Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2020-10689 (GCVE-0-2020-10689)
Vulnerability from cvelistv5 – Published: 2020-04-03 14:29 – Updated: 2024-08-04 11:06
VLAI?
EPSS
Summary
A flaw was found in the Eclipse Che up to version 7.8.x, where it did not properly restrict access to workspace pods. An authenticated user can exploit this flaw to bypass JWT proxy and gain access to the workspace pods of another user. Successful exploitation requires knowledge of the service name and namespace of the target pod.
Severity ?
6.4 (Medium)
CWE
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Red Hat | Eclipse Che |
Affected:
7.8.x
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T11:06:11.157Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-10689"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/eclipse/che/issues/15651"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Eclipse Che",
"vendor": "Red Hat",
"versions": [
{
"status": "affected",
"version": "7.8.x"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A flaw was found in the Eclipse Che up to version 7.8.x, where it did not properly restrict access to workspace pods. An authenticated user can exploit this flaw to bypass JWT proxy and gain access to the workspace pods of another user. Successful exploitation requires knowledge of the service name and namespace of the target pod."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-862",
"description": "CWE-862",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-04-03T14:29:59",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-10689"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/eclipse/che/issues/15651"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2020-10689",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Eclipse Che",
"version": {
"version_data": [
{
"version_value": "7.8.x"
}
]
}
}
]
},
"vendor_name": "Red Hat"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A flaw was found in the Eclipse Che up to version 7.8.x, where it did not properly restrict access to workspace pods. An authenticated user can exploit this flaw to bypass JWT proxy and gain access to the workspace pods of another user. Successful exploitation requires knowledge of the service name and namespace of the target pod."
}
]
},
"impact": {
"cvss": [
[
{
"vectorString": "6.4/CVSS:3.1/AV:A/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
]
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-862"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-10689",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-10689"
},
{
"name": "https://github.com/eclipse/che/issues/15651",
"refsource": "MISC",
"url": "https://github.com/eclipse/che/issues/15651"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2020-10689",
"datePublished": "2020-04-03T14:29:59",
"dateReserved": "2020-03-20T00:00:00",
"dateUpdated": "2024-08-04T11:06:11.157Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"fkie_nvd": {
"configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:eclipse:che:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"7.9.0\", \"matchCriteriaId\": \"20B587B9-3F69-42CA-810C-CAFAB7CE29E3\"}]}]}]",
"descriptions": "[{\"lang\": \"en\", \"value\": \"A flaw was found in the Eclipse Che up to version 7.8.x, where it did not properly restrict access to workspace pods. An authenticated user can exploit this flaw to bypass JWT proxy and gain access to the workspace pods of another user. Successful exploitation requires knowledge of the service name and namespace of the target pod.\"}, {\"lang\": \"es\", \"value\": \"Se detect\\u00f3 un fallo en el Eclipse Che versiones hasta 7.8.x, donde no se restringe apropiadamente el acceso a unos pods del espacio de trabajo. Un usuario autenticado puede explotar este fallo para omitir un proxy JWT y conseguir acceso a los pods del espacio de trabajo de otro usuario. Una explotaci\\u00f3n con \\u00e9xito requiere el conocimiento del nombre del servicio y el espacio de nombres del pod objetivo.\"}]",
"id": "CVE-2020-10689",
"lastModified": "2024-11-21T04:55:51.600",
"metrics": "{\"cvssMetricV31\": [{\"source\": \"secalert@redhat.com\", \"type\": \"Secondary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:A/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H\", \"baseScore\": 6.4, \"baseSeverity\": \"MEDIUM\", \"attackVector\": \"ADJACENT_NETWORK\", \"attackComplexity\": \"HIGH\", \"privilegesRequired\": \"HIGH\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 0.5, \"impactScore\": 5.9}, {\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H\", \"baseScore\": 6.8, \"baseSeverity\": \"MEDIUM\", \"attackVector\": \"ADJACENT_NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"HIGH\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 0.9, \"impactScore\": 5.9}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:A/AC:M/Au:S/C:P/I:P/A:P\", \"baseScore\": 4.9, \"accessVector\": \"ADJACENT_NETWORK\", \"accessComplexity\": \"MEDIUM\", \"authentication\": \"SINGLE\", \"confidentialityImpact\": \"PARTIAL\", \"integrityImpact\": \"PARTIAL\", \"availabilityImpact\": \"PARTIAL\"}, \"baseSeverity\": \"MEDIUM\", \"exploitabilityScore\": 4.4, \"impactScore\": 6.4, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
"published": "2020-04-03T15:15:14.420",
"references": "[{\"url\": \"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-10689\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Issue Tracking\", \"Patch\", \"Third Party Advisory\"]}, {\"url\": \"https://github.com/eclipse/che/issues/15651\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Exploit\", \"Issue Tracking\", \"Third Party Advisory\"]}, {\"url\": \"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-10689\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Issue Tracking\", \"Patch\", \"Third Party Advisory\"]}, {\"url\": \"https://github.com/eclipse/che/issues/15651\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Exploit\", \"Issue Tracking\", \"Third Party Advisory\"]}]",
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Modified",
"weaknesses": "[{\"source\": \"secalert@redhat.com\", \"type\": \"Secondary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-862\"}]}, {\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"NVD-CWE-Other\"}]}]"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2020-10689\",\"sourceIdentifier\":\"secalert@redhat.com\",\"published\":\"2020-04-03T15:15:14.420\",\"lastModified\":\"2024-11-21T04:55:51.600\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"A flaw was found in the Eclipse Che up to version 7.8.x, where it did not properly restrict access to workspace pods. An authenticated user can exploit this flaw to bypass JWT proxy and gain access to the workspace pods of another user. Successful exploitation requires knowledge of the service name and namespace of the target pod.\"},{\"lang\":\"es\",\"value\":\"Se detect\u00f3 un fallo en el Eclipse Che versiones hasta 7.8.x, donde no se restringe apropiadamente el acceso a unos pods del espacio de trabajo. Un usuario autenticado puede explotar este fallo para omitir un proxy JWT y conseguir acceso a los pods del espacio de trabajo de otro usuario. Una explotaci\u00f3n con \u00e9xito requiere el conocimiento del nombre del servicio y el espacio de nombres del pod objetivo.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"secalert@redhat.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:A/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":6.4,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"ADJACENT_NETWORK\",\"attackComplexity\":\"HIGH\",\"privilegesRequired\":\"HIGH\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":0.5,\"impactScore\":5.9},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":6.8,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"ADJACENT_NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"HIGH\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":0.9,\"impactScore\":5.9}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:A/AC:M/Au:S/C:P/I:P/A:P\",\"baseScore\":4.9,\"accessVector\":\"ADJACENT_NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"SINGLE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":4.4,\"impactScore\":6.4,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"secalert@redhat.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-862\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-Other\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:eclipse:che:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"7.9.0\",\"matchCriteriaId\":\"20B587B9-3F69-42CA-810C-CAFAB7CE29E3\"}]}]}],\"references\":[{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-10689\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Issue Tracking\",\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/eclipse/che/issues/15651\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Exploit\",\"Issue Tracking\",\"Third Party Advisory\"]},{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-10689\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\",\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/eclipse/che/issues/15651\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Issue Tracking\",\"Third Party Advisory\"]}]}}"
}
}
FKIE_CVE-2020-10689
Vulnerability from fkie_nvd - Published: 2020-04-03 15:15 - Updated: 2024-11-21 04:55
Severity ?
6.4 (Medium) - CVSS:3.1/AV:A/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
6.8 (Medium) - CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
6.8 (Medium) - CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Summary
A flaw was found in the Eclipse Che up to version 7.8.x, where it did not properly restrict access to workspace pods. An authenticated user can exploit this flaw to bypass JWT proxy and gain access to the workspace pods of another user. Successful exploitation requires knowledge of the service name and namespace of the target pod.
References
| URL | Tags | ||
|---|---|---|---|
| secalert@redhat.com | https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-10689 | Issue Tracking, Patch, Third Party Advisory | |
| secalert@redhat.com | https://github.com/eclipse/che/issues/15651 | Exploit, Issue Tracking, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-10689 | Issue Tracking, Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/eclipse/che/issues/15651 | Exploit, Issue Tracking, Third Party Advisory |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:eclipse:che:*:*:*:*:*:*:*:*",
"matchCriteriaId": "20B587B9-3F69-42CA-810C-CAFAB7CE29E3",
"versionEndExcluding": "7.9.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A flaw was found in the Eclipse Che up to version 7.8.x, where it did not properly restrict access to workspace pods. An authenticated user can exploit this flaw to bypass JWT proxy and gain access to the workspace pods of another user. Successful exploitation requires knowledge of the service name and namespace of the target pod."
},
{
"lang": "es",
"value": "Se detect\u00f3 un fallo en el Eclipse Che versiones hasta 7.8.x, donde no se restringe apropiadamente el acceso a unos pods del espacio de trabajo. Un usuario autenticado puede explotar este fallo para omitir un proxy JWT y conseguir acceso a los pods del espacio de trabajo de otro usuario. Una explotaci\u00f3n con \u00e9xito requiere el conocimiento del nombre del servicio y el espacio de nombres del pod objetivo."
}
],
"id": "CVE-2020-10689",
"lastModified": "2024-11-21T04:55:51.600",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "ADJACENT_NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.9,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:A/AC:M/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 4.4,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.5,
"impactScore": 5.9,
"source": "secalert@redhat.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-04-03T15:15:14.420",
"references": [
{
"source": "secalert@redhat.com",
"tags": [
"Issue Tracking",
"Patch",
"Third Party Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-10689"
},
{
"source": "secalert@redhat.com",
"tags": [
"Exploit",
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://github.com/eclipse/che/issues/15651"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Patch",
"Third Party Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-10689"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://github.com/eclipse/che/issues/15651"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-862"
}
],
"source": "secalert@redhat.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
GSD-2020-10689
Vulnerability from gsd - Updated: 2023-12-13 01:22Details
A flaw was found in the Eclipse Che up to version 7.8.x, where it did not properly restrict access to workspace pods. An authenticated user can exploit this flaw to bypass JWT proxy and gain access to the workspace pods of another user. Successful exploitation requires knowledge of the service name and namespace of the target pod.
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2020-10689",
"description": "A flaw was found in the Eclipse Che up to version 7.8.x, where it did not properly restrict access to workspace pods. An authenticated user can exploit this flaw to bypass JWT proxy and gain access to the workspace pods of another user. Successful exploitation requires knowledge of the service name and namespace of the target pod.",
"id": "GSD-2020-10689",
"references": [
"https://access.redhat.com/errata/RHSA-2020:1475"
]
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2020-10689"
],
"details": "A flaw was found in the Eclipse Che up to version 7.8.x, where it did not properly restrict access to workspace pods. An authenticated user can exploit this flaw to bypass JWT proxy and gain access to the workspace pods of another user. Successful exploitation requires knowledge of the service name and namespace of the target pod.",
"id": "GSD-2020-10689",
"modified": "2023-12-13T01:22:04.651901Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2020-10689",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Eclipse Che",
"version": {
"version_data": [
{
"version_value": "7.8.x"
}
]
}
}
]
},
"vendor_name": "Red Hat"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A flaw was found in the Eclipse Che up to version 7.8.x, where it did not properly restrict access to workspace pods. An authenticated user can exploit this flaw to bypass JWT proxy and gain access to the workspace pods of another user. Successful exploitation requires knowledge of the service name and namespace of the target pod."
}
]
},
"impact": {
"cvss": [
[
{
"vectorString": "6.4/CVSS:3.1/AV:A/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
]
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-862"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-10689",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-10689"
},
{
"name": "https://github.com/eclipse/che/issues/15651",
"refsource": "MISC",
"url": "https://github.com/eclipse/che/issues/15651"
}
]
}
},
"nvd.nist.gov": {
"configurations": {
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:eclipse:che:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "7.9.0",
"vulnerable": true
}
],
"operator": "OR"
}
]
},
"cve": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2020-10689"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "en",
"value": "A flaw was found in the Eclipse Che up to version 7.8.x, where it did not properly restrict access to workspace pods. An authenticated user can exploit this flaw to bypass JWT proxy and gain access to the workspace pods of another user. Successful exploitation requires knowledge of the service name and namespace of the target pod."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-10689",
"refsource": "CONFIRM",
"tags": [
"Issue Tracking",
"Patch",
"Third Party Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-10689"
},
{
"name": "https://github.com/eclipse/che/issues/15651",
"refsource": "MISC",
"tags": [
"Exploit",
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://github.com/eclipse/che/issues/15651"
}
]
}
},
"impact": {
"baseMetricV2": {
"acInsufInfo": false,
"cvssV2": {
"accessComplexity": "MEDIUM",
"accessVector": "ADJACENT_NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.9,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:A/AC:M/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 4.4,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"userInteractionRequired": false
},
"baseMetricV3": {
"cvssV3": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.9,
"impactScore": 5.9
}
},
"lastModifiedDate": "2021-12-20T22:56Z",
"publishedDate": "2020-04-03T15:15Z"
}
}
}
RHSA-2020_1475
Vulnerability from csaf_redhat - Published: 2020-04-14 19:26 - Updated: 2024-11-22 14:20Summary
Red Hat Security Advisory: Red Hat CodeReady Workspaces 2.1.0 release
Notes
Topic
Red Hat CodeReady Workspaces 2.1.0 has been released.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat CodeReady Workspaces 2.1.0 provides a cloud developer-workspace server and a browser-based IDE built for teams and organizations. CodeReady Workspaces runs in OpenShift and is well-suited for container-based development.
This major release is based on Eclipse Che 7.9 and offers security fixes and a number of enhancements and new features, including:
Security fix:
* JWT proxy bypass allows access to workspace pods of other users (CVE-2020-10689)
Enhancements and new features:
* Improved code samples for default devfiles
* Improved naming of default stacks
* Updated .NET sample (including debugger) to version 3.1
* Enabled offline devfile registry
For more details about the security issue, including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page listed in the References section.
This update includes updated container images, which are based on an updated Red Hat Enterprise Linux image that contains fixes for the following issues:
CVE-2019-1348, CVE-2019-1349, CVE-2019-1352, CVE-2019-1387, CVE-2019-13734, CVE-2019-15030, CVE-2019-15031, CVE-2019-16775, CVE-2019-16776, CVE-2019-16777, CVE-2019-18397, CVE-2019-18408, CVE-2019-18660, CVE-2019-19527, CVE-2020-1712, CVE-2020-10531
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Red Hat CodeReady Workspaces 2.1.0 has been released.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat CodeReady Workspaces 2.1.0 provides a cloud developer-workspace server and a browser-based IDE built for teams and organizations. CodeReady Workspaces runs in OpenShift and is well-suited for container-based development.\n\nThis major release is based on Eclipse Che 7.9 and offers security fixes and a number of enhancements and new features, including:\n\nSecurity fix:\n\n* JWT proxy bypass allows access to workspace pods of other users (CVE-2020-10689)\n\nEnhancements and new features:\n\n* Improved code samples for default devfiles\n* Improved naming of default stacks\n* Updated .NET sample (including debugger) to version 3.1\n* Enabled offline devfile registry\n\nFor more details about the security issue, including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page listed in the References section.\n\nThis update includes updated container images, which are based on an updated Red Hat Enterprise Linux image that contains fixes for the following issues:\n\nCVE-2019-1348, CVE-2019-1349, CVE-2019-1352, CVE-2019-1387, CVE-2019-13734, CVE-2019-15030, CVE-2019-15031, CVE-2019-16775, CVE-2019-16776, CVE-2019-16777, CVE-2019-18397, CVE-2019-18408, CVE-2019-18660, CVE-2019-19527, CVE-2020-1712, CVE-2020-10531",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2020:1475",
"url": "https://access.redhat.com/errata/RHSA-2020:1475"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_codeready_workspaces/2.1/html-single/installation_guide/",
"url": "https://access.redhat.com/documentation/en-us/red_hat_codeready_workspaces/2.1/html-single/installation_guide/"
},
{
"category": "external",
"summary": "1816789",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1816789"
},
{
"category": "external",
"summary": "CRW-402",
"url": "https://issues.redhat.com/browse/CRW-402"
},
{
"category": "external",
"summary": "CRW-507",
"url": "https://issues.redhat.com/browse/CRW-507"
},
{
"category": "external",
"summary": "CRW-510",
"url": "https://issues.redhat.com/browse/CRW-510"
},
{
"category": "external",
"summary": "CRW-533",
"url": "https://issues.redhat.com/browse/CRW-533"
},
{
"category": "external",
"summary": "CRW-535",
"url": "https://issues.redhat.com/browse/CRW-535"
},
{
"category": "external",
"summary": "CRW-537",
"url": "https://issues.redhat.com/browse/CRW-537"
},
{
"category": "external",
"summary": "CRW-544",
"url": "https://issues.redhat.com/browse/CRW-544"
},
{
"category": "external",
"summary": "CRW-572",
"url": "https://issues.redhat.com/browse/CRW-572"
},
{
"category": "external",
"summary": "CRW-573",
"url": "https://issues.redhat.com/browse/CRW-573"
},
{
"category": "external",
"summary": "CRW-574",
"url": "https://issues.redhat.com/browse/CRW-574"
},
{
"category": "external",
"summary": "CRW-784",
"url": "https://issues.redhat.com/browse/CRW-784"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2020/rhsa-2020_1475.json"
}
],
"title": "Red Hat Security Advisory: Red Hat CodeReady Workspaces 2.1.0 release",
"tracking": {
"current_release_date": "2024-11-22T14:20:39+00:00",
"generator": {
"date": "2024-11-22T14:20:39+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.1"
}
},
"id": "RHSA-2020:1475",
"initial_release_date": "2020-04-14T19:26:29+00:00",
"revision_history": [
{
"date": "2020-04-14T19:26:29+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2020-04-14T19:26:29+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-22T14:20:39+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat CodeReady Workspaces Containers 2.0",
"product": {
"name": "Red Hat CodeReady Workspaces Containers 2.0",
"product_id": "8Base-CRW-2.0",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:codeready_workspaces:2.0::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat CodeReady Workspaces"
},
{
"branches": [
{
"category": "product_version",
"name": "codeready-workspaces/devfileregistry-rhel8@sha256:b811a879f331152bada0fd225ca3330d54f27596040edec5778bd4099bc14371_amd64",
"product": {
"name": "codeready-workspaces/devfileregistry-rhel8@sha256:b811a879f331152bada0fd225ca3330d54f27596040edec5778bd4099bc14371_amd64",
"product_id": "codeready-workspaces/devfileregistry-rhel8@sha256:b811a879f331152bada0fd225ca3330d54f27596040edec5778bd4099bc14371_amd64",
"product_identification_helper": {
"purl": "pkg:oci/devfileregistry-rhel8@sha256:b811a879f331152bada0fd225ca3330d54f27596040edec5778bd4099bc14371?arch=amd64\u0026repository_url=registry.redhat.io/codeready-workspaces/devfileregistry-rhel8\u0026tag=2.1-72"
}
}
},
{
"category": "product_version",
"name": "codeready-workspaces/imagepuller-rhel8@sha256:da74046d9bc142f22624c2d46da07ec22d5cf4d27b19c898390d0aa4bdce1ec0_amd64",
"product": {
"name": "codeready-workspaces/imagepuller-rhel8@sha256:da74046d9bc142f22624c2d46da07ec22d5cf4d27b19c898390d0aa4bdce1ec0_amd64",
"product_id": "codeready-workspaces/imagepuller-rhel8@sha256:da74046d9bc142f22624c2d46da07ec22d5cf4d27b19c898390d0aa4bdce1ec0_amd64",
"product_identification_helper": {
"purl": "pkg:oci/imagepuller-rhel8@sha256:da74046d9bc142f22624c2d46da07ec22d5cf4d27b19c898390d0aa4bdce1ec0?arch=amd64\u0026repository_url=registry.redhat.io/codeready-workspaces/imagepuller-rhel8\u0026tag=2.1-15"
}
}
},
{
"category": "product_version",
"name": "codeready-workspaces/jwtproxy-rhel8@sha256:b0b31981db52f3203682f18026bcd346cee647d7ad4160e87103f276f8780ff5_amd64",
"product": {
"name": "codeready-workspaces/jwtproxy-rhel8@sha256:b0b31981db52f3203682f18026bcd346cee647d7ad4160e87103f276f8780ff5_amd64",
"product_id": "codeready-workspaces/jwtproxy-rhel8@sha256:b0b31981db52f3203682f18026bcd346cee647d7ad4160e87103f276f8780ff5_amd64",
"product_identification_helper": {
"purl": "pkg:oci/jwtproxy-rhel8@sha256:b0b31981db52f3203682f18026bcd346cee647d7ad4160e87103f276f8780ff5?arch=amd64\u0026repository_url=registry.redhat.io/codeready-workspaces/jwtproxy-rhel8\u0026tag=2.1-11"
}
}
},
{
"category": "product_version",
"name": "codeready-workspaces/machineexec-rhel8@sha256:dac0dae1b8df99a74b42a87ad5d2976b5f1f1d864feea953ce92660b9f33ac39_amd64",
"product": {
"name": "codeready-workspaces/machineexec-rhel8@sha256:dac0dae1b8df99a74b42a87ad5d2976b5f1f1d864feea953ce92660b9f33ac39_amd64",
"product_id": "codeready-workspaces/machineexec-rhel8@sha256:dac0dae1b8df99a74b42a87ad5d2976b5f1f1d864feea953ce92660b9f33ac39_amd64",
"product_identification_helper": {
"purl": "pkg:oci/machineexec-rhel8@sha256:dac0dae1b8df99a74b42a87ad5d2976b5f1f1d864feea953ce92660b9f33ac39?arch=amd64\u0026repository_url=registry.redhat.io/codeready-workspaces/machineexec-rhel8\u0026tag=2.1-9"
}
}
},
{
"category": "product_version",
"name": "codeready-workspaces/pluginbroker-artifacts-rhel8@sha256:6e79860a0dd54fadccce26847c0dfb31d74db351e9dfce89df368d655bf27e7a_amd64",
"product": {
"name": "codeready-workspaces/pluginbroker-artifacts-rhel8@sha256:6e79860a0dd54fadccce26847c0dfb31d74db351e9dfce89df368d655bf27e7a_amd64",
"product_id": "codeready-workspaces/pluginbroker-artifacts-rhel8@sha256:6e79860a0dd54fadccce26847c0dfb31d74db351e9dfce89df368d655bf27e7a_amd64",
"product_identification_helper": {
"purl": "pkg:oci/pluginbroker-artifacts-rhel8@sha256:6e79860a0dd54fadccce26847c0dfb31d74db351e9dfce89df368d655bf27e7a?arch=amd64\u0026repository_url=registry.redhat.io/codeready-workspaces/pluginbroker-artifacts-rhel8\u0026tag=2.1-9"
}
}
},
{
"category": "product_version",
"name": "codeready-workspaces/pluginbroker-metadata-rhel8@sha256:27d339688c21a34e5edfe9329bcf9a5bed1230bf322170d410a7fa80ee910593_amd64",
"product": {
"name": "codeready-workspaces/pluginbroker-metadata-rhel8@sha256:27d339688c21a34e5edfe9329bcf9a5bed1230bf322170d410a7fa80ee910593_amd64",
"product_id": "codeready-workspaces/pluginbroker-metadata-rhel8@sha256:27d339688c21a34e5edfe9329bcf9a5bed1230bf322170d410a7fa80ee910593_amd64",
"product_identification_helper": {
"purl": "pkg:oci/pluginbroker-metadata-rhel8@sha256:27d339688c21a34e5edfe9329bcf9a5bed1230bf322170d410a7fa80ee910593?arch=amd64\u0026repository_url=registry.redhat.io/codeready-workspaces/pluginbroker-metadata-rhel8\u0026tag=2.1-9"
}
}
},
{
"category": "product_version",
"name": "codeready-workspaces/plugin-java11-rhel8@sha256:872fa606f0108bbad736bd70d588263437c728ada2ff6790981eff1703fa7a55_amd64",
"product": {
"name": "codeready-workspaces/plugin-java11-rhel8@sha256:872fa606f0108bbad736bd70d588263437c728ada2ff6790981eff1703fa7a55_amd64",
"product_id": "codeready-workspaces/plugin-java11-rhel8@sha256:872fa606f0108bbad736bd70d588263437c728ada2ff6790981eff1703fa7a55_amd64",
"product_identification_helper": {
"purl": "pkg:oci/plugin-java11-rhel8@sha256:872fa606f0108bbad736bd70d588263437c728ada2ff6790981eff1703fa7a55?arch=amd64\u0026repository_url=registry.redhat.io/codeready-workspaces/plugin-java11-rhel8\u0026tag=2.1-10"
}
}
},
{
"category": "product_version",
"name": "codeready-workspaces/plugin-kubernetes-rhel8@sha256:603780924977c27ccfbbb1715fd3ef3683eaea5ee867f93d25ed4c9a74514eaa_amd64",
"product": {
"name": "codeready-workspaces/plugin-kubernetes-rhel8@sha256:603780924977c27ccfbbb1715fd3ef3683eaea5ee867f93d25ed4c9a74514eaa_amd64",
"product_id": "codeready-workspaces/plugin-kubernetes-rhel8@sha256:603780924977c27ccfbbb1715fd3ef3683eaea5ee867f93d25ed4c9a74514eaa_amd64",
"product_identification_helper": {
"purl": "pkg:oci/plugin-kubernetes-rhel8@sha256:603780924977c27ccfbbb1715fd3ef3683eaea5ee867f93d25ed4c9a74514eaa?arch=amd64\u0026repository_url=registry.redhat.io/codeready-workspaces/plugin-kubernetes-rhel8\u0026tag=2.1-7"
}
}
},
{
"category": "product_version",
"name": "codeready-workspaces/plugin-openshift-rhel8@sha256:38202d1640cf25438ab85e5c7847917daeb0fdca040c2adf4ad8daa018a5f335_amd64",
"product": {
"name": "codeready-workspaces/plugin-openshift-rhel8@sha256:38202d1640cf25438ab85e5c7847917daeb0fdca040c2adf4ad8daa018a5f335_amd64",
"product_id": "codeready-workspaces/plugin-openshift-rhel8@sha256:38202d1640cf25438ab85e5c7847917daeb0fdca040c2adf4ad8daa018a5f335_amd64",
"product_identification_helper": {
"purl": "pkg:oci/plugin-openshift-rhel8@sha256:38202d1640cf25438ab85e5c7847917daeb0fdca040c2adf4ad8daa018a5f335?arch=amd64\u0026repository_url=registry.redhat.io/codeready-workspaces/plugin-openshift-rhel8\u0026tag=2.1-7"
}
}
},
{
"category": "product_version",
"name": "codeready-workspaces/pluginregistry-rhel8@sha256:e8187d1f68bba7f17898e341cd0b89b10c9363e31ed558b0713d2367e2669618_amd64",
"product": {
"name": "codeready-workspaces/pluginregistry-rhel8@sha256:e8187d1f68bba7f17898e341cd0b89b10c9363e31ed558b0713d2367e2669618_amd64",
"product_id": "codeready-workspaces/pluginregistry-rhel8@sha256:e8187d1f68bba7f17898e341cd0b89b10c9363e31ed558b0713d2367e2669618_amd64",
"product_identification_helper": {
"purl": "pkg:oci/pluginregistry-rhel8@sha256:e8187d1f68bba7f17898e341cd0b89b10c9363e31ed558b0713d2367e2669618?arch=amd64\u0026repository_url=registry.redhat.io/codeready-workspaces/pluginregistry-rhel8\u0026tag=2.1-86"
}
}
},
{
"category": "product_version",
"name": "codeready-workspaces/crw-2-rhel8-operator@sha256:45eca3d70335c8b70f5e71d31576d66fba7877d8bd2d5eb96352a1da7b2ef58f_amd64",
"product": {
"name": "codeready-workspaces/crw-2-rhel8-operator@sha256:45eca3d70335c8b70f5e71d31576d66fba7877d8bd2d5eb96352a1da7b2ef58f_amd64",
"product_id": "codeready-workspaces/crw-2-rhel8-operator@sha256:45eca3d70335c8b70f5e71d31576d66fba7877d8bd2d5eb96352a1da7b2ef58f_amd64",
"product_identification_helper": {
"purl": "pkg:oci/crw-2-rhel8-operator@sha256:45eca3d70335c8b70f5e71d31576d66fba7877d8bd2d5eb96352a1da7b2ef58f?arch=amd64\u0026repository_url=registry.redhat.io/codeready-workspaces/crw-2-rhel8-operator\u0026tag=2.1-19"
}
}
},
{
"category": "product_version",
"name": "codeready-workspaces/crw-2-rhel8-operator-metadata@sha256:52d30fcac79fc7bd5fd3e03a253215e7023d422ab72e4661229e9ed09cf9ef27_amd64",
"product": {
"name": "codeready-workspaces/crw-2-rhel8-operator-metadata@sha256:52d30fcac79fc7bd5fd3e03a253215e7023d422ab72e4661229e9ed09cf9ef27_amd64",
"product_id": "codeready-workspaces/crw-2-rhel8-operator-metadata@sha256:52d30fcac79fc7bd5fd3e03a253215e7023d422ab72e4661229e9ed09cf9ef27_amd64",
"product_identification_helper": {
"purl": "pkg:oci/crw-2-rhel8-operator-metadata@sha256:52d30fcac79fc7bd5fd3e03a253215e7023d422ab72e4661229e9ed09cf9ef27?arch=amd64\u0026repository_url=registry.redhat.io/codeready-workspaces/crw-2-rhel8-operator-metadata\u0026tag=2.1-41"
}
}
},
{
"category": "product_version",
"name": "codeready-workspaces/server-rhel8@sha256:2d87f9ef09138a692c9a09c2b24ddfa3377cc74501a34c142dafd3e08babd650_amd64",
"product": {
"name": "codeready-workspaces/server-rhel8@sha256:2d87f9ef09138a692c9a09c2b24ddfa3377cc74501a34c142dafd3e08babd650_amd64",
"product_id": "codeready-workspaces/server-rhel8@sha256:2d87f9ef09138a692c9a09c2b24ddfa3377cc74501a34c142dafd3e08babd650_amd64",
"product_identification_helper": {
"purl": "pkg:oci/server-rhel8@sha256:2d87f9ef09138a692c9a09c2b24ddfa3377cc74501a34c142dafd3e08babd650?arch=amd64\u0026repository_url=registry.redhat.io/codeready-workspaces/server-rhel8\u0026tag=2.1-19"
}
}
},
{
"category": "product_version",
"name": "codeready-workspaces/stacks-cpp-rhel8@sha256:191d0fcf5983e2901fd3d92d27af760ab3e9924bbad8dbc7d45dd0103de89480_amd64",
"product": {
"name": "codeready-workspaces/stacks-cpp-rhel8@sha256:191d0fcf5983e2901fd3d92d27af760ab3e9924bbad8dbc7d45dd0103de89480_amd64",
"product_id": "codeready-workspaces/stacks-cpp-rhel8@sha256:191d0fcf5983e2901fd3d92d27af760ab3e9924bbad8dbc7d45dd0103de89480_amd64",
"product_identification_helper": {
"purl": "pkg:oci/stacks-cpp-rhel8@sha256:191d0fcf5983e2901fd3d92d27af760ab3e9924bbad8dbc7d45dd0103de89480?arch=amd64\u0026repository_url=registry.redhat.io/codeready-workspaces/stacks-cpp-rhel8\u0026tag=2.1-6"
}
}
},
{
"category": "product_version",
"name": "codeready-workspaces/stacks-dotnet-rhel8@sha256:9a5ef2fec22979ccaab3574c5fc0761262b165bf0c5ac49d078b2069d84d9f08_amd64",
"product": {
"name": "codeready-workspaces/stacks-dotnet-rhel8@sha256:9a5ef2fec22979ccaab3574c5fc0761262b165bf0c5ac49d078b2069d84d9f08_amd64",
"product_id": "codeready-workspaces/stacks-dotnet-rhel8@sha256:9a5ef2fec22979ccaab3574c5fc0761262b165bf0c5ac49d078b2069d84d9f08_amd64",
"product_identification_helper": {
"purl": "pkg:oci/stacks-dotnet-rhel8@sha256:9a5ef2fec22979ccaab3574c5fc0761262b165bf0c5ac49d078b2069d84d9f08?arch=amd64\u0026repository_url=registry.redhat.io/codeready-workspaces/stacks-dotnet-rhel8\u0026tag=2.1-8"
}
}
},
{
"category": "product_version",
"name": "codeready-workspaces/stacks-golang-rhel8@sha256:9e8bfc4dda750dbc82a7dac2583cf8b0ee04cc1525b9178aa0b52dae4bc4bc72_amd64",
"product": {
"name": "codeready-workspaces/stacks-golang-rhel8@sha256:9e8bfc4dda750dbc82a7dac2583cf8b0ee04cc1525b9178aa0b52dae4bc4bc72_amd64",
"product_id": "codeready-workspaces/stacks-golang-rhel8@sha256:9e8bfc4dda750dbc82a7dac2583cf8b0ee04cc1525b9178aa0b52dae4bc4bc72_amd64",
"product_identification_helper": {
"purl": "pkg:oci/stacks-golang-rhel8@sha256:9e8bfc4dda750dbc82a7dac2583cf8b0ee04cc1525b9178aa0b52dae4bc4bc72?arch=amd64\u0026repository_url=registry.redhat.io/codeready-workspaces/stacks-golang-rhel8\u0026tag=2.1-7"
}
}
},
{
"category": "product_version",
"name": "codeready-workspaces/stacks-java-rhel8@sha256:e73cb6bd61cb5578f3317ffe52dd1be0b460d5b8a3f0cee278070203e422c6aa_amd64",
"product": {
"name": "codeready-workspaces/stacks-java-rhel8@sha256:e73cb6bd61cb5578f3317ffe52dd1be0b460d5b8a3f0cee278070203e422c6aa_amd64",
"product_id": "codeready-workspaces/stacks-java-rhel8@sha256:e73cb6bd61cb5578f3317ffe52dd1be0b460d5b8a3f0cee278070203e422c6aa_amd64",
"product_identification_helper": {
"purl": "pkg:oci/stacks-java-rhel8@sha256:e73cb6bd61cb5578f3317ffe52dd1be0b460d5b8a3f0cee278070203e422c6aa?arch=amd64\u0026repository_url=registry.redhat.io/codeready-workspaces/stacks-java-rhel8\u0026tag=2.1-7"
}
}
},
{
"category": "product_version",
"name": "codeready-workspaces/stacks-node-rhel8@sha256:d1a9e5d6d9b5fd7de3342db00fa2ed3b883241eca1182044b22c8d05745c298d_amd64",
"product": {
"name": "codeready-workspaces/stacks-node-rhel8@sha256:d1a9e5d6d9b5fd7de3342db00fa2ed3b883241eca1182044b22c8d05745c298d_amd64",
"product_id": "codeready-workspaces/stacks-node-rhel8@sha256:d1a9e5d6d9b5fd7de3342db00fa2ed3b883241eca1182044b22c8d05745c298d_amd64",
"product_identification_helper": {
"purl": "pkg:oci/stacks-node-rhel8@sha256:d1a9e5d6d9b5fd7de3342db00fa2ed3b883241eca1182044b22c8d05745c298d?arch=amd64\u0026repository_url=registry.redhat.io/codeready-workspaces/stacks-node-rhel8\u0026tag=2.1-7"
}
}
},
{
"category": "product_version",
"name": "codeready-workspaces/stacks-php-rhel8@sha256:a291af2f21a28654b30e807c9dba2e5934482f8b99f816c197c87850de0eac33_amd64",
"product": {
"name": "codeready-workspaces/stacks-php-rhel8@sha256:a291af2f21a28654b30e807c9dba2e5934482f8b99f816c197c87850de0eac33_amd64",
"product_id": "codeready-workspaces/stacks-php-rhel8@sha256:a291af2f21a28654b30e807c9dba2e5934482f8b99f816c197c87850de0eac33_amd64",
"product_identification_helper": {
"purl": "pkg:oci/stacks-php-rhel8@sha256:a291af2f21a28654b30e807c9dba2e5934482f8b99f816c197c87850de0eac33?arch=amd64\u0026repository_url=registry.redhat.io/codeready-workspaces/stacks-php-rhel8\u0026tag=2.1-9"
}
}
},
{
"category": "product_version",
"name": "codeready-workspaces/stacks-python-rhel8@sha256:dc545739e4b10098e6b763d621289cac2316a5b9302e52f745ace752636939ef_amd64",
"product": {
"name": "codeready-workspaces/stacks-python-rhel8@sha256:dc545739e4b10098e6b763d621289cac2316a5b9302e52f745ace752636939ef_amd64",
"product_id": "codeready-workspaces/stacks-python-rhel8@sha256:dc545739e4b10098e6b763d621289cac2316a5b9302e52f745ace752636939ef_amd64",
"product_identification_helper": {
"purl": "pkg:oci/stacks-python-rhel8@sha256:dc545739e4b10098e6b763d621289cac2316a5b9302e52f745ace752636939ef?arch=amd64\u0026repository_url=registry.redhat.io/codeready-workspaces/stacks-python-rhel8\u0026tag=2.1-5"
}
}
},
{
"category": "product_version",
"name": "codeready-workspaces/theia-dev-rhel8@sha256:cd2ea2de13f288ff091b29e45c277c6f57fb1256d07089c06a16a0d4844d5ed6_amd64",
"product": {
"name": "codeready-workspaces/theia-dev-rhel8@sha256:cd2ea2de13f288ff091b29e45c277c6f57fb1256d07089c06a16a0d4844d5ed6_amd64",
"product_id": "codeready-workspaces/theia-dev-rhel8@sha256:cd2ea2de13f288ff091b29e45c277c6f57fb1256d07089c06a16a0d4844d5ed6_amd64",
"product_identification_helper": {
"purl": "pkg:oci/theia-dev-rhel8@sha256:cd2ea2de13f288ff091b29e45c277c6f57fb1256d07089c06a16a0d4844d5ed6?arch=amd64\u0026repository_url=registry.redhat.io/codeready-workspaces/theia-dev-rhel8\u0026tag=2.1-38"
}
}
},
{
"category": "product_version",
"name": "codeready-workspaces/theia-endpoint-rhel8@sha256:4a2e07d99330ce24c2c4e722181b3d64aba9905d032f127e9fb7ada1e420eb2b_amd64",
"product": {
"name": "codeready-workspaces/theia-endpoint-rhel8@sha256:4a2e07d99330ce24c2c4e722181b3d64aba9905d032f127e9fb7ada1e420eb2b_amd64",
"product_id": "codeready-workspaces/theia-endpoint-rhel8@sha256:4a2e07d99330ce24c2c4e722181b3d64aba9905d032f127e9fb7ada1e420eb2b_amd64",
"product_identification_helper": {
"purl": "pkg:oci/theia-endpoint-rhel8@sha256:4a2e07d99330ce24c2c4e722181b3d64aba9905d032f127e9fb7ada1e420eb2b?arch=amd64\u0026repository_url=registry.redhat.io/codeready-workspaces/theia-endpoint-rhel8\u0026tag=2.1-32"
}
}
},
{
"category": "product_version",
"name": "codeready-workspaces/theia-rhel8@sha256:815f196dff84e44adfefa1545c113c985a425feae969c68c296222a71040c120_amd64",
"product": {
"name": "codeready-workspaces/theia-rhel8@sha256:815f196dff84e44adfefa1545c113c985a425feae969c68c296222a71040c120_amd64",
"product_id": "codeready-workspaces/theia-rhel8@sha256:815f196dff84e44adfefa1545c113c985a425feae969c68c296222a71040c120_amd64",
"product_identification_helper": {
"purl": "pkg:oci/theia-rhel8@sha256:815f196dff84e44adfefa1545c113c985a425feae969c68c296222a71040c120?arch=amd64\u0026repository_url=registry.redhat.io/codeready-workspaces/theia-rhel8\u0026tag=2.1-30"
}
}
}
],
"category": "architecture",
"name": "amd64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "codeready-workspaces/crw-2-rhel8-operator-metadata@sha256:52d30fcac79fc7bd5fd3e03a253215e7023d422ab72e4661229e9ed09cf9ef27_amd64 as a component of Red Hat CodeReady Workspaces Containers 2.0",
"product_id": "8Base-CRW-2.0:codeready-workspaces/crw-2-rhel8-operator-metadata@sha256:52d30fcac79fc7bd5fd3e03a253215e7023d422ab72e4661229e9ed09cf9ef27_amd64"
},
"product_reference": "codeready-workspaces/crw-2-rhel8-operator-metadata@sha256:52d30fcac79fc7bd5fd3e03a253215e7023d422ab72e4661229e9ed09cf9ef27_amd64",
"relates_to_product_reference": "8Base-CRW-2.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "codeready-workspaces/crw-2-rhel8-operator@sha256:45eca3d70335c8b70f5e71d31576d66fba7877d8bd2d5eb96352a1da7b2ef58f_amd64 as a component of Red Hat CodeReady Workspaces Containers 2.0",
"product_id": "8Base-CRW-2.0:codeready-workspaces/crw-2-rhel8-operator@sha256:45eca3d70335c8b70f5e71d31576d66fba7877d8bd2d5eb96352a1da7b2ef58f_amd64"
},
"product_reference": "codeready-workspaces/crw-2-rhel8-operator@sha256:45eca3d70335c8b70f5e71d31576d66fba7877d8bd2d5eb96352a1da7b2ef58f_amd64",
"relates_to_product_reference": "8Base-CRW-2.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "codeready-workspaces/devfileregistry-rhel8@sha256:b811a879f331152bada0fd225ca3330d54f27596040edec5778bd4099bc14371_amd64 as a component of Red Hat CodeReady Workspaces Containers 2.0",
"product_id": "8Base-CRW-2.0:codeready-workspaces/devfileregistry-rhel8@sha256:b811a879f331152bada0fd225ca3330d54f27596040edec5778bd4099bc14371_amd64"
},
"product_reference": "codeready-workspaces/devfileregistry-rhel8@sha256:b811a879f331152bada0fd225ca3330d54f27596040edec5778bd4099bc14371_amd64",
"relates_to_product_reference": "8Base-CRW-2.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "codeready-workspaces/imagepuller-rhel8@sha256:da74046d9bc142f22624c2d46da07ec22d5cf4d27b19c898390d0aa4bdce1ec0_amd64 as a component of Red Hat CodeReady Workspaces Containers 2.0",
"product_id": "8Base-CRW-2.0:codeready-workspaces/imagepuller-rhel8@sha256:da74046d9bc142f22624c2d46da07ec22d5cf4d27b19c898390d0aa4bdce1ec0_amd64"
},
"product_reference": "codeready-workspaces/imagepuller-rhel8@sha256:da74046d9bc142f22624c2d46da07ec22d5cf4d27b19c898390d0aa4bdce1ec0_amd64",
"relates_to_product_reference": "8Base-CRW-2.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "codeready-workspaces/jwtproxy-rhel8@sha256:b0b31981db52f3203682f18026bcd346cee647d7ad4160e87103f276f8780ff5_amd64 as a component of Red Hat CodeReady Workspaces Containers 2.0",
"product_id": "8Base-CRW-2.0:codeready-workspaces/jwtproxy-rhel8@sha256:b0b31981db52f3203682f18026bcd346cee647d7ad4160e87103f276f8780ff5_amd64"
},
"product_reference": "codeready-workspaces/jwtproxy-rhel8@sha256:b0b31981db52f3203682f18026bcd346cee647d7ad4160e87103f276f8780ff5_amd64",
"relates_to_product_reference": "8Base-CRW-2.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "codeready-workspaces/machineexec-rhel8@sha256:dac0dae1b8df99a74b42a87ad5d2976b5f1f1d864feea953ce92660b9f33ac39_amd64 as a component of Red Hat CodeReady Workspaces Containers 2.0",
"product_id": "8Base-CRW-2.0:codeready-workspaces/machineexec-rhel8@sha256:dac0dae1b8df99a74b42a87ad5d2976b5f1f1d864feea953ce92660b9f33ac39_amd64"
},
"product_reference": "codeready-workspaces/machineexec-rhel8@sha256:dac0dae1b8df99a74b42a87ad5d2976b5f1f1d864feea953ce92660b9f33ac39_amd64",
"relates_to_product_reference": "8Base-CRW-2.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "codeready-workspaces/plugin-java11-rhel8@sha256:872fa606f0108bbad736bd70d588263437c728ada2ff6790981eff1703fa7a55_amd64 as a component of Red Hat CodeReady Workspaces Containers 2.0",
"product_id": "8Base-CRW-2.0:codeready-workspaces/plugin-java11-rhel8@sha256:872fa606f0108bbad736bd70d588263437c728ada2ff6790981eff1703fa7a55_amd64"
},
"product_reference": "codeready-workspaces/plugin-java11-rhel8@sha256:872fa606f0108bbad736bd70d588263437c728ada2ff6790981eff1703fa7a55_amd64",
"relates_to_product_reference": "8Base-CRW-2.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "codeready-workspaces/plugin-kubernetes-rhel8@sha256:603780924977c27ccfbbb1715fd3ef3683eaea5ee867f93d25ed4c9a74514eaa_amd64 as a component of Red Hat CodeReady Workspaces Containers 2.0",
"product_id": "8Base-CRW-2.0:codeready-workspaces/plugin-kubernetes-rhel8@sha256:603780924977c27ccfbbb1715fd3ef3683eaea5ee867f93d25ed4c9a74514eaa_amd64"
},
"product_reference": "codeready-workspaces/plugin-kubernetes-rhel8@sha256:603780924977c27ccfbbb1715fd3ef3683eaea5ee867f93d25ed4c9a74514eaa_amd64",
"relates_to_product_reference": "8Base-CRW-2.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "codeready-workspaces/plugin-openshift-rhel8@sha256:38202d1640cf25438ab85e5c7847917daeb0fdca040c2adf4ad8daa018a5f335_amd64 as a component of Red Hat CodeReady Workspaces Containers 2.0",
"product_id": "8Base-CRW-2.0:codeready-workspaces/plugin-openshift-rhel8@sha256:38202d1640cf25438ab85e5c7847917daeb0fdca040c2adf4ad8daa018a5f335_amd64"
},
"product_reference": "codeready-workspaces/plugin-openshift-rhel8@sha256:38202d1640cf25438ab85e5c7847917daeb0fdca040c2adf4ad8daa018a5f335_amd64",
"relates_to_product_reference": "8Base-CRW-2.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "codeready-workspaces/pluginbroker-artifacts-rhel8@sha256:6e79860a0dd54fadccce26847c0dfb31d74db351e9dfce89df368d655bf27e7a_amd64 as a component of Red Hat CodeReady Workspaces Containers 2.0",
"product_id": "8Base-CRW-2.0:codeready-workspaces/pluginbroker-artifacts-rhel8@sha256:6e79860a0dd54fadccce26847c0dfb31d74db351e9dfce89df368d655bf27e7a_amd64"
},
"product_reference": "codeready-workspaces/pluginbroker-artifacts-rhel8@sha256:6e79860a0dd54fadccce26847c0dfb31d74db351e9dfce89df368d655bf27e7a_amd64",
"relates_to_product_reference": "8Base-CRW-2.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "codeready-workspaces/pluginbroker-metadata-rhel8@sha256:27d339688c21a34e5edfe9329bcf9a5bed1230bf322170d410a7fa80ee910593_amd64 as a component of Red Hat CodeReady Workspaces Containers 2.0",
"product_id": "8Base-CRW-2.0:codeready-workspaces/pluginbroker-metadata-rhel8@sha256:27d339688c21a34e5edfe9329bcf9a5bed1230bf322170d410a7fa80ee910593_amd64"
},
"product_reference": "codeready-workspaces/pluginbroker-metadata-rhel8@sha256:27d339688c21a34e5edfe9329bcf9a5bed1230bf322170d410a7fa80ee910593_amd64",
"relates_to_product_reference": "8Base-CRW-2.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "codeready-workspaces/pluginregistry-rhel8@sha256:e8187d1f68bba7f17898e341cd0b89b10c9363e31ed558b0713d2367e2669618_amd64 as a component of Red Hat CodeReady Workspaces Containers 2.0",
"product_id": "8Base-CRW-2.0:codeready-workspaces/pluginregistry-rhel8@sha256:e8187d1f68bba7f17898e341cd0b89b10c9363e31ed558b0713d2367e2669618_amd64"
},
"product_reference": "codeready-workspaces/pluginregistry-rhel8@sha256:e8187d1f68bba7f17898e341cd0b89b10c9363e31ed558b0713d2367e2669618_amd64",
"relates_to_product_reference": "8Base-CRW-2.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "codeready-workspaces/server-rhel8@sha256:2d87f9ef09138a692c9a09c2b24ddfa3377cc74501a34c142dafd3e08babd650_amd64 as a component of Red Hat CodeReady Workspaces Containers 2.0",
"product_id": "8Base-CRW-2.0:codeready-workspaces/server-rhel8@sha256:2d87f9ef09138a692c9a09c2b24ddfa3377cc74501a34c142dafd3e08babd650_amd64"
},
"product_reference": "codeready-workspaces/server-rhel8@sha256:2d87f9ef09138a692c9a09c2b24ddfa3377cc74501a34c142dafd3e08babd650_amd64",
"relates_to_product_reference": "8Base-CRW-2.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "codeready-workspaces/stacks-cpp-rhel8@sha256:191d0fcf5983e2901fd3d92d27af760ab3e9924bbad8dbc7d45dd0103de89480_amd64 as a component of Red Hat CodeReady Workspaces Containers 2.0",
"product_id": "8Base-CRW-2.0:codeready-workspaces/stacks-cpp-rhel8@sha256:191d0fcf5983e2901fd3d92d27af760ab3e9924bbad8dbc7d45dd0103de89480_amd64"
},
"product_reference": "codeready-workspaces/stacks-cpp-rhel8@sha256:191d0fcf5983e2901fd3d92d27af760ab3e9924bbad8dbc7d45dd0103de89480_amd64",
"relates_to_product_reference": "8Base-CRW-2.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "codeready-workspaces/stacks-dotnet-rhel8@sha256:9a5ef2fec22979ccaab3574c5fc0761262b165bf0c5ac49d078b2069d84d9f08_amd64 as a component of Red Hat CodeReady Workspaces Containers 2.0",
"product_id": "8Base-CRW-2.0:codeready-workspaces/stacks-dotnet-rhel8@sha256:9a5ef2fec22979ccaab3574c5fc0761262b165bf0c5ac49d078b2069d84d9f08_amd64"
},
"product_reference": "codeready-workspaces/stacks-dotnet-rhel8@sha256:9a5ef2fec22979ccaab3574c5fc0761262b165bf0c5ac49d078b2069d84d9f08_amd64",
"relates_to_product_reference": "8Base-CRW-2.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "codeready-workspaces/stacks-golang-rhel8@sha256:9e8bfc4dda750dbc82a7dac2583cf8b0ee04cc1525b9178aa0b52dae4bc4bc72_amd64 as a component of Red Hat CodeReady Workspaces Containers 2.0",
"product_id": "8Base-CRW-2.0:codeready-workspaces/stacks-golang-rhel8@sha256:9e8bfc4dda750dbc82a7dac2583cf8b0ee04cc1525b9178aa0b52dae4bc4bc72_amd64"
},
"product_reference": "codeready-workspaces/stacks-golang-rhel8@sha256:9e8bfc4dda750dbc82a7dac2583cf8b0ee04cc1525b9178aa0b52dae4bc4bc72_amd64",
"relates_to_product_reference": "8Base-CRW-2.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "codeready-workspaces/stacks-java-rhel8@sha256:e73cb6bd61cb5578f3317ffe52dd1be0b460d5b8a3f0cee278070203e422c6aa_amd64 as a component of Red Hat CodeReady Workspaces Containers 2.0",
"product_id": "8Base-CRW-2.0:codeready-workspaces/stacks-java-rhel8@sha256:e73cb6bd61cb5578f3317ffe52dd1be0b460d5b8a3f0cee278070203e422c6aa_amd64"
},
"product_reference": "codeready-workspaces/stacks-java-rhel8@sha256:e73cb6bd61cb5578f3317ffe52dd1be0b460d5b8a3f0cee278070203e422c6aa_amd64",
"relates_to_product_reference": "8Base-CRW-2.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "codeready-workspaces/stacks-node-rhel8@sha256:d1a9e5d6d9b5fd7de3342db00fa2ed3b883241eca1182044b22c8d05745c298d_amd64 as a component of Red Hat CodeReady Workspaces Containers 2.0",
"product_id": "8Base-CRW-2.0:codeready-workspaces/stacks-node-rhel8@sha256:d1a9e5d6d9b5fd7de3342db00fa2ed3b883241eca1182044b22c8d05745c298d_amd64"
},
"product_reference": "codeready-workspaces/stacks-node-rhel8@sha256:d1a9e5d6d9b5fd7de3342db00fa2ed3b883241eca1182044b22c8d05745c298d_amd64",
"relates_to_product_reference": "8Base-CRW-2.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "codeready-workspaces/stacks-php-rhel8@sha256:a291af2f21a28654b30e807c9dba2e5934482f8b99f816c197c87850de0eac33_amd64 as a component of Red Hat CodeReady Workspaces Containers 2.0",
"product_id": "8Base-CRW-2.0:codeready-workspaces/stacks-php-rhel8@sha256:a291af2f21a28654b30e807c9dba2e5934482f8b99f816c197c87850de0eac33_amd64"
},
"product_reference": "codeready-workspaces/stacks-php-rhel8@sha256:a291af2f21a28654b30e807c9dba2e5934482f8b99f816c197c87850de0eac33_amd64",
"relates_to_product_reference": "8Base-CRW-2.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "codeready-workspaces/stacks-python-rhel8@sha256:dc545739e4b10098e6b763d621289cac2316a5b9302e52f745ace752636939ef_amd64 as a component of Red Hat CodeReady Workspaces Containers 2.0",
"product_id": "8Base-CRW-2.0:codeready-workspaces/stacks-python-rhel8@sha256:dc545739e4b10098e6b763d621289cac2316a5b9302e52f745ace752636939ef_amd64"
},
"product_reference": "codeready-workspaces/stacks-python-rhel8@sha256:dc545739e4b10098e6b763d621289cac2316a5b9302e52f745ace752636939ef_amd64",
"relates_to_product_reference": "8Base-CRW-2.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "codeready-workspaces/theia-dev-rhel8@sha256:cd2ea2de13f288ff091b29e45c277c6f57fb1256d07089c06a16a0d4844d5ed6_amd64 as a component of Red Hat CodeReady Workspaces Containers 2.0",
"product_id": "8Base-CRW-2.0:codeready-workspaces/theia-dev-rhel8@sha256:cd2ea2de13f288ff091b29e45c277c6f57fb1256d07089c06a16a0d4844d5ed6_amd64"
},
"product_reference": "codeready-workspaces/theia-dev-rhel8@sha256:cd2ea2de13f288ff091b29e45c277c6f57fb1256d07089c06a16a0d4844d5ed6_amd64",
"relates_to_product_reference": "8Base-CRW-2.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "codeready-workspaces/theia-endpoint-rhel8@sha256:4a2e07d99330ce24c2c4e722181b3d64aba9905d032f127e9fb7ada1e420eb2b_amd64 as a component of Red Hat CodeReady Workspaces Containers 2.0",
"product_id": "8Base-CRW-2.0:codeready-workspaces/theia-endpoint-rhel8@sha256:4a2e07d99330ce24c2c4e722181b3d64aba9905d032f127e9fb7ada1e420eb2b_amd64"
},
"product_reference": "codeready-workspaces/theia-endpoint-rhel8@sha256:4a2e07d99330ce24c2c4e722181b3d64aba9905d032f127e9fb7ada1e420eb2b_amd64",
"relates_to_product_reference": "8Base-CRW-2.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "codeready-workspaces/theia-rhel8@sha256:815f196dff84e44adfefa1545c113c985a425feae969c68c296222a71040c120_amd64 as a component of Red Hat CodeReady Workspaces Containers 2.0",
"product_id": "8Base-CRW-2.0:codeready-workspaces/theia-rhel8@sha256:815f196dff84e44adfefa1545c113c985a425feae969c68c296222a71040c120_amd64"
},
"product_reference": "codeready-workspaces/theia-rhel8@sha256:815f196dff84e44adfefa1545c113c985a425feae969c68c296222a71040c120_amd64",
"relates_to_product_reference": "8Base-CRW-2.0"
}
]
},
"vulnerabilities": [
{
"acknowledgments": [
{
"names": [
"Mario Loriedo"
],
"organization": "Red Hat",
"summary": "This issue was discovered by Red Hat."
}
],
"cve": "CVE-2020-10689",
"cwe": {
"id": "CWE-862",
"name": "Missing Authorization"
},
"discovery_date": "2020-03-24T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1816789"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Eclipse Che, where it did not properly restrict access to workspace pods. An authenticated user can exploit this flaw to bypass JWT proxy and gain access to the workspace pods of another user. Successful exploitation requires knowledge of the service name and namespace of the target pod.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "che: pods in kubernetes cluster can bypass JWT proxy and send unauthenticated requests to workspace pods",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-CRW-2.0:codeready-workspaces/crw-2-rhel8-operator-metadata@sha256:52d30fcac79fc7bd5fd3e03a253215e7023d422ab72e4661229e9ed09cf9ef27_amd64",
"8Base-CRW-2.0:codeready-workspaces/crw-2-rhel8-operator@sha256:45eca3d70335c8b70f5e71d31576d66fba7877d8bd2d5eb96352a1da7b2ef58f_amd64",
"8Base-CRW-2.0:codeready-workspaces/devfileregistry-rhel8@sha256:b811a879f331152bada0fd225ca3330d54f27596040edec5778bd4099bc14371_amd64",
"8Base-CRW-2.0:codeready-workspaces/imagepuller-rhel8@sha256:da74046d9bc142f22624c2d46da07ec22d5cf4d27b19c898390d0aa4bdce1ec0_amd64",
"8Base-CRW-2.0:codeready-workspaces/jwtproxy-rhel8@sha256:b0b31981db52f3203682f18026bcd346cee647d7ad4160e87103f276f8780ff5_amd64",
"8Base-CRW-2.0:codeready-workspaces/machineexec-rhel8@sha256:dac0dae1b8df99a74b42a87ad5d2976b5f1f1d864feea953ce92660b9f33ac39_amd64",
"8Base-CRW-2.0:codeready-workspaces/plugin-java11-rhel8@sha256:872fa606f0108bbad736bd70d588263437c728ada2ff6790981eff1703fa7a55_amd64",
"8Base-CRW-2.0:codeready-workspaces/plugin-kubernetes-rhel8@sha256:603780924977c27ccfbbb1715fd3ef3683eaea5ee867f93d25ed4c9a74514eaa_amd64",
"8Base-CRW-2.0:codeready-workspaces/plugin-openshift-rhel8@sha256:38202d1640cf25438ab85e5c7847917daeb0fdca040c2adf4ad8daa018a5f335_amd64",
"8Base-CRW-2.0:codeready-workspaces/pluginbroker-artifacts-rhel8@sha256:6e79860a0dd54fadccce26847c0dfb31d74db351e9dfce89df368d655bf27e7a_amd64",
"8Base-CRW-2.0:codeready-workspaces/pluginbroker-metadata-rhel8@sha256:27d339688c21a34e5edfe9329bcf9a5bed1230bf322170d410a7fa80ee910593_amd64",
"8Base-CRW-2.0:codeready-workspaces/pluginregistry-rhel8@sha256:e8187d1f68bba7f17898e341cd0b89b10c9363e31ed558b0713d2367e2669618_amd64",
"8Base-CRW-2.0:codeready-workspaces/server-rhel8@sha256:2d87f9ef09138a692c9a09c2b24ddfa3377cc74501a34c142dafd3e08babd650_amd64",
"8Base-CRW-2.0:codeready-workspaces/stacks-cpp-rhel8@sha256:191d0fcf5983e2901fd3d92d27af760ab3e9924bbad8dbc7d45dd0103de89480_amd64",
"8Base-CRW-2.0:codeready-workspaces/stacks-dotnet-rhel8@sha256:9a5ef2fec22979ccaab3574c5fc0761262b165bf0c5ac49d078b2069d84d9f08_amd64",
"8Base-CRW-2.0:codeready-workspaces/stacks-golang-rhel8@sha256:9e8bfc4dda750dbc82a7dac2583cf8b0ee04cc1525b9178aa0b52dae4bc4bc72_amd64",
"8Base-CRW-2.0:codeready-workspaces/stacks-java-rhel8@sha256:e73cb6bd61cb5578f3317ffe52dd1be0b460d5b8a3f0cee278070203e422c6aa_amd64",
"8Base-CRW-2.0:codeready-workspaces/stacks-node-rhel8@sha256:d1a9e5d6d9b5fd7de3342db00fa2ed3b883241eca1182044b22c8d05745c298d_amd64",
"8Base-CRW-2.0:codeready-workspaces/stacks-php-rhel8@sha256:a291af2f21a28654b30e807c9dba2e5934482f8b99f816c197c87850de0eac33_amd64",
"8Base-CRW-2.0:codeready-workspaces/stacks-python-rhel8@sha256:dc545739e4b10098e6b763d621289cac2316a5b9302e52f745ace752636939ef_amd64",
"8Base-CRW-2.0:codeready-workspaces/theia-dev-rhel8@sha256:cd2ea2de13f288ff091b29e45c277c6f57fb1256d07089c06a16a0d4844d5ed6_amd64",
"8Base-CRW-2.0:codeready-workspaces/theia-endpoint-rhel8@sha256:4a2e07d99330ce24c2c4e722181b3d64aba9905d032f127e9fb7ada1e420eb2b_amd64",
"8Base-CRW-2.0:codeready-workspaces/theia-rhel8@sha256:815f196dff84e44adfefa1545c113c985a425feae969c68c296222a71040c120_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-10689"
},
{
"category": "external",
"summary": "RHBZ#1816789",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1816789"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-10689",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-10689"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-10689",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-10689"
}
],
"release_date": "2020-03-24T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-04-14T19:26:29+00:00",
"details": "To start using CodeReady Workspaces, download and install it using the instructions provided in the Red Hat CodeReady Workspaces Installation Guide linked from the References section.",
"product_ids": [
"8Base-CRW-2.0:codeready-workspaces/crw-2-rhel8-operator-metadata@sha256:52d30fcac79fc7bd5fd3e03a253215e7023d422ab72e4661229e9ed09cf9ef27_amd64",
"8Base-CRW-2.0:codeready-workspaces/crw-2-rhel8-operator@sha256:45eca3d70335c8b70f5e71d31576d66fba7877d8bd2d5eb96352a1da7b2ef58f_amd64",
"8Base-CRW-2.0:codeready-workspaces/devfileregistry-rhel8@sha256:b811a879f331152bada0fd225ca3330d54f27596040edec5778bd4099bc14371_amd64",
"8Base-CRW-2.0:codeready-workspaces/imagepuller-rhel8@sha256:da74046d9bc142f22624c2d46da07ec22d5cf4d27b19c898390d0aa4bdce1ec0_amd64",
"8Base-CRW-2.0:codeready-workspaces/jwtproxy-rhel8@sha256:b0b31981db52f3203682f18026bcd346cee647d7ad4160e87103f276f8780ff5_amd64",
"8Base-CRW-2.0:codeready-workspaces/machineexec-rhel8@sha256:dac0dae1b8df99a74b42a87ad5d2976b5f1f1d864feea953ce92660b9f33ac39_amd64",
"8Base-CRW-2.0:codeready-workspaces/plugin-java11-rhel8@sha256:872fa606f0108bbad736bd70d588263437c728ada2ff6790981eff1703fa7a55_amd64",
"8Base-CRW-2.0:codeready-workspaces/plugin-kubernetes-rhel8@sha256:603780924977c27ccfbbb1715fd3ef3683eaea5ee867f93d25ed4c9a74514eaa_amd64",
"8Base-CRW-2.0:codeready-workspaces/plugin-openshift-rhel8@sha256:38202d1640cf25438ab85e5c7847917daeb0fdca040c2adf4ad8daa018a5f335_amd64",
"8Base-CRW-2.0:codeready-workspaces/pluginbroker-artifacts-rhel8@sha256:6e79860a0dd54fadccce26847c0dfb31d74db351e9dfce89df368d655bf27e7a_amd64",
"8Base-CRW-2.0:codeready-workspaces/pluginbroker-metadata-rhel8@sha256:27d339688c21a34e5edfe9329bcf9a5bed1230bf322170d410a7fa80ee910593_amd64",
"8Base-CRW-2.0:codeready-workspaces/pluginregistry-rhel8@sha256:e8187d1f68bba7f17898e341cd0b89b10c9363e31ed558b0713d2367e2669618_amd64",
"8Base-CRW-2.0:codeready-workspaces/server-rhel8@sha256:2d87f9ef09138a692c9a09c2b24ddfa3377cc74501a34c142dafd3e08babd650_amd64",
"8Base-CRW-2.0:codeready-workspaces/stacks-cpp-rhel8@sha256:191d0fcf5983e2901fd3d92d27af760ab3e9924bbad8dbc7d45dd0103de89480_amd64",
"8Base-CRW-2.0:codeready-workspaces/stacks-dotnet-rhel8@sha256:9a5ef2fec22979ccaab3574c5fc0761262b165bf0c5ac49d078b2069d84d9f08_amd64",
"8Base-CRW-2.0:codeready-workspaces/stacks-golang-rhel8@sha256:9e8bfc4dda750dbc82a7dac2583cf8b0ee04cc1525b9178aa0b52dae4bc4bc72_amd64",
"8Base-CRW-2.0:codeready-workspaces/stacks-java-rhel8@sha256:e73cb6bd61cb5578f3317ffe52dd1be0b460d5b8a3f0cee278070203e422c6aa_amd64",
"8Base-CRW-2.0:codeready-workspaces/stacks-node-rhel8@sha256:d1a9e5d6d9b5fd7de3342db00fa2ed3b883241eca1182044b22c8d05745c298d_amd64",
"8Base-CRW-2.0:codeready-workspaces/stacks-php-rhel8@sha256:a291af2f21a28654b30e807c9dba2e5934482f8b99f816c197c87850de0eac33_amd64",
"8Base-CRW-2.0:codeready-workspaces/stacks-python-rhel8@sha256:dc545739e4b10098e6b763d621289cac2316a5b9302e52f745ace752636939ef_amd64",
"8Base-CRW-2.0:codeready-workspaces/theia-dev-rhel8@sha256:cd2ea2de13f288ff091b29e45c277c6f57fb1256d07089c06a16a0d4844d5ed6_amd64",
"8Base-CRW-2.0:codeready-workspaces/theia-endpoint-rhel8@sha256:4a2e07d99330ce24c2c4e722181b3d64aba9905d032f127e9fb7ada1e420eb2b_amd64",
"8Base-CRW-2.0:codeready-workspaces/theia-rhel8@sha256:815f196dff84e44adfefa1545c113c985a425feae969c68c296222a71040c120_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:1475"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-CRW-2.0:codeready-workspaces/crw-2-rhel8-operator-metadata@sha256:52d30fcac79fc7bd5fd3e03a253215e7023d422ab72e4661229e9ed09cf9ef27_amd64",
"8Base-CRW-2.0:codeready-workspaces/crw-2-rhel8-operator@sha256:45eca3d70335c8b70f5e71d31576d66fba7877d8bd2d5eb96352a1da7b2ef58f_amd64",
"8Base-CRW-2.0:codeready-workspaces/devfileregistry-rhel8@sha256:b811a879f331152bada0fd225ca3330d54f27596040edec5778bd4099bc14371_amd64",
"8Base-CRW-2.0:codeready-workspaces/imagepuller-rhel8@sha256:da74046d9bc142f22624c2d46da07ec22d5cf4d27b19c898390d0aa4bdce1ec0_amd64",
"8Base-CRW-2.0:codeready-workspaces/jwtproxy-rhel8@sha256:b0b31981db52f3203682f18026bcd346cee647d7ad4160e87103f276f8780ff5_amd64",
"8Base-CRW-2.0:codeready-workspaces/machineexec-rhel8@sha256:dac0dae1b8df99a74b42a87ad5d2976b5f1f1d864feea953ce92660b9f33ac39_amd64",
"8Base-CRW-2.0:codeready-workspaces/plugin-java11-rhel8@sha256:872fa606f0108bbad736bd70d588263437c728ada2ff6790981eff1703fa7a55_amd64",
"8Base-CRW-2.0:codeready-workspaces/plugin-kubernetes-rhel8@sha256:603780924977c27ccfbbb1715fd3ef3683eaea5ee867f93d25ed4c9a74514eaa_amd64",
"8Base-CRW-2.0:codeready-workspaces/plugin-openshift-rhel8@sha256:38202d1640cf25438ab85e5c7847917daeb0fdca040c2adf4ad8daa018a5f335_amd64",
"8Base-CRW-2.0:codeready-workspaces/pluginbroker-artifacts-rhel8@sha256:6e79860a0dd54fadccce26847c0dfb31d74db351e9dfce89df368d655bf27e7a_amd64",
"8Base-CRW-2.0:codeready-workspaces/pluginbroker-metadata-rhel8@sha256:27d339688c21a34e5edfe9329bcf9a5bed1230bf322170d410a7fa80ee910593_amd64",
"8Base-CRW-2.0:codeready-workspaces/pluginregistry-rhel8@sha256:e8187d1f68bba7f17898e341cd0b89b10c9363e31ed558b0713d2367e2669618_amd64",
"8Base-CRW-2.0:codeready-workspaces/server-rhel8@sha256:2d87f9ef09138a692c9a09c2b24ddfa3377cc74501a34c142dafd3e08babd650_amd64",
"8Base-CRW-2.0:codeready-workspaces/stacks-cpp-rhel8@sha256:191d0fcf5983e2901fd3d92d27af760ab3e9924bbad8dbc7d45dd0103de89480_amd64",
"8Base-CRW-2.0:codeready-workspaces/stacks-dotnet-rhel8@sha256:9a5ef2fec22979ccaab3574c5fc0761262b165bf0c5ac49d078b2069d84d9f08_amd64",
"8Base-CRW-2.0:codeready-workspaces/stacks-golang-rhel8@sha256:9e8bfc4dda750dbc82a7dac2583cf8b0ee04cc1525b9178aa0b52dae4bc4bc72_amd64",
"8Base-CRW-2.0:codeready-workspaces/stacks-java-rhel8@sha256:e73cb6bd61cb5578f3317ffe52dd1be0b460d5b8a3f0cee278070203e422c6aa_amd64",
"8Base-CRW-2.0:codeready-workspaces/stacks-node-rhel8@sha256:d1a9e5d6d9b5fd7de3342db00fa2ed3b883241eca1182044b22c8d05745c298d_amd64",
"8Base-CRW-2.0:codeready-workspaces/stacks-php-rhel8@sha256:a291af2f21a28654b30e807c9dba2e5934482f8b99f816c197c87850de0eac33_amd64",
"8Base-CRW-2.0:codeready-workspaces/stacks-python-rhel8@sha256:dc545739e4b10098e6b763d621289cac2316a5b9302e52f745ace752636939ef_amd64",
"8Base-CRW-2.0:codeready-workspaces/theia-dev-rhel8@sha256:cd2ea2de13f288ff091b29e45c277c6f57fb1256d07089c06a16a0d4844d5ed6_amd64",
"8Base-CRW-2.0:codeready-workspaces/theia-endpoint-rhel8@sha256:4a2e07d99330ce24c2c4e722181b3d64aba9905d032f127e9fb7ada1e420eb2b_amd64",
"8Base-CRW-2.0:codeready-workspaces/theia-rhel8@sha256:815f196dff84e44adfefa1545c113c985a425feae969c68c296222a71040c120_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "che: pods in kubernetes cluster can bypass JWT proxy and send unauthenticated requests to workspace pods"
}
]
}
RHSA-2020:1475
Vulnerability from csaf_redhat - Published: 2020-04-14 19:26 - Updated: 2025-11-21 18:13Summary
Red Hat Security Advisory: Red Hat CodeReady Workspaces 2.1.0 release
Notes
Topic
Red Hat CodeReady Workspaces 2.1.0 has been released.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat CodeReady Workspaces 2.1.0 provides a cloud developer-workspace server and a browser-based IDE built for teams and organizations. CodeReady Workspaces runs in OpenShift and is well-suited for container-based development.
This major release is based on Eclipse Che 7.9 and offers security fixes and a number of enhancements and new features, including:
Security fix:
* JWT proxy bypass allows access to workspace pods of other users (CVE-2020-10689)
Enhancements and new features:
* Improved code samples for default devfiles
* Improved naming of default stacks
* Updated .NET sample (including debugger) to version 3.1
* Enabled offline devfile registry
For more details about the security issue, including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page listed in the References section.
This update includes updated container images, which are based on an updated Red Hat Enterprise Linux image that contains fixes for the following issues:
CVE-2019-1348, CVE-2019-1349, CVE-2019-1352, CVE-2019-1387, CVE-2019-13734, CVE-2019-15030, CVE-2019-15031, CVE-2019-16775, CVE-2019-16776, CVE-2019-16777, CVE-2019-18397, CVE-2019-18408, CVE-2019-18660, CVE-2019-19527, CVE-2020-1712, CVE-2020-10531
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Red Hat CodeReady Workspaces 2.1.0 has been released.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat CodeReady Workspaces 2.1.0 provides a cloud developer-workspace server and a browser-based IDE built for teams and organizations. CodeReady Workspaces runs in OpenShift and is well-suited for container-based development.\n\nThis major release is based on Eclipse Che 7.9 and offers security fixes and a number of enhancements and new features, including:\n\nSecurity fix:\n\n* JWT proxy bypass allows access to workspace pods of other users (CVE-2020-10689)\n\nEnhancements and new features:\n\n* Improved code samples for default devfiles\n* Improved naming of default stacks\n* Updated .NET sample (including debugger) to version 3.1\n* Enabled offline devfile registry\n\nFor more details about the security issue, including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page listed in the References section.\n\nThis update includes updated container images, which are based on an updated Red Hat Enterprise Linux image that contains fixes for the following issues:\n\nCVE-2019-1348, CVE-2019-1349, CVE-2019-1352, CVE-2019-1387, CVE-2019-13734, CVE-2019-15030, CVE-2019-15031, CVE-2019-16775, CVE-2019-16776, CVE-2019-16777, CVE-2019-18397, CVE-2019-18408, CVE-2019-18660, CVE-2019-19527, CVE-2020-1712, CVE-2020-10531",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2020:1475",
"url": "https://access.redhat.com/errata/RHSA-2020:1475"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_codeready_workspaces/2.1/html-single/installation_guide/",
"url": "https://access.redhat.com/documentation/en-us/red_hat_codeready_workspaces/2.1/html-single/installation_guide/"
},
{
"category": "external",
"summary": "1816789",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1816789"
},
{
"category": "external",
"summary": "CRW-402",
"url": "https://issues.redhat.com/browse/CRW-402"
},
{
"category": "external",
"summary": "CRW-507",
"url": "https://issues.redhat.com/browse/CRW-507"
},
{
"category": "external",
"summary": "CRW-510",
"url": "https://issues.redhat.com/browse/CRW-510"
},
{
"category": "external",
"summary": "CRW-533",
"url": "https://issues.redhat.com/browse/CRW-533"
},
{
"category": "external",
"summary": "CRW-535",
"url": "https://issues.redhat.com/browse/CRW-535"
},
{
"category": "external",
"summary": "CRW-537",
"url": "https://issues.redhat.com/browse/CRW-537"
},
{
"category": "external",
"summary": "CRW-544",
"url": "https://issues.redhat.com/browse/CRW-544"
},
{
"category": "external",
"summary": "CRW-572",
"url": "https://issues.redhat.com/browse/CRW-572"
},
{
"category": "external",
"summary": "CRW-573",
"url": "https://issues.redhat.com/browse/CRW-573"
},
{
"category": "external",
"summary": "CRW-574",
"url": "https://issues.redhat.com/browse/CRW-574"
},
{
"category": "external",
"summary": "CRW-784",
"url": "https://issues.redhat.com/browse/CRW-784"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2020/rhsa-2020_1475.json"
}
],
"title": "Red Hat Security Advisory: Red Hat CodeReady Workspaces 2.1.0 release",
"tracking": {
"current_release_date": "2025-11-21T18:13:41+00:00",
"generator": {
"date": "2025-11-21T18:13:41+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.12"
}
},
"id": "RHSA-2020:1475",
"initial_release_date": "2020-04-14T19:26:29+00:00",
"revision_history": [
{
"date": "2020-04-14T19:26:29+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2020-04-14T19:26:29+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-11-21T18:13:41+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat CodeReady Workspaces Containers 2.0",
"product": {
"name": "Red Hat CodeReady Workspaces Containers 2.0",
"product_id": "8Base-CRW-2.0",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:codeready_workspaces:2.0::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat CodeReady Workspaces"
},
{
"branches": [
{
"category": "product_version",
"name": "codeready-workspaces/devfileregistry-rhel8@sha256:b811a879f331152bada0fd225ca3330d54f27596040edec5778bd4099bc14371_amd64",
"product": {
"name": "codeready-workspaces/devfileregistry-rhel8@sha256:b811a879f331152bada0fd225ca3330d54f27596040edec5778bd4099bc14371_amd64",
"product_id": "codeready-workspaces/devfileregistry-rhel8@sha256:b811a879f331152bada0fd225ca3330d54f27596040edec5778bd4099bc14371_amd64",
"product_identification_helper": {
"purl": "pkg:oci/devfileregistry-rhel8@sha256:b811a879f331152bada0fd225ca3330d54f27596040edec5778bd4099bc14371?arch=amd64\u0026repository_url=registry.redhat.io/codeready-workspaces/devfileregistry-rhel8\u0026tag=2.1-72"
}
}
},
{
"category": "product_version",
"name": "codeready-workspaces/imagepuller-rhel8@sha256:da74046d9bc142f22624c2d46da07ec22d5cf4d27b19c898390d0aa4bdce1ec0_amd64",
"product": {
"name": "codeready-workspaces/imagepuller-rhel8@sha256:da74046d9bc142f22624c2d46da07ec22d5cf4d27b19c898390d0aa4bdce1ec0_amd64",
"product_id": "codeready-workspaces/imagepuller-rhel8@sha256:da74046d9bc142f22624c2d46da07ec22d5cf4d27b19c898390d0aa4bdce1ec0_amd64",
"product_identification_helper": {
"purl": "pkg:oci/imagepuller-rhel8@sha256:da74046d9bc142f22624c2d46da07ec22d5cf4d27b19c898390d0aa4bdce1ec0?arch=amd64\u0026repository_url=registry.redhat.io/codeready-workspaces/imagepuller-rhel8\u0026tag=2.1-15"
}
}
},
{
"category": "product_version",
"name": "codeready-workspaces/jwtproxy-rhel8@sha256:b0b31981db52f3203682f18026bcd346cee647d7ad4160e87103f276f8780ff5_amd64",
"product": {
"name": "codeready-workspaces/jwtproxy-rhel8@sha256:b0b31981db52f3203682f18026bcd346cee647d7ad4160e87103f276f8780ff5_amd64",
"product_id": "codeready-workspaces/jwtproxy-rhel8@sha256:b0b31981db52f3203682f18026bcd346cee647d7ad4160e87103f276f8780ff5_amd64",
"product_identification_helper": {
"purl": "pkg:oci/jwtproxy-rhel8@sha256:b0b31981db52f3203682f18026bcd346cee647d7ad4160e87103f276f8780ff5?arch=amd64\u0026repository_url=registry.redhat.io/codeready-workspaces/jwtproxy-rhel8\u0026tag=2.1-11"
}
}
},
{
"category": "product_version",
"name": "codeready-workspaces/machineexec-rhel8@sha256:dac0dae1b8df99a74b42a87ad5d2976b5f1f1d864feea953ce92660b9f33ac39_amd64",
"product": {
"name": "codeready-workspaces/machineexec-rhel8@sha256:dac0dae1b8df99a74b42a87ad5d2976b5f1f1d864feea953ce92660b9f33ac39_amd64",
"product_id": "codeready-workspaces/machineexec-rhel8@sha256:dac0dae1b8df99a74b42a87ad5d2976b5f1f1d864feea953ce92660b9f33ac39_amd64",
"product_identification_helper": {
"purl": "pkg:oci/machineexec-rhel8@sha256:dac0dae1b8df99a74b42a87ad5d2976b5f1f1d864feea953ce92660b9f33ac39?arch=amd64\u0026repository_url=registry.redhat.io/codeready-workspaces/machineexec-rhel8\u0026tag=2.1-9"
}
}
},
{
"category": "product_version",
"name": "codeready-workspaces/pluginbroker-artifacts-rhel8@sha256:6e79860a0dd54fadccce26847c0dfb31d74db351e9dfce89df368d655bf27e7a_amd64",
"product": {
"name": "codeready-workspaces/pluginbroker-artifacts-rhel8@sha256:6e79860a0dd54fadccce26847c0dfb31d74db351e9dfce89df368d655bf27e7a_amd64",
"product_id": "codeready-workspaces/pluginbroker-artifacts-rhel8@sha256:6e79860a0dd54fadccce26847c0dfb31d74db351e9dfce89df368d655bf27e7a_amd64",
"product_identification_helper": {
"purl": "pkg:oci/pluginbroker-artifacts-rhel8@sha256:6e79860a0dd54fadccce26847c0dfb31d74db351e9dfce89df368d655bf27e7a?arch=amd64\u0026repository_url=registry.redhat.io/codeready-workspaces/pluginbroker-artifacts-rhel8\u0026tag=2.1-9"
}
}
},
{
"category": "product_version",
"name": "codeready-workspaces/pluginbroker-metadata-rhel8@sha256:27d339688c21a34e5edfe9329bcf9a5bed1230bf322170d410a7fa80ee910593_amd64",
"product": {
"name": "codeready-workspaces/pluginbroker-metadata-rhel8@sha256:27d339688c21a34e5edfe9329bcf9a5bed1230bf322170d410a7fa80ee910593_amd64",
"product_id": "codeready-workspaces/pluginbroker-metadata-rhel8@sha256:27d339688c21a34e5edfe9329bcf9a5bed1230bf322170d410a7fa80ee910593_amd64",
"product_identification_helper": {
"purl": "pkg:oci/pluginbroker-metadata-rhel8@sha256:27d339688c21a34e5edfe9329bcf9a5bed1230bf322170d410a7fa80ee910593?arch=amd64\u0026repository_url=registry.redhat.io/codeready-workspaces/pluginbroker-metadata-rhel8\u0026tag=2.1-9"
}
}
},
{
"category": "product_version",
"name": "codeready-workspaces/plugin-java11-rhel8@sha256:872fa606f0108bbad736bd70d588263437c728ada2ff6790981eff1703fa7a55_amd64",
"product": {
"name": "codeready-workspaces/plugin-java11-rhel8@sha256:872fa606f0108bbad736bd70d588263437c728ada2ff6790981eff1703fa7a55_amd64",
"product_id": "codeready-workspaces/plugin-java11-rhel8@sha256:872fa606f0108bbad736bd70d588263437c728ada2ff6790981eff1703fa7a55_amd64",
"product_identification_helper": {
"purl": "pkg:oci/plugin-java11-rhel8@sha256:872fa606f0108bbad736bd70d588263437c728ada2ff6790981eff1703fa7a55?arch=amd64\u0026repository_url=registry.redhat.io/codeready-workspaces/plugin-java11-rhel8\u0026tag=2.1-10"
}
}
},
{
"category": "product_version",
"name": "codeready-workspaces/plugin-kubernetes-rhel8@sha256:603780924977c27ccfbbb1715fd3ef3683eaea5ee867f93d25ed4c9a74514eaa_amd64",
"product": {
"name": "codeready-workspaces/plugin-kubernetes-rhel8@sha256:603780924977c27ccfbbb1715fd3ef3683eaea5ee867f93d25ed4c9a74514eaa_amd64",
"product_id": "codeready-workspaces/plugin-kubernetes-rhel8@sha256:603780924977c27ccfbbb1715fd3ef3683eaea5ee867f93d25ed4c9a74514eaa_amd64",
"product_identification_helper": {
"purl": "pkg:oci/plugin-kubernetes-rhel8@sha256:603780924977c27ccfbbb1715fd3ef3683eaea5ee867f93d25ed4c9a74514eaa?arch=amd64\u0026repository_url=registry.redhat.io/codeready-workspaces/plugin-kubernetes-rhel8\u0026tag=2.1-7"
}
}
},
{
"category": "product_version",
"name": "codeready-workspaces/plugin-openshift-rhel8@sha256:38202d1640cf25438ab85e5c7847917daeb0fdca040c2adf4ad8daa018a5f335_amd64",
"product": {
"name": "codeready-workspaces/plugin-openshift-rhel8@sha256:38202d1640cf25438ab85e5c7847917daeb0fdca040c2adf4ad8daa018a5f335_amd64",
"product_id": "codeready-workspaces/plugin-openshift-rhel8@sha256:38202d1640cf25438ab85e5c7847917daeb0fdca040c2adf4ad8daa018a5f335_amd64",
"product_identification_helper": {
"purl": "pkg:oci/plugin-openshift-rhel8@sha256:38202d1640cf25438ab85e5c7847917daeb0fdca040c2adf4ad8daa018a5f335?arch=amd64\u0026repository_url=registry.redhat.io/codeready-workspaces/plugin-openshift-rhel8\u0026tag=2.1-7"
}
}
},
{
"category": "product_version",
"name": "codeready-workspaces/pluginregistry-rhel8@sha256:e8187d1f68bba7f17898e341cd0b89b10c9363e31ed558b0713d2367e2669618_amd64",
"product": {
"name": "codeready-workspaces/pluginregistry-rhel8@sha256:e8187d1f68bba7f17898e341cd0b89b10c9363e31ed558b0713d2367e2669618_amd64",
"product_id": "codeready-workspaces/pluginregistry-rhel8@sha256:e8187d1f68bba7f17898e341cd0b89b10c9363e31ed558b0713d2367e2669618_amd64",
"product_identification_helper": {
"purl": "pkg:oci/pluginregistry-rhel8@sha256:e8187d1f68bba7f17898e341cd0b89b10c9363e31ed558b0713d2367e2669618?arch=amd64\u0026repository_url=registry.redhat.io/codeready-workspaces/pluginregistry-rhel8\u0026tag=2.1-86"
}
}
},
{
"category": "product_version",
"name": "codeready-workspaces/crw-2-rhel8-operator@sha256:45eca3d70335c8b70f5e71d31576d66fba7877d8bd2d5eb96352a1da7b2ef58f_amd64",
"product": {
"name": "codeready-workspaces/crw-2-rhel8-operator@sha256:45eca3d70335c8b70f5e71d31576d66fba7877d8bd2d5eb96352a1da7b2ef58f_amd64",
"product_id": "codeready-workspaces/crw-2-rhel8-operator@sha256:45eca3d70335c8b70f5e71d31576d66fba7877d8bd2d5eb96352a1da7b2ef58f_amd64",
"product_identification_helper": {
"purl": "pkg:oci/crw-2-rhel8-operator@sha256:45eca3d70335c8b70f5e71d31576d66fba7877d8bd2d5eb96352a1da7b2ef58f?arch=amd64\u0026repository_url=registry.redhat.io/codeready-workspaces/crw-2-rhel8-operator\u0026tag=2.1-19"
}
}
},
{
"category": "product_version",
"name": "codeready-workspaces/crw-2-rhel8-operator-metadata@sha256:52d30fcac79fc7bd5fd3e03a253215e7023d422ab72e4661229e9ed09cf9ef27_amd64",
"product": {
"name": "codeready-workspaces/crw-2-rhel8-operator-metadata@sha256:52d30fcac79fc7bd5fd3e03a253215e7023d422ab72e4661229e9ed09cf9ef27_amd64",
"product_id": "codeready-workspaces/crw-2-rhel8-operator-metadata@sha256:52d30fcac79fc7bd5fd3e03a253215e7023d422ab72e4661229e9ed09cf9ef27_amd64",
"product_identification_helper": {
"purl": "pkg:oci/crw-2-rhel8-operator-metadata@sha256:52d30fcac79fc7bd5fd3e03a253215e7023d422ab72e4661229e9ed09cf9ef27?arch=amd64\u0026repository_url=registry.redhat.io/codeready-workspaces/crw-2-rhel8-operator-metadata\u0026tag=2.1-41"
}
}
},
{
"category": "product_version",
"name": "codeready-workspaces/server-rhel8@sha256:2d87f9ef09138a692c9a09c2b24ddfa3377cc74501a34c142dafd3e08babd650_amd64",
"product": {
"name": "codeready-workspaces/server-rhel8@sha256:2d87f9ef09138a692c9a09c2b24ddfa3377cc74501a34c142dafd3e08babd650_amd64",
"product_id": "codeready-workspaces/server-rhel8@sha256:2d87f9ef09138a692c9a09c2b24ddfa3377cc74501a34c142dafd3e08babd650_amd64",
"product_identification_helper": {
"purl": "pkg:oci/server-rhel8@sha256:2d87f9ef09138a692c9a09c2b24ddfa3377cc74501a34c142dafd3e08babd650?arch=amd64\u0026repository_url=registry.redhat.io/codeready-workspaces/server-rhel8\u0026tag=2.1-19"
}
}
},
{
"category": "product_version",
"name": "codeready-workspaces/stacks-cpp-rhel8@sha256:191d0fcf5983e2901fd3d92d27af760ab3e9924bbad8dbc7d45dd0103de89480_amd64",
"product": {
"name": "codeready-workspaces/stacks-cpp-rhel8@sha256:191d0fcf5983e2901fd3d92d27af760ab3e9924bbad8dbc7d45dd0103de89480_amd64",
"product_id": "codeready-workspaces/stacks-cpp-rhel8@sha256:191d0fcf5983e2901fd3d92d27af760ab3e9924bbad8dbc7d45dd0103de89480_amd64",
"product_identification_helper": {
"purl": "pkg:oci/stacks-cpp-rhel8@sha256:191d0fcf5983e2901fd3d92d27af760ab3e9924bbad8dbc7d45dd0103de89480?arch=amd64\u0026repository_url=registry.redhat.io/codeready-workspaces/stacks-cpp-rhel8\u0026tag=2.1-6"
}
}
},
{
"category": "product_version",
"name": "codeready-workspaces/stacks-dotnet-rhel8@sha256:9a5ef2fec22979ccaab3574c5fc0761262b165bf0c5ac49d078b2069d84d9f08_amd64",
"product": {
"name": "codeready-workspaces/stacks-dotnet-rhel8@sha256:9a5ef2fec22979ccaab3574c5fc0761262b165bf0c5ac49d078b2069d84d9f08_amd64",
"product_id": "codeready-workspaces/stacks-dotnet-rhel8@sha256:9a5ef2fec22979ccaab3574c5fc0761262b165bf0c5ac49d078b2069d84d9f08_amd64",
"product_identification_helper": {
"purl": "pkg:oci/stacks-dotnet-rhel8@sha256:9a5ef2fec22979ccaab3574c5fc0761262b165bf0c5ac49d078b2069d84d9f08?arch=amd64\u0026repository_url=registry.redhat.io/codeready-workspaces/stacks-dotnet-rhel8\u0026tag=2.1-8"
}
}
},
{
"category": "product_version",
"name": "codeready-workspaces/stacks-golang-rhel8@sha256:9e8bfc4dda750dbc82a7dac2583cf8b0ee04cc1525b9178aa0b52dae4bc4bc72_amd64",
"product": {
"name": "codeready-workspaces/stacks-golang-rhel8@sha256:9e8bfc4dda750dbc82a7dac2583cf8b0ee04cc1525b9178aa0b52dae4bc4bc72_amd64",
"product_id": "codeready-workspaces/stacks-golang-rhel8@sha256:9e8bfc4dda750dbc82a7dac2583cf8b0ee04cc1525b9178aa0b52dae4bc4bc72_amd64",
"product_identification_helper": {
"purl": "pkg:oci/stacks-golang-rhel8@sha256:9e8bfc4dda750dbc82a7dac2583cf8b0ee04cc1525b9178aa0b52dae4bc4bc72?arch=amd64\u0026repository_url=registry.redhat.io/codeready-workspaces/stacks-golang-rhel8\u0026tag=2.1-7"
}
}
},
{
"category": "product_version",
"name": "codeready-workspaces/stacks-java-rhel8@sha256:e73cb6bd61cb5578f3317ffe52dd1be0b460d5b8a3f0cee278070203e422c6aa_amd64",
"product": {
"name": "codeready-workspaces/stacks-java-rhel8@sha256:e73cb6bd61cb5578f3317ffe52dd1be0b460d5b8a3f0cee278070203e422c6aa_amd64",
"product_id": "codeready-workspaces/stacks-java-rhel8@sha256:e73cb6bd61cb5578f3317ffe52dd1be0b460d5b8a3f0cee278070203e422c6aa_amd64",
"product_identification_helper": {
"purl": "pkg:oci/stacks-java-rhel8@sha256:e73cb6bd61cb5578f3317ffe52dd1be0b460d5b8a3f0cee278070203e422c6aa?arch=amd64\u0026repository_url=registry.redhat.io/codeready-workspaces/stacks-java-rhel8\u0026tag=2.1-7"
}
}
},
{
"category": "product_version",
"name": "codeready-workspaces/stacks-node-rhel8@sha256:d1a9e5d6d9b5fd7de3342db00fa2ed3b883241eca1182044b22c8d05745c298d_amd64",
"product": {
"name": "codeready-workspaces/stacks-node-rhel8@sha256:d1a9e5d6d9b5fd7de3342db00fa2ed3b883241eca1182044b22c8d05745c298d_amd64",
"product_id": "codeready-workspaces/stacks-node-rhel8@sha256:d1a9e5d6d9b5fd7de3342db00fa2ed3b883241eca1182044b22c8d05745c298d_amd64",
"product_identification_helper": {
"purl": "pkg:oci/stacks-node-rhel8@sha256:d1a9e5d6d9b5fd7de3342db00fa2ed3b883241eca1182044b22c8d05745c298d?arch=amd64\u0026repository_url=registry.redhat.io/codeready-workspaces/stacks-node-rhel8\u0026tag=2.1-7"
}
}
},
{
"category": "product_version",
"name": "codeready-workspaces/stacks-php-rhel8@sha256:a291af2f21a28654b30e807c9dba2e5934482f8b99f816c197c87850de0eac33_amd64",
"product": {
"name": "codeready-workspaces/stacks-php-rhel8@sha256:a291af2f21a28654b30e807c9dba2e5934482f8b99f816c197c87850de0eac33_amd64",
"product_id": "codeready-workspaces/stacks-php-rhel8@sha256:a291af2f21a28654b30e807c9dba2e5934482f8b99f816c197c87850de0eac33_amd64",
"product_identification_helper": {
"purl": "pkg:oci/stacks-php-rhel8@sha256:a291af2f21a28654b30e807c9dba2e5934482f8b99f816c197c87850de0eac33?arch=amd64\u0026repository_url=registry.redhat.io/codeready-workspaces/stacks-php-rhel8\u0026tag=2.1-9"
}
}
},
{
"category": "product_version",
"name": "codeready-workspaces/stacks-python-rhel8@sha256:dc545739e4b10098e6b763d621289cac2316a5b9302e52f745ace752636939ef_amd64",
"product": {
"name": "codeready-workspaces/stacks-python-rhel8@sha256:dc545739e4b10098e6b763d621289cac2316a5b9302e52f745ace752636939ef_amd64",
"product_id": "codeready-workspaces/stacks-python-rhel8@sha256:dc545739e4b10098e6b763d621289cac2316a5b9302e52f745ace752636939ef_amd64",
"product_identification_helper": {
"purl": "pkg:oci/stacks-python-rhel8@sha256:dc545739e4b10098e6b763d621289cac2316a5b9302e52f745ace752636939ef?arch=amd64\u0026repository_url=registry.redhat.io/codeready-workspaces/stacks-python-rhel8\u0026tag=2.1-5"
}
}
},
{
"category": "product_version",
"name": "codeready-workspaces/theia-dev-rhel8@sha256:cd2ea2de13f288ff091b29e45c277c6f57fb1256d07089c06a16a0d4844d5ed6_amd64",
"product": {
"name": "codeready-workspaces/theia-dev-rhel8@sha256:cd2ea2de13f288ff091b29e45c277c6f57fb1256d07089c06a16a0d4844d5ed6_amd64",
"product_id": "codeready-workspaces/theia-dev-rhel8@sha256:cd2ea2de13f288ff091b29e45c277c6f57fb1256d07089c06a16a0d4844d5ed6_amd64",
"product_identification_helper": {
"purl": "pkg:oci/theia-dev-rhel8@sha256:cd2ea2de13f288ff091b29e45c277c6f57fb1256d07089c06a16a0d4844d5ed6?arch=amd64\u0026repository_url=registry.redhat.io/codeready-workspaces/theia-dev-rhel8\u0026tag=2.1-38"
}
}
},
{
"category": "product_version",
"name": "codeready-workspaces/theia-endpoint-rhel8@sha256:4a2e07d99330ce24c2c4e722181b3d64aba9905d032f127e9fb7ada1e420eb2b_amd64",
"product": {
"name": "codeready-workspaces/theia-endpoint-rhel8@sha256:4a2e07d99330ce24c2c4e722181b3d64aba9905d032f127e9fb7ada1e420eb2b_amd64",
"product_id": "codeready-workspaces/theia-endpoint-rhel8@sha256:4a2e07d99330ce24c2c4e722181b3d64aba9905d032f127e9fb7ada1e420eb2b_amd64",
"product_identification_helper": {
"purl": "pkg:oci/theia-endpoint-rhel8@sha256:4a2e07d99330ce24c2c4e722181b3d64aba9905d032f127e9fb7ada1e420eb2b?arch=amd64\u0026repository_url=registry.redhat.io/codeready-workspaces/theia-endpoint-rhel8\u0026tag=2.1-32"
}
}
},
{
"category": "product_version",
"name": "codeready-workspaces/theia-rhel8@sha256:815f196dff84e44adfefa1545c113c985a425feae969c68c296222a71040c120_amd64",
"product": {
"name": "codeready-workspaces/theia-rhel8@sha256:815f196dff84e44adfefa1545c113c985a425feae969c68c296222a71040c120_amd64",
"product_id": "codeready-workspaces/theia-rhel8@sha256:815f196dff84e44adfefa1545c113c985a425feae969c68c296222a71040c120_amd64",
"product_identification_helper": {
"purl": "pkg:oci/theia-rhel8@sha256:815f196dff84e44adfefa1545c113c985a425feae969c68c296222a71040c120?arch=amd64\u0026repository_url=registry.redhat.io/codeready-workspaces/theia-rhel8\u0026tag=2.1-30"
}
}
}
],
"category": "architecture",
"name": "amd64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "codeready-workspaces/crw-2-rhel8-operator-metadata@sha256:52d30fcac79fc7bd5fd3e03a253215e7023d422ab72e4661229e9ed09cf9ef27_amd64 as a component of Red Hat CodeReady Workspaces Containers 2.0",
"product_id": "8Base-CRW-2.0:codeready-workspaces/crw-2-rhel8-operator-metadata@sha256:52d30fcac79fc7bd5fd3e03a253215e7023d422ab72e4661229e9ed09cf9ef27_amd64"
},
"product_reference": "codeready-workspaces/crw-2-rhel8-operator-metadata@sha256:52d30fcac79fc7bd5fd3e03a253215e7023d422ab72e4661229e9ed09cf9ef27_amd64",
"relates_to_product_reference": "8Base-CRW-2.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "codeready-workspaces/crw-2-rhel8-operator@sha256:45eca3d70335c8b70f5e71d31576d66fba7877d8bd2d5eb96352a1da7b2ef58f_amd64 as a component of Red Hat CodeReady Workspaces Containers 2.0",
"product_id": "8Base-CRW-2.0:codeready-workspaces/crw-2-rhel8-operator@sha256:45eca3d70335c8b70f5e71d31576d66fba7877d8bd2d5eb96352a1da7b2ef58f_amd64"
},
"product_reference": "codeready-workspaces/crw-2-rhel8-operator@sha256:45eca3d70335c8b70f5e71d31576d66fba7877d8bd2d5eb96352a1da7b2ef58f_amd64",
"relates_to_product_reference": "8Base-CRW-2.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "codeready-workspaces/devfileregistry-rhel8@sha256:b811a879f331152bada0fd225ca3330d54f27596040edec5778bd4099bc14371_amd64 as a component of Red Hat CodeReady Workspaces Containers 2.0",
"product_id": "8Base-CRW-2.0:codeready-workspaces/devfileregistry-rhel8@sha256:b811a879f331152bada0fd225ca3330d54f27596040edec5778bd4099bc14371_amd64"
},
"product_reference": "codeready-workspaces/devfileregistry-rhel8@sha256:b811a879f331152bada0fd225ca3330d54f27596040edec5778bd4099bc14371_amd64",
"relates_to_product_reference": "8Base-CRW-2.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "codeready-workspaces/imagepuller-rhel8@sha256:da74046d9bc142f22624c2d46da07ec22d5cf4d27b19c898390d0aa4bdce1ec0_amd64 as a component of Red Hat CodeReady Workspaces Containers 2.0",
"product_id": "8Base-CRW-2.0:codeready-workspaces/imagepuller-rhel8@sha256:da74046d9bc142f22624c2d46da07ec22d5cf4d27b19c898390d0aa4bdce1ec0_amd64"
},
"product_reference": "codeready-workspaces/imagepuller-rhel8@sha256:da74046d9bc142f22624c2d46da07ec22d5cf4d27b19c898390d0aa4bdce1ec0_amd64",
"relates_to_product_reference": "8Base-CRW-2.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "codeready-workspaces/jwtproxy-rhel8@sha256:b0b31981db52f3203682f18026bcd346cee647d7ad4160e87103f276f8780ff5_amd64 as a component of Red Hat CodeReady Workspaces Containers 2.0",
"product_id": "8Base-CRW-2.0:codeready-workspaces/jwtproxy-rhel8@sha256:b0b31981db52f3203682f18026bcd346cee647d7ad4160e87103f276f8780ff5_amd64"
},
"product_reference": "codeready-workspaces/jwtproxy-rhel8@sha256:b0b31981db52f3203682f18026bcd346cee647d7ad4160e87103f276f8780ff5_amd64",
"relates_to_product_reference": "8Base-CRW-2.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "codeready-workspaces/machineexec-rhel8@sha256:dac0dae1b8df99a74b42a87ad5d2976b5f1f1d864feea953ce92660b9f33ac39_amd64 as a component of Red Hat CodeReady Workspaces Containers 2.0",
"product_id": "8Base-CRW-2.0:codeready-workspaces/machineexec-rhel8@sha256:dac0dae1b8df99a74b42a87ad5d2976b5f1f1d864feea953ce92660b9f33ac39_amd64"
},
"product_reference": "codeready-workspaces/machineexec-rhel8@sha256:dac0dae1b8df99a74b42a87ad5d2976b5f1f1d864feea953ce92660b9f33ac39_amd64",
"relates_to_product_reference": "8Base-CRW-2.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "codeready-workspaces/plugin-java11-rhel8@sha256:872fa606f0108bbad736bd70d588263437c728ada2ff6790981eff1703fa7a55_amd64 as a component of Red Hat CodeReady Workspaces Containers 2.0",
"product_id": "8Base-CRW-2.0:codeready-workspaces/plugin-java11-rhel8@sha256:872fa606f0108bbad736bd70d588263437c728ada2ff6790981eff1703fa7a55_amd64"
},
"product_reference": "codeready-workspaces/plugin-java11-rhel8@sha256:872fa606f0108bbad736bd70d588263437c728ada2ff6790981eff1703fa7a55_amd64",
"relates_to_product_reference": "8Base-CRW-2.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "codeready-workspaces/plugin-kubernetes-rhel8@sha256:603780924977c27ccfbbb1715fd3ef3683eaea5ee867f93d25ed4c9a74514eaa_amd64 as a component of Red Hat CodeReady Workspaces Containers 2.0",
"product_id": "8Base-CRW-2.0:codeready-workspaces/plugin-kubernetes-rhel8@sha256:603780924977c27ccfbbb1715fd3ef3683eaea5ee867f93d25ed4c9a74514eaa_amd64"
},
"product_reference": "codeready-workspaces/plugin-kubernetes-rhel8@sha256:603780924977c27ccfbbb1715fd3ef3683eaea5ee867f93d25ed4c9a74514eaa_amd64",
"relates_to_product_reference": "8Base-CRW-2.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "codeready-workspaces/plugin-openshift-rhel8@sha256:38202d1640cf25438ab85e5c7847917daeb0fdca040c2adf4ad8daa018a5f335_amd64 as a component of Red Hat CodeReady Workspaces Containers 2.0",
"product_id": "8Base-CRW-2.0:codeready-workspaces/plugin-openshift-rhel8@sha256:38202d1640cf25438ab85e5c7847917daeb0fdca040c2adf4ad8daa018a5f335_amd64"
},
"product_reference": "codeready-workspaces/plugin-openshift-rhel8@sha256:38202d1640cf25438ab85e5c7847917daeb0fdca040c2adf4ad8daa018a5f335_amd64",
"relates_to_product_reference": "8Base-CRW-2.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "codeready-workspaces/pluginbroker-artifacts-rhel8@sha256:6e79860a0dd54fadccce26847c0dfb31d74db351e9dfce89df368d655bf27e7a_amd64 as a component of Red Hat CodeReady Workspaces Containers 2.0",
"product_id": "8Base-CRW-2.0:codeready-workspaces/pluginbroker-artifacts-rhel8@sha256:6e79860a0dd54fadccce26847c0dfb31d74db351e9dfce89df368d655bf27e7a_amd64"
},
"product_reference": "codeready-workspaces/pluginbroker-artifacts-rhel8@sha256:6e79860a0dd54fadccce26847c0dfb31d74db351e9dfce89df368d655bf27e7a_amd64",
"relates_to_product_reference": "8Base-CRW-2.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "codeready-workspaces/pluginbroker-metadata-rhel8@sha256:27d339688c21a34e5edfe9329bcf9a5bed1230bf322170d410a7fa80ee910593_amd64 as a component of Red Hat CodeReady Workspaces Containers 2.0",
"product_id": "8Base-CRW-2.0:codeready-workspaces/pluginbroker-metadata-rhel8@sha256:27d339688c21a34e5edfe9329bcf9a5bed1230bf322170d410a7fa80ee910593_amd64"
},
"product_reference": "codeready-workspaces/pluginbroker-metadata-rhel8@sha256:27d339688c21a34e5edfe9329bcf9a5bed1230bf322170d410a7fa80ee910593_amd64",
"relates_to_product_reference": "8Base-CRW-2.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "codeready-workspaces/pluginregistry-rhel8@sha256:e8187d1f68bba7f17898e341cd0b89b10c9363e31ed558b0713d2367e2669618_amd64 as a component of Red Hat CodeReady Workspaces Containers 2.0",
"product_id": "8Base-CRW-2.0:codeready-workspaces/pluginregistry-rhel8@sha256:e8187d1f68bba7f17898e341cd0b89b10c9363e31ed558b0713d2367e2669618_amd64"
},
"product_reference": "codeready-workspaces/pluginregistry-rhel8@sha256:e8187d1f68bba7f17898e341cd0b89b10c9363e31ed558b0713d2367e2669618_amd64",
"relates_to_product_reference": "8Base-CRW-2.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "codeready-workspaces/server-rhel8@sha256:2d87f9ef09138a692c9a09c2b24ddfa3377cc74501a34c142dafd3e08babd650_amd64 as a component of Red Hat CodeReady Workspaces Containers 2.0",
"product_id": "8Base-CRW-2.0:codeready-workspaces/server-rhel8@sha256:2d87f9ef09138a692c9a09c2b24ddfa3377cc74501a34c142dafd3e08babd650_amd64"
},
"product_reference": "codeready-workspaces/server-rhel8@sha256:2d87f9ef09138a692c9a09c2b24ddfa3377cc74501a34c142dafd3e08babd650_amd64",
"relates_to_product_reference": "8Base-CRW-2.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "codeready-workspaces/stacks-cpp-rhel8@sha256:191d0fcf5983e2901fd3d92d27af760ab3e9924bbad8dbc7d45dd0103de89480_amd64 as a component of Red Hat CodeReady Workspaces Containers 2.0",
"product_id": "8Base-CRW-2.0:codeready-workspaces/stacks-cpp-rhel8@sha256:191d0fcf5983e2901fd3d92d27af760ab3e9924bbad8dbc7d45dd0103de89480_amd64"
},
"product_reference": "codeready-workspaces/stacks-cpp-rhel8@sha256:191d0fcf5983e2901fd3d92d27af760ab3e9924bbad8dbc7d45dd0103de89480_amd64",
"relates_to_product_reference": "8Base-CRW-2.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "codeready-workspaces/stacks-dotnet-rhel8@sha256:9a5ef2fec22979ccaab3574c5fc0761262b165bf0c5ac49d078b2069d84d9f08_amd64 as a component of Red Hat CodeReady Workspaces Containers 2.0",
"product_id": "8Base-CRW-2.0:codeready-workspaces/stacks-dotnet-rhel8@sha256:9a5ef2fec22979ccaab3574c5fc0761262b165bf0c5ac49d078b2069d84d9f08_amd64"
},
"product_reference": "codeready-workspaces/stacks-dotnet-rhel8@sha256:9a5ef2fec22979ccaab3574c5fc0761262b165bf0c5ac49d078b2069d84d9f08_amd64",
"relates_to_product_reference": "8Base-CRW-2.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "codeready-workspaces/stacks-golang-rhel8@sha256:9e8bfc4dda750dbc82a7dac2583cf8b0ee04cc1525b9178aa0b52dae4bc4bc72_amd64 as a component of Red Hat CodeReady Workspaces Containers 2.0",
"product_id": "8Base-CRW-2.0:codeready-workspaces/stacks-golang-rhel8@sha256:9e8bfc4dda750dbc82a7dac2583cf8b0ee04cc1525b9178aa0b52dae4bc4bc72_amd64"
},
"product_reference": "codeready-workspaces/stacks-golang-rhel8@sha256:9e8bfc4dda750dbc82a7dac2583cf8b0ee04cc1525b9178aa0b52dae4bc4bc72_amd64",
"relates_to_product_reference": "8Base-CRW-2.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "codeready-workspaces/stacks-java-rhel8@sha256:e73cb6bd61cb5578f3317ffe52dd1be0b460d5b8a3f0cee278070203e422c6aa_amd64 as a component of Red Hat CodeReady Workspaces Containers 2.0",
"product_id": "8Base-CRW-2.0:codeready-workspaces/stacks-java-rhel8@sha256:e73cb6bd61cb5578f3317ffe52dd1be0b460d5b8a3f0cee278070203e422c6aa_amd64"
},
"product_reference": "codeready-workspaces/stacks-java-rhel8@sha256:e73cb6bd61cb5578f3317ffe52dd1be0b460d5b8a3f0cee278070203e422c6aa_amd64",
"relates_to_product_reference": "8Base-CRW-2.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "codeready-workspaces/stacks-node-rhel8@sha256:d1a9e5d6d9b5fd7de3342db00fa2ed3b883241eca1182044b22c8d05745c298d_amd64 as a component of Red Hat CodeReady Workspaces Containers 2.0",
"product_id": "8Base-CRW-2.0:codeready-workspaces/stacks-node-rhel8@sha256:d1a9e5d6d9b5fd7de3342db00fa2ed3b883241eca1182044b22c8d05745c298d_amd64"
},
"product_reference": "codeready-workspaces/stacks-node-rhel8@sha256:d1a9e5d6d9b5fd7de3342db00fa2ed3b883241eca1182044b22c8d05745c298d_amd64",
"relates_to_product_reference": "8Base-CRW-2.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "codeready-workspaces/stacks-php-rhel8@sha256:a291af2f21a28654b30e807c9dba2e5934482f8b99f816c197c87850de0eac33_amd64 as a component of Red Hat CodeReady Workspaces Containers 2.0",
"product_id": "8Base-CRW-2.0:codeready-workspaces/stacks-php-rhel8@sha256:a291af2f21a28654b30e807c9dba2e5934482f8b99f816c197c87850de0eac33_amd64"
},
"product_reference": "codeready-workspaces/stacks-php-rhel8@sha256:a291af2f21a28654b30e807c9dba2e5934482f8b99f816c197c87850de0eac33_amd64",
"relates_to_product_reference": "8Base-CRW-2.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "codeready-workspaces/stacks-python-rhel8@sha256:dc545739e4b10098e6b763d621289cac2316a5b9302e52f745ace752636939ef_amd64 as a component of Red Hat CodeReady Workspaces Containers 2.0",
"product_id": "8Base-CRW-2.0:codeready-workspaces/stacks-python-rhel8@sha256:dc545739e4b10098e6b763d621289cac2316a5b9302e52f745ace752636939ef_amd64"
},
"product_reference": "codeready-workspaces/stacks-python-rhel8@sha256:dc545739e4b10098e6b763d621289cac2316a5b9302e52f745ace752636939ef_amd64",
"relates_to_product_reference": "8Base-CRW-2.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "codeready-workspaces/theia-dev-rhel8@sha256:cd2ea2de13f288ff091b29e45c277c6f57fb1256d07089c06a16a0d4844d5ed6_amd64 as a component of Red Hat CodeReady Workspaces Containers 2.0",
"product_id": "8Base-CRW-2.0:codeready-workspaces/theia-dev-rhel8@sha256:cd2ea2de13f288ff091b29e45c277c6f57fb1256d07089c06a16a0d4844d5ed6_amd64"
},
"product_reference": "codeready-workspaces/theia-dev-rhel8@sha256:cd2ea2de13f288ff091b29e45c277c6f57fb1256d07089c06a16a0d4844d5ed6_amd64",
"relates_to_product_reference": "8Base-CRW-2.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "codeready-workspaces/theia-endpoint-rhel8@sha256:4a2e07d99330ce24c2c4e722181b3d64aba9905d032f127e9fb7ada1e420eb2b_amd64 as a component of Red Hat CodeReady Workspaces Containers 2.0",
"product_id": "8Base-CRW-2.0:codeready-workspaces/theia-endpoint-rhel8@sha256:4a2e07d99330ce24c2c4e722181b3d64aba9905d032f127e9fb7ada1e420eb2b_amd64"
},
"product_reference": "codeready-workspaces/theia-endpoint-rhel8@sha256:4a2e07d99330ce24c2c4e722181b3d64aba9905d032f127e9fb7ada1e420eb2b_amd64",
"relates_to_product_reference": "8Base-CRW-2.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "codeready-workspaces/theia-rhel8@sha256:815f196dff84e44adfefa1545c113c985a425feae969c68c296222a71040c120_amd64 as a component of Red Hat CodeReady Workspaces Containers 2.0",
"product_id": "8Base-CRW-2.0:codeready-workspaces/theia-rhel8@sha256:815f196dff84e44adfefa1545c113c985a425feae969c68c296222a71040c120_amd64"
},
"product_reference": "codeready-workspaces/theia-rhel8@sha256:815f196dff84e44adfefa1545c113c985a425feae969c68c296222a71040c120_amd64",
"relates_to_product_reference": "8Base-CRW-2.0"
}
]
},
"vulnerabilities": [
{
"acknowledgments": [
{
"names": [
"Mario Loriedo"
],
"organization": "Red Hat",
"summary": "This issue was discovered by Red Hat."
}
],
"cve": "CVE-2020-10689",
"cwe": {
"id": "CWE-862",
"name": "Missing Authorization"
},
"discovery_date": "2020-03-24T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1816789"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Eclipse Che, where it did not properly restrict access to workspace pods. An authenticated user can exploit this flaw to bypass JWT proxy and gain access to the workspace pods of another user. Successful exploitation requires knowledge of the service name and namespace of the target pod.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "che: pods in kubernetes cluster can bypass JWT proxy and send unauthenticated requests to workspace pods",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-CRW-2.0:codeready-workspaces/crw-2-rhel8-operator-metadata@sha256:52d30fcac79fc7bd5fd3e03a253215e7023d422ab72e4661229e9ed09cf9ef27_amd64",
"8Base-CRW-2.0:codeready-workspaces/crw-2-rhel8-operator@sha256:45eca3d70335c8b70f5e71d31576d66fba7877d8bd2d5eb96352a1da7b2ef58f_amd64",
"8Base-CRW-2.0:codeready-workspaces/devfileregistry-rhel8@sha256:b811a879f331152bada0fd225ca3330d54f27596040edec5778bd4099bc14371_amd64",
"8Base-CRW-2.0:codeready-workspaces/imagepuller-rhel8@sha256:da74046d9bc142f22624c2d46da07ec22d5cf4d27b19c898390d0aa4bdce1ec0_amd64",
"8Base-CRW-2.0:codeready-workspaces/jwtproxy-rhel8@sha256:b0b31981db52f3203682f18026bcd346cee647d7ad4160e87103f276f8780ff5_amd64",
"8Base-CRW-2.0:codeready-workspaces/machineexec-rhel8@sha256:dac0dae1b8df99a74b42a87ad5d2976b5f1f1d864feea953ce92660b9f33ac39_amd64",
"8Base-CRW-2.0:codeready-workspaces/plugin-java11-rhel8@sha256:872fa606f0108bbad736bd70d588263437c728ada2ff6790981eff1703fa7a55_amd64",
"8Base-CRW-2.0:codeready-workspaces/plugin-kubernetes-rhel8@sha256:603780924977c27ccfbbb1715fd3ef3683eaea5ee867f93d25ed4c9a74514eaa_amd64",
"8Base-CRW-2.0:codeready-workspaces/plugin-openshift-rhel8@sha256:38202d1640cf25438ab85e5c7847917daeb0fdca040c2adf4ad8daa018a5f335_amd64",
"8Base-CRW-2.0:codeready-workspaces/pluginbroker-artifacts-rhel8@sha256:6e79860a0dd54fadccce26847c0dfb31d74db351e9dfce89df368d655bf27e7a_amd64",
"8Base-CRW-2.0:codeready-workspaces/pluginbroker-metadata-rhel8@sha256:27d339688c21a34e5edfe9329bcf9a5bed1230bf322170d410a7fa80ee910593_amd64",
"8Base-CRW-2.0:codeready-workspaces/pluginregistry-rhel8@sha256:e8187d1f68bba7f17898e341cd0b89b10c9363e31ed558b0713d2367e2669618_amd64",
"8Base-CRW-2.0:codeready-workspaces/server-rhel8@sha256:2d87f9ef09138a692c9a09c2b24ddfa3377cc74501a34c142dafd3e08babd650_amd64",
"8Base-CRW-2.0:codeready-workspaces/stacks-cpp-rhel8@sha256:191d0fcf5983e2901fd3d92d27af760ab3e9924bbad8dbc7d45dd0103de89480_amd64",
"8Base-CRW-2.0:codeready-workspaces/stacks-dotnet-rhel8@sha256:9a5ef2fec22979ccaab3574c5fc0761262b165bf0c5ac49d078b2069d84d9f08_amd64",
"8Base-CRW-2.0:codeready-workspaces/stacks-golang-rhel8@sha256:9e8bfc4dda750dbc82a7dac2583cf8b0ee04cc1525b9178aa0b52dae4bc4bc72_amd64",
"8Base-CRW-2.0:codeready-workspaces/stacks-java-rhel8@sha256:e73cb6bd61cb5578f3317ffe52dd1be0b460d5b8a3f0cee278070203e422c6aa_amd64",
"8Base-CRW-2.0:codeready-workspaces/stacks-node-rhel8@sha256:d1a9e5d6d9b5fd7de3342db00fa2ed3b883241eca1182044b22c8d05745c298d_amd64",
"8Base-CRW-2.0:codeready-workspaces/stacks-php-rhel8@sha256:a291af2f21a28654b30e807c9dba2e5934482f8b99f816c197c87850de0eac33_amd64",
"8Base-CRW-2.0:codeready-workspaces/stacks-python-rhel8@sha256:dc545739e4b10098e6b763d621289cac2316a5b9302e52f745ace752636939ef_amd64",
"8Base-CRW-2.0:codeready-workspaces/theia-dev-rhel8@sha256:cd2ea2de13f288ff091b29e45c277c6f57fb1256d07089c06a16a0d4844d5ed6_amd64",
"8Base-CRW-2.0:codeready-workspaces/theia-endpoint-rhel8@sha256:4a2e07d99330ce24c2c4e722181b3d64aba9905d032f127e9fb7ada1e420eb2b_amd64",
"8Base-CRW-2.0:codeready-workspaces/theia-rhel8@sha256:815f196dff84e44adfefa1545c113c985a425feae969c68c296222a71040c120_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-10689"
},
{
"category": "external",
"summary": "RHBZ#1816789",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1816789"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-10689",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-10689"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-10689",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-10689"
}
],
"release_date": "2020-03-24T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-04-14T19:26:29+00:00",
"details": "To start using CodeReady Workspaces, download and install it using the instructions provided in the Red Hat CodeReady Workspaces Installation Guide linked from the References section.",
"product_ids": [
"8Base-CRW-2.0:codeready-workspaces/crw-2-rhel8-operator-metadata@sha256:52d30fcac79fc7bd5fd3e03a253215e7023d422ab72e4661229e9ed09cf9ef27_amd64",
"8Base-CRW-2.0:codeready-workspaces/crw-2-rhel8-operator@sha256:45eca3d70335c8b70f5e71d31576d66fba7877d8bd2d5eb96352a1da7b2ef58f_amd64",
"8Base-CRW-2.0:codeready-workspaces/devfileregistry-rhel8@sha256:b811a879f331152bada0fd225ca3330d54f27596040edec5778bd4099bc14371_amd64",
"8Base-CRW-2.0:codeready-workspaces/imagepuller-rhel8@sha256:da74046d9bc142f22624c2d46da07ec22d5cf4d27b19c898390d0aa4bdce1ec0_amd64",
"8Base-CRW-2.0:codeready-workspaces/jwtproxy-rhel8@sha256:b0b31981db52f3203682f18026bcd346cee647d7ad4160e87103f276f8780ff5_amd64",
"8Base-CRW-2.0:codeready-workspaces/machineexec-rhel8@sha256:dac0dae1b8df99a74b42a87ad5d2976b5f1f1d864feea953ce92660b9f33ac39_amd64",
"8Base-CRW-2.0:codeready-workspaces/plugin-java11-rhel8@sha256:872fa606f0108bbad736bd70d588263437c728ada2ff6790981eff1703fa7a55_amd64",
"8Base-CRW-2.0:codeready-workspaces/plugin-kubernetes-rhel8@sha256:603780924977c27ccfbbb1715fd3ef3683eaea5ee867f93d25ed4c9a74514eaa_amd64",
"8Base-CRW-2.0:codeready-workspaces/plugin-openshift-rhel8@sha256:38202d1640cf25438ab85e5c7847917daeb0fdca040c2adf4ad8daa018a5f335_amd64",
"8Base-CRW-2.0:codeready-workspaces/pluginbroker-artifacts-rhel8@sha256:6e79860a0dd54fadccce26847c0dfb31d74db351e9dfce89df368d655bf27e7a_amd64",
"8Base-CRW-2.0:codeready-workspaces/pluginbroker-metadata-rhel8@sha256:27d339688c21a34e5edfe9329bcf9a5bed1230bf322170d410a7fa80ee910593_amd64",
"8Base-CRW-2.0:codeready-workspaces/pluginregistry-rhel8@sha256:e8187d1f68bba7f17898e341cd0b89b10c9363e31ed558b0713d2367e2669618_amd64",
"8Base-CRW-2.0:codeready-workspaces/server-rhel8@sha256:2d87f9ef09138a692c9a09c2b24ddfa3377cc74501a34c142dafd3e08babd650_amd64",
"8Base-CRW-2.0:codeready-workspaces/stacks-cpp-rhel8@sha256:191d0fcf5983e2901fd3d92d27af760ab3e9924bbad8dbc7d45dd0103de89480_amd64",
"8Base-CRW-2.0:codeready-workspaces/stacks-dotnet-rhel8@sha256:9a5ef2fec22979ccaab3574c5fc0761262b165bf0c5ac49d078b2069d84d9f08_amd64",
"8Base-CRW-2.0:codeready-workspaces/stacks-golang-rhel8@sha256:9e8bfc4dda750dbc82a7dac2583cf8b0ee04cc1525b9178aa0b52dae4bc4bc72_amd64",
"8Base-CRW-2.0:codeready-workspaces/stacks-java-rhel8@sha256:e73cb6bd61cb5578f3317ffe52dd1be0b460d5b8a3f0cee278070203e422c6aa_amd64",
"8Base-CRW-2.0:codeready-workspaces/stacks-node-rhel8@sha256:d1a9e5d6d9b5fd7de3342db00fa2ed3b883241eca1182044b22c8d05745c298d_amd64",
"8Base-CRW-2.0:codeready-workspaces/stacks-php-rhel8@sha256:a291af2f21a28654b30e807c9dba2e5934482f8b99f816c197c87850de0eac33_amd64",
"8Base-CRW-2.0:codeready-workspaces/stacks-python-rhel8@sha256:dc545739e4b10098e6b763d621289cac2316a5b9302e52f745ace752636939ef_amd64",
"8Base-CRW-2.0:codeready-workspaces/theia-dev-rhel8@sha256:cd2ea2de13f288ff091b29e45c277c6f57fb1256d07089c06a16a0d4844d5ed6_amd64",
"8Base-CRW-2.0:codeready-workspaces/theia-endpoint-rhel8@sha256:4a2e07d99330ce24c2c4e722181b3d64aba9905d032f127e9fb7ada1e420eb2b_amd64",
"8Base-CRW-2.0:codeready-workspaces/theia-rhel8@sha256:815f196dff84e44adfefa1545c113c985a425feae969c68c296222a71040c120_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:1475"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-CRW-2.0:codeready-workspaces/crw-2-rhel8-operator-metadata@sha256:52d30fcac79fc7bd5fd3e03a253215e7023d422ab72e4661229e9ed09cf9ef27_amd64",
"8Base-CRW-2.0:codeready-workspaces/crw-2-rhel8-operator@sha256:45eca3d70335c8b70f5e71d31576d66fba7877d8bd2d5eb96352a1da7b2ef58f_amd64",
"8Base-CRW-2.0:codeready-workspaces/devfileregistry-rhel8@sha256:b811a879f331152bada0fd225ca3330d54f27596040edec5778bd4099bc14371_amd64",
"8Base-CRW-2.0:codeready-workspaces/imagepuller-rhel8@sha256:da74046d9bc142f22624c2d46da07ec22d5cf4d27b19c898390d0aa4bdce1ec0_amd64",
"8Base-CRW-2.0:codeready-workspaces/jwtproxy-rhel8@sha256:b0b31981db52f3203682f18026bcd346cee647d7ad4160e87103f276f8780ff5_amd64",
"8Base-CRW-2.0:codeready-workspaces/machineexec-rhel8@sha256:dac0dae1b8df99a74b42a87ad5d2976b5f1f1d864feea953ce92660b9f33ac39_amd64",
"8Base-CRW-2.0:codeready-workspaces/plugin-java11-rhel8@sha256:872fa606f0108bbad736bd70d588263437c728ada2ff6790981eff1703fa7a55_amd64",
"8Base-CRW-2.0:codeready-workspaces/plugin-kubernetes-rhel8@sha256:603780924977c27ccfbbb1715fd3ef3683eaea5ee867f93d25ed4c9a74514eaa_amd64",
"8Base-CRW-2.0:codeready-workspaces/plugin-openshift-rhel8@sha256:38202d1640cf25438ab85e5c7847917daeb0fdca040c2adf4ad8daa018a5f335_amd64",
"8Base-CRW-2.0:codeready-workspaces/pluginbroker-artifacts-rhel8@sha256:6e79860a0dd54fadccce26847c0dfb31d74db351e9dfce89df368d655bf27e7a_amd64",
"8Base-CRW-2.0:codeready-workspaces/pluginbroker-metadata-rhel8@sha256:27d339688c21a34e5edfe9329bcf9a5bed1230bf322170d410a7fa80ee910593_amd64",
"8Base-CRW-2.0:codeready-workspaces/pluginregistry-rhel8@sha256:e8187d1f68bba7f17898e341cd0b89b10c9363e31ed558b0713d2367e2669618_amd64",
"8Base-CRW-2.0:codeready-workspaces/server-rhel8@sha256:2d87f9ef09138a692c9a09c2b24ddfa3377cc74501a34c142dafd3e08babd650_amd64",
"8Base-CRW-2.0:codeready-workspaces/stacks-cpp-rhel8@sha256:191d0fcf5983e2901fd3d92d27af760ab3e9924bbad8dbc7d45dd0103de89480_amd64",
"8Base-CRW-2.0:codeready-workspaces/stacks-dotnet-rhel8@sha256:9a5ef2fec22979ccaab3574c5fc0761262b165bf0c5ac49d078b2069d84d9f08_amd64",
"8Base-CRW-2.0:codeready-workspaces/stacks-golang-rhel8@sha256:9e8bfc4dda750dbc82a7dac2583cf8b0ee04cc1525b9178aa0b52dae4bc4bc72_amd64",
"8Base-CRW-2.0:codeready-workspaces/stacks-java-rhel8@sha256:e73cb6bd61cb5578f3317ffe52dd1be0b460d5b8a3f0cee278070203e422c6aa_amd64",
"8Base-CRW-2.0:codeready-workspaces/stacks-node-rhel8@sha256:d1a9e5d6d9b5fd7de3342db00fa2ed3b883241eca1182044b22c8d05745c298d_amd64",
"8Base-CRW-2.0:codeready-workspaces/stacks-php-rhel8@sha256:a291af2f21a28654b30e807c9dba2e5934482f8b99f816c197c87850de0eac33_amd64",
"8Base-CRW-2.0:codeready-workspaces/stacks-python-rhel8@sha256:dc545739e4b10098e6b763d621289cac2316a5b9302e52f745ace752636939ef_amd64",
"8Base-CRW-2.0:codeready-workspaces/theia-dev-rhel8@sha256:cd2ea2de13f288ff091b29e45c277c6f57fb1256d07089c06a16a0d4844d5ed6_amd64",
"8Base-CRW-2.0:codeready-workspaces/theia-endpoint-rhel8@sha256:4a2e07d99330ce24c2c4e722181b3d64aba9905d032f127e9fb7ada1e420eb2b_amd64",
"8Base-CRW-2.0:codeready-workspaces/theia-rhel8@sha256:815f196dff84e44adfefa1545c113c985a425feae969c68c296222a71040c120_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "che: pods in kubernetes cluster can bypass JWT proxy and send unauthenticated requests to workspace pods"
}
]
}
CNVD-2020-23231
Vulnerability from cnvd - Published: 2020-04-17
VLAI Severity ?
Title
Eclipse Che未授权访问漏洞
Description
Eclipse Che是Eclipse基金会的一套基于Java的开源在线集成开发环境(IDE)。
Eclipse Che 7.8.x及之前版本中存在安全漏洞,该漏洞源于程序没有适当地限制对工作区容器组的访问。攻击者可利用该漏洞绕过JWT代理并获得对另一个用户的工作区容器组的访问权限。
Severity
高
Patch Name
Eclipse Che未授权访问漏洞的补丁
Patch Description
Eclipse Che是Eclipse基金会的一套基于Java的开源在线集成开发环境(IDE)。
Eclipse Che 7.8.x及之前版本中存在安全漏洞,该漏洞源于程序没有适当地限制对工作区容器组的访问。攻击者可利用该漏洞绕过JWT代理并获得对另一个用户的工作区容器组的访问权限。目前,供应商发布了安全公告及相关补丁信息,修复了此漏洞。
Formal description
目前厂商已发布升级补丁以修复漏洞,详情请关注厂商主页: https://www.eclipse.org/
Impacted products
| Name | Eclipse Eclipse Che <=7.8.* |
|---|
{
"cves": {
"cve": {
"cveNumber": "CVE-2020-10689"
}
},
"description": "Eclipse Che\u662fEclipse\u57fa\u91d1\u4f1a\u7684\u4e00\u5957\u57fa\u4e8eJava\u7684\u5f00\u6e90\u5728\u7ebf\u96c6\u6210\u5f00\u53d1\u73af\u5883\uff08IDE\uff09\u3002\n\nEclipse Che 7.8.x\u53ca\u4e4b\u524d\u7248\u672c\u4e2d\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u6e90\u4e8e\u7a0b\u5e8f\u6ca1\u6709\u9002\u5f53\u5730\u9650\u5236\u5bf9\u5de5\u4f5c\u533a\u5bb9\u5668\u7ec4\u7684\u8bbf\u95ee\u3002\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u7ed5\u8fc7JWT\u4ee3\u7406\u5e76\u83b7\u5f97\u5bf9\u53e6\u4e00\u4e2a\u7528\u6237\u7684\u5de5\u4f5c\u533a\u5bb9\u5668\u7ec4\u7684\u8bbf\u95ee\u6743\u9650\u3002",
"formalWay": "\u76ee\u524d\u5382\u5546\u5df2\u53d1\u5e03\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u6f0f\u6d1e\uff0c\u8be6\u60c5\u8bf7\u5173\u6ce8\u5382\u5546\u4e3b\u9875\uff1a\r\nhttps://www.eclipse.org/",
"isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
"number": "CNVD-2020-23231",
"openTime": "2020-04-17",
"patchDescription": "Eclipse Che\u662fEclipse\u57fa\u91d1\u4f1a\u7684\u4e00\u5957\u57fa\u4e8eJava\u7684\u5f00\u6e90\u5728\u7ebf\u96c6\u6210\u5f00\u53d1\u73af\u5883\uff08IDE\uff09\u3002\r\n\r\nEclipse Che 7.8.x\u53ca\u4e4b\u524d\u7248\u672c\u4e2d\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u6e90\u4e8e\u7a0b\u5e8f\u6ca1\u6709\u9002\u5f53\u5730\u9650\u5236\u5bf9\u5de5\u4f5c\u533a\u5bb9\u5668\u7ec4\u7684\u8bbf\u95ee\u3002\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u7ed5\u8fc7JWT\u4ee3\u7406\u5e76\u83b7\u5f97\u5bf9\u53e6\u4e00\u4e2a\u7528\u6237\u7684\u5de5\u4f5c\u533a\u5bb9\u5668\u7ec4\u7684\u8bbf\u95ee\u6743\u9650\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
"patchName": "Eclipse Che\u672a\u6388\u6743\u8bbf\u95ee\u6f0f\u6d1e\u7684\u8865\u4e01",
"products": {
"product": "Eclipse Eclipse Che \u003c=7.8.*"
},
"serverity": "\u9ad8",
"submitTime": "2020-04-07",
"title": "Eclipse Che\u672a\u6388\u6743\u8bbf\u95ee\u6f0f\u6d1e"
}
GHSA-P4FF-2HPQ-9X64
Vulnerability from github – Published: 2022-02-15 01:45 – Updated: 2022-02-15 01:45
VLAI?
Summary
Missing Authorization in Eclipse Che
Details
A flaw was found in the Eclipse Che up to version 7.8.x, where it did not properly restrict access to workspace pods. An authenticated user can exploit this flaw to bypass JWT proxy and gain access to the workspace pods of another user. Successful exploitation requires knowledge of the service name and namespace of the target pod.
Severity ?
6.8 (Medium)
{
"affected": [],
"aliases": [
"CVE-2020-10689"
],
"database_specific": {
"cwe_ids": [
"CWE-862"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2020-04-03T15:15:00Z",
"severity": "MODERATE"
},
"details": "A flaw was found in the Eclipse Che up to version 7.8.x, where it did not properly restrict access to workspace pods. An authenticated user can exploit this flaw to bypass JWT proxy and gain access to the workspace pods of another user. Successful exploitation requires knowledge of the service name and namespace of the target pod.",
"id": "GHSA-p4ff-2hpq-9x64",
"modified": "2022-02-15T01:45:54Z",
"published": "2022-02-15T01:45:53Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-10689"
},
{
"type": "WEB",
"url": "https://github.com/eclipse/che/issues/15651"
},
{
"type": "WEB",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-10689"
},
{
"type": "PACKAGE",
"url": "https://github.com/eclipse/che"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
],
"summary": "Missing Authorization in Eclipse Che"
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…