.p0 as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-cluster-capacity:v4.6.0-202010200139.p0" }, "product_reference": "openshift4/ose-cluster-capacity:v4.6.0-202010200139.p0", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-cluster-config-operator:v4.6.0-202010061132.p0 as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator:v4.6.0-202010061132.p0" }, "product_reference": "openshift4/ose-cluster-config-operator:v4.6.0-202010061132.p0", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator:v4.6.0-202010061132.p0 as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator:v4.6.0-202010061132.p0" }, "product_reference": "openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator:v4.6.0-202010061132.p0", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-cluster-dns-operator:v4.6.0-202010061132.p0 as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator:v4.6.0-202010061132.p0" }, "product_reference": "openshift4/ose-cluster-dns-operator:v4.6.0-202010061132.p0", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-cluster-etcd-rhel8-operator:v4.6.0-202010062159.p0 as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator:v4.6.0-202010062159.p0" }, "product_reference": "openshift4/ose-cluster-etcd-rhel8-operator:v4.6.0-202010062159.p0", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-cluster-image-registry-operator:v4.6.0-202010061132.p0 as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator:v4.6.0-202010061132.p0" }, "product_reference": "openshift4/ose-cluster-image-registry-operator:v4.6.0-202010061132.p0", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-cluster-kube-apiserver-operator:v4.6.0-202010090300.p0 as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator:v4.6.0-202010090300.p0" }, "product_reference": "openshift4/ose-cluster-kube-apiserver-operator:v4.6.0-202010090300.p0", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-cluster-kube-controller-manager-operator:v4.6.0-202010081538.p0 as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator:v4.6.0-202010081538.p0" }, "product_reference": "openshift4/ose-cluster-kube-controller-manager-operator:v4.6.0-202010081538.p0", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-cluster-kube-descheduler-operator:v4.6.0-202010200139.p0 as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator:v4.6.0-202010200139.p0" }, "product_reference": "openshift4/ose-cluster-kube-descheduler-operator:v4.6.0-202010200139.p0", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-cluster-kube-descheduler-rhel8-operator:v4.6.0-202010200139.p0 as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator:v4.6.0-202010200139.p0" }, "product_reference": "openshift4/ose-cluster-kube-descheduler-rhel8-operator:v4.6.0-202010200139.p0", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-cluster-kube-scheduler-operator:v4.6.0-202010061132.p0 as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator:v4.6.0-202010061132.p0" }, "product_reference": "openshift4/ose-cluster-kube-scheduler-operator:v4.6.0-202010061132.p0", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator:v4.6.0-202010061132.p0 as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator:v4.6.0-202010061132.p0" }, "product_reference": "openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator:v4.6.0-202010061132.p0", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-cluster-machine-approver:v4.6.0-202010061132.p0 as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver:v4.6.0-202010061132.p0" }, "product_reference": "openshift4/ose-cluster-machine-approver:v4.6.0-202010061132.p0", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-cluster-openshift-apiserver-operator:v4.6.0-202010061132.p0 as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator:v4.6.0-202010061132.p0" }, "product_reference": "openshift4/ose-cluster-openshift-apiserver-operator:v4.6.0-202010061132.p0", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-cluster-openshift-controller-manager-operator:v4.6.0-202010061132.p0 as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator:v4.6.0-202010061132.p0" }, "product_reference": "openshift4/ose-cluster-openshift-controller-manager-operator:v4.6.0-202010061132.p0", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-cluster-policy-controller-rhel8:v4.6.0-202010061132.p0 as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8:v4.6.0-202010061132.p0" }, "product_reference": "openshift4/ose-cluster-policy-controller-rhel8:v4.6.0-202010061132.p0", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-cluster-samples-operator:v4.6.0-202009290409.p0 as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator:v4.6.0-202009290409.p0" }, "product_reference": "openshift4/ose-cluster-samples-operator:v4.6.0-202009290409.p0", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-cluster-storage-operator:v4.6.0-202010061132.p0 as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator:v4.6.0-202010061132.p0" }, "product_reference": "openshift4/ose-cluster-storage-operator:v4.6.0-202010061132.p0", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-console-operator:v4.6.0-202010061132.p0 as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-console-operator:v4.6.0-202010061132.p0" }, "product_reference": "openshift4/ose-console-operator:v4.6.0-202010061132.p0", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-console:v4.6.0-202010100121.p0 as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-console:v4.6.0-202010100121.p0" }, "product_reference": "openshift4/ose-console:v4.6.0-202010100121.p0", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-coredns:v4.6.0-202010061132.p0 as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-coredns:v4.6.0-202010061132.p0" }, "product_reference": "openshift4/ose-coredns:v4.6.0-202010061132.p0", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-csi-external-attacher-rhel8:v4.6.0-202010061132.p0 as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8:v4.6.0-202010061132.p0" }, "product_reference": "openshift4/ose-csi-external-attacher-rhel8:v4.6.0-202010061132.p0", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-csi-external-attacher:v4.6.0-202010061132.p0 as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher:v4.6.0-202010061132.p0" }, "product_reference": "openshift4/ose-csi-external-attacher:v4.6.0-202010061132.p0", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-csi-external-provisioner-rhel8:v4.6.0-202010061132.p0 as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8:v4.6.0-202010061132.p0" }, "product_reference": "openshift4/ose-csi-external-provisioner-rhel8:v4.6.0-202010061132.p0", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-csi-external-provisioner:v4.6.0-202010061132.p0 as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner:v4.6.0-202010061132.p0" }, "product_reference": "openshift4/ose-csi-external-provisioner:v4.6.0-202010061132.p0", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-csi-external-resizer-rhel8:v4.6.0-202010061132.p0 as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8:v4.6.0-202010061132.p0" }, "product_reference": "openshift4/ose-csi-external-resizer-rhel8:v4.6.0-202010061132.p0", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-csi-external-resizer:v4.6.0-202010061132.p0 as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer:v4.6.0-202010061132.p0" }, "product_reference": "openshift4/ose-csi-external-resizer:v4.6.0-202010061132.p0", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-csi-external-snapshotter-rhel8:v4.6.0-202010061132.p0 as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8:v4.6.0-202010061132.p0" }, "product_reference": "openshift4/ose-csi-external-snapshotter-rhel8:v4.6.0-202010061132.p0", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-csi-external-snapshotter:v4.6.0-202010061132.p0 as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter:v4.6.0-202010061132.p0" }, "product_reference": "openshift4/ose-csi-external-snapshotter:v4.6.0-202010061132.p0", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-csi-livenessprobe-rhel8:v4.6.0-202010061132.p0 as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8:v4.6.0-202010061132.p0" }, "product_reference": "openshift4/ose-csi-livenessprobe-rhel8:v4.6.0-202010061132.p0", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-csi-livenessprobe:v4.6.0-202010061132.p0 as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe:v4.6.0-202010061132.p0" }, "product_reference": "openshift4/ose-csi-livenessprobe:v4.6.0-202010061132.p0", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-csi-node-driver-registrar-rhel8:v4.6.0-202010061132.p0 as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8:v4.6.0-202010061132.p0" }, "product_reference": "openshift4/ose-csi-node-driver-registrar-rhel8:v4.6.0-202010061132.p0", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-csi-node-driver-registrar:v4.6.0-202010061132.p0 as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar:v4.6.0-202010061132.p0" }, "product_reference": "openshift4/ose-csi-node-driver-registrar:v4.6.0-202010061132.p0", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-csi-snapshot-controller-rhel8:v4.6.0-202010061132.p0 as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8:v4.6.0-202010061132.p0" }, "product_reference": "openshift4/ose-csi-snapshot-controller-rhel8:v4.6.0-202010061132.p0", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-csi-snapshot-controller:v4.6.0-202010061132.p0 as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller:v4.6.0-202010061132.p0" }, "product_reference": "openshift4/ose-csi-snapshot-controller:v4.6.0-202010061132.p0", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-descheduler:v4.6.0-202010200139.p0 as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-descheduler:v4.6.0-202010200139.p0" }, "product_reference": "openshift4/ose-descheduler:v4.6.0-202010200139.p0", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-docker-builder:v4.6.0-202010120952.p0 as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-docker-builder:v4.6.0-202010120952.p0" }, "product_reference": "openshift4/ose-docker-builder:v4.6.0-202010120952.p0", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-docker-registry:v4.6.0-202010061132.p0 as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-docker-registry:v4.6.0-202010061132.p0" }, "product_reference": "openshift4/ose-docker-registry:v4.6.0-202010061132.p0", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-elasticsearch-operator:v4.6.0-202010200139.p0 as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator:v4.6.0-202010200139.p0" }, "product_reference": "openshift4/ose-elasticsearch-operator:v4.6.0-202010200139.p0", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-etcd:v4.6.0-202010061132.p0 as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-etcd:v4.6.0-202010061132.p0" }, "product_reference": "openshift4/ose-etcd:v4.6.0-202010061132.p0", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-gcp-machine-controllers-rhel8:v4.6.0-202010061132.p0 as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8:v4.6.0-202010061132.p0" }, "product_reference": "openshift4/ose-gcp-machine-controllers-rhel8:v4.6.0-202010061132.p0", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-grafana:v4.6.0-202010061132.p0 as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-grafana:v4.6.0-202010061132.p0" }, "product_reference": "openshift4/ose-grafana:v4.6.0-202010061132.p0", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-hyperkube:v4.6.0-202010081843.p0 as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-hyperkube:v4.6.0-202010081843.p0" }, "product_reference": "openshift4/ose-hyperkube:v4.6.0-202010081843.p0", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-installer:v4.6.0-202010081843.p0 as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-installer:v4.6.0-202010081843.p0" }, "product_reference": "openshift4/ose-installer:v4.6.0-202010081843.p0", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-kube-rbac-proxy:v4.6.0-202010061132.p0 as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy:v4.6.0-202010061132.p0" }, "product_reference": "openshift4/ose-kube-rbac-proxy:v4.6.0-202010061132.p0", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-kube-storage-version-migrator-rhel8:v4.6.0-202010061132.p0 as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8:v4.6.0-202010061132.p0" }, "product_reference": "openshift4/ose-kube-storage-version-migrator-rhel8:v4.6.0-202010061132.p0", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-local-storage-diskmaker:v4.6.0-202010200139.p0 as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker:v4.6.0-202010200139.p0" }, "product_reference": "openshift4/ose-local-storage-diskmaker:v4.6.0-202010200139.p0", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-local-storage-static-provisioner:v4.6.0-202010061132.p0 as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner:v4.6.0-202010061132.p0" }, "product_reference": "openshift4/ose-local-storage-static-provisioner:v4.6.0-202010061132.p0", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-logging-kibana6:v4.6.0-202010200139.p0 as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-logging-kibana6:v4.6.0-202010200139.p0" }, "product_reference": "openshift4/ose-logging-kibana6:v4.6.0-202010200139.p0", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-machine-config-operator:v4.6.0-202010220220.p0 as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-machine-config-operator:v4.6.0-202010220220.p0" }, "product_reference": "openshift4/ose-machine-config-operator:v4.6.0-202010220220.p0", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-mdns-publisher-rhel8:v4.6.0-202010061132.p0 as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8:v4.6.0-202010061132.p0" }, "product_reference": "openshift4/ose-mdns-publisher-rhel8:v4.6.0-202010061132.p0", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-metering-presto:v4.6.0-202010200139.p0 as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-metering-presto:v4.6.0-202010200139.p0" }, "product_reference": "openshift4/ose-metering-presto:v4.6.0-202010200139.p0", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-metering-reporting-operator:v4.6.0-202010200139.p0 as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-metering-reporting-operator:v4.6.0-202010200139.p0" }, "product_reference": "openshift4/ose-metering-reporting-operator:v4.6.0-202010200139.p0", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-multus-admission-controller:v4.6.0-202010061132.p0 as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller:v4.6.0-202010061132.p0" }, "product_reference": "openshift4/ose-multus-admission-controller:v4.6.0-202010061132.p0", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-multus-cni:v4.6.0-202010061132.p0 as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-multus-cni:v4.6.0-202010061132.p0" }, "product_reference": "openshift4/ose-multus-cni:v4.6.0-202010061132.p0", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-multus-route-override-cni-rhel8:v4.6.0-202010012244.p0 as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8:v4.6.0-202010012244.p0" }, "product_reference": "openshift4/ose-multus-route-override-cni-rhel8:v4.6.0-202010012244.p0", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-multus-whereabouts-ipam-cni-rhel8:v4.6.0-202010011936.p0 as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8:v4.6.0-202010011936.p0" }, "product_reference": "openshift4/ose-multus-whereabouts-ipam-cni-rhel8:v4.6.0-202010011936.p0", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-network-metrics-daemon-rhel8:v4.6.0-202010061132.p0 as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8:v4.6.0-202010061132.p0" }, "product_reference": "openshift4/ose-network-metrics-daemon-rhel8:v4.6.0-202010061132.p0", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-oauth-apiserver-rhel8:v4.6.0-202010061132.p0 as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8:v4.6.0-202010061132.p0" }, "product_reference": "openshift4/ose-oauth-apiserver-rhel8:v4.6.0-202010061132.p0", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-oauth-proxy:v4.6.0-202010010929.p0 as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-oauth-proxy:v4.6.0-202010010929.p0" }, "product_reference": "openshift4/ose-oauth-proxy:v4.6.0-202010010929.p0", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-openshift-apiserver-rhel8:v4.6.0-202010061132.p0 as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8:v4.6.0-202010061132.p0" }, "product_reference": "openshift4/ose-openshift-apiserver-rhel8:v4.6.0-202010061132.p0", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-openshift-controller-manager-rhel8:v4.6.0-202010061132.p0 as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8:v4.6.0-202010061132.p0" }, "product_reference": "openshift4/ose-openshift-controller-manager-rhel8:v4.6.0-202010061132.p0", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-operator-lifecycle-manager:v4.6.0-202010130555.p0 as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager:v4.6.0-202010130555.p0" }, "product_reference": "openshift4/ose-operator-lifecycle-manager:v4.6.0-202010130555.p0", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-operator-marketplace:v4.6.0-202010081538.p0 as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-operator-marketplace:v4.6.0-202010081538.p0" }, "product_reference": "openshift4/ose-operator-marketplace:v4.6.0-202010081538.p0", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-operator-registry:v4.6.0-202010061132.p0 as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-operator-registry:v4.6.0-202010061132.p0" }, "product_reference": "openshift4/ose-operator-registry:v4.6.0-202010061132.p0", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-prometheus:v4.6.0-202009290409.p0 as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-prometheus:v4.6.0-202009290409.p0" }, "product_reference": "openshift4/ose-prometheus:v4.6.0-202009290409.p0", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-ptp-operator:v4.6.0-202010200139.p0 as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-ptp-operator:v4.6.0-202010200139.p0" }, "product_reference": "openshift4/ose-ptp-operator:v4.6.0-202010200139.p0", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-ptp:v4.6.0-202010200139.p0 as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-ptp:v4.6.0-202010200139.p0" }, "product_reference": "openshift4/ose-ptp:v4.6.0-202010200139.p0", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-service-ca-operator:v4.6.0-202010061132.p0 as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-service-ca-operator:v4.6.0-202010061132.p0" }, "product_reference": "openshift4/ose-service-ca-operator:v4.6.0-202010061132.p0", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-sriov-dp-admission-controller:v4.6.0-202010200139.p0 as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller:v4.6.0-202010200139.p0" }, "product_reference": "openshift4/ose-sriov-dp-admission-controller:v4.6.0-202010200139.p0", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-sriov-network-config-daemon:v4.6.0-202010200139.p0 as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon:v4.6.0-202010200139.p0" }, "product_reference": "openshift4/ose-sriov-network-config-daemon:v4.6.0-202010200139.p0", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-sriov-network-device-plugin:v4.6.0-202010200139.p0 as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin:v4.6.0-202010200139.p0" }, "product_reference": "openshift4/ose-sriov-network-device-plugin:v4.6.0-202010200139.p0", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-sriov-network-webhook:v4.6.0-202010200139.p0 as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook:v4.6.0-202010200139.p0" }, "product_reference": "openshift4/ose-sriov-network-webhook:v4.6.0-202010200139.p0", "relates_to_product_reference": "8Base-RHOSE-4.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift4/ose-tests:v4.6.0-202010120952.p0 as a component of Red Hat OpenShift Container Platform 4.6", "product_id": "8Base-RHOSE-4.6:openshift4/ose-tests:v4.6.0-202010120952.p0" }, "product_reference": "openshift4/ose-tests:v4.6.0-202010120952.p0", "relates_to_product_reference": "8Base-RHOSE-4.6" } ] }, "vulnerabilities": [ { "cve": "CVE-2013-0169", "discovery_date": "2013-02-04T00:00:00Z", "flags": [ { "label": "component_not_present", "product_ids": [ "8Base-RHOSE-4.6:openshift4/ose-ansible-operator:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-aws-machine-controllers:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-azure-machine-controllers:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cli-artifacts:v4.6.0-202010080605.p0", "8Base-RHOSE-4.6:openshift4/ose-cli:v4.6.0-202010080605.p0", "8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler:v4.6.0-202009291152.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-capacity:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator:v4.6.0-202010062159.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator:v4.6.0-202010090300.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator:v4.6.0-202010081538.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator:v4.6.0-202009290409.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-console-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-console:v4.6.0-202010100121.p0", "8Base-RHOSE-4.6:openshift4/ose-coredns:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-descheduler:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-docker-builder:v4.6.0-202010120952.p0", "8Base-RHOSE-4.6:openshift4/ose-docker-registry:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-etcd:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-grafana:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-hyperkube:v4.6.0-202010081843.p0", "8Base-RHOSE-4.6:openshift4/ose-installer:v4.6.0-202010081843.p0", "8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-logging-kibana6:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-machine-config-operator:v4.6.0-202010220220.p0", "8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-metering-presto:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-metering-reporting-operator:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-multus-cni:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8:v4.6.0-202010012244.p0", "8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8:v4.6.0-202010011936.p0", "8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-oauth-proxy:v4.6.0-202010010929.p0", "8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager:v4.6.0-202010130555.p0", "8Base-RHOSE-4.6:openshift4/ose-operator-marketplace:v4.6.0-202010081538.p0", "8Base-RHOSE-4.6:openshift4/ose-operator-registry:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-prometheus:v4.6.0-202009290409.p0", "8Base-RHOSE-4.6:openshift4/ose-ptp-operator:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-ptp:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-service-ca-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-tests:v4.6.0-202010120952.p0" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla", "text": "https://bugzilla.redhat.com/show_bug.cgi?id=907589" } ], "notes": [ { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" }, { "category": "description", "text": "The TLS protocol 1.1 and 1.2 and the DTLS protocol 1.0 and 1.2, as used in OpenSSL, OpenJDK, PolarSSL, and other products, do not properly consider timing side-channel attacks on a MAC check requirement during the processing of malformed CBC padding, which allows remote attackers to conduct distinguishing attacks and plaintext-recovery attacks via statistical analysis of timing data for crafted packets, aka the \"Lucky Thirteen\" issue.", "title": "Vulnerability description" }, { "category": "summary", "text": "CBC padding timing attack (lucky-13)", "title": "Vulnerability summary" } ], "product_status": { "fixed": [ "8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy:v4.6.0-202010061132.p0" ], "known_not_affected": [ "8Base-RHOSE-4.6:openshift4/ose-ansible-operator:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-aws-machine-controllers:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-azure-machine-controllers:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cli-artifacts:v4.6.0-202010080605.p0", "8Base-RHOSE-4.6:openshift4/ose-cli:v4.6.0-202010080605.p0", "8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler:v4.6.0-202009291152.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-capacity:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator:v4.6.0-202010062159.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator:v4.6.0-202010090300.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator:v4.6.0-202010081538.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator:v4.6.0-202009290409.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-console-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-console:v4.6.0-202010100121.p0", "8Base-RHOSE-4.6:openshift4/ose-coredns:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-descheduler:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-docker-builder:v4.6.0-202010120952.p0", "8Base-RHOSE-4.6:openshift4/ose-docker-registry:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-etcd:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-grafana:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-hyperkube:v4.6.0-202010081843.p0", "8Base-RHOSE-4.6:openshift4/ose-installer:v4.6.0-202010081843.p0", "8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-logging-kibana6:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-machine-config-operator:v4.6.0-202010220220.p0", "8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-metering-presto:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-metering-reporting-operator:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-multus-cni:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8:v4.6.0-202010012244.p0", "8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8:v4.6.0-202010011936.p0", "8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-oauth-proxy:v4.6.0-202010010929.p0", "8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager:v4.6.0-202010130555.p0", "8Base-RHOSE-4.6:openshift4/ose-operator-marketplace:v4.6.0-202010081538.p0", "8Base-RHOSE-4.6:openshift4/ose-operator-registry:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-prometheus:v4.6.0-202009290409.p0", "8Base-RHOSE-4.6:openshift4/ose-ptp-operator:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-ptp:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-service-ca-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-tests:v4.6.0-202010120952.p0" ] }, "references": [ { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2013-0169", "url": "https://www.cve.org/CVERecord?id=CVE-2013-0169" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-0169", "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-0169" }, { "category": "external", "summary": "http://www.isg.rhul.ac.uk/tls/", "url": "http://www.isg.rhul.ac.uk/tls/" }, { "category": "external", "summary": "http://www.openssl.org/news/secadv_20130205.txt", "url": "http://www.openssl.org/news/secadv_20130205.txt" }, { "category": "external", "summary": "https://polarssl.org/tech-updates/releases/polarssl-1.2.5-released", "url": "https://polarssl.org/tech-updates/releases/polarssl-1.2.5-released" }, { "category": "external", "summary": "CVE-2013-0169", "url": "https://access.redhat.com/security/cve/CVE-2013-0169" }, { "category": "external", "summary": "bz#907589: CBC padding timing attack (lucky-13)", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=907589" } ], "release_date": "2013-02-04T00:00:00Z", "remediations": [ { "category": "vendor_fix", "details": "For OpenShift Container Platform 4.6 see the following documentation, which\nwill be updated shortly for this release, for important instructions on how\nto upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.6/release_notes/ocp-4-6-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.6/updating/updating-cluster-cli.html.", "product_ids": [ "8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy:v4.6.0-202010061132.p0" ], "url": "https://access.redhat.com/errata/RHSA-2020:4298" } ], "scores": [ { "cvss_v2": { "accessComplexity": "HIGH", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "availabilityRequirement": "NOT_DEFINED", "baseScore": 5.1, "collateralDamagePotential": "NOT_DEFINED", "confidentialityImpact": "PARTIAL", "confidentialityRequirement": "NOT_DEFINED", "environmentalScore": 0.0, "exploitability": "NOT_DEFINED", "integrityImpact": "PARTIAL", "integrityRequirement": "NOT_DEFINED", "remediationLevel": "NOT_DEFINED", "reportConfidence": "NOT_DEFINED", "targetDistribution": "NOT_DEFINED", "temporalScore": 0.0, "vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy:v4.6.0-202010061132.p0" ] } ], "threats": [ { "category": "impact", "date": "2013-02-04T00:00:00Z", "details": "Moderate" } ], "title": "CBC padding timing attack (lucky-13)" }, { "cve": "CVE-2018-18624", "cwe": { "id": "CWE-79", "name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)" }, "discovery_date": "2020-06-24T00:00:00Z", "flags": [ { "label": "component_not_present", "product_ids": [ "8Base-RHOSE-4.6:openshift4/ose-ansible-operator:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-aws-machine-controllers:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-azure-machine-controllers:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cli-artifacts:v4.6.0-202010080605.p0", "8Base-RHOSE-4.6:openshift4/ose-cli:v4.6.0-202010080605.p0", "8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler:v4.6.0-202009291152.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-capacity:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator:v4.6.0-202010062159.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator:v4.6.0-202010090300.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator:v4.6.0-202010081538.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator:v4.6.0-202009290409.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-console-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-console:v4.6.0-202010100121.p0", "8Base-RHOSE-4.6:openshift4/ose-coredns:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-descheduler:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-docker-builder:v4.6.0-202010120952.p0", "8Base-RHOSE-4.6:openshift4/ose-docker-registry:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-etcd:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-hyperkube:v4.6.0-202010081843.p0", "8Base-RHOSE-4.6:openshift4/ose-installer:v4.6.0-202010081843.p0", "8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-logging-kibana6:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-machine-config-operator:v4.6.0-202010220220.p0", "8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-metering-presto:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-metering-reporting-operator:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-multus-cni:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8:v4.6.0-202010012244.p0", "8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8:v4.6.0-202010011936.p0", "8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-oauth-proxy:v4.6.0-202010010929.p0", "8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager:v4.6.0-202010130555.p0", "8Base-RHOSE-4.6:openshift4/ose-operator-marketplace:v4.6.0-202010081538.p0", "8Base-RHOSE-4.6:openshift4/ose-operator-registry:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-prometheus:v4.6.0-202009290409.p0", "8Base-RHOSE-4.6:openshift4/ose-ptp-operator:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-ptp:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-service-ca-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-tests:v4.6.0-202010120952.p0" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla", "text": "https://bugzilla.redhat.com/show_bug.cgi?id=1850572" } ], "notes": [ { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" }, { "category": "description", "text": "A flaw was found in grafana. An incomplete fix for CVE-2018-12099 allows for a XSS via a column style on the \"Dashboard \u003e Table Panel\" screen.", "title": "Vulnerability description" }, { "category": "summary", "text": "grafana: XSS vulnerability via a column style on the \"Dashboard \u003e Table Panel\" screen", "title": "Vulnerability summary" } ], "product_status": { "fixed": [ "8Base-RHOSE-4.6:openshift4/ose-grafana:v4.6.0-202010061132.p0" ], "known_not_affected": [ "8Base-RHOSE-4.6:openshift4/ose-ansible-operator:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-aws-machine-controllers:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-azure-machine-controllers:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cli-artifacts:v4.6.0-202010080605.p0", "8Base-RHOSE-4.6:openshift4/ose-cli:v4.6.0-202010080605.p0", "8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler:v4.6.0-202009291152.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-capacity:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator:v4.6.0-202010062159.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator:v4.6.0-202010090300.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator:v4.6.0-202010081538.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator:v4.6.0-202009290409.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-console-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-console:v4.6.0-202010100121.p0", "8Base-RHOSE-4.6:openshift4/ose-coredns:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-descheduler:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-docker-builder:v4.6.0-202010120952.p0", "8Base-RHOSE-4.6:openshift4/ose-docker-registry:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-etcd:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-hyperkube:v4.6.0-202010081843.p0", "8Base-RHOSE-4.6:openshift4/ose-installer:v4.6.0-202010081843.p0", "8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-logging-kibana6:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-machine-config-operator:v4.6.0-202010220220.p0", "8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-metering-presto:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-metering-reporting-operator:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-multus-cni:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8:v4.6.0-202010012244.p0", "8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8:v4.6.0-202010011936.p0", "8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-oauth-proxy:v4.6.0-202010010929.p0", "8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager:v4.6.0-202010130555.p0", "8Base-RHOSE-4.6:openshift4/ose-operator-marketplace:v4.6.0-202010081538.p0", "8Base-RHOSE-4.6:openshift4/ose-operator-registry:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-prometheus:v4.6.0-202009290409.p0", "8Base-RHOSE-4.6:openshift4/ose-ptp-operator:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-ptp:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-service-ca-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-tests:v4.6.0-202010120952.p0" ] }, "references": [ { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2018-18624", "url": "https://www.cve.org/CVERecord?id=CVE-2018-18624" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-18624", "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-18624" }, { "category": "external", "summary": "https://security.netapp.com/advisory/ntap-20200608-0008/", "url": "https://security.netapp.com/advisory/ntap-20200608-0008/" }, { "category": "external", "summary": "CVE-2018-18624", "url": "https://access.redhat.com/security/cve/CVE-2018-18624" }, { "category": "external", "summary": "bz#1850572: CVE-2018-18624 grafana: XSS vulnerability via a column style on the \"Dashboard \u003e Table Panel\" screen", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1850572" } ], "release_date": "2020-06-02T00:00:00Z", "remediations": [ { "category": "vendor_fix", "details": "For OpenShift Container Platform 4.6 see the following documentation, which\nwill be updated shortly for this release, for important instructions on how\nto upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.6/release_notes/ocp-4-6-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.6/updating/updating-cluster-cli.html.", "product_ids": [ "8Base-RHOSE-4.6:openshift4/ose-grafana:v4.6.0-202010061132.p0" ], "url": "https://access.redhat.com/errata/RHSA-2020:4298" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.1" }, "products": [ "8Base-RHOSE-4.6:openshift4/ose-grafana:v4.6.0-202010061132.p0" ] } ], "threats": [ { "category": "impact", "date": "2020-06-24T00:00:00Z", "details": "Moderate" } ], "title": "CVE-2018-18624 grafana: XSS vulnerability via a column style on the \"Dashboard \u003e Table Panel\" screen" }, { "cve": "CVE-2019-11358", "cwe": { "id": "CWE-79", "name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)" }, "discovery_date": "2019-03-28T00:00:00Z", "flags": [ { "label": "component_not_present", "product_ids": [ "8Base-RHOSE-4.6:openshift4/ose-ansible-operator:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-aws-machine-controllers:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-azure-machine-controllers:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cli-artifacts:v4.6.0-202010080605.p0", "8Base-RHOSE-4.6:openshift4/ose-cli:v4.6.0-202010080605.p0", "8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler:v4.6.0-202009291152.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-capacity:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator:v4.6.0-202010062159.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator:v4.6.0-202010090300.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator:v4.6.0-202010081538.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator:v4.6.0-202009290409.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-console-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-console:v4.6.0-202010100121.p0", "8Base-RHOSE-4.6:openshift4/ose-coredns:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-descheduler:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-docker-builder:v4.6.0-202010120952.p0", "8Base-RHOSE-4.6:openshift4/ose-docker-registry:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-etcd:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-grafana:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-hyperkube:v4.6.0-202010081843.p0", "8Base-RHOSE-4.6:openshift4/ose-installer:v4.6.0-202010081843.p0", "8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-logging-kibana6:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-machine-config-operator:v4.6.0-202010220220.p0", "8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-metering-presto:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-metering-reporting-operator:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-multus-cni:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8:v4.6.0-202010012244.p0", "8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8:v4.6.0-202010011936.p0", "8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-oauth-proxy:v4.6.0-202010010929.p0", "8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager:v4.6.0-202010130555.p0", "8Base-RHOSE-4.6:openshift4/ose-operator-marketplace:v4.6.0-202010081538.p0", "8Base-RHOSE-4.6:openshift4/ose-operator-registry:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-ptp-operator:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-ptp:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-service-ca-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-tests:v4.6.0-202010120952.p0" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla", "text": "https://bugzilla.redhat.com/show_bug.cgi?id=1701972" } ], "notes": [ { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" }, { "category": "description", "text": "A Prototype Pollution vulnerability was found in jquery. Untrusted JSON passed to the `extend` function could lead to modifying objects up the prototype chain, including the global Object. A crafted JSON object passed to a vulnerable method could lead to denial of service or data injection, with various consequences.", "title": "Vulnerability description" }, { "category": "summary", "text": "jquery: Prototype pollution in object\u0027s prototype leading to denial of service, remote code execution, or property injection", "title": "Vulnerability summary" } ], "product_status": { "fixed": [ "8Base-RHOSE-4.6:openshift4/ose-prometheus:v4.6.0-202009290409.p0" ], "known_not_affected": [ "8Base-RHOSE-4.6:openshift4/ose-ansible-operator:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-aws-machine-controllers:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-azure-machine-controllers:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cli-artifacts:v4.6.0-202010080605.p0", "8Base-RHOSE-4.6:openshift4/ose-cli:v4.6.0-202010080605.p0", "8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler:v4.6.0-202009291152.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-capacity:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator:v4.6.0-202010062159.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator:v4.6.0-202010090300.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator:v4.6.0-202010081538.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator:v4.6.0-202009290409.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-console-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-console:v4.6.0-202010100121.p0", "8Base-RHOSE-4.6:openshift4/ose-coredns:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-descheduler:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-docker-builder:v4.6.0-202010120952.p0", "8Base-RHOSE-4.6:openshift4/ose-docker-registry:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-etcd:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-grafana:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-hyperkube:v4.6.0-202010081843.p0", "8Base-RHOSE-4.6:openshift4/ose-installer:v4.6.0-202010081843.p0", "8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-logging-kibana6:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-machine-config-operator:v4.6.0-202010220220.p0", "8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-metering-presto:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-metering-reporting-operator:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-multus-cni:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8:v4.6.0-202010012244.p0", "8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8:v4.6.0-202010011936.p0", "8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-oauth-proxy:v4.6.0-202010010929.p0", "8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager:v4.6.0-202010130555.p0", "8Base-RHOSE-4.6:openshift4/ose-operator-marketplace:v4.6.0-202010081538.p0", "8Base-RHOSE-4.6:openshift4/ose-operator-registry:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-ptp-operator:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-ptp:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-service-ca-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-tests:v4.6.0-202010120952.p0" ] }, "references": [ { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-11358", "url": "https://www.cve.org/CVERecord?id=CVE-2019-11358" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-11358", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-11358" }, { "category": "external", "summary": "https://blog.jquery.com/2019/04/10/jquery-3-4-0-released/", "url": "https://blog.jquery.com/2019/04/10/jquery-3-4-0-released/" }, { "category": "external", "summary": "https://www.drupal.org/sa-core-2019-006", "url": "https://www.drupal.org/sa-core-2019-006" }, { "category": "external", "summary": "CVE-2019-11358", "url": "https://access.redhat.com/security/cve/CVE-2019-11358" }, { "category": "external", "summary": "bz#1701972: CVE-2019-11358 jquery: Prototype pollution in object\u0027s prototype leading to denial of service, remote code execution, or property injection", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1701972" } ], "release_date": "2019-03-27T00:00:00Z", "remediations": [ { "category": "vendor_fix", "details": "For OpenShift Container Platform 4.6 see the following documentation, which\nwill be updated shortly for this release, for important instructions on how\nto upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.6/release_notes/ocp-4-6-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.6/updating/updating-cluster-cli.html.", "product_ids": [ "8Base-RHOSE-4.6:openshift4/ose-prometheus:v4.6.0-202009290409.p0" ], "url": "https://access.redhat.com/errata/RHSA-2020:4298" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 5.6, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L", "version": "3.0" }, "products": [ "8Base-RHOSE-4.6:openshift4/ose-prometheus:v4.6.0-202009290409.p0" ] } ], "threats": [ { "category": "impact", "date": "2019-03-28T00:00:00Z", "details": "Moderate" } ], "title": "CVE-2019-11358 jquery: Prototype pollution in object\u0027s prototype leading to denial of service, remote code execution, or property injection" }, { "cve": "CVE-2019-16769", "cwe": { "id": "CWE-79", "name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)" }, "discovery_date": "2020-06-17T00:00:00Z", "flags": [ { "label": "component_not_present", "product_ids": [ "8Base-RHOSE-4.6:openshift4/ose-ansible-operator:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-aws-machine-controllers:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-azure-machine-controllers:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cli-artifacts:v4.6.0-202010080605.p0", "8Base-RHOSE-4.6:openshift4/ose-cli:v4.6.0-202010080605.p0", "8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler:v4.6.0-202009291152.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-capacity:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator:v4.6.0-202010062159.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator:v4.6.0-202010090300.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator:v4.6.0-202010081538.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator:v4.6.0-202009290409.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-console-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-console:v4.6.0-202010100121.p0", "8Base-RHOSE-4.6:openshift4/ose-coredns:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-descheduler:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-docker-builder:v4.6.0-202010120952.p0", "8Base-RHOSE-4.6:openshift4/ose-docker-registry:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-etcd:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-hyperkube:v4.6.0-202010081843.p0", "8Base-RHOSE-4.6:openshift4/ose-installer:v4.6.0-202010081843.p0", "8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-logging-kibana6:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-machine-config-operator:v4.6.0-202010220220.p0", "8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-metering-presto:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-metering-reporting-operator:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-multus-cni:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8:v4.6.0-202010012244.p0", "8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8:v4.6.0-202010011936.p0", "8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-oauth-proxy:v4.6.0-202010010929.p0", "8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager:v4.6.0-202010130555.p0", "8Base-RHOSE-4.6:openshift4/ose-operator-marketplace:v4.6.0-202010081538.p0", "8Base-RHOSE-4.6:openshift4/ose-operator-registry:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-prometheus:v4.6.0-202009290409.p0", "8Base-RHOSE-4.6:openshift4/ose-ptp-operator:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-ptp:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-service-ca-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-tests:v4.6.0-202010120952.p0" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla", "text": "https://bugzilla.redhat.com/show_bug.cgi?id=1848092" } ], "notes": [ { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" }, { "category": "description", "text": "A XSS flaw was found in npm-serialize-javascript. It does not properly mitigate against unsafe characters in serialized regular expressions. This vulnerability is not affected on Node.js environment since Node.js\u0027s implementation of RegExp.prototype.toString() backslash-escapes all forward slashes in regular expressions. If serialized data of regular expression objects are used in an environment other than Node.js, it is affected by this vulnerability.", "title": "Vulnerability description" }, { "category": "summary", "text": "npm-serialize-javascript: XSS via unsafe characters in serialized regular expressions", "title": "Vulnerability summary" } ], "product_status": { "fixed": [ "8Base-RHOSE-4.6:openshift4/ose-grafana:v4.6.0-202010061132.p0" ], "known_not_affected": [ "8Base-RHOSE-4.6:openshift4/ose-ansible-operator:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-aws-machine-controllers:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-azure-machine-controllers:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cli-artifacts:v4.6.0-202010080605.p0", "8Base-RHOSE-4.6:openshift4/ose-cli:v4.6.0-202010080605.p0", "8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler:v4.6.0-202009291152.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-capacity:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator:v4.6.0-202010062159.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator:v4.6.0-202010090300.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator:v4.6.0-202010081538.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator:v4.6.0-202009290409.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-console-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-console:v4.6.0-202010100121.p0", "8Base-RHOSE-4.6:openshift4/ose-coredns:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-descheduler:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-docker-builder:v4.6.0-202010120952.p0", "8Base-RHOSE-4.6:openshift4/ose-docker-registry:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-etcd:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-hyperkube:v4.6.0-202010081843.p0", "8Base-RHOSE-4.6:openshift4/ose-installer:v4.6.0-202010081843.p0", "8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-logging-kibana6:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-machine-config-operator:v4.6.0-202010220220.p0", "8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-metering-presto:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-metering-reporting-operator:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-multus-cni:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8:v4.6.0-202010012244.p0", "8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8:v4.6.0-202010011936.p0", "8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-oauth-proxy:v4.6.0-202010010929.p0", "8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager:v4.6.0-202010130555.p0", "8Base-RHOSE-4.6:openshift4/ose-operator-marketplace:v4.6.0-202010081538.p0", "8Base-RHOSE-4.6:openshift4/ose-operator-registry:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-prometheus:v4.6.0-202009290409.p0", "8Base-RHOSE-4.6:openshift4/ose-ptp-operator:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-ptp:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-service-ca-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-tests:v4.6.0-202010120952.p0" ] }, "references": [ { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-16769", "url": "https://www.cve.org/CVERecord?id=CVE-2019-16769" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-16769", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-16769" }, { "category": "external", "summary": "CVE-2019-16769", "url": "https://access.redhat.com/security/cve/CVE-2019-16769" }, { "category": "external", "summary": "bz#1848092: CVE-2019-16769 npm-serialize-javascript: XSS via unsafe characters in serialized regular expressions", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1848092" } ], "release_date": "2020-05-04T00:00:00Z", "remediations": [ { "category": "vendor_fix", "details": "For OpenShift Container Platform 4.6 see the following documentation, which\nwill be updated shortly for this release, for important instructions on how\nto upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.6/release_notes/ocp-4-6-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.6/updating/updating-cluster-cli.html.", "product_ids": [ "8Base-RHOSE-4.6:openshift4/ose-grafana:v4.6.0-202010061132.p0" ], "url": "https://access.redhat.com/errata/RHSA-2020:4298" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", "version": "3.1" }, "products": [ "8Base-RHOSE-4.6:openshift4/ose-grafana:v4.6.0-202010061132.p0" ] } ], "threats": [ { "category": "impact", "date": "2020-06-17T00:00:00Z", "details": "Moderate" } ], "title": "CVE-2019-16769 npm-serialize-javascript: XSS via unsafe characters in serialized regular expressions" }, { "cve": "CVE-2020-7013", "cwe": { "id": "CWE-94", "name": "Improper Control of Generation of Code (\u0027Code Injection\u0027)" }, "discovery_date": "2020-06-19T00:00:00Z", "flags": [ { "label": "component_not_present", "product_ids": [ "8Base-RHOSE-4.6:openshift4/ose-ansible-operator:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-aws-machine-controllers:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-azure-machine-controllers:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cli-artifacts:v4.6.0-202010080605.p0", "8Base-RHOSE-4.6:openshift4/ose-cli:v4.6.0-202010080605.p0", "8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler:v4.6.0-202009291152.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-capacity:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator:v4.6.0-202010062159.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator:v4.6.0-202010090300.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator:v4.6.0-202010081538.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator:v4.6.0-202009290409.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-console-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-console:v4.6.0-202010100121.p0", "8Base-RHOSE-4.6:openshift4/ose-coredns:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-descheduler:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-docker-builder:v4.6.0-202010120952.p0", "8Base-RHOSE-4.6:openshift4/ose-docker-registry:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-etcd:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-grafana:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-hyperkube:v4.6.0-202010081843.p0", "8Base-RHOSE-4.6:openshift4/ose-installer:v4.6.0-202010081843.p0", "8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-machine-config-operator:v4.6.0-202010220220.p0", "8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-metering-presto:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-metering-reporting-operator:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-multus-cni:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8:v4.6.0-202010012244.p0", "8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8:v4.6.0-202010011936.p0", "8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-oauth-proxy:v4.6.0-202010010929.p0", "8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager:v4.6.0-202010130555.p0", "8Base-RHOSE-4.6:openshift4/ose-operator-marketplace:v4.6.0-202010081538.p0", "8Base-RHOSE-4.6:openshift4/ose-operator-registry:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-prometheus:v4.6.0-202009290409.p0", "8Base-RHOSE-4.6:openshift4/ose-ptp-operator:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-ptp:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-service-ca-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-tests:v4.6.0-202010120952.p0" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla", "text": "https://bugzilla.redhat.com/show_bug.cgi?id=1849044" } ], "notes": [ { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" }, { "category": "description", "text": "Kibana versions before 6.8.9 and 7.7.0 contain a prototype pollution flaw in TSVB. An authenticated attacker with privileges to create TSVB visualizations could insert data that would cause Kibana to execute arbitrary code. This could possibly lead to an attacker executing code with the permissions of the Kibana process on the host system.", "title": "Vulnerability description" }, { "category": "summary", "text": "kibana: Prototype pollution in TSVB could result in arbitrary code execution (ESA-2020-06)", "title": "Vulnerability summary" } ], "product_status": { "fixed": [ "8Base-RHOSE-4.6:openshift4/ose-logging-kibana6:v4.6.0-202010200139.p0" ], "known_not_affected": [ "8Base-RHOSE-4.6:openshift4/ose-ansible-operator:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-aws-machine-controllers:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-azure-machine-controllers:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cli-artifacts:v4.6.0-202010080605.p0", "8Base-RHOSE-4.6:openshift4/ose-cli:v4.6.0-202010080605.p0", "8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler:v4.6.0-202009291152.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-capacity:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator:v4.6.0-202010062159.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator:v4.6.0-202010090300.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator:v4.6.0-202010081538.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator:v4.6.0-202009290409.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-console-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-console:v4.6.0-202010100121.p0", "8Base-RHOSE-4.6:openshift4/ose-coredns:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-descheduler:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-docker-builder:v4.6.0-202010120952.p0", "8Base-RHOSE-4.6:openshift4/ose-docker-registry:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-etcd:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-grafana:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-hyperkube:v4.6.0-202010081843.p0", "8Base-RHOSE-4.6:openshift4/ose-installer:v4.6.0-202010081843.p0", "8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-machine-config-operator:v4.6.0-202010220220.p0", "8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-metering-presto:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-metering-reporting-operator:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-multus-cni:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8:v4.6.0-202010012244.p0", "8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8:v4.6.0-202010011936.p0", "8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-oauth-proxy:v4.6.0-202010010929.p0", "8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager:v4.6.0-202010130555.p0", "8Base-RHOSE-4.6:openshift4/ose-operator-marketplace:v4.6.0-202010081538.p0", "8Base-RHOSE-4.6:openshift4/ose-operator-registry:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-prometheus:v4.6.0-202009290409.p0", "8Base-RHOSE-4.6:openshift4/ose-ptp-operator:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-ptp:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-service-ca-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-tests:v4.6.0-202010120952.p0" ] }, "references": [ { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2020-7013", "url": "https://www.cve.org/CVERecord?id=CVE-2020-7013" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-7013", "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-7013" }, { "category": "external", "summary": "https://discuss.elastic.co/t/elastic-stack-6-8-9-and-7-7-0-security-update/235571", "url": "https://discuss.elastic.co/t/elastic-stack-6-8-9-and-7-7-0-security-update/235571" }, { "category": "external", "summary": "CVE-2020-7013", "url": "https://access.redhat.com/security/cve/CVE-2020-7013" }, { "category": "external", "summary": "bz#1849044: CVE-2020-7013 kibana: Prototype pollution in TSVB could result in arbitrary code execution (ESA-2020-06)", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1849044" } ], "release_date": "2020-06-03T00:00:00Z", "remediations": [ { "category": "vendor_fix", "details": "For OpenShift Container Platform 4.6 see the following documentation, which\nwill be updated shortly for this release, for important instructions on how\nto upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.6/release_notes/ocp-4-6-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.6/updating/updating-cluster-cli.html.", "product_ids": [ "8Base-RHOSE-4.6:openshift4/ose-logging-kibana6:v4.6.0-202010200139.p0" ], "url": "https://access.redhat.com/errata/RHSA-2020:4298" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.2, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "8Base-RHOSE-4.6:openshift4/ose-logging-kibana6:v4.6.0-202010200139.p0" ] } ], "threats": [ { "category": "impact", "date": "2020-06-19T00:00:00Z", "details": "Moderate" } ], "title": "CVE-2020-7013 kibana: Prototype pollution in TSVB could result in arbitrary code execution (ESA-2020-06)" }, { "cve": "CVE-2020-7598", "cwe": { "id": "CWE-20", "name": "Improper Input Validation" }, "discovery_date": "2020-03-11T00:00:00Z", "flags": [ { "label": "component_not_present", "product_ids": [ "8Base-RHOSE-4.6:openshift4/ose-ansible-operator:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-aws-machine-controllers:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-azure-machine-controllers:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cli-artifacts:v4.6.0-202010080605.p0", "8Base-RHOSE-4.6:openshift4/ose-cli:v4.6.0-202010080605.p0", "8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler:v4.6.0-202009291152.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-capacity:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator:v4.6.0-202010062159.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator:v4.6.0-202010090300.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator:v4.6.0-202010081538.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator:v4.6.0-202009290409.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-console-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-coredns:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-descheduler:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-docker-builder:v4.6.0-202010120952.p0", "8Base-RHOSE-4.6:openshift4/ose-docker-registry:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-etcd:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-grafana:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-hyperkube:v4.6.0-202010081843.p0", "8Base-RHOSE-4.6:openshift4/ose-installer:v4.6.0-202010081843.p0", "8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-logging-kibana6:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-machine-config-operator:v4.6.0-202010220220.p0", "8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-metering-presto:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-metering-reporting-operator:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-multus-cni:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8:v4.6.0-202010012244.p0", "8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8:v4.6.0-202010011936.p0", "8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-oauth-proxy:v4.6.0-202010010929.p0", "8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager:v4.6.0-202010130555.p0", "8Base-RHOSE-4.6:openshift4/ose-operator-marketplace:v4.6.0-202010081538.p0", "8Base-RHOSE-4.6:openshift4/ose-operator-registry:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-ptp-operator:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-ptp:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-service-ca-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-tests:v4.6.0-202010120952.p0" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla", "text": "https://bugzilla.redhat.com/show_bug.cgi?id=1813344" } ], "notes": [ { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" }, { "category": "description", "text": "A flaw was found in nodejs-minimist, where it was tricked into adding or modifying properties of the Object.prototype using a \"constructor\" or \"__proto__\" payload. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.", "title": "Vulnerability description" }, { "category": "summary", "text": "nodejs-minimist: prototype pollution allows adding or modifying properties of Object.prototype using a constructor or __proto__ payload", "title": "Vulnerability summary" } ], "product_status": { "fixed": [ "8Base-RHOSE-4.6:openshift4/ose-console:v4.6.0-202010100121.p0", "8Base-RHOSE-4.6:openshift4/ose-prometheus:v4.6.0-202009290409.p0" ], "known_not_affected": [ "8Base-RHOSE-4.6:openshift4/ose-ansible-operator:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-aws-machine-controllers:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-azure-machine-controllers:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cli-artifacts:v4.6.0-202010080605.p0", "8Base-RHOSE-4.6:openshift4/ose-cli:v4.6.0-202010080605.p0", "8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler:v4.6.0-202009291152.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-capacity:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator:v4.6.0-202010062159.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator:v4.6.0-202010090300.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator:v4.6.0-202010081538.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator:v4.6.0-202009290409.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-console-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-coredns:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-descheduler:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-docker-builder:v4.6.0-202010120952.p0", "8Base-RHOSE-4.6:openshift4/ose-docker-registry:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-etcd:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-grafana:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-hyperkube:v4.6.0-202010081843.p0", "8Base-RHOSE-4.6:openshift4/ose-installer:v4.6.0-202010081843.p0", "8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-logging-kibana6:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-machine-config-operator:v4.6.0-202010220220.p0", "8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-metering-presto:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-metering-reporting-operator:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-multus-cni:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8:v4.6.0-202010012244.p0", "8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8:v4.6.0-202010011936.p0", "8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-oauth-proxy:v4.6.0-202010010929.p0", "8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager:v4.6.0-202010130555.p0", "8Base-RHOSE-4.6:openshift4/ose-operator-marketplace:v4.6.0-202010081538.p0", "8Base-RHOSE-4.6:openshift4/ose-operator-registry:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-ptp-operator:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-ptp:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-service-ca-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-tests:v4.6.0-202010120952.p0" ] }, "references": [ { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2020-7598", "url": "https://www.cve.org/CVERecord?id=CVE-2020-7598" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-7598", "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-7598" }, { "category": "external", "summary": "https://snyk.io/vuln/SNYK-JS-MINIMIST-559764", "url": "https://snyk.io/vuln/SNYK-JS-MINIMIST-559764" }, { "category": "external", "summary": "CVE-2020-7598", "url": "https://access.redhat.com/security/cve/CVE-2020-7598" }, { "category": "external", "summary": "bz#1813344: CVE-2020-7598 nodejs-minimist: prototype pollution allows adding or modifying properties of Object.prototype using a constructor or __proto__ payload", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1813344" } ], "release_date": "2020-03-10T00:00:00Z", "remediations": [ { "category": "vendor_fix", "details": "For OpenShift Container Platform 4.6 see the following documentation, which\nwill be updated shortly for this release, for important instructions on how\nto upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.6/release_notes/ocp-4-6-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.6/updating/updating-cluster-cli.html.", "product_ids": [ "8Base-RHOSE-4.6:openshift4/ose-console:v4.6.0-202010100121.p0", "8Base-RHOSE-4.6:openshift4/ose-prometheus:v4.6.0-202009290409.p0" ], "url": "https://access.redhat.com/errata/RHSA-2020:4298" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 5.6, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L", "version": "3.1" }, "products": [ "8Base-RHOSE-4.6:openshift4/ose-console:v4.6.0-202010100121.p0", "8Base-RHOSE-4.6:openshift4/ose-prometheus:v4.6.0-202009290409.p0" ] } ], "threats": [ { "category": "impact", "date": "2020-03-11T00:00:00Z", "details": "Moderate" } ], "title": "CVE-2020-7598 nodejs-minimist: prototype pollution allows adding or modifying properties of Object.prototype using a constructor or __proto__ payload" }, { "cve": "CVE-2020-7662", "cwe": { "id": "CWE-20", "name": "Improper Input Validation" }, "discovery_date": "2020-06-02T00:00:00Z", "flags": [ { "label": "component_not_present", "product_ids": [ "8Base-RHOSE-4.6:openshift4/ose-ansible-operator:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-aws-machine-controllers:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-azure-machine-controllers:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cli-artifacts:v4.6.0-202010080605.p0", "8Base-RHOSE-4.6:openshift4/ose-cli:v4.6.0-202010080605.p0", "8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler:v4.6.0-202009291152.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-capacity:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator:v4.6.0-202010062159.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator:v4.6.0-202010090300.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator:v4.6.0-202010081538.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator:v4.6.0-202009290409.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-console-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-console:v4.6.0-202010100121.p0", "8Base-RHOSE-4.6:openshift4/ose-coredns:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-descheduler:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-docker-builder:v4.6.0-202010120952.p0", "8Base-RHOSE-4.6:openshift4/ose-docker-registry:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-etcd:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-hyperkube:v4.6.0-202010081843.p0", "8Base-RHOSE-4.6:openshift4/ose-installer:v4.6.0-202010081843.p0", "8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-logging-kibana6:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-machine-config-operator:v4.6.0-202010220220.p0", "8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-metering-presto:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-metering-reporting-operator:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-multus-cni:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8:v4.6.0-202010012244.p0", "8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8:v4.6.0-202010011936.p0", "8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-oauth-proxy:v4.6.0-202010010929.p0", "8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager:v4.6.0-202010130555.p0", "8Base-RHOSE-4.6:openshift4/ose-operator-marketplace:v4.6.0-202010081538.p0", "8Base-RHOSE-4.6:openshift4/ose-operator-registry:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-prometheus:v4.6.0-202009290409.p0", "8Base-RHOSE-4.6:openshift4/ose-ptp-operator:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-ptp:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-service-ca-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-tests:v4.6.0-202010120952.p0" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla", "text": "https://bugzilla.redhat.com/show_bug.cgi?id=1845982" } ], "notes": [ { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" }, { "category": "description", "text": "websocket-extensions npm module prior to 0.1.4 allows Denial of Service (DoS) via Regex Backtracking. The extension parser may take quadratic time when parsing a header containing an unclosed string parameter value whose content is a repeating two-byte sequence of a backslash and some other character. This could be abused by an attacker to conduct Regex Denial Of Service (ReDoS) on a single-threaded server by providing a malicious payload with the Sec-WebSocket-Extensions header.", "title": "Vulnerability description" }, { "category": "summary", "text": "npmjs-websocket-extensions: ReDoS vulnerability in Sec-WebSocket-Extensions parser", "title": "Vulnerability summary" } ], "product_status": { "fixed": [ "8Base-RHOSE-4.6:openshift4/ose-grafana:v4.6.0-202010061132.p0" ], "known_not_affected": [ "8Base-RHOSE-4.6:openshift4/ose-ansible-operator:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-aws-machine-controllers:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-azure-machine-controllers:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cli-artifacts:v4.6.0-202010080605.p0", "8Base-RHOSE-4.6:openshift4/ose-cli:v4.6.0-202010080605.p0", "8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler:v4.6.0-202009291152.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-capacity:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator:v4.6.0-202010062159.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator:v4.6.0-202010090300.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator:v4.6.0-202010081538.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator:v4.6.0-202009290409.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-console-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-console:v4.6.0-202010100121.p0", "8Base-RHOSE-4.6:openshift4/ose-coredns:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-descheduler:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-docker-builder:v4.6.0-202010120952.p0", "8Base-RHOSE-4.6:openshift4/ose-docker-registry:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-etcd:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-hyperkube:v4.6.0-202010081843.p0", "8Base-RHOSE-4.6:openshift4/ose-installer:v4.6.0-202010081843.p0", "8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-logging-kibana6:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-machine-config-operator:v4.6.0-202010220220.p0", "8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-metering-presto:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-metering-reporting-operator:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-multus-cni:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8:v4.6.0-202010012244.p0", "8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8:v4.6.0-202010011936.p0", "8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-oauth-proxy:v4.6.0-202010010929.p0", "8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager:v4.6.0-202010130555.p0", "8Base-RHOSE-4.6:openshift4/ose-operator-marketplace:v4.6.0-202010081538.p0", "8Base-RHOSE-4.6:openshift4/ose-operator-registry:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-prometheus:v4.6.0-202009290409.p0", "8Base-RHOSE-4.6:openshift4/ose-ptp-operator:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-ptp:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-service-ca-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-tests:v4.6.0-202010120952.p0" ] }, "references": [ { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2020-7662", "url": "https://www.cve.org/CVERecord?id=CVE-2020-7662" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-7662", "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-7662" }, { "category": "external", "summary": "https://github.com/faye/websocket-extensions-node/security/advisories/GHSA-g78m-2chm-r7qv", "url": "https://github.com/faye/websocket-extensions-node/security/advisories/GHSA-g78m-2chm-r7qv" }, { "category": "external", "summary": "CVE-2020-7662", "url": "https://access.redhat.com/security/cve/CVE-2020-7662" }, { "category": "external", "summary": "bz#1845982: CVE-2020-7662 npmjs-websocket-extensions: ReDoS vulnerability in Sec-WebSocket-Extensions parser", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1845982" } ], "release_date": "2020-06-02T00:00:00Z", "remediations": [ { "category": "vendor_fix", "details": "For OpenShift Container Platform 4.6 see the following documentation, which\nwill be updated shortly for this release, for important instructions on how\nto upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.6/release_notes/ocp-4-6-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.6/updating/updating-cluster-cli.html.", "product_ids": [ "8Base-RHOSE-4.6:openshift4/ose-grafana:v4.6.0-202010061132.p0" ], "url": "https://access.redhat.com/errata/RHSA-2020:4298" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "8Base-RHOSE-4.6:openshift4/ose-grafana:v4.6.0-202010061132.p0" ] } ], "threats": [ { "category": "impact", "date": "2020-06-02T00:00:00Z", "details": "Moderate" } ], "title": "CVE-2020-7662 npmjs-websocket-extensions: ReDoS vulnerability in Sec-WebSocket-Extensions parser" }, { "cve": "CVE-2020-8203", "cwe": { "id": "CWE-20", "name": "Improper Input Validation" }, "discovery_date": "2020-07-15T00:00:00Z", "flags": [ { "label": "component_not_present", "product_ids": [ "8Base-RHOSE-4.6:openshift4/ose-ansible-operator:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-aws-machine-controllers:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-azure-machine-controllers:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cli-artifacts:v4.6.0-202010080605.p0", "8Base-RHOSE-4.6:openshift4/ose-cli:v4.6.0-202010080605.p0", "8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler:v4.6.0-202009291152.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-capacity:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator:v4.6.0-202010062159.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator:v4.6.0-202010090300.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator:v4.6.0-202010081538.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator:v4.6.0-202009290409.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-console-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-console:v4.6.0-202010100121.p0", "8Base-RHOSE-4.6:openshift4/ose-coredns:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-descheduler:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-docker-builder:v4.6.0-202010120952.p0", "8Base-RHOSE-4.6:openshift4/ose-docker-registry:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-etcd:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-grafana:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-hyperkube:v4.6.0-202010081843.p0", "8Base-RHOSE-4.6:openshift4/ose-installer:v4.6.0-202010081843.p0", "8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-logging-kibana6:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-machine-config-operator:v4.6.0-202010220220.p0", "8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-metering-reporting-operator:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-multus-cni:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8:v4.6.0-202010012244.p0", "8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8:v4.6.0-202010011936.p0", "8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-oauth-proxy:v4.6.0-202010010929.p0", "8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager:v4.6.0-202010130555.p0", "8Base-RHOSE-4.6:openshift4/ose-operator-marketplace:v4.6.0-202010081538.p0", "8Base-RHOSE-4.6:openshift4/ose-operator-registry:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-prometheus:v4.6.0-202009290409.p0", "8Base-RHOSE-4.6:openshift4/ose-ptp-operator:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-ptp:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-service-ca-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-tests:v4.6.0-202010120952.p0" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla", "text": "https://bugzilla.redhat.com/show_bug.cgi?id=1857412" } ], "notes": [ { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" }, { "category": "description", "text": "A flaw was found in nodejs-lodash in versions 4.17.15 and earlier. A prototype pollution attack is possible which can lead to arbitrary code execution. The primary threat from this vulnerability is to data integrity and system availability.", "title": "Vulnerability description" }, { "category": "summary", "text": "nodejs-lodash: prototype pollution in zipObjectDeep function", "title": "Vulnerability summary" } ], "product_status": { "fixed": [ "8Base-RHOSE-4.6:openshift4/ose-metering-presto:v4.6.0-202010200139.p0" ], "known_not_affected": [ "8Base-RHOSE-4.6:openshift4/ose-ansible-operator:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-aws-machine-controllers:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-azure-machine-controllers:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cli-artifacts:v4.6.0-202010080605.p0", "8Base-RHOSE-4.6:openshift4/ose-cli:v4.6.0-202010080605.p0", "8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler:v4.6.0-202009291152.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-capacity:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator:v4.6.0-202010062159.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator:v4.6.0-202010090300.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator:v4.6.0-202010081538.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator:v4.6.0-202009290409.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-console-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-console:v4.6.0-202010100121.p0", "8Base-RHOSE-4.6:openshift4/ose-coredns:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-descheduler:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-docker-builder:v4.6.0-202010120952.p0", "8Base-RHOSE-4.6:openshift4/ose-docker-registry:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-etcd:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-grafana:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-hyperkube:v4.6.0-202010081843.p0", "8Base-RHOSE-4.6:openshift4/ose-installer:v4.6.0-202010081843.p0", "8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-logging-kibana6:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-machine-config-operator:v4.6.0-202010220220.p0", "8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-metering-reporting-operator:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-multus-cni:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8:v4.6.0-202010012244.p0", "8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8:v4.6.0-202010011936.p0", "8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-oauth-proxy:v4.6.0-202010010929.p0", "8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager:v4.6.0-202010130555.p0", "8Base-RHOSE-4.6:openshift4/ose-operator-marketplace:v4.6.0-202010081538.p0", "8Base-RHOSE-4.6:openshift4/ose-operator-registry:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-prometheus:v4.6.0-202009290409.p0", "8Base-RHOSE-4.6:openshift4/ose-ptp-operator:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-ptp:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-service-ca-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-tests:v4.6.0-202010120952.p0" ] }, "references": [ { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2020-8203", "url": "https://www.cve.org/CVERecord?id=CVE-2020-8203" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-8203", "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-8203" }, { "category": "external", "summary": "https://hackerone.com/reports/712065", "url": "https://hackerone.com/reports/712065" }, { "category": "external", "summary": "https://www.npmjs.com/advisories/1523", "url": "https://www.npmjs.com/advisories/1523" }, { "category": "external", "summary": "CVE-2020-8203", "url": "https://access.redhat.com/security/cve/CVE-2020-8203" }, { "category": "external", "summary": "bz#1857412: CVE-2020-8203 nodejs-lodash: prototype pollution in zipObjectDeep function", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1857412" } ], "release_date": "2020-04-27T00:00:00Z", "remediations": [ { "category": "vendor_fix", "details": "For OpenShift Container Platform 4.6 see the following documentation, which\nwill be updated shortly for this release, for important instructions on how\nto upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.6/release_notes/ocp-4-6-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.6/updating/updating-cluster-cli.html.", "product_ids": [ "8Base-RHOSE-4.6:openshift4/ose-metering-presto:v4.6.0-202010200139.p0" ], "url": "https://access.redhat.com/errata/RHSA-2020:4298" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.4, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:H", "version": "3.1" }, "products": [ "8Base-RHOSE-4.6:openshift4/ose-metering-presto:v4.6.0-202010200139.p0" ] } ], "threats": [ { "category": "impact", "date": "2020-07-15T00:00:00Z", "details": "Moderate" } ], "title": "CVE-2020-8203 nodejs-lodash: prototype pollution in zipObjectDeep function" }, { "acknowledgments": [ { "names": [ "the Kubernetes Product Security Committee" ] }, { "names": [ "Wouter ter Maat" ], "organization": "Offensi", "summary": "Acknowledged by upstream." } ], "cve": "CVE-2020-8559", "cwe": { "id": "CWE-601", "name": "URL Redirection to Untrusted Site (\u0027Open Redirect\u0027)" }, "discovery_date": "2020-06-26T00:00:00Z", "flags": [ { "label": "component_not_present", "product_ids": [ "8Base-RHOSE-4.6:openshift4/ose-ansible-operator:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-aws-machine-controllers:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-azure-machine-controllers:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cli-artifacts:v4.6.0-202010080605.p0", "8Base-RHOSE-4.6:openshift4/ose-cli:v4.6.0-202010080605.p0", "8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler:v4.6.0-202009291152.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-capacity:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator:v4.6.0-202010062159.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator:v4.6.0-202010090300.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator:v4.6.0-202010081538.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator:v4.6.0-202009290409.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-console-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-console:v4.6.0-202010100121.p0", "8Base-RHOSE-4.6:openshift4/ose-coredns:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-descheduler:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-docker-builder:v4.6.0-202010120952.p0", "8Base-RHOSE-4.6:openshift4/ose-docker-registry:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-etcd:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-grafana:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-installer:v4.6.0-202010081843.p0", "8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-logging-kibana6:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-machine-config-operator:v4.6.0-202010220220.p0", "8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-metering-presto:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-metering-reporting-operator:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-multus-cni:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8:v4.6.0-202010012244.p0", "8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8:v4.6.0-202010011936.p0", "8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-oauth-proxy:v4.6.0-202010010929.p0", "8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager:v4.6.0-202010130555.p0", "8Base-RHOSE-4.6:openshift4/ose-operator-marketplace:v4.6.0-202010081538.p0", "8Base-RHOSE-4.6:openshift4/ose-operator-registry:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-prometheus:v4.6.0-202009290409.p0", "8Base-RHOSE-4.6:openshift4/ose-ptp-operator:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-ptp:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-service-ca-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-tests:v4.6.0-202010120952.p0" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla", "text": "https://bugzilla.redhat.com/show_bug.cgi?id=1851422" } ], "notes": [ { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" }, { "category": "description", "text": "A flaw was found in the Kubernetes API server, where it allows an attacker to escalate their privileges from a compromised node. This flaw allows an attacker who can intercept requests on a compromised node, to redirect those requests, along with their credentials, to perform actions on other endpoints that trust those credentials (including other clusters), allowing for escalation of privileges. The highest threat from this vulnerability is to confidentiality, integrity, and system availability.", "title": "Vulnerability description" }, { "category": "summary", "text": "kubernetes: compromised node could escalate to cluster level privileges", "title": "Vulnerability summary" } ], "product_status": { "fixed": [ "8Base-RHOSE-4.6:openshift4/ose-hyperkube:v4.6.0-202010081843.p0" ], "known_not_affected": [ "8Base-RHOSE-4.6:openshift4/ose-ansible-operator:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-aws-machine-controllers:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-azure-machine-controllers:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cli-artifacts:v4.6.0-202010080605.p0", "8Base-RHOSE-4.6:openshift4/ose-cli:v4.6.0-202010080605.p0", "8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler:v4.6.0-202009291152.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-capacity:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator:v4.6.0-202010062159.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator:v4.6.0-202010090300.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator:v4.6.0-202010081538.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator:v4.6.0-202009290409.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-console-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-console:v4.6.0-202010100121.p0", "8Base-RHOSE-4.6:openshift4/ose-coredns:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-descheduler:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-docker-builder:v4.6.0-202010120952.p0", "8Base-RHOSE-4.6:openshift4/ose-docker-registry:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-etcd:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-grafana:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-installer:v4.6.0-202010081843.p0", "8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-logging-kibana6:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-machine-config-operator:v4.6.0-202010220220.p0", "8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-metering-presto:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-metering-reporting-operator:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-multus-cni:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8:v4.6.0-202010012244.p0", "8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8:v4.6.0-202010011936.p0", "8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-oauth-proxy:v4.6.0-202010010929.p0", "8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager:v4.6.0-202010130555.p0", "8Base-RHOSE-4.6:openshift4/ose-operator-marketplace:v4.6.0-202010081538.p0", "8Base-RHOSE-4.6:openshift4/ose-operator-registry:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-prometheus:v4.6.0-202009290409.p0", "8Base-RHOSE-4.6:openshift4/ose-ptp-operator:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-ptp:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-service-ca-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-tests:v4.6.0-202010120952.p0" ] }, "references": [ { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2020-8559", "url": "https://www.cve.org/CVERecord?id=CVE-2020-8559" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-8559", "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-8559" }, { "category": "external", "summary": "https://groups.google.com/g/kubernetes-security-announce/c/JAIGG5yNROs", "url": "https://groups.google.com/g/kubernetes-security-announce/c/JAIGG5yNROs" }, { "category": "external", "summary": "CVE-2020-8559", "url": "https://access.redhat.com/security/cve/CVE-2020-8559" }, { "category": "external", "summary": "bz#1851422: CVE-2020-8559 kubernetes: compromised node could escalate to cluster level privileges", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1851422" } ], "release_date": "2020-07-15T00:00:00Z", "remediations": [ { "category": "vendor_fix", "details": "For OpenShift Container Platform 4.6 see the following documentation, which\nwill be updated shortly for this release, for important instructions on how\nto upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.6/release_notes/ocp-4-6-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.6/updating/updating-cluster-cli.html.", "product_ids": [ "8Base-RHOSE-4.6:openshift4/ose-hyperkube:v4.6.0-202010081843.p0" ], "url": "https://access.redhat.com/errata/RHSA-2020:4298" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "8Base-RHOSE-4.6:openshift4/ose-hyperkube:v4.6.0-202010081843.p0" ] } ], "threats": [ { "category": "impact", "date": "2020-06-26T00:00:00Z", "details": "Moderate" } ], "title": "CVE-2020-8559 kubernetes: compromised node could escalate to cluster level privileges" }, { "cve": "CVE-2020-9283", "cwe": { "id": "CWE-130", "name": "Improper Handling of Length Parameter Inconsistency" }, "discovery_date": "2020-02-19T00:00:00Z", "flags": [ { "label": "component_not_present", "product_ids": [ "8Base-RHOSE-4.6:openshift4/ose-ansible-operator:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-aws-machine-controllers:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-azure-machine-controllers:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cli-artifacts:v4.6.0-202010080605.p0", "8Base-RHOSE-4.6:openshift4/ose-cli:v4.6.0-202010080605.p0", "8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler:v4.6.0-202009291152.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-capacity:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator:v4.6.0-202010062159.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator:v4.6.0-202010090300.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator:v4.6.0-202010081538.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator:v4.6.0-202009290409.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-console-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-console:v4.6.0-202010100121.p0", "8Base-RHOSE-4.6:openshift4/ose-coredns:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-descheduler:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-docker-builder:v4.6.0-202010120952.p0", "8Base-RHOSE-4.6:openshift4/ose-docker-registry:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-etcd:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-grafana:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-hyperkube:v4.6.0-202010081843.p0", "8Base-RHOSE-4.6:openshift4/ose-installer:v4.6.0-202010081843.p0", "8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-logging-kibana6:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-machine-config-operator:v4.6.0-202010220220.p0", "8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-metering-presto:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-metering-reporting-operator:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-multus-cni:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8:v4.6.0-202010012244.p0", "8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8:v4.6.0-202010011936.p0", "8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-oauth-proxy:v4.6.0-202010010929.p0", "8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager:v4.6.0-202010130555.p0", "8Base-RHOSE-4.6:openshift4/ose-operator-marketplace:v4.6.0-202010081538.p0", "8Base-RHOSE-4.6:openshift4/ose-operator-registry:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-prometheus:v4.6.0-202009290409.p0", "8Base-RHOSE-4.6:openshift4/ose-ptp-operator:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-ptp:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-service-ca-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-tests:v4.6.0-202010120952.p0" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla", "text": "https://bugzilla.redhat.com/show_bug.cgi?id=1804533" } ], "notes": [ { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" }, { "category": "description", "text": "A denial of service vulnerability was found in the SSH package of the golang.org/x/crypto library. An attacker could exploit this flaw by supplying crafted SSH ed25519 keys to cause a crash in applications that use this package as either an SSH client or server.", "title": "Vulnerability description" }, { "category": "summary", "text": "golang.org/x/crypto: Processing of crafted ssh-ed25519 public keys allows for panic", "title": "Vulnerability summary" } ], "product_status": { "fixed": [ "8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator:v4.6.0-202010200139.p0" ], "known_not_affected": [ "8Base-RHOSE-4.6:openshift4/ose-ansible-operator:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-aws-machine-controllers:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-azure-machine-controllers:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cli-artifacts:v4.6.0-202010080605.p0", "8Base-RHOSE-4.6:openshift4/ose-cli:v4.6.0-202010080605.p0", "8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler:v4.6.0-202009291152.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-capacity:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator:v4.6.0-202010062159.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator:v4.6.0-202010090300.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator:v4.6.0-202010081538.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator:v4.6.0-202009290409.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-console-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-console:v4.6.0-202010100121.p0", "8Base-RHOSE-4.6:openshift4/ose-coredns:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-descheduler:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-docker-builder:v4.6.0-202010120952.p0", "8Base-RHOSE-4.6:openshift4/ose-docker-registry:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-etcd:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-grafana:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-hyperkube:v4.6.0-202010081843.p0", "8Base-RHOSE-4.6:openshift4/ose-installer:v4.6.0-202010081843.p0", "8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-logging-kibana6:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-machine-config-operator:v4.6.0-202010220220.p0", "8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-metering-presto:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-metering-reporting-operator:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-multus-cni:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8:v4.6.0-202010012244.p0", "8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8:v4.6.0-202010011936.p0", "8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-oauth-proxy:v4.6.0-202010010929.p0", "8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager:v4.6.0-202010130555.p0", "8Base-RHOSE-4.6:openshift4/ose-operator-marketplace:v4.6.0-202010081538.p0", "8Base-RHOSE-4.6:openshift4/ose-operator-registry:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-prometheus:v4.6.0-202009290409.p0", "8Base-RHOSE-4.6:openshift4/ose-ptp-operator:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-ptp:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-service-ca-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-tests:v4.6.0-202010120952.p0" ] }, "references": [ { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2020-9283", "url": "https://www.cve.org/CVERecord?id=CVE-2020-9283" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-9283", "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-9283" }, { "category": "external", "summary": "https://groups.google.com/forum/#!topic/golang-announce/3L45YRc91SY", "url": "https://groups.google.com/forum/#!topic/golang-announce/3L45YRc91SY" }, { "category": "external", "summary": "CVE-2020-9283", "url": "https://access.redhat.com/security/cve/CVE-2020-9283" }, { "category": "external", "summary": "bz#1804533: CVE-2020-9283 golang.org/x/crypto: Processing of crafted ssh-ed25519 public keys allows for panic", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1804533" } ], "release_date": "2020-02-21T00:00:00Z", "remediations": [ { "category": "vendor_fix", "details": "For OpenShift Container Platform 4.6 see the following documentation, which\nwill be updated shortly for this release, for important instructions on how\nto upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.6/release_notes/ocp-4-6-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.6/updating/updating-cluster-cli.html.", "product_ids": [ "8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator:v4.6.0-202010200139.p0" ], "url": "https://access.redhat.com/errata/RHSA-2020:4298" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator:v4.6.0-202010200139.p0" ] } ], "threats": [ { "category": "impact", "date": "2020-02-19T00:00:00Z", "details": "Important" } ], "title": "CVE-2020-9283 golang.org/x/crypto: Processing of crafted ssh-ed25519 public keys allows for panic" }, { "cve": "CVE-2020-10715", "cwe": { "id": "CWE-20", "name": "Improper Input Validation" }, "discovery_date": "2019-10-18T00:00:00Z", "flags": [ { "label": "component_not_present", "product_ids": [ "8Base-RHOSE-4.6:openshift4/ose-ansible-operator:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-aws-machine-controllers:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-azure-machine-controllers:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cli-artifacts:v4.6.0-202010080605.p0", "8Base-RHOSE-4.6:openshift4/ose-cli:v4.6.0-202010080605.p0", "8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler:v4.6.0-202009291152.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-capacity:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator:v4.6.0-202010062159.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator:v4.6.0-202010090300.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator:v4.6.0-202010081538.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator:v4.6.0-202009290409.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-console-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-coredns:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-descheduler:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-docker-builder:v4.6.0-202010120952.p0", "8Base-RHOSE-4.6:openshift4/ose-docker-registry:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-etcd:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-grafana:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-hyperkube:v4.6.0-202010081843.p0", "8Base-RHOSE-4.6:openshift4/ose-installer:v4.6.0-202010081843.p0", "8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-logging-kibana6:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-machine-config-operator:v4.6.0-202010220220.p0", "8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-metering-presto:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-metering-reporting-operator:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-multus-cni:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8:v4.6.0-202010012244.p0", "8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8:v4.6.0-202010011936.p0", "8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-oauth-proxy:v4.6.0-202010010929.p0", "8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager:v4.6.0-202010130555.p0", "8Base-RHOSE-4.6:openshift4/ose-operator-marketplace:v4.6.0-202010081538.p0", "8Base-RHOSE-4.6:openshift4/ose-operator-registry:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-prometheus:v4.6.0-202009290409.p0", "8Base-RHOSE-4.6:openshift4/ose-ptp-operator:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-ptp:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-service-ca-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-tests:v4.6.0-202010120952.p0" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla", "text": "https://bugzilla.redhat.com/show_bug.cgi?id=1767665" } ], "notes": [ { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" }, { "category": "description", "text": "A content spoofing vulnerability was found in the openshift/console. This flaw allows an attacker to craft a URL and inject arbitrary text onto the error page that appears to be from the OpenShift instance. This attack could potentially convince a user that the inserted text is legitimate.", "title": "Vulnerability description" }, { "category": "summary", "text": "openshift/console: text injection on error page via crafted url", "title": "Vulnerability summary" } ], "product_status": { "fixed": [ "8Base-RHOSE-4.6:openshift4/ose-console:v4.6.0-202010100121.p0" ], "known_not_affected": [ "8Base-RHOSE-4.6:openshift4/ose-ansible-operator:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-aws-machine-controllers:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-azure-machine-controllers:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cli-artifacts:v4.6.0-202010080605.p0", "8Base-RHOSE-4.6:openshift4/ose-cli:v4.6.0-202010080605.p0", "8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler:v4.6.0-202009291152.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-capacity:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator:v4.6.0-202010062159.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator:v4.6.0-202010090300.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator:v4.6.0-202010081538.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator:v4.6.0-202009290409.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-console-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-coredns:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-descheduler:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-docker-builder:v4.6.0-202010120952.p0", "8Base-RHOSE-4.6:openshift4/ose-docker-registry:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-etcd:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-grafana:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-hyperkube:v4.6.0-202010081843.p0", "8Base-RHOSE-4.6:openshift4/ose-installer:v4.6.0-202010081843.p0", "8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-logging-kibana6:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-machine-config-operator:v4.6.0-202010220220.p0", "8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-metering-presto:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-metering-reporting-operator:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-multus-cni:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8:v4.6.0-202010012244.p0", "8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8:v4.6.0-202010011936.p0", "8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-oauth-proxy:v4.6.0-202010010929.p0", "8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager:v4.6.0-202010130555.p0", "8Base-RHOSE-4.6:openshift4/ose-operator-marketplace:v4.6.0-202010081538.p0", "8Base-RHOSE-4.6:openshift4/ose-operator-registry:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-prometheus:v4.6.0-202009290409.p0", "8Base-RHOSE-4.6:openshift4/ose-ptp-operator:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-ptp:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-service-ca-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-tests:v4.6.0-202010120952.p0" ] }, "references": [ { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2020-10715", "url": "https://www.cve.org/CVERecord?id=CVE-2020-10715" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-10715", "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-10715" }, { "category": "external", "summary": "CVE-2020-10715", "url": "https://access.redhat.com/security/cve/CVE-2020-10715" }, { "category": "external", "summary": "bz#1767665: CVE-2020-10715 openshift/console: text injection on error page via crafted url", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1767665" } ], "release_date": "2020-07-27T00:00:00Z", "remediations": [ { "category": "vendor_fix", "details": "For OpenShift Container Platform 4.6 see the following documentation, which\nwill be updated shortly for this release, for important instructions on how\nto upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.6/release_notes/ocp-4-6-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.6/updating/updating-cluster-cli.html.", "product_ids": [ "8Base-RHOSE-4.6:openshift4/ose-console:v4.6.0-202010100121.p0" ], "url": "https://access.redhat.com/errata/RHSA-2020:4298" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 3.1, "baseSeverity": "LOW", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N", "version": "3.0" }, "products": [ "8Base-RHOSE-4.6:openshift4/ose-console:v4.6.0-202010100121.p0" ] } ], "threats": [ { "category": "impact", "date": "2019-10-18T00:00:00Z", "details": "Low" } ], "title": "CVE-2020-10715 openshift/console: text injection on error page via crafted url" }, { "cve": "CVE-2020-10743", "cwe": { "id": "CWE-358", "name": "Improperly Implemented Security Check for Standard" }, "discovery_date": "2020-05-05T00:00:00Z", "flags": [ { "label": "component_not_present", "product_ids": [ "8Base-RHOSE-4.6:openshift4/ose-ansible-operator:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-aws-machine-controllers:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-azure-machine-controllers:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cli-artifacts:v4.6.0-202010080605.p0", "8Base-RHOSE-4.6:openshift4/ose-cli:v4.6.0-202010080605.p0", "8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler:v4.6.0-202009291152.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-capacity:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator:v4.6.0-202010062159.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator:v4.6.0-202010090300.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator:v4.6.0-202010081538.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator:v4.6.0-202009290409.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-console-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-console:v4.6.0-202010100121.p0", "8Base-RHOSE-4.6:openshift4/ose-coredns:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-descheduler:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-docker-builder:v4.6.0-202010120952.p0", "8Base-RHOSE-4.6:openshift4/ose-docker-registry:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-etcd:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-grafana:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-hyperkube:v4.6.0-202010081843.p0", "8Base-RHOSE-4.6:openshift4/ose-installer:v4.6.0-202010081843.p0", "8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-machine-config-operator:v4.6.0-202010220220.p0", "8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-metering-presto:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-metering-reporting-operator:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-multus-cni:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8:v4.6.0-202010012244.p0", "8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8:v4.6.0-202010011936.p0", "8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-oauth-proxy:v4.6.0-202010010929.p0", "8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager:v4.6.0-202010130555.p0", "8Base-RHOSE-4.6:openshift4/ose-operator-marketplace:v4.6.0-202010081538.p0", "8Base-RHOSE-4.6:openshift4/ose-operator-registry:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-prometheus:v4.6.0-202009290409.p0", "8Base-RHOSE-4.6:openshift4/ose-ptp-operator:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-ptp:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-service-ca-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-tests:v4.6.0-202010120952.p0" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla", "text": "https://bugzilla.redhat.com/show_bug.cgi?id=1834550" } ], "notes": [ { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" }, { "category": "description", "text": "It was discovered that OpenShift Container Platform\u0027s (OCP) distribution of Kibana could open in an iframe, which made it possible to intercept and manipulate requests. This flaw allows an attacker to trick a user into performing arbitrary actions in OCP\u0027s distribution of Kibana, such as clickjacking.", "title": "Vulnerability description" }, { "category": "summary", "text": "kibana: X-Frame-Option not set by default might lead to clickjacking", "title": "Vulnerability summary" } ], "product_status": { "fixed": [ "8Base-RHOSE-4.6:openshift4/ose-logging-kibana6:v4.6.0-202010200139.p0" ], "known_not_affected": [ "8Base-RHOSE-4.6:openshift4/ose-ansible-operator:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-aws-machine-controllers:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-azure-machine-controllers:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cli-artifacts:v4.6.0-202010080605.p0", "8Base-RHOSE-4.6:openshift4/ose-cli:v4.6.0-202010080605.p0", "8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler:v4.6.0-202009291152.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-capacity:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator:v4.6.0-202010062159.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator:v4.6.0-202010090300.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator:v4.6.0-202010081538.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator:v4.6.0-202009290409.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-console-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-console:v4.6.0-202010100121.p0", "8Base-RHOSE-4.6:openshift4/ose-coredns:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-descheduler:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-docker-builder:v4.6.0-202010120952.p0", "8Base-RHOSE-4.6:openshift4/ose-docker-registry:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-etcd:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-grafana:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-hyperkube:v4.6.0-202010081843.p0", "8Base-RHOSE-4.6:openshift4/ose-installer:v4.6.0-202010081843.p0", "8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-machine-config-operator:v4.6.0-202010220220.p0", "8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-metering-presto:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-metering-reporting-operator:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-multus-cni:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8:v4.6.0-202010012244.p0", "8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8:v4.6.0-202010011936.p0", "8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-oauth-proxy:v4.6.0-202010010929.p0", "8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager:v4.6.0-202010130555.p0", "8Base-RHOSE-4.6:openshift4/ose-operator-marketplace:v4.6.0-202010081538.p0", "8Base-RHOSE-4.6:openshift4/ose-operator-registry:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-prometheus:v4.6.0-202009290409.p0", "8Base-RHOSE-4.6:openshift4/ose-ptp-operator:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-ptp:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-service-ca-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-tests:v4.6.0-202010120952.p0" ] }, "references": [ { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2020-10743", "url": "https://www.cve.org/CVERecord?id=CVE-2020-10743" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-10743", "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-10743" }, { "category": "external", "summary": "CVE-2020-10743", "url": "https://access.redhat.com/security/cve/CVE-2020-10743" }, { "category": "external", "summary": "bz#1834550: CVE-2020-10743 kibana: X-Frame-Option not set by default might lead to clickjacking", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1834550" } ], "release_date": "2020-01-27T00:00:00Z", "remediations": [ { "category": "vendor_fix", "details": "For OpenShift Container Platform 4.6 see the following documentation, which\nwill be updated shortly for this release, for important instructions on how\nto upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.6/release_notes/ocp-4-6-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.6/updating/updating-cluster-cli.html.", "product_ids": [ "8Base-RHOSE-4.6:openshift4/ose-logging-kibana6:v4.6.0-202010200139.p0" ], "url": "https://access.redhat.com/errata/RHSA-2020:4298" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 3.1, "baseSeverity": "LOW", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N", "version": "3.1" }, "products": [ "8Base-RHOSE-4.6:openshift4/ose-logging-kibana6:v4.6.0-202010200139.p0" ] } ], "threats": [ { "category": "impact", "date": "2020-05-05T00:00:00Z", "details": "Low" } ], "title": "CVE-2020-10743 kibana: X-Frame-Option not set by default might lead to clickjacking" }, { "cve": "CVE-2020-11022", "cwe": { "id": "CWE-79", "name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)" }, "discovery_date": "2020-04-23T00:00:00Z", "flags": [ { "label": "component_not_present", "product_ids": [ "8Base-RHOSE-4.6:openshift4/ose-ansible-operator:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-aws-machine-controllers:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-azure-machine-controllers:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cli-artifacts:v4.6.0-202010080605.p0", "8Base-RHOSE-4.6:openshift4/ose-cli:v4.6.0-202010080605.p0", "8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler:v4.6.0-202009291152.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-capacity:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator:v4.6.0-202010062159.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator:v4.6.0-202010090300.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator:v4.6.0-202010081538.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator:v4.6.0-202009290409.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-console-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-console:v4.6.0-202010100121.p0", "8Base-RHOSE-4.6:openshift4/ose-coredns:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-descheduler:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-docker-builder:v4.6.0-202010120952.p0", "8Base-RHOSE-4.6:openshift4/ose-docker-registry:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-etcd:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-hyperkube:v4.6.0-202010081843.p0", "8Base-RHOSE-4.6:openshift4/ose-installer:v4.6.0-202010081843.p0", "8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-logging-kibana6:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-machine-config-operator:v4.6.0-202010220220.p0", "8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-metering-presto:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-metering-reporting-operator:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-multus-cni:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8:v4.6.0-202010012244.p0", "8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8:v4.6.0-202010011936.p0", "8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-oauth-proxy:v4.6.0-202010010929.p0", "8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager:v4.6.0-202010130555.p0", "8Base-RHOSE-4.6:openshift4/ose-operator-marketplace:v4.6.0-202010081538.p0", "8Base-RHOSE-4.6:openshift4/ose-operator-registry:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-ptp-operator:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-ptp:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-service-ca-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-tests:v4.6.0-202010120952.p0" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla", "text": "https://bugzilla.redhat.com/show_bug.cgi?id=1828406" } ], "notes": [ { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" }, { "category": "description", "text": "A Cross-site scripting (XSS) vulnerability exists in JQuery. This flaw allows an attacker with the ability to supply input to the \u2018HTML\u2019 function to inject Javascript into the page where that input is rendered, and have it delivered by the browser.", "title": "Vulnerability description" }, { "category": "summary", "text": "jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method", "title": "Vulnerability summary" } ], "product_status": { "fixed": [ "8Base-RHOSE-4.6:openshift4/ose-grafana:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-prometheus:v4.6.0-202009290409.p0" ], "known_not_affected": [ "8Base-RHOSE-4.6:openshift4/ose-ansible-operator:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-aws-machine-controllers:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-azure-machine-controllers:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cli-artifacts:v4.6.0-202010080605.p0", "8Base-RHOSE-4.6:openshift4/ose-cli:v4.6.0-202010080605.p0", "8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler:v4.6.0-202009291152.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-capacity:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator:v4.6.0-202010062159.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator:v4.6.0-202010090300.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator:v4.6.0-202010081538.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator:v4.6.0-202009290409.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-console-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-console:v4.6.0-202010100121.p0", "8Base-RHOSE-4.6:openshift4/ose-coredns:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-descheduler:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-docker-builder:v4.6.0-202010120952.p0", "8Base-RHOSE-4.6:openshift4/ose-docker-registry:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-etcd:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-hyperkube:v4.6.0-202010081843.p0", "8Base-RHOSE-4.6:openshift4/ose-installer:v4.6.0-202010081843.p0", "8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-logging-kibana6:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-machine-config-operator:v4.6.0-202010220220.p0", "8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-metering-presto:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-metering-reporting-operator:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-multus-cni:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8:v4.6.0-202010012244.p0", "8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8:v4.6.0-202010011936.p0", "8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-oauth-proxy:v4.6.0-202010010929.p0", "8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager:v4.6.0-202010130555.p0", "8Base-RHOSE-4.6:openshift4/ose-operator-marketplace:v4.6.0-202010081538.p0", "8Base-RHOSE-4.6:openshift4/ose-operator-registry:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-ptp-operator:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-ptp:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-service-ca-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-tests:v4.6.0-202010120952.p0" ] }, "references": [ { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2020-11022", "url": "https://www.cve.org/CVERecord?id=CVE-2020-11022" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-11022", "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-11022" }, { "category": "external", "summary": "https://github.com/advisories/GHSA-gxr4-xjj5-5px2", "url": "https://github.com/advisories/GHSA-gxr4-xjj5-5px2" }, { "category": "external", "summary": "CVE-2020-11022", "url": "https://access.redhat.com/security/cve/CVE-2020-11022" }, { "category": "external", "summary": "bz#1828406: CVE-2020-11022 jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1828406" } ], "release_date": "2020-04-23T00:00:00Z", "remediations": [ { "category": "vendor_fix", "details": "For OpenShift Container Platform 4.6 see the following documentation, which\nwill be updated shortly for this release, for important instructions on how\nto upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.6/release_notes/ocp-4-6-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.6/updating/updating-cluster-cli.html.", "product_ids": [ "8Base-RHOSE-4.6:openshift4/ose-grafana:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-prometheus:v4.6.0-202009290409.p0" ], "url": "https://access.redhat.com/errata/RHSA-2020:4298" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.1" }, "products": [ "8Base-RHOSE-4.6:openshift4/ose-grafana:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-prometheus:v4.6.0-202009290409.p0" ] } ], "threats": [ { "category": "impact", "date": "2020-04-23T00:00:00Z", "details": "Moderate" } ], "title": "CVE-2020-11022 jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method" }, { "cve": "CVE-2020-11023", "cwe": { "id": "CWE-79", "name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)" }, "discovery_date": "2020-06-23T00:00:00Z", "flags": [ { "label": "component_not_present", "product_ids": [ "8Base-RHOSE-4.6:openshift4/ose-ansible-operator:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-aws-machine-controllers:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-azure-machine-controllers:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cli-artifacts:v4.6.0-202010080605.p0", "8Base-RHOSE-4.6:openshift4/ose-cli:v4.6.0-202010080605.p0", "8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler:v4.6.0-202009291152.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-capacity:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator:v4.6.0-202010062159.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator:v4.6.0-202010090300.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator:v4.6.0-202010081538.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator:v4.6.0-202009290409.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-console-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-console:v4.6.0-202010100121.p0", "8Base-RHOSE-4.6:openshift4/ose-coredns:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-descheduler:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-docker-builder:v4.6.0-202010120952.p0", "8Base-RHOSE-4.6:openshift4/ose-docker-registry:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-etcd:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-hyperkube:v4.6.0-202010081843.p0", "8Base-RHOSE-4.6:openshift4/ose-installer:v4.6.0-202010081843.p0", "8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-logging-kibana6:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-machine-config-operator:v4.6.0-202010220220.p0", "8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-metering-presto:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-metering-reporting-operator:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-multus-cni:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8:v4.6.0-202010012244.p0", "8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8:v4.6.0-202010011936.p0", "8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-oauth-proxy:v4.6.0-202010010929.p0", "8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager:v4.6.0-202010130555.p0", "8Base-RHOSE-4.6:openshift4/ose-operator-marketplace:v4.6.0-202010081538.p0", "8Base-RHOSE-4.6:openshift4/ose-operator-registry:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-ptp-operator:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-ptp:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-service-ca-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-tests:v4.6.0-202010120952.p0" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla", "text": "https://bugzilla.redhat.com/show_bug.cgi?id=1850004" } ], "notes": [ { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" }, { "category": "description", "text": "A flaw was found in jQuery. HTML containing \u003coption\u003e elements from untrusted sources are passed, even after sanitizing, to one of jQuery\u0027s DOM manipulation methods, which may execute untrusted code. The highest threat from this vulnerability is to data confidentiality and integrity.", "title": "Vulnerability description" }, { "category": "summary", "text": "Untrusted code execution via \u003coption\u003e tag in HTML passed to DOM manipulation methods", "title": "Vulnerability summary" } ], "product_status": { "fixed": [ "8Base-RHOSE-4.6:openshift4/ose-grafana:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-prometheus:v4.6.0-202009290409.p0" ], "known_not_affected": [ "8Base-RHOSE-4.6:openshift4/ose-ansible-operator:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-aws-machine-controllers:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-azure-machine-controllers:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cli-artifacts:v4.6.0-202010080605.p0", "8Base-RHOSE-4.6:openshift4/ose-cli:v4.6.0-202010080605.p0", "8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler:v4.6.0-202009291152.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-capacity:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator:v4.6.0-202010062159.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator:v4.6.0-202010090300.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator:v4.6.0-202010081538.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator:v4.6.0-202009290409.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-console-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-console:v4.6.0-202010100121.p0", "8Base-RHOSE-4.6:openshift4/ose-coredns:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-descheduler:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-docker-builder:v4.6.0-202010120952.p0", "8Base-RHOSE-4.6:openshift4/ose-docker-registry:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-etcd:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-hyperkube:v4.6.0-202010081843.p0", "8Base-RHOSE-4.6:openshift4/ose-installer:v4.6.0-202010081843.p0", "8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-logging-kibana6:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-machine-config-operator:v4.6.0-202010220220.p0", "8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-metering-presto:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-metering-reporting-operator:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-multus-cni:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8:v4.6.0-202010012244.p0", "8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8:v4.6.0-202010011936.p0", "8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-oauth-proxy:v4.6.0-202010010929.p0", "8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager:v4.6.0-202010130555.p0", "8Base-RHOSE-4.6:openshift4/ose-operator-marketplace:v4.6.0-202010081538.p0", "8Base-RHOSE-4.6:openshift4/ose-operator-registry:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-ptp-operator:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-ptp:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-service-ca-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-tests:v4.6.0-202010120952.p0" ] }, "references": [ { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2020-11023", "url": "https://www.cve.org/CVERecord?id=CVE-2020-11023" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-11023", "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-11023" }, { "category": "external", "summary": "https://blog.jquery.com/2020/04/10/jquery-3-5-0-released/", "url": "https://blog.jquery.com/2020/04/10/jquery-3-5-0-released/" }, { "category": "external", "summary": "CVE-2020-11023", "url": "https://access.redhat.com/security/cve/CVE-2020-11023" }, { "category": "external", "summary": "bz#1850004: Untrusted code execution via \u003coption\u003e tag in HTML passed to DOM manipulation methods", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1850004" } ], "release_date": "2020-04-29T00:00:00Z", "remediations": [ { "category": "vendor_fix", "details": "For OpenShift Container Platform 4.6 see the following documentation, which\nwill be updated shortly for this release, for important instructions on how\nto upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.6/release_notes/ocp-4-6-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.6/updating/updating-cluster-cli.html.", "product_ids": [ "8Base-RHOSE-4.6:openshift4/ose-grafana:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-prometheus:v4.6.0-202009290409.p0" ], "url": "https://access.redhat.com/errata/RHSA-2020:4298" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.1" }, "products": [ "8Base-RHOSE-4.6:openshift4/ose-grafana:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-prometheus:v4.6.0-202009290409.p0" ] } ], "threats": [ { "category": "impact", "date": "2020-06-23T00:00:00Z", "details": "Moderate" } ], "title": "Untrusted code execution via \u003coption\u003e tag in HTML passed to DOM manipulation methods" }, { "cve": "CVE-2020-11110", "cwe": { "id": "CWE-79", "name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)" }, "discovery_date": "2020-07-27T00:00:00Z", "flags": [ { "label": "component_not_present", "product_ids": [ "8Base-RHOSE-4.6:openshift4/ose-ansible-operator:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-aws-machine-controllers:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-azure-machine-controllers:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cli-artifacts:v4.6.0-202010080605.p0", "8Base-RHOSE-4.6:openshift4/ose-cli:v4.6.0-202010080605.p0", "8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler:v4.6.0-202009291152.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-capacity:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator:v4.6.0-202010062159.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator:v4.6.0-202010090300.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator:v4.6.0-202010081538.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator:v4.6.0-202009290409.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-console-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-console:v4.6.0-202010100121.p0", "8Base-RHOSE-4.6:openshift4/ose-coredns:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-descheduler:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-docker-builder:v4.6.0-202010120952.p0", "8Base-RHOSE-4.6:openshift4/ose-docker-registry:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-etcd:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-hyperkube:v4.6.0-202010081843.p0", "8Base-RHOSE-4.6:openshift4/ose-installer:v4.6.0-202010081843.p0", "8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-logging-kibana6:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-machine-config-operator:v4.6.0-202010220220.p0", "8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-metering-presto:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-metering-reporting-operator:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-multus-cni:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8:v4.6.0-202010012244.p0", "8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8:v4.6.0-202010011936.p0", "8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-oauth-proxy:v4.6.0-202010010929.p0", "8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager:v4.6.0-202010130555.p0", "8Base-RHOSE-4.6:openshift4/ose-operator-marketplace:v4.6.0-202010081538.p0", "8Base-RHOSE-4.6:openshift4/ose-operator-registry:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-prometheus:v4.6.0-202009290409.p0", "8Base-RHOSE-4.6:openshift4/ose-ptp-operator:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-ptp:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-service-ca-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-tests:v4.6.0-202010120952.p0" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla", "text": "https://bugzilla.redhat.com/show_bug.cgi?id=1861044" } ], "notes": [ { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" }, { "category": "description", "text": "A flaw was found in grafana. The lack of URL sanitizing allows for stored XSS.", "title": "Vulnerability description" }, { "category": "summary", "text": "grafana: stored XSS", "title": "Vulnerability summary" } ], "product_status": { "fixed": [ "8Base-RHOSE-4.6:openshift4/ose-grafana:v4.6.0-202010061132.p0" ], "known_not_affected": [ "8Base-RHOSE-4.6:openshift4/ose-ansible-operator:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-aws-machine-controllers:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-azure-machine-controllers:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cli-artifacts:v4.6.0-202010080605.p0", "8Base-RHOSE-4.6:openshift4/ose-cli:v4.6.0-202010080605.p0", "8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler:v4.6.0-202009291152.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-capacity:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator:v4.6.0-202010062159.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator:v4.6.0-202010090300.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator:v4.6.0-202010081538.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator:v4.6.0-202009290409.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-console-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-console:v4.6.0-202010100121.p0", "8Base-RHOSE-4.6:openshift4/ose-coredns:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-descheduler:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-docker-builder:v4.6.0-202010120952.p0", "8Base-RHOSE-4.6:openshift4/ose-docker-registry:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-etcd:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-hyperkube:v4.6.0-202010081843.p0", "8Base-RHOSE-4.6:openshift4/ose-installer:v4.6.0-202010081843.p0", "8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-logging-kibana6:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-machine-config-operator:v4.6.0-202010220220.p0", "8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-metering-presto:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-metering-reporting-operator:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-multus-cni:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8:v4.6.0-202010012244.p0", "8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8:v4.6.0-202010011936.p0", "8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-oauth-proxy:v4.6.0-202010010929.p0", "8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager:v4.6.0-202010130555.p0", "8Base-RHOSE-4.6:openshift4/ose-operator-marketplace:v4.6.0-202010081538.p0", "8Base-RHOSE-4.6:openshift4/ose-operator-registry:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-prometheus:v4.6.0-202009290409.p0", "8Base-RHOSE-4.6:openshift4/ose-ptp-operator:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-ptp:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-service-ca-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-tests:v4.6.0-202010120952.p0" ] }, "references": [ { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2020-11110", "url": "https://www.cve.org/CVERecord?id=CVE-2020-11110" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-11110", "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-11110" }, { "category": "external", "summary": "CVE-2020-11110", "url": "https://access.redhat.com/security/cve/CVE-2020-11110" }, { "category": "external", "summary": "bz#1861044: CVE-2020-11110 grafana: stored XSS", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1861044" } ], "release_date": "2020-04-01T00:00:00Z", "remediations": [ { "category": "vendor_fix", "details": "For OpenShift Container Platform 4.6 see the following documentation, which\nwill be updated shortly for this release, for important instructions on how\nto upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.6/release_notes/ocp-4-6-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.6/updating/updating-cluster-cli.html.", "product_ids": [ "8Base-RHOSE-4.6:openshift4/ose-grafana:v4.6.0-202010061132.p0" ], "url": "https://access.redhat.com/errata/RHSA-2020:4298" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.1" }, "products": [ "8Base-RHOSE-4.6:openshift4/ose-grafana:v4.6.0-202010061132.p0" ] } ], "threats": [ { "category": "impact", "date": "2020-07-27T00:00:00Z", "details": "Moderate" } ], "title": "CVE-2020-11110 grafana: stored XSS" }, { "cve": "CVE-2020-12052", "cwe": { "id": "CWE-79", "name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)" }, "discovery_date": "2020-06-17T00:00:00Z", "flags": [ { "label": "component_not_present", "product_ids": [ "8Base-RHOSE-4.6:openshift4/ose-ansible-operator:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-aws-machine-controllers:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-azure-machine-controllers:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cli-artifacts:v4.6.0-202010080605.p0", "8Base-RHOSE-4.6:openshift4/ose-cli:v4.6.0-202010080605.p0", "8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler:v4.6.0-202009291152.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-capacity:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator:v4.6.0-202010062159.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator:v4.6.0-202010090300.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator:v4.6.0-202010081538.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator:v4.6.0-202009290409.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-console-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-console:v4.6.0-202010100121.p0", "8Base-RHOSE-4.6:openshift4/ose-coredns:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-descheduler:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-docker-builder:v4.6.0-202010120952.p0", "8Base-RHOSE-4.6:openshift4/ose-docker-registry:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-etcd:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-hyperkube:v4.6.0-202010081843.p0", "8Base-RHOSE-4.6:openshift4/ose-installer:v4.6.0-202010081843.p0", "8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-logging-kibana6:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-machine-config-operator:v4.6.0-202010220220.p0", "8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-metering-presto:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-metering-reporting-operator:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-multus-cni:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8:v4.6.0-202010012244.p0", "8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8:v4.6.0-202010011936.p0", "8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-oauth-proxy:v4.6.0-202010010929.p0", "8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager:v4.6.0-202010130555.p0", "8Base-RHOSE-4.6:openshift4/ose-operator-marketplace:v4.6.0-202010081538.p0", "8Base-RHOSE-4.6:openshift4/ose-operator-registry:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-prometheus:v4.6.0-202009290409.p0", "8Base-RHOSE-4.6:openshift4/ose-ptp-operator:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-ptp:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-service-ca-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-tests:v4.6.0-202010120952.p0" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla", "text": "https://bugzilla.redhat.com/show_bug.cgi?id=1848089" } ], "notes": [ { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" }, { "category": "description", "text": "A flaw was found in grafana. The software is vulnerable to an annotation popup XSS.", "title": "Vulnerability description" }, { "category": "summary", "text": "grafana: XSS annotation popup vulnerability", "title": "Vulnerability summary" } ], "product_status": { "fixed": [ "8Base-RHOSE-4.6:openshift4/ose-grafana:v4.6.0-202010061132.p0" ], "known_not_affected": [ "8Base-RHOSE-4.6:openshift4/ose-ansible-operator:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-aws-machine-controllers:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-azure-machine-controllers:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cli-artifacts:v4.6.0-202010080605.p0", "8Base-RHOSE-4.6:openshift4/ose-cli:v4.6.0-202010080605.p0", "8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler:v4.6.0-202009291152.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-capacity:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator:v4.6.0-202010062159.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator:v4.6.0-202010090300.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator:v4.6.0-202010081538.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator:v4.6.0-202009290409.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-console-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-console:v4.6.0-202010100121.p0", "8Base-RHOSE-4.6:openshift4/ose-coredns:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-descheduler:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-docker-builder:v4.6.0-202010120952.p0", "8Base-RHOSE-4.6:openshift4/ose-docker-registry:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-etcd:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-hyperkube:v4.6.0-202010081843.p0", "8Base-RHOSE-4.6:openshift4/ose-installer:v4.6.0-202010081843.p0", "8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-logging-kibana6:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-machine-config-operator:v4.6.0-202010220220.p0", "8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-metering-presto:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-metering-reporting-operator:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-multus-cni:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8:v4.6.0-202010012244.p0", "8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8:v4.6.0-202010011936.p0", "8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-oauth-proxy:v4.6.0-202010010929.p0", "8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager:v4.6.0-202010130555.p0", "8Base-RHOSE-4.6:openshift4/ose-operator-marketplace:v4.6.0-202010081538.p0", "8Base-RHOSE-4.6:openshift4/ose-operator-registry:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-prometheus:v4.6.0-202009290409.p0", "8Base-RHOSE-4.6:openshift4/ose-ptp-operator:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-ptp:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-service-ca-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-tests:v4.6.0-202010120952.p0" ] }, "references": [ { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2020-12052", "url": "https://www.cve.org/CVERecord?id=CVE-2020-12052" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-12052", "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-12052" }, { "category": "external", "summary": "CVE-2020-12052", "url": "https://access.redhat.com/security/cve/CVE-2020-12052" }, { "category": "external", "summary": "bz#1848089: CVE-2020-12052 grafana: XSS annotation popup vulnerability", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1848089" } ], "release_date": "2020-04-27T00:00:00Z", "remediations": [ { "category": "vendor_fix", "details": "For OpenShift Container Platform 4.6 see the following documentation, which\nwill be updated shortly for this release, for important instructions on how\nto upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.6/release_notes/ocp-4-6-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.6/updating/updating-cluster-cli.html.", "product_ids": [ "8Base-RHOSE-4.6:openshift4/ose-grafana:v4.6.0-202010061132.p0" ], "url": "https://access.redhat.com/errata/RHSA-2020:4298" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.1" }, "products": [ "8Base-RHOSE-4.6:openshift4/ose-grafana:v4.6.0-202010061132.p0" ] } ], "threats": [ { "category": "impact", "date": "2020-06-17T00:00:00Z", "details": "Moderate" } ], "title": "CVE-2020-12052 grafana: XSS annotation popup vulnerability" }, { "cve": "CVE-2020-12245", "cwe": { "id": "CWE-79", "name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)" }, "discovery_date": "2020-04-25T00:00:00Z", "flags": [ { "label": "component_not_present", "product_ids": [ "8Base-RHOSE-4.6:openshift4/ose-ansible-operator:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-aws-machine-controllers:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-azure-machine-controllers:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cli-artifacts:v4.6.0-202010080605.p0", "8Base-RHOSE-4.6:openshift4/ose-cli:v4.6.0-202010080605.p0", "8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler:v4.6.0-202009291152.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-capacity:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator:v4.6.0-202010062159.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator:v4.6.0-202010090300.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator:v4.6.0-202010081538.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator:v4.6.0-202009290409.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-console-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-console:v4.6.0-202010100121.p0", "8Base-RHOSE-4.6:openshift4/ose-coredns:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-descheduler:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-docker-builder:v4.6.0-202010120952.p0", "8Base-RHOSE-4.6:openshift4/ose-docker-registry:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-etcd:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-hyperkube:v4.6.0-202010081843.p0", "8Base-RHOSE-4.6:openshift4/ose-installer:v4.6.0-202010081843.p0", "8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-logging-kibana6:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-machine-config-operator:v4.6.0-202010220220.p0", "8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-metering-presto:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-metering-reporting-operator:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-multus-cni:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8:v4.6.0-202010012244.p0", "8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8:v4.6.0-202010011936.p0", "8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-oauth-proxy:v4.6.0-202010010929.p0", "8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager:v4.6.0-202010130555.p0", "8Base-RHOSE-4.6:openshift4/ose-operator-marketplace:v4.6.0-202010081538.p0", "8Base-RHOSE-4.6:openshift4/ose-operator-registry:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-prometheus:v4.6.0-202009290409.p0", "8Base-RHOSE-4.6:openshift4/ose-ptp-operator:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-ptp:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-service-ca-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-tests:v4.6.0-202010120952.p0" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla", "text": "https://bugzilla.redhat.com/show_bug.cgi?id=1848643" } ], "notes": [ { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" }, { "category": "description", "text": "A flaw was found in grafana. A XSS is possible in table-panel via column.title or cellLinkTooltip.", "title": "Vulnerability description" }, { "category": "summary", "text": "grafana: XSS via column.title or cellLinkTooltip", "title": "Vulnerability summary" } ], "product_status": { "fixed": [ "8Base-RHOSE-4.6:openshift4/ose-grafana:v4.6.0-202010061132.p0" ], "known_not_affected": [ "8Base-RHOSE-4.6:openshift4/ose-ansible-operator:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-aws-machine-controllers:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-azure-machine-controllers:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cli-artifacts:v4.6.0-202010080605.p0", "8Base-RHOSE-4.6:openshift4/ose-cli:v4.6.0-202010080605.p0", "8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler:v4.6.0-202009291152.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-capacity:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator:v4.6.0-202010062159.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator:v4.6.0-202010090300.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator:v4.6.0-202010081538.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator:v4.6.0-202009290409.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-console-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-console:v4.6.0-202010100121.p0", "8Base-RHOSE-4.6:openshift4/ose-coredns:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-descheduler:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-docker-builder:v4.6.0-202010120952.p0", "8Base-RHOSE-4.6:openshift4/ose-docker-registry:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-etcd:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-hyperkube:v4.6.0-202010081843.p0", "8Base-RHOSE-4.6:openshift4/ose-installer:v4.6.0-202010081843.p0", "8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-logging-kibana6:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-machine-config-operator:v4.6.0-202010220220.p0", "8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-metering-presto:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-metering-reporting-operator:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-multus-cni:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8:v4.6.0-202010012244.p0", "8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8:v4.6.0-202010011936.p0", "8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-oauth-proxy:v4.6.0-202010010929.p0", "8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager:v4.6.0-202010130555.p0", "8Base-RHOSE-4.6:openshift4/ose-operator-marketplace:v4.6.0-202010081538.p0", "8Base-RHOSE-4.6:openshift4/ose-operator-registry:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-prometheus:v4.6.0-202009290409.p0", "8Base-RHOSE-4.6:openshift4/ose-ptp-operator:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-ptp:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-service-ca-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-tests:v4.6.0-202010120952.p0" ] }, "references": [ { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2020-12245", "url": "https://www.cve.org/CVERecord?id=CVE-2020-12245" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-12245", "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-12245" }, { "category": "external", "summary": "CVE-2020-12245", "url": "https://access.redhat.com/security/cve/CVE-2020-12245" }, { "category": "external", "summary": "bz#1848643: CVE-2020-12245 grafana: XSS via column.title or cellLinkTooltip", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1848643" } ], "release_date": "2020-04-23T00:00:00Z", "remediations": [ { "category": "vendor_fix", "details": "For OpenShift Container Platform 4.6 see the following documentation, which\nwill be updated shortly for this release, for important instructions on how\nto upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.6/release_notes/ocp-4-6-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.6/updating/updating-cluster-cli.html.", "product_ids": [ "8Base-RHOSE-4.6:openshift4/ose-grafana:v4.6.0-202010061132.p0" ], "url": "https://access.redhat.com/errata/RHSA-2020:4298" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.1" }, "products": [ "8Base-RHOSE-4.6:openshift4/ose-grafana:v4.6.0-202010061132.p0" ] } ], "threats": [ { "category": "impact", "date": "2020-04-25T00:00:00Z", "details": "Moderate" } ], "title": "CVE-2020-12245 grafana: XSS via column.title or cellLinkTooltip" }, { "cve": "CVE-2020-13822", "cwe": { "id": "CWE-190", "name": "Integer Overflow or Wraparound" }, "discovery_date": "2020-06-04T00:00:00Z", "flags": [ { "label": "component_not_present", "product_ids": [ "8Base-RHOSE-4.6:openshift4/ose-ansible-operator:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-aws-machine-controllers:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-azure-machine-controllers:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cli-artifacts:v4.6.0-202010080605.p0", "8Base-RHOSE-4.6:openshift4/ose-cli:v4.6.0-202010080605.p0", "8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler:v4.6.0-202009291152.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-capacity:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator:v4.6.0-202010062159.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator:v4.6.0-202010090300.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator:v4.6.0-202010081538.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator:v4.6.0-202009290409.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-console-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-console:v4.6.0-202010100121.p0", "8Base-RHOSE-4.6:openshift4/ose-coredns:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-descheduler:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-docker-builder:v4.6.0-202010120952.p0", "8Base-RHOSE-4.6:openshift4/ose-docker-registry:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-etcd:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-hyperkube:v4.6.0-202010081843.p0", "8Base-RHOSE-4.6:openshift4/ose-installer:v4.6.0-202010081843.p0", "8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-logging-kibana6:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-machine-config-operator:v4.6.0-202010220220.p0", "8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-metering-presto:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-metering-reporting-operator:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-multus-cni:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8:v4.6.0-202010012244.p0", "8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8:v4.6.0-202010011936.p0", "8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-oauth-proxy:v4.6.0-202010010929.p0", "8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager:v4.6.0-202010130555.p0", "8Base-RHOSE-4.6:openshift4/ose-operator-marketplace:v4.6.0-202010081538.p0", "8Base-RHOSE-4.6:openshift4/ose-operator-registry:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-ptp-operator:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-ptp:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-service-ca-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-tests:v4.6.0-202010120952.p0" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla", "text": "https://bugzilla.redhat.com/show_bug.cgi?id=1848647" } ], "notes": [ { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" }, { "category": "description", "text": "The Elliptic for Node.js allows ECDSA signature malleability via variations in encoding, leading \u0027\\0\u0027 bytes, or integer overflows. This could conceivably have a security-relevant impact if an application relied on a single canonical signature.", "title": "Vulnerability description" }, { "category": "summary", "text": "nodejs-elliptic: improper encoding checks allows a certain degree of signature malleability in ECDSA signatures", "title": "Vulnerability summary" } ], "product_status": { "fixed": [ "8Base-RHOSE-4.6:openshift4/ose-grafana:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-prometheus:v4.6.0-202009290409.p0" ], "known_not_affected": [ "8Base-RHOSE-4.6:openshift4/ose-ansible-operator:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-aws-machine-controllers:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-azure-machine-controllers:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cli-artifacts:v4.6.0-202010080605.p0", "8Base-RHOSE-4.6:openshift4/ose-cli:v4.6.0-202010080605.p0", "8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler:v4.6.0-202009291152.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-capacity:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator:v4.6.0-202010062159.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator:v4.6.0-202010090300.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator:v4.6.0-202010081538.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator:v4.6.0-202009290409.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-console-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-console:v4.6.0-202010100121.p0", "8Base-RHOSE-4.6:openshift4/ose-coredns:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-descheduler:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-docker-builder:v4.6.0-202010120952.p0", "8Base-RHOSE-4.6:openshift4/ose-docker-registry:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-etcd:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-hyperkube:v4.6.0-202010081843.p0", "8Base-RHOSE-4.6:openshift4/ose-installer:v4.6.0-202010081843.p0", "8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-logging-kibana6:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-machine-config-operator:v4.6.0-202010220220.p0", "8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-metering-presto:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-metering-reporting-operator:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-multus-cni:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8:v4.6.0-202010012244.p0", "8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8:v4.6.0-202010011936.p0", "8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-oauth-proxy:v4.6.0-202010010929.p0", "8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager:v4.6.0-202010130555.p0", "8Base-RHOSE-4.6:openshift4/ose-operator-marketplace:v4.6.0-202010081538.p0", "8Base-RHOSE-4.6:openshift4/ose-operator-registry:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-ptp-operator:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-ptp:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-service-ca-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-tests:v4.6.0-202010120952.p0" ] }, "references": [ { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2020-13822", "url": "https://www.cve.org/CVERecord?id=CVE-2020-13822" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-13822", "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-13822" }, { "category": "external", "summary": "https://snyk.io/vuln/SNYK-JS-ELLIPTIC-571484", "url": "https://snyk.io/vuln/SNYK-JS-ELLIPTIC-571484" }, { "category": "external", "summary": "CVE-2020-13822", "url": "https://access.redhat.com/security/cve/CVE-2020-13822" }, { "category": "external", "summary": "bz#1848647: CVE-2020-13822 nodejs-elliptic: improper encoding checks allows a certain degree of signature malleability in ECDSA signatures", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1848647" } ], "release_date": "2020-06-01T00:00:00Z", "remediations": [ { "category": "vendor_fix", "details": "For OpenShift Container Platform 4.6 see the following documentation, which\nwill be updated shortly for this release, for important instructions on how\nto upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.6/release_notes/ocp-4-6-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.6/updating/updating-cluster-cli.html.", "product_ids": [ "8Base-RHOSE-4.6:openshift4/ose-grafana:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-prometheus:v4.6.0-202009290409.p0" ], "url": "https://access.redhat.com/errata/RHSA-2020:4298" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 7.7, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:L", "version": "3.1" }, "products": [ "8Base-RHOSE-4.6:openshift4/ose-grafana:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-prometheus:v4.6.0-202009290409.p0" ] } ], "threats": [ { "category": "impact", "date": "2020-06-04T00:00:00Z", "details": "Moderate" } ], "title": "CVE-2020-13822 nodejs-elliptic: improper encoding checks allows a certain degree of signature malleability in ECDSA signatures" }, { "cve": "CVE-2020-14040", "cwe": { "id": "CWE-835", "name": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)" }, "discovery_date": "2020-06-17T00:00:00Z", "flags": [ { "label": "component_not_present", "product_ids": [ "8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-grafana:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-logging-kibana6:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-machine-config-operator:v4.6.0-202010220220.p0", "8Base-RHOSE-4.6:openshift4/ose-metering-presto:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-prometheus:v4.6.0-202009290409.p0", "8Base-RHOSE-4.6:openshift4/ose-ptp-operator:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-ptp:v4.6.0-202010200139.p0" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla", "text": "https://bugzilla.redhat.com/show_bug.cgi?id=1853652" } ], "notes": [ { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" }, { "category": "description", "text": "A denial of service vulnerability was found in the golang.org/x/text library. A library or application must use one of the vulnerable functions, such as unicode.Transform, transform.String, or transform.Byte, to be susceptible to this vulnerability. If an attacker is able to supply specific characters or strings to the vulnerable application, there is the potential to cause an infinite loop to occur using more memory, resulting in a denial of service.", "title": "Vulnerability description" }, { "category": "summary", "text": "golang.org/x/text: possibility to trigger an infinite loop in encoding/unicode could lead to crash", "title": "Vulnerability summary" } ], "product_status": { "fixed": [ "8Base-RHOSE-4.6:openshift4/ose-ansible-operator:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-aws-machine-controllers:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-azure-machine-controllers:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cli-artifacts:v4.6.0-202010080605.p0", "8Base-RHOSE-4.6:openshift4/ose-cli:v4.6.0-202010080605.p0", "8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler:v4.6.0-202009291152.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-capacity:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator:v4.6.0-202010062159.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator:v4.6.0-202010090300.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator:v4.6.0-202010081538.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator:v4.6.0-202009290409.p0", "8Base-RHOSE-4.6:openshift4/ose-console-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-console:v4.6.0-202010100121.p0", "8Base-RHOSE-4.6:openshift4/ose-coredns:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-descheduler:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-docker-builder:v4.6.0-202010120952.p0", "8Base-RHOSE-4.6:openshift4/ose-docker-registry:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-etcd:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-hyperkube:v4.6.0-202010081843.p0", "8Base-RHOSE-4.6:openshift4/ose-installer:v4.6.0-202010081843.p0", "8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-metering-reporting-operator:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-multus-cni:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8:v4.6.0-202010012244.p0", "8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8:v4.6.0-202010011936.p0", "8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-oauth-proxy:v4.6.0-202010010929.p0", "8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager:v4.6.0-202010130555.p0", "8Base-RHOSE-4.6:openshift4/ose-operator-marketplace:v4.6.0-202010081538.p0", "8Base-RHOSE-4.6:openshift4/ose-operator-registry:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-service-ca-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-tests:v4.6.0-202010120952.p0" ], "known_not_affected": [ "8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-grafana:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-logging-kibana6:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-machine-config-operator:v4.6.0-202010220220.p0", "8Base-RHOSE-4.6:openshift4/ose-metering-presto:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-prometheus:v4.6.0-202009290409.p0", "8Base-RHOSE-4.6:openshift4/ose-ptp-operator:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-ptp:v4.6.0-202010200139.p0" ] }, "references": [ { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2020-14040", "url": "https://www.cve.org/CVERecord?id=CVE-2020-14040" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-14040", "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-14040" }, { "category": "external", "summary": "https://github.com/golang/go/issues/39491", "url": "https://github.com/golang/go/issues/39491" }, { "category": "external", "summary": "https://groups.google.com/forum/#!topic/golang-announce/bXVeAmGOqz0", "url": "https://groups.google.com/forum/#!topic/golang-announce/bXVeAmGOqz0" }, { "category": "external", "summary": "CVE-2020-14040", "url": "https://access.redhat.com/security/cve/CVE-2020-14040" }, { "category": "external", "summary": "bz#1853652: CVE-2020-14040 golang.org/x/text: possibility to trigger an infinite loop in encoding/unicode could lead to crash", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1853652" } ], "release_date": "2020-06-17T00:00:00Z", "remediations": [ { "category": "vendor_fix", "details": "For OpenShift Container Platform 4.6 see the following documentation, which\nwill be updated shortly for this release, for important instructions on how\nto upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.6/release_notes/ocp-4-6-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.6/updating/updating-cluster-cli.html.", "product_ids": [ "8Base-RHOSE-4.6:openshift4/ose-ansible-operator:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-aws-machine-controllers:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-azure-machine-controllers:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cli-artifacts:v4.6.0-202010080605.p0", "8Base-RHOSE-4.6:openshift4/ose-cli:v4.6.0-202010080605.p0", "8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler:v4.6.0-202009291152.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-capacity:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator:v4.6.0-202010062159.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator:v4.6.0-202010090300.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator:v4.6.0-202010081538.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator:v4.6.0-202009290409.p0", "8Base-RHOSE-4.6:openshift4/ose-console-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-console:v4.6.0-202010100121.p0", "8Base-RHOSE-4.6:openshift4/ose-coredns:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-descheduler:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-docker-builder:v4.6.0-202010120952.p0", "8Base-RHOSE-4.6:openshift4/ose-docker-registry:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-etcd:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-hyperkube:v4.6.0-202010081843.p0", "8Base-RHOSE-4.6:openshift4/ose-installer:v4.6.0-202010081843.p0", "8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-metering-reporting-operator:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-multus-cni:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8:v4.6.0-202010012244.p0", "8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8:v4.6.0-202010011936.p0", "8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-oauth-proxy:v4.6.0-202010010929.p0", "8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager:v4.6.0-202010130555.p0", "8Base-RHOSE-4.6:openshift4/ose-operator-marketplace:v4.6.0-202010081538.p0", "8Base-RHOSE-4.6:openshift4/ose-operator-registry:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-service-ca-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-tests:v4.6.0-202010120952.p0" ], "url": "https://access.redhat.com/errata/RHSA-2020:4298" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "8Base-RHOSE-4.6:openshift4/ose-ansible-operator:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-aws-machine-controllers:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-azure-machine-controllers:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cli-artifacts:v4.6.0-202010080605.p0", "8Base-RHOSE-4.6:openshift4/ose-cli:v4.6.0-202010080605.p0", "8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler:v4.6.0-202009291152.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-capacity:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator:v4.6.0-202010062159.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator:v4.6.0-202010090300.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator:v4.6.0-202010081538.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator:v4.6.0-202009290409.p0", "8Base-RHOSE-4.6:openshift4/ose-console-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-console:v4.6.0-202010100121.p0", "8Base-RHOSE-4.6:openshift4/ose-coredns:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-descheduler:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-docker-builder:v4.6.0-202010120952.p0", "8Base-RHOSE-4.6:openshift4/ose-docker-registry:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-etcd:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-hyperkube:v4.6.0-202010081843.p0", "8Base-RHOSE-4.6:openshift4/ose-installer:v4.6.0-202010081843.p0", "8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-metering-reporting-operator:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-multus-cni:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8:v4.6.0-202010012244.p0", "8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8:v4.6.0-202010011936.p0", "8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-oauth-proxy:v4.6.0-202010010929.p0", "8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager:v4.6.0-202010130555.p0", "8Base-RHOSE-4.6:openshift4/ose-operator-marketplace:v4.6.0-202010081538.p0", "8Base-RHOSE-4.6:openshift4/ose-operator-registry:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-service-ca-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-tests:v4.6.0-202010120952.p0" ] } ], "threats": [ { "category": "impact", "date": "2020-06-17T00:00:00Z", "details": "Moderate" } ], "title": "CVE-2020-14040 golang.org/x/text: possibility to trigger an infinite loop in encoding/unicode could lead to crash" }, { "acknowledgments": [ { "names": [ "Yuval Kashtan" ], "organization": "Red Hat", "summary": "This issue was discovered by Red Hat." } ], "cve": "CVE-2020-14336", "cwe": { "id": "CWE-770", "name": "Allocation of Resources Without Limits or Throttling" }, "discovery_date": "2020-06-25T00:00:00Z", "flags": [ { "label": "component_not_present", "product_ids": [ "8Base-RHOSE-4.6:openshift4/ose-ansible-operator:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-aws-machine-controllers:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-azure-machine-controllers:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cli-artifacts:v4.6.0-202010080605.p0", "8Base-RHOSE-4.6:openshift4/ose-cli:v4.6.0-202010080605.p0", "8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler:v4.6.0-202009291152.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-capacity:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator:v4.6.0-202010062159.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator:v4.6.0-202010090300.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator:v4.6.0-202010081538.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator:v4.6.0-202009290409.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-console-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-console:v4.6.0-202010100121.p0", "8Base-RHOSE-4.6:openshift4/ose-coredns:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-descheduler:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-docker-builder:v4.6.0-202010120952.p0", "8Base-RHOSE-4.6:openshift4/ose-docker-registry:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-etcd:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-grafana:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-hyperkube:v4.6.0-202010081843.p0", "8Base-RHOSE-4.6:openshift4/ose-installer:v4.6.0-202010081843.p0", "8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-logging-kibana6:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-metering-presto:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-metering-reporting-operator:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-multus-cni:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8:v4.6.0-202010012244.p0", "8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8:v4.6.0-202010011936.p0", "8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-oauth-proxy:v4.6.0-202010010929.p0", "8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager:v4.6.0-202010130555.p0", "8Base-RHOSE-4.6:openshift4/ose-operator-marketplace:v4.6.0-202010081538.p0", "8Base-RHOSE-4.6:openshift4/ose-operator-registry:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-prometheus:v4.6.0-202009290409.p0", "8Base-RHOSE-4.6:openshift4/ose-ptp-operator:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-ptp:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-service-ca-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-tests:v4.6.0-202010120952.p0" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla", "text": "https://bugzilla.redhat.com/show_bug.cgi?id=1858981" } ], "notes": [ { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" }, { "category": "description", "text": "A flaw was found in the Restricted Security Context Constraints (SCC), where it allows pods to craft custom network packets. This flaw allows an attacker to cause a denial of service attack on an OpenShift Container Platform cluster if they can deploy pods. The highest threat from this vulnerability is to system availability.", "title": "Vulnerability description" }, { "category": "summary", "text": "openshift: restricted SCC allows pods to craft custom network packets", "title": "Vulnerability summary" } ], "product_status": { "fixed": [ "8Base-RHOSE-4.6:openshift4/ose-machine-config-operator:v4.6.0-202010220220.p0" ], "known_not_affected": [ "8Base-RHOSE-4.6:openshift4/ose-ansible-operator:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-aws-machine-controllers:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-azure-machine-controllers:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cli-artifacts:v4.6.0-202010080605.p0", "8Base-RHOSE-4.6:openshift4/ose-cli:v4.6.0-202010080605.p0", "8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler:v4.6.0-202009291152.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-capacity:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator:v4.6.0-202010062159.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator:v4.6.0-202010090300.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator:v4.6.0-202010081538.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator:v4.6.0-202009290409.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-console-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-console:v4.6.0-202010100121.p0", "8Base-RHOSE-4.6:openshift4/ose-coredns:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-descheduler:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-docker-builder:v4.6.0-202010120952.p0", "8Base-RHOSE-4.6:openshift4/ose-docker-registry:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-etcd:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-grafana:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-hyperkube:v4.6.0-202010081843.p0", "8Base-RHOSE-4.6:openshift4/ose-installer:v4.6.0-202010081843.p0", "8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-logging-kibana6:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-metering-presto:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-metering-reporting-operator:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-multus-cni:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8:v4.6.0-202010012244.p0", "8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8:v4.6.0-202010011936.p0", "8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-oauth-proxy:v4.6.0-202010010929.p0", "8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager:v4.6.0-202010130555.p0", "8Base-RHOSE-4.6:openshift4/ose-operator-marketplace:v4.6.0-202010081538.p0", "8Base-RHOSE-4.6:openshift4/ose-operator-registry:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-prometheus:v4.6.0-202009290409.p0", "8Base-RHOSE-4.6:openshift4/ose-ptp-operator:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-ptp:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-service-ca-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-tests:v4.6.0-202010120952.p0" ] }, "references": [ { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2020-14336", "url": "https://www.cve.org/CVERecord?id=CVE-2020-14336" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-14336", "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-14336" }, { "category": "external", "summary": "CVE-2020-14336", "url": "https://access.redhat.com/security/cve/CVE-2020-14336" }, { "category": "external", "summary": "bz#1858981: CVE-2020-14336 openshift: restricted SCC allows pods to craft custom network packets", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1858981" } ], "release_date": "2020-07-13T00:00:00Z", "remediations": [ { "category": "vendor_fix", "details": "For OpenShift Container Platform 4.6 see the following documentation, which\nwill be updated shortly for this release, for important instructions on how\nto upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.6/release_notes/ocp-4-6-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.6/updating/updating-cluster-cli.html.", "product_ids": [ "8Base-RHOSE-4.6:openshift4/ose-machine-config-operator:v4.6.0-202010220220.p0" ], "url": "https://access.redhat.com/errata/RHSA-2020:4298" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 3.1, "baseSeverity": "LOW", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L", "version": "3.1" }, "products": [ "8Base-RHOSE-4.6:openshift4/ose-machine-config-operator:v4.6.0-202010220220.p0" ] } ], "threats": [ { "category": "impact", "date": "2020-06-25T00:00:00Z", "details": "Low" } ], "title": "CVE-2020-14336 openshift: restricted SCC allows pods to craft custom network packets" }, { "cve": "CVE-2020-15366", "cwe": { "id": "CWE-471", "name": "Modification of Assumed-Immutable Data (MAID)" }, "discovery_date": "2020-07-15T00:00:00Z", "flags": [ { "label": "component_not_present", "product_ids": [ "8Base-RHOSE-4.6:openshift4/ose-ansible-operator:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-aws-machine-controllers:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-azure-machine-controllers:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cli-artifacts:v4.6.0-202010080605.p0", "8Base-RHOSE-4.6:openshift4/ose-cli:v4.6.0-202010080605.p0", "8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler:v4.6.0-202009291152.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-capacity:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator:v4.6.0-202010062159.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator:v4.6.0-202010090300.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator:v4.6.0-202010081538.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator:v4.6.0-202009290409.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-console-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-coredns:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-descheduler:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-docker-builder:v4.6.0-202010120952.p0", "8Base-RHOSE-4.6:openshift4/ose-docker-registry:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-etcd:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-grafana:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-hyperkube:v4.6.0-202010081843.p0", "8Base-RHOSE-4.6:openshift4/ose-installer:v4.6.0-202010081843.p0", "8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-logging-kibana6:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-machine-config-operator:v4.6.0-202010220220.p0", "8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-metering-presto:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-metering-reporting-operator:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-multus-cni:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8:v4.6.0-202010012244.p0", "8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8:v4.6.0-202010011936.p0", "8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-oauth-proxy:v4.6.0-202010010929.p0", "8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager:v4.6.0-202010130555.p0", "8Base-RHOSE-4.6:openshift4/ose-operator-marketplace:v4.6.0-202010081538.p0", "8Base-RHOSE-4.6:openshift4/ose-operator-registry:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-ptp-operator:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-ptp:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-service-ca-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-tests:v4.6.0-202010120952.p0" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla", "text": "https://bugzilla.redhat.com/show_bug.cgi?id=1857977" } ], "notes": [ { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" }, { "category": "description", "text": "A flaw was found in nodejs-ajv. A carefully crafted JSON schema could be provided that allows execution of other code by prototype pollution. While untrusted schemas are recommended against, the worst case of an untrusted schema should be a denial of service, not execution of code.", "title": "Vulnerability description" }, { "category": "summary", "text": "nodejs-ajv: prototype pollution via crafted JSON schema in ajv.validate function", "title": "Vulnerability summary" } ], "product_status": { "fixed": [ "8Base-RHOSE-4.6:openshift4/ose-console:v4.6.0-202010100121.p0", "8Base-RHOSE-4.6:openshift4/ose-prometheus:v4.6.0-202009290409.p0" ], "known_not_affected": [ "8Base-RHOSE-4.6:openshift4/ose-ansible-operator:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-aws-machine-controllers:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-azure-machine-controllers:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cli-artifacts:v4.6.0-202010080605.p0", "8Base-RHOSE-4.6:openshift4/ose-cli:v4.6.0-202010080605.p0", "8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler:v4.6.0-202009291152.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-capacity:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator:v4.6.0-202010062159.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator:v4.6.0-202010090300.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator:v4.6.0-202010081538.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator:v4.6.0-202009290409.p0", "8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-console-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-coredns:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-descheduler:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-docker-builder:v4.6.0-202010120952.p0", "8Base-RHOSE-4.6:openshift4/ose-docker-registry:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-etcd:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-grafana:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-hyperkube:v4.6.0-202010081843.p0", "8Base-RHOSE-4.6:openshift4/ose-installer:v4.6.0-202010081843.p0", "8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-logging-kibana6:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-machine-config-operator:v4.6.0-202010220220.p0", "8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-metering-presto:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-metering-reporting-operator:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-multus-cni:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8:v4.6.0-202010012244.p0", "8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8:v4.6.0-202010011936.p0", "8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-oauth-proxy:v4.6.0-202010010929.p0", "8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager:v4.6.0-202010130555.p0", "8Base-RHOSE-4.6:openshift4/ose-operator-marketplace:v4.6.0-202010081538.p0", "8Base-RHOSE-4.6:openshift4/ose-operator-registry:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-ptp-operator:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-ptp:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-service-ca-operator:v4.6.0-202010061132.p0", "8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook:v4.6.0-202010200139.p0", "8Base-RHOSE-4.6:openshift4/ose-tests:v4.6.0-202010120952.p0" ] }, "references": [ { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2020-15366", "url": "https://www.cve.org/CVERecord?id=CVE-2020-15366" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-15366", "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-15366" }, { "category": "external", "summary": "https://snyk.io/vuln/SNYK-JS-AJV-584908", "url": "https://snyk.io/vuln/SNYK-JS-AJV-584908" }, { "category": "external", "summary": "CVE-2020-15366", "url": "https://access.redhat.com/security/cve/CVE-2020-15366" }, { "category": "external", "summary": "bz#1857977: CVE-2020-15366 nodejs-ajv: prototype pollution via crafted JSON schema in ajv.validate function", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1857977" } ], "release_date": "2020-07-04T00:00:00Z", "remediations": [ { "category": "vendor_fix", "details": "For OpenShift Container Platform 4.6 see the following documentation, which\nwill be updated shortly for this release, for important instructions on how\nto upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.6/release_notes/ocp-4-6-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.6/updating/updating-cluster-cli.html.", "product_ids": [ "8Base-RHOSE-4.6:openshift4/ose-console:v4.6.0-202010100121.p0", "8Base-RHOSE-4.6:openshift4/ose-prometheus:v4.6.0-202009290409.p0" ], "url": "https://access.redhat.com/errata/RHSA-2020:4298" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 5.6, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L", "version": "3.1" }, "products": [ "8Base-RHOSE-4.6:openshift4/ose-console:v4.6.0-202010100121.p0", "8Base-RHOSE-4.6:openshift4/ose-prometheus:v4.6.0-202009290409.p0" ] } ], "threats": [ { "category": "impact", "date": "2020-07-15T00:00:00Z", "details": "Moderate" } ], "title": "CVE-2020-15366 nodejs-ajv: prototype pollution via crafted JSON schema in ajv.validate function" } ] }
ghsa-qr9q-882c-gv4j
Vulnerability from github
Published
2022-05-24 19:03
Modified
2023-02-02 21:33
Severity
Details
A flaw was found in the Restricted Security Context Constraints (SCC), where it allows pods to craft custom network packets. This flaw allows an attacker to cause a denial of service attack on an OpenShift Container Platform cluster if they can deploy pods. The highest threat from this vulnerability is to system availability.
{ "affected": [], "aliases": [ "CVE-2020-14336" ], "database_specific": { "cwe_ids": [ "CWE-770" ], "github_reviewed": false, "github_reviewed_at": null, "nvd_published_at": "2021-06-02T12:15:00Z", "severity": "MODERATE" }, "details": "A flaw was found in the Restricted Security Context Constraints (SCC), where it allows pods to craft custom network packets. This flaw allows an attacker to cause a denial of service attack on an OpenShift Container Platform cluster if they can deploy pods. The highest threat from this vulnerability is to system availability.", "id": "GHSA-qr9q-882c-gv4j", "modified": "2023-02-02T21:33:41Z", "published": "2022-05-24T19:03:55Z", "references": [ { "type": "ADVISORY", "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-14336" }, { "type": "WEB", "url": "https://access.redhat.com/errata/RHSA-2020:4298" }, { "type": "WEB", "url": "https://access.redhat.com/errata/RHSA-2020:4320" }, { "type": "WEB", "url": "https://access.redhat.com/security/cve/CVE-2020-14336" }, { "type": "WEB", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1858981" } ], "schema_version": "1.4.0", "severity": [ { "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "type": "CVSS_V3" } ] }
Loading...