Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2019-11249 (GCVE-0-2019-11249)
Vulnerability from cvelistv5 – Published: 2019-08-29 00:26 – Updated: 2024-09-16 18:19
VLAI?
EPSS
Title
kubectl cp allows symlink directory traversal
Summary
The kubectl cp command allows copying files between containers and the user machine. To copy files from a container, Kubernetes runs tar inside the container to create a tar archive, copies it over the network, and kubectl unpacks it on the user’s machine. If the tar binary in the container is malicious, it could run any code and output unexpected, malicious results. An attacker could use this to write files to any path on the user’s machine when kubectl cp is called, limited only by the system permissions of the local user. Kubernetes affected versions include versions prior to 1.13.9, versions prior to 1.14.5, versions prior to 1.15.2, and versions 1.1, 1.2, 1.4, 1.4, 1.5, 1.6, 1.7, 1.8, 1.9, 1.10, 1.11, 1.12.
Severity ?
4.8 (Medium)
CWE
- CWE-61 - UNIX Symbolic Link (Symlink) Following
Assigner
References
8 references
| URL | Tags |
|---|---|
| https://groups.google.com/d/msg/kubernetes-securi… | mailing-listx_refsource_MLIST |
| https://github.com/kubernetes/kubernetes/issues/80984 | x_refsource_CONFIRM |
| https://security.netapp.com/advisory/ntap-2019091… | x_refsource_CONFIRM |
| https://access.redhat.com/errata/RHBA-2019:2816 | vendor-advisoryx_refsource_REDHAT |
| https://access.redhat.com/errata/RHBA-2019:2794 | vendor-advisoryx_refsource_REDHAT |
| https://access.redhat.com/errata/RHBA-2019:2824 | vendor-advisoryx_refsource_REDHAT |
| https://access.redhat.com/errata/RHSA-2019:3239 | vendor-advisoryx_refsource_REDHAT |
| https://access.redhat.com/errata/RHSA-2019:3811 | vendor-advisoryx_refsource_REDHAT |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Kubernetes | Kubernetes |
Affected:
prior to 1.13.9
Affected: prior to 1.14.5 Affected: prior to 1.15.2 Affected: 1.1 Affected: 1.2 Affected: 1.4 Affected: 1.5 Affected: 1.6 Affected: 1.7 Affected: 1.8 Affected: 1.9 Affected: 1.10 Affected: 1.11 Affected: 1.12 |
Date Public ?
2019-08-05 00:00
Credits
Yang Yang, Amazon
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T22:48:08.982Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "v1.13.9, v1.14.5, v1.15.2 released to address CVE-2019-11247, CVE-2019-11249",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://groups.google.com/d/msg/kubernetes-security-announce/vUtEcSEY6SM/v2ZZxsmtFQAJ"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/kubernetes/kubernetes/issues/80984"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20190919-0003/"
},
{
"name": "RHBA-2019:2816",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHBA-2019:2816"
},
{
"name": "RHBA-2019:2794",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHBA-2019:2794"
},
{
"name": "RHBA-2019:2824",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHBA-2019:2824"
},
{
"name": "RHSA-2019:3239",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2019:3239"
},
{
"name": "RHSA-2019:3811",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2019:3811"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Kubernetes",
"vendor": "Kubernetes",
"versions": [
{
"status": "affected",
"version": "prior to 1.13.9"
},
{
"status": "affected",
"version": "prior to 1.14.5"
},
{
"status": "affected",
"version": "prior to 1.15.2"
},
{
"status": "affected",
"version": "1.1"
},
{
"status": "affected",
"version": "1.2"
},
{
"status": "affected",
"version": "1.4"
},
{
"status": "affected",
"version": "1.5"
},
{
"status": "affected",
"version": "1.6"
},
{
"status": "affected",
"version": "1.7"
},
{
"status": "affected",
"version": "1.8"
},
{
"status": "affected",
"version": "1.9"
},
{
"status": "affected",
"version": "1.10"
},
{
"status": "affected",
"version": "1.11"
},
{
"status": "affected",
"version": "1.12"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Yang Yang, Amazon"
}
],
"datePublic": "2019-08-05T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The kubectl cp command allows copying files between containers and the user machine. To copy files from a container, Kubernetes runs tar inside the container to create a tar archive, copies it over the network, and kubectl unpacks it on the user\u2019s machine. If the tar binary in the container is malicious, it could run any code and output unexpected, malicious results. An attacker could use this to write files to any path on the user\u2019s machine when kubectl cp is called, limited only by the system permissions of the local user. Kubernetes affected versions include versions prior to 1.13.9, versions prior to 1.14.5, versions prior to 1.15.2, and versions 1.1, 1.2, 1.4, 1.4, 1.5, 1.6, 1.7, 1.8, 1.9, 1.10, 1.11, 1.12."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:H/A:N",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-61",
"description": "CWE-61: UNIX Symbolic Link (Symlink) Following",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-11-07T18:06:34.000Z",
"orgId": "a6081bf6-c852-4425-ad4f-a67919267565",
"shortName": "kubernetes"
},
"references": [
{
"name": "v1.13.9, v1.14.5, v1.15.2 released to address CVE-2019-11247, CVE-2019-11249",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://groups.google.com/d/msg/kubernetes-security-announce/vUtEcSEY6SM/v2ZZxsmtFQAJ"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/kubernetes/kubernetes/issues/80984"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://security.netapp.com/advisory/ntap-20190919-0003/"
},
{
"name": "RHBA-2019:2816",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHBA-2019:2816"
},
{
"name": "RHBA-2019:2794",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHBA-2019:2794"
},
{
"name": "RHBA-2019:2824",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHBA-2019:2824"
},
{
"name": "RHSA-2019:3239",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2019:3239"
},
{
"name": "RHSA-2019:3811",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2019:3811"
}
],
"source": {
"defect": [
"https://github.com/kubernetes/kubernetes/issues/80984"
],
"discovery": "USER"
},
"title": "kubectl cp allows symlink directory traversal",
"x_generator": {
"engine": "Vulnogram 0.0.7"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"AKA": "",
"ASSIGNER": "security@kubernetes.io",
"DATE_PUBLIC": "2019-08-05",
"ID": "CVE-2019-11249",
"STATE": "PUBLIC",
"TITLE": "kubectl cp allows symlink directory traversal"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Kubernetes",
"version": {
"version_data": [
{
"version_value": "prior to 1.13.9"
},
{
"version_value": "prior to 1.14.5"
},
{
"version_value": "prior to 1.15.2"
},
{
"version_value": "1.1"
},
{
"version_value": "1.2"
},
{
"version_value": "1.4"
},
{
"version_value": "1.4"
},
{
"version_value": "1.5"
},
{
"version_value": "1.6"
},
{
"version_value": "1.7"
},
{
"version_value": "1.8"
},
{
"version_value": "1.9"
},
{
"version_value": "1.10"
},
{
"version_value": "1.11"
},
{
"version_value": "1.12"
}
]
}
}
]
},
"vendor_name": "Kubernetes"
}
]
}
},
"configuration": [],
"credit": [
{
"lang": "eng",
"value": "Yang Yang, Amazon"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The kubectl cp command allows copying files between containers and the user machine. To copy files from a container, Kubernetes runs tar inside the container to create a tar archive, copies it over the network, and kubectl unpacks it on the user\u2019s machine. If the tar binary in the container is malicious, it could run any code and output unexpected, malicious results. An attacker could use this to write files to any path on the user\u2019s machine when kubectl cp is called, limited only by the system permissions of the local user. Kubernetes affected versions include versions prior to 1.13.9, versions prior to 1.14.5, versions prior to 1.15.2, and versions 1.1, 1.2, 1.4, 1.4, 1.5, 1.6, 1.7, 1.8, 1.9, 1.10, 1.11, 1.12."
}
]
},
"exploit": [],
"generator": {
"engine": "Vulnogram 0.0.7"
},
"impact": {
"cvss": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:H/A:N",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-61: UNIX Symbolic Link (Symlink) Following"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "v1.13.9, v1.14.5, v1.15.2 released to address CVE-2019-11247, CVE-2019-11249",
"refsource": "MLIST",
"url": "https://groups.google.com/d/msg/kubernetes-security-announce/vUtEcSEY6SM/v2ZZxsmtFQAJ"
},
{
"name": "https://github.com/kubernetes/kubernetes/issues/80984",
"refsource": "CONFIRM",
"url": "https://github.com/kubernetes/kubernetes/issues/80984"
},
{
"name": "https://security.netapp.com/advisory/ntap-20190919-0003/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20190919-0003/"
},
{
"name": "RHBA-2019:2816",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHBA-2019:2816"
},
{
"name": "RHBA-2019:2794",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHBA-2019:2794"
},
{
"name": "RHBA-2019:2824",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHBA-2019:2824"
},
{
"name": "RHSA-2019:3239",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2019:3239"
},
{
"name": "RHSA-2019:3811",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2019:3811"
}
]
},
"solution": [],
"source": {
"advisory": "",
"defect": [
"https://github.com/kubernetes/kubernetes/issues/80984"
],
"discovery": "USER"
},
"work_around": []
}
}
},
"cveMetadata": {
"assignerOrgId": "a6081bf6-c852-4425-ad4f-a67919267565",
"assignerShortName": "kubernetes",
"cveId": "CVE-2019-11249",
"datePublished": "2019-08-29T00:26:18.429Z",
"dateReserved": "2019-04-17T00:00:00.000Z",
"dateUpdated": "2024-09-16T18:19:22.322Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2019-11249",
"date": "2026-05-24",
"epss": "0.02895",
"percentile": "0.86504"
},
"fkie_nvd": {
"configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:kubernetes:kubernetes:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"1.0.0\", \"versionEndIncluding\": \"1.12.10\", \"matchCriteriaId\": \"ABCFC052-EAAD-4964-8B50-1D8A04A73D75\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:kubernetes:kubernetes:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"1.13.0\", \"versionEndExcluding\": \"1.13.9\", \"matchCriteriaId\": \"14126DA1-4F03-43D3-BD14-0BE06EC8F4E5\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:kubernetes:kubernetes:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"1.14.0\", \"versionEndExcluding\": \"1.14.5\", \"matchCriteriaId\": \"E10D117F-F0C4-4355-98E3-BB4A401258DE\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:kubernetes:kubernetes:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"1.15.0\", \"versionEndExcluding\": \"1.15.2\", \"matchCriteriaId\": \"2BECD4DB-0E6B-4C4A-B714-F6E4724BD0F6\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:kubernetes:kubernetes:1.12.11:beta0:*:*:*:*:*:*\", \"matchCriteriaId\": \"3EAFE32A-5295-4A4B-9EC1-A1DB3CAE3DC8\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:redhat:openshift_container_platform:3.9:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"309CB6F8-F178-454C-BE97-787F78647C28\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:redhat:openshift_container_platform:3.10:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"4DBCD38F-BBE8-488C-A8C3-5782F191D915\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:redhat:openshift_container_platform:3.11:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"2F87326E-0B56-4356-A889-73D026DB1D4B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:redhat:openshift_container_platform:4.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"064E7BDD-4EF0-4A0D-A38D-8C75BAFEDCEF\"}]}]}]",
"descriptions": "[{\"lang\": \"en\", \"value\": \"The kubectl cp command allows copying files between containers and the user machine. To copy files from a container, Kubernetes runs tar inside the container to create a tar archive, copies it over the network, and kubectl unpacks it on the user\\u2019s machine. If the tar binary in the container is malicious, it could run any code and output unexpected, malicious results. An attacker could use this to write files to any path on the user\\u2019s machine when kubectl cp is called, limited only by the system permissions of the local user. Kubernetes affected versions include versions prior to 1.13.9, versions prior to 1.14.5, versions prior to 1.15.2, and versions 1.1, 1.2, 1.4, 1.4, 1.5, 1.6, 1.7, 1.8, 1.9, 1.10, 1.11, 1.12.\"}, {\"lang\": \"es\", \"value\": \"El comando kubectl cp permite copiar archivos entre contenedores y la m\\u00e1quina del usuario. Para copiar archivos de un contenedor, Kubernetes ejecuta tar dentro del contenedor para crear un archivo tar, lo copia a trav\\u00e9s de la red y kubectl lo descomprime en la m\\u00e1quina del usuario. Si el binario tar en el contenedor es malicioso, podr\\u00eda ejecutar cualquier c\\u00f3digo y generar resultados inesperados y maliciosos. Un atacante podr\\u00eda usar esto para escribir archivos en cualquier ruta en la m\\u00e1quina del usuario cuando se llama a kubectl cp, limitado solo por los permisos del sistema del usuario local. Las versiones afectadas de Kubernetes incluyen versiones anteriores a la versi\\u00f3n 1.13.9, versiones anteriores a la versi\\u00f3n 1.14.5, versiones anteriores a la versi\\u00f3n 1.15.2 y versiones 1.1, 1.2, 1.4, 1.4, 1.5, 1.6, 1.7, 1.8, 1.9, 1.10, 1.11, 1.12 .\"}]",
"id": "CVE-2019-11249",
"lastModified": "2024-11-21T04:20:48.223",
"metrics": "{\"cvssMetricV31\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N\", \"baseScore\": 6.5, \"baseSeverity\": \"MEDIUM\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"REQUIRED\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"NONE\"}, \"exploitabilityScore\": 2.8, \"impactScore\": 3.6}], \"cvssMetricV30\": [{\"source\": \"jordan@liggitt.net\", \"type\": \"Secondary\", \"cvssData\": {\"version\": \"3.0\", \"vectorString\": \"CVSS:3.0/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:H/A:N\", \"baseScore\": 4.8, \"baseSeverity\": \"MEDIUM\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"HIGH\", \"privilegesRequired\": \"LOW\", \"userInteraction\": \"REQUIRED\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"NONE\"}, \"exploitabilityScore\": 1.2, \"impactScore\": 3.6}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:M/Au:N/C:N/I:P/A:P\", \"baseScore\": 5.8, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"MEDIUM\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"PARTIAL\", \"availabilityImpact\": \"PARTIAL\"}, \"baseSeverity\": \"MEDIUM\", \"exploitabilityScore\": 8.6, \"impactScore\": 4.9, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": true}]}",
"published": "2019-08-29T01:15:11.443",
"references": "[{\"url\": \"https://access.redhat.com/errata/RHBA-2019:2794\", \"source\": \"jordan@liggitt.net\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://access.redhat.com/errata/RHBA-2019:2816\", \"source\": \"jordan@liggitt.net\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://access.redhat.com/errata/RHBA-2019:2824\", \"source\": \"jordan@liggitt.net\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2019:3239\", \"source\": \"jordan@liggitt.net\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2019:3811\", \"source\": \"jordan@liggitt.net\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://github.com/kubernetes/kubernetes/issues/80984\", \"source\": \"jordan@liggitt.net\", \"tags\": [\"Patch\", \"Third Party Advisory\"]}, {\"url\": \"https://groups.google.com/d/msg/kubernetes-security-announce/vUtEcSEY6SM/v2ZZxsmtFQAJ\", \"source\": \"jordan@liggitt.net\", \"tags\": [\"Patch\", \"Third Party Advisory\"]}, {\"url\": \"https://security.netapp.com/advisory/ntap-20190919-0003/\", \"source\": \"jordan@liggitt.net\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://access.redhat.com/errata/RHBA-2019:2794\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://access.redhat.com/errata/RHBA-2019:2816\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://access.redhat.com/errata/RHBA-2019:2824\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2019:3239\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2019:3811\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://github.com/kubernetes/kubernetes/issues/80984\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\", \"Third Party Advisory\"]}, {\"url\": \"https://groups.google.com/d/msg/kubernetes-security-announce/vUtEcSEY6SM/v2ZZxsmtFQAJ\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\", \"Third Party Advisory\"]}, {\"url\": \"https://security.netapp.com/advisory/ntap-20190919-0003/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}]",
"sourceIdentifier": "jordan@liggitt.net",
"vulnStatus": "Modified",
"weaknesses": "[{\"source\": \"jordan@liggitt.net\", \"type\": \"Secondary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-61\"}]}, {\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-22\"}]}]"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2019-11249\",\"sourceIdentifier\":\"jordan@liggitt.net\",\"published\":\"2019-08-29T01:15:11.443\",\"lastModified\":\"2024-11-21T04:20:48.223\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"The kubectl cp command allows copying files between containers and the user machine. To copy files from a container, Kubernetes runs tar inside the container to create a tar archive, copies it over the network, and kubectl unpacks it on the user\u2019s machine. If the tar binary in the container is malicious, it could run any code and output unexpected, malicious results. An attacker could use this to write files to any path on the user\u2019s machine when kubectl cp is called, limited only by the system permissions of the local user. Kubernetes affected versions include versions prior to 1.13.9, versions prior to 1.14.5, versions prior to 1.15.2, and versions 1.1, 1.2, 1.4, 1.4, 1.5, 1.6, 1.7, 1.8, 1.9, 1.10, 1.11, 1.12.\"},{\"lang\":\"es\",\"value\":\"El comando kubectl cp permite copiar archivos entre contenedores y la m\u00e1quina del usuario. Para copiar archivos de un contenedor, Kubernetes ejecuta tar dentro del contenedor para crear un archivo tar, lo copia a trav\u00e9s de la red y kubectl lo descomprime en la m\u00e1quina del usuario. Si el binario tar en el contenedor es malicioso, podr\u00eda ejecutar cualquier c\u00f3digo y generar resultados inesperados y maliciosos. Un atacante podr\u00eda usar esto para escribir archivos en cualquier ruta en la m\u00e1quina del usuario cuando se llama a kubectl cp, limitado solo por los permisos del sistema del usuario local. Las versiones afectadas de Kubernetes incluyen versiones anteriores a la versi\u00f3n 1.13.9, versiones anteriores a la versi\u00f3n 1.14.5, versiones anteriores a la versi\u00f3n 1.15.2 y versiones 1.1, 1.2, 1.4, 1.4, 1.5, 1.6, 1.7, 1.8, 1.9, 1.10, 1.11, 1.12 .\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N\",\"baseScore\":6.5,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"REQUIRED\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":2.8,\"impactScore\":3.6}],\"cvssMetricV30\":[{\"source\":\"jordan@liggitt.net\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:H/A:N\",\"baseScore\":4.8,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"HIGH\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"REQUIRED\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":1.2,\"impactScore\":3.6}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:N/C:N/I:P/A:P\",\"baseScore\":5.8,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":8.6,\"impactScore\":4.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":true}]},\"weaknesses\":[{\"source\":\"jordan@liggitt.net\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-61\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-22\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:kubernetes:kubernetes:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"1.0.0\",\"versionEndIncluding\":\"1.12.10\",\"matchCriteriaId\":\"ABCFC052-EAAD-4964-8B50-1D8A04A73D75\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:kubernetes:kubernetes:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"1.13.0\",\"versionEndExcluding\":\"1.13.9\",\"matchCriteriaId\":\"14126DA1-4F03-43D3-BD14-0BE06EC8F4E5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:kubernetes:kubernetes:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"1.14.0\",\"versionEndExcluding\":\"1.14.5\",\"matchCriteriaId\":\"E10D117F-F0C4-4355-98E3-BB4A401258DE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:kubernetes:kubernetes:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"1.15.0\",\"versionEndExcluding\":\"1.15.2\",\"matchCriteriaId\":\"2BECD4DB-0E6B-4C4A-B714-F6E4724BD0F6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:kubernetes:kubernetes:1.12.11:beta0:*:*:*:*:*:*\",\"matchCriteriaId\":\"3EAFE32A-5295-4A4B-9EC1-A1DB3CAE3DC8\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:openshift_container_platform:3.9:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"309CB6F8-F178-454C-BE97-787F78647C28\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:openshift_container_platform:3.10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4DBCD38F-BBE8-488C-A8C3-5782F191D915\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:openshift_container_platform:3.11:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2F87326E-0B56-4356-A889-73D026DB1D4B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:openshift_container_platform:4.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"064E7BDD-4EF0-4A0D-A38D-8C75BAFEDCEF\"}]}]}],\"references\":[{\"url\":\"https://access.redhat.com/errata/RHBA-2019:2794\",\"source\":\"jordan@liggitt.net\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHBA-2019:2816\",\"source\":\"jordan@liggitt.net\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHBA-2019:2824\",\"source\":\"jordan@liggitt.net\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2019:3239\",\"source\":\"jordan@liggitt.net\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2019:3811\",\"source\":\"jordan@liggitt.net\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://github.com/kubernetes/kubernetes/issues/80984\",\"source\":\"jordan@liggitt.net\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://groups.google.com/d/msg/kubernetes-security-announce/vUtEcSEY6SM/v2ZZxsmtFQAJ\",\"source\":\"jordan@liggitt.net\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://security.netapp.com/advisory/ntap-20190919-0003/\",\"source\":\"jordan@liggitt.net\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHBA-2019:2794\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHBA-2019:2816\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHBA-2019:2824\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2019:3239\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2019:3811\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://github.com/kubernetes/kubernetes/issues/80984\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://groups.google.com/d/msg/kubernetes-security-announce/vUtEcSEY6SM/v2ZZxsmtFQAJ\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://security.netapp.com/advisory/ntap-20190919-0003/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]}]}}"
}
}
CERTFR-2022-AVI-591
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été découvertes dans les produits IBM. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire, un déni de service à distance et un contournement de la politique de sécurité.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| IBM | Spectrum | IBM Spectrum Protect Plus versions antérieures à 10.1.11 | ||
| IBM | Spectrum | IBM Spectrum Protect Client versions antérieures à 8.1.1.15 | ||
| IBM | N/A | IBM® Db2® et Db2 Warehouse® sur Cloud Pak for Data versions antérieures à 4.5.0 | ||
| IBM | Db2 | IBM® Db2® sur Openshift versions antérieures à 11.5.7.0-cn5 |
References
| Title | Publication Time | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "IBM Spectrum Protect Plus versions ant\u00e9rieures \u00e0 10.1.11",
"product": {
"name": "Spectrum",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "IBM Spectrum Protect Client versions ant\u00e9rieures \u00e0 8.1.1.15",
"product": {
"name": "Spectrum",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "IBM\u00ae Db2\u00ae et Db2 Warehouse\u00ae sur Cloud Pak for Data versions ant\u00e9rieures \u00e0 4.5.0",
"product": {
"name": "N/A",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "IBM\u00ae Db2\u00ae sur Openshift versions ant\u00e9rieures \u00e0 11.5.7.0-cn5",
"product": {
"name": "Db2",
"vendor": {
"name": "IBM",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2020-29368",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-29368"
},
{
"name": "CVE-2021-20322",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20322"
},
{
"name": "CVE-2018-1099",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1099"
},
{
"name": "CVE-2021-4154",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-4154"
},
{
"name": "CVE-2021-45485",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-45485"
},
{
"name": "CVE-2022-27191",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27191"
},
{
"name": "CVE-2021-30465",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30465"
},
{
"name": "CVE-2019-11249",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11249"
},
{
"name": "CVE-2020-8557",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-8557"
},
{
"name": "CVE-2020-7919",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-7919"
},
{
"name": "CVE-2019-11247",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11247"
},
{
"name": "CVE-2020-28851",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-28851"
},
{
"name": "CVE-2021-42248",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-42248"
},
{
"name": "CVE-2018-1002105",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1002105"
},
{
"name": "CVE-2021-31525",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-31525"
},
{
"name": "CVE-2020-15112",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-15112"
},
{
"name": "CVE-2021-4203",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-4203"
},
{
"name": "CVE-2021-25736",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-25736"
},
{
"name": "CVE-2020-27813",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-27813"
},
{
"name": "CVE-2018-17848",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-17848"
},
{
"name": "CVE-2019-16884",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-16884"
},
{
"name": "CVE-2021-41864",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-41864"
},
{
"name": "CVE-2020-36385",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-36385"
},
{
"name": "CVE-2020-25704",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-25704"
},
{
"name": "CVE-2021-25735",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-25735"
},
{
"name": "CVE-2017-18367",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-18367"
},
{
"name": "CVE-2020-8564",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-8564"
},
{
"name": "CVE-2021-20206",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20206"
},
{
"name": "CVE-2019-11246",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11246"
},
{
"name": "CVE-2021-31916",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-31916"
},
{
"name": "CVE-2020-8565",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-8565"
},
{
"name": "CVE-2021-27918",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-27918"
},
{
"name": "CVE-2021-3635",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3635"
},
{
"name": "CVE-2021-3573",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3573"
},
{
"name": "CVE-2018-1098",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1098"
},
{
"name": "CVE-2021-28971",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-28971"
},
{
"name": "CVE-2019-11254",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11254"
},
{
"name": "CVE-2022-0286",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0286"
},
{
"name": "CVE-2021-4002",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-4002"
},
{
"name": "CVE-2021-4083",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-4083"
},
{
"name": "CVE-2021-45486",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-45486"
},
{
"name": "CVE-2020-8551",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-8551"
},
{
"name": "CVE-2017-1002101",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-1002101"
},
{
"name": "CVE-2021-4157",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-4157"
},
{
"name": "CVE-2020-15106",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-15106"
},
{
"name": "CVE-2021-43784",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-43784"
},
{
"name": "CVE-2021-20321",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20321"
},
{
"name": "CVE-2018-17142",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-17142"
},
{
"name": "CVE-2022-0185",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0185"
},
{
"name": "CVE-2022-0847",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0847"
},
{
"name": "CVE-2021-41190",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-41190"
},
{
"name": "CVE-2021-44733",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44733"
},
{
"name": "CVE-2020-8552",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-8552"
},
{
"name": "CVE-2021-20269",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20269"
},
{
"name": "CVE-2020-8554",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-8554"
},
{
"name": "CVE-2019-11252",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11252"
},
{
"name": "CVE-2021-3121",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3121"
},
{
"name": "CVE-2019-11250",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11250"
},
{
"name": "CVE-2022-22942",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22942"
},
{
"name": "CVE-2022-1011",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1011"
},
{
"name": "CVE-2021-3669",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3669"
},
{
"name": "CVE-2020-8559",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-8559"
},
{
"name": "CVE-2020-10752",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-10752"
},
{
"name": "CVE-2021-28950",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-28950"
},
{
"name": "CVE-2021-29650",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-29650"
},
{
"name": "CVE-2020-36322",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-36322"
},
{
"name": "CVE-2020-28852",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-28852"
},
{
"name": "CVE-2021-4155",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-4155"
},
{
"name": "CVE-2020-15113",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-15113"
},
{
"name": "CVE-2020-29652",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-29652"
},
{
"name": "CVE-2018-17847",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-17847"
},
{
"name": "CVE-2022-0492",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0492"
},
{
"name": "CVE-2020-26160",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-26160"
},
{
"name": "CVE-2022-0778",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0778"
},
{
"name": "CVE-2021-42836",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-42836"
},
{
"name": "CVE-2020-8555",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-8555"
},
{
"name": "CVE-2021-44716",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44716"
},
{
"name": "CVE-2018-17143",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-17143"
},
{
"name": "CVE-2019-11841",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11841"
},
{
"name": "CVE-2018-20699",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-20699"
},
{
"name": "CVE-2021-33194",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-33194"
},
{
"name": "CVE-2020-14040",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14040"
},
{
"name": "CVE-2021-3764",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3764"
},
{
"name": "CVE-2019-1002101",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-1002101"
},
{
"name": "CVE-2021-38201",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-38201"
},
{
"name": "CVE-2021-21781",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-21781"
},
{
"name": "CVE-2022-0850",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0850"
},
{
"name": "CVE-2021-3538",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3538"
},
{
"name": "CVE-2019-11253",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11253"
},
{
"name": "CVE-2021-25737",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-25737"
},
{
"name": "CVE-2018-17846",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-17846"
},
{
"name": "CVE-2021-4028",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-4028"
},
{
"name": "CVE-2021-43565",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-43565"
},
{
"name": "CVE-2021-25741",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-25741"
},
{
"name": "CVE-2018-16886",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-16886"
},
{
"name": "CVE-2021-44907",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44907"
},
{
"name": "CVE-2021-4197",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-4197"
},
{
"name": "CVE-2020-9283",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-9283"
},
{
"name": "CVE-2019-11840",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11840"
},
{
"name": "CVE-2019-11251",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11251"
},
{
"name": "CVE-2020-36067",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-36067"
}
],
"links": [],
"reference": "CERTFR-2022-AVI-591",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2022-06-30T00:00:00.000000"
}
],
"risks": [
{
"description": "Ex\u00e9cution de code arbitraire"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
},
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Injection de requ\u00eates ill\u00e9gitimes par rebond (CSRF)"
},
{
"description": "Injection de code indirecte \u00e0 distance (XSS)"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits IBM.\nCertaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une\nex\u00e9cution de code arbitraire, un d\u00e9ni de service \u00e0 distance et un\ncontournement de la politique de s\u00e9curit\u00e9.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits IBM",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 6596399 du 29 juin 2022",
"url": "https://www.ibm.com/support/pages/node/6596399"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 6596971 du 29 juin 2022",
"url": "https://www.ibm.com/support/pages/node/6596971"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 6599703 du 29 juin 2022",
"url": "https://www.ibm.com/support/pages/node/6599703"
}
]
}
CERTFR-2022-AVI-591
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été découvertes dans les produits IBM. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire, un déni de service à distance et un contournement de la politique de sécurité.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| IBM | Spectrum | IBM Spectrum Protect Plus versions antérieures à 10.1.11 | ||
| IBM | Spectrum | IBM Spectrum Protect Client versions antérieures à 8.1.1.15 | ||
| IBM | N/A | IBM® Db2® et Db2 Warehouse® sur Cloud Pak for Data versions antérieures à 4.5.0 | ||
| IBM | Db2 | IBM® Db2® sur Openshift versions antérieures à 11.5.7.0-cn5 |
References
| Title | Publication Time | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "IBM Spectrum Protect Plus versions ant\u00e9rieures \u00e0 10.1.11",
"product": {
"name": "Spectrum",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "IBM Spectrum Protect Client versions ant\u00e9rieures \u00e0 8.1.1.15",
"product": {
"name": "Spectrum",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "IBM\u00ae Db2\u00ae et Db2 Warehouse\u00ae sur Cloud Pak for Data versions ant\u00e9rieures \u00e0 4.5.0",
"product": {
"name": "N/A",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "IBM\u00ae Db2\u00ae sur Openshift versions ant\u00e9rieures \u00e0 11.5.7.0-cn5",
"product": {
"name": "Db2",
"vendor": {
"name": "IBM",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2020-29368",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-29368"
},
{
"name": "CVE-2021-20322",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20322"
},
{
"name": "CVE-2018-1099",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1099"
},
{
"name": "CVE-2021-4154",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-4154"
},
{
"name": "CVE-2021-45485",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-45485"
},
{
"name": "CVE-2022-27191",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27191"
},
{
"name": "CVE-2021-30465",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30465"
},
{
"name": "CVE-2019-11249",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11249"
},
{
"name": "CVE-2020-8557",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-8557"
},
{
"name": "CVE-2020-7919",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-7919"
},
{
"name": "CVE-2019-11247",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11247"
},
{
"name": "CVE-2020-28851",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-28851"
},
{
"name": "CVE-2021-42248",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-42248"
},
{
"name": "CVE-2018-1002105",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1002105"
},
{
"name": "CVE-2021-31525",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-31525"
},
{
"name": "CVE-2020-15112",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-15112"
},
{
"name": "CVE-2021-4203",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-4203"
},
{
"name": "CVE-2021-25736",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-25736"
},
{
"name": "CVE-2020-27813",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-27813"
},
{
"name": "CVE-2018-17848",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-17848"
},
{
"name": "CVE-2019-16884",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-16884"
},
{
"name": "CVE-2021-41864",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-41864"
},
{
"name": "CVE-2020-36385",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-36385"
},
{
"name": "CVE-2020-25704",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-25704"
},
{
"name": "CVE-2021-25735",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-25735"
},
{
"name": "CVE-2017-18367",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-18367"
},
{
"name": "CVE-2020-8564",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-8564"
},
{
"name": "CVE-2021-20206",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20206"
},
{
"name": "CVE-2019-11246",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11246"
},
{
"name": "CVE-2021-31916",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-31916"
},
{
"name": "CVE-2020-8565",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-8565"
},
{
"name": "CVE-2021-27918",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-27918"
},
{
"name": "CVE-2021-3635",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3635"
},
{
"name": "CVE-2021-3573",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3573"
},
{
"name": "CVE-2018-1098",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1098"
},
{
"name": "CVE-2021-28971",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-28971"
},
{
"name": "CVE-2019-11254",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11254"
},
{
"name": "CVE-2022-0286",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0286"
},
{
"name": "CVE-2021-4002",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-4002"
},
{
"name": "CVE-2021-4083",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-4083"
},
{
"name": "CVE-2021-45486",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-45486"
},
{
"name": "CVE-2020-8551",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-8551"
},
{
"name": "CVE-2017-1002101",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-1002101"
},
{
"name": "CVE-2021-4157",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-4157"
},
{
"name": "CVE-2020-15106",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-15106"
},
{
"name": "CVE-2021-43784",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-43784"
},
{
"name": "CVE-2021-20321",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20321"
},
{
"name": "CVE-2018-17142",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-17142"
},
{
"name": "CVE-2022-0185",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0185"
},
{
"name": "CVE-2022-0847",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0847"
},
{
"name": "CVE-2021-41190",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-41190"
},
{
"name": "CVE-2021-44733",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44733"
},
{
"name": "CVE-2020-8552",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-8552"
},
{
"name": "CVE-2021-20269",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20269"
},
{
"name": "CVE-2020-8554",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-8554"
},
{
"name": "CVE-2019-11252",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11252"
},
{
"name": "CVE-2021-3121",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3121"
},
{
"name": "CVE-2019-11250",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11250"
},
{
"name": "CVE-2022-22942",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22942"
},
{
"name": "CVE-2022-1011",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1011"
},
{
"name": "CVE-2021-3669",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3669"
},
{
"name": "CVE-2020-8559",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-8559"
},
{
"name": "CVE-2020-10752",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-10752"
},
{
"name": "CVE-2021-28950",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-28950"
},
{
"name": "CVE-2021-29650",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-29650"
},
{
"name": "CVE-2020-36322",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-36322"
},
{
"name": "CVE-2020-28852",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-28852"
},
{
"name": "CVE-2021-4155",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-4155"
},
{
"name": "CVE-2020-15113",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-15113"
},
{
"name": "CVE-2020-29652",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-29652"
},
{
"name": "CVE-2018-17847",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-17847"
},
{
"name": "CVE-2022-0492",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0492"
},
{
"name": "CVE-2020-26160",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-26160"
},
{
"name": "CVE-2022-0778",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0778"
},
{
"name": "CVE-2021-42836",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-42836"
},
{
"name": "CVE-2020-8555",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-8555"
},
{
"name": "CVE-2021-44716",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44716"
},
{
"name": "CVE-2018-17143",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-17143"
},
{
"name": "CVE-2019-11841",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11841"
},
{
"name": "CVE-2018-20699",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-20699"
},
{
"name": "CVE-2021-33194",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-33194"
},
{
"name": "CVE-2020-14040",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14040"
},
{
"name": "CVE-2021-3764",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3764"
},
{
"name": "CVE-2019-1002101",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-1002101"
},
{
"name": "CVE-2021-38201",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-38201"
},
{
"name": "CVE-2021-21781",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-21781"
},
{
"name": "CVE-2022-0850",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0850"
},
{
"name": "CVE-2021-3538",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3538"
},
{
"name": "CVE-2019-11253",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11253"
},
{
"name": "CVE-2021-25737",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-25737"
},
{
"name": "CVE-2018-17846",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-17846"
},
{
"name": "CVE-2021-4028",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-4028"
},
{
"name": "CVE-2021-43565",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-43565"
},
{
"name": "CVE-2021-25741",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-25741"
},
{
"name": "CVE-2018-16886",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-16886"
},
{
"name": "CVE-2021-44907",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44907"
},
{
"name": "CVE-2021-4197",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-4197"
},
{
"name": "CVE-2020-9283",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-9283"
},
{
"name": "CVE-2019-11840",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11840"
},
{
"name": "CVE-2019-11251",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11251"
},
{
"name": "CVE-2020-36067",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-36067"
}
],
"links": [],
"reference": "CERTFR-2022-AVI-591",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2022-06-30T00:00:00.000000"
}
],
"risks": [
{
"description": "Ex\u00e9cution de code arbitraire"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
},
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Injection de requ\u00eates ill\u00e9gitimes par rebond (CSRF)"
},
{
"description": "Injection de code indirecte \u00e0 distance (XSS)"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits IBM.\nCertaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une\nex\u00e9cution de code arbitraire, un d\u00e9ni de service \u00e0 distance et un\ncontournement de la politique de s\u00e9curit\u00e9.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits IBM",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 6596399 du 29 juin 2022",
"url": "https://www.ibm.com/support/pages/node/6596399"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 6596971 du 29 juin 2022",
"url": "https://www.ibm.com/support/pages/node/6596971"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 6599703 du 29 juin 2022",
"url": "https://www.ibm.com/support/pages/node/6599703"
}
]
}
CNVD-2019-26372
Vulnerability from cnvd - Published: 2019-08-08
VLAI Severity ?
Title
kubectl路径遍历漏洞(CNVD-2019-26372)
Description
kubectl是一款用于运行针对Kubernetes集群的命令的命令行程序。
kubectl中存在路径遍历漏洞。该漏洞源于网络系统或产品未能正确地过滤资源或文件路径中的特殊元素。攻击者可利用该漏洞访问受限目录之外的位置。
Severity
低
Patch Name
kubectl路径遍历漏洞(CNVD-2019-26372)的补丁
Patch Description
kubectl是一款用于运行针对Kubernetes集群的命令的命令行程序。
kubectl中存在路径遍历漏洞。该漏洞源于网络系统或产品未能正确地过滤资源或文件路径中的特殊元素。攻击者可利用该漏洞访问受限目录之外的位置。目前,供应商发布了安全公告及相关补丁信息,修复了此漏洞。
Formal description
厂商已发布了漏洞修复程序,请及时关注更新: https://github.com/kubernetes/kubernetes/issues/80984
Reference
https://vigilance.fr/vulnerability/Kubernetes-file-creation-via-Kubectl-Cp-29949
Impacted products
| Name | kubectl kubectl |
|---|
{
"cves": {
"cve": {
"cveNumber": "CVE-2019-11249",
"cveUrl": "https://nvd.nist.gov/vuln/detail/CVE-2019-11249"
}
},
"description": "kubectl\u662f\u4e00\u6b3e\u7528\u4e8e\u8fd0\u884c\u9488\u5bf9Kubernetes\u96c6\u7fa4\u7684\u547d\u4ee4\u7684\u547d\u4ee4\u884c\u7a0b\u5e8f\u3002\n\nkubectl\u4e2d\u5b58\u5728\u8def\u5f84\u904d\u5386\u6f0f\u6d1e\u3002\u8be5\u6f0f\u6d1e\u6e90\u4e8e\u7f51\u7edc\u7cfb\u7edf\u6216\u4ea7\u54c1\u672a\u80fd\u6b63\u786e\u5730\u8fc7\u6ee4\u8d44\u6e90\u6216\u6587\u4ef6\u8def\u5f84\u4e2d\u7684\u7279\u6b8a\u5143\u7d20\u3002\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u8bbf\u95ee\u53d7\u9650\u76ee\u5f55\u4e4b\u5916\u7684\u4f4d\u7f6e\u3002",
"discovererName": "unKnow",
"formalWay": "\u5382\u5546\u5df2\u53d1\u5e03\u4e86\u6f0f\u6d1e\u4fee\u590d\u7a0b\u5e8f\uff0c\u8bf7\u53ca\u65f6\u5173\u6ce8\u66f4\u65b0\uff1a\r\nhttps://github.com/kubernetes/kubernetes/issues/80984",
"isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
"number": "CNVD-2019-26372",
"openTime": "2019-08-08",
"patchDescription": "kubectl\u662f\u4e00\u6b3e\u7528\u4e8e\u8fd0\u884c\u9488\u5bf9Kubernetes\u96c6\u7fa4\u7684\u547d\u4ee4\u7684\u547d\u4ee4\u884c\u7a0b\u5e8f\u3002\r\n\r\nkubectl\u4e2d\u5b58\u5728\u8def\u5f84\u904d\u5386\u6f0f\u6d1e\u3002\u8be5\u6f0f\u6d1e\u6e90\u4e8e\u7f51\u7edc\u7cfb\u7edf\u6216\u4ea7\u54c1\u672a\u80fd\u6b63\u786e\u5730\u8fc7\u6ee4\u8d44\u6e90\u6216\u6587\u4ef6\u8def\u5f84\u4e2d\u7684\u7279\u6b8a\u5143\u7d20\u3002\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u8bbf\u95ee\u53d7\u9650\u76ee\u5f55\u4e4b\u5916\u7684\u4f4d\u7f6e\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
"patchName": "kubectl\u8def\u5f84\u904d\u5386\u6f0f\u6d1e\uff08CNVD-2019-26372\uff09\u7684\u8865\u4e01",
"products": {
"product": "kubectl kubectl"
},
"referenceLink": "https://vigilance.fr/vulnerability/Kubernetes-file-creation-via-Kubectl-Cp-29949",
"serverity": "\u4f4e",
"submitTime": "2019-08-07",
"title": "kubectl\u8def\u5f84\u904d\u5386\u6f0f\u6d1e\uff08CNVD-2019-26372\uff09"
}
FKIE_CVE-2019-11249
Vulnerability from fkie_nvd - Published: 2019-08-29 01:15 - Updated: 2024-11-21 04:20
Severity ?
Summary
The kubectl cp command allows copying files between containers and the user machine. To copy files from a container, Kubernetes runs tar inside the container to create a tar archive, copies it over the network, and kubectl unpacks it on the user’s machine. If the tar binary in the container is malicious, it could run any code and output unexpected, malicious results. An attacker could use this to write files to any path on the user’s machine when kubectl cp is called, limited only by the system permissions of the local user. Kubernetes affected versions include versions prior to 1.13.9, versions prior to 1.14.5, versions prior to 1.15.2, and versions 1.1, 1.2, 1.4, 1.4, 1.5, 1.6, 1.7, 1.8, 1.9, 1.10, 1.11, 1.12.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| kubernetes | kubernetes | * | |
| kubernetes | kubernetes | * | |
| kubernetes | kubernetes | * | |
| kubernetes | kubernetes | * | |
| kubernetes | kubernetes | 1.12.11 | |
| redhat | openshift_container_platform | 3.9 | |
| redhat | openshift_container_platform | 3.10 | |
| redhat | openshift_container_platform | 3.11 | |
| redhat | openshift_container_platform | 4.1 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:kubernetes:kubernetes:*:*:*:*:*:*:*:*",
"matchCriteriaId": "ABCFC052-EAAD-4964-8B50-1D8A04A73D75",
"versionEndIncluding": "1.12.10",
"versionStartIncluding": "1.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kubernetes:kubernetes:*:*:*:*:*:*:*:*",
"matchCriteriaId": "14126DA1-4F03-43D3-BD14-0BE06EC8F4E5",
"versionEndExcluding": "1.13.9",
"versionStartIncluding": "1.13.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kubernetes:kubernetes:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E10D117F-F0C4-4355-98E3-BB4A401258DE",
"versionEndExcluding": "1.14.5",
"versionStartIncluding": "1.14.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kubernetes:kubernetes:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2BECD4DB-0E6B-4C4A-B714-F6E4724BD0F6",
"versionEndExcluding": "1.15.2",
"versionStartIncluding": "1.15.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kubernetes:kubernetes:1.12.11:beta0:*:*:*:*:*:*",
"matchCriteriaId": "3EAFE32A-5295-4A4B-9EC1-A1DB3CAE3DC8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:redhat:openshift_container_platform:3.9:*:*:*:*:*:*:*",
"matchCriteriaId": "309CB6F8-F178-454C-BE97-787F78647C28",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:openshift_container_platform:3.10:*:*:*:*:*:*:*",
"matchCriteriaId": "4DBCD38F-BBE8-488C-A8C3-5782F191D915",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:openshift_container_platform:3.11:*:*:*:*:*:*:*",
"matchCriteriaId": "2F87326E-0B56-4356-A889-73D026DB1D4B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:redhat:openshift_container_platform:4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "064E7BDD-4EF0-4A0D-A38D-8C75BAFEDCEF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The kubectl cp command allows copying files between containers and the user machine. To copy files from a container, Kubernetes runs tar inside the container to create a tar archive, copies it over the network, and kubectl unpacks it on the user\u2019s machine. If the tar binary in the container is malicious, it could run any code and output unexpected, malicious results. An attacker could use this to write files to any path on the user\u2019s machine when kubectl cp is called, limited only by the system permissions of the local user. Kubernetes affected versions include versions prior to 1.13.9, versions prior to 1.14.5, versions prior to 1.15.2, and versions 1.1, 1.2, 1.4, 1.4, 1.5, 1.6, 1.7, 1.8, 1.9, 1.10, 1.11, 1.12."
},
{
"lang": "es",
"value": "El comando kubectl cp permite copiar archivos entre contenedores y la m\u00e1quina del usuario. Para copiar archivos de un contenedor, Kubernetes ejecuta tar dentro del contenedor para crear un archivo tar, lo copia a trav\u00e9s de la red y kubectl lo descomprime en la m\u00e1quina del usuario. Si el binario tar en el contenedor es malicioso, podr\u00eda ejecutar cualquier c\u00f3digo y generar resultados inesperados y maliciosos. Un atacante podr\u00eda usar esto para escribir archivos en cualquier ruta en la m\u00e1quina del usuario cuando se llama a kubectl cp, limitado solo por los permisos del sistema del usuario local. Las versiones afectadas de Kubernetes incluyen versiones anteriores a la versi\u00f3n 1.13.9, versiones anteriores a la versi\u00f3n 1.14.5, versiones anteriores a la versi\u00f3n 1.15.2 y versiones 1.1, 1.2, 1.4, 1.4, 1.5, 1.6, 1.7, 1.8, 1.9, 1.10, 1.11, 1.12 ."
}
],
"id": "CVE-2019-11249",
"lastModified": "2024-11-21T04:20:48.223",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.8,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:H/A:N",
"version": "3.0"
},
"exploitabilityScore": 1.2,
"impactScore": 3.6,
"source": "jordan@liggitt.net",
"type": "Secondary"
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-08-29T01:15:11.443",
"references": [
{
"source": "jordan@liggitt.net",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHBA-2019:2794"
},
{
"source": "jordan@liggitt.net",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHBA-2019:2816"
},
{
"source": "jordan@liggitt.net",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHBA-2019:2824"
},
{
"source": "jordan@liggitt.net",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2019:3239"
},
{
"source": "jordan@liggitt.net",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2019:3811"
},
{
"source": "jordan@liggitt.net",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/kubernetes/kubernetes/issues/80984"
},
{
"source": "jordan@liggitt.net",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://groups.google.com/d/msg/kubernetes-security-announce/vUtEcSEY6SM/v2ZZxsmtFQAJ"
},
{
"source": "jordan@liggitt.net",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20190919-0003/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHBA-2019:2794"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHBA-2019:2816"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHBA-2019:2824"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2019:3239"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2019:3811"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/kubernetes/kubernetes/issues/80984"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://groups.google.com/d/msg/kubernetes-security-announce/vUtEcSEY6SM/v2ZZxsmtFQAJ"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20190919-0003/"
}
],
"sourceIdentifier": "jordan@liggitt.net",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-61"
}
],
"source": "jordan@liggitt.net",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-22"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
GHSA-V8C4-HW4J-X4PR
Vulnerability from github – Published: 2022-05-24 16:55 – Updated: 2022-05-24 16:55
VLAI?
Details
The kubectl cp command allows copying files between containers and the user machine. To copy files from a container, Kubernetes runs tar inside the container to create a tar archive, copies it over the network, and kubectl unpacks it on the user?s machine. If the tar binary in the container is malicious, it could run any code and output unexpected, malicious results. An attacker could use this to write files to any path on the user?s machine when kubectl cp is called, limited only by the system permissions of the local user. Kubernetes affected versions include versions prior to 1.13.9, versions prior to 1.14.5, versions prior to 1.15.2, and versions 1.1, 1.2, 1.4, 1.4, 1.5, 1.6, 1.7, 1.8, 1.9, 1.10, 1.11, 1.12.
{
"affected": [],
"aliases": [
"CVE-2019-11249"
],
"database_specific": {
"cwe_ids": [],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2019-08-29T01:15:00Z",
"severity": null
},
"details": "The kubectl cp command allows copying files between containers and the user machine. To copy files from a container, Kubernetes runs tar inside the container to create a tar archive, copies it over the network, and kubectl unpacks it on the user?s machine. If the tar binary in the container is malicious, it could run any code and output unexpected, malicious results. An attacker could use this to write files to any path on the user?s machine when kubectl cp is called, limited only by the system permissions of the local user. Kubernetes affected versions include versions prior to 1.13.9, versions prior to 1.14.5, versions prior to 1.15.2, and versions 1.1, 1.2, 1.4, 1.4, 1.5, 1.6, 1.7, 1.8, 1.9, 1.10, 1.11, 1.12.",
"id": "GHSA-v8c4-hw4j-x4pr",
"modified": "2022-05-24T16:55:06Z",
"published": "2022-05-24T16:55:06Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-11249"
},
{
"type": "WEB",
"url": "https://github.com/kubernetes/kubernetes/issues/80984"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHBA-2019:2794"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHBA-2019:2816"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHBA-2019:2824"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2019:3239"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2019:3811"
},
{
"type": "WEB",
"url": "https://groups.google.com/d/msg/kubernetes-security-announce/vUtEcSEY6SM/v2ZZxsmtFQAJ"
},
{
"type": "WEB",
"url": "https://security.netapp.com/advisory/ntap-20190919-0003"
}
],
"schema_version": "1.4.0",
"severity": []
}
GSD-2019-11249
Vulnerability from gsd - Updated: 2023-12-13 01:24Details
The kubectl cp command allows copying files between containers and the user machine. To copy files from a container, Kubernetes runs tar inside the container to create a tar archive, copies it over the network, and kubectl unpacks it on the user’s machine. If the tar binary in the container is malicious, it could run any code and output unexpected, malicious results. An attacker could use this to write files to any path on the user’s machine when kubectl cp is called, limited only by the system permissions of the local user. Kubernetes affected versions include versions prior to 1.13.9, versions prior to 1.14.5, versions prior to 1.15.2, and versions 1.1, 1.2, 1.4, 1.4, 1.5, 1.6, 1.7, 1.8, 1.9, 1.10, 1.11, 1.12.
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2019-11249",
"description": "The kubectl cp command allows copying files between containers and the user machine. To copy files from a container, Kubernetes runs tar inside the container to create a tar archive, copies it over the network, and kubectl unpacks it on the user\u2019s machine. If the tar binary in the container is malicious, it could run any code and output unexpected, malicious results. An attacker could use this to write files to any path on the user\u2019s machine when kubectl cp is called, limited only by the system permissions of the local user. Kubernetes affected versions include versions prior to 1.13.9, versions prior to 1.14.5, versions prior to 1.15.2, and versions 1.1, 1.2, 1.4, 1.4, 1.5, 1.6, 1.7, 1.8, 1.9, 1.10, 1.11, 1.12.",
"id": "GSD-2019-11249",
"references": [
"https://www.suse.com/security/cve/CVE-2019-11249.html",
"https://access.redhat.com/errata/RHSA-2019:3811",
"https://access.redhat.com/errata/RHSA-2019:3239",
"https://access.redhat.com/errata/RHBA-2019:2816",
"https://access.redhat.com/errata/RHBA-2019:2794",
"https://linux.oracle.com/cve/CVE-2019-11249.html"
]
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2019-11249"
],
"details": "The kubectl cp command allows copying files between containers and the user machine. To copy files from a container, Kubernetes runs tar inside the container to create a tar archive, copies it over the network, and kubectl unpacks it on the user\u2019s machine. If the tar binary in the container is malicious, it could run any code and output unexpected, malicious results. An attacker could use this to write files to any path on the user\u2019s machine when kubectl cp is called, limited only by the system permissions of the local user. Kubernetes affected versions include versions prior to 1.13.9, versions prior to 1.14.5, versions prior to 1.15.2, and versions 1.1, 1.2, 1.4, 1.4, 1.5, 1.6, 1.7, 1.8, 1.9, 1.10, 1.11, 1.12.",
"id": "GSD-2019-11249",
"modified": "2023-12-13T01:24:02.461367Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"AKA": "",
"ASSIGNER": "security@kubernetes.io",
"DATE_PUBLIC": "2019-08-05",
"ID": "CVE-2019-11249",
"STATE": "PUBLIC",
"TITLE": "kubectl cp allows symlink directory traversal"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Kubernetes",
"version": {
"version_data": [
{
"version_value": "prior to 1.13.9"
},
{
"version_value": "prior to 1.14.5"
},
{
"version_value": "prior to 1.15.2"
},
{
"version_value": "1.1"
},
{
"version_value": "1.2"
},
{
"version_value": "1.4"
},
{
"version_value": "1.4"
},
{
"version_value": "1.5"
},
{
"version_value": "1.6"
},
{
"version_value": "1.7"
},
{
"version_value": "1.8"
},
{
"version_value": "1.9"
},
{
"version_value": "1.10"
},
{
"version_value": "1.11"
},
{
"version_value": "1.12"
}
]
}
}
]
},
"vendor_name": "Kubernetes"
}
]
}
},
"configuration": [],
"credit": [
{
"lang": "eng",
"value": "Yang Yang, Amazon"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The kubectl cp command allows copying files between containers and the user machine. To copy files from a container, Kubernetes runs tar inside the container to create a tar archive, copies it over the network, and kubectl unpacks it on the user\u2019s machine. If the tar binary in the container is malicious, it could run any code and output unexpected, malicious results. An attacker could use this to write files to any path on the user\u2019s machine when kubectl cp is called, limited only by the system permissions of the local user. Kubernetes affected versions include versions prior to 1.13.9, versions prior to 1.14.5, versions prior to 1.15.2, and versions 1.1, 1.2, 1.4, 1.4, 1.5, 1.6, 1.7, 1.8, 1.9, 1.10, 1.11, 1.12."
}
]
},
"exploit": [],
"generator": {
"engine": "Vulnogram 0.0.7"
},
"impact": {
"cvss": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:H/A:N",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-61: UNIX Symbolic Link (Symlink) Following"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "v1.13.9, v1.14.5, v1.15.2 released to address CVE-2019-11247, CVE-2019-11249",
"refsource": "MLIST",
"url": "https://groups.google.com/d/msg/kubernetes-security-announce/vUtEcSEY6SM/v2ZZxsmtFQAJ"
},
{
"name": "https://github.com/kubernetes/kubernetes/issues/80984",
"refsource": "CONFIRM",
"url": "https://github.com/kubernetes/kubernetes/issues/80984"
},
{
"name": "https://security.netapp.com/advisory/ntap-20190919-0003/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20190919-0003/"
},
{
"name": "RHBA-2019:2816",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHBA-2019:2816"
},
{
"name": "RHBA-2019:2794",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHBA-2019:2794"
},
{
"name": "RHBA-2019:2824",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHBA-2019:2824"
},
{
"name": "RHSA-2019:3239",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2019:3239"
},
{
"name": "RHSA-2019:3811",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2019:3811"
}
]
},
"solution": [],
"source": {
"advisory": "",
"defect": [
"https://github.com/kubernetes/kubernetes/issues/80984"
],
"discovery": "USER"
},
"work_around": []
},
"gitlab.com": {
"advisories": [
{
"_git_import_path": "go/github.com/kubernetes/kubernetes/pkg/kubectl/cmd/cp",
"affected_range": "\u003e=1.0.0 \u003c=1.12.11||\u003e=1.13.0 \u003c1.13.9||\u003e=1.14.0 \u003c1.14.5||\u003e=1.15.0 \u003c1.15.2",
"affected_versions": "All versions starting from 1.0.0 up to 1.12.11, all versions starting from 1.13.0 before 1.13.9, all versions starting from 1.14.0 before 1.14.5, all versions starting from 1.15.0 before 1.15.2",
"cvss_v2": "AV:N/AC:M/Au:N/C:N/I:P/A:P",
"cvss_v3": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"cwe_ids": [
"CWE-1035",
"CWE-22",
"CWE-937"
],
"date": "2019-11-07",
"description": "The kubectl cp command allows copying files between containers and the user machine. To copy files from a container, Kubernetes runs tar inside the container to create a tar archive, copies it over the network, and kubectl unpacks it on the user\u0027s machine. If the tar binary in the container is malicious, it could run any code and output unexpected, malicious results. An attacker could use this to write files to any path on the user\u0027s machine when kubectl cp is called, limited only by the system permissions of the local user.",
"fixed_versions": [
"1.13.0-alpha.0",
"1.13.9",
"1.14.5",
"1.15.2"
],
"identifier": "CVE-2019-11249",
"identifiers": [
"CVE-2019-11249"
],
"not_impacted": "All versions before 1.0.0, all versions after 1.12.11 before 1.13.0, all versions starting from 1.13.9 before 1.14.0, all versions starting from 1.14.5 before 1.15.0, all versions starting from 1.15.2",
"package_slug": "go/github.com/kubernetes/kubernetes/pkg/kubectl/cmd/cp",
"pubdate": "2019-08-29",
"solution": "Upgrade to versions 1.13.0-alpha.0, 1.13.9, 1.14.5, 1.15.2 or above.",
"title": "Code Injection",
"urls": [
"https://nvd.nist.gov/vuln/detail/CVE-2019-11249"
],
"uuid": "b2c252f2-5b08-432e-95d5-60cff4938773"
}
]
},
"nvd.nist.gov": {
"configurations": {
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:kubernetes:kubernetes:1.12.11:beta0:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:kubernetes:kubernetes:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "1.13.9",
"versionStartIncluding": "1.13.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:kubernetes:kubernetes:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "1.14.5",
"versionStartIncluding": "1.14.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:kubernetes:kubernetes:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "1.15.2",
"versionStartIncluding": "1.15.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:kubernetes:kubernetes:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "1.12.10",
"versionStartIncluding": "1.0.0",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:redhat:openshift_container_platform:3.9:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:redhat:openshift_container_platform:3.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:redhat:openshift_container_platform:3.11:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:redhat:openshift_container_platform:4.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
},
"cve": {
"CVE_data_meta": {
"ASSIGNER": "security@kubernetes.io",
"ID": "CVE-2019-11249"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "en",
"value": "The kubectl cp command allows copying files between containers and the user machine. To copy files from a container, Kubernetes runs tar inside the container to create a tar archive, copies it over the network, and kubectl unpacks it on the user\u2019s machine. If the tar binary in the container is malicious, it could run any code and output unexpected, malicious results. An attacker could use this to write files to any path on the user\u2019s machine when kubectl cp is called, limited only by the system permissions of the local user. Kubernetes affected versions include versions prior to 1.13.9, versions prior to 1.14.5, versions prior to 1.15.2, and versions 1.1, 1.2, 1.4, 1.4, 1.5, 1.6, 1.7, 1.8, 1.9, 1.10, 1.11, 1.12."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "en",
"value": "CWE-22"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "v1.13.9, v1.14.5, v1.15.2 released to address CVE-2019-11247, CVE-2019-11249",
"refsource": "MLIST",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://groups.google.com/d/msg/kubernetes-security-announce/vUtEcSEY6SM/v2ZZxsmtFQAJ"
},
{
"name": "https://github.com/kubernetes/kubernetes/issues/80984",
"refsource": "CONFIRM",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/kubernetes/kubernetes/issues/80984"
},
{
"name": "https://security.netapp.com/advisory/ntap-20190919-0003/",
"refsource": "CONFIRM",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20190919-0003/"
},
{
"name": "RHBA-2019:2816",
"refsource": "REDHAT",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHBA-2019:2816"
},
{
"name": "RHBA-2019:2794",
"refsource": "REDHAT",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHBA-2019:2794"
},
{
"name": "RHBA-2019:2824",
"refsource": "REDHAT",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHBA-2019:2824"
},
{
"name": "RHSA-2019:3239",
"refsource": "REDHAT",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2019:3239"
},
{
"name": "RHSA-2019:3811",
"refsource": "REDHAT",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2019:3811"
}
]
}
},
"impact": {
"baseMetricV2": {
"acInsufInfo": false,
"cvssV2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.8,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"userInteractionRequired": true
},
"baseMetricV3": {
"cvssV3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
},
"lastModifiedDate": "2020-10-02T16:45Z",
"publishedDate": "2019-08-29T01:15Z"
}
}
}
OPENSUSE-SU-2024:10901-1
Vulnerability from csaf_opensuse - Published: 2024-06-15 00:00 - Updated: 2024-06-15 00:00Summary
kubernetes-apiserver-1.22.2-21.2 on GA media
Severity
Moderate
Notes
Title of the patch: kubernetes-apiserver-1.22.2-21.2 on GA media
Description of the patch: These are all security issues fixed in the kubernetes-apiserver-1.22.2-21.2 package on the GA media of openSUSE Tumbleweed.
Patchnames: openSUSE-Tumbleweed-2024-10901
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
7.8 (High)
Affected products
Recommended
60 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-apiserver-1.22.2-21.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-apiserver-1.22.2-21.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-apiserver-1.22.2-21.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-apiserver-1.22.2-21.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-apiserver-minus1-1.21.5-21.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-apiserver-minus1-1.21.5-21.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-apiserver-minus1-1.21.5-21.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-apiserver-minus1-1.21.5-21.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-client-1.22.2-21.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-client-1.22.2-21.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-client-1.22.2-21.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-client-1.22.2-21.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-controller-manager-1.22.2-21.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-controller-manager-1.22.2-21.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-controller-manager-1.22.2-21.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-controller-manager-1.22.2-21.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-controller-manager-minus1-1.21.5-21.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-controller-manager-minus1-1.21.5-21.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-controller-manager-minus1-1.21.5-21.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-controller-manager-minus1-1.21.5-21.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-coredns-1.8.4-21.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-coredns-1.8.4-21.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-coredns-1.8.4-21.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-coredns-1.8.4-21.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-coredns-minus1-1.8.0-21.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-coredns-minus1-1.8.0-21.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-coredns-minus1-1.8.0-21.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-coredns-minus1-1.8.0-21.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-etcd-3.5.0-21.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-etcd-3.5.0-21.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-etcd-3.5.0-21.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-etcd-3.5.0-21.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-etcd-minus1-3.4.13-21.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-etcd-minus1-3.4.13-21.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-etcd-minus1-3.4.13-21.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-etcd-minus1-3.4.13-21.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-kubeadm-1.22.2-21.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-kubeadm-1.22.2-21.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-kubeadm-1.22.2-21.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-kubeadm-1.22.2-21.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-kubelet-1.22.2-21.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-kubelet-1.22.2-21.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-kubelet-1.22.2-21.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-kubelet-1.22.2-21.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-proxy-1.22.2-21.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-proxy-1.22.2-21.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-proxy-1.22.2-21.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-proxy-1.22.2-21.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-proxy-minus1-1.21.5-21.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-proxy-minus1-1.21.5-21.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-proxy-minus1-1.21.5-21.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-proxy-minus1-1.21.5-21.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-scheduler-1.22.2-21.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-scheduler-1.22.2-21.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-scheduler-1.22.2-21.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-scheduler-1.22.2-21.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-scheduler-minus1-1.21.5-21.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-scheduler-minus1-1.21.5-21.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-scheduler-minus1-1.21.5-21.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-scheduler-minus1-1.21.5-21.2.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
9.8 (Critical)
Affected products
Recommended
60 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-apiserver-1.22.2-21.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-apiserver-1.22.2-21.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-apiserver-1.22.2-21.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-apiserver-1.22.2-21.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-apiserver-minus1-1.21.5-21.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-apiserver-minus1-1.21.5-21.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-apiserver-minus1-1.21.5-21.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-apiserver-minus1-1.21.5-21.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-client-1.22.2-21.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-client-1.22.2-21.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-client-1.22.2-21.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-client-1.22.2-21.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-controller-manager-1.22.2-21.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-controller-manager-1.22.2-21.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-controller-manager-1.22.2-21.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-controller-manager-1.22.2-21.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-controller-manager-minus1-1.21.5-21.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-controller-manager-minus1-1.21.5-21.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-controller-manager-minus1-1.21.5-21.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-controller-manager-minus1-1.21.5-21.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-coredns-1.8.4-21.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-coredns-1.8.4-21.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-coredns-1.8.4-21.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-coredns-1.8.4-21.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-coredns-minus1-1.8.0-21.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-coredns-minus1-1.8.0-21.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-coredns-minus1-1.8.0-21.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-coredns-minus1-1.8.0-21.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-etcd-3.5.0-21.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-etcd-3.5.0-21.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-etcd-3.5.0-21.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-etcd-3.5.0-21.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-etcd-minus1-3.4.13-21.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-etcd-minus1-3.4.13-21.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-etcd-minus1-3.4.13-21.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-etcd-minus1-3.4.13-21.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-kubeadm-1.22.2-21.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-kubeadm-1.22.2-21.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-kubeadm-1.22.2-21.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-kubeadm-1.22.2-21.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-kubelet-1.22.2-21.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-kubelet-1.22.2-21.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-kubelet-1.22.2-21.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-kubelet-1.22.2-21.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-proxy-1.22.2-21.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-proxy-1.22.2-21.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-proxy-1.22.2-21.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-proxy-1.22.2-21.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-proxy-minus1-1.21.5-21.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-proxy-minus1-1.21.5-21.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-proxy-minus1-1.21.5-21.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-proxy-minus1-1.21.5-21.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-scheduler-1.22.2-21.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-scheduler-1.22.2-21.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-scheduler-1.22.2-21.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-scheduler-1.22.2-21.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-scheduler-minus1-1.21.5-21.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-scheduler-minus1-1.21.5-21.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-scheduler-minus1-1.21.5-21.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-scheduler-minus1-1.21.5-21.2.x86_64 | — |
Vendor Fix
|
Threats
Impact
critical
7.4 (High)
Affected products
Recommended
60 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-apiserver-1.22.2-21.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-apiserver-1.22.2-21.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-apiserver-1.22.2-21.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-apiserver-1.22.2-21.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-apiserver-minus1-1.21.5-21.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-apiserver-minus1-1.21.5-21.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-apiserver-minus1-1.21.5-21.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-apiserver-minus1-1.21.5-21.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-client-1.22.2-21.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-client-1.22.2-21.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-client-1.22.2-21.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-client-1.22.2-21.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-controller-manager-1.22.2-21.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-controller-manager-1.22.2-21.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-controller-manager-1.22.2-21.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-controller-manager-1.22.2-21.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-controller-manager-minus1-1.21.5-21.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-controller-manager-minus1-1.21.5-21.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-controller-manager-minus1-1.21.5-21.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-controller-manager-minus1-1.21.5-21.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-coredns-1.8.4-21.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-coredns-1.8.4-21.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-coredns-1.8.4-21.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-coredns-1.8.4-21.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-coredns-minus1-1.8.0-21.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-coredns-minus1-1.8.0-21.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-coredns-minus1-1.8.0-21.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-coredns-minus1-1.8.0-21.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-etcd-3.5.0-21.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-etcd-3.5.0-21.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-etcd-3.5.0-21.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-etcd-3.5.0-21.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-etcd-minus1-3.4.13-21.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-etcd-minus1-3.4.13-21.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-etcd-minus1-3.4.13-21.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-etcd-minus1-3.4.13-21.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-kubeadm-1.22.2-21.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-kubeadm-1.22.2-21.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-kubeadm-1.22.2-21.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-kubeadm-1.22.2-21.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-kubelet-1.22.2-21.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-kubelet-1.22.2-21.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-kubelet-1.22.2-21.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-kubelet-1.22.2-21.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-proxy-1.22.2-21.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-proxy-1.22.2-21.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-proxy-1.22.2-21.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-proxy-1.22.2-21.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-proxy-minus1-1.21.5-21.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-proxy-minus1-1.21.5-21.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-proxy-minus1-1.21.5-21.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-proxy-minus1-1.21.5-21.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-scheduler-1.22.2-21.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-scheduler-1.22.2-21.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-scheduler-1.22.2-21.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-scheduler-1.22.2-21.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-scheduler-minus1-1.21.5-21.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-scheduler-minus1-1.21.5-21.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-scheduler-minus1-1.21.5-21.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-scheduler-minus1-1.21.5-21.2.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
9.8 (Critical)
Affected products
Recommended
60 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-apiserver-1.22.2-21.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-apiserver-1.22.2-21.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-apiserver-1.22.2-21.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-apiserver-1.22.2-21.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-apiserver-minus1-1.21.5-21.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-apiserver-minus1-1.21.5-21.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-apiserver-minus1-1.21.5-21.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-apiserver-minus1-1.21.5-21.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-client-1.22.2-21.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-client-1.22.2-21.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-client-1.22.2-21.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-client-1.22.2-21.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-controller-manager-1.22.2-21.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-controller-manager-1.22.2-21.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-controller-manager-1.22.2-21.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-controller-manager-1.22.2-21.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-controller-manager-minus1-1.21.5-21.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-controller-manager-minus1-1.21.5-21.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-controller-manager-minus1-1.21.5-21.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-controller-manager-minus1-1.21.5-21.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-coredns-1.8.4-21.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-coredns-1.8.4-21.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-coredns-1.8.4-21.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-coredns-1.8.4-21.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-coredns-minus1-1.8.0-21.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-coredns-minus1-1.8.0-21.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-coredns-minus1-1.8.0-21.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-coredns-minus1-1.8.0-21.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-etcd-3.5.0-21.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-etcd-3.5.0-21.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-etcd-3.5.0-21.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-etcd-3.5.0-21.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-etcd-minus1-3.4.13-21.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-etcd-minus1-3.4.13-21.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-etcd-minus1-3.4.13-21.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-etcd-minus1-3.4.13-21.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-kubeadm-1.22.2-21.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-kubeadm-1.22.2-21.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-kubeadm-1.22.2-21.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-kubeadm-1.22.2-21.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-kubelet-1.22.2-21.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-kubelet-1.22.2-21.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-kubelet-1.22.2-21.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-kubelet-1.22.2-21.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-proxy-1.22.2-21.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-proxy-1.22.2-21.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-proxy-1.22.2-21.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-proxy-1.22.2-21.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-proxy-minus1-1.21.5-21.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-proxy-minus1-1.21.5-21.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-proxy-minus1-1.21.5-21.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-proxy-minus1-1.21.5-21.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-scheduler-1.22.2-21.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-scheduler-1.22.2-21.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-scheduler-1.22.2-21.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-scheduler-1.22.2-21.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-scheduler-minus1-1.21.5-21.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-scheduler-minus1-1.21.5-21.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-scheduler-minus1-1.21.5-21.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-scheduler-minus1-1.21.5-21.2.x86_64 | — |
Vendor Fix
|
Threats
Impact
critical
5 (Medium)
Affected products
Recommended
60 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-apiserver-1.22.2-21.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-apiserver-1.22.2-21.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-apiserver-1.22.2-21.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-apiserver-1.22.2-21.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-apiserver-minus1-1.21.5-21.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-apiserver-minus1-1.21.5-21.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-apiserver-minus1-1.21.5-21.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-apiserver-minus1-1.21.5-21.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-client-1.22.2-21.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-client-1.22.2-21.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-client-1.22.2-21.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-client-1.22.2-21.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-controller-manager-1.22.2-21.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-controller-manager-1.22.2-21.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-controller-manager-1.22.2-21.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-controller-manager-1.22.2-21.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-controller-manager-minus1-1.21.5-21.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-controller-manager-minus1-1.21.5-21.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-controller-manager-minus1-1.21.5-21.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-controller-manager-minus1-1.21.5-21.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-coredns-1.8.4-21.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-coredns-1.8.4-21.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-coredns-1.8.4-21.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-coredns-1.8.4-21.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-coredns-minus1-1.8.0-21.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-coredns-minus1-1.8.0-21.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-coredns-minus1-1.8.0-21.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-coredns-minus1-1.8.0-21.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-etcd-3.5.0-21.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-etcd-3.5.0-21.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-etcd-3.5.0-21.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-etcd-3.5.0-21.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-etcd-minus1-3.4.13-21.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-etcd-minus1-3.4.13-21.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-etcd-minus1-3.4.13-21.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-etcd-minus1-3.4.13-21.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-kubeadm-1.22.2-21.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-kubeadm-1.22.2-21.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-kubeadm-1.22.2-21.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-kubeadm-1.22.2-21.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-kubelet-1.22.2-21.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-kubelet-1.22.2-21.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-kubelet-1.22.2-21.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-kubelet-1.22.2-21.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-proxy-1.22.2-21.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-proxy-1.22.2-21.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-proxy-1.22.2-21.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-proxy-1.22.2-21.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-proxy-minus1-1.21.5-21.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-proxy-minus1-1.21.5-21.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-proxy-minus1-1.21.5-21.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-proxy-minus1-1.21.5-21.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-scheduler-1.22.2-21.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-scheduler-1.22.2-21.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-scheduler-1.22.2-21.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-scheduler-1.22.2-21.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-scheduler-minus1-1.21.5-21.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-scheduler-minus1-1.21.5-21.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-scheduler-minus1-1.21.5-21.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-scheduler-minus1-1.21.5-21.2.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
4.8 (Medium)
Affected products
Recommended
60 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-apiserver-1.22.2-21.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-apiserver-1.22.2-21.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-apiserver-1.22.2-21.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-apiserver-1.22.2-21.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-apiserver-minus1-1.21.5-21.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-apiserver-minus1-1.21.5-21.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-apiserver-minus1-1.21.5-21.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-apiserver-minus1-1.21.5-21.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-client-1.22.2-21.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-client-1.22.2-21.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-client-1.22.2-21.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-client-1.22.2-21.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-controller-manager-1.22.2-21.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-controller-manager-1.22.2-21.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-controller-manager-1.22.2-21.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-controller-manager-1.22.2-21.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-controller-manager-minus1-1.21.5-21.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-controller-manager-minus1-1.21.5-21.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-controller-manager-minus1-1.21.5-21.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-controller-manager-minus1-1.21.5-21.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-coredns-1.8.4-21.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-coredns-1.8.4-21.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-coredns-1.8.4-21.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-coredns-1.8.4-21.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-coredns-minus1-1.8.0-21.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-coredns-minus1-1.8.0-21.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-coredns-minus1-1.8.0-21.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-coredns-minus1-1.8.0-21.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-etcd-3.5.0-21.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-etcd-3.5.0-21.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-etcd-3.5.0-21.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-etcd-3.5.0-21.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-etcd-minus1-3.4.13-21.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-etcd-minus1-3.4.13-21.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-etcd-minus1-3.4.13-21.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-etcd-minus1-3.4.13-21.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-kubeadm-1.22.2-21.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-kubeadm-1.22.2-21.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-kubeadm-1.22.2-21.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-kubeadm-1.22.2-21.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-kubelet-1.22.2-21.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-kubelet-1.22.2-21.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-kubelet-1.22.2-21.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-kubelet-1.22.2-21.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-proxy-1.22.2-21.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-proxy-1.22.2-21.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-proxy-1.22.2-21.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-proxy-1.22.2-21.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-proxy-minus1-1.21.5-21.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-proxy-minus1-1.21.5-21.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-proxy-minus1-1.21.5-21.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-proxy-minus1-1.21.5-21.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-scheduler-1.22.2-21.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-scheduler-1.22.2-21.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-scheduler-1.22.2-21.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-scheduler-1.22.2-21.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-scheduler-minus1-1.21.5-21.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-scheduler-minus1-1.21.5-21.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-scheduler-minus1-1.21.5-21.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-scheduler-minus1-1.21.5-21.2.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
6.5 (Medium)
Affected products
Recommended
60 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-apiserver-1.22.2-21.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-apiserver-1.22.2-21.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-apiserver-1.22.2-21.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-apiserver-1.22.2-21.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-apiserver-minus1-1.21.5-21.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-apiserver-minus1-1.21.5-21.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-apiserver-minus1-1.21.5-21.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-apiserver-minus1-1.21.5-21.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-client-1.22.2-21.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-client-1.22.2-21.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-client-1.22.2-21.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-client-1.22.2-21.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-controller-manager-1.22.2-21.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-controller-manager-1.22.2-21.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-controller-manager-1.22.2-21.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-controller-manager-1.22.2-21.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-controller-manager-minus1-1.21.5-21.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-controller-manager-minus1-1.21.5-21.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-controller-manager-minus1-1.21.5-21.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-controller-manager-minus1-1.21.5-21.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-coredns-1.8.4-21.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-coredns-1.8.4-21.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-coredns-1.8.4-21.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-coredns-1.8.4-21.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-coredns-minus1-1.8.0-21.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-coredns-minus1-1.8.0-21.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-coredns-minus1-1.8.0-21.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-coredns-minus1-1.8.0-21.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-etcd-3.5.0-21.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-etcd-3.5.0-21.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-etcd-3.5.0-21.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-etcd-3.5.0-21.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-etcd-minus1-3.4.13-21.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-etcd-minus1-3.4.13-21.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-etcd-minus1-3.4.13-21.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-etcd-minus1-3.4.13-21.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-kubeadm-1.22.2-21.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-kubeadm-1.22.2-21.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-kubeadm-1.22.2-21.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-kubeadm-1.22.2-21.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-kubelet-1.22.2-21.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-kubelet-1.22.2-21.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-kubelet-1.22.2-21.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-kubelet-1.22.2-21.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-proxy-1.22.2-21.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-proxy-1.22.2-21.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-proxy-1.22.2-21.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-proxy-1.22.2-21.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-proxy-minus1-1.21.5-21.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-proxy-minus1-1.21.5-21.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-proxy-minus1-1.21.5-21.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-proxy-minus1-1.21.5-21.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-scheduler-1.22.2-21.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-scheduler-1.22.2-21.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-scheduler-1.22.2-21.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-scheduler-1.22.2-21.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-scheduler-minus1-1.21.5-21.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-scheduler-minus1-1.21.5-21.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-scheduler-minus1-1.21.5-21.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-scheduler-minus1-1.21.5-21.2.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
7.5 (High)
Affected products
Recommended
60 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-apiserver-1.22.2-21.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-apiserver-1.22.2-21.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-apiserver-1.22.2-21.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-apiserver-1.22.2-21.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-apiserver-minus1-1.21.5-21.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-apiserver-minus1-1.21.5-21.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-apiserver-minus1-1.21.5-21.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-apiserver-minus1-1.21.5-21.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-client-1.22.2-21.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-client-1.22.2-21.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-client-1.22.2-21.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-client-1.22.2-21.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-controller-manager-1.22.2-21.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-controller-manager-1.22.2-21.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-controller-manager-1.22.2-21.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-controller-manager-1.22.2-21.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-controller-manager-minus1-1.21.5-21.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-controller-manager-minus1-1.21.5-21.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-controller-manager-minus1-1.21.5-21.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-controller-manager-minus1-1.21.5-21.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-coredns-1.8.4-21.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-coredns-1.8.4-21.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-coredns-1.8.4-21.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-coredns-1.8.4-21.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-coredns-minus1-1.8.0-21.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-coredns-minus1-1.8.0-21.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-coredns-minus1-1.8.0-21.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-coredns-minus1-1.8.0-21.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-etcd-3.5.0-21.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-etcd-3.5.0-21.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-etcd-3.5.0-21.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-etcd-3.5.0-21.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-etcd-minus1-3.4.13-21.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-etcd-minus1-3.4.13-21.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-etcd-minus1-3.4.13-21.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-etcd-minus1-3.4.13-21.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-kubeadm-1.22.2-21.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-kubeadm-1.22.2-21.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-kubeadm-1.22.2-21.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-kubeadm-1.22.2-21.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-kubelet-1.22.2-21.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-kubelet-1.22.2-21.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-kubelet-1.22.2-21.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-kubelet-1.22.2-21.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-proxy-1.22.2-21.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-proxy-1.22.2-21.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-proxy-1.22.2-21.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-proxy-1.22.2-21.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-proxy-minus1-1.21.5-21.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-proxy-minus1-1.21.5-21.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-proxy-minus1-1.21.5-21.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-proxy-minus1-1.21.5-21.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-scheduler-1.22.2-21.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-scheduler-1.22.2-21.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-scheduler-1.22.2-21.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-scheduler-1.22.2-21.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-scheduler-minus1-1.21.5-21.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-scheduler-minus1-1.21.5-21.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-scheduler-minus1-1.21.5-21.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:kubernetes-scheduler-minus1-1.21.5-21.2.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
References
47 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "kubernetes-apiserver-1.22.2-21.2 on GA media",
"title": "Title of the patch"
},
{
"category": "description",
"text": "These are all security issues fixed in the kubernetes-apiserver-1.22.2-21.2 package on the GA media of openSUSE Tumbleweed.",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-Tumbleweed-2024-10901",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2024_10901-1.json"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-5195 page",
"url": "https://www.suse.com/security/cve/CVE-2016-5195/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-8859 page",
"url": "https://www.suse.com/security/cve/CVE-2016-8859/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-1002101 page",
"url": "https://www.suse.com/security/cve/CVE-2017-1002101/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-1002105 page",
"url": "https://www.suse.com/security/cve/CVE-2018-1002105/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-11247 page",
"url": "https://www.suse.com/security/cve/CVE-2019-11247/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-11249 page",
"url": "https://www.suse.com/security/cve/CVE-2019-11249/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-11253 page",
"url": "https://www.suse.com/security/cve/CVE-2019-11253/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-9512 page",
"url": "https://www.suse.com/security/cve/CVE-2019-9512/"
}
],
"title": "kubernetes-apiserver-1.22.2-21.2 on GA media",
"tracking": {
"current_release_date": "2024-06-15T00:00:00Z",
"generator": {
"date": "2024-06-15T00:00:00Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2024:10901-1",
"initial_release_date": "2024-06-15T00:00:00Z",
"revision_history": [
{
"date": "2024-06-15T00:00:00Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kubernetes-apiserver-1.22.2-21.2.aarch64",
"product": {
"name": "kubernetes-apiserver-1.22.2-21.2.aarch64",
"product_id": "kubernetes-apiserver-1.22.2-21.2.aarch64"
}
},
{
"category": "product_version",
"name": "kubernetes-apiserver-minus1-1.21.5-21.2.aarch64",
"product": {
"name": "kubernetes-apiserver-minus1-1.21.5-21.2.aarch64",
"product_id": "kubernetes-apiserver-minus1-1.21.5-21.2.aarch64"
}
},
{
"category": "product_version",
"name": "kubernetes-client-1.22.2-21.2.aarch64",
"product": {
"name": "kubernetes-client-1.22.2-21.2.aarch64",
"product_id": "kubernetes-client-1.22.2-21.2.aarch64"
}
},
{
"category": "product_version",
"name": "kubernetes-controller-manager-1.22.2-21.2.aarch64",
"product": {
"name": "kubernetes-controller-manager-1.22.2-21.2.aarch64",
"product_id": "kubernetes-controller-manager-1.22.2-21.2.aarch64"
}
},
{
"category": "product_version",
"name": "kubernetes-controller-manager-minus1-1.21.5-21.2.aarch64",
"product": {
"name": "kubernetes-controller-manager-minus1-1.21.5-21.2.aarch64",
"product_id": "kubernetes-controller-manager-minus1-1.21.5-21.2.aarch64"
}
},
{
"category": "product_version",
"name": "kubernetes-coredns-1.8.4-21.2.aarch64",
"product": {
"name": "kubernetes-coredns-1.8.4-21.2.aarch64",
"product_id": "kubernetes-coredns-1.8.4-21.2.aarch64"
}
},
{
"category": "product_version",
"name": "kubernetes-coredns-minus1-1.8.0-21.2.aarch64",
"product": {
"name": "kubernetes-coredns-minus1-1.8.0-21.2.aarch64",
"product_id": "kubernetes-coredns-minus1-1.8.0-21.2.aarch64"
}
},
{
"category": "product_version",
"name": "kubernetes-etcd-3.5.0-21.2.aarch64",
"product": {
"name": "kubernetes-etcd-3.5.0-21.2.aarch64",
"product_id": "kubernetes-etcd-3.5.0-21.2.aarch64"
}
},
{
"category": "product_version",
"name": "kubernetes-etcd-minus1-3.4.13-21.2.aarch64",
"product": {
"name": "kubernetes-etcd-minus1-3.4.13-21.2.aarch64",
"product_id": "kubernetes-etcd-minus1-3.4.13-21.2.aarch64"
}
},
{
"category": "product_version",
"name": "kubernetes-kubeadm-1.22.2-21.2.aarch64",
"product": {
"name": "kubernetes-kubeadm-1.22.2-21.2.aarch64",
"product_id": "kubernetes-kubeadm-1.22.2-21.2.aarch64"
}
},
{
"category": "product_version",
"name": "kubernetes-kubelet-1.22.2-21.2.aarch64",
"product": {
"name": "kubernetes-kubelet-1.22.2-21.2.aarch64",
"product_id": "kubernetes-kubelet-1.22.2-21.2.aarch64"
}
},
{
"category": "product_version",
"name": "kubernetes-proxy-1.22.2-21.2.aarch64",
"product": {
"name": "kubernetes-proxy-1.22.2-21.2.aarch64",
"product_id": "kubernetes-proxy-1.22.2-21.2.aarch64"
}
},
{
"category": "product_version",
"name": "kubernetes-proxy-minus1-1.21.5-21.2.aarch64",
"product": {
"name": "kubernetes-proxy-minus1-1.21.5-21.2.aarch64",
"product_id": "kubernetes-proxy-minus1-1.21.5-21.2.aarch64"
}
},
{
"category": "product_version",
"name": "kubernetes-scheduler-1.22.2-21.2.aarch64",
"product": {
"name": "kubernetes-scheduler-1.22.2-21.2.aarch64",
"product_id": "kubernetes-scheduler-1.22.2-21.2.aarch64"
}
},
{
"category": "product_version",
"name": "kubernetes-scheduler-minus1-1.21.5-21.2.aarch64",
"product": {
"name": "kubernetes-scheduler-minus1-1.21.5-21.2.aarch64",
"product_id": "kubernetes-scheduler-minus1-1.21.5-21.2.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "kubernetes-apiserver-1.22.2-21.2.ppc64le",
"product": {
"name": "kubernetes-apiserver-1.22.2-21.2.ppc64le",
"product_id": "kubernetes-apiserver-1.22.2-21.2.ppc64le"
}
},
{
"category": "product_version",
"name": "kubernetes-apiserver-minus1-1.21.5-21.2.ppc64le",
"product": {
"name": "kubernetes-apiserver-minus1-1.21.5-21.2.ppc64le",
"product_id": "kubernetes-apiserver-minus1-1.21.5-21.2.ppc64le"
}
},
{
"category": "product_version",
"name": "kubernetes-client-1.22.2-21.2.ppc64le",
"product": {
"name": "kubernetes-client-1.22.2-21.2.ppc64le",
"product_id": "kubernetes-client-1.22.2-21.2.ppc64le"
}
},
{
"category": "product_version",
"name": "kubernetes-controller-manager-1.22.2-21.2.ppc64le",
"product": {
"name": "kubernetes-controller-manager-1.22.2-21.2.ppc64le",
"product_id": "kubernetes-controller-manager-1.22.2-21.2.ppc64le"
}
},
{
"category": "product_version",
"name": "kubernetes-controller-manager-minus1-1.21.5-21.2.ppc64le",
"product": {
"name": "kubernetes-controller-manager-minus1-1.21.5-21.2.ppc64le",
"product_id": "kubernetes-controller-manager-minus1-1.21.5-21.2.ppc64le"
}
},
{
"category": "product_version",
"name": "kubernetes-coredns-1.8.4-21.2.ppc64le",
"product": {
"name": "kubernetes-coredns-1.8.4-21.2.ppc64le",
"product_id": "kubernetes-coredns-1.8.4-21.2.ppc64le"
}
},
{
"category": "product_version",
"name": "kubernetes-coredns-minus1-1.8.0-21.2.ppc64le",
"product": {
"name": "kubernetes-coredns-minus1-1.8.0-21.2.ppc64le",
"product_id": "kubernetes-coredns-minus1-1.8.0-21.2.ppc64le"
}
},
{
"category": "product_version",
"name": "kubernetes-etcd-3.5.0-21.2.ppc64le",
"product": {
"name": "kubernetes-etcd-3.5.0-21.2.ppc64le",
"product_id": "kubernetes-etcd-3.5.0-21.2.ppc64le"
}
},
{
"category": "product_version",
"name": "kubernetes-etcd-minus1-3.4.13-21.2.ppc64le",
"product": {
"name": "kubernetes-etcd-minus1-3.4.13-21.2.ppc64le",
"product_id": "kubernetes-etcd-minus1-3.4.13-21.2.ppc64le"
}
},
{
"category": "product_version",
"name": "kubernetes-kubeadm-1.22.2-21.2.ppc64le",
"product": {
"name": "kubernetes-kubeadm-1.22.2-21.2.ppc64le",
"product_id": "kubernetes-kubeadm-1.22.2-21.2.ppc64le"
}
},
{
"category": "product_version",
"name": "kubernetes-kubelet-1.22.2-21.2.ppc64le",
"product": {
"name": "kubernetes-kubelet-1.22.2-21.2.ppc64le",
"product_id": "kubernetes-kubelet-1.22.2-21.2.ppc64le"
}
},
{
"category": "product_version",
"name": "kubernetes-proxy-1.22.2-21.2.ppc64le",
"product": {
"name": "kubernetes-proxy-1.22.2-21.2.ppc64le",
"product_id": "kubernetes-proxy-1.22.2-21.2.ppc64le"
}
},
{
"category": "product_version",
"name": "kubernetes-proxy-minus1-1.21.5-21.2.ppc64le",
"product": {
"name": "kubernetes-proxy-minus1-1.21.5-21.2.ppc64le",
"product_id": "kubernetes-proxy-minus1-1.21.5-21.2.ppc64le"
}
},
{
"category": "product_version",
"name": "kubernetes-scheduler-1.22.2-21.2.ppc64le",
"product": {
"name": "kubernetes-scheduler-1.22.2-21.2.ppc64le",
"product_id": "kubernetes-scheduler-1.22.2-21.2.ppc64le"
}
},
{
"category": "product_version",
"name": "kubernetes-scheduler-minus1-1.21.5-21.2.ppc64le",
"product": {
"name": "kubernetes-scheduler-minus1-1.21.5-21.2.ppc64le",
"product_id": "kubernetes-scheduler-minus1-1.21.5-21.2.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "kubernetes-apiserver-1.22.2-21.2.s390x",
"product": {
"name": "kubernetes-apiserver-1.22.2-21.2.s390x",
"product_id": "kubernetes-apiserver-1.22.2-21.2.s390x"
}
},
{
"category": "product_version",
"name": "kubernetes-apiserver-minus1-1.21.5-21.2.s390x",
"product": {
"name": "kubernetes-apiserver-minus1-1.21.5-21.2.s390x",
"product_id": "kubernetes-apiserver-minus1-1.21.5-21.2.s390x"
}
},
{
"category": "product_version",
"name": "kubernetes-client-1.22.2-21.2.s390x",
"product": {
"name": "kubernetes-client-1.22.2-21.2.s390x",
"product_id": "kubernetes-client-1.22.2-21.2.s390x"
}
},
{
"category": "product_version",
"name": "kubernetes-controller-manager-1.22.2-21.2.s390x",
"product": {
"name": "kubernetes-controller-manager-1.22.2-21.2.s390x",
"product_id": "kubernetes-controller-manager-1.22.2-21.2.s390x"
}
},
{
"category": "product_version",
"name": "kubernetes-controller-manager-minus1-1.21.5-21.2.s390x",
"product": {
"name": "kubernetes-controller-manager-minus1-1.21.5-21.2.s390x",
"product_id": "kubernetes-controller-manager-minus1-1.21.5-21.2.s390x"
}
},
{
"category": "product_version",
"name": "kubernetes-coredns-1.8.4-21.2.s390x",
"product": {
"name": "kubernetes-coredns-1.8.4-21.2.s390x",
"product_id": "kubernetes-coredns-1.8.4-21.2.s390x"
}
},
{
"category": "product_version",
"name": "kubernetes-coredns-minus1-1.8.0-21.2.s390x",
"product": {
"name": "kubernetes-coredns-minus1-1.8.0-21.2.s390x",
"product_id": "kubernetes-coredns-minus1-1.8.0-21.2.s390x"
}
},
{
"category": "product_version",
"name": "kubernetes-etcd-3.5.0-21.2.s390x",
"product": {
"name": "kubernetes-etcd-3.5.0-21.2.s390x",
"product_id": "kubernetes-etcd-3.5.0-21.2.s390x"
}
},
{
"category": "product_version",
"name": "kubernetes-etcd-minus1-3.4.13-21.2.s390x",
"product": {
"name": "kubernetes-etcd-minus1-3.4.13-21.2.s390x",
"product_id": "kubernetes-etcd-minus1-3.4.13-21.2.s390x"
}
},
{
"category": "product_version",
"name": "kubernetes-kubeadm-1.22.2-21.2.s390x",
"product": {
"name": "kubernetes-kubeadm-1.22.2-21.2.s390x",
"product_id": "kubernetes-kubeadm-1.22.2-21.2.s390x"
}
},
{
"category": "product_version",
"name": "kubernetes-kubelet-1.22.2-21.2.s390x",
"product": {
"name": "kubernetes-kubelet-1.22.2-21.2.s390x",
"product_id": "kubernetes-kubelet-1.22.2-21.2.s390x"
}
},
{
"category": "product_version",
"name": "kubernetes-proxy-1.22.2-21.2.s390x",
"product": {
"name": "kubernetes-proxy-1.22.2-21.2.s390x",
"product_id": "kubernetes-proxy-1.22.2-21.2.s390x"
}
},
{
"category": "product_version",
"name": "kubernetes-proxy-minus1-1.21.5-21.2.s390x",
"product": {
"name": "kubernetes-proxy-minus1-1.21.5-21.2.s390x",
"product_id": "kubernetes-proxy-minus1-1.21.5-21.2.s390x"
}
},
{
"category": "product_version",
"name": "kubernetes-scheduler-1.22.2-21.2.s390x",
"product": {
"name": "kubernetes-scheduler-1.22.2-21.2.s390x",
"product_id": "kubernetes-scheduler-1.22.2-21.2.s390x"
}
},
{
"category": "product_version",
"name": "kubernetes-scheduler-minus1-1.21.5-21.2.s390x",
"product": {
"name": "kubernetes-scheduler-minus1-1.21.5-21.2.s390x",
"product_id": "kubernetes-scheduler-minus1-1.21.5-21.2.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "kubernetes-apiserver-1.22.2-21.2.x86_64",
"product": {
"name": "kubernetes-apiserver-1.22.2-21.2.x86_64",
"product_id": "kubernetes-apiserver-1.22.2-21.2.x86_64"
}
},
{
"category": "product_version",
"name": "kubernetes-apiserver-minus1-1.21.5-21.2.x86_64",
"product": {
"name": "kubernetes-apiserver-minus1-1.21.5-21.2.x86_64",
"product_id": "kubernetes-apiserver-minus1-1.21.5-21.2.x86_64"
}
},
{
"category": "product_version",
"name": "kubernetes-client-1.22.2-21.2.x86_64",
"product": {
"name": "kubernetes-client-1.22.2-21.2.x86_64",
"product_id": "kubernetes-client-1.22.2-21.2.x86_64"
}
},
{
"category": "product_version",
"name": "kubernetes-controller-manager-1.22.2-21.2.x86_64",
"product": {
"name": "kubernetes-controller-manager-1.22.2-21.2.x86_64",
"product_id": "kubernetes-controller-manager-1.22.2-21.2.x86_64"
}
},
{
"category": "product_version",
"name": "kubernetes-controller-manager-minus1-1.21.5-21.2.x86_64",
"product": {
"name": "kubernetes-controller-manager-minus1-1.21.5-21.2.x86_64",
"product_id": "kubernetes-controller-manager-minus1-1.21.5-21.2.x86_64"
}
},
{
"category": "product_version",
"name": "kubernetes-coredns-1.8.4-21.2.x86_64",
"product": {
"name": "kubernetes-coredns-1.8.4-21.2.x86_64",
"product_id": "kubernetes-coredns-1.8.4-21.2.x86_64"
}
},
{
"category": "product_version",
"name": "kubernetes-coredns-minus1-1.8.0-21.2.x86_64",
"product": {
"name": "kubernetes-coredns-minus1-1.8.0-21.2.x86_64",
"product_id": "kubernetes-coredns-minus1-1.8.0-21.2.x86_64"
}
},
{
"category": "product_version",
"name": "kubernetes-etcd-3.5.0-21.2.x86_64",
"product": {
"name": "kubernetes-etcd-3.5.0-21.2.x86_64",
"product_id": "kubernetes-etcd-3.5.0-21.2.x86_64"
}
},
{
"category": "product_version",
"name": "kubernetes-etcd-minus1-3.4.13-21.2.x86_64",
"product": {
"name": "kubernetes-etcd-minus1-3.4.13-21.2.x86_64",
"product_id": "kubernetes-etcd-minus1-3.4.13-21.2.x86_64"
}
},
{
"category": "product_version",
"name": "kubernetes-kubeadm-1.22.2-21.2.x86_64",
"product": {
"name": "kubernetes-kubeadm-1.22.2-21.2.x86_64",
"product_id": "kubernetes-kubeadm-1.22.2-21.2.x86_64"
}
},
{
"category": "product_version",
"name": "kubernetes-kubelet-1.22.2-21.2.x86_64",
"product": {
"name": "kubernetes-kubelet-1.22.2-21.2.x86_64",
"product_id": "kubernetes-kubelet-1.22.2-21.2.x86_64"
}
},
{
"category": "product_version",
"name": "kubernetes-proxy-1.22.2-21.2.x86_64",
"product": {
"name": "kubernetes-proxy-1.22.2-21.2.x86_64",
"product_id": "kubernetes-proxy-1.22.2-21.2.x86_64"
}
},
{
"category": "product_version",
"name": "kubernetes-proxy-minus1-1.21.5-21.2.x86_64",
"product": {
"name": "kubernetes-proxy-minus1-1.21.5-21.2.x86_64",
"product_id": "kubernetes-proxy-minus1-1.21.5-21.2.x86_64"
}
},
{
"category": "product_version",
"name": "kubernetes-scheduler-1.22.2-21.2.x86_64",
"product": {
"name": "kubernetes-scheduler-1.22.2-21.2.x86_64",
"product_id": "kubernetes-scheduler-1.22.2-21.2.x86_64"
}
},
{
"category": "product_version",
"name": "kubernetes-scheduler-minus1-1.21.5-21.2.x86_64",
"product": {
"name": "kubernetes-scheduler-minus1-1.21.5-21.2.x86_64",
"product_id": "kubernetes-scheduler-minus1-1.21.5-21.2.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Tumbleweed",
"product": {
"name": "openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:tumbleweed"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes-apiserver-1.22.2-21.2.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes-apiserver-1.22.2-21.2.aarch64"
},
"product_reference": "kubernetes-apiserver-1.22.2-21.2.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes-apiserver-1.22.2-21.2.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes-apiserver-1.22.2-21.2.ppc64le"
},
"product_reference": "kubernetes-apiserver-1.22.2-21.2.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes-apiserver-1.22.2-21.2.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes-apiserver-1.22.2-21.2.s390x"
},
"product_reference": "kubernetes-apiserver-1.22.2-21.2.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes-apiserver-1.22.2-21.2.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes-apiserver-1.22.2-21.2.x86_64"
},
"product_reference": "kubernetes-apiserver-1.22.2-21.2.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes-apiserver-minus1-1.21.5-21.2.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes-apiserver-minus1-1.21.5-21.2.aarch64"
},
"product_reference": "kubernetes-apiserver-minus1-1.21.5-21.2.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes-apiserver-minus1-1.21.5-21.2.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes-apiserver-minus1-1.21.5-21.2.ppc64le"
},
"product_reference": "kubernetes-apiserver-minus1-1.21.5-21.2.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes-apiserver-minus1-1.21.5-21.2.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes-apiserver-minus1-1.21.5-21.2.s390x"
},
"product_reference": "kubernetes-apiserver-minus1-1.21.5-21.2.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes-apiserver-minus1-1.21.5-21.2.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes-apiserver-minus1-1.21.5-21.2.x86_64"
},
"product_reference": "kubernetes-apiserver-minus1-1.21.5-21.2.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes-client-1.22.2-21.2.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes-client-1.22.2-21.2.aarch64"
},
"product_reference": "kubernetes-client-1.22.2-21.2.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes-client-1.22.2-21.2.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes-client-1.22.2-21.2.ppc64le"
},
"product_reference": "kubernetes-client-1.22.2-21.2.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes-client-1.22.2-21.2.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes-client-1.22.2-21.2.s390x"
},
"product_reference": "kubernetes-client-1.22.2-21.2.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes-client-1.22.2-21.2.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes-client-1.22.2-21.2.x86_64"
},
"product_reference": "kubernetes-client-1.22.2-21.2.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes-controller-manager-1.22.2-21.2.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes-controller-manager-1.22.2-21.2.aarch64"
},
"product_reference": "kubernetes-controller-manager-1.22.2-21.2.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes-controller-manager-1.22.2-21.2.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes-controller-manager-1.22.2-21.2.ppc64le"
},
"product_reference": "kubernetes-controller-manager-1.22.2-21.2.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes-controller-manager-1.22.2-21.2.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes-controller-manager-1.22.2-21.2.s390x"
},
"product_reference": "kubernetes-controller-manager-1.22.2-21.2.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes-controller-manager-1.22.2-21.2.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes-controller-manager-1.22.2-21.2.x86_64"
},
"product_reference": "kubernetes-controller-manager-1.22.2-21.2.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes-controller-manager-minus1-1.21.5-21.2.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes-controller-manager-minus1-1.21.5-21.2.aarch64"
},
"product_reference": "kubernetes-controller-manager-minus1-1.21.5-21.2.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes-controller-manager-minus1-1.21.5-21.2.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes-controller-manager-minus1-1.21.5-21.2.ppc64le"
},
"product_reference": "kubernetes-controller-manager-minus1-1.21.5-21.2.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes-controller-manager-minus1-1.21.5-21.2.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes-controller-manager-minus1-1.21.5-21.2.s390x"
},
"product_reference": "kubernetes-controller-manager-minus1-1.21.5-21.2.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes-controller-manager-minus1-1.21.5-21.2.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes-controller-manager-minus1-1.21.5-21.2.x86_64"
},
"product_reference": "kubernetes-controller-manager-minus1-1.21.5-21.2.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes-coredns-1.8.4-21.2.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes-coredns-1.8.4-21.2.aarch64"
},
"product_reference": "kubernetes-coredns-1.8.4-21.2.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes-coredns-1.8.4-21.2.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes-coredns-1.8.4-21.2.ppc64le"
},
"product_reference": "kubernetes-coredns-1.8.4-21.2.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes-coredns-1.8.4-21.2.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes-coredns-1.8.4-21.2.s390x"
},
"product_reference": "kubernetes-coredns-1.8.4-21.2.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes-coredns-1.8.4-21.2.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes-coredns-1.8.4-21.2.x86_64"
},
"product_reference": "kubernetes-coredns-1.8.4-21.2.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes-coredns-minus1-1.8.0-21.2.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes-coredns-minus1-1.8.0-21.2.aarch64"
},
"product_reference": "kubernetes-coredns-minus1-1.8.0-21.2.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes-coredns-minus1-1.8.0-21.2.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes-coredns-minus1-1.8.0-21.2.ppc64le"
},
"product_reference": "kubernetes-coredns-minus1-1.8.0-21.2.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes-coredns-minus1-1.8.0-21.2.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes-coredns-minus1-1.8.0-21.2.s390x"
},
"product_reference": "kubernetes-coredns-minus1-1.8.0-21.2.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes-coredns-minus1-1.8.0-21.2.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes-coredns-minus1-1.8.0-21.2.x86_64"
},
"product_reference": "kubernetes-coredns-minus1-1.8.0-21.2.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes-etcd-3.5.0-21.2.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes-etcd-3.5.0-21.2.aarch64"
},
"product_reference": "kubernetes-etcd-3.5.0-21.2.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes-etcd-3.5.0-21.2.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes-etcd-3.5.0-21.2.ppc64le"
},
"product_reference": "kubernetes-etcd-3.5.0-21.2.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes-etcd-3.5.0-21.2.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes-etcd-3.5.0-21.2.s390x"
},
"product_reference": "kubernetes-etcd-3.5.0-21.2.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes-etcd-3.5.0-21.2.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes-etcd-3.5.0-21.2.x86_64"
},
"product_reference": "kubernetes-etcd-3.5.0-21.2.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes-etcd-minus1-3.4.13-21.2.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes-etcd-minus1-3.4.13-21.2.aarch64"
},
"product_reference": "kubernetes-etcd-minus1-3.4.13-21.2.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes-etcd-minus1-3.4.13-21.2.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes-etcd-minus1-3.4.13-21.2.ppc64le"
},
"product_reference": "kubernetes-etcd-minus1-3.4.13-21.2.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes-etcd-minus1-3.4.13-21.2.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes-etcd-minus1-3.4.13-21.2.s390x"
},
"product_reference": "kubernetes-etcd-minus1-3.4.13-21.2.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes-etcd-minus1-3.4.13-21.2.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes-etcd-minus1-3.4.13-21.2.x86_64"
},
"product_reference": "kubernetes-etcd-minus1-3.4.13-21.2.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes-kubeadm-1.22.2-21.2.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes-kubeadm-1.22.2-21.2.aarch64"
},
"product_reference": "kubernetes-kubeadm-1.22.2-21.2.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes-kubeadm-1.22.2-21.2.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes-kubeadm-1.22.2-21.2.ppc64le"
},
"product_reference": "kubernetes-kubeadm-1.22.2-21.2.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes-kubeadm-1.22.2-21.2.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes-kubeadm-1.22.2-21.2.s390x"
},
"product_reference": "kubernetes-kubeadm-1.22.2-21.2.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes-kubeadm-1.22.2-21.2.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes-kubeadm-1.22.2-21.2.x86_64"
},
"product_reference": "kubernetes-kubeadm-1.22.2-21.2.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes-kubelet-1.22.2-21.2.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes-kubelet-1.22.2-21.2.aarch64"
},
"product_reference": "kubernetes-kubelet-1.22.2-21.2.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes-kubelet-1.22.2-21.2.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes-kubelet-1.22.2-21.2.ppc64le"
},
"product_reference": "kubernetes-kubelet-1.22.2-21.2.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes-kubelet-1.22.2-21.2.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes-kubelet-1.22.2-21.2.s390x"
},
"product_reference": "kubernetes-kubelet-1.22.2-21.2.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes-kubelet-1.22.2-21.2.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes-kubelet-1.22.2-21.2.x86_64"
},
"product_reference": "kubernetes-kubelet-1.22.2-21.2.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes-proxy-1.22.2-21.2.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes-proxy-1.22.2-21.2.aarch64"
},
"product_reference": "kubernetes-proxy-1.22.2-21.2.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes-proxy-1.22.2-21.2.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes-proxy-1.22.2-21.2.ppc64le"
},
"product_reference": "kubernetes-proxy-1.22.2-21.2.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes-proxy-1.22.2-21.2.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes-proxy-1.22.2-21.2.s390x"
},
"product_reference": "kubernetes-proxy-1.22.2-21.2.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes-proxy-1.22.2-21.2.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes-proxy-1.22.2-21.2.x86_64"
},
"product_reference": "kubernetes-proxy-1.22.2-21.2.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes-proxy-minus1-1.21.5-21.2.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes-proxy-minus1-1.21.5-21.2.aarch64"
},
"product_reference": "kubernetes-proxy-minus1-1.21.5-21.2.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes-proxy-minus1-1.21.5-21.2.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes-proxy-minus1-1.21.5-21.2.ppc64le"
},
"product_reference": "kubernetes-proxy-minus1-1.21.5-21.2.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes-proxy-minus1-1.21.5-21.2.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes-proxy-minus1-1.21.5-21.2.s390x"
},
"product_reference": "kubernetes-proxy-minus1-1.21.5-21.2.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes-proxy-minus1-1.21.5-21.2.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes-proxy-minus1-1.21.5-21.2.x86_64"
},
"product_reference": "kubernetes-proxy-minus1-1.21.5-21.2.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes-scheduler-1.22.2-21.2.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes-scheduler-1.22.2-21.2.aarch64"
},
"product_reference": "kubernetes-scheduler-1.22.2-21.2.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes-scheduler-1.22.2-21.2.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes-scheduler-1.22.2-21.2.ppc64le"
},
"product_reference": "kubernetes-scheduler-1.22.2-21.2.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes-scheduler-1.22.2-21.2.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes-scheduler-1.22.2-21.2.s390x"
},
"product_reference": "kubernetes-scheduler-1.22.2-21.2.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes-scheduler-1.22.2-21.2.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes-scheduler-1.22.2-21.2.x86_64"
},
"product_reference": "kubernetes-scheduler-1.22.2-21.2.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes-scheduler-minus1-1.21.5-21.2.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes-scheduler-minus1-1.21.5-21.2.aarch64"
},
"product_reference": "kubernetes-scheduler-minus1-1.21.5-21.2.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes-scheduler-minus1-1.21.5-21.2.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes-scheduler-minus1-1.21.5-21.2.ppc64le"
},
"product_reference": "kubernetes-scheduler-minus1-1.21.5-21.2.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes-scheduler-minus1-1.21.5-21.2.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes-scheduler-minus1-1.21.5-21.2.s390x"
},
"product_reference": "kubernetes-scheduler-minus1-1.21.5-21.2.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kubernetes-scheduler-minus1-1.21.5-21.2.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:kubernetes-scheduler-minus1-1.21.5-21.2.x86_64"
},
"product_reference": "kubernetes-scheduler-minus1-1.21.5-21.2.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2016-5195",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-5195"
}
],
"notes": [
{
"category": "general",
"text": "Race condition in mm/gup.c in the Linux kernel 2.x through 4.x before 4.8.3 allows local users to gain privileges by leveraging incorrect handling of a copy-on-write (COW) feature to write to a read-only memory mapping, as exploited in the wild in October 2016, aka \"Dirty COW.\"",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:kubernetes-apiserver-1.22.2-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-apiserver-1.22.2-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-apiserver-1.22.2-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-apiserver-1.22.2-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-apiserver-minus1-1.21.5-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-apiserver-minus1-1.21.5-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-apiserver-minus1-1.21.5-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-apiserver-minus1-1.21.5-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-client-1.22.2-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-client-1.22.2-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-client-1.22.2-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-client-1.22.2-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-controller-manager-1.22.2-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-controller-manager-1.22.2-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-controller-manager-1.22.2-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-controller-manager-1.22.2-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-controller-manager-minus1-1.21.5-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-controller-manager-minus1-1.21.5-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-controller-manager-minus1-1.21.5-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-controller-manager-minus1-1.21.5-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-coredns-1.8.4-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-coredns-1.8.4-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-coredns-1.8.4-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-coredns-1.8.4-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-coredns-minus1-1.8.0-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-coredns-minus1-1.8.0-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-coredns-minus1-1.8.0-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-coredns-minus1-1.8.0-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-etcd-3.5.0-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-etcd-3.5.0-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-etcd-3.5.0-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-etcd-3.5.0-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-etcd-minus1-3.4.13-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-etcd-minus1-3.4.13-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-etcd-minus1-3.4.13-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-etcd-minus1-3.4.13-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-kubeadm-1.22.2-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-kubeadm-1.22.2-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-kubeadm-1.22.2-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-kubeadm-1.22.2-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-kubelet-1.22.2-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-kubelet-1.22.2-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-kubelet-1.22.2-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-kubelet-1.22.2-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-proxy-1.22.2-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-proxy-1.22.2-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-proxy-1.22.2-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-proxy-1.22.2-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-proxy-minus1-1.21.5-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-proxy-minus1-1.21.5-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-proxy-minus1-1.21.5-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-proxy-minus1-1.21.5-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-scheduler-1.22.2-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-scheduler-1.22.2-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-scheduler-1.22.2-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-scheduler-1.22.2-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-scheduler-minus1-1.21.5-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-scheduler-minus1-1.21.5-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-scheduler-minus1-1.21.5-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-scheduler-minus1-1.21.5-21.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-5195",
"url": "https://www.suse.com/security/cve/CVE-2016-5195"
},
{
"category": "external",
"summary": "SUSE Bug 1004418 for CVE-2016-5195",
"url": "https://bugzilla.suse.com/1004418"
},
{
"category": "external",
"summary": "SUSE Bug 1004419 for CVE-2016-5195",
"url": "https://bugzilla.suse.com/1004419"
},
{
"category": "external",
"summary": "SUSE Bug 1004436 for CVE-2016-5195",
"url": "https://bugzilla.suse.com/1004436"
},
{
"category": "external",
"summary": "SUSE Bug 1006323 for CVE-2016-5195",
"url": "https://bugzilla.suse.com/1006323"
},
{
"category": "external",
"summary": "SUSE Bug 1006695 for CVE-2016-5195",
"url": "https://bugzilla.suse.com/1006695"
},
{
"category": "external",
"summary": "SUSE Bug 1007291 for CVE-2016-5195",
"url": "https://bugzilla.suse.com/1007291"
},
{
"category": "external",
"summary": "SUSE Bug 1008110 for CVE-2016-5195",
"url": "https://bugzilla.suse.com/1008110"
},
{
"category": "external",
"summary": "SUSE Bug 1030118 for CVE-2016-5195",
"url": "https://bugzilla.suse.com/1030118"
},
{
"category": "external",
"summary": "SUSE Bug 1046453 for CVE-2016-5195",
"url": "https://bugzilla.suse.com/1046453"
},
{
"category": "external",
"summary": "SUSE Bug 1069496 for CVE-2016-5195",
"url": "https://bugzilla.suse.com/1069496"
},
{
"category": "external",
"summary": "SUSE Bug 1149725 for CVE-2016-5195",
"url": "https://bugzilla.suse.com/1149725"
},
{
"category": "external",
"summary": "SUSE Bug 870618 for CVE-2016-5195",
"url": "https://bugzilla.suse.com/870618"
},
{
"category": "external",
"summary": "SUSE Bug 986445 for CVE-2016-5195",
"url": "https://bugzilla.suse.com/986445"
},
{
"category": "external",
"summary": "SUSE Bug 998689 for CVE-2016-5195",
"url": "https://bugzilla.suse.com/998689"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:kubernetes-apiserver-1.22.2-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-apiserver-1.22.2-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-apiserver-1.22.2-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-apiserver-1.22.2-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-apiserver-minus1-1.21.5-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-apiserver-minus1-1.21.5-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-apiserver-minus1-1.21.5-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-apiserver-minus1-1.21.5-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-client-1.22.2-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-client-1.22.2-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-client-1.22.2-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-client-1.22.2-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-controller-manager-1.22.2-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-controller-manager-1.22.2-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-controller-manager-1.22.2-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-controller-manager-1.22.2-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-controller-manager-minus1-1.21.5-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-controller-manager-minus1-1.21.5-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-controller-manager-minus1-1.21.5-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-controller-manager-minus1-1.21.5-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-coredns-1.8.4-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-coredns-1.8.4-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-coredns-1.8.4-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-coredns-1.8.4-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-coredns-minus1-1.8.0-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-coredns-minus1-1.8.0-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-coredns-minus1-1.8.0-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-coredns-minus1-1.8.0-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-etcd-3.5.0-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-etcd-3.5.0-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-etcd-3.5.0-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-etcd-3.5.0-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-etcd-minus1-3.4.13-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-etcd-minus1-3.4.13-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-etcd-minus1-3.4.13-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-etcd-minus1-3.4.13-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-kubeadm-1.22.2-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-kubeadm-1.22.2-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-kubeadm-1.22.2-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-kubeadm-1.22.2-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-kubelet-1.22.2-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-kubelet-1.22.2-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-kubelet-1.22.2-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-kubelet-1.22.2-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-proxy-1.22.2-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-proxy-1.22.2-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-proxy-1.22.2-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-proxy-1.22.2-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-proxy-minus1-1.21.5-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-proxy-minus1-1.21.5-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-proxy-minus1-1.21.5-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-proxy-minus1-1.21.5-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-scheduler-1.22.2-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-scheduler-1.22.2-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-scheduler-1.22.2-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-scheduler-1.22.2-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-scheduler-minus1-1.21.5-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-scheduler-minus1-1.21.5-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-scheduler-minus1-1.21.5-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-scheduler-minus1-1.21.5-21.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:kubernetes-apiserver-1.22.2-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-apiserver-1.22.2-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-apiserver-1.22.2-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-apiserver-1.22.2-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-apiserver-minus1-1.21.5-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-apiserver-minus1-1.21.5-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-apiserver-minus1-1.21.5-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-apiserver-minus1-1.21.5-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-client-1.22.2-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-client-1.22.2-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-client-1.22.2-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-client-1.22.2-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-controller-manager-1.22.2-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-controller-manager-1.22.2-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-controller-manager-1.22.2-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-controller-manager-1.22.2-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-controller-manager-minus1-1.21.5-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-controller-manager-minus1-1.21.5-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-controller-manager-minus1-1.21.5-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-controller-manager-minus1-1.21.5-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-coredns-1.8.4-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-coredns-1.8.4-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-coredns-1.8.4-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-coredns-1.8.4-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-coredns-minus1-1.8.0-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-coredns-minus1-1.8.0-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-coredns-minus1-1.8.0-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-coredns-minus1-1.8.0-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-etcd-3.5.0-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-etcd-3.5.0-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-etcd-3.5.0-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-etcd-3.5.0-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-etcd-minus1-3.4.13-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-etcd-minus1-3.4.13-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-etcd-minus1-3.4.13-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-etcd-minus1-3.4.13-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-kubeadm-1.22.2-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-kubeadm-1.22.2-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-kubeadm-1.22.2-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-kubeadm-1.22.2-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-kubelet-1.22.2-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-kubelet-1.22.2-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-kubelet-1.22.2-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-kubelet-1.22.2-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-proxy-1.22.2-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-proxy-1.22.2-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-proxy-1.22.2-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-proxy-1.22.2-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-proxy-minus1-1.21.5-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-proxy-minus1-1.21.5-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-proxy-minus1-1.21.5-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-proxy-minus1-1.21.5-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-scheduler-1.22.2-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-scheduler-1.22.2-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-scheduler-1.22.2-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-scheduler-1.22.2-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-scheduler-minus1-1.21.5-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-scheduler-minus1-1.21.5-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-scheduler-minus1-1.21.5-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-scheduler-minus1-1.21.5-21.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2016-5195"
},
{
"cve": "CVE-2016-8859",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-8859"
}
],
"notes": [
{
"category": "general",
"text": "Multiple integer overflows in the TRE library and musl libc allow attackers to cause memory corruption via a large number of (1) states or (2) tags, which triggers an out-of-bounds write.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:kubernetes-apiserver-1.22.2-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-apiserver-1.22.2-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-apiserver-1.22.2-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-apiserver-1.22.2-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-apiserver-minus1-1.21.5-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-apiserver-minus1-1.21.5-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-apiserver-minus1-1.21.5-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-apiserver-minus1-1.21.5-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-client-1.22.2-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-client-1.22.2-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-client-1.22.2-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-client-1.22.2-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-controller-manager-1.22.2-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-controller-manager-1.22.2-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-controller-manager-1.22.2-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-controller-manager-1.22.2-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-controller-manager-minus1-1.21.5-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-controller-manager-minus1-1.21.5-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-controller-manager-minus1-1.21.5-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-controller-manager-minus1-1.21.5-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-coredns-1.8.4-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-coredns-1.8.4-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-coredns-1.8.4-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-coredns-1.8.4-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-coredns-minus1-1.8.0-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-coredns-minus1-1.8.0-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-coredns-minus1-1.8.0-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-coredns-minus1-1.8.0-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-etcd-3.5.0-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-etcd-3.5.0-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-etcd-3.5.0-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-etcd-3.5.0-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-etcd-minus1-3.4.13-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-etcd-minus1-3.4.13-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-etcd-minus1-3.4.13-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-etcd-minus1-3.4.13-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-kubeadm-1.22.2-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-kubeadm-1.22.2-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-kubeadm-1.22.2-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-kubeadm-1.22.2-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-kubelet-1.22.2-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-kubelet-1.22.2-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-kubelet-1.22.2-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-kubelet-1.22.2-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-proxy-1.22.2-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-proxy-1.22.2-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-proxy-1.22.2-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-proxy-1.22.2-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-proxy-minus1-1.21.5-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-proxy-minus1-1.21.5-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-proxy-minus1-1.21.5-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-proxy-minus1-1.21.5-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-scheduler-1.22.2-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-scheduler-1.22.2-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-scheduler-1.22.2-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-scheduler-1.22.2-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-scheduler-minus1-1.21.5-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-scheduler-minus1-1.21.5-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-scheduler-minus1-1.21.5-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-scheduler-minus1-1.21.5-21.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-8859",
"url": "https://www.suse.com/security/cve/CVE-2016-8859"
},
{
"category": "external",
"summary": "SUSE Bug 1005483 for CVE-2016-8859",
"url": "https://bugzilla.suse.com/1005483"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:kubernetes-apiserver-1.22.2-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-apiserver-1.22.2-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-apiserver-1.22.2-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-apiserver-1.22.2-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-apiserver-minus1-1.21.5-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-apiserver-minus1-1.21.5-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-apiserver-minus1-1.21.5-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-apiserver-minus1-1.21.5-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-client-1.22.2-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-client-1.22.2-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-client-1.22.2-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-client-1.22.2-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-controller-manager-1.22.2-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-controller-manager-1.22.2-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-controller-manager-1.22.2-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-controller-manager-1.22.2-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-controller-manager-minus1-1.21.5-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-controller-manager-minus1-1.21.5-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-controller-manager-minus1-1.21.5-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-controller-manager-minus1-1.21.5-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-coredns-1.8.4-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-coredns-1.8.4-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-coredns-1.8.4-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-coredns-1.8.4-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-coredns-minus1-1.8.0-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-coredns-minus1-1.8.0-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-coredns-minus1-1.8.0-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-coredns-minus1-1.8.0-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-etcd-3.5.0-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-etcd-3.5.0-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-etcd-3.5.0-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-etcd-3.5.0-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-etcd-minus1-3.4.13-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-etcd-minus1-3.4.13-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-etcd-minus1-3.4.13-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-etcd-minus1-3.4.13-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-kubeadm-1.22.2-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-kubeadm-1.22.2-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-kubeadm-1.22.2-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-kubeadm-1.22.2-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-kubelet-1.22.2-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-kubelet-1.22.2-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-kubelet-1.22.2-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-kubelet-1.22.2-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-proxy-1.22.2-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-proxy-1.22.2-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-proxy-1.22.2-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-proxy-1.22.2-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-proxy-minus1-1.21.5-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-proxy-minus1-1.21.5-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-proxy-minus1-1.21.5-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-proxy-minus1-1.21.5-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-scheduler-1.22.2-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-scheduler-1.22.2-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-scheduler-1.22.2-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-scheduler-1.22.2-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-scheduler-minus1-1.21.5-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-scheduler-minus1-1.21.5-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-scheduler-minus1-1.21.5-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-scheduler-minus1-1.21.5-21.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:kubernetes-apiserver-1.22.2-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-apiserver-1.22.2-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-apiserver-1.22.2-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-apiserver-1.22.2-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-apiserver-minus1-1.21.5-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-apiserver-minus1-1.21.5-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-apiserver-minus1-1.21.5-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-apiserver-minus1-1.21.5-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-client-1.22.2-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-client-1.22.2-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-client-1.22.2-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-client-1.22.2-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-controller-manager-1.22.2-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-controller-manager-1.22.2-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-controller-manager-1.22.2-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-controller-manager-1.22.2-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-controller-manager-minus1-1.21.5-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-controller-manager-minus1-1.21.5-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-controller-manager-minus1-1.21.5-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-controller-manager-minus1-1.21.5-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-coredns-1.8.4-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-coredns-1.8.4-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-coredns-1.8.4-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-coredns-1.8.4-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-coredns-minus1-1.8.0-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-coredns-minus1-1.8.0-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-coredns-minus1-1.8.0-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-coredns-minus1-1.8.0-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-etcd-3.5.0-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-etcd-3.5.0-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-etcd-3.5.0-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-etcd-3.5.0-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-etcd-minus1-3.4.13-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-etcd-minus1-3.4.13-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-etcd-minus1-3.4.13-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-etcd-minus1-3.4.13-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-kubeadm-1.22.2-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-kubeadm-1.22.2-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-kubeadm-1.22.2-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-kubeadm-1.22.2-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-kubelet-1.22.2-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-kubelet-1.22.2-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-kubelet-1.22.2-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-kubelet-1.22.2-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-proxy-1.22.2-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-proxy-1.22.2-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-proxy-1.22.2-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-proxy-1.22.2-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-proxy-minus1-1.21.5-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-proxy-minus1-1.21.5-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-proxy-minus1-1.21.5-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-proxy-minus1-1.21.5-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-scheduler-1.22.2-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-scheduler-1.22.2-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-scheduler-1.22.2-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-scheduler-1.22.2-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-scheduler-minus1-1.21.5-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-scheduler-minus1-1.21.5-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-scheduler-minus1-1.21.5-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-scheduler-minus1-1.21.5-21.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2016-8859"
},
{
"cve": "CVE-2017-1002101",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-1002101"
}
],
"notes": [
{
"category": "general",
"text": "In Kubernetes versions 1.3.x, 1.4.x, 1.5.x, 1.6.x and prior to versions 1.7.14, 1.8.9 and 1.9.4 containers using subpath volume mounts with any volume type (including non-privileged pods, subject to file permissions) can access files/directories outside of the volume, including the host\u0027s filesystem.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:kubernetes-apiserver-1.22.2-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-apiserver-1.22.2-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-apiserver-1.22.2-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-apiserver-1.22.2-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-apiserver-minus1-1.21.5-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-apiserver-minus1-1.21.5-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-apiserver-minus1-1.21.5-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-apiserver-minus1-1.21.5-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-client-1.22.2-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-client-1.22.2-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-client-1.22.2-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-client-1.22.2-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-controller-manager-1.22.2-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-controller-manager-1.22.2-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-controller-manager-1.22.2-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-controller-manager-1.22.2-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-controller-manager-minus1-1.21.5-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-controller-manager-minus1-1.21.5-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-controller-manager-minus1-1.21.5-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-controller-manager-minus1-1.21.5-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-coredns-1.8.4-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-coredns-1.8.4-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-coredns-1.8.4-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-coredns-1.8.4-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-coredns-minus1-1.8.0-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-coredns-minus1-1.8.0-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-coredns-minus1-1.8.0-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-coredns-minus1-1.8.0-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-etcd-3.5.0-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-etcd-3.5.0-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-etcd-3.5.0-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-etcd-3.5.0-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-etcd-minus1-3.4.13-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-etcd-minus1-3.4.13-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-etcd-minus1-3.4.13-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-etcd-minus1-3.4.13-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-kubeadm-1.22.2-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-kubeadm-1.22.2-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-kubeadm-1.22.2-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-kubeadm-1.22.2-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-kubelet-1.22.2-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-kubelet-1.22.2-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-kubelet-1.22.2-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-kubelet-1.22.2-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-proxy-1.22.2-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-proxy-1.22.2-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-proxy-1.22.2-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-proxy-1.22.2-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-proxy-minus1-1.21.5-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-proxy-minus1-1.21.5-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-proxy-minus1-1.21.5-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-proxy-minus1-1.21.5-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-scheduler-1.22.2-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-scheduler-1.22.2-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-scheduler-1.22.2-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-scheduler-1.22.2-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-scheduler-minus1-1.21.5-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-scheduler-minus1-1.21.5-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-scheduler-minus1-1.21.5-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-scheduler-minus1-1.21.5-21.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-1002101",
"url": "https://www.suse.com/security/cve/CVE-2017-1002101"
},
{
"category": "external",
"summary": "SUSE Bug 1084923 for CVE-2017-1002101",
"url": "https://bugzilla.suse.com/1084923"
},
{
"category": "external",
"summary": "SUSE Bug 1085007 for CVE-2017-1002101",
"url": "https://bugzilla.suse.com/1085007"
},
{
"category": "external",
"summary": "SUSE Bug 1085009 for CVE-2017-1002101",
"url": "https://bugzilla.suse.com/1085009"
},
{
"category": "external",
"summary": "SUSE Bug 1096726 for CVE-2017-1002101",
"url": "https://bugzilla.suse.com/1096726"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:kubernetes-apiserver-1.22.2-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-apiserver-1.22.2-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-apiserver-1.22.2-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-apiserver-1.22.2-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-apiserver-minus1-1.21.5-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-apiserver-minus1-1.21.5-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-apiserver-minus1-1.21.5-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-apiserver-minus1-1.21.5-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-client-1.22.2-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-client-1.22.2-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-client-1.22.2-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-client-1.22.2-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-controller-manager-1.22.2-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-controller-manager-1.22.2-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-controller-manager-1.22.2-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-controller-manager-1.22.2-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-controller-manager-minus1-1.21.5-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-controller-manager-minus1-1.21.5-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-controller-manager-minus1-1.21.5-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-controller-manager-minus1-1.21.5-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-coredns-1.8.4-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-coredns-1.8.4-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-coredns-1.8.4-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-coredns-1.8.4-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-coredns-minus1-1.8.0-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-coredns-minus1-1.8.0-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-coredns-minus1-1.8.0-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-coredns-minus1-1.8.0-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-etcd-3.5.0-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-etcd-3.5.0-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-etcd-3.5.0-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-etcd-3.5.0-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-etcd-minus1-3.4.13-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-etcd-minus1-3.4.13-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-etcd-minus1-3.4.13-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-etcd-minus1-3.4.13-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-kubeadm-1.22.2-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-kubeadm-1.22.2-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-kubeadm-1.22.2-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-kubeadm-1.22.2-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-kubelet-1.22.2-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-kubelet-1.22.2-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-kubelet-1.22.2-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-kubelet-1.22.2-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-proxy-1.22.2-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-proxy-1.22.2-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-proxy-1.22.2-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-proxy-1.22.2-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-proxy-minus1-1.21.5-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-proxy-minus1-1.21.5-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-proxy-minus1-1.21.5-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-proxy-minus1-1.21.5-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-scheduler-1.22.2-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-scheduler-1.22.2-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-scheduler-1.22.2-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-scheduler-1.22.2-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-scheduler-minus1-1.21.5-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-scheduler-minus1-1.21.5-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-scheduler-minus1-1.21.5-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-scheduler-minus1-1.21.5-21.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:kubernetes-apiserver-1.22.2-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-apiserver-1.22.2-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-apiserver-1.22.2-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-apiserver-1.22.2-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-apiserver-minus1-1.21.5-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-apiserver-minus1-1.21.5-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-apiserver-minus1-1.21.5-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-apiserver-minus1-1.21.5-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-client-1.22.2-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-client-1.22.2-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-client-1.22.2-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-client-1.22.2-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-controller-manager-1.22.2-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-controller-manager-1.22.2-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-controller-manager-1.22.2-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-controller-manager-1.22.2-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-controller-manager-minus1-1.21.5-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-controller-manager-minus1-1.21.5-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-controller-manager-minus1-1.21.5-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-controller-manager-minus1-1.21.5-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-coredns-1.8.4-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-coredns-1.8.4-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-coredns-1.8.4-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-coredns-1.8.4-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-coredns-minus1-1.8.0-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-coredns-minus1-1.8.0-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-coredns-minus1-1.8.0-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-coredns-minus1-1.8.0-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-etcd-3.5.0-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-etcd-3.5.0-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-etcd-3.5.0-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-etcd-3.5.0-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-etcd-minus1-3.4.13-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-etcd-minus1-3.4.13-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-etcd-minus1-3.4.13-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-etcd-minus1-3.4.13-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-kubeadm-1.22.2-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-kubeadm-1.22.2-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-kubeadm-1.22.2-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-kubeadm-1.22.2-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-kubelet-1.22.2-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-kubelet-1.22.2-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-kubelet-1.22.2-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-kubelet-1.22.2-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-proxy-1.22.2-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-proxy-1.22.2-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-proxy-1.22.2-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-proxy-1.22.2-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-proxy-minus1-1.21.5-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-proxy-minus1-1.21.5-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-proxy-minus1-1.21.5-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-proxy-minus1-1.21.5-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-scheduler-1.22.2-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-scheduler-1.22.2-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-scheduler-1.22.2-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-scheduler-1.22.2-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-scheduler-minus1-1.21.5-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-scheduler-minus1-1.21.5-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-scheduler-minus1-1.21.5-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-scheduler-minus1-1.21.5-21.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2017-1002101"
},
{
"cve": "CVE-2018-1002105",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-1002105"
}
],
"notes": [
{
"category": "general",
"text": "In all Kubernetes versions prior to v1.10.11, v1.11.5, and v1.12.3, incorrect handling of error responses to proxied upgrade requests in the kube-apiserver allowed specially crafted requests to establish a connection through the Kubernetes API server to backend servers, then send arbitrary requests over the same connection directly to the backend, authenticated with the Kubernetes API server\u0027s TLS credentials used to establish the backend connection.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:kubernetes-apiserver-1.22.2-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-apiserver-1.22.2-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-apiserver-1.22.2-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-apiserver-1.22.2-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-apiserver-minus1-1.21.5-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-apiserver-minus1-1.21.5-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-apiserver-minus1-1.21.5-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-apiserver-minus1-1.21.5-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-client-1.22.2-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-client-1.22.2-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-client-1.22.2-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-client-1.22.2-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-controller-manager-1.22.2-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-controller-manager-1.22.2-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-controller-manager-1.22.2-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-controller-manager-1.22.2-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-controller-manager-minus1-1.21.5-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-controller-manager-minus1-1.21.5-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-controller-manager-minus1-1.21.5-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-controller-manager-minus1-1.21.5-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-coredns-1.8.4-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-coredns-1.8.4-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-coredns-1.8.4-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-coredns-1.8.4-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-coredns-minus1-1.8.0-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-coredns-minus1-1.8.0-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-coredns-minus1-1.8.0-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-coredns-minus1-1.8.0-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-etcd-3.5.0-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-etcd-3.5.0-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-etcd-3.5.0-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-etcd-3.5.0-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-etcd-minus1-3.4.13-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-etcd-minus1-3.4.13-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-etcd-minus1-3.4.13-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-etcd-minus1-3.4.13-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-kubeadm-1.22.2-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-kubeadm-1.22.2-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-kubeadm-1.22.2-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-kubeadm-1.22.2-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-kubelet-1.22.2-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-kubelet-1.22.2-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-kubelet-1.22.2-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-kubelet-1.22.2-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-proxy-1.22.2-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-proxy-1.22.2-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-proxy-1.22.2-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-proxy-1.22.2-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-proxy-minus1-1.21.5-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-proxy-minus1-1.21.5-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-proxy-minus1-1.21.5-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-proxy-minus1-1.21.5-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-scheduler-1.22.2-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-scheduler-1.22.2-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-scheduler-1.22.2-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-scheduler-1.22.2-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-scheduler-minus1-1.21.5-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-scheduler-minus1-1.21.5-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-scheduler-minus1-1.21.5-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-scheduler-minus1-1.21.5-21.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-1002105",
"url": "https://www.suse.com/security/cve/CVE-2018-1002105"
},
{
"category": "external",
"summary": "SUSE Bug 1118198 for CVE-2018-1002105",
"url": "https://bugzilla.suse.com/1118198"
},
{
"category": "external",
"summary": "SUSE Bug 1118260 for CVE-2018-1002105",
"url": "https://bugzilla.suse.com/1118260"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:kubernetes-apiserver-1.22.2-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-apiserver-1.22.2-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-apiserver-1.22.2-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-apiserver-1.22.2-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-apiserver-minus1-1.21.5-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-apiserver-minus1-1.21.5-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-apiserver-minus1-1.21.5-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-apiserver-minus1-1.21.5-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-client-1.22.2-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-client-1.22.2-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-client-1.22.2-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-client-1.22.2-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-controller-manager-1.22.2-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-controller-manager-1.22.2-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-controller-manager-1.22.2-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-controller-manager-1.22.2-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-controller-manager-minus1-1.21.5-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-controller-manager-minus1-1.21.5-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-controller-manager-minus1-1.21.5-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-controller-manager-minus1-1.21.5-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-coredns-1.8.4-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-coredns-1.8.4-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-coredns-1.8.4-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-coredns-1.8.4-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-coredns-minus1-1.8.0-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-coredns-minus1-1.8.0-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-coredns-minus1-1.8.0-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-coredns-minus1-1.8.0-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-etcd-3.5.0-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-etcd-3.5.0-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-etcd-3.5.0-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-etcd-3.5.0-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-etcd-minus1-3.4.13-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-etcd-minus1-3.4.13-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-etcd-minus1-3.4.13-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-etcd-minus1-3.4.13-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-kubeadm-1.22.2-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-kubeadm-1.22.2-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-kubeadm-1.22.2-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-kubeadm-1.22.2-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-kubelet-1.22.2-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-kubelet-1.22.2-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-kubelet-1.22.2-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-kubelet-1.22.2-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-proxy-1.22.2-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-proxy-1.22.2-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-proxy-1.22.2-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-proxy-1.22.2-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-proxy-minus1-1.21.5-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-proxy-minus1-1.21.5-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-proxy-minus1-1.21.5-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-proxy-minus1-1.21.5-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-scheduler-1.22.2-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-scheduler-1.22.2-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-scheduler-1.22.2-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-scheduler-1.22.2-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-scheduler-minus1-1.21.5-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-scheduler-minus1-1.21.5-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-scheduler-minus1-1.21.5-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-scheduler-minus1-1.21.5-21.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:kubernetes-apiserver-1.22.2-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-apiserver-1.22.2-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-apiserver-1.22.2-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-apiserver-1.22.2-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-apiserver-minus1-1.21.5-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-apiserver-minus1-1.21.5-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-apiserver-minus1-1.21.5-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-apiserver-minus1-1.21.5-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-client-1.22.2-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-client-1.22.2-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-client-1.22.2-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-client-1.22.2-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-controller-manager-1.22.2-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-controller-manager-1.22.2-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-controller-manager-1.22.2-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-controller-manager-1.22.2-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-controller-manager-minus1-1.21.5-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-controller-manager-minus1-1.21.5-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-controller-manager-minus1-1.21.5-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-controller-manager-minus1-1.21.5-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-coredns-1.8.4-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-coredns-1.8.4-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-coredns-1.8.4-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-coredns-1.8.4-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-coredns-minus1-1.8.0-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-coredns-minus1-1.8.0-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-coredns-minus1-1.8.0-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-coredns-minus1-1.8.0-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-etcd-3.5.0-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-etcd-3.5.0-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-etcd-3.5.0-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-etcd-3.5.0-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-etcd-minus1-3.4.13-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-etcd-minus1-3.4.13-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-etcd-minus1-3.4.13-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-etcd-minus1-3.4.13-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-kubeadm-1.22.2-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-kubeadm-1.22.2-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-kubeadm-1.22.2-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-kubeadm-1.22.2-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-kubelet-1.22.2-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-kubelet-1.22.2-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-kubelet-1.22.2-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-kubelet-1.22.2-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-proxy-1.22.2-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-proxy-1.22.2-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-proxy-1.22.2-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-proxy-1.22.2-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-proxy-minus1-1.21.5-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-proxy-minus1-1.21.5-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-proxy-minus1-1.21.5-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-proxy-minus1-1.21.5-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-scheduler-1.22.2-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-scheduler-1.22.2-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-scheduler-1.22.2-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-scheduler-1.22.2-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-scheduler-minus1-1.21.5-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-scheduler-minus1-1.21.5-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-scheduler-minus1-1.21.5-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-scheduler-minus1-1.21.5-21.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2018-1002105"
},
{
"cve": "CVE-2019-11247",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-11247"
}
],
"notes": [
{
"category": "general",
"text": "The Kubernetes kube-apiserver mistakenly allows access to a cluster-scoped custom resource if the request is made as if the resource were namespaced. Authorizations for the resource accessed in this manner are enforced using roles and role bindings within the namespace, meaning that a user with access only to a resource in one namespace could create, view update or delete the cluster-scoped resource (according to their namespace role privileges). Kubernetes affected versions include versions prior to 1.13.9, versions prior to 1.14.5, versions prior to 1.15.2, and versions 1.7, 1.8, 1.9, 1.10, 1.11, 1.12.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:kubernetes-apiserver-1.22.2-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-apiserver-1.22.2-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-apiserver-1.22.2-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-apiserver-1.22.2-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-apiserver-minus1-1.21.5-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-apiserver-minus1-1.21.5-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-apiserver-minus1-1.21.5-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-apiserver-minus1-1.21.5-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-client-1.22.2-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-client-1.22.2-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-client-1.22.2-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-client-1.22.2-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-controller-manager-1.22.2-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-controller-manager-1.22.2-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-controller-manager-1.22.2-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-controller-manager-1.22.2-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-controller-manager-minus1-1.21.5-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-controller-manager-minus1-1.21.5-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-controller-manager-minus1-1.21.5-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-controller-manager-minus1-1.21.5-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-coredns-1.8.4-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-coredns-1.8.4-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-coredns-1.8.4-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-coredns-1.8.4-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-coredns-minus1-1.8.0-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-coredns-minus1-1.8.0-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-coredns-minus1-1.8.0-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-coredns-minus1-1.8.0-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-etcd-3.5.0-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-etcd-3.5.0-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-etcd-3.5.0-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-etcd-3.5.0-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-etcd-minus1-3.4.13-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-etcd-minus1-3.4.13-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-etcd-minus1-3.4.13-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-etcd-minus1-3.4.13-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-kubeadm-1.22.2-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-kubeadm-1.22.2-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-kubeadm-1.22.2-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-kubeadm-1.22.2-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-kubelet-1.22.2-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-kubelet-1.22.2-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-kubelet-1.22.2-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-kubelet-1.22.2-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-proxy-1.22.2-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-proxy-1.22.2-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-proxy-1.22.2-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-proxy-1.22.2-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-proxy-minus1-1.21.5-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-proxy-minus1-1.21.5-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-proxy-minus1-1.21.5-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-proxy-minus1-1.21.5-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-scheduler-1.22.2-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-scheduler-1.22.2-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-scheduler-1.22.2-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-scheduler-1.22.2-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-scheduler-minus1-1.21.5-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-scheduler-minus1-1.21.5-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-scheduler-minus1-1.21.5-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-scheduler-minus1-1.21.5-21.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-11247",
"url": "https://www.suse.com/security/cve/CVE-2019-11247"
},
{
"category": "external",
"summary": "SUSE Bug 1142423 for CVE-2019-11247",
"url": "https://bugzilla.suse.com/1142423"
},
{
"category": "external",
"summary": "SUSE Bug 1142434 for CVE-2019-11247",
"url": "https://bugzilla.suse.com/1142434"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:kubernetes-apiserver-1.22.2-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-apiserver-1.22.2-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-apiserver-1.22.2-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-apiserver-1.22.2-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-apiserver-minus1-1.21.5-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-apiserver-minus1-1.21.5-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-apiserver-minus1-1.21.5-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-apiserver-minus1-1.21.5-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-client-1.22.2-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-client-1.22.2-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-client-1.22.2-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-client-1.22.2-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-controller-manager-1.22.2-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-controller-manager-1.22.2-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-controller-manager-1.22.2-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-controller-manager-1.22.2-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-controller-manager-minus1-1.21.5-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-controller-manager-minus1-1.21.5-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-controller-manager-minus1-1.21.5-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-controller-manager-minus1-1.21.5-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-coredns-1.8.4-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-coredns-1.8.4-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-coredns-1.8.4-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-coredns-1.8.4-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-coredns-minus1-1.8.0-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-coredns-minus1-1.8.0-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-coredns-minus1-1.8.0-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-coredns-minus1-1.8.0-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-etcd-3.5.0-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-etcd-3.5.0-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-etcd-3.5.0-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-etcd-3.5.0-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-etcd-minus1-3.4.13-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-etcd-minus1-3.4.13-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-etcd-minus1-3.4.13-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-etcd-minus1-3.4.13-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-kubeadm-1.22.2-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-kubeadm-1.22.2-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-kubeadm-1.22.2-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-kubeadm-1.22.2-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-kubelet-1.22.2-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-kubelet-1.22.2-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-kubelet-1.22.2-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-kubelet-1.22.2-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-proxy-1.22.2-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-proxy-1.22.2-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-proxy-1.22.2-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-proxy-1.22.2-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-proxy-minus1-1.21.5-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-proxy-minus1-1.21.5-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-proxy-minus1-1.21.5-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-proxy-minus1-1.21.5-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-scheduler-1.22.2-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-scheduler-1.22.2-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-scheduler-1.22.2-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-scheduler-1.22.2-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-scheduler-minus1-1.21.5-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-scheduler-minus1-1.21.5-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-scheduler-minus1-1.21.5-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-scheduler-minus1-1.21.5-21.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:kubernetes-apiserver-1.22.2-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-apiserver-1.22.2-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-apiserver-1.22.2-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-apiserver-1.22.2-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-apiserver-minus1-1.21.5-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-apiserver-minus1-1.21.5-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-apiserver-minus1-1.21.5-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-apiserver-minus1-1.21.5-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-client-1.22.2-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-client-1.22.2-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-client-1.22.2-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-client-1.22.2-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-controller-manager-1.22.2-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-controller-manager-1.22.2-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-controller-manager-1.22.2-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-controller-manager-1.22.2-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-controller-manager-minus1-1.21.5-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-controller-manager-minus1-1.21.5-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-controller-manager-minus1-1.21.5-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-controller-manager-minus1-1.21.5-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-coredns-1.8.4-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-coredns-1.8.4-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-coredns-1.8.4-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-coredns-1.8.4-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-coredns-minus1-1.8.0-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-coredns-minus1-1.8.0-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-coredns-minus1-1.8.0-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-coredns-minus1-1.8.0-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-etcd-3.5.0-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-etcd-3.5.0-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-etcd-3.5.0-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-etcd-3.5.0-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-etcd-minus1-3.4.13-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-etcd-minus1-3.4.13-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-etcd-minus1-3.4.13-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-etcd-minus1-3.4.13-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-kubeadm-1.22.2-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-kubeadm-1.22.2-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-kubeadm-1.22.2-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-kubeadm-1.22.2-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-kubelet-1.22.2-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-kubelet-1.22.2-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-kubelet-1.22.2-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-kubelet-1.22.2-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-proxy-1.22.2-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-proxy-1.22.2-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-proxy-1.22.2-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-proxy-1.22.2-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-proxy-minus1-1.21.5-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-proxy-minus1-1.21.5-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-proxy-minus1-1.21.5-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-proxy-minus1-1.21.5-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-scheduler-1.22.2-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-scheduler-1.22.2-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-scheduler-1.22.2-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-scheduler-1.22.2-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-scheduler-minus1-1.21.5-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-scheduler-minus1-1.21.5-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-scheduler-minus1-1.21.5-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-scheduler-minus1-1.21.5-21.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2019-11247"
},
{
"cve": "CVE-2019-11249",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-11249"
}
],
"notes": [
{
"category": "general",
"text": "The kubectl cp command allows copying files between containers and the user machine. To copy files from a container, Kubernetes runs tar inside the container to create a tar archive, copies it over the network, and kubectl unpacks it on the user\u0027s machine. If the tar binary in the container is malicious, it could run any code and output unexpected, malicious results. An attacker could use this to write files to any path on the user\u0027s machine when kubectl cp is called, limited only by the system permissions of the local user. Kubernetes affected versions include versions prior to 1.13.9, versions prior to 1.14.5, versions prior to 1.15.2, and versions 1.1, 1.2, 1.4, 1.4, 1.5, 1.6, 1.7, 1.8, 1.9, 1.10, 1.11, 1.12.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:kubernetes-apiserver-1.22.2-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-apiserver-1.22.2-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-apiserver-1.22.2-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-apiserver-1.22.2-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-apiserver-minus1-1.21.5-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-apiserver-minus1-1.21.5-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-apiserver-minus1-1.21.5-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-apiserver-minus1-1.21.5-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-client-1.22.2-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-client-1.22.2-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-client-1.22.2-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-client-1.22.2-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-controller-manager-1.22.2-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-controller-manager-1.22.2-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-controller-manager-1.22.2-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-controller-manager-1.22.2-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-controller-manager-minus1-1.21.5-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-controller-manager-minus1-1.21.5-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-controller-manager-minus1-1.21.5-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-controller-manager-minus1-1.21.5-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-coredns-1.8.4-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-coredns-1.8.4-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-coredns-1.8.4-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-coredns-1.8.4-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-coredns-minus1-1.8.0-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-coredns-minus1-1.8.0-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-coredns-minus1-1.8.0-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-coredns-minus1-1.8.0-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-etcd-3.5.0-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-etcd-3.5.0-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-etcd-3.5.0-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-etcd-3.5.0-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-etcd-minus1-3.4.13-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-etcd-minus1-3.4.13-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-etcd-minus1-3.4.13-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-etcd-minus1-3.4.13-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-kubeadm-1.22.2-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-kubeadm-1.22.2-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-kubeadm-1.22.2-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-kubeadm-1.22.2-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-kubelet-1.22.2-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-kubelet-1.22.2-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-kubelet-1.22.2-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-kubelet-1.22.2-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-proxy-1.22.2-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-proxy-1.22.2-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-proxy-1.22.2-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-proxy-1.22.2-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-proxy-minus1-1.21.5-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-proxy-minus1-1.21.5-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-proxy-minus1-1.21.5-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-proxy-minus1-1.21.5-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-scheduler-1.22.2-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-scheduler-1.22.2-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-scheduler-1.22.2-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-scheduler-1.22.2-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-scheduler-minus1-1.21.5-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-scheduler-minus1-1.21.5-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-scheduler-minus1-1.21.5-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-scheduler-minus1-1.21.5-21.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-11249",
"url": "https://www.suse.com/security/cve/CVE-2019-11249"
},
{
"category": "external",
"summary": "SUSE Bug 1144507 for CVE-2019-11249",
"url": "https://bugzilla.suse.com/1144507"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:kubernetes-apiserver-1.22.2-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-apiserver-1.22.2-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-apiserver-1.22.2-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-apiserver-1.22.2-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-apiserver-minus1-1.21.5-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-apiserver-minus1-1.21.5-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-apiserver-minus1-1.21.5-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-apiserver-minus1-1.21.5-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-client-1.22.2-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-client-1.22.2-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-client-1.22.2-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-client-1.22.2-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-controller-manager-1.22.2-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-controller-manager-1.22.2-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-controller-manager-1.22.2-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-controller-manager-1.22.2-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-controller-manager-minus1-1.21.5-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-controller-manager-minus1-1.21.5-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-controller-manager-minus1-1.21.5-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-controller-manager-minus1-1.21.5-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-coredns-1.8.4-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-coredns-1.8.4-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-coredns-1.8.4-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-coredns-1.8.4-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-coredns-minus1-1.8.0-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-coredns-minus1-1.8.0-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-coredns-minus1-1.8.0-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-coredns-minus1-1.8.0-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-etcd-3.5.0-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-etcd-3.5.0-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-etcd-3.5.0-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-etcd-3.5.0-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-etcd-minus1-3.4.13-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-etcd-minus1-3.4.13-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-etcd-minus1-3.4.13-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-etcd-minus1-3.4.13-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-kubeadm-1.22.2-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-kubeadm-1.22.2-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-kubeadm-1.22.2-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-kubeadm-1.22.2-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-kubelet-1.22.2-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-kubelet-1.22.2-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-kubelet-1.22.2-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-kubelet-1.22.2-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-proxy-1.22.2-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-proxy-1.22.2-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-proxy-1.22.2-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-proxy-1.22.2-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-proxy-minus1-1.21.5-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-proxy-minus1-1.21.5-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-proxy-minus1-1.21.5-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-proxy-minus1-1.21.5-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-scheduler-1.22.2-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-scheduler-1.22.2-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-scheduler-1.22.2-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-scheduler-1.22.2-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-scheduler-minus1-1.21.5-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-scheduler-minus1-1.21.5-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-scheduler-minus1-1.21.5-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-scheduler-minus1-1.21.5-21.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:H/A:N",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:kubernetes-apiserver-1.22.2-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-apiserver-1.22.2-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-apiserver-1.22.2-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-apiserver-1.22.2-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-apiserver-minus1-1.21.5-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-apiserver-minus1-1.21.5-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-apiserver-minus1-1.21.5-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-apiserver-minus1-1.21.5-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-client-1.22.2-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-client-1.22.2-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-client-1.22.2-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-client-1.22.2-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-controller-manager-1.22.2-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-controller-manager-1.22.2-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-controller-manager-1.22.2-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-controller-manager-1.22.2-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-controller-manager-minus1-1.21.5-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-controller-manager-minus1-1.21.5-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-controller-manager-minus1-1.21.5-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-controller-manager-minus1-1.21.5-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-coredns-1.8.4-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-coredns-1.8.4-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-coredns-1.8.4-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-coredns-1.8.4-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-coredns-minus1-1.8.0-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-coredns-minus1-1.8.0-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-coredns-minus1-1.8.0-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-coredns-minus1-1.8.0-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-etcd-3.5.0-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-etcd-3.5.0-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-etcd-3.5.0-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-etcd-3.5.0-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-etcd-minus1-3.4.13-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-etcd-minus1-3.4.13-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-etcd-minus1-3.4.13-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-etcd-minus1-3.4.13-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-kubeadm-1.22.2-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-kubeadm-1.22.2-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-kubeadm-1.22.2-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-kubeadm-1.22.2-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-kubelet-1.22.2-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-kubelet-1.22.2-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-kubelet-1.22.2-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-kubelet-1.22.2-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-proxy-1.22.2-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-proxy-1.22.2-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-proxy-1.22.2-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-proxy-1.22.2-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-proxy-minus1-1.21.5-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-proxy-minus1-1.21.5-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-proxy-minus1-1.21.5-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-proxy-minus1-1.21.5-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-scheduler-1.22.2-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-scheduler-1.22.2-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-scheduler-1.22.2-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-scheduler-1.22.2-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-scheduler-minus1-1.21.5-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-scheduler-minus1-1.21.5-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-scheduler-minus1-1.21.5-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-scheduler-minus1-1.21.5-21.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2019-11249"
},
{
"cve": "CVE-2019-11253",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-11253"
}
],
"notes": [
{
"category": "general",
"text": "Improper input validation in the Kubernetes API server in versions v1.0-1.12 and versions prior to v1.13.12, v1.14.8, v1.15.5, and v1.16.2 allows authorized users to send malicious YAML or JSON payloads, causing the API server to consume excessive CPU or memory, potentially crashing and becoming unavailable. Prior to v1.14.0, default RBAC policy authorized anonymous users to submit requests that could trigger this vulnerability. Clusters upgraded from a version prior to v1.14.0 keep the more permissive policy by default for backwards compatibility.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:kubernetes-apiserver-1.22.2-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-apiserver-1.22.2-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-apiserver-1.22.2-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-apiserver-1.22.2-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-apiserver-minus1-1.21.5-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-apiserver-minus1-1.21.5-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-apiserver-minus1-1.21.5-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-apiserver-minus1-1.21.5-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-client-1.22.2-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-client-1.22.2-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-client-1.22.2-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-client-1.22.2-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-controller-manager-1.22.2-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-controller-manager-1.22.2-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-controller-manager-1.22.2-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-controller-manager-1.22.2-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-controller-manager-minus1-1.21.5-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-controller-manager-minus1-1.21.5-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-controller-manager-minus1-1.21.5-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-controller-manager-minus1-1.21.5-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-coredns-1.8.4-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-coredns-1.8.4-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-coredns-1.8.4-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-coredns-1.8.4-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-coredns-minus1-1.8.0-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-coredns-minus1-1.8.0-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-coredns-minus1-1.8.0-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-coredns-minus1-1.8.0-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-etcd-3.5.0-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-etcd-3.5.0-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-etcd-3.5.0-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-etcd-3.5.0-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-etcd-minus1-3.4.13-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-etcd-minus1-3.4.13-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-etcd-minus1-3.4.13-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-etcd-minus1-3.4.13-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-kubeadm-1.22.2-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-kubeadm-1.22.2-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-kubeadm-1.22.2-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-kubeadm-1.22.2-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-kubelet-1.22.2-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-kubelet-1.22.2-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-kubelet-1.22.2-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-kubelet-1.22.2-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-proxy-1.22.2-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-proxy-1.22.2-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-proxy-1.22.2-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-proxy-1.22.2-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-proxy-minus1-1.21.5-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-proxy-minus1-1.21.5-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-proxy-minus1-1.21.5-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-proxy-minus1-1.21.5-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-scheduler-1.22.2-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-scheduler-1.22.2-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-scheduler-1.22.2-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-scheduler-1.22.2-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-scheduler-minus1-1.21.5-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-scheduler-minus1-1.21.5-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-scheduler-minus1-1.21.5-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-scheduler-minus1-1.21.5-21.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-11253",
"url": "https://www.suse.com/security/cve/CVE-2019-11253"
},
{
"category": "external",
"summary": "SUSE Bug 1152861 for CVE-2019-11253",
"url": "https://bugzilla.suse.com/1152861"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:kubernetes-apiserver-1.22.2-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-apiserver-1.22.2-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-apiserver-1.22.2-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-apiserver-1.22.2-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-apiserver-minus1-1.21.5-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-apiserver-minus1-1.21.5-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-apiserver-minus1-1.21.5-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-apiserver-minus1-1.21.5-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-client-1.22.2-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-client-1.22.2-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-client-1.22.2-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-client-1.22.2-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-controller-manager-1.22.2-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-controller-manager-1.22.2-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-controller-manager-1.22.2-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-controller-manager-1.22.2-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-controller-manager-minus1-1.21.5-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-controller-manager-minus1-1.21.5-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-controller-manager-minus1-1.21.5-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-controller-manager-minus1-1.21.5-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-coredns-1.8.4-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-coredns-1.8.4-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-coredns-1.8.4-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-coredns-1.8.4-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-coredns-minus1-1.8.0-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-coredns-minus1-1.8.0-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-coredns-minus1-1.8.0-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-coredns-minus1-1.8.0-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-etcd-3.5.0-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-etcd-3.5.0-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-etcd-3.5.0-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-etcd-3.5.0-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-etcd-minus1-3.4.13-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-etcd-minus1-3.4.13-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-etcd-minus1-3.4.13-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-etcd-minus1-3.4.13-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-kubeadm-1.22.2-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-kubeadm-1.22.2-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-kubeadm-1.22.2-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-kubeadm-1.22.2-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-kubelet-1.22.2-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-kubelet-1.22.2-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-kubelet-1.22.2-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-kubelet-1.22.2-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-proxy-1.22.2-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-proxy-1.22.2-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-proxy-1.22.2-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-proxy-1.22.2-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-proxy-minus1-1.21.5-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-proxy-minus1-1.21.5-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-proxy-minus1-1.21.5-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-proxy-minus1-1.21.5-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-scheduler-1.22.2-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-scheduler-1.22.2-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-scheduler-1.22.2-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-scheduler-1.22.2-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-scheduler-minus1-1.21.5-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-scheduler-minus1-1.21.5-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-scheduler-minus1-1.21.5-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-scheduler-minus1-1.21.5-21.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:kubernetes-apiserver-1.22.2-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-apiserver-1.22.2-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-apiserver-1.22.2-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-apiserver-1.22.2-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-apiserver-minus1-1.21.5-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-apiserver-minus1-1.21.5-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-apiserver-minus1-1.21.5-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-apiserver-minus1-1.21.5-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-client-1.22.2-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-client-1.22.2-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-client-1.22.2-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-client-1.22.2-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-controller-manager-1.22.2-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-controller-manager-1.22.2-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-controller-manager-1.22.2-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-controller-manager-1.22.2-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-controller-manager-minus1-1.21.5-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-controller-manager-minus1-1.21.5-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-controller-manager-minus1-1.21.5-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-controller-manager-minus1-1.21.5-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-coredns-1.8.4-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-coredns-1.8.4-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-coredns-1.8.4-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-coredns-1.8.4-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-coredns-minus1-1.8.0-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-coredns-minus1-1.8.0-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-coredns-minus1-1.8.0-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-coredns-minus1-1.8.0-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-etcd-3.5.0-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-etcd-3.5.0-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-etcd-3.5.0-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-etcd-3.5.0-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-etcd-minus1-3.4.13-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-etcd-minus1-3.4.13-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-etcd-minus1-3.4.13-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-etcd-minus1-3.4.13-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-kubeadm-1.22.2-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-kubeadm-1.22.2-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-kubeadm-1.22.2-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-kubeadm-1.22.2-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-kubelet-1.22.2-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-kubelet-1.22.2-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-kubelet-1.22.2-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-kubelet-1.22.2-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-proxy-1.22.2-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-proxy-1.22.2-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-proxy-1.22.2-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-proxy-1.22.2-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-proxy-minus1-1.21.5-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-proxy-minus1-1.21.5-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-proxy-minus1-1.21.5-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-proxy-minus1-1.21.5-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-scheduler-1.22.2-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-scheduler-1.22.2-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-scheduler-1.22.2-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-scheduler-1.22.2-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-scheduler-minus1-1.21.5-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-scheduler-minus1-1.21.5-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-scheduler-minus1-1.21.5-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-scheduler-minus1-1.21.5-21.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2019-11253"
},
{
"cve": "CVE-2019-9512",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-9512"
}
],
"notes": [
{
"category": "general",
"text": "Some HTTP/2 implementations are vulnerable to ping floods, potentially leading to a denial of service. The attacker sends continual pings to an HTTP/2 peer, causing the peer to build an internal queue of responses. Depending on how efficiently this data is queued, this can consume excess CPU, memory, or both.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:kubernetes-apiserver-1.22.2-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-apiserver-1.22.2-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-apiserver-1.22.2-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-apiserver-1.22.2-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-apiserver-minus1-1.21.5-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-apiserver-minus1-1.21.5-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-apiserver-minus1-1.21.5-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-apiserver-minus1-1.21.5-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-client-1.22.2-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-client-1.22.2-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-client-1.22.2-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-client-1.22.2-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-controller-manager-1.22.2-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-controller-manager-1.22.2-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-controller-manager-1.22.2-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-controller-manager-1.22.2-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-controller-manager-minus1-1.21.5-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-controller-manager-minus1-1.21.5-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-controller-manager-minus1-1.21.5-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-controller-manager-minus1-1.21.5-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-coredns-1.8.4-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-coredns-1.8.4-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-coredns-1.8.4-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-coredns-1.8.4-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-coredns-minus1-1.8.0-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-coredns-minus1-1.8.0-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-coredns-minus1-1.8.0-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-coredns-minus1-1.8.0-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-etcd-3.5.0-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-etcd-3.5.0-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-etcd-3.5.0-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-etcd-3.5.0-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-etcd-minus1-3.4.13-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-etcd-minus1-3.4.13-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-etcd-minus1-3.4.13-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-etcd-minus1-3.4.13-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-kubeadm-1.22.2-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-kubeadm-1.22.2-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-kubeadm-1.22.2-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-kubeadm-1.22.2-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-kubelet-1.22.2-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-kubelet-1.22.2-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-kubelet-1.22.2-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-kubelet-1.22.2-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-proxy-1.22.2-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-proxy-1.22.2-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-proxy-1.22.2-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-proxy-1.22.2-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-proxy-minus1-1.21.5-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-proxy-minus1-1.21.5-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-proxy-minus1-1.21.5-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-proxy-minus1-1.21.5-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-scheduler-1.22.2-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-scheduler-1.22.2-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-scheduler-1.22.2-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-scheduler-1.22.2-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-scheduler-minus1-1.21.5-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-scheduler-minus1-1.21.5-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-scheduler-minus1-1.21.5-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-scheduler-minus1-1.21.5-21.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-9512",
"url": "https://www.suse.com/security/cve/CVE-2019-9512"
},
{
"category": "external",
"summary": "SUSE Bug 1145663 for CVE-2019-9512",
"url": "https://bugzilla.suse.com/1145663"
},
{
"category": "external",
"summary": "SUSE Bug 1146099 for CVE-2019-9512",
"url": "https://bugzilla.suse.com/1146099"
},
{
"category": "external",
"summary": "SUSE Bug 1146111 for CVE-2019-9512",
"url": "https://bugzilla.suse.com/1146111"
},
{
"category": "external",
"summary": "SUSE Bug 1147142 for CVE-2019-9512",
"url": "https://bugzilla.suse.com/1147142"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:kubernetes-apiserver-1.22.2-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-apiserver-1.22.2-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-apiserver-1.22.2-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-apiserver-1.22.2-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-apiserver-minus1-1.21.5-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-apiserver-minus1-1.21.5-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-apiserver-minus1-1.21.5-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-apiserver-minus1-1.21.5-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-client-1.22.2-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-client-1.22.2-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-client-1.22.2-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-client-1.22.2-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-controller-manager-1.22.2-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-controller-manager-1.22.2-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-controller-manager-1.22.2-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-controller-manager-1.22.2-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-controller-manager-minus1-1.21.5-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-controller-manager-minus1-1.21.5-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-controller-manager-minus1-1.21.5-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-controller-manager-minus1-1.21.5-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-coredns-1.8.4-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-coredns-1.8.4-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-coredns-1.8.4-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-coredns-1.8.4-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-coredns-minus1-1.8.0-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-coredns-minus1-1.8.0-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-coredns-minus1-1.8.0-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-coredns-minus1-1.8.0-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-etcd-3.5.0-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-etcd-3.5.0-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-etcd-3.5.0-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-etcd-3.5.0-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-etcd-minus1-3.4.13-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-etcd-minus1-3.4.13-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-etcd-minus1-3.4.13-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-etcd-minus1-3.4.13-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-kubeadm-1.22.2-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-kubeadm-1.22.2-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-kubeadm-1.22.2-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-kubeadm-1.22.2-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-kubelet-1.22.2-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-kubelet-1.22.2-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-kubelet-1.22.2-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-kubelet-1.22.2-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-proxy-1.22.2-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-proxy-1.22.2-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-proxy-1.22.2-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-proxy-1.22.2-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-proxy-minus1-1.21.5-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-proxy-minus1-1.21.5-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-proxy-minus1-1.21.5-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-proxy-minus1-1.21.5-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-scheduler-1.22.2-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-scheduler-1.22.2-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-scheduler-1.22.2-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-scheduler-1.22.2-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-scheduler-minus1-1.21.5-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-scheduler-minus1-1.21.5-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-scheduler-minus1-1.21.5-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-scheduler-minus1-1.21.5-21.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:kubernetes-apiserver-1.22.2-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-apiserver-1.22.2-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-apiserver-1.22.2-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-apiserver-1.22.2-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-apiserver-minus1-1.21.5-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-apiserver-minus1-1.21.5-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-apiserver-minus1-1.21.5-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-apiserver-minus1-1.21.5-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-client-1.22.2-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-client-1.22.2-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-client-1.22.2-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-client-1.22.2-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-controller-manager-1.22.2-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-controller-manager-1.22.2-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-controller-manager-1.22.2-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-controller-manager-1.22.2-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-controller-manager-minus1-1.21.5-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-controller-manager-minus1-1.21.5-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-controller-manager-minus1-1.21.5-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-controller-manager-minus1-1.21.5-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-coredns-1.8.4-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-coredns-1.8.4-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-coredns-1.8.4-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-coredns-1.8.4-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-coredns-minus1-1.8.0-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-coredns-minus1-1.8.0-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-coredns-minus1-1.8.0-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-coredns-minus1-1.8.0-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-etcd-3.5.0-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-etcd-3.5.0-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-etcd-3.5.0-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-etcd-3.5.0-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-etcd-minus1-3.4.13-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-etcd-minus1-3.4.13-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-etcd-minus1-3.4.13-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-etcd-minus1-3.4.13-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-kubeadm-1.22.2-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-kubeadm-1.22.2-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-kubeadm-1.22.2-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-kubeadm-1.22.2-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-kubelet-1.22.2-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-kubelet-1.22.2-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-kubelet-1.22.2-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-kubelet-1.22.2-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-proxy-1.22.2-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-proxy-1.22.2-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-proxy-1.22.2-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-proxy-1.22.2-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-proxy-minus1-1.21.5-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-proxy-minus1-1.21.5-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-proxy-minus1-1.21.5-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-proxy-minus1-1.21.5-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-scheduler-1.22.2-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-scheduler-1.22.2-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-scheduler-1.22.2-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-scheduler-1.22.2-21.2.x86_64",
"openSUSE Tumbleweed:kubernetes-scheduler-minus1-1.21.5-21.2.aarch64",
"openSUSE Tumbleweed:kubernetes-scheduler-minus1-1.21.5-21.2.ppc64le",
"openSUSE Tumbleweed:kubernetes-scheduler-minus1-1.21.5-21.2.s390x",
"openSUSE Tumbleweed:kubernetes-scheduler-minus1-1.21.5-21.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2019-9512"
}
]
}
RHBA-2019:2794
Vulnerability from csaf_redhat - Published: 2019-09-20 15:24 - Updated: 2026-02-20 19:38Summary
Red Hat Bug Fix Advisory: OpenShift Container Platform 4.1.16 packages update
Severity
Moderate
Notes
Topic: Red Hat OpenShift Container Platform release 4.1.16 is now available with
updates to packages and images that fix several bugs.
Details: Red Hat OpenShift Container Platform is Red Hat's cloud computing
Kubernetes application platform solution designed for on-premise or private
cloud deployments.
This advisory contains the RPM packages for Red Hat
OpenShift Container Platform 4.1.16. See the following advisory for the
container images for this release:
https://access.redhat.com/errata/RHBA-2019:2768
All OpenShift Container Platform 4.1 users are advised to upgrade to these
updated packages and images.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
The kubectl cp command allows copying files between containers and the user machine. To copy files from a container, Kubernetes runs tar inside the container to create a tar archive, copies it over the network, and kubectl unpacks it on the user’s machine. If the tar binary in the container is malicious, it could run any code and output unexpected, malicious results. An attacker could use this to write files to any path on the user’s machine when kubectl cp is called, limited only by the system permissions of the local user. Kubernetes affected versions include versions prior to 1.13.9, versions prior to 1.14.5, versions prior to 1.15.2, and versions 1.1, 1.2, 1.4, 1.4, 1.5, 1.6, 1.7, 1.8, 1.9, 1.10, 1.11, 1.12.
4.8 (Medium)
Affected products
Fixed
15 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 7Server-RH7-RHOSE-4.1:atomic-enterprise-service-catalog-1:4.1.16-201909090609.git.1.cc4acc1.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-4.1:atomic-enterprise-service-catalog-1:4.1.16-201909090609.git.1.cc4acc1.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-4.1:atomic-enterprise-service-catalog-svcat-1:4.1.16-201909090609.git.1.cc4acc1.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-4.1:jenkins-2-plugins-0:4.1.1567784275-1.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-4.1:jenkins-2-plugins-0:4.1.1567784275-1.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-4.1:openshift-0:4.1.16-201909090609.git.0.2f97059.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-4.1:openshift-ansible-0:4.1.16-201909090609.git.162.a0800db.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-4.1:openshift-ansible-0:4.1.16-201909090609.git.162.a0800db.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-4.1:openshift-clients-0:4.1.16-201909090609.git.0.2f97059.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-4.1:openshift-clients-redistributable-0:4.1.16-201909090609.git.0.2f97059.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-4.1:openshift-hyperkube-0:4.1.16-201909090609.git.0.2f97059.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.1:openshift-0:4.1.16-201909090609.git.0.2f97059.el8.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.1:openshift-clients-0:4.1.16-201909090609.git.0.2f97059.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.1:openshift-clients-redistributable-0:4.1.16-201909090609.git.0.2f97059.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.1:openshift-hyperkube-0:4.1.16-201909090609.git.0.2f97059.el8.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
References
8 references
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Red Hat OpenShift Container Platform release 4.1.16 is now available with\nupdates to packages and images that fix several bugs.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat OpenShift Container Platform is Red Hat\u0027s cloud computing\nKubernetes application platform solution designed for on-premise or private\ncloud deployments.\n\nThis advisory contains the RPM packages for Red Hat\nOpenShift Container Platform 4.1.16. See the following advisory for the\ncontainer images for this release:\n\nhttps://access.redhat.com/errata/RHBA-2019:2768\n\nAll OpenShift Container Platform 4.1 users are advised to upgrade to these\nupdated packages and images.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHBA-2019:2794",
"url": "https://access.redhat.com/errata/RHBA-2019:2794"
},
{
"category": "external",
"summary": "1749938",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1749938"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2019/rhba-2019_2794.json"
}
],
"title": "Red Hat Bug Fix Advisory: OpenShift Container Platform 4.1.16 packages update",
"tracking": {
"current_release_date": "2026-02-20T19:38:57+00:00",
"generator": {
"date": "2026-02-20T19:38:57+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.7.1"
}
},
"id": "RHBA-2019:2794",
"initial_release_date": "2019-09-20T15:24:10+00:00",
"revision_history": [
{
"date": "2019-09-20T15:24:10+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2019-09-20T15:24:10+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-02-20T19:38:57+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat OpenShift Container Platform 4.1",
"product": {
"name": "Red Hat OpenShift Container Platform 4.1",
"product_id": "7Server-RH7-RHOSE-4.1",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift:4.1::el7"
}
}
},
{
"category": "product_name",
"name": "Red Hat OpenShift Container Platform 4.1",
"product": {
"name": "Red Hat OpenShift Container Platform 4.1",
"product_id": "8Base-RHOSE-4.1",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift:4.1::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenShift Enterprise"
},
{
"branches": [
{
"category": "product_version",
"name": "atomic-enterprise-service-catalog-1:4.1.16-201909090609.git.1.cc4acc1.el7.x86_64",
"product": {
"name": "atomic-enterprise-service-catalog-1:4.1.16-201909090609.git.1.cc4acc1.el7.x86_64",
"product_id": "atomic-enterprise-service-catalog-1:4.1.16-201909090609.git.1.cc4acc1.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/atomic-enterprise-service-catalog@4.1.16-201909090609.git.1.cc4acc1.el7?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "atomic-enterprise-service-catalog-svcat-1:4.1.16-201909090609.git.1.cc4acc1.el7.x86_64",
"product": {
"name": "atomic-enterprise-service-catalog-svcat-1:4.1.16-201909090609.git.1.cc4acc1.el7.x86_64",
"product_id": "atomic-enterprise-service-catalog-svcat-1:4.1.16-201909090609.git.1.cc4acc1.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/atomic-enterprise-service-catalog-svcat@4.1.16-201909090609.git.1.cc4acc1.el7?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "openshift-clients-0:4.1.16-201909090609.git.0.2f97059.el7.x86_64",
"product": {
"name": "openshift-clients-0:4.1.16-201909090609.git.0.2f97059.el7.x86_64",
"product_id": "openshift-clients-0:4.1.16-201909090609.git.0.2f97059.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-clients@4.1.16-201909090609.git.0.2f97059.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "openshift-clients-redistributable-0:4.1.16-201909090609.git.0.2f97059.el7.x86_64",
"product": {
"name": "openshift-clients-redistributable-0:4.1.16-201909090609.git.0.2f97059.el7.x86_64",
"product_id": "openshift-clients-redistributable-0:4.1.16-201909090609.git.0.2f97059.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-clients-redistributable@4.1.16-201909090609.git.0.2f97059.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "openshift-hyperkube-0:4.1.16-201909090609.git.0.2f97059.el7.x86_64",
"product": {
"name": "openshift-hyperkube-0:4.1.16-201909090609.git.0.2f97059.el7.x86_64",
"product_id": "openshift-hyperkube-0:4.1.16-201909090609.git.0.2f97059.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-hyperkube@4.1.16-201909090609.git.0.2f97059.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "openshift-clients-0:4.1.16-201909090609.git.0.2f97059.el8.x86_64",
"product": {
"name": "openshift-clients-0:4.1.16-201909090609.git.0.2f97059.el8.x86_64",
"product_id": "openshift-clients-0:4.1.16-201909090609.git.0.2f97059.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-clients@4.1.16-201909090609.git.0.2f97059.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "openshift-clients-redistributable-0:4.1.16-201909090609.git.0.2f97059.el8.x86_64",
"product": {
"name": "openshift-clients-redistributable-0:4.1.16-201909090609.git.0.2f97059.el8.x86_64",
"product_id": "openshift-clients-redistributable-0:4.1.16-201909090609.git.0.2f97059.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-clients-redistributable@4.1.16-201909090609.git.0.2f97059.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "openshift-hyperkube-0:4.1.16-201909090609.git.0.2f97059.el8.x86_64",
"product": {
"name": "openshift-hyperkube-0:4.1.16-201909090609.git.0.2f97059.el8.x86_64",
"product_id": "openshift-hyperkube-0:4.1.16-201909090609.git.0.2f97059.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-hyperkube@4.1.16-201909090609.git.0.2f97059.el8?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "atomic-enterprise-service-catalog-1:4.1.16-201909090609.git.1.cc4acc1.el7.src",
"product": {
"name": "atomic-enterprise-service-catalog-1:4.1.16-201909090609.git.1.cc4acc1.el7.src",
"product_id": "atomic-enterprise-service-catalog-1:4.1.16-201909090609.git.1.cc4acc1.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/atomic-enterprise-service-catalog@4.1.16-201909090609.git.1.cc4acc1.el7?arch=src\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "jenkins-2-plugins-0:4.1.1567784275-1.el7.src",
"product": {
"name": "jenkins-2-plugins-0:4.1.1567784275-1.el7.src",
"product_id": "jenkins-2-plugins-0:4.1.1567784275-1.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jenkins-2-plugins@4.1.1567784275-1.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "openshift-0:4.1.16-201909090609.git.0.2f97059.el7.src",
"product": {
"name": "openshift-0:4.1.16-201909090609.git.0.2f97059.el7.src",
"product_id": "openshift-0:4.1.16-201909090609.git.0.2f97059.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift@4.1.16-201909090609.git.0.2f97059.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "openshift-ansible-0:4.1.16-201909090609.git.162.a0800db.el7.src",
"product": {
"name": "openshift-ansible-0:4.1.16-201909090609.git.162.a0800db.el7.src",
"product_id": "openshift-ansible-0:4.1.16-201909090609.git.162.a0800db.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-ansible@4.1.16-201909090609.git.162.a0800db.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "openshift-0:4.1.16-201909090609.git.0.2f97059.el8.src",
"product": {
"name": "openshift-0:4.1.16-201909090609.git.0.2f97059.el8.src",
"product_id": "openshift-0:4.1.16-201909090609.git.0.2f97059.el8.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift@4.1.16-201909090609.git.0.2f97059.el8?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "jenkins-2-plugins-0:4.1.1567784275-1.el7.noarch",
"product": {
"name": "jenkins-2-plugins-0:4.1.1567784275-1.el7.noarch",
"product_id": "jenkins-2-plugins-0:4.1.1567784275-1.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jenkins-2-plugins@4.1.1567784275-1.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "openshift-ansible-0:4.1.16-201909090609.git.162.a0800db.el7.noarch",
"product": {
"name": "openshift-ansible-0:4.1.16-201909090609.git.162.a0800db.el7.noarch",
"product_id": "openshift-ansible-0:4.1.16-201909090609.git.162.a0800db.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-ansible@4.1.16-201909090609.git.162.a0800db.el7?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "atomic-enterprise-service-catalog-1:4.1.16-201909090609.git.1.cc4acc1.el7.src as a component of Red Hat OpenShift Container Platform 4.1",
"product_id": "7Server-RH7-RHOSE-4.1:atomic-enterprise-service-catalog-1:4.1.16-201909090609.git.1.cc4acc1.el7.src"
},
"product_reference": "atomic-enterprise-service-catalog-1:4.1.16-201909090609.git.1.cc4acc1.el7.src",
"relates_to_product_reference": "7Server-RH7-RHOSE-4.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "atomic-enterprise-service-catalog-1:4.1.16-201909090609.git.1.cc4acc1.el7.x86_64 as a component of Red Hat OpenShift Container Platform 4.1",
"product_id": "7Server-RH7-RHOSE-4.1:atomic-enterprise-service-catalog-1:4.1.16-201909090609.git.1.cc4acc1.el7.x86_64"
},
"product_reference": "atomic-enterprise-service-catalog-1:4.1.16-201909090609.git.1.cc4acc1.el7.x86_64",
"relates_to_product_reference": "7Server-RH7-RHOSE-4.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "atomic-enterprise-service-catalog-svcat-1:4.1.16-201909090609.git.1.cc4acc1.el7.x86_64 as a component of Red Hat OpenShift Container Platform 4.1",
"product_id": "7Server-RH7-RHOSE-4.1:atomic-enterprise-service-catalog-svcat-1:4.1.16-201909090609.git.1.cc4acc1.el7.x86_64"
},
"product_reference": "atomic-enterprise-service-catalog-svcat-1:4.1.16-201909090609.git.1.cc4acc1.el7.x86_64",
"relates_to_product_reference": "7Server-RH7-RHOSE-4.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jenkins-2-plugins-0:4.1.1567784275-1.el7.noarch as a component of Red Hat OpenShift Container Platform 4.1",
"product_id": "7Server-RH7-RHOSE-4.1:jenkins-2-plugins-0:4.1.1567784275-1.el7.noarch"
},
"product_reference": "jenkins-2-plugins-0:4.1.1567784275-1.el7.noarch",
"relates_to_product_reference": "7Server-RH7-RHOSE-4.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jenkins-2-plugins-0:4.1.1567784275-1.el7.src as a component of Red Hat OpenShift Container Platform 4.1",
"product_id": "7Server-RH7-RHOSE-4.1:jenkins-2-plugins-0:4.1.1567784275-1.el7.src"
},
"product_reference": "jenkins-2-plugins-0:4.1.1567784275-1.el7.src",
"relates_to_product_reference": "7Server-RH7-RHOSE-4.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-0:4.1.16-201909090609.git.0.2f97059.el7.src as a component of Red Hat OpenShift Container Platform 4.1",
"product_id": "7Server-RH7-RHOSE-4.1:openshift-0:4.1.16-201909090609.git.0.2f97059.el7.src"
},
"product_reference": "openshift-0:4.1.16-201909090609.git.0.2f97059.el7.src",
"relates_to_product_reference": "7Server-RH7-RHOSE-4.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-ansible-0:4.1.16-201909090609.git.162.a0800db.el7.noarch as a component of Red Hat OpenShift Container Platform 4.1",
"product_id": "7Server-RH7-RHOSE-4.1:openshift-ansible-0:4.1.16-201909090609.git.162.a0800db.el7.noarch"
},
"product_reference": "openshift-ansible-0:4.1.16-201909090609.git.162.a0800db.el7.noarch",
"relates_to_product_reference": "7Server-RH7-RHOSE-4.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-ansible-0:4.1.16-201909090609.git.162.a0800db.el7.src as a component of Red Hat OpenShift Container Platform 4.1",
"product_id": "7Server-RH7-RHOSE-4.1:openshift-ansible-0:4.1.16-201909090609.git.162.a0800db.el7.src"
},
"product_reference": "openshift-ansible-0:4.1.16-201909090609.git.162.a0800db.el7.src",
"relates_to_product_reference": "7Server-RH7-RHOSE-4.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-clients-0:4.1.16-201909090609.git.0.2f97059.el7.x86_64 as a component of Red Hat OpenShift Container Platform 4.1",
"product_id": "7Server-RH7-RHOSE-4.1:openshift-clients-0:4.1.16-201909090609.git.0.2f97059.el7.x86_64"
},
"product_reference": "openshift-clients-0:4.1.16-201909090609.git.0.2f97059.el7.x86_64",
"relates_to_product_reference": "7Server-RH7-RHOSE-4.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-clients-redistributable-0:4.1.16-201909090609.git.0.2f97059.el7.x86_64 as a component of Red Hat OpenShift Container Platform 4.1",
"product_id": "7Server-RH7-RHOSE-4.1:openshift-clients-redistributable-0:4.1.16-201909090609.git.0.2f97059.el7.x86_64"
},
"product_reference": "openshift-clients-redistributable-0:4.1.16-201909090609.git.0.2f97059.el7.x86_64",
"relates_to_product_reference": "7Server-RH7-RHOSE-4.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-hyperkube-0:4.1.16-201909090609.git.0.2f97059.el7.x86_64 as a component of Red Hat OpenShift Container Platform 4.1",
"product_id": "7Server-RH7-RHOSE-4.1:openshift-hyperkube-0:4.1.16-201909090609.git.0.2f97059.el7.x86_64"
},
"product_reference": "openshift-hyperkube-0:4.1.16-201909090609.git.0.2f97059.el7.x86_64",
"relates_to_product_reference": "7Server-RH7-RHOSE-4.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-0:4.1.16-201909090609.git.0.2f97059.el8.src as a component of Red Hat OpenShift Container Platform 4.1",
"product_id": "8Base-RHOSE-4.1:openshift-0:4.1.16-201909090609.git.0.2f97059.el8.src"
},
"product_reference": "openshift-0:4.1.16-201909090609.git.0.2f97059.el8.src",
"relates_to_product_reference": "8Base-RHOSE-4.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-clients-0:4.1.16-201909090609.git.0.2f97059.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.1",
"product_id": "8Base-RHOSE-4.1:openshift-clients-0:4.1.16-201909090609.git.0.2f97059.el8.x86_64"
},
"product_reference": "openshift-clients-0:4.1.16-201909090609.git.0.2f97059.el8.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-clients-redistributable-0:4.1.16-201909090609.git.0.2f97059.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.1",
"product_id": "8Base-RHOSE-4.1:openshift-clients-redistributable-0:4.1.16-201909090609.git.0.2f97059.el8.x86_64"
},
"product_reference": "openshift-clients-redistributable-0:4.1.16-201909090609.git.0.2f97059.el8.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-hyperkube-0:4.1.16-201909090609.git.0.2f97059.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.1",
"product_id": "8Base-RHOSE-4.1:openshift-hyperkube-0:4.1.16-201909090609.git.0.2f97059.el8.x86_64"
},
"product_reference": "openshift-hyperkube-0:4.1.16-201909090609.git.0.2f97059.el8.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.1"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2019-11249",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"discovery_date": "2019-08-05T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1737651"
}
],
"notes": [
{
"category": "description",
"text": "The kubectl cp command allows copying files between containers and the user machine. To copy files from a container, Kubernetes runs tar inside the container to create a tar archive, copies it over the network, and kubectl unpacks it on the user\u2019s machine. If the tar binary in the container is malicious, it could run any code and output unexpected, malicious results. An attacker could use this to write files to any path on the user\u2019s machine when kubectl cp is called, limited only by the system permissions of the local user. Kubernetes affected versions include versions prior to 1.13.9, versions prior to 1.14.5, versions prior to 1.15.2, and versions 1.1, 1.2, 1.4, 1.4, 1.5, 1.6, 1.7, 1.8, 1.9, 1.10, 1.11, 1.12.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kubernetes: Incomplete fixes for CVE-2019-1002101 and CVE-2019-11246, kubectl cp potential directory traversal",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RH7-RHOSE-4.1:atomic-enterprise-service-catalog-1:4.1.16-201909090609.git.1.cc4acc1.el7.src",
"7Server-RH7-RHOSE-4.1:atomic-enterprise-service-catalog-1:4.1.16-201909090609.git.1.cc4acc1.el7.x86_64",
"7Server-RH7-RHOSE-4.1:atomic-enterprise-service-catalog-svcat-1:4.1.16-201909090609.git.1.cc4acc1.el7.x86_64",
"7Server-RH7-RHOSE-4.1:jenkins-2-plugins-0:4.1.1567784275-1.el7.noarch",
"7Server-RH7-RHOSE-4.1:jenkins-2-plugins-0:4.1.1567784275-1.el7.src",
"7Server-RH7-RHOSE-4.1:openshift-0:4.1.16-201909090609.git.0.2f97059.el7.src",
"7Server-RH7-RHOSE-4.1:openshift-ansible-0:4.1.16-201909090609.git.162.a0800db.el7.noarch",
"7Server-RH7-RHOSE-4.1:openshift-ansible-0:4.1.16-201909090609.git.162.a0800db.el7.src",
"7Server-RH7-RHOSE-4.1:openshift-clients-0:4.1.16-201909090609.git.0.2f97059.el7.x86_64",
"7Server-RH7-RHOSE-4.1:openshift-clients-redistributable-0:4.1.16-201909090609.git.0.2f97059.el7.x86_64",
"7Server-RH7-RHOSE-4.1:openshift-hyperkube-0:4.1.16-201909090609.git.0.2f97059.el7.x86_64",
"8Base-RHOSE-4.1:openshift-0:4.1.16-201909090609.git.0.2f97059.el8.src",
"8Base-RHOSE-4.1:openshift-clients-0:4.1.16-201909090609.git.0.2f97059.el8.x86_64",
"8Base-RHOSE-4.1:openshift-clients-redistributable-0:4.1.16-201909090609.git.0.2f97059.el8.x86_64",
"8Base-RHOSE-4.1:openshift-hyperkube-0:4.1.16-201909090609.git.0.2f97059.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-11249"
},
{
"category": "external",
"summary": "RHBZ#1737651",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1737651"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-11249",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11249"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-11249",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-11249"
},
{
"category": "external",
"summary": "https://groups.google.com/forum/#!topic/kubernetes-security-discuss/Vf31dXp0EJc",
"url": "https://groups.google.com/forum/#!topic/kubernetes-security-discuss/Vf31dXp0EJc"
}
],
"release_date": "2019-08-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-09-20T15:24:10+00:00",
"details": "Before applying this update, ensure all previously released errata\nrelevant to your system have been applied.\n\nFor OpenShift Container Platform 4.1 see the following documentation, which\nwill be updated shortly for release 4.1.16, for important instructions on\nhow to upgrade your cluster and fully apply this asynchronous errata\nupdate:\n\nhttps://docs.openshift.com/container-platform/4.1/release_notes/ocp-4-1-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.1/updating/updating-cluster-cli.html.",
"product_ids": [
"7Server-RH7-RHOSE-4.1:atomic-enterprise-service-catalog-1:4.1.16-201909090609.git.1.cc4acc1.el7.src",
"7Server-RH7-RHOSE-4.1:atomic-enterprise-service-catalog-1:4.1.16-201909090609.git.1.cc4acc1.el7.x86_64",
"7Server-RH7-RHOSE-4.1:atomic-enterprise-service-catalog-svcat-1:4.1.16-201909090609.git.1.cc4acc1.el7.x86_64",
"7Server-RH7-RHOSE-4.1:jenkins-2-plugins-0:4.1.1567784275-1.el7.noarch",
"7Server-RH7-RHOSE-4.1:jenkins-2-plugins-0:4.1.1567784275-1.el7.src",
"7Server-RH7-RHOSE-4.1:openshift-0:4.1.16-201909090609.git.0.2f97059.el7.src",
"7Server-RH7-RHOSE-4.1:openshift-ansible-0:4.1.16-201909090609.git.162.a0800db.el7.noarch",
"7Server-RH7-RHOSE-4.1:openshift-ansible-0:4.1.16-201909090609.git.162.a0800db.el7.src",
"7Server-RH7-RHOSE-4.1:openshift-clients-0:4.1.16-201909090609.git.0.2f97059.el7.x86_64",
"7Server-RH7-RHOSE-4.1:openshift-clients-redistributable-0:4.1.16-201909090609.git.0.2f97059.el7.x86_64",
"7Server-RH7-RHOSE-4.1:openshift-hyperkube-0:4.1.16-201909090609.git.0.2f97059.el7.x86_64",
"8Base-RHOSE-4.1:openshift-0:4.1.16-201909090609.git.0.2f97059.el8.src",
"8Base-RHOSE-4.1:openshift-clients-0:4.1.16-201909090609.git.0.2f97059.el8.x86_64",
"8Base-RHOSE-4.1:openshift-clients-redistributable-0:4.1.16-201909090609.git.0.2f97059.el8.x86_64",
"8Base-RHOSE-4.1:openshift-hyperkube-0:4.1.16-201909090609.git.0.2f97059.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHBA-2019:2794"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:H/A:N",
"version": "3.0"
},
"products": [
"7Server-RH7-RHOSE-4.1:atomic-enterprise-service-catalog-1:4.1.16-201909090609.git.1.cc4acc1.el7.src",
"7Server-RH7-RHOSE-4.1:atomic-enterprise-service-catalog-1:4.1.16-201909090609.git.1.cc4acc1.el7.x86_64",
"7Server-RH7-RHOSE-4.1:atomic-enterprise-service-catalog-svcat-1:4.1.16-201909090609.git.1.cc4acc1.el7.x86_64",
"7Server-RH7-RHOSE-4.1:jenkins-2-plugins-0:4.1.1567784275-1.el7.noarch",
"7Server-RH7-RHOSE-4.1:jenkins-2-plugins-0:4.1.1567784275-1.el7.src",
"7Server-RH7-RHOSE-4.1:openshift-0:4.1.16-201909090609.git.0.2f97059.el7.src",
"7Server-RH7-RHOSE-4.1:openshift-ansible-0:4.1.16-201909090609.git.162.a0800db.el7.noarch",
"7Server-RH7-RHOSE-4.1:openshift-ansible-0:4.1.16-201909090609.git.162.a0800db.el7.src",
"7Server-RH7-RHOSE-4.1:openshift-clients-0:4.1.16-201909090609.git.0.2f97059.el7.x86_64",
"7Server-RH7-RHOSE-4.1:openshift-clients-redistributable-0:4.1.16-201909090609.git.0.2f97059.el7.x86_64",
"7Server-RH7-RHOSE-4.1:openshift-hyperkube-0:4.1.16-201909090609.git.0.2f97059.el7.x86_64",
"8Base-RHOSE-4.1:openshift-0:4.1.16-201909090609.git.0.2f97059.el8.src",
"8Base-RHOSE-4.1:openshift-clients-0:4.1.16-201909090609.git.0.2f97059.el8.x86_64",
"8Base-RHOSE-4.1:openshift-clients-redistributable-0:4.1.16-201909090609.git.0.2f97059.el8.x86_64",
"8Base-RHOSE-4.1:openshift-hyperkube-0:4.1.16-201909090609.git.0.2f97059.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kubernetes: Incomplete fixes for CVE-2019-1002101 and CVE-2019-11246, kubectl cp potential directory traversal"
}
]
}
RHBA-2019:2816
Vulnerability from csaf_redhat - Published: 2019-09-24 12:31 - Updated: 2026-02-20 19:38Summary
Red Hat Bug Fix Advisory: OpenShift Container Platform 3.11 bug fix update
Severity
Moderate
Notes
Topic: Red Hat OpenShift Container Platform release 3.11.146 is now available with
updates to packages and images that fix several bugs.
Details: Red Hat OpenShift Container Platform is Red Hat's cloud computing
Kubernetes application platform solution designed for on-premise or private
cloud deployments.
This advisory contains the RPM packages for Red Hat OpenShift Container
Platform 3.11.146. See the following advisory for the container images for
this release:
https://access.redhat.com/errata/RHBA-2019:2824
This update fixes the following bugs:
* kuryr-controller could not access the OpenShift API LoadBalancer members with OVN if kuryr-controller was running on master nodes. Now, kuryr-controller is forced to be on infrastructure nodes. As a result, kuryr-controller can now access the OpenShift API LoadBalancers. (BZ#1641647)
* In rare cases, the cluster console would not display a projects list when the user logged in. This was due to a race condition that would cause the project list to fail after logging into the admin console. The user would need to refresh the page to see the list of projects. This race condition has been addressed, and projects now load successfully after logging in. (BZ#1703777)
* Image tags were not provided for some ose-pod image pulls. As a result, multiple image versions could be pulled from the ose-pod image. Now, image tags have been added to the registry_auth and only a single image version for ose-pod is pulled. (BZ#1725938)
* Clusters with large numbers of unidled services could see extended wait times applying endpoint changes to cluster IP addresses. Iptables access is now better coordinated and synchronization of firewall rules occurs in less time. (BZ#1734009)
* Egress IP addresses did not operate correctly in namespaces with restrictive NetworkPolicies. Pods that accepted traffic only from specific sources would not be able to send egress traffic via egress IP addresses because the response from the external server would be mistakenly rejected by their NetworkPolicies. Now, replies from egress traffic are correctly recognized as replies rather than as new connections. (BZ#1741477)
* Metrics-server-certs did not remove secrets if the server was uninstalled. The metrics serving cert label has been corrected and metrics serving certs are removed completely. (BZ#1746212)
* Outgoing connections would sometimes be dropped if a minimum kernel version was not installed. A check has been added to ensure that the installed kernel meets the required minimum version to avoid network issues. This check is run during prerequisites, scale-up, and upgrade. (BZ#1749024)
* Upgrade playbooks were not respecting the openshift_docker_additional_registries variable. The registries.conf has been updated to observe inventory variables that have been set or changes since the last upgrade. (BZ#1749341)
All OpenShift Container Platform 3.11 users are advised to upgrade to these
updated packages and images.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
The Kubernetes kube-apiserver mistakenly allows access to a cluster-scoped custom resource if the request is made as if the resource were namespaced. Authorizations for the resource accessed in this manner are enforced using roles and role bindings within the namespace, meaning that a user with access only to a resource in one namespace could create, view update or delete the cluster-scoped resource (according to their namespace role privileges). Kubernetes affected versions include versions prior to 1.13.9, versions prior to 1.14.5, versions prior to 1.15.2, and versions 1.7, 1.8, 1.9, 1.10, 1.11, 1.12.
5.0 (Medium)
Affected products
Fixed
6 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:ansible-service-broker-1:1.3.23-2.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:ansible-service-broker-1:1.3.23-2.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:ansible-service-broker-1:1.3.23-2.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:ansible-service-broker-container-scripts-1:1.3.23-2.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:ansible-service-broker-selinux-1:1.3.23-2.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:automation-broker-apb-role-1:1.3.23-2.el7.noarch | — |
Vendor Fix
fix
|
Known not affected
79 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.146-1.git.1.3f0869b.el7.ppc64le | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.146-1.git.1.3f0869b.el7.src | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.146-1.git.1.3f0869b.el7.x86_64 | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.146-1.git.1.3f0869b.el7.ppc64le | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.146-1.git.1.3f0869b.el7.x86_64 | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.146-1.git.0.4aab273.el7.ppc64le | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.146-1.git.0.4aab273.el7.src | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.146-1.git.0.4aab273.el7.x86_64 | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.146-1.git.0.4aab273.el7.ppc64le | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.146-1.git.0.4aab273.el7.x86_64 | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.146-1.git.0.4aab273.el7.x86_64 | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.146-1.git.1.3633245.el7.ppc64le | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.146-1.git.1.3633245.el7.src | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.146-1.git.1.3633245.el7.x86_64 | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.146-1.git.1.fc7387e.el7.ppc64le | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.146-1.git.1.fc7387e.el7.src | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.146-1.git.1.fc7387e.el7.x86_64 | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.146-1.git.0.4aab273.el7.noarch | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.146-1.git.1.fc1edc6.el7.ppc64le | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.146-1.git.1.fc1edc6.el7.src | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.146-1.git.1.fc1edc6.el7.x86_64 | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.146-1.git.0.4aab273.el7.noarch | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.146-1.git.0.4aab273.el7.ppc64le | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.146-1.git.0.4aab273.el7.x86_64 | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.146-1.git.0.4aab273.el7.ppc64le | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.146-1.git.0.4aab273.el7.x86_64 | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.146-1.git.0.4aab273.el7.ppc64le | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.146-1.git.0.4aab273.el7.x86_64 | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.146-1.git.1.5278825.el7.ppc64le | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.146-1.git.1.5278825.el7.src | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.146-1.git.1.5278825.el7.x86_64 | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.146-1.git.0.4aab273.el7.ppc64le | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.146-1.git.0.4aab273.el7.x86_64 | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.146-1.git.1.e0e89f7.el7.ppc64le | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.146-1.git.1.e0e89f7.el7.src | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.146-1.git.1.e0e89f7.el7.x86_64 | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.146-1.git.0.4aab273.el7.ppc64le | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.146-1.git.0.4aab273.el7.x86_64 | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.146-1.git.0.4aab273.el7.ppc64le | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.146-1.git.0.4aab273.el7.x86_64 | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.146-1.git.1.723cb8d.el7.ppc64le | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.146-1.git.1.723cb8d.el7.src | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.146-1.git.1.723cb8d.el7.x86_64 | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.146-1.git.0.4aab273.el7.ppc64le | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.146-1.git.0.4aab273.el7.x86_64 | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.146-1.git.0.4aab273.el7.ppc64le | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.146-1.git.0.4aab273.el7.x86_64 | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.146-1.git.1.75951b8.el7.ppc64le | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.146-1.git.1.75951b8.el7.src | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.146-1.git.1.75951b8.el7.x86_64 | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.146-1.git.1.517a261.el7.ppc64le | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.146-1.git.1.517a261.el7.src | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.146-1.git.1.517a261.el7.x86_64 | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.146-1.git.1.1a30625.el7.src | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.146-1.git.1.51554ba.el7.src | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.146-1.git.1.0e18774.el7.src | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-3.11:jenkins-0:2.176.3.1568230481-1.el7.noarch | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-3.11:jenkins-0:2.176.3.1568230481-1.el7.src | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1567698330-1.el7.noarch | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1567698330-1.el7.src | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-3.11:kibana-0:5.6.16-2.el7.ppc64le | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-3.11:kibana-0:5.6.16-2.el7.src | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-3.11:kibana-0:5.6.16-2.el7.x86_64 | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-3.11:kibana-debuginfo-0:5.6.16-2.el7.ppc64le | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-3.11:kibana-debuginfo-0:5.6.16-2.el7.x86_64 | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.146-1.git.1.de160cc.el7.ppc64le | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.146-1.git.1.de160cc.el7.src | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.146-1.git.1.de160cc.el7.x86_64 | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.146-1.git.1.113bc35.el7.ppc64le | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.146-1.git.1.113bc35.el7.src | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.146-1.git.1.113bc35.el7.x86_64 | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-3.11:prometheus-0:3.11.146-1.git.1.0e18774.el7.ppc64le | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-3.11:prometheus-0:3.11.146-1.git.1.0e18774.el7.x86_64 | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.146-1.git.1.1a30625.el7.ppc64le | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.146-1.git.1.1a30625.el7.x86_64 | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.146-1.git.1.51554ba.el7.ppc64le | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.146-1.git.1.51554ba.el7.x86_64 | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-3.11:python-elasticsearch-1:5.4.0-2.el7.noarch | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-3.11:python-elasticsearch-1:5.4.0-2.el7.src | — |
Threats
Impact
Moderate
The kubectl cp command allows copying files between containers and the user machine. To copy files from a container, Kubernetes runs tar inside the container to create a tar archive, copies it over the network, and kubectl unpacks it on the user’s machine. If the tar binary in the container is malicious, it could run any code and output unexpected, malicious results. An attacker could use this to write files to any path on the user’s machine when kubectl cp is called, limited only by the system permissions of the local user. Kubernetes affected versions include versions prior to 1.13.9, versions prior to 1.14.5, versions prior to 1.15.2, and versions 1.1, 1.2, 1.4, 1.4, 1.5, 1.6, 1.7, 1.8, 1.9, 1.10, 1.11, 1.12.
4.8 (Medium)
Affected products
Fixed
6 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:ansible-service-broker-1:1.3.23-2.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:ansible-service-broker-1:1.3.23-2.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:ansible-service-broker-1:1.3.23-2.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:ansible-service-broker-container-scripts-1:1.3.23-2.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:ansible-service-broker-selinux-1:1.3.23-2.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:automation-broker-apb-role-1:1.3.23-2.el7.noarch | — |
Vendor Fix
fix
|
Known not affected
79 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.146-1.git.1.3f0869b.el7.ppc64le | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.146-1.git.1.3f0869b.el7.src | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.146-1.git.1.3f0869b.el7.x86_64 | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.146-1.git.1.3f0869b.el7.ppc64le | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.146-1.git.1.3f0869b.el7.x86_64 | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.146-1.git.0.4aab273.el7.ppc64le | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.146-1.git.0.4aab273.el7.src | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.146-1.git.0.4aab273.el7.x86_64 | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.146-1.git.0.4aab273.el7.ppc64le | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.146-1.git.0.4aab273.el7.x86_64 | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.146-1.git.0.4aab273.el7.x86_64 | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.146-1.git.1.3633245.el7.ppc64le | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.146-1.git.1.3633245.el7.src | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.146-1.git.1.3633245.el7.x86_64 | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.146-1.git.1.fc7387e.el7.ppc64le | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.146-1.git.1.fc7387e.el7.src | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.146-1.git.1.fc7387e.el7.x86_64 | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.146-1.git.0.4aab273.el7.noarch | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.146-1.git.1.fc1edc6.el7.ppc64le | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.146-1.git.1.fc1edc6.el7.src | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.146-1.git.1.fc1edc6.el7.x86_64 | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.146-1.git.0.4aab273.el7.noarch | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.146-1.git.0.4aab273.el7.ppc64le | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.146-1.git.0.4aab273.el7.x86_64 | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.146-1.git.0.4aab273.el7.ppc64le | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.146-1.git.0.4aab273.el7.x86_64 | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.146-1.git.0.4aab273.el7.ppc64le | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.146-1.git.0.4aab273.el7.x86_64 | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.146-1.git.1.5278825.el7.ppc64le | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.146-1.git.1.5278825.el7.src | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.146-1.git.1.5278825.el7.x86_64 | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.146-1.git.0.4aab273.el7.ppc64le | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.146-1.git.0.4aab273.el7.x86_64 | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.146-1.git.1.e0e89f7.el7.ppc64le | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.146-1.git.1.e0e89f7.el7.src | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.146-1.git.1.e0e89f7.el7.x86_64 | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.146-1.git.0.4aab273.el7.ppc64le | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.146-1.git.0.4aab273.el7.x86_64 | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.146-1.git.0.4aab273.el7.ppc64le | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.146-1.git.0.4aab273.el7.x86_64 | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.146-1.git.1.723cb8d.el7.ppc64le | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.146-1.git.1.723cb8d.el7.src | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.146-1.git.1.723cb8d.el7.x86_64 | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.146-1.git.0.4aab273.el7.ppc64le | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.146-1.git.0.4aab273.el7.x86_64 | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.146-1.git.0.4aab273.el7.ppc64le | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.146-1.git.0.4aab273.el7.x86_64 | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.146-1.git.1.75951b8.el7.ppc64le | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.146-1.git.1.75951b8.el7.src | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.146-1.git.1.75951b8.el7.x86_64 | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.146-1.git.1.517a261.el7.ppc64le | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.146-1.git.1.517a261.el7.src | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.146-1.git.1.517a261.el7.x86_64 | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.146-1.git.1.1a30625.el7.src | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.146-1.git.1.51554ba.el7.src | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.146-1.git.1.0e18774.el7.src | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-3.11:jenkins-0:2.176.3.1568230481-1.el7.noarch | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-3.11:jenkins-0:2.176.3.1568230481-1.el7.src | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1567698330-1.el7.noarch | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1567698330-1.el7.src | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-3.11:kibana-0:5.6.16-2.el7.ppc64le | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-3.11:kibana-0:5.6.16-2.el7.src | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-3.11:kibana-0:5.6.16-2.el7.x86_64 | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-3.11:kibana-debuginfo-0:5.6.16-2.el7.ppc64le | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-3.11:kibana-debuginfo-0:5.6.16-2.el7.x86_64 | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.146-1.git.1.de160cc.el7.ppc64le | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.146-1.git.1.de160cc.el7.src | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.146-1.git.1.de160cc.el7.x86_64 | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.146-1.git.1.113bc35.el7.ppc64le | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.146-1.git.1.113bc35.el7.src | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.146-1.git.1.113bc35.el7.x86_64 | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-3.11:prometheus-0:3.11.146-1.git.1.0e18774.el7.ppc64le | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-3.11:prometheus-0:3.11.146-1.git.1.0e18774.el7.x86_64 | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.146-1.git.1.1a30625.el7.ppc64le | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.146-1.git.1.1a30625.el7.x86_64 | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.146-1.git.1.51554ba.el7.ppc64le | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.146-1.git.1.51554ba.el7.x86_64 | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-3.11:python-elasticsearch-1:5.4.0-2.el7.noarch | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-3.11:python-elasticsearch-1:5.4.0-2.el7.src | — |
Threats
Impact
Moderate
References
27 references
Acknowledgments
the Kubernetes Product Security Committee
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Red Hat OpenShift Container Platform release 3.11.146 is now available with\nupdates to packages and images that fix several bugs.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat OpenShift Container Platform is Red Hat\u0027s cloud computing\nKubernetes application platform solution designed for on-premise or private\ncloud deployments.\n\nThis advisory contains the RPM packages for Red Hat OpenShift Container\nPlatform 3.11.146. See the following advisory for the container images for\nthis release:\n\nhttps://access.redhat.com/errata/RHBA-2019:2824\n\nThis update fixes the following bugs: \n\n* kuryr-controller could not access the OpenShift API LoadBalancer members with OVN if kuryr-controller was running on master nodes. Now, kuryr-controller is forced to be on infrastructure nodes. As a result, kuryr-controller can now access the OpenShift API LoadBalancers. (BZ#1641647)\n\n* In rare cases, the cluster console would not display a projects list when the user logged in. This was due to a race condition that would cause the project list to fail after logging into the admin console. The user would need to refresh the page to see the list of projects. This race condition has been addressed, and projects now load successfully after logging in. (BZ#1703777)\n\n* Image tags were not provided for some ose-pod image pulls. As a result, multiple image versions could be pulled from the ose-pod image. Now, image tags have been added to the registry_auth and only a single image version for ose-pod is pulled. (BZ#1725938)\n\n* Clusters with large numbers of unidled services could see extended wait times applying endpoint changes to cluster IP addresses. Iptables access is now better coordinated and synchronization of firewall rules occurs in less time. (BZ#1734009)\n\n* Egress IP addresses did not operate correctly in namespaces with restrictive NetworkPolicies. Pods that accepted traffic only from specific sources would not be able to send egress traffic via egress IP addresses because the response from the external server would be mistakenly rejected by their NetworkPolicies. Now, replies from egress traffic are correctly recognized as replies rather than as new connections. (BZ#1741477)\n\n* Metrics-server-certs did not remove secrets if the server was uninstalled. The metrics serving cert label has been corrected and metrics serving certs are removed completely. (BZ#1746212)\n\n* Outgoing connections would sometimes be dropped if a minimum kernel version was not installed. A check has been added to ensure that the installed kernel meets the required minimum version to avoid network issues. This check is run during prerequisites, scale-up, and upgrade. (BZ#1749024)\n\n* Upgrade playbooks were not respecting the openshift_docker_additional_registries variable. The registries.conf has been updated to observe inventory variables that have been set or changes since the last upgrade. (BZ#1749341)\n\nAll OpenShift Container Platform 3.11 users are advised to upgrade to these\nupdated packages and images.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHBA-2019:2816",
"url": "https://access.redhat.com/errata/RHBA-2019:2816"
},
{
"category": "external",
"summary": "1432875",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1432875"
},
{
"category": "external",
"summary": "1641647",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1641647"
},
{
"category": "external",
"summary": "1661447",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1661447"
},
{
"category": "external",
"summary": "1703777",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1703777"
},
{
"category": "external",
"summary": "1720172",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1720172"
},
{
"category": "external",
"summary": "1733327",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1733327"
},
{
"category": "external",
"summary": "1733429",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1733429"
},
{
"category": "external",
"summary": "1734009",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1734009"
},
{
"category": "external",
"summary": "1735502",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1735502"
},
{
"category": "external",
"summary": "1741477",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1741477"
},
{
"category": "external",
"summary": "1743950",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1743950"
},
{
"category": "external",
"summary": "1746212",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1746212"
},
{
"category": "external",
"summary": "1748982",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1748982"
},
{
"category": "external",
"summary": "1749024",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1749024"
},
{
"category": "external",
"summary": "1749341",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1749341"
},
{
"category": "external",
"summary": "1752853",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1752853"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2019/rhba-2019_2816.json"
}
],
"title": "Red Hat Bug Fix Advisory: OpenShift Container Platform 3.11 bug fix update",
"tracking": {
"current_release_date": "2026-02-20T19:38:58+00:00",
"generator": {
"date": "2026-02-20T19:38:58+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.7.1"
}
},
"id": "RHBA-2019:2816",
"initial_release_date": "2019-09-24T12:31:29+00:00",
"revision_history": [
{
"date": "2019-09-24T12:31:29+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2019-09-24T12:31:29+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-02-20T19:38:58+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat OpenShift Container Platform 3.11",
"product": {
"name": "Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift:3.11::el7"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenShift Enterprise"
},
{
"branches": [
{
"category": "product_version",
"name": "atomic-enterprise-service-catalog-1:3.11.146-1.git.1.3f0869b.el7.ppc64le",
"product": {
"name": "atomic-enterprise-service-catalog-1:3.11.146-1.git.1.3f0869b.el7.ppc64le",
"product_id": "atomic-enterprise-service-catalog-1:3.11.146-1.git.1.3f0869b.el7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/atomic-enterprise-service-catalog@3.11.146-1.git.1.3f0869b.el7?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "atomic-enterprise-service-catalog-svcat-1:3.11.146-1.git.1.3f0869b.el7.ppc64le",
"product": {
"name": "atomic-enterprise-service-catalog-svcat-1:3.11.146-1.git.1.3f0869b.el7.ppc64le",
"product_id": "atomic-enterprise-service-catalog-svcat-1:3.11.146-1.git.1.3f0869b.el7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/atomic-enterprise-service-catalog-svcat@3.11.146-1.git.1.3f0869b.el7?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "atomic-openshift-0:3.11.146-1.git.0.4aab273.el7.ppc64le",
"product": {
"name": "atomic-openshift-0:3.11.146-1.git.0.4aab273.el7.ppc64le",
"product_id": "atomic-openshift-0:3.11.146-1.git.0.4aab273.el7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/atomic-openshift@3.11.146-1.git.0.4aab273.el7?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "atomic-openshift-clients-0:3.11.146-1.git.0.4aab273.el7.ppc64le",
"product": {
"name": "atomic-openshift-clients-0:3.11.146-1.git.0.4aab273.el7.ppc64le",
"product_id": "atomic-openshift-clients-0:3.11.146-1.git.0.4aab273.el7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/atomic-openshift-clients@3.11.146-1.git.0.4aab273.el7?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "atomic-openshift-hyperkube-0:3.11.146-1.git.0.4aab273.el7.ppc64le",
"product": {
"name": "atomic-openshift-hyperkube-0:3.11.146-1.git.0.4aab273.el7.ppc64le",
"product_id": "atomic-openshift-hyperkube-0:3.11.146-1.git.0.4aab273.el7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/atomic-openshift-hyperkube@3.11.146-1.git.0.4aab273.el7?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "atomic-openshift-hypershift-0:3.11.146-1.git.0.4aab273.el7.ppc64le",
"product": {
"name": "atomic-openshift-hypershift-0:3.11.146-1.git.0.4aab273.el7.ppc64le",
"product_id": "atomic-openshift-hypershift-0:3.11.146-1.git.0.4aab273.el7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/atomic-openshift-hypershift@3.11.146-1.git.0.4aab273.el7?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "atomic-openshift-master-0:3.11.146-1.git.0.4aab273.el7.ppc64le",
"product": {
"name": "atomic-openshift-master-0:3.11.146-1.git.0.4aab273.el7.ppc64le",
"product_id": "atomic-openshift-master-0:3.11.146-1.git.0.4aab273.el7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/atomic-openshift-master@3.11.146-1.git.0.4aab273.el7?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "atomic-openshift-node-0:3.11.146-1.git.0.4aab273.el7.ppc64le",
"product": {
"name": "atomic-openshift-node-0:3.11.146-1.git.0.4aab273.el7.ppc64le",
"product_id": "atomic-openshift-node-0:3.11.146-1.git.0.4aab273.el7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/atomic-openshift-node@3.11.146-1.git.0.4aab273.el7?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "atomic-openshift-pod-0:3.11.146-1.git.0.4aab273.el7.ppc64le",
"product": {
"name": "atomic-openshift-pod-0:3.11.146-1.git.0.4aab273.el7.ppc64le",
"product_id": "atomic-openshift-pod-0:3.11.146-1.git.0.4aab273.el7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/atomic-openshift-pod@3.11.146-1.git.0.4aab273.el7?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "atomic-openshift-sdn-ovs-0:3.11.146-1.git.0.4aab273.el7.ppc64le",
"product": {
"name": "atomic-openshift-sdn-ovs-0:3.11.146-1.git.0.4aab273.el7.ppc64le",
"product_id": "atomic-openshift-sdn-ovs-0:3.11.146-1.git.0.4aab273.el7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/atomic-openshift-sdn-ovs@3.11.146-1.git.0.4aab273.el7?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "atomic-openshift-template-service-broker-0:3.11.146-1.git.0.4aab273.el7.ppc64le",
"product": {
"name": "atomic-openshift-template-service-broker-0:3.11.146-1.git.0.4aab273.el7.ppc64le",
"product_id": "atomic-openshift-template-service-broker-0:3.11.146-1.git.0.4aab273.el7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/atomic-openshift-template-service-broker@3.11.146-1.git.0.4aab273.el7?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "atomic-openshift-tests-0:3.11.146-1.git.0.4aab273.el7.ppc64le",
"product": {
"name": "atomic-openshift-tests-0:3.11.146-1.git.0.4aab273.el7.ppc64le",
"product_id": "atomic-openshift-tests-0:3.11.146-1.git.0.4aab273.el7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/atomic-openshift-tests@3.11.146-1.git.0.4aab273.el7?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "atomic-openshift-cluster-autoscaler-0:3.11.146-1.git.1.3633245.el7.ppc64le",
"product": {
"name": "atomic-openshift-cluster-autoscaler-0:3.11.146-1.git.1.3633245.el7.ppc64le",
"product_id": "atomic-openshift-cluster-autoscaler-0:3.11.146-1.git.1.3633245.el7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/atomic-openshift-cluster-autoscaler@3.11.146-1.git.1.3633245.el7?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "atomic-openshift-descheduler-0:3.11.146-1.git.1.fc7387e.el7.ppc64le",
"product": {
"name": "atomic-openshift-descheduler-0:3.11.146-1.git.1.fc7387e.el7.ppc64le",
"product_id": "atomic-openshift-descheduler-0:3.11.146-1.git.1.fc7387e.el7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/atomic-openshift-descheduler@3.11.146-1.git.1.fc7387e.el7?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "atomic-openshift-dockerregistry-0:3.11.146-1.git.1.fc1edc6.el7.ppc64le",
"product": {
"name": "atomic-openshift-dockerregistry-0:3.11.146-1.git.1.fc1edc6.el7.ppc64le",
"product_id": "atomic-openshift-dockerregistry-0:3.11.146-1.git.1.fc1edc6.el7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/atomic-openshift-dockerregistry@3.11.146-1.git.1.fc1edc6.el7?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "atomic-openshift-metrics-server-0:3.11.146-1.git.1.5278825.el7.ppc64le",
"product": {
"name": "atomic-openshift-metrics-server-0:3.11.146-1.git.1.5278825.el7.ppc64le",
"product_id": "atomic-openshift-metrics-server-0:3.11.146-1.git.1.5278825.el7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/atomic-openshift-metrics-server@3.11.146-1.git.1.5278825.el7?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "atomic-openshift-node-problem-detector-0:3.11.146-1.git.1.e0e89f7.el7.ppc64le",
"product": {
"name": "atomic-openshift-node-problem-detector-0:3.11.146-1.git.1.e0e89f7.el7.ppc64le",
"product_id": "atomic-openshift-node-problem-detector-0:3.11.146-1.git.1.e0e89f7.el7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/atomic-openshift-node-problem-detector@3.11.146-1.git.1.e0e89f7.el7?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "atomic-openshift-service-idler-0:3.11.146-1.git.1.723cb8d.el7.ppc64le",
"product": {
"name": "atomic-openshift-service-idler-0:3.11.146-1.git.1.723cb8d.el7.ppc64le",
"product_id": "atomic-openshift-service-idler-0:3.11.146-1.git.1.723cb8d.el7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/atomic-openshift-service-idler@3.11.146-1.git.1.723cb8d.el7?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "atomic-openshift-web-console-0:3.11.146-1.git.1.75951b8.el7.ppc64le",
"product": {
"name": "atomic-openshift-web-console-0:3.11.146-1.git.1.75951b8.el7.ppc64le",
"product_id": "atomic-openshift-web-console-0:3.11.146-1.git.1.75951b8.el7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/atomic-openshift-web-console@3.11.146-1.git.1.75951b8.el7?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "golang-github-openshift-oauth-proxy-0:3.11.146-1.git.1.517a261.el7.ppc64le",
"product": {
"name": "golang-github-openshift-oauth-proxy-0:3.11.146-1.git.1.517a261.el7.ppc64le",
"product_id": "golang-github-openshift-oauth-proxy-0:3.11.146-1.git.1.517a261.el7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-github-openshift-oauth-proxy@3.11.146-1.git.1.517a261.el7?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "prometheus-alertmanager-0:3.11.146-1.git.1.1a30625.el7.ppc64le",
"product": {
"name": "prometheus-alertmanager-0:3.11.146-1.git.1.1a30625.el7.ppc64le",
"product_id": "prometheus-alertmanager-0:3.11.146-1.git.1.1a30625.el7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/prometheus-alertmanager@3.11.146-1.git.1.1a30625.el7?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "prometheus-node-exporter-0:3.11.146-1.git.1.51554ba.el7.ppc64le",
"product": {
"name": "prometheus-node-exporter-0:3.11.146-1.git.1.51554ba.el7.ppc64le",
"product_id": "prometheus-node-exporter-0:3.11.146-1.git.1.51554ba.el7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/prometheus-node-exporter@3.11.146-1.git.1.51554ba.el7?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "prometheus-0:3.11.146-1.git.1.0e18774.el7.ppc64le",
"product": {
"name": "prometheus-0:3.11.146-1.git.1.0e18774.el7.ppc64le",
"product_id": "prometheus-0:3.11.146-1.git.1.0e18774.el7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/prometheus@3.11.146-1.git.1.0e18774.el7?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "openshift-enterprise-autoheal-0:3.11.146-1.git.1.de160cc.el7.ppc64le",
"product": {
"name": "openshift-enterprise-autoheal-0:3.11.146-1.git.1.de160cc.el7.ppc64le",
"product_id": "openshift-enterprise-autoheal-0:3.11.146-1.git.1.de160cc.el7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-enterprise-autoheal@3.11.146-1.git.1.de160cc.el7?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "openshift-enterprise-cluster-capacity-0:3.11.146-1.git.1.113bc35.el7.ppc64le",
"product": {
"name": "openshift-enterprise-cluster-capacity-0:3.11.146-1.git.1.113bc35.el7.ppc64le",
"product_id": "openshift-enterprise-cluster-capacity-0:3.11.146-1.git.1.113bc35.el7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-enterprise-cluster-capacity@3.11.146-1.git.1.113bc35.el7?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "ansible-service-broker-1:1.3.23-2.el7.ppc64le",
"product": {
"name": "ansible-service-broker-1:1.3.23-2.el7.ppc64le",
"product_id": "ansible-service-broker-1:1.3.23-2.el7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ansible-service-broker@1.3.23-2.el7?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "kibana-0:5.6.16-2.el7.ppc64le",
"product": {
"name": "kibana-0:5.6.16-2.el7.ppc64le",
"product_id": "kibana-0:5.6.16-2.el7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kibana@5.6.16-2.el7?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "kibana-debuginfo-0:5.6.16-2.el7.ppc64le",
"product": {
"name": "kibana-debuginfo-0:5.6.16-2.el7.ppc64le",
"product_id": "kibana-debuginfo-0:5.6.16-2.el7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kibana-debuginfo@5.6.16-2.el7?arch=ppc64le"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "atomic-enterprise-service-catalog-1:3.11.146-1.git.1.3f0869b.el7.x86_64",
"product": {
"name": "atomic-enterprise-service-catalog-1:3.11.146-1.git.1.3f0869b.el7.x86_64",
"product_id": "atomic-enterprise-service-catalog-1:3.11.146-1.git.1.3f0869b.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/atomic-enterprise-service-catalog@3.11.146-1.git.1.3f0869b.el7?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "atomic-enterprise-service-catalog-svcat-1:3.11.146-1.git.1.3f0869b.el7.x86_64",
"product": {
"name": "atomic-enterprise-service-catalog-svcat-1:3.11.146-1.git.1.3f0869b.el7.x86_64",
"product_id": "atomic-enterprise-service-catalog-svcat-1:3.11.146-1.git.1.3f0869b.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/atomic-enterprise-service-catalog-svcat@3.11.146-1.git.1.3f0869b.el7?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "atomic-openshift-0:3.11.146-1.git.0.4aab273.el7.x86_64",
"product": {
"name": "atomic-openshift-0:3.11.146-1.git.0.4aab273.el7.x86_64",
"product_id": "atomic-openshift-0:3.11.146-1.git.0.4aab273.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/atomic-openshift@3.11.146-1.git.0.4aab273.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "atomic-openshift-clients-0:3.11.146-1.git.0.4aab273.el7.x86_64",
"product": {
"name": "atomic-openshift-clients-0:3.11.146-1.git.0.4aab273.el7.x86_64",
"product_id": "atomic-openshift-clients-0:3.11.146-1.git.0.4aab273.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/atomic-openshift-clients@3.11.146-1.git.0.4aab273.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "atomic-openshift-clients-redistributable-0:3.11.146-1.git.0.4aab273.el7.x86_64",
"product": {
"name": "atomic-openshift-clients-redistributable-0:3.11.146-1.git.0.4aab273.el7.x86_64",
"product_id": "atomic-openshift-clients-redistributable-0:3.11.146-1.git.0.4aab273.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/atomic-openshift-clients-redistributable@3.11.146-1.git.0.4aab273.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "atomic-openshift-hyperkube-0:3.11.146-1.git.0.4aab273.el7.x86_64",
"product": {
"name": "atomic-openshift-hyperkube-0:3.11.146-1.git.0.4aab273.el7.x86_64",
"product_id": "atomic-openshift-hyperkube-0:3.11.146-1.git.0.4aab273.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/atomic-openshift-hyperkube@3.11.146-1.git.0.4aab273.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "atomic-openshift-hypershift-0:3.11.146-1.git.0.4aab273.el7.x86_64",
"product": {
"name": "atomic-openshift-hypershift-0:3.11.146-1.git.0.4aab273.el7.x86_64",
"product_id": "atomic-openshift-hypershift-0:3.11.146-1.git.0.4aab273.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/atomic-openshift-hypershift@3.11.146-1.git.0.4aab273.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "atomic-openshift-master-0:3.11.146-1.git.0.4aab273.el7.x86_64",
"product": {
"name": "atomic-openshift-master-0:3.11.146-1.git.0.4aab273.el7.x86_64",
"product_id": "atomic-openshift-master-0:3.11.146-1.git.0.4aab273.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/atomic-openshift-master@3.11.146-1.git.0.4aab273.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "atomic-openshift-node-0:3.11.146-1.git.0.4aab273.el7.x86_64",
"product": {
"name": "atomic-openshift-node-0:3.11.146-1.git.0.4aab273.el7.x86_64",
"product_id": "atomic-openshift-node-0:3.11.146-1.git.0.4aab273.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/atomic-openshift-node@3.11.146-1.git.0.4aab273.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "atomic-openshift-pod-0:3.11.146-1.git.0.4aab273.el7.x86_64",
"product": {
"name": "atomic-openshift-pod-0:3.11.146-1.git.0.4aab273.el7.x86_64",
"product_id": "atomic-openshift-pod-0:3.11.146-1.git.0.4aab273.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/atomic-openshift-pod@3.11.146-1.git.0.4aab273.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "atomic-openshift-sdn-ovs-0:3.11.146-1.git.0.4aab273.el7.x86_64",
"product": {
"name": "atomic-openshift-sdn-ovs-0:3.11.146-1.git.0.4aab273.el7.x86_64",
"product_id": "atomic-openshift-sdn-ovs-0:3.11.146-1.git.0.4aab273.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/atomic-openshift-sdn-ovs@3.11.146-1.git.0.4aab273.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "atomic-openshift-template-service-broker-0:3.11.146-1.git.0.4aab273.el7.x86_64",
"product": {
"name": "atomic-openshift-template-service-broker-0:3.11.146-1.git.0.4aab273.el7.x86_64",
"product_id": "atomic-openshift-template-service-broker-0:3.11.146-1.git.0.4aab273.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/atomic-openshift-template-service-broker@3.11.146-1.git.0.4aab273.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "atomic-openshift-tests-0:3.11.146-1.git.0.4aab273.el7.x86_64",
"product": {
"name": "atomic-openshift-tests-0:3.11.146-1.git.0.4aab273.el7.x86_64",
"product_id": "atomic-openshift-tests-0:3.11.146-1.git.0.4aab273.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/atomic-openshift-tests@3.11.146-1.git.0.4aab273.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "atomic-openshift-cluster-autoscaler-0:3.11.146-1.git.1.3633245.el7.x86_64",
"product": {
"name": "atomic-openshift-cluster-autoscaler-0:3.11.146-1.git.1.3633245.el7.x86_64",
"product_id": "atomic-openshift-cluster-autoscaler-0:3.11.146-1.git.1.3633245.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/atomic-openshift-cluster-autoscaler@3.11.146-1.git.1.3633245.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "atomic-openshift-descheduler-0:3.11.146-1.git.1.fc7387e.el7.x86_64",
"product": {
"name": "atomic-openshift-descheduler-0:3.11.146-1.git.1.fc7387e.el7.x86_64",
"product_id": "atomic-openshift-descheduler-0:3.11.146-1.git.1.fc7387e.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/atomic-openshift-descheduler@3.11.146-1.git.1.fc7387e.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "atomic-openshift-dockerregistry-0:3.11.146-1.git.1.fc1edc6.el7.x86_64",
"product": {
"name": "atomic-openshift-dockerregistry-0:3.11.146-1.git.1.fc1edc6.el7.x86_64",
"product_id": "atomic-openshift-dockerregistry-0:3.11.146-1.git.1.fc1edc6.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/atomic-openshift-dockerregistry@3.11.146-1.git.1.fc1edc6.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "atomic-openshift-metrics-server-0:3.11.146-1.git.1.5278825.el7.x86_64",
"product": {
"name": "atomic-openshift-metrics-server-0:3.11.146-1.git.1.5278825.el7.x86_64",
"product_id": "atomic-openshift-metrics-server-0:3.11.146-1.git.1.5278825.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/atomic-openshift-metrics-server@3.11.146-1.git.1.5278825.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "atomic-openshift-node-problem-detector-0:3.11.146-1.git.1.e0e89f7.el7.x86_64",
"product": {
"name": "atomic-openshift-node-problem-detector-0:3.11.146-1.git.1.e0e89f7.el7.x86_64",
"product_id": "atomic-openshift-node-problem-detector-0:3.11.146-1.git.1.e0e89f7.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/atomic-openshift-node-problem-detector@3.11.146-1.git.1.e0e89f7.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "atomic-openshift-service-idler-0:3.11.146-1.git.1.723cb8d.el7.x86_64",
"product": {
"name": "atomic-openshift-service-idler-0:3.11.146-1.git.1.723cb8d.el7.x86_64",
"product_id": "atomic-openshift-service-idler-0:3.11.146-1.git.1.723cb8d.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/atomic-openshift-service-idler@3.11.146-1.git.1.723cb8d.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "atomic-openshift-web-console-0:3.11.146-1.git.1.75951b8.el7.x86_64",
"product": {
"name": "atomic-openshift-web-console-0:3.11.146-1.git.1.75951b8.el7.x86_64",
"product_id": "atomic-openshift-web-console-0:3.11.146-1.git.1.75951b8.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/atomic-openshift-web-console@3.11.146-1.git.1.75951b8.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "golang-github-openshift-oauth-proxy-0:3.11.146-1.git.1.517a261.el7.x86_64",
"product": {
"name": "golang-github-openshift-oauth-proxy-0:3.11.146-1.git.1.517a261.el7.x86_64",
"product_id": "golang-github-openshift-oauth-proxy-0:3.11.146-1.git.1.517a261.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-github-openshift-oauth-proxy@3.11.146-1.git.1.517a261.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "prometheus-alertmanager-0:3.11.146-1.git.1.1a30625.el7.x86_64",
"product": {
"name": "prometheus-alertmanager-0:3.11.146-1.git.1.1a30625.el7.x86_64",
"product_id": "prometheus-alertmanager-0:3.11.146-1.git.1.1a30625.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/prometheus-alertmanager@3.11.146-1.git.1.1a30625.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "prometheus-node-exporter-0:3.11.146-1.git.1.51554ba.el7.x86_64",
"product": {
"name": "prometheus-node-exporter-0:3.11.146-1.git.1.51554ba.el7.x86_64",
"product_id": "prometheus-node-exporter-0:3.11.146-1.git.1.51554ba.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/prometheus-node-exporter@3.11.146-1.git.1.51554ba.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "prometheus-0:3.11.146-1.git.1.0e18774.el7.x86_64",
"product": {
"name": "prometheus-0:3.11.146-1.git.1.0e18774.el7.x86_64",
"product_id": "prometheus-0:3.11.146-1.git.1.0e18774.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/prometheus@3.11.146-1.git.1.0e18774.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "openshift-enterprise-autoheal-0:3.11.146-1.git.1.de160cc.el7.x86_64",
"product": {
"name": "openshift-enterprise-autoheal-0:3.11.146-1.git.1.de160cc.el7.x86_64",
"product_id": "openshift-enterprise-autoheal-0:3.11.146-1.git.1.de160cc.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-enterprise-autoheal@3.11.146-1.git.1.de160cc.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "openshift-enterprise-cluster-capacity-0:3.11.146-1.git.1.113bc35.el7.x86_64",
"product": {
"name": "openshift-enterprise-cluster-capacity-0:3.11.146-1.git.1.113bc35.el7.x86_64",
"product_id": "openshift-enterprise-cluster-capacity-0:3.11.146-1.git.1.113bc35.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-enterprise-cluster-capacity@3.11.146-1.git.1.113bc35.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "ansible-service-broker-1:1.3.23-2.el7.x86_64",
"product": {
"name": "ansible-service-broker-1:1.3.23-2.el7.x86_64",
"product_id": "ansible-service-broker-1:1.3.23-2.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ansible-service-broker@1.3.23-2.el7?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "kibana-0:5.6.16-2.el7.x86_64",
"product": {
"name": "kibana-0:5.6.16-2.el7.x86_64",
"product_id": "kibana-0:5.6.16-2.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kibana@5.6.16-2.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kibana-debuginfo-0:5.6.16-2.el7.x86_64",
"product": {
"name": "kibana-debuginfo-0:5.6.16-2.el7.x86_64",
"product_id": "kibana-debuginfo-0:5.6.16-2.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kibana-debuginfo@5.6.16-2.el7?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "atomic-enterprise-service-catalog-1:3.11.146-1.git.1.3f0869b.el7.src",
"product": {
"name": "atomic-enterprise-service-catalog-1:3.11.146-1.git.1.3f0869b.el7.src",
"product_id": "atomic-enterprise-service-catalog-1:3.11.146-1.git.1.3f0869b.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/atomic-enterprise-service-catalog@3.11.146-1.git.1.3f0869b.el7?arch=src\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "atomic-openshift-0:3.11.146-1.git.0.4aab273.el7.src",
"product": {
"name": "atomic-openshift-0:3.11.146-1.git.0.4aab273.el7.src",
"product_id": "atomic-openshift-0:3.11.146-1.git.0.4aab273.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/atomic-openshift@3.11.146-1.git.0.4aab273.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "atomic-openshift-cluster-autoscaler-0:3.11.146-1.git.1.3633245.el7.src",
"product": {
"name": "atomic-openshift-cluster-autoscaler-0:3.11.146-1.git.1.3633245.el7.src",
"product_id": "atomic-openshift-cluster-autoscaler-0:3.11.146-1.git.1.3633245.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/atomic-openshift-cluster-autoscaler@3.11.146-1.git.1.3633245.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "atomic-openshift-descheduler-0:3.11.146-1.git.1.fc7387e.el7.src",
"product": {
"name": "atomic-openshift-descheduler-0:3.11.146-1.git.1.fc7387e.el7.src",
"product_id": "atomic-openshift-descheduler-0:3.11.146-1.git.1.fc7387e.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/atomic-openshift-descheduler@3.11.146-1.git.1.fc7387e.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "atomic-openshift-dockerregistry-0:3.11.146-1.git.1.fc1edc6.el7.src",
"product": {
"name": "atomic-openshift-dockerregistry-0:3.11.146-1.git.1.fc1edc6.el7.src",
"product_id": "atomic-openshift-dockerregistry-0:3.11.146-1.git.1.fc1edc6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/atomic-openshift-dockerregistry@3.11.146-1.git.1.fc1edc6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "atomic-openshift-metrics-server-0:3.11.146-1.git.1.5278825.el7.src",
"product": {
"name": "atomic-openshift-metrics-server-0:3.11.146-1.git.1.5278825.el7.src",
"product_id": "atomic-openshift-metrics-server-0:3.11.146-1.git.1.5278825.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/atomic-openshift-metrics-server@3.11.146-1.git.1.5278825.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "atomic-openshift-node-problem-detector-0:3.11.146-1.git.1.e0e89f7.el7.src",
"product": {
"name": "atomic-openshift-node-problem-detector-0:3.11.146-1.git.1.e0e89f7.el7.src",
"product_id": "atomic-openshift-node-problem-detector-0:3.11.146-1.git.1.e0e89f7.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/atomic-openshift-node-problem-detector@3.11.146-1.git.1.e0e89f7.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "atomic-openshift-service-idler-0:3.11.146-1.git.1.723cb8d.el7.src",
"product": {
"name": "atomic-openshift-service-idler-0:3.11.146-1.git.1.723cb8d.el7.src",
"product_id": "atomic-openshift-service-idler-0:3.11.146-1.git.1.723cb8d.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/atomic-openshift-service-idler@3.11.146-1.git.1.723cb8d.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "atomic-openshift-web-console-0:3.11.146-1.git.1.75951b8.el7.src",
"product": {
"name": "atomic-openshift-web-console-0:3.11.146-1.git.1.75951b8.el7.src",
"product_id": "atomic-openshift-web-console-0:3.11.146-1.git.1.75951b8.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/atomic-openshift-web-console@3.11.146-1.git.1.75951b8.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "golang-github-openshift-oauth-proxy-0:3.11.146-1.git.1.517a261.el7.src",
"product": {
"name": "golang-github-openshift-oauth-proxy-0:3.11.146-1.git.1.517a261.el7.src",
"product_id": "golang-github-openshift-oauth-proxy-0:3.11.146-1.git.1.517a261.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-github-openshift-oauth-proxy@3.11.146-1.git.1.517a261.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "golang-github-prometheus-alertmanager-0:3.11.146-1.git.1.1a30625.el7.src",
"product": {
"name": "golang-github-prometheus-alertmanager-0:3.11.146-1.git.1.1a30625.el7.src",
"product_id": "golang-github-prometheus-alertmanager-0:3.11.146-1.git.1.1a30625.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-github-prometheus-alertmanager@3.11.146-1.git.1.1a30625.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "golang-github-prometheus-node_exporter-0:3.11.146-1.git.1.51554ba.el7.src",
"product": {
"name": "golang-github-prometheus-node_exporter-0:3.11.146-1.git.1.51554ba.el7.src",
"product_id": "golang-github-prometheus-node_exporter-0:3.11.146-1.git.1.51554ba.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-github-prometheus-node_exporter@3.11.146-1.git.1.51554ba.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "golang-github-prometheus-prometheus-0:3.11.146-1.git.1.0e18774.el7.src",
"product": {
"name": "golang-github-prometheus-prometheus-0:3.11.146-1.git.1.0e18774.el7.src",
"product_id": "golang-github-prometheus-prometheus-0:3.11.146-1.git.1.0e18774.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-github-prometheus-prometheus@3.11.146-1.git.1.0e18774.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jenkins-2-plugins-0:3.11.1567698330-1.el7.src",
"product": {
"name": "jenkins-2-plugins-0:3.11.1567698330-1.el7.src",
"product_id": "jenkins-2-plugins-0:3.11.1567698330-1.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jenkins-2-plugins@3.11.1567698330-1.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jenkins-0:2.176.3.1568230481-1.el7.src",
"product": {
"name": "jenkins-0:2.176.3.1568230481-1.el7.src",
"product_id": "jenkins-0:2.176.3.1568230481-1.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jenkins@2.176.3.1568230481-1.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "openshift-enterprise-autoheal-0:3.11.146-1.git.1.de160cc.el7.src",
"product": {
"name": "openshift-enterprise-autoheal-0:3.11.146-1.git.1.de160cc.el7.src",
"product_id": "openshift-enterprise-autoheal-0:3.11.146-1.git.1.de160cc.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-enterprise-autoheal@3.11.146-1.git.1.de160cc.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "openshift-enterprise-cluster-capacity-0:3.11.146-1.git.1.113bc35.el7.src",
"product": {
"name": "openshift-enterprise-cluster-capacity-0:3.11.146-1.git.1.113bc35.el7.src",
"product_id": "openshift-enterprise-cluster-capacity-0:3.11.146-1.git.1.113bc35.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-enterprise-cluster-capacity@3.11.146-1.git.1.113bc35.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "ansible-service-broker-1:1.3.23-2.el7.src",
"product": {
"name": "ansible-service-broker-1:1.3.23-2.el7.src",
"product_id": "ansible-service-broker-1:1.3.23-2.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ansible-service-broker@1.3.23-2.el7?arch=src\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "python-elasticsearch-1:5.4.0-2.el7.src",
"product": {
"name": "python-elasticsearch-1:5.4.0-2.el7.src",
"product_id": "python-elasticsearch-1:5.4.0-2.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-elasticsearch@5.4.0-2.el7?arch=src\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "kibana-0:5.6.16-2.el7.src",
"product": {
"name": "kibana-0:5.6.16-2.el7.src",
"product_id": "kibana-0:5.6.16-2.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kibana@5.6.16-2.el7?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "atomic-openshift-docker-excluder-0:3.11.146-1.git.0.4aab273.el7.noarch",
"product": {
"name": "atomic-openshift-docker-excluder-0:3.11.146-1.git.0.4aab273.el7.noarch",
"product_id": "atomic-openshift-docker-excluder-0:3.11.146-1.git.0.4aab273.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/atomic-openshift-docker-excluder@3.11.146-1.git.0.4aab273.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "atomic-openshift-excluder-0:3.11.146-1.git.0.4aab273.el7.noarch",
"product": {
"name": "atomic-openshift-excluder-0:3.11.146-1.git.0.4aab273.el7.noarch",
"product_id": "atomic-openshift-excluder-0:3.11.146-1.git.0.4aab273.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/atomic-openshift-excluder@3.11.146-1.git.0.4aab273.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jenkins-2-plugins-0:3.11.1567698330-1.el7.noarch",
"product": {
"name": "jenkins-2-plugins-0:3.11.1567698330-1.el7.noarch",
"product_id": "jenkins-2-plugins-0:3.11.1567698330-1.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jenkins-2-plugins@3.11.1567698330-1.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jenkins-0:2.176.3.1568230481-1.el7.noarch",
"product": {
"name": "jenkins-0:2.176.3.1568230481-1.el7.noarch",
"product_id": "jenkins-0:2.176.3.1568230481-1.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jenkins@2.176.3.1568230481-1.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "ansible-service-broker-container-scripts-1:1.3.23-2.el7.noarch",
"product": {
"name": "ansible-service-broker-container-scripts-1:1.3.23-2.el7.noarch",
"product_id": "ansible-service-broker-container-scripts-1:1.3.23-2.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ansible-service-broker-container-scripts@1.3.23-2.el7?arch=noarch\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "ansible-service-broker-selinux-1:1.3.23-2.el7.noarch",
"product": {
"name": "ansible-service-broker-selinux-1:1.3.23-2.el7.noarch",
"product_id": "ansible-service-broker-selinux-1:1.3.23-2.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ansible-service-broker-selinux@1.3.23-2.el7?arch=noarch\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "automation-broker-apb-role-1:1.3.23-2.el7.noarch",
"product": {
"name": "automation-broker-apb-role-1:1.3.23-2.el7.noarch",
"product_id": "automation-broker-apb-role-1:1.3.23-2.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/automation-broker-apb-role@1.3.23-2.el7?arch=noarch\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "python-elasticsearch-1:5.4.0-2.el7.noarch",
"product": {
"name": "python-elasticsearch-1:5.4.0-2.el7.noarch",
"product_id": "python-elasticsearch-1:5.4.0-2.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-elasticsearch@5.4.0-2.el7?arch=noarch\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "noarch"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "ansible-service-broker-1:1.3.23-2.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:ansible-service-broker-1:1.3.23-2.el7.ppc64le"
},
"product_reference": "ansible-service-broker-1:1.3.23-2.el7.ppc64le",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ansible-service-broker-1:1.3.23-2.el7.src as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:ansible-service-broker-1:1.3.23-2.el7.src"
},
"product_reference": "ansible-service-broker-1:1.3.23-2.el7.src",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ansible-service-broker-1:1.3.23-2.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:ansible-service-broker-1:1.3.23-2.el7.x86_64"
},
"product_reference": "ansible-service-broker-1:1.3.23-2.el7.x86_64",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ansible-service-broker-container-scripts-1:1.3.23-2.el7.noarch as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:ansible-service-broker-container-scripts-1:1.3.23-2.el7.noarch"
},
"product_reference": "ansible-service-broker-container-scripts-1:1.3.23-2.el7.noarch",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ansible-service-broker-selinux-1:1.3.23-2.el7.noarch as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:ansible-service-broker-selinux-1:1.3.23-2.el7.noarch"
},
"product_reference": "ansible-service-broker-selinux-1:1.3.23-2.el7.noarch",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "atomic-enterprise-service-catalog-1:3.11.146-1.git.1.3f0869b.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.146-1.git.1.3f0869b.el7.ppc64le"
},
"product_reference": "atomic-enterprise-service-catalog-1:3.11.146-1.git.1.3f0869b.el7.ppc64le",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "atomic-enterprise-service-catalog-1:3.11.146-1.git.1.3f0869b.el7.src as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.146-1.git.1.3f0869b.el7.src"
},
"product_reference": "atomic-enterprise-service-catalog-1:3.11.146-1.git.1.3f0869b.el7.src",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "atomic-enterprise-service-catalog-1:3.11.146-1.git.1.3f0869b.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.146-1.git.1.3f0869b.el7.x86_64"
},
"product_reference": "atomic-enterprise-service-catalog-1:3.11.146-1.git.1.3f0869b.el7.x86_64",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "atomic-enterprise-service-catalog-svcat-1:3.11.146-1.git.1.3f0869b.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.146-1.git.1.3f0869b.el7.ppc64le"
},
"product_reference": "atomic-enterprise-service-catalog-svcat-1:3.11.146-1.git.1.3f0869b.el7.ppc64le",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "atomic-enterprise-service-catalog-svcat-1:3.11.146-1.git.1.3f0869b.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.146-1.git.1.3f0869b.el7.x86_64"
},
"product_reference": "atomic-enterprise-service-catalog-svcat-1:3.11.146-1.git.1.3f0869b.el7.x86_64",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "atomic-openshift-0:3.11.146-1.git.0.4aab273.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.146-1.git.0.4aab273.el7.ppc64le"
},
"product_reference": "atomic-openshift-0:3.11.146-1.git.0.4aab273.el7.ppc64le",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "atomic-openshift-0:3.11.146-1.git.0.4aab273.el7.src as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.146-1.git.0.4aab273.el7.src"
},
"product_reference": "atomic-openshift-0:3.11.146-1.git.0.4aab273.el7.src",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "atomic-openshift-0:3.11.146-1.git.0.4aab273.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.146-1.git.0.4aab273.el7.x86_64"
},
"product_reference": "atomic-openshift-0:3.11.146-1.git.0.4aab273.el7.x86_64",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "atomic-openshift-clients-0:3.11.146-1.git.0.4aab273.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.146-1.git.0.4aab273.el7.ppc64le"
},
"product_reference": "atomic-openshift-clients-0:3.11.146-1.git.0.4aab273.el7.ppc64le",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "atomic-openshift-clients-0:3.11.146-1.git.0.4aab273.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.146-1.git.0.4aab273.el7.x86_64"
},
"product_reference": "atomic-openshift-clients-0:3.11.146-1.git.0.4aab273.el7.x86_64",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "atomic-openshift-clients-redistributable-0:3.11.146-1.git.0.4aab273.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.146-1.git.0.4aab273.el7.x86_64"
},
"product_reference": "atomic-openshift-clients-redistributable-0:3.11.146-1.git.0.4aab273.el7.x86_64",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "atomic-openshift-cluster-autoscaler-0:3.11.146-1.git.1.3633245.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.146-1.git.1.3633245.el7.ppc64le"
},
"product_reference": "atomic-openshift-cluster-autoscaler-0:3.11.146-1.git.1.3633245.el7.ppc64le",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "atomic-openshift-cluster-autoscaler-0:3.11.146-1.git.1.3633245.el7.src as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.146-1.git.1.3633245.el7.src"
},
"product_reference": "atomic-openshift-cluster-autoscaler-0:3.11.146-1.git.1.3633245.el7.src",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "atomic-openshift-cluster-autoscaler-0:3.11.146-1.git.1.3633245.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.146-1.git.1.3633245.el7.x86_64"
},
"product_reference": "atomic-openshift-cluster-autoscaler-0:3.11.146-1.git.1.3633245.el7.x86_64",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "atomic-openshift-descheduler-0:3.11.146-1.git.1.fc7387e.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.146-1.git.1.fc7387e.el7.ppc64le"
},
"product_reference": "atomic-openshift-descheduler-0:3.11.146-1.git.1.fc7387e.el7.ppc64le",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "atomic-openshift-descheduler-0:3.11.146-1.git.1.fc7387e.el7.src as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.146-1.git.1.fc7387e.el7.src"
},
"product_reference": "atomic-openshift-descheduler-0:3.11.146-1.git.1.fc7387e.el7.src",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "atomic-openshift-descheduler-0:3.11.146-1.git.1.fc7387e.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.146-1.git.1.fc7387e.el7.x86_64"
},
"product_reference": "atomic-openshift-descheduler-0:3.11.146-1.git.1.fc7387e.el7.x86_64",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "atomic-openshift-docker-excluder-0:3.11.146-1.git.0.4aab273.el7.noarch as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.146-1.git.0.4aab273.el7.noarch"
},
"product_reference": "atomic-openshift-docker-excluder-0:3.11.146-1.git.0.4aab273.el7.noarch",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "atomic-openshift-dockerregistry-0:3.11.146-1.git.1.fc1edc6.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.146-1.git.1.fc1edc6.el7.ppc64le"
},
"product_reference": "atomic-openshift-dockerregistry-0:3.11.146-1.git.1.fc1edc6.el7.ppc64le",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "atomic-openshift-dockerregistry-0:3.11.146-1.git.1.fc1edc6.el7.src as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.146-1.git.1.fc1edc6.el7.src"
},
"product_reference": "atomic-openshift-dockerregistry-0:3.11.146-1.git.1.fc1edc6.el7.src",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "atomic-openshift-dockerregistry-0:3.11.146-1.git.1.fc1edc6.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.146-1.git.1.fc1edc6.el7.x86_64"
},
"product_reference": "atomic-openshift-dockerregistry-0:3.11.146-1.git.1.fc1edc6.el7.x86_64",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "atomic-openshift-excluder-0:3.11.146-1.git.0.4aab273.el7.noarch as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.146-1.git.0.4aab273.el7.noarch"
},
"product_reference": "atomic-openshift-excluder-0:3.11.146-1.git.0.4aab273.el7.noarch",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "atomic-openshift-hyperkube-0:3.11.146-1.git.0.4aab273.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.146-1.git.0.4aab273.el7.ppc64le"
},
"product_reference": "atomic-openshift-hyperkube-0:3.11.146-1.git.0.4aab273.el7.ppc64le",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "atomic-openshift-hyperkube-0:3.11.146-1.git.0.4aab273.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.146-1.git.0.4aab273.el7.x86_64"
},
"product_reference": "atomic-openshift-hyperkube-0:3.11.146-1.git.0.4aab273.el7.x86_64",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "atomic-openshift-hypershift-0:3.11.146-1.git.0.4aab273.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.146-1.git.0.4aab273.el7.ppc64le"
},
"product_reference": "atomic-openshift-hypershift-0:3.11.146-1.git.0.4aab273.el7.ppc64le",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "atomic-openshift-hypershift-0:3.11.146-1.git.0.4aab273.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.146-1.git.0.4aab273.el7.x86_64"
},
"product_reference": "atomic-openshift-hypershift-0:3.11.146-1.git.0.4aab273.el7.x86_64",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "atomic-openshift-master-0:3.11.146-1.git.0.4aab273.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.146-1.git.0.4aab273.el7.ppc64le"
},
"product_reference": "atomic-openshift-master-0:3.11.146-1.git.0.4aab273.el7.ppc64le",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "atomic-openshift-master-0:3.11.146-1.git.0.4aab273.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.146-1.git.0.4aab273.el7.x86_64"
},
"product_reference": "atomic-openshift-master-0:3.11.146-1.git.0.4aab273.el7.x86_64",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "atomic-openshift-metrics-server-0:3.11.146-1.git.1.5278825.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.146-1.git.1.5278825.el7.ppc64le"
},
"product_reference": "atomic-openshift-metrics-server-0:3.11.146-1.git.1.5278825.el7.ppc64le",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "atomic-openshift-metrics-server-0:3.11.146-1.git.1.5278825.el7.src as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.146-1.git.1.5278825.el7.src"
},
"product_reference": "atomic-openshift-metrics-server-0:3.11.146-1.git.1.5278825.el7.src",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "atomic-openshift-metrics-server-0:3.11.146-1.git.1.5278825.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.146-1.git.1.5278825.el7.x86_64"
},
"product_reference": "atomic-openshift-metrics-server-0:3.11.146-1.git.1.5278825.el7.x86_64",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "atomic-openshift-node-0:3.11.146-1.git.0.4aab273.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.146-1.git.0.4aab273.el7.ppc64le"
},
"product_reference": "atomic-openshift-node-0:3.11.146-1.git.0.4aab273.el7.ppc64le",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "atomic-openshift-node-0:3.11.146-1.git.0.4aab273.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.146-1.git.0.4aab273.el7.x86_64"
},
"product_reference": "atomic-openshift-node-0:3.11.146-1.git.0.4aab273.el7.x86_64",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "atomic-openshift-node-problem-detector-0:3.11.146-1.git.1.e0e89f7.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.146-1.git.1.e0e89f7.el7.ppc64le"
},
"product_reference": "atomic-openshift-node-problem-detector-0:3.11.146-1.git.1.e0e89f7.el7.ppc64le",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "atomic-openshift-node-problem-detector-0:3.11.146-1.git.1.e0e89f7.el7.src as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.146-1.git.1.e0e89f7.el7.src"
},
"product_reference": "atomic-openshift-node-problem-detector-0:3.11.146-1.git.1.e0e89f7.el7.src",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "atomic-openshift-node-problem-detector-0:3.11.146-1.git.1.e0e89f7.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.146-1.git.1.e0e89f7.el7.x86_64"
},
"product_reference": "atomic-openshift-node-problem-detector-0:3.11.146-1.git.1.e0e89f7.el7.x86_64",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "atomic-openshift-pod-0:3.11.146-1.git.0.4aab273.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.146-1.git.0.4aab273.el7.ppc64le"
},
"product_reference": "atomic-openshift-pod-0:3.11.146-1.git.0.4aab273.el7.ppc64le",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "atomic-openshift-pod-0:3.11.146-1.git.0.4aab273.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.146-1.git.0.4aab273.el7.x86_64"
},
"product_reference": "atomic-openshift-pod-0:3.11.146-1.git.0.4aab273.el7.x86_64",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "atomic-openshift-sdn-ovs-0:3.11.146-1.git.0.4aab273.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.146-1.git.0.4aab273.el7.ppc64le"
},
"product_reference": "atomic-openshift-sdn-ovs-0:3.11.146-1.git.0.4aab273.el7.ppc64le",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "atomic-openshift-sdn-ovs-0:3.11.146-1.git.0.4aab273.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.146-1.git.0.4aab273.el7.x86_64"
},
"product_reference": "atomic-openshift-sdn-ovs-0:3.11.146-1.git.0.4aab273.el7.x86_64",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "atomic-openshift-service-idler-0:3.11.146-1.git.1.723cb8d.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.146-1.git.1.723cb8d.el7.ppc64le"
},
"product_reference": "atomic-openshift-service-idler-0:3.11.146-1.git.1.723cb8d.el7.ppc64le",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "atomic-openshift-service-idler-0:3.11.146-1.git.1.723cb8d.el7.src as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.146-1.git.1.723cb8d.el7.src"
},
"product_reference": "atomic-openshift-service-idler-0:3.11.146-1.git.1.723cb8d.el7.src",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "atomic-openshift-service-idler-0:3.11.146-1.git.1.723cb8d.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.146-1.git.1.723cb8d.el7.x86_64"
},
"product_reference": "atomic-openshift-service-idler-0:3.11.146-1.git.1.723cb8d.el7.x86_64",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "atomic-openshift-template-service-broker-0:3.11.146-1.git.0.4aab273.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.146-1.git.0.4aab273.el7.ppc64le"
},
"product_reference": "atomic-openshift-template-service-broker-0:3.11.146-1.git.0.4aab273.el7.ppc64le",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "atomic-openshift-template-service-broker-0:3.11.146-1.git.0.4aab273.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.146-1.git.0.4aab273.el7.x86_64"
},
"product_reference": "atomic-openshift-template-service-broker-0:3.11.146-1.git.0.4aab273.el7.x86_64",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "atomic-openshift-tests-0:3.11.146-1.git.0.4aab273.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.146-1.git.0.4aab273.el7.ppc64le"
},
"product_reference": "atomic-openshift-tests-0:3.11.146-1.git.0.4aab273.el7.ppc64le",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "atomic-openshift-tests-0:3.11.146-1.git.0.4aab273.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.146-1.git.0.4aab273.el7.x86_64"
},
"product_reference": "atomic-openshift-tests-0:3.11.146-1.git.0.4aab273.el7.x86_64",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "atomic-openshift-web-console-0:3.11.146-1.git.1.75951b8.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.146-1.git.1.75951b8.el7.ppc64le"
},
"product_reference": "atomic-openshift-web-console-0:3.11.146-1.git.1.75951b8.el7.ppc64le",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "atomic-openshift-web-console-0:3.11.146-1.git.1.75951b8.el7.src as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.146-1.git.1.75951b8.el7.src"
},
"product_reference": "atomic-openshift-web-console-0:3.11.146-1.git.1.75951b8.el7.src",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "atomic-openshift-web-console-0:3.11.146-1.git.1.75951b8.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.146-1.git.1.75951b8.el7.x86_64"
},
"product_reference": "atomic-openshift-web-console-0:3.11.146-1.git.1.75951b8.el7.x86_64",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "automation-broker-apb-role-1:1.3.23-2.el7.noarch as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:automation-broker-apb-role-1:1.3.23-2.el7.noarch"
},
"product_reference": "automation-broker-apb-role-1:1.3.23-2.el7.noarch",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-openshift-oauth-proxy-0:3.11.146-1.git.1.517a261.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.146-1.git.1.517a261.el7.ppc64le"
},
"product_reference": "golang-github-openshift-oauth-proxy-0:3.11.146-1.git.1.517a261.el7.ppc64le",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-openshift-oauth-proxy-0:3.11.146-1.git.1.517a261.el7.src as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.146-1.git.1.517a261.el7.src"
},
"product_reference": "golang-github-openshift-oauth-proxy-0:3.11.146-1.git.1.517a261.el7.src",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-openshift-oauth-proxy-0:3.11.146-1.git.1.517a261.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.146-1.git.1.517a261.el7.x86_64"
},
"product_reference": "golang-github-openshift-oauth-proxy-0:3.11.146-1.git.1.517a261.el7.x86_64",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-alertmanager-0:3.11.146-1.git.1.1a30625.el7.src as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.146-1.git.1.1a30625.el7.src"
},
"product_reference": "golang-github-prometheus-alertmanager-0:3.11.146-1.git.1.1a30625.el7.src",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-node_exporter-0:3.11.146-1.git.1.51554ba.el7.src as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.146-1.git.1.51554ba.el7.src"
},
"product_reference": "golang-github-prometheus-node_exporter-0:3.11.146-1.git.1.51554ba.el7.src",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-prometheus-0:3.11.146-1.git.1.0e18774.el7.src as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.146-1.git.1.0e18774.el7.src"
},
"product_reference": "golang-github-prometheus-prometheus-0:3.11.146-1.git.1.0e18774.el7.src",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jenkins-0:2.176.3.1568230481-1.el7.noarch as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:jenkins-0:2.176.3.1568230481-1.el7.noarch"
},
"product_reference": "jenkins-0:2.176.3.1568230481-1.el7.noarch",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jenkins-0:2.176.3.1568230481-1.el7.src as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:jenkins-0:2.176.3.1568230481-1.el7.src"
},
"product_reference": "jenkins-0:2.176.3.1568230481-1.el7.src",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jenkins-2-plugins-0:3.11.1567698330-1.el7.noarch as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1567698330-1.el7.noarch"
},
"product_reference": "jenkins-2-plugins-0:3.11.1567698330-1.el7.noarch",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jenkins-2-plugins-0:3.11.1567698330-1.el7.src as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1567698330-1.el7.src"
},
"product_reference": "jenkins-2-plugins-0:3.11.1567698330-1.el7.src",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kibana-0:5.6.16-2.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:kibana-0:5.6.16-2.el7.ppc64le"
},
"product_reference": "kibana-0:5.6.16-2.el7.ppc64le",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kibana-0:5.6.16-2.el7.src as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:kibana-0:5.6.16-2.el7.src"
},
"product_reference": "kibana-0:5.6.16-2.el7.src",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kibana-0:5.6.16-2.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:kibana-0:5.6.16-2.el7.x86_64"
},
"product_reference": "kibana-0:5.6.16-2.el7.x86_64",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kibana-debuginfo-0:5.6.16-2.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:kibana-debuginfo-0:5.6.16-2.el7.ppc64le"
},
"product_reference": "kibana-debuginfo-0:5.6.16-2.el7.ppc64le",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kibana-debuginfo-0:5.6.16-2.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:kibana-debuginfo-0:5.6.16-2.el7.x86_64"
},
"product_reference": "kibana-debuginfo-0:5.6.16-2.el7.x86_64",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-enterprise-autoheal-0:3.11.146-1.git.1.de160cc.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.146-1.git.1.de160cc.el7.ppc64le"
},
"product_reference": "openshift-enterprise-autoheal-0:3.11.146-1.git.1.de160cc.el7.ppc64le",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-enterprise-autoheal-0:3.11.146-1.git.1.de160cc.el7.src as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.146-1.git.1.de160cc.el7.src"
},
"product_reference": "openshift-enterprise-autoheal-0:3.11.146-1.git.1.de160cc.el7.src",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-enterprise-autoheal-0:3.11.146-1.git.1.de160cc.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.146-1.git.1.de160cc.el7.x86_64"
},
"product_reference": "openshift-enterprise-autoheal-0:3.11.146-1.git.1.de160cc.el7.x86_64",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-enterprise-cluster-capacity-0:3.11.146-1.git.1.113bc35.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.146-1.git.1.113bc35.el7.ppc64le"
},
"product_reference": "openshift-enterprise-cluster-capacity-0:3.11.146-1.git.1.113bc35.el7.ppc64le",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-enterprise-cluster-capacity-0:3.11.146-1.git.1.113bc35.el7.src as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.146-1.git.1.113bc35.el7.src"
},
"product_reference": "openshift-enterprise-cluster-capacity-0:3.11.146-1.git.1.113bc35.el7.src",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-enterprise-cluster-capacity-0:3.11.146-1.git.1.113bc35.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.146-1.git.1.113bc35.el7.x86_64"
},
"product_reference": "openshift-enterprise-cluster-capacity-0:3.11.146-1.git.1.113bc35.el7.x86_64",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "prometheus-0:3.11.146-1.git.1.0e18774.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.146-1.git.1.0e18774.el7.ppc64le"
},
"product_reference": "prometheus-0:3.11.146-1.git.1.0e18774.el7.ppc64le",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "prometheus-0:3.11.146-1.git.1.0e18774.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.146-1.git.1.0e18774.el7.x86_64"
},
"product_reference": "prometheus-0:3.11.146-1.git.1.0e18774.el7.x86_64",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "prometheus-alertmanager-0:3.11.146-1.git.1.1a30625.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.146-1.git.1.1a30625.el7.ppc64le"
},
"product_reference": "prometheus-alertmanager-0:3.11.146-1.git.1.1a30625.el7.ppc64le",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "prometheus-alertmanager-0:3.11.146-1.git.1.1a30625.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.146-1.git.1.1a30625.el7.x86_64"
},
"product_reference": "prometheus-alertmanager-0:3.11.146-1.git.1.1a30625.el7.x86_64",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "prometheus-node-exporter-0:3.11.146-1.git.1.51554ba.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.146-1.git.1.51554ba.el7.ppc64le"
},
"product_reference": "prometheus-node-exporter-0:3.11.146-1.git.1.51554ba.el7.ppc64le",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "prometheus-node-exporter-0:3.11.146-1.git.1.51554ba.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.146-1.git.1.51554ba.el7.x86_64"
},
"product_reference": "prometheus-node-exporter-0:3.11.146-1.git.1.51554ba.el7.x86_64",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-elasticsearch-1:5.4.0-2.el7.noarch as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:python-elasticsearch-1:5.4.0-2.el7.noarch"
},
"product_reference": "python-elasticsearch-1:5.4.0-2.el7.noarch",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-elasticsearch-1:5.4.0-2.el7.src as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:python-elasticsearch-1:5.4.0-2.el7.src"
},
"product_reference": "python-elasticsearch-1:5.4.0-2.el7.src",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
}
]
},
"vulnerabilities": [
{
"acknowledgments": [
{
"names": [
"the Kubernetes Product Security Committee"
]
}
],
"cve": "CVE-2019-11247",
"cwe": {
"id": "CWE-284",
"name": "Improper Access Control"
},
"discovery_date": "2019-07-23T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.146-1.git.1.3f0869b.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.146-1.git.1.3f0869b.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.146-1.git.1.3f0869b.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.146-1.git.1.3f0869b.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.146-1.git.1.3f0869b.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.146-1.git.0.4aab273.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.146-1.git.0.4aab273.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.146-1.git.0.4aab273.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.146-1.git.0.4aab273.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.146-1.git.0.4aab273.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.146-1.git.0.4aab273.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.146-1.git.1.3633245.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.146-1.git.1.3633245.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.146-1.git.1.3633245.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.146-1.git.1.fc7387e.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.146-1.git.1.fc7387e.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.146-1.git.1.fc7387e.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.146-1.git.0.4aab273.el7.noarch",
"7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.146-1.git.1.fc1edc6.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.146-1.git.1.fc1edc6.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.146-1.git.1.fc1edc6.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.146-1.git.0.4aab273.el7.noarch",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.146-1.git.0.4aab273.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.146-1.git.0.4aab273.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.146-1.git.0.4aab273.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.146-1.git.0.4aab273.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.146-1.git.0.4aab273.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.146-1.git.0.4aab273.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.146-1.git.1.5278825.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.146-1.git.1.5278825.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.146-1.git.1.5278825.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.146-1.git.0.4aab273.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.146-1.git.0.4aab273.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.146-1.git.1.e0e89f7.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.146-1.git.1.e0e89f7.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.146-1.git.1.e0e89f7.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.146-1.git.0.4aab273.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.146-1.git.0.4aab273.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.146-1.git.0.4aab273.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.146-1.git.0.4aab273.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.146-1.git.1.723cb8d.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.146-1.git.1.723cb8d.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.146-1.git.1.723cb8d.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.146-1.git.0.4aab273.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.146-1.git.0.4aab273.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.146-1.git.0.4aab273.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.146-1.git.0.4aab273.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.146-1.git.1.75951b8.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.146-1.git.1.75951b8.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.146-1.git.1.75951b8.el7.x86_64",
"7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.146-1.git.1.517a261.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.146-1.git.1.517a261.el7.src",
"7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.146-1.git.1.517a261.el7.x86_64",
"7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.146-1.git.1.1a30625.el7.src",
"7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.146-1.git.1.51554ba.el7.src",
"7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.146-1.git.1.0e18774.el7.src",
"7Server-RH7-RHOSE-3.11:jenkins-0:2.176.3.1568230481-1.el7.noarch",
"7Server-RH7-RHOSE-3.11:jenkins-0:2.176.3.1568230481-1.el7.src",
"7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1567698330-1.el7.noarch",
"7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1567698330-1.el7.src",
"7Server-RH7-RHOSE-3.11:kibana-0:5.6.16-2.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:kibana-0:5.6.16-2.el7.src",
"7Server-RH7-RHOSE-3.11:kibana-0:5.6.16-2.el7.x86_64",
"7Server-RH7-RHOSE-3.11:kibana-debuginfo-0:5.6.16-2.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:kibana-debuginfo-0:5.6.16-2.el7.x86_64",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.146-1.git.1.de160cc.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.146-1.git.1.de160cc.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.146-1.git.1.de160cc.el7.x86_64",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.146-1.git.1.113bc35.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.146-1.git.1.113bc35.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.146-1.git.1.113bc35.el7.x86_64",
"7Server-RH7-RHOSE-3.11:prometheus-0:3.11.146-1.git.1.0e18774.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:prometheus-0:3.11.146-1.git.1.0e18774.el7.x86_64",
"7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.146-1.git.1.1a30625.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.146-1.git.1.1a30625.el7.x86_64",
"7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.146-1.git.1.51554ba.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.146-1.git.1.51554ba.el7.x86_64",
"7Server-RH7-RHOSE-3.11:python-elasticsearch-1:5.4.0-2.el7.noarch",
"7Server-RH7-RHOSE-3.11:python-elasticsearch-1:5.4.0-2.el7.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1732192"
}
],
"notes": [
{
"category": "description",
"text": "The Kubernetes kube-apiserver mistakenly allows access to a cluster-scoped custom resource if the request is made as if the resource were namespaced. Authorizations for the resource accessed in this manner are enforced using roles and role bindings within the namespace, meaning that a user with access only to a resource in one namespace could create, view update or delete the cluster-scoped resource (according to their namespace role privileges). Kubernetes affected versions include versions prior to 1.13.9, versions prior to 1.14.5, versions prior to 1.15.2, and versions 1.7, 1.8, 1.9, 1.10, 1.11, 1.12.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kubernetes: API server allows access to cluster-scoped custom resources as if resources were namespaced",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RH7-RHOSE-3.11:ansible-service-broker-1:1.3.23-2.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:ansible-service-broker-1:1.3.23-2.el7.src",
"7Server-RH7-RHOSE-3.11:ansible-service-broker-1:1.3.23-2.el7.x86_64",
"7Server-RH7-RHOSE-3.11:ansible-service-broker-container-scripts-1:1.3.23-2.el7.noarch",
"7Server-RH7-RHOSE-3.11:ansible-service-broker-selinux-1:1.3.23-2.el7.noarch",
"7Server-RH7-RHOSE-3.11:automation-broker-apb-role-1:1.3.23-2.el7.noarch"
],
"known_not_affected": [
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.146-1.git.1.3f0869b.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.146-1.git.1.3f0869b.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.146-1.git.1.3f0869b.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.146-1.git.1.3f0869b.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.146-1.git.1.3f0869b.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.146-1.git.0.4aab273.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.146-1.git.0.4aab273.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.146-1.git.0.4aab273.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.146-1.git.0.4aab273.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.146-1.git.0.4aab273.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.146-1.git.0.4aab273.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.146-1.git.1.3633245.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.146-1.git.1.3633245.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.146-1.git.1.3633245.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.146-1.git.1.fc7387e.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.146-1.git.1.fc7387e.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.146-1.git.1.fc7387e.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.146-1.git.0.4aab273.el7.noarch",
"7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.146-1.git.1.fc1edc6.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.146-1.git.1.fc1edc6.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.146-1.git.1.fc1edc6.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.146-1.git.0.4aab273.el7.noarch",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.146-1.git.0.4aab273.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.146-1.git.0.4aab273.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.146-1.git.0.4aab273.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.146-1.git.0.4aab273.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.146-1.git.0.4aab273.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.146-1.git.0.4aab273.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.146-1.git.1.5278825.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.146-1.git.1.5278825.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.146-1.git.1.5278825.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.146-1.git.0.4aab273.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.146-1.git.0.4aab273.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.146-1.git.1.e0e89f7.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.146-1.git.1.e0e89f7.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.146-1.git.1.e0e89f7.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.146-1.git.0.4aab273.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.146-1.git.0.4aab273.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.146-1.git.0.4aab273.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.146-1.git.0.4aab273.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.146-1.git.1.723cb8d.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.146-1.git.1.723cb8d.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.146-1.git.1.723cb8d.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.146-1.git.0.4aab273.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.146-1.git.0.4aab273.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.146-1.git.0.4aab273.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.146-1.git.0.4aab273.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.146-1.git.1.75951b8.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.146-1.git.1.75951b8.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.146-1.git.1.75951b8.el7.x86_64",
"7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.146-1.git.1.517a261.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.146-1.git.1.517a261.el7.src",
"7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.146-1.git.1.517a261.el7.x86_64",
"7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.146-1.git.1.1a30625.el7.src",
"7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.146-1.git.1.51554ba.el7.src",
"7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.146-1.git.1.0e18774.el7.src",
"7Server-RH7-RHOSE-3.11:jenkins-0:2.176.3.1568230481-1.el7.noarch",
"7Server-RH7-RHOSE-3.11:jenkins-0:2.176.3.1568230481-1.el7.src",
"7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1567698330-1.el7.noarch",
"7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1567698330-1.el7.src",
"7Server-RH7-RHOSE-3.11:kibana-0:5.6.16-2.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:kibana-0:5.6.16-2.el7.src",
"7Server-RH7-RHOSE-3.11:kibana-0:5.6.16-2.el7.x86_64",
"7Server-RH7-RHOSE-3.11:kibana-debuginfo-0:5.6.16-2.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:kibana-debuginfo-0:5.6.16-2.el7.x86_64",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.146-1.git.1.de160cc.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.146-1.git.1.de160cc.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.146-1.git.1.de160cc.el7.x86_64",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.146-1.git.1.113bc35.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.146-1.git.1.113bc35.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.146-1.git.1.113bc35.el7.x86_64",
"7Server-RH7-RHOSE-3.11:prometheus-0:3.11.146-1.git.1.0e18774.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:prometheus-0:3.11.146-1.git.1.0e18774.el7.x86_64",
"7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.146-1.git.1.1a30625.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.146-1.git.1.1a30625.el7.x86_64",
"7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.146-1.git.1.51554ba.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.146-1.git.1.51554ba.el7.x86_64",
"7Server-RH7-RHOSE-3.11:python-elasticsearch-1:5.4.0-2.el7.noarch",
"7Server-RH7-RHOSE-3.11:python-elasticsearch-1:5.4.0-2.el7.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-11247"
},
{
"category": "external",
"summary": "RHBZ#1732192",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1732192"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-11247",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11247"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-11247",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-11247"
},
{
"category": "external",
"summary": "https://groups.google.com/forum/#!topic/kubernetes-security-discuss/Vf31dXp0EJc",
"url": "https://groups.google.com/forum/#!topic/kubernetes-security-discuss/Vf31dXp0EJc"
}
],
"release_date": "2019-08-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-09-24T12:31:29+00:00",
"details": "Before applying this update, ensure all previously released errata\nrelevant to your system have been applied.\n\nFor OpenShift Container Platform 3.11 see the following documentation,\nwhich will be updated shortly for release 3.11.146, for important\ninstructions on how to upgrade your cluster and fully apply this\nasynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/3.11/release_notes/ocp_3_11_release_notes.html\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/articles/11258.",
"product_ids": [
"7Server-RH7-RHOSE-3.11:ansible-service-broker-1:1.3.23-2.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:ansible-service-broker-1:1.3.23-2.el7.src",
"7Server-RH7-RHOSE-3.11:ansible-service-broker-1:1.3.23-2.el7.x86_64",
"7Server-RH7-RHOSE-3.11:ansible-service-broker-container-scripts-1:1.3.23-2.el7.noarch",
"7Server-RH7-RHOSE-3.11:ansible-service-broker-selinux-1:1.3.23-2.el7.noarch",
"7Server-RH7-RHOSE-3.11:automation-broker-apb-role-1:1.3.23-2.el7.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHBA-2019:2816"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.0,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.0"
},
"products": [
"7Server-RH7-RHOSE-3.11:ansible-service-broker-1:1.3.23-2.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:ansible-service-broker-1:1.3.23-2.el7.src",
"7Server-RH7-RHOSE-3.11:ansible-service-broker-1:1.3.23-2.el7.x86_64",
"7Server-RH7-RHOSE-3.11:ansible-service-broker-container-scripts-1:1.3.23-2.el7.noarch",
"7Server-RH7-RHOSE-3.11:ansible-service-broker-selinux-1:1.3.23-2.el7.noarch",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.146-1.git.1.3f0869b.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.146-1.git.1.3f0869b.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.146-1.git.1.3f0869b.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.146-1.git.1.3f0869b.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.146-1.git.1.3f0869b.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.146-1.git.0.4aab273.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.146-1.git.0.4aab273.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.146-1.git.0.4aab273.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.146-1.git.0.4aab273.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.146-1.git.0.4aab273.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.146-1.git.0.4aab273.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.146-1.git.1.3633245.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.146-1.git.1.3633245.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.146-1.git.1.3633245.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.146-1.git.1.fc7387e.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.146-1.git.1.fc7387e.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.146-1.git.1.fc7387e.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.146-1.git.0.4aab273.el7.noarch",
"7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.146-1.git.1.fc1edc6.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.146-1.git.1.fc1edc6.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.146-1.git.1.fc1edc6.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.146-1.git.0.4aab273.el7.noarch",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.146-1.git.0.4aab273.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.146-1.git.0.4aab273.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.146-1.git.0.4aab273.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.146-1.git.0.4aab273.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.146-1.git.0.4aab273.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.146-1.git.0.4aab273.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.146-1.git.1.5278825.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.146-1.git.1.5278825.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.146-1.git.1.5278825.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.146-1.git.0.4aab273.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.146-1.git.0.4aab273.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.146-1.git.1.e0e89f7.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.146-1.git.1.e0e89f7.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.146-1.git.1.e0e89f7.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.146-1.git.0.4aab273.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.146-1.git.0.4aab273.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.146-1.git.0.4aab273.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.146-1.git.0.4aab273.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.146-1.git.1.723cb8d.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.146-1.git.1.723cb8d.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.146-1.git.1.723cb8d.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.146-1.git.0.4aab273.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.146-1.git.0.4aab273.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.146-1.git.0.4aab273.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.146-1.git.0.4aab273.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.146-1.git.1.75951b8.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.146-1.git.1.75951b8.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.146-1.git.1.75951b8.el7.x86_64",
"7Server-RH7-RHOSE-3.11:automation-broker-apb-role-1:1.3.23-2.el7.noarch",
"7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.146-1.git.1.517a261.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.146-1.git.1.517a261.el7.src",
"7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.146-1.git.1.517a261.el7.x86_64",
"7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.146-1.git.1.1a30625.el7.src",
"7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.146-1.git.1.51554ba.el7.src",
"7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.146-1.git.1.0e18774.el7.src",
"7Server-RH7-RHOSE-3.11:jenkins-0:2.176.3.1568230481-1.el7.noarch",
"7Server-RH7-RHOSE-3.11:jenkins-0:2.176.3.1568230481-1.el7.src",
"7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1567698330-1.el7.noarch",
"7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1567698330-1.el7.src",
"7Server-RH7-RHOSE-3.11:kibana-0:5.6.16-2.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:kibana-0:5.6.16-2.el7.src",
"7Server-RH7-RHOSE-3.11:kibana-0:5.6.16-2.el7.x86_64",
"7Server-RH7-RHOSE-3.11:kibana-debuginfo-0:5.6.16-2.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:kibana-debuginfo-0:5.6.16-2.el7.x86_64",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.146-1.git.1.de160cc.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.146-1.git.1.de160cc.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.146-1.git.1.de160cc.el7.x86_64",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.146-1.git.1.113bc35.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.146-1.git.1.113bc35.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.146-1.git.1.113bc35.el7.x86_64",
"7Server-RH7-RHOSE-3.11:prometheus-0:3.11.146-1.git.1.0e18774.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:prometheus-0:3.11.146-1.git.1.0e18774.el7.x86_64",
"7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.146-1.git.1.1a30625.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.146-1.git.1.1a30625.el7.x86_64",
"7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.146-1.git.1.51554ba.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.146-1.git.1.51554ba.el7.x86_64",
"7Server-RH7-RHOSE-3.11:python-elasticsearch-1:5.4.0-2.el7.noarch",
"7Server-RH7-RHOSE-3.11:python-elasticsearch-1:5.4.0-2.el7.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kubernetes: API server allows access to cluster-scoped custom resources as if resources were namespaced"
},
{
"cve": "CVE-2019-11249",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"discovery_date": "2019-08-05T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.146-1.git.1.3f0869b.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.146-1.git.1.3f0869b.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.146-1.git.1.3f0869b.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.146-1.git.1.3f0869b.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.146-1.git.1.3f0869b.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.146-1.git.0.4aab273.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.146-1.git.0.4aab273.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.146-1.git.0.4aab273.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.146-1.git.0.4aab273.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.146-1.git.0.4aab273.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.146-1.git.0.4aab273.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.146-1.git.1.3633245.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.146-1.git.1.3633245.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.146-1.git.1.3633245.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.146-1.git.1.fc7387e.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.146-1.git.1.fc7387e.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.146-1.git.1.fc7387e.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.146-1.git.0.4aab273.el7.noarch",
"7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.146-1.git.1.fc1edc6.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.146-1.git.1.fc1edc6.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.146-1.git.1.fc1edc6.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.146-1.git.0.4aab273.el7.noarch",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.146-1.git.0.4aab273.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.146-1.git.0.4aab273.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.146-1.git.0.4aab273.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.146-1.git.0.4aab273.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.146-1.git.0.4aab273.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.146-1.git.0.4aab273.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.146-1.git.1.5278825.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.146-1.git.1.5278825.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.146-1.git.1.5278825.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.146-1.git.0.4aab273.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.146-1.git.0.4aab273.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.146-1.git.1.e0e89f7.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.146-1.git.1.e0e89f7.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.146-1.git.1.e0e89f7.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.146-1.git.0.4aab273.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.146-1.git.0.4aab273.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.146-1.git.0.4aab273.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.146-1.git.0.4aab273.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.146-1.git.1.723cb8d.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.146-1.git.1.723cb8d.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.146-1.git.1.723cb8d.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.146-1.git.0.4aab273.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.146-1.git.0.4aab273.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.146-1.git.0.4aab273.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.146-1.git.0.4aab273.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.146-1.git.1.75951b8.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.146-1.git.1.75951b8.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.146-1.git.1.75951b8.el7.x86_64",
"7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.146-1.git.1.517a261.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.146-1.git.1.517a261.el7.src",
"7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.146-1.git.1.517a261.el7.x86_64",
"7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.146-1.git.1.1a30625.el7.src",
"7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.146-1.git.1.51554ba.el7.src",
"7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.146-1.git.1.0e18774.el7.src",
"7Server-RH7-RHOSE-3.11:jenkins-0:2.176.3.1568230481-1.el7.noarch",
"7Server-RH7-RHOSE-3.11:jenkins-0:2.176.3.1568230481-1.el7.src",
"7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1567698330-1.el7.noarch",
"7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1567698330-1.el7.src",
"7Server-RH7-RHOSE-3.11:kibana-0:5.6.16-2.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:kibana-0:5.6.16-2.el7.src",
"7Server-RH7-RHOSE-3.11:kibana-0:5.6.16-2.el7.x86_64",
"7Server-RH7-RHOSE-3.11:kibana-debuginfo-0:5.6.16-2.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:kibana-debuginfo-0:5.6.16-2.el7.x86_64",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.146-1.git.1.de160cc.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.146-1.git.1.de160cc.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.146-1.git.1.de160cc.el7.x86_64",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.146-1.git.1.113bc35.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.146-1.git.1.113bc35.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.146-1.git.1.113bc35.el7.x86_64",
"7Server-RH7-RHOSE-3.11:prometheus-0:3.11.146-1.git.1.0e18774.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:prometheus-0:3.11.146-1.git.1.0e18774.el7.x86_64",
"7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.146-1.git.1.1a30625.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.146-1.git.1.1a30625.el7.x86_64",
"7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.146-1.git.1.51554ba.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.146-1.git.1.51554ba.el7.x86_64",
"7Server-RH7-RHOSE-3.11:python-elasticsearch-1:5.4.0-2.el7.noarch",
"7Server-RH7-RHOSE-3.11:python-elasticsearch-1:5.4.0-2.el7.src"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1737651"
}
],
"notes": [
{
"category": "description",
"text": "The kubectl cp command allows copying files between containers and the user machine. To copy files from a container, Kubernetes runs tar inside the container to create a tar archive, copies it over the network, and kubectl unpacks it on the user\u2019s machine. If the tar binary in the container is malicious, it could run any code and output unexpected, malicious results. An attacker could use this to write files to any path on the user\u2019s machine when kubectl cp is called, limited only by the system permissions of the local user. Kubernetes affected versions include versions prior to 1.13.9, versions prior to 1.14.5, versions prior to 1.15.2, and versions 1.1, 1.2, 1.4, 1.4, 1.5, 1.6, 1.7, 1.8, 1.9, 1.10, 1.11, 1.12.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kubernetes: Incomplete fixes for CVE-2019-1002101 and CVE-2019-11246, kubectl cp potential directory traversal",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RH7-RHOSE-3.11:ansible-service-broker-1:1.3.23-2.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:ansible-service-broker-1:1.3.23-2.el7.src",
"7Server-RH7-RHOSE-3.11:ansible-service-broker-1:1.3.23-2.el7.x86_64",
"7Server-RH7-RHOSE-3.11:ansible-service-broker-container-scripts-1:1.3.23-2.el7.noarch",
"7Server-RH7-RHOSE-3.11:ansible-service-broker-selinux-1:1.3.23-2.el7.noarch",
"7Server-RH7-RHOSE-3.11:automation-broker-apb-role-1:1.3.23-2.el7.noarch"
],
"known_not_affected": [
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.146-1.git.1.3f0869b.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.146-1.git.1.3f0869b.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.146-1.git.1.3f0869b.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.146-1.git.1.3f0869b.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.146-1.git.1.3f0869b.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.146-1.git.0.4aab273.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.146-1.git.0.4aab273.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.146-1.git.0.4aab273.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.146-1.git.0.4aab273.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.146-1.git.0.4aab273.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.146-1.git.0.4aab273.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.146-1.git.1.3633245.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.146-1.git.1.3633245.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.146-1.git.1.3633245.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.146-1.git.1.fc7387e.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.146-1.git.1.fc7387e.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.146-1.git.1.fc7387e.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.146-1.git.0.4aab273.el7.noarch",
"7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.146-1.git.1.fc1edc6.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.146-1.git.1.fc1edc6.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.146-1.git.1.fc1edc6.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.146-1.git.0.4aab273.el7.noarch",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.146-1.git.0.4aab273.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.146-1.git.0.4aab273.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.146-1.git.0.4aab273.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.146-1.git.0.4aab273.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.146-1.git.0.4aab273.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.146-1.git.0.4aab273.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.146-1.git.1.5278825.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.146-1.git.1.5278825.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.146-1.git.1.5278825.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.146-1.git.0.4aab273.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.146-1.git.0.4aab273.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.146-1.git.1.e0e89f7.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.146-1.git.1.e0e89f7.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.146-1.git.1.e0e89f7.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.146-1.git.0.4aab273.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.146-1.git.0.4aab273.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.146-1.git.0.4aab273.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.146-1.git.0.4aab273.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.146-1.git.1.723cb8d.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.146-1.git.1.723cb8d.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.146-1.git.1.723cb8d.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.146-1.git.0.4aab273.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.146-1.git.0.4aab273.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.146-1.git.0.4aab273.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.146-1.git.0.4aab273.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.146-1.git.1.75951b8.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.146-1.git.1.75951b8.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.146-1.git.1.75951b8.el7.x86_64",
"7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.146-1.git.1.517a261.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.146-1.git.1.517a261.el7.src",
"7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.146-1.git.1.517a261.el7.x86_64",
"7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.146-1.git.1.1a30625.el7.src",
"7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.146-1.git.1.51554ba.el7.src",
"7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.146-1.git.1.0e18774.el7.src",
"7Server-RH7-RHOSE-3.11:jenkins-0:2.176.3.1568230481-1.el7.noarch",
"7Server-RH7-RHOSE-3.11:jenkins-0:2.176.3.1568230481-1.el7.src",
"7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1567698330-1.el7.noarch",
"7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1567698330-1.el7.src",
"7Server-RH7-RHOSE-3.11:kibana-0:5.6.16-2.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:kibana-0:5.6.16-2.el7.src",
"7Server-RH7-RHOSE-3.11:kibana-0:5.6.16-2.el7.x86_64",
"7Server-RH7-RHOSE-3.11:kibana-debuginfo-0:5.6.16-2.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:kibana-debuginfo-0:5.6.16-2.el7.x86_64",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.146-1.git.1.de160cc.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.146-1.git.1.de160cc.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.146-1.git.1.de160cc.el7.x86_64",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.146-1.git.1.113bc35.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.146-1.git.1.113bc35.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.146-1.git.1.113bc35.el7.x86_64",
"7Server-RH7-RHOSE-3.11:prometheus-0:3.11.146-1.git.1.0e18774.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:prometheus-0:3.11.146-1.git.1.0e18774.el7.x86_64",
"7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.146-1.git.1.1a30625.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.146-1.git.1.1a30625.el7.x86_64",
"7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.146-1.git.1.51554ba.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.146-1.git.1.51554ba.el7.x86_64",
"7Server-RH7-RHOSE-3.11:python-elasticsearch-1:5.4.0-2.el7.noarch",
"7Server-RH7-RHOSE-3.11:python-elasticsearch-1:5.4.0-2.el7.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-11249"
},
{
"category": "external",
"summary": "RHBZ#1737651",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1737651"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-11249",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11249"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-11249",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-11249"
},
{
"category": "external",
"summary": "https://groups.google.com/forum/#!topic/kubernetes-security-discuss/Vf31dXp0EJc",
"url": "https://groups.google.com/forum/#!topic/kubernetes-security-discuss/Vf31dXp0EJc"
}
],
"release_date": "2019-08-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-09-24T12:31:29+00:00",
"details": "Before applying this update, ensure all previously released errata\nrelevant to your system have been applied.\n\nFor OpenShift Container Platform 3.11 see the following documentation,\nwhich will be updated shortly for release 3.11.146, for important\ninstructions on how to upgrade your cluster and fully apply this\nasynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/3.11/release_notes/ocp_3_11_release_notes.html\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/articles/11258.",
"product_ids": [
"7Server-RH7-RHOSE-3.11:ansible-service-broker-1:1.3.23-2.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:ansible-service-broker-1:1.3.23-2.el7.src",
"7Server-RH7-RHOSE-3.11:ansible-service-broker-1:1.3.23-2.el7.x86_64",
"7Server-RH7-RHOSE-3.11:ansible-service-broker-container-scripts-1:1.3.23-2.el7.noarch",
"7Server-RH7-RHOSE-3.11:ansible-service-broker-selinux-1:1.3.23-2.el7.noarch",
"7Server-RH7-RHOSE-3.11:automation-broker-apb-role-1:1.3.23-2.el7.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHBA-2019:2816"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:H/A:N",
"version": "3.0"
},
"products": [
"7Server-RH7-RHOSE-3.11:ansible-service-broker-1:1.3.23-2.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:ansible-service-broker-1:1.3.23-2.el7.src",
"7Server-RH7-RHOSE-3.11:ansible-service-broker-1:1.3.23-2.el7.x86_64",
"7Server-RH7-RHOSE-3.11:ansible-service-broker-container-scripts-1:1.3.23-2.el7.noarch",
"7Server-RH7-RHOSE-3.11:ansible-service-broker-selinux-1:1.3.23-2.el7.noarch",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.146-1.git.1.3f0869b.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.146-1.git.1.3f0869b.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.146-1.git.1.3f0869b.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.146-1.git.1.3f0869b.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.146-1.git.1.3f0869b.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.146-1.git.0.4aab273.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.146-1.git.0.4aab273.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.146-1.git.0.4aab273.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.146-1.git.0.4aab273.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.146-1.git.0.4aab273.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.146-1.git.0.4aab273.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.146-1.git.1.3633245.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.146-1.git.1.3633245.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.146-1.git.1.3633245.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.146-1.git.1.fc7387e.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.146-1.git.1.fc7387e.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.146-1.git.1.fc7387e.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.146-1.git.0.4aab273.el7.noarch",
"7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.146-1.git.1.fc1edc6.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.146-1.git.1.fc1edc6.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.146-1.git.1.fc1edc6.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.146-1.git.0.4aab273.el7.noarch",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.146-1.git.0.4aab273.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.146-1.git.0.4aab273.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.146-1.git.0.4aab273.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.146-1.git.0.4aab273.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.146-1.git.0.4aab273.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.146-1.git.0.4aab273.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.146-1.git.1.5278825.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.146-1.git.1.5278825.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.146-1.git.1.5278825.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.146-1.git.0.4aab273.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.146-1.git.0.4aab273.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.146-1.git.1.e0e89f7.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.146-1.git.1.e0e89f7.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.146-1.git.1.e0e89f7.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.146-1.git.0.4aab273.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.146-1.git.0.4aab273.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.146-1.git.0.4aab273.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.146-1.git.0.4aab273.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.146-1.git.1.723cb8d.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.146-1.git.1.723cb8d.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.146-1.git.1.723cb8d.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.146-1.git.0.4aab273.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.146-1.git.0.4aab273.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.146-1.git.0.4aab273.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.146-1.git.0.4aab273.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.146-1.git.1.75951b8.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.146-1.git.1.75951b8.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.146-1.git.1.75951b8.el7.x86_64",
"7Server-RH7-RHOSE-3.11:automation-broker-apb-role-1:1.3.23-2.el7.noarch",
"7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.146-1.git.1.517a261.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.146-1.git.1.517a261.el7.src",
"7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.146-1.git.1.517a261.el7.x86_64",
"7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.146-1.git.1.1a30625.el7.src",
"7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.146-1.git.1.51554ba.el7.src",
"7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.146-1.git.1.0e18774.el7.src",
"7Server-RH7-RHOSE-3.11:jenkins-0:2.176.3.1568230481-1.el7.noarch",
"7Server-RH7-RHOSE-3.11:jenkins-0:2.176.3.1568230481-1.el7.src",
"7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1567698330-1.el7.noarch",
"7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1567698330-1.el7.src",
"7Server-RH7-RHOSE-3.11:kibana-0:5.6.16-2.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:kibana-0:5.6.16-2.el7.src",
"7Server-RH7-RHOSE-3.11:kibana-0:5.6.16-2.el7.x86_64",
"7Server-RH7-RHOSE-3.11:kibana-debuginfo-0:5.6.16-2.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:kibana-debuginfo-0:5.6.16-2.el7.x86_64",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.146-1.git.1.de160cc.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.146-1.git.1.de160cc.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.146-1.git.1.de160cc.el7.x86_64",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.146-1.git.1.113bc35.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.146-1.git.1.113bc35.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.146-1.git.1.113bc35.el7.x86_64",
"7Server-RH7-RHOSE-3.11:prometheus-0:3.11.146-1.git.1.0e18774.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:prometheus-0:3.11.146-1.git.1.0e18774.el7.x86_64",
"7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.146-1.git.1.1a30625.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.146-1.git.1.1a30625.el7.x86_64",
"7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.146-1.git.1.51554ba.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.146-1.git.1.51554ba.el7.x86_64",
"7Server-RH7-RHOSE-3.11:python-elasticsearch-1:5.4.0-2.el7.noarch",
"7Server-RH7-RHOSE-3.11:python-elasticsearch-1:5.4.0-2.el7.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kubernetes: Incomplete fixes for CVE-2019-1002101 and CVE-2019-11246, kubectl cp potential directory traversal"
}
]
}
RHBA-2019_2794
Vulnerability from csaf_redhat - Published: 2019-09-20 15:24 - Updated: 2024-11-22 13:43Summary
Red Hat Bug Fix Advisory: OpenShift Container Platform 4.1.16 packages update
Severity
Moderate
Notes
Topic: Red Hat OpenShift Container Platform release 4.1.16 is now available with
updates to packages and images that fix several bugs.
Details: Red Hat OpenShift Container Platform is Red Hat's cloud computing
Kubernetes application platform solution designed for on-premise or private
cloud deployments.
This advisory contains the RPM packages for Red Hat
OpenShift Container Platform 4.1.16. See the following advisory for the
container images for this release:
https://access.redhat.com/errata/RHBA-2019:2768
All OpenShift Container Platform 4.1 users are advised to upgrade to these
updated packages and images.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
The kubectl cp command allows copying files between containers and the user machine. To copy files from a container, Kubernetes runs tar inside the container to create a tar archive, copies it over the network, and kubectl unpacks it on the user’s machine. If the tar binary in the container is malicious, it could run any code and output unexpected, malicious results. An attacker could use this to write files to any path on the user’s machine when kubectl cp is called, limited only by the system permissions of the local user. Kubernetes affected versions include versions prior to 1.13.9, versions prior to 1.14.5, versions prior to 1.15.2, and versions 1.1, 1.2, 1.4, 1.4, 1.5, 1.6, 1.7, 1.8, 1.9, 1.10, 1.11, 1.12.
4.8 (Medium)
Affected products
Fixed
15 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 7Server-RH7-RHOSE-4.1:atomic-enterprise-service-catalog-1:4.1.16-201909090609.git.1.cc4acc1.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-4.1:atomic-enterprise-service-catalog-1:4.1.16-201909090609.git.1.cc4acc1.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-4.1:atomic-enterprise-service-catalog-svcat-1:4.1.16-201909090609.git.1.cc4acc1.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-4.1:jenkins-2-plugins-0:4.1.1567784275-1.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-4.1:jenkins-2-plugins-0:4.1.1567784275-1.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-4.1:openshift-0:4.1.16-201909090609.git.0.2f97059.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-4.1:openshift-ansible-0:4.1.16-201909090609.git.162.a0800db.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-4.1:openshift-ansible-0:4.1.16-201909090609.git.162.a0800db.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-4.1:openshift-clients-0:4.1.16-201909090609.git.0.2f97059.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-4.1:openshift-clients-redistributable-0:4.1.16-201909090609.git.0.2f97059.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-4.1:openshift-hyperkube-0:4.1.16-201909090609.git.0.2f97059.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.1:openshift-0:4.1.16-201909090609.git.0.2f97059.el8.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.1:openshift-clients-0:4.1.16-201909090609.git.0.2f97059.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.1:openshift-clients-redistributable-0:4.1.16-201909090609.git.0.2f97059.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.1:openshift-hyperkube-0:4.1.16-201909090609.git.0.2f97059.el8.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
References
8 references
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Red Hat OpenShift Container Platform release 4.1.16 is now available with\nupdates to packages and images that fix several bugs.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat OpenShift Container Platform is Red Hat\u0027s cloud computing\nKubernetes application platform solution designed for on-premise or private\ncloud deployments.\n\nThis advisory contains the RPM packages for Red Hat\nOpenShift Container Platform 4.1.16. See the following advisory for the\ncontainer images for this release:\n\nhttps://access.redhat.com/errata/RHBA-2019:2768\n\nAll OpenShift Container Platform 4.1 users are advised to upgrade to these\nupdated packages and images.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHBA-2019:2794",
"url": "https://access.redhat.com/errata/RHBA-2019:2794"
},
{
"category": "external",
"summary": "1749938",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1749938"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2019/rhba-2019_2794.json"
}
],
"title": "Red Hat Bug Fix Advisory: OpenShift Container Platform 4.1.16 packages update",
"tracking": {
"current_release_date": "2024-11-22T13:43:49+00:00",
"generator": {
"date": "2024-11-22T13:43:49+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.1"
}
},
"id": "RHBA-2019:2794",
"initial_release_date": "2019-09-20T15:24:10+00:00",
"revision_history": [
{
"date": "2019-09-20T15:24:10+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2019-09-20T15:24:10+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-22T13:43:49+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat OpenShift Container Platform 4.1",
"product": {
"name": "Red Hat OpenShift Container Platform 4.1",
"product_id": "7Server-RH7-RHOSE-4.1",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift:4.1::el7"
}
}
},
{
"category": "product_name",
"name": "Red Hat OpenShift Container Platform 4.1",
"product": {
"name": "Red Hat OpenShift Container Platform 4.1",
"product_id": "8Base-RHOSE-4.1",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift:4.1::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenShift Enterprise"
},
{
"branches": [
{
"category": "product_version",
"name": "atomic-enterprise-service-catalog-1:4.1.16-201909090609.git.1.cc4acc1.el7.x86_64",
"product": {
"name": "atomic-enterprise-service-catalog-1:4.1.16-201909090609.git.1.cc4acc1.el7.x86_64",
"product_id": "atomic-enterprise-service-catalog-1:4.1.16-201909090609.git.1.cc4acc1.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/atomic-enterprise-service-catalog@4.1.16-201909090609.git.1.cc4acc1.el7?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "atomic-enterprise-service-catalog-svcat-1:4.1.16-201909090609.git.1.cc4acc1.el7.x86_64",
"product": {
"name": "atomic-enterprise-service-catalog-svcat-1:4.1.16-201909090609.git.1.cc4acc1.el7.x86_64",
"product_id": "atomic-enterprise-service-catalog-svcat-1:4.1.16-201909090609.git.1.cc4acc1.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/atomic-enterprise-service-catalog-svcat@4.1.16-201909090609.git.1.cc4acc1.el7?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "openshift-clients-0:4.1.16-201909090609.git.0.2f97059.el7.x86_64",
"product": {
"name": "openshift-clients-0:4.1.16-201909090609.git.0.2f97059.el7.x86_64",
"product_id": "openshift-clients-0:4.1.16-201909090609.git.0.2f97059.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-clients@4.1.16-201909090609.git.0.2f97059.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "openshift-clients-redistributable-0:4.1.16-201909090609.git.0.2f97059.el7.x86_64",
"product": {
"name": "openshift-clients-redistributable-0:4.1.16-201909090609.git.0.2f97059.el7.x86_64",
"product_id": "openshift-clients-redistributable-0:4.1.16-201909090609.git.0.2f97059.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-clients-redistributable@4.1.16-201909090609.git.0.2f97059.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "openshift-hyperkube-0:4.1.16-201909090609.git.0.2f97059.el7.x86_64",
"product": {
"name": "openshift-hyperkube-0:4.1.16-201909090609.git.0.2f97059.el7.x86_64",
"product_id": "openshift-hyperkube-0:4.1.16-201909090609.git.0.2f97059.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-hyperkube@4.1.16-201909090609.git.0.2f97059.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "openshift-clients-0:4.1.16-201909090609.git.0.2f97059.el8.x86_64",
"product": {
"name": "openshift-clients-0:4.1.16-201909090609.git.0.2f97059.el8.x86_64",
"product_id": "openshift-clients-0:4.1.16-201909090609.git.0.2f97059.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-clients@4.1.16-201909090609.git.0.2f97059.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "openshift-clients-redistributable-0:4.1.16-201909090609.git.0.2f97059.el8.x86_64",
"product": {
"name": "openshift-clients-redistributable-0:4.1.16-201909090609.git.0.2f97059.el8.x86_64",
"product_id": "openshift-clients-redistributable-0:4.1.16-201909090609.git.0.2f97059.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-clients-redistributable@4.1.16-201909090609.git.0.2f97059.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "openshift-hyperkube-0:4.1.16-201909090609.git.0.2f97059.el8.x86_64",
"product": {
"name": "openshift-hyperkube-0:4.1.16-201909090609.git.0.2f97059.el8.x86_64",
"product_id": "openshift-hyperkube-0:4.1.16-201909090609.git.0.2f97059.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-hyperkube@4.1.16-201909090609.git.0.2f97059.el8?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "atomic-enterprise-service-catalog-1:4.1.16-201909090609.git.1.cc4acc1.el7.src",
"product": {
"name": "atomic-enterprise-service-catalog-1:4.1.16-201909090609.git.1.cc4acc1.el7.src",
"product_id": "atomic-enterprise-service-catalog-1:4.1.16-201909090609.git.1.cc4acc1.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/atomic-enterprise-service-catalog@4.1.16-201909090609.git.1.cc4acc1.el7?arch=src\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "jenkins-2-plugins-0:4.1.1567784275-1.el7.src",
"product": {
"name": "jenkins-2-plugins-0:4.1.1567784275-1.el7.src",
"product_id": "jenkins-2-plugins-0:4.1.1567784275-1.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jenkins-2-plugins@4.1.1567784275-1.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "openshift-0:4.1.16-201909090609.git.0.2f97059.el7.src",
"product": {
"name": "openshift-0:4.1.16-201909090609.git.0.2f97059.el7.src",
"product_id": "openshift-0:4.1.16-201909090609.git.0.2f97059.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift@4.1.16-201909090609.git.0.2f97059.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "openshift-ansible-0:4.1.16-201909090609.git.162.a0800db.el7.src",
"product": {
"name": "openshift-ansible-0:4.1.16-201909090609.git.162.a0800db.el7.src",
"product_id": "openshift-ansible-0:4.1.16-201909090609.git.162.a0800db.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-ansible@4.1.16-201909090609.git.162.a0800db.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "openshift-0:4.1.16-201909090609.git.0.2f97059.el8.src",
"product": {
"name": "openshift-0:4.1.16-201909090609.git.0.2f97059.el8.src",
"product_id": "openshift-0:4.1.16-201909090609.git.0.2f97059.el8.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift@4.1.16-201909090609.git.0.2f97059.el8?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "jenkins-2-plugins-0:4.1.1567784275-1.el7.noarch",
"product": {
"name": "jenkins-2-plugins-0:4.1.1567784275-1.el7.noarch",
"product_id": "jenkins-2-plugins-0:4.1.1567784275-1.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jenkins-2-plugins@4.1.1567784275-1.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "openshift-ansible-0:4.1.16-201909090609.git.162.a0800db.el7.noarch",
"product": {
"name": "openshift-ansible-0:4.1.16-201909090609.git.162.a0800db.el7.noarch",
"product_id": "openshift-ansible-0:4.1.16-201909090609.git.162.a0800db.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-ansible@4.1.16-201909090609.git.162.a0800db.el7?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "atomic-enterprise-service-catalog-1:4.1.16-201909090609.git.1.cc4acc1.el7.src as a component of Red Hat OpenShift Container Platform 4.1",
"product_id": "7Server-RH7-RHOSE-4.1:atomic-enterprise-service-catalog-1:4.1.16-201909090609.git.1.cc4acc1.el7.src"
},
"product_reference": "atomic-enterprise-service-catalog-1:4.1.16-201909090609.git.1.cc4acc1.el7.src",
"relates_to_product_reference": "7Server-RH7-RHOSE-4.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "atomic-enterprise-service-catalog-1:4.1.16-201909090609.git.1.cc4acc1.el7.x86_64 as a component of Red Hat OpenShift Container Platform 4.1",
"product_id": "7Server-RH7-RHOSE-4.1:atomic-enterprise-service-catalog-1:4.1.16-201909090609.git.1.cc4acc1.el7.x86_64"
},
"product_reference": "atomic-enterprise-service-catalog-1:4.1.16-201909090609.git.1.cc4acc1.el7.x86_64",
"relates_to_product_reference": "7Server-RH7-RHOSE-4.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "atomic-enterprise-service-catalog-svcat-1:4.1.16-201909090609.git.1.cc4acc1.el7.x86_64 as a component of Red Hat OpenShift Container Platform 4.1",
"product_id": "7Server-RH7-RHOSE-4.1:atomic-enterprise-service-catalog-svcat-1:4.1.16-201909090609.git.1.cc4acc1.el7.x86_64"
},
"product_reference": "atomic-enterprise-service-catalog-svcat-1:4.1.16-201909090609.git.1.cc4acc1.el7.x86_64",
"relates_to_product_reference": "7Server-RH7-RHOSE-4.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jenkins-2-plugins-0:4.1.1567784275-1.el7.noarch as a component of Red Hat OpenShift Container Platform 4.1",
"product_id": "7Server-RH7-RHOSE-4.1:jenkins-2-plugins-0:4.1.1567784275-1.el7.noarch"
},
"product_reference": "jenkins-2-plugins-0:4.1.1567784275-1.el7.noarch",
"relates_to_product_reference": "7Server-RH7-RHOSE-4.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jenkins-2-plugins-0:4.1.1567784275-1.el7.src as a component of Red Hat OpenShift Container Platform 4.1",
"product_id": "7Server-RH7-RHOSE-4.1:jenkins-2-plugins-0:4.1.1567784275-1.el7.src"
},
"product_reference": "jenkins-2-plugins-0:4.1.1567784275-1.el7.src",
"relates_to_product_reference": "7Server-RH7-RHOSE-4.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-0:4.1.16-201909090609.git.0.2f97059.el7.src as a component of Red Hat OpenShift Container Platform 4.1",
"product_id": "7Server-RH7-RHOSE-4.1:openshift-0:4.1.16-201909090609.git.0.2f97059.el7.src"
},
"product_reference": "openshift-0:4.1.16-201909090609.git.0.2f97059.el7.src",
"relates_to_product_reference": "7Server-RH7-RHOSE-4.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-ansible-0:4.1.16-201909090609.git.162.a0800db.el7.noarch as a component of Red Hat OpenShift Container Platform 4.1",
"product_id": "7Server-RH7-RHOSE-4.1:openshift-ansible-0:4.1.16-201909090609.git.162.a0800db.el7.noarch"
},
"product_reference": "openshift-ansible-0:4.1.16-201909090609.git.162.a0800db.el7.noarch",
"relates_to_product_reference": "7Server-RH7-RHOSE-4.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-ansible-0:4.1.16-201909090609.git.162.a0800db.el7.src as a component of Red Hat OpenShift Container Platform 4.1",
"product_id": "7Server-RH7-RHOSE-4.1:openshift-ansible-0:4.1.16-201909090609.git.162.a0800db.el7.src"
},
"product_reference": "openshift-ansible-0:4.1.16-201909090609.git.162.a0800db.el7.src",
"relates_to_product_reference": "7Server-RH7-RHOSE-4.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-clients-0:4.1.16-201909090609.git.0.2f97059.el7.x86_64 as a component of Red Hat OpenShift Container Platform 4.1",
"product_id": "7Server-RH7-RHOSE-4.1:openshift-clients-0:4.1.16-201909090609.git.0.2f97059.el7.x86_64"
},
"product_reference": "openshift-clients-0:4.1.16-201909090609.git.0.2f97059.el7.x86_64",
"relates_to_product_reference": "7Server-RH7-RHOSE-4.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-clients-redistributable-0:4.1.16-201909090609.git.0.2f97059.el7.x86_64 as a component of Red Hat OpenShift Container Platform 4.1",
"product_id": "7Server-RH7-RHOSE-4.1:openshift-clients-redistributable-0:4.1.16-201909090609.git.0.2f97059.el7.x86_64"
},
"product_reference": "openshift-clients-redistributable-0:4.1.16-201909090609.git.0.2f97059.el7.x86_64",
"relates_to_product_reference": "7Server-RH7-RHOSE-4.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-hyperkube-0:4.1.16-201909090609.git.0.2f97059.el7.x86_64 as a component of Red Hat OpenShift Container Platform 4.1",
"product_id": "7Server-RH7-RHOSE-4.1:openshift-hyperkube-0:4.1.16-201909090609.git.0.2f97059.el7.x86_64"
},
"product_reference": "openshift-hyperkube-0:4.1.16-201909090609.git.0.2f97059.el7.x86_64",
"relates_to_product_reference": "7Server-RH7-RHOSE-4.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-0:4.1.16-201909090609.git.0.2f97059.el8.src as a component of Red Hat OpenShift Container Platform 4.1",
"product_id": "8Base-RHOSE-4.1:openshift-0:4.1.16-201909090609.git.0.2f97059.el8.src"
},
"product_reference": "openshift-0:4.1.16-201909090609.git.0.2f97059.el8.src",
"relates_to_product_reference": "8Base-RHOSE-4.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-clients-0:4.1.16-201909090609.git.0.2f97059.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.1",
"product_id": "8Base-RHOSE-4.1:openshift-clients-0:4.1.16-201909090609.git.0.2f97059.el8.x86_64"
},
"product_reference": "openshift-clients-0:4.1.16-201909090609.git.0.2f97059.el8.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-clients-redistributable-0:4.1.16-201909090609.git.0.2f97059.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.1",
"product_id": "8Base-RHOSE-4.1:openshift-clients-redistributable-0:4.1.16-201909090609.git.0.2f97059.el8.x86_64"
},
"product_reference": "openshift-clients-redistributable-0:4.1.16-201909090609.git.0.2f97059.el8.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-hyperkube-0:4.1.16-201909090609.git.0.2f97059.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.1",
"product_id": "8Base-RHOSE-4.1:openshift-hyperkube-0:4.1.16-201909090609.git.0.2f97059.el8.x86_64"
},
"product_reference": "openshift-hyperkube-0:4.1.16-201909090609.git.0.2f97059.el8.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.1"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2019-11249",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"discovery_date": "2019-08-05T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1737651"
}
],
"notes": [
{
"category": "description",
"text": "The kubectl cp command allows copying files between containers and the user machine. To copy files from a container, Kubernetes runs tar inside the container to create a tar archive, copies it over the network, and kubectl unpacks it on the user\u2019s machine. If the tar binary in the container is malicious, it could run any code and output unexpected, malicious results. An attacker could use this to write files to any path on the user\u2019s machine when kubectl cp is called, limited only by the system permissions of the local user. Kubernetes affected versions include versions prior to 1.13.9, versions prior to 1.14.5, versions prior to 1.15.2, and versions 1.1, 1.2, 1.4, 1.4, 1.5, 1.6, 1.7, 1.8, 1.9, 1.10, 1.11, 1.12.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kubernetes: Incomplete fixes for CVE-2019-1002101 and CVE-2019-11246, kubectl cp potential directory traversal",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RH7-RHOSE-4.1:atomic-enterprise-service-catalog-1:4.1.16-201909090609.git.1.cc4acc1.el7.src",
"7Server-RH7-RHOSE-4.1:atomic-enterprise-service-catalog-1:4.1.16-201909090609.git.1.cc4acc1.el7.x86_64",
"7Server-RH7-RHOSE-4.1:atomic-enterprise-service-catalog-svcat-1:4.1.16-201909090609.git.1.cc4acc1.el7.x86_64",
"7Server-RH7-RHOSE-4.1:jenkins-2-plugins-0:4.1.1567784275-1.el7.noarch",
"7Server-RH7-RHOSE-4.1:jenkins-2-plugins-0:4.1.1567784275-1.el7.src",
"7Server-RH7-RHOSE-4.1:openshift-0:4.1.16-201909090609.git.0.2f97059.el7.src",
"7Server-RH7-RHOSE-4.1:openshift-ansible-0:4.1.16-201909090609.git.162.a0800db.el7.noarch",
"7Server-RH7-RHOSE-4.1:openshift-ansible-0:4.1.16-201909090609.git.162.a0800db.el7.src",
"7Server-RH7-RHOSE-4.1:openshift-clients-0:4.1.16-201909090609.git.0.2f97059.el7.x86_64",
"7Server-RH7-RHOSE-4.1:openshift-clients-redistributable-0:4.1.16-201909090609.git.0.2f97059.el7.x86_64",
"7Server-RH7-RHOSE-4.1:openshift-hyperkube-0:4.1.16-201909090609.git.0.2f97059.el7.x86_64",
"8Base-RHOSE-4.1:openshift-0:4.1.16-201909090609.git.0.2f97059.el8.src",
"8Base-RHOSE-4.1:openshift-clients-0:4.1.16-201909090609.git.0.2f97059.el8.x86_64",
"8Base-RHOSE-4.1:openshift-clients-redistributable-0:4.1.16-201909090609.git.0.2f97059.el8.x86_64",
"8Base-RHOSE-4.1:openshift-hyperkube-0:4.1.16-201909090609.git.0.2f97059.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-11249"
},
{
"category": "external",
"summary": "RHBZ#1737651",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1737651"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-11249",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11249"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-11249",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-11249"
},
{
"category": "external",
"summary": "https://groups.google.com/forum/#!topic/kubernetes-security-discuss/Vf31dXp0EJc",
"url": "https://groups.google.com/forum/#!topic/kubernetes-security-discuss/Vf31dXp0EJc"
}
],
"release_date": "2019-08-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-09-20T15:24:10+00:00",
"details": "Before applying this update, ensure all previously released errata\nrelevant to your system have been applied.\n\nFor OpenShift Container Platform 4.1 see the following documentation, which\nwill be updated shortly for release 4.1.16, for important instructions on\nhow to upgrade your cluster and fully apply this asynchronous errata\nupdate:\n\nhttps://docs.openshift.com/container-platform/4.1/release_notes/ocp-4-1-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.1/updating/updating-cluster-cli.html.",
"product_ids": [
"7Server-RH7-RHOSE-4.1:atomic-enterprise-service-catalog-1:4.1.16-201909090609.git.1.cc4acc1.el7.src",
"7Server-RH7-RHOSE-4.1:atomic-enterprise-service-catalog-1:4.1.16-201909090609.git.1.cc4acc1.el7.x86_64",
"7Server-RH7-RHOSE-4.1:atomic-enterprise-service-catalog-svcat-1:4.1.16-201909090609.git.1.cc4acc1.el7.x86_64",
"7Server-RH7-RHOSE-4.1:jenkins-2-plugins-0:4.1.1567784275-1.el7.noarch",
"7Server-RH7-RHOSE-4.1:jenkins-2-plugins-0:4.1.1567784275-1.el7.src",
"7Server-RH7-RHOSE-4.1:openshift-0:4.1.16-201909090609.git.0.2f97059.el7.src",
"7Server-RH7-RHOSE-4.1:openshift-ansible-0:4.1.16-201909090609.git.162.a0800db.el7.noarch",
"7Server-RH7-RHOSE-4.1:openshift-ansible-0:4.1.16-201909090609.git.162.a0800db.el7.src",
"7Server-RH7-RHOSE-4.1:openshift-clients-0:4.1.16-201909090609.git.0.2f97059.el7.x86_64",
"7Server-RH7-RHOSE-4.1:openshift-clients-redistributable-0:4.1.16-201909090609.git.0.2f97059.el7.x86_64",
"7Server-RH7-RHOSE-4.1:openshift-hyperkube-0:4.1.16-201909090609.git.0.2f97059.el7.x86_64",
"8Base-RHOSE-4.1:openshift-0:4.1.16-201909090609.git.0.2f97059.el8.src",
"8Base-RHOSE-4.1:openshift-clients-0:4.1.16-201909090609.git.0.2f97059.el8.x86_64",
"8Base-RHOSE-4.1:openshift-clients-redistributable-0:4.1.16-201909090609.git.0.2f97059.el8.x86_64",
"8Base-RHOSE-4.1:openshift-hyperkube-0:4.1.16-201909090609.git.0.2f97059.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHBA-2019:2794"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:H/A:N",
"version": "3.0"
},
"products": [
"7Server-RH7-RHOSE-4.1:atomic-enterprise-service-catalog-1:4.1.16-201909090609.git.1.cc4acc1.el7.src",
"7Server-RH7-RHOSE-4.1:atomic-enterprise-service-catalog-1:4.1.16-201909090609.git.1.cc4acc1.el7.x86_64",
"7Server-RH7-RHOSE-4.1:atomic-enterprise-service-catalog-svcat-1:4.1.16-201909090609.git.1.cc4acc1.el7.x86_64",
"7Server-RH7-RHOSE-4.1:jenkins-2-plugins-0:4.1.1567784275-1.el7.noarch",
"7Server-RH7-RHOSE-4.1:jenkins-2-plugins-0:4.1.1567784275-1.el7.src",
"7Server-RH7-RHOSE-4.1:openshift-0:4.1.16-201909090609.git.0.2f97059.el7.src",
"7Server-RH7-RHOSE-4.1:openshift-ansible-0:4.1.16-201909090609.git.162.a0800db.el7.noarch",
"7Server-RH7-RHOSE-4.1:openshift-ansible-0:4.1.16-201909090609.git.162.a0800db.el7.src",
"7Server-RH7-RHOSE-4.1:openshift-clients-0:4.1.16-201909090609.git.0.2f97059.el7.x86_64",
"7Server-RH7-RHOSE-4.1:openshift-clients-redistributable-0:4.1.16-201909090609.git.0.2f97059.el7.x86_64",
"7Server-RH7-RHOSE-4.1:openshift-hyperkube-0:4.1.16-201909090609.git.0.2f97059.el7.x86_64",
"8Base-RHOSE-4.1:openshift-0:4.1.16-201909090609.git.0.2f97059.el8.src",
"8Base-RHOSE-4.1:openshift-clients-0:4.1.16-201909090609.git.0.2f97059.el8.x86_64",
"8Base-RHOSE-4.1:openshift-clients-redistributable-0:4.1.16-201909090609.git.0.2f97059.el8.x86_64",
"8Base-RHOSE-4.1:openshift-hyperkube-0:4.1.16-201909090609.git.0.2f97059.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kubernetes: Incomplete fixes for CVE-2019-1002101 and CVE-2019-11246, kubectl cp potential directory traversal"
}
]
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…