Action not permitted
Modal body text goes here.
cve-2020-2162
Vulnerability from cvelistv5
▼ | URL | Tags | |
---|---|---|---|
jenkinsci-cert@googlegroups.com | http://www.openwall.com/lists/oss-security/2020/03/25/2 | Mailing List, Third Party Advisory | |
jenkinsci-cert@googlegroups.com | https://jenkins.io/security/advisory/2020-03-25/#SECURITY-1793 | Vendor Advisory |
▼ | Vendor | Product |
---|---|---|
Jenkins project | Jenkins |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-04T07:01:40.698Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://jenkins.io/security/advisory/2020-03-25/#SECURITY-1793" }, { "name": "[oss-security] 20200325 Multiple vulnerabilities in Jenkins and Jenkins plugins", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "http://www.openwall.com/lists/oss-security/2020/03/25/2" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Jenkins", "vendor": "Jenkins project", "versions": [ { "lessThanOrEqual": "2.227", "status": "affected", "version": "unspecified", "versionType": "custom" }, { "lessThanOrEqual": "LTS 2.204.5", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "Jenkins 2.227 and earlier, LTS 2.204.5 and earlier does not set Content-Security-Policy headers for files uploaded as file parameters to a build, resulting in a stored XSS vulnerability." } ], "providerMetadata": { "dateUpdated": "2023-10-24T16:06:07.556Z", "orgId": "39769cd5-e6e2-4dc8-927e-97b3aa056f5b", "shortName": "jenkins" }, "references": [ { "tags": [ "x_refsource_CONFIRM" ], "url": "https://jenkins.io/security/advisory/2020-03-25/#SECURITY-1793" }, { "name": "[oss-security] 20200325 Multiple vulnerabilities in Jenkins and Jenkins plugins", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "http://www.openwall.com/lists/oss-security/2020/03/25/2" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "jenkinsci-cert@googlegroups.com", "ID": "CVE-2020-2162", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Jenkins", "version": { "version_data": [ { "version_affected": "\u003c=", "version_value": "2.227" }, { "version_affected": "\u003c=", "version_value": "LTS 2.204.5" } ] } } ] }, "vendor_name": "Jenkins project" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Jenkins 2.227 and earlier, LTS 2.204.5 and earlier does not set Content-Security-Policy headers for files uploaded as file parameters to a build, resulting in a stored XSS vulnerability." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "CWE-79: Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)" } ] } ] }, "references": { "reference_data": [ { "name": "https://jenkins.io/security/advisory/2020-03-25/#SECURITY-1793", "refsource": "CONFIRM", "url": "https://jenkins.io/security/advisory/2020-03-25/#SECURITY-1793" }, { "name": "[oss-security] 20200325 Multiple vulnerabilities in Jenkins and Jenkins plugins", "refsource": "MLIST", "url": "http://www.openwall.com/lists/oss-security/2020/03/25/2" } ] } } } }, "cveMetadata": { "assignerOrgId": "39769cd5-e6e2-4dc8-927e-97b3aa056f5b", "assignerShortName": "jenkins", "cveId": "CVE-2020-2162", "datePublished": "2020-03-25T16:05:35", "dateReserved": "2019-12-05T00:00:00", "dateUpdated": "2024-08-04T07:01:40.698Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1", "meta": { "nvd": "{\"cve\":{\"id\":\"CVE-2020-2162\",\"sourceIdentifier\":\"jenkinsci-cert@googlegroups.com\",\"published\":\"2020-03-25T17:15:15.093\",\"lastModified\":\"2023-11-02T21:11:45.810\",\"vulnStatus\":\"Analyzed\",\"descriptions\":[{\"lang\":\"en\",\"value\":\"Jenkins 2.227 and earlier, LTS 2.204.5 and earlier does not set Content-Security-Policy headers for files uploaded as file parameters to a build, resulting in a stored XSS vulnerability.\"},{\"lang\":\"es\",\"value\":\"Jenkins versiones 2.227 y anteriores, LTS versiones 2.204.5 y anteriores, no establecen encabezados Content-Security-Policy para los archivos cargados como par\u00e1metros de archivo en una compilaci\u00f3n, resultando en una vulnerabilidad de tipo XSS almacenado.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"REQUIRED\",\"scope\":\"CHANGED\",\"confidentialityImpact\":\"LOW\",\"integrityImpact\":\"LOW\",\"availabilityImpact\":\"NONE\",\"baseScore\":5.4,\"baseSeverity\":\"MEDIUM\"},\"exploitabilityScore\":2.3,\"impactScore\":2.7}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:S/C:N/I:P/A:N\",\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"SINGLE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"NONE\",\"baseScore\":3.5},\"baseSeverity\":\"LOW\",\"exploitabilityScore\":6.8,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":true}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-79\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:jenkins:jenkins:*:*:*:*:lts:*:*:*\",\"versionEndIncluding\":\"2.204.5\",\"matchCriteriaId\":\"CFE13DC6-8F0E-458C-AD96-32E8F057CA18\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:jenkins:jenkins:*:*:*:*:-:*:*:*\",\"versionEndIncluding\":\"2.227\",\"matchCriteriaId\":\"861CC050-ED58-468C-BC49-76C840E22E3D\"}]}]}],\"references\":[{\"url\":\"http://www.openwall.com/lists/oss-security/2020/03/25/2\",\"source\":\"jenkinsci-cert@googlegroups.com\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://jenkins.io/security/advisory/2020-03-25/#SECURITY-1793\",\"source\":\"jenkinsci-cert@googlegroups.com\",\"tags\":[\"Vendor Advisory\"]}]}}" } }
rhba-2020_2444
Vulnerability from csaf_redhat
Notes
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Important" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "Red Hat OpenShift Container Platform release 4.4.8 is now available with\nupdates to packages and images that fix several bugs.", "title": "Topic" }, { "category": "general", "text": "Red Hat OpenShift Container Platform is Red Hat\u0027s cloud computing\nKubernetes application platform solution designed for on-premise or private\ncloud deployments.\n\nThis advisory contains the RPM packages for Red Hat OpenShift Container\nPlatform 4.4.8. See the following advisory for the container images for\nthis release:\n\nhttps://access.redhat.com/errata/RHBA-2020:2445\n\nAll OpenShift Container Platform 4.4 users are advised to upgrade to these updated packages and images when they are available in the appropriate release channel. To check for available updates, use the OpenShift Console or the CLI oc command. Instructions for upgrading a cluster are available at https://docs.openshift.com/container-platform/4.4/updating/updating-cluster-between-minor.html#understanding-upgrade-channels_updating-cluster-between-minor.", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHBA-2020:2444", "url": "https://access.redhat.com/errata/RHBA-2020:2444" }, { "category": "external", "summary": "1843489", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1843489" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2020/rhba-2020_2444.json" } ], "title": "Red Hat Bug Fix Advisory: OpenShift Container Platform 4.4.8 packages update", "tracking": { "current_release_date": "2024-11-05T15:56:19+00:00", "generator": { "date": "2024-11-05T15:56:19+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.1.1" } }, "id": "RHBA-2020:2444", "initial_release_date": "2020-06-17T19:38:33+00:00", "revision_history": [ { "date": "2020-06-17T19:38:33+00:00", "number": "1", "summary": "Initial version" }, { "date": "2020-06-17T19:38:33+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-11-05T15:56:19+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat OpenShift Container Platform 4.4", "product": { "name": "Red Hat OpenShift Container Platform 4.4", "product_id": "7Server-RH7-RHOSE-4.4", "product_identification_helper": { "cpe": "cpe:/a:redhat:openshift:4.4::el7" } } }, { "category": "product_name", "name": "Red Hat OpenShift Container Platform 4.4", "product": { "name": "Red Hat OpenShift Container Platform 4.4", "product_id": "8Base-RHOSE-4.4", "product_identification_helper": { "cpe": "cpe:/a:redhat:openshift:4.4::el8" } } } ], "category": "product_family", "name": "Red Hat OpenShift Enterprise" }, { "branches": [ { "category": "product_version", "name": "jenkins-0:2.222.1.1591351066-1.el7.noarch", "product": { "name": "jenkins-0:2.222.1.1591351066-1.el7.noarch", "product_id": "jenkins-0:2.222.1.1591351066-1.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jenkins@2.222.1.1591351066-1.el7?arch=noarch" } } }, { "category": "product_version", "name": "openshift-ansible-0:4.4.0-202006061254.git.1.a996454.el7.noarch", "product": { "name": "openshift-ansible-0:4.4.0-202006061254.git.1.a996454.el7.noarch", "product_id": "openshift-ansible-0:4.4.0-202006061254.git.1.a996454.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/openshift-ansible@4.4.0-202006061254.git.1.a996454.el7?arch=noarch" } } }, { "category": "product_version", "name": "openshift-ansible-test-0:4.4.0-202006061254.git.1.a996454.el7.noarch", "product": { "name": "openshift-ansible-test-0:4.4.0-202006061254.git.1.a996454.el7.noarch", "product_id": "openshift-ansible-test-0:4.4.0-202006061254.git.1.a996454.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/openshift-ansible-test@4.4.0-202006061254.git.1.a996454.el7?arch=noarch" } } }, { "category": "product_version", "name": "openshift-kuryr-cni-0:4.4.0-202006080017.git.1.855ef1d.el8.noarch", "product": { "name": "openshift-kuryr-cni-0:4.4.0-202006080017.git.1.855ef1d.el8.noarch", "product_id": "openshift-kuryr-cni-0:4.4.0-202006080017.git.1.855ef1d.el8.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/openshift-kuryr-cni@4.4.0-202006080017.git.1.855ef1d.el8?arch=noarch" } } }, { "category": "product_version", "name": "openshift-kuryr-common-0:4.4.0-202006080017.git.1.855ef1d.el8.noarch", "product": { "name": "openshift-kuryr-common-0:4.4.0-202006080017.git.1.855ef1d.el8.noarch", "product_id": "openshift-kuryr-common-0:4.4.0-202006080017.git.1.855ef1d.el8.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/openshift-kuryr-common@4.4.0-202006080017.git.1.855ef1d.el8?arch=noarch" } } }, { "category": "product_version", "name": "openshift-kuryr-controller-0:4.4.0-202006080017.git.1.855ef1d.el8.noarch", "product": { "name": "openshift-kuryr-controller-0:4.4.0-202006080017.git.1.855ef1d.el8.noarch", "product_id": "openshift-kuryr-controller-0:4.4.0-202006080017.git.1.855ef1d.el8.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/openshift-kuryr-controller@4.4.0-202006080017.git.1.855ef1d.el8?arch=noarch" } } }, { "category": "product_version", "name": "python3-kuryr-kubernetes-0:4.4.0-202006080017.git.1.855ef1d.el8.noarch", "product": { "name": "python3-kuryr-kubernetes-0:4.4.0-202006080017.git.1.855ef1d.el8.noarch", "product_id": "python3-kuryr-kubernetes-0:4.4.0-202006080017.git.1.855ef1d.el8.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/python3-kuryr-kubernetes@4.4.0-202006080017.git.1.855ef1d.el8?arch=noarch" } } } ], "category": "architecture", "name": "noarch" }, { "branches": [ { "category": "product_version", "name": "jenkins-0:2.222.1.1591351066-1.el7.src", "product": { "name": "jenkins-0:2.222.1.1591351066-1.el7.src", "product_id": "jenkins-0:2.222.1.1591351066-1.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jenkins@2.222.1.1591351066-1.el7?arch=src" } } }, { "category": "product_version", "name": "conmon-2:2.0.17-1.rhaos4.4.el7.src", "product": { "name": "conmon-2:2.0.17-1.rhaos4.4.el7.src", "product_id": "conmon-2:2.0.17-1.rhaos4.4.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/conmon@2.0.17-1.rhaos4.4.el7?arch=src\u0026epoch=2" } } }, { "category": "product_version", "name": "cri-o-0:1.17.4-14.dev.rhaos4.4.gitb93af5d.el7.src", "product": { "name": "cri-o-0:1.17.4-14.dev.rhaos4.4.gitb93af5d.el7.src", "product_id": "cri-o-0:1.17.4-14.dev.rhaos4.4.gitb93af5d.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/cri-o@1.17.4-14.dev.rhaos4.4.gitb93af5d.el7?arch=src" } } }, { "category": "product_version", "name": "openshift-0:4.4.0-202006061254.git.1.dc84fb4.el7.src", "product": { "name": "openshift-0:4.4.0-202006061254.git.1.dc84fb4.el7.src", "product_id": "openshift-0:4.4.0-202006061254.git.1.dc84fb4.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/openshift@4.4.0-202006061254.git.1.dc84fb4.el7?arch=src" } } }, { "category": "product_version", "name": "openshift-clients-0:4.4.0-202006061254.git.1.26cb6dc.el7.src", "product": { "name": "openshift-clients-0:4.4.0-202006061254.git.1.26cb6dc.el7.src", "product_id": "openshift-clients-0:4.4.0-202006061254.git.1.26cb6dc.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/openshift-clients@4.4.0-202006061254.git.1.26cb6dc.el7?arch=src" } } }, { "category": "product_version", "name": "openshift-ansible-0:4.4.0-202006061254.git.1.a996454.el7.src", "product": { "name": "openshift-ansible-0:4.4.0-202006061254.git.1.a996454.el7.src", "product_id": "openshift-ansible-0:4.4.0-202006061254.git.1.a996454.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/openshift-ansible@4.4.0-202006061254.git.1.a996454.el7?arch=src" } } }, { "category": "product_version", "name": "atomic-openshift-service-idler-0:4.4.0-202006080017.git.1.7e463c3.el7.src", "product": { "name": "atomic-openshift-service-idler-0:4.4.0-202006080017.git.1.7e463c3.el7.src", "product_id": "atomic-openshift-service-idler-0:4.4.0-202006080017.git.1.7e463c3.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/atomic-openshift-service-idler@4.4.0-202006080017.git.1.7e463c3.el7?arch=src" } } }, { "category": "product_version", "name": "atomic-enterprise-service-catalog-1:4.4.0-202006080017.git.1.77a5cc9.el7.src", "product": { "name": "atomic-enterprise-service-catalog-1:4.4.0-202006080017.git.1.77a5cc9.el7.src", "product_id": "atomic-enterprise-service-catalog-1:4.4.0-202006080017.git.1.77a5cc9.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/atomic-enterprise-service-catalog@4.4.0-202006080017.git.1.77a5cc9.el7?arch=src\u0026epoch=1" } } }, { "category": "product_version", "name": "conmon-2:2.0.17-1.rhaos4.4.el8.src", "product": { "name": "conmon-2:2.0.17-1.rhaos4.4.el8.src", "product_id": "conmon-2:2.0.17-1.rhaos4.4.el8.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/conmon@2.0.17-1.rhaos4.4.el8?arch=src\u0026epoch=2" } } }, { "category": "product_version", "name": "cri-o-0:1.17.4-14.dev.rhaos4.4.gitb93af5d.el8.src", "product": { "name": "cri-o-0:1.17.4-14.dev.rhaos4.4.gitb93af5d.el8.src", "product_id": "cri-o-0:1.17.4-14.dev.rhaos4.4.gitb93af5d.el8.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/cri-o@1.17.4-14.dev.rhaos4.4.gitb93af5d.el8?arch=src" } } }, { "category": "product_version", "name": "openshift-clients-0:4.4.0-202006061254.git.1.26cb6dc.el8.src", "product": { "name": "openshift-clients-0:4.4.0-202006061254.git.1.26cb6dc.el8.src", "product_id": "openshift-clients-0:4.4.0-202006061254.git.1.26cb6dc.el8.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/openshift-clients@4.4.0-202006061254.git.1.26cb6dc.el8?arch=src" } } }, { "category": "product_version", "name": "openshift-0:4.4.0-202006061254.git.1.dc84fb4.el8.src", "product": { "name": "openshift-0:4.4.0-202006061254.git.1.dc84fb4.el8.src", "product_id": "openshift-0:4.4.0-202006061254.git.1.dc84fb4.el8.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/openshift@4.4.0-202006061254.git.1.dc84fb4.el8?arch=src" } } }, { "category": "product_version", "name": "openshift-kuryr-0:4.4.0-202006080017.git.1.855ef1d.el8.src", "product": { "name": "openshift-kuryr-0:4.4.0-202006080017.git.1.855ef1d.el8.src", "product_id": "openshift-kuryr-0:4.4.0-202006080017.git.1.855ef1d.el8.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/openshift-kuryr@4.4.0-202006080017.git.1.855ef1d.el8?arch=src" } } }, { "category": "product_version", "name": "machine-config-daemon-0:4.4.0-202006080017.git.1.32e0736.el8.src", "product": { "name": "machine-config-daemon-0:4.4.0-202006080017.git.1.32e0736.el8.src", "product_id": "machine-config-daemon-0:4.4.0-202006080017.git.1.32e0736.el8.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/machine-config-daemon@4.4.0-202006080017.git.1.32e0736.el8?arch=src" } } } ], "category": "architecture", "name": "src" }, { "branches": [ { "category": "product_version", "name": "conmon-2:2.0.17-1.rhaos4.4.el7.x86_64", "product": { "name": "conmon-2:2.0.17-1.rhaos4.4.el7.x86_64", "product_id": "conmon-2:2.0.17-1.rhaos4.4.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/conmon@2.0.17-1.rhaos4.4.el7?arch=x86_64\u0026epoch=2" } } }, { "category": "product_version", "name": "cri-o-0:1.17.4-14.dev.rhaos4.4.gitb93af5d.el7.x86_64", "product": { "name": "cri-o-0:1.17.4-14.dev.rhaos4.4.gitb93af5d.el7.x86_64", "product_id": "cri-o-0:1.17.4-14.dev.rhaos4.4.gitb93af5d.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/cri-o@1.17.4-14.dev.rhaos4.4.gitb93af5d.el7?arch=x86_64" } } }, { "category": "product_version", "name": "cri-o-debuginfo-0:1.17.4-14.dev.rhaos4.4.gitb93af5d.el7.x86_64", "product": { "name": "cri-o-debuginfo-0:1.17.4-14.dev.rhaos4.4.gitb93af5d.el7.x86_64", "product_id": "cri-o-debuginfo-0:1.17.4-14.dev.rhaos4.4.gitb93af5d.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/cri-o-debuginfo@1.17.4-14.dev.rhaos4.4.gitb93af5d.el7?arch=x86_64" } } }, { "category": "product_version", "name": "openshift-hyperkube-0:4.4.0-202006061254.git.1.dc84fb4.el7.x86_64", "product": { "name": "openshift-hyperkube-0:4.4.0-202006061254.git.1.dc84fb4.el7.x86_64", "product_id": "openshift-hyperkube-0:4.4.0-202006061254.git.1.dc84fb4.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/openshift-hyperkube@4.4.0-202006061254.git.1.dc84fb4.el7?arch=x86_64" } } }, { "category": "product_version", "name": "openshift-clients-0:4.4.0-202006061254.git.1.26cb6dc.el7.x86_64", "product": { "name": "openshift-clients-0:4.4.0-202006061254.git.1.26cb6dc.el7.x86_64", "product_id": "openshift-clients-0:4.4.0-202006061254.git.1.26cb6dc.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/openshift-clients@4.4.0-202006061254.git.1.26cb6dc.el7?arch=x86_64" } } }, { "category": "product_version", "name": "openshift-clients-redistributable-0:4.4.0-202006061254.git.1.26cb6dc.el7.x86_64", "product": { "name": "openshift-clients-redistributable-0:4.4.0-202006061254.git.1.26cb6dc.el7.x86_64", "product_id": "openshift-clients-redistributable-0:4.4.0-202006061254.git.1.26cb6dc.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/openshift-clients-redistributable@4.4.0-202006061254.git.1.26cb6dc.el7?arch=x86_64" } } }, { "category": "product_version", "name": "atomic-openshift-service-idler-0:4.4.0-202006080017.git.1.7e463c3.el7.x86_64", "product": { "name": "atomic-openshift-service-idler-0:4.4.0-202006080017.git.1.7e463c3.el7.x86_64", "product_id": "atomic-openshift-service-idler-0:4.4.0-202006080017.git.1.7e463c3.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/atomic-openshift-service-idler@4.4.0-202006080017.git.1.7e463c3.el7?arch=x86_64" } } }, { "category": "product_version", "name": "atomic-enterprise-service-catalog-1:4.4.0-202006080017.git.1.77a5cc9.el7.x86_64", "product": { "name": "atomic-enterprise-service-catalog-1:4.4.0-202006080017.git.1.77a5cc9.el7.x86_64", "product_id": "atomic-enterprise-service-catalog-1:4.4.0-202006080017.git.1.77a5cc9.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/atomic-enterprise-service-catalog@4.4.0-202006080017.git.1.77a5cc9.el7?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "atomic-enterprise-service-catalog-svcat-1:4.4.0-202006080017.git.1.77a5cc9.el7.x86_64", "product": { "name": "atomic-enterprise-service-catalog-svcat-1:4.4.0-202006080017.git.1.77a5cc9.el7.x86_64", "product_id": "atomic-enterprise-service-catalog-svcat-1:4.4.0-202006080017.git.1.77a5cc9.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/atomic-enterprise-service-catalog-svcat@4.4.0-202006080017.git.1.77a5cc9.el7?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "conmon-2:2.0.17-1.rhaos4.4.el8.x86_64", "product": { "name": "conmon-2:2.0.17-1.rhaos4.4.el8.x86_64", "product_id": "conmon-2:2.0.17-1.rhaos4.4.el8.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/conmon@2.0.17-1.rhaos4.4.el8?arch=x86_64\u0026epoch=2" } } }, { "category": "product_version", "name": "cri-o-0:1.17.4-14.dev.rhaos4.4.gitb93af5d.el8.x86_64", "product": { "name": "cri-o-0:1.17.4-14.dev.rhaos4.4.gitb93af5d.el8.x86_64", "product_id": "cri-o-0:1.17.4-14.dev.rhaos4.4.gitb93af5d.el8.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/cri-o@1.17.4-14.dev.rhaos4.4.gitb93af5d.el8?arch=x86_64" } } }, { "category": "product_version", "name": "cri-o-debugsource-0:1.17.4-14.dev.rhaos4.4.gitb93af5d.el8.x86_64", "product": { "name": "cri-o-debugsource-0:1.17.4-14.dev.rhaos4.4.gitb93af5d.el8.x86_64", "product_id": "cri-o-debugsource-0:1.17.4-14.dev.rhaos4.4.gitb93af5d.el8.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/cri-o-debugsource@1.17.4-14.dev.rhaos4.4.gitb93af5d.el8?arch=x86_64" } } }, { "category": "product_version", "name": "cri-o-debuginfo-0:1.17.4-14.dev.rhaos4.4.gitb93af5d.el8.x86_64", "product": { "name": "cri-o-debuginfo-0:1.17.4-14.dev.rhaos4.4.gitb93af5d.el8.x86_64", "product_id": "cri-o-debuginfo-0:1.17.4-14.dev.rhaos4.4.gitb93af5d.el8.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/cri-o-debuginfo@1.17.4-14.dev.rhaos4.4.gitb93af5d.el8?arch=x86_64" } } }, { "category": "product_version", "name": "openshift-clients-0:4.4.0-202006061254.git.1.26cb6dc.el8.x86_64", "product": { "name": "openshift-clients-0:4.4.0-202006061254.git.1.26cb6dc.el8.x86_64", "product_id": "openshift-clients-0:4.4.0-202006061254.git.1.26cb6dc.el8.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/openshift-clients@4.4.0-202006061254.git.1.26cb6dc.el8?arch=x86_64" } } }, { "category": "product_version", "name": "openshift-clients-redistributable-0:4.4.0-202006061254.git.1.26cb6dc.el8.x86_64", "product": { "name": "openshift-clients-redistributable-0:4.4.0-202006061254.git.1.26cb6dc.el8.x86_64", "product_id": "openshift-clients-redistributable-0:4.4.0-202006061254.git.1.26cb6dc.el8.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/openshift-clients-redistributable@4.4.0-202006061254.git.1.26cb6dc.el8?arch=x86_64" } } }, { "category": "product_version", "name": "openshift-hyperkube-0:4.4.0-202006061254.git.1.dc84fb4.el8.x86_64", "product": { "name": "openshift-hyperkube-0:4.4.0-202006061254.git.1.dc84fb4.el8.x86_64", "product_id": "openshift-hyperkube-0:4.4.0-202006061254.git.1.dc84fb4.el8.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/openshift-hyperkube@4.4.0-202006061254.git.1.dc84fb4.el8?arch=x86_64" } } }, { "category": "product_version", "name": "machine-config-daemon-0:4.4.0-202006080017.git.1.32e0736.el8.x86_64", "product": { "name": "machine-config-daemon-0:4.4.0-202006080017.git.1.32e0736.el8.x86_64", "product_id": "machine-config-daemon-0:4.4.0-202006080017.git.1.32e0736.el8.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/machine-config-daemon@4.4.0-202006080017.git.1.32e0736.el8?arch=x86_64" } } } ], "category": "architecture", "name": "x86_64" } ], "category": "vendor", "name": "Red Hat" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "atomic-enterprise-service-catalog-1:4.4.0-202006080017.git.1.77a5cc9.el7.src as a component of Red Hat OpenShift Container Platform 4.4", "product_id": "7Server-RH7-RHOSE-4.4:atomic-enterprise-service-catalog-1:4.4.0-202006080017.git.1.77a5cc9.el7.src" }, "product_reference": "atomic-enterprise-service-catalog-1:4.4.0-202006080017.git.1.77a5cc9.el7.src", "relates_to_product_reference": "7Server-RH7-RHOSE-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "atomic-enterprise-service-catalog-1:4.4.0-202006080017.git.1.77a5cc9.el7.x86_64 as a component of Red Hat OpenShift Container Platform 4.4", "product_id": "7Server-RH7-RHOSE-4.4:atomic-enterprise-service-catalog-1:4.4.0-202006080017.git.1.77a5cc9.el7.x86_64" }, "product_reference": "atomic-enterprise-service-catalog-1:4.4.0-202006080017.git.1.77a5cc9.el7.x86_64", "relates_to_product_reference": "7Server-RH7-RHOSE-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "atomic-enterprise-service-catalog-svcat-1:4.4.0-202006080017.git.1.77a5cc9.el7.x86_64 as a component of Red Hat OpenShift Container Platform 4.4", "product_id": "7Server-RH7-RHOSE-4.4:atomic-enterprise-service-catalog-svcat-1:4.4.0-202006080017.git.1.77a5cc9.el7.x86_64" }, "product_reference": "atomic-enterprise-service-catalog-svcat-1:4.4.0-202006080017.git.1.77a5cc9.el7.x86_64", "relates_to_product_reference": "7Server-RH7-RHOSE-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "atomic-openshift-service-idler-0:4.4.0-202006080017.git.1.7e463c3.el7.src as a component of Red Hat OpenShift Container Platform 4.4", "product_id": "7Server-RH7-RHOSE-4.4:atomic-openshift-service-idler-0:4.4.0-202006080017.git.1.7e463c3.el7.src" }, "product_reference": "atomic-openshift-service-idler-0:4.4.0-202006080017.git.1.7e463c3.el7.src", "relates_to_product_reference": "7Server-RH7-RHOSE-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "atomic-openshift-service-idler-0:4.4.0-202006080017.git.1.7e463c3.el7.x86_64 as a component of Red Hat OpenShift Container Platform 4.4", "product_id": "7Server-RH7-RHOSE-4.4:atomic-openshift-service-idler-0:4.4.0-202006080017.git.1.7e463c3.el7.x86_64" }, "product_reference": "atomic-openshift-service-idler-0:4.4.0-202006080017.git.1.7e463c3.el7.x86_64", "relates_to_product_reference": "7Server-RH7-RHOSE-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "conmon-2:2.0.17-1.rhaos4.4.el7.src as a component of Red Hat OpenShift Container Platform 4.4", "product_id": "7Server-RH7-RHOSE-4.4:conmon-2:2.0.17-1.rhaos4.4.el7.src" }, "product_reference": "conmon-2:2.0.17-1.rhaos4.4.el7.src", "relates_to_product_reference": "7Server-RH7-RHOSE-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "conmon-2:2.0.17-1.rhaos4.4.el7.x86_64 as a component of Red Hat OpenShift Container Platform 4.4", "product_id": "7Server-RH7-RHOSE-4.4:conmon-2:2.0.17-1.rhaos4.4.el7.x86_64" }, "product_reference": "conmon-2:2.0.17-1.rhaos4.4.el7.x86_64", "relates_to_product_reference": "7Server-RH7-RHOSE-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "cri-o-0:1.17.4-14.dev.rhaos4.4.gitb93af5d.el7.src as a component of Red Hat OpenShift Container Platform 4.4", "product_id": "7Server-RH7-RHOSE-4.4:cri-o-0:1.17.4-14.dev.rhaos4.4.gitb93af5d.el7.src" }, "product_reference": "cri-o-0:1.17.4-14.dev.rhaos4.4.gitb93af5d.el7.src", "relates_to_product_reference": "7Server-RH7-RHOSE-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "cri-o-0:1.17.4-14.dev.rhaos4.4.gitb93af5d.el7.x86_64 as a component of Red Hat OpenShift Container Platform 4.4", "product_id": "7Server-RH7-RHOSE-4.4:cri-o-0:1.17.4-14.dev.rhaos4.4.gitb93af5d.el7.x86_64" }, "product_reference": "cri-o-0:1.17.4-14.dev.rhaos4.4.gitb93af5d.el7.x86_64", "relates_to_product_reference": "7Server-RH7-RHOSE-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "cri-o-debuginfo-0:1.17.4-14.dev.rhaos4.4.gitb93af5d.el7.x86_64 as a component of Red Hat OpenShift Container Platform 4.4", "product_id": "7Server-RH7-RHOSE-4.4:cri-o-debuginfo-0:1.17.4-14.dev.rhaos4.4.gitb93af5d.el7.x86_64" }, "product_reference": "cri-o-debuginfo-0:1.17.4-14.dev.rhaos4.4.gitb93af5d.el7.x86_64", "relates_to_product_reference": "7Server-RH7-RHOSE-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "jenkins-0:2.222.1.1591351066-1.el7.noarch as a component of Red Hat OpenShift Container Platform 4.4", "product_id": "7Server-RH7-RHOSE-4.4:jenkins-0:2.222.1.1591351066-1.el7.noarch" }, "product_reference": "jenkins-0:2.222.1.1591351066-1.el7.noarch", "relates_to_product_reference": "7Server-RH7-RHOSE-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "jenkins-0:2.222.1.1591351066-1.el7.src as a component of Red Hat OpenShift Container Platform 4.4", "product_id": "7Server-RH7-RHOSE-4.4:jenkins-0:2.222.1.1591351066-1.el7.src" }, "product_reference": "jenkins-0:2.222.1.1591351066-1.el7.src", "relates_to_product_reference": "7Server-RH7-RHOSE-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-0:4.4.0-202006061254.git.1.dc84fb4.el7.src as a component of Red Hat OpenShift Container Platform 4.4", "product_id": "7Server-RH7-RHOSE-4.4:openshift-0:4.4.0-202006061254.git.1.dc84fb4.el7.src" }, "product_reference": "openshift-0:4.4.0-202006061254.git.1.dc84fb4.el7.src", "relates_to_product_reference": "7Server-RH7-RHOSE-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-ansible-0:4.4.0-202006061254.git.1.a996454.el7.noarch as a component of Red Hat OpenShift Container Platform 4.4", "product_id": "7Server-RH7-RHOSE-4.4:openshift-ansible-0:4.4.0-202006061254.git.1.a996454.el7.noarch" }, "product_reference": "openshift-ansible-0:4.4.0-202006061254.git.1.a996454.el7.noarch", "relates_to_product_reference": "7Server-RH7-RHOSE-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-ansible-0:4.4.0-202006061254.git.1.a996454.el7.src as a component of Red Hat OpenShift Container Platform 4.4", "product_id": "7Server-RH7-RHOSE-4.4:openshift-ansible-0:4.4.0-202006061254.git.1.a996454.el7.src" }, "product_reference": "openshift-ansible-0:4.4.0-202006061254.git.1.a996454.el7.src", "relates_to_product_reference": "7Server-RH7-RHOSE-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-ansible-test-0:4.4.0-202006061254.git.1.a996454.el7.noarch as a component of Red Hat OpenShift Container Platform 4.4", "product_id": "7Server-RH7-RHOSE-4.4:openshift-ansible-test-0:4.4.0-202006061254.git.1.a996454.el7.noarch" }, "product_reference": "openshift-ansible-test-0:4.4.0-202006061254.git.1.a996454.el7.noarch", "relates_to_product_reference": "7Server-RH7-RHOSE-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-clients-0:4.4.0-202006061254.git.1.26cb6dc.el7.src as a component of Red Hat OpenShift Container Platform 4.4", "product_id": "7Server-RH7-RHOSE-4.4:openshift-clients-0:4.4.0-202006061254.git.1.26cb6dc.el7.src" }, "product_reference": "openshift-clients-0:4.4.0-202006061254.git.1.26cb6dc.el7.src", "relates_to_product_reference": "7Server-RH7-RHOSE-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-clients-0:4.4.0-202006061254.git.1.26cb6dc.el7.x86_64 as a component of Red Hat OpenShift Container Platform 4.4", "product_id": "7Server-RH7-RHOSE-4.4:openshift-clients-0:4.4.0-202006061254.git.1.26cb6dc.el7.x86_64" }, "product_reference": "openshift-clients-0:4.4.0-202006061254.git.1.26cb6dc.el7.x86_64", "relates_to_product_reference": "7Server-RH7-RHOSE-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-clients-redistributable-0:4.4.0-202006061254.git.1.26cb6dc.el7.x86_64 as a component of Red Hat OpenShift Container Platform 4.4", "product_id": "7Server-RH7-RHOSE-4.4:openshift-clients-redistributable-0:4.4.0-202006061254.git.1.26cb6dc.el7.x86_64" }, "product_reference": "openshift-clients-redistributable-0:4.4.0-202006061254.git.1.26cb6dc.el7.x86_64", "relates_to_product_reference": "7Server-RH7-RHOSE-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-hyperkube-0:4.4.0-202006061254.git.1.dc84fb4.el7.x86_64 as a component of Red Hat OpenShift Container Platform 4.4", "product_id": "7Server-RH7-RHOSE-4.4:openshift-hyperkube-0:4.4.0-202006061254.git.1.dc84fb4.el7.x86_64" }, "product_reference": "openshift-hyperkube-0:4.4.0-202006061254.git.1.dc84fb4.el7.x86_64", "relates_to_product_reference": "7Server-RH7-RHOSE-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "conmon-2:2.0.17-1.rhaos4.4.el8.src as a component of Red Hat OpenShift Container Platform 4.4", "product_id": "8Base-RHOSE-4.4:conmon-2:2.0.17-1.rhaos4.4.el8.src" }, "product_reference": "conmon-2:2.0.17-1.rhaos4.4.el8.src", "relates_to_product_reference": "8Base-RHOSE-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "conmon-2:2.0.17-1.rhaos4.4.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.4", "product_id": "8Base-RHOSE-4.4:conmon-2:2.0.17-1.rhaos4.4.el8.x86_64" }, "product_reference": "conmon-2:2.0.17-1.rhaos4.4.el8.x86_64", "relates_to_product_reference": "8Base-RHOSE-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "cri-o-0:1.17.4-14.dev.rhaos4.4.gitb93af5d.el8.src as a component of Red Hat OpenShift Container Platform 4.4", "product_id": "8Base-RHOSE-4.4:cri-o-0:1.17.4-14.dev.rhaos4.4.gitb93af5d.el8.src" }, "product_reference": "cri-o-0:1.17.4-14.dev.rhaos4.4.gitb93af5d.el8.src", "relates_to_product_reference": "8Base-RHOSE-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "cri-o-0:1.17.4-14.dev.rhaos4.4.gitb93af5d.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.4", "product_id": "8Base-RHOSE-4.4:cri-o-0:1.17.4-14.dev.rhaos4.4.gitb93af5d.el8.x86_64" }, "product_reference": "cri-o-0:1.17.4-14.dev.rhaos4.4.gitb93af5d.el8.x86_64", "relates_to_product_reference": "8Base-RHOSE-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "cri-o-debuginfo-0:1.17.4-14.dev.rhaos4.4.gitb93af5d.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.4", "product_id": "8Base-RHOSE-4.4:cri-o-debuginfo-0:1.17.4-14.dev.rhaos4.4.gitb93af5d.el8.x86_64" }, "product_reference": "cri-o-debuginfo-0:1.17.4-14.dev.rhaos4.4.gitb93af5d.el8.x86_64", "relates_to_product_reference": "8Base-RHOSE-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "cri-o-debugsource-0:1.17.4-14.dev.rhaos4.4.gitb93af5d.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.4", "product_id": "8Base-RHOSE-4.4:cri-o-debugsource-0:1.17.4-14.dev.rhaos4.4.gitb93af5d.el8.x86_64" }, "product_reference": "cri-o-debugsource-0:1.17.4-14.dev.rhaos4.4.gitb93af5d.el8.x86_64", "relates_to_product_reference": "8Base-RHOSE-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "machine-config-daemon-0:4.4.0-202006080017.git.1.32e0736.el8.src as a component of Red Hat OpenShift Container Platform 4.4", "product_id": "8Base-RHOSE-4.4:machine-config-daemon-0:4.4.0-202006080017.git.1.32e0736.el8.src" }, "product_reference": "machine-config-daemon-0:4.4.0-202006080017.git.1.32e0736.el8.src", "relates_to_product_reference": "8Base-RHOSE-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "machine-config-daemon-0:4.4.0-202006080017.git.1.32e0736.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.4", "product_id": "8Base-RHOSE-4.4:machine-config-daemon-0:4.4.0-202006080017.git.1.32e0736.el8.x86_64" }, "product_reference": "machine-config-daemon-0:4.4.0-202006080017.git.1.32e0736.el8.x86_64", "relates_to_product_reference": "8Base-RHOSE-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-0:4.4.0-202006061254.git.1.dc84fb4.el8.src as a component of Red Hat OpenShift Container Platform 4.4", "product_id": "8Base-RHOSE-4.4:openshift-0:4.4.0-202006061254.git.1.dc84fb4.el8.src" }, "product_reference": "openshift-0:4.4.0-202006061254.git.1.dc84fb4.el8.src", "relates_to_product_reference": "8Base-RHOSE-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-clients-0:4.4.0-202006061254.git.1.26cb6dc.el8.src as a component of Red Hat OpenShift Container Platform 4.4", "product_id": "8Base-RHOSE-4.4:openshift-clients-0:4.4.0-202006061254.git.1.26cb6dc.el8.src" }, "product_reference": "openshift-clients-0:4.4.0-202006061254.git.1.26cb6dc.el8.src", "relates_to_product_reference": "8Base-RHOSE-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-clients-0:4.4.0-202006061254.git.1.26cb6dc.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.4", "product_id": "8Base-RHOSE-4.4:openshift-clients-0:4.4.0-202006061254.git.1.26cb6dc.el8.x86_64" }, "product_reference": "openshift-clients-0:4.4.0-202006061254.git.1.26cb6dc.el8.x86_64", "relates_to_product_reference": "8Base-RHOSE-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-clients-redistributable-0:4.4.0-202006061254.git.1.26cb6dc.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.4", "product_id": "8Base-RHOSE-4.4:openshift-clients-redistributable-0:4.4.0-202006061254.git.1.26cb6dc.el8.x86_64" }, "product_reference": "openshift-clients-redistributable-0:4.4.0-202006061254.git.1.26cb6dc.el8.x86_64", "relates_to_product_reference": "8Base-RHOSE-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-hyperkube-0:4.4.0-202006061254.git.1.dc84fb4.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.4", "product_id": "8Base-RHOSE-4.4:openshift-hyperkube-0:4.4.0-202006061254.git.1.dc84fb4.el8.x86_64" }, "product_reference": "openshift-hyperkube-0:4.4.0-202006061254.git.1.dc84fb4.el8.x86_64", "relates_to_product_reference": "8Base-RHOSE-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-kuryr-0:4.4.0-202006080017.git.1.855ef1d.el8.src as a component of Red Hat OpenShift Container Platform 4.4", "product_id": "8Base-RHOSE-4.4:openshift-kuryr-0:4.4.0-202006080017.git.1.855ef1d.el8.src" }, "product_reference": "openshift-kuryr-0:4.4.0-202006080017.git.1.855ef1d.el8.src", "relates_to_product_reference": "8Base-RHOSE-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-kuryr-cni-0:4.4.0-202006080017.git.1.855ef1d.el8.noarch as a component of Red Hat OpenShift Container Platform 4.4", "product_id": "8Base-RHOSE-4.4:openshift-kuryr-cni-0:4.4.0-202006080017.git.1.855ef1d.el8.noarch" }, "product_reference": "openshift-kuryr-cni-0:4.4.0-202006080017.git.1.855ef1d.el8.noarch", "relates_to_product_reference": "8Base-RHOSE-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-kuryr-common-0:4.4.0-202006080017.git.1.855ef1d.el8.noarch as a component of Red Hat OpenShift Container Platform 4.4", "product_id": "8Base-RHOSE-4.4:openshift-kuryr-common-0:4.4.0-202006080017.git.1.855ef1d.el8.noarch" }, "product_reference": "openshift-kuryr-common-0:4.4.0-202006080017.git.1.855ef1d.el8.noarch", "relates_to_product_reference": "8Base-RHOSE-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-kuryr-controller-0:4.4.0-202006080017.git.1.855ef1d.el8.noarch as a component of Red Hat OpenShift Container Platform 4.4", "product_id": "8Base-RHOSE-4.4:openshift-kuryr-controller-0:4.4.0-202006080017.git.1.855ef1d.el8.noarch" }, "product_reference": "openshift-kuryr-controller-0:4.4.0-202006080017.git.1.855ef1d.el8.noarch", "relates_to_product_reference": "8Base-RHOSE-4.4" }, { "category": "default_component_of", "full_product_name": { "name": "python3-kuryr-kubernetes-0:4.4.0-202006080017.git.1.855ef1d.el8.noarch as a component of Red Hat OpenShift Container Platform 4.4", "product_id": "8Base-RHOSE-4.4:python3-kuryr-kubernetes-0:4.4.0-202006080017.git.1.855ef1d.el8.noarch" }, "product_reference": "python3-kuryr-kubernetes-0:4.4.0-202006080017.git.1.855ef1d.el8.noarch", "relates_to_product_reference": "8Base-RHOSE-4.4" } ] }, "vulnerabilities": [ { "cve": "CVE-2020-2160", "cwe": { "id": "CWE-352", "name": "Cross-Site Request Forgery (CSRF)" }, "discovery_date": "2020-03-26T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1819190" } ], "notes": [ { "category": "description", "text": "Jenkins 2.227 and earlier, LTS 2.204.5 and earlier uses different representations of request URL paths, which allows attackers to craft URLs that allow bypassing CSRF protection of any target URL.", "title": "Vulnerability description" }, { "category": "summary", "text": "jenkins: CSRF protection bypass via crafted URLs", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-RH7-RHOSE-4.4:atomic-enterprise-service-catalog-1:4.4.0-202006080017.git.1.77a5cc9.el7.src", "7Server-RH7-RHOSE-4.4:atomic-enterprise-service-catalog-1:4.4.0-202006080017.git.1.77a5cc9.el7.x86_64", "7Server-RH7-RHOSE-4.4:atomic-enterprise-service-catalog-svcat-1:4.4.0-202006080017.git.1.77a5cc9.el7.x86_64", "7Server-RH7-RHOSE-4.4:atomic-openshift-service-idler-0:4.4.0-202006080017.git.1.7e463c3.el7.src", "7Server-RH7-RHOSE-4.4:atomic-openshift-service-idler-0:4.4.0-202006080017.git.1.7e463c3.el7.x86_64", "7Server-RH7-RHOSE-4.4:conmon-2:2.0.17-1.rhaos4.4.el7.src", "7Server-RH7-RHOSE-4.4:conmon-2:2.0.17-1.rhaos4.4.el7.x86_64", "7Server-RH7-RHOSE-4.4:cri-o-0:1.17.4-14.dev.rhaos4.4.gitb93af5d.el7.src", "7Server-RH7-RHOSE-4.4:cri-o-0:1.17.4-14.dev.rhaos4.4.gitb93af5d.el7.x86_64", "7Server-RH7-RHOSE-4.4:cri-o-debuginfo-0:1.17.4-14.dev.rhaos4.4.gitb93af5d.el7.x86_64", "7Server-RH7-RHOSE-4.4:jenkins-0:2.222.1.1591351066-1.el7.noarch", "7Server-RH7-RHOSE-4.4:jenkins-0:2.222.1.1591351066-1.el7.src", "7Server-RH7-RHOSE-4.4:openshift-0:4.4.0-202006061254.git.1.dc84fb4.el7.src", "7Server-RH7-RHOSE-4.4:openshift-ansible-0:4.4.0-202006061254.git.1.a996454.el7.noarch", "7Server-RH7-RHOSE-4.4:openshift-ansible-0:4.4.0-202006061254.git.1.a996454.el7.src", "7Server-RH7-RHOSE-4.4:openshift-ansible-test-0:4.4.0-202006061254.git.1.a996454.el7.noarch", "7Server-RH7-RHOSE-4.4:openshift-clients-0:4.4.0-202006061254.git.1.26cb6dc.el7.src", "7Server-RH7-RHOSE-4.4:openshift-clients-0:4.4.0-202006061254.git.1.26cb6dc.el7.x86_64", "7Server-RH7-RHOSE-4.4:openshift-clients-redistributable-0:4.4.0-202006061254.git.1.26cb6dc.el7.x86_64", "7Server-RH7-RHOSE-4.4:openshift-hyperkube-0:4.4.0-202006061254.git.1.dc84fb4.el7.x86_64", "8Base-RHOSE-4.4:conmon-2:2.0.17-1.rhaos4.4.el8.src", "8Base-RHOSE-4.4:conmon-2:2.0.17-1.rhaos4.4.el8.x86_64", "8Base-RHOSE-4.4:cri-o-0:1.17.4-14.dev.rhaos4.4.gitb93af5d.el8.src", "8Base-RHOSE-4.4:cri-o-0:1.17.4-14.dev.rhaos4.4.gitb93af5d.el8.x86_64", "8Base-RHOSE-4.4:cri-o-debuginfo-0:1.17.4-14.dev.rhaos4.4.gitb93af5d.el8.x86_64", "8Base-RHOSE-4.4:cri-o-debugsource-0:1.17.4-14.dev.rhaos4.4.gitb93af5d.el8.x86_64", "8Base-RHOSE-4.4:machine-config-daemon-0:4.4.0-202006080017.git.1.32e0736.el8.src", "8Base-RHOSE-4.4:machine-config-daemon-0:4.4.0-202006080017.git.1.32e0736.el8.x86_64", "8Base-RHOSE-4.4:openshift-0:4.4.0-202006061254.git.1.dc84fb4.el8.src", "8Base-RHOSE-4.4:openshift-clients-0:4.4.0-202006061254.git.1.26cb6dc.el8.src", "8Base-RHOSE-4.4:openshift-clients-0:4.4.0-202006061254.git.1.26cb6dc.el8.x86_64", "8Base-RHOSE-4.4:openshift-clients-redistributable-0:4.4.0-202006061254.git.1.26cb6dc.el8.x86_64", "8Base-RHOSE-4.4:openshift-hyperkube-0:4.4.0-202006061254.git.1.dc84fb4.el8.x86_64", "8Base-RHOSE-4.4:openshift-kuryr-0:4.4.0-202006080017.git.1.855ef1d.el8.src", "8Base-RHOSE-4.4:openshift-kuryr-cni-0:4.4.0-202006080017.git.1.855ef1d.el8.noarch", "8Base-RHOSE-4.4:openshift-kuryr-common-0:4.4.0-202006080017.git.1.855ef1d.el8.noarch", "8Base-RHOSE-4.4:openshift-kuryr-controller-0:4.4.0-202006080017.git.1.855ef1d.el8.noarch", "8Base-RHOSE-4.4:python3-kuryr-kubernetes-0:4.4.0-202006080017.git.1.855ef1d.el8.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2020-2160" }, { "category": "external", "summary": "RHBZ#1819190", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1819190" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2020-2160", "url": "https://www.cve.org/CVERecord?id=CVE-2020-2160" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-2160", "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-2160" }, { "category": "external", "summary": "https://jenkins.io/security/advisory/2020-03-25/#SECURITY-1774", "url": "https://jenkins.io/security/advisory/2020-03-25/#SECURITY-1774" } ], "release_date": "2020-03-25T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-06-17T19:38:33+00:00", "details": "For OpenShift Container Platform 4.4 see the following documentation, which\nwill be updated shortly for release 4.4.8, for important instructions on\nhow to upgrade your cluster and fully apply this asynchronous errata\nupdate:\n\nhttps://docs.openshift.com/container-platform/4.4/release_notes/ocp-4-4-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.4/updating/updating-cluster-cli.html.", "product_ids": [ "7Server-RH7-RHOSE-4.4:atomic-enterprise-service-catalog-1:4.4.0-202006080017.git.1.77a5cc9.el7.src", "7Server-RH7-RHOSE-4.4:atomic-enterprise-service-catalog-1:4.4.0-202006080017.git.1.77a5cc9.el7.x86_64", "7Server-RH7-RHOSE-4.4:atomic-enterprise-service-catalog-svcat-1:4.4.0-202006080017.git.1.77a5cc9.el7.x86_64", "7Server-RH7-RHOSE-4.4:atomic-openshift-service-idler-0:4.4.0-202006080017.git.1.7e463c3.el7.src", "7Server-RH7-RHOSE-4.4:atomic-openshift-service-idler-0:4.4.0-202006080017.git.1.7e463c3.el7.x86_64", "7Server-RH7-RHOSE-4.4:conmon-2:2.0.17-1.rhaos4.4.el7.src", "7Server-RH7-RHOSE-4.4:conmon-2:2.0.17-1.rhaos4.4.el7.x86_64", "7Server-RH7-RHOSE-4.4:cri-o-0:1.17.4-14.dev.rhaos4.4.gitb93af5d.el7.src", "7Server-RH7-RHOSE-4.4:cri-o-0:1.17.4-14.dev.rhaos4.4.gitb93af5d.el7.x86_64", "7Server-RH7-RHOSE-4.4:cri-o-debuginfo-0:1.17.4-14.dev.rhaos4.4.gitb93af5d.el7.x86_64", "7Server-RH7-RHOSE-4.4:jenkins-0:2.222.1.1591351066-1.el7.noarch", "7Server-RH7-RHOSE-4.4:jenkins-0:2.222.1.1591351066-1.el7.src", "7Server-RH7-RHOSE-4.4:openshift-0:4.4.0-202006061254.git.1.dc84fb4.el7.src", "7Server-RH7-RHOSE-4.4:openshift-ansible-0:4.4.0-202006061254.git.1.a996454.el7.noarch", "7Server-RH7-RHOSE-4.4:openshift-ansible-0:4.4.0-202006061254.git.1.a996454.el7.src", "7Server-RH7-RHOSE-4.4:openshift-ansible-test-0:4.4.0-202006061254.git.1.a996454.el7.noarch", "7Server-RH7-RHOSE-4.4:openshift-clients-0:4.4.0-202006061254.git.1.26cb6dc.el7.src", "7Server-RH7-RHOSE-4.4:openshift-clients-0:4.4.0-202006061254.git.1.26cb6dc.el7.x86_64", "7Server-RH7-RHOSE-4.4:openshift-clients-redistributable-0:4.4.0-202006061254.git.1.26cb6dc.el7.x86_64", "7Server-RH7-RHOSE-4.4:openshift-hyperkube-0:4.4.0-202006061254.git.1.dc84fb4.el7.x86_64", "8Base-RHOSE-4.4:conmon-2:2.0.17-1.rhaos4.4.el8.src", "8Base-RHOSE-4.4:conmon-2:2.0.17-1.rhaos4.4.el8.x86_64", "8Base-RHOSE-4.4:cri-o-0:1.17.4-14.dev.rhaos4.4.gitb93af5d.el8.src", "8Base-RHOSE-4.4:cri-o-0:1.17.4-14.dev.rhaos4.4.gitb93af5d.el8.x86_64", "8Base-RHOSE-4.4:cri-o-debuginfo-0:1.17.4-14.dev.rhaos4.4.gitb93af5d.el8.x86_64", "8Base-RHOSE-4.4:cri-o-debugsource-0:1.17.4-14.dev.rhaos4.4.gitb93af5d.el8.x86_64", "8Base-RHOSE-4.4:machine-config-daemon-0:4.4.0-202006080017.git.1.32e0736.el8.src", "8Base-RHOSE-4.4:machine-config-daemon-0:4.4.0-202006080017.git.1.32e0736.el8.x86_64", "8Base-RHOSE-4.4:openshift-0:4.4.0-202006061254.git.1.dc84fb4.el8.src", "8Base-RHOSE-4.4:openshift-clients-0:4.4.0-202006061254.git.1.26cb6dc.el8.src", "8Base-RHOSE-4.4:openshift-clients-0:4.4.0-202006061254.git.1.26cb6dc.el8.x86_64", "8Base-RHOSE-4.4:openshift-clients-redistributable-0:4.4.0-202006061254.git.1.26cb6dc.el8.x86_64", "8Base-RHOSE-4.4:openshift-hyperkube-0:4.4.0-202006061254.git.1.dc84fb4.el8.x86_64", "8Base-RHOSE-4.4:openshift-kuryr-0:4.4.0-202006080017.git.1.855ef1d.el8.src", "8Base-RHOSE-4.4:openshift-kuryr-cni-0:4.4.0-202006080017.git.1.855ef1d.el8.noarch", "8Base-RHOSE-4.4:openshift-kuryr-common-0:4.4.0-202006080017.git.1.855ef1d.el8.noarch", "8Base-RHOSE-4.4:openshift-kuryr-controller-0:4.4.0-202006080017.git.1.855ef1d.el8.noarch", "8Base-RHOSE-4.4:python3-kuryr-kubernetes-0:4.4.0-202006080017.git.1.855ef1d.el8.noarch" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHBA-2020:2444" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "7Server-RH7-RHOSE-4.4:atomic-enterprise-service-catalog-1:4.4.0-202006080017.git.1.77a5cc9.el7.src", "7Server-RH7-RHOSE-4.4:atomic-enterprise-service-catalog-1:4.4.0-202006080017.git.1.77a5cc9.el7.x86_64", "7Server-RH7-RHOSE-4.4:atomic-enterprise-service-catalog-svcat-1:4.4.0-202006080017.git.1.77a5cc9.el7.x86_64", "7Server-RH7-RHOSE-4.4:atomic-openshift-service-idler-0:4.4.0-202006080017.git.1.7e463c3.el7.src", "7Server-RH7-RHOSE-4.4:atomic-openshift-service-idler-0:4.4.0-202006080017.git.1.7e463c3.el7.x86_64", "7Server-RH7-RHOSE-4.4:conmon-2:2.0.17-1.rhaos4.4.el7.src", "7Server-RH7-RHOSE-4.4:conmon-2:2.0.17-1.rhaos4.4.el7.x86_64", "7Server-RH7-RHOSE-4.4:cri-o-0:1.17.4-14.dev.rhaos4.4.gitb93af5d.el7.src", "7Server-RH7-RHOSE-4.4:cri-o-0:1.17.4-14.dev.rhaos4.4.gitb93af5d.el7.x86_64", "7Server-RH7-RHOSE-4.4:cri-o-debuginfo-0:1.17.4-14.dev.rhaos4.4.gitb93af5d.el7.x86_64", "7Server-RH7-RHOSE-4.4:jenkins-0:2.222.1.1591351066-1.el7.noarch", "7Server-RH7-RHOSE-4.4:jenkins-0:2.222.1.1591351066-1.el7.src", "7Server-RH7-RHOSE-4.4:openshift-0:4.4.0-202006061254.git.1.dc84fb4.el7.src", "7Server-RH7-RHOSE-4.4:openshift-ansible-0:4.4.0-202006061254.git.1.a996454.el7.noarch", "7Server-RH7-RHOSE-4.4:openshift-ansible-0:4.4.0-202006061254.git.1.a996454.el7.src", "7Server-RH7-RHOSE-4.4:openshift-ansible-test-0:4.4.0-202006061254.git.1.a996454.el7.noarch", "7Server-RH7-RHOSE-4.4:openshift-clients-0:4.4.0-202006061254.git.1.26cb6dc.el7.src", "7Server-RH7-RHOSE-4.4:openshift-clients-0:4.4.0-202006061254.git.1.26cb6dc.el7.x86_64", "7Server-RH7-RHOSE-4.4:openshift-clients-redistributable-0:4.4.0-202006061254.git.1.26cb6dc.el7.x86_64", "7Server-RH7-RHOSE-4.4:openshift-hyperkube-0:4.4.0-202006061254.git.1.dc84fb4.el7.x86_64", "8Base-RHOSE-4.4:conmon-2:2.0.17-1.rhaos4.4.el8.src", "8Base-RHOSE-4.4:conmon-2:2.0.17-1.rhaos4.4.el8.x86_64", "8Base-RHOSE-4.4:cri-o-0:1.17.4-14.dev.rhaos4.4.gitb93af5d.el8.src", "8Base-RHOSE-4.4:cri-o-0:1.17.4-14.dev.rhaos4.4.gitb93af5d.el8.x86_64", "8Base-RHOSE-4.4:cri-o-debuginfo-0:1.17.4-14.dev.rhaos4.4.gitb93af5d.el8.x86_64", "8Base-RHOSE-4.4:cri-o-debugsource-0:1.17.4-14.dev.rhaos4.4.gitb93af5d.el8.x86_64", "8Base-RHOSE-4.4:machine-config-daemon-0:4.4.0-202006080017.git.1.32e0736.el8.src", "8Base-RHOSE-4.4:machine-config-daemon-0:4.4.0-202006080017.git.1.32e0736.el8.x86_64", "8Base-RHOSE-4.4:openshift-0:4.4.0-202006061254.git.1.dc84fb4.el8.src", "8Base-RHOSE-4.4:openshift-clients-0:4.4.0-202006061254.git.1.26cb6dc.el8.src", "8Base-RHOSE-4.4:openshift-clients-0:4.4.0-202006061254.git.1.26cb6dc.el8.x86_64", "8Base-RHOSE-4.4:openshift-clients-redistributable-0:4.4.0-202006061254.git.1.26cb6dc.el8.x86_64", "8Base-RHOSE-4.4:openshift-hyperkube-0:4.4.0-202006061254.git.1.dc84fb4.el8.x86_64", "8Base-RHOSE-4.4:openshift-kuryr-0:4.4.0-202006080017.git.1.855ef1d.el8.src", "8Base-RHOSE-4.4:openshift-kuryr-cni-0:4.4.0-202006080017.git.1.855ef1d.el8.noarch", "8Base-RHOSE-4.4:openshift-kuryr-common-0:4.4.0-202006080017.git.1.855ef1d.el8.noarch", "8Base-RHOSE-4.4:openshift-kuryr-controller-0:4.4.0-202006080017.git.1.855ef1d.el8.noarch", "8Base-RHOSE-4.4:python3-kuryr-kubernetes-0:4.4.0-202006080017.git.1.855ef1d.el8.noarch" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "jenkins: CSRF protection bypass via crafted URLs" }, { "cve": "CVE-2020-2161", "cwe": { "id": "CWE-79", "name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)" }, "discovery_date": "2020-03-26T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1819198" } ], "notes": [ { "category": "description", "text": "Jenkins 2.227 and earlier, LTS 2.204.5 and earlier does not properly escape node labels that are shown in the form validation for label expressions on job configuration pages, resulting in a stored XSS vulnerability exploitable by users able to define node labels.", "title": "Vulnerability description" }, { "category": "summary", "text": "jenkins: XSS in job configuration pages", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-RH7-RHOSE-4.4:atomic-enterprise-service-catalog-1:4.4.0-202006080017.git.1.77a5cc9.el7.src", "7Server-RH7-RHOSE-4.4:atomic-enterprise-service-catalog-1:4.4.0-202006080017.git.1.77a5cc9.el7.x86_64", "7Server-RH7-RHOSE-4.4:atomic-enterprise-service-catalog-svcat-1:4.4.0-202006080017.git.1.77a5cc9.el7.x86_64", "7Server-RH7-RHOSE-4.4:atomic-openshift-service-idler-0:4.4.0-202006080017.git.1.7e463c3.el7.src", "7Server-RH7-RHOSE-4.4:atomic-openshift-service-idler-0:4.4.0-202006080017.git.1.7e463c3.el7.x86_64", "7Server-RH7-RHOSE-4.4:conmon-2:2.0.17-1.rhaos4.4.el7.src", "7Server-RH7-RHOSE-4.4:conmon-2:2.0.17-1.rhaos4.4.el7.x86_64", "7Server-RH7-RHOSE-4.4:cri-o-0:1.17.4-14.dev.rhaos4.4.gitb93af5d.el7.src", "7Server-RH7-RHOSE-4.4:cri-o-0:1.17.4-14.dev.rhaos4.4.gitb93af5d.el7.x86_64", "7Server-RH7-RHOSE-4.4:cri-o-debuginfo-0:1.17.4-14.dev.rhaos4.4.gitb93af5d.el7.x86_64", "7Server-RH7-RHOSE-4.4:jenkins-0:2.222.1.1591351066-1.el7.noarch", "7Server-RH7-RHOSE-4.4:jenkins-0:2.222.1.1591351066-1.el7.src", "7Server-RH7-RHOSE-4.4:openshift-0:4.4.0-202006061254.git.1.dc84fb4.el7.src", "7Server-RH7-RHOSE-4.4:openshift-ansible-0:4.4.0-202006061254.git.1.a996454.el7.noarch", "7Server-RH7-RHOSE-4.4:openshift-ansible-0:4.4.0-202006061254.git.1.a996454.el7.src", "7Server-RH7-RHOSE-4.4:openshift-ansible-test-0:4.4.0-202006061254.git.1.a996454.el7.noarch", "7Server-RH7-RHOSE-4.4:openshift-clients-0:4.4.0-202006061254.git.1.26cb6dc.el7.src", "7Server-RH7-RHOSE-4.4:openshift-clients-0:4.4.0-202006061254.git.1.26cb6dc.el7.x86_64", "7Server-RH7-RHOSE-4.4:openshift-clients-redistributable-0:4.4.0-202006061254.git.1.26cb6dc.el7.x86_64", "7Server-RH7-RHOSE-4.4:openshift-hyperkube-0:4.4.0-202006061254.git.1.dc84fb4.el7.x86_64", "8Base-RHOSE-4.4:conmon-2:2.0.17-1.rhaos4.4.el8.src", "8Base-RHOSE-4.4:conmon-2:2.0.17-1.rhaos4.4.el8.x86_64", "8Base-RHOSE-4.4:cri-o-0:1.17.4-14.dev.rhaos4.4.gitb93af5d.el8.src", "8Base-RHOSE-4.4:cri-o-0:1.17.4-14.dev.rhaos4.4.gitb93af5d.el8.x86_64", "8Base-RHOSE-4.4:cri-o-debuginfo-0:1.17.4-14.dev.rhaos4.4.gitb93af5d.el8.x86_64", "8Base-RHOSE-4.4:cri-o-debugsource-0:1.17.4-14.dev.rhaos4.4.gitb93af5d.el8.x86_64", "8Base-RHOSE-4.4:machine-config-daemon-0:4.4.0-202006080017.git.1.32e0736.el8.src", "8Base-RHOSE-4.4:machine-config-daemon-0:4.4.0-202006080017.git.1.32e0736.el8.x86_64", "8Base-RHOSE-4.4:openshift-0:4.4.0-202006061254.git.1.dc84fb4.el8.src", "8Base-RHOSE-4.4:openshift-clients-0:4.4.0-202006061254.git.1.26cb6dc.el8.src", "8Base-RHOSE-4.4:openshift-clients-0:4.4.0-202006061254.git.1.26cb6dc.el8.x86_64", "8Base-RHOSE-4.4:openshift-clients-redistributable-0:4.4.0-202006061254.git.1.26cb6dc.el8.x86_64", "8Base-RHOSE-4.4:openshift-hyperkube-0:4.4.0-202006061254.git.1.dc84fb4.el8.x86_64", "8Base-RHOSE-4.4:openshift-kuryr-0:4.4.0-202006080017.git.1.855ef1d.el8.src", "8Base-RHOSE-4.4:openshift-kuryr-cni-0:4.4.0-202006080017.git.1.855ef1d.el8.noarch", "8Base-RHOSE-4.4:openshift-kuryr-common-0:4.4.0-202006080017.git.1.855ef1d.el8.noarch", "8Base-RHOSE-4.4:openshift-kuryr-controller-0:4.4.0-202006080017.git.1.855ef1d.el8.noarch", "8Base-RHOSE-4.4:python3-kuryr-kubernetes-0:4.4.0-202006080017.git.1.855ef1d.el8.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2020-2161" }, { "category": "external", "summary": "RHBZ#1819198", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1819198" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2020-2161", "url": "https://www.cve.org/CVERecord?id=CVE-2020-2161" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-2161", "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-2161" }, { "category": "external", "summary": "https://jenkins.io/security/advisory/2020-03-25/#SECURITY-1781", "url": "https://jenkins.io/security/advisory/2020-03-25/#SECURITY-1781" } ], "release_date": "2020-03-25T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-06-17T19:38:33+00:00", "details": "For OpenShift Container Platform 4.4 see the following documentation, which\nwill be updated shortly for release 4.4.8, for important instructions on\nhow to upgrade your cluster and fully apply this asynchronous errata\nupdate:\n\nhttps://docs.openshift.com/container-platform/4.4/release_notes/ocp-4-4-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.4/updating/updating-cluster-cli.html.", "product_ids": [ "7Server-RH7-RHOSE-4.4:atomic-enterprise-service-catalog-1:4.4.0-202006080017.git.1.77a5cc9.el7.src", "7Server-RH7-RHOSE-4.4:atomic-enterprise-service-catalog-1:4.4.0-202006080017.git.1.77a5cc9.el7.x86_64", "7Server-RH7-RHOSE-4.4:atomic-enterprise-service-catalog-svcat-1:4.4.0-202006080017.git.1.77a5cc9.el7.x86_64", "7Server-RH7-RHOSE-4.4:atomic-openshift-service-idler-0:4.4.0-202006080017.git.1.7e463c3.el7.src", "7Server-RH7-RHOSE-4.4:atomic-openshift-service-idler-0:4.4.0-202006080017.git.1.7e463c3.el7.x86_64", "7Server-RH7-RHOSE-4.4:conmon-2:2.0.17-1.rhaos4.4.el7.src", "7Server-RH7-RHOSE-4.4:conmon-2:2.0.17-1.rhaos4.4.el7.x86_64", "7Server-RH7-RHOSE-4.4:cri-o-0:1.17.4-14.dev.rhaos4.4.gitb93af5d.el7.src", "7Server-RH7-RHOSE-4.4:cri-o-0:1.17.4-14.dev.rhaos4.4.gitb93af5d.el7.x86_64", "7Server-RH7-RHOSE-4.4:cri-o-debuginfo-0:1.17.4-14.dev.rhaos4.4.gitb93af5d.el7.x86_64", "7Server-RH7-RHOSE-4.4:jenkins-0:2.222.1.1591351066-1.el7.noarch", "7Server-RH7-RHOSE-4.4:jenkins-0:2.222.1.1591351066-1.el7.src", "7Server-RH7-RHOSE-4.4:openshift-0:4.4.0-202006061254.git.1.dc84fb4.el7.src", "7Server-RH7-RHOSE-4.4:openshift-ansible-0:4.4.0-202006061254.git.1.a996454.el7.noarch", "7Server-RH7-RHOSE-4.4:openshift-ansible-0:4.4.0-202006061254.git.1.a996454.el7.src", "7Server-RH7-RHOSE-4.4:openshift-ansible-test-0:4.4.0-202006061254.git.1.a996454.el7.noarch", "7Server-RH7-RHOSE-4.4:openshift-clients-0:4.4.0-202006061254.git.1.26cb6dc.el7.src", "7Server-RH7-RHOSE-4.4:openshift-clients-0:4.4.0-202006061254.git.1.26cb6dc.el7.x86_64", "7Server-RH7-RHOSE-4.4:openshift-clients-redistributable-0:4.4.0-202006061254.git.1.26cb6dc.el7.x86_64", "7Server-RH7-RHOSE-4.4:openshift-hyperkube-0:4.4.0-202006061254.git.1.dc84fb4.el7.x86_64", "8Base-RHOSE-4.4:conmon-2:2.0.17-1.rhaos4.4.el8.src", "8Base-RHOSE-4.4:conmon-2:2.0.17-1.rhaos4.4.el8.x86_64", "8Base-RHOSE-4.4:cri-o-0:1.17.4-14.dev.rhaos4.4.gitb93af5d.el8.src", "8Base-RHOSE-4.4:cri-o-0:1.17.4-14.dev.rhaos4.4.gitb93af5d.el8.x86_64", "8Base-RHOSE-4.4:cri-o-debuginfo-0:1.17.4-14.dev.rhaos4.4.gitb93af5d.el8.x86_64", "8Base-RHOSE-4.4:cri-o-debugsource-0:1.17.4-14.dev.rhaos4.4.gitb93af5d.el8.x86_64", "8Base-RHOSE-4.4:machine-config-daemon-0:4.4.0-202006080017.git.1.32e0736.el8.src", "8Base-RHOSE-4.4:machine-config-daemon-0:4.4.0-202006080017.git.1.32e0736.el8.x86_64", "8Base-RHOSE-4.4:openshift-0:4.4.0-202006061254.git.1.dc84fb4.el8.src", "8Base-RHOSE-4.4:openshift-clients-0:4.4.0-202006061254.git.1.26cb6dc.el8.src", "8Base-RHOSE-4.4:openshift-clients-0:4.4.0-202006061254.git.1.26cb6dc.el8.x86_64", "8Base-RHOSE-4.4:openshift-clients-redistributable-0:4.4.0-202006061254.git.1.26cb6dc.el8.x86_64", "8Base-RHOSE-4.4:openshift-hyperkube-0:4.4.0-202006061254.git.1.dc84fb4.el8.x86_64", "8Base-RHOSE-4.4:openshift-kuryr-0:4.4.0-202006080017.git.1.855ef1d.el8.src", "8Base-RHOSE-4.4:openshift-kuryr-cni-0:4.4.0-202006080017.git.1.855ef1d.el8.noarch", "8Base-RHOSE-4.4:openshift-kuryr-common-0:4.4.0-202006080017.git.1.855ef1d.el8.noarch", "8Base-RHOSE-4.4:openshift-kuryr-controller-0:4.4.0-202006080017.git.1.855ef1d.el8.noarch", "8Base-RHOSE-4.4:python3-kuryr-kubernetes-0:4.4.0-202006080017.git.1.855ef1d.el8.noarch" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHBA-2020:2444" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", "version": "3.1" }, "products": [ "7Server-RH7-RHOSE-4.4:atomic-enterprise-service-catalog-1:4.4.0-202006080017.git.1.77a5cc9.el7.src", "7Server-RH7-RHOSE-4.4:atomic-enterprise-service-catalog-1:4.4.0-202006080017.git.1.77a5cc9.el7.x86_64", "7Server-RH7-RHOSE-4.4:atomic-enterprise-service-catalog-svcat-1:4.4.0-202006080017.git.1.77a5cc9.el7.x86_64", "7Server-RH7-RHOSE-4.4:atomic-openshift-service-idler-0:4.4.0-202006080017.git.1.7e463c3.el7.src", "7Server-RH7-RHOSE-4.4:atomic-openshift-service-idler-0:4.4.0-202006080017.git.1.7e463c3.el7.x86_64", "7Server-RH7-RHOSE-4.4:conmon-2:2.0.17-1.rhaos4.4.el7.src", "7Server-RH7-RHOSE-4.4:conmon-2:2.0.17-1.rhaos4.4.el7.x86_64", "7Server-RH7-RHOSE-4.4:cri-o-0:1.17.4-14.dev.rhaos4.4.gitb93af5d.el7.src", "7Server-RH7-RHOSE-4.4:cri-o-0:1.17.4-14.dev.rhaos4.4.gitb93af5d.el7.x86_64", "7Server-RH7-RHOSE-4.4:cri-o-debuginfo-0:1.17.4-14.dev.rhaos4.4.gitb93af5d.el7.x86_64", "7Server-RH7-RHOSE-4.4:jenkins-0:2.222.1.1591351066-1.el7.noarch", "7Server-RH7-RHOSE-4.4:jenkins-0:2.222.1.1591351066-1.el7.src", "7Server-RH7-RHOSE-4.4:openshift-0:4.4.0-202006061254.git.1.dc84fb4.el7.src", "7Server-RH7-RHOSE-4.4:openshift-ansible-0:4.4.0-202006061254.git.1.a996454.el7.noarch", "7Server-RH7-RHOSE-4.4:openshift-ansible-0:4.4.0-202006061254.git.1.a996454.el7.src", "7Server-RH7-RHOSE-4.4:openshift-ansible-test-0:4.4.0-202006061254.git.1.a996454.el7.noarch", "7Server-RH7-RHOSE-4.4:openshift-clients-0:4.4.0-202006061254.git.1.26cb6dc.el7.src", "7Server-RH7-RHOSE-4.4:openshift-clients-0:4.4.0-202006061254.git.1.26cb6dc.el7.x86_64", "7Server-RH7-RHOSE-4.4:openshift-clients-redistributable-0:4.4.0-202006061254.git.1.26cb6dc.el7.x86_64", "7Server-RH7-RHOSE-4.4:openshift-hyperkube-0:4.4.0-202006061254.git.1.dc84fb4.el7.x86_64", "8Base-RHOSE-4.4:conmon-2:2.0.17-1.rhaos4.4.el8.src", "8Base-RHOSE-4.4:conmon-2:2.0.17-1.rhaos4.4.el8.x86_64", "8Base-RHOSE-4.4:cri-o-0:1.17.4-14.dev.rhaos4.4.gitb93af5d.el8.src", "8Base-RHOSE-4.4:cri-o-0:1.17.4-14.dev.rhaos4.4.gitb93af5d.el8.x86_64", "8Base-RHOSE-4.4:cri-o-debuginfo-0:1.17.4-14.dev.rhaos4.4.gitb93af5d.el8.x86_64", "8Base-RHOSE-4.4:cri-o-debugsource-0:1.17.4-14.dev.rhaos4.4.gitb93af5d.el8.x86_64", "8Base-RHOSE-4.4:machine-config-daemon-0:4.4.0-202006080017.git.1.32e0736.el8.src", "8Base-RHOSE-4.4:machine-config-daemon-0:4.4.0-202006080017.git.1.32e0736.el8.x86_64", "8Base-RHOSE-4.4:openshift-0:4.4.0-202006061254.git.1.dc84fb4.el8.src", "8Base-RHOSE-4.4:openshift-clients-0:4.4.0-202006061254.git.1.26cb6dc.el8.src", "8Base-RHOSE-4.4:openshift-clients-0:4.4.0-202006061254.git.1.26cb6dc.el8.x86_64", "8Base-RHOSE-4.4:openshift-clients-redistributable-0:4.4.0-202006061254.git.1.26cb6dc.el8.x86_64", "8Base-RHOSE-4.4:openshift-hyperkube-0:4.4.0-202006061254.git.1.dc84fb4.el8.x86_64", "8Base-RHOSE-4.4:openshift-kuryr-0:4.4.0-202006080017.git.1.855ef1d.el8.src", "8Base-RHOSE-4.4:openshift-kuryr-cni-0:4.4.0-202006080017.git.1.855ef1d.el8.noarch", "8Base-RHOSE-4.4:openshift-kuryr-common-0:4.4.0-202006080017.git.1.855ef1d.el8.noarch", "8Base-RHOSE-4.4:openshift-kuryr-controller-0:4.4.0-202006080017.git.1.855ef1d.el8.noarch", "8Base-RHOSE-4.4:python3-kuryr-kubernetes-0:4.4.0-202006080017.git.1.855ef1d.el8.noarch" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "jenkins: XSS in job configuration pages" }, { "cve": "CVE-2020-2162", "cwe": { "id": "CWE-79", "name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)" }, "discovery_date": "2020-03-26T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1819211" } ], "notes": [ { "category": "description", "text": "Jenkins 2.227 and earlier, LTS 2.204.5 and earlier does not set Content-Security-Policy headers for files uploaded as file parameters to a build, resulting in a stored XSS vulnerability.", "title": "Vulnerability description" }, { "category": "summary", "text": "jenkins: Content-Security-Policy headers for files uploaded leads to XSS", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-RH7-RHOSE-4.4:atomic-enterprise-service-catalog-1:4.4.0-202006080017.git.1.77a5cc9.el7.src", "7Server-RH7-RHOSE-4.4:atomic-enterprise-service-catalog-1:4.4.0-202006080017.git.1.77a5cc9.el7.x86_64", "7Server-RH7-RHOSE-4.4:atomic-enterprise-service-catalog-svcat-1:4.4.0-202006080017.git.1.77a5cc9.el7.x86_64", "7Server-RH7-RHOSE-4.4:atomic-openshift-service-idler-0:4.4.0-202006080017.git.1.7e463c3.el7.src", "7Server-RH7-RHOSE-4.4:atomic-openshift-service-idler-0:4.4.0-202006080017.git.1.7e463c3.el7.x86_64", "7Server-RH7-RHOSE-4.4:conmon-2:2.0.17-1.rhaos4.4.el7.src", "7Server-RH7-RHOSE-4.4:conmon-2:2.0.17-1.rhaos4.4.el7.x86_64", "7Server-RH7-RHOSE-4.4:cri-o-0:1.17.4-14.dev.rhaos4.4.gitb93af5d.el7.src", "7Server-RH7-RHOSE-4.4:cri-o-0:1.17.4-14.dev.rhaos4.4.gitb93af5d.el7.x86_64", "7Server-RH7-RHOSE-4.4:cri-o-debuginfo-0:1.17.4-14.dev.rhaos4.4.gitb93af5d.el7.x86_64", "7Server-RH7-RHOSE-4.4:jenkins-0:2.222.1.1591351066-1.el7.noarch", "7Server-RH7-RHOSE-4.4:jenkins-0:2.222.1.1591351066-1.el7.src", "7Server-RH7-RHOSE-4.4:openshift-0:4.4.0-202006061254.git.1.dc84fb4.el7.src", "7Server-RH7-RHOSE-4.4:openshift-ansible-0:4.4.0-202006061254.git.1.a996454.el7.noarch", "7Server-RH7-RHOSE-4.4:openshift-ansible-0:4.4.0-202006061254.git.1.a996454.el7.src", "7Server-RH7-RHOSE-4.4:openshift-ansible-test-0:4.4.0-202006061254.git.1.a996454.el7.noarch", "7Server-RH7-RHOSE-4.4:openshift-clients-0:4.4.0-202006061254.git.1.26cb6dc.el7.src", "7Server-RH7-RHOSE-4.4:openshift-clients-0:4.4.0-202006061254.git.1.26cb6dc.el7.x86_64", "7Server-RH7-RHOSE-4.4:openshift-clients-redistributable-0:4.4.0-202006061254.git.1.26cb6dc.el7.x86_64", "7Server-RH7-RHOSE-4.4:openshift-hyperkube-0:4.4.0-202006061254.git.1.dc84fb4.el7.x86_64", "8Base-RHOSE-4.4:conmon-2:2.0.17-1.rhaos4.4.el8.src", "8Base-RHOSE-4.4:conmon-2:2.0.17-1.rhaos4.4.el8.x86_64", "8Base-RHOSE-4.4:cri-o-0:1.17.4-14.dev.rhaos4.4.gitb93af5d.el8.src", "8Base-RHOSE-4.4:cri-o-0:1.17.4-14.dev.rhaos4.4.gitb93af5d.el8.x86_64", "8Base-RHOSE-4.4:cri-o-debuginfo-0:1.17.4-14.dev.rhaos4.4.gitb93af5d.el8.x86_64", "8Base-RHOSE-4.4:cri-o-debugsource-0:1.17.4-14.dev.rhaos4.4.gitb93af5d.el8.x86_64", "8Base-RHOSE-4.4:machine-config-daemon-0:4.4.0-202006080017.git.1.32e0736.el8.src", "8Base-RHOSE-4.4:machine-config-daemon-0:4.4.0-202006080017.git.1.32e0736.el8.x86_64", "8Base-RHOSE-4.4:openshift-0:4.4.0-202006061254.git.1.dc84fb4.el8.src", "8Base-RHOSE-4.4:openshift-clients-0:4.4.0-202006061254.git.1.26cb6dc.el8.src", "8Base-RHOSE-4.4:openshift-clients-0:4.4.0-202006061254.git.1.26cb6dc.el8.x86_64", "8Base-RHOSE-4.4:openshift-clients-redistributable-0:4.4.0-202006061254.git.1.26cb6dc.el8.x86_64", "8Base-RHOSE-4.4:openshift-hyperkube-0:4.4.0-202006061254.git.1.dc84fb4.el8.x86_64", "8Base-RHOSE-4.4:openshift-kuryr-0:4.4.0-202006080017.git.1.855ef1d.el8.src", "8Base-RHOSE-4.4:openshift-kuryr-cni-0:4.4.0-202006080017.git.1.855ef1d.el8.noarch", "8Base-RHOSE-4.4:openshift-kuryr-common-0:4.4.0-202006080017.git.1.855ef1d.el8.noarch", "8Base-RHOSE-4.4:openshift-kuryr-controller-0:4.4.0-202006080017.git.1.855ef1d.el8.noarch", "8Base-RHOSE-4.4:python3-kuryr-kubernetes-0:4.4.0-202006080017.git.1.855ef1d.el8.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2020-2162" }, { "category": "external", "summary": "RHBZ#1819211", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1819211" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2020-2162", "url": "https://www.cve.org/CVERecord?id=CVE-2020-2162" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-2162", "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-2162" }, { "category": "external", "summary": "https://jenkins.io/security/advisory/2020-03-25/#SECURITY-1793", "url": "https://jenkins.io/security/advisory/2020-03-25/#SECURITY-1793" } ], "release_date": "2020-03-25T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-06-17T19:38:33+00:00", "details": "For OpenShift Container Platform 4.4 see the following documentation, which\nwill be updated shortly for release 4.4.8, for important instructions on\nhow to upgrade your cluster and fully apply this asynchronous errata\nupdate:\n\nhttps://docs.openshift.com/container-platform/4.4/release_notes/ocp-4-4-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.4/updating/updating-cluster-cli.html.", "product_ids": [ "7Server-RH7-RHOSE-4.4:atomic-enterprise-service-catalog-1:4.4.0-202006080017.git.1.77a5cc9.el7.src", "7Server-RH7-RHOSE-4.4:atomic-enterprise-service-catalog-1:4.4.0-202006080017.git.1.77a5cc9.el7.x86_64", "7Server-RH7-RHOSE-4.4:atomic-enterprise-service-catalog-svcat-1:4.4.0-202006080017.git.1.77a5cc9.el7.x86_64", "7Server-RH7-RHOSE-4.4:atomic-openshift-service-idler-0:4.4.0-202006080017.git.1.7e463c3.el7.src", "7Server-RH7-RHOSE-4.4:atomic-openshift-service-idler-0:4.4.0-202006080017.git.1.7e463c3.el7.x86_64", "7Server-RH7-RHOSE-4.4:conmon-2:2.0.17-1.rhaos4.4.el7.src", "7Server-RH7-RHOSE-4.4:conmon-2:2.0.17-1.rhaos4.4.el7.x86_64", "7Server-RH7-RHOSE-4.4:cri-o-0:1.17.4-14.dev.rhaos4.4.gitb93af5d.el7.src", "7Server-RH7-RHOSE-4.4:cri-o-0:1.17.4-14.dev.rhaos4.4.gitb93af5d.el7.x86_64", "7Server-RH7-RHOSE-4.4:cri-o-debuginfo-0:1.17.4-14.dev.rhaos4.4.gitb93af5d.el7.x86_64", "7Server-RH7-RHOSE-4.4:jenkins-0:2.222.1.1591351066-1.el7.noarch", "7Server-RH7-RHOSE-4.4:jenkins-0:2.222.1.1591351066-1.el7.src", "7Server-RH7-RHOSE-4.4:openshift-0:4.4.0-202006061254.git.1.dc84fb4.el7.src", "7Server-RH7-RHOSE-4.4:openshift-ansible-0:4.4.0-202006061254.git.1.a996454.el7.noarch", "7Server-RH7-RHOSE-4.4:openshift-ansible-0:4.4.0-202006061254.git.1.a996454.el7.src", "7Server-RH7-RHOSE-4.4:openshift-ansible-test-0:4.4.0-202006061254.git.1.a996454.el7.noarch", "7Server-RH7-RHOSE-4.4:openshift-clients-0:4.4.0-202006061254.git.1.26cb6dc.el7.src", "7Server-RH7-RHOSE-4.4:openshift-clients-0:4.4.0-202006061254.git.1.26cb6dc.el7.x86_64", "7Server-RH7-RHOSE-4.4:openshift-clients-redistributable-0:4.4.0-202006061254.git.1.26cb6dc.el7.x86_64", "7Server-RH7-RHOSE-4.4:openshift-hyperkube-0:4.4.0-202006061254.git.1.dc84fb4.el7.x86_64", "8Base-RHOSE-4.4:conmon-2:2.0.17-1.rhaos4.4.el8.src", "8Base-RHOSE-4.4:conmon-2:2.0.17-1.rhaos4.4.el8.x86_64", "8Base-RHOSE-4.4:cri-o-0:1.17.4-14.dev.rhaos4.4.gitb93af5d.el8.src", "8Base-RHOSE-4.4:cri-o-0:1.17.4-14.dev.rhaos4.4.gitb93af5d.el8.x86_64", "8Base-RHOSE-4.4:cri-o-debuginfo-0:1.17.4-14.dev.rhaos4.4.gitb93af5d.el8.x86_64", "8Base-RHOSE-4.4:cri-o-debugsource-0:1.17.4-14.dev.rhaos4.4.gitb93af5d.el8.x86_64", "8Base-RHOSE-4.4:machine-config-daemon-0:4.4.0-202006080017.git.1.32e0736.el8.src", "8Base-RHOSE-4.4:machine-config-daemon-0:4.4.0-202006080017.git.1.32e0736.el8.x86_64", "8Base-RHOSE-4.4:openshift-0:4.4.0-202006061254.git.1.dc84fb4.el8.src", "8Base-RHOSE-4.4:openshift-clients-0:4.4.0-202006061254.git.1.26cb6dc.el8.src", "8Base-RHOSE-4.4:openshift-clients-0:4.4.0-202006061254.git.1.26cb6dc.el8.x86_64", "8Base-RHOSE-4.4:openshift-clients-redistributable-0:4.4.0-202006061254.git.1.26cb6dc.el8.x86_64", "8Base-RHOSE-4.4:openshift-hyperkube-0:4.4.0-202006061254.git.1.dc84fb4.el8.x86_64", "8Base-RHOSE-4.4:openshift-kuryr-0:4.4.0-202006080017.git.1.855ef1d.el8.src", "8Base-RHOSE-4.4:openshift-kuryr-cni-0:4.4.0-202006080017.git.1.855ef1d.el8.noarch", "8Base-RHOSE-4.4:openshift-kuryr-common-0:4.4.0-202006080017.git.1.855ef1d.el8.noarch", "8Base-RHOSE-4.4:openshift-kuryr-controller-0:4.4.0-202006080017.git.1.855ef1d.el8.noarch", "8Base-RHOSE-4.4:python3-kuryr-kubernetes-0:4.4.0-202006080017.git.1.855ef1d.el8.noarch" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHBA-2020:2444" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", "version": "3.1" }, "products": [ "7Server-RH7-RHOSE-4.4:atomic-enterprise-service-catalog-1:4.4.0-202006080017.git.1.77a5cc9.el7.src", "7Server-RH7-RHOSE-4.4:atomic-enterprise-service-catalog-1:4.4.0-202006080017.git.1.77a5cc9.el7.x86_64", "7Server-RH7-RHOSE-4.4:atomic-enterprise-service-catalog-svcat-1:4.4.0-202006080017.git.1.77a5cc9.el7.x86_64", "7Server-RH7-RHOSE-4.4:atomic-openshift-service-idler-0:4.4.0-202006080017.git.1.7e463c3.el7.src", "7Server-RH7-RHOSE-4.4:atomic-openshift-service-idler-0:4.4.0-202006080017.git.1.7e463c3.el7.x86_64", "7Server-RH7-RHOSE-4.4:conmon-2:2.0.17-1.rhaos4.4.el7.src", "7Server-RH7-RHOSE-4.4:conmon-2:2.0.17-1.rhaos4.4.el7.x86_64", "7Server-RH7-RHOSE-4.4:cri-o-0:1.17.4-14.dev.rhaos4.4.gitb93af5d.el7.src", "7Server-RH7-RHOSE-4.4:cri-o-0:1.17.4-14.dev.rhaos4.4.gitb93af5d.el7.x86_64", "7Server-RH7-RHOSE-4.4:cri-o-debuginfo-0:1.17.4-14.dev.rhaos4.4.gitb93af5d.el7.x86_64", "7Server-RH7-RHOSE-4.4:jenkins-0:2.222.1.1591351066-1.el7.noarch", "7Server-RH7-RHOSE-4.4:jenkins-0:2.222.1.1591351066-1.el7.src", "7Server-RH7-RHOSE-4.4:openshift-0:4.4.0-202006061254.git.1.dc84fb4.el7.src", "7Server-RH7-RHOSE-4.4:openshift-ansible-0:4.4.0-202006061254.git.1.a996454.el7.noarch", "7Server-RH7-RHOSE-4.4:openshift-ansible-0:4.4.0-202006061254.git.1.a996454.el7.src", "7Server-RH7-RHOSE-4.4:openshift-ansible-test-0:4.4.0-202006061254.git.1.a996454.el7.noarch", "7Server-RH7-RHOSE-4.4:openshift-clients-0:4.4.0-202006061254.git.1.26cb6dc.el7.src", "7Server-RH7-RHOSE-4.4:openshift-clients-0:4.4.0-202006061254.git.1.26cb6dc.el7.x86_64", "7Server-RH7-RHOSE-4.4:openshift-clients-redistributable-0:4.4.0-202006061254.git.1.26cb6dc.el7.x86_64", "7Server-RH7-RHOSE-4.4:openshift-hyperkube-0:4.4.0-202006061254.git.1.dc84fb4.el7.x86_64", "8Base-RHOSE-4.4:conmon-2:2.0.17-1.rhaos4.4.el8.src", "8Base-RHOSE-4.4:conmon-2:2.0.17-1.rhaos4.4.el8.x86_64", "8Base-RHOSE-4.4:cri-o-0:1.17.4-14.dev.rhaos4.4.gitb93af5d.el8.src", "8Base-RHOSE-4.4:cri-o-0:1.17.4-14.dev.rhaos4.4.gitb93af5d.el8.x86_64", "8Base-RHOSE-4.4:cri-o-debuginfo-0:1.17.4-14.dev.rhaos4.4.gitb93af5d.el8.x86_64", "8Base-RHOSE-4.4:cri-o-debugsource-0:1.17.4-14.dev.rhaos4.4.gitb93af5d.el8.x86_64", "8Base-RHOSE-4.4:machine-config-daemon-0:4.4.0-202006080017.git.1.32e0736.el8.src", "8Base-RHOSE-4.4:machine-config-daemon-0:4.4.0-202006080017.git.1.32e0736.el8.x86_64", "8Base-RHOSE-4.4:openshift-0:4.4.0-202006061254.git.1.dc84fb4.el8.src", "8Base-RHOSE-4.4:openshift-clients-0:4.4.0-202006061254.git.1.26cb6dc.el8.src", "8Base-RHOSE-4.4:openshift-clients-0:4.4.0-202006061254.git.1.26cb6dc.el8.x86_64", "8Base-RHOSE-4.4:openshift-clients-redistributable-0:4.4.0-202006061254.git.1.26cb6dc.el8.x86_64", "8Base-RHOSE-4.4:openshift-hyperkube-0:4.4.0-202006061254.git.1.dc84fb4.el8.x86_64", "8Base-RHOSE-4.4:openshift-kuryr-0:4.4.0-202006080017.git.1.855ef1d.el8.src", "8Base-RHOSE-4.4:openshift-kuryr-cni-0:4.4.0-202006080017.git.1.855ef1d.el8.noarch", "8Base-RHOSE-4.4:openshift-kuryr-common-0:4.4.0-202006080017.git.1.855ef1d.el8.noarch", "8Base-RHOSE-4.4:openshift-kuryr-controller-0:4.4.0-202006080017.git.1.855ef1d.el8.noarch", "8Base-RHOSE-4.4:python3-kuryr-kubernetes-0:4.4.0-202006080017.git.1.855ef1d.el8.noarch" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "jenkins: Content-Security-Policy headers for files uploaded leads to XSS" }, { "cve": "CVE-2020-2163", "cwe": { "id": "CWE-79", "name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)" }, "discovery_date": "2020-03-25T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1819222" } ], "notes": [ { "category": "description", "text": "Jenkins 2.227 and earlier, LTS 2.204.5 and earlier improperly processes HTML content of list view column headers, resulting in a stored XSS vulnerability exploitable by users able to control column headers.", "title": "Vulnerability description" }, { "category": "summary", "text": "jenkins: improperly processes HTML content of list leads to XSS", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-RH7-RHOSE-4.4:atomic-enterprise-service-catalog-1:4.4.0-202006080017.git.1.77a5cc9.el7.src", "7Server-RH7-RHOSE-4.4:atomic-enterprise-service-catalog-1:4.4.0-202006080017.git.1.77a5cc9.el7.x86_64", "7Server-RH7-RHOSE-4.4:atomic-enterprise-service-catalog-svcat-1:4.4.0-202006080017.git.1.77a5cc9.el7.x86_64", "7Server-RH7-RHOSE-4.4:atomic-openshift-service-idler-0:4.4.0-202006080017.git.1.7e463c3.el7.src", "7Server-RH7-RHOSE-4.4:atomic-openshift-service-idler-0:4.4.0-202006080017.git.1.7e463c3.el7.x86_64", "7Server-RH7-RHOSE-4.4:conmon-2:2.0.17-1.rhaos4.4.el7.src", "7Server-RH7-RHOSE-4.4:conmon-2:2.0.17-1.rhaos4.4.el7.x86_64", "7Server-RH7-RHOSE-4.4:cri-o-0:1.17.4-14.dev.rhaos4.4.gitb93af5d.el7.src", "7Server-RH7-RHOSE-4.4:cri-o-0:1.17.4-14.dev.rhaos4.4.gitb93af5d.el7.x86_64", "7Server-RH7-RHOSE-4.4:cri-o-debuginfo-0:1.17.4-14.dev.rhaos4.4.gitb93af5d.el7.x86_64", "7Server-RH7-RHOSE-4.4:jenkins-0:2.222.1.1591351066-1.el7.noarch", "7Server-RH7-RHOSE-4.4:jenkins-0:2.222.1.1591351066-1.el7.src", "7Server-RH7-RHOSE-4.4:openshift-0:4.4.0-202006061254.git.1.dc84fb4.el7.src", "7Server-RH7-RHOSE-4.4:openshift-ansible-0:4.4.0-202006061254.git.1.a996454.el7.noarch", "7Server-RH7-RHOSE-4.4:openshift-ansible-0:4.4.0-202006061254.git.1.a996454.el7.src", "7Server-RH7-RHOSE-4.4:openshift-ansible-test-0:4.4.0-202006061254.git.1.a996454.el7.noarch", "7Server-RH7-RHOSE-4.4:openshift-clients-0:4.4.0-202006061254.git.1.26cb6dc.el7.src", "7Server-RH7-RHOSE-4.4:openshift-clients-0:4.4.0-202006061254.git.1.26cb6dc.el7.x86_64", "7Server-RH7-RHOSE-4.4:openshift-clients-redistributable-0:4.4.0-202006061254.git.1.26cb6dc.el7.x86_64", "7Server-RH7-RHOSE-4.4:openshift-hyperkube-0:4.4.0-202006061254.git.1.dc84fb4.el7.x86_64", "8Base-RHOSE-4.4:conmon-2:2.0.17-1.rhaos4.4.el8.src", "8Base-RHOSE-4.4:conmon-2:2.0.17-1.rhaos4.4.el8.x86_64", "8Base-RHOSE-4.4:cri-o-0:1.17.4-14.dev.rhaos4.4.gitb93af5d.el8.src", "8Base-RHOSE-4.4:cri-o-0:1.17.4-14.dev.rhaos4.4.gitb93af5d.el8.x86_64", "8Base-RHOSE-4.4:cri-o-debuginfo-0:1.17.4-14.dev.rhaos4.4.gitb93af5d.el8.x86_64", "8Base-RHOSE-4.4:cri-o-debugsource-0:1.17.4-14.dev.rhaos4.4.gitb93af5d.el8.x86_64", "8Base-RHOSE-4.4:machine-config-daemon-0:4.4.0-202006080017.git.1.32e0736.el8.src", "8Base-RHOSE-4.4:machine-config-daemon-0:4.4.0-202006080017.git.1.32e0736.el8.x86_64", "8Base-RHOSE-4.4:openshift-0:4.4.0-202006061254.git.1.dc84fb4.el8.src", "8Base-RHOSE-4.4:openshift-clients-0:4.4.0-202006061254.git.1.26cb6dc.el8.src", "8Base-RHOSE-4.4:openshift-clients-0:4.4.0-202006061254.git.1.26cb6dc.el8.x86_64", "8Base-RHOSE-4.4:openshift-clients-redistributable-0:4.4.0-202006061254.git.1.26cb6dc.el8.x86_64", "8Base-RHOSE-4.4:openshift-hyperkube-0:4.4.0-202006061254.git.1.dc84fb4.el8.x86_64", "8Base-RHOSE-4.4:openshift-kuryr-0:4.4.0-202006080017.git.1.855ef1d.el8.src", "8Base-RHOSE-4.4:openshift-kuryr-cni-0:4.4.0-202006080017.git.1.855ef1d.el8.noarch", "8Base-RHOSE-4.4:openshift-kuryr-common-0:4.4.0-202006080017.git.1.855ef1d.el8.noarch", "8Base-RHOSE-4.4:openshift-kuryr-controller-0:4.4.0-202006080017.git.1.855ef1d.el8.noarch", "8Base-RHOSE-4.4:python3-kuryr-kubernetes-0:4.4.0-202006080017.git.1.855ef1d.el8.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2020-2163" }, { "category": "external", "summary": "RHBZ#1819222", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1819222" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2020-2163", "url": "https://www.cve.org/CVERecord?id=CVE-2020-2163" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-2163", "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-2163" }, { "category": "external", "summary": "https://jenkins.io/security/advisory/2020-03-25/#SECURITY-1796", "url": "https://jenkins.io/security/advisory/2020-03-25/#SECURITY-1796" } ], "release_date": "2020-03-26T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-06-17T19:38:33+00:00", "details": "For OpenShift Container Platform 4.4 see the following documentation, which\nwill be updated shortly for release 4.4.8, for important instructions on\nhow to upgrade your cluster and fully apply this asynchronous errata\nupdate:\n\nhttps://docs.openshift.com/container-platform/4.4/release_notes/ocp-4-4-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.4/updating/updating-cluster-cli.html.", "product_ids": [ "7Server-RH7-RHOSE-4.4:atomic-enterprise-service-catalog-1:4.4.0-202006080017.git.1.77a5cc9.el7.src", "7Server-RH7-RHOSE-4.4:atomic-enterprise-service-catalog-1:4.4.0-202006080017.git.1.77a5cc9.el7.x86_64", "7Server-RH7-RHOSE-4.4:atomic-enterprise-service-catalog-svcat-1:4.4.0-202006080017.git.1.77a5cc9.el7.x86_64", "7Server-RH7-RHOSE-4.4:atomic-openshift-service-idler-0:4.4.0-202006080017.git.1.7e463c3.el7.src", "7Server-RH7-RHOSE-4.4:atomic-openshift-service-idler-0:4.4.0-202006080017.git.1.7e463c3.el7.x86_64", "7Server-RH7-RHOSE-4.4:conmon-2:2.0.17-1.rhaos4.4.el7.src", "7Server-RH7-RHOSE-4.4:conmon-2:2.0.17-1.rhaos4.4.el7.x86_64", "7Server-RH7-RHOSE-4.4:cri-o-0:1.17.4-14.dev.rhaos4.4.gitb93af5d.el7.src", "7Server-RH7-RHOSE-4.4:cri-o-0:1.17.4-14.dev.rhaos4.4.gitb93af5d.el7.x86_64", "7Server-RH7-RHOSE-4.4:cri-o-debuginfo-0:1.17.4-14.dev.rhaos4.4.gitb93af5d.el7.x86_64", "7Server-RH7-RHOSE-4.4:jenkins-0:2.222.1.1591351066-1.el7.noarch", "7Server-RH7-RHOSE-4.4:jenkins-0:2.222.1.1591351066-1.el7.src", "7Server-RH7-RHOSE-4.4:openshift-0:4.4.0-202006061254.git.1.dc84fb4.el7.src", "7Server-RH7-RHOSE-4.4:openshift-ansible-0:4.4.0-202006061254.git.1.a996454.el7.noarch", "7Server-RH7-RHOSE-4.4:openshift-ansible-0:4.4.0-202006061254.git.1.a996454.el7.src", "7Server-RH7-RHOSE-4.4:openshift-ansible-test-0:4.4.0-202006061254.git.1.a996454.el7.noarch", "7Server-RH7-RHOSE-4.4:openshift-clients-0:4.4.0-202006061254.git.1.26cb6dc.el7.src", "7Server-RH7-RHOSE-4.4:openshift-clients-0:4.4.0-202006061254.git.1.26cb6dc.el7.x86_64", "7Server-RH7-RHOSE-4.4:openshift-clients-redistributable-0:4.4.0-202006061254.git.1.26cb6dc.el7.x86_64", "7Server-RH7-RHOSE-4.4:openshift-hyperkube-0:4.4.0-202006061254.git.1.dc84fb4.el7.x86_64", "8Base-RHOSE-4.4:conmon-2:2.0.17-1.rhaos4.4.el8.src", "8Base-RHOSE-4.4:conmon-2:2.0.17-1.rhaos4.4.el8.x86_64", "8Base-RHOSE-4.4:cri-o-0:1.17.4-14.dev.rhaos4.4.gitb93af5d.el8.src", "8Base-RHOSE-4.4:cri-o-0:1.17.4-14.dev.rhaos4.4.gitb93af5d.el8.x86_64", "8Base-RHOSE-4.4:cri-o-debuginfo-0:1.17.4-14.dev.rhaos4.4.gitb93af5d.el8.x86_64", "8Base-RHOSE-4.4:cri-o-debugsource-0:1.17.4-14.dev.rhaos4.4.gitb93af5d.el8.x86_64", "8Base-RHOSE-4.4:machine-config-daemon-0:4.4.0-202006080017.git.1.32e0736.el8.src", "8Base-RHOSE-4.4:machine-config-daemon-0:4.4.0-202006080017.git.1.32e0736.el8.x86_64", "8Base-RHOSE-4.4:openshift-0:4.4.0-202006061254.git.1.dc84fb4.el8.src", "8Base-RHOSE-4.4:openshift-clients-0:4.4.0-202006061254.git.1.26cb6dc.el8.src", "8Base-RHOSE-4.4:openshift-clients-0:4.4.0-202006061254.git.1.26cb6dc.el8.x86_64", "8Base-RHOSE-4.4:openshift-clients-redistributable-0:4.4.0-202006061254.git.1.26cb6dc.el8.x86_64", "8Base-RHOSE-4.4:openshift-hyperkube-0:4.4.0-202006061254.git.1.dc84fb4.el8.x86_64", "8Base-RHOSE-4.4:openshift-kuryr-0:4.4.0-202006080017.git.1.855ef1d.el8.src", "8Base-RHOSE-4.4:openshift-kuryr-cni-0:4.4.0-202006080017.git.1.855ef1d.el8.noarch", "8Base-RHOSE-4.4:openshift-kuryr-common-0:4.4.0-202006080017.git.1.855ef1d.el8.noarch", "8Base-RHOSE-4.4:openshift-kuryr-controller-0:4.4.0-202006080017.git.1.855ef1d.el8.noarch", "8Base-RHOSE-4.4:python3-kuryr-kubernetes-0:4.4.0-202006080017.git.1.855ef1d.el8.noarch" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHBA-2020:2444" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", "version": "3.1" }, "products": [ "7Server-RH7-RHOSE-4.4:atomic-enterprise-service-catalog-1:4.4.0-202006080017.git.1.77a5cc9.el7.src", "7Server-RH7-RHOSE-4.4:atomic-enterprise-service-catalog-1:4.4.0-202006080017.git.1.77a5cc9.el7.x86_64", "7Server-RH7-RHOSE-4.4:atomic-enterprise-service-catalog-svcat-1:4.4.0-202006080017.git.1.77a5cc9.el7.x86_64", "7Server-RH7-RHOSE-4.4:atomic-openshift-service-idler-0:4.4.0-202006080017.git.1.7e463c3.el7.src", "7Server-RH7-RHOSE-4.4:atomic-openshift-service-idler-0:4.4.0-202006080017.git.1.7e463c3.el7.x86_64", "7Server-RH7-RHOSE-4.4:conmon-2:2.0.17-1.rhaos4.4.el7.src", "7Server-RH7-RHOSE-4.4:conmon-2:2.0.17-1.rhaos4.4.el7.x86_64", "7Server-RH7-RHOSE-4.4:cri-o-0:1.17.4-14.dev.rhaos4.4.gitb93af5d.el7.src", "7Server-RH7-RHOSE-4.4:cri-o-0:1.17.4-14.dev.rhaos4.4.gitb93af5d.el7.x86_64", "7Server-RH7-RHOSE-4.4:cri-o-debuginfo-0:1.17.4-14.dev.rhaos4.4.gitb93af5d.el7.x86_64", "7Server-RH7-RHOSE-4.4:jenkins-0:2.222.1.1591351066-1.el7.noarch", "7Server-RH7-RHOSE-4.4:jenkins-0:2.222.1.1591351066-1.el7.src", "7Server-RH7-RHOSE-4.4:openshift-0:4.4.0-202006061254.git.1.dc84fb4.el7.src", "7Server-RH7-RHOSE-4.4:openshift-ansible-0:4.4.0-202006061254.git.1.a996454.el7.noarch", "7Server-RH7-RHOSE-4.4:openshift-ansible-0:4.4.0-202006061254.git.1.a996454.el7.src", "7Server-RH7-RHOSE-4.4:openshift-ansible-test-0:4.4.0-202006061254.git.1.a996454.el7.noarch", "7Server-RH7-RHOSE-4.4:openshift-clients-0:4.4.0-202006061254.git.1.26cb6dc.el7.src", "7Server-RH7-RHOSE-4.4:openshift-clients-0:4.4.0-202006061254.git.1.26cb6dc.el7.x86_64", "7Server-RH7-RHOSE-4.4:openshift-clients-redistributable-0:4.4.0-202006061254.git.1.26cb6dc.el7.x86_64", "7Server-RH7-RHOSE-4.4:openshift-hyperkube-0:4.4.0-202006061254.git.1.dc84fb4.el7.x86_64", "8Base-RHOSE-4.4:conmon-2:2.0.17-1.rhaos4.4.el8.src", "8Base-RHOSE-4.4:conmon-2:2.0.17-1.rhaos4.4.el8.x86_64", "8Base-RHOSE-4.4:cri-o-0:1.17.4-14.dev.rhaos4.4.gitb93af5d.el8.src", "8Base-RHOSE-4.4:cri-o-0:1.17.4-14.dev.rhaos4.4.gitb93af5d.el8.x86_64", "8Base-RHOSE-4.4:cri-o-debuginfo-0:1.17.4-14.dev.rhaos4.4.gitb93af5d.el8.x86_64", "8Base-RHOSE-4.4:cri-o-debugsource-0:1.17.4-14.dev.rhaos4.4.gitb93af5d.el8.x86_64", "8Base-RHOSE-4.4:machine-config-daemon-0:4.4.0-202006080017.git.1.32e0736.el8.src", "8Base-RHOSE-4.4:machine-config-daemon-0:4.4.0-202006080017.git.1.32e0736.el8.x86_64", "8Base-RHOSE-4.4:openshift-0:4.4.0-202006061254.git.1.dc84fb4.el8.src", "8Base-RHOSE-4.4:openshift-clients-0:4.4.0-202006061254.git.1.26cb6dc.el8.src", "8Base-RHOSE-4.4:openshift-clients-0:4.4.0-202006061254.git.1.26cb6dc.el8.x86_64", "8Base-RHOSE-4.4:openshift-clients-redistributable-0:4.4.0-202006061254.git.1.26cb6dc.el8.x86_64", "8Base-RHOSE-4.4:openshift-hyperkube-0:4.4.0-202006061254.git.1.dc84fb4.el8.x86_64", "8Base-RHOSE-4.4:openshift-kuryr-0:4.4.0-202006080017.git.1.855ef1d.el8.src", "8Base-RHOSE-4.4:openshift-kuryr-cni-0:4.4.0-202006080017.git.1.855ef1d.el8.noarch", "8Base-RHOSE-4.4:openshift-kuryr-common-0:4.4.0-202006080017.git.1.855ef1d.el8.noarch", "8Base-RHOSE-4.4:openshift-kuryr-controller-0:4.4.0-202006080017.git.1.855ef1d.el8.noarch", "8Base-RHOSE-4.4:python3-kuryr-kubernetes-0:4.4.0-202006080017.git.1.855ef1d.el8.noarch" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "jenkins: improperly processes HTML content of list leads to XSS" } ] }
rhba-2020_2477
Vulnerability from csaf_redhat
Notes
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Important" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "Red Hat OpenShift Container Platform release 3.11.232 is now available with\nupdates to packages and images that fix several bugs and add enhancements.", "title": "Topic" }, { "category": "general", "text": "Red Hat OpenShift Container Platform is Red Hat\u0027s cloud computing\nKubernetes application platform solution designed for on-premise or private\ncloud deployments.\n\nThis advisory contains the RPM packages for Red Hat OpenShift Container\nPlatform 3.11.232. See the following advisory for the container images for\nthis release:\n\nhttps://access.redhat.com/errata/RHBA-2020:2434\n\nThis release fixes the following bugs (among others):\n\n* Previously, the DeploymentConfig controller broke the adoption mechanism responsible for indentifying replicated controllers. This caused the `oc replace` command to incorrectly modify existing objects based on the specified configuration file unless the `--force` flag was specified. The adoption mechanism has been fixed and the `oc replace` command now correctly removes dependent objects. (BZ#1686838)\n\n* An Ingress object specifies backends, where each backend specifies a target port name or number on some Service object. The Service\u0027s port, in turn, specifies a target port on a Pod object. Similarly to an Ingress backend, a Route object may specify a target port on a Service. When translating an Ingress backend to a Route, the ingress-to-route controller used the Service port\u0027s target port for the Route\u0027s target port when it should have used the Service port\u0027s name or number. This caused the ingress-to-route controller to sometimes produce an invalid Route object. When translating the target port of an Ingress backend to the target port for a Route, the ingress-to-route controller now uses the Service port\u0027s name rather than its target port, or omits the target port entirely if it is not needed, as in the case of a Service that has only one port. Ingress objects are now correctly translated to Route objects even if an Ingress backend targets a Service port that has a different name or number from the Service port\u0027s target port. (BZ#1763340)\n\nAll OpenShift Container Platform 3.11 users are advised to upgrade to these\nupdated packages and images.", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHBA-2020:2477", "url": "https://access.redhat.com/errata/RHBA-2020:2477" }, { "category": "external", "summary": "1616184", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1616184" }, { "category": "external", "summary": "1663306", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1663306" }, { "category": "external", "summary": "1686838", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1686838" }, { "category": "external", "summary": "1693798", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1693798" }, { "category": "external", "summary": "1731236", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1731236" }, { "category": "external", "summary": "1763340", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1763340" }, { "category": "external", "summary": "1797880", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1797880" }, { "category": "external", "summary": "1800489", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1800489" }, { "category": "external", "summary": "1805192", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1805192" }, { "category": "external", "summary": "1806454", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1806454" }, { "category": "external", "summary": "1812036", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1812036" }, { "category": "external", "summary": "1814451", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1814451" }, { "category": "external", "summary": "1816966", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1816966" }, { "category": "external", "summary": "1828433", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1828433" }, { "category": "external", "summary": "1843039", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1843039" }, { "category": "external", "summary": "1845517", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1845517" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2020/rhba-2020_2477.json" } ], "title": "Red Hat Bug Fix Advisory: OpenShift Container Platform 3.11 bug fix and enhancement update", "tracking": { "current_release_date": "2024-11-05T15:56:40+00:00", "generator": { "date": "2024-11-05T15:56:40+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.1.1" } }, "id": "RHBA-2020:2477", "initial_release_date": "2020-06-17T20:23:07+00:00", "revision_history": [ { "date": "2020-06-17T20:23:07+00:00", "number": "1", "summary": "Initial version" }, { "date": "2020-06-17T20:23:07+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-11-05T15:56:40+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat OpenShift Container Platform 3.11", "product": { "name": "Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11", "product_identification_helper": { "cpe": "cpe:/a:redhat:openshift:3.11::el7" } } } ], "category": "product_family", "name": "Red Hat OpenShift Enterprise" }, { "branches": [ { "category": "product_version", "name": "atomic-openshift-cluster-autoscaler-0:3.11.232-1.git.1.e7433c6.el7.ppc64le", "product": { "name": "atomic-openshift-cluster-autoscaler-0:3.11.232-1.git.1.e7433c6.el7.ppc64le", "product_id": "atomic-openshift-cluster-autoscaler-0:3.11.232-1.git.1.e7433c6.el7.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/atomic-openshift-cluster-autoscaler@3.11.232-1.git.1.e7433c6.el7?arch=ppc64le" } } }, { "category": "product_version", "name": "atomic-openshift-descheduler-0:3.11.232-1.git.1.71361e4.el7.ppc64le", "product": { "name": "atomic-openshift-descheduler-0:3.11.232-1.git.1.71361e4.el7.ppc64le", "product_id": "atomic-openshift-descheduler-0:3.11.232-1.git.1.71361e4.el7.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/atomic-openshift-descheduler@3.11.232-1.git.1.71361e4.el7?arch=ppc64le" } } }, { "category": "product_version", "name": "atomic-enterprise-service-catalog-1:3.11.232-1.git.1.d1e3501.el7.ppc64le", "product": { "name": "atomic-enterprise-service-catalog-1:3.11.232-1.git.1.d1e3501.el7.ppc64le", "product_id": "atomic-enterprise-service-catalog-1:3.11.232-1.git.1.d1e3501.el7.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/atomic-enterprise-service-catalog@3.11.232-1.git.1.d1e3501.el7?arch=ppc64le\u0026epoch=1" } } }, { "category": "product_version", "name": "atomic-enterprise-service-catalog-svcat-1:3.11.232-1.git.1.d1e3501.el7.ppc64le", "product": { "name": "atomic-enterprise-service-catalog-svcat-1:3.11.232-1.git.1.d1e3501.el7.ppc64le", "product_id": "atomic-enterprise-service-catalog-svcat-1:3.11.232-1.git.1.d1e3501.el7.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/atomic-enterprise-service-catalog-svcat@3.11.232-1.git.1.d1e3501.el7?arch=ppc64le\u0026epoch=1" } } }, { "category": "product_version", "name": "golang-github-openshift-oauth-proxy-0:3.11.232-1.git.1.db200ae.el7.ppc64le", "product": { "name": "golang-github-openshift-oauth-proxy-0:3.11.232-1.git.1.db200ae.el7.ppc64le", "product_id": "golang-github-openshift-oauth-proxy-0:3.11.232-1.git.1.db200ae.el7.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/golang-github-openshift-oauth-proxy@3.11.232-1.git.1.db200ae.el7?arch=ppc64le" } } }, { "category": "product_version", "name": "prometheus-0:3.11.232-1.git.1.3c936ee.el7.ppc64le", "product": { "name": "prometheus-0:3.11.232-1.git.1.3c936ee.el7.ppc64le", "product_id": "prometheus-0:3.11.232-1.git.1.3c936ee.el7.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/prometheus@3.11.232-1.git.1.3c936ee.el7?arch=ppc64le" } } }, { "category": "product_version", "name": "prometheus-node-exporter-0:3.11.232-1.git.1.0216923.el7.ppc64le", "product": { "name": "prometheus-node-exporter-0:3.11.232-1.git.1.0216923.el7.ppc64le", "product_id": "prometheus-node-exporter-0:3.11.232-1.git.1.0216923.el7.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/prometheus-node-exporter@3.11.232-1.git.1.0216923.el7?arch=ppc64le" } } }, { "category": "product_version", "name": "atomic-openshift-node-problem-detector-0:3.11.232-1.git.1.d41afaf.el7.ppc64le", "product": { "name": "atomic-openshift-node-problem-detector-0:3.11.232-1.git.1.d41afaf.el7.ppc64le", "product_id": "atomic-openshift-node-problem-detector-0:3.11.232-1.git.1.d41afaf.el7.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/atomic-openshift-node-problem-detector@3.11.232-1.git.1.d41afaf.el7?arch=ppc64le" } } }, { "category": "product_version", "name": "openshift-enterprise-autoheal-0:3.11.232-1.git.1.2756a13.el7.ppc64le", "product": { "name": "openshift-enterprise-autoheal-0:3.11.232-1.git.1.2756a13.el7.ppc64le", "product_id": "openshift-enterprise-autoheal-0:3.11.232-1.git.1.2756a13.el7.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/openshift-enterprise-autoheal@3.11.232-1.git.1.2756a13.el7?arch=ppc64le" } } }, { "category": "product_version", "name": "openshift-enterprise-cluster-capacity-0:3.11.232-1.git.1.2e0c082.el7.ppc64le", "product": { "name": "openshift-enterprise-cluster-capacity-0:3.11.232-1.git.1.2e0c082.el7.ppc64le", "product_id": "openshift-enterprise-cluster-capacity-0:3.11.232-1.git.1.2e0c082.el7.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/openshift-enterprise-cluster-capacity@3.11.232-1.git.1.2e0c082.el7?arch=ppc64le" } } }, { "category": "product_version", "name": "atomic-openshift-web-console-0:3.11.232-1.git.1.0f92c9e.el7.ppc64le", "product": { "name": "atomic-openshift-web-console-0:3.11.232-1.git.1.0f92c9e.el7.ppc64le", "product_id": "atomic-openshift-web-console-0:3.11.232-1.git.1.0f92c9e.el7.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/atomic-openshift-web-console@3.11.232-1.git.1.0f92c9e.el7?arch=ppc64le" } } }, { "category": "product_version", "name": "atomic-openshift-service-idler-0:3.11.232-1.git.1.424e270.el7.ppc64le", "product": { "name": "atomic-openshift-service-idler-0:3.11.232-1.git.1.424e270.el7.ppc64le", "product_id": "atomic-openshift-service-idler-0:3.11.232-1.git.1.424e270.el7.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/atomic-openshift-service-idler@3.11.232-1.git.1.424e270.el7?arch=ppc64le" } } }, { "category": "product_version", "name": "atomic-openshift-metrics-server-0:3.11.232-1.git.1.8c5f5b4.el7.ppc64le", "product": { "name": "atomic-openshift-metrics-server-0:3.11.232-1.git.1.8c5f5b4.el7.ppc64le", "product_id": "atomic-openshift-metrics-server-0:3.11.232-1.git.1.8c5f5b4.el7.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/atomic-openshift-metrics-server@3.11.232-1.git.1.8c5f5b4.el7?arch=ppc64le" } } }, { "category": "product_version", "name": "prometheus-alertmanager-0:3.11.232-1.git.1.abfb991.el7.ppc64le", "product": { "name": "prometheus-alertmanager-0:3.11.232-1.git.1.abfb991.el7.ppc64le", "product_id": "prometheus-alertmanager-0:3.11.232-1.git.1.abfb991.el7.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/prometheus-alertmanager@3.11.232-1.git.1.abfb991.el7?arch=ppc64le" } } }, { "category": "product_version", "name": "atomic-openshift-0:3.11.232-1.git.0.a5bc32f.el7.ppc64le", "product": { "name": "atomic-openshift-0:3.11.232-1.git.0.a5bc32f.el7.ppc64le", "product_id": "atomic-openshift-0:3.11.232-1.git.0.a5bc32f.el7.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/atomic-openshift@3.11.232-1.git.0.a5bc32f.el7?arch=ppc64le" } } }, { "category": "product_version", "name": "atomic-openshift-clients-0:3.11.232-1.git.0.a5bc32f.el7.ppc64le", "product": { "name": "atomic-openshift-clients-0:3.11.232-1.git.0.a5bc32f.el7.ppc64le", "product_id": "atomic-openshift-clients-0:3.11.232-1.git.0.a5bc32f.el7.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/atomic-openshift-clients@3.11.232-1.git.0.a5bc32f.el7?arch=ppc64le" } } }, { "category": "product_version", "name": "atomic-openshift-hyperkube-0:3.11.232-1.git.0.a5bc32f.el7.ppc64le", "product": { "name": "atomic-openshift-hyperkube-0:3.11.232-1.git.0.a5bc32f.el7.ppc64le", "product_id": "atomic-openshift-hyperkube-0:3.11.232-1.git.0.a5bc32f.el7.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/atomic-openshift-hyperkube@3.11.232-1.git.0.a5bc32f.el7?arch=ppc64le" } } }, { "category": "product_version", "name": "atomic-openshift-hypershift-0:3.11.232-1.git.0.a5bc32f.el7.ppc64le", "product": { "name": "atomic-openshift-hypershift-0:3.11.232-1.git.0.a5bc32f.el7.ppc64le", "product_id": "atomic-openshift-hypershift-0:3.11.232-1.git.0.a5bc32f.el7.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/atomic-openshift-hypershift@3.11.232-1.git.0.a5bc32f.el7?arch=ppc64le" } } }, { "category": "product_version", "name": "atomic-openshift-master-0:3.11.232-1.git.0.a5bc32f.el7.ppc64le", "product": { "name": "atomic-openshift-master-0:3.11.232-1.git.0.a5bc32f.el7.ppc64le", "product_id": "atomic-openshift-master-0:3.11.232-1.git.0.a5bc32f.el7.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/atomic-openshift-master@3.11.232-1.git.0.a5bc32f.el7?arch=ppc64le" } } }, { "category": "product_version", "name": "atomic-openshift-node-0:3.11.232-1.git.0.a5bc32f.el7.ppc64le", "product": { "name": "atomic-openshift-node-0:3.11.232-1.git.0.a5bc32f.el7.ppc64le", "product_id": "atomic-openshift-node-0:3.11.232-1.git.0.a5bc32f.el7.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/atomic-openshift-node@3.11.232-1.git.0.a5bc32f.el7?arch=ppc64le" } } }, { "category": "product_version", "name": "atomic-openshift-pod-0:3.11.232-1.git.0.a5bc32f.el7.ppc64le", "product": { "name": "atomic-openshift-pod-0:3.11.232-1.git.0.a5bc32f.el7.ppc64le", "product_id": "atomic-openshift-pod-0:3.11.232-1.git.0.a5bc32f.el7.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/atomic-openshift-pod@3.11.232-1.git.0.a5bc32f.el7?arch=ppc64le" } } }, { "category": "product_version", "name": "atomic-openshift-sdn-ovs-0:3.11.232-1.git.0.a5bc32f.el7.ppc64le", "product": { "name": "atomic-openshift-sdn-ovs-0:3.11.232-1.git.0.a5bc32f.el7.ppc64le", "product_id": "atomic-openshift-sdn-ovs-0:3.11.232-1.git.0.a5bc32f.el7.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/atomic-openshift-sdn-ovs@3.11.232-1.git.0.a5bc32f.el7?arch=ppc64le" } } }, { "category": "product_version", "name": "atomic-openshift-template-service-broker-0:3.11.232-1.git.0.a5bc32f.el7.ppc64le", "product": { "name": "atomic-openshift-template-service-broker-0:3.11.232-1.git.0.a5bc32f.el7.ppc64le", "product_id": "atomic-openshift-template-service-broker-0:3.11.232-1.git.0.a5bc32f.el7.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/atomic-openshift-template-service-broker@3.11.232-1.git.0.a5bc32f.el7?arch=ppc64le" } } }, { "category": "product_version", "name": "atomic-openshift-tests-0:3.11.232-1.git.0.a5bc32f.el7.ppc64le", "product": { "name": "atomic-openshift-tests-0:3.11.232-1.git.0.a5bc32f.el7.ppc64le", "product_id": "atomic-openshift-tests-0:3.11.232-1.git.0.a5bc32f.el7.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/atomic-openshift-tests@3.11.232-1.git.0.a5bc32f.el7?arch=ppc64le" } } }, { "category": "product_version", "name": "cri-tools-0:1.11.1-3.rhaos3.11.gitedabfb5.el7.ppc64le", "product": { "name": "cri-tools-0:1.11.1-3.rhaos3.11.gitedabfb5.el7.ppc64le", "product_id": "cri-tools-0:1.11.1-3.rhaos3.11.gitedabfb5.el7.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/cri-tools@1.11.1-3.rhaos3.11.gitedabfb5.el7?arch=ppc64le" } } }, { "category": "product_version", "name": "cri-tools-debuginfo-0:1.11.1-3.rhaos3.11.gitedabfb5.el7.ppc64le", "product": { "name": "cri-tools-debuginfo-0:1.11.1-3.rhaos3.11.gitedabfb5.el7.ppc64le", "product_id": "cri-tools-debuginfo-0:1.11.1-3.rhaos3.11.gitedabfb5.el7.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/cri-tools-debuginfo@1.11.1-3.rhaos3.11.gitedabfb5.el7?arch=ppc64le" } } } ], "category": "architecture", "name": "ppc64le" }, { "branches": [ { "category": "product_version", "name": "atomic-openshift-cluster-autoscaler-0:3.11.232-1.git.1.e7433c6.el7.x86_64", "product": { "name": "atomic-openshift-cluster-autoscaler-0:3.11.232-1.git.1.e7433c6.el7.x86_64", "product_id": "atomic-openshift-cluster-autoscaler-0:3.11.232-1.git.1.e7433c6.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/atomic-openshift-cluster-autoscaler@3.11.232-1.git.1.e7433c6.el7?arch=x86_64" } } }, { "category": "product_version", "name": "atomic-openshift-descheduler-0:3.11.232-1.git.1.71361e4.el7.x86_64", "product": { "name": "atomic-openshift-descheduler-0:3.11.232-1.git.1.71361e4.el7.x86_64", "product_id": "atomic-openshift-descheduler-0:3.11.232-1.git.1.71361e4.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/atomic-openshift-descheduler@3.11.232-1.git.1.71361e4.el7?arch=x86_64" } } }, { "category": "product_version", "name": "atomic-enterprise-service-catalog-1:3.11.232-1.git.1.d1e3501.el7.x86_64", "product": { "name": "atomic-enterprise-service-catalog-1:3.11.232-1.git.1.d1e3501.el7.x86_64", "product_id": "atomic-enterprise-service-catalog-1:3.11.232-1.git.1.d1e3501.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/atomic-enterprise-service-catalog@3.11.232-1.git.1.d1e3501.el7?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "atomic-enterprise-service-catalog-svcat-1:3.11.232-1.git.1.d1e3501.el7.x86_64", "product": { "name": "atomic-enterprise-service-catalog-svcat-1:3.11.232-1.git.1.d1e3501.el7.x86_64", "product_id": "atomic-enterprise-service-catalog-svcat-1:3.11.232-1.git.1.d1e3501.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/atomic-enterprise-service-catalog-svcat@3.11.232-1.git.1.d1e3501.el7?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "golang-github-openshift-oauth-proxy-0:3.11.232-1.git.1.db200ae.el7.x86_64", "product": { "name": "golang-github-openshift-oauth-proxy-0:3.11.232-1.git.1.db200ae.el7.x86_64", "product_id": "golang-github-openshift-oauth-proxy-0:3.11.232-1.git.1.db200ae.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/golang-github-openshift-oauth-proxy@3.11.232-1.git.1.db200ae.el7?arch=x86_64" } } }, { "category": "product_version", "name": "prometheus-0:3.11.232-1.git.1.3c936ee.el7.x86_64", "product": { "name": "prometheus-0:3.11.232-1.git.1.3c936ee.el7.x86_64", "product_id": "prometheus-0:3.11.232-1.git.1.3c936ee.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/prometheus@3.11.232-1.git.1.3c936ee.el7?arch=x86_64" } } }, { "category": "product_version", "name": "atomic-openshift-dockerregistry-0:3.11.232-1.git.1.e5150dd.el7.x86_64", "product": { "name": "atomic-openshift-dockerregistry-0:3.11.232-1.git.1.e5150dd.el7.x86_64", "product_id": "atomic-openshift-dockerregistry-0:3.11.232-1.git.1.e5150dd.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/atomic-openshift-dockerregistry@3.11.232-1.git.1.e5150dd.el7?arch=x86_64" } } }, { "category": "product_version", "name": "prometheus-node-exporter-0:3.11.232-1.git.1.0216923.el7.x86_64", "product": { "name": "prometheus-node-exporter-0:3.11.232-1.git.1.0216923.el7.x86_64", "product_id": "prometheus-node-exporter-0:3.11.232-1.git.1.0216923.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/prometheus-node-exporter@3.11.232-1.git.1.0216923.el7?arch=x86_64" } } }, { "category": "product_version", "name": "atomic-openshift-node-problem-detector-0:3.11.232-1.git.1.d41afaf.el7.x86_64", "product": { "name": "atomic-openshift-node-problem-detector-0:3.11.232-1.git.1.d41afaf.el7.x86_64", "product_id": "atomic-openshift-node-problem-detector-0:3.11.232-1.git.1.d41afaf.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/atomic-openshift-node-problem-detector@3.11.232-1.git.1.d41afaf.el7?arch=x86_64" } } }, { "category": "product_version", "name": "openshift-enterprise-autoheal-0:3.11.232-1.git.1.2756a13.el7.x86_64", "product": { "name": "openshift-enterprise-autoheal-0:3.11.232-1.git.1.2756a13.el7.x86_64", "product_id": "openshift-enterprise-autoheal-0:3.11.232-1.git.1.2756a13.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/openshift-enterprise-autoheal@3.11.232-1.git.1.2756a13.el7?arch=x86_64" } } }, { "category": "product_version", "name": "openshift-enterprise-cluster-capacity-0:3.11.232-1.git.1.2e0c082.el7.x86_64", "product": { "name": "openshift-enterprise-cluster-capacity-0:3.11.232-1.git.1.2e0c082.el7.x86_64", "product_id": "openshift-enterprise-cluster-capacity-0:3.11.232-1.git.1.2e0c082.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/openshift-enterprise-cluster-capacity@3.11.232-1.git.1.2e0c082.el7?arch=x86_64" } } }, { "category": "product_version", "name": "atomic-openshift-web-console-0:3.11.232-1.git.1.0f92c9e.el7.x86_64", "product": { "name": "atomic-openshift-web-console-0:3.11.232-1.git.1.0f92c9e.el7.x86_64", "product_id": "atomic-openshift-web-console-0:3.11.232-1.git.1.0f92c9e.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/atomic-openshift-web-console@3.11.232-1.git.1.0f92c9e.el7?arch=x86_64" } } }, { "category": "product_version", "name": "atomic-openshift-service-idler-0:3.11.232-1.git.1.424e270.el7.x86_64", "product": { "name": "atomic-openshift-service-idler-0:3.11.232-1.git.1.424e270.el7.x86_64", "product_id": "atomic-openshift-service-idler-0:3.11.232-1.git.1.424e270.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/atomic-openshift-service-idler@3.11.232-1.git.1.424e270.el7?arch=x86_64" } } }, { "category": "product_version", "name": "atomic-openshift-metrics-server-0:3.11.232-1.git.1.8c5f5b4.el7.x86_64", "product": { "name": "atomic-openshift-metrics-server-0:3.11.232-1.git.1.8c5f5b4.el7.x86_64", "product_id": "atomic-openshift-metrics-server-0:3.11.232-1.git.1.8c5f5b4.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/atomic-openshift-metrics-server@3.11.232-1.git.1.8c5f5b4.el7?arch=x86_64" } } }, { "category": "product_version", "name": "prometheus-alertmanager-0:3.11.232-1.git.1.abfb991.el7.x86_64", "product": { "name": "prometheus-alertmanager-0:3.11.232-1.git.1.abfb991.el7.x86_64", "product_id": "prometheus-alertmanager-0:3.11.232-1.git.1.abfb991.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/prometheus-alertmanager@3.11.232-1.git.1.abfb991.el7?arch=x86_64" } } }, { "category": "product_version", "name": "atomic-openshift-0:3.11.232-1.git.0.a5bc32f.el7.x86_64", "product": { "name": "atomic-openshift-0:3.11.232-1.git.0.a5bc32f.el7.x86_64", "product_id": "atomic-openshift-0:3.11.232-1.git.0.a5bc32f.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/atomic-openshift@3.11.232-1.git.0.a5bc32f.el7?arch=x86_64" } } }, { "category": "product_version", "name": "atomic-openshift-clients-0:3.11.232-1.git.0.a5bc32f.el7.x86_64", "product": { "name": "atomic-openshift-clients-0:3.11.232-1.git.0.a5bc32f.el7.x86_64", "product_id": "atomic-openshift-clients-0:3.11.232-1.git.0.a5bc32f.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/atomic-openshift-clients@3.11.232-1.git.0.a5bc32f.el7?arch=x86_64" } } }, { "category": "product_version", "name": "atomic-openshift-clients-redistributable-0:3.11.232-1.git.0.a5bc32f.el7.x86_64", "product": { "name": "atomic-openshift-clients-redistributable-0:3.11.232-1.git.0.a5bc32f.el7.x86_64", "product_id": "atomic-openshift-clients-redistributable-0:3.11.232-1.git.0.a5bc32f.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/atomic-openshift-clients-redistributable@3.11.232-1.git.0.a5bc32f.el7?arch=x86_64" } } }, { "category": "product_version", "name": "atomic-openshift-hyperkube-0:3.11.232-1.git.0.a5bc32f.el7.x86_64", "product": { "name": "atomic-openshift-hyperkube-0:3.11.232-1.git.0.a5bc32f.el7.x86_64", "product_id": "atomic-openshift-hyperkube-0:3.11.232-1.git.0.a5bc32f.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/atomic-openshift-hyperkube@3.11.232-1.git.0.a5bc32f.el7?arch=x86_64" } } }, { "category": "product_version", "name": "atomic-openshift-hypershift-0:3.11.232-1.git.0.a5bc32f.el7.x86_64", "product": { "name": "atomic-openshift-hypershift-0:3.11.232-1.git.0.a5bc32f.el7.x86_64", "product_id": "atomic-openshift-hypershift-0:3.11.232-1.git.0.a5bc32f.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/atomic-openshift-hypershift@3.11.232-1.git.0.a5bc32f.el7?arch=x86_64" } } }, { "category": "product_version", "name": "atomic-openshift-master-0:3.11.232-1.git.0.a5bc32f.el7.x86_64", "product": { "name": "atomic-openshift-master-0:3.11.232-1.git.0.a5bc32f.el7.x86_64", "product_id": "atomic-openshift-master-0:3.11.232-1.git.0.a5bc32f.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/atomic-openshift-master@3.11.232-1.git.0.a5bc32f.el7?arch=x86_64" } } }, { "category": "product_version", "name": "atomic-openshift-node-0:3.11.232-1.git.0.a5bc32f.el7.x86_64", "product": { "name": "atomic-openshift-node-0:3.11.232-1.git.0.a5bc32f.el7.x86_64", "product_id": "atomic-openshift-node-0:3.11.232-1.git.0.a5bc32f.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/atomic-openshift-node@3.11.232-1.git.0.a5bc32f.el7?arch=x86_64" } } }, { "category": "product_version", "name": "atomic-openshift-pod-0:3.11.232-1.git.0.a5bc32f.el7.x86_64", "product": { "name": "atomic-openshift-pod-0:3.11.232-1.git.0.a5bc32f.el7.x86_64", "product_id": "atomic-openshift-pod-0:3.11.232-1.git.0.a5bc32f.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/atomic-openshift-pod@3.11.232-1.git.0.a5bc32f.el7?arch=x86_64" } } }, { "category": "product_version", "name": "atomic-openshift-sdn-ovs-0:3.11.232-1.git.0.a5bc32f.el7.x86_64", "product": { "name": "atomic-openshift-sdn-ovs-0:3.11.232-1.git.0.a5bc32f.el7.x86_64", "product_id": "atomic-openshift-sdn-ovs-0:3.11.232-1.git.0.a5bc32f.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/atomic-openshift-sdn-ovs@3.11.232-1.git.0.a5bc32f.el7?arch=x86_64" } } }, { "category": "product_version", "name": "atomic-openshift-template-service-broker-0:3.11.232-1.git.0.a5bc32f.el7.x86_64", "product": { "name": "atomic-openshift-template-service-broker-0:3.11.232-1.git.0.a5bc32f.el7.x86_64", "product_id": "atomic-openshift-template-service-broker-0:3.11.232-1.git.0.a5bc32f.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/atomic-openshift-template-service-broker@3.11.232-1.git.0.a5bc32f.el7?arch=x86_64" } } }, { "category": "product_version", "name": "atomic-openshift-tests-0:3.11.232-1.git.0.a5bc32f.el7.x86_64", "product": { "name": "atomic-openshift-tests-0:3.11.232-1.git.0.a5bc32f.el7.x86_64", "product_id": "atomic-openshift-tests-0:3.11.232-1.git.0.a5bc32f.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/atomic-openshift-tests@3.11.232-1.git.0.a5bc32f.el7?arch=x86_64" } } }, { "category": "product_version", "name": "cri-tools-0:1.11.1-3.rhaos3.11.gitedabfb5.el7.x86_64", "product": { "name": "cri-tools-0:1.11.1-3.rhaos3.11.gitedabfb5.el7.x86_64", "product_id": "cri-tools-0:1.11.1-3.rhaos3.11.gitedabfb5.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/cri-tools@1.11.1-3.rhaos3.11.gitedabfb5.el7?arch=x86_64" } } }, { "category": "product_version", "name": "cri-tools-debuginfo-0:1.11.1-3.rhaos3.11.gitedabfb5.el7.x86_64", "product": { "name": "cri-tools-debuginfo-0:1.11.1-3.rhaos3.11.gitedabfb5.el7.x86_64", "product_id": "cri-tools-debuginfo-0:1.11.1-3.rhaos3.11.gitedabfb5.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/cri-tools-debuginfo@1.11.1-3.rhaos3.11.gitedabfb5.el7?arch=x86_64" } } }, { "category": "product_version", "name": "golang-github-cpuguy83-go-md2man-0:1.0.7-1.el7.x86_64", "product": { "name": "golang-github-cpuguy83-go-md2man-0:1.0.7-1.el7.x86_64", "product_id": "golang-github-cpuguy83-go-md2man-0:1.0.7-1.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/golang-github-cpuguy83-go-md2man@1.0.7-1.el7?arch=x86_64" } } } ], "category": "architecture", "name": "x86_64" }, { "branches": [ { "category": "product_version", "name": "atomic-openshift-cluster-autoscaler-0:3.11.232-1.git.1.e7433c6.el7.src", "product": { "name": "atomic-openshift-cluster-autoscaler-0:3.11.232-1.git.1.e7433c6.el7.src", "product_id": "atomic-openshift-cluster-autoscaler-0:3.11.232-1.git.1.e7433c6.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/atomic-openshift-cluster-autoscaler@3.11.232-1.git.1.e7433c6.el7?arch=src" } } }, { "category": "product_version", "name": "atomic-openshift-descheduler-0:3.11.232-1.git.1.71361e4.el7.src", "product": { "name": "atomic-openshift-descheduler-0:3.11.232-1.git.1.71361e4.el7.src", "product_id": "atomic-openshift-descheduler-0:3.11.232-1.git.1.71361e4.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/atomic-openshift-descheduler@3.11.232-1.git.1.71361e4.el7?arch=src" } } }, { "category": "product_version", "name": "atomic-enterprise-service-catalog-1:3.11.232-1.git.1.d1e3501.el7.src", "product": { "name": "atomic-enterprise-service-catalog-1:3.11.232-1.git.1.d1e3501.el7.src", "product_id": "atomic-enterprise-service-catalog-1:3.11.232-1.git.1.d1e3501.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/atomic-enterprise-service-catalog@3.11.232-1.git.1.d1e3501.el7?arch=src\u0026epoch=1" } } }, { "category": "product_version", "name": "golang-github-openshift-oauth-proxy-0:3.11.232-1.git.1.db200ae.el7.src", "product": { "name": "golang-github-openshift-oauth-proxy-0:3.11.232-1.git.1.db200ae.el7.src", "product_id": "golang-github-openshift-oauth-proxy-0:3.11.232-1.git.1.db200ae.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/golang-github-openshift-oauth-proxy@3.11.232-1.git.1.db200ae.el7?arch=src" } } }, { "category": "product_version", "name": "golang-github-prometheus-prometheus-0:3.11.232-1.git.1.3c936ee.el7.src", "product": { "name": "golang-github-prometheus-prometheus-0:3.11.232-1.git.1.3c936ee.el7.src", "product_id": "golang-github-prometheus-prometheus-0:3.11.232-1.git.1.3c936ee.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/golang-github-prometheus-prometheus@3.11.232-1.git.1.3c936ee.el7?arch=src" } } }, { "category": "product_version", "name": "atomic-openshift-dockerregistry-0:3.11.232-1.git.1.e5150dd.el7.src", "product": { "name": "atomic-openshift-dockerregistry-0:3.11.232-1.git.1.e5150dd.el7.src", "product_id": "atomic-openshift-dockerregistry-0:3.11.232-1.git.1.e5150dd.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/atomic-openshift-dockerregistry@3.11.232-1.git.1.e5150dd.el7?arch=src" } } }, { "category": "product_version", "name": "golang-github-prometheus-node_exporter-0:3.11.232-1.git.1.0216923.el7.src", "product": { "name": "golang-github-prometheus-node_exporter-0:3.11.232-1.git.1.0216923.el7.src", "product_id": "golang-github-prometheus-node_exporter-0:3.11.232-1.git.1.0216923.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/golang-github-prometheus-node_exporter@3.11.232-1.git.1.0216923.el7?arch=src" } } }, { "category": "product_version", "name": "atomic-openshift-node-problem-detector-0:3.11.232-1.git.1.d41afaf.el7.src", "product": { "name": "atomic-openshift-node-problem-detector-0:3.11.232-1.git.1.d41afaf.el7.src", "product_id": "atomic-openshift-node-problem-detector-0:3.11.232-1.git.1.d41afaf.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/atomic-openshift-node-problem-detector@3.11.232-1.git.1.d41afaf.el7?arch=src" } } }, { "category": "product_version", "name": "openshift-enterprise-autoheal-0:3.11.232-1.git.1.2756a13.el7.src", "product": { "name": "openshift-enterprise-autoheal-0:3.11.232-1.git.1.2756a13.el7.src", "product_id": "openshift-enterprise-autoheal-0:3.11.232-1.git.1.2756a13.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/openshift-enterprise-autoheal@3.11.232-1.git.1.2756a13.el7?arch=src" } } }, { "category": "product_version", "name": "openshift-enterprise-cluster-capacity-0:3.11.232-1.git.1.2e0c082.el7.src", "product": { "name": "openshift-enterprise-cluster-capacity-0:3.11.232-1.git.1.2e0c082.el7.src", "product_id": "openshift-enterprise-cluster-capacity-0:3.11.232-1.git.1.2e0c082.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/openshift-enterprise-cluster-capacity@3.11.232-1.git.1.2e0c082.el7?arch=src" } } }, { "category": "product_version", "name": "atomic-openshift-web-console-0:3.11.232-1.git.1.0f92c9e.el7.src", "product": { "name": "atomic-openshift-web-console-0:3.11.232-1.git.1.0f92c9e.el7.src", "product_id": "atomic-openshift-web-console-0:3.11.232-1.git.1.0f92c9e.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/atomic-openshift-web-console@3.11.232-1.git.1.0f92c9e.el7?arch=src" } } }, { "category": "product_version", "name": "atomic-openshift-service-idler-0:3.11.232-1.git.1.424e270.el7.src", "product": { "name": "atomic-openshift-service-idler-0:3.11.232-1.git.1.424e270.el7.src", "product_id": "atomic-openshift-service-idler-0:3.11.232-1.git.1.424e270.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/atomic-openshift-service-idler@3.11.232-1.git.1.424e270.el7?arch=src" } } }, { "category": "product_version", "name": "atomic-openshift-metrics-server-0:3.11.232-1.git.1.8c5f5b4.el7.src", "product": { "name": "atomic-openshift-metrics-server-0:3.11.232-1.git.1.8c5f5b4.el7.src", "product_id": "atomic-openshift-metrics-server-0:3.11.232-1.git.1.8c5f5b4.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/atomic-openshift-metrics-server@3.11.232-1.git.1.8c5f5b4.el7?arch=src" } } }, { "category": "product_version", "name": "golang-github-prometheus-alertmanager-0:3.11.232-1.git.1.abfb991.el7.src", "product": { "name": "golang-github-prometheus-alertmanager-0:3.11.232-1.git.1.abfb991.el7.src", "product_id": "golang-github-prometheus-alertmanager-0:3.11.232-1.git.1.abfb991.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/golang-github-prometheus-alertmanager@3.11.232-1.git.1.abfb991.el7?arch=src" } } }, { "category": "product_version", "name": "openshift-kuryr-0:3.11.232-1.git.1.d2cedd4.el7.src", "product": { "name": "openshift-kuryr-0:3.11.232-1.git.1.d2cedd4.el7.src", "product_id": "openshift-kuryr-0:3.11.232-1.git.1.d2cedd4.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/openshift-kuryr@3.11.232-1.git.1.d2cedd4.el7?arch=src" } } }, { "category": "product_version", "name": "atomic-openshift-0:3.11.232-1.git.0.a5bc32f.el7.src", "product": { "name": "atomic-openshift-0:3.11.232-1.git.0.a5bc32f.el7.src", "product_id": "atomic-openshift-0:3.11.232-1.git.0.a5bc32f.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/atomic-openshift@3.11.232-1.git.0.a5bc32f.el7?arch=src" } } }, { "category": "product_version", "name": "openshift-ansible-0:3.11.232-1.git.0.f0f2213.el7.src", "product": { "name": "openshift-ansible-0:3.11.232-1.git.0.f0f2213.el7.src", "product_id": "openshift-ansible-0:3.11.232-1.git.0.f0f2213.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/openshift-ansible@3.11.232-1.git.0.f0f2213.el7?arch=src" } } }, { "category": "product_version", "name": "jenkins-2-plugins-0:3.11.1591354111-1.el7.src", "product": { "name": "jenkins-2-plugins-0:3.11.1591354111-1.el7.src", "product_id": "jenkins-2-plugins-0:3.11.1591354111-1.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jenkins-2-plugins@3.11.1591354111-1.el7?arch=src" } } }, { "category": "product_version", "name": "jenkins-0:2.222.1.1591351669-1.el7.src", "product": { "name": "jenkins-0:2.222.1.1591351669-1.el7.src", "product_id": "jenkins-0:2.222.1.1591351669-1.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jenkins@2.222.1.1591351669-1.el7?arch=src" } } }, { "category": "product_version", "name": "python-openshift-1:0.6.4-2.el7.src", "product": { "name": "python-openshift-1:0.6.4-2.el7.src", "product_id": "python-openshift-1:0.6.4-2.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/python-openshift@0.6.4-2.el7?arch=src\u0026epoch=1" } } }, { "category": "product_version", "name": "cri-tools-0:1.11.1-3.rhaos3.11.gitedabfb5.el7.src", "product": { "name": "cri-tools-0:1.11.1-3.rhaos3.11.gitedabfb5.el7.src", "product_id": "cri-tools-0:1.11.1-3.rhaos3.11.gitedabfb5.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/cri-tools@1.11.1-3.rhaos3.11.gitedabfb5.el7?arch=src" } } }, { "category": "product_version", "name": "golang-github-cpuguy83-go-md2man-0:1.0.7-1.el7.src", "product": { "name": "golang-github-cpuguy83-go-md2man-0:1.0.7-1.el7.src", "product_id": "golang-github-cpuguy83-go-md2man-0:1.0.7-1.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/golang-github-cpuguy83-go-md2man@1.0.7-1.el7?arch=src" } } } ], "category": "architecture", "name": "src" }, { "branches": [ { "category": "product_version", "name": "openshift-kuryr-cni-0:3.11.232-1.git.1.d2cedd4.el7.noarch", "product": { "name": "openshift-kuryr-cni-0:3.11.232-1.git.1.d2cedd4.el7.noarch", "product_id": "openshift-kuryr-cni-0:3.11.232-1.git.1.d2cedd4.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/openshift-kuryr-cni@3.11.232-1.git.1.d2cedd4.el7?arch=noarch" } } }, { "category": "product_version", "name": "openshift-kuryr-common-0:3.11.232-1.git.1.d2cedd4.el7.noarch", "product": { "name": "openshift-kuryr-common-0:3.11.232-1.git.1.d2cedd4.el7.noarch", "product_id": "openshift-kuryr-common-0:3.11.232-1.git.1.d2cedd4.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/openshift-kuryr-common@3.11.232-1.git.1.d2cedd4.el7?arch=noarch" } } }, { "category": "product_version", "name": "openshift-kuryr-controller-0:3.11.232-1.git.1.d2cedd4.el7.noarch", "product": { "name": "openshift-kuryr-controller-0:3.11.232-1.git.1.d2cedd4.el7.noarch", "product_id": "openshift-kuryr-controller-0:3.11.232-1.git.1.d2cedd4.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/openshift-kuryr-controller@3.11.232-1.git.1.d2cedd4.el7?arch=noarch" } } }, { "category": "product_version", "name": "python2-kuryr-kubernetes-0:3.11.232-1.git.1.d2cedd4.el7.noarch", "product": { "name": "python2-kuryr-kubernetes-0:3.11.232-1.git.1.d2cedd4.el7.noarch", "product_id": "python2-kuryr-kubernetes-0:3.11.232-1.git.1.d2cedd4.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/python2-kuryr-kubernetes@3.11.232-1.git.1.d2cedd4.el7?arch=noarch" } } }, { "category": "product_version", "name": "atomic-openshift-docker-excluder-0:3.11.232-1.git.0.a5bc32f.el7.noarch", "product": { "name": "atomic-openshift-docker-excluder-0:3.11.232-1.git.0.a5bc32f.el7.noarch", "product_id": "atomic-openshift-docker-excluder-0:3.11.232-1.git.0.a5bc32f.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/atomic-openshift-docker-excluder@3.11.232-1.git.0.a5bc32f.el7?arch=noarch" } } }, { "category": "product_version", "name": "atomic-openshift-excluder-0:3.11.232-1.git.0.a5bc32f.el7.noarch", "product": { "name": "atomic-openshift-excluder-0:3.11.232-1.git.0.a5bc32f.el7.noarch", "product_id": "atomic-openshift-excluder-0:3.11.232-1.git.0.a5bc32f.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/atomic-openshift-excluder@3.11.232-1.git.0.a5bc32f.el7?arch=noarch" } } }, { "category": "product_version", "name": "openshift-ansible-0:3.11.232-1.git.0.f0f2213.el7.noarch", "product": { "name": "openshift-ansible-0:3.11.232-1.git.0.f0f2213.el7.noarch", "product_id": "openshift-ansible-0:3.11.232-1.git.0.f0f2213.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/openshift-ansible@3.11.232-1.git.0.f0f2213.el7?arch=noarch" } } }, { "category": "product_version", "name": "openshift-ansible-docs-0:3.11.232-1.git.0.f0f2213.el7.noarch", "product": { "name": "openshift-ansible-docs-0:3.11.232-1.git.0.f0f2213.el7.noarch", "product_id": "openshift-ansible-docs-0:3.11.232-1.git.0.f0f2213.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/openshift-ansible-docs@3.11.232-1.git.0.f0f2213.el7?arch=noarch" } } }, { "category": "product_version", "name": "openshift-ansible-playbooks-0:3.11.232-1.git.0.f0f2213.el7.noarch", "product": { "name": "openshift-ansible-playbooks-0:3.11.232-1.git.0.f0f2213.el7.noarch", "product_id": "openshift-ansible-playbooks-0:3.11.232-1.git.0.f0f2213.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/openshift-ansible-playbooks@3.11.232-1.git.0.f0f2213.el7?arch=noarch" } } }, { "category": "product_version", "name": "openshift-ansible-roles-0:3.11.232-1.git.0.f0f2213.el7.noarch", "product": { "name": "openshift-ansible-roles-0:3.11.232-1.git.0.f0f2213.el7.noarch", "product_id": "openshift-ansible-roles-0:3.11.232-1.git.0.f0f2213.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/openshift-ansible-roles@3.11.232-1.git.0.f0f2213.el7?arch=noarch" } } }, { "category": "product_version", "name": "openshift-ansible-test-0:3.11.232-1.git.0.f0f2213.el7.noarch", "product": { "name": "openshift-ansible-test-0:3.11.232-1.git.0.f0f2213.el7.noarch", "product_id": "openshift-ansible-test-0:3.11.232-1.git.0.f0f2213.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/openshift-ansible-test@3.11.232-1.git.0.f0f2213.el7?arch=noarch" } } }, { "category": "product_version", "name": "jenkins-2-plugins-0:3.11.1591354111-1.el7.noarch", "product": { "name": "jenkins-2-plugins-0:3.11.1591354111-1.el7.noarch", "product_id": "jenkins-2-plugins-0:3.11.1591354111-1.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jenkins-2-plugins@3.11.1591354111-1.el7?arch=noarch" } } }, { "category": "product_version", "name": "jenkins-0:2.222.1.1591351669-1.el7.noarch", "product": { "name": "jenkins-0:2.222.1.1591351669-1.el7.noarch", "product_id": "jenkins-0:2.222.1.1591351669-1.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jenkins@2.222.1.1591351669-1.el7?arch=noarch" } } }, { "category": "product_version", "name": "python2-openshift-1:0.6.4-2.el7.noarch", "product": { "name": "python2-openshift-1:0.6.4-2.el7.noarch", "product_id": "python2-openshift-1:0.6.4-2.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/python2-openshift@0.6.4-2.el7?arch=noarch\u0026epoch=1" } } } ], "category": "architecture", "name": "noarch" } ], "category": "vendor", "name": "Red Hat" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "atomic-enterprise-service-catalog-1:3.11.232-1.git.1.d1e3501.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.232-1.git.1.d1e3501.el7.ppc64le" }, "product_reference": "atomic-enterprise-service-catalog-1:3.11.232-1.git.1.d1e3501.el7.ppc64le", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "atomic-enterprise-service-catalog-1:3.11.232-1.git.1.d1e3501.el7.src as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.232-1.git.1.d1e3501.el7.src" }, "product_reference": "atomic-enterprise-service-catalog-1:3.11.232-1.git.1.d1e3501.el7.src", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "atomic-enterprise-service-catalog-1:3.11.232-1.git.1.d1e3501.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.232-1.git.1.d1e3501.el7.x86_64" }, "product_reference": "atomic-enterprise-service-catalog-1:3.11.232-1.git.1.d1e3501.el7.x86_64", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "atomic-enterprise-service-catalog-svcat-1:3.11.232-1.git.1.d1e3501.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.232-1.git.1.d1e3501.el7.ppc64le" }, "product_reference": "atomic-enterprise-service-catalog-svcat-1:3.11.232-1.git.1.d1e3501.el7.ppc64le", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "atomic-enterprise-service-catalog-svcat-1:3.11.232-1.git.1.d1e3501.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.232-1.git.1.d1e3501.el7.x86_64" }, "product_reference": "atomic-enterprise-service-catalog-svcat-1:3.11.232-1.git.1.d1e3501.el7.x86_64", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "atomic-openshift-0:3.11.232-1.git.0.a5bc32f.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.232-1.git.0.a5bc32f.el7.ppc64le" }, "product_reference": "atomic-openshift-0:3.11.232-1.git.0.a5bc32f.el7.ppc64le", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "atomic-openshift-0:3.11.232-1.git.0.a5bc32f.el7.src as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.232-1.git.0.a5bc32f.el7.src" }, "product_reference": "atomic-openshift-0:3.11.232-1.git.0.a5bc32f.el7.src", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "atomic-openshift-0:3.11.232-1.git.0.a5bc32f.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.232-1.git.0.a5bc32f.el7.x86_64" }, "product_reference": "atomic-openshift-0:3.11.232-1.git.0.a5bc32f.el7.x86_64", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "atomic-openshift-clients-0:3.11.232-1.git.0.a5bc32f.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.232-1.git.0.a5bc32f.el7.ppc64le" }, "product_reference": "atomic-openshift-clients-0:3.11.232-1.git.0.a5bc32f.el7.ppc64le", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "atomic-openshift-clients-0:3.11.232-1.git.0.a5bc32f.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.232-1.git.0.a5bc32f.el7.x86_64" }, "product_reference": "atomic-openshift-clients-0:3.11.232-1.git.0.a5bc32f.el7.x86_64", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "atomic-openshift-clients-redistributable-0:3.11.232-1.git.0.a5bc32f.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.232-1.git.0.a5bc32f.el7.x86_64" }, "product_reference": "atomic-openshift-clients-redistributable-0:3.11.232-1.git.0.a5bc32f.el7.x86_64", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "atomic-openshift-cluster-autoscaler-0:3.11.232-1.git.1.e7433c6.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.232-1.git.1.e7433c6.el7.ppc64le" }, "product_reference": "atomic-openshift-cluster-autoscaler-0:3.11.232-1.git.1.e7433c6.el7.ppc64le", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "atomic-openshift-cluster-autoscaler-0:3.11.232-1.git.1.e7433c6.el7.src as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.232-1.git.1.e7433c6.el7.src" }, "product_reference": "atomic-openshift-cluster-autoscaler-0:3.11.232-1.git.1.e7433c6.el7.src", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "atomic-openshift-cluster-autoscaler-0:3.11.232-1.git.1.e7433c6.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.232-1.git.1.e7433c6.el7.x86_64" }, "product_reference": "atomic-openshift-cluster-autoscaler-0:3.11.232-1.git.1.e7433c6.el7.x86_64", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "atomic-openshift-descheduler-0:3.11.232-1.git.1.71361e4.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.232-1.git.1.71361e4.el7.ppc64le" }, "product_reference": "atomic-openshift-descheduler-0:3.11.232-1.git.1.71361e4.el7.ppc64le", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "atomic-openshift-descheduler-0:3.11.232-1.git.1.71361e4.el7.src as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.232-1.git.1.71361e4.el7.src" }, "product_reference": "atomic-openshift-descheduler-0:3.11.232-1.git.1.71361e4.el7.src", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "atomic-openshift-descheduler-0:3.11.232-1.git.1.71361e4.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.232-1.git.1.71361e4.el7.x86_64" }, "product_reference": "atomic-openshift-descheduler-0:3.11.232-1.git.1.71361e4.el7.x86_64", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "atomic-openshift-docker-excluder-0:3.11.232-1.git.0.a5bc32f.el7.noarch as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.232-1.git.0.a5bc32f.el7.noarch" }, "product_reference": "atomic-openshift-docker-excluder-0:3.11.232-1.git.0.a5bc32f.el7.noarch", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "atomic-openshift-dockerregistry-0:3.11.232-1.git.1.e5150dd.el7.src as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.232-1.git.1.e5150dd.el7.src" }, "product_reference": "atomic-openshift-dockerregistry-0:3.11.232-1.git.1.e5150dd.el7.src", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "atomic-openshift-dockerregistry-0:3.11.232-1.git.1.e5150dd.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.232-1.git.1.e5150dd.el7.x86_64" }, "product_reference": "atomic-openshift-dockerregistry-0:3.11.232-1.git.1.e5150dd.el7.x86_64", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "atomic-openshift-excluder-0:3.11.232-1.git.0.a5bc32f.el7.noarch as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.232-1.git.0.a5bc32f.el7.noarch" }, "product_reference": "atomic-openshift-excluder-0:3.11.232-1.git.0.a5bc32f.el7.noarch", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "atomic-openshift-hyperkube-0:3.11.232-1.git.0.a5bc32f.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.232-1.git.0.a5bc32f.el7.ppc64le" }, "product_reference": "atomic-openshift-hyperkube-0:3.11.232-1.git.0.a5bc32f.el7.ppc64le", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "atomic-openshift-hyperkube-0:3.11.232-1.git.0.a5bc32f.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.232-1.git.0.a5bc32f.el7.x86_64" }, "product_reference": "atomic-openshift-hyperkube-0:3.11.232-1.git.0.a5bc32f.el7.x86_64", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "atomic-openshift-hypershift-0:3.11.232-1.git.0.a5bc32f.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.232-1.git.0.a5bc32f.el7.ppc64le" }, "product_reference": "atomic-openshift-hypershift-0:3.11.232-1.git.0.a5bc32f.el7.ppc64le", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "atomic-openshift-hypershift-0:3.11.232-1.git.0.a5bc32f.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.232-1.git.0.a5bc32f.el7.x86_64" }, "product_reference": "atomic-openshift-hypershift-0:3.11.232-1.git.0.a5bc32f.el7.x86_64", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "atomic-openshift-master-0:3.11.232-1.git.0.a5bc32f.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.232-1.git.0.a5bc32f.el7.ppc64le" }, "product_reference": "atomic-openshift-master-0:3.11.232-1.git.0.a5bc32f.el7.ppc64le", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "atomic-openshift-master-0:3.11.232-1.git.0.a5bc32f.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.232-1.git.0.a5bc32f.el7.x86_64" }, "product_reference": "atomic-openshift-master-0:3.11.232-1.git.0.a5bc32f.el7.x86_64", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "atomic-openshift-metrics-server-0:3.11.232-1.git.1.8c5f5b4.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.232-1.git.1.8c5f5b4.el7.ppc64le" }, "product_reference": "atomic-openshift-metrics-server-0:3.11.232-1.git.1.8c5f5b4.el7.ppc64le", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "atomic-openshift-metrics-server-0:3.11.232-1.git.1.8c5f5b4.el7.src as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.232-1.git.1.8c5f5b4.el7.src" }, "product_reference": "atomic-openshift-metrics-server-0:3.11.232-1.git.1.8c5f5b4.el7.src", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "atomic-openshift-metrics-server-0:3.11.232-1.git.1.8c5f5b4.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.232-1.git.1.8c5f5b4.el7.x86_64" }, "product_reference": "atomic-openshift-metrics-server-0:3.11.232-1.git.1.8c5f5b4.el7.x86_64", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "atomic-openshift-node-0:3.11.232-1.git.0.a5bc32f.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.232-1.git.0.a5bc32f.el7.ppc64le" }, "product_reference": "atomic-openshift-node-0:3.11.232-1.git.0.a5bc32f.el7.ppc64le", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "atomic-openshift-node-0:3.11.232-1.git.0.a5bc32f.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.232-1.git.0.a5bc32f.el7.x86_64" }, "product_reference": "atomic-openshift-node-0:3.11.232-1.git.0.a5bc32f.el7.x86_64", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "atomic-openshift-node-problem-detector-0:3.11.232-1.git.1.d41afaf.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.232-1.git.1.d41afaf.el7.ppc64le" }, "product_reference": "atomic-openshift-node-problem-detector-0:3.11.232-1.git.1.d41afaf.el7.ppc64le", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "atomic-openshift-node-problem-detector-0:3.11.232-1.git.1.d41afaf.el7.src as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.232-1.git.1.d41afaf.el7.src" }, "product_reference": "atomic-openshift-node-problem-detector-0:3.11.232-1.git.1.d41afaf.el7.src", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "atomic-openshift-node-problem-detector-0:3.11.232-1.git.1.d41afaf.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.232-1.git.1.d41afaf.el7.x86_64" }, "product_reference": "atomic-openshift-node-problem-detector-0:3.11.232-1.git.1.d41afaf.el7.x86_64", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "atomic-openshift-pod-0:3.11.232-1.git.0.a5bc32f.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.232-1.git.0.a5bc32f.el7.ppc64le" }, "product_reference": "atomic-openshift-pod-0:3.11.232-1.git.0.a5bc32f.el7.ppc64le", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "atomic-openshift-pod-0:3.11.232-1.git.0.a5bc32f.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.232-1.git.0.a5bc32f.el7.x86_64" }, "product_reference": "atomic-openshift-pod-0:3.11.232-1.git.0.a5bc32f.el7.x86_64", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "atomic-openshift-sdn-ovs-0:3.11.232-1.git.0.a5bc32f.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.232-1.git.0.a5bc32f.el7.ppc64le" }, "product_reference": "atomic-openshift-sdn-ovs-0:3.11.232-1.git.0.a5bc32f.el7.ppc64le", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "atomic-openshift-sdn-ovs-0:3.11.232-1.git.0.a5bc32f.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.232-1.git.0.a5bc32f.el7.x86_64" }, "product_reference": "atomic-openshift-sdn-ovs-0:3.11.232-1.git.0.a5bc32f.el7.x86_64", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "atomic-openshift-service-idler-0:3.11.232-1.git.1.424e270.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.232-1.git.1.424e270.el7.ppc64le" }, "product_reference": "atomic-openshift-service-idler-0:3.11.232-1.git.1.424e270.el7.ppc64le", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "atomic-openshift-service-idler-0:3.11.232-1.git.1.424e270.el7.src as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.232-1.git.1.424e270.el7.src" }, "product_reference": "atomic-openshift-service-idler-0:3.11.232-1.git.1.424e270.el7.src", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "atomic-openshift-service-idler-0:3.11.232-1.git.1.424e270.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.232-1.git.1.424e270.el7.x86_64" }, "product_reference": "atomic-openshift-service-idler-0:3.11.232-1.git.1.424e270.el7.x86_64", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "atomic-openshift-template-service-broker-0:3.11.232-1.git.0.a5bc32f.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.232-1.git.0.a5bc32f.el7.ppc64le" }, "product_reference": "atomic-openshift-template-service-broker-0:3.11.232-1.git.0.a5bc32f.el7.ppc64le", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "atomic-openshift-template-service-broker-0:3.11.232-1.git.0.a5bc32f.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.232-1.git.0.a5bc32f.el7.x86_64" }, "product_reference": "atomic-openshift-template-service-broker-0:3.11.232-1.git.0.a5bc32f.el7.x86_64", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "atomic-openshift-tests-0:3.11.232-1.git.0.a5bc32f.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.232-1.git.0.a5bc32f.el7.ppc64le" }, "product_reference": "atomic-openshift-tests-0:3.11.232-1.git.0.a5bc32f.el7.ppc64le", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "atomic-openshift-tests-0:3.11.232-1.git.0.a5bc32f.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.232-1.git.0.a5bc32f.el7.x86_64" }, "product_reference": "atomic-openshift-tests-0:3.11.232-1.git.0.a5bc32f.el7.x86_64", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "atomic-openshift-web-console-0:3.11.232-1.git.1.0f92c9e.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.232-1.git.1.0f92c9e.el7.ppc64le" }, "product_reference": "atomic-openshift-web-console-0:3.11.232-1.git.1.0f92c9e.el7.ppc64le", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "atomic-openshift-web-console-0:3.11.232-1.git.1.0f92c9e.el7.src as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.232-1.git.1.0f92c9e.el7.src" }, "product_reference": "atomic-openshift-web-console-0:3.11.232-1.git.1.0f92c9e.el7.src", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "atomic-openshift-web-console-0:3.11.232-1.git.1.0f92c9e.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.232-1.git.1.0f92c9e.el7.x86_64" }, "product_reference": "atomic-openshift-web-console-0:3.11.232-1.git.1.0f92c9e.el7.x86_64", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "cri-tools-0:1.11.1-3.rhaos3.11.gitedabfb5.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:cri-tools-0:1.11.1-3.rhaos3.11.gitedabfb5.el7.ppc64le" }, "product_reference": "cri-tools-0:1.11.1-3.rhaos3.11.gitedabfb5.el7.ppc64le", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "cri-tools-0:1.11.1-3.rhaos3.11.gitedabfb5.el7.src as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:cri-tools-0:1.11.1-3.rhaos3.11.gitedabfb5.el7.src" }, "product_reference": "cri-tools-0:1.11.1-3.rhaos3.11.gitedabfb5.el7.src", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "cri-tools-0:1.11.1-3.rhaos3.11.gitedabfb5.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:cri-tools-0:1.11.1-3.rhaos3.11.gitedabfb5.el7.x86_64" }, "product_reference": "cri-tools-0:1.11.1-3.rhaos3.11.gitedabfb5.el7.x86_64", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "cri-tools-debuginfo-0:1.11.1-3.rhaos3.11.gitedabfb5.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:cri-tools-debuginfo-0:1.11.1-3.rhaos3.11.gitedabfb5.el7.ppc64le" }, "product_reference": "cri-tools-debuginfo-0:1.11.1-3.rhaos3.11.gitedabfb5.el7.ppc64le", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "cri-tools-debuginfo-0:1.11.1-3.rhaos3.11.gitedabfb5.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:cri-tools-debuginfo-0:1.11.1-3.rhaos3.11.gitedabfb5.el7.x86_64" }, "product_reference": "cri-tools-debuginfo-0:1.11.1-3.rhaos3.11.gitedabfb5.el7.x86_64", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "golang-github-cpuguy83-go-md2man-0:1.0.7-1.el7.src as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:golang-github-cpuguy83-go-md2man-0:1.0.7-1.el7.src" }, "product_reference": "golang-github-cpuguy83-go-md2man-0:1.0.7-1.el7.src", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "golang-github-cpuguy83-go-md2man-0:1.0.7-1.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:golang-github-cpuguy83-go-md2man-0:1.0.7-1.el7.x86_64" }, "product_reference": "golang-github-cpuguy83-go-md2man-0:1.0.7-1.el7.x86_64", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "golang-github-openshift-oauth-proxy-0:3.11.232-1.git.1.db200ae.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.232-1.git.1.db200ae.el7.ppc64le" }, "product_reference": "golang-github-openshift-oauth-proxy-0:3.11.232-1.git.1.db200ae.el7.ppc64le", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "golang-github-openshift-oauth-proxy-0:3.11.232-1.git.1.db200ae.el7.src as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.232-1.git.1.db200ae.el7.src" }, "product_reference": "golang-github-openshift-oauth-proxy-0:3.11.232-1.git.1.db200ae.el7.src", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "golang-github-openshift-oauth-proxy-0:3.11.232-1.git.1.db200ae.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.232-1.git.1.db200ae.el7.x86_64" }, "product_reference": "golang-github-openshift-oauth-proxy-0:3.11.232-1.git.1.db200ae.el7.x86_64", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "golang-github-prometheus-alertmanager-0:3.11.232-1.git.1.abfb991.el7.src as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.232-1.git.1.abfb991.el7.src" }, "product_reference": "golang-github-prometheus-alertmanager-0:3.11.232-1.git.1.abfb991.el7.src", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "golang-github-prometheus-node_exporter-0:3.11.232-1.git.1.0216923.el7.src as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.232-1.git.1.0216923.el7.src" }, "product_reference": "golang-github-prometheus-node_exporter-0:3.11.232-1.git.1.0216923.el7.src", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "golang-github-prometheus-prometheus-0:3.11.232-1.git.1.3c936ee.el7.src as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.232-1.git.1.3c936ee.el7.src" }, "product_reference": "golang-github-prometheus-prometheus-0:3.11.232-1.git.1.3c936ee.el7.src", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "jenkins-0:2.222.1.1591351669-1.el7.noarch as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:jenkins-0:2.222.1.1591351669-1.el7.noarch" }, "product_reference": "jenkins-0:2.222.1.1591351669-1.el7.noarch", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "jenkins-0:2.222.1.1591351669-1.el7.src as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:jenkins-0:2.222.1.1591351669-1.el7.src" }, "product_reference": "jenkins-0:2.222.1.1591351669-1.el7.src", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "jenkins-2-plugins-0:3.11.1591354111-1.el7.noarch as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1591354111-1.el7.noarch" }, "product_reference": "jenkins-2-plugins-0:3.11.1591354111-1.el7.noarch", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "jenkins-2-plugins-0:3.11.1591354111-1.el7.src as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1591354111-1.el7.src" }, "product_reference": "jenkins-2-plugins-0:3.11.1591354111-1.el7.src", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-ansible-0:3.11.232-1.git.0.f0f2213.el7.noarch as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.232-1.git.0.f0f2213.el7.noarch" }, "product_reference": "openshift-ansible-0:3.11.232-1.git.0.f0f2213.el7.noarch", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-ansible-0:3.11.232-1.git.0.f0f2213.el7.src as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.232-1.git.0.f0f2213.el7.src" }, "product_reference": "openshift-ansible-0:3.11.232-1.git.0.f0f2213.el7.src", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-ansible-docs-0:3.11.232-1.git.0.f0f2213.el7.noarch as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.232-1.git.0.f0f2213.el7.noarch" }, "product_reference": "openshift-ansible-docs-0:3.11.232-1.git.0.f0f2213.el7.noarch", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-ansible-playbooks-0:3.11.232-1.git.0.f0f2213.el7.noarch as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.232-1.git.0.f0f2213.el7.noarch" }, "product_reference": "openshift-ansible-playbooks-0:3.11.232-1.git.0.f0f2213.el7.noarch", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-ansible-roles-0:3.11.232-1.git.0.f0f2213.el7.noarch as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.232-1.git.0.f0f2213.el7.noarch" }, "product_reference": "openshift-ansible-roles-0:3.11.232-1.git.0.f0f2213.el7.noarch", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-ansible-test-0:3.11.232-1.git.0.f0f2213.el7.noarch as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.232-1.git.0.f0f2213.el7.noarch" }, "product_reference": "openshift-ansible-test-0:3.11.232-1.git.0.f0f2213.el7.noarch", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-enterprise-autoheal-0:3.11.232-1.git.1.2756a13.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.232-1.git.1.2756a13.el7.ppc64le" }, "product_reference": "openshift-enterprise-autoheal-0:3.11.232-1.git.1.2756a13.el7.ppc64le", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-enterprise-autoheal-0:3.11.232-1.git.1.2756a13.el7.src as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.232-1.git.1.2756a13.el7.src" }, "product_reference": "openshift-enterprise-autoheal-0:3.11.232-1.git.1.2756a13.el7.src", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-enterprise-autoheal-0:3.11.232-1.git.1.2756a13.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.232-1.git.1.2756a13.el7.x86_64" }, "product_reference": "openshift-enterprise-autoheal-0:3.11.232-1.git.1.2756a13.el7.x86_64", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-enterprise-cluster-capacity-0:3.11.232-1.git.1.2e0c082.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.232-1.git.1.2e0c082.el7.ppc64le" }, "product_reference": "openshift-enterprise-cluster-capacity-0:3.11.232-1.git.1.2e0c082.el7.ppc64le", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-enterprise-cluster-capacity-0:3.11.232-1.git.1.2e0c082.el7.src as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.232-1.git.1.2e0c082.el7.src" }, "product_reference": "openshift-enterprise-cluster-capacity-0:3.11.232-1.git.1.2e0c082.el7.src", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-enterprise-cluster-capacity-0:3.11.232-1.git.1.2e0c082.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.232-1.git.1.2e0c082.el7.x86_64" }, "product_reference": "openshift-enterprise-cluster-capacity-0:3.11.232-1.git.1.2e0c082.el7.x86_64", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-kuryr-0:3.11.232-1.git.1.d2cedd4.el7.src as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:openshift-kuryr-0:3.11.232-1.git.1.d2cedd4.el7.src" }, "product_reference": "openshift-kuryr-0:3.11.232-1.git.1.d2cedd4.el7.src", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-kuryr-cni-0:3.11.232-1.git.1.d2cedd4.el7.noarch as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:openshift-kuryr-cni-0:3.11.232-1.git.1.d2cedd4.el7.noarch" }, "product_reference": "openshift-kuryr-cni-0:3.11.232-1.git.1.d2cedd4.el7.noarch", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-kuryr-common-0:3.11.232-1.git.1.d2cedd4.el7.noarch as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:openshift-kuryr-common-0:3.11.232-1.git.1.d2cedd4.el7.noarch" }, "product_reference": "openshift-kuryr-common-0:3.11.232-1.git.1.d2cedd4.el7.noarch", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-kuryr-controller-0:3.11.232-1.git.1.d2cedd4.el7.noarch as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:openshift-kuryr-controller-0:3.11.232-1.git.1.d2cedd4.el7.noarch" }, "product_reference": "openshift-kuryr-controller-0:3.11.232-1.git.1.d2cedd4.el7.noarch", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "prometheus-0:3.11.232-1.git.1.3c936ee.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.232-1.git.1.3c936ee.el7.ppc64le" }, "product_reference": "prometheus-0:3.11.232-1.git.1.3c936ee.el7.ppc64le", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "prometheus-0:3.11.232-1.git.1.3c936ee.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.232-1.git.1.3c936ee.el7.x86_64" }, "product_reference": "prometheus-0:3.11.232-1.git.1.3c936ee.el7.x86_64", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "prometheus-alertmanager-0:3.11.232-1.git.1.abfb991.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.232-1.git.1.abfb991.el7.ppc64le" }, "product_reference": "prometheus-alertmanager-0:3.11.232-1.git.1.abfb991.el7.ppc64le", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "prometheus-alertmanager-0:3.11.232-1.git.1.abfb991.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.232-1.git.1.abfb991.el7.x86_64" }, "product_reference": "prometheus-alertmanager-0:3.11.232-1.git.1.abfb991.el7.x86_64", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "prometheus-node-exporter-0:3.11.232-1.git.1.0216923.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.232-1.git.1.0216923.el7.ppc64le" }, "product_reference": "prometheus-node-exporter-0:3.11.232-1.git.1.0216923.el7.ppc64le", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "prometheus-node-exporter-0:3.11.232-1.git.1.0216923.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.232-1.git.1.0216923.el7.x86_64" }, "product_reference": "prometheus-node-exporter-0:3.11.232-1.git.1.0216923.el7.x86_64", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "python-openshift-1:0.6.4-2.el7.src as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:python-openshift-1:0.6.4-2.el7.src" }, "product_reference": "python-openshift-1:0.6.4-2.el7.src", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "python2-kuryr-kubernetes-0:3.11.232-1.git.1.d2cedd4.el7.noarch as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:python2-kuryr-kubernetes-0:3.11.232-1.git.1.d2cedd4.el7.noarch" }, "product_reference": "python2-kuryr-kubernetes-0:3.11.232-1.git.1.d2cedd4.el7.noarch", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" }, { "category": "default_component_of", "full_product_name": { "name": "python2-openshift-1:0.6.4-2.el7.noarch as a component of Red Hat OpenShift Container Platform 3.11", "product_id": "7Server-RH7-RHOSE-3.11:python2-openshift-1:0.6.4-2.el7.noarch" }, "product_reference": "python2-openshift-1:0.6.4-2.el7.noarch", "relates_to_product_reference": "7Server-RH7-RHOSE-3.11" } ] }, "vulnerabilities": [ { "cve": "CVE-2020-2160", "cwe": { "id": "CWE-352", "name": "Cross-Site Request Forgery (CSRF)" }, "discovery_date": "2020-03-26T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.232-1.git.1.d1e3501.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.232-1.git.1.d1e3501.el7.src", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.232-1.git.1.d1e3501.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.232-1.git.1.d1e3501.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.232-1.git.1.d1e3501.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.232-1.git.0.a5bc32f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.232-1.git.0.a5bc32f.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.232-1.git.0.a5bc32f.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.232-1.git.0.a5bc32f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.232-1.git.0.a5bc32f.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.232-1.git.0.a5bc32f.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.232-1.git.1.e7433c6.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.232-1.git.1.e7433c6.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.232-1.git.1.e7433c6.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.232-1.git.1.71361e4.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.232-1.git.1.71361e4.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.232-1.git.1.71361e4.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.232-1.git.0.a5bc32f.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.232-1.git.1.e5150dd.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.232-1.git.1.e5150dd.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.232-1.git.0.a5bc32f.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.232-1.git.0.a5bc32f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.232-1.git.0.a5bc32f.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.232-1.git.0.a5bc32f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.232-1.git.0.a5bc32f.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.232-1.git.0.a5bc32f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.232-1.git.0.a5bc32f.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.232-1.git.1.8c5f5b4.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.232-1.git.1.8c5f5b4.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.232-1.git.1.8c5f5b4.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.232-1.git.0.a5bc32f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.232-1.git.0.a5bc32f.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.232-1.git.1.d41afaf.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.232-1.git.1.d41afaf.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.232-1.git.1.d41afaf.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.232-1.git.0.a5bc32f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.232-1.git.0.a5bc32f.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.232-1.git.0.a5bc32f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.232-1.git.0.a5bc32f.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.232-1.git.1.424e270.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.232-1.git.1.424e270.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.232-1.git.1.424e270.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.232-1.git.0.a5bc32f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.232-1.git.0.a5bc32f.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.232-1.git.0.a5bc32f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.232-1.git.0.a5bc32f.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.232-1.git.1.0f92c9e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.232-1.git.1.0f92c9e.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.232-1.git.1.0f92c9e.el7.x86_64", "7Server-RH7-RHOSE-3.11:cri-tools-0:1.11.1-3.rhaos3.11.gitedabfb5.el7.ppc64le", "7Server-RH7-RHOSE-3.11:cri-tools-0:1.11.1-3.rhaos3.11.gitedabfb5.el7.src", "7Server-RH7-RHOSE-3.11:cri-tools-0:1.11.1-3.rhaos3.11.gitedabfb5.el7.x86_64", "7Server-RH7-RHOSE-3.11:cri-tools-debuginfo-0:1.11.1-3.rhaos3.11.gitedabfb5.el7.ppc64le", "7Server-RH7-RHOSE-3.11:cri-tools-debuginfo-0:1.11.1-3.rhaos3.11.gitedabfb5.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-cpuguy83-go-md2man-0:1.0.7-1.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-cpuguy83-go-md2man-0:1.0.7-1.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.232-1.git.1.db200ae.el7.ppc64le", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.232-1.git.1.db200ae.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.232-1.git.1.db200ae.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.232-1.git.1.abfb991.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.232-1.git.1.0216923.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.232-1.git.1.3c936ee.el7.src", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1591354111-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1591354111-1.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.232-1.git.0.f0f2213.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.232-1.git.0.f0f2213.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.232-1.git.0.f0f2213.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.232-1.git.0.f0f2213.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.232-1.git.0.f0f2213.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.232-1.git.0.f0f2213.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.232-1.git.1.2756a13.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.232-1.git.1.2756a13.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.232-1.git.1.2756a13.el7.x86_64", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.232-1.git.1.2e0c082.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.232-1.git.1.2e0c082.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.232-1.git.1.2e0c082.el7.x86_64", "7Server-RH7-RHOSE-3.11:openshift-kuryr-0:3.11.232-1.git.1.d2cedd4.el7.src", "7Server-RH7-RHOSE-3.11:openshift-kuryr-cni-0:3.11.232-1.git.1.d2cedd4.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-kuryr-common-0:3.11.232-1.git.1.d2cedd4.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-kuryr-controller-0:3.11.232-1.git.1.d2cedd4.el7.noarch", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.232-1.git.1.3c936ee.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.232-1.git.1.3c936ee.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.232-1.git.1.abfb991.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.232-1.git.1.abfb991.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.232-1.git.1.0216923.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.232-1.git.1.0216923.el7.x86_64", "7Server-RH7-RHOSE-3.11:python-openshift-1:0.6.4-2.el7.src", "7Server-RH7-RHOSE-3.11:python2-kuryr-kubernetes-0:3.11.232-1.git.1.d2cedd4.el7.noarch", "7Server-RH7-RHOSE-3.11:python2-openshift-1:0.6.4-2.el7.noarch" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1819190" } ], "notes": [ { "category": "description", "text": "Jenkins 2.227 and earlier, LTS 2.204.5 and earlier uses different representations of request URL paths, which allows attackers to craft URLs that allow bypassing CSRF protection of any target URL.", "title": "Vulnerability description" }, { "category": "summary", "text": "jenkins: CSRF protection bypass via crafted URLs", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-RH7-RHOSE-3.11:jenkins-0:2.222.1.1591351669-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-0:2.222.1.1591351669-1.el7.src" ], "known_not_affected": [ "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.232-1.git.1.d1e3501.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.232-1.git.1.d1e3501.el7.src", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.232-1.git.1.d1e3501.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.232-1.git.1.d1e3501.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.232-1.git.1.d1e3501.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.232-1.git.0.a5bc32f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.232-1.git.0.a5bc32f.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.232-1.git.0.a5bc32f.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.232-1.git.0.a5bc32f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.232-1.git.0.a5bc32f.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.232-1.git.0.a5bc32f.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.232-1.git.1.e7433c6.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.232-1.git.1.e7433c6.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.232-1.git.1.e7433c6.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.232-1.git.1.71361e4.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.232-1.git.1.71361e4.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.232-1.git.1.71361e4.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.232-1.git.0.a5bc32f.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.232-1.git.1.e5150dd.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.232-1.git.1.e5150dd.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.232-1.git.0.a5bc32f.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.232-1.git.0.a5bc32f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.232-1.git.0.a5bc32f.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.232-1.git.0.a5bc32f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.232-1.git.0.a5bc32f.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.232-1.git.0.a5bc32f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.232-1.git.0.a5bc32f.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.232-1.git.1.8c5f5b4.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.232-1.git.1.8c5f5b4.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.232-1.git.1.8c5f5b4.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.232-1.git.0.a5bc32f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.232-1.git.0.a5bc32f.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.232-1.git.1.d41afaf.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.232-1.git.1.d41afaf.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.232-1.git.1.d41afaf.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.232-1.git.0.a5bc32f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.232-1.git.0.a5bc32f.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.232-1.git.0.a5bc32f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.232-1.git.0.a5bc32f.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.232-1.git.1.424e270.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.232-1.git.1.424e270.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.232-1.git.1.424e270.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.232-1.git.0.a5bc32f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.232-1.git.0.a5bc32f.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.232-1.git.0.a5bc32f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.232-1.git.0.a5bc32f.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.232-1.git.1.0f92c9e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.232-1.git.1.0f92c9e.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.232-1.git.1.0f92c9e.el7.x86_64", "7Server-RH7-RHOSE-3.11:cri-tools-0:1.11.1-3.rhaos3.11.gitedabfb5.el7.ppc64le", "7Server-RH7-RHOSE-3.11:cri-tools-0:1.11.1-3.rhaos3.11.gitedabfb5.el7.src", "7Server-RH7-RHOSE-3.11:cri-tools-0:1.11.1-3.rhaos3.11.gitedabfb5.el7.x86_64", "7Server-RH7-RHOSE-3.11:cri-tools-debuginfo-0:1.11.1-3.rhaos3.11.gitedabfb5.el7.ppc64le", "7Server-RH7-RHOSE-3.11:cri-tools-debuginfo-0:1.11.1-3.rhaos3.11.gitedabfb5.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-cpuguy83-go-md2man-0:1.0.7-1.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-cpuguy83-go-md2man-0:1.0.7-1.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.232-1.git.1.db200ae.el7.ppc64le", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.232-1.git.1.db200ae.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.232-1.git.1.db200ae.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.232-1.git.1.abfb991.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.232-1.git.1.0216923.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.232-1.git.1.3c936ee.el7.src", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1591354111-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1591354111-1.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.232-1.git.0.f0f2213.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.232-1.git.0.f0f2213.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.232-1.git.0.f0f2213.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.232-1.git.0.f0f2213.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.232-1.git.0.f0f2213.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.232-1.git.0.f0f2213.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.232-1.git.1.2756a13.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.232-1.git.1.2756a13.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.232-1.git.1.2756a13.el7.x86_64", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.232-1.git.1.2e0c082.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.232-1.git.1.2e0c082.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.232-1.git.1.2e0c082.el7.x86_64", "7Server-RH7-RHOSE-3.11:openshift-kuryr-0:3.11.232-1.git.1.d2cedd4.el7.src", "7Server-RH7-RHOSE-3.11:openshift-kuryr-cni-0:3.11.232-1.git.1.d2cedd4.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-kuryr-common-0:3.11.232-1.git.1.d2cedd4.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-kuryr-controller-0:3.11.232-1.git.1.d2cedd4.el7.noarch", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.232-1.git.1.3c936ee.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.232-1.git.1.3c936ee.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.232-1.git.1.abfb991.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.232-1.git.1.abfb991.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.232-1.git.1.0216923.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.232-1.git.1.0216923.el7.x86_64", "7Server-RH7-RHOSE-3.11:python-openshift-1:0.6.4-2.el7.src", "7Server-RH7-RHOSE-3.11:python2-kuryr-kubernetes-0:3.11.232-1.git.1.d2cedd4.el7.noarch", "7Server-RH7-RHOSE-3.11:python2-openshift-1:0.6.4-2.el7.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2020-2160" }, { "category": "external", "summary": "RHBZ#1819190", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1819190" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2020-2160", "url": "https://www.cve.org/CVERecord?id=CVE-2020-2160" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-2160", "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-2160" }, { "category": "external", "summary": "https://jenkins.io/security/advisory/2020-03-25/#SECURITY-1774", "url": "https://jenkins.io/security/advisory/2020-03-25/#SECURITY-1774" } ], "release_date": "2020-03-25T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-06-17T20:23:07+00:00", "details": "Before applying this update, ensure all previously released errata relevant\nto your system is applied.\n\nSee the following documentation, which will be updated shortly for release\n3.11.232, for important instructions on how to upgrade your cluster and fully\napply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/3.11/release_notes/ocp_3_11_release_notes.html\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/articles/11258.", "product_ids": [ "7Server-RH7-RHOSE-3.11:jenkins-0:2.222.1.1591351669-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-0:2.222.1.1591351669-1.el7.src" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHBA-2020:2477" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "7Server-RH7-RHOSE-3.11:jenkins-0:2.222.1.1591351669-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-0:2.222.1.1591351669-1.el7.src" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "jenkins: CSRF protection bypass via crafted URLs" }, { "cve": "CVE-2020-2161", "cwe": { "id": "CWE-79", "name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)" }, "discovery_date": "2020-03-26T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.232-1.git.1.d1e3501.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.232-1.git.1.d1e3501.el7.src", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.232-1.git.1.d1e3501.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.232-1.git.1.d1e3501.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.232-1.git.1.d1e3501.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.232-1.git.0.a5bc32f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.232-1.git.0.a5bc32f.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.232-1.git.0.a5bc32f.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.232-1.git.0.a5bc32f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.232-1.git.0.a5bc32f.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.232-1.git.0.a5bc32f.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.232-1.git.1.e7433c6.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.232-1.git.1.e7433c6.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.232-1.git.1.e7433c6.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.232-1.git.1.71361e4.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.232-1.git.1.71361e4.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.232-1.git.1.71361e4.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.232-1.git.0.a5bc32f.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.232-1.git.1.e5150dd.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.232-1.git.1.e5150dd.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.232-1.git.0.a5bc32f.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.232-1.git.0.a5bc32f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.232-1.git.0.a5bc32f.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.232-1.git.0.a5bc32f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.232-1.git.0.a5bc32f.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.232-1.git.0.a5bc32f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.232-1.git.0.a5bc32f.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.232-1.git.1.8c5f5b4.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.232-1.git.1.8c5f5b4.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.232-1.git.1.8c5f5b4.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.232-1.git.0.a5bc32f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.232-1.git.0.a5bc32f.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.232-1.git.1.d41afaf.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.232-1.git.1.d41afaf.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.232-1.git.1.d41afaf.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.232-1.git.0.a5bc32f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.232-1.git.0.a5bc32f.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.232-1.git.0.a5bc32f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.232-1.git.0.a5bc32f.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.232-1.git.1.424e270.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.232-1.git.1.424e270.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.232-1.git.1.424e270.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.232-1.git.0.a5bc32f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.232-1.git.0.a5bc32f.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.232-1.git.0.a5bc32f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.232-1.git.0.a5bc32f.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.232-1.git.1.0f92c9e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.232-1.git.1.0f92c9e.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.232-1.git.1.0f92c9e.el7.x86_64", "7Server-RH7-RHOSE-3.11:cri-tools-0:1.11.1-3.rhaos3.11.gitedabfb5.el7.ppc64le", "7Server-RH7-RHOSE-3.11:cri-tools-0:1.11.1-3.rhaos3.11.gitedabfb5.el7.src", "7Server-RH7-RHOSE-3.11:cri-tools-0:1.11.1-3.rhaos3.11.gitedabfb5.el7.x86_64", "7Server-RH7-RHOSE-3.11:cri-tools-debuginfo-0:1.11.1-3.rhaos3.11.gitedabfb5.el7.ppc64le", "7Server-RH7-RHOSE-3.11:cri-tools-debuginfo-0:1.11.1-3.rhaos3.11.gitedabfb5.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-cpuguy83-go-md2man-0:1.0.7-1.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-cpuguy83-go-md2man-0:1.0.7-1.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.232-1.git.1.db200ae.el7.ppc64le", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.232-1.git.1.db200ae.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.232-1.git.1.db200ae.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.232-1.git.1.abfb991.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.232-1.git.1.0216923.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.232-1.git.1.3c936ee.el7.src", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1591354111-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1591354111-1.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.232-1.git.0.f0f2213.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.232-1.git.0.f0f2213.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.232-1.git.0.f0f2213.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.232-1.git.0.f0f2213.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.232-1.git.0.f0f2213.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.232-1.git.0.f0f2213.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.232-1.git.1.2756a13.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.232-1.git.1.2756a13.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.232-1.git.1.2756a13.el7.x86_64", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.232-1.git.1.2e0c082.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.232-1.git.1.2e0c082.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.232-1.git.1.2e0c082.el7.x86_64", "7Server-RH7-RHOSE-3.11:openshift-kuryr-0:3.11.232-1.git.1.d2cedd4.el7.src", "7Server-RH7-RHOSE-3.11:openshift-kuryr-cni-0:3.11.232-1.git.1.d2cedd4.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-kuryr-common-0:3.11.232-1.git.1.d2cedd4.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-kuryr-controller-0:3.11.232-1.git.1.d2cedd4.el7.noarch", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.232-1.git.1.3c936ee.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.232-1.git.1.3c936ee.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.232-1.git.1.abfb991.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.232-1.git.1.abfb991.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.232-1.git.1.0216923.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.232-1.git.1.0216923.el7.x86_64", "7Server-RH7-RHOSE-3.11:python-openshift-1:0.6.4-2.el7.src", "7Server-RH7-RHOSE-3.11:python2-kuryr-kubernetes-0:3.11.232-1.git.1.d2cedd4.el7.noarch", "7Server-RH7-RHOSE-3.11:python2-openshift-1:0.6.4-2.el7.noarch" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1819198" } ], "notes": [ { "category": "description", "text": "Jenkins 2.227 and earlier, LTS 2.204.5 and earlier does not properly escape node labels that are shown in the form validation for label expressions on job configuration pages, resulting in a stored XSS vulnerability exploitable by users able to define node labels.", "title": "Vulnerability description" }, { "category": "summary", "text": "jenkins: XSS in job configuration pages", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-RH7-RHOSE-3.11:jenkins-0:2.222.1.1591351669-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-0:2.222.1.1591351669-1.el7.src" ], "known_not_affected": [ "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.232-1.git.1.d1e3501.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.232-1.git.1.d1e3501.el7.src", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.232-1.git.1.d1e3501.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.232-1.git.1.d1e3501.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.232-1.git.1.d1e3501.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.232-1.git.0.a5bc32f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.232-1.git.0.a5bc32f.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.232-1.git.0.a5bc32f.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.232-1.git.0.a5bc32f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.232-1.git.0.a5bc32f.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.232-1.git.0.a5bc32f.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.232-1.git.1.e7433c6.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.232-1.git.1.e7433c6.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.232-1.git.1.e7433c6.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.232-1.git.1.71361e4.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.232-1.git.1.71361e4.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.232-1.git.1.71361e4.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.232-1.git.0.a5bc32f.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.232-1.git.1.e5150dd.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.232-1.git.1.e5150dd.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.232-1.git.0.a5bc32f.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.232-1.git.0.a5bc32f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.232-1.git.0.a5bc32f.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.232-1.git.0.a5bc32f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.232-1.git.0.a5bc32f.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.232-1.git.0.a5bc32f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.232-1.git.0.a5bc32f.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.232-1.git.1.8c5f5b4.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.232-1.git.1.8c5f5b4.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.232-1.git.1.8c5f5b4.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.232-1.git.0.a5bc32f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.232-1.git.0.a5bc32f.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.232-1.git.1.d41afaf.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.232-1.git.1.d41afaf.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.232-1.git.1.d41afaf.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.232-1.git.0.a5bc32f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.232-1.git.0.a5bc32f.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.232-1.git.0.a5bc32f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.232-1.git.0.a5bc32f.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.232-1.git.1.424e270.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.232-1.git.1.424e270.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.232-1.git.1.424e270.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.232-1.git.0.a5bc32f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.232-1.git.0.a5bc32f.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.232-1.git.0.a5bc32f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.232-1.git.0.a5bc32f.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.232-1.git.1.0f92c9e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.232-1.git.1.0f92c9e.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.232-1.git.1.0f92c9e.el7.x86_64", "7Server-RH7-RHOSE-3.11:cri-tools-0:1.11.1-3.rhaos3.11.gitedabfb5.el7.ppc64le", "7Server-RH7-RHOSE-3.11:cri-tools-0:1.11.1-3.rhaos3.11.gitedabfb5.el7.src", "7Server-RH7-RHOSE-3.11:cri-tools-0:1.11.1-3.rhaos3.11.gitedabfb5.el7.x86_64", "7Server-RH7-RHOSE-3.11:cri-tools-debuginfo-0:1.11.1-3.rhaos3.11.gitedabfb5.el7.ppc64le", "7Server-RH7-RHOSE-3.11:cri-tools-debuginfo-0:1.11.1-3.rhaos3.11.gitedabfb5.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-cpuguy83-go-md2man-0:1.0.7-1.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-cpuguy83-go-md2man-0:1.0.7-1.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.232-1.git.1.db200ae.el7.ppc64le", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.232-1.git.1.db200ae.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.232-1.git.1.db200ae.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.232-1.git.1.abfb991.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.232-1.git.1.0216923.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.232-1.git.1.3c936ee.el7.src", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1591354111-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1591354111-1.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.232-1.git.0.f0f2213.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.232-1.git.0.f0f2213.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.232-1.git.0.f0f2213.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.232-1.git.0.f0f2213.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.232-1.git.0.f0f2213.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.232-1.git.0.f0f2213.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.232-1.git.1.2756a13.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.232-1.git.1.2756a13.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.232-1.git.1.2756a13.el7.x86_64", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.232-1.git.1.2e0c082.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.232-1.git.1.2e0c082.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.232-1.git.1.2e0c082.el7.x86_64", "7Server-RH7-RHOSE-3.11:openshift-kuryr-0:3.11.232-1.git.1.d2cedd4.el7.src", "7Server-RH7-RHOSE-3.11:openshift-kuryr-cni-0:3.11.232-1.git.1.d2cedd4.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-kuryr-common-0:3.11.232-1.git.1.d2cedd4.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-kuryr-controller-0:3.11.232-1.git.1.d2cedd4.el7.noarch", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.232-1.git.1.3c936ee.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.232-1.git.1.3c936ee.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.232-1.git.1.abfb991.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.232-1.git.1.abfb991.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.232-1.git.1.0216923.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.232-1.git.1.0216923.el7.x86_64", "7Server-RH7-RHOSE-3.11:python-openshift-1:0.6.4-2.el7.src", "7Server-RH7-RHOSE-3.11:python2-kuryr-kubernetes-0:3.11.232-1.git.1.d2cedd4.el7.noarch", "7Server-RH7-RHOSE-3.11:python2-openshift-1:0.6.4-2.el7.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2020-2161" }, { "category": "external", "summary": "RHBZ#1819198", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1819198" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2020-2161", "url": "https://www.cve.org/CVERecord?id=CVE-2020-2161" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-2161", "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-2161" }, { "category": "external", "summary": "https://jenkins.io/security/advisory/2020-03-25/#SECURITY-1781", "url": "https://jenkins.io/security/advisory/2020-03-25/#SECURITY-1781" } ], "release_date": "2020-03-25T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-06-17T20:23:07+00:00", "details": "Before applying this update, ensure all previously released errata relevant\nto your system is applied.\n\nSee the following documentation, which will be updated shortly for release\n3.11.232, for important instructions on how to upgrade your cluster and fully\napply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/3.11/release_notes/ocp_3_11_release_notes.html\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/articles/11258.", "product_ids": [ "7Server-RH7-RHOSE-3.11:jenkins-0:2.222.1.1591351669-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-0:2.222.1.1591351669-1.el7.src" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHBA-2020:2477" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", "version": "3.1" }, "products": [ "7Server-RH7-RHOSE-3.11:jenkins-0:2.222.1.1591351669-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-0:2.222.1.1591351669-1.el7.src" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "jenkins: XSS in job configuration pages" }, { "cve": "CVE-2020-2162", "cwe": { "id": "CWE-79", "name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)" }, "discovery_date": "2020-03-26T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.232-1.git.1.d1e3501.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.232-1.git.1.d1e3501.el7.src", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.232-1.git.1.d1e3501.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.232-1.git.1.d1e3501.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.232-1.git.1.d1e3501.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.232-1.git.0.a5bc32f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.232-1.git.0.a5bc32f.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.232-1.git.0.a5bc32f.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.232-1.git.0.a5bc32f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.232-1.git.0.a5bc32f.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.232-1.git.0.a5bc32f.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.232-1.git.1.e7433c6.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.232-1.git.1.e7433c6.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.232-1.git.1.e7433c6.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.232-1.git.1.71361e4.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.232-1.git.1.71361e4.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.232-1.git.1.71361e4.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.232-1.git.0.a5bc32f.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.232-1.git.1.e5150dd.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.232-1.git.1.e5150dd.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.232-1.git.0.a5bc32f.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.232-1.git.0.a5bc32f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.232-1.git.0.a5bc32f.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.232-1.git.0.a5bc32f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.232-1.git.0.a5bc32f.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.232-1.git.0.a5bc32f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.232-1.git.0.a5bc32f.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.232-1.git.1.8c5f5b4.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.232-1.git.1.8c5f5b4.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.232-1.git.1.8c5f5b4.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.232-1.git.0.a5bc32f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.232-1.git.0.a5bc32f.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.232-1.git.1.d41afaf.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.232-1.git.1.d41afaf.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.232-1.git.1.d41afaf.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.232-1.git.0.a5bc32f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.232-1.git.0.a5bc32f.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.232-1.git.0.a5bc32f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.232-1.git.0.a5bc32f.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.232-1.git.1.424e270.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.232-1.git.1.424e270.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.232-1.git.1.424e270.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.232-1.git.0.a5bc32f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.232-1.git.0.a5bc32f.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.232-1.git.0.a5bc32f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.232-1.git.0.a5bc32f.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.232-1.git.1.0f92c9e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.232-1.git.1.0f92c9e.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.232-1.git.1.0f92c9e.el7.x86_64", "7Server-RH7-RHOSE-3.11:cri-tools-0:1.11.1-3.rhaos3.11.gitedabfb5.el7.ppc64le", "7Server-RH7-RHOSE-3.11:cri-tools-0:1.11.1-3.rhaos3.11.gitedabfb5.el7.src", "7Server-RH7-RHOSE-3.11:cri-tools-0:1.11.1-3.rhaos3.11.gitedabfb5.el7.x86_64", "7Server-RH7-RHOSE-3.11:cri-tools-debuginfo-0:1.11.1-3.rhaos3.11.gitedabfb5.el7.ppc64le", "7Server-RH7-RHOSE-3.11:cri-tools-debuginfo-0:1.11.1-3.rhaos3.11.gitedabfb5.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-cpuguy83-go-md2man-0:1.0.7-1.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-cpuguy83-go-md2man-0:1.0.7-1.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.232-1.git.1.db200ae.el7.ppc64le", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.232-1.git.1.db200ae.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.232-1.git.1.db200ae.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.232-1.git.1.abfb991.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.232-1.git.1.0216923.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.232-1.git.1.3c936ee.el7.src", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1591354111-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1591354111-1.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.232-1.git.0.f0f2213.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.232-1.git.0.f0f2213.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.232-1.git.0.f0f2213.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.232-1.git.0.f0f2213.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.232-1.git.0.f0f2213.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.232-1.git.0.f0f2213.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.232-1.git.1.2756a13.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.232-1.git.1.2756a13.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.232-1.git.1.2756a13.el7.x86_64", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.232-1.git.1.2e0c082.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.232-1.git.1.2e0c082.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.232-1.git.1.2e0c082.el7.x86_64", "7Server-RH7-RHOSE-3.11:openshift-kuryr-0:3.11.232-1.git.1.d2cedd4.el7.src", "7Server-RH7-RHOSE-3.11:openshift-kuryr-cni-0:3.11.232-1.git.1.d2cedd4.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-kuryr-common-0:3.11.232-1.git.1.d2cedd4.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-kuryr-controller-0:3.11.232-1.git.1.d2cedd4.el7.noarch", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.232-1.git.1.3c936ee.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.232-1.git.1.3c936ee.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.232-1.git.1.abfb991.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.232-1.git.1.abfb991.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.232-1.git.1.0216923.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.232-1.git.1.0216923.el7.x86_64", "7Server-RH7-RHOSE-3.11:python-openshift-1:0.6.4-2.el7.src", "7Server-RH7-RHOSE-3.11:python2-kuryr-kubernetes-0:3.11.232-1.git.1.d2cedd4.el7.noarch", "7Server-RH7-RHOSE-3.11:python2-openshift-1:0.6.4-2.el7.noarch" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1819211" } ], "notes": [ { "category": "description", "text": "Jenkins 2.227 and earlier, LTS 2.204.5 and earlier does not set Content-Security-Policy headers for files uploaded as file parameters to a build, resulting in a stored XSS vulnerability.", "title": "Vulnerability description" }, { "category": "summary", "text": "jenkins: Content-Security-Policy headers for files uploaded leads to XSS", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-RH7-RHOSE-3.11:jenkins-0:2.222.1.1591351669-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-0:2.222.1.1591351669-1.el7.src" ], "known_not_affected": [ "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.232-1.git.1.d1e3501.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.232-1.git.1.d1e3501.el7.src", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.232-1.git.1.d1e3501.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.232-1.git.1.d1e3501.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.232-1.git.1.d1e3501.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.232-1.git.0.a5bc32f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.232-1.git.0.a5bc32f.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.232-1.git.0.a5bc32f.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.232-1.git.0.a5bc32f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.232-1.git.0.a5bc32f.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.232-1.git.0.a5bc32f.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.232-1.git.1.e7433c6.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.232-1.git.1.e7433c6.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.232-1.git.1.e7433c6.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.232-1.git.1.71361e4.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.232-1.git.1.71361e4.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.232-1.git.1.71361e4.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.232-1.git.0.a5bc32f.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.232-1.git.1.e5150dd.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.232-1.git.1.e5150dd.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.232-1.git.0.a5bc32f.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.232-1.git.0.a5bc32f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.232-1.git.0.a5bc32f.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.232-1.git.0.a5bc32f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.232-1.git.0.a5bc32f.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.232-1.git.0.a5bc32f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.232-1.git.0.a5bc32f.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.232-1.git.1.8c5f5b4.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.232-1.git.1.8c5f5b4.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.232-1.git.1.8c5f5b4.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.232-1.git.0.a5bc32f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.232-1.git.0.a5bc32f.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.232-1.git.1.d41afaf.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.232-1.git.1.d41afaf.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.232-1.git.1.d41afaf.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.232-1.git.0.a5bc32f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.232-1.git.0.a5bc32f.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.232-1.git.0.a5bc32f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.232-1.git.0.a5bc32f.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.232-1.git.1.424e270.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.232-1.git.1.424e270.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.232-1.git.1.424e270.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.232-1.git.0.a5bc32f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.232-1.git.0.a5bc32f.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.232-1.git.0.a5bc32f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.232-1.git.0.a5bc32f.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.232-1.git.1.0f92c9e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.232-1.git.1.0f92c9e.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.232-1.git.1.0f92c9e.el7.x86_64", "7Server-RH7-RHOSE-3.11:cri-tools-0:1.11.1-3.rhaos3.11.gitedabfb5.el7.ppc64le", "7Server-RH7-RHOSE-3.11:cri-tools-0:1.11.1-3.rhaos3.11.gitedabfb5.el7.src", "7Server-RH7-RHOSE-3.11:cri-tools-0:1.11.1-3.rhaos3.11.gitedabfb5.el7.x86_64", "7Server-RH7-RHOSE-3.11:cri-tools-debuginfo-0:1.11.1-3.rhaos3.11.gitedabfb5.el7.ppc64le", "7Server-RH7-RHOSE-3.11:cri-tools-debuginfo-0:1.11.1-3.rhaos3.11.gitedabfb5.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-cpuguy83-go-md2man-0:1.0.7-1.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-cpuguy83-go-md2man-0:1.0.7-1.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.232-1.git.1.db200ae.el7.ppc64le", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.232-1.git.1.db200ae.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.232-1.git.1.db200ae.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.232-1.git.1.abfb991.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.232-1.git.1.0216923.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.232-1.git.1.3c936ee.el7.src", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1591354111-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1591354111-1.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.232-1.git.0.f0f2213.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.232-1.git.0.f0f2213.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.232-1.git.0.f0f2213.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.232-1.git.0.f0f2213.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.232-1.git.0.f0f2213.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.232-1.git.0.f0f2213.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.232-1.git.1.2756a13.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.232-1.git.1.2756a13.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.232-1.git.1.2756a13.el7.x86_64", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.232-1.git.1.2e0c082.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.232-1.git.1.2e0c082.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.232-1.git.1.2e0c082.el7.x86_64", "7Server-RH7-RHOSE-3.11:openshift-kuryr-0:3.11.232-1.git.1.d2cedd4.el7.src", "7Server-RH7-RHOSE-3.11:openshift-kuryr-cni-0:3.11.232-1.git.1.d2cedd4.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-kuryr-common-0:3.11.232-1.git.1.d2cedd4.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-kuryr-controller-0:3.11.232-1.git.1.d2cedd4.el7.noarch", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.232-1.git.1.3c936ee.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.232-1.git.1.3c936ee.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.232-1.git.1.abfb991.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.232-1.git.1.abfb991.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.232-1.git.1.0216923.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.232-1.git.1.0216923.el7.x86_64", "7Server-RH7-RHOSE-3.11:python-openshift-1:0.6.4-2.el7.src", "7Server-RH7-RHOSE-3.11:python2-kuryr-kubernetes-0:3.11.232-1.git.1.d2cedd4.el7.noarch", "7Server-RH7-RHOSE-3.11:python2-openshift-1:0.6.4-2.el7.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2020-2162" }, { "category": "external", "summary": "RHBZ#1819211", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1819211" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2020-2162", "url": "https://www.cve.org/CVERecord?id=CVE-2020-2162" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-2162", "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-2162" }, { "category": "external", "summary": "https://jenkins.io/security/advisory/2020-03-25/#SECURITY-1793", "url": "https://jenkins.io/security/advisory/2020-03-25/#SECURITY-1793" } ], "release_date": "2020-03-25T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-06-17T20:23:07+00:00", "details": "Before applying this update, ensure all previously released errata relevant\nto your system is applied.\n\nSee the following documentation, which will be updated shortly for release\n3.11.232, for important instructions on how to upgrade your cluster and fully\napply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/3.11/release_notes/ocp_3_11_release_notes.html\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/articles/11258.", "product_ids": [ "7Server-RH7-RHOSE-3.11:jenkins-0:2.222.1.1591351669-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-0:2.222.1.1591351669-1.el7.src" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHBA-2020:2477" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", "version": "3.1" }, "products": [ "7Server-RH7-RHOSE-3.11:jenkins-0:2.222.1.1591351669-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-0:2.222.1.1591351669-1.el7.src" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "jenkins: Content-Security-Policy headers for files uploaded leads to XSS" }, { "cve": "CVE-2020-2163", "cwe": { "id": "CWE-79", "name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)" }, "discovery_date": "2020-03-25T00:00:00+00:00", "flags": [ { "label": "vulnerable_code_not_present", "product_ids": [ "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.232-1.git.1.d1e3501.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.232-1.git.1.d1e3501.el7.src", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.232-1.git.1.d1e3501.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.232-1.git.1.d1e3501.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.232-1.git.1.d1e3501.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.232-1.git.0.a5bc32f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.232-1.git.0.a5bc32f.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.232-1.git.0.a5bc32f.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.232-1.git.0.a5bc32f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.232-1.git.0.a5bc32f.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.232-1.git.0.a5bc32f.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.232-1.git.1.e7433c6.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.232-1.git.1.e7433c6.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.232-1.git.1.e7433c6.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.232-1.git.1.71361e4.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.232-1.git.1.71361e4.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.232-1.git.1.71361e4.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.232-1.git.0.a5bc32f.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.232-1.git.1.e5150dd.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.232-1.git.1.e5150dd.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.232-1.git.0.a5bc32f.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.232-1.git.0.a5bc32f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.232-1.git.0.a5bc32f.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.232-1.git.0.a5bc32f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.232-1.git.0.a5bc32f.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.232-1.git.0.a5bc32f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.232-1.git.0.a5bc32f.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.232-1.git.1.8c5f5b4.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.232-1.git.1.8c5f5b4.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.232-1.git.1.8c5f5b4.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.232-1.git.0.a5bc32f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.232-1.git.0.a5bc32f.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.232-1.git.1.d41afaf.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.232-1.git.1.d41afaf.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.232-1.git.1.d41afaf.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.232-1.git.0.a5bc32f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.232-1.git.0.a5bc32f.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.232-1.git.0.a5bc32f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.232-1.git.0.a5bc32f.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.232-1.git.1.424e270.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.232-1.git.1.424e270.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.232-1.git.1.424e270.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.232-1.git.0.a5bc32f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.232-1.git.0.a5bc32f.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.232-1.git.0.a5bc32f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.232-1.git.0.a5bc32f.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.232-1.git.1.0f92c9e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.232-1.git.1.0f92c9e.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.232-1.git.1.0f92c9e.el7.x86_64", "7Server-RH7-RHOSE-3.11:cri-tools-0:1.11.1-3.rhaos3.11.gitedabfb5.el7.ppc64le", "7Server-RH7-RHOSE-3.11:cri-tools-0:1.11.1-3.rhaos3.11.gitedabfb5.el7.src", "7Server-RH7-RHOSE-3.11:cri-tools-0:1.11.1-3.rhaos3.11.gitedabfb5.el7.x86_64", "7Server-RH7-RHOSE-3.11:cri-tools-debuginfo-0:1.11.1-3.rhaos3.11.gitedabfb5.el7.ppc64le", "7Server-RH7-RHOSE-3.11:cri-tools-debuginfo-0:1.11.1-3.rhaos3.11.gitedabfb5.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-cpuguy83-go-md2man-0:1.0.7-1.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-cpuguy83-go-md2man-0:1.0.7-1.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.232-1.git.1.db200ae.el7.ppc64le", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.232-1.git.1.db200ae.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.232-1.git.1.db200ae.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.232-1.git.1.abfb991.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.232-1.git.1.0216923.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.232-1.git.1.3c936ee.el7.src", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1591354111-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1591354111-1.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.232-1.git.0.f0f2213.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.232-1.git.0.f0f2213.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.232-1.git.0.f0f2213.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.232-1.git.0.f0f2213.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.232-1.git.0.f0f2213.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.232-1.git.0.f0f2213.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.232-1.git.1.2756a13.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.232-1.git.1.2756a13.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.232-1.git.1.2756a13.el7.x86_64", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.232-1.git.1.2e0c082.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.232-1.git.1.2e0c082.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.232-1.git.1.2e0c082.el7.x86_64", "7Server-RH7-RHOSE-3.11:openshift-kuryr-0:3.11.232-1.git.1.d2cedd4.el7.src", "7Server-RH7-RHOSE-3.11:openshift-kuryr-cni-0:3.11.232-1.git.1.d2cedd4.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-kuryr-common-0:3.11.232-1.git.1.d2cedd4.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-kuryr-controller-0:3.11.232-1.git.1.d2cedd4.el7.noarch", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.232-1.git.1.3c936ee.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.232-1.git.1.3c936ee.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.232-1.git.1.abfb991.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.232-1.git.1.abfb991.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.232-1.git.1.0216923.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.232-1.git.1.0216923.el7.x86_64", "7Server-RH7-RHOSE-3.11:python-openshift-1:0.6.4-2.el7.src", "7Server-RH7-RHOSE-3.11:python2-kuryr-kubernetes-0:3.11.232-1.git.1.d2cedd4.el7.noarch", "7Server-RH7-RHOSE-3.11:python2-openshift-1:0.6.4-2.el7.noarch" ] } ], "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1819222" } ], "notes": [ { "category": "description", "text": "Jenkins 2.227 and earlier, LTS 2.204.5 and earlier improperly processes HTML content of list view column headers, resulting in a stored XSS vulnerability exploitable by users able to control column headers.", "title": "Vulnerability description" }, { "category": "summary", "text": "jenkins: improperly processes HTML content of list leads to XSS", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-RH7-RHOSE-3.11:jenkins-0:2.222.1.1591351669-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-0:2.222.1.1591351669-1.el7.src" ], "known_not_affected": [ "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.232-1.git.1.d1e3501.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.232-1.git.1.d1e3501.el7.src", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.232-1.git.1.d1e3501.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.232-1.git.1.d1e3501.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.232-1.git.1.d1e3501.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.232-1.git.0.a5bc32f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.232-1.git.0.a5bc32f.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.232-1.git.0.a5bc32f.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.232-1.git.0.a5bc32f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.232-1.git.0.a5bc32f.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.232-1.git.0.a5bc32f.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.232-1.git.1.e7433c6.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.232-1.git.1.e7433c6.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.232-1.git.1.e7433c6.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.232-1.git.1.71361e4.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.232-1.git.1.71361e4.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.232-1.git.1.71361e4.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.232-1.git.0.a5bc32f.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.232-1.git.1.e5150dd.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.232-1.git.1.e5150dd.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.232-1.git.0.a5bc32f.el7.noarch", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.232-1.git.0.a5bc32f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.232-1.git.0.a5bc32f.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.232-1.git.0.a5bc32f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.232-1.git.0.a5bc32f.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.232-1.git.0.a5bc32f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.232-1.git.0.a5bc32f.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.232-1.git.1.8c5f5b4.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.232-1.git.1.8c5f5b4.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.232-1.git.1.8c5f5b4.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.232-1.git.0.a5bc32f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.232-1.git.0.a5bc32f.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.232-1.git.1.d41afaf.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.232-1.git.1.d41afaf.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.232-1.git.1.d41afaf.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.232-1.git.0.a5bc32f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.232-1.git.0.a5bc32f.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.232-1.git.0.a5bc32f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.232-1.git.0.a5bc32f.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.232-1.git.1.424e270.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.232-1.git.1.424e270.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.232-1.git.1.424e270.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.232-1.git.0.a5bc32f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.232-1.git.0.a5bc32f.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.232-1.git.0.a5bc32f.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.232-1.git.0.a5bc32f.el7.x86_64", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.232-1.git.1.0f92c9e.el7.ppc64le", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.232-1.git.1.0f92c9e.el7.src", "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.232-1.git.1.0f92c9e.el7.x86_64", "7Server-RH7-RHOSE-3.11:cri-tools-0:1.11.1-3.rhaos3.11.gitedabfb5.el7.ppc64le", "7Server-RH7-RHOSE-3.11:cri-tools-0:1.11.1-3.rhaos3.11.gitedabfb5.el7.src", "7Server-RH7-RHOSE-3.11:cri-tools-0:1.11.1-3.rhaos3.11.gitedabfb5.el7.x86_64", "7Server-RH7-RHOSE-3.11:cri-tools-debuginfo-0:1.11.1-3.rhaos3.11.gitedabfb5.el7.ppc64le", "7Server-RH7-RHOSE-3.11:cri-tools-debuginfo-0:1.11.1-3.rhaos3.11.gitedabfb5.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-cpuguy83-go-md2man-0:1.0.7-1.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-cpuguy83-go-md2man-0:1.0.7-1.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.232-1.git.1.db200ae.el7.ppc64le", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.232-1.git.1.db200ae.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.232-1.git.1.db200ae.el7.x86_64", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.232-1.git.1.abfb991.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.232-1.git.1.0216923.el7.src", "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.232-1.git.1.3c936ee.el7.src", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1591354111-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1591354111-1.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.232-1.git.0.f0f2213.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.232-1.git.0.f0f2213.el7.src", "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.232-1.git.0.f0f2213.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.232-1.git.0.f0f2213.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.232-1.git.0.f0f2213.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.232-1.git.0.f0f2213.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.232-1.git.1.2756a13.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.232-1.git.1.2756a13.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.232-1.git.1.2756a13.el7.x86_64", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.232-1.git.1.2e0c082.el7.ppc64le", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.232-1.git.1.2e0c082.el7.src", "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.232-1.git.1.2e0c082.el7.x86_64", "7Server-RH7-RHOSE-3.11:openshift-kuryr-0:3.11.232-1.git.1.d2cedd4.el7.src", "7Server-RH7-RHOSE-3.11:openshift-kuryr-cni-0:3.11.232-1.git.1.d2cedd4.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-kuryr-common-0:3.11.232-1.git.1.d2cedd4.el7.noarch", "7Server-RH7-RHOSE-3.11:openshift-kuryr-controller-0:3.11.232-1.git.1.d2cedd4.el7.noarch", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.232-1.git.1.3c936ee.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.232-1.git.1.3c936ee.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.232-1.git.1.abfb991.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.232-1.git.1.abfb991.el7.x86_64", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.232-1.git.1.0216923.el7.ppc64le", "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.232-1.git.1.0216923.el7.x86_64", "7Server-RH7-RHOSE-3.11:python-openshift-1:0.6.4-2.el7.src", "7Server-RH7-RHOSE-3.11:python2-kuryr-kubernetes-0:3.11.232-1.git.1.d2cedd4.el7.noarch", "7Server-RH7-RHOSE-3.11:python2-openshift-1:0.6.4-2.el7.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2020-2163" }, { "category": "external", "summary": "RHBZ#1819222", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1819222" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2020-2163", "url": "https://www.cve.org/CVERecord?id=CVE-2020-2163" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-2163", "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-2163" }, { "category": "external", "summary": "https://jenkins.io/security/advisory/2020-03-25/#SECURITY-1796", "url": "https://jenkins.io/security/advisory/2020-03-25/#SECURITY-1796" } ], "release_date": "2020-03-26T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-06-17T20:23:07+00:00", "details": "Before applying this update, ensure all previously released errata relevant\nto your system is applied.\n\nSee the following documentation, which will be updated shortly for release\n3.11.232, for important instructions on how to upgrade your cluster and fully\napply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/3.11/release_notes/ocp_3_11_release_notes.html\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/articles/11258.", "product_ids": [ "7Server-RH7-RHOSE-3.11:jenkins-0:2.222.1.1591351669-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-0:2.222.1.1591351669-1.el7.src" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHBA-2020:2477" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", "version": "3.1" }, "products": [ "7Server-RH7-RHOSE-3.11:jenkins-0:2.222.1.1591351669-1.el7.noarch", "7Server-RH7-RHOSE-3.11:jenkins-0:2.222.1.1591351669-1.el7.src" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "jenkins: improperly processes HTML content of list leads to XSS" } ] }
rhba-2020_2435
Vulnerability from csaf_redhat
Notes
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Important" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "Red Hat OpenShift Container Platform release 4.3.25 is now available with\nupdates to packages and images that fix several bugs.", "title": "Topic" }, { "category": "general", "text": "Red Hat OpenShift Container Platform is Red Hat\u0027s cloud computing\nKubernetes application platform solution designed for on-premise or private\ncloud deployments.\n\nThis advisory contains the RPM packages for Red Hat OpenShift Container\nPlatform 4.3.25. See the following advisory for the container images for\nthis release:\n\nhttps://access.redhat.com/errata/RHBA-2020:2436\n\nAll OpenShift Container Platform 4.3 users are advised to upgrade to these\nupdated packages and images.", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHBA-2020:2435", "url": "https://access.redhat.com/errata/RHBA-2020:2435" }, { "category": "external", "summary": "1843457", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1843457" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2020/rhba-2020_2435.json" } ], "title": "Red Hat Bug Fix Advisory: OpenShift Container Platform 4.3.25 packages update", "tracking": { "current_release_date": "2024-11-05T15:56:49+00:00", "generator": { "date": "2024-11-05T15:56:49+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.1.1" } }, "id": "RHBA-2020:2435", "initial_release_date": "2020-06-17T19:44:05+00:00", "revision_history": [ { "date": "2020-06-17T19:44:05+00:00", "number": "1", "summary": "Initial version" }, { "date": "2020-06-17T19:44:05+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-11-05T15:56:49+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat OpenShift Container Platform 4.3", "product": { "name": "Red Hat OpenShift Container Platform 4.3", "product_id": "8Base-RHOSE-4.3", "product_identification_helper": { "cpe": "cpe:/a:redhat:openshift:4.3::el8" } } }, { "category": "product_name", "name": "Red Hat OpenShift Container Platform 4.3", "product": { "name": "Red Hat OpenShift Container Platform 4.3", "product_id": "7Server-RH7-RHOSE-4.3", "product_identification_helper": { "cpe": "cpe:/a:redhat:openshift:4.3::el7" } } } ], "category": "product_family", "name": "Red Hat OpenShift Enterprise" }, { "branches": [ { "category": "product_version", "name": "s390utils-2:2.6.0-23.el8.s390x", "product": { "name": "s390utils-2:2.6.0-23.el8.s390x", "product_id": "s390utils-2:2.6.0-23.el8.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/s390utils@2.6.0-23.el8?arch=s390x\u0026epoch=2" } } }, { "category": "product_version", "name": "s390utils-base-2:2.6.0-23.el8.s390x", "product": { "name": "s390utils-base-2:2.6.0-23.el8.s390x", "product_id": "s390utils-base-2:2.6.0-23.el8.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/s390utils-base@2.6.0-23.el8?arch=s390x\u0026epoch=2" } } }, { "category": "product_version", "name": "s390utils-cmsfs-2:2.6.0-23.el8.s390x", "product": { "name": "s390utils-cmsfs-2:2.6.0-23.el8.s390x", "product_id": "s390utils-cmsfs-2:2.6.0-23.el8.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/s390utils-cmsfs@2.6.0-23.el8?arch=s390x\u0026epoch=2" } } }, { "category": "product_version", "name": "s390utils-cmsfs-fuse-2:2.6.0-23.el8.s390x", "product": { "name": "s390utils-cmsfs-fuse-2:2.6.0-23.el8.s390x", "product_id": "s390utils-cmsfs-fuse-2:2.6.0-23.el8.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/s390utils-cmsfs-fuse@2.6.0-23.el8?arch=s390x\u0026epoch=2" } } }, { "category": "product_version", "name": "s390utils-cpacfstatsd-2:2.6.0-23.el8.s390x", "product": { "name": "s390utils-cpacfstatsd-2:2.6.0-23.el8.s390x", "product_id": "s390utils-cpacfstatsd-2:2.6.0-23.el8.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/s390utils-cpacfstatsd@2.6.0-23.el8?arch=s390x\u0026epoch=2" } } }, { "category": "product_version", "name": "s390utils-cpuplugd-2:2.6.0-23.el8.s390x", "product": { "name": "s390utils-cpuplugd-2:2.6.0-23.el8.s390x", "product_id": "s390utils-cpuplugd-2:2.6.0-23.el8.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/s390utils-cpuplugd@2.6.0-23.el8?arch=s390x\u0026epoch=2" } } }, { "category": "product_version", "name": "s390utils-devel-2:2.6.0-23.el8.s390x", "product": { "name": "s390utils-devel-2:2.6.0-23.el8.s390x", "product_id": "s390utils-devel-2:2.6.0-23.el8.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/s390utils-devel@2.6.0-23.el8?arch=s390x\u0026epoch=2" } } }, { "category": "product_version", "name": "s390utils-hmcdrvfs-2:2.6.0-23.el8.s390x", "product": { "name": "s390utils-hmcdrvfs-2:2.6.0-23.el8.s390x", "product_id": "s390utils-hmcdrvfs-2:2.6.0-23.el8.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/s390utils-hmcdrvfs@2.6.0-23.el8?arch=s390x\u0026epoch=2" } } }, { "category": "product_version", "name": "s390utils-iucvterm-2:2.6.0-23.el8.s390x", "product": { "name": "s390utils-iucvterm-2:2.6.0-23.el8.s390x", "product_id": "s390utils-iucvterm-2:2.6.0-23.el8.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/s390utils-iucvterm@2.6.0-23.el8?arch=s390x\u0026epoch=2" } } }, { "category": "product_version", "name": "s390utils-mon_statd-2:2.6.0-23.el8.s390x", "product": { "name": "s390utils-mon_statd-2:2.6.0-23.el8.s390x", "product_id": "s390utils-mon_statd-2:2.6.0-23.el8.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/s390utils-mon_statd@2.6.0-23.el8?arch=s390x\u0026epoch=2" } } }, { "category": "product_version", "name": "s390utils-osasnmpd-2:2.6.0-23.el8.s390x", "product": { "name": "s390utils-osasnmpd-2:2.6.0-23.el8.s390x", "product_id": "s390utils-osasnmpd-2:2.6.0-23.el8.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/s390utils-osasnmpd@2.6.0-23.el8?arch=s390x\u0026epoch=2" } } }, { "category": "product_version", "name": "s390utils-zdsfs-2:2.6.0-23.el8.s390x", "product": { "name": "s390utils-zdsfs-2:2.6.0-23.el8.s390x", "product_id": "s390utils-zdsfs-2:2.6.0-23.el8.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/s390utils-zdsfs@2.6.0-23.el8?arch=s390x\u0026epoch=2" } } }, { "category": "product_version", "name": "s390utils-ziomon-2:2.6.0-23.el8.s390x", "product": { "name": "s390utils-ziomon-2:2.6.0-23.el8.s390x", "product_id": "s390utils-ziomon-2:2.6.0-23.el8.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/s390utils-ziomon@2.6.0-23.el8?arch=s390x\u0026epoch=2" } } }, { "category": "product_version", "name": "s390utils-debugsource-2:2.6.0-23.el8.s390x", "product": { "name": "s390utils-debugsource-2:2.6.0-23.el8.s390x", "product_id": "s390utils-debugsource-2:2.6.0-23.el8.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/s390utils-debugsource@2.6.0-23.el8?arch=s390x\u0026epoch=2" } } }, { "category": "product_version", "name": "s390utils-base-debuginfo-2:2.6.0-23.el8.s390x", "product": { "name": "s390utils-base-debuginfo-2:2.6.0-23.el8.s390x", "product_id": "s390utils-base-debuginfo-2:2.6.0-23.el8.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/s390utils-base-debuginfo@2.6.0-23.el8?arch=s390x\u0026epoch=2" } } }, { "category": "product_version", "name": "s390utils-cmsfs-debuginfo-2:2.6.0-23.el8.s390x", "product": { "name": "s390utils-cmsfs-debuginfo-2:2.6.0-23.el8.s390x", "product_id": "s390utils-cmsfs-debuginfo-2:2.6.0-23.el8.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/s390utils-cmsfs-debuginfo@2.6.0-23.el8?arch=s390x\u0026epoch=2" } } }, { "category": "product_version", "name": "s390utils-cmsfs-fuse-debuginfo-2:2.6.0-23.el8.s390x", "product": { "name": "s390utils-cmsfs-fuse-debuginfo-2:2.6.0-23.el8.s390x", "product_id": "s390utils-cmsfs-fuse-debuginfo-2:2.6.0-23.el8.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/s390utils-cmsfs-fuse-debuginfo@2.6.0-23.el8?arch=s390x\u0026epoch=2" } } }, { "category": "product_version", "name": "s390utils-cpacfstatsd-debuginfo-2:2.6.0-23.el8.s390x", "product": { "name": "s390utils-cpacfstatsd-debuginfo-2:2.6.0-23.el8.s390x", "product_id": "s390utils-cpacfstatsd-debuginfo-2:2.6.0-23.el8.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/s390utils-cpacfstatsd-debuginfo@2.6.0-23.el8?arch=s390x\u0026epoch=2" } } }, { "category": "product_version", "name": "s390utils-cpuplugd-debuginfo-2:2.6.0-23.el8.s390x", "product": { "name": "s390utils-cpuplugd-debuginfo-2:2.6.0-23.el8.s390x", "product_id": "s390utils-cpuplugd-debuginfo-2:2.6.0-23.el8.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/s390utils-cpuplugd-debuginfo@2.6.0-23.el8?arch=s390x\u0026epoch=2" } } }, { "category": "product_version", "name": "s390utils-debuginfo-2:2.6.0-23.el8.s390x", "product": { "name": "s390utils-debuginfo-2:2.6.0-23.el8.s390x", "product_id": "s390utils-debuginfo-2:2.6.0-23.el8.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/s390utils-debuginfo@2.6.0-23.el8?arch=s390x\u0026epoch=2" } } }, { "category": "product_version", "name": "s390utils-hmcdrvfs-debuginfo-2:2.6.0-23.el8.s390x", "product": { "name": "s390utils-hmcdrvfs-debuginfo-2:2.6.0-23.el8.s390x", "product_id": "s390utils-hmcdrvfs-debuginfo-2:2.6.0-23.el8.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/s390utils-hmcdrvfs-debuginfo@2.6.0-23.el8?arch=s390x\u0026epoch=2" } } }, { "category": "product_version", "name": "s390utils-iucvterm-debuginfo-2:2.6.0-23.el8.s390x", "product": { "name": "s390utils-iucvterm-debuginfo-2:2.6.0-23.el8.s390x", "product_id": "s390utils-iucvterm-debuginfo-2:2.6.0-23.el8.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/s390utils-iucvterm-debuginfo@2.6.0-23.el8?arch=s390x\u0026epoch=2" } } }, { "category": "product_version", "name": "s390utils-mon_statd-debuginfo-2:2.6.0-23.el8.s390x", "product": { "name": "s390utils-mon_statd-debuginfo-2:2.6.0-23.el8.s390x", "product_id": "s390utils-mon_statd-debuginfo-2:2.6.0-23.el8.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/s390utils-mon_statd-debuginfo@2.6.0-23.el8?arch=s390x\u0026epoch=2" } } }, { "category": "product_version", "name": "s390utils-osasnmpd-debuginfo-2:2.6.0-23.el8.s390x", "product": { "name": "s390utils-osasnmpd-debuginfo-2:2.6.0-23.el8.s390x", "product_id": "s390utils-osasnmpd-debuginfo-2:2.6.0-23.el8.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/s390utils-osasnmpd-debuginfo@2.6.0-23.el8?arch=s390x\u0026epoch=2" } } }, { "category": "product_version", "name": "s390utils-zdsfs-debuginfo-2:2.6.0-23.el8.s390x", "product": { "name": "s390utils-zdsfs-debuginfo-2:2.6.0-23.el8.s390x", "product_id": "s390utils-zdsfs-debuginfo-2:2.6.0-23.el8.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/s390utils-zdsfs-debuginfo@2.6.0-23.el8?arch=s390x\u0026epoch=2" } } }, { "category": "product_version", "name": "s390utils-ziomon-debuginfo-2:2.6.0-23.el8.s390x", "product": { "name": "s390utils-ziomon-debuginfo-2:2.6.0-23.el8.s390x", "product_id": "s390utils-ziomon-debuginfo-2:2.6.0-23.el8.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/s390utils-ziomon-debuginfo@2.6.0-23.el8?arch=s390x\u0026epoch=2" } } }, { "category": "product_version", "name": "cri-o-0:1.16.6-15.dev.rhaos4.3.gitebc053b.el8.s390x", "product": { "name": "cri-o-0:1.16.6-15.dev.rhaos4.3.gitebc053b.el8.s390x", "product_id": "cri-o-0:1.16.6-15.dev.rhaos4.3.gitebc053b.el8.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/cri-o@1.16.6-15.dev.rhaos4.3.gitebc053b.el8?arch=s390x" } } }, { "category": "product_version", "name": "cri-o-debugsource-0:1.16.6-15.dev.rhaos4.3.gitebc053b.el8.s390x", "product": { "name": "cri-o-debugsource-0:1.16.6-15.dev.rhaos4.3.gitebc053b.el8.s390x", "product_id": "cri-o-debugsource-0:1.16.6-15.dev.rhaos4.3.gitebc053b.el8.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/cri-o-debugsource@1.16.6-15.dev.rhaos4.3.gitebc053b.el8?arch=s390x" } } }, { "category": "product_version", "name": "cri-o-debuginfo-0:1.16.6-15.dev.rhaos4.3.gitebc053b.el8.s390x", "product": { "name": "cri-o-debuginfo-0:1.16.6-15.dev.rhaos4.3.gitebc053b.el8.s390x", "product_id": "cri-o-debuginfo-0:1.16.6-15.dev.rhaos4.3.gitebc053b.el8.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/cri-o-debuginfo@1.16.6-15.dev.rhaos4.3.gitebc053b.el8?arch=s390x" } } }, { "category": "product_version", "name": "conmon-2:2.0.17-1.rhaos4.3.el8.s390x", "product": { "name": "conmon-2:2.0.17-1.rhaos4.3.el8.s390x", "product_id": "conmon-2:2.0.17-1.rhaos4.3.el8.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/conmon@2.0.17-1.rhaos4.3.el8?arch=s390x\u0026epoch=2" } } }, { "category": "product_version", "name": "openshift-hyperkube-0:4.3.25-202006060952.git.1.96c30f6.el8.s390x", "product": { "name": "openshift-hyperkube-0:4.3.25-202006060952.git.1.96c30f6.el8.s390x", "product_id": "openshift-hyperkube-0:4.3.25-202006060952.git.1.96c30f6.el8.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/openshift-hyperkube@4.3.25-202006060952.git.1.96c30f6.el8?arch=s390x" } } }, { "category": "product_version", "name": "openshift-clients-0:4.3.25-202006060952.git.1.fd93102.el8.s390x", "product": { "name": "openshift-clients-0:4.3.25-202006060952.git.1.fd93102.el8.s390x", "product_id": "openshift-clients-0:4.3.25-202006060952.git.1.fd93102.el8.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/openshift-clients@4.3.25-202006060952.git.1.fd93102.el8?arch=s390x" } } }, { "category": "product_version", "name": "machine-config-daemon-0:4.3.25-202006081518.git.1.478b31a.el8.s390x", "product": { "name": "machine-config-daemon-0:4.3.25-202006081518.git.1.478b31a.el8.s390x", "product_id": "machine-config-daemon-0:4.3.25-202006081518.git.1.478b31a.el8.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/machine-config-daemon@4.3.25-202006081518.git.1.478b31a.el8?arch=s390x" } } }, { "category": "product_version", "name": "cri-o-0:1.16.6-15.dev.rhaos4.3.gitebc053b.el7.s390x", "product": { "name": "cri-o-0:1.16.6-15.dev.rhaos4.3.gitebc053b.el7.s390x", "product_id": "cri-o-0:1.16.6-15.dev.rhaos4.3.gitebc053b.el7.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/cri-o@1.16.6-15.dev.rhaos4.3.gitebc053b.el7?arch=s390x" } } }, { "category": "product_version", "name": "cri-o-debuginfo-0:1.16.6-15.dev.rhaos4.3.gitebc053b.el7.s390x", "product": { "name": "cri-o-debuginfo-0:1.16.6-15.dev.rhaos4.3.gitebc053b.el7.s390x", "product_id": "cri-o-debuginfo-0:1.16.6-15.dev.rhaos4.3.gitebc053b.el7.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/cri-o-debuginfo@1.16.6-15.dev.rhaos4.3.gitebc053b.el7?arch=s390x" } } }, { "category": "product_version", "name": "conmon-2:2.0.17-1.rhaos4.3.el7.s390x", "product": { "name": "conmon-2:2.0.17-1.rhaos4.3.el7.s390x", "product_id": "conmon-2:2.0.17-1.rhaos4.3.el7.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/conmon@2.0.17-1.rhaos4.3.el7?arch=s390x\u0026epoch=2" } } }, { "category": "product_version", "name": "openshift-hyperkube-0:4.3.25-202006060952.git.1.96c30f6.el7.s390x", "product": { "name": "openshift-hyperkube-0:4.3.25-202006060952.git.1.96c30f6.el7.s390x", "product_id": "openshift-hyperkube-0:4.3.25-202006060952.git.1.96c30f6.el7.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/openshift-hyperkube@4.3.25-202006060952.git.1.96c30f6.el7?arch=s390x" } } }, { "category": "product_version", "name": "openshift-clients-0:4.3.25-202006060952.git.1.fd93102.el7.s390x", "product": { "name": "openshift-clients-0:4.3.25-202006060952.git.1.fd93102.el7.s390x", "product_id": "openshift-clients-0:4.3.25-202006060952.git.1.fd93102.el7.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/openshift-clients@4.3.25-202006060952.git.1.fd93102.el7?arch=s390x" } } }, { "category": "product_version", "name": "atomic-enterprise-service-catalog-1:4.3.25-202006081518.git.1.52b3a66.el7.s390x", "product": { "name": "atomic-enterprise-service-catalog-1:4.3.25-202006081518.git.1.52b3a66.el7.s390x", "product_id": "atomic-enterprise-service-catalog-1:4.3.25-202006081518.git.1.52b3a66.el7.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/atomic-enterprise-service-catalog@4.3.25-202006081518.git.1.52b3a66.el7?arch=s390x\u0026epoch=1" } } }, { "category": "product_version", "name": "atomic-enterprise-service-catalog-svcat-1:4.3.25-202006081518.git.1.52b3a66.el7.s390x", "product": { "name": "atomic-enterprise-service-catalog-svcat-1:4.3.25-202006081518.git.1.52b3a66.el7.s390x", "product_id": "atomic-enterprise-service-catalog-svcat-1:4.3.25-202006081518.git.1.52b3a66.el7.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/atomic-enterprise-service-catalog-svcat@4.3.25-202006081518.git.1.52b3a66.el7?arch=s390x\u0026epoch=1" } } }, { "category": "product_version", "name": "atomic-openshift-service-idler-0:4.3.25-202006081518.git.1.79365c5.el7.s390x", "product": { "name": "atomic-openshift-service-idler-0:4.3.25-202006081518.git.1.79365c5.el7.s390x", "product_id": "atomic-openshift-service-idler-0:4.3.25-202006081518.git.1.79365c5.el7.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/atomic-openshift-service-idler@4.3.25-202006081518.git.1.79365c5.el7?arch=s390x" } } } ], "category": "architecture", "name": "s390x" }, { "branches": [ { "category": "product_version", "name": "s390utils-2:2.6.0-23.el8.src", "product": { "name": "s390utils-2:2.6.0-23.el8.src", "product_id": "s390utils-2:2.6.0-23.el8.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/s390utils@2.6.0-23.el8?arch=src\u0026epoch=2" } } }, { "category": "product_version", "name": "cri-o-0:1.16.6-15.dev.rhaos4.3.gitebc053b.el8.src", "product": { "name": "cri-o-0:1.16.6-15.dev.rhaos4.3.gitebc053b.el8.src", "product_id": "cri-o-0:1.16.6-15.dev.rhaos4.3.gitebc053b.el8.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/cri-o@1.16.6-15.dev.rhaos4.3.gitebc053b.el8?arch=src" } } }, { "category": "product_version", "name": "conmon-2:2.0.17-1.rhaos4.3.el8.src", "product": { "name": "conmon-2:2.0.17-1.rhaos4.3.el8.src", "product_id": "conmon-2:2.0.17-1.rhaos4.3.el8.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/conmon@2.0.17-1.rhaos4.3.el8?arch=src\u0026epoch=2" } } }, { "category": "product_version", "name": "openshift-0:4.3.25-202006060952.git.1.96c30f6.el8.src", "product": { "name": "openshift-0:4.3.25-202006060952.git.1.96c30f6.el8.src", "product_id": "openshift-0:4.3.25-202006060952.git.1.96c30f6.el8.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/openshift@4.3.25-202006060952.git.1.96c30f6.el8?arch=src" } } }, { "category": "product_version", "name": "openshift-clients-0:4.3.25-202006060952.git.1.fd93102.el8.src", "product": { "name": "openshift-clients-0:4.3.25-202006060952.git.1.fd93102.el8.src", "product_id": "openshift-clients-0:4.3.25-202006060952.git.1.fd93102.el8.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/openshift-clients@4.3.25-202006060952.git.1.fd93102.el8?arch=src" } } }, { "category": "product_version", "name": "machine-config-daemon-0:4.3.25-202006081518.git.1.478b31a.el8.src", "product": { "name": "machine-config-daemon-0:4.3.25-202006081518.git.1.478b31a.el8.src", "product_id": "machine-config-daemon-0:4.3.25-202006081518.git.1.478b31a.el8.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/machine-config-daemon@4.3.25-202006081518.git.1.478b31a.el8?arch=src" } } }, { "category": "product_version", "name": "openshift-kuryr-0:4.3.25-202006081518.git.1.240b401.el8.src", "product": { "name": "openshift-kuryr-0:4.3.25-202006081518.git.1.240b401.el8.src", "product_id": "openshift-kuryr-0:4.3.25-202006081518.git.1.240b401.el8.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/openshift-kuryr@4.3.25-202006081518.git.1.240b401.el8?arch=src" } } }, { "category": "product_version", "name": "jenkins-0:2.222.1.1591349991-1.el7.src", "product": { "name": "jenkins-0:2.222.1.1591349991-1.el7.src", "product_id": "jenkins-0:2.222.1.1591349991-1.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jenkins@2.222.1.1591349991-1.el7?arch=src" } } }, { "category": "product_version", "name": "cri-o-0:1.16.6-15.dev.rhaos4.3.gitebc053b.el7.src", "product": { "name": "cri-o-0:1.16.6-15.dev.rhaos4.3.gitebc053b.el7.src", "product_id": "cri-o-0:1.16.6-15.dev.rhaos4.3.gitebc053b.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/cri-o@1.16.6-15.dev.rhaos4.3.gitebc053b.el7?arch=src" } } }, { "category": "product_version", "name": "conmon-2:2.0.17-1.rhaos4.3.el7.src", "product": { "name": "conmon-2:2.0.17-1.rhaos4.3.el7.src", "product_id": "conmon-2:2.0.17-1.rhaos4.3.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/conmon@2.0.17-1.rhaos4.3.el7?arch=src\u0026epoch=2" } } }, { "category": "product_version", "name": "openshift-0:4.3.25-202006060952.git.1.96c30f6.el7.src", "product": { "name": "openshift-0:4.3.25-202006060952.git.1.96c30f6.el7.src", "product_id": "openshift-0:4.3.25-202006060952.git.1.96c30f6.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/openshift@4.3.25-202006060952.git.1.96c30f6.el7?arch=src" } } }, { "category": "product_version", "name": "openshift-clients-0:4.3.25-202006060952.git.1.fd93102.el7.src", "product": { "name": "openshift-clients-0:4.3.25-202006060952.git.1.fd93102.el7.src", "product_id": "openshift-clients-0:4.3.25-202006060952.git.1.fd93102.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/openshift-clients@4.3.25-202006060952.git.1.fd93102.el7?arch=src" } } }, { "category": "product_version", "name": "openshift-ansible-0:4.3.25-202006060952.git.1.1253fde.el7.src", "product": { "name": "openshift-ansible-0:4.3.25-202006060952.git.1.1253fde.el7.src", "product_id": "openshift-ansible-0:4.3.25-202006060952.git.1.1253fde.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/openshift-ansible@4.3.25-202006060952.git.1.1253fde.el7?arch=src" } } }, { "category": "product_version", "name": "atomic-enterprise-service-catalog-1:4.3.25-202006081518.git.1.52b3a66.el7.src", "product": { "name": "atomic-enterprise-service-catalog-1:4.3.25-202006081518.git.1.52b3a66.el7.src", "product_id": "atomic-enterprise-service-catalog-1:4.3.25-202006081518.git.1.52b3a66.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/atomic-enterprise-service-catalog@4.3.25-202006081518.git.1.52b3a66.el7?arch=src\u0026epoch=1" } } }, { "category": "product_version", "name": "atomic-openshift-service-idler-0:4.3.25-202006081518.git.1.79365c5.el7.src", "product": { "name": "atomic-openshift-service-idler-0:4.3.25-202006081518.git.1.79365c5.el7.src", "product_id": "atomic-openshift-service-idler-0:4.3.25-202006081518.git.1.79365c5.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/atomic-openshift-service-idler@4.3.25-202006081518.git.1.79365c5.el7?arch=src" } } } ], "category": "architecture", "name": "src" }, { "branches": [ { "category": "product_version", "name": "cri-o-0:1.16.6-15.dev.rhaos4.3.gitebc053b.el8.ppc64le", "product": { "name": "cri-o-0:1.16.6-15.dev.rhaos4.3.gitebc053b.el8.ppc64le", "product_id": "cri-o-0:1.16.6-15.dev.rhaos4.3.gitebc053b.el8.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/cri-o@1.16.6-15.dev.rhaos4.3.gitebc053b.el8?arch=ppc64le" } } }, { "category": "product_version", "name": "cri-o-debugsource-0:1.16.6-15.dev.rhaos4.3.gitebc053b.el8.ppc64le", "product": { "name": "cri-o-debugsource-0:1.16.6-15.dev.rhaos4.3.gitebc053b.el8.ppc64le", "product_id": "cri-o-debugsource-0:1.16.6-15.dev.rhaos4.3.gitebc053b.el8.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/cri-o-debugsource@1.16.6-15.dev.rhaos4.3.gitebc053b.el8?arch=ppc64le" } } }, { "category": "product_version", "name": "cri-o-debuginfo-0:1.16.6-15.dev.rhaos4.3.gitebc053b.el8.ppc64le", "product": { "name": "cri-o-debuginfo-0:1.16.6-15.dev.rhaos4.3.gitebc053b.el8.ppc64le", "product_id": "cri-o-debuginfo-0:1.16.6-15.dev.rhaos4.3.gitebc053b.el8.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/cri-o-debuginfo@1.16.6-15.dev.rhaos4.3.gitebc053b.el8?arch=ppc64le" } } }, { "category": "product_version", "name": "conmon-2:2.0.17-1.rhaos4.3.el8.ppc64le", "product": { "name": "conmon-2:2.0.17-1.rhaos4.3.el8.ppc64le", "product_id": "conmon-2:2.0.17-1.rhaos4.3.el8.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/conmon@2.0.17-1.rhaos4.3.el8?arch=ppc64le\u0026epoch=2" } } }, { "category": "product_version", "name": "openshift-hyperkube-0:4.3.25-202006060952.git.1.96c30f6.el8.ppc64le", "product": { "name": "openshift-hyperkube-0:4.3.25-202006060952.git.1.96c30f6.el8.ppc64le", "product_id": "openshift-hyperkube-0:4.3.25-202006060952.git.1.96c30f6.el8.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/openshift-hyperkube@4.3.25-202006060952.git.1.96c30f6.el8?arch=ppc64le" } } }, { "category": "product_version", "name": "openshift-clients-0:4.3.25-202006060952.git.1.fd93102.el8.ppc64le", "product": { "name": "openshift-clients-0:4.3.25-202006060952.git.1.fd93102.el8.ppc64le", "product_id": "openshift-clients-0:4.3.25-202006060952.git.1.fd93102.el8.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/openshift-clients@4.3.25-202006060952.git.1.fd93102.el8?arch=ppc64le" } } }, { "category": "product_version", "name": "machine-config-daemon-0:4.3.25-202006081518.git.1.478b31a.el8.ppc64le", "product": { "name": "machine-config-daemon-0:4.3.25-202006081518.git.1.478b31a.el8.ppc64le", "product_id": "machine-config-daemon-0:4.3.25-202006081518.git.1.478b31a.el8.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/machine-config-daemon@4.3.25-202006081518.git.1.478b31a.el8?arch=ppc64le" } } }, { "category": "product_version", "name": "cri-o-0:1.16.6-15.dev.rhaos4.3.gitebc053b.el7.ppc64le", "product": { "name": "cri-o-0:1.16.6-15.dev.rhaos4.3.gitebc053b.el7.ppc64le", "product_id": "cri-o-0:1.16.6-15.dev.rhaos4.3.gitebc053b.el7.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/cri-o@1.16.6-15.dev.rhaos4.3.gitebc053b.el7?arch=ppc64le" } } }, { "category": "product_version", "name": "cri-o-debuginfo-0:1.16.6-15.dev.rhaos4.3.gitebc053b.el7.ppc64le", "product": { "name": "cri-o-debuginfo-0:1.16.6-15.dev.rhaos4.3.gitebc053b.el7.ppc64le", "product_id": "cri-o-debuginfo-0:1.16.6-15.dev.rhaos4.3.gitebc053b.el7.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/cri-o-debuginfo@1.16.6-15.dev.rhaos4.3.gitebc053b.el7?arch=ppc64le" } } }, { "category": "product_version", "name": "conmon-2:2.0.17-1.rhaos4.3.el7.ppc64le", "product": { "name": "conmon-2:2.0.17-1.rhaos4.3.el7.ppc64le", "product_id": "conmon-2:2.0.17-1.rhaos4.3.el7.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/conmon@2.0.17-1.rhaos4.3.el7?arch=ppc64le\u0026epoch=2" } } }, { "category": "product_version", "name": "openshift-hyperkube-0:4.3.25-202006060952.git.1.96c30f6.el7.ppc64le", "product": { "name": "openshift-hyperkube-0:4.3.25-202006060952.git.1.96c30f6.el7.ppc64le", "product_id": "openshift-hyperkube-0:4.3.25-202006060952.git.1.96c30f6.el7.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/openshift-hyperkube@4.3.25-202006060952.git.1.96c30f6.el7?arch=ppc64le" } } }, { "category": "product_version", "name": "openshift-clients-0:4.3.25-202006060952.git.1.fd93102.el7.ppc64le", "product": { "name": "openshift-clients-0:4.3.25-202006060952.git.1.fd93102.el7.ppc64le", "product_id": "openshift-clients-0:4.3.25-202006060952.git.1.fd93102.el7.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/openshift-clients@4.3.25-202006060952.git.1.fd93102.el7?arch=ppc64le" } } }, { "category": "product_version", "name": "atomic-enterprise-service-catalog-1:4.3.25-202006081518.git.1.52b3a66.el7.ppc64le", "product": { "name": "atomic-enterprise-service-catalog-1:4.3.25-202006081518.git.1.52b3a66.el7.ppc64le", "product_id": "atomic-enterprise-service-catalog-1:4.3.25-202006081518.git.1.52b3a66.el7.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/atomic-enterprise-service-catalog@4.3.25-202006081518.git.1.52b3a66.el7?arch=ppc64le\u0026epoch=1" } } }, { "category": "product_version", "name": "atomic-enterprise-service-catalog-svcat-1:4.3.25-202006081518.git.1.52b3a66.el7.ppc64le", "product": { "name": "atomic-enterprise-service-catalog-svcat-1:4.3.25-202006081518.git.1.52b3a66.el7.ppc64le", "product_id": "atomic-enterprise-service-catalog-svcat-1:4.3.25-202006081518.git.1.52b3a66.el7.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/atomic-enterprise-service-catalog-svcat@4.3.25-202006081518.git.1.52b3a66.el7?arch=ppc64le\u0026epoch=1" } } }, { "category": "product_version", "name": "atomic-openshift-service-idler-0:4.3.25-202006081518.git.1.79365c5.el7.ppc64le", "product": { "name": "atomic-openshift-service-idler-0:4.3.25-202006081518.git.1.79365c5.el7.ppc64le", "product_id": "atomic-openshift-service-idler-0:4.3.25-202006081518.git.1.79365c5.el7.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/atomic-openshift-service-idler@4.3.25-202006081518.git.1.79365c5.el7?arch=ppc64le" } } } ], "category": "architecture", "name": "ppc64le" }, { "branches": [ { "category": "product_version", "name": "cri-o-0:1.16.6-15.dev.rhaos4.3.gitebc053b.el8.x86_64", "product": { "name": "cri-o-0:1.16.6-15.dev.rhaos4.3.gitebc053b.el8.x86_64", "product_id": "cri-o-0:1.16.6-15.dev.rhaos4.3.gitebc053b.el8.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/cri-o@1.16.6-15.dev.rhaos4.3.gitebc053b.el8?arch=x86_64" } } }, { "category": "product_version", "name": "cri-o-debugsource-0:1.16.6-15.dev.rhaos4.3.gitebc053b.el8.x86_64", "product": { "name": "cri-o-debugsource-0:1.16.6-15.dev.rhaos4.3.gitebc053b.el8.x86_64", "product_id": "cri-o-debugsource-0:1.16.6-15.dev.rhaos4.3.gitebc053b.el8.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/cri-o-debugsource@1.16.6-15.dev.rhaos4.3.gitebc053b.el8?arch=x86_64" } } }, { "category": "product_version", "name": "cri-o-debuginfo-0:1.16.6-15.dev.rhaos4.3.gitebc053b.el8.x86_64", "product": { "name": "cri-o-debuginfo-0:1.16.6-15.dev.rhaos4.3.gitebc053b.el8.x86_64", "product_id": "cri-o-debuginfo-0:1.16.6-15.dev.rhaos4.3.gitebc053b.el8.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/cri-o-debuginfo@1.16.6-15.dev.rhaos4.3.gitebc053b.el8?arch=x86_64" } } }, { "category": "product_version", "name": "conmon-2:2.0.17-1.rhaos4.3.el8.x86_64", "product": { "name": "conmon-2:2.0.17-1.rhaos4.3.el8.x86_64", "product_id": "conmon-2:2.0.17-1.rhaos4.3.el8.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/conmon@2.0.17-1.rhaos4.3.el8?arch=x86_64\u0026epoch=2" } } }, { "category": "product_version", "name": "openshift-hyperkube-0:4.3.25-202006060952.git.1.96c30f6.el8.x86_64", "product": { "name": "openshift-hyperkube-0:4.3.25-202006060952.git.1.96c30f6.el8.x86_64", "product_id": "openshift-hyperkube-0:4.3.25-202006060952.git.1.96c30f6.el8.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/openshift-hyperkube@4.3.25-202006060952.git.1.96c30f6.el8?arch=x86_64" } } }, { "category": "product_version", "name": "openshift-clients-0:4.3.25-202006060952.git.1.fd93102.el8.x86_64", "product": { "name": "openshift-clients-0:4.3.25-202006060952.git.1.fd93102.el8.x86_64", "product_id": "openshift-clients-0:4.3.25-202006060952.git.1.fd93102.el8.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/openshift-clients@4.3.25-202006060952.git.1.fd93102.el8?arch=x86_64" } } }, { "category": "product_version", "name": "openshift-clients-redistributable-0:4.3.25-202006060952.git.1.fd93102.el8.x86_64", "product": { "name": "openshift-clients-redistributable-0:4.3.25-202006060952.git.1.fd93102.el8.x86_64", "product_id": "openshift-clients-redistributable-0:4.3.25-202006060952.git.1.fd93102.el8.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/openshift-clients-redistributable@4.3.25-202006060952.git.1.fd93102.el8?arch=x86_64" } } }, { "category": "product_version", "name": "machine-config-daemon-0:4.3.25-202006081518.git.1.478b31a.el8.x86_64", "product": { "name": "machine-config-daemon-0:4.3.25-202006081518.git.1.478b31a.el8.x86_64", "product_id": "machine-config-daemon-0:4.3.25-202006081518.git.1.478b31a.el8.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/machine-config-daemon@4.3.25-202006081518.git.1.478b31a.el8?arch=x86_64" } } }, { "category": "product_version", "name": "cri-o-0:1.16.6-15.dev.rhaos4.3.gitebc053b.el7.x86_64", "product": { "name": "cri-o-0:1.16.6-15.dev.rhaos4.3.gitebc053b.el7.x86_64", "product_id": "cri-o-0:1.16.6-15.dev.rhaos4.3.gitebc053b.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/cri-o@1.16.6-15.dev.rhaos4.3.gitebc053b.el7?arch=x86_64" } } }, { "category": "product_version", "name": "cri-o-debuginfo-0:1.16.6-15.dev.rhaos4.3.gitebc053b.el7.x86_64", "product": { "name": "cri-o-debuginfo-0:1.16.6-15.dev.rhaos4.3.gitebc053b.el7.x86_64", "product_id": "cri-o-debuginfo-0:1.16.6-15.dev.rhaos4.3.gitebc053b.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/cri-o-debuginfo@1.16.6-15.dev.rhaos4.3.gitebc053b.el7?arch=x86_64" } } }, { "category": "product_version", "name": "conmon-2:2.0.17-1.rhaos4.3.el7.x86_64", "product": { "name": "conmon-2:2.0.17-1.rhaos4.3.el7.x86_64", "product_id": "conmon-2:2.0.17-1.rhaos4.3.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/conmon@2.0.17-1.rhaos4.3.el7?arch=x86_64\u0026epoch=2" } } }, { "category": "product_version", "name": "openshift-hyperkube-0:4.3.25-202006060952.git.1.96c30f6.el7.x86_64", "product": { "name": "openshift-hyperkube-0:4.3.25-202006060952.git.1.96c30f6.el7.x86_64", "product_id": "openshift-hyperkube-0:4.3.25-202006060952.git.1.96c30f6.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/openshift-hyperkube@4.3.25-202006060952.git.1.96c30f6.el7?arch=x86_64" } } }, { "category": "product_version", "name": "openshift-clients-0:4.3.25-202006060952.git.1.fd93102.el7.x86_64", "product": { "name": "openshift-clients-0:4.3.25-202006060952.git.1.fd93102.el7.x86_64", "product_id": "openshift-clients-0:4.3.25-202006060952.git.1.fd93102.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/openshift-clients@4.3.25-202006060952.git.1.fd93102.el7?arch=x86_64" } } }, { "category": "product_version", "name": "openshift-clients-redistributable-0:4.3.25-202006060952.git.1.fd93102.el7.x86_64", "product": { "name": "openshift-clients-redistributable-0:4.3.25-202006060952.git.1.fd93102.el7.x86_64", "product_id": "openshift-clients-redistributable-0:4.3.25-202006060952.git.1.fd93102.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/openshift-clients-redistributable@4.3.25-202006060952.git.1.fd93102.el7?arch=x86_64" } } }, { "category": "product_version", "name": "atomic-enterprise-service-catalog-1:4.3.25-202006081518.git.1.52b3a66.el7.x86_64", "product": { "name": "atomic-enterprise-service-catalog-1:4.3.25-202006081518.git.1.52b3a66.el7.x86_64", "product_id": "atomic-enterprise-service-catalog-1:4.3.25-202006081518.git.1.52b3a66.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/atomic-enterprise-service-catalog@4.3.25-202006081518.git.1.52b3a66.el7?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "atomic-enterprise-service-catalog-svcat-1:4.3.25-202006081518.git.1.52b3a66.el7.x86_64", "product": { "name": "atomic-enterprise-service-catalog-svcat-1:4.3.25-202006081518.git.1.52b3a66.el7.x86_64", "product_id": "atomic-enterprise-service-catalog-svcat-1:4.3.25-202006081518.git.1.52b3a66.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/atomic-enterprise-service-catalog-svcat@4.3.25-202006081518.git.1.52b3a66.el7?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "atomic-openshift-service-idler-0:4.3.25-202006081518.git.1.79365c5.el7.x86_64", "product": { "name": "atomic-openshift-service-idler-0:4.3.25-202006081518.git.1.79365c5.el7.x86_64", "product_id": "atomic-openshift-service-idler-0:4.3.25-202006081518.git.1.79365c5.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/atomic-openshift-service-idler@4.3.25-202006081518.git.1.79365c5.el7?arch=x86_64" } } } ], "category": "architecture", "name": "x86_64" }, { "branches": [ { "category": "product_version", "name": "openshift-kuryr-cni-0:4.3.25-202006081518.git.1.240b401.el8.noarch", "product": { "name": "openshift-kuryr-cni-0:4.3.25-202006081518.git.1.240b401.el8.noarch", "product_id": "openshift-kuryr-cni-0:4.3.25-202006081518.git.1.240b401.el8.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/openshift-kuryr-cni@4.3.25-202006081518.git.1.240b401.el8?arch=noarch" } } }, { "category": "product_version", "name": "openshift-kuryr-common-0:4.3.25-202006081518.git.1.240b401.el8.noarch", "product": { "name": "openshift-kuryr-common-0:4.3.25-202006081518.git.1.240b401.el8.noarch", "product_id": "openshift-kuryr-common-0:4.3.25-202006081518.git.1.240b401.el8.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/openshift-kuryr-common@4.3.25-202006081518.git.1.240b401.el8?arch=noarch" } } }, { "category": "product_version", "name": "openshift-kuryr-controller-0:4.3.25-202006081518.git.1.240b401.el8.noarch", "product": { "name": "openshift-kuryr-controller-0:4.3.25-202006081518.git.1.240b401.el8.noarch", "product_id": "openshift-kuryr-controller-0:4.3.25-202006081518.git.1.240b401.el8.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/openshift-kuryr-controller@4.3.25-202006081518.git.1.240b401.el8?arch=noarch" } } }, { "category": "product_version", "name": "python3-kuryr-kubernetes-0:4.3.25-202006081518.git.1.240b401.el8.noarch", "product": { "name": "python3-kuryr-kubernetes-0:4.3.25-202006081518.git.1.240b401.el8.noarch", "product_id": "python3-kuryr-kubernetes-0:4.3.25-202006081518.git.1.240b401.el8.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/python3-kuryr-kubernetes@4.3.25-202006081518.git.1.240b401.el8?arch=noarch" } } }, { "category": "product_version", "name": "jenkins-0:2.222.1.1591349991-1.el7.noarch", "product": { "name": "jenkins-0:2.222.1.1591349991-1.el7.noarch", "product_id": "jenkins-0:2.222.1.1591349991-1.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jenkins@2.222.1.1591349991-1.el7?arch=noarch" } } }, { "category": "product_version", "name": "openshift-ansible-0:4.3.25-202006060952.git.1.1253fde.el7.noarch", "product": { "name": "openshift-ansible-0:4.3.25-202006060952.git.1.1253fde.el7.noarch", "product_id": "openshift-ansible-0:4.3.25-202006060952.git.1.1253fde.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/openshift-ansible@4.3.25-202006060952.git.1.1253fde.el7?arch=noarch" } } }, { "category": "product_version", "name": "openshift-ansible-test-0:4.3.25-202006060952.git.1.1253fde.el7.noarch", "product": { "name": "openshift-ansible-test-0:4.3.25-202006060952.git.1.1253fde.el7.noarch", "product_id": "openshift-ansible-test-0:4.3.25-202006060952.git.1.1253fde.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/openshift-ansible-test@4.3.25-202006060952.git.1.1253fde.el7?arch=noarch" } } } ], "category": "architecture", "name": "noarch" } ], "category": "vendor", "name": "Red Hat" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "atomic-enterprise-service-catalog-1:4.3.25-202006081518.git.1.52b3a66.el7.ppc64le as a component of Red Hat OpenShift Container Platform 4.3", "product_id": "7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-1:4.3.25-202006081518.git.1.52b3a66.el7.ppc64le" }, "product_reference": "atomic-enterprise-service-catalog-1:4.3.25-202006081518.git.1.52b3a66.el7.ppc64le", "relates_to_product_reference": "7Server-RH7-RHOSE-4.3" }, { "category": "default_component_of", "full_product_name": { "name": "atomic-enterprise-service-catalog-1:4.3.25-202006081518.git.1.52b3a66.el7.s390x as a component of Red Hat OpenShift Container Platform 4.3", "product_id": "7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-1:4.3.25-202006081518.git.1.52b3a66.el7.s390x" }, "product_reference": "atomic-enterprise-service-catalog-1:4.3.25-202006081518.git.1.52b3a66.el7.s390x", "relates_to_product_reference": "7Server-RH7-RHOSE-4.3" }, { "category": "default_component_of", "full_product_name": { "name": "atomic-enterprise-service-catalog-1:4.3.25-202006081518.git.1.52b3a66.el7.src as a component of Red Hat OpenShift Container Platform 4.3", "product_id": "7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-1:4.3.25-202006081518.git.1.52b3a66.el7.src" }, "product_reference": "atomic-enterprise-service-catalog-1:4.3.25-202006081518.git.1.52b3a66.el7.src", "relates_to_product_reference": "7Server-RH7-RHOSE-4.3" }, { "category": "default_component_of", "full_product_name": { "name": "atomic-enterprise-service-catalog-1:4.3.25-202006081518.git.1.52b3a66.el7.x86_64 as a component of Red Hat OpenShift Container Platform 4.3", "product_id": "7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-1:4.3.25-202006081518.git.1.52b3a66.el7.x86_64" }, "product_reference": "atomic-enterprise-service-catalog-1:4.3.25-202006081518.git.1.52b3a66.el7.x86_64", "relates_to_product_reference": "7Server-RH7-RHOSE-4.3" }, { "category": "default_component_of", "full_product_name": { "name": "atomic-enterprise-service-catalog-svcat-1:4.3.25-202006081518.git.1.52b3a66.el7.ppc64le as a component of Red Hat OpenShift Container Platform 4.3", "product_id": "7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-svcat-1:4.3.25-202006081518.git.1.52b3a66.el7.ppc64le" }, "product_reference": "atomic-enterprise-service-catalog-svcat-1:4.3.25-202006081518.git.1.52b3a66.el7.ppc64le", "relates_to_product_reference": "7Server-RH7-RHOSE-4.3" }, { "category": "default_component_of", "full_product_name": { "name": "atomic-enterprise-service-catalog-svcat-1:4.3.25-202006081518.git.1.52b3a66.el7.s390x as a component of Red Hat OpenShift Container Platform 4.3", "product_id": "7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-svcat-1:4.3.25-202006081518.git.1.52b3a66.el7.s390x" }, "product_reference": "atomic-enterprise-service-catalog-svcat-1:4.3.25-202006081518.git.1.52b3a66.el7.s390x", "relates_to_product_reference": "7Server-RH7-RHOSE-4.3" }, { "category": "default_component_of", "full_product_name": { "name": "atomic-enterprise-service-catalog-svcat-1:4.3.25-202006081518.git.1.52b3a66.el7.x86_64 as a component of Red Hat OpenShift Container Platform 4.3", "product_id": "7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-svcat-1:4.3.25-202006081518.git.1.52b3a66.el7.x86_64" }, "product_reference": "atomic-enterprise-service-catalog-svcat-1:4.3.25-202006081518.git.1.52b3a66.el7.x86_64", "relates_to_product_reference": "7Server-RH7-RHOSE-4.3" }, { "category": "default_component_of", "full_product_name": { "name": "atomic-openshift-service-idler-0:4.3.25-202006081518.git.1.79365c5.el7.ppc64le as a component of Red Hat OpenShift Container Platform 4.3", "product_id": "7Server-RH7-RHOSE-4.3:atomic-openshift-service-idler-0:4.3.25-202006081518.git.1.79365c5.el7.ppc64le" }, "product_reference": "atomic-openshift-service-idler-0:4.3.25-202006081518.git.1.79365c5.el7.ppc64le", "relates_to_product_reference": "7Server-RH7-RHOSE-4.3" }, { "category": "default_component_of", "full_product_name": { "name": "atomic-openshift-service-idler-0:4.3.25-202006081518.git.1.79365c5.el7.s390x as a component of Red Hat OpenShift Container Platform 4.3", "product_id": "7Server-RH7-RHOSE-4.3:atomic-openshift-service-idler-0:4.3.25-202006081518.git.1.79365c5.el7.s390x" }, "product_reference": "atomic-openshift-service-idler-0:4.3.25-202006081518.git.1.79365c5.el7.s390x", "relates_to_product_reference": "7Server-RH7-RHOSE-4.3" }, { "category": "default_component_of", "full_product_name": { "name": "atomic-openshift-service-idler-0:4.3.25-202006081518.git.1.79365c5.el7.src as a component of Red Hat OpenShift Container Platform 4.3", "product_id": "7Server-RH7-RHOSE-4.3:atomic-openshift-service-idler-0:4.3.25-202006081518.git.1.79365c5.el7.src" }, "product_reference": "atomic-openshift-service-idler-0:4.3.25-202006081518.git.1.79365c5.el7.src", "relates_to_product_reference": "7Server-RH7-RHOSE-4.3" }, { "category": "default_component_of", "full_product_name": { "name": "atomic-openshift-service-idler-0:4.3.25-202006081518.git.1.79365c5.el7.x86_64 as a component of Red Hat OpenShift Container Platform 4.3", "product_id": "7Server-RH7-RHOSE-4.3:atomic-openshift-service-idler-0:4.3.25-202006081518.git.1.79365c5.el7.x86_64" }, "product_reference": "atomic-openshift-service-idler-0:4.3.25-202006081518.git.1.79365c5.el7.x86_64", "relates_to_product_reference": "7Server-RH7-RHOSE-4.3" }, { "category": "default_component_of", "full_product_name": { "name": "conmon-2:2.0.17-1.rhaos4.3.el7.ppc64le as a component of Red Hat OpenShift Container Platform 4.3", "product_id": "7Server-RH7-RHOSE-4.3:conmon-2:2.0.17-1.rhaos4.3.el7.ppc64le" }, "product_reference": "conmon-2:2.0.17-1.rhaos4.3.el7.ppc64le", "relates_to_product_reference": "7Server-RH7-RHOSE-4.3" }, { "category": "default_component_of", "full_product_name": { "name": "conmon-2:2.0.17-1.rhaos4.3.el7.s390x as a component of Red Hat OpenShift Container Platform 4.3", "product_id": "7Server-RH7-RHOSE-4.3:conmon-2:2.0.17-1.rhaos4.3.el7.s390x" }, "product_reference": "conmon-2:2.0.17-1.rhaos4.3.el7.s390x", "relates_to_product_reference": "7Server-RH7-RHOSE-4.3" }, { "category": "default_component_of", "full_product_name": { "name": "conmon-2:2.0.17-1.rhaos4.3.el7.src as a component of Red Hat OpenShift Container Platform 4.3", "product_id": "7Server-RH7-RHOSE-4.3:conmon-2:2.0.17-1.rhaos4.3.el7.src" }, "product_reference": "conmon-2:2.0.17-1.rhaos4.3.el7.src", "relates_to_product_reference": "7Server-RH7-RHOSE-4.3" }, { "category": "default_component_of", "full_product_name": { "name": "conmon-2:2.0.17-1.rhaos4.3.el7.x86_64 as a component of Red Hat OpenShift Container Platform 4.3", "product_id": "7Server-RH7-RHOSE-4.3:conmon-2:2.0.17-1.rhaos4.3.el7.x86_64" }, "product_reference": "conmon-2:2.0.17-1.rhaos4.3.el7.x86_64", "relates_to_product_reference": "7Server-RH7-RHOSE-4.3" }, { "category": "default_component_of", "full_product_name": { "name": "cri-o-0:1.16.6-15.dev.rhaos4.3.gitebc053b.el7.ppc64le as a component of Red Hat OpenShift Container Platform 4.3", "product_id": "7Server-RH7-RHOSE-4.3:cri-o-0:1.16.6-15.dev.rhaos4.3.gitebc053b.el7.ppc64le" }, "product_reference": "cri-o-0:1.16.6-15.dev.rhaos4.3.gitebc053b.el7.ppc64le", "relates_to_product_reference": "7Server-RH7-RHOSE-4.3" }, { "category": "default_component_of", "full_product_name": { "name": "cri-o-0:1.16.6-15.dev.rhaos4.3.gitebc053b.el7.s390x as a component of Red Hat OpenShift Container Platform 4.3", "product_id": "7Server-RH7-RHOSE-4.3:cri-o-0:1.16.6-15.dev.rhaos4.3.gitebc053b.el7.s390x" }, "product_reference": "cri-o-0:1.16.6-15.dev.rhaos4.3.gitebc053b.el7.s390x", "relates_to_product_reference": "7Server-RH7-RHOSE-4.3" }, { "category": "default_component_of", "full_product_name": { "name": "cri-o-0:1.16.6-15.dev.rhaos4.3.gitebc053b.el7.src as a component of Red Hat OpenShift Container Platform 4.3", "product_id": "7Server-RH7-RHOSE-4.3:cri-o-0:1.16.6-15.dev.rhaos4.3.gitebc053b.el7.src" }, "product_reference": "cri-o-0:1.16.6-15.dev.rhaos4.3.gitebc053b.el7.src", "relates_to_product_reference": "7Server-RH7-RHOSE-4.3" }, { "category": "default_component_of", "full_product_name": { "name": "cri-o-0:1.16.6-15.dev.rhaos4.3.gitebc053b.el7.x86_64 as a component of Red Hat OpenShift Container Platform 4.3", "product_id": "7Server-RH7-RHOSE-4.3:cri-o-0:1.16.6-15.dev.rhaos4.3.gitebc053b.el7.x86_64" }, "product_reference": "cri-o-0:1.16.6-15.dev.rhaos4.3.gitebc053b.el7.x86_64", "relates_to_product_reference": "7Server-RH7-RHOSE-4.3" }, { "category": "default_component_of", "full_product_name": { "name": "cri-o-debuginfo-0:1.16.6-15.dev.rhaos4.3.gitebc053b.el7.ppc64le as a component of Red Hat OpenShift Container Platform 4.3", "product_id": "7Server-RH7-RHOSE-4.3:cri-o-debuginfo-0:1.16.6-15.dev.rhaos4.3.gitebc053b.el7.ppc64le" }, "product_reference": "cri-o-debuginfo-0:1.16.6-15.dev.rhaos4.3.gitebc053b.el7.ppc64le", "relates_to_product_reference": "7Server-RH7-RHOSE-4.3" }, { "category": "default_component_of", "full_product_name": { "name": "cri-o-debuginfo-0:1.16.6-15.dev.rhaos4.3.gitebc053b.el7.s390x as a component of Red Hat OpenShift Container Platform 4.3", "product_id": "7Server-RH7-RHOSE-4.3:cri-o-debuginfo-0:1.16.6-15.dev.rhaos4.3.gitebc053b.el7.s390x" }, "product_reference": "cri-o-debuginfo-0:1.16.6-15.dev.rhaos4.3.gitebc053b.el7.s390x", "relates_to_product_reference": "7Server-RH7-RHOSE-4.3" }, { "category": "default_component_of", "full_product_name": { "name": "cri-o-debuginfo-0:1.16.6-15.dev.rhaos4.3.gitebc053b.el7.x86_64 as a component of Red Hat OpenShift Container Platform 4.3", "product_id": "7Server-RH7-RHOSE-4.3:cri-o-debuginfo-0:1.16.6-15.dev.rhaos4.3.gitebc053b.el7.x86_64" }, "product_reference": "cri-o-debuginfo-0:1.16.6-15.dev.rhaos4.3.gitebc053b.el7.x86_64", "relates_to_product_reference": "7Server-RH7-RHOSE-4.3" }, { "category": "default_component_of", "full_product_name": { "name": "jenkins-0:2.222.1.1591349991-1.el7.noarch as a component of Red Hat OpenShift Container Platform 4.3", "product_id": "7Server-RH7-RHOSE-4.3:jenkins-0:2.222.1.1591349991-1.el7.noarch" }, "product_reference": "jenkins-0:2.222.1.1591349991-1.el7.noarch", "relates_to_product_reference": "7Server-RH7-RHOSE-4.3" }, { "category": "default_component_of", "full_product_name": { "name": "jenkins-0:2.222.1.1591349991-1.el7.src as a component of Red Hat OpenShift Container Platform 4.3", "product_id": "7Server-RH7-RHOSE-4.3:jenkins-0:2.222.1.1591349991-1.el7.src" }, "product_reference": "jenkins-0:2.222.1.1591349991-1.el7.src", "relates_to_product_reference": "7Server-RH7-RHOSE-4.3" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-0:4.3.25-202006060952.git.1.96c30f6.el7.src as a component of Red Hat OpenShift Container Platform 4.3", "product_id": "7Server-RH7-RHOSE-4.3:openshift-0:4.3.25-202006060952.git.1.96c30f6.el7.src" }, "product_reference": "openshift-0:4.3.25-202006060952.git.1.96c30f6.el7.src", "relates_to_product_reference": "7Server-RH7-RHOSE-4.3" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-ansible-0:4.3.25-202006060952.git.1.1253fde.el7.noarch as a component of Red Hat OpenShift Container Platform 4.3", "product_id": "7Server-RH7-RHOSE-4.3:openshift-ansible-0:4.3.25-202006060952.git.1.1253fde.el7.noarch" }, "product_reference": "openshift-ansible-0:4.3.25-202006060952.git.1.1253fde.el7.noarch", "relates_to_product_reference": "7Server-RH7-RHOSE-4.3" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-ansible-0:4.3.25-202006060952.git.1.1253fde.el7.src as a component of Red Hat OpenShift Container Platform 4.3", "product_id": "7Server-RH7-RHOSE-4.3:openshift-ansible-0:4.3.25-202006060952.git.1.1253fde.el7.src" }, "product_reference": "openshift-ansible-0:4.3.25-202006060952.git.1.1253fde.el7.src", "relates_to_product_reference": "7Server-RH7-RHOSE-4.3" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-ansible-test-0:4.3.25-202006060952.git.1.1253fde.el7.noarch as a component of Red Hat OpenShift Container Platform 4.3", "product_id": "7Server-RH7-RHOSE-4.3:openshift-ansible-test-0:4.3.25-202006060952.git.1.1253fde.el7.noarch" }, "product_reference": "openshift-ansible-test-0:4.3.25-202006060952.git.1.1253fde.el7.noarch", "relates_to_product_reference": "7Server-RH7-RHOSE-4.3" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-clients-0:4.3.25-202006060952.git.1.fd93102.el7.ppc64le as a component of Red Hat OpenShift Container Platform 4.3", "product_id": "7Server-RH7-RHOSE-4.3:openshift-clients-0:4.3.25-202006060952.git.1.fd93102.el7.ppc64le" }, "product_reference": "openshift-clients-0:4.3.25-202006060952.git.1.fd93102.el7.ppc64le", "relates_to_product_reference": "7Server-RH7-RHOSE-4.3" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-clients-0:4.3.25-202006060952.git.1.fd93102.el7.s390x as a component of Red Hat OpenShift Container Platform 4.3", "product_id": "7Server-RH7-RHOSE-4.3:openshift-clients-0:4.3.25-202006060952.git.1.fd93102.el7.s390x" }, "product_reference": "openshift-clients-0:4.3.25-202006060952.git.1.fd93102.el7.s390x", "relates_to_product_reference": "7Server-RH7-RHOSE-4.3" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-clients-0:4.3.25-202006060952.git.1.fd93102.el7.src as a component of Red Hat OpenShift Container Platform 4.3", "product_id": "7Server-RH7-RHOSE-4.3:openshift-clients-0:4.3.25-202006060952.git.1.fd93102.el7.src" }, "product_reference": "openshift-clients-0:4.3.25-202006060952.git.1.fd93102.el7.src", "relates_to_product_reference": "7Server-RH7-RHOSE-4.3" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-clients-0:4.3.25-202006060952.git.1.fd93102.el7.x86_64 as a component of Red Hat OpenShift Container Platform 4.3", "product_id": "7Server-RH7-RHOSE-4.3:openshift-clients-0:4.3.25-202006060952.git.1.fd93102.el7.x86_64" }, "product_reference": "openshift-clients-0:4.3.25-202006060952.git.1.fd93102.el7.x86_64", "relates_to_product_reference": "7Server-RH7-RHOSE-4.3" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-clients-redistributable-0:4.3.25-202006060952.git.1.fd93102.el7.x86_64 as a component of Red Hat OpenShift Container Platform 4.3", "product_id": "7Server-RH7-RHOSE-4.3:openshift-clients-redistributable-0:4.3.25-202006060952.git.1.fd93102.el7.x86_64" }, "product_reference": "openshift-clients-redistributable-0:4.3.25-202006060952.git.1.fd93102.el7.x86_64", "relates_to_product_reference": "7Server-RH7-RHOSE-4.3" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-hyperkube-0:4.3.25-202006060952.git.1.96c30f6.el7.ppc64le as a component of Red Hat OpenShift Container Platform 4.3", "product_id": "7Server-RH7-RHOSE-4.3:openshift-hyperkube-0:4.3.25-202006060952.git.1.96c30f6.el7.ppc64le" }, "product_reference": "openshift-hyperkube-0:4.3.25-202006060952.git.1.96c30f6.el7.ppc64le", "relates_to_product_reference": "7Server-RH7-RHOSE-4.3" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-hyperkube-0:4.3.25-202006060952.git.1.96c30f6.el7.s390x as a component of Red Hat OpenShift Container Platform 4.3", "product_id": "7Server-RH7-RHOSE-4.3:openshift-hyperkube-0:4.3.25-202006060952.git.1.96c30f6.el7.s390x" }, "product_reference": "openshift-hyperkube-0:4.3.25-202006060952.git.1.96c30f6.el7.s390x", "relates_to_product_reference": "7Server-RH7-RHOSE-4.3" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-hyperkube-0:4.3.25-202006060952.git.1.96c30f6.el7.x86_64 as a component of Red Hat OpenShift Container Platform 4.3", "product_id": "7Server-RH7-RHOSE-4.3:openshift-hyperkube-0:4.3.25-202006060952.git.1.96c30f6.el7.x86_64" }, "product_reference": "openshift-hyperkube-0:4.3.25-202006060952.git.1.96c30f6.el7.x86_64", "relates_to_product_reference": "7Server-RH7-RHOSE-4.3" }, { "category": "default_component_of", "full_product_name": { "name": "conmon-2:2.0.17-1.rhaos4.3.el8.ppc64le as a component of Red Hat OpenShift Container Platform 4.3", "product_id": "8Base-RHOSE-4.3:conmon-2:2.0.17-1.rhaos4.3.el8.ppc64le" }, "product_reference": "conmon-2:2.0.17-1.rhaos4.3.el8.ppc64le", "relates_to_product_reference": "8Base-RHOSE-4.3" }, { "category": "default_component_of", "full_product_name": { "name": "conmon-2:2.0.17-1.rhaos4.3.el8.s390x as a component of Red Hat OpenShift Container Platform 4.3", "product_id": "8Base-RHOSE-4.3:conmon-2:2.0.17-1.rhaos4.3.el8.s390x" }, "product_reference": "conmon-2:2.0.17-1.rhaos4.3.el8.s390x", "relates_to_product_reference": "8Base-RHOSE-4.3" }, { "category": "default_component_of", "full_product_name": { "name": "conmon-2:2.0.17-1.rhaos4.3.el8.src as a component of Red Hat OpenShift Container Platform 4.3", "product_id": "8Base-RHOSE-4.3:conmon-2:2.0.17-1.rhaos4.3.el8.src" }, "product_reference": "conmon-2:2.0.17-1.rhaos4.3.el8.src", "relates_to_product_reference": "8Base-RHOSE-4.3" }, { "category": "default_component_of", "full_product_name": { "name": "conmon-2:2.0.17-1.rhaos4.3.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.3", "product_id": "8Base-RHOSE-4.3:conmon-2:2.0.17-1.rhaos4.3.el8.x86_64" }, "product_reference": "conmon-2:2.0.17-1.rhaos4.3.el8.x86_64", "relates_to_product_reference": "8Base-RHOSE-4.3" }, { "category": "default_component_of", "full_product_name": { "name": "cri-o-0:1.16.6-15.dev.rhaos4.3.gitebc053b.el8.ppc64le as a component of Red Hat OpenShift Container Platform 4.3", "product_id": "8Base-RHOSE-4.3:cri-o-0:1.16.6-15.dev.rhaos4.3.gitebc053b.el8.ppc64le" }, "product_reference": "cri-o-0:1.16.6-15.dev.rhaos4.3.gitebc053b.el8.ppc64le", "relates_to_product_reference": "8Base-RHOSE-4.3" }, { "category": "default_component_of", "full_product_name": { "name": "cri-o-0:1.16.6-15.dev.rhaos4.3.gitebc053b.el8.s390x as a component of Red Hat OpenShift Container Platform 4.3", "product_id": "8Base-RHOSE-4.3:cri-o-0:1.16.6-15.dev.rhaos4.3.gitebc053b.el8.s390x" }, "product_reference": "cri-o-0:1.16.6-15.dev.rhaos4.3.gitebc053b.el8.s390x", "relates_to_product_reference": "8Base-RHOSE-4.3" }, { "category": "default_component_of", "full_product_name": { "name": "cri-o-0:1.16.6-15.dev.rhaos4.3.gitebc053b.el8.src as a component of Red Hat OpenShift Container Platform 4.3", "product_id": "8Base-RHOSE-4.3:cri-o-0:1.16.6-15.dev.rhaos4.3.gitebc053b.el8.src" }, "product_reference": "cri-o-0:1.16.6-15.dev.rhaos4.3.gitebc053b.el8.src", "relates_to_product_reference": "8Base-RHOSE-4.3" }, { "category": "default_component_of", "full_product_name": { "name": "cri-o-0:1.16.6-15.dev.rhaos4.3.gitebc053b.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.3", "product_id": "8Base-RHOSE-4.3:cri-o-0:1.16.6-15.dev.rhaos4.3.gitebc053b.el8.x86_64" }, "product_reference": "cri-o-0:1.16.6-15.dev.rhaos4.3.gitebc053b.el8.x86_64", "relates_to_product_reference": "8Base-RHOSE-4.3" }, { "category": "default_component_of", "full_product_name": { "name": "cri-o-debuginfo-0:1.16.6-15.dev.rhaos4.3.gitebc053b.el8.ppc64le as a component of Red Hat OpenShift Container Platform 4.3", "product_id": "8Base-RHOSE-4.3:cri-o-debuginfo-0:1.16.6-15.dev.rhaos4.3.gitebc053b.el8.ppc64le" }, "product_reference": "cri-o-debuginfo-0:1.16.6-15.dev.rhaos4.3.gitebc053b.el8.ppc64le", "relates_to_product_reference": "8Base-RHOSE-4.3" }, { "category": "default_component_of", "full_product_name": { "name": "cri-o-debuginfo-0:1.16.6-15.dev.rhaos4.3.gitebc053b.el8.s390x as a component of Red Hat OpenShift Container Platform 4.3", "product_id": "8Base-RHOSE-4.3:cri-o-debuginfo-0:1.16.6-15.dev.rhaos4.3.gitebc053b.el8.s390x" }, "product_reference": "cri-o-debuginfo-0:1.16.6-15.dev.rhaos4.3.gitebc053b.el8.s390x", "relates_to_product_reference": "8Base-RHOSE-4.3" }, { "category": "default_component_of", "full_product_name": { "name": "cri-o-debuginfo-0:1.16.6-15.dev.rhaos4.3.gitebc053b.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.3", "product_id": "8Base-RHOSE-4.3:cri-o-debuginfo-0:1.16.6-15.dev.rhaos4.3.gitebc053b.el8.x86_64" }, "product_reference": "cri-o-debuginfo-0:1.16.6-15.dev.rhaos4.3.gitebc053b.el8.x86_64", "relates_to_product_reference": "8Base-RHOSE-4.3" }, { "category": "default_component_of", "full_product_name": { "name": "cri-o-debugsource-0:1.16.6-15.dev.rhaos4.3.gitebc053b.el8.ppc64le as a component of Red Hat OpenShift Container Platform 4.3", "product_id": "8Base-RHOSE-4.3:cri-o-debugsource-0:1.16.6-15.dev.rhaos4.3.gitebc053b.el8.ppc64le" }, "product_reference": "cri-o-debugsource-0:1.16.6-15.dev.rhaos4.3.gitebc053b.el8.ppc64le", "relates_to_product_reference": "8Base-RHOSE-4.3" }, { "category": "default_component_of", "full_product_name": { "name": "cri-o-debugsource-0:1.16.6-15.dev.rhaos4.3.gitebc053b.el8.s390x as a component of Red Hat OpenShift Container Platform 4.3", "product_id": "8Base-RHOSE-4.3:cri-o-debugsource-0:1.16.6-15.dev.rhaos4.3.gitebc053b.el8.s390x" }, "product_reference": "cri-o-debugsource-0:1.16.6-15.dev.rhaos4.3.gitebc053b.el8.s390x", "relates_to_product_reference": "8Base-RHOSE-4.3" }, { "category": "default_component_of", "full_product_name": { "name": "cri-o-debugsource-0:1.16.6-15.dev.rhaos4.3.gitebc053b.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.3", "product_id": "8Base-RHOSE-4.3:cri-o-debugsource-0:1.16.6-15.dev.rhaos4.3.gitebc053b.el8.x86_64" }, "product_reference": "cri-o-debugsource-0:1.16.6-15.dev.rhaos4.3.gitebc053b.el8.x86_64", "relates_to_product_reference": "8Base-RHOSE-4.3" }, { "category": "default_component_of", "full_product_name": { "name": "machine-config-daemon-0:4.3.25-202006081518.git.1.478b31a.el8.ppc64le as a component of Red Hat OpenShift Container Platform 4.3", "product_id": "8Base-RHOSE-4.3:machine-config-daemon-0:4.3.25-202006081518.git.1.478b31a.el8.ppc64le" }, "product_reference": "machine-config-daemon-0:4.3.25-202006081518.git.1.478b31a.el8.ppc64le", "relates_to_product_reference": "8Base-RHOSE-4.3" }, { "category": "default_component_of", "full_product_name": { "name": "machine-config-daemon-0:4.3.25-202006081518.git.1.478b31a.el8.s390x as a component of Red Hat OpenShift Container Platform 4.3", "product_id": "8Base-RHOSE-4.3:machine-config-daemon-0:4.3.25-202006081518.git.1.478b31a.el8.s390x" }, "product_reference": "machine-config-daemon-0:4.3.25-202006081518.git.1.478b31a.el8.s390x", "relates_to_product_reference": "8Base-RHOSE-4.3" }, { "category": "default_component_of", "full_product_name": { "name": "machine-config-daemon-0:4.3.25-202006081518.git.1.478b31a.el8.src as a component of Red Hat OpenShift Container Platform 4.3", "product_id": "8Base-RHOSE-4.3:machine-config-daemon-0:4.3.25-202006081518.git.1.478b31a.el8.src" }, "product_reference": "machine-config-daemon-0:4.3.25-202006081518.git.1.478b31a.el8.src", "relates_to_product_reference": "8Base-RHOSE-4.3" }, { "category": "default_component_of", "full_product_name": { "name": "machine-config-daemon-0:4.3.25-202006081518.git.1.478b31a.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.3", "product_id": "8Base-RHOSE-4.3:machine-config-daemon-0:4.3.25-202006081518.git.1.478b31a.el8.x86_64" }, "product_reference": "machine-config-daemon-0:4.3.25-202006081518.git.1.478b31a.el8.x86_64", "relates_to_product_reference": "8Base-RHOSE-4.3" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-0:4.3.25-202006060952.git.1.96c30f6.el8.src as a component of Red Hat OpenShift Container Platform 4.3", "product_id": "8Base-RHOSE-4.3:openshift-0:4.3.25-202006060952.git.1.96c30f6.el8.src" }, "product_reference": "openshift-0:4.3.25-202006060952.git.1.96c30f6.el8.src", "relates_to_product_reference": "8Base-RHOSE-4.3" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-clients-0:4.3.25-202006060952.git.1.fd93102.el8.ppc64le as a component of Red Hat OpenShift Container Platform 4.3", "product_id": "8Base-RHOSE-4.3:openshift-clients-0:4.3.25-202006060952.git.1.fd93102.el8.ppc64le" }, "product_reference": "openshift-clients-0:4.3.25-202006060952.git.1.fd93102.el8.ppc64le", "relates_to_product_reference": "8Base-RHOSE-4.3" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-clients-0:4.3.25-202006060952.git.1.fd93102.el8.s390x as a component of Red Hat OpenShift Container Platform 4.3", "product_id": "8Base-RHOSE-4.3:openshift-clients-0:4.3.25-202006060952.git.1.fd93102.el8.s390x" }, "product_reference": "openshift-clients-0:4.3.25-202006060952.git.1.fd93102.el8.s390x", "relates_to_product_reference": "8Base-RHOSE-4.3" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-clients-0:4.3.25-202006060952.git.1.fd93102.el8.src as a component of Red Hat OpenShift Container Platform 4.3", "product_id": "8Base-RHOSE-4.3:openshift-clients-0:4.3.25-202006060952.git.1.fd93102.el8.src" }, "product_reference": "openshift-clients-0:4.3.25-202006060952.git.1.fd93102.el8.src", "relates_to_product_reference": "8Base-RHOSE-4.3" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-clients-0:4.3.25-202006060952.git.1.fd93102.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.3", "product_id": "8Base-RHOSE-4.3:openshift-clients-0:4.3.25-202006060952.git.1.fd93102.el8.x86_64" }, "product_reference": "openshift-clients-0:4.3.25-202006060952.git.1.fd93102.el8.x86_64", "relates_to_product_reference": "8Base-RHOSE-4.3" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-clients-redistributable-0:4.3.25-202006060952.git.1.fd93102.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.3", "product_id": "8Base-RHOSE-4.3:openshift-clients-redistributable-0:4.3.25-202006060952.git.1.fd93102.el8.x86_64" }, "product_reference": "openshift-clients-redistributable-0:4.3.25-202006060952.git.1.fd93102.el8.x86_64", "relates_to_product_reference": "8Base-RHOSE-4.3" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-hyperkube-0:4.3.25-202006060952.git.1.96c30f6.el8.ppc64le as a component of Red Hat OpenShift Container Platform 4.3", "product_id": "8Base-RHOSE-4.3:openshift-hyperkube-0:4.3.25-202006060952.git.1.96c30f6.el8.ppc64le" }, "product_reference": "openshift-hyperkube-0:4.3.25-202006060952.git.1.96c30f6.el8.ppc64le", "relates_to_product_reference": "8Base-RHOSE-4.3" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-hyperkube-0:4.3.25-202006060952.git.1.96c30f6.el8.s390x as a component of Red Hat OpenShift Container Platform 4.3", "product_id": "8Base-RHOSE-4.3:openshift-hyperkube-0:4.3.25-202006060952.git.1.96c30f6.el8.s390x" }, "product_reference": "openshift-hyperkube-0:4.3.25-202006060952.git.1.96c30f6.el8.s390x", "relates_to_product_reference": "8Base-RHOSE-4.3" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-hyperkube-0:4.3.25-202006060952.git.1.96c30f6.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.3", "product_id": "8Base-RHOSE-4.3:openshift-hyperkube-0:4.3.25-202006060952.git.1.96c30f6.el8.x86_64" }, "product_reference": "openshift-hyperkube-0:4.3.25-202006060952.git.1.96c30f6.el8.x86_64", "relates_to_product_reference": "8Base-RHOSE-4.3" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-kuryr-0:4.3.25-202006081518.git.1.240b401.el8.src as a component of Red Hat OpenShift Container Platform 4.3", "product_id": "8Base-RHOSE-4.3:openshift-kuryr-0:4.3.25-202006081518.git.1.240b401.el8.src" }, "product_reference": "openshift-kuryr-0:4.3.25-202006081518.git.1.240b401.el8.src", "relates_to_product_reference": "8Base-RHOSE-4.3" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-kuryr-cni-0:4.3.25-202006081518.git.1.240b401.el8.noarch as a component of Red Hat OpenShift Container Platform 4.3", "product_id": "8Base-RHOSE-4.3:openshift-kuryr-cni-0:4.3.25-202006081518.git.1.240b401.el8.noarch" }, "product_reference": "openshift-kuryr-cni-0:4.3.25-202006081518.git.1.240b401.el8.noarch", "relates_to_product_reference": "8Base-RHOSE-4.3" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-kuryr-common-0:4.3.25-202006081518.git.1.240b401.el8.noarch as a component of Red Hat OpenShift Container Platform 4.3", "product_id": "8Base-RHOSE-4.3:openshift-kuryr-common-0:4.3.25-202006081518.git.1.240b401.el8.noarch" }, "product_reference": "openshift-kuryr-common-0:4.3.25-202006081518.git.1.240b401.el8.noarch", "relates_to_product_reference": "8Base-RHOSE-4.3" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-kuryr-controller-0:4.3.25-202006081518.git.1.240b401.el8.noarch as a component of Red Hat OpenShift Container Platform 4.3", "product_id": "8Base-RHOSE-4.3:openshift-kuryr-controller-0:4.3.25-202006081518.git.1.240b401.el8.noarch" }, "product_reference": "openshift-kuryr-controller-0:4.3.25-202006081518.git.1.240b401.el8.noarch", "relates_to_product_reference": "8Base-RHOSE-4.3" }, { "category": "default_component_of", "full_product_name": { "name": "python3-kuryr-kubernetes-0:4.3.25-202006081518.git.1.240b401.el8.noarch as a component of Red Hat OpenShift Container Platform 4.3", "product_id": "8Base-RHOSE-4.3:python3-kuryr-kubernetes-0:4.3.25-202006081518.git.1.240b401.el8.noarch" }, "product_reference": "python3-kuryr-kubernetes-0:4.3.25-202006081518.git.1.240b401.el8.noarch", "relates_to_product_reference": "8Base-RHOSE-4.3" }, { "category": "default_component_of", "full_product_name": { "name": "s390utils-2:2.6.0-23.el8.s390x as a component of Red Hat OpenShift Container Platform 4.3", "product_id": "8Base-RHOSE-4.3:s390utils-2:2.6.0-23.el8.s390x" }, "product_reference": "s390utils-2:2.6.0-23.el8.s390x", "relates_to_product_reference": "8Base-RHOSE-4.3" }, { "category": "default_component_of", "full_product_name": { "name": "s390utils-2:2.6.0-23.el8.src as a component of Red Hat OpenShift Container Platform 4.3", "product_id": "8Base-RHOSE-4.3:s390utils-2:2.6.0-23.el8.src" }, "product_reference": "s390utils-2:2.6.0-23.el8.src", "relates_to_product_reference": "8Base-RHOSE-4.3" }, { "category": "default_component_of", "full_product_name": { "name": "s390utils-base-2:2.6.0-23.el8.s390x as a component of Red Hat OpenShift Container Platform 4.3", "product_id": "8Base-RHOSE-4.3:s390utils-base-2:2.6.0-23.el8.s390x" }, "product_reference": "s390utils-base-2:2.6.0-23.el8.s390x", "relates_to_product_reference": "8Base-RHOSE-4.3" }, { "category": "default_component_of", "full_product_name": { "name": "s390utils-base-debuginfo-2:2.6.0-23.el8.s390x as a component of Red Hat OpenShift Container Platform 4.3", "product_id": "8Base-RHOSE-4.3:s390utils-base-debuginfo-2:2.6.0-23.el8.s390x" }, "product_reference": "s390utils-base-debuginfo-2:2.6.0-23.el8.s390x", "relates_to_product_reference": "8Base-RHOSE-4.3" }, { "category": "default_component_of", "full_product_name": { "name": "s390utils-cmsfs-2:2.6.0-23.el8.s390x as a component of Red Hat OpenShift Container Platform 4.3", "product_id": "8Base-RHOSE-4.3:s390utils-cmsfs-2:2.6.0-23.el8.s390x" }, "product_reference": "s390utils-cmsfs-2:2.6.0-23.el8.s390x", "relates_to_product_reference": "8Base-RHOSE-4.3" }, { "category": "default_component_of", "full_product_name": { "name": "s390utils-cmsfs-debuginfo-2:2.6.0-23.el8.s390x as a component of Red Hat OpenShift Container Platform 4.3", "product_id": "8Base-RHOSE-4.3:s390utils-cmsfs-debuginfo-2:2.6.0-23.el8.s390x" }, "product_reference": "s390utils-cmsfs-debuginfo-2:2.6.0-23.el8.s390x", "relates_to_product_reference": "8Base-RHOSE-4.3" }, { "category": "default_component_of", "full_product_name": { "name": "s390utils-cmsfs-fuse-2:2.6.0-23.el8.s390x as a component of Red Hat OpenShift Container Platform 4.3", "product_id": "8Base-RHOSE-4.3:s390utils-cmsfs-fuse-2:2.6.0-23.el8.s390x" }, "product_reference": "s390utils-cmsfs-fuse-2:2.6.0-23.el8.s390x", "relates_to_product_reference": "8Base-RHOSE-4.3" }, { "category": "default_component_of", "full_product_name": { "name": "s390utils-cmsfs-fuse-debuginfo-2:2.6.0-23.el8.s390x as a component of Red Hat OpenShift Container Platform 4.3", "product_id": "8Base-RHOSE-4.3:s390utils-cmsfs-fuse-debuginfo-2:2.6.0-23.el8.s390x" }, "product_reference": "s390utils-cmsfs-fuse-debuginfo-2:2.6.0-23.el8.s390x", "relates_to_product_reference": "8Base-RHOSE-4.3" }, { "category": "default_component_of", "full_product_name": { "name": "s390utils-cpacfstatsd-2:2.6.0-23.el8.s390x as a component of Red Hat OpenShift Container Platform 4.3", "product_id": "8Base-RHOSE-4.3:s390utils-cpacfstatsd-2:2.6.0-23.el8.s390x" }, "product_reference": "s390utils-cpacfstatsd-2:2.6.0-23.el8.s390x", "relates_to_product_reference": "8Base-RHOSE-4.3" }, { "category": "default_component_of", "full_product_name": { "name": "s390utils-cpacfstatsd-debuginfo-2:2.6.0-23.el8.s390x as a component of Red Hat OpenShift Container Platform 4.3", "product_id": "8Base-RHOSE-4.3:s390utils-cpacfstatsd-debuginfo-2:2.6.0-23.el8.s390x" }, "product_reference": "s390utils-cpacfstatsd-debuginfo-2:2.6.0-23.el8.s390x", "relates_to_product_reference": "8Base-RHOSE-4.3" }, { "category": "default_component_of", "full_product_name": { "name": "s390utils-cpuplugd-2:2.6.0-23.el8.s390x as a component of Red Hat OpenShift Container Platform 4.3", "product_id": "8Base-RHOSE-4.3:s390utils-cpuplugd-2:2.6.0-23.el8.s390x" }, "product_reference": "s390utils-cpuplugd-2:2.6.0-23.el8.s390x", "relates_to_product_reference": "8Base-RHOSE-4.3" }, { "category": "default_component_of", "full_product_name": { "name": "s390utils-cpuplugd-debuginfo-2:2.6.0-23.el8.s390x as a component of Red Hat OpenShift Container Platform 4.3", "product_id": "8Base-RHOSE-4.3:s390utils-cpuplugd-debuginfo-2:2.6.0-23.el8.s390x" }, "product_reference": "s390utils-cpuplugd-debuginfo-2:2.6.0-23.el8.s390x", "relates_to_product_reference": "8Base-RHOSE-4.3" }, { "category": "default_component_of", "full_product_name": { "name": "s390utils-debuginfo-2:2.6.0-23.el8.s390x as a component of Red Hat OpenShift Container Platform 4.3", "product_id": "8Base-RHOSE-4.3:s390utils-debuginfo-2:2.6.0-23.el8.s390x" }, "product_reference": "s390utils-debuginfo-2:2.6.0-23.el8.s390x", "relates_to_product_reference": "8Base-RHOSE-4.3" }, { "category": "default_component_of", "full_product_name": { "name": "s390utils-debugsource-2:2.6.0-23.el8.s390x as a component of Red Hat OpenShift Container Platform 4.3", "product_id": "8Base-RHOSE-4.3:s390utils-debugsource-2:2.6.0-23.el8.s390x" }, "product_reference": "s390utils-debugsource-2:2.6.0-23.el8.s390x", "relates_to_product_reference": "8Base-RHOSE-4.3" }, { "category": "default_component_of", "full_product_name": { "name": "s390utils-devel-2:2.6.0-23.el8.s390x as a component of Red Hat OpenShift Container Platform 4.3", "product_id": "8Base-RHOSE-4.3:s390utils-devel-2:2.6.0-23.el8.s390x" }, "product_reference": "s390utils-devel-2:2.6.0-23.el8.s390x", "relates_to_product_reference": "8Base-RHOSE-4.3" }, { "category": "default_component_of", "full_product_name": { "name": "s390utils-hmcdrvfs-2:2.6.0-23.el8.s390x as a component of Red Hat OpenShift Container Platform 4.3", "product_id": "8Base-RHOSE-4.3:s390utils-hmcdrvfs-2:2.6.0-23.el8.s390x" }, "product_reference": "s390utils-hmcdrvfs-2:2.6.0-23.el8.s390x", "relates_to_product_reference": "8Base-RHOSE-4.3" }, { "category": "default_component_of", "full_product_name": { "name": "s390utils-hmcdrvfs-debuginfo-2:2.6.0-23.el8.s390x as a component of Red Hat OpenShift Container Platform 4.3", "product_id": "8Base-RHOSE-4.3:s390utils-hmcdrvfs-debuginfo-2:2.6.0-23.el8.s390x" }, "product_reference": "s390utils-hmcdrvfs-debuginfo-2:2.6.0-23.el8.s390x", "relates_to_product_reference": "8Base-RHOSE-4.3" }, { "category": "default_component_of", "full_product_name": { "name": "s390utils-iucvterm-2:2.6.0-23.el8.s390x as a component of Red Hat OpenShift Container Platform 4.3", "product_id": "8Base-RHOSE-4.3:s390utils-iucvterm-2:2.6.0-23.el8.s390x" }, "product_reference": "s390utils-iucvterm-2:2.6.0-23.el8.s390x", "relates_to_product_reference": "8Base-RHOSE-4.3" }, { "category": "default_component_of", "full_product_name": { "name": "s390utils-iucvterm-debuginfo-2:2.6.0-23.el8.s390x as a component of Red Hat OpenShift Container Platform 4.3", "product_id": "8Base-RHOSE-4.3:s390utils-iucvterm-debuginfo-2:2.6.0-23.el8.s390x" }, "product_reference": "s390utils-iucvterm-debuginfo-2:2.6.0-23.el8.s390x", "relates_to_product_reference": "8Base-RHOSE-4.3" }, { "category": "default_component_of", "full_product_name": { "name": "s390utils-mon_statd-2:2.6.0-23.el8.s390x as a component of Red Hat OpenShift Container Platform 4.3", "product_id": "8Base-RHOSE-4.3:s390utils-mon_statd-2:2.6.0-23.el8.s390x" }, "product_reference": "s390utils-mon_statd-2:2.6.0-23.el8.s390x", "relates_to_product_reference": "8Base-RHOSE-4.3" }, { "category": "default_component_of", "full_product_name": { "name": "s390utils-mon_statd-debuginfo-2:2.6.0-23.el8.s390x as a component of Red Hat OpenShift Container Platform 4.3", "product_id": "8Base-RHOSE-4.3:s390utils-mon_statd-debuginfo-2:2.6.0-23.el8.s390x" }, "product_reference": "s390utils-mon_statd-debuginfo-2:2.6.0-23.el8.s390x", "relates_to_product_reference": "8Base-RHOSE-4.3" }, { "category": "default_component_of", "full_product_name": { "name": "s390utils-osasnmpd-2:2.6.0-23.el8.s390x as a component of Red Hat OpenShift Container Platform 4.3", "product_id": "8Base-RHOSE-4.3:s390utils-osasnmpd-2:2.6.0-23.el8.s390x" }, "product_reference": "s390utils-osasnmpd-2:2.6.0-23.el8.s390x", "relates_to_product_reference": "8Base-RHOSE-4.3" }, { "category": "default_component_of", "full_product_name": { "name": "s390utils-osasnmpd-debuginfo-2:2.6.0-23.el8.s390x as a component of Red Hat OpenShift Container Platform 4.3", "product_id": "8Base-RHOSE-4.3:s390utils-osasnmpd-debuginfo-2:2.6.0-23.el8.s390x" }, "product_reference": "s390utils-osasnmpd-debuginfo-2:2.6.0-23.el8.s390x", "relates_to_product_reference": "8Base-RHOSE-4.3" }, { "category": "default_component_of", "full_product_name": { "name": "s390utils-zdsfs-2:2.6.0-23.el8.s390x as a component of Red Hat OpenShift Container Platform 4.3", "product_id": "8Base-RHOSE-4.3:s390utils-zdsfs-2:2.6.0-23.el8.s390x" }, "product_reference": "s390utils-zdsfs-2:2.6.0-23.el8.s390x", "relates_to_product_reference": "8Base-RHOSE-4.3" }, { "category": "default_component_of", "full_product_name": { "name": "s390utils-zdsfs-debuginfo-2:2.6.0-23.el8.s390x as a component of Red Hat OpenShift Container Platform 4.3", "product_id": "8Base-RHOSE-4.3:s390utils-zdsfs-debuginfo-2:2.6.0-23.el8.s390x" }, "product_reference": "s390utils-zdsfs-debuginfo-2:2.6.0-23.el8.s390x", "relates_to_product_reference": "8Base-RHOSE-4.3" }, { "category": "default_component_of", "full_product_name": { "name": "s390utils-ziomon-2:2.6.0-23.el8.s390x as a component of Red Hat OpenShift Container Platform 4.3", "product_id": "8Base-RHOSE-4.3:s390utils-ziomon-2:2.6.0-23.el8.s390x" }, "product_reference": "s390utils-ziomon-2:2.6.0-23.el8.s390x", "relates_to_product_reference": "8Base-RHOSE-4.3" }, { "category": "default_component_of", "full_product_name": { "name": "s390utils-ziomon-debuginfo-2:2.6.0-23.el8.s390x as a component of Red Hat OpenShift Container Platform 4.3", "product_id": "8Base-RHOSE-4.3:s390utils-ziomon-debuginfo-2:2.6.0-23.el8.s390x" }, "product_reference": "s390utils-ziomon-debuginfo-2:2.6.0-23.el8.s390x", "relates_to_product_reference": "8Base-RHOSE-4.3" } ] }, "vulnerabilities": [ { "cve": "CVE-2020-2160", "cwe": { "id": "CWE-352", "name": "Cross-Site Request Forgery (CSRF)" }, "discovery_date": "2020-03-26T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1819190" } ], "notes": [ { "category": "description", "text": "Jenkins 2.227 and earlier, LTS 2.204.5 and earlier uses different representations of request URL paths, which allows attackers to craft URLs that allow bypassing CSRF protection of any target URL.", "title": "Vulnerability description" }, { "category": "summary", "text": "jenkins: CSRF protection bypass via crafted URLs", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-1:4.3.25-202006081518.git.1.52b3a66.el7.ppc64le", "7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-1:4.3.25-202006081518.git.1.52b3a66.el7.s390x", "7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-1:4.3.25-202006081518.git.1.52b3a66.el7.src", "7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-1:4.3.25-202006081518.git.1.52b3a66.el7.x86_64", "7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-svcat-1:4.3.25-202006081518.git.1.52b3a66.el7.ppc64le", "7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-svcat-1:4.3.25-202006081518.git.1.52b3a66.el7.s390x", "7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-svcat-1:4.3.25-202006081518.git.1.52b3a66.el7.x86_64", "7Server-RH7-RHOSE-4.3:atomic-openshift-service-idler-0:4.3.25-202006081518.git.1.79365c5.el7.ppc64le", "7Server-RH7-RHOSE-4.3:atomic-openshift-service-idler-0:4.3.25-202006081518.git.1.79365c5.el7.s390x", "7Server-RH7-RHOSE-4.3:atomic-openshift-service-idler-0:4.3.25-202006081518.git.1.79365c5.el7.src", "7Server-RH7-RHOSE-4.3:atomic-openshift-service-idler-0:4.3.25-202006081518.git.1.79365c5.el7.x86_64", "7Server-RH7-RHOSE-4.3:conmon-2:2.0.17-1.rhaos4.3.el7.ppc64le", "7Server-RH7-RHOSE-4.3:conmon-2:2.0.17-1.rhaos4.3.el7.s390x", "7Server-RH7-RHOSE-4.3:conmon-2:2.0.17-1.rhaos4.3.el7.src", "7Server-RH7-RHOSE-4.3:conmon-2:2.0.17-1.rhaos4.3.el7.x86_64", "7Server-RH7-RHOSE-4.3:cri-o-0:1.16.6-15.dev.rhaos4.3.gitebc053b.el7.ppc64le", "7Server-RH7-RHOSE-4.3:cri-o-0:1.16.6-15.dev.rhaos4.3.gitebc053b.el7.s390x", "7Server-RH7-RHOSE-4.3:cri-o-0:1.16.6-15.dev.rhaos4.3.gitebc053b.el7.src", "7Server-RH7-RHOSE-4.3:cri-o-0:1.16.6-15.dev.rhaos4.3.gitebc053b.el7.x86_64", "7Server-RH7-RHOSE-4.3:cri-o-debuginfo-0:1.16.6-15.dev.rhaos4.3.gitebc053b.el7.ppc64le", "7Server-RH7-RHOSE-4.3:cri-o-debuginfo-0:1.16.6-15.dev.rhaos4.3.gitebc053b.el7.s390x", "7Server-RH7-RHOSE-4.3:cri-o-debuginfo-0:1.16.6-15.dev.rhaos4.3.gitebc053b.el7.x86_64", "7Server-RH7-RHOSE-4.3:jenkins-0:2.222.1.1591349991-1.el7.noarch", "7Server-RH7-RHOSE-4.3:jenkins-0:2.222.1.1591349991-1.el7.src", "7Server-RH7-RHOSE-4.3:openshift-0:4.3.25-202006060952.git.1.96c30f6.el7.src", "7Server-RH7-RHOSE-4.3:openshift-ansible-0:4.3.25-202006060952.git.1.1253fde.el7.noarch", "7Server-RH7-RHOSE-4.3:openshift-ansible-0:4.3.25-202006060952.git.1.1253fde.el7.src", "7Server-RH7-RHOSE-4.3:openshift-ansible-test-0:4.3.25-202006060952.git.1.1253fde.el7.noarch", "7Server-RH7-RHOSE-4.3:openshift-clients-0:4.3.25-202006060952.git.1.fd93102.el7.ppc64le", "7Server-RH7-RHOSE-4.3:openshift-clients-0:4.3.25-202006060952.git.1.fd93102.el7.s390x", "7Server-RH7-RHOSE-4.3:openshift-clients-0:4.3.25-202006060952.git.1.fd93102.el7.src", "7Server-RH7-RHOSE-4.3:openshift-clients-0:4.3.25-202006060952.git.1.fd93102.el7.x86_64", "7Server-RH7-RHOSE-4.3:openshift-clients-redistributable-0:4.3.25-202006060952.git.1.fd93102.el7.x86_64", "7Server-RH7-RHOSE-4.3:openshift-hyperkube-0:4.3.25-202006060952.git.1.96c30f6.el7.ppc64le", "7Server-RH7-RHOSE-4.3:openshift-hyperkube-0:4.3.25-202006060952.git.1.96c30f6.el7.s390x", "7Server-RH7-RHOSE-4.3:openshift-hyperkube-0:4.3.25-202006060952.git.1.96c30f6.el7.x86_64", "8Base-RHOSE-4.3:conmon-2:2.0.17-1.rhaos4.3.el8.ppc64le", "8Base-RHOSE-4.3:conmon-2:2.0.17-1.rhaos4.3.el8.s390x", "8Base-RHOSE-4.3:conmon-2:2.0.17-1.rhaos4.3.el8.src", "8Base-RHOSE-4.3:conmon-2:2.0.17-1.rhaos4.3.el8.x86_64", "8Base-RHOSE-4.3:cri-o-0:1.16.6-15.dev.rhaos4.3.gitebc053b.el8.ppc64le", "8Base-RHOSE-4.3:cri-o-0:1.16.6-15.dev.rhaos4.3.gitebc053b.el8.s390x", "8Base-RHOSE-4.3:cri-o-0:1.16.6-15.dev.rhaos4.3.gitebc053b.el8.src", "8Base-RHOSE-4.3:cri-o-0:1.16.6-15.dev.rhaos4.3.gitebc053b.el8.x86_64", "8Base-RHOSE-4.3:cri-o-debuginfo-0:1.16.6-15.dev.rhaos4.3.gitebc053b.el8.ppc64le", "8Base-RHOSE-4.3:cri-o-debuginfo-0:1.16.6-15.dev.rhaos4.3.gitebc053b.el8.s390x", "8Base-RHOSE-4.3:cri-o-debuginfo-0:1.16.6-15.dev.rhaos4.3.gitebc053b.el8.x86_64", "8Base-RHOSE-4.3:cri-o-debugsource-0:1.16.6-15.dev.rhaos4.3.gitebc053b.el8.ppc64le", "8Base-RHOSE-4.3:cri-o-debugsource-0:1.16.6-15.dev.rhaos4.3.gitebc053b.el8.s390x", "8Base-RHOSE-4.3:cri-o-debugsource-0:1.16.6-15.dev.rhaos4.3.gitebc053b.el8.x86_64", "8Base-RHOSE-4.3:machine-config-daemon-0:4.3.25-202006081518.git.1.478b31a.el8.ppc64le", "8Base-RHOSE-4.3:machine-config-daemon-0:4.3.25-202006081518.git.1.478b31a.el8.s390x", "8Base-RHOSE-4.3:machine-config-daemon-0:4.3.25-202006081518.git.1.478b31a.el8.src", "8Base-RHOSE-4.3:machine-config-daemon-0:4.3.25-202006081518.git.1.478b31a.el8.x86_64", "8Base-RHOSE-4.3:openshift-0:4.3.25-202006060952.git.1.96c30f6.el8.src", "8Base-RHOSE-4.3:openshift-clients-0:4.3.25-202006060952.git.1.fd93102.el8.ppc64le", "8Base-RHOSE-4.3:openshift-clients-0:4.3.25-202006060952.git.1.fd93102.el8.s390x", "8Base-RHOSE-4.3:openshift-clients-0:4.3.25-202006060952.git.1.fd93102.el8.src", "8Base-RHOSE-4.3:openshift-clients-0:4.3.25-202006060952.git.1.fd93102.el8.x86_64", "8Base-RHOSE-4.3:openshift-clients-redistributable-0:4.3.25-202006060952.git.1.fd93102.el8.x86_64", "8Base-RHOSE-4.3:openshift-hyperkube-0:4.3.25-202006060952.git.1.96c30f6.el8.ppc64le", "8Base-RHOSE-4.3:openshift-hyperkube-0:4.3.25-202006060952.git.1.96c30f6.el8.s390x", "8Base-RHOSE-4.3:openshift-hyperkube-0:4.3.25-202006060952.git.1.96c30f6.el8.x86_64", "8Base-RHOSE-4.3:openshift-kuryr-0:4.3.25-202006081518.git.1.240b401.el8.src", "8Base-RHOSE-4.3:openshift-kuryr-cni-0:4.3.25-202006081518.git.1.240b401.el8.noarch", "8Base-RHOSE-4.3:openshift-kuryr-common-0:4.3.25-202006081518.git.1.240b401.el8.noarch", "8Base-RHOSE-4.3:openshift-kuryr-controller-0:4.3.25-202006081518.git.1.240b401.el8.noarch", "8Base-RHOSE-4.3:python3-kuryr-kubernetes-0:4.3.25-202006081518.git.1.240b401.el8.noarch", "8Base-RHOSE-4.3:s390utils-2:2.6.0-23.el8.s390x", "8Base-RHOSE-4.3:s390utils-2:2.6.0-23.el8.src", "8Base-RHOSE-4.3:s390utils-base-2:2.6.0-23.el8.s390x", "8Base-RHOSE-4.3:s390utils-base-debuginfo-2:2.6.0-23.el8.s390x", "8Base-RHOSE-4.3:s390utils-cmsfs-2:2.6.0-23.el8.s390x", "8Base-RHOSE-4.3:s390utils-cmsfs-debuginfo-2:2.6.0-23.el8.s390x", "8Base-RHOSE-4.3:s390utils-cmsfs-fuse-2:2.6.0-23.el8.s390x", "8Base-RHOSE-4.3:s390utils-cmsfs-fuse-debuginfo-2:2.6.0-23.el8.s390x", "8Base-RHOSE-4.3:s390utils-cpacfstatsd-2:2.6.0-23.el8.s390x", "8Base-RHOSE-4.3:s390utils-cpacfstatsd-debuginfo-2:2.6.0-23.el8.s390x", "8Base-RHOSE-4.3:s390utils-cpuplugd-2:2.6.0-23.el8.s390x", "8Base-RHOSE-4.3:s390utils-cpuplugd-debuginfo-2:2.6.0-23.el8.s390x", "8Base-RHOSE-4.3:s390utils-debuginfo-2:2.6.0-23.el8.s390x", "8Base-RHOSE-4.3:s390utils-debugsource-2:2.6.0-23.el8.s390x", "8Base-RHOSE-4.3:s390utils-devel-2:2.6.0-23.el8.s390x", "8Base-RHOSE-4.3:s390utils-hmcdrvfs-2:2.6.0-23.el8.s390x", "8Base-RHOSE-4.3:s390utils-hmcdrvfs-debuginfo-2:2.6.0-23.el8.s390x", "8Base-RHOSE-4.3:s390utils-iucvterm-2:2.6.0-23.el8.s390x", "8Base-RHOSE-4.3:s390utils-iucvterm-debuginfo-2:2.6.0-23.el8.s390x", "8Base-RHOSE-4.3:s390utils-mon_statd-2:2.6.0-23.el8.s390x", "8Base-RHOSE-4.3:s390utils-mon_statd-debuginfo-2:2.6.0-23.el8.s390x", "8Base-RHOSE-4.3:s390utils-osasnmpd-2:2.6.0-23.el8.s390x", "8Base-RHOSE-4.3:s390utils-osasnmpd-debuginfo-2:2.6.0-23.el8.s390x", "8Base-RHOSE-4.3:s390utils-zdsfs-2:2.6.0-23.el8.s390x", "8Base-RHOSE-4.3:s390utils-zdsfs-debuginfo-2:2.6.0-23.el8.s390x", "8Base-RHOSE-4.3:s390utils-ziomon-2:2.6.0-23.el8.s390x", "8Base-RHOSE-4.3:s390utils-ziomon-debuginfo-2:2.6.0-23.el8.s390x" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2020-2160" }, { "category": "external", "summary": "RHBZ#1819190", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1819190" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2020-2160", "url": "https://www.cve.org/CVERecord?id=CVE-2020-2160" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-2160", "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-2160" }, { "category": "external", "summary": "https://jenkins.io/security/advisory/2020-03-25/#SECURITY-1774", "url": "https://jenkins.io/security/advisory/2020-03-25/#SECURITY-1774" } ], "release_date": "2020-03-25T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-06-17T19:44:05+00:00", "details": "For OpenShift Container Platform 4.3 see the following documentation, which\nwill be updated shortly for release 4.3.25, for important instructions on\nhow to upgrade your cluster and fully apply this asynchronous errata\nupdate:\n\nhttps://docs.openshift.com/container-platform/4.3/release_notes/ocp-4-3-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.3/updating/updating-cluster-cli.html.", "product_ids": [ "7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-1:4.3.25-202006081518.git.1.52b3a66.el7.ppc64le", "7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-1:4.3.25-202006081518.git.1.52b3a66.el7.s390x", "7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-1:4.3.25-202006081518.git.1.52b3a66.el7.src", "7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-1:4.3.25-202006081518.git.1.52b3a66.el7.x86_64", "7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-svcat-1:4.3.25-202006081518.git.1.52b3a66.el7.ppc64le", "7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-svcat-1:4.3.25-202006081518.git.1.52b3a66.el7.s390x", "7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-svcat-1:4.3.25-202006081518.git.1.52b3a66.el7.x86_64", "7Server-RH7-RHOSE-4.3:atomic-openshift-service-idler-0:4.3.25-202006081518.git.1.79365c5.el7.ppc64le", "7Server-RH7-RHOSE-4.3:atomic-openshift-service-idler-0:4.3.25-202006081518.git.1.79365c5.el7.s390x", "7Server-RH7-RHOSE-4.3:atomic-openshift-service-idler-0:4.3.25-202006081518.git.1.79365c5.el7.src", "7Server-RH7-RHOSE-4.3:atomic-openshift-service-idler-0:4.3.25-202006081518.git.1.79365c5.el7.x86_64", "7Server-RH7-RHOSE-4.3:conmon-2:2.0.17-1.rhaos4.3.el7.ppc64le", "7Server-RH7-RHOSE-4.3:conmon-2:2.0.17-1.rhaos4.3.el7.s390x", "7Server-RH7-RHOSE-4.3:conmon-2:2.0.17-1.rhaos4.3.el7.src", "7Server-RH7-RHOSE-4.3:conmon-2:2.0.17-1.rhaos4.3.el7.x86_64", "7Server-RH7-RHOSE-4.3:cri-o-0:1.16.6-15.dev.rhaos4.3.gitebc053b.el7.ppc64le", "7Server-RH7-RHOSE-4.3:cri-o-0:1.16.6-15.dev.rhaos4.3.gitebc053b.el7.s390x", "7Server-RH7-RHOSE-4.3:cri-o-0:1.16.6-15.dev.rhaos4.3.gitebc053b.el7.src", "7Server-RH7-RHOSE-4.3:cri-o-0:1.16.6-15.dev.rhaos4.3.gitebc053b.el7.x86_64", "7Server-RH7-RHOSE-4.3:cri-o-debuginfo-0:1.16.6-15.dev.rhaos4.3.gitebc053b.el7.ppc64le", "7Server-RH7-RHOSE-4.3:cri-o-debuginfo-0:1.16.6-15.dev.rhaos4.3.gitebc053b.el7.s390x", "7Server-RH7-RHOSE-4.3:cri-o-debuginfo-0:1.16.6-15.dev.rhaos4.3.gitebc053b.el7.x86_64", "7Server-RH7-RHOSE-4.3:jenkins-0:2.222.1.1591349991-1.el7.noarch", "7Server-RH7-RHOSE-4.3:jenkins-0:2.222.1.1591349991-1.el7.src", "7Server-RH7-RHOSE-4.3:openshift-0:4.3.25-202006060952.git.1.96c30f6.el7.src", "7Server-RH7-RHOSE-4.3:openshift-ansible-0:4.3.25-202006060952.git.1.1253fde.el7.noarch", "7Server-RH7-RHOSE-4.3:openshift-ansible-0:4.3.25-202006060952.git.1.1253fde.el7.src", "7Server-RH7-RHOSE-4.3:openshift-ansible-test-0:4.3.25-202006060952.git.1.1253fde.el7.noarch", "7Server-RH7-RHOSE-4.3:openshift-clients-0:4.3.25-202006060952.git.1.fd93102.el7.ppc64le", "7Server-RH7-RHOSE-4.3:openshift-clients-0:4.3.25-202006060952.git.1.fd93102.el7.s390x", "7Server-RH7-RHOSE-4.3:openshift-clients-0:4.3.25-202006060952.git.1.fd93102.el7.src", "7Server-RH7-RHOSE-4.3:openshift-clients-0:4.3.25-202006060952.git.1.fd93102.el7.x86_64", "7Server-RH7-RHOSE-4.3:openshift-clients-redistributable-0:4.3.25-202006060952.git.1.fd93102.el7.x86_64", "7Server-RH7-RHOSE-4.3:openshift-hyperkube-0:4.3.25-202006060952.git.1.96c30f6.el7.ppc64le", "7Server-RH7-RHOSE-4.3:openshift-hyperkube-0:4.3.25-202006060952.git.1.96c30f6.el7.s390x", "7Server-RH7-RHOSE-4.3:openshift-hyperkube-0:4.3.25-202006060952.git.1.96c30f6.el7.x86_64", "8Base-RHOSE-4.3:conmon-2:2.0.17-1.rhaos4.3.el8.ppc64le", "8Base-RHOSE-4.3:conmon-2:2.0.17-1.rhaos4.3.el8.s390x", "8Base-RHOSE-4.3:conmon-2:2.0.17-1.rhaos4.3.el8.src", "8Base-RHOSE-4.3:conmon-2:2.0.17-1.rhaos4.3.el8.x86_64", "8Base-RHOSE-4.3:cri-o-0:1.16.6-15.dev.rhaos4.3.gitebc053b.el8.ppc64le", "8Base-RHOSE-4.3:cri-o-0:1.16.6-15.dev.rhaos4.3.gitebc053b.el8.s390x", "8Base-RHOSE-4.3:cri-o-0:1.16.6-15.dev.rhaos4.3.gitebc053b.el8.src", "8Base-RHOSE-4.3:cri-o-0:1.16.6-15.dev.rhaos4.3.gitebc053b.el8.x86_64", "8Base-RHOSE-4.3:cri-o-debuginfo-0:1.16.6-15.dev.rhaos4.3.gitebc053b.el8.ppc64le", "8Base-RHOSE-4.3:cri-o-debuginfo-0:1.16.6-15.dev.rhaos4.3.gitebc053b.el8.s390x", "8Base-RHOSE-4.3:cri-o-debuginfo-0:1.16.6-15.dev.rhaos4.3.gitebc053b.el8.x86_64", "8Base-RHOSE-4.3:cri-o-debugsource-0:1.16.6-15.dev.rhaos4.3.gitebc053b.el8.ppc64le", "8Base-RHOSE-4.3:cri-o-debugsource-0:1.16.6-15.dev.rhaos4.3.gitebc053b.el8.s390x", "8Base-RHOSE-4.3:cri-o-debugsource-0:1.16.6-15.dev.rhaos4.3.gitebc053b.el8.x86_64", "8Base-RHOSE-4.3:machine-config-daemon-0:4.3.25-202006081518.git.1.478b31a.el8.ppc64le", "8Base-RHOSE-4.3:machine-config-daemon-0:4.3.25-202006081518.git.1.478b31a.el8.s390x", "8Base-RHOSE-4.3:machine-config-daemon-0:4.3.25-202006081518.git.1.478b31a.el8.src", "8Base-RHOSE-4.3:machine-config-daemon-0:4.3.25-202006081518.git.1.478b31a.el8.x86_64", "8Base-RHOSE-4.3:openshift-0:4.3.25-202006060952.git.1.96c30f6.el8.src", "8Base-RHOSE-4.3:openshift-clients-0:4.3.25-202006060952.git.1.fd93102.el8.ppc64le", "8Base-RHOSE-4.3:openshift-clients-0:4.3.25-202006060952.git.1.fd93102.el8.s390x", "8Base-RHOSE-4.3:openshift-clients-0:4.3.25-202006060952.git.1.fd93102.el8.src", "8Base-RHOSE-4.3:openshift-clients-0:4.3.25-202006060952.git.1.fd93102.el8.x86_64", "8Base-RHOSE-4.3:openshift-clients-redistributable-0:4.3.25-202006060952.git.1.fd93102.el8.x86_64", "8Base-RHOSE-4.3:openshift-hyperkube-0:4.3.25-202006060952.git.1.96c30f6.el8.ppc64le", "8Base-RHOSE-4.3:openshift-hyperkube-0:4.3.25-202006060952.git.1.96c30f6.el8.s390x", "8Base-RHOSE-4.3:openshift-hyperkube-0:4.3.25-202006060952.git.1.96c30f6.el8.x86_64", "8Base-RHOSE-4.3:openshift-kuryr-0:4.3.25-202006081518.git.1.240b401.el8.src", "8Base-RHOSE-4.3:openshift-kuryr-cni-0:4.3.25-202006081518.git.1.240b401.el8.noarch", "8Base-RHOSE-4.3:openshift-kuryr-common-0:4.3.25-202006081518.git.1.240b401.el8.noarch", "8Base-RHOSE-4.3:openshift-kuryr-controller-0:4.3.25-202006081518.git.1.240b401.el8.noarch", "8Base-RHOSE-4.3:python3-kuryr-kubernetes-0:4.3.25-202006081518.git.1.240b401.el8.noarch", "8Base-RHOSE-4.3:s390utils-2:2.6.0-23.el8.s390x", "8Base-RHOSE-4.3:s390utils-2:2.6.0-23.el8.src", "8Base-RHOSE-4.3:s390utils-base-2:2.6.0-23.el8.s390x", "8Base-RHOSE-4.3:s390utils-base-debuginfo-2:2.6.0-23.el8.s390x", "8Base-RHOSE-4.3:s390utils-cmsfs-2:2.6.0-23.el8.s390x", "8Base-RHOSE-4.3:s390utils-cmsfs-debuginfo-2:2.6.0-23.el8.s390x", "8Base-RHOSE-4.3:s390utils-cmsfs-fuse-2:2.6.0-23.el8.s390x", "8Base-RHOSE-4.3:s390utils-cmsfs-fuse-debuginfo-2:2.6.0-23.el8.s390x", "8Base-RHOSE-4.3:s390utils-cpacfstatsd-2:2.6.0-23.el8.s390x", "8Base-RHOSE-4.3:s390utils-cpacfstatsd-debuginfo-2:2.6.0-23.el8.s390x", "8Base-RHOSE-4.3:s390utils-cpuplugd-2:2.6.0-23.el8.s390x", "8Base-RHOSE-4.3:s390utils-cpuplugd-debuginfo-2:2.6.0-23.el8.s390x", "8Base-RHOSE-4.3:s390utils-debuginfo-2:2.6.0-23.el8.s390x", "8Base-RHOSE-4.3:s390utils-debugsource-2:2.6.0-23.el8.s390x", "8Base-RHOSE-4.3:s390utils-devel-2:2.6.0-23.el8.s390x", "8Base-RHOSE-4.3:s390utils-hmcdrvfs-2:2.6.0-23.el8.s390x", "8Base-RHOSE-4.3:s390utils-hmcdrvfs-debuginfo-2:2.6.0-23.el8.s390x", "8Base-RHOSE-4.3:s390utils-iucvterm-2:2.6.0-23.el8.s390x", "8Base-RHOSE-4.3:s390utils-iucvterm-debuginfo-2:2.6.0-23.el8.s390x", "8Base-RHOSE-4.3:s390utils-mon_statd-2:2.6.0-23.el8.s390x", "8Base-RHOSE-4.3:s390utils-mon_statd-debuginfo-2:2.6.0-23.el8.s390x", "8Base-RHOSE-4.3:s390utils-osasnmpd-2:2.6.0-23.el8.s390x", "8Base-RHOSE-4.3:s390utils-osasnmpd-debuginfo-2:2.6.0-23.el8.s390x", "8Base-RHOSE-4.3:s390utils-zdsfs-2:2.6.0-23.el8.s390x", "8Base-RHOSE-4.3:s390utils-zdsfs-debuginfo-2:2.6.0-23.el8.s390x", "8Base-RHOSE-4.3:s390utils-ziomon-2:2.6.0-23.el8.s390x", "8Base-RHOSE-4.3:s390utils-ziomon-debuginfo-2:2.6.0-23.el8.s390x" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHBA-2020:2435" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-1:4.3.25-202006081518.git.1.52b3a66.el7.ppc64le", "7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-1:4.3.25-202006081518.git.1.52b3a66.el7.s390x", "7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-1:4.3.25-202006081518.git.1.52b3a66.el7.src", "7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-1:4.3.25-202006081518.git.1.52b3a66.el7.x86_64", "7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-svcat-1:4.3.25-202006081518.git.1.52b3a66.el7.ppc64le", "7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-svcat-1:4.3.25-202006081518.git.1.52b3a66.el7.s390x", "7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-svcat-1:4.3.25-202006081518.git.1.52b3a66.el7.x86_64", "7Server-RH7-RHOSE-4.3:atomic-openshift-service-idler-0:4.3.25-202006081518.git.1.79365c5.el7.ppc64le", "7Server-RH7-RHOSE-4.3:atomic-openshift-service-idler-0:4.3.25-202006081518.git.1.79365c5.el7.s390x", "7Server-RH7-RHOSE-4.3:atomic-openshift-service-idler-0:4.3.25-202006081518.git.1.79365c5.el7.src", "7Server-RH7-RHOSE-4.3:atomic-openshift-service-idler-0:4.3.25-202006081518.git.1.79365c5.el7.x86_64", "7Server-RH7-RHOSE-4.3:conmon-2:2.0.17-1.rhaos4.3.el7.ppc64le", "7Server-RH7-RHOSE-4.3:conmon-2:2.0.17-1.rhaos4.3.el7.s390x", "7Server-RH7-RHOSE-4.3:conmon-2:2.0.17-1.rhaos4.3.el7.src", "7Server-RH7-RHOSE-4.3:conmon-2:2.0.17-1.rhaos4.3.el7.x86_64", "7Server-RH7-RHOSE-4.3:cri-o-0:1.16.6-15.dev.rhaos4.3.gitebc053b.el7.ppc64le", "7Server-RH7-RHOSE-4.3:cri-o-0:1.16.6-15.dev.rhaos4.3.gitebc053b.el7.s390x", "7Server-RH7-RHOSE-4.3:cri-o-0:1.16.6-15.dev.rhaos4.3.gitebc053b.el7.src", "7Server-RH7-RHOSE-4.3:cri-o-0:1.16.6-15.dev.rhaos4.3.gitebc053b.el7.x86_64", "7Server-RH7-RHOSE-4.3:cri-o-debuginfo-0:1.16.6-15.dev.rhaos4.3.gitebc053b.el7.ppc64le", "7Server-RH7-RHOSE-4.3:cri-o-debuginfo-0:1.16.6-15.dev.rhaos4.3.gitebc053b.el7.s390x", "7Server-RH7-RHOSE-4.3:cri-o-debuginfo-0:1.16.6-15.dev.rhaos4.3.gitebc053b.el7.x86_64", "7Server-RH7-RHOSE-4.3:jenkins-0:2.222.1.1591349991-1.el7.noarch", "7Server-RH7-RHOSE-4.3:jenkins-0:2.222.1.1591349991-1.el7.src", "7Server-RH7-RHOSE-4.3:openshift-0:4.3.25-202006060952.git.1.96c30f6.el7.src", "7Server-RH7-RHOSE-4.3:openshift-ansible-0:4.3.25-202006060952.git.1.1253fde.el7.noarch", "7Server-RH7-RHOSE-4.3:openshift-ansible-0:4.3.25-202006060952.git.1.1253fde.el7.src", "7Server-RH7-RHOSE-4.3:openshift-ansible-test-0:4.3.25-202006060952.git.1.1253fde.el7.noarch", "7Server-RH7-RHOSE-4.3:openshift-clients-0:4.3.25-202006060952.git.1.fd93102.el7.ppc64le", "7Server-RH7-RHOSE-4.3:openshift-clients-0:4.3.25-202006060952.git.1.fd93102.el7.s390x", "7Server-RH7-RHOSE-4.3:openshift-clients-0:4.3.25-202006060952.git.1.fd93102.el7.src", "7Server-RH7-RHOSE-4.3:openshift-clients-0:4.3.25-202006060952.git.1.fd93102.el7.x86_64", "7Server-RH7-RHOSE-4.3:openshift-clients-redistributable-0:4.3.25-202006060952.git.1.fd93102.el7.x86_64", "7Server-RH7-RHOSE-4.3:openshift-hyperkube-0:4.3.25-202006060952.git.1.96c30f6.el7.ppc64le", "7Server-RH7-RHOSE-4.3:openshift-hyperkube-0:4.3.25-202006060952.git.1.96c30f6.el7.s390x", "7Server-RH7-RHOSE-4.3:openshift-hyperkube-0:4.3.25-202006060952.git.1.96c30f6.el7.x86_64", "8Base-RHOSE-4.3:conmon-2:2.0.17-1.rhaos4.3.el8.ppc64le", "8Base-RHOSE-4.3:conmon-2:2.0.17-1.rhaos4.3.el8.s390x", "8Base-RHOSE-4.3:conmon-2:2.0.17-1.rhaos4.3.el8.src", "8Base-RHOSE-4.3:conmon-2:2.0.17-1.rhaos4.3.el8.x86_64", "8Base-RHOSE-4.3:cri-o-0:1.16.6-15.dev.rhaos4.3.gitebc053b.el8.ppc64le", "8Base-RHOSE-4.3:cri-o-0:1.16.6-15.dev.rhaos4.3.gitebc053b.el8.s390x", "8Base-RHOSE-4.3:cri-o-0:1.16.6-15.dev.rhaos4.3.gitebc053b.el8.src", "8Base-RHOSE-4.3:cri-o-0:1.16.6-15.dev.rhaos4.3.gitebc053b.el8.x86_64", "8Base-RHOSE-4.3:cri-o-debuginfo-0:1.16.6-15.dev.rhaos4.3.gitebc053b.el8.ppc64le", "8Base-RHOSE-4.3:cri-o-debuginfo-0:1.16.6-15.dev.rhaos4.3.gitebc053b.el8.s390x", "8Base-RHOSE-4.3:cri-o-debuginfo-0:1.16.6-15.dev.rhaos4.3.gitebc053b.el8.x86_64", "8Base-RHOSE-4.3:cri-o-debugsource-0:1.16.6-15.dev.rhaos4.3.gitebc053b.el8.ppc64le", "8Base-RHOSE-4.3:cri-o-debugsource-0:1.16.6-15.dev.rhaos4.3.gitebc053b.el8.s390x", "8Base-RHOSE-4.3:cri-o-debugsource-0:1.16.6-15.dev.rhaos4.3.gitebc053b.el8.x86_64", "8Base-RHOSE-4.3:machine-config-daemon-0:4.3.25-202006081518.git.1.478b31a.el8.ppc64le", "8Base-RHOSE-4.3:machine-config-daemon-0:4.3.25-202006081518.git.1.478b31a.el8.s390x", "8Base-RHOSE-4.3:machine-config-daemon-0:4.3.25-202006081518.git.1.478b31a.el8.src", "8Base-RHOSE-4.3:machine-config-daemon-0:4.3.25-202006081518.git.1.478b31a.el8.x86_64", "8Base-RHOSE-4.3:openshift-0:4.3.25-202006060952.git.1.96c30f6.el8.src", "8Base-RHOSE-4.3:openshift-clients-0:4.3.25-202006060952.git.1.fd93102.el8.ppc64le", "8Base-RHOSE-4.3:openshift-clients-0:4.3.25-202006060952.git.1.fd93102.el8.s390x", "8Base-RHOSE-4.3:openshift-clients-0:4.3.25-202006060952.git.1.fd93102.el8.src", "8Base-RHOSE-4.3:openshift-clients-0:4.3.25-202006060952.git.1.fd93102.el8.x86_64", "8Base-RHOSE-4.3:openshift-clients-redistributable-0:4.3.25-202006060952.git.1.fd93102.el8.x86_64", "8Base-RHOSE-4.3:openshift-hyperkube-0:4.3.25-202006060952.git.1.96c30f6.el8.ppc64le", "8Base-RHOSE-4.3:openshift-hyperkube-0:4.3.25-202006060952.git.1.96c30f6.el8.s390x", "8Base-RHOSE-4.3:openshift-hyperkube-0:4.3.25-202006060952.git.1.96c30f6.el8.x86_64", "8Base-RHOSE-4.3:openshift-kuryr-0:4.3.25-202006081518.git.1.240b401.el8.src", "8Base-RHOSE-4.3:openshift-kuryr-cni-0:4.3.25-202006081518.git.1.240b401.el8.noarch", "8Base-RHOSE-4.3:openshift-kuryr-common-0:4.3.25-202006081518.git.1.240b401.el8.noarch", "8Base-RHOSE-4.3:openshift-kuryr-controller-0:4.3.25-202006081518.git.1.240b401.el8.noarch", "8Base-RHOSE-4.3:python3-kuryr-kubernetes-0:4.3.25-202006081518.git.1.240b401.el8.noarch", "8Base-RHOSE-4.3:s390utils-2:2.6.0-23.el8.s390x", "8Base-RHOSE-4.3:s390utils-2:2.6.0-23.el8.src", "8Base-RHOSE-4.3:s390utils-base-2:2.6.0-23.el8.s390x", "8Base-RHOSE-4.3:s390utils-base-debuginfo-2:2.6.0-23.el8.s390x", "8Base-RHOSE-4.3:s390utils-cmsfs-2:2.6.0-23.el8.s390x", "8Base-RHOSE-4.3:s390utils-cmsfs-debuginfo-2:2.6.0-23.el8.s390x", "8Base-RHOSE-4.3:s390utils-cmsfs-fuse-2:2.6.0-23.el8.s390x", "8Base-RHOSE-4.3:s390utils-cmsfs-fuse-debuginfo-2:2.6.0-23.el8.s390x", "8Base-RHOSE-4.3:s390utils-cpacfstatsd-2:2.6.0-23.el8.s390x", "8Base-RHOSE-4.3:s390utils-cpacfstatsd-debuginfo-2:2.6.0-23.el8.s390x", "8Base-RHOSE-4.3:s390utils-cpuplugd-2:2.6.0-23.el8.s390x", "8Base-RHOSE-4.3:s390utils-cpuplugd-debuginfo-2:2.6.0-23.el8.s390x", "8Base-RHOSE-4.3:s390utils-debuginfo-2:2.6.0-23.el8.s390x", "8Base-RHOSE-4.3:s390utils-debugsource-2:2.6.0-23.el8.s390x", "8Base-RHOSE-4.3:s390utils-devel-2:2.6.0-23.el8.s390x", "8Base-RHOSE-4.3:s390utils-hmcdrvfs-2:2.6.0-23.el8.s390x", "8Base-RHOSE-4.3:s390utils-hmcdrvfs-debuginfo-2:2.6.0-23.el8.s390x", "8Base-RHOSE-4.3:s390utils-iucvterm-2:2.6.0-23.el8.s390x", "8Base-RHOSE-4.3:s390utils-iucvterm-debuginfo-2:2.6.0-23.el8.s390x", "8Base-RHOSE-4.3:s390utils-mon_statd-2:2.6.0-23.el8.s390x", "8Base-RHOSE-4.3:s390utils-mon_statd-debuginfo-2:2.6.0-23.el8.s390x", "8Base-RHOSE-4.3:s390utils-osasnmpd-2:2.6.0-23.el8.s390x", "8Base-RHOSE-4.3:s390utils-osasnmpd-debuginfo-2:2.6.0-23.el8.s390x", "8Base-RHOSE-4.3:s390utils-zdsfs-2:2.6.0-23.el8.s390x", "8Base-RHOSE-4.3:s390utils-zdsfs-debuginfo-2:2.6.0-23.el8.s390x", "8Base-RHOSE-4.3:s390utils-ziomon-2:2.6.0-23.el8.s390x", "8Base-RHOSE-4.3:s390utils-ziomon-debuginfo-2:2.6.0-23.el8.s390x" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "jenkins: CSRF protection bypass via crafted URLs" }, { "cve": "CVE-2020-2161", "cwe": { "id": "CWE-79", "name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)" }, "discovery_date": "2020-03-26T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1819198" } ], "notes": [ { "category": "description", "text": "Jenkins 2.227 and earlier, LTS 2.204.5 and earlier does not properly escape node labels that are shown in the form validation for label expressions on job configuration pages, resulting in a stored XSS vulnerability exploitable by users able to define node labels.", "title": "Vulnerability description" }, { "category": "summary", "text": "jenkins: XSS in job configuration pages", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-1:4.3.25-202006081518.git.1.52b3a66.el7.ppc64le", "7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-1:4.3.25-202006081518.git.1.52b3a66.el7.s390x", "7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-1:4.3.25-202006081518.git.1.52b3a66.el7.src", "7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-1:4.3.25-202006081518.git.1.52b3a66.el7.x86_64", "7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-svcat-1:4.3.25-202006081518.git.1.52b3a66.el7.ppc64le", "7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-svcat-1:4.3.25-202006081518.git.1.52b3a66.el7.s390x", "7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-svcat-1:4.3.25-202006081518.git.1.52b3a66.el7.x86_64", "7Server-RH7-RHOSE-4.3:atomic-openshift-service-idler-0:4.3.25-202006081518.git.1.79365c5.el7.ppc64le", "7Server-RH7-RHOSE-4.3:atomic-openshift-service-idler-0:4.3.25-202006081518.git.1.79365c5.el7.s390x", "7Server-RH7-RHOSE-4.3:atomic-openshift-service-idler-0:4.3.25-202006081518.git.1.79365c5.el7.src", "7Server-RH7-RHOSE-4.3:atomic-openshift-service-idler-0:4.3.25-202006081518.git.1.79365c5.el7.x86_64", "7Server-RH7-RHOSE-4.3:conmon-2:2.0.17-1.rhaos4.3.el7.ppc64le", "7Server-RH7-RHOSE-4.3:conmon-2:2.0.17-1.rhaos4.3.el7.s390x", "7Server-RH7-RHOSE-4.3:conmon-2:2.0.17-1.rhaos4.3.el7.src", "7Server-RH7-RHOSE-4.3:conmon-2:2.0.17-1.rhaos4.3.el7.x86_64", "7Server-RH7-RHOSE-4.3:cri-o-0:1.16.6-15.dev.rhaos4.3.gitebc053b.el7.ppc64le", "7Server-RH7-RHOSE-4.3:cri-o-0:1.16.6-15.dev.rhaos4.3.gitebc053b.el7.s390x", "7Server-RH7-RHOSE-4.3:cri-o-0:1.16.6-15.dev.rhaos4.3.gitebc053b.el7.src", "7Server-RH7-RHOSE-4.3:cri-o-0:1.16.6-15.dev.rhaos4.3.gitebc053b.el7.x86_64", "7Server-RH7-RHOSE-4.3:cri-o-debuginfo-0:1.16.6-15.dev.rhaos4.3.gitebc053b.el7.ppc64le", "7Server-RH7-RHOSE-4.3:cri-o-debuginfo-0:1.16.6-15.dev.rhaos4.3.gitebc053b.el7.s390x", "7Server-RH7-RHOSE-4.3:cri-o-debuginfo-0:1.16.6-15.dev.rhaos4.3.gitebc053b.el7.x86_64", "7Server-RH7-RHOSE-4.3:jenkins-0:2.222.1.1591349991-1.el7.noarch", "7Server-RH7-RHOSE-4.3:jenkins-0:2.222.1.1591349991-1.el7.src", "7Server-RH7-RHOSE-4.3:openshift-0:4.3.25-202006060952.git.1.96c30f6.el7.src", "7Server-RH7-RHOSE-4.3:openshift-ansible-0:4.3.25-202006060952.git.1.1253fde.el7.noarch", "7Server-RH7-RHOSE-4.3:openshift-ansible-0:4.3.25-202006060952.git.1.1253fde.el7.src", "7Server-RH7-RHOSE-4.3:openshift-ansible-test-0:4.3.25-202006060952.git.1.1253fde.el7.noarch", "7Server-RH7-RHOSE-4.3:openshift-clients-0:4.3.25-202006060952.git.1.fd93102.el7.ppc64le", "7Server-RH7-RHOSE-4.3:openshift-clients-0:4.3.25-202006060952.git.1.fd93102.el7.s390x", "7Server-RH7-RHOSE-4.3:openshift-clients-0:4.3.25-202006060952.git.1.fd93102.el7.src", "7Server-RH7-RHOSE-4.3:openshift-clients-0:4.3.25-202006060952.git.1.fd93102.el7.x86_64", "7Server-RH7-RHOSE-4.3:openshift-clients-redistributable-0:4.3.25-202006060952.git.1.fd93102.el7.x86_64", "7Server-RH7-RHOSE-4.3:openshift-hyperkube-0:4.3.25-202006060952.git.1.96c30f6.el7.ppc64le", "7Server-RH7-RHOSE-4.3:openshift-hyperkube-0:4.3.25-202006060952.git.1.96c30f6.el7.s390x", "7Server-RH7-RHOSE-4.3:openshift-hyperkube-0:4.3.25-202006060952.git.1.96c30f6.el7.x86_64", "8Base-RHOSE-4.3:conmon-2:2.0.17-1.rhaos4.3.el8.ppc64le", "8Base-RHOSE-4.3:conmon-2:2.0.17-1.rhaos4.3.el8.s390x", "8Base-RHOSE-4.3:conmon-2:2.0.17-1.rhaos4.3.el8.src", "8Base-RHOSE-4.3:conmon-2:2.0.17-1.rhaos4.3.el8.x86_64", "8Base-RHOSE-4.3:cri-o-0:1.16.6-15.dev.rhaos4.3.gitebc053b.el8.ppc64le", "8Base-RHOSE-4.3:cri-o-0:1.16.6-15.dev.rhaos4.3.gitebc053b.el8.s390x", "8Base-RHOSE-4.3:cri-o-0:1.16.6-15.dev.rhaos4.3.gitebc053b.el8.src", "8Base-RHOSE-4.3:cri-o-0:1.16.6-15.dev.rhaos4.3.gitebc053b.el8.x86_64", "8Base-RHOSE-4.3:cri-o-debuginfo-0:1.16.6-15.dev.rhaos4.3.gitebc053b.el8.ppc64le", "8Base-RHOSE-4.3:cri-o-debuginfo-0:1.16.6-15.dev.rhaos4.3.gitebc053b.el8.s390x", "8Base-RHOSE-4.3:cri-o-debuginfo-0:1.16.6-15.dev.rhaos4.3.gitebc053b.el8.x86_64", "8Base-RHOSE-4.3:cri-o-debugsource-0:1.16.6-15.dev.rhaos4.3.gitebc053b.el8.ppc64le", "8Base-RHOSE-4.3:cri-o-debugsource-0:1.16.6-15.dev.rhaos4.3.gitebc053b.el8.s390x", "8Base-RHOSE-4.3:cri-o-debugsource-0:1.16.6-15.dev.rhaos4.3.gitebc053b.el8.x86_64", "8Base-RHOSE-4.3:machine-config-daemon-0:4.3.25-202006081518.git.1.478b31a.el8.ppc64le", "8Base-RHOSE-4.3:machine-config-daemon-0:4.3.25-202006081518.git.1.478b31a.el8.s390x", "8Base-RHOSE-4.3:machine-config-daemon-0:4.3.25-202006081518.git.1.478b31a.el8.src", "8Base-RHOSE-4.3:machine-config-daemon-0:4.3.25-202006081518.git.1.478b31a.el8.x86_64", "8Base-RHOSE-4.3:openshift-0:4.3.25-202006060952.git.1.96c30f6.el8.src", "8Base-RHOSE-4.3:openshift-clients-0:4.3.25-202006060952.git.1.fd93102.el8.ppc64le", "8Base-RHOSE-4.3:openshift-clients-0:4.3.25-202006060952.git.1.fd93102.el8.s390x", "8Base-RHOSE-4.3:openshift-clients-0:4.3.25-202006060952.git.1.fd93102.el8.src", "8Base-RHOSE-4.3:openshift-clients-0:4.3.25-202006060952.git.1.fd93102.el8.x86_64", "8Base-RHOSE-4.3:openshift-clients-redistributable-0:4.3.25-202006060952.git.1.fd93102.el8.x86_64", "8Base-RHOSE-4.3:openshift-hyperkube-0:4.3.25-202006060952.git.1.96c30f6.el8.ppc64le", "8Base-RHOSE-4.3:openshift-hyperkube-0:4.3.25-202006060952.git.1.96c30f6.el8.s390x", "8Base-RHOSE-4.3:openshift-hyperkube-0:4.3.25-202006060952.git.1.96c30f6.el8.x86_64", "8Base-RHOSE-4.3:openshift-kuryr-0:4.3.25-202006081518.git.1.240b401.el8.src", "8Base-RHOSE-4.3:openshift-kuryr-cni-0:4.3.25-202006081518.git.1.240b401.el8.noarch", "8Base-RHOSE-4.3:openshift-kuryr-common-0:4.3.25-202006081518.git.1.240b401.el8.noarch", "8Base-RHOSE-4.3:openshift-kuryr-controller-0:4.3.25-202006081518.git.1.240b401.el8.noarch", "8Base-RHOSE-4.3:python3-kuryr-kubernetes-0:4.3.25-202006081518.git.1.240b401.el8.noarch", "8Base-RHOSE-4.3:s390utils-2:2.6.0-23.el8.s390x", "8Base-RHOSE-4.3:s390utils-2:2.6.0-23.el8.src", "8Base-RHOSE-4.3:s390utils-base-2:2.6.0-23.el8.s390x", "8Base-RHOSE-4.3:s390utils-base-debuginfo-2:2.6.0-23.el8.s390x", "8Base-RHOSE-4.3:s390utils-cmsfs-2:2.6.0-23.el8.s390x", "8Base-RHOSE-4.3:s390utils-cmsfs-debuginfo-2:2.6.0-23.el8.s390x", "8Base-RHOSE-4.3:s390utils-cmsfs-fuse-2:2.6.0-23.el8.s390x", "8Base-RHOSE-4.3:s390utils-cmsfs-fuse-debuginfo-2:2.6.0-23.el8.s390x", "8Base-RHOSE-4.3:s390utils-cpacfstatsd-2:2.6.0-23.el8.s390x", "8Base-RHOSE-4.3:s390utils-cpacfstatsd-debuginfo-2:2.6.0-23.el8.s390x", "8Base-RHOSE-4.3:s390utils-cpuplugd-2:2.6.0-23.el8.s390x", "8Base-RHOSE-4.3:s390utils-cpuplugd-debuginfo-2:2.6.0-23.el8.s390x", "8Base-RHOSE-4.3:s390utils-debuginfo-2:2.6.0-23.el8.s390x", "8Base-RHOSE-4.3:s390utils-debugsource-2:2.6.0-23.el8.s390x", "8Base-RHOSE-4.3:s390utils-devel-2:2.6.0-23.el8.s390x", "8Base-RHOSE-4.3:s390utils-hmcdrvfs-2:2.6.0-23.el8.s390x", "8Base-RHOSE-4.3:s390utils-hmcdrvfs-debuginfo-2:2.6.0-23.el8.s390x", "8Base-RHOSE-4.3:s390utils-iucvterm-2:2.6.0-23.el8.s390x", "8Base-RHOSE-4.3:s390utils-iucvterm-debuginfo-2:2.6.0-23.el8.s390x", "8Base-RHOSE-4.3:s390utils-mon_statd-2:2.6.0-23.el8.s390x", "8Base-RHOSE-4.3:s390utils-mon_statd-debuginfo-2:2.6.0-23.el8.s390x", "8Base-RHOSE-4.3:s390utils-osasnmpd-2:2.6.0-23.el8.s390x", "8Base-RHOSE-4.3:s390utils-osasnmpd-debuginfo-2:2.6.0-23.el8.s390x", "8Base-RHOSE-4.3:s390utils-zdsfs-2:2.6.0-23.el8.s390x", "8Base-RHOSE-4.3:s390utils-zdsfs-debuginfo-2:2.6.0-23.el8.s390x", "8Base-RHOSE-4.3:s390utils-ziomon-2:2.6.0-23.el8.s390x", "8Base-RHOSE-4.3:s390utils-ziomon-debuginfo-2:2.6.0-23.el8.s390x" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2020-2161" }, { "category": "external", "summary": "RHBZ#1819198", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1819198" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2020-2161", "url": "https://www.cve.org/CVERecord?id=CVE-2020-2161" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-2161", "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-2161" }, { "category": "external", "summary": "https://jenkins.io/security/advisory/2020-03-25/#SECURITY-1781", "url": "https://jenkins.io/security/advisory/2020-03-25/#SECURITY-1781" } ], "release_date": "2020-03-25T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-06-17T19:44:05+00:00", "details": "For OpenShift Container Platform 4.3 see the following documentation, which\nwill be updated shortly for release 4.3.25, for important instructions on\nhow to upgrade your cluster and fully apply this asynchronous errata\nupdate:\n\nhttps://docs.openshift.com/container-platform/4.3/release_notes/ocp-4-3-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.3/updating/updating-cluster-cli.html.", "product_ids": [ "7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-1:4.3.25-202006081518.git.1.52b3a66.el7.ppc64le", "7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-1:4.3.25-202006081518.git.1.52b3a66.el7.s390x", "7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-1:4.3.25-202006081518.git.1.52b3a66.el7.src", "7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-1:4.3.25-202006081518.git.1.52b3a66.el7.x86_64", "7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-svcat-1:4.3.25-202006081518.git.1.52b3a66.el7.ppc64le", "7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-svcat-1:4.3.25-202006081518.git.1.52b3a66.el7.s390x", "7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-svcat-1:4.3.25-202006081518.git.1.52b3a66.el7.x86_64", "7Server-RH7-RHOSE-4.3:atomic-openshift-service-idler-0:4.3.25-202006081518.git.1.79365c5.el7.ppc64le", "7Server-RH7-RHOSE-4.3:atomic-openshift-service-idler-0:4.3.25-202006081518.git.1.79365c5.el7.s390x", "7Server-RH7-RHOSE-4.3:atomic-openshift-service-idler-0:4.3.25-202006081518.git.1.79365c5.el7.src", "7Server-RH7-RHOSE-4.3:atomic-openshift-service-idler-0:4.3.25-202006081518.git.1.79365c5.el7.x86_64", "7Server-RH7-RHOSE-4.3:conmon-2:2.0.17-1.rhaos4.3.el7.ppc64le", "7Server-RH7-RHOSE-4.3:conmon-2:2.0.17-1.rhaos4.3.el7.s390x", "7Server-RH7-RHOSE-4.3:conmon-2:2.0.17-1.rhaos4.3.el7.src", "7Server-RH7-RHOSE-4.3:conmon-2:2.0.17-1.rhaos4.3.el7.x86_64", "7Server-RH7-RHOSE-4.3:cri-o-0:1.16.6-15.dev.rhaos4.3.gitebc053b.el7.ppc64le", "7Server-RH7-RHOSE-4.3:cri-o-0:1.16.6-15.dev.rhaos4.3.gitebc053b.el7.s390x", "7Server-RH7-RHOSE-4.3:cri-o-0:1.16.6-15.dev.rhaos4.3.gitebc053b.el7.src", "7Server-RH7-RHOSE-4.3:cri-o-0:1.16.6-15.dev.rhaos4.3.gitebc053b.el7.x86_64", "7Server-RH7-RHOSE-4.3:cri-o-debuginfo-0:1.16.6-15.dev.rhaos4.3.gitebc053b.el7.ppc64le", "7Server-RH7-RHOSE-4.3:cri-o-debuginfo-0:1.16.6-15.dev.rhaos4.3.gitebc053b.el7.s390x", "7Server-RH7-RHOSE-4.3:cri-o-debuginfo-0:1.16.6-15.dev.rhaos4.3.gitebc053b.el7.x86_64", "7Server-RH7-RHOSE-4.3:jenkins-0:2.222.1.1591349991-1.el7.noarch", "7Server-RH7-RHOSE-4.3:jenkins-0:2.222.1.1591349991-1.el7.src", "7Server-RH7-RHOSE-4.3:openshift-0:4.3.25-202006060952.git.1.96c30f6.el7.src", "7Server-RH7-RHOSE-4.3:openshift-ansible-0:4.3.25-202006060952.git.1.1253fde.el7.noarch", "7Server-RH7-RHOSE-4.3:openshift-ansible-0:4.3.25-202006060952.git.1.1253fde.el7.src", "7Server-RH7-RHOSE-4.3:openshift-ansible-test-0:4.3.25-202006060952.git.1.1253fde.el7.noarch", "7Server-RH7-RHOSE-4.3:openshift-clients-0:4.3.25-202006060952.git.1.fd93102.el7.ppc64le", "7Server-RH7-RHOSE-4.3:openshift-clients-0:4.3.25-202006060952.git.1.fd93102.el7.s390x", "7Server-RH7-RHOSE-4.3:openshift-clients-0:4.3.25-202006060952.git.1.fd93102.el7.src", "7Server-RH7-RHOSE-4.3:openshift-clients-0:4.3.25-202006060952.git.1.fd93102.el7.x86_64", "7Server-RH7-RHOSE-4.3:openshift-clients-redistributable-0:4.3.25-202006060952.git.1.fd93102.el7.x86_64", "7Server-RH7-RHOSE-4.3:openshift-hyperkube-0:4.3.25-202006060952.git.1.96c30f6.el7.ppc64le", "7Server-RH7-RHOSE-4.3:openshift-hyperkube-0:4.3.25-202006060952.git.1.96c30f6.el7.s390x", "7Server-RH7-RHOSE-4.3:openshift-hyperkube-0:4.3.25-202006060952.git.1.96c30f6.el7.x86_64", "8Base-RHOSE-4.3:conmon-2:2.0.17-1.rhaos4.3.el8.ppc64le", "8Base-RHOSE-4.3:conmon-2:2.0.17-1.rhaos4.3.el8.s390x", "8Base-RHOSE-4.3:conmon-2:2.0.17-1.rhaos4.3.el8.src", "8Base-RHOSE-4.3:conmon-2:2.0.17-1.rhaos4.3.el8.x86_64", "8Base-RHOSE-4.3:cri-o-0:1.16.6-15.dev.rhaos4.3.gitebc053b.el8.ppc64le", "8Base-RHOSE-4.3:cri-o-0:1.16.6-15.dev.rhaos4.3.gitebc053b.el8.s390x", "8Base-RHOSE-4.3:cri-o-0:1.16.6-15.dev.rhaos4.3.gitebc053b.el8.src", "8Base-RHOSE-4.3:cri-o-0:1.16.6-15.dev.rhaos4.3.gitebc053b.el8.x86_64", "8Base-RHOSE-4.3:cri-o-debuginfo-0:1.16.6-15.dev.rhaos4.3.gitebc053b.el8.ppc64le", "8Base-RHOSE-4.3:cri-o-debuginfo-0:1.16.6-15.dev.rhaos4.3.gitebc053b.el8.s390x", "8Base-RHOSE-4.3:cri-o-debuginfo-0:1.16.6-15.dev.rhaos4.3.gitebc053b.el8.x86_64", "8Base-RHOSE-4.3:cri-o-debugsource-0:1.16.6-15.dev.rhaos4.3.gitebc053b.el8.ppc64le", "8Base-RHOSE-4.3:cri-o-debugsource-0:1.16.6-15.dev.rhaos4.3.gitebc053b.el8.s390x", "8Base-RHOSE-4.3:cri-o-debugsource-0:1.16.6-15.dev.rhaos4.3.gitebc053b.el8.x86_64", "8Base-RHOSE-4.3:machine-config-daemon-0:4.3.25-202006081518.git.1.478b31a.el8.ppc64le", "8Base-RHOSE-4.3:machine-config-daemon-0:4.3.25-202006081518.git.1.478b31a.el8.s390x", "8Base-RHOSE-4.3:machine-config-daemon-0:4.3.25-202006081518.git.1.478b31a.el8.src", "8Base-RHOSE-4.3:machine-config-daemon-0:4.3.25-202006081518.git.1.478b31a.el8.x86_64", "8Base-RHOSE-4.3:openshift-0:4.3.25-202006060952.git.1.96c30f6.el8.src", "8Base-RHOSE-4.3:openshift-clients-0:4.3.25-202006060952.git.1.fd93102.el8.ppc64le", "8Base-RHOSE-4.3:openshift-clients-0:4.3.25-202006060952.git.1.fd93102.el8.s390x", "8Base-RHOSE-4.3:openshift-clients-0:4.3.25-202006060952.git.1.fd93102.el8.src", "8Base-RHOSE-4.3:openshift-clients-0:4.3.25-202006060952.git.1.fd93102.el8.x86_64", "8Base-RHOSE-4.3:openshift-clients-redistributable-0:4.3.25-202006060952.git.1.fd93102.el8.x86_64", "8Base-RHOSE-4.3:openshift-hyperkube-0:4.3.25-202006060952.git.1.96c30f6.el8.ppc64le", "8Base-RHOSE-4.3:openshift-hyperkube-0:4.3.25-202006060952.git.1.96c30f6.el8.s390x", "8Base-RHOSE-4.3:openshift-hyperkube-0:4.3.25-202006060952.git.1.96c30f6.el8.x86_64", "8Base-RHOSE-4.3:openshift-kuryr-0:4.3.25-202006081518.git.1.240b401.el8.src", "8Base-RHOSE-4.3:openshift-kuryr-cni-0:4.3.25-202006081518.git.1.240b401.el8.noarch", "8Base-RHOSE-4.3:openshift-kuryr-common-0:4.3.25-202006081518.git.1.240b401.el8.noarch", "8Base-RHOSE-4.3:openshift-kuryr-controller-0:4.3.25-202006081518.git.1.240b401.el8.noarch", "8Base-RHOSE-4.3:python3-kuryr-kubernetes-0:4.3.25-202006081518.git.1.240b401.el8.noarch", "8Base-RHOSE-4.3:s390utils-2:2.6.0-23.el8.s390x", "8Base-RHOSE-4.3:s390utils-2:2.6.0-23.el8.src", "8Base-RHOSE-4.3:s390utils-base-2:2.6.0-23.el8.s390x", "8Base-RHOSE-4.3:s390utils-base-debuginfo-2:2.6.0-23.el8.s390x", "8Base-RHOSE-4.3:s390utils-cmsfs-2:2.6.0-23.el8.s390x", "8Base-RHOSE-4.3:s390utils-cmsfs-debuginfo-2:2.6.0-23.el8.s390x", "8Base-RHOSE-4.3:s390utils-cmsfs-fuse-2:2.6.0-23.el8.s390x", "8Base-RHOSE-4.3:s390utils-cmsfs-fuse-debuginfo-2:2.6.0-23.el8.s390x", "8Base-RHOSE-4.3:s390utils-cpacfstatsd-2:2.6.0-23.el8.s390x", "8Base-RHOSE-4.3:s390utils-cpacfstatsd-debuginfo-2:2.6.0-23.el8.s390x", "8Base-RHOSE-4.3:s390utils-cpuplugd-2:2.6.0-23.el8.s390x", "8Base-RHOSE-4.3:s390utils-cpuplugd-debuginfo-2:2.6.0-23.el8.s390x", "8Base-RHOSE-4.3:s390utils-debuginfo-2:2.6.0-23.el8.s390x", "8Base-RHOSE-4.3:s390utils-debugsource-2:2.6.0-23.el8.s390x", "8Base-RHOSE-4.3:s390utils-devel-2:2.6.0-23.el8.s390x", "8Base-RHOSE-4.3:s390utils-hmcdrvfs-2:2.6.0-23.el8.s390x", "8Base-RHOSE-4.3:s390utils-hmcdrvfs-debuginfo-2:2.6.0-23.el8.s390x", "8Base-RHOSE-4.3:s390utils-iucvterm-2:2.6.0-23.el8.s390x", "8Base-RHOSE-4.3:s390utils-iucvterm-debuginfo-2:2.6.0-23.el8.s390x", "8Base-RHOSE-4.3:s390utils-mon_statd-2:2.6.0-23.el8.s390x", "8Base-RHOSE-4.3:s390utils-mon_statd-debuginfo-2:2.6.0-23.el8.s390x", "8Base-RHOSE-4.3:s390utils-osasnmpd-2:2.6.0-23.el8.s390x", "8Base-RHOSE-4.3:s390utils-osasnmpd-debuginfo-2:2.6.0-23.el8.s390x", "8Base-RHOSE-4.3:s390utils-zdsfs-2:2.6.0-23.el8.s390x", "8Base-RHOSE-4.3:s390utils-zdsfs-debuginfo-2:2.6.0-23.el8.s390x", "8Base-RHOSE-4.3:s390utils-ziomon-2:2.6.0-23.el8.s390x", "8Base-RHOSE-4.3:s390utils-ziomon-debuginfo-2:2.6.0-23.el8.s390x" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHBA-2020:2435" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", "version": "3.1" }, "products": [ "7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-1:4.3.25-202006081518.git.1.52b3a66.el7.ppc64le", "7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-1:4.3.25-202006081518.git.1.52b3a66.el7.s390x", "7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-1:4.3.25-202006081518.git.1.52b3a66.el7.src", "7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-1:4.3.25-202006081518.git.1.52b3a66.el7.x86_64", "7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-svcat-1:4.3.25-202006081518.git.1.52b3a66.el7.ppc64le", "7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-svcat-1:4.3.25-202006081518.git.1.52b3a66.el7.s390x", "7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-svcat-1:4.3.25-202006081518.git.1.52b3a66.el7.x86_64", "7Server-RH7-RHOSE-4.3:atomic-openshift-service-idler-0:4.3.25-202006081518.git.1.79365c5.el7.ppc64le", "7Server-RH7-RHOSE-4.3:atomic-openshift-service-idler-0:4.3.25-202006081518.git.1.79365c5.el7.s390x", "7Server-RH7-RHOSE-4.3:atomic-openshift-service-idler-0:4.3.25-202006081518.git.1.79365c5.el7.src", "7Server-RH7-RHOSE-4.3:atomic-openshift-service-idler-0:4.3.25-202006081518.git.1.79365c5.el7.x86_64", "7Server-RH7-RHOSE-4.3:conmon-2:2.0.17-1.rhaos4.3.el7.ppc64le", "7Server-RH7-RHOSE-4.3:conmon-2:2.0.17-1.rhaos4.3.el7.s390x", "7Server-RH7-RHOSE-4.3:conmon-2:2.0.17-1.rhaos4.3.el7.src", "7Server-RH7-RHOSE-4.3:conmon-2:2.0.17-1.rhaos4.3.el7.x86_64", "7Server-RH7-RHOSE-4.3:cri-o-0:1.16.6-15.dev.rhaos4.3.gitebc053b.el7.ppc64le", "7Server-RH7-RHOSE-4.3:cri-o-0:1.16.6-15.dev.rhaos4.3.gitebc053b.el7.s390x", "7Server-RH7-RHOSE-4.3:cri-o-0:1.16.6-15.dev.rhaos4.3.gitebc053b.el7.src", "7Server-RH7-RHOSE-4.3:cri-o-0:1.16.6-15.dev.rhaos4.3.gitebc053b.el7.x86_64", "7Server-RH7-RHOSE-4.3:cri-o-debuginfo-0:1.16.6-15.dev.rhaos4.3.gitebc053b.el7.ppc64le", "7Server-RH7-RHOSE-4.3:cri-o-debuginfo-0:1.16.6-15.dev.rhaos4.3.gitebc053b.el7.s390x", "7Server-RH7-RHOSE-4.3:cri-o-debuginfo-0:1.16.6-15.dev.rhaos4.3.gitebc053b.el7.x86_64", "7Server-RH7-RHOSE-4.3:jenkins-0:2.222.1.1591349991-1.el7.noarch", "7Server-RH7-RHOSE-4.3:jenkins-0:2.222.1.1591349991-1.el7.src", "7Server-RH7-RHOSE-4.3:openshift-0:4.3.25-202006060952.git.1.96c30f6.el7.src", "7Server-RH7-RHOSE-4.3:openshift-ansible-0:4.3.25-202006060952.git.1.1253fde.el7.noarch", "7Server-RH7-RHOSE-4.3:openshift-ansible-0:4.3.25-202006060952.git.1.1253fde.el7.src", "7Server-RH7-RHOSE-4.3:openshift-ansible-test-0:4.3.25-202006060952.git.1.1253fde.el7.noarch", "7Server-RH7-RHOSE-4.3:openshift-clients-0:4.3.25-202006060952.git.1.fd93102.el7.ppc64le", "7Server-RH7-RHOSE-4.3:openshift-clients-0:4.3.25-202006060952.git.1.fd93102.el7.s390x", "7Server-RH7-RHOSE-4.3:openshift-clients-0:4.3.25-202006060952.git.1.fd93102.el7.src", "7Server-RH7-RHOSE-4.3:openshift-clients-0:4.3.25-202006060952.git.1.fd93102.el7.x86_64", "7Server-RH7-RHOSE-4.3:openshift-clients-redistributable-0:4.3.25-202006060952.git.1.fd93102.el7.x86_64", "7Server-RH7-RHOSE-4.3:openshift-hyperkube-0:4.3.25-202006060952.git.1.96c30f6.el7.ppc64le", "7Server-RH7-RHOSE-4.3:openshift-hyperkube-0:4.3.25-202006060952.git.1.96c30f6.el7.s390x", "7Server-RH7-RHOSE-4.3:openshift-hyperkube-0:4.3.25-202006060952.git.1.96c30f6.el7.x86_64", "8Base-RHOSE-4.3:conmon-2:2.0.17-1.rhaos4.3.el8.ppc64le", "8Base-RHOSE-4.3:conmon-2:2.0.17-1.rhaos4.3.el8.s390x", "8Base-RHOSE-4.3:conmon-2:2.0.17-1.rhaos4.3.el8.src", "8Base-RHOSE-4.3:conmon-2:2.0.17-1.rhaos4.3.el8.x86_64", "8Base-RHOSE-4.3:cri-o-0:1.16.6-15.dev.rhaos4.3.gitebc053b.el8.ppc64le", "8Base-RHOSE-4.3:cri-o-0:1.16.6-15.dev.rhaos4.3.gitebc053b.el8.s390x", "8Base-RHOSE-4.3:cri-o-0:1.16.6-15.dev.rhaos4.3.gitebc053b.el8.src", "8Base-RHOSE-4.3:cri-o-0:1.16.6-15.dev.rhaos4.3.gitebc053b.el8.x86_64", "8Base-RHOSE-4.3:cri-o-debuginfo-0:1.16.6-15.dev.rhaos4.3.gitebc053b.el8.ppc64le", "8Base-RHOSE-4.3:cri-o-debuginfo-0:1.16.6-15.dev.rhaos4.3.gitebc053b.el8.s390x", "8Base-RHOSE-4.3:cri-o-debuginfo-0:1.16.6-15.dev.rhaos4.3.gitebc053b.el8.x86_64", "8Base-RHOSE-4.3:cri-o-debugsource-0:1.16.6-15.dev.rhaos4.3.gitebc053b.el8.ppc64le", "8Base-RHOSE-4.3:cri-o-debugsource-0:1.16.6-15.dev.rhaos4.3.gitebc053b.el8.s390x", "8Base-RHOSE-4.3:cri-o-debugsource-0:1.16.6-15.dev.rhaos4.3.gitebc053b.el8.x86_64", "8Base-RHOSE-4.3:machine-config-daemon-0:4.3.25-202006081518.git.1.478b31a.el8.ppc64le", "8Base-RHOSE-4.3:machine-config-daemon-0:4.3.25-202006081518.git.1.478b31a.el8.s390x", "8Base-RHOSE-4.3:machine-config-daemon-0:4.3.25-202006081518.git.1.478b31a.el8.src", "8Base-RHOSE-4.3:machine-config-daemon-0:4.3.25-202006081518.git.1.478b31a.el8.x86_64", "8Base-RHOSE-4.3:openshift-0:4.3.25-202006060952.git.1.96c30f6.el8.src", "8Base-RHOSE-4.3:openshift-clients-0:4.3.25-202006060952.git.1.fd93102.el8.ppc64le", "8Base-RHOSE-4.3:openshift-clients-0:4.3.25-202006060952.git.1.fd93102.el8.s390x", "8Base-RHOSE-4.3:openshift-clients-0:4.3.25-202006060952.git.1.fd93102.el8.src", "8Base-RHOSE-4.3:openshift-clients-0:4.3.25-202006060952.git.1.fd93102.el8.x86_64", "8Base-RHOSE-4.3:openshift-clients-redistributable-0:4.3.25-202006060952.git.1.fd93102.el8.x86_64", "8Base-RHOSE-4.3:openshift-hyperkube-0:4.3.25-202006060952.git.1.96c30f6.el8.ppc64le", "8Base-RHOSE-4.3:openshift-hyperkube-0:4.3.25-202006060952.git.1.96c30f6.el8.s390x", "8Base-RHOSE-4.3:openshift-hyperkube-0:4.3.25-202006060952.git.1.96c30f6.el8.x86_64", "8Base-RHOSE-4.3:openshift-kuryr-0:4.3.25-202006081518.git.1.240b401.el8.src", "8Base-RHOSE-4.3:openshift-kuryr-cni-0:4.3.25-202006081518.git.1.240b401.el8.noarch", "8Base-RHOSE-4.3:openshift-kuryr-common-0:4.3.25-202006081518.git.1.240b401.el8.noarch", "8Base-RHOSE-4.3:openshift-kuryr-controller-0:4.3.25-202006081518.git.1.240b401.el8.noarch", "8Base-RHOSE-4.3:python3-kuryr-kubernetes-0:4.3.25-202006081518.git.1.240b401.el8.noarch", "8Base-RHOSE-4.3:s390utils-2:2.6.0-23.el8.s390x", "8Base-RHOSE-4.3:s390utils-2:2.6.0-23.el8.src", "8Base-RHOSE-4.3:s390utils-base-2:2.6.0-23.el8.s390x", "8Base-RHOSE-4.3:s390utils-base-debuginfo-2:2.6.0-23.el8.s390x", "8Base-RHOSE-4.3:s390utils-cmsfs-2:2.6.0-23.el8.s390x", "8Base-RHOSE-4.3:s390utils-cmsfs-debuginfo-2:2.6.0-23.el8.s390x", "8Base-RHOSE-4.3:s390utils-cmsfs-fuse-2:2.6.0-23.el8.s390x", "8Base-RHOSE-4.3:s390utils-cmsfs-fuse-debuginfo-2:2.6.0-23.el8.s390x", "8Base-RHOSE-4.3:s390utils-cpacfstatsd-2:2.6.0-23.el8.s390x", "8Base-RHOSE-4.3:s390utils-cpacfstatsd-debuginfo-2:2.6.0-23.el8.s390x", "8Base-RHOSE-4.3:s390utils-cpuplugd-2:2.6.0-23.el8.s390x", "8Base-RHOSE-4.3:s390utils-cpuplugd-debuginfo-2:2.6.0-23.el8.s390x", "8Base-RHOSE-4.3:s390utils-debuginfo-2:2.6.0-23.el8.s390x", "8Base-RHOSE-4.3:s390utils-debugsource-2:2.6.0-23.el8.s390x", "8Base-RHOSE-4.3:s390utils-devel-2:2.6.0-23.el8.s390x", "8Base-RHOSE-4.3:s390utils-hmcdrvfs-2:2.6.0-23.el8.s390x", "8Base-RHOSE-4.3:s390utils-hmcdrvfs-debuginfo-2:2.6.0-23.el8.s390x", "8Base-RHOSE-4.3:s390utils-iucvterm-2:2.6.0-23.el8.s390x", "8Base-RHOSE-4.3:s390utils-iucvterm-debuginfo-2:2.6.0-23.el8.s390x", "8Base-RHOSE-4.3:s390utils-mon_statd-2:2.6.0-23.el8.s390x", "8Base-RHOSE-4.3:s390utils-mon_statd-debuginfo-2:2.6.0-23.el8.s390x", "8Base-RHOSE-4.3:s390utils-osasnmpd-2:2.6.0-23.el8.s390x", "8Base-RHOSE-4.3:s390utils-osasnmpd-debuginfo-2:2.6.0-23.el8.s390x", "8Base-RHOSE-4.3:s390utils-zdsfs-2:2.6.0-23.el8.s390x", "8Base-RHOSE-4.3:s390utils-zdsfs-debuginfo-2:2.6.0-23.el8.s390x", "8Base-RHOSE-4.3:s390utils-ziomon-2:2.6.0-23.el8.s390x", "8Base-RHOSE-4.3:s390utils-ziomon-debuginfo-2:2.6.0-23.el8.s390x" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "jenkins: XSS in job configuration pages" }, { "cve": "CVE-2020-2162", "cwe": { "id": "CWE-79", "name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)" }, "discovery_date": "2020-03-26T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1819211" } ], "notes": [ { "category": "description", "text": "Jenkins 2.227 and earlier, LTS 2.204.5 and earlier does not set Content-Security-Policy headers for files uploaded as file parameters to a build, resulting in a stored XSS vulnerability.", "title": "Vulnerability description" }, { "category": "summary", "text": "jenkins: Content-Security-Policy headers for files uploaded leads to XSS", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-1:4.3.25-202006081518.git.1.52b3a66.el7.ppc64le", "7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-1:4.3.25-202006081518.git.1.52b3a66.el7.s390x", "7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-1:4.3.25-202006081518.git.1.52b3a66.el7.src", "7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-1:4.3.25-202006081518.git.1.52b3a66.el7.x86_64", "7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-svcat-1:4.3.25-202006081518.git.1.52b3a66.el7.ppc64le", "7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-svcat-1:4.3.25-202006081518.git.1.52b3a66.el7.s390x", "7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-svcat-1:4.3.25-202006081518.git.1.52b3a66.el7.x86_64", "7Server-RH7-RHOSE-4.3:atomic-openshift-service-idler-0:4.3.25-202006081518.git.1.79365c5.el7.ppc64le", "7Server-RH7-RHOSE-4.3:atomic-openshift-service-idler-0:4.3.25-202006081518.git.1.79365c5.el7.s390x", "7Server-RH7-RHOSE-4.3:atomic-openshift-service-idler-0:4.3.25-202006081518.git.1.79365c5.el7.src", "7Server-RH7-RHOSE-4.3:atomic-openshift-service-idler-0:4.3.25-202006081518.git.1.79365c5.el7.x86_64", "7Server-RH7-RHOSE-4.3:conmon-2:2.0.17-1.rhaos4.3.el7.ppc64le", "7Server-RH7-RHOSE-4.3:conmon-2:2.0.17-1.rhaos4.3.el7.s390x", "7Server-RH7-RHOSE-4.3:conmon-2:2.0.17-1.rhaos4.3.el7.src", "7Server-RH7-RHOSE-4.3:conmon-2:2.0.17-1.rhaos4.3.el7.x86_64", "7Server-RH7-RHOSE-4.3:cri-o-0:1.16.6-15.dev.rhaos4.3.gitebc053b.el7.ppc64le", "7Server-RH7-RHOSE-4.3:cri-o-0:1.16.6-15.dev.rhaos4.3.gitebc053b.el7.s390x", "7Server-RH7-RHOSE-4.3:cri-o-0:1.16.6-15.dev.rhaos4.3.gitebc053b.el7.src", "7Server-RH7-RHOSE-4.3:cri-o-0:1.16.6-15.dev.rhaos4.3.gitebc053b.el7.x86_64", "7Server-RH7-RHOSE-4.3:cri-o-debuginfo-0:1.16.6-15.dev.rhaos4.3.gitebc053b.el7.ppc64le", "7Server-RH7-RHOSE-4.3:cri-o-debuginfo-0:1.16.6-15.dev.rhaos4.3.gitebc053b.el7.s390x", "7Server-RH7-RHOSE-4.3:cri-o-debuginfo-0:1.16.6-15.dev.rhaos4.3.gitebc053b.el7.x86_64", "7Server-RH7-RHOSE-4.3:jenkins-0:2.222.1.1591349991-1.el7.noarch", "7Server-RH7-RHOSE-4.3:jenkins-0:2.222.1.1591349991-1.el7.src", "7Server-RH7-RHOSE-4.3:openshift-0:4.3.25-202006060952.git.1.96c30f6.el7.src", "7Server-RH7-RHOSE-4.3:openshift-ansible-0:4.3.25-202006060952.git.1.1253fde.el7.noarch", "7Server-RH7-RHOSE-4.3:openshift-ansible-0:4.3.25-202006060952.git.1.1253fde.el7.src", "7Server-RH7-RHOSE-4.3:openshift-ansible-test-0:4.3.25-202006060952.git.1.1253fde.el7.noarch", "7Server-RH7-RHOSE-4.3:openshift-clients-0:4.3.25-202006060952.git.1.fd93102.el7.ppc64le", "7Server-RH7-RHOSE-4.3:openshift-clients-0:4.3.25-202006060952.git.1.fd93102.el7.s390x", "7Server-RH7-RHOSE-4.3:openshift-clients-0:4.3.25-202006060952.git.1.fd93102.el7.src", "7Server-RH7-RHOSE-4.3:openshift-clients-0:4.3.25-202006060952.git.1.fd93102.el7.x86_64", "7Server-RH7-RHOSE-4.3:openshift-clients-redistributable-0:4.3.25-202006060952.git.1.fd93102.el7.x86_64", "7Server-RH7-RHOSE-4.3:openshift-hyperkube-0:4.3.25-202006060952.git.1.96c30f6.el7.ppc64le", "7Server-RH7-RHOSE-4.3:openshift-hyperkube-0:4.3.25-202006060952.git.1.96c30f6.el7.s390x", "7Server-RH7-RHOSE-4.3:openshift-hyperkube-0:4.3.25-202006060952.git.1.96c30f6.el7.x86_64", "8Base-RHOSE-4.3:conmon-2:2.0.17-1.rhaos4.3.el8.ppc64le", "8Base-RHOSE-4.3:conmon-2:2.0.17-1.rhaos4.3.el8.s390x", "8Base-RHOSE-4.3:conmon-2:2.0.17-1.rhaos4.3.el8.src", "8Base-RHOSE-4.3:conmon-2:2.0.17-1.rhaos4.3.el8.x86_64", "8Base-RHOSE-4.3:cri-o-0:1.16.6-15.dev.rhaos4.3.gitebc053b.el8.ppc64le", "8Base-RHOSE-4.3:cri-o-0:1.16.6-15.dev.rhaos4.3.gitebc053b.el8.s390x", "8Base-RHOSE-4.3:cri-o-0:1.16.6-15.dev.rhaos4.3.gitebc053b.el8.src", "8Base-RHOSE-4.3:cri-o-0:1.16.6-15.dev.rhaos4.3.gitebc053b.el8.x86_64", "8Base-RHOSE-4.3:cri-o-debuginfo-0:1.16.6-15.dev.rhaos4.3.gitebc053b.el8.ppc64le", "8Base-RHOSE-4.3:cri-o-debuginfo-0:1.16.6-15.dev.rhaos4.3.gitebc053b.el8.s390x", "8Base-RHOSE-4.3:cri-o-debuginfo-0:1.16.6-15.dev.rhaos4.3.gitebc053b.el8.x86_64", "8Base-RHOSE-4.3:cri-o-debugsource-0:1.16.6-15.dev.rhaos4.3.gitebc053b.el8.ppc64le", "8Base-RHOSE-4.3:cri-o-debugsource-0:1.16.6-15.dev.rhaos4.3.gitebc053b.el8.s390x", "8Base-RHOSE-4.3:cri-o-debugsource-0:1.16.6-15.dev.rhaos4.3.gitebc053b.el8.x86_64", "8Base-RHOSE-4.3:machine-config-daemon-0:4.3.25-202006081518.git.1.478b31a.el8.ppc64le", "8Base-RHOSE-4.3:machine-config-daemon-0:4.3.25-202006081518.git.1.478b31a.el8.s390x", "8Base-RHOSE-4.3:machine-config-daemon-0:4.3.25-202006081518.git.1.478b31a.el8.src", "8Base-RHOSE-4.3:machine-config-daemon-0:4.3.25-202006081518.git.1.478b31a.el8.x86_64", "8Base-RHOSE-4.3:openshift-0:4.3.25-202006060952.git.1.96c30f6.el8.src", "8Base-RHOSE-4.3:openshift-clients-0:4.3.25-202006060952.git.1.fd93102.el8.ppc64le", "8Base-RHOSE-4.3:openshift-clients-0:4.3.25-202006060952.git.1.fd93102.el8.s390x", "8Base-RHOSE-4.3:openshift-clients-0:4.3.25-202006060952.git.1.fd93102.el8.src", "8Base-RHOSE-4.3:openshift-clients-0:4.3.25-202006060952.git.1.fd93102.el8.x86_64", "8Base-RHOSE-4.3:openshift-clients-redistributable-0:4.3.25-202006060952.git.1.fd93102.el8.x86_64", "8Base-RHOSE-4.3:openshift-hyperkube-0:4.3.25-202006060952.git.1.96c30f6.el8.ppc64le", "8Base-RHOSE-4.3:openshift-hyperkube-0:4.3.25-202006060952.git.1.96c30f6.el8.s390x", "8Base-RHOSE-4.3:openshift-hyperkube-0:4.3.25-202006060952.git.1.96c30f6.el8.x86_64", "8Base-RHOSE-4.3:openshift-kuryr-0:4.3.25-202006081518.git.1.240b401.el8.src", "8Base-RHOSE-4.3:openshift-kuryr-cni-0:4.3.25-202006081518.git.1.240b401.el8.noarch", "8Base-RHOSE-4.3:openshift-kuryr-common-0:4.3.25-202006081518.git.1.240b401.el8.noarch", "8Base-RHOSE-4.3:openshift-kuryr-controller-0:4.3.25-202006081518.git.1.240b401.el8.noarch", "8Base-RHOSE-4.3:python3-kuryr-kubernetes-0:4.3.25-202006081518.git.1.240b401.el8.noarch", "8Base-RHOSE-4.3:s390utils-2:2.6.0-23.el8.s390x", "8Base-RHOSE-4.3:s390utils-2:2.6.0-23.el8.src", "8Base-RHOSE-4.3:s390utils-base-2:2.6.0-23.el8.s390x", "8Base-RHOSE-4.3:s390utils-base-debuginfo-2:2.6.0-23.el8.s390x", "8Base-RHOSE-4.3:s390utils-cmsfs-2:2.6.0-23.el8.s390x", "8Base-RHOSE-4.3:s390utils-cmsfs-debuginfo-2:2.6.0-23.el8.s390x", "8Base-RHOSE-4.3:s390utils-cmsfs-fuse-2:2.6.0-23.el8.s390x", "8Base-RHOSE-4.3:s390utils-cmsfs-fuse-debuginfo-2:2.6.0-23.el8.s390x", "8Base-RHOSE-4.3:s390utils-cpacfstatsd-2:2.6.0-23.el8.s390x", "8Base-RHOSE-4.3:s390utils-cpacfstatsd-debuginfo-2:2.6.0-23.el8.s390x", "8Base-RHOSE-4.3:s390utils-cpuplugd-2:2.6.0-23.el8.s390x", "8Base-RHOSE-4.3:s390utils-cpuplugd-debuginfo-2:2.6.0-23.el8.s390x", "8Base-RHOSE-4.3:s390utils-debuginfo-2:2.6.0-23.el8.s390x", "8Base-RHOSE-4.3:s390utils-debugsource-2:2.6.0-23.el8.s390x", "8Base-RHOSE-4.3:s390utils-devel-2:2.6.0-23.el8.s390x", "8Base-RHOSE-4.3:s390utils-hmcdrvfs-2:2.6.0-23.el8.s390x", "8Base-RHOSE-4.3:s390utils-hmcdrvfs-debuginfo-2:2.6.0-23.el8.s390x", "8Base-RHOSE-4.3:s390utils-iucvterm-2:2.6.0-23.el8.s390x", "8Base-RHOSE-4.3:s390utils-iucvterm-debuginfo-2:2.6.0-23.el8.s390x", "8Base-RHOSE-4.3:s390utils-mon_statd-2:2.6.0-23.el8.s390x", "8Base-RHOSE-4.3:s390utils-mon_statd-debuginfo-2:2.6.0-23.el8.s390x", "8Base-RHOSE-4.3:s390utils-osasnmpd-2:2.6.0-23.el8.s390x", "8Base-RHOSE-4.3:s390utils-osasnmpd-debuginfo-2:2.6.0-23.el8.s390x", "8Base-RHOSE-4.3:s390utils-zdsfs-2:2.6.0-23.el8.s390x", "8Base-RHOSE-4.3:s390utils-zdsfs-debuginfo-2:2.6.0-23.el8.s390x", "8Base-RHOSE-4.3:s390utils-ziomon-2:2.6.0-23.el8.s390x", "8Base-RHOSE-4.3:s390utils-ziomon-debuginfo-2:2.6.0-23.el8.s390x" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2020-2162" }, { "category": "external", "summary": "RHBZ#1819211", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1819211" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2020-2162", "url": "https://www.cve.org/CVERecord?id=CVE-2020-2162" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-2162", "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-2162" }, { "category": "external", "summary": "https://jenkins.io/security/advisory/2020-03-25/#SECURITY-1793", "url": "https://jenkins.io/security/advisory/2020-03-25/#SECURITY-1793" } ], "release_date": "2020-03-25T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-06-17T19:44:05+00:00", "details": "For OpenShift Container Platform 4.3 see the following documentation, which\nwill be updated shortly for release 4.3.25, for important instructions on\nhow to upgrade your cluster and fully apply this asynchronous errata\nupdate:\n\nhttps://docs.openshift.com/container-platform/4.3/release_notes/ocp-4-3-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.3/updating/updating-cluster-cli.html.", "product_ids": [ "7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-1:4.3.25-202006081518.git.1.52b3a66.el7.ppc64le", "7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-1:4.3.25-202006081518.git.1.52b3a66.el7.s390x", "7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-1:4.3.25-202006081518.git.1.52b3a66.el7.src", "7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-1:4.3.25-202006081518.git.1.52b3a66.el7.x86_64", "7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-svcat-1:4.3.25-202006081518.git.1.52b3a66.el7.ppc64le", "7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-svcat-1:4.3.25-202006081518.git.1.52b3a66.el7.s390x", "7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-svcat-1:4.3.25-202006081518.git.1.52b3a66.el7.x86_64", "7Server-RH7-RHOSE-4.3:atomic-openshift-service-idler-0:4.3.25-202006081518.git.1.79365c5.el7.ppc64le", "7Server-RH7-RHOSE-4.3:atomic-openshift-service-idler-0:4.3.25-202006081518.git.1.79365c5.el7.s390x", "7Server-RH7-RHOSE-4.3:atomic-openshift-service-idler-0:4.3.25-202006081518.git.1.79365c5.el7.src", "7Server-RH7-RHOSE-4.3:atomic-openshift-service-idler-0:4.3.25-202006081518.git.1.79365c5.el7.x86_64", "7Server-RH7-RHOSE-4.3:conmon-2:2.0.17-1.rhaos4.3.el7.ppc64le", "7Server-RH7-RHOSE-4.3:conmon-2:2.0.17-1.rhaos4.3.el7.s390x", "7Server-RH7-RHOSE-4.3:conmon-2:2.0.17-1.rhaos4.3.el7.src", "7Server-RH7-RHOSE-4.3:conmon-2:2.0.17-1.rhaos4.3.el7.x86_64", "7Server-RH7-RHOSE-4.3:cri-o-0:1.16.6-15.dev.rhaos4.3.gitebc053b.el7.ppc64le", "7Server-RH7-RHOSE-4.3:cri-o-0:1.16.6-15.dev.rhaos4.3.gitebc053b.el7.s390x", "7Server-RH7-RHOSE-4.3:cri-o-0:1.16.6-15.dev.rhaos4.3.gitebc053b.el7.src", "7Server-RH7-RHOSE-4.3:cri-o-0:1.16.6-15.dev.rhaos4.3.gitebc053b.el7.x86_64", "7Server-RH7-RHOSE-4.3:cri-o-debuginfo-0:1.16.6-15.dev.rhaos4.3.gitebc053b.el7.ppc64le", "7Server-RH7-RHOSE-4.3:cri-o-debuginfo-0:1.16.6-15.dev.rhaos4.3.gitebc053b.el7.s390x", "7Server-RH7-RHOSE-4.3:cri-o-debuginfo-0:1.16.6-15.dev.rhaos4.3.gitebc053b.el7.x86_64", "7Server-RH7-RHOSE-4.3:jenkins-0:2.222.1.1591349991-1.el7.noarch", "7Server-RH7-RHOSE-4.3:jenkins-0:2.222.1.1591349991-1.el7.src", "7Server-RH7-RHOSE-4.3:openshift-0:4.3.25-202006060952.git.1.96c30f6.el7.src", "7Server-RH7-RHOSE-4.3:openshift-ansible-0:4.3.25-202006060952.git.1.1253fde.el7.noarch", "7Server-RH7-RHOSE-4.3:openshift-ansible-0:4.3.25-202006060952.git.1.1253fde.el7.src", "7Server-RH7-RHOSE-4.3:openshift-ansible-test-0:4.3.25-202006060952.git.1.1253fde.el7.noarch", "7Server-RH7-RHOSE-4.3:openshift-clients-0:4.3.25-202006060952.git.1.fd93102.el7.ppc64le", "7Server-RH7-RHOSE-4.3:openshift-clients-0:4.3.25-202006060952.git.1.fd93102.el7.s390x", "7Server-RH7-RHOSE-4.3:openshift-clients-0:4.3.25-202006060952.git.1.fd93102.el7.src", "7Server-RH7-RHOSE-4.3:openshift-clients-0:4.3.25-202006060952.git.1.fd93102.el7.x86_64", "7Server-RH7-RHOSE-4.3:openshift-clients-redistributable-0:4.3.25-202006060952.git.1.fd93102.el7.x86_64", "7Server-RH7-RHOSE-4.3:openshift-hyperkube-0:4.3.25-202006060952.git.1.96c30f6.el7.ppc64le", "7Server-RH7-RHOSE-4.3:openshift-hyperkube-0:4.3.25-202006060952.git.1.96c30f6.el7.s390x", "7Server-RH7-RHOSE-4.3:openshift-hyperkube-0:4.3.25-202006060952.git.1.96c30f6.el7.x86_64", "8Base-RHOSE-4.3:conmon-2:2.0.17-1.rhaos4.3.el8.ppc64le", "8Base-RHOSE-4.3:conmon-2:2.0.17-1.rhaos4.3.el8.s390x", "8Base-RHOSE-4.3:conmon-2:2.0.17-1.rhaos4.3.el8.src", "8Base-RHOSE-4.3:conmon-2:2.0.17-1.rhaos4.3.el8.x86_64", "8Base-RHOSE-4.3:cri-o-0:1.16.6-15.dev.rhaos4.3.gitebc053b.el8.ppc64le", "8Base-RHOSE-4.3:cri-o-0:1.16.6-15.dev.rhaos4.3.gitebc053b.el8.s390x", "8Base-RHOSE-4.3:cri-o-0:1.16.6-15.dev.rhaos4.3.gitebc053b.el8.src", "8Base-RHOSE-4.3:cri-o-0:1.16.6-15.dev.rhaos4.3.gitebc053b.el8.x86_64", "8Base-RHOSE-4.3:cri-o-debuginfo-0:1.16.6-15.dev.rhaos4.3.gitebc053b.el8.ppc64le", "8Base-RHOSE-4.3:cri-o-debuginfo-0:1.16.6-15.dev.rhaos4.3.gitebc053b.el8.s390x", "8Base-RHOSE-4.3:cri-o-debuginfo-0:1.16.6-15.dev.rhaos4.3.gitebc053b.el8.x86_64", "8Base-RHOSE-4.3:cri-o-debugsource-0:1.16.6-15.dev.rhaos4.3.gitebc053b.el8.ppc64le", "8Base-RHOSE-4.3:cri-o-debugsource-0:1.16.6-15.dev.rhaos4.3.gitebc053b.el8.s390x", "8Base-RHOSE-4.3:cri-o-debugsource-0:1.16.6-15.dev.rhaos4.3.gitebc053b.el8.x86_64", "8Base-RHOSE-4.3:machine-config-daemon-0:4.3.25-202006081518.git.1.478b31a.el8.ppc64le", "8Base-RHOSE-4.3:machine-config-daemon-0:4.3.25-202006081518.git.1.478b31a.el8.s390x", "8Base-RHOSE-4.3:machine-config-daemon-0:4.3.25-202006081518.git.1.478b31a.el8.src", "8Base-RHOSE-4.3:machine-config-daemon-0:4.3.25-202006081518.git.1.478b31a.el8.x86_64", "8Base-RHOSE-4.3:openshift-0:4.3.25-202006060952.git.1.96c30f6.el8.src", "8Base-RHOSE-4.3:openshift-clients-0:4.3.25-202006060952.git.1.fd93102.el8.ppc64le", "8Base-RHOSE-4.3:openshift-clients-0:4.3.25-202006060952.git.1.fd93102.el8.s390x", "8Base-RHOSE-4.3:openshift-clients-0:4.3.25-202006060952.git.1.fd93102.el8.src", "8Base-RHOSE-4.3:openshift-clients-0:4.3.25-202006060952.git.1.fd93102.el8.x86_64", "8Base-RHOSE-4.3:openshift-clients-redistributable-0:4.3.25-202006060952.git.1.fd93102.el8.x86_64", "8Base-RHOSE-4.3:openshift-hyperkube-0:4.3.25-202006060952.git.1.96c30f6.el8.ppc64le", "8Base-RHOSE-4.3:openshift-hyperkube-0:4.3.25-202006060952.git.1.96c30f6.el8.s390x", "8Base-RHOSE-4.3:openshift-hyperkube-0:4.3.25-202006060952.git.1.96c30f6.el8.x86_64", "8Base-RHOSE-4.3:openshift-kuryr-0:4.3.25-202006081518.git.1.240b401.el8.src", "8Base-RHOSE-4.3:openshift-kuryr-cni-0:4.3.25-202006081518.git.1.240b401.el8.noarch", "8Base-RHOSE-4.3:openshift-kuryr-common-0:4.3.25-202006081518.git.1.240b401.el8.noarch", "8Base-RHOSE-4.3:openshift-kuryr-controller-0:4.3.25-202006081518.git.1.240b401.el8.noarch", "8Base-RHOSE-4.3:python3-kuryr-kubernetes-0:4.3.25-202006081518.git.1.240b401.el8.noarch", "8Base-RHOSE-4.3:s390utils-2:2.6.0-23.el8.s390x", "8Base-RHOSE-4.3:s390utils-2:2.6.0-23.el8.src", "8Base-RHOSE-4.3:s390utils-base-2:2.6.0-23.el8.s390x", "8Base-RHOSE-4.3:s390utils-base-debuginfo-2:2.6.0-23.el8.s390x", "8Base-RHOSE-4.3:s390utils-cmsfs-2:2.6.0-23.el8.s390x", "8Base-RHOSE-4.3:s390utils-cmsfs-debuginfo-2:2.6.0-23.el8.s390x", "8Base-RHOSE-4.3:s390utils-cmsfs-fuse-2:2.6.0-23.el8.s390x", "8Base-RHOSE-4.3:s390utils-cmsfs-fuse-debuginfo-2:2.6.0-23.el8.s390x", "8Base-RHOSE-4.3:s390utils-cpacfstatsd-2:2.6.0-23.el8.s390x", "8Base-RHOSE-4.3:s390utils-cpacfstatsd-debuginfo-2:2.6.0-23.el8.s390x", "8Base-RHOSE-4.3:s390utils-cpuplugd-2:2.6.0-23.el8.s390x", "8Base-RHOSE-4.3:s390utils-cpuplugd-debuginfo-2:2.6.0-23.el8.s390x", "8Base-RHOSE-4.3:s390utils-debuginfo-2:2.6.0-23.el8.s390x", "8Base-RHOSE-4.3:s390utils-debugsource-2:2.6.0-23.el8.s390x", "8Base-RHOSE-4.3:s390utils-devel-2:2.6.0-23.el8.s390x", "8Base-RHOSE-4.3:s390utils-hmcdrvfs-2:2.6.0-23.el8.s390x", "8Base-RHOSE-4.3:s390utils-hmcdrvfs-debuginfo-2:2.6.0-23.el8.s390x", "8Base-RHOSE-4.3:s390utils-iucvterm-2:2.6.0-23.el8.s390x", "8Base-RHOSE-4.3:s390utils-iucvterm-debuginfo-2:2.6.0-23.el8.s390x", "8Base-RHOSE-4.3:s390utils-mon_statd-2:2.6.0-23.el8.s390x", "8Base-RHOSE-4.3:s390utils-mon_statd-debuginfo-2:2.6.0-23.el8.s390x", "8Base-RHOSE-4.3:s390utils-osasnmpd-2:2.6.0-23.el8.s390x", "8Base-RHOSE-4.3:s390utils-osasnmpd-debuginfo-2:2.6.0-23.el8.s390x", "8Base-RHOSE-4.3:s390utils-zdsfs-2:2.6.0-23.el8.s390x", "8Base-RHOSE-4.3:s390utils-zdsfs-debuginfo-2:2.6.0-23.el8.s390x", "8Base-RHOSE-4.3:s390utils-ziomon-2:2.6.0-23.el8.s390x", "8Base-RHOSE-4.3:s390utils-ziomon-debuginfo-2:2.6.0-23.el8.s390x" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHBA-2020:2435" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", "version": "3.1" }, "products": [ "7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-1:4.3.25-202006081518.git.1.52b3a66.el7.ppc64le", "7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-1:4.3.25-202006081518.git.1.52b3a66.el7.s390x", "7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-1:4.3.25-202006081518.git.1.52b3a66.el7.src", "7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-1:4.3.25-202006081518.git.1.52b3a66.el7.x86_64", "7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-svcat-1:4.3.25-202006081518.git.1.52b3a66.el7.ppc64le", "7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-svcat-1:4.3.25-202006081518.git.1.52b3a66.el7.s390x", "7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-svcat-1:4.3.25-202006081518.git.1.52b3a66.el7.x86_64", "7Server-RH7-RHOSE-4.3:atomic-openshift-service-idler-0:4.3.25-202006081518.git.1.79365c5.el7.ppc64le", "7Server-RH7-RHOSE-4.3:atomic-openshift-service-idler-0:4.3.25-202006081518.git.1.79365c5.el7.s390x", "7Server-RH7-RHOSE-4.3:atomic-openshift-service-idler-0:4.3.25-202006081518.git.1.79365c5.el7.src", "7Server-RH7-RHOSE-4.3:atomic-openshift-service-idler-0:4.3.25-202006081518.git.1.79365c5.el7.x86_64", "7Server-RH7-RHOSE-4.3:conmon-2:2.0.17-1.rhaos4.3.el7.ppc64le", "7Server-RH7-RHOSE-4.3:conmon-2:2.0.17-1.rhaos4.3.el7.s390x", "7Server-RH7-RHOSE-4.3:conmon-2:2.0.17-1.rhaos4.3.el7.src", "7Server-RH7-RHOSE-4.3:conmon-2:2.0.17-1.rhaos4.3.el7.x86_64", "7Server-RH7-RHOSE-4.3:cri-o-0:1.16.6-15.dev.rhaos4.3.gitebc053b.el7.ppc64le", "7Server-RH7-RHOSE-4.3:cri-o-0:1.16.6-15.dev.rhaos4.3.gitebc053b.el7.s390x", "7Server-RH7-RHOSE-4.3:cri-o-0:1.16.6-15.dev.rhaos4.3.gitebc053b.el7.src", "7Server-RH7-RHOSE-4.3:cri-o-0:1.16.6-15.dev.rhaos4.3.gitebc053b.el7.x86_64", "7Server-RH7-RHOSE-4.3:cri-o-debuginfo-0:1.16.6-15.dev.rhaos4.3.gitebc053b.el7.ppc64le", "7Server-RH7-RHOSE-4.3:cri-o-debuginfo-0:1.16.6-15.dev.rhaos4.3.gitebc053b.el7.s390x", "7Server-RH7-RHOSE-4.3:cri-o-debuginfo-0:1.16.6-15.dev.rhaos4.3.gitebc053b.el7.x86_64", "7Server-RH7-RHOSE-4.3:jenkins-0:2.222.1.1591349991-1.el7.noarch", "7Server-RH7-RHOSE-4.3:jenkins-0:2.222.1.1591349991-1.el7.src", "7Server-RH7-RHOSE-4.3:openshift-0:4.3.25-202006060952.git.1.96c30f6.el7.src", "7Server-RH7-RHOSE-4.3:openshift-ansible-0:4.3.25-202006060952.git.1.1253fde.el7.noarch", "7Server-RH7-RHOSE-4.3:openshift-ansible-0:4.3.25-202006060952.git.1.1253fde.el7.src", "7Server-RH7-RHOSE-4.3:openshift-ansible-test-0:4.3.25-202006060952.git.1.1253fde.el7.noarch", "7Server-RH7-RHOSE-4.3:openshift-clients-0:4.3.25-202006060952.git.1.fd93102.el7.ppc64le", "7Server-RH7-RHOSE-4.3:openshift-clients-0:4.3.25-202006060952.git.1.fd93102.el7.s390x", "7Server-RH7-RHOSE-4.3:openshift-clients-0:4.3.25-202006060952.git.1.fd93102.el7.src", "7Server-RH7-RHOSE-4.3:openshift-clients-0:4.3.25-202006060952.git.1.fd93102.el7.x86_64", "7Server-RH7-RHOSE-4.3:openshift-clients-redistributable-0:4.3.25-202006060952.git.1.fd93102.el7.x86_64", "7Server-RH7-RHOSE-4.3:openshift-hyperkube-0:4.3.25-202006060952.git.1.96c30f6.el7.ppc64le", "7Server-RH7-RHOSE-4.3:openshift-hyperkube-0:4.3.25-202006060952.git.1.96c30f6.el7.s390x", "7Server-RH7-RHOSE-4.3:openshift-hyperkube-0:4.3.25-202006060952.git.1.96c30f6.el7.x86_64", "8Base-RHOSE-4.3:conmon-2:2.0.17-1.rhaos4.3.el8.ppc64le", "8Base-RHOSE-4.3:conmon-2:2.0.17-1.rhaos4.3.el8.s390x", "8Base-RHOSE-4.3:conmon-2:2.0.17-1.rhaos4.3.el8.src", "8Base-RHOSE-4.3:conmon-2:2.0.17-1.rhaos4.3.el8.x86_64", "8Base-RHOSE-4.3:cri-o-0:1.16.6-15.dev.rhaos4.3.gitebc053b.el8.ppc64le", "8Base-RHOSE-4.3:cri-o-0:1.16.6-15.dev.rhaos4.3.gitebc053b.el8.s390x", "8Base-RHOSE-4.3:cri-o-0:1.16.6-15.dev.rhaos4.3.gitebc053b.el8.src", "8Base-RHOSE-4.3:cri-o-0:1.16.6-15.dev.rhaos4.3.gitebc053b.el8.x86_64", "8Base-RHOSE-4.3:cri-o-debuginfo-0:1.16.6-15.dev.rhaos4.3.gitebc053b.el8.ppc64le", "8Base-RHOSE-4.3:cri-o-debuginfo-0:1.16.6-15.dev.rhaos4.3.gitebc053b.el8.s390x", "8Base-RHOSE-4.3:cri-o-debuginfo-0:1.16.6-15.dev.rhaos4.3.gitebc053b.el8.x86_64", "8Base-RHOSE-4.3:cri-o-debugsource-0:1.16.6-15.dev.rhaos4.3.gitebc053b.el8.ppc64le", "8Base-RHOSE-4.3:cri-o-debugsource-0:1.16.6-15.dev.rhaos4.3.gitebc053b.el8.s390x", "8Base-RHOSE-4.3:cri-o-debugsource-0:1.16.6-15.dev.rhaos4.3.gitebc053b.el8.x86_64", "8Base-RHOSE-4.3:machine-config-daemon-0:4.3.25-202006081518.git.1.478b31a.el8.ppc64le", "8Base-RHOSE-4.3:machine-config-daemon-0:4.3.25-202006081518.git.1.478b31a.el8.s390x", "8Base-RHOSE-4.3:machine-config-daemon-0:4.3.25-202006081518.git.1.478b31a.el8.src", "8Base-RHOSE-4.3:machine-config-daemon-0:4.3.25-202006081518.git.1.478b31a.el8.x86_64", "8Base-RHOSE-4.3:openshift-0:4.3.25-202006060952.git.1.96c30f6.el8.src", "8Base-RHOSE-4.3:openshift-clients-0:4.3.25-202006060952.git.1.fd93102.el8.ppc64le", "8Base-RHOSE-4.3:openshift-clients-0:4.3.25-202006060952.git.1.fd93102.el8.s390x", "8Base-RHOSE-4.3:openshift-clients-0:4.3.25-202006060952.git.1.fd93102.el8.src", "8Base-RHOSE-4.3:openshift-clients-0:4.3.25-202006060952.git.1.fd93102.el8.x86_64", "8Base-RHOSE-4.3:openshift-clients-redistributable-0:4.3.25-202006060952.git.1.fd93102.el8.x86_64", "8Base-RHOSE-4.3:openshift-hyperkube-0:4.3.25-202006060952.git.1.96c30f6.el8.ppc64le", "8Base-RHOSE-4.3:openshift-hyperkube-0:4.3.25-202006060952.git.1.96c30f6.el8.s390x", "8Base-RHOSE-4.3:openshift-hyperkube-0:4.3.25-202006060952.git.1.96c30f6.el8.x86_64", "8Base-RHOSE-4.3:openshift-kuryr-0:4.3.25-202006081518.git.1.240b401.el8.src", "8Base-RHOSE-4.3:openshift-kuryr-cni-0:4.3.25-202006081518.git.1.240b401.el8.noarch", "8Base-RHOSE-4.3:openshift-kuryr-common-0:4.3.25-202006081518.git.1.240b401.el8.noarch", "8Base-RHOSE-4.3:openshift-kuryr-controller-0:4.3.25-202006081518.git.1.240b401.el8.noarch", "8Base-RHOSE-4.3:python3-kuryr-kubernetes-0:4.3.25-202006081518.git.1.240b401.el8.noarch", "8Base-RHOSE-4.3:s390utils-2:2.6.0-23.el8.s390x", "8Base-RHOSE-4.3:s390utils-2:2.6.0-23.el8.src", "8Base-RHOSE-4.3:s390utils-base-2:2.6.0-23.el8.s390x", "8Base-RHOSE-4.3:s390utils-base-debuginfo-2:2.6.0-23.el8.s390x", "8Base-RHOSE-4.3:s390utils-cmsfs-2:2.6.0-23.el8.s390x", "8Base-RHOSE-4.3:s390utils-cmsfs-debuginfo-2:2.6.0-23.el8.s390x", "8Base-RHOSE-4.3:s390utils-cmsfs-fuse-2:2.6.0-23.el8.s390x", "8Base-RHOSE-4.3:s390utils-cmsfs-fuse-debuginfo-2:2.6.0-23.el8.s390x", "8Base-RHOSE-4.3:s390utils-cpacfstatsd-2:2.6.0-23.el8.s390x", "8Base-RHOSE-4.3:s390utils-cpacfstatsd-debuginfo-2:2.6.0-23.el8.s390x", "8Base-RHOSE-4.3:s390utils-cpuplugd-2:2.6.0-23.el8.s390x", "8Base-RHOSE-4.3:s390utils-cpuplugd-debuginfo-2:2.6.0-23.el8.s390x", "8Base-RHOSE-4.3:s390utils-debuginfo-2:2.6.0-23.el8.s390x", "8Base-RHOSE-4.3:s390utils-debugsource-2:2.6.0-23.el8.s390x", "8Base-RHOSE-4.3:s390utils-devel-2:2.6.0-23.el8.s390x", "8Base-RHOSE-4.3:s390utils-hmcdrvfs-2:2.6.0-23.el8.s390x", "8Base-RHOSE-4.3:s390utils-hmcdrvfs-debuginfo-2:2.6.0-23.el8.s390x", "8Base-RHOSE-4.3:s390utils-iucvterm-2:2.6.0-23.el8.s390x", "8Base-RHOSE-4.3:s390utils-iucvterm-debuginfo-2:2.6.0-23.el8.s390x", "8Base-RHOSE-4.3:s390utils-mon_statd-2:2.6.0-23.el8.s390x", "8Base-RHOSE-4.3:s390utils-mon_statd-debuginfo-2:2.6.0-23.el8.s390x", "8Base-RHOSE-4.3:s390utils-osasnmpd-2:2.6.0-23.el8.s390x", "8Base-RHOSE-4.3:s390utils-osasnmpd-debuginfo-2:2.6.0-23.el8.s390x", "8Base-RHOSE-4.3:s390utils-zdsfs-2:2.6.0-23.el8.s390x", "8Base-RHOSE-4.3:s390utils-zdsfs-debuginfo-2:2.6.0-23.el8.s390x", "8Base-RHOSE-4.3:s390utils-ziomon-2:2.6.0-23.el8.s390x", "8Base-RHOSE-4.3:s390utils-ziomon-debuginfo-2:2.6.0-23.el8.s390x" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "jenkins: Content-Security-Policy headers for files uploaded leads to XSS" }, { "cve": "CVE-2020-2163", "cwe": { "id": "CWE-79", "name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)" }, "discovery_date": "2020-03-25T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1819222" } ], "notes": [ { "category": "description", "text": "Jenkins 2.227 and earlier, LTS 2.204.5 and earlier improperly processes HTML content of list view column headers, resulting in a stored XSS vulnerability exploitable by users able to control column headers.", "title": "Vulnerability description" }, { "category": "summary", "text": "jenkins: improperly processes HTML content of list leads to XSS", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-1:4.3.25-202006081518.git.1.52b3a66.el7.ppc64le", "7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-1:4.3.25-202006081518.git.1.52b3a66.el7.s390x", "7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-1:4.3.25-202006081518.git.1.52b3a66.el7.src", "7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-1:4.3.25-202006081518.git.1.52b3a66.el7.x86_64", "7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-svcat-1:4.3.25-202006081518.git.1.52b3a66.el7.ppc64le", "7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-svcat-1:4.3.25-202006081518.git.1.52b3a66.el7.s390x", "7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-svcat-1:4.3.25-202006081518.git.1.52b3a66.el7.x86_64", "7Server-RH7-RHOSE-4.3:atomic-openshift-service-idler-0:4.3.25-202006081518.git.1.79365c5.el7.ppc64le", "7Server-RH7-RHOSE-4.3:atomic-openshift-service-idler-0:4.3.25-202006081518.git.1.79365c5.el7.s390x", "7Server-RH7-RHOSE-4.3:atomic-openshift-service-idler-0:4.3.25-202006081518.git.1.79365c5.el7.src", "7Server-RH7-RHOSE-4.3:atomic-openshift-service-idler-0:4.3.25-202006081518.git.1.79365c5.el7.x86_64", "7Server-RH7-RHOSE-4.3:conmon-2:2.0.17-1.rhaos4.3.el7.ppc64le", "7Server-RH7-RHOSE-4.3:conmon-2:2.0.17-1.rhaos4.3.el7.s390x", "7Server-RH7-RHOSE-4.3:conmon-2:2.0.17-1.rhaos4.3.el7.src", "7Server-RH7-RHOSE-4.3:conmon-2:2.0.17-1.rhaos4.3.el7.x86_64", "7Server-RH7-RHOSE-4.3:cri-o-0:1.16.6-15.dev.rhaos4.3.gitebc053b.el7.ppc64le", "7Server-RH7-RHOSE-4.3:cri-o-0:1.16.6-15.dev.rhaos4.3.gitebc053b.el7.s390x", "7Server-RH7-RHOSE-4.3:cri-o-0:1.16.6-15.dev.rhaos4.3.gitebc053b.el7.src", "7Server-RH7-RHOSE-4.3:cri-o-0:1.16.6-15.dev.rhaos4.3.gitebc053b.el7.x86_64", "7Server-RH7-RHOSE-4.3:cri-o-debuginfo-0:1.16.6-15.dev.rhaos4.3.gitebc053b.el7.ppc64le", "7Server-RH7-RHOSE-4.3:cri-o-debuginfo-0:1.16.6-15.dev.rhaos4.3.gitebc053b.el7.s390x", "7Server-RH7-RHOSE-4.3:cri-o-debuginfo-0:1.16.6-15.dev.rhaos4.3.gitebc053b.el7.x86_64", "7Server-RH7-RHOSE-4.3:jenkins-0:2.222.1.1591349991-1.el7.noarch", "7Server-RH7-RHOSE-4.3:jenkins-0:2.222.1.1591349991-1.el7.src", "7Server-RH7-RHOSE-4.3:openshift-0:4.3.25-202006060952.git.1.96c30f6.el7.src", "7Server-RH7-RHOSE-4.3:openshift-ansible-0:4.3.25-202006060952.git.1.1253fde.el7.noarch", "7Server-RH7-RHOSE-4.3:openshift-ansible-0:4.3.25-202006060952.git.1.1253fde.el7.src", "7Server-RH7-RHOSE-4.3:openshift-ansible-test-0:4.3.25-202006060952.git.1.1253fde.el7.noarch", "7Server-RH7-RHOSE-4.3:openshift-clients-0:4.3.25-202006060952.git.1.fd93102.el7.ppc64le", "7Server-RH7-RHOSE-4.3:openshift-clients-0:4.3.25-202006060952.git.1.fd93102.el7.s390x", "7Server-RH7-RHOSE-4.3:openshift-clients-0:4.3.25-202006060952.git.1.fd93102.el7.src", "7Server-RH7-RHOSE-4.3:openshift-clients-0:4.3.25-202006060952.git.1.fd93102.el7.x86_64", "7Server-RH7-RHOSE-4.3:openshift-clients-redistributable-0:4.3.25-202006060952.git.1.fd93102.el7.x86_64", "7Server-RH7-RHOSE-4.3:openshift-hyperkube-0:4.3.25-202006060952.git.1.96c30f6.el7.ppc64le", "7Server-RH7-RHOSE-4.3:openshift-hyperkube-0:4.3.25-202006060952.git.1.96c30f6.el7.s390x", "7Server-RH7-RHOSE-4.3:openshift-hyperkube-0:4.3.25-202006060952.git.1.96c30f6.el7.x86_64", "8Base-RHOSE-4.3:conmon-2:2.0.17-1.rhaos4.3.el8.ppc64le", "8Base-RHOSE-4.3:conmon-2:2.0.17-1.rhaos4.3.el8.s390x", "8Base-RHOSE-4.3:conmon-2:2.0.17-1.rhaos4.3.el8.src", "8Base-RHOSE-4.3:conmon-2:2.0.17-1.rhaos4.3.el8.x86_64", "8Base-RHOSE-4.3:cri-o-0:1.16.6-15.dev.rhaos4.3.gitebc053b.el8.ppc64le", "8Base-RHOSE-4.3:cri-o-0:1.16.6-15.dev.rhaos4.3.gitebc053b.el8.s390x", "8Base-RHOSE-4.3:cri-o-0:1.16.6-15.dev.rhaos4.3.gitebc053b.el8.src", "8Base-RHOSE-4.3:cri-o-0:1.16.6-15.dev.rhaos4.3.gitebc053b.el8.x86_64", "8Base-RHOSE-4.3:cri-o-debuginfo-0:1.16.6-15.dev.rhaos4.3.gitebc053b.el8.ppc64le", "8Base-RHOSE-4.3:cri-o-debuginfo-0:1.16.6-15.dev.rhaos4.3.gitebc053b.el8.s390x", "8Base-RHOSE-4.3:cri-o-debuginfo-0:1.16.6-15.dev.rhaos4.3.gitebc053b.el8.x86_64", "8Base-RHOSE-4.3:cri-o-debugsource-0:1.16.6-15.dev.rhaos4.3.gitebc053b.el8.ppc64le", "8Base-RHOSE-4.3:cri-o-debugsource-0:1.16.6-15.dev.rhaos4.3.gitebc053b.el8.s390x", "8Base-RHOSE-4.3:cri-o-debugsource-0:1.16.6-15.dev.rhaos4.3.gitebc053b.el8.x86_64", "8Base-RHOSE-4.3:machine-config-daemon-0:4.3.25-202006081518.git.1.478b31a.el8.ppc64le", "8Base-RHOSE-4.3:machine-config-daemon-0:4.3.25-202006081518.git.1.478b31a.el8.s390x", "8Base-RHOSE-4.3:machine-config-daemon-0:4.3.25-202006081518.git.1.478b31a.el8.src", "8Base-RHOSE-4.3:machine-config-daemon-0:4.3.25-202006081518.git.1.478b31a.el8.x86_64", "8Base-RHOSE-4.3:openshift-0:4.3.25-202006060952.git.1.96c30f6.el8.src", "8Base-RHOSE-4.3:openshift-clients-0:4.3.25-202006060952.git.1.fd93102.el8.ppc64le", "8Base-RHOSE-4.3:openshift-clients-0:4.3.25-202006060952.git.1.fd93102.el8.s390x", "8Base-RHOSE-4.3:openshift-clients-0:4.3.25-202006060952.git.1.fd93102.el8.src", "8Base-RHOSE-4.3:openshift-clients-0:4.3.25-202006060952.git.1.fd93102.el8.x86_64", "8Base-RHOSE-4.3:openshift-clients-redistributable-0:4.3.25-202006060952.git.1.fd93102.el8.x86_64", "8Base-RHOSE-4.3:openshift-hyperkube-0:4.3.25-202006060952.git.1.96c30f6.el8.ppc64le", "8Base-RHOSE-4.3:openshift-hyperkube-0:4.3.25-202006060952.git.1.96c30f6.el8.s390x", "8Base-RHOSE-4.3:openshift-hyperkube-0:4.3.25-202006060952.git.1.96c30f6.el8.x86_64", "8Base-RHOSE-4.3:openshift-kuryr-0:4.3.25-202006081518.git.1.240b401.el8.src", "8Base-RHOSE-4.3:openshift-kuryr-cni-0:4.3.25-202006081518.git.1.240b401.el8.noarch", "8Base-RHOSE-4.3:openshift-kuryr-common-0:4.3.25-202006081518.git.1.240b401.el8.noarch", "8Base-RHOSE-4.3:openshift-kuryr-controller-0:4.3.25-202006081518.git.1.240b401.el8.noarch", "8Base-RHOSE-4.3:python3-kuryr-kubernetes-0:4.3.25-202006081518.git.1.240b401.el8.noarch", "8Base-RHOSE-4.3:s390utils-2:2.6.0-23.el8.s390x", "8Base-RHOSE-4.3:s390utils-2:2.6.0-23.el8.src", "8Base-RHOSE-4.3:s390utils-base-2:2.6.0-23.el8.s390x", "8Base-RHOSE-4.3:s390utils-base-debuginfo-2:2.6.0-23.el8.s390x", "8Base-RHOSE-4.3:s390utils-cmsfs-2:2.6.0-23.el8.s390x", "8Base-RHOSE-4.3:s390utils-cmsfs-debuginfo-2:2.6.0-23.el8.s390x", "8Base-RHOSE-4.3:s390utils-cmsfs-fuse-2:2.6.0-23.el8.s390x", "8Base-RHOSE-4.3:s390utils-cmsfs-fuse-debuginfo-2:2.6.0-23.el8.s390x", "8Base-RHOSE-4.3:s390utils-cpacfstatsd-2:2.6.0-23.el8.s390x", "8Base-RHOSE-4.3:s390utils-cpacfstatsd-debuginfo-2:2.6.0-23.el8.s390x", "8Base-RHOSE-4.3:s390utils-cpuplugd-2:2.6.0-23.el8.s390x", "8Base-RHOSE-4.3:s390utils-cpuplugd-debuginfo-2:2.6.0-23.el8.s390x", "8Base-RHOSE-4.3:s390utils-debuginfo-2:2.6.0-23.el8.s390x", "8Base-RHOSE-4.3:s390utils-debugsource-2:2.6.0-23.el8.s390x", "8Base-RHOSE-4.3:s390utils-devel-2:2.6.0-23.el8.s390x", "8Base-RHOSE-4.3:s390utils-hmcdrvfs-2:2.6.0-23.el8.s390x", "8Base-RHOSE-4.3:s390utils-hmcdrvfs-debuginfo-2:2.6.0-23.el8.s390x", "8Base-RHOSE-4.3:s390utils-iucvterm-2:2.6.0-23.el8.s390x", "8Base-RHOSE-4.3:s390utils-iucvterm-debuginfo-2:2.6.0-23.el8.s390x", "8Base-RHOSE-4.3:s390utils-mon_statd-2:2.6.0-23.el8.s390x", "8Base-RHOSE-4.3:s390utils-mon_statd-debuginfo-2:2.6.0-23.el8.s390x", "8Base-RHOSE-4.3:s390utils-osasnmpd-2:2.6.0-23.el8.s390x", "8Base-RHOSE-4.3:s390utils-osasnmpd-debuginfo-2:2.6.0-23.el8.s390x", "8Base-RHOSE-4.3:s390utils-zdsfs-2:2.6.0-23.el8.s390x", "8Base-RHOSE-4.3:s390utils-zdsfs-debuginfo-2:2.6.0-23.el8.s390x", "8Base-RHOSE-4.3:s390utils-ziomon-2:2.6.0-23.el8.s390x", "8Base-RHOSE-4.3:s390utils-ziomon-debuginfo-2:2.6.0-23.el8.s390x" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2020-2163" }, { "category": "external", "summary": "RHBZ#1819222", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1819222" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2020-2163", "url": "https://www.cve.org/CVERecord?id=CVE-2020-2163" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-2163", "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-2163" }, { "category": "external", "summary": "https://jenkins.io/security/advisory/2020-03-25/#SECURITY-1796", "url": "https://jenkins.io/security/advisory/2020-03-25/#SECURITY-1796" } ], "release_date": "2020-03-26T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-06-17T19:44:05+00:00", "details": "For OpenShift Container Platform 4.3 see the following documentation, which\nwill be updated shortly for release 4.3.25, for important instructions on\nhow to upgrade your cluster and fully apply this asynchronous errata\nupdate:\n\nhttps://docs.openshift.com/container-platform/4.3/release_notes/ocp-4-3-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.3/updating/updating-cluster-cli.html.", "product_ids": [ "7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-1:4.3.25-202006081518.git.1.52b3a66.el7.ppc64le", "7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-1:4.3.25-202006081518.git.1.52b3a66.el7.s390x", "7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-1:4.3.25-202006081518.git.1.52b3a66.el7.src", "7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-1:4.3.25-202006081518.git.1.52b3a66.el7.x86_64", "7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-svcat-1:4.3.25-202006081518.git.1.52b3a66.el7.ppc64le", "7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-svcat-1:4.3.25-202006081518.git.1.52b3a66.el7.s390x", "7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-svcat-1:4.3.25-202006081518.git.1.52b3a66.el7.x86_64", "7Server-RH7-RHOSE-4.3:atomic-openshift-service-idler-0:4.3.25-202006081518.git.1.79365c5.el7.ppc64le", "7Server-RH7-RHOSE-4.3:atomic-openshift-service-idler-0:4.3.25-202006081518.git.1.79365c5.el7.s390x", "7Server-RH7-RHOSE-4.3:atomic-openshift-service-idler-0:4.3.25-202006081518.git.1.79365c5.el7.src", "7Server-RH7-RHOSE-4.3:atomic-openshift-service-idler-0:4.3.25-202006081518.git.1.79365c5.el7.x86_64", "7Server-RH7-RHOSE-4.3:conmon-2:2.0.17-1.rhaos4.3.el7.ppc64le", "7Server-RH7-RHOSE-4.3:conmon-2:2.0.17-1.rhaos4.3.el7.s390x", "7Server-RH7-RHOSE-4.3:conmon-2:2.0.17-1.rhaos4.3.el7.src", "7Server-RH7-RHOSE-4.3:conmon-2:2.0.17-1.rhaos4.3.el7.x86_64", "7Server-RH7-RHOSE-4.3:cri-o-0:1.16.6-15.dev.rhaos4.3.gitebc053b.el7.ppc64le", "7Server-RH7-RHOSE-4.3:cri-o-0:1.16.6-15.dev.rhaos4.3.gitebc053b.el7.s390x", "7Server-RH7-RHOSE-4.3:cri-o-0:1.16.6-15.dev.rhaos4.3.gitebc053b.el7.src", "7Server-RH7-RHOSE-4.3:cri-o-0:1.16.6-15.dev.rhaos4.3.gitebc053b.el7.x86_64", "7Server-RH7-RHOSE-4.3:cri-o-debuginfo-0:1.16.6-15.dev.rhaos4.3.gitebc053b.el7.ppc64le", "7Server-RH7-RHOSE-4.3:cri-o-debuginfo-0:1.16.6-15.dev.rhaos4.3.gitebc053b.el7.s390x", "7Server-RH7-RHOSE-4.3:cri-o-debuginfo-0:1.16.6-15.dev.rhaos4.3.gitebc053b.el7.x86_64", "7Server-RH7-RHOSE-4.3:jenkins-0:2.222.1.1591349991-1.el7.noarch", "7Server-RH7-RHOSE-4.3:jenkins-0:2.222.1.1591349991-1.el7.src", "7Server-RH7-RHOSE-4.3:openshift-0:4.3.25-202006060952.git.1.96c30f6.el7.src", "7Server-RH7-RHOSE-4.3:openshift-ansible-0:4.3.25-202006060952.git.1.1253fde.el7.noarch", "7Server-RH7-RHOSE-4.3:openshift-ansible-0:4.3.25-202006060952.git.1.1253fde.el7.src", "7Server-RH7-RHOSE-4.3:openshift-ansible-test-0:4.3.25-202006060952.git.1.1253fde.el7.noarch", "7Server-RH7-RHOSE-4.3:openshift-clients-0:4.3.25-202006060952.git.1.fd93102.el7.ppc64le", "7Server-RH7-RHOSE-4.3:openshift-clients-0:4.3.25-202006060952.git.1.fd93102.el7.s390x", "7Server-RH7-RHOSE-4.3:openshift-clients-0:4.3.25-202006060952.git.1.fd93102.el7.src", "7Server-RH7-RHOSE-4.3:openshift-clients-0:4.3.25-202006060952.git.1.fd93102.el7.x86_64", "7Server-RH7-RHOSE-4.3:openshift-clients-redistributable-0:4.3.25-202006060952.git.1.fd93102.el7.x86_64", "7Server-RH7-RHOSE-4.3:openshift-hyperkube-0:4.3.25-202006060952.git.1.96c30f6.el7.ppc64le", "7Server-RH7-RHOSE-4.3:openshift-hyperkube-0:4.3.25-202006060952.git.1.96c30f6.el7.s390x", "7Server-RH7-RHOSE-4.3:openshift-hyperkube-0:4.3.25-202006060952.git.1.96c30f6.el7.x86_64", "8Base-RHOSE-4.3:conmon-2:2.0.17-1.rhaos4.3.el8.ppc64le", "8Base-RHOSE-4.3:conmon-2:2.0.17-1.rhaos4.3.el8.s390x", "8Base-RHOSE-4.3:conmon-2:2.0.17-1.rhaos4.3.el8.src", "8Base-RHOSE-4.3:conmon-2:2.0.17-1.rhaos4.3.el8.x86_64", "8Base-RHOSE-4.3:cri-o-0:1.16.6-15.dev.rhaos4.3.gitebc053b.el8.ppc64le", "8Base-RHOSE-4.3:cri-o-0:1.16.6-15.dev.rhaos4.3.gitebc053b.el8.s390x", "8Base-RHOSE-4.3:cri-o-0:1.16.6-15.dev.rhaos4.3.gitebc053b.el8.src", "8Base-RHOSE-4.3:cri-o-0:1.16.6-15.dev.rhaos4.3.gitebc053b.el8.x86_64", "8Base-RHOSE-4.3:cri-o-debuginfo-0:1.16.6-15.dev.rhaos4.3.gitebc053b.el8.ppc64le", "8Base-RHOSE-4.3:cri-o-debuginfo-0:1.16.6-15.dev.rhaos4.3.gitebc053b.el8.s390x", "8Base-RHOSE-4.3:cri-o-debuginfo-0:1.16.6-15.dev.rhaos4.3.gitebc053b.el8.x86_64", "8Base-RHOSE-4.3:cri-o-debugsource-0:1.16.6-15.dev.rhaos4.3.gitebc053b.el8.ppc64le", "8Base-RHOSE-4.3:cri-o-debugsource-0:1.16.6-15.dev.rhaos4.3.gitebc053b.el8.s390x", "8Base-RHOSE-4.3:cri-o-debugsource-0:1.16.6-15.dev.rhaos4.3.gitebc053b.el8.x86_64", "8Base-RHOSE-4.3:machine-config-daemon-0:4.3.25-202006081518.git.1.478b31a.el8.ppc64le", "8Base-RHOSE-4.3:machine-config-daemon-0:4.3.25-202006081518.git.1.478b31a.el8.s390x", "8Base-RHOSE-4.3:machine-config-daemon-0:4.3.25-202006081518.git.1.478b31a.el8.src", "8Base-RHOSE-4.3:machine-config-daemon-0:4.3.25-202006081518.git.1.478b31a.el8.x86_64", "8Base-RHOSE-4.3:openshift-0:4.3.25-202006060952.git.1.96c30f6.el8.src", "8Base-RHOSE-4.3:openshift-clients-0:4.3.25-202006060952.git.1.fd93102.el8.ppc64le", "8Base-RHOSE-4.3:openshift-clients-0:4.3.25-202006060952.git.1.fd93102.el8.s390x", "8Base-RHOSE-4.3:openshift-clients-0:4.3.25-202006060952.git.1.fd93102.el8.src", "8Base-RHOSE-4.3:openshift-clients-0:4.3.25-202006060952.git.1.fd93102.el8.x86_64", "8Base-RHOSE-4.3:openshift-clients-redistributable-0:4.3.25-202006060952.git.1.fd93102.el8.x86_64", "8Base-RHOSE-4.3:openshift-hyperkube-0:4.3.25-202006060952.git.1.96c30f6.el8.ppc64le", "8Base-RHOSE-4.3:openshift-hyperkube-0:4.3.25-202006060952.git.1.96c30f6.el8.s390x", "8Base-RHOSE-4.3:openshift-hyperkube-0:4.3.25-202006060952.git.1.96c30f6.el8.x86_64", "8Base-RHOSE-4.3:openshift-kuryr-0:4.3.25-202006081518.git.1.240b401.el8.src", "8Base-RHOSE-4.3:openshift-kuryr-cni-0:4.3.25-202006081518.git.1.240b401.el8.noarch", "8Base-RHOSE-4.3:openshift-kuryr-common-0:4.3.25-202006081518.git.1.240b401.el8.noarch", "8Base-RHOSE-4.3:openshift-kuryr-controller-0:4.3.25-202006081518.git.1.240b401.el8.noarch", "8Base-RHOSE-4.3:python3-kuryr-kubernetes-0:4.3.25-202006081518.git.1.240b401.el8.noarch", "8Base-RHOSE-4.3:s390utils-2:2.6.0-23.el8.s390x", "8Base-RHOSE-4.3:s390utils-2:2.6.0-23.el8.src", "8Base-RHOSE-4.3:s390utils-base-2:2.6.0-23.el8.s390x", "8Base-RHOSE-4.3:s390utils-base-debuginfo-2:2.6.0-23.el8.s390x", "8Base-RHOSE-4.3:s390utils-cmsfs-2:2.6.0-23.el8.s390x", "8Base-RHOSE-4.3:s390utils-cmsfs-debuginfo-2:2.6.0-23.el8.s390x", "8Base-RHOSE-4.3:s390utils-cmsfs-fuse-2:2.6.0-23.el8.s390x", "8Base-RHOSE-4.3:s390utils-cmsfs-fuse-debuginfo-2:2.6.0-23.el8.s390x", "8Base-RHOSE-4.3:s390utils-cpacfstatsd-2:2.6.0-23.el8.s390x", "8Base-RHOSE-4.3:s390utils-cpacfstatsd-debuginfo-2:2.6.0-23.el8.s390x", "8Base-RHOSE-4.3:s390utils-cpuplugd-2:2.6.0-23.el8.s390x", "8Base-RHOSE-4.3:s390utils-cpuplugd-debuginfo-2:2.6.0-23.el8.s390x", "8Base-RHOSE-4.3:s390utils-debuginfo-2:2.6.0-23.el8.s390x", "8Base-RHOSE-4.3:s390utils-debugsource-2:2.6.0-23.el8.s390x", "8Base-RHOSE-4.3:s390utils-devel-2:2.6.0-23.el8.s390x", "8Base-RHOSE-4.3:s390utils-hmcdrvfs-2:2.6.0-23.el8.s390x", "8Base-RHOSE-4.3:s390utils-hmcdrvfs-debuginfo-2:2.6.0-23.el8.s390x", "8Base-RHOSE-4.3:s390utils-iucvterm-2:2.6.0-23.el8.s390x", "8Base-RHOSE-4.3:s390utils-iucvterm-debuginfo-2:2.6.0-23.el8.s390x", "8Base-RHOSE-4.3:s390utils-mon_statd-2:2.6.0-23.el8.s390x", "8Base-RHOSE-4.3:s390utils-mon_statd-debuginfo-2:2.6.0-23.el8.s390x", "8Base-RHOSE-4.3:s390utils-osasnmpd-2:2.6.0-23.el8.s390x", "8Base-RHOSE-4.3:s390utils-osasnmpd-debuginfo-2:2.6.0-23.el8.s390x", "8Base-RHOSE-4.3:s390utils-zdsfs-2:2.6.0-23.el8.s390x", "8Base-RHOSE-4.3:s390utils-zdsfs-debuginfo-2:2.6.0-23.el8.s390x", "8Base-RHOSE-4.3:s390utils-ziomon-2:2.6.0-23.el8.s390x", "8Base-RHOSE-4.3:s390utils-ziomon-debuginfo-2:2.6.0-23.el8.s390x" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHBA-2020:2435" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", "version": "3.1" }, "products": [ "7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-1:4.3.25-202006081518.git.1.52b3a66.el7.ppc64le", "7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-1:4.3.25-202006081518.git.1.52b3a66.el7.s390x", "7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-1:4.3.25-202006081518.git.1.52b3a66.el7.src", "7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-1:4.3.25-202006081518.git.1.52b3a66.el7.x86_64", "7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-svcat-1:4.3.25-202006081518.git.1.52b3a66.el7.ppc64le", "7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-svcat-1:4.3.25-202006081518.git.1.52b3a66.el7.s390x", "7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-svcat-1:4.3.25-202006081518.git.1.52b3a66.el7.x86_64", "7Server-RH7-RHOSE-4.3:atomic-openshift-service-idler-0:4.3.25-202006081518.git.1.79365c5.el7.ppc64le", "7Server-RH7-RHOSE-4.3:atomic-openshift-service-idler-0:4.3.25-202006081518.git.1.79365c5.el7.s390x", "7Server-RH7-RHOSE-4.3:atomic-openshift-service-idler-0:4.3.25-202006081518.git.1.79365c5.el7.src", "7Server-RH7-RHOSE-4.3:atomic-openshift-service-idler-0:4.3.25-202006081518.git.1.79365c5.el7.x86_64", "7Server-RH7-RHOSE-4.3:conmon-2:2.0.17-1.rhaos4.3.el7.ppc64le", "7Server-RH7-RHOSE-4.3:conmon-2:2.0.17-1.rhaos4.3.el7.s390x", "7Server-RH7-RHOSE-4.3:conmon-2:2.0.17-1.rhaos4.3.el7.src", "7Server-RH7-RHOSE-4.3:conmon-2:2.0.17-1.rhaos4.3.el7.x86_64", "7Server-RH7-RHOSE-4.3:cri-o-0:1.16.6-15.dev.rhaos4.3.gitebc053b.el7.ppc64le", "7Server-RH7-RHOSE-4.3:cri-o-0:1.16.6-15.dev.rhaos4.3.gitebc053b.el7.s390x", "7Server-RH7-RHOSE-4.3:cri-o-0:1.16.6-15.dev.rhaos4.3.gitebc053b.el7.src", "7Server-RH7-RHOSE-4.3:cri-o-0:1.16.6-15.dev.rhaos4.3.gitebc053b.el7.x86_64", "7Server-RH7-RHOSE-4.3:cri-o-debuginfo-0:1.16.6-15.dev.rhaos4.3.gitebc053b.el7.ppc64le", "7Server-RH7-RHOSE-4.3:cri-o-debuginfo-0:1.16.6-15.dev.rhaos4.3.gitebc053b.el7.s390x", "7Server-RH7-RHOSE-4.3:cri-o-debuginfo-0:1.16.6-15.dev.rhaos4.3.gitebc053b.el7.x86_64", "7Server-RH7-RHOSE-4.3:jenkins-0:2.222.1.1591349991-1.el7.noarch", "7Server-RH7-RHOSE-4.3:jenkins-0:2.222.1.1591349991-1.el7.src", "7Server-RH7-RHOSE-4.3:openshift-0:4.3.25-202006060952.git.1.96c30f6.el7.src", "7Server-RH7-RHOSE-4.3:openshift-ansible-0:4.3.25-202006060952.git.1.1253fde.el7.noarch", "7Server-RH7-RHOSE-4.3:openshift-ansible-0:4.3.25-202006060952.git.1.1253fde.el7.src", "7Server-RH7-RHOSE-4.3:openshift-ansible-test-0:4.3.25-202006060952.git.1.1253fde.el7.noarch", "7Server-RH7-RHOSE-4.3:openshift-clients-0:4.3.25-202006060952.git.1.fd93102.el7.ppc64le", "7Server-RH7-RHOSE-4.3:openshift-clients-0:4.3.25-202006060952.git.1.fd93102.el7.s390x", "7Server-RH7-RHOSE-4.3:openshift-clients-0:4.3.25-202006060952.git.1.fd93102.el7.src", "7Server-RH7-RHOSE-4.3:openshift-clients-0:4.3.25-202006060952.git.1.fd93102.el7.x86_64", "7Server-RH7-RHOSE-4.3:openshift-clients-redistributable-0:4.3.25-202006060952.git.1.fd93102.el7.x86_64", "7Server-RH7-RHOSE-4.3:openshift-hyperkube-0:4.3.25-202006060952.git.1.96c30f6.el7.ppc64le", "7Server-RH7-RHOSE-4.3:openshift-hyperkube-0:4.3.25-202006060952.git.1.96c30f6.el7.s390x", "7Server-RH7-RHOSE-4.3:openshift-hyperkube-0:4.3.25-202006060952.git.1.96c30f6.el7.x86_64", "8Base-RHOSE-4.3:conmon-2:2.0.17-1.rhaos4.3.el8.ppc64le", "8Base-RHOSE-4.3:conmon-2:2.0.17-1.rhaos4.3.el8.s390x", "8Base-RHOSE-4.3:conmon-2:2.0.17-1.rhaos4.3.el8.src", "8Base-RHOSE-4.3:conmon-2:2.0.17-1.rhaos4.3.el8.x86_64", "8Base-RHOSE-4.3:cri-o-0:1.16.6-15.dev.rhaos4.3.gitebc053b.el8.ppc64le", "8Base-RHOSE-4.3:cri-o-0:1.16.6-15.dev.rhaos4.3.gitebc053b.el8.s390x", "8Base-RHOSE-4.3:cri-o-0:1.16.6-15.dev.rhaos4.3.gitebc053b.el8.src", "8Base-RHOSE-4.3:cri-o-0:1.16.6-15.dev.rhaos4.3.gitebc053b.el8.x86_64", "8Base-RHOSE-4.3:cri-o-debuginfo-0:1.16.6-15.dev.rhaos4.3.gitebc053b.el8.ppc64le", "8Base-RHOSE-4.3:cri-o-debuginfo-0:1.16.6-15.dev.rhaos4.3.gitebc053b.el8.s390x", "8Base-RHOSE-4.3:cri-o-debuginfo-0:1.16.6-15.dev.rhaos4.3.gitebc053b.el8.x86_64", "8Base-RHOSE-4.3:cri-o-debugsource-0:1.16.6-15.dev.rhaos4.3.gitebc053b.el8.ppc64le", "8Base-RHOSE-4.3:cri-o-debugsource-0:1.16.6-15.dev.rhaos4.3.gitebc053b.el8.s390x", "8Base-RHOSE-4.3:cri-o-debugsource-0:1.16.6-15.dev.rhaos4.3.gitebc053b.el8.x86_64", "8Base-RHOSE-4.3:machine-config-daemon-0:4.3.25-202006081518.git.1.478b31a.el8.ppc64le", "8Base-RHOSE-4.3:machine-config-daemon-0:4.3.25-202006081518.git.1.478b31a.el8.s390x", "8Base-RHOSE-4.3:machine-config-daemon-0:4.3.25-202006081518.git.1.478b31a.el8.src", "8Base-RHOSE-4.3:machine-config-daemon-0:4.3.25-202006081518.git.1.478b31a.el8.x86_64", "8Base-RHOSE-4.3:openshift-0:4.3.25-202006060952.git.1.96c30f6.el8.src", "8Base-RHOSE-4.3:openshift-clients-0:4.3.25-202006060952.git.1.fd93102.el8.ppc64le", "8Base-RHOSE-4.3:openshift-clients-0:4.3.25-202006060952.git.1.fd93102.el8.s390x", "8Base-RHOSE-4.3:openshift-clients-0:4.3.25-202006060952.git.1.fd93102.el8.src", "8Base-RHOSE-4.3:openshift-clients-0:4.3.25-202006060952.git.1.fd93102.el8.x86_64", "8Base-RHOSE-4.3:openshift-clients-redistributable-0:4.3.25-202006060952.git.1.fd93102.el8.x86_64", "8Base-RHOSE-4.3:openshift-hyperkube-0:4.3.25-202006060952.git.1.96c30f6.el8.ppc64le", "8Base-RHOSE-4.3:openshift-hyperkube-0:4.3.25-202006060952.git.1.96c30f6.el8.s390x", "8Base-RHOSE-4.3:openshift-hyperkube-0:4.3.25-202006060952.git.1.96c30f6.el8.x86_64", "8Base-RHOSE-4.3:openshift-kuryr-0:4.3.25-202006081518.git.1.240b401.el8.src", "8Base-RHOSE-4.3:openshift-kuryr-cni-0:4.3.25-202006081518.git.1.240b401.el8.noarch", "8Base-RHOSE-4.3:openshift-kuryr-common-0:4.3.25-202006081518.git.1.240b401.el8.noarch", "8Base-RHOSE-4.3:openshift-kuryr-controller-0:4.3.25-202006081518.git.1.240b401.el8.noarch", "8Base-RHOSE-4.3:python3-kuryr-kubernetes-0:4.3.25-202006081518.git.1.240b401.el8.noarch", "8Base-RHOSE-4.3:s390utils-2:2.6.0-23.el8.s390x", "8Base-RHOSE-4.3:s390utils-2:2.6.0-23.el8.src", "8Base-RHOSE-4.3:s390utils-base-2:2.6.0-23.el8.s390x", "8Base-RHOSE-4.3:s390utils-base-debuginfo-2:2.6.0-23.el8.s390x", "8Base-RHOSE-4.3:s390utils-cmsfs-2:2.6.0-23.el8.s390x", "8Base-RHOSE-4.3:s390utils-cmsfs-debuginfo-2:2.6.0-23.el8.s390x", "8Base-RHOSE-4.3:s390utils-cmsfs-fuse-2:2.6.0-23.el8.s390x", "8Base-RHOSE-4.3:s390utils-cmsfs-fuse-debuginfo-2:2.6.0-23.el8.s390x", "8Base-RHOSE-4.3:s390utils-cpacfstatsd-2:2.6.0-23.el8.s390x", "8Base-RHOSE-4.3:s390utils-cpacfstatsd-debuginfo-2:2.6.0-23.el8.s390x", "8Base-RHOSE-4.3:s390utils-cpuplugd-2:2.6.0-23.el8.s390x", "8Base-RHOSE-4.3:s390utils-cpuplugd-debuginfo-2:2.6.0-23.el8.s390x", "8Base-RHOSE-4.3:s390utils-debuginfo-2:2.6.0-23.el8.s390x", "8Base-RHOSE-4.3:s390utils-debugsource-2:2.6.0-23.el8.s390x", "8Base-RHOSE-4.3:s390utils-devel-2:2.6.0-23.el8.s390x", "8Base-RHOSE-4.3:s390utils-hmcdrvfs-2:2.6.0-23.el8.s390x", "8Base-RHOSE-4.3:s390utils-hmcdrvfs-debuginfo-2:2.6.0-23.el8.s390x", "8Base-RHOSE-4.3:s390utils-iucvterm-2:2.6.0-23.el8.s390x", "8Base-RHOSE-4.3:s390utils-iucvterm-debuginfo-2:2.6.0-23.el8.s390x", "8Base-RHOSE-4.3:s390utils-mon_statd-2:2.6.0-23.el8.s390x", "8Base-RHOSE-4.3:s390utils-mon_statd-debuginfo-2:2.6.0-23.el8.s390x", "8Base-RHOSE-4.3:s390utils-osasnmpd-2:2.6.0-23.el8.s390x", "8Base-RHOSE-4.3:s390utils-osasnmpd-debuginfo-2:2.6.0-23.el8.s390x", "8Base-RHOSE-4.3:s390utils-zdsfs-2:2.6.0-23.el8.s390x", "8Base-RHOSE-4.3:s390utils-zdsfs-debuginfo-2:2.6.0-23.el8.s390x", "8Base-RHOSE-4.3:s390utils-ziomon-2:2.6.0-23.el8.s390x", "8Base-RHOSE-4.3:s390utils-ziomon-debuginfo-2:2.6.0-23.el8.s390x" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "jenkins: improperly processes HTML content of list leads to XSS" } ] }
gsd-2020-2162
Vulnerability from gsd
{ "GSD": { "alias": "CVE-2020-2162", "description": "Jenkins 2.227 and earlier, LTS 2.204.5 and earlier does not set Content-Security-Policy headers for files uploaded as file parameters to a build, resulting in a stored XSS vulnerability.", "id": "GSD-2020-2162", "references": [ "https://access.redhat.com/errata/RHBA-2020:2477", "https://access.redhat.com/errata/RHBA-2020:2444", "https://access.redhat.com/errata/RHBA-2020:2435" ] }, "gsd": { "metadata": { "exploitCode": "unknown", "remediation": "unknown", "reportConfidence": "confirmed", "type": "vulnerability" }, "osvSchema": { "aliases": [ "CVE-2020-2162" ], "details": "Jenkins 2.227 and earlier, LTS 2.204.5 and earlier does not set Content-Security-Policy headers for files uploaded as file parameters to a build, resulting in a stored XSS vulnerability.", "id": "GSD-2020-2162", "modified": "2023-12-13T01:21:50.857150Z", "schema_version": "1.4.0" } }, "namespaces": { "cve.org": { "CVE_data_meta": { "ASSIGNER": "jenkinsci-cert@googlegroups.com", "ID": "CVE-2020-2162", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Jenkins", "version": { "version_data": [ { "version_affected": "\u003c=", "version_name": "unspecified", "version_value": "2.227" } ] } } ] }, "vendor_name": "Jenkins project" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Jenkins 2.227 and earlier, LTS 2.204.5 and earlier does not set Content-Security-Policy headers for files uploaded as file parameters to a build, resulting in a stored XSS vulnerability." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "https://jenkins.io/security/advisory/2020-03-25/#SECURITY-1793", "refsource": "MISC", "url": "https://jenkins.io/security/advisory/2020-03-25/#SECURITY-1793" }, { "name": "http://www.openwall.com/lists/oss-security/2020/03/25/2", "refsource": "MISC", "url": "http://www.openwall.com/lists/oss-security/2020/03/25/2" } ] } }, "gitlab.com": { "advisories": [ { "affected_range": "[0,2.227]", "affected_versions": "All versions up to 2.227", "cvss_v2": "AV:N/AC:M/Au:S/C:N/I:P/A:N", "cvss_v3": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", "cwe_ids": [ "CWE-1035", "CWE-79", "CWE-937" ], "date": "2020-03-27", "description": "Jenkins does not set ```Content-Security-Policy``` headers for files uploaded as file parameters to a build, resulting in a stored XSS vulnerability.", "fixed_versions": [ "2.228" ], "identifier": "CVE-2020-2162", "identifiers": [ "CVE-2020-2162" ], "not_impacted": "All versions after 2.227", "package_slug": "maven/org.jenkins-ci.main/jenkins-core", "pubdate": "2020-03-25", "solution": "Upgrade to version 2.228 or above.", "title": "Cross-site Scripting", "urls": [ "https://nvd.nist.gov/vuln/detail/CVE-2020-2162", "https://jenkins.io/security/advisory/2020-03-25/#SECURITY-1793" ], "uuid": "c780708c-885b-400d-9669-25478eccc8cb" } ] }, "nvd.nist.gov": { "configurations": { "CVE_data_version": "4.0", "nodes": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:jenkins:jenkins:*:*:*:*:lts:*:*:*", "cpe_name": [], "versionEndIncluding": "2.204.5", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:jenkins:jenkins:*:*:*:*:-:*:*:*", "cpe_name": [], "versionEndIncluding": "2.227", "vulnerable": true } ], "operator": "OR" } ] }, "cve": { "CVE_data_meta": { "ASSIGNER": "jenkinsci-cert@googlegroups.com", "ID": "CVE-2020-2162" }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "en", "value": "Jenkins 2.227 and earlier, LTS 2.204.5 and earlier does not set Content-Security-Policy headers for files uploaded as file parameters to a build, resulting in a stored XSS vulnerability." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "en", "value": "CWE-79" } ] } ] }, "references": { "reference_data": [ { "name": "https://jenkins.io/security/advisory/2020-03-25/#SECURITY-1793", "refsource": "CONFIRM", "tags": [ "Vendor Advisory" ], "url": "https://jenkins.io/security/advisory/2020-03-25/#SECURITY-1793" }, { "name": "[oss-security] 20200325 Multiple vulnerabilities in Jenkins and Jenkins plugins", "refsource": "MLIST", "tags": [ "Mailing List", "Third Party Advisory" ], "url": "http://www.openwall.com/lists/oss-security/2020/03/25/2" } ] } }, "impact": { "baseMetricV2": { "acInsufInfo": false, "cvssV2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "NONE", "baseScore": 3.5, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N", "version": "2.0" }, "exploitabilityScore": 6.8, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "LOW", "userInteractionRequired": true }, "baseMetricV3": { "cvssV3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", "version": "3.1" }, "exploitabilityScore": 2.3, "impactScore": 2.7 } }, "lastModifiedDate": "2023-11-02T21:11Z", "publishedDate": "2020-03-25T17:15Z" } } }
ghsa-crg2-6xv3-qg5f
Vulnerability from github
Jenkins 2.227 and earlier, LTS 2.204.5 and earlier served files uploaded as file parameters to a build without specifying appropriate Content-Security-Policy HTTP
headers. This resulted in a stored cross-site scripting (XSS) vulnerability exploitable by users with permissions to build a job with file parameters.\n\nJenkins now sets Content-Security-Policy
HTTP headers when serving files uploaded via a file parameter to the same value as used for files in workspaces and archived artifacts not served using the Resource Root URL.\n\nThe system property hudson.model.DirectoryBrowserSupport.CSP
can be set to override the value of Content-Security-Policy
headers sent when serving these files. This is the same system property used for files in workspaces and archived artifacts unless those are served via the Resource Root URL and works the same way for file parameters. See Configuring Content Security Policy to learn more.\n\nEven when Jenkins is configured to serve files in workspaces and archived artifacts using the Resource Root URL (introduced in Jenkins 2.200), file parameters are not, and therefore still subject to Content-Security-Policy
restrictions.
{ "affected": [ { "database_specific": { "last_known_affected_version_range": "\u003c= 2.204.5" }, "package": { "ecosystem": "Maven", "name": "org.jenkins-ci.main:jenkins-core" }, "ranges": [ { "events": [ { "introduced": "0" }, { "fixed": "2.228" } ], "type": "ECOSYSTEM" } ] }, { "database_specific": { "last_known_affected_version_range": "\u003c= 2.227" }, "package": { "ecosystem": "Maven", "name": "org.jenkins-ci.main:jenkins-core" }, "ranges": [ { "events": [ { "introduced": "2.204.6" }, { "fixed": "2.228" } ], "type": "ECOSYSTEM" } ] } ], "aliases": [ "CVE-2020-2162" ], "database_specific": { "cwe_ids": [ "CWE-79" ], "github_reviewed": true, "github_reviewed_at": "2022-06-24T00:58:29Z", "nvd_published_at": "2020-03-25T17:15:00Z", "severity": "MODERATE" }, "details": "Jenkins 2.227 and earlier, LTS 2.204.5 and earlier served files uploaded as file parameters to a build without specifying appropriate `Content-Security-Policy HTTP` headers. This resulted in a stored cross-site scripting (XSS) vulnerability exploitable by users with permissions to build a job with file parameters.\\n\\nJenkins now sets `Content-Security-Policy` HTTP headers when serving files uploaded via a file parameter to the same value as used for files in workspaces and archived artifacts not served using the Resource Root URL.\\n\\nThe system property `hudson.model.DirectoryBrowserSupport.CSP` can be set to override the value of `Content-Security-Policy` headers sent when serving these files. This is the same system property used for files in workspaces and archived artifacts unless those are served via the [Resource Root URL](https://www.jenkins.io/doc/upgrade-guide/2.204/#resource-domain-support) and works the same way for file parameters. See [Configuring Content Security Policy](https://www.jenkins.io/doc/book/security/configuring-content-security-policy) to learn more.\\n\\nEven when Jenkins is configured to serve files in workspaces and archived artifacts using the Resource Root URL (introduced in Jenkins 2.200), file parameters are not, and therefore still subject to `Content-Security-Policy` restrictions.", "id": "GHSA-crg2-6xv3-qg5f", "modified": "2022-12-22T05:25:16Z", "published": "2022-05-24T17:12:40Z", "references": [ { "type": "ADVISORY", "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-2162" }, { "type": "WEB", "url": "https://github.com/jenkinsci/jenkins/commit/c2d22b241eba718c62996e2ceeb5f2e0e9787f81" }, { "type": "PACKAGE", "url": "https://github.com/jenkinsci/jenkins" }, { "type": "WEB", "url": "https://jenkins.io/security/advisory/2020-03-25/#SECURITY-1793" }, { "type": "WEB", "url": "http://www.openwall.com/lists/oss-security/2020/03/25/2" } ], "schema_version": "1.4.0", "severity": [ { "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", "type": "CVSS_V3" } ], "summary": "Improper Neutralization of Input During Web Page Generation in Jenkins" }
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.