Action not permitted
Modal body text goes here.
cve-2020-27813
Vulnerability from cvelistv5
Published
2020-12-02 00:00
Modified
2024-08-04 16:25
Severity
Summary
An integer overflow vulnerability exists with the length of websocket frames received via a websocket connection. An attacker would use this flaw to cause a denial of service attack on an HTTP Server allowing websocket connections.
References
| Source | URL | Tags |
|---|---|---|
| secalert@redhat.com | https://bugzilla.redhat.com/show_bug.cgi?id=1902111 | Issue Tracking, Third Party Advisory |
| secalert@redhat.com | https://github.com/gorilla/websocket/security/advisories/GHSA-jf24-p9p9-4rjh | Third Party Advisory |
| secalert@redhat.com | https://lists.debian.org/debian-lts-announce/2021/01/msg00008.html | Mailing List, Third Party Advisory |
| secalert@redhat.com | https://lists.debian.org/debian-lts-announce/2023/05/msg00012.html |
Impacted products
| Vendor | Product |
|---|---|
| n/a | golang-github-gorilla-websocket |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T16:25:44.139Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1902111"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/gorilla/websocket/security/advisories/GHSA-jf24-p9p9-4rjh"
},
{
"name": "[debian-lts-announce] 20210106 [SECURITY] [DLA 2520-1] golang-websocket security update",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2021/01/msg00008.html"
},
{
"name": "[debian-lts-announce] 20230513 [SECURITY] [DLA 3420-1] golang-websocket security update",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/05/msg00012.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "golang-github-gorilla-websocket",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "github.com/gorilla/websocket v1.4.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An integer overflow vulnerability exists with the length of websocket frames received via a websocket connection. An attacker would use this flaw to cause a denial of service attack on an HTTP Server allowing websocket connections."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-190",
"description": "CWE-190-\u003eCWE-400",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-05-14T00:00:00",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1902111"
},
{
"url": "https://github.com/gorilla/websocket/security/advisories/GHSA-jf24-p9p9-4rjh"
},
{
"name": "[debian-lts-announce] 20210106 [SECURITY] [DLA 2520-1] golang-websocket security update",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2021/01/msg00008.html"
},
{
"name": "[debian-lts-announce] 20230513 [SECURITY] [DLA 3420-1] golang-websocket security update",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/05/msg00012.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2020-27813",
"datePublished": "2020-12-02T00:00:00",
"dateReserved": "2020-10-27T00:00:00",
"dateUpdated": "2024-08-04T16:25:44.139Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2020-27813\",\"sourceIdentifier\":\"secalert@redhat.com\",\"published\":\"2020-12-02T01:15:12.780\",\"lastModified\":\"2023-11-07T03:21:01.617\",\"vulnStatus\":\"Modified\",\"descriptions\":[{\"lang\":\"en\",\"value\":\"An integer overflow vulnerability exists with the length of websocket frames received via a websocket connection. An attacker would use this flaw to cause a denial of service attack on an HTTP Server allowing websocket connections.\"},{\"lang\":\"es\",\"value\":\"Se presenta una vulnerabilidad de desbordamiento de enteros con la longitud de las tramas de websocket recibidos por medio de una conexi\u00f3n de websocket.\u0026#xa0;Un atacante podr\u00eda usar este fallo para causar un ataque de denegaci\u00f3n de servicio en un Servidor HTTP permitiendo conexiones websocket\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:N/I:N/A:P\",\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"PARTIAL\",\"baseScore\":5.0},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":10.0,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-190\"},{\"lang\":\"en\",\"value\":\"CWE-400\"}]},{\"source\":\"secalert@redhat.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-190\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gorillatoolkit:websocket:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"1.4.1\",\"matchCriteriaId\":\"352B9531-5BB0-4C4D-9A9F-6E2B27A0B2C0\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DEECE5FC-CACF-4496-A3E7-164736409252\"}]}]}],\"references\":[{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=1902111\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Issue Tracking\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/gorilla/websocket/security/advisories/GHSA-jf24-p9p9-4rjh\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2021/01/msg00008.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2023/05/msg00012.html\",\"source\":\"secalert@redhat.com\"}]}}"
}
}
rhsa-2021_0187
Vulnerability from csaf_redhat
Published
2021-01-19 13:27
Modified
2024-09-14 00:41
Summary
Red Hat Security Advisory: OpenShift Virtualization 2.5.3 security and bug fix update
Notes
Topic
Red Hat OpenShift Virtualization release 2.5.3 is now available with updates to packages and images that fix several bugs and security issues.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
OpenShift Virtualization is Red Hat's virtualization solution designed for Red Hat OpenShift Container Platform.
This advisory contains the following OpenShift Virtualization 2.5.3 images:
RHEL-7-CNV-2.5
==============
kubevirt-ssp-operator-container-v2.5.3-2
RHEL-8-CNV-2.5
==============
virtio-win-container-v2.5.3-4
hostpath-provisioner-container-v2.5.3-3
kubevirt-kvm-info-nfd-plugin-container-v2.5.3-2
kubevirt-template-validator-container-v2.5.3-4
kubevirt-cpu-model-nfd-plugin-container-v2.5.3-1
kubevirt-metrics-collector-container-v2.5.3-3
cnv-containernetworking-plugins-container-v2.5.3-2
kubemacpool-container-v2.5.3-2
hostpath-provisioner-operator-container-v2.5.3-3
kubevirt-cpu-node-labeller-container-v2.5.3-3
node-maintenance-operator-container-v2.5.3-2
ovs-cni-marker-container-v2.5.3-2
kubernetes-nmstate-handler-container-v2.5.3-2
cluster-network-addons-operator-container-v2.5.3-3
ovs-cni-plugin-container-v2.5.3-2
bridge-marker-container-v2.5.3-2
kubevirt-v2v-conversion-container-v2.5.3-2
hyperconverged-cluster-operator-container-v2.5.3-3
kubevirt-vmware-container-v2.5.3-2
cnv-must-gather-container-v2.5.3-2
virt-api-container-v2.5.3-2
virt-handler-container-v2.5.3-2
virt-controller-container-v2.5.3-2
virt-launcher-container-v2.5.3-2
virt-operator-container-v2.5.3-2
virt-cdi-cloner-container-v2.5.3-4
virt-cdi-importer-container-v2.5.3-4
virt-cdi-controller-container-v2.5.3-4
virt-cdi-apiserver-container-v2.5.3-4
virt-cdi-operator-container-v2.5.3-4
virt-cdi-uploadserver-container-v2.5.3-4
virt-cdi-uploadproxy-container-v2.5.3-4
vm-import-operator-container-v2.5.3-4
vm-import-controller-container-v2.5.3-4
vm-import-virtv2v-container-v2.5.3-4
hco-bundle-registry-container-v2.5.3-80
Security Fix(es):
* golang-github-gorilla-websocket: integer overflow leads to denial of service (CVE-2020-27813)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Bug Fix(es):
* Container-native Virtualization 2.5.3 Images (BZ#1902961)
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_vex",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Red Hat OpenShift Virtualization release 2.5.3 is now available with updates to packages and images that fix several bugs and security issues.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "OpenShift Virtualization is Red Hat\u0027s virtualization solution designed for Red Hat OpenShift Container Platform.\n\nThis advisory contains the following OpenShift Virtualization 2.5.3 images:\n\nRHEL-7-CNV-2.5\n==============\nkubevirt-ssp-operator-container-v2.5.3-2\n\nRHEL-8-CNV-2.5\n==============\nvirtio-win-container-v2.5.3-4\nhostpath-provisioner-container-v2.5.3-3\nkubevirt-kvm-info-nfd-plugin-container-v2.5.3-2\nkubevirt-template-validator-container-v2.5.3-4\nkubevirt-cpu-model-nfd-plugin-container-v2.5.3-1\nkubevirt-metrics-collector-container-v2.5.3-3\ncnv-containernetworking-plugins-container-v2.5.3-2\nkubemacpool-container-v2.5.3-2\nhostpath-provisioner-operator-container-v2.5.3-3\nkubevirt-cpu-node-labeller-container-v2.5.3-3\nnode-maintenance-operator-container-v2.5.3-2\novs-cni-marker-container-v2.5.3-2\nkubernetes-nmstate-handler-container-v2.5.3-2\ncluster-network-addons-operator-container-v2.5.3-3\novs-cni-plugin-container-v2.5.3-2\nbridge-marker-container-v2.5.3-2\nkubevirt-v2v-conversion-container-v2.5.3-2\nhyperconverged-cluster-operator-container-v2.5.3-3\nkubevirt-vmware-container-v2.5.3-2\ncnv-must-gather-container-v2.5.3-2\nvirt-api-container-v2.5.3-2\nvirt-handler-container-v2.5.3-2\nvirt-controller-container-v2.5.3-2\nvirt-launcher-container-v2.5.3-2\nvirt-operator-container-v2.5.3-2\nvirt-cdi-cloner-container-v2.5.3-4\nvirt-cdi-importer-container-v2.5.3-4\nvirt-cdi-controller-container-v2.5.3-4\nvirt-cdi-apiserver-container-v2.5.3-4\nvirt-cdi-operator-container-v2.5.3-4\nvirt-cdi-uploadserver-container-v2.5.3-4\nvirt-cdi-uploadproxy-container-v2.5.3-4\nvm-import-operator-container-v2.5.3-4\nvm-import-controller-container-v2.5.3-4\nvm-import-virtv2v-container-v2.5.3-4\nhco-bundle-registry-container-v2.5.3-80\n\nSecurity Fix(es):\n\n* golang-github-gorilla-websocket: integer overflow leads to denial of service (CVE-2020-27813)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nBug Fix(es):\n\n* Container-native Virtualization 2.5.3 Images (BZ#1902961)",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat offerings.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2021:0187",
"url": "https://access.redhat.com/errata/RHSA-2021:0187"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "1902111",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1902111"
},
{
"category": "external",
"summary": "1902961",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1902961"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/data/csaf/v2/advisories/2021/rhsa-2021_0187.json"
}
],
"title": "Red Hat Security Advisory: OpenShift Virtualization 2.5.3 security and bug fix update",
"tracking": {
"current_release_date": "2024-09-14T00:41:57+00:00",
"generator": {
"date": "2024-09-14T00:41:57+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "3.33.3"
}
},
"id": "RHSA-2021:0187",
"initial_release_date": "2021-01-19T13:27:30+00:00",
"revision_history": [
{
"date": "2021-01-19T13:27:30+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2021-01-19T13:27:30+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-09-14T00:41:57+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "CNV 2.5 for RHEL 8",
"product": {
"name": "CNV 2.5 for RHEL 8",
"product_id": "8Base-CNV-2.5",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:container_native_virtualization:2.5::el8"
}
}
}
],
"category": "product_family",
"name": "OpenShift Virtualization"
},
{
"branches": [
{
"category": "product_version",
"name": "container-native-virtualization/kubevirt-cpu-model-nfd-plugin@sha256:610b53c8005bc88a0ebdc5a97e9284e48005e1b939f6952e4c5d0738827529c8_amd64",
"product": {
"name": "container-native-virtualization/kubevirt-cpu-model-nfd-plugin@sha256:610b53c8005bc88a0ebdc5a97e9284e48005e1b939f6952e4c5d0738827529c8_amd64",
"product_id": "container-native-virtualization/kubevirt-cpu-model-nfd-plugin@sha256:610b53c8005bc88a0ebdc5a97e9284e48005e1b939f6952e4c5d0738827529c8_amd64",
"product_identification_helper": {
"purl": "pkg:oci/kubevirt-cpu-model-nfd-plugin@sha256:610b53c8005bc88a0ebdc5a97e9284e48005e1b939f6952e4c5d0738827529c8?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/kubevirt-cpu-model-nfd-plugin\u0026tag=v2.5.3-1"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/kubevirt-cpu-node-labeller@sha256:53fd0c287fd1f502059615daf22fac2cdc50a3dc819b6af7afb9b4c68a0fc3a5_amd64",
"product": {
"name": "container-native-virtualization/kubevirt-cpu-node-labeller@sha256:53fd0c287fd1f502059615daf22fac2cdc50a3dc819b6af7afb9b4c68a0fc3a5_amd64",
"product_id": "container-native-virtualization/kubevirt-cpu-node-labeller@sha256:53fd0c287fd1f502059615daf22fac2cdc50a3dc819b6af7afb9b4c68a0fc3a5_amd64",
"product_identification_helper": {
"purl": "pkg:oci/kubevirt-cpu-node-labeller@sha256:53fd0c287fd1f502059615daf22fac2cdc50a3dc819b6af7afb9b4c68a0fc3a5?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/kubevirt-cpu-node-labeller\u0026tag=v2.5.3-3"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/kubevirt-kvm-info-nfd-plugin@sha256:d8231c1d06d7275b826bdd791ee119d9775023a96563286e144e2c084b5540ca_amd64",
"product": {
"name": "container-native-virtualization/kubevirt-kvm-info-nfd-plugin@sha256:d8231c1d06d7275b826bdd791ee119d9775023a96563286e144e2c084b5540ca_amd64",
"product_id": "container-native-virtualization/kubevirt-kvm-info-nfd-plugin@sha256:d8231c1d06d7275b826bdd791ee119d9775023a96563286e144e2c084b5540ca_amd64",
"product_identification_helper": {
"purl": "pkg:oci/kubevirt-kvm-info-nfd-plugin@sha256:d8231c1d06d7275b826bdd791ee119d9775023a96563286e144e2c084b5540ca?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/kubevirt-kvm-info-nfd-plugin\u0026tag=v2.5.3-2"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/vm-import-controller-rhel8@sha256:7b134cb7b06fde80c8acf0e84a24d5c2d07f180c936b7d580a16ddc72dc437fd_amd64",
"product": {
"name": "container-native-virtualization/vm-import-controller-rhel8@sha256:7b134cb7b06fde80c8acf0e84a24d5c2d07f180c936b7d580a16ddc72dc437fd_amd64",
"product_id": "container-native-virtualization/vm-import-controller-rhel8@sha256:7b134cb7b06fde80c8acf0e84a24d5c2d07f180c936b7d580a16ddc72dc437fd_amd64",
"product_identification_helper": {
"purl": "pkg:oci/vm-import-controller-rhel8@sha256:7b134cb7b06fde80c8acf0e84a24d5c2d07f180c936b7d580a16ddc72dc437fd?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/vm-import-controller-rhel8\u0026tag=v2.5.3-4"
}
}
}
],
"category": "architecture",
"name": "amd64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/kubevirt-cpu-model-nfd-plugin@sha256:610b53c8005bc88a0ebdc5a97e9284e48005e1b939f6952e4c5d0738827529c8_amd64 as a component of CNV 2.5 for RHEL 8",
"product_id": "8Base-CNV-2.5:container-native-virtualization/kubevirt-cpu-model-nfd-plugin@sha256:610b53c8005bc88a0ebdc5a97e9284e48005e1b939f6952e4c5d0738827529c8_amd64"
},
"product_reference": "container-native-virtualization/kubevirt-cpu-model-nfd-plugin@sha256:610b53c8005bc88a0ebdc5a97e9284e48005e1b939f6952e4c5d0738827529c8_amd64",
"relates_to_product_reference": "8Base-CNV-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/kubevirt-cpu-node-labeller@sha256:53fd0c287fd1f502059615daf22fac2cdc50a3dc819b6af7afb9b4c68a0fc3a5_amd64 as a component of CNV 2.5 for RHEL 8",
"product_id": "8Base-CNV-2.5:container-native-virtualization/kubevirt-cpu-node-labeller@sha256:53fd0c287fd1f502059615daf22fac2cdc50a3dc819b6af7afb9b4c68a0fc3a5_amd64"
},
"product_reference": "container-native-virtualization/kubevirt-cpu-node-labeller@sha256:53fd0c287fd1f502059615daf22fac2cdc50a3dc819b6af7afb9b4c68a0fc3a5_amd64",
"relates_to_product_reference": "8Base-CNV-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/kubevirt-kvm-info-nfd-plugin@sha256:d8231c1d06d7275b826bdd791ee119d9775023a96563286e144e2c084b5540ca_amd64 as a component of CNV 2.5 for RHEL 8",
"product_id": "8Base-CNV-2.5:container-native-virtualization/kubevirt-kvm-info-nfd-plugin@sha256:d8231c1d06d7275b826bdd791ee119d9775023a96563286e144e2c084b5540ca_amd64"
},
"product_reference": "container-native-virtualization/kubevirt-kvm-info-nfd-plugin@sha256:d8231c1d06d7275b826bdd791ee119d9775023a96563286e144e2c084b5540ca_amd64",
"relates_to_product_reference": "8Base-CNV-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/vm-import-controller-rhel8@sha256:7b134cb7b06fde80c8acf0e84a24d5c2d07f180c936b7d580a16ddc72dc437fd_amd64 as a component of CNV 2.5 for RHEL 8",
"product_id": "8Base-CNV-2.5:container-native-virtualization/vm-import-controller-rhel8@sha256:7b134cb7b06fde80c8acf0e84a24d5c2d07f180c936b7d580a16ddc72dc437fd_amd64"
},
"product_reference": "container-native-virtualization/vm-import-controller-rhel8@sha256:7b134cb7b06fde80c8acf0e84a24d5c2d07f180c936b7d580a16ddc72dc437fd_amd64",
"relates_to_product_reference": "8Base-CNV-2.5"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2020-27813",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2020-11-27T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-CNV-2.5:container-native-virtualization/kubevirt-cpu-model-nfd-plugin@sha256:610b53c8005bc88a0ebdc5a97e9284e48005e1b939f6952e4c5d0738827529c8_amd64",
"8Base-CNV-2.5:container-native-virtualization/kubevirt-cpu-node-labeller@sha256:53fd0c287fd1f502059615daf22fac2cdc50a3dc819b6af7afb9b4c68a0fc3a5_amd64",
"8Base-CNV-2.5:container-native-virtualization/kubevirt-kvm-info-nfd-plugin@sha256:d8231c1d06d7275b826bdd791ee119d9775023a96563286e144e2c084b5540ca_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1902111"
}
],
"notes": [
{
"category": "description",
"text": "An integer overflow vulnerability exists with the length of websocket frames received via a websocket connection. An attacker could use this flaw to cause a denial of service attack on an HTTP Server allowing websocket connections.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang-github-gorilla-websocket: integer overflow leads to denial of service",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-CNV-2.5:container-native-virtualization/vm-import-controller-rhel8@sha256:7b134cb7b06fde80c8acf0e84a24d5c2d07f180c936b7d580a16ddc72dc437fd_amd64"
],
"known_not_affected": [
"8Base-CNV-2.5:container-native-virtualization/kubevirt-cpu-model-nfd-plugin@sha256:610b53c8005bc88a0ebdc5a97e9284e48005e1b939f6952e4c5d0738827529c8_amd64",
"8Base-CNV-2.5:container-native-virtualization/kubevirt-cpu-node-labeller@sha256:53fd0c287fd1f502059615daf22fac2cdc50a3dc819b6af7afb9b4c68a0fc3a5_amd64",
"8Base-CNV-2.5:container-native-virtualization/kubevirt-kvm-info-nfd-plugin@sha256:d8231c1d06d7275b826bdd791ee119d9775023a96563286e144e2c084b5540ca_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-27813"
},
{
"category": "external",
"summary": "RHBZ#1902111",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1902111"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-27813",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-27813"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-27813",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-27813"
},
{
"category": "external",
"summary": "https://github.com/gorilla/websocket/security/advisories/GHSA-jf24-p9p9-4rjh",
"url": "https://github.com/gorilla/websocket/security/advisories/GHSA-jf24-p9p9-4rjh"
}
],
"release_date": "2019-08-25T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-CNV-2.5:container-native-virtualization/vm-import-controller-rhel8@sha256:7b134cb7b06fde80c8acf0e84a24d5c2d07f180c936b7d580a16ddc72dc437fd_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:0187"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-CNV-2.5:container-native-virtualization/vm-import-controller-rhel8@sha256:7b134cb7b06fde80c8acf0e84a24d5c2d07f180c936b7d580a16ddc72dc437fd_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang-github-gorilla-websocket: integer overflow leads to denial of service"
}
]
}
rhsa-2020_5364
Vulnerability from csaf_redhat
Published
2021-02-24 18:14
Modified
2024-09-14 00:42
Summary
Red Hat Security Advisory: OpenShift Container Platform 4.7 low-latency extras security and bug fix update
Notes
Topic
An update for cnf-tests-container, dpdk-base-container, performance-addon-operator-bundle-registry-container, performance-addon-operator-container, and performance-addon-operator-must-gather-rhel8-container is now available for Red Hat OpenShift Container Platform 4.7.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat OpenShift Container Platform is Red Hat's cloud computing
Kubernetes application platform solution designed for on-premise or private
cloud deployments.
This advisory contains the extra low-latency container images for Red Hat
OpenShift Container Platform 4.7. See the following advisory for the
container images for this release:
https://access.redhat.com/errata/RHSA-2020:5633
Security Fix(es):
* golang-github-gorilla-websocket: integer overflow leads to denial of service (CVE-2020-27813)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Bug Fix(es):
* Configuring the system with non-RT kernel will hang the system (BZ#1923220)
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_vex",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for cnf-tests-container, dpdk-base-container, performance-addon-operator-bundle-registry-container, performance-addon-operator-container, and performance-addon-operator-must-gather-rhel8-container is now available for Red Hat OpenShift Container Platform 4.7.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat OpenShift Container Platform is Red Hat\u0027s cloud computing\nKubernetes application platform solution designed for on-premise or private\ncloud deployments.\n\nThis advisory contains the extra low-latency container images for Red Hat\nOpenShift Container Platform 4.7. See the following advisory for the\ncontainer images for this release:\n\nhttps://access.redhat.com/errata/RHSA-2020:5633\n\nSecurity Fix(es):\n\n* golang-github-gorilla-websocket: integer overflow leads to denial of service (CVE-2020-27813)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nBug Fix(es):\n\n* Configuring the system with non-RT kernel will hang the system (BZ#1923220)",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat offerings.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2020:5364",
"url": "https://access.redhat.com/errata/RHSA-2020:5364"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "1902111",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1902111"
},
{
"category": "external",
"summary": "CNF-802",
"url": "https://issues.redhat.com/browse/CNF-802"
},
{
"category": "external",
"summary": "CNF-854",
"url": "https://issues.redhat.com/browse/CNF-854"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/data/csaf/v2/advisories/2021/rhsa-2020_5364.json"
}
],
"title": "Red Hat Security Advisory: OpenShift Container Platform 4.7 low-latency extras security and bug fix update",
"tracking": {
"current_release_date": "2024-09-14T00:42:16+00:00",
"generator": {
"date": "2024-09-14T00:42:16+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "3.33.3"
}
},
"id": "RHSA-2020:5364",
"initial_release_date": "2021-02-24T18:14:01+00:00",
"revision_history": [
{
"date": "2021-02-24T18:14:01+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2021-02-24T18:14:01+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-09-14T00:42:16+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat OpenShift Container Platform 4.7",
"product": {
"name": "Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift:4.7::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenShift Enterprise"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift4/cnf-tests-rhel8@sha256:94278f913832813b9c13858e787225bd3509f1119154e3bcb3526b8fe7afcd4e_amd64",
"product": {
"name": "openshift4/cnf-tests-rhel8@sha256:94278f913832813b9c13858e787225bd3509f1119154e3bcb3526b8fe7afcd4e_amd64",
"product_id": "openshift4/cnf-tests-rhel8@sha256:94278f913832813b9c13858e787225bd3509f1119154e3bcb3526b8fe7afcd4e_amd64",
"product_identification_helper": {
"purl": "pkg:oci/cnf-tests-rhel8@sha256:94278f913832813b9c13858e787225bd3509f1119154e3bcb3526b8fe7afcd4e?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/cnf-tests-rhel8\u0026tag=v4.7.0-34"
}
}
},
{
"category": "product_version",
"name": "openshift4/dpdk-base-rhel8@sha256:5469123407735ca1efa36204ca058cac61cf20c0ba36ad85f93e266a0e32e4eb_amd64",
"product": {
"name": "openshift4/dpdk-base-rhel8@sha256:5469123407735ca1efa36204ca058cac61cf20c0ba36ad85f93e266a0e32e4eb_amd64",
"product_id": "openshift4/dpdk-base-rhel8@sha256:5469123407735ca1efa36204ca058cac61cf20c0ba36ad85f93e266a0e32e4eb_amd64",
"product_identification_helper": {
"purl": "pkg:oci/dpdk-base-rhel8@sha256:5469123407735ca1efa36204ca058cac61cf20c0ba36ad85f93e266a0e32e4eb?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/dpdk-base-rhel8\u0026tag=v4.7.0"
}
}
},
{
"category": "product_version",
"name": "openshift4/performance-addon-operator-bundle-registry-container-rhel8@sha256:f801ddf5f7660f498f9f4b50ae09ec46e76a1d162b4b83b5b24249b9ce5377a1_amd64",
"product": {
"name": "openshift4/performance-addon-operator-bundle-registry-container-rhel8@sha256:f801ddf5f7660f498f9f4b50ae09ec46e76a1d162b4b83b5b24249b9ce5377a1_amd64",
"product_id": "openshift4/performance-addon-operator-bundle-registry-container-rhel8@sha256:f801ddf5f7660f498f9f4b50ae09ec46e76a1d162b4b83b5b24249b9ce5377a1_amd64",
"product_identification_helper": {
"purl": "pkg:oci/performance-addon-operator-bundle-registry-container-rhel8@sha256:f801ddf5f7660f498f9f4b50ae09ec46e76a1d162b4b83b5b24249b9ce5377a1?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/performance-addon-operator-bundle-registry-container-rhel8\u0026tag=v4.7.0-612"
}
}
},
{
"category": "product_version",
"name": "openshift4/performance-addon-rhel8-operator@sha256:61174281eafbb4d66cd2e18465a58b28315305a1c8ef666259de75d1a4e700f6_amd64",
"product": {
"name": "openshift4/performance-addon-rhel8-operator@sha256:61174281eafbb4d66cd2e18465a58b28315305a1c8ef666259de75d1a4e700f6_amd64",
"product_id": "openshift4/performance-addon-rhel8-operator@sha256:61174281eafbb4d66cd2e18465a58b28315305a1c8ef666259de75d1a4e700f6_amd64",
"product_identification_helper": {
"purl": "pkg:oci/performance-addon-rhel8-operator@sha256:61174281eafbb4d66cd2e18465a58b28315305a1c8ef666259de75d1a4e700f6?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/performance-addon-rhel8-operator\u0026tag=v4.7.0-30"
}
}
},
{
"category": "product_version",
"name": "openshift4/performance-addon-operator-must-gather-rhel8@sha256:83faec56cf606b2a6fb7d05bbd2d9d24379c7543b985ec1666eba8cec37f960e_amd64",
"product": {
"name": "openshift4/performance-addon-operator-must-gather-rhel8@sha256:83faec56cf606b2a6fb7d05bbd2d9d24379c7543b985ec1666eba8cec37f960e_amd64",
"product_id": "openshift4/performance-addon-operator-must-gather-rhel8@sha256:83faec56cf606b2a6fb7d05bbd2d9d24379c7543b985ec1666eba8cec37f960e_amd64",
"product_identification_helper": {
"purl": "pkg:oci/performance-addon-operator-must-gather-rhel8@sha256:83faec56cf606b2a6fb7d05bbd2d9d24379c7543b985ec1666eba8cec37f960e?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/performance-addon-operator-must-gather-rhel8\u0026tag=v4.7.0-72"
}
}
}
],
"category": "architecture",
"name": "amd64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/cnf-tests-rhel8@sha256:94278f913832813b9c13858e787225bd3509f1119154e3bcb3526b8fe7afcd4e_amd64 as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/cnf-tests-rhel8@sha256:94278f913832813b9c13858e787225bd3509f1119154e3bcb3526b8fe7afcd4e_amd64"
},
"product_reference": "openshift4/cnf-tests-rhel8@sha256:94278f913832813b9c13858e787225bd3509f1119154e3bcb3526b8fe7afcd4e_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/dpdk-base-rhel8@sha256:5469123407735ca1efa36204ca058cac61cf20c0ba36ad85f93e266a0e32e4eb_amd64 as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/dpdk-base-rhel8@sha256:5469123407735ca1efa36204ca058cac61cf20c0ba36ad85f93e266a0e32e4eb_amd64"
},
"product_reference": "openshift4/dpdk-base-rhel8@sha256:5469123407735ca1efa36204ca058cac61cf20c0ba36ad85f93e266a0e32e4eb_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/performance-addon-operator-bundle-registry-container-rhel8@sha256:f801ddf5f7660f498f9f4b50ae09ec46e76a1d162b4b83b5b24249b9ce5377a1_amd64 as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/performance-addon-operator-bundle-registry-container-rhel8@sha256:f801ddf5f7660f498f9f4b50ae09ec46e76a1d162b4b83b5b24249b9ce5377a1_amd64"
},
"product_reference": "openshift4/performance-addon-operator-bundle-registry-container-rhel8@sha256:f801ddf5f7660f498f9f4b50ae09ec46e76a1d162b4b83b5b24249b9ce5377a1_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/performance-addon-operator-must-gather-rhel8@sha256:83faec56cf606b2a6fb7d05bbd2d9d24379c7543b985ec1666eba8cec37f960e_amd64 as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/performance-addon-operator-must-gather-rhel8@sha256:83faec56cf606b2a6fb7d05bbd2d9d24379c7543b985ec1666eba8cec37f960e_amd64"
},
"product_reference": "openshift4/performance-addon-operator-must-gather-rhel8@sha256:83faec56cf606b2a6fb7d05bbd2d9d24379c7543b985ec1666eba8cec37f960e_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/performance-addon-rhel8-operator@sha256:61174281eafbb4d66cd2e18465a58b28315305a1c8ef666259de75d1a4e700f6_amd64 as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/performance-addon-rhel8-operator@sha256:61174281eafbb4d66cd2e18465a58b28315305a1c8ef666259de75d1a4e700f6_amd64"
},
"product_reference": "openshift4/performance-addon-rhel8-operator@sha256:61174281eafbb4d66cd2e18465a58b28315305a1c8ef666259de75d1a4e700f6_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.7"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2020-27813",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2020-11-27T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1902111"
}
],
"notes": [
{
"category": "description",
"text": "An integer overflow vulnerability exists with the length of websocket frames received via a websocket connection. An attacker could use this flaw to cause a denial of service attack on an HTTP Server allowing websocket connections.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang-github-gorilla-websocket: integer overflow leads to denial of service",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-4.7:openshift4/cnf-tests-rhel8@sha256:94278f913832813b9c13858e787225bd3509f1119154e3bcb3526b8fe7afcd4e_amd64",
"8Base-RHOSE-4.7:openshift4/dpdk-base-rhel8@sha256:5469123407735ca1efa36204ca058cac61cf20c0ba36ad85f93e266a0e32e4eb_amd64",
"8Base-RHOSE-4.7:openshift4/performance-addon-operator-bundle-registry-container-rhel8@sha256:f801ddf5f7660f498f9f4b50ae09ec46e76a1d162b4b83b5b24249b9ce5377a1_amd64",
"8Base-RHOSE-4.7:openshift4/performance-addon-operator-must-gather-rhel8@sha256:83faec56cf606b2a6fb7d05bbd2d9d24379c7543b985ec1666eba8cec37f960e_amd64",
"8Base-RHOSE-4.7:openshift4/performance-addon-rhel8-operator@sha256:61174281eafbb4d66cd2e18465a58b28315305a1c8ef666259de75d1a4e700f6_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-27813"
},
{
"category": "external",
"summary": "RHBZ#1902111",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1902111"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-27813",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-27813"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-27813",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-27813"
},
{
"category": "external",
"summary": "https://github.com/gorilla/websocket/security/advisories/GHSA-jf24-p9p9-4rjh",
"url": "https://github.com/gorilla/websocket/security/advisories/GHSA-jf24-p9p9-4rjh"
}
],
"release_date": "2019-08-25T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "For OpenShift Container Platform 4.7 see the following documentation, which\nwill be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.7/release_notes/ocp-4-7-release-notes.html",
"product_ids": [
"8Base-RHOSE-4.7:openshift4/cnf-tests-rhel8@sha256:94278f913832813b9c13858e787225bd3509f1119154e3bcb3526b8fe7afcd4e_amd64",
"8Base-RHOSE-4.7:openshift4/dpdk-base-rhel8@sha256:5469123407735ca1efa36204ca058cac61cf20c0ba36ad85f93e266a0e32e4eb_amd64",
"8Base-RHOSE-4.7:openshift4/performance-addon-operator-bundle-registry-container-rhel8@sha256:f801ddf5f7660f498f9f4b50ae09ec46e76a1d162b4b83b5b24249b9ce5377a1_amd64",
"8Base-RHOSE-4.7:openshift4/performance-addon-operator-must-gather-rhel8@sha256:83faec56cf606b2a6fb7d05bbd2d9d24379c7543b985ec1666eba8cec37f960e_amd64",
"8Base-RHOSE-4.7:openshift4/performance-addon-rhel8-operator@sha256:61174281eafbb4d66cd2e18465a58b28315305a1c8ef666259de75d1a4e700f6_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:5364"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RHOSE-4.7:openshift4/cnf-tests-rhel8@sha256:94278f913832813b9c13858e787225bd3509f1119154e3bcb3526b8fe7afcd4e_amd64",
"8Base-RHOSE-4.7:openshift4/dpdk-base-rhel8@sha256:5469123407735ca1efa36204ca058cac61cf20c0ba36ad85f93e266a0e32e4eb_amd64",
"8Base-RHOSE-4.7:openshift4/performance-addon-operator-bundle-registry-container-rhel8@sha256:f801ddf5f7660f498f9f4b50ae09ec46e76a1d162b4b83b5b24249b9ce5377a1_amd64",
"8Base-RHOSE-4.7:openshift4/performance-addon-operator-must-gather-rhel8@sha256:83faec56cf606b2a6fb7d05bbd2d9d24379c7543b985ec1666eba8cec37f960e_amd64",
"8Base-RHOSE-4.7:openshift4/performance-addon-rhel8-operator@sha256:61174281eafbb4d66cd2e18465a58b28315305a1c8ef666259de75d1a4e700f6_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang-github-gorilla-websocket: integer overflow leads to denial of service"
}
]
}
rhsa-2020_5633
Vulnerability from csaf_redhat
Published
2021-02-24 15:09
Modified
2021-03-02 01:59
Summary
Red Hat Security Advisory: OpenShift Container Platform 4.7.0 security, bug fix, and enhancement update
Notes
Topic
Red Hat OpenShift Container Platform release 4.7.0 is now available.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat OpenShift Container Platform is Red Hat's cloud computing
Kubernetes application platform solution designed for on-premise or private
cloud deployments.
This advisory contains the container images for Red Hat OpenShift Container
Platform 4.7.0. See the following advisory for the RPM packages for this
release:
https://access.redhat.com/errata/RHSA-2020:5634
Space precludes documenting all of the container images in this advisory. See the following Release Notes documentation, which will be updated shortly for this release, for details about these changes:
https://docs.openshift.com/container-platform/4.7/release_notes/ocp-4-7-release-notes.html
You may download the oc tool and use it to inspect release image metadata as follows:
(For x86_64 architecture)
$ oc adm release info quay.io/openshift-release-dev/ocp-release:4.7.0-x86_64
The image digest is sha256:d74b1cfa81f8c9cc23336aee72d8ae9c9905e62c4874b071317a078c316f8a70
(For s390x architecture)
$ oc adm release info quay.io/openshift-release-dev/ocp-release:4.7.0-s390x
The image digest is sha256:a68ca03d87496ddfea0ac26b82af77231583a58a7836b95de85efe5e390ad45d
(For ppc64le architecture)
$ oc adm release info quay.io/openshift-release-dev/ocp-release:4.7.0-ppc64le
The image digest is sha256:bc7b04e038c8ff3a33b827f4ee19aa79b26e14c359a7dcc1ced9f3b58e5f1ac6
All OpenShift Container Platform 4.7 users are advised to upgrade to these updated packages and images when they are available in the appropriate release channel. To check for available updates, use the OpenShift Console or the CLI oc command. Instructions for upgrading a cluster are available at https://docs.openshift.com/container-platform/4.7/updating/updating-cluster-between-minor.html#understanding-upgrade-channels_updating-cluster-between-minor.
Security Fix(es):
* crewjam/saml: authentication bypass in saml authentication (CVE-2020-27846)
* golang: crypto/ssh: crafted authentication request can lead to nil pointer dereference (CVE-2020-29652)
* gogo/protobuf: plugin/unmarshal/unmarshal.go lacks certain index validation (CVE-2021-3121)
* nodejs-y18n: prototype pollution vulnerability (CVE-2020-7774)
* kubernetes: Secret leaks in kube-controller-manager when using vSphere Provider (CVE-2020-8563)
* containernetworking/plugins: IPv6 router advertisements allow for MitM attacks on IPv4 clusters (CVE-2020-10749)
* heketi: gluster-block volume password details available in logs (CVE-2020-10763)
* golang.org/x/text: possibility to trigger an infinite loop in encoding/unicode could lead to crash (CVE-2020-14040)
* jwt-go: access restriction bypass vulnerability (CVE-2020-26160)
* golang-github-gorilla-websocket: integer overflow leads to denial of service (CVE-2020-27813)
* golang: math/big: panic during recursive division of very large numbers (CVE-2020-28362)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_vex",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 2023 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Red Hat OpenShift Container Platform release 4.7.0 is now available.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat OpenShift Container Platform is Red Hat\u0027s cloud computing\nKubernetes application platform solution designed for on-premise or private\ncloud deployments.\n\nThis advisory contains the container images for Red Hat OpenShift Container\nPlatform 4.7.0. See the following advisory for the RPM packages for this\nrelease:\n\nhttps://access.redhat.com/errata/RHSA-2020:5634\n\nSpace precludes documenting all of the container images in this advisory. See the following Release Notes documentation, which will be updated shortly for this release, for details about these changes:\n\nhttps://docs.openshift.com/container-platform/4.7/release_notes/ocp-4-7-release-notes.html\n\nYou may download the oc tool and use it to inspect release image metadata as follows:\n\n(For x86_64 architecture)\n\n $ oc adm release info quay.io/openshift-release-dev/ocp-release:4.7.0-x86_64\n\nThe image digest is sha256:d74b1cfa81f8c9cc23336aee72d8ae9c9905e62c4874b071317a078c316f8a70\n\n(For s390x architecture)\n\n $ oc adm release info quay.io/openshift-release-dev/ocp-release:4.7.0-s390x\n\nThe image digest is sha256:a68ca03d87496ddfea0ac26b82af77231583a58a7836b95de85efe5e390ad45d\n\n(For ppc64le architecture)\n\n $ oc adm release info quay.io/openshift-release-dev/ocp-release:4.7.0-ppc64le\n\nThe image digest is sha256:bc7b04e038c8ff3a33b827f4ee19aa79b26e14c359a7dcc1ced9f3b58e5f1ac6\n\nAll OpenShift Container Platform 4.7 users are advised to upgrade to these updated packages and images when they are available in the appropriate release channel. To check for available updates, use the OpenShift Console or the CLI oc command. Instructions for upgrading a cluster are available at https://docs.openshift.com/container-platform/4.7/updating/updating-cluster-between-minor.html#understanding-upgrade-channels_updating-cluster-between-minor.\n\nSecurity Fix(es):\n\n* crewjam/saml: authentication bypass in saml authentication (CVE-2020-27846)\n\n* golang: crypto/ssh: crafted authentication request can lead to nil pointer dereference (CVE-2020-29652)\n\n* gogo/protobuf: plugin/unmarshal/unmarshal.go lacks certain index validation (CVE-2021-3121)\n\n* nodejs-y18n: prototype pollution vulnerability (CVE-2020-7774)\n\n* kubernetes: Secret leaks in kube-controller-manager when using vSphere Provider (CVE-2020-8563)\n\n* containernetworking/plugins: IPv6 router advertisements allow for MitM attacks on IPv4 clusters (CVE-2020-10749)\n\n* heketi: gluster-block volume password details available in logs (CVE-2020-10763)\n\n* golang.org/x/text: possibility to trigger an infinite loop in encoding/unicode could lead to crash (CVE-2020-14040)\n\n* jwt-go: access restriction bypass vulnerability (CVE-2020-26160)\n\n* golang-github-gorilla-websocket: integer overflow leads to denial of service (CVE-2020-27813)\n\n* golang: math/big: panic during recursive division of very large numbers (CVE-2020-28362)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat offerings.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2020:5633",
"url": "https://access.redhat.com/errata/RHSA-2020:5633"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/data/csaf/v2/advisories/2021/rhsa-2020_5633.json"
}
],
"title": "Red Hat Security Advisory: OpenShift Container Platform 4.7.0 security, bug fix, and enhancement update",
"tracking": {
"current_release_date": "2021-03-02T01:59:00Z",
"generator": {
"date": "2023-07-01T04:39:00Z",
"engine": {
"name": "Red Hat SDEngine",
"version": "3.18.0"
}
},
"id": "RHSA-2020:5633",
"initial_release_date": "2021-02-24T15:09:00Z",
"revision_history": [
{
"date": "2021-03-02T01:59:00Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat OpenShift Container Platform 4.7",
"product": {
"name": "Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift:4.7::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenShift Enterprise"
},
{
"category": "product_version",
"name": "openshift4/egress-router-cni-rhel8:v4.7.0-202102130115.p0",
"product": {
"name": "openshift4/egress-router-cni-rhel8:v4.7.0-202102130115.p0",
"product_id": "openshift4/egress-router-cni-rhel8:v4.7.0-202102130115.p0"
}
},
{
"category": "product_version",
"name": "openshift4/ose-aws-ebs-csi-driver-rhel8-operator:v4.7.0-202102130115.p0",
"product": {
"name": "openshift4/ose-aws-ebs-csi-driver-rhel8-operator:v4.7.0-202102130115.p0",
"product_id": "openshift4/ose-aws-ebs-csi-driver-rhel8-operator:v4.7.0-202102130115.p0"
}
},
{
"category": "product_version",
"name": "openshift4/ose-aws-ebs-csi-driver-rhel8:v4.7.0-202102130115.p0",
"product": {
"name": "openshift4/ose-aws-ebs-csi-driver-rhel8:v4.7.0-202102130115.p0",
"product_id": "openshift4/ose-aws-ebs-csi-driver-rhel8:v4.7.0-202102130115.p0"
}
},
{
"category": "product_version",
"name": "openshift4/ose-aws-machine-controllers:v4.7.0-202102130115.p0",
"product": {
"name": "openshift4/ose-aws-machine-controllers:v4.7.0-202102130115.p0",
"product_id": "openshift4/ose-aws-machine-controllers:v4.7.0-202102130115.p0"
}
},
{
"category": "product_version",
"name": "openshift4/ose-aws-pod-identity-webhook-rhel8:v4.7.0-202102130115.p0",
"product": {
"name": "openshift4/ose-aws-pod-identity-webhook-rhel8:v4.7.0-202102130115.p0",
"product_id": "openshift4/ose-aws-pod-identity-webhook-rhel8:v4.7.0-202102130115.p0"
}
},
{
"category": "product_version",
"name": "openshift4/ose-azure-machine-controllers:v4.7.0-202102130115.p0",
"product": {
"name": "openshift4/ose-azure-machine-controllers:v4.7.0-202102130115.p0",
"product_id": "openshift4/ose-azure-machine-controllers:v4.7.0-202102130115.p0"
}
},
{
"category": "product_version",
"name": "openshift4/ose-baremetal-installer-rhel8:v4.7.0-202102130115.p0",
"product": {
"name": "openshift4/ose-baremetal-installer-rhel8:v4.7.0-202102130115.p0",
"product_id": "openshift4/ose-baremetal-installer-rhel8:v4.7.0-202102130115.p0"
}
},
{
"category": "product_version",
"name": "openshift4/ose-baremetal-machine-controllers:v4.7.0-202102130115.p0",
"product": {
"name": "openshift4/ose-baremetal-machine-controllers:v4.7.0-202102130115.p0",
"product_id": "openshift4/ose-baremetal-machine-controllers:v4.7.0-202102130115.p0"
}
},
{
"category": "product_version",
"name": "openshift4/ose-baremetal-rhel8-operator:v4.7.0-202102130115.p0",
"product": {
"name": "openshift4/ose-baremetal-rhel8-operator:v4.7.0-202102130115.p0",
"product_id": "openshift4/ose-baremetal-rhel8-operator:v4.7.0-202102130115.p0"
}
},
{
"category": "product_version",
"name": "openshift4/ose-baremetal-runtimecfg-rhel8:v4.7.0-202102130115.p0",
"product": {
"name": "openshift4/ose-baremetal-runtimecfg-rhel8:v4.7.0-202102130115.p0",
"product_id": "openshift4/ose-baremetal-runtimecfg-rhel8:v4.7.0-202102130115.p0"
}
},
{
"category": "product_version",
"name": "openshift4/ose-cli-artifacts:v4.7.0-202102130115.p0",
"product": {
"name": "openshift4/ose-cli-artifacts:v4.7.0-202102130115.p0",
"product_id": "openshift4/ose-cli-artifacts:v4.7.0-202102130115.p0"
}
},
{
"category": "product_version",
"name": "openshift4/ose-cli:v4.7.0-202102130115.p0",
"product": {
"name": "openshift4/ose-cli:v4.7.0-202102130115.p0",
"product_id": "openshift4/ose-cli:v4.7.0-202102130115.p0"
}
},
{
"category": "product_version",
"name": "openshift4/ose-cloud-credential-operator:v4.7.0-202102130115.p0",
"product": {
"name": "openshift4/ose-cloud-credential-operator:v4.7.0-202102130115.p0",
"product_id": "openshift4/ose-cloud-credential-operator:v4.7.0-202102130115.p0"
}
},
{
"category": "product_version",
"name": "openshift4/ose-cluster-authentication-operator:v4.7.0-202102130115.p0",
"product": {
"name": "openshift4/ose-cluster-authentication-operator:v4.7.0-202102130115.p0",
"product_id": "openshift4/ose-cluster-authentication-operator:v4.7.0-202102130115.p0"
}
},
{
"category": "product_version",
"name": "openshift4/ose-cluster-autoscaler-operator:v4.7.0-202102130115.p0",
"product": {
"name": "openshift4/ose-cluster-autoscaler-operator:v4.7.0-202102130115.p0",
"product_id": "openshift4/ose-cluster-autoscaler-operator:v4.7.0-202102130115.p0"
}
},
{
"category": "product_version",
"name": "openshift4/ose-cluster-autoscaler:v4.7.0-202102130115.p0",
"product": {
"name": "openshift4/ose-cluster-autoscaler:v4.7.0-202102130115.p0",
"product_id": "openshift4/ose-cluster-autoscaler:v4.7.0-202102130115.p0"
}
},
{
"category": "product_version",
"name": "openshift4/ose-cluster-baremetal-operator-rhel8:v4.7.0-202102130115.p0",
"product": {
"name": "openshift4/ose-cluster-baremetal-operator-rhel8:v4.7.0-202102130115.p0",
"product_id": "openshift4/ose-cluster-baremetal-operator-rhel8:v4.7.0-202102130115.p0"
}
},
{
"category": "product_version",
"name": "openshift4/ose-cluster-bootstrap:v4.7.0-202102130115.p0",
"product": {
"name": "openshift4/ose-cluster-bootstrap:v4.7.0-202102130115.p0",
"product_id": "openshift4/ose-cluster-bootstrap:v4.7.0-202102130115.p0"
}
},
{
"category": "product_version",
"name": "openshift4/ose-cluster-config-operator:v4.7.0-202102130115.p0",
"product": {
"name": "openshift4/ose-cluster-config-operator:v4.7.0-202102130115.p0",
"product_id": "openshift4/ose-cluster-config-operator:v4.7.0-202102130115.p0"
}
},
{
"category": "product_version",
"name": "openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator:v4.7.0-202102130115.p0",
"product": {
"name": "openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator:v4.7.0-202102130115.p0",
"product_id": "openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator:v4.7.0-202102130115.p0"
}
},
{
"category": "product_version",
"name": "openshift4/ose-cluster-dns-operator:v4.7.0-202102130115.p0",
"product": {
"name": "openshift4/ose-cluster-dns-operator:v4.7.0-202102130115.p0",
"product_id": "openshift4/ose-cluster-dns-operator:v4.7.0-202102130115.p0"
}
},
{
"category": "product_version",
"name": "openshift4/ose-cluster-etcd-rhel8-operator:v4.7.0-202102130115.p0",
"product": {
"name": "openshift4/ose-cluster-etcd-rhel8-operator:v4.7.0-202102130115.p0",
"product_id": "openshift4/ose-cluster-etcd-rhel8-operator:v4.7.0-202102130115.p0"
}
},
{
"category": "product_version",
"name": "openshift4/ose-cluster-image-registry-operator:v4.7.0-202102130115.p0",
"product": {
"name": "openshift4/ose-cluster-image-registry-operator:v4.7.0-202102130115.p0",
"product_id": "openshift4/ose-cluster-image-registry-operator:v4.7.0-202102130115.p0"
}
},
{
"category": "product_version",
"name": "openshift4/ose-cluster-ingress-operator:v4.7.0-202102130115.p0",
"product": {
"name": "openshift4/ose-cluster-ingress-operator:v4.7.0-202102130115.p0",
"product_id": "openshift4/ose-cluster-ingress-operator:v4.7.0-202102130115.p0"
}
},
{
"category": "product_version",
"name": "openshift4/ose-cluster-kube-apiserver-operator:v4.7.0-202102130115.p0",
"product": {
"name": "openshift4/ose-cluster-kube-apiserver-operator:v4.7.0-202102130115.p0",
"product_id": "openshift4/ose-cluster-kube-apiserver-operator:v4.7.0-202102130115.p0"
}
},
{
"category": "product_version",
"name": "openshift4/ose-cluster-kube-controller-manager-operator:v4.7.0-202102130115.p0",
"product": {
"name": "openshift4/ose-cluster-kube-controller-manager-operator:v4.7.0-202102130115.p0",
"product_id": "openshift4/ose-cluster-kube-controller-manager-operator:v4.7.0-202102130115.p0"
}
},
{
"category": "product_version",
"name": "openshift4/ose-cluster-kube-scheduler-operator:v4.7.0-202102130115.p0",
"product": {
"name": "openshift4/ose-cluster-kube-scheduler-operator:v4.7.0-202102130115.p0",
"product_id": "openshift4/ose-cluster-kube-scheduler-operator:v4.7.0-202102130115.p0"
}
},
{
"category": "product_version",
"name": "openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator:v4.7.0-202102130115.p0",
"product": {
"name": "openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator:v4.7.0-202102130115.p0",
"product_id": "openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator:v4.7.0-202102130115.p0"
}
},
{
"category": "product_version",
"name": "openshift4/ose-cluster-machine-approver:v4.7.0-202102130115.p0",
"product": {
"name": "openshift4/ose-cluster-machine-approver:v4.7.0-202102130115.p0",
"product_id": "openshift4/ose-cluster-machine-approver:v4.7.0-202102130115.p0"
}
},
{
"category": "product_version",
"name": "openshift4/ose-cluster-monitoring-operator:v4.7.0-202102172008.p0",
"product": {
"name": "openshift4/ose-cluster-monitoring-operator:v4.7.0-202102172008.p0",
"product_id": "openshift4/ose-cluster-monitoring-operator:v4.7.0-202102172008.p0"
}
},
{
"category": "product_version",
"name": "openshift4/ose-cluster-network-operator:v4.7.0-202102130115.p0",
"product": {
"name": "openshift4/ose-cluster-network-operator:v4.7.0-202102130115.p0",
"product_id": "openshift4/ose-cluster-network-operator:v4.7.0-202102130115.p0"
}
},
{
"category": "product_version",
"name": "openshift4/ose-cluster-node-tuning-operator:v4.7.0-202102130115.p0",
"product": {
"name": "openshift4/ose-cluster-node-tuning-operator:v4.7.0-202102130115.p0",
"product_id": "openshift4/ose-cluster-node-tuning-operator:v4.7.0-202102130115.p0"
}
},
{
"category": "product_version",
"name": "openshift4/ose-cluster-openshift-apiserver-operator:v4.7.0-202102130115.p0",
"product": {
"name": "openshift4/ose-cluster-openshift-apiserver-operator:v4.7.0-202102130115.p0",
"product_id": "openshift4/ose-cluster-openshift-apiserver-operator:v4.7.0-202102130115.p0"
}
},
{
"category": "product_version",
"name": "openshift4/ose-cluster-openshift-controller-manager-operator:v4.7.0-202102130115.p0",
"product": {
"name": "openshift4/ose-cluster-openshift-controller-manager-operator:v4.7.0-202102130115.p0",
"product_id": "openshift4/ose-cluster-openshift-controller-manager-operator:v4.7.0-202102130115.p0"
}
},
{
"category": "product_version",
"name": "openshift4/ose-cluster-policy-controller-rhel8:v4.7.0-202102130115.p0",
"product": {
"name": "openshift4/ose-cluster-policy-controller-rhel8:v4.7.0-202102130115.p0",
"product_id": "openshift4/ose-cluster-policy-controller-rhel8:v4.7.0-202102130115.p0"
}
},
{
"category": "product_version",
"name": "openshift4/ose-cluster-samples-operator:v4.7.0-202102130115.p0",
"product": {
"name": "openshift4/ose-cluster-samples-operator:v4.7.0-202102130115.p0",
"product_id": "openshift4/ose-cluster-samples-operator:v4.7.0-202102130115.p0"
}
},
{
"category": "product_version",
"name": "openshift4/ose-cluster-storage-operator:v4.7.0-202102130115.p0",
"product": {
"name": "openshift4/ose-cluster-storage-operator:v4.7.0-202102130115.p0",
"product_id": "openshift4/ose-cluster-storage-operator:v4.7.0-202102130115.p0"
}
},
{
"category": "product_version",
"name": "openshift4/ose-cluster-update-keys:v4.7.0-202102130115.p0",
"product": {
"name": "openshift4/ose-cluster-update-keys:v4.7.0-202102130115.p0",
"product_id": "openshift4/ose-cluster-update-keys:v4.7.0-202102130115.p0"
}
},
{
"category": "product_version",
"name": "openshift4/ose-cluster-version-operator:v4.7.0-202102130115.p0",
"product": {
"name": "openshift4/ose-cluster-version-operator:v4.7.0-202102130115.p0",
"product_id": "openshift4/ose-cluster-version-operator:v4.7.0-202102130115.p0"
}
},
{
"category": "product_version",
"name": "openshift4/ose-configmap-reloader:v4.7.0-202102130115.p0",
"product": {
"name": "openshift4/ose-configmap-reloader:v4.7.0-202102130115.p0",
"product_id": "openshift4/ose-configmap-reloader:v4.7.0-202102130115.p0"
}
},
{
"category": "product_version",
"name": "openshift4/ose-console-operator:v4.7.0-202102130115.p0",
"product": {
"name": "openshift4/ose-console-operator:v4.7.0-202102130115.p0",
"product_id": "openshift4/ose-console-operator:v4.7.0-202102130115.p0"
}
},
{
"category": "product_version",
"name": "openshift4/ose-console:v4.7.0-202102130115.p0",
"product": {
"name": "openshift4/ose-console:v4.7.0-202102130115.p0",
"product_id": "openshift4/ose-console:v4.7.0-202102130115.p0"
}
},
{
"category": "product_version",
"name": "openshift4/ose-container-networking-plugins-rhel8:v4.7.0-202102130115.p0",
"product": {
"name": "openshift4/ose-container-networking-plugins-rhel8:v4.7.0-202102130115.p0",
"product_id": "openshift4/ose-container-networking-plugins-rhel8:v4.7.0-202102130115.p0"
}
},
{
"category": "product_version",
"name": "openshift4/ose-coredns:v4.7.0-202102130115.p0",
"product": {
"name": "openshift4/ose-coredns:v4.7.0-202102130115.p0",
"product_id": "openshift4/ose-coredns:v4.7.0-202102130115.p0"
}
},
{
"category": "product_version",
"name": "openshift4/ose-csi-driver-manila-rhel8-operator:v4.7.0-202102130115.p0",
"product": {
"name": "openshift4/ose-csi-driver-manila-rhel8-operator:v4.7.0-202102130115.p0",
"product_id": "openshift4/ose-csi-driver-manila-rhel8-operator:v4.7.0-202102130115.p0"
}
},
{
"category": "product_version",
"name": "openshift4/ose-csi-driver-manila-rhel8:v4.7.0-202102130115.p0",
"product": {
"name": "openshift4/ose-csi-driver-manila-rhel8:v4.7.0-202102130115.p0",
"product_id": "openshift4/ose-csi-driver-manila-rhel8:v4.7.0-202102130115.p0"
}
},
{
"category": "product_version",
"name": "openshift4/ose-csi-driver-nfs-rhel8:v4.7.0-202102130115.p0",
"product": {
"name": "openshift4/ose-csi-driver-nfs-rhel8:v4.7.0-202102130115.p0",
"product_id": "openshift4/ose-csi-driver-nfs-rhel8:v4.7.0-202102130115.p0"
}
},
{
"category": "product_version",
"name": "openshift4/ose-csi-external-attacher-rhel8:v4.7.0-202102130115.p0",
"product": {
"name": "openshift4/ose-csi-external-attacher-rhel8:v4.7.0-202102130115.p0",
"product_id": "openshift4/ose-csi-external-attacher-rhel8:v4.7.0-202102130115.p0"
}
},
{
"category": "product_version",
"name": "openshift4/ose-csi-external-attacher:v4.7.0-202102130115.p0",
"product": {
"name": "openshift4/ose-csi-external-attacher:v4.7.0-202102130115.p0",
"product_id": "openshift4/ose-csi-external-attacher:v4.7.0-202102130115.p0"
}
},
{
"category": "product_version",
"name": "openshift4/ose-csi-external-provisioner-rhel8:v4.7.0-202102130115.p0",
"product": {
"name": "openshift4/ose-csi-external-provisioner-rhel8:v4.7.0-202102130115.p0",
"product_id": "openshift4/ose-csi-external-provisioner-rhel8:v4.7.0-202102130115.p0"
}
},
{
"category": "product_version",
"name": "openshift4/ose-csi-external-provisioner:v4.7.0-202102130115.p0",
"product": {
"name": "openshift4/ose-csi-external-provisioner:v4.7.0-202102130115.p0",
"product_id": "openshift4/ose-csi-external-provisioner:v4.7.0-202102130115.p0"
}
},
{
"category": "product_version",
"name": "openshift4/ose-csi-external-resizer-rhel8:v4.7.0-202102130115.p0",
"product": {
"name": "openshift4/ose-csi-external-resizer-rhel8:v4.7.0-202102130115.p0",
"product_id": "openshift4/ose-csi-external-resizer-rhel8:v4.7.0-202102130115.p0"
}
},
{
"category": "product_version",
"name": "openshift4/ose-csi-external-resizer:v4.7.0-202102130115.p0",
"product": {
"name": "openshift4/ose-csi-external-resizer:v4.7.0-202102130115.p0",
"product_id": "openshift4/ose-csi-external-resizer:v4.7.0-202102130115.p0"
}
},
{
"category": "product_version",
"name": "openshift4/ose-csi-external-snapshotter-rhel8:v4.7.0-202102130115.p0",
"product": {
"name": "openshift4/ose-csi-external-snapshotter-rhel8:v4.7.0-202102130115.p0",
"product_id": "openshift4/ose-csi-external-snapshotter-rhel8:v4.7.0-202102130115.p0"
}
},
{
"category": "product_version",
"name": "openshift4/ose-csi-external-snapshotter:v4.7.0-202102130115.p0",
"product": {
"name": "openshift4/ose-csi-external-snapshotter:v4.7.0-202102130115.p0",
"product_id": "openshift4/ose-csi-external-snapshotter:v4.7.0-202102130115.p0"
}
},
{
"category": "product_version",
"name": "openshift4/ose-csi-livenessprobe-rhel8:v4.7.0-202102130115.p0",
"product": {
"name": "openshift4/ose-csi-livenessprobe-rhel8:v4.7.0-202102130115.p0",
"product_id": "openshift4/ose-csi-livenessprobe-rhel8:v4.7.0-202102130115.p0"
}
},
{
"category": "product_version",
"name": "openshift4/ose-csi-livenessprobe:v4.7.0-202102130115.p0",
"product": {
"name": "openshift4/ose-csi-livenessprobe:v4.7.0-202102130115.p0",
"product_id": "openshift4/ose-csi-livenessprobe:v4.7.0-202102130115.p0"
}
},
{
"category": "product_version",
"name": "openshift4/ose-csi-node-driver-registrar-rhel8:v4.7.0-202102130115.p0",
"product": {
"name": "openshift4/ose-csi-node-driver-registrar-rhel8:v4.7.0-202102130115.p0",
"product_id": "openshift4/ose-csi-node-driver-registrar-rhel8:v4.7.0-202102130115.p0"
}
},
{
"category": "product_version",
"name": "openshift4/ose-csi-node-driver-registrar:v4.7.0-202102130115.p0",
"product": {
"name": "openshift4/ose-csi-node-driver-registrar:v4.7.0-202102130115.p0",
"product_id": "openshift4/ose-csi-node-driver-registrar:v4.7.0-202102130115.p0"
}
},
{
"category": "product_version",
"name": "openshift4/ose-csi-snapshot-controller-rhel8:v4.7.0-202102130115.p0",
"product": {
"name": "openshift4/ose-csi-snapshot-controller-rhel8:v4.7.0-202102130115.p0",
"product_id": "openshift4/ose-csi-snapshot-controller-rhel8:v4.7.0-202102130115.p0"
}
},
{
"category": "product_version",
"name": "openshift4/ose-csi-snapshot-controller:v4.7.0-202102130115.p0",
"product": {
"name": "openshift4/ose-csi-snapshot-controller:v4.7.0-202102130115.p0",
"product_id": "openshift4/ose-csi-snapshot-controller:v4.7.0-202102130115.p0"
}
},
{
"category": "product_version",
"name": "openshift4/ose-csi-snapshot-validation-webhook-rhel8:v4.7.0-202102130115.p0",
"product": {
"name": "openshift4/ose-csi-snapshot-validation-webhook-rhel8:v4.7.0-202102130115.p0",
"product_id": "openshift4/ose-csi-snapshot-validation-webhook-rhel8:v4.7.0-202102130115.p0"
}
},
{
"category": "product_version",
"name": "openshift4/ose-deployer:v4.7.0-202102130115.p0",
"product": {
"name": "openshift4/ose-deployer:v4.7.0-202102130115.p0",
"product_id": "openshift4/ose-deployer:v4.7.0-202102130115.p0"
}
},
{
"category": "product_version",
"name": "openshift4/ose-docker-builder:v4.7.0-202102130115.p0",
"product": {
"name": "openshift4/ose-docker-builder:v4.7.0-202102130115.p0",
"product_id": "openshift4/ose-docker-builder:v4.7.0-202102130115.p0"
}
},
{
"category": "product_version",
"name": "openshift4/ose-docker-registry:v4.7.0-202102130115.p0",
"product": {
"name": "openshift4/ose-docker-registry:v4.7.0-202102130115.p0",
"product_id": "openshift4/ose-docker-registry:v4.7.0-202102130115.p0"
}
},
{
"category": "product_version",
"name": "openshift4/ose-etcd:v4.7.0-202102130115.p0",
"product": {
"name": "openshift4/ose-etcd:v4.7.0-202102130115.p0",
"product_id": "openshift4/ose-etcd:v4.7.0-202102130115.p0"
}
},
{
"category": "product_version",
"name": "openshift4/ose-gcp-machine-controllers-rhel8:v4.7.0-202102130115.p0",
"product": {
"name": "openshift4/ose-gcp-machine-controllers-rhel8:v4.7.0-202102130115.p0",
"product_id": "openshift4/ose-gcp-machine-controllers-rhel8:v4.7.0-202102130115.p0"
}
},
{
"category": "product_version",
"name": "openshift4/ose-gcp-pd-csi-driver-operator-rhel8:v4.7.0-202102130115.p0",
"product": {
"name": "openshift4/ose-gcp-pd-csi-driver-operator-rhel8:v4.7.0-202102130115.p0",
"product_id": "openshift4/ose-gcp-pd-csi-driver-operator-rhel8:v4.7.0-202102130115.p0"
}
},
{
"category": "product_version",
"name": "openshift4/ose-gcp-pd-csi-driver-rhel8:v4.7.0-202102130115.p0",
"product": {
"name": "openshift4/ose-gcp-pd-csi-driver-rhel8:v4.7.0-202102130115.p0",
"product_id": "openshift4/ose-gcp-pd-csi-driver-rhel8:v4.7.0-202102130115.p0"
}
},
{
"category": "product_version",
"name": "openshift4/ose-grafana:v4.7.0-202102130115.p0",
"product": {
"name": "openshift4/ose-grafana:v4.7.0-202102130115.p0",
"product_id": "openshift4/ose-grafana:v4.7.0-202102130115.p0"
}
},
{
"category": "product_version",
"name": "openshift4/ose-haproxy-router:v4.7.0-202102130115.p0",
"product": {
"name": "openshift4/ose-haproxy-router:v4.7.0-202102130115.p0",
"product_id": "openshift4/ose-haproxy-router:v4.7.0-202102130115.p0"
}
},
{
"category": "product_version",
"name": "openshift4/ose-hello-openshift-rhel8:v4.7.0-202102130115.p0",
"product": {
"name": "openshift4/ose-hello-openshift-rhel8:v4.7.0-202102130115.p0",
"product_id": "openshift4/ose-hello-openshift-rhel8:v4.7.0-202102130115.p0"
}
},
{
"category": "product_version",
"name": "openshift4/ose-hyperkube:v4.7.0-202102130115.p0",
"product": {
"name": "openshift4/ose-hyperkube:v4.7.0-202102130115.p0",
"product_id": "openshift4/ose-hyperkube:v4.7.0-202102130115.p0"
}
},
{
"category": "product_version",
"name": "openshift4/ose-insights-rhel8-operator:v4.7.0-202102130115.p0",
"product": {
"name": "openshift4/ose-insights-rhel8-operator:v4.7.0-202102130115.p0",
"product_id": "openshift4/ose-insights-rhel8-operator:v4.7.0-202102130115.p0"
}
},
{
"category": "product_version",
"name": "openshift4/ose-installer-artifacts:v4.7.0-202102130115.p0",
"product": {
"name": "openshift4/ose-installer-artifacts:v4.7.0-202102130115.p0",
"product_id": "openshift4/ose-installer-artifacts:v4.7.0-202102130115.p0"
}
},
{
"category": "product_version",
"name": "openshift4/ose-installer:v4.7.0-202102130115.p0",
"product": {
"name": "openshift4/ose-installer:v4.7.0-202102130115.p0",
"product_id": "openshift4/ose-installer:v4.7.0-202102130115.p0"
}
},
{
"category": "product_version",
"name": "openshift4/ose-ironic-hardware-inventory-recorder-rhel8:v4.7.0-202102130115.p0",
"product": {
"name": "openshift4/ose-ironic-hardware-inventory-recorder-rhel8:v4.7.0-202102130115.p0",
"product_id": "openshift4/ose-ironic-hardware-inventory-recorder-rhel8:v4.7.0-202102130115.p0"
}
},
{
"category": "product_version",
"name": "openshift4/ose-ironic-inspector-rhel8:v4.7.0-202102130115.p0",
"product": {
"name": "openshift4/ose-ironic-inspector-rhel8:v4.7.0-202102130115.p0",
"product_id": "openshift4/ose-ironic-inspector-rhel8:v4.7.0-202102130115.p0"
}
},
{
"category": "product_version",
"name": "openshift4/ose-ironic-ipa-downloader-rhel8:v4.7.0-202102130115.p0",
"product": {
"name": "openshift4/ose-ironic-ipa-downloader-rhel8:v4.7.0-202102130115.p0",
"product_id": "openshift4/ose-ironic-ipa-downloader-rhel8:v4.7.0-202102130115.p0"
}
},
{
"category": "product_version",
"name": "openshift4/ose-ironic-machine-os-downloader-rhel8:v4.7.0-202102130115.p0",
"product": {
"name": "openshift4/ose-ironic-machine-os-downloader-rhel8:v4.7.0-202102130115.p0",
"product_id": "openshift4/ose-ironic-machine-os-downloader-rhel8:v4.7.0-202102130115.p0"
}
},
{
"category": "product_version",
"name": "openshift4/ose-ironic-rhel8:v4.7.0-202102130115.p0",
"product": {
"name": "openshift4/ose-ironic-rhel8:v4.7.0-202102130115.p0",
"product_id": "openshift4/ose-ironic-rhel8:v4.7.0-202102130115.p0"
}
},
{
"category": "product_version",
"name": "openshift4/ose-ironic-static-ip-manager-rhel8:v4.7.0-202102130115.p0",
"product": {
"name": "openshift4/ose-ironic-static-ip-manager-rhel8:v4.7.0-202102130115.p0",
"product_id": "openshift4/ose-ironic-static-ip-manager-rhel8:v4.7.0-202102130115.p0"
}
},
{
"category": "product_version",
"name": "openshift4/ose-jenkins-agent-base:v4.7.0-202102130115.p0",
"product": {
"name": "openshift4/ose-jenkins-agent-base:v4.7.0-202102130115.p0",
"product_id": "openshift4/ose-jenkins-agent-base:v4.7.0-202102130115.p0"
}
},
{
"category": "product_version",
"name": "openshift4/ose-jenkins-agent-maven:v4.7.0-202102130115.p0",
"product": {
"name": "openshift4/ose-jenkins-agent-maven:v4.7.0-202102130115.p0",
"product_id": "openshift4/ose-jenkins-agent-maven:v4.7.0-202102130115.p0"
}
},
{
"category": "product_version",
"name": "openshift4/ose-jenkins-agent-nodejs-12-rhel8:v4.7.0-202102130115.p0",
"product": {
"name": "openshift4/ose-jenkins-agent-nodejs-12-rhel8:v4.7.0-202102130115.p0",
"product_id": "openshift4/ose-jenkins-agent-nodejs-12-rhel8:v4.7.0-202102130115.p0"
}
},
{
"category": "product_version",
"name": "openshift4/ose-jenkins:v4.7.0-202102130115.p0",
"product": {
"name": "openshift4/ose-jenkins:v4.7.0-202102130115.p0",
"product_id": "openshift4/ose-jenkins:v4.7.0-202102130115.p0"
}
},
{
"category": "product_version",
"name": "openshift4/ose-k8s-prometheus-adapter:v4.7.0-202102130115.p0",
"product": {
"name": "openshift4/ose-k8s-prometheus-adapter:v4.7.0-202102130115.p0",
"product_id": "openshift4/ose-k8s-prometheus-adapter:v4.7.0-202102130115.p0"
}
},
{
"category": "product_version",
"name": "openshift4/ose-keepalived-ipfailover:v4.7.0-202102130115.p0",
"product": {
"name": "openshift4/ose-keepalived-ipfailover:v4.7.0-202102130115.p0",
"product_id": "openshift4/ose-keepalived-ipfailover:v4.7.0-202102130115.p0"
}
},
{
"category": "product_version",
"name": "openshift4/ose-kube-proxy:v4.7.0-202102130115.p0",
"product": {
"name": "openshift4/ose-kube-proxy:v4.7.0-202102130115.p0",
"product_id": "openshift4/ose-kube-proxy:v4.7.0-202102130115.p0"
}
},
{
"category": "product_version",
"name": "openshift4/ose-kube-rbac-proxy:v4.7.0-202102130115.p0",
"product": {
"name": "openshift4/ose-kube-rbac-proxy:v4.7.0-202102130115.p0",
"product_id": "openshift4/ose-kube-rbac-proxy:v4.7.0-202102130115.p0"
}
},
{
"category": "product_version",
"name": "openshift4/ose-kube-state-metrics:v4.7.0-202102130115.p0",
"product": {
"name": "openshift4/ose-kube-state-metrics:v4.7.0-202102130115.p0",
"product_id": "openshift4/ose-kube-state-metrics:v4.7.0-202102130115.p0"
}
},
{
"category": "product_version",
"name": "openshift4/ose-kube-storage-version-migrator-rhel8:v4.7.0-202102130115.p0",
"product": {
"name": "openshift4/ose-kube-storage-version-migrator-rhel8:v4.7.0-202102130115.p0",
"product_id": "openshift4/ose-kube-storage-version-migrator-rhel8:v4.7.0-202102130115.p0"
}
},
{
"category": "product_version",
"name": "openshift4/ose-kuryr-cni-rhel8:v4.7.0-202102130115.p0",
"product": {
"name": "openshift4/ose-kuryr-cni-rhel8:v4.7.0-202102130115.p0",
"product_id": "openshift4/ose-kuryr-cni-rhel8:v4.7.0-202102130115.p0"
}
},
{
"category": "product_version",
"name": "openshift4/ose-kuryr-controller-rhel8:v4.7.0-202102130115.p0",
"product": {
"name": "openshift4/ose-kuryr-controller-rhel8:v4.7.0-202102130115.p0",
"product_id": "openshift4/ose-kuryr-controller-rhel8:v4.7.0-202102130115.p0"
}
},
{
"category": "product_version",
"name": "openshift4/ose-libvirt-machine-controllers:v4.7.0-202102130115.p0",
"product": {
"name": "openshift4/ose-libvirt-machine-controllers:v4.7.0-202102130115.p0",
"product_id": "openshift4/ose-libvirt-machine-controllers:v4.7.0-202102130115.p0"
}
},
{
"category": "product_version",
"name": "openshift4/ose-local-storage-static-provisioner:v4.7.0-202102130115.p0",
"product": {
"name": "openshift4/ose-local-storage-static-provisioner:v4.7.0-202102130115.p0",
"product_id": "openshift4/ose-local-storage-static-provisioner:v4.7.0-202102130115.p0"
}
},
{
"category": "product_version",
"name": "openshift4/ose-machine-api-operator:v4.7.0-202102172008.p0",
"product": {
"name": "openshift4/ose-machine-api-operator:v4.7.0-202102172008.p0",
"product_id": "openshift4/ose-machine-api-operator:v4.7.0-202102172008.p0"
}
},
{
"category": "product_version",
"name": "openshift4/ose-machine-config-operator:v4.7.0-202102130115.p0",
"product": {
"name": "openshift4/ose-machine-config-operator:v4.7.0-202102130115.p0",
"product_id": "openshift4/ose-machine-config-operator:v4.7.0-202102130115.p0"
}
},
{
"category": "product_version",
"name": "openshift4/ose-mdns-publisher-rhel8:v4.7.0-202102130115.p0",
"product": {
"name": "openshift4/ose-mdns-publisher-rhel8:v4.7.0-202102130115.p0",
"product_id": "openshift4/ose-mdns-publisher-rhel8:v4.7.0-202102130115.p0"
}
},
{
"category": "product_version",
"name": "openshift4/ose-multus-admission-controller:v4.7.0-202102130115.p0",
"product": {
"name": "openshift4/ose-multus-admission-controller:v4.7.0-202102130115.p0",
"product_id": "openshift4/ose-multus-admission-controller:v4.7.0-202102130115.p0"
}
},
{
"category": "product_version",
"name": "openshift4/ose-multus-cni:v4.7.0-202102130115.p0",
"product": {
"name": "openshift4/ose-multus-cni:v4.7.0-202102130115.p0",
"product_id": "openshift4/ose-multus-cni:v4.7.0-202102130115.p0"
}
},
{
"category": "product_version",
"name": "openshift4/ose-multus-networkpolicy-rhel8:v4.7.0-202102130115.p0",
"product": {
"name": "openshift4/ose-multus-networkpolicy-rhel8:v4.7.0-202102130115.p0",
"product_id": "openshift4/ose-multus-networkpolicy-rhel8:v4.7.0-202102130115.p0"
}
},
{
"category": "product_version",
"name": "openshift4/ose-multus-route-override-cni-rhel8:v4.7.0-202102130115.p0",
"product": {
"name": "openshift4/ose-multus-route-override-cni-rhel8:v4.7.0-202102130115.p0",
"product_id": "openshift4/ose-multus-route-override-cni-rhel8:v4.7.0-202102130115.p0"
}
},
{
"category": "product_version",
"name": "openshift4/ose-multus-whereabouts-ipam-cni-rhel8:v4.7.0-202102130115.p0",
"product": {
"name": "openshift4/ose-multus-whereabouts-ipam-cni-rhel8:v4.7.0-202102130115.p0",
"product_id": "openshift4/ose-multus-whereabouts-ipam-cni-rhel8:v4.7.0-202102130115.p0"
}
},
{
"category": "product_version",
"name": "openshift4/ose-must-gather:v4.7.0-202102130115.p0",
"product": {
"name": "openshift4/ose-must-gather:v4.7.0-202102130115.p0",
"product_id": "openshift4/ose-must-gather:v4.7.0-202102130115.p0"
}
},
{
"category": "product_version",
"name": "openshift4/ose-network-metrics-daemon-rhel8:v4.7.0-202102130115.p0",
"product": {
"name": "openshift4/ose-network-metrics-daemon-rhel8:v4.7.0-202102130115.p0",
"product_id": "openshift4/ose-network-metrics-daemon-rhel8:v4.7.0-202102130115.p0"
}
},
{
"category": "product_version",
"name": "openshift4/ose-oauth-apiserver-rhel8:v4.7.0-202102130115.p0",
"product": {
"name": "openshift4/ose-oauth-apiserver-rhel8:v4.7.0-202102130115.p0",
"product_id": "openshift4/ose-oauth-apiserver-rhel8:v4.7.0-202102130115.p0"
}
},
{
"category": "product_version",
"name": "openshift4/ose-oauth-proxy:v4.7.0-202102130115.p0",
"product": {
"name": "openshift4/ose-oauth-proxy:v4.7.0-202102130115.p0",
"product_id": "openshift4/ose-oauth-proxy:v4.7.0-202102130115.p0"
}
},
{
"category": "product_version",
"name": "openshift4/ose-oauth-server-rhel8:v4.7.0-202102130115.p0",
"product": {
"name": "openshift4/ose-oauth-server-rhel8:v4.7.0-202102130115.p0",
"product_id": "openshift4/ose-oauth-server-rhel8:v4.7.0-202102130115.p0"
}
},
{
"category": "product_version",
"name": "openshift4/ose-openshift-apiserver-rhel8:v4.7.0-202102130115.p0",
"product": {
"name": "openshift4/ose-openshift-apiserver-rhel8:v4.7.0-202102130115.p0",
"product_id": "openshift4/ose-openshift-apiserver-rhel8:v4.7.0-202102130115.p0"
}
},
{
"category": "product_version",
"name": "openshift4/ose-openshift-controller-manager-rhel8:v4.7.0-202102130115.p0",
"product": {
"name": "openshift4/ose-openshift-controller-manager-rhel8:v4.7.0-202102130115.p0",
"product_id": "openshift4/ose-openshift-controller-manager-rhel8:v4.7.0-202102130115.p0"
}
},
{
"category": "product_version",
"name": "openshift4/ose-openshift-state-metrics-rhel8:v4.7.0-202102130115.p0",
"product": {
"name": "openshift4/ose-openshift-state-metrics-rhel8:v4.7.0-202102130115.p0",
"product_id": "openshift4/ose-openshift-state-metrics-rhel8:v4.7.0-202102130115.p0"
}
},
{
"category": "product_version",
"name": "openshift4/ose-openstack-cinder-csi-driver-rhel8-operator:v4.7.0-202102130115.p0",
"product": {
"name": "openshift4/ose-openstack-cinder-csi-driver-rhel8-operator:v4.7.0-202102130115.p0",
"product_id": "openshift4/ose-openstack-cinder-csi-driver-rhel8-operator:v4.7.0-202102130115.p0"
}
},
{
"category": "product_version",
"name": "openshift4/ose-openstack-cinder-csi-driver-rhel8:v4.7.0-202102130115.p0",
"product": {
"name": "openshift4/ose-openstack-cinder-csi-driver-rhel8:v4.7.0-202102130115.p0",
"product_id": "openshift4/ose-openstack-cinder-csi-driver-rhel8:v4.7.0-202102130115.p0"
}
},
{
"category": "product_version",
"name": "openshift4/ose-openstack-machine-controllers:v4.7.0-202102130115.p0",
"product": {
"name": "openshift4/ose-openstack-machine-controllers:v4.7.0-202102130115.p0",
"product_id": "openshift4/ose-openstack-machine-controllers:v4.7.0-202102130115.p0"
}
},
{
"category": "product_version",
"name": "openshift4/ose-operator-lifecycle-manager:v4.7.0-202102130115.p0",
"product": {
"name": "openshift4/ose-operator-lifecycle-manager:v4.7.0-202102130115.p0",
"product_id": "openshift4/ose-operator-lifecycle-manager:v4.7.0-202102130115.p0"
}
},
{
"category": "product_version",
"name": "openshift4/ose-operator-marketplace:v4.7.0-202102130115.p0",
"product": {
"name": "openshift4/ose-operator-marketplace:v4.7.0-202102130115.p0",
"product_id": "openshift4/ose-operator-marketplace:v4.7.0-202102130115.p0"
}
},
{
"category": "product_version",
"name": "openshift4/ose-operator-registry:v4.7.0-202102130115.p0",
"product": {
"name": "openshift4/ose-operator-registry:v4.7.0-202102130115.p0",
"product_id": "openshift4/ose-operator-registry:v4.7.0-202102130115.p0"
}
},
{
"category": "product_version",
"name": "openshift4/ose-ovirt-machine-controllers-rhel8:v4.7.0-202102130115.p0",
"product": {
"name": "openshift4/ose-ovirt-machine-controllers-rhel8:v4.7.0-202102130115.p0",
"product_id": "openshift4/ose-ovirt-machine-controllers-rhel8:v4.7.0-202102130115.p0"
}
},
{
"category": "product_version",
"name": "openshift4/ose-ovn-kubernetes:v4.7.0-202102130115.p0",
"product": {
"name": "openshift4/ose-ovn-kubernetes:v4.7.0-202102130115.p0",
"product_id": "openshift4/ose-ovn-kubernetes:v4.7.0-202102130115.p0"
}
},
{
"category": "product_version",
"name": "openshift4/ose-pod:v4.7.0-202102130115.p0",
"product": {
"name": "openshift4/ose-pod:v4.7.0-202102130115.p0",
"product_id": "openshift4/ose-pod:v4.7.0-202102130115.p0"
}
},
{
"category": "product_version",
"name": "openshift4/ose-prom-label-proxy:v4.7.0-202102130115.p0",
"product": {
"name": "openshift4/ose-prom-label-proxy:v4.7.0-202102130115.p0",
"product_id": "openshift4/ose-prom-label-proxy:v4.7.0-202102130115.p0"
}
},
{
"category": "product_version",
"name": "openshift4/ose-prometheus-alertmanager:v4.7.0-202102130115.p0",
"product": {
"name": "openshift4/ose-prometheus-alertmanager:v4.7.0-202102130115.p0",
"product_id": "openshift4/ose-prometheus-alertmanager:v4.7.0-202102130115.p0"
}
},
{
"category": "product_version",
"name": "openshift4/ose-prometheus-config-reloader:v4.7.0-202102130115.p0",
"product": {
"name": "openshift4/ose-prometheus-config-reloader:v4.7.0-202102130115.p0",
"product_id": "openshift4/ose-prometheus-config-reloader:v4.7.0-202102130115.p0"
}
},
{
"category": "product_version",
"name": "openshift4/ose-prometheus-node-exporter:v4.7.0-202102130115.p0",
"product": {
"name": "openshift4/ose-prometheus-node-exporter:v4.7.0-202102130115.p0",
"product_id": "openshift4/ose-prometheus-node-exporter:v4.7.0-202102130115.p0"
}
},
{
"category": "product_version",
"name": "openshift4/ose-prometheus-operator:v4.7.0-202102130115.p0",
"product": {
"name": "openshift4/ose-prometheus-operator:v4.7.0-202102130115.p0",
"product_id": "openshift4/ose-prometheus-operator:v4.7.0-202102130115.p0"
}
},
{
"category": "product_version",
"name": "openshift4/ose-prometheus:v4.7.0-202102130115.p0",
"product": {
"name": "openshift4/ose-prometheus:v4.7.0-202102130115.p0",
"product_id": "openshift4/ose-prometheus:v4.7.0-202102130115.p0"
}
},
{
"category": "product_version",
"name": "openshift4/ose-sdn-rhel8:v4.7.0-202102130115.p0",
"product": {
"name": "openshift4/ose-sdn-rhel8:v4.7.0-202102130115.p0",
"product_id": "openshift4/ose-sdn-rhel8:v4.7.0-202102130115.p0"
}
},
{
"category": "product_version",
"name": "openshift4/ose-service-ca-operator:v4.7.0-202102130115.p0",
"product": {
"name": "openshift4/ose-service-ca-operator:v4.7.0-202102130115.p0",
"product_id": "openshift4/ose-service-ca-operator:v4.7.0-202102130115.p0"
}
},
{
"category": "product_version",
"name": "openshift4/ose-telemeter:v4.7.0-202102130115.p0",
"product": {
"name": "openshift4/ose-telemeter:v4.7.0-202102130115.p0",
"product_id": "openshift4/ose-telemeter:v4.7.0-202102130115.p0"
}
},
{
"category": "product_version",
"name": "openshift4/ose-tests:v4.7.0-202102181036.p0",
"product": {
"name": "openshift4/ose-tests:v4.7.0-202102181036.p0",
"product_id": "openshift4/ose-tests:v4.7.0-202102181036.p0"
}
},
{
"category": "product_version",
"name": "openshift4/ose-thanos-rhel8:v4.7.0-202102130115.p0",
"product": {
"name": "openshift4/ose-thanos-rhel8:v4.7.0-202102130115.p0",
"product_id": "openshift4/ose-thanos-rhel8:v4.7.0-202102130115.p0"
}
},
{
"category": "product_version",
"name": "openshift4/ose-tools-rhel8:v4.7.0-202102130115.p0",
"product": {
"name": "openshift4/ose-tools-rhel8:v4.7.0-202102130115.p0",
"product_id": "openshift4/ose-tools-rhel8:v4.7.0-202102130115.p0"
}
},
{
"category": "product_version",
"name": "openshift4/ose-vsphere-problem-detector-rhel8:v4.7.0-202102130115.p0",
"product": {
"name": "openshift4/ose-vsphere-problem-detector-rhel8:v4.7.0-202102130115.p0",
"product_id": "openshift4/ose-vsphere-problem-detector-rhel8:v4.7.0-202102130115.p0"
}
},
{
"category": "product_version",
"name": "openshift4/ovirt-csi-driver-rhel7:v4.7.0-202102130115.p0",
"product": {
"name": "openshift4/ovirt-csi-driver-rhel7:v4.7.0-202102130115.p0",
"product_id": "openshift4/ovirt-csi-driver-rhel7:v4.7.0-202102130115.p0"
}
},
{
"category": "product_version",
"name": "openshift4/ovirt-csi-driver-rhel8-operator:v4.7.0-202102130115.p0",
"product": {
"name": "openshift4/ovirt-csi-driver-rhel8-operator:v4.7.0-202102130115.p0",
"product_id": "openshift4/ovirt-csi-driver-rhel8-operator:v4.7.0-202102130115.p0"
}
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/egress-router-cni-rhel8:v4.7.0-202102130115.p0 as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/egress-router-cni-rhel8:v4.7.0-202102130115.p0"
},
"product_reference": "openshift4/egress-router-cni-rhel8:v4.7.0-202102130115.p0",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-aws-ebs-csi-driver-rhel8-operator:v4.7.0-202102130115.p0 as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-aws-ebs-csi-driver-rhel8-operator:v4.7.0-202102130115.p0"
},
"product_reference": "openshift4/ose-aws-ebs-csi-driver-rhel8-operator:v4.7.0-202102130115.p0",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-aws-ebs-csi-driver-rhel8:v4.7.0-202102130115.p0 as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-aws-ebs-csi-driver-rhel8:v4.7.0-202102130115.p0"
},
"product_reference": "openshift4/ose-aws-ebs-csi-driver-rhel8:v4.7.0-202102130115.p0",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-aws-machine-controllers:v4.7.0-202102130115.p0 as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-aws-machine-controllers:v4.7.0-202102130115.p0"
},
"product_reference": "openshift4/ose-aws-machine-controllers:v4.7.0-202102130115.p0",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-aws-pod-identity-webhook-rhel8:v4.7.0-202102130115.p0 as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-aws-pod-identity-webhook-rhel8:v4.7.0-202102130115.p0"
},
"product_reference": "openshift4/ose-aws-pod-identity-webhook-rhel8:v4.7.0-202102130115.p0",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-azure-machine-controllers:v4.7.0-202102130115.p0 as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-azure-machine-controllers:v4.7.0-202102130115.p0"
},
"product_reference": "openshift4/ose-azure-machine-controllers:v4.7.0-202102130115.p0",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-baremetal-installer-rhel8:v4.7.0-202102130115.p0 as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-baremetal-installer-rhel8:v4.7.0-202102130115.p0"
},
"product_reference": "openshift4/ose-baremetal-installer-rhel8:v4.7.0-202102130115.p0",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-baremetal-machine-controllers:v4.7.0-202102130115.p0 as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-baremetal-machine-controllers:v4.7.0-202102130115.p0"
},
"product_reference": "openshift4/ose-baremetal-machine-controllers:v4.7.0-202102130115.p0",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-baremetal-rhel8-operator:v4.7.0-202102130115.p0 as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-baremetal-rhel8-operator:v4.7.0-202102130115.p0"
},
"product_reference": "openshift4/ose-baremetal-rhel8-operator:v4.7.0-202102130115.p0",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-baremetal-runtimecfg-rhel8:v4.7.0-202102130115.p0 as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-baremetal-runtimecfg-rhel8:v4.7.0-202102130115.p0"
},
"product_reference": "openshift4/ose-baremetal-runtimecfg-rhel8:v4.7.0-202102130115.p0",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cli-artifacts:v4.7.0-202102130115.p0 as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-cli-artifacts:v4.7.0-202102130115.p0"
},
"product_reference": "openshift4/ose-cli-artifacts:v4.7.0-202102130115.p0",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cli:v4.7.0-202102130115.p0 as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-cli:v4.7.0-202102130115.p0"
},
"product_reference": "openshift4/ose-cli:v4.7.0-202102130115.p0",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cloud-credential-operator:v4.7.0-202102130115.p0 as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-cloud-credential-operator:v4.7.0-202102130115.p0"
},
"product_reference": "openshift4/ose-cloud-credential-operator:v4.7.0-202102130115.p0",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cluster-authentication-operator:v4.7.0-202102130115.p0 as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-cluster-authentication-operator:v4.7.0-202102130115.p0"
},
"product_reference": "openshift4/ose-cluster-authentication-operator:v4.7.0-202102130115.p0",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cluster-autoscaler-operator:v4.7.0-202102130115.p0 as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-cluster-autoscaler-operator:v4.7.0-202102130115.p0"
},
"product_reference": "openshift4/ose-cluster-autoscaler-operator:v4.7.0-202102130115.p0",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cluster-autoscaler:v4.7.0-202102130115.p0 as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-cluster-autoscaler:v4.7.0-202102130115.p0"
},
"product_reference": "openshift4/ose-cluster-autoscaler:v4.7.0-202102130115.p0",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cluster-baremetal-operator-rhel8:v4.7.0-202102130115.p0 as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-cluster-baremetal-operator-rhel8:v4.7.0-202102130115.p0"
},
"product_reference": "openshift4/ose-cluster-baremetal-operator-rhel8:v4.7.0-202102130115.p0",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cluster-bootstrap:v4.7.0-202102130115.p0 as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-cluster-bootstrap:v4.7.0-202102130115.p0"
},
"product_reference": "openshift4/ose-cluster-bootstrap:v4.7.0-202102130115.p0",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cluster-config-operator:v4.7.0-202102130115.p0 as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-cluster-config-operator:v4.7.0-202102130115.p0"
},
"product_reference": "openshift4/ose-cluster-config-operator:v4.7.0-202102130115.p0",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator:v4.7.0-202102130115.p0 as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator:v4.7.0-202102130115.p0"
},
"product_reference": "openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator:v4.7.0-202102130115.p0",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cluster-dns-operator:v4.7.0-202102130115.p0 as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-cluster-dns-operator:v4.7.0-202102130115.p0"
},
"product_reference": "openshift4/ose-cluster-dns-operator:v4.7.0-202102130115.p0",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cluster-etcd-rhel8-operator:v4.7.0-202102130115.p0 as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-cluster-etcd-rhel8-operator:v4.7.0-202102130115.p0"
},
"product_reference": "openshift4/ose-cluster-etcd-rhel8-operator:v4.7.0-202102130115.p0",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cluster-image-registry-operator:v4.7.0-202102130115.p0 as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-cluster-image-registry-operator:v4.7.0-202102130115.p0"
},
"product_reference": "openshift4/ose-cluster-image-registry-operator:v4.7.0-202102130115.p0",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cluster-ingress-operator:v4.7.0-202102130115.p0 as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-cluster-ingress-operator:v4.7.0-202102130115.p0"
},
"product_reference": "openshift4/ose-cluster-ingress-operator:v4.7.0-202102130115.p0",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cluster-kube-apiserver-operator:v4.7.0-202102130115.p0 as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-cluster-kube-apiserver-operator:v4.7.0-202102130115.p0"
},
"product_reference": "openshift4/ose-cluster-kube-apiserver-operator:v4.7.0-202102130115.p0",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cluster-kube-controller-manager-operator:v4.7.0-202102130115.p0 as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-cluster-kube-controller-manager-operator:v4.7.0-202102130115.p0"
},
"product_reference": "openshift4/ose-cluster-kube-controller-manager-operator:v4.7.0-202102130115.p0",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cluster-kube-scheduler-operator:v4.7.0-202102130115.p0 as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-cluster-kube-scheduler-operator:v4.7.0-202102130115.p0"
},
"product_reference": "openshift4/ose-cluster-kube-scheduler-operator:v4.7.0-202102130115.p0",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator:v4.7.0-202102130115.p0 as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator:v4.7.0-202102130115.p0"
},
"product_reference": "openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator:v4.7.0-202102130115.p0",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cluster-machine-approver:v4.7.0-202102130115.p0 as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-cluster-machine-approver:v4.7.0-202102130115.p0"
},
"product_reference": "openshift4/ose-cluster-machine-approver:v4.7.0-202102130115.p0",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cluster-monitoring-operator:v4.7.0-202102172008.p0 as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-cluster-monitoring-operator:v4.7.0-202102172008.p0"
},
"product_reference": "openshift4/ose-cluster-monitoring-operator:v4.7.0-202102172008.p0",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cluster-network-operator:v4.7.0-202102130115.p0 as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-cluster-network-operator:v4.7.0-202102130115.p0"
},
"product_reference": "openshift4/ose-cluster-network-operator:v4.7.0-202102130115.p0",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cluster-node-tuning-operator:v4.7.0-202102130115.p0 as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-cluster-node-tuning-operator:v4.7.0-202102130115.p0"
},
"product_reference": "openshift4/ose-cluster-node-tuning-operator:v4.7.0-202102130115.p0",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cluster-openshift-apiserver-operator:v4.7.0-202102130115.p0 as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-cluster-openshift-apiserver-operator:v4.7.0-202102130115.p0"
},
"product_reference": "openshift4/ose-cluster-openshift-apiserver-operator:v4.7.0-202102130115.p0",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cluster-openshift-controller-manager-operator:v4.7.0-202102130115.p0 as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-cluster-openshift-controller-manager-operator:v4.7.0-202102130115.p0"
},
"product_reference": "openshift4/ose-cluster-openshift-controller-manager-operator:v4.7.0-202102130115.p0",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cluster-policy-controller-rhel8:v4.7.0-202102130115.p0 as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-cluster-policy-controller-rhel8:v4.7.0-202102130115.p0"
},
"product_reference": "openshift4/ose-cluster-policy-controller-rhel8:v4.7.0-202102130115.p0",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cluster-samples-operator:v4.7.0-202102130115.p0 as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-cluster-samples-operator:v4.7.0-202102130115.p0"
},
"product_reference": "openshift4/ose-cluster-samples-operator:v4.7.0-202102130115.p0",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cluster-storage-operator:v4.7.0-202102130115.p0 as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-cluster-storage-operator:v4.7.0-202102130115.p0"
},
"product_reference": "openshift4/ose-cluster-storage-operator:v4.7.0-202102130115.p0",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cluster-update-keys:v4.7.0-202102130115.p0 as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-cluster-update-keys:v4.7.0-202102130115.p0"
},
"product_reference": "openshift4/ose-cluster-update-keys:v4.7.0-202102130115.p0",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cluster-version-operator:v4.7.0-202102130115.p0 as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-cluster-version-operator:v4.7.0-202102130115.p0"
},
"product_reference": "openshift4/ose-cluster-version-operator:v4.7.0-202102130115.p0",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-configmap-reloader:v4.7.0-202102130115.p0 as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-configmap-reloader:v4.7.0-202102130115.p0"
},
"product_reference": "openshift4/ose-configmap-reloader:v4.7.0-202102130115.p0",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-console-operator:v4.7.0-202102130115.p0 as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-console-operator:v4.7.0-202102130115.p0"
},
"product_reference": "openshift4/ose-console-operator:v4.7.0-202102130115.p0",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-console:v4.7.0-202102130115.p0 as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-console:v4.7.0-202102130115.p0"
},
"product_reference": "openshift4/ose-console:v4.7.0-202102130115.p0",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-container-networking-plugins-rhel8:v4.7.0-202102130115.p0 as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-container-networking-plugins-rhel8:v4.7.0-202102130115.p0"
},
"product_reference": "openshift4/ose-container-networking-plugins-rhel8:v4.7.0-202102130115.p0",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-coredns:v4.7.0-202102130115.p0 as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-coredns:v4.7.0-202102130115.p0"
},
"product_reference": "openshift4/ose-coredns:v4.7.0-202102130115.p0",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-csi-driver-manila-rhel8-operator:v4.7.0-202102130115.p0 as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-csi-driver-manila-rhel8-operator:v4.7.0-202102130115.p0"
},
"product_reference": "openshift4/ose-csi-driver-manila-rhel8-operator:v4.7.0-202102130115.p0",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-csi-driver-manila-rhel8:v4.7.0-202102130115.p0 as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-csi-driver-manila-rhel8:v4.7.0-202102130115.p0"
},
"product_reference": "openshift4/ose-csi-driver-manila-rhel8:v4.7.0-202102130115.p0",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-csi-driver-nfs-rhel8:v4.7.0-202102130115.p0 as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-csi-driver-nfs-rhel8:v4.7.0-202102130115.p0"
},
"product_reference": "openshift4/ose-csi-driver-nfs-rhel8:v4.7.0-202102130115.p0",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-csi-external-attacher-rhel8:v4.7.0-202102130115.p0 as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-csi-external-attacher-rhel8:v4.7.0-202102130115.p0"
},
"product_reference": "openshift4/ose-csi-external-attacher-rhel8:v4.7.0-202102130115.p0",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-csi-external-attacher:v4.7.0-202102130115.p0 as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-csi-external-attacher:v4.7.0-202102130115.p0"
},
"product_reference": "openshift4/ose-csi-external-attacher:v4.7.0-202102130115.p0",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-csi-external-provisioner-rhel8:v4.7.0-202102130115.p0 as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-csi-external-provisioner-rhel8:v4.7.0-202102130115.p0"
},
"product_reference": "openshift4/ose-csi-external-provisioner-rhel8:v4.7.0-202102130115.p0",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-csi-external-provisioner:v4.7.0-202102130115.p0 as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-csi-external-provisioner:v4.7.0-202102130115.p0"
},
"product_reference": "openshift4/ose-csi-external-provisioner:v4.7.0-202102130115.p0",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-csi-external-resizer-rhel8:v4.7.0-202102130115.p0 as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-csi-external-resizer-rhel8:v4.7.0-202102130115.p0"
},
"product_reference": "openshift4/ose-csi-external-resizer-rhel8:v4.7.0-202102130115.p0",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-csi-external-resizer:v4.7.0-202102130115.p0 as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-csi-external-resizer:v4.7.0-202102130115.p0"
},
"product_reference": "openshift4/ose-csi-external-resizer:v4.7.0-202102130115.p0",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-csi-external-snapshotter-rhel8:v4.7.0-202102130115.p0 as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-csi-external-snapshotter-rhel8:v4.7.0-202102130115.p0"
},
"product_reference": "openshift4/ose-csi-external-snapshotter-rhel8:v4.7.0-202102130115.p0",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-csi-external-snapshotter:v4.7.0-202102130115.p0 as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-csi-external-snapshotter:v4.7.0-202102130115.p0"
},
"product_reference": "openshift4/ose-csi-external-snapshotter:v4.7.0-202102130115.p0",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-csi-livenessprobe-rhel8:v4.7.0-202102130115.p0 as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-csi-livenessprobe-rhel8:v4.7.0-202102130115.p0"
},
"product_reference": "openshift4/ose-csi-livenessprobe-rhel8:v4.7.0-202102130115.p0",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-csi-livenessprobe:v4.7.0-202102130115.p0 as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-csi-livenessprobe:v4.7.0-202102130115.p0"
},
"product_reference": "openshift4/ose-csi-livenessprobe:v4.7.0-202102130115.p0",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-csi-node-driver-registrar-rhel8:v4.7.0-202102130115.p0 as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-csi-node-driver-registrar-rhel8:v4.7.0-202102130115.p0"
},
"product_reference": "openshift4/ose-csi-node-driver-registrar-rhel8:v4.7.0-202102130115.p0",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-csi-node-driver-registrar:v4.7.0-202102130115.p0 as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-csi-node-driver-registrar:v4.7.0-202102130115.p0"
},
"product_reference": "openshift4/ose-csi-node-driver-registrar:v4.7.0-202102130115.p0",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-csi-snapshot-controller-rhel8:v4.7.0-202102130115.p0 as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-csi-snapshot-controller-rhel8:v4.7.0-202102130115.p0"
},
"product_reference": "openshift4/ose-csi-snapshot-controller-rhel8:v4.7.0-202102130115.p0",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-csi-snapshot-controller:v4.7.0-202102130115.p0 as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-csi-snapshot-controller:v4.7.0-202102130115.p0"
},
"product_reference": "openshift4/ose-csi-snapshot-controller:v4.7.0-202102130115.p0",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-csi-snapshot-validation-webhook-rhel8:v4.7.0-202102130115.p0 as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-csi-snapshot-validation-webhook-rhel8:v4.7.0-202102130115.p0"
},
"product_reference": "openshift4/ose-csi-snapshot-validation-webhook-rhel8:v4.7.0-202102130115.p0",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-deployer:v4.7.0-202102130115.p0 as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-deployer:v4.7.0-202102130115.p0"
},
"product_reference": "openshift4/ose-deployer:v4.7.0-202102130115.p0",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-docker-builder:v4.7.0-202102130115.p0 as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-docker-builder:v4.7.0-202102130115.p0"
},
"product_reference": "openshift4/ose-docker-builder:v4.7.0-202102130115.p0",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-docker-registry:v4.7.0-202102130115.p0 as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-docker-registry:v4.7.0-202102130115.p0"
},
"product_reference": "openshift4/ose-docker-registry:v4.7.0-202102130115.p0",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-etcd:v4.7.0-202102130115.p0 as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-etcd:v4.7.0-202102130115.p0"
},
"product_reference": "openshift4/ose-etcd:v4.7.0-202102130115.p0",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-gcp-machine-controllers-rhel8:v4.7.0-202102130115.p0 as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-gcp-machine-controllers-rhel8:v4.7.0-202102130115.p0"
},
"product_reference": "openshift4/ose-gcp-machine-controllers-rhel8:v4.7.0-202102130115.p0",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-gcp-pd-csi-driver-operator-rhel8:v4.7.0-202102130115.p0 as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-gcp-pd-csi-driver-operator-rhel8:v4.7.0-202102130115.p0"
},
"product_reference": "openshift4/ose-gcp-pd-csi-driver-operator-rhel8:v4.7.0-202102130115.p0",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-gcp-pd-csi-driver-rhel8:v4.7.0-202102130115.p0 as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-gcp-pd-csi-driver-rhel8:v4.7.0-202102130115.p0"
},
"product_reference": "openshift4/ose-gcp-pd-csi-driver-rhel8:v4.7.0-202102130115.p0",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-grafana:v4.7.0-202102130115.p0 as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-grafana:v4.7.0-202102130115.p0"
},
"product_reference": "openshift4/ose-grafana:v4.7.0-202102130115.p0",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-haproxy-router:v4.7.0-202102130115.p0 as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-haproxy-router:v4.7.0-202102130115.p0"
},
"product_reference": "openshift4/ose-haproxy-router:v4.7.0-202102130115.p0",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-hello-openshift-rhel8:v4.7.0-202102130115.p0 as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-hello-openshift-rhel8:v4.7.0-202102130115.p0"
},
"product_reference": "openshift4/ose-hello-openshift-rhel8:v4.7.0-202102130115.p0",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-hyperkube:v4.7.0-202102130115.p0 as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-hyperkube:v4.7.0-202102130115.p0"
},
"product_reference": "openshift4/ose-hyperkube:v4.7.0-202102130115.p0",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-insights-rhel8-operator:v4.7.0-202102130115.p0 as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-insights-rhel8-operator:v4.7.0-202102130115.p0"
},
"product_reference": "openshift4/ose-insights-rhel8-operator:v4.7.0-202102130115.p0",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-installer-artifacts:v4.7.0-202102130115.p0 as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-installer-artifacts:v4.7.0-202102130115.p0"
},
"product_reference": "openshift4/ose-installer-artifacts:v4.7.0-202102130115.p0",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-installer:v4.7.0-202102130115.p0 as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-installer:v4.7.0-202102130115.p0"
},
"product_reference": "openshift4/ose-installer:v4.7.0-202102130115.p0",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-ironic-hardware-inventory-recorder-rhel8:v4.7.0-202102130115.p0 as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-ironic-hardware-inventory-recorder-rhel8:v4.7.0-202102130115.p0"
},
"product_reference": "openshift4/ose-ironic-hardware-inventory-recorder-rhel8:v4.7.0-202102130115.p0",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-ironic-inspector-rhel8:v4.7.0-202102130115.p0 as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-ironic-inspector-rhel8:v4.7.0-202102130115.p0"
},
"product_reference": "openshift4/ose-ironic-inspector-rhel8:v4.7.0-202102130115.p0",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-ironic-ipa-downloader-rhel8:v4.7.0-202102130115.p0 as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-ironic-ipa-downloader-rhel8:v4.7.0-202102130115.p0"
},
"product_reference": "openshift4/ose-ironic-ipa-downloader-rhel8:v4.7.0-202102130115.p0",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-ironic-machine-os-downloader-rhel8:v4.7.0-202102130115.p0 as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-ironic-machine-os-downloader-rhel8:v4.7.0-202102130115.p0"
},
"product_reference": "openshift4/ose-ironic-machine-os-downloader-rhel8:v4.7.0-202102130115.p0",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-ironic-rhel8:v4.7.0-202102130115.p0 as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-ironic-rhel8:v4.7.0-202102130115.p0"
},
"product_reference": "openshift4/ose-ironic-rhel8:v4.7.0-202102130115.p0",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-ironic-static-ip-manager-rhel8:v4.7.0-202102130115.p0 as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-ironic-static-ip-manager-rhel8:v4.7.0-202102130115.p0"
},
"product_reference": "openshift4/ose-ironic-static-ip-manager-rhel8:v4.7.0-202102130115.p0",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-jenkins-agent-base:v4.7.0-202102130115.p0 as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-jenkins-agent-base:v4.7.0-202102130115.p0"
},
"product_reference": "openshift4/ose-jenkins-agent-base:v4.7.0-202102130115.p0",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-jenkins-agent-maven:v4.7.0-202102130115.p0 as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-jenkins-agent-maven:v4.7.0-202102130115.p0"
},
"product_reference": "openshift4/ose-jenkins-agent-maven:v4.7.0-202102130115.p0",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-jenkins-agent-nodejs-12-rhel8:v4.7.0-202102130115.p0 as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-jenkins-agent-nodejs-12-rhel8:v4.7.0-202102130115.p0"
},
"product_reference": "openshift4/ose-jenkins-agent-nodejs-12-rhel8:v4.7.0-202102130115.p0",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-jenkins:v4.7.0-202102130115.p0 as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-jenkins:v4.7.0-202102130115.p0"
},
"product_reference": "openshift4/ose-jenkins:v4.7.0-202102130115.p0",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-k8s-prometheus-adapter:v4.7.0-202102130115.p0 as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-k8s-prometheus-adapter:v4.7.0-202102130115.p0"
},
"product_reference": "openshift4/ose-k8s-prometheus-adapter:v4.7.0-202102130115.p0",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-keepalived-ipfailover:v4.7.0-202102130115.p0 as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-keepalived-ipfailover:v4.7.0-202102130115.p0"
},
"product_reference": "openshift4/ose-keepalived-ipfailover:v4.7.0-202102130115.p0",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-kube-proxy:v4.7.0-202102130115.p0 as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-kube-proxy:v4.7.0-202102130115.p0"
},
"product_reference": "openshift4/ose-kube-proxy:v4.7.0-202102130115.p0",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-kube-rbac-proxy:v4.7.0-202102130115.p0 as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-kube-rbac-proxy:v4.7.0-202102130115.p0"
},
"product_reference": "openshift4/ose-kube-rbac-proxy:v4.7.0-202102130115.p0",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-kube-state-metrics:v4.7.0-202102130115.p0 as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-kube-state-metrics:v4.7.0-202102130115.p0"
},
"product_reference": "openshift4/ose-kube-state-metrics:v4.7.0-202102130115.p0",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-kube-storage-version-migrator-rhel8:v4.7.0-202102130115.p0 as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-kube-storage-version-migrator-rhel8:v4.7.0-202102130115.p0"
},
"product_reference": "openshift4/ose-kube-storage-version-migrator-rhel8:v4.7.0-202102130115.p0",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-kuryr-cni-rhel8:v4.7.0-202102130115.p0 as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-kuryr-cni-rhel8:v4.7.0-202102130115.p0"
},
"product_reference": "openshift4/ose-kuryr-cni-rhel8:v4.7.0-202102130115.p0",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-kuryr-controller-rhel8:v4.7.0-202102130115.p0 as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-kuryr-controller-rhel8:v4.7.0-202102130115.p0"
},
"product_reference": "openshift4/ose-kuryr-controller-rhel8:v4.7.0-202102130115.p0",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-libvirt-machine-controllers:v4.7.0-202102130115.p0 as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-libvirt-machine-controllers:v4.7.0-202102130115.p0"
},
"product_reference": "openshift4/ose-libvirt-machine-controllers:v4.7.0-202102130115.p0",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-local-storage-static-provisioner:v4.7.0-202102130115.p0 as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-local-storage-static-provisioner:v4.7.0-202102130115.p0"
},
"product_reference": "openshift4/ose-local-storage-static-provisioner:v4.7.0-202102130115.p0",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-machine-api-operator:v4.7.0-202102172008.p0 as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-machine-api-operator:v4.7.0-202102172008.p0"
},
"product_reference": "openshift4/ose-machine-api-operator:v4.7.0-202102172008.p0",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-machine-config-operator:v4.7.0-202102130115.p0 as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-machine-config-operator:v4.7.0-202102130115.p0"
},
"product_reference": "openshift4/ose-machine-config-operator:v4.7.0-202102130115.p0",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-mdns-publisher-rhel8:v4.7.0-202102130115.p0 as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-mdns-publisher-rhel8:v4.7.0-202102130115.p0"
},
"product_reference": "openshift4/ose-mdns-publisher-rhel8:v4.7.0-202102130115.p0",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-multus-admission-controller:v4.7.0-202102130115.p0 as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-multus-admission-controller:v4.7.0-202102130115.p0"
},
"product_reference": "openshift4/ose-multus-admission-controller:v4.7.0-202102130115.p0",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-multus-cni:v4.7.0-202102130115.p0 as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-multus-cni:v4.7.0-202102130115.p0"
},
"product_reference": "openshift4/ose-multus-cni:v4.7.0-202102130115.p0",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-multus-networkpolicy-rhel8:v4.7.0-202102130115.p0 as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-multus-networkpolicy-rhel8:v4.7.0-202102130115.p0"
},
"product_reference": "openshift4/ose-multus-networkpolicy-rhel8:v4.7.0-202102130115.p0",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-multus-route-override-cni-rhel8:v4.7.0-202102130115.p0 as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-multus-route-override-cni-rhel8:v4.7.0-202102130115.p0"
},
"product_reference": "openshift4/ose-multus-route-override-cni-rhel8:v4.7.0-202102130115.p0",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-multus-whereabouts-ipam-cni-rhel8:v4.7.0-202102130115.p0 as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-multus-whereabouts-ipam-cni-rhel8:v4.7.0-202102130115.p0"
},
"product_reference": "openshift4/ose-multus-whereabouts-ipam-cni-rhel8:v4.7.0-202102130115.p0",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-must-gather:v4.7.0-202102130115.p0 as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-must-gather:v4.7.0-202102130115.p0"
},
"product_reference": "openshift4/ose-must-gather:v4.7.0-202102130115.p0",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-network-metrics-daemon-rhel8:v4.7.0-202102130115.p0 as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-network-metrics-daemon-rhel8:v4.7.0-202102130115.p0"
},
"product_reference": "openshift4/ose-network-metrics-daemon-rhel8:v4.7.0-202102130115.p0",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-oauth-apiserver-rhel8:v4.7.0-202102130115.p0 as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-oauth-apiserver-rhel8:v4.7.0-202102130115.p0"
},
"product_reference": "openshift4/ose-oauth-apiserver-rhel8:v4.7.0-202102130115.p0",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-oauth-proxy:v4.7.0-202102130115.p0 as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-oauth-proxy:v4.7.0-202102130115.p0"
},
"product_reference": "openshift4/ose-oauth-proxy:v4.7.0-202102130115.p0",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-oauth-server-rhel8:v4.7.0-202102130115.p0 as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-oauth-server-rhel8:v4.7.0-202102130115.p0"
},
"product_reference": "openshift4/ose-oauth-server-rhel8:v4.7.0-202102130115.p0",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-openshift-apiserver-rhel8:v4.7.0-202102130115.p0 as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-openshift-apiserver-rhel8:v4.7.0-202102130115.p0"
},
"product_reference": "openshift4/ose-openshift-apiserver-rhel8:v4.7.0-202102130115.p0",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-openshift-controller-manager-rhel8:v4.7.0-202102130115.p0 as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-openshift-controller-manager-rhel8:v4.7.0-202102130115.p0"
},
"product_reference": "openshift4/ose-openshift-controller-manager-rhel8:v4.7.0-202102130115.p0",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-openshift-state-metrics-rhel8:v4.7.0-202102130115.p0 as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-openshift-state-metrics-rhel8:v4.7.0-202102130115.p0"
},
"product_reference": "openshift4/ose-openshift-state-metrics-rhel8:v4.7.0-202102130115.p0",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-openstack-cinder-csi-driver-rhel8-operator:v4.7.0-202102130115.p0 as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-openstack-cinder-csi-driver-rhel8-operator:v4.7.0-202102130115.p0"
},
"product_reference": "openshift4/ose-openstack-cinder-csi-driver-rhel8-operator:v4.7.0-202102130115.p0",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-openstack-cinder-csi-driver-rhel8:v4.7.0-202102130115.p0 as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-openstack-cinder-csi-driver-rhel8:v4.7.0-202102130115.p0"
},
"product_reference": "openshift4/ose-openstack-cinder-csi-driver-rhel8:v4.7.0-202102130115.p0",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-openstack-machine-controllers:v4.7.0-202102130115.p0 as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-openstack-machine-controllers:v4.7.0-202102130115.p0"
},
"product_reference": "openshift4/ose-openstack-machine-controllers:v4.7.0-202102130115.p0",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-operator-lifecycle-manager:v4.7.0-202102130115.p0 as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-operator-lifecycle-manager:v4.7.0-202102130115.p0"
},
"product_reference": "openshift4/ose-operator-lifecycle-manager:v4.7.0-202102130115.p0",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-operator-marketplace:v4.7.0-202102130115.p0 as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-operator-marketplace:v4.7.0-202102130115.p0"
},
"product_reference": "openshift4/ose-operator-marketplace:v4.7.0-202102130115.p0",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-operator-registry:v4.7.0-202102130115.p0 as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-operator-registry:v4.7.0-202102130115.p0"
},
"product_reference": "openshift4/ose-operator-registry:v4.7.0-202102130115.p0",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-ovirt-machine-controllers-rhel8:v4.7.0-202102130115.p0 as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-ovirt-machine-controllers-rhel8:v4.7.0-202102130115.p0"
},
"product_reference": "openshift4/ose-ovirt-machine-controllers-rhel8:v4.7.0-202102130115.p0",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-ovn-kubernetes:v4.7.0-202102130115.p0 as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-ovn-kubernetes:v4.7.0-202102130115.p0"
},
"product_reference": "openshift4/ose-ovn-kubernetes:v4.7.0-202102130115.p0",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-pod:v4.7.0-202102130115.p0 as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-pod:v4.7.0-202102130115.p0"
},
"product_reference": "openshift4/ose-pod:v4.7.0-202102130115.p0",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-prom-label-proxy:v4.7.0-202102130115.p0 as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-prom-label-proxy:v4.7.0-202102130115.p0"
},
"product_reference": "openshift4/ose-prom-label-proxy:v4.7.0-202102130115.p0",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-prometheus-alertmanager:v4.7.0-202102130115.p0 as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-prometheus-alertmanager:v4.7.0-202102130115.p0"
},
"product_reference": "openshift4/ose-prometheus-alertmanager:v4.7.0-202102130115.p0",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-prometheus-config-reloader:v4.7.0-202102130115.p0 as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-prometheus-config-reloader:v4.7.0-202102130115.p0"
},
"product_reference": "openshift4/ose-prometheus-config-reloader:v4.7.0-202102130115.p0",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-prometheus-node-exporter:v4.7.0-202102130115.p0 as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-prometheus-node-exporter:v4.7.0-202102130115.p0"
},
"product_reference": "openshift4/ose-prometheus-node-exporter:v4.7.0-202102130115.p0",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-prometheus-operator:v4.7.0-202102130115.p0 as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-prometheus-operator:v4.7.0-202102130115.p0"
},
"product_reference": "openshift4/ose-prometheus-operator:v4.7.0-202102130115.p0",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-prometheus:v4.7.0-202102130115.p0 as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-prometheus:v4.7.0-202102130115.p0"
},
"product_reference": "openshift4/ose-prometheus:v4.7.0-202102130115.p0",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-sdn-rhel8:v4.7.0-202102130115.p0 as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-sdn-rhel8:v4.7.0-202102130115.p0"
},
"product_reference": "openshift4/ose-sdn-rhel8:v4.7.0-202102130115.p0",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-service-ca-operator:v4.7.0-202102130115.p0 as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-service-ca-operator:v4.7.0-202102130115.p0"
},
"product_reference": "openshift4/ose-service-ca-operator:v4.7.0-202102130115.p0",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-telemeter:v4.7.0-202102130115.p0 as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-telemeter:v4.7.0-202102130115.p0"
},
"product_reference": "openshift4/ose-telemeter:v4.7.0-202102130115.p0",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-tests:v4.7.0-202102181036.p0 as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-tests:v4.7.0-202102181036.p0"
},
"product_reference": "openshift4/ose-tests:v4.7.0-202102181036.p0",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-thanos-rhel8:v4.7.0-202102130115.p0 as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-thanos-rhel8:v4.7.0-202102130115.p0"
},
"product_reference": "openshift4/ose-thanos-rhel8:v4.7.0-202102130115.p0",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-tools-rhel8:v4.7.0-202102130115.p0 as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-tools-rhel8:v4.7.0-202102130115.p0"
},
"product_reference": "openshift4/ose-tools-rhel8:v4.7.0-202102130115.p0",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-vsphere-problem-detector-rhel8:v4.7.0-202102130115.p0 as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-vsphere-problem-detector-rhel8:v4.7.0-202102130115.p0"
},
"product_reference": "openshift4/ose-vsphere-problem-detector-rhel8:v4.7.0-202102130115.p0",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ovirt-csi-driver-rhel7:v4.7.0-202102130115.p0 as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ovirt-csi-driver-rhel7:v4.7.0-202102130115.p0"
},
"product_reference": "openshift4/ovirt-csi-driver-rhel7:v4.7.0-202102130115.p0",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ovirt-csi-driver-rhel8-operator:v4.7.0-202102130115.p0 as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ovirt-csi-driver-rhel8-operator:v4.7.0-202102130115.p0"
},
"product_reference": "openshift4/ovirt-csi-driver-rhel8-operator:v4.7.0-202102130115.p0",
"relates_to_product_reference": "8Base-RHOSE-4.7"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2020-7774",
"cwe": {
"id": "CWE-915",
"name": "Improperly Controlled Modification of Dynamically-Determined Object Attributes"
},
"discovery_date": "2020-11-17T00:00:00Z",
"flags": [
{
"label": "component_not_present",
"product_ids": [
"8Base-RHOSE-4.7:openshift4/egress-router-cni-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-aws-ebs-csi-driver-rhel8-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-aws-ebs-csi-driver-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-aws-machine-controllers:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-aws-pod-identity-webhook-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-azure-machine-controllers:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-baremetal-installer-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-baremetal-machine-controllers:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-baremetal-rhel8-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-baremetal-runtimecfg-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cli-artifacts:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cli:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cloud-credential-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-authentication-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-autoscaler-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-autoscaler:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-baremetal-operator-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-bootstrap:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-config-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-dns-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-etcd-rhel8-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-image-registry-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-ingress-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-kube-apiserver-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-kube-controller-manager-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-kube-scheduler-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-machine-approver:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-monitoring-operator:v4.7.0-202102172008.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-network-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-node-tuning-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-openshift-apiserver-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-openshift-controller-manager-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-policy-controller-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-samples-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-storage-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-update-keys:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-version-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-configmap-reloader:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-console-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-console:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-container-networking-plugins-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-coredns:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-driver-manila-rhel8-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-driver-manila-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-driver-nfs-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-external-attacher-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-external-attacher:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-external-provisioner-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-external-provisioner:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-external-resizer-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-external-resizer:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-external-snapshotter-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-external-snapshotter:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-livenessprobe-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-livenessprobe:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-node-driver-registrar-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-node-driver-registrar:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-snapshot-controller-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-snapshot-controller:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-snapshot-validation-webhook-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-deployer:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-docker-builder:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-docker-registry:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-etcd:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-gcp-machine-controllers-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-gcp-pd-csi-driver-operator-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-gcp-pd-csi-driver-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-haproxy-router:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-hello-openshift-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-hyperkube:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-insights-rhel8-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-installer-artifacts:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-installer:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-ironic-hardware-inventory-recorder-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-ironic-inspector-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-ironic-ipa-downloader-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-ironic-machine-os-downloader-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-ironic-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-ironic-static-ip-manager-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-jenkins-agent-base:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-jenkins-agent-maven:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-jenkins-agent-nodejs-12-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-jenkins:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-k8s-prometheus-adapter:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-keepalived-ipfailover:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-kube-proxy:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-kube-rbac-proxy:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-kube-state-metrics:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-kube-storage-version-migrator-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-kuryr-cni-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-kuryr-controller-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-libvirt-machine-controllers:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-local-storage-static-provisioner:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-machine-api-operator:v4.7.0-202102172008.p0",
"8Base-RHOSE-4.7:openshift4/ose-machine-config-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-mdns-publisher-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-multus-admission-controller:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-multus-cni:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-multus-networkpolicy-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-multus-route-override-cni-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-multus-whereabouts-ipam-cni-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-must-gather:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-network-metrics-daemon-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-oauth-apiserver-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-oauth-proxy:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-oauth-server-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-openshift-apiserver-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-openshift-controller-manager-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-openshift-state-metrics-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-openstack-cinder-csi-driver-rhel8-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-openstack-cinder-csi-driver-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-openstack-machine-controllers:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-operator-lifecycle-manager:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-operator-marketplace:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-operator-registry:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-ovirt-machine-controllers-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-ovn-kubernetes:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-pod:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-prom-label-proxy:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-prometheus-alertmanager:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-prometheus-config-reloader:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-prometheus-node-exporter:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-prometheus-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-prometheus:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-sdn-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-service-ca-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-telemeter:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-tests:v4.7.0-202102181036.p0",
"8Base-RHOSE-4.7:openshift4/ose-thanos-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-tools-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-vsphere-problem-detector-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ovirt-csi-driver-rhel7:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ovirt-csi-driver-rhel8-operator:v4.7.0-202102130115.p0"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla",
"text": "https://bugzilla.redhat.com/show_bug.cgi?id=1898680"
}
],
"notes": [
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
},
{
"category": "description",
"text": "A flaw was found in nodejs-y18n. There is a prototype pollution vulnerability in y18n\u0027s locale functionality. If an attacker is able to provide untrusted input via locale, they may be able to cause denial of service or in rare circumstances, impact to data integrity or confidentiality.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "nodejs-y18n: prototype pollution vulnerability",
"title": "Vulnerability summary"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-4.7:openshift4/ose-grafana:v4.7.0-202102130115.p0"
],
"known_not_affected": [
"8Base-RHOSE-4.7:openshift4/egress-router-cni-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-aws-ebs-csi-driver-rhel8-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-aws-ebs-csi-driver-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-aws-machine-controllers:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-aws-pod-identity-webhook-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-azure-machine-controllers:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-baremetal-installer-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-baremetal-machine-controllers:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-baremetal-rhel8-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-baremetal-runtimecfg-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cli-artifacts:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cli:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cloud-credential-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-authentication-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-autoscaler-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-autoscaler:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-baremetal-operator-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-bootstrap:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-config-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-dns-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-etcd-rhel8-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-image-registry-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-ingress-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-kube-apiserver-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-kube-controller-manager-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-kube-scheduler-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-machine-approver:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-monitoring-operator:v4.7.0-202102172008.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-network-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-node-tuning-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-openshift-apiserver-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-openshift-controller-manager-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-policy-controller-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-samples-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-storage-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-update-keys:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-version-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-configmap-reloader:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-console-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-console:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-container-networking-plugins-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-coredns:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-driver-manila-rhel8-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-driver-manila-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-driver-nfs-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-external-attacher-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-external-attacher:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-external-provisioner-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-external-provisioner:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-external-resizer-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-external-resizer:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-external-snapshotter-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-external-snapshotter:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-livenessprobe-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-livenessprobe:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-node-driver-registrar-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-node-driver-registrar:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-snapshot-controller-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-snapshot-controller:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-snapshot-validation-webhook-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-deployer:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-docker-builder:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-docker-registry:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-etcd:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-gcp-machine-controllers-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-gcp-pd-csi-driver-operator-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-gcp-pd-csi-driver-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-haproxy-router:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-hello-openshift-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-hyperkube:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-insights-rhel8-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-installer-artifacts:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-installer:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-ironic-hardware-inventory-recorder-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-ironic-inspector-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-ironic-ipa-downloader-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-ironic-machine-os-downloader-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-ironic-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-ironic-static-ip-manager-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-jenkins-agent-base:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-jenkins-agent-maven:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-jenkins-agent-nodejs-12-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-jenkins:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-k8s-prometheus-adapter:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-keepalived-ipfailover:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-kube-proxy:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-kube-rbac-proxy:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-kube-state-metrics:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-kube-storage-version-migrator-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-kuryr-cni-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-kuryr-controller-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-libvirt-machine-controllers:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-local-storage-static-provisioner:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-machine-api-operator:v4.7.0-202102172008.p0",
"8Base-RHOSE-4.7:openshift4/ose-machine-config-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-mdns-publisher-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-multus-admission-controller:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-multus-cni:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-multus-networkpolicy-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-multus-route-override-cni-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-multus-whereabouts-ipam-cni-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-must-gather:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-network-metrics-daemon-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-oauth-apiserver-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-oauth-proxy:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-oauth-server-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-openshift-apiserver-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-openshift-controller-manager-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-openshift-state-metrics-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-openstack-cinder-csi-driver-rhel8-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-openstack-cinder-csi-driver-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-openstack-machine-controllers:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-operator-lifecycle-manager:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-operator-marketplace:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-operator-registry:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-ovirt-machine-controllers-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-ovn-kubernetes:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-pod:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-prom-label-proxy:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-prometheus-alertmanager:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-prometheus-config-reloader:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-prometheus-node-exporter:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-prometheus-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-prometheus:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-sdn-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-service-ca-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-telemeter:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-tests:v4.7.0-202102181036.p0",
"8Base-RHOSE-4.7:openshift4/ose-thanos-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-tools-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-vsphere-problem-detector-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ovirt-csi-driver-rhel7:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ovirt-csi-driver-rhel8-operator:v4.7.0-202102130115.p0"
]
},
"references": [
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-7774",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-7774"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-7774",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-7774"
},
{
"category": "external",
"summary": "https://snyk.io/vuln/SNYK-JS-Y18N-1021887",
"url": "https://snyk.io/vuln/SNYK-JS-Y18N-1021887"
},
{
"category": "external",
"summary": "CVE-2020-7774",
"url": "https://access.redhat.com/security/cve/CVE-2020-7774"
},
{
"category": "external",
"summary": "bz#1898680: CVE-2020-7774 nodejs-y18n: prototype pollution vulnerability",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1898680"
}
],
"release_date": "2020-10-25T00:00:00Z",
"remediations": [
{
"category": "vendor_fix",
"details": "For OpenShift Container Platform 4.7, see the following documentation, which\nwill be updated shortly for this release, for important instructions on how\nto upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.7/release_notes/ocp-4-7-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.7/updating/updating-cluster-cli.html.",
"product_ids": [
"8Base-RHOSE-4.7:openshift4/ose-grafana:v4.7.0-202102130115.p0"
],
"url": "https://access.redhat.com/errata/RHSA-2020:5633"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"8Base-RHOSE-4.7:openshift4/ose-grafana:v4.7.0-202102130115.p0"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-11-17T00:00:00Z",
"details": "Moderate"
}
],
"title": "CVE-2020-7774 nodejs-y18n: prototype pollution vulnerability"
},
{
"acknowledgments": [
{
"names": [
"the Kubernetes Product Security Committee"
]
},
{
"names": [
"Kaizhe Huang"
],
"organization": "derek0405",
"summary": "Acknowledged by upstream."
}
],
"cve": "CVE-2020-8563",
"cwe": {
"id": "CWE-117",
"name": "Improper Output Neutralization for Logs"
},
"discovery_date": "2020-10-09T00:00:00Z",
"flags": [
{
"label": "component_not_present",
"product_ids": [
"8Base-RHOSE-4.7:openshift4/egress-router-cni-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-aws-ebs-csi-driver-rhel8-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-aws-ebs-csi-driver-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-aws-machine-controllers:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-aws-pod-identity-webhook-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-azure-machine-controllers:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-baremetal-installer-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-baremetal-machine-controllers:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-baremetal-rhel8-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-baremetal-runtimecfg-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cli-artifacts:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cli:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cloud-credential-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-authentication-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-autoscaler-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-autoscaler:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-baremetal-operator-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-bootstrap:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-config-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-dns-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-etcd-rhel8-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-image-registry-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-ingress-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-kube-apiserver-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-kube-controller-manager-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-kube-scheduler-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-machine-approver:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-monitoring-operator:v4.7.0-202102172008.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-network-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-node-tuning-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-openshift-apiserver-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-openshift-controller-manager-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-policy-controller-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-samples-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-storage-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-update-keys:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-version-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-configmap-reloader:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-console-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-console:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-container-networking-plugins-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-coredns:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-driver-manila-rhel8-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-driver-manila-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-driver-nfs-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-external-attacher-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-external-attacher:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-external-provisioner-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-external-provisioner:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-external-resizer-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-external-resizer:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-external-snapshotter-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-external-snapshotter:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-livenessprobe-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-livenessprobe:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-node-driver-registrar-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-node-driver-registrar:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-snapshot-controller-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-snapshot-controller:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-snapshot-validation-webhook-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-deployer:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-docker-builder:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-docker-registry:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-etcd:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-gcp-machine-controllers-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-gcp-pd-csi-driver-operator-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-gcp-pd-csi-driver-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-grafana:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-haproxy-router:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-hello-openshift-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-insights-rhel8-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-installer-artifacts:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-installer:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-ironic-hardware-inventory-recorder-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-ironic-inspector-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-ironic-ipa-downloader-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-ironic-machine-os-downloader-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-ironic-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-ironic-static-ip-manager-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-jenkins-agent-base:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-jenkins-agent-maven:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-jenkins-agent-nodejs-12-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-jenkins:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-k8s-prometheus-adapter:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-keepalived-ipfailover:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-kube-proxy:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-kube-rbac-proxy:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-kube-state-metrics:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-kube-storage-version-migrator-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-kuryr-cni-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-kuryr-controller-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-libvirt-machine-controllers:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-local-storage-static-provisioner:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-machine-api-operator:v4.7.0-202102172008.p0",
"8Base-RHOSE-4.7:openshift4/ose-machine-config-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-mdns-publisher-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-multus-admission-controller:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-multus-cni:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-multus-networkpolicy-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-multus-route-override-cni-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-multus-whereabouts-ipam-cni-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-must-gather:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-network-metrics-daemon-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-oauth-apiserver-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-oauth-proxy:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-oauth-server-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-openshift-apiserver-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-openshift-controller-manager-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-openshift-state-metrics-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-openstack-cinder-csi-driver-rhel8-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-openstack-cinder-csi-driver-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-openstack-machine-controllers:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-operator-lifecycle-manager:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-operator-marketplace:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-operator-registry:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-ovirt-machine-controllers-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-ovn-kubernetes:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-pod:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-prom-label-proxy:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-prometheus-alertmanager:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-prometheus-config-reloader:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-prometheus-node-exporter:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-prometheus-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-prometheus:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-sdn-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-service-ca-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-telemeter:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-tests:v4.7.0-202102181036.p0",
"8Base-RHOSE-4.7:openshift4/ose-thanos-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-tools-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-vsphere-problem-detector-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ovirt-csi-driver-rhel7:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ovirt-csi-driver-rhel8-operator:v4.7.0-202102130115.p0"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla",
"text": "https://bugzilla.redhat.com/show_bug.cgi?id=1886635"
}
],
"notes": [
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
},
{
"category": "description",
"text": "A flaw was found in kubernetes. Clusters running on VSphere, using VSphere as a cloud provider a with logging level set to 4 or above, VSphere cloud credentials will be leaked in the cloud controller manager\u0027s log.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kubernetes: Secret leaks in kube-controller-manager when using vSphere Provider",
"title": "Vulnerability summary"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-4.7:openshift4/ose-hyperkube:v4.7.0-202102130115.p0"
],
"known_not_affected": [
"8Base-RHOSE-4.7:openshift4/egress-router-cni-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-aws-ebs-csi-driver-rhel8-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-aws-ebs-csi-driver-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-aws-machine-controllers:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-aws-pod-identity-webhook-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-azure-machine-controllers:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-baremetal-installer-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-baremetal-machine-controllers:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-baremetal-rhel8-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-baremetal-runtimecfg-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cli-artifacts:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cli:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cloud-credential-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-authentication-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-autoscaler-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-autoscaler:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-baremetal-operator-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-bootstrap:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-config-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-dns-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-etcd-rhel8-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-image-registry-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-ingress-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-kube-apiserver-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-kube-controller-manager-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-kube-scheduler-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-machine-approver:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-monitoring-operator:v4.7.0-202102172008.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-network-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-node-tuning-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-openshift-apiserver-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-openshift-controller-manager-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-policy-controller-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-samples-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-storage-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-update-keys:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-version-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-configmap-reloader:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-console-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-console:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-container-networking-plugins-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-coredns:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-driver-manila-rhel8-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-driver-manila-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-driver-nfs-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-external-attacher-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-external-attacher:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-external-provisioner-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-external-provisioner:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-external-resizer-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-external-resizer:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-external-snapshotter-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-external-snapshotter:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-livenessprobe-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-livenessprobe:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-node-driver-registrar-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-node-driver-registrar:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-snapshot-controller-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-snapshot-controller:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-snapshot-validation-webhook-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-deployer:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-docker-builder:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-docker-registry:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-etcd:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-gcp-machine-controllers-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-gcp-pd-csi-driver-operator-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-gcp-pd-csi-driver-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-grafana:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-haproxy-router:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-hello-openshift-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-insights-rhel8-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-installer-artifacts:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-installer:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-ironic-hardware-inventory-recorder-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-ironic-inspector-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-ironic-ipa-downloader-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-ironic-machine-os-downloader-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-ironic-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-ironic-static-ip-manager-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-jenkins-agent-base:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-jenkins-agent-maven:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-jenkins-agent-nodejs-12-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-jenkins:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-k8s-prometheus-adapter:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-keepalived-ipfailover:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-kube-proxy:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-kube-rbac-proxy:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-kube-state-metrics:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-kube-storage-version-migrator-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-kuryr-cni-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-kuryr-controller-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-libvirt-machine-controllers:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-local-storage-static-provisioner:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-machine-api-operator:v4.7.0-202102172008.p0",
"8Base-RHOSE-4.7:openshift4/ose-machine-config-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-mdns-publisher-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-multus-admission-controller:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-multus-cni:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-multus-networkpolicy-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-multus-route-override-cni-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-multus-whereabouts-ipam-cni-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-must-gather:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-network-metrics-daemon-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-oauth-apiserver-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-oauth-proxy:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-oauth-server-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-openshift-apiserver-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-openshift-controller-manager-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-openshift-state-metrics-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-openstack-cinder-csi-driver-rhel8-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-openstack-cinder-csi-driver-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-openstack-machine-controllers:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-operator-lifecycle-manager:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-operator-marketplace:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-operator-registry:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-ovirt-machine-controllers-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-ovn-kubernetes:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-pod:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-prom-label-proxy:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-prometheus-alertmanager:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-prometheus-config-reloader:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-prometheus-node-exporter:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-prometheus-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-prometheus:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-sdn-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-service-ca-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-telemeter:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-tests:v4.7.0-202102181036.p0",
"8Base-RHOSE-4.7:openshift4/ose-thanos-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-tools-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-vsphere-problem-detector-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ovirt-csi-driver-rhel7:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ovirt-csi-driver-rhel8-operator:v4.7.0-202102130115.p0"
]
},
"references": [
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-8563",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-8563"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-8563",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-8563"
},
{
"category": "external",
"summary": "https://github.com/kubernetes/kubernetes/issues/95621",
"url": "https://github.com/kubernetes/kubernetes/issues/95621"
},
{
"category": "external",
"summary": "https://groups.google.com/g/kubernetes-announce/c/ScdmyORnPDk",
"url": "https://groups.google.com/g/kubernetes-announce/c/ScdmyORnPDk"
},
{
"category": "external",
"summary": "CVE-2020-8563",
"url": "https://access.redhat.com/security/cve/CVE-2020-8563"
},
{
"category": "external",
"summary": "bz#1886635: CVE-2020-8563 kubernetes: Secret leaks in kube-controller-manager when using vSphere Provider",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1886635"
}
],
"release_date": "2020-10-14T00:00:00Z",
"remediations": [
{
"category": "vendor_fix",
"details": "For OpenShift Container Platform 4.7, see the following documentation, which\nwill be updated shortly for this release, for important instructions on how\nto upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.7/release_notes/ocp-4-7-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.7/updating/updating-cluster-cli.html.",
"product_ids": [
"8Base-RHOSE-4.7:openshift4/ose-hyperkube:v4.7.0-202102130115.p0"
],
"url": "https://access.redhat.com/errata/RHSA-2020:5633"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"8Base-RHOSE-4.7:openshift4/ose-hyperkube:v4.7.0-202102130115.p0"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-10-09T00:00:00Z",
"details": "Moderate"
}
],
"title": "CVE-2020-8563 kubernetes: Secret leaks in kube-controller-manager when using vSphere Provider"
},
{
"acknowledgments": [
{
"names": [
"the Kubernetes Product Security Committee"
]
},
{
"names": [
"Etienne Champetier"
],
"summary": "Acknowledged by upstream."
}
],
"cve": "CVE-2020-10749",
"cwe": {
"id": "CWE-300",
"name": "Channel Accessible by Non-Endpoint"
},
"discovery_date": "2020-05-08T00:00:00Z",
"flags": [
{
"label": "component_not_present",
"product_ids": [
"8Base-RHOSE-4.7:openshift4/egress-router-cni-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-aws-ebs-csi-driver-rhel8-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-aws-ebs-csi-driver-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-aws-machine-controllers:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-aws-pod-identity-webhook-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-azure-machine-controllers:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-baremetal-installer-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-baremetal-machine-controllers:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-baremetal-rhel8-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-baremetal-runtimecfg-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cli-artifacts:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cli:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cloud-credential-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-authentication-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-autoscaler-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-autoscaler:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-baremetal-operator-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-bootstrap:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-config-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-dns-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-etcd-rhel8-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-image-registry-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-ingress-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-kube-apiserver-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-kube-controller-manager-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-kube-scheduler-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-machine-approver:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-monitoring-operator:v4.7.0-202102172008.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-network-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-node-tuning-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-openshift-apiserver-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-openshift-controller-manager-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-policy-controller-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-samples-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-storage-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-update-keys:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-version-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-configmap-reloader:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-console-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-console:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-container-networking-plugins-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-coredns:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-driver-manila-rhel8-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-driver-manila-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-driver-nfs-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-external-attacher-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-external-attacher:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-external-provisioner-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-external-provisioner:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-external-resizer-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-external-resizer:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-external-snapshotter-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-external-snapshotter:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-livenessprobe-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-livenessprobe:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-node-driver-registrar-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-node-driver-registrar:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-snapshot-controller-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-snapshot-controller:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-snapshot-validation-webhook-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-deployer:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-docker-builder:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-docker-registry:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-etcd:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-gcp-machine-controllers-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-gcp-pd-csi-driver-operator-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-gcp-pd-csi-driver-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-grafana:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-haproxy-router:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-hello-openshift-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-hyperkube:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-insights-rhel8-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-installer-artifacts:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-installer:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-ironic-hardware-inventory-recorder-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-ironic-inspector-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-ironic-ipa-downloader-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-ironic-machine-os-downloader-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-ironic-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-ironic-static-ip-manager-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-jenkins-agent-base:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-jenkins-agent-maven:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-jenkins-agent-nodejs-12-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-jenkins:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-k8s-prometheus-adapter:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-keepalived-ipfailover:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-kube-proxy:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-kube-rbac-proxy:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-kube-state-metrics:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-kube-storage-version-migrator-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-kuryr-cni-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-kuryr-controller-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-libvirt-machine-controllers:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-local-storage-static-provisioner:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-machine-api-operator:v4.7.0-202102172008.p0",
"8Base-RHOSE-4.7:openshift4/ose-machine-config-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-mdns-publisher-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-multus-admission-controller:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-multus-cni:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-multus-networkpolicy-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-multus-route-override-cni-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-multus-whereabouts-ipam-cni-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-must-gather:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-network-metrics-daemon-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-oauth-apiserver-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-oauth-proxy:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-oauth-server-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-openshift-apiserver-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-openshift-controller-manager-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-openshift-state-metrics-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-openstack-cinder-csi-driver-rhel8-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-openstack-cinder-csi-driver-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-openstack-machine-controllers:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-operator-lifecycle-manager:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-operator-marketplace:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-operator-registry:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-ovirt-machine-controllers-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-ovn-kubernetes:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-pod:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-prom-label-proxy:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-prometheus-alertmanager:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-prometheus-config-reloader:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-prometheus-node-exporter:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-prometheus-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-prometheus:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-service-ca-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-telemeter:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-tests:v4.7.0-202102181036.p0",
"8Base-RHOSE-4.7:openshift4/ose-thanos-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-tools-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-vsphere-problem-detector-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ovirt-csi-driver-rhel7:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ovirt-csi-driver-rhel8-operator:v4.7.0-202102130115.p0"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla",
"text": "https://bugzilla.redhat.com/show_bug.cgi?id=1833220"
}
],
"notes": [
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
},
{
"category": "description",
"text": "A vulnerability was found in affected container networking implementations that allow malicious containers in Kubernetes clusters to perform man-in-the-middle (MitM) attacks. A malicious container can exploit this flaw by sending \u201crogue\u201d IPv6 router advertisements to the host or other containers, to redirect traffic to the malicious container.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "containernetworking/plugins: IPv6 router advertisements allow for MitM attacks on IPv4 clusters",
"title": "Vulnerability summary"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-4.7:openshift4/ose-sdn-rhel8:v4.7.0-202102130115.p0"
],
"known_not_affected": [
"8Base-RHOSE-4.7:openshift4/egress-router-cni-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-aws-ebs-csi-driver-rhel8-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-aws-ebs-csi-driver-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-aws-machine-controllers:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-aws-pod-identity-webhook-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-azure-machine-controllers:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-baremetal-installer-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-baremetal-machine-controllers:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-baremetal-rhel8-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-baremetal-runtimecfg-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cli-artifacts:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cli:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cloud-credential-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-authentication-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-autoscaler-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-autoscaler:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-baremetal-operator-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-bootstrap:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-config-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-dns-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-etcd-rhel8-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-image-registry-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-ingress-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-kube-apiserver-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-kube-controller-manager-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-kube-scheduler-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-machine-approver:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-monitoring-operator:v4.7.0-202102172008.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-network-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-node-tuning-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-openshift-apiserver-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-openshift-controller-manager-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-policy-controller-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-samples-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-storage-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-update-keys:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-version-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-configmap-reloader:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-console-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-console:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-container-networking-plugins-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-coredns:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-driver-manila-rhel8-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-driver-manila-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-driver-nfs-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-external-attacher-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-external-attacher:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-external-provisioner-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-external-provisioner:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-external-resizer-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-external-resizer:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-external-snapshotter-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-external-snapshotter:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-livenessprobe-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-livenessprobe:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-node-driver-registrar-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-node-driver-registrar:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-snapshot-controller-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-snapshot-controller:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-snapshot-validation-webhook-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-deployer:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-docker-builder:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-docker-registry:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-etcd:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-gcp-machine-controllers-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-gcp-pd-csi-driver-operator-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-gcp-pd-csi-driver-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-grafana:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-haproxy-router:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-hello-openshift-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-hyperkube:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-insights-rhel8-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-installer-artifacts:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-installer:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-ironic-hardware-inventory-recorder-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-ironic-inspector-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-ironic-ipa-downloader-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-ironic-machine-os-downloader-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-ironic-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-ironic-static-ip-manager-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-jenkins-agent-base:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-jenkins-agent-maven:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-jenkins-agent-nodejs-12-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-jenkins:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-k8s-prometheus-adapter:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-keepalived-ipfailover:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-kube-proxy:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-kube-rbac-proxy:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-kube-state-metrics:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-kube-storage-version-migrator-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-kuryr-cni-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-kuryr-controller-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-libvirt-machine-controllers:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-local-storage-static-provisioner:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-machine-api-operator:v4.7.0-202102172008.p0",
"8Base-RHOSE-4.7:openshift4/ose-machine-config-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-mdns-publisher-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-multus-admission-controller:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-multus-cni:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-multus-networkpolicy-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-multus-route-override-cni-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-multus-whereabouts-ipam-cni-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-must-gather:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-network-metrics-daemon-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-oauth-apiserver-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-oauth-proxy:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-oauth-server-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-openshift-apiserver-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-openshift-controller-manager-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-openshift-state-metrics-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-openstack-cinder-csi-driver-rhel8-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-openstack-cinder-csi-driver-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-openstack-machine-controllers:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-operator-lifecycle-manager:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-operator-marketplace:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-operator-registry:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-ovirt-machine-controllers-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-ovn-kubernetes:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-pod:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-prom-label-proxy:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-prometheus-alertmanager:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-prometheus-config-reloader:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-prometheus-node-exporter:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-prometheus-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-prometheus:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-service-ca-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-telemeter:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-tests:v4.7.0-202102181036.p0",
"8Base-RHOSE-4.7:openshift4/ose-thanos-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-tools-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-vsphere-problem-detector-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ovirt-csi-driver-rhel7:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ovirt-csi-driver-rhel8-operator:v4.7.0-202102130115.p0"
]
},
"references": [
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-10749",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-10749"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-10749",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-10749"
},
{
"category": "external",
"summary": "https://groups.google.com/forum/#!topic/kubernetes-security-announce/BMb_6ICCfp8",
"url": "https://groups.google.com/forum/#!topic/kubernetes-security-announce/BMb_6ICCfp8"
},
{
"category": "external",
"summary": "CVE-2020-10749",
"url": "https://access.redhat.com/security/cve/CVE-2020-10749"
},
{
"category": "external",
"summary": "bz#1833220: CVE-2020-10749 containernetworking/plugins: IPv6 router advertisements allow for MitM attacks on IPv4 clusters",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1833220"
}
],
"release_date": "2020-06-01T00:00:00Z",
"remediations": [
{
"category": "vendor_fix",
"details": "For OpenShift Container Platform 4.7, see the following documentation, which\nwill be updated shortly for this release, for important instructions on how\nto upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.7/release_notes/ocp-4-7-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.7/updating/updating-cluster-cli.html.",
"product_ids": [
"8Base-RHOSE-4.7:openshift4/ose-sdn-rhel8:v4.7.0-202102130115.p0"
],
"url": "https://access.redhat.com/errata/RHSA-2020:5633"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.0,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"8Base-RHOSE-4.7:openshift4/ose-sdn-rhel8:v4.7.0-202102130115.p0"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-05-08T00:00:00Z",
"details": "Moderate"
}
],
"title": "CVE-2020-10749 containernetworking/plugins: IPv6 router advertisements allow for MitM attacks on IPv4 clusters"
},
{
"acknowledgments": [
{
"names": [
"Prasanna Kumar Kalever"
],
"organization": "Red Hat",
"summary": "This issue was discovered by Red Hat."
}
],
"cve": "CVE-2020-10763",
"cwe": {
"id": "CWE-532",
"name": "Insertion of Sensitive Information into Log File"
},
"discovery_date": "2020-06-05T00:00:00Z",
"flags": [
{
"label": "component_not_present",
"product_ids": [
"8Base-RHOSE-4.7:openshift4/egress-router-cni-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-aws-ebs-csi-driver-rhel8-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-aws-ebs-csi-driver-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-aws-machine-controllers:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-aws-pod-identity-webhook-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-azure-machine-controllers:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-baremetal-installer-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-baremetal-machine-controllers:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-baremetal-rhel8-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-baremetal-runtimecfg-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cli-artifacts:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cli:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cloud-credential-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-authentication-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-autoscaler-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-baremetal-operator-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-bootstrap:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-config-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-dns-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-etcd-rhel8-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-image-registry-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-ingress-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-kube-apiserver-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-kube-controller-manager-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-kube-scheduler-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-machine-approver:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-monitoring-operator:v4.7.0-202102172008.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-network-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-node-tuning-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-openshift-apiserver-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-openshift-controller-manager-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-policy-controller-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-samples-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-storage-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-update-keys:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-version-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-configmap-reloader:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-console-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-console:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-container-networking-plugins-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-coredns:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-driver-manila-rhel8-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-driver-manila-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-driver-nfs-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-external-attacher-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-external-attacher:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-external-provisioner-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-external-provisioner:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-external-resizer-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-external-resizer:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-external-snapshotter-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-external-snapshotter:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-livenessprobe-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-livenessprobe:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-node-driver-registrar-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-node-driver-registrar:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-snapshot-controller-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-snapshot-controller:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-snapshot-validation-webhook-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-deployer:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-docker-builder:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-docker-registry:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-etcd:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-gcp-machine-controllers-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-gcp-pd-csi-driver-operator-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-gcp-pd-csi-driver-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-grafana:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-haproxy-router:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-hello-openshift-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-hyperkube:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-insights-rhel8-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-installer-artifacts:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-installer:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-ironic-hardware-inventory-recorder-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-ironic-inspector-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-ironic-ipa-downloader-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-ironic-machine-os-downloader-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-ironic-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-ironic-static-ip-manager-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-jenkins-agent-base:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-jenkins-agent-maven:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-jenkins-agent-nodejs-12-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-jenkins:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-k8s-prometheus-adapter:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-keepalived-ipfailover:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-kube-proxy:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-kube-rbac-proxy:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-kube-state-metrics:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-kube-storage-version-migrator-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-kuryr-cni-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-kuryr-controller-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-libvirt-machine-controllers:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-local-storage-static-provisioner:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-machine-api-operator:v4.7.0-202102172008.p0",
"8Base-RHOSE-4.7:openshift4/ose-machine-config-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-mdns-publisher-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-multus-admission-controller:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-multus-cni:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-multus-networkpolicy-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-multus-route-override-cni-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-multus-whereabouts-ipam-cni-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-must-gather:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-network-metrics-daemon-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-oauth-apiserver-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-oauth-proxy:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-oauth-server-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-openshift-apiserver-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-openshift-controller-manager-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-openshift-state-metrics-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-openstack-cinder-csi-driver-rhel8-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-openstack-cinder-csi-driver-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-openstack-machine-controllers:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-operator-lifecycle-manager:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-operator-marketplace:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-operator-registry:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-ovirt-machine-controllers-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-ovn-kubernetes:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-pod:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-prom-label-proxy:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-prometheus-alertmanager:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-prometheus-config-reloader:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-prometheus-node-exporter:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-prometheus-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-prometheus:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-sdn-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-service-ca-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-telemeter:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-tests:v4.7.0-202102181036.p0",
"8Base-RHOSE-4.7:openshift4/ose-thanos-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-tools-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-vsphere-problem-detector-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ovirt-csi-driver-rhel7:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ovirt-csi-driver-rhel8-operator:v4.7.0-202102130115.p0"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla",
"text": "https://bugzilla.redhat.com/show_bug.cgi?id=1845387"
}
],
"notes": [
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
},
{
"category": "description",
"text": "An information-disclosure flaw was found in the way Heketi logs sensitive information. This flaw allows an attacker with local access to the Heketi server, to read potentially sensitive information, such as gluster-block passwords.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "heketi: gluster-block volume password details available in logs",
"title": "Vulnerability summary"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-4.7:openshift4/ose-cluster-autoscaler:v4.7.0-202102130115.p0"
],
"known_not_affected": [
"8Base-RHOSE-4.7:openshift4/egress-router-cni-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-aws-ebs-csi-driver-rhel8-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-aws-ebs-csi-driver-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-aws-machine-controllers:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-aws-pod-identity-webhook-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-azure-machine-controllers:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-baremetal-installer-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-baremetal-machine-controllers:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-baremetal-rhel8-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-baremetal-runtimecfg-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cli-artifacts:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cli:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cloud-credential-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-authentication-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-autoscaler-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-baremetal-operator-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-bootstrap:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-config-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-dns-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-etcd-rhel8-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-image-registry-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-ingress-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-kube-apiserver-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-kube-controller-manager-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-kube-scheduler-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-machine-approver:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-monitoring-operator:v4.7.0-202102172008.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-network-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-node-tuning-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-openshift-apiserver-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-openshift-controller-manager-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-policy-controller-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-samples-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-storage-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-update-keys:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-version-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-configmap-reloader:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-console-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-console:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-container-networking-plugins-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-coredns:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-driver-manila-rhel8-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-driver-manila-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-driver-nfs-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-external-attacher-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-external-attacher:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-external-provisioner-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-external-provisioner:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-external-resizer-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-external-resizer:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-external-snapshotter-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-external-snapshotter:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-livenessprobe-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-livenessprobe:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-node-driver-registrar-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-node-driver-registrar:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-snapshot-controller-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-snapshot-controller:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-snapshot-validation-webhook-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-deployer:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-docker-builder:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-docker-registry:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-etcd:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-gcp-machine-controllers-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-gcp-pd-csi-driver-operator-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-gcp-pd-csi-driver-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-grafana:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-haproxy-router:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-hello-openshift-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-hyperkube:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-insights-rhel8-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-installer-artifacts:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-installer:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-ironic-hardware-inventory-recorder-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-ironic-inspector-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-ironic-ipa-downloader-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-ironic-machine-os-downloader-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-ironic-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-ironic-static-ip-manager-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-jenkins-agent-base:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-jenkins-agent-maven:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-jenkins-agent-nodejs-12-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-jenkins:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-k8s-prometheus-adapter:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-keepalived-ipfailover:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-kube-proxy:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-kube-rbac-proxy:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-kube-state-metrics:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-kube-storage-version-migrator-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-kuryr-cni-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-kuryr-controller-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-libvirt-machine-controllers:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-local-storage-static-provisioner:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-machine-api-operator:v4.7.0-202102172008.p0",
"8Base-RHOSE-4.7:openshift4/ose-machine-config-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-mdns-publisher-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-multus-admission-controller:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-multus-cni:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-multus-networkpolicy-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-multus-route-override-cni-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-multus-whereabouts-ipam-cni-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-must-gather:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-network-metrics-daemon-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-oauth-apiserver-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-oauth-proxy:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-oauth-server-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-openshift-apiserver-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-openshift-controller-manager-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-openshift-state-metrics-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-openstack-cinder-csi-driver-rhel8-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-openstack-cinder-csi-driver-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-openstack-machine-controllers:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-operator-lifecycle-manager:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-operator-marketplace:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-operator-registry:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-ovirt-machine-controllers-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-ovn-kubernetes:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-pod:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-prom-label-proxy:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-prometheus-alertmanager:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-prometheus-config-reloader:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-prometheus-node-exporter:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-prometheus-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-prometheus:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-sdn-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-service-ca-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-telemeter:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-tests:v4.7.0-202102181036.p0",
"8Base-RHOSE-4.7:openshift4/ose-thanos-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-tools-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-vsphere-problem-detector-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ovirt-csi-driver-rhel7:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ovirt-csi-driver-rhel8-operator:v4.7.0-202102130115.p0"
]
},
"references": [
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-10763",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-10763"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-10763",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-10763"
},
{
"category": "external",
"summary": "https://github.com/heketi/heketi/releases/tag/v10.1.0",
"url": "https://github.com/heketi/heketi/releases/tag/v10.1.0"
},
{
"category": "external",
"summary": "CVE-2020-10763",
"url": "https://access.redhat.com/security/cve/CVE-2020-10763"
},
{
"category": "external",
"summary": "bz#1845387: CVE-2020-10763 heketi: gluster-block volume password details available in logs",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1845387"
}
],
"release_date": "2020-09-30T00:00:00Z",
"remediations": [
{
"category": "vendor_fix",
"details": "For OpenShift Container Platform 4.7, see the following documentation, which\nwill be updated shortly for this release, for important instructions on how\nto upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.7/release_notes/ocp-4-7-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.7/updating/updating-cluster-cli.html.",
"product_ids": [
"8Base-RHOSE-4.7:openshift4/ose-cluster-autoscaler:v4.7.0-202102130115.p0"
],
"url": "https://access.redhat.com/errata/RHSA-2020:5633"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"8Base-RHOSE-4.7:openshift4/ose-cluster-autoscaler:v4.7.0-202102130115.p0"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-06-05T00:00:00Z",
"details": "Moderate"
}
],
"title": "CVE-2020-10763 heketi: gluster-block volume password details available in logs"
},
{
"cve": "CVE-2020-14040",
"cwe": {
"id": "CWE-835",
"name": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)"
},
"discovery_date": "2020-06-17T00:00:00Z",
"flags": [
{
"label": "component_not_present",
"product_ids": [
"8Base-RHOSE-4.7:openshift4/egress-router-cni-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-aws-ebs-csi-driver-rhel8-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-aws-ebs-csi-driver-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-aws-machine-controllers:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-aws-pod-identity-webhook-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-azure-machine-controllers:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-baremetal-installer-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-baremetal-machine-controllers:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-baremetal-rhel8-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-baremetal-runtimecfg-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cli-artifacts:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cli:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cloud-credential-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-authentication-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-autoscaler-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-autoscaler:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-baremetal-operator-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-config-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-dns-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-etcd-rhel8-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-image-registry-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-ingress-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-kube-apiserver-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-kube-controller-manager-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-kube-scheduler-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-machine-approver:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-monitoring-operator:v4.7.0-202102172008.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-network-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-node-tuning-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-openshift-apiserver-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-openshift-controller-manager-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-policy-controller-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-samples-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-storage-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-update-keys:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-version-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-configmap-reloader:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-console-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-console:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-container-networking-plugins-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-coredns:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-driver-manila-rhel8-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-driver-manila-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-driver-nfs-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-external-attacher-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-external-attacher:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-external-provisioner-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-external-provisioner:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-external-resizer-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-external-resizer:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-external-snapshotter-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-external-snapshotter:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-livenessprobe-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-livenessprobe:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-node-driver-registrar-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-node-driver-registrar:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-snapshot-controller-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-snapshot-controller:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-snapshot-validation-webhook-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-deployer:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-docker-builder:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-docker-registry:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-etcd:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-gcp-machine-controllers-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-gcp-pd-csi-driver-operator-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-gcp-pd-csi-driver-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-grafana:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-haproxy-router:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-hello-openshift-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-hyperkube:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-insights-rhel8-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-installer-artifacts:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-installer:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-ironic-hardware-inventory-recorder-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-ironic-inspector-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-ironic-ipa-downloader-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-ironic-machine-os-downloader-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-ironic-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-ironic-static-ip-manager-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-jenkins-agent-base:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-jenkins-agent-maven:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-jenkins-agent-nodejs-12-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-jenkins:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-k8s-prometheus-adapter:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-keepalived-ipfailover:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-kube-proxy:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-kube-rbac-proxy:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-kube-state-metrics:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-kube-storage-version-migrator-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-kuryr-cni-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-kuryr-controller-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-libvirt-machine-controllers:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-local-storage-static-provisioner:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-machine-api-operator:v4.7.0-202102172008.p0",
"8Base-RHOSE-4.7:openshift4/ose-machine-config-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-mdns-publisher-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-multus-admission-controller:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-multus-cni:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-multus-networkpolicy-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-multus-route-override-cni-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-multus-whereabouts-ipam-cni-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-must-gather:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-network-metrics-daemon-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-oauth-apiserver-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-oauth-proxy:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-oauth-server-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-openshift-apiserver-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-openshift-controller-manager-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-openshift-state-metrics-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-openstack-cinder-csi-driver-rhel8-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-openstack-cinder-csi-driver-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-openstack-machine-controllers:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-operator-lifecycle-manager:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-operator-marketplace:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-operator-registry:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-ovirt-machine-controllers-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-pod:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-prom-label-proxy:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-prometheus-alertmanager:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-prometheus-config-reloader:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-prometheus-node-exporter:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-prometheus-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-prometheus:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-sdn-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-service-ca-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-telemeter:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-tests:v4.7.0-202102181036.p0",
"8Base-RHOSE-4.7:openshift4/ose-thanos-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-tools-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-vsphere-problem-detector-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ovirt-csi-driver-rhel7:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ovirt-csi-driver-rhel8-operator:v4.7.0-202102130115.p0"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla",
"text": "https://bugzilla.redhat.com/show_bug.cgi?id=1853652"
}
],
"notes": [
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
},
{
"category": "description",
"text": "A denial of service vulnerability was found in the golang.org/x/text library. A library or application must use one of the vulnerable functions, such as unicode.Transform, transform.String, or transform.Byte, to be susceptible to this vulnerability. If an attacker is able to supply specific characters or strings to the vulnerable application, there is the potential to cause an infinite loop to occur using more memory, resulting in a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang.org/x/text: possibility to trigger an infinite loop in encoding/unicode could lead to crash",
"title": "Vulnerability summary"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-4.7:openshift4/ose-cluster-bootstrap:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-ovn-kubernetes:v4.7.0-202102130115.p0"
],
"known_not_affected": [
"8Base-RHOSE-4.7:openshift4/egress-router-cni-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-aws-ebs-csi-driver-rhel8-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-aws-ebs-csi-driver-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-aws-machine-controllers:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-aws-pod-identity-webhook-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-azure-machine-controllers:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-baremetal-installer-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-baremetal-machine-controllers:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-baremetal-rhel8-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-baremetal-runtimecfg-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cli-artifacts:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cli:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cloud-credential-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-authentication-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-autoscaler-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-autoscaler:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-baremetal-operator-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-config-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-dns-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-etcd-rhel8-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-image-registry-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-ingress-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-kube-apiserver-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-kube-controller-manager-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-kube-scheduler-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-machine-approver:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-monitoring-operator:v4.7.0-202102172008.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-network-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-node-tuning-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-openshift-apiserver-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-openshift-controller-manager-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-policy-controller-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-samples-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-storage-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-update-keys:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-version-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-configmap-reloader:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-console-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-console:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-container-networking-plugins-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-coredns:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-driver-manila-rhel8-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-driver-manila-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-driver-nfs-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-external-attacher-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-external-attacher:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-external-provisioner-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-external-provisioner:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-external-resizer-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-external-resizer:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-external-snapshotter-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-external-snapshotter:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-livenessprobe-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-livenessprobe:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-node-driver-registrar-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-node-driver-registrar:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-snapshot-controller-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-snapshot-controller:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-snapshot-validation-webhook-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-deployer:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-docker-builder:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-docker-registry:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-etcd:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-gcp-machine-controllers-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-gcp-pd-csi-driver-operator-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-gcp-pd-csi-driver-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-grafana:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-haproxy-router:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-hello-openshift-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-hyperkube:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-insights-rhel8-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-installer-artifacts:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-installer:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-ironic-hardware-inventory-recorder-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-ironic-inspector-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-ironic-ipa-downloader-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-ironic-machine-os-downloader-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-ironic-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-ironic-static-ip-manager-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-jenkins-agent-base:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-jenkins-agent-maven:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-jenkins-agent-nodejs-12-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-jenkins:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-k8s-prometheus-adapter:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-keepalived-ipfailover:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-kube-proxy:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-kube-rbac-proxy:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-kube-state-metrics:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-kube-storage-version-migrator-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-kuryr-cni-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-kuryr-controller-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-libvirt-machine-controllers:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-local-storage-static-provisioner:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-machine-api-operator:v4.7.0-202102172008.p0",
"8Base-RHOSE-4.7:openshift4/ose-machine-config-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-mdns-publisher-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-multus-admission-controller:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-multus-cni:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-multus-networkpolicy-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-multus-route-override-cni-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-multus-whereabouts-ipam-cni-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-must-gather:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-network-metrics-daemon-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-oauth-apiserver-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-oauth-proxy:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-oauth-server-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-openshift-apiserver-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-openshift-controller-manager-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-openshift-state-metrics-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-openstack-cinder-csi-driver-rhel8-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-openstack-cinder-csi-driver-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-openstack-machine-controllers:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-operator-lifecycle-manager:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-operator-marketplace:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-operator-registry:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-ovirt-machine-controllers-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-pod:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-prom-label-proxy:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-prometheus-alertmanager:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-prometheus-config-reloader:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-prometheus-node-exporter:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-prometheus-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-prometheus:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-sdn-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-service-ca-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-telemeter:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-tests:v4.7.0-202102181036.p0",
"8Base-RHOSE-4.7:openshift4/ose-thanos-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-tools-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-vsphere-problem-detector-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ovirt-csi-driver-rhel7:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ovirt-csi-driver-rhel8-operator:v4.7.0-202102130115.p0"
]
},
"references": [
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-14040",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14040"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-14040",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-14040"
},
{
"category": "external",
"summary": "https://github.com/golang/go/issues/39491",
"url": "https://github.com/golang/go/issues/39491"
},
{
"category": "external",
"summary": "https://groups.google.com/forum/#!topic/golang-announce/bXVeAmGOqz0",
"url": "https://groups.google.com/forum/#!topic/golang-announce/bXVeAmGOqz0"
},
{
"category": "external",
"summary": "CVE-2020-14040",
"url": "https://access.redhat.com/security/cve/CVE-2020-14040"
},
{
"category": "external",
"summary": "bz#1853652: CVE-2020-14040 golang.org/x/text: possibility to trigger an infinite loop in encoding/unicode could lead to crash",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1853652"
}
],
"release_date": "2020-06-17T00:00:00Z",
"remediations": [
{
"category": "vendor_fix",
"details": "For OpenShift Container Platform 4.7, see the following documentation, which\nwill be updated shortly for this release, for important instructions on how\nto upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.7/release_notes/ocp-4-7-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.7/updating/updating-cluster-cli.html.",
"product_ids": [
"8Base-RHOSE-4.7:openshift4/ose-cluster-bootstrap:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-ovn-kubernetes:v4.7.0-202102130115.p0"
],
"url": "https://access.redhat.com/errata/RHSA-2020:5633"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RHOSE-4.7:openshift4/ose-cluster-bootstrap:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-ovn-kubernetes:v4.7.0-202102130115.p0"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-06-17T00:00:00Z",
"details": "Moderate"
}
],
"title": "CVE-2020-14040 golang.org/x/text: possibility to trigger an infinite loop in encoding/unicode could lead to crash"
},
{
"cve": "CVE-2020-26160",
"cwe": {
"id": "CWE-284",
"name": "Improper Access Control"
},
"discovery_date": "2020-09-23T00:00:00Z",
"flags": [
{
"label": "component_not_present",
"product_ids": [
"8Base-RHOSE-4.7:openshift4/egress-router-cni-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-aws-ebs-csi-driver-rhel8-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-aws-ebs-csi-driver-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-aws-machine-controllers:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-aws-pod-identity-webhook-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-baremetal-installer-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-baremetal-machine-controllers:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-baremetal-rhel8-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-baremetal-runtimecfg-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cli-artifacts:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cli:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cloud-credential-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-authentication-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-autoscaler-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-autoscaler:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-baremetal-operator-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-bootstrap:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-config-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-dns-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-etcd-rhel8-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-image-registry-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-ingress-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-kube-apiserver-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-kube-controller-manager-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-kube-scheduler-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-machine-approver:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-monitoring-operator:v4.7.0-202102172008.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-network-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-node-tuning-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-openshift-apiserver-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-openshift-controller-manager-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-policy-controller-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-samples-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-storage-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-update-keys:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-version-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-configmap-reloader:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-console-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-console:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-container-networking-plugins-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-coredns:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-driver-manila-rhel8-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-driver-manila-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-driver-nfs-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-external-attacher-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-external-attacher:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-external-provisioner-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-external-provisioner:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-external-resizer-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-external-resizer:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-external-snapshotter-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-external-snapshotter:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-livenessprobe-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-livenessprobe:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-node-driver-registrar-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-node-driver-registrar:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-snapshot-controller-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-snapshot-controller:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-snapshot-validation-webhook-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-deployer:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-docker-builder:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-docker-registry:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-etcd:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-gcp-machine-controllers-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-gcp-pd-csi-driver-operator-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-gcp-pd-csi-driver-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-grafana:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-haproxy-router:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-hello-openshift-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-hyperkube:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-insights-rhel8-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-installer-artifacts:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-installer:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-ironic-hardware-inventory-recorder-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-ironic-inspector-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-ironic-ipa-downloader-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-ironic-machine-os-downloader-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-ironic-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-ironic-static-ip-manager-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-jenkins-agent-base:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-jenkins-agent-maven:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-jenkins-agent-nodejs-12-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-jenkins:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-k8s-prometheus-adapter:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-keepalived-ipfailover:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-kube-proxy:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-kube-rbac-proxy:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-kube-state-metrics:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-kube-storage-version-migrator-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-kuryr-cni-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-kuryr-controller-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-libvirt-machine-controllers:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-local-storage-static-provisioner:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-machine-api-operator:v4.7.0-202102172008.p0",
"8Base-RHOSE-4.7:openshift4/ose-machine-config-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-mdns-publisher-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-multus-admission-controller:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-multus-cni:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-multus-networkpolicy-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-multus-route-override-cni-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-multus-whereabouts-ipam-cni-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-must-gather:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-network-metrics-daemon-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-oauth-apiserver-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-oauth-proxy:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-oauth-server-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-openshift-apiserver-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-openshift-controller-manager-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-openshift-state-metrics-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-openstack-cinder-csi-driver-rhel8-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-openstack-cinder-csi-driver-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-openstack-machine-controllers:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-operator-lifecycle-manager:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-operator-marketplace:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-operator-registry:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-ovirt-machine-controllers-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-ovn-kubernetes:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-pod:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-prom-label-proxy:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-prometheus-alertmanager:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-prometheus-config-reloader:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-prometheus-node-exporter:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-prometheus-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-prometheus:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-sdn-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-service-ca-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-telemeter:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-tests:v4.7.0-202102181036.p0",
"8Base-RHOSE-4.7:openshift4/ose-thanos-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-tools-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-vsphere-problem-detector-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ovirt-csi-driver-rhel7:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ovirt-csi-driver-rhel8-operator:v4.7.0-202102130115.p0"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla",
"text": "https://bugzilla.redhat.com/show_bug.cgi?id=1883371"
}
],
"notes": [
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
},
{
"category": "description",
"text": "A vulnerability was found in jwt-go where it is vulnerable to Access Restriction Bypass if m[\"aud\"] happens to be []string{}, as allowed by the spec, the type assertion fails and the value of aud is \"\". This can cause audience verification to succeed even if the audiences being passed are incorrect if required is set to false.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jwt-go: access restriction bypass vulnerability",
"title": "Vulnerability summary"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-4.7:openshift4/ose-azure-machine-controllers:v4.7.0-202102130115.p0"
],
"known_not_affected": [
"8Base-RHOSE-4.7:openshift4/egress-router-cni-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-aws-ebs-csi-driver-rhel8-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-aws-ebs-csi-driver-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-aws-machine-controllers:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-aws-pod-identity-webhook-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-baremetal-installer-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-baremetal-machine-controllers:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-baremetal-rhel8-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-baremetal-runtimecfg-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cli-artifacts:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cli:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cloud-credential-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-authentication-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-autoscaler-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-autoscaler:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-baremetal-operator-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-bootstrap:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-config-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-dns-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-etcd-rhel8-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-image-registry-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-ingress-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-kube-apiserver-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-kube-controller-manager-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-kube-scheduler-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-machine-approver:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-monitoring-operator:v4.7.0-202102172008.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-network-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-node-tuning-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-openshift-apiserver-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-openshift-controller-manager-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-policy-controller-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-samples-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-storage-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-update-keys:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-version-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-configmap-reloader:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-console-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-console:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-container-networking-plugins-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-coredns:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-driver-manila-rhel8-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-driver-manila-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-driver-nfs-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-external-attacher-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-external-attacher:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-external-provisioner-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-external-provisioner:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-external-resizer-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-external-resizer:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-external-snapshotter-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-external-snapshotter:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-livenessprobe-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-livenessprobe:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-node-driver-registrar-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-node-driver-registrar:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-snapshot-controller-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-snapshot-controller:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-snapshot-validation-webhook-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-deployer:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-docker-builder:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-docker-registry:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-etcd:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-gcp-machine-controllers-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-gcp-pd-csi-driver-operator-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-gcp-pd-csi-driver-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-grafana:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-haproxy-router:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-hello-openshift-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-hyperkube:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-insights-rhel8-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-installer-artifacts:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-installer:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-ironic-hardware-inventory-recorder-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-ironic-inspector-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-ironic-ipa-downloader-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-ironic-machine-os-downloader-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-ironic-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-ironic-static-ip-manager-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-jenkins-agent-base:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-jenkins-agent-maven:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-jenkins-agent-nodejs-12-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-jenkins:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-k8s-prometheus-adapter:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-keepalived-ipfailover:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-kube-proxy:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-kube-rbac-proxy:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-kube-state-metrics:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-kube-storage-version-migrator-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-kuryr-cni-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-kuryr-controller-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-libvirt-machine-controllers:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-local-storage-static-provisioner:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-machine-api-operator:v4.7.0-202102172008.p0",
"8Base-RHOSE-4.7:openshift4/ose-machine-config-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-mdns-publisher-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-multus-admission-controller:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-multus-cni:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-multus-networkpolicy-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-multus-route-override-cni-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-multus-whereabouts-ipam-cni-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-must-gather:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-network-metrics-daemon-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-oauth-apiserver-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-oauth-proxy:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-oauth-server-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-openshift-apiserver-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-openshift-controller-manager-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-openshift-state-metrics-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-openstack-cinder-csi-driver-rhel8-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-openstack-cinder-csi-driver-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-openstack-machine-controllers:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-operator-lifecycle-manager:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-operator-marketplace:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-operator-registry:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-ovirt-machine-controllers-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-ovn-kubernetes:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-pod:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-prom-label-proxy:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-prometheus-alertmanager:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-prometheus-config-reloader:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-prometheus-node-exporter:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-prometheus-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-prometheus:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-sdn-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-service-ca-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-telemeter:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-tests:v4.7.0-202102181036.p0",
"8Base-RHOSE-4.7:openshift4/ose-thanos-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-tools-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-vsphere-problem-detector-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ovirt-csi-driver-rhel7:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ovirt-csi-driver-rhel8-operator:v4.7.0-202102130115.p0"
]
},
"references": [
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-26160",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-26160"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-26160",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-26160"
},
{
"category": "external",
"summary": "https://snyk.io/vuln/SNYK-GOLANG-GITHUBCOMDGRIJALVAJWTGO-596515",
"url": "https://snyk.io/vuln/SNYK-GOLANG-GITHUBCOMDGRIJALVAJWTGO-596515"
},
{
"category": "external",
"summary": "CVE-2020-26160",
"url": "https://access.redhat.com/security/cve/CVE-2020-26160"
},
{
"category": "external",
"summary": "bz#1883371: CVE-2020-26160 jwt-go: access restriction bypass vulnerability",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1883371"
}
],
"release_date": "2020-09-15T00:00:00Z",
"remediations": [
{
"category": "vendor_fix",
"details": "For OpenShift Container Platform 4.7, see the following documentation, which\nwill be updated shortly for this release, for important instructions on how\nto upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.7/release_notes/ocp-4-7-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.7/updating/updating-cluster-cli.html.",
"product_ids": [
"8Base-RHOSE-4.7:openshift4/ose-azure-machine-controllers:v4.7.0-202102130115.p0"
],
"url": "https://access.redhat.com/errata/RHSA-2020:5633"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"8Base-RHOSE-4.7:openshift4/ose-azure-machine-controllers:v4.7.0-202102130115.p0"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-09-23T00:00:00Z",
"details": "Moderate"
}
],
"title": "CVE-2020-26160 jwt-go: access restriction bypass vulnerability"
},
{
"cve": "CVE-2020-27813",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2020-11-27T00:00:00Z",
"flags": [
{
"label": "component_not_present",
"product_ids": [
"8Base-RHOSE-4.7:openshift4/egress-router-cni-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-aws-ebs-csi-driver-rhel8-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-aws-ebs-csi-driver-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-aws-machine-controllers:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-aws-pod-identity-webhook-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-azure-machine-controllers:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-baremetal-installer-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-baremetal-machine-controllers:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-baremetal-rhel8-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-baremetal-runtimecfg-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cli-artifacts:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cli:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cloud-credential-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-authentication-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-autoscaler-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-autoscaler:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-baremetal-operator-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-bootstrap:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-config-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-dns-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-etcd-rhel8-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-image-registry-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-ingress-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-kube-apiserver-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-kube-controller-manager-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-kube-scheduler-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-machine-approver:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-monitoring-operator:v4.7.0-202102172008.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-network-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-node-tuning-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-openshift-apiserver-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-openshift-controller-manager-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-policy-controller-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-samples-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-storage-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-update-keys:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-version-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-configmap-reloader:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-console-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-container-networking-plugins-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-coredns:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-driver-manila-rhel8-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-driver-manila-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-driver-nfs-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-external-attacher-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-external-attacher:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-external-provisioner-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-external-provisioner:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-external-resizer-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-external-resizer:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-external-snapshotter-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-external-snapshotter:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-livenessprobe-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-livenessprobe:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-node-driver-registrar-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-node-driver-registrar:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-snapshot-controller-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-snapshot-controller:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-snapshot-validation-webhook-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-deployer:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-docker-builder:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-docker-registry:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-etcd:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-gcp-machine-controllers-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-gcp-pd-csi-driver-operator-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-gcp-pd-csi-driver-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-grafana:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-haproxy-router:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-hello-openshift-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-hyperkube:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-insights-rhel8-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-installer-artifacts:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-installer:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-ironic-hardware-inventory-recorder-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-ironic-inspector-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-ironic-ipa-downloader-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-ironic-machine-os-downloader-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-ironic-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-ironic-static-ip-manager-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-jenkins-agent-base:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-jenkins-agent-maven:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-jenkins-agent-nodejs-12-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-jenkins:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-k8s-prometheus-adapter:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-keepalived-ipfailover:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-kube-proxy:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-kube-rbac-proxy:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-kube-state-metrics:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-kube-storage-version-migrator-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-kuryr-cni-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-kuryr-controller-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-libvirt-machine-controllers:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-local-storage-static-provisioner:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-machine-api-operator:v4.7.0-202102172008.p0",
"8Base-RHOSE-4.7:openshift4/ose-machine-config-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-mdns-publisher-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-multus-admission-controller:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-multus-cni:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-multus-networkpolicy-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-multus-route-override-cni-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-multus-whereabouts-ipam-cni-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-must-gather:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-network-metrics-daemon-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-oauth-apiserver-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-oauth-proxy:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-oauth-server-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-openshift-apiserver-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-openshift-controller-manager-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-openshift-state-metrics-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-openstack-cinder-csi-driver-rhel8-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-openstack-cinder-csi-driver-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-openstack-machine-controllers:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-operator-lifecycle-manager:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-operator-marketplace:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-operator-registry:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-ovirt-machine-controllers-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-ovn-kubernetes:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-pod:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-prom-label-proxy:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-prometheus-alertmanager:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-prometheus-config-reloader:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-prometheus-node-exporter:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-prometheus-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-prometheus:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-sdn-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-service-ca-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-telemeter:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-tests:v4.7.0-202102181036.p0",
"8Base-RHOSE-4.7:openshift4/ose-thanos-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-tools-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-vsphere-problem-detector-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ovirt-csi-driver-rhel7:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ovirt-csi-driver-rhel8-operator:v4.7.0-202102130115.p0"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla",
"text": "https://bugzilla.redhat.com/show_bug.cgi?id=1902111"
}
],
"notes": [
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
},
{
"category": "description",
"text": "An integer overflow vulnerability exists with the length of websocket frames received via a websocket connection. An attacker could use this flaw to cause a denial of service attack on an HTTP Server allowing websocket connections.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang-github-gorilla-websocket: integer overflow leads to denial of service",
"title": "Vulnerability summary"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-4.7:openshift4/ose-console:v4.7.0-202102130115.p0"
],
"known_not_affected": [
"8Base-RHOSE-4.7:openshift4/egress-router-cni-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-aws-ebs-csi-driver-rhel8-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-aws-ebs-csi-driver-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-aws-machine-controllers:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-aws-pod-identity-webhook-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-azure-machine-controllers:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-baremetal-installer-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-baremetal-machine-controllers:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-baremetal-rhel8-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-baremetal-runtimecfg-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cli-artifacts:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cli:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cloud-credential-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-authentication-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-autoscaler-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-autoscaler:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-baremetal-operator-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-bootstrap:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-config-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-dns-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-etcd-rhel8-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-image-registry-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-ingress-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-kube-apiserver-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-kube-controller-manager-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-kube-scheduler-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-machine-approver:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-monitoring-operator:v4.7.0-202102172008.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-network-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-node-tuning-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-openshift-apiserver-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-openshift-controller-manager-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-policy-controller-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-samples-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-storage-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-update-keys:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-version-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-configmap-reloader:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-console-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-container-networking-plugins-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-coredns:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-driver-manila-rhel8-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-driver-manila-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-driver-nfs-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-external-attacher-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-external-attacher:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-external-provisioner-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-external-provisioner:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-external-resizer-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-external-resizer:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-external-snapshotter-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-external-snapshotter:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-livenessprobe-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-livenessprobe:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-node-driver-registrar-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-node-driver-registrar:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-snapshot-controller-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-snapshot-controller:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-snapshot-validation-webhook-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-deployer:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-docker-builder:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-docker-registry:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-etcd:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-gcp-machine-controllers-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-gcp-pd-csi-driver-operator-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-gcp-pd-csi-driver-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-grafana:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-haproxy-router:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-hello-openshift-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-hyperkube:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-insights-rhel8-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-installer-artifacts:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-installer:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-ironic-hardware-inventory-recorder-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-ironic-inspector-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-ironic-ipa-downloader-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-ironic-machine-os-downloader-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-ironic-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-ironic-static-ip-manager-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-jenkins-agent-base:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-jenkins-agent-maven:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-jenkins-agent-nodejs-12-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-jenkins:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-k8s-prometheus-adapter:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-keepalived-ipfailover:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-kube-proxy:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-kube-rbac-proxy:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-kube-state-metrics:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-kube-storage-version-migrator-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-kuryr-cni-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-kuryr-controller-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-libvirt-machine-controllers:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-local-storage-static-provisioner:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-machine-api-operator:v4.7.0-202102172008.p0",
"8Base-RHOSE-4.7:openshift4/ose-machine-config-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-mdns-publisher-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-multus-admission-controller:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-multus-cni:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-multus-networkpolicy-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-multus-route-override-cni-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-multus-whereabouts-ipam-cni-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-must-gather:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-network-metrics-daemon-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-oauth-apiserver-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-oauth-proxy:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-oauth-server-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-openshift-apiserver-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-openshift-controller-manager-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-openshift-state-metrics-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-openstack-cinder-csi-driver-rhel8-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-openstack-cinder-csi-driver-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-openstack-machine-controllers:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-operator-lifecycle-manager:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-operator-marketplace:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-operator-registry:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-ovirt-machine-controllers-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-ovn-kubernetes:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-pod:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-prom-label-proxy:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-prometheus-alertmanager:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-prometheus-config-reloader:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-prometheus-node-exporter:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-prometheus-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-prometheus:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-sdn-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-service-ca-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-telemeter:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-tests:v4.7.0-202102181036.p0",
"8Base-RHOSE-4.7:openshift4/ose-thanos-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-tools-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-vsphere-problem-detector-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ovirt-csi-driver-rhel7:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ovirt-csi-driver-rhel8-operator:v4.7.0-202102130115.p0"
]
},
"references": [
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-27813",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-27813"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-27813",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-27813"
},
{
"category": "external",
"summary": "https://github.com/gorilla/websocket/security/advisories/GHSA-jf24-p9p9-4rjh",
"url": "https://github.com/gorilla/websocket/security/advisories/GHSA-jf24-p9p9-4rjh"
},
{
"category": "external",
"summary": "CVE-2020-27813",
"url": "https://access.redhat.com/security/cve/CVE-2020-27813"
},
{
"category": "external",
"summary": "bz#1902111: CVE-2020-27813 golang-github-gorilla-websocket: integer overflow leads to denial of service",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1902111"
}
],
"release_date": "2019-08-25T00:00:00Z",
"remediations": [
{
"category": "vendor_fix",
"details": "For OpenShift Container Platform 4.7, see the following documentation, which\nwill be updated shortly for this release, for important instructions on how\nto upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.7/release_notes/ocp-4-7-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.7/updating/updating-cluster-cli.html.",
"product_ids": [
"8Base-RHOSE-4.7:openshift4/ose-console:v4.7.0-202102130115.p0"
],
"url": "https://access.redhat.com/errata/RHSA-2020:5633"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RHOSE-4.7:openshift4/ose-console:v4.7.0-202102130115.p0"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-11-27T00:00:00Z",
"details": "Moderate"
}
],
"title": "CVE-2020-27813 golang-github-gorilla-websocket: integer overflow leads to denial of service"
},
{
"cve": "CVE-2020-27846",
"cwe": {
"id": "CWE-115",
"name": "Misinterpretation of Input"
},
"discovery_date": "2020-12-15T00:00:00Z",
"flags": [
{
"label": "component_not_present",
"product_ids": [
"8Base-RHOSE-4.7:openshift4/egress-router-cni-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-aws-ebs-csi-driver-rhel8-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-aws-ebs-csi-driver-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-aws-machine-controllers:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-aws-pod-identity-webhook-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-azure-machine-controllers:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-baremetal-installer-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-baremetal-machine-controllers:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-baremetal-rhel8-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-baremetal-runtimecfg-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cli-artifacts:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cli:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cloud-credential-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-authentication-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-autoscaler-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-autoscaler:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-baremetal-operator-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-bootstrap:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-config-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-dns-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-etcd-rhel8-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-image-registry-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-ingress-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-kube-apiserver-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-kube-controller-manager-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-kube-scheduler-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-machine-approver:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-monitoring-operator:v4.7.0-202102172008.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-network-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-node-tuning-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-openshift-apiserver-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-openshift-controller-manager-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-policy-controller-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-samples-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-storage-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-update-keys:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-version-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-configmap-reloader:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-console-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-console:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-container-networking-plugins-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-coredns:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-driver-manila-rhel8-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-driver-manila-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-driver-nfs-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-external-attacher-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-external-attacher:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-external-provisioner-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-external-provisioner:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-external-resizer-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-external-resizer:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-external-snapshotter-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-external-snapshotter:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-livenessprobe-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-livenessprobe:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-node-driver-registrar-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-node-driver-registrar:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-snapshot-controller-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-snapshot-controller:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-snapshot-validation-webhook-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-deployer:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-docker-builder:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-docker-registry:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-etcd:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-gcp-machine-controllers-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-gcp-pd-csi-driver-operator-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-gcp-pd-csi-driver-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-haproxy-router:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-hello-openshift-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-hyperkube:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-insights-rhel8-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-installer-artifacts:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-installer:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-ironic-hardware-inventory-recorder-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-ironic-inspector-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-ironic-ipa-downloader-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-ironic-machine-os-downloader-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-ironic-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-ironic-static-ip-manager-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-jenkins-agent-base:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-jenkins-agent-maven:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-jenkins-agent-nodejs-12-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-jenkins:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-k8s-prometheus-adapter:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-keepalived-ipfailover:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-kube-proxy:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-kube-rbac-proxy:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-kube-state-metrics:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-kube-storage-version-migrator-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-kuryr-cni-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-kuryr-controller-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-libvirt-machine-controllers:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-local-storage-static-provisioner:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-machine-api-operator:v4.7.0-202102172008.p0",
"8Base-RHOSE-4.7:openshift4/ose-machine-config-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-mdns-publisher-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-multus-admission-controller:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-multus-cni:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-multus-networkpolicy-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-multus-route-override-cni-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-multus-whereabouts-ipam-cni-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-must-gather:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-network-metrics-daemon-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-oauth-apiserver-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-oauth-proxy:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-oauth-server-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-openshift-apiserver-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-openshift-controller-manager-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-openshift-state-metrics-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-openstack-cinder-csi-driver-rhel8-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-openstack-cinder-csi-driver-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-openstack-machine-controllers:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-operator-lifecycle-manager:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-operator-marketplace:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-operator-registry:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-ovirt-machine-controllers-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-ovn-kubernetes:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-pod:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-prom-label-proxy:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-prometheus-alertmanager:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-prometheus-config-reloader:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-prometheus-node-exporter:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-prometheus-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-prometheus:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-sdn-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-service-ca-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-telemeter:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-tests:v4.7.0-202102181036.p0",
"8Base-RHOSE-4.7:openshift4/ose-thanos-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-tools-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-vsphere-problem-detector-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ovirt-csi-driver-rhel7:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ovirt-csi-driver-rhel8-operator:v4.7.0-202102130115.p0"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla",
"text": "https://bugzilla.redhat.com/show_bug.cgi?id=1907670"
}
],
"notes": [
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
},
{
"category": "description",
"text": "A signature verification vulnerability exists in crewjam/saml. This flaw allows an attacker to bypass SAML Authentication. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "crewjam/saml: authentication bypass in saml authentication",
"title": "Vulnerability summary"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-4.7:openshift4/ose-grafana:v4.7.0-202102130115.p0"
],
"known_not_affected": [
"8Base-RHOSE-4.7:openshift4/egress-router-cni-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-aws-ebs-csi-driver-rhel8-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-aws-ebs-csi-driver-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-aws-machine-controllers:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-aws-pod-identity-webhook-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-azure-machine-controllers:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-baremetal-installer-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-baremetal-machine-controllers:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-baremetal-rhel8-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-baremetal-runtimecfg-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cli-artifacts:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cli:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cloud-credential-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-authentication-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-autoscaler-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-autoscaler:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-baremetal-operator-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-bootstrap:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-config-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-dns-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-etcd-rhel8-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-image-registry-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-ingress-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-kube-apiserver-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-kube-controller-manager-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-kube-scheduler-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-machine-approver:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-monitoring-operator:v4.7.0-202102172008.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-network-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-node-tuning-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-openshift-apiserver-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-openshift-controller-manager-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-policy-controller-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-samples-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-storage-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-update-keys:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-version-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-configmap-reloader:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-console-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-console:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-container-networking-plugins-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-coredns:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-driver-manila-rhel8-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-driver-manila-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-driver-nfs-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-external-attacher-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-external-attacher:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-external-provisioner-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-external-provisioner:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-external-resizer-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-external-resizer:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-external-snapshotter-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-external-snapshotter:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-livenessprobe-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-livenessprobe:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-node-driver-registrar-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-node-driver-registrar:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-snapshot-controller-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-snapshot-controller:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-snapshot-validation-webhook-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-deployer:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-docker-builder:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-docker-registry:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-etcd:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-gcp-machine-controllers-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-gcp-pd-csi-driver-operator-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-gcp-pd-csi-driver-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-haproxy-router:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-hello-openshift-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-hyperkube:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-insights-rhel8-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-installer-artifacts:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-installer:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-ironic-hardware-inventory-recorder-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-ironic-inspector-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-ironic-ipa-downloader-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-ironic-machine-os-downloader-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-ironic-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-ironic-static-ip-manager-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-jenkins-agent-base:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-jenkins-agent-maven:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-jenkins-agent-nodejs-12-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-jenkins:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-k8s-prometheus-adapter:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-keepalived-ipfailover:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-kube-proxy:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-kube-rbac-proxy:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-kube-state-metrics:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-kube-storage-version-migrator-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-kuryr-cni-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-kuryr-controller-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-libvirt-machine-controllers:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-local-storage-static-provisioner:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-machine-api-operator:v4.7.0-202102172008.p0",
"8Base-RHOSE-4.7:openshift4/ose-machine-config-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-mdns-publisher-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-multus-admission-controller:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-multus-cni:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-multus-networkpolicy-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-multus-route-override-cni-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-multus-whereabouts-ipam-cni-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-must-gather:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-network-metrics-daemon-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-oauth-apiserver-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-oauth-proxy:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-oauth-server-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-openshift-apiserver-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-openshift-controller-manager-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-openshift-state-metrics-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-openstack-cinder-csi-driver-rhel8-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-openstack-cinder-csi-driver-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-openstack-machine-controllers:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-operator-lifecycle-manager:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-operator-marketplace:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-operator-registry:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-ovirt-machine-controllers-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-ovn-kubernetes:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-pod:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-prom-label-proxy:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-prometheus-alertmanager:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-prometheus-config-reloader:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-prometheus-node-exporter:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-prometheus-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-prometheus:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-sdn-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-service-ca-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-telemeter:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-tests:v4.7.0-202102181036.p0",
"8Base-RHOSE-4.7:openshift4/ose-thanos-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-tools-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-vsphere-problem-detector-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ovirt-csi-driver-rhel7:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ovirt-csi-driver-rhel8-operator:v4.7.0-202102130115.p0"
]
},
"references": [
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-27846",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-27846"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-27846",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-27846"
},
{
"category": "external",
"summary": "https://github.com/crewjam/saml/security/advisories/GHSA-4hq8-gmxx-h6w9",
"url": "https://github.com/crewjam/saml/security/advisories/GHSA-4hq8-gmxx-h6w9"
},
{
"category": "external",
"summary": "https://grafana.com/blog/2020/12/17/grafana-6.7.5-7.2.3-and-7.3.6-released-with-important-security-fix-for-grafana-enterprise/",
"url": "https://grafana.com/blog/2020/12/17/grafana-6.7.5-7.2.3-and-7.3.6-released-with-important-security-fix-for-grafana-enterprise/"
},
{
"category": "external",
"summary": "https://mattermost.com/blog/coordinated-disclosure-go-xml-vulnerabilities/",
"url": "https://mattermost.com/blog/coordinated-disclosure-go-xml-vulnerabilities/"
},
{
"category": "external",
"summary": "CVE-2020-27846",
"url": "https://access.redhat.com/security/cve/CVE-2020-27846"
},
{
"category": "external",
"summary": "bz#1907670: CVE-2020-27846 crewjam/saml: authentication bypass in saml authentication",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1907670"
}
],
"release_date": "2020-12-17T13:00:00Z",
"remediations": [
{
"category": "vendor_fix",
"details": "For OpenShift Container Platform 4.7, see the following documentation, which\nwill be updated shortly for this release, for important instructions on how\nto upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.7/release_notes/ocp-4-7-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.7/updating/updating-cluster-cli.html.",
"product_ids": [
"8Base-RHOSE-4.7:openshift4/ose-grafana:v4.7.0-202102130115.p0"
],
"url": "https://access.redhat.com/errata/RHSA-2020:5633"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-RHOSE-4.7:openshift4/ose-grafana:v4.7.0-202102130115.p0"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-12-15T00:00:00Z",
"details": "Critical"
}
],
"title": "CVE-2020-27846 crewjam/saml: authentication bypass in saml authentication"
},
{
"cve": "CVE-2020-28362",
"cwe": {
"id": "CWE-295",
"name": "Improper Certificate Validation"
},
"discovery_date": "2020-11-12T00:00:00Z",
"flags": [
{
"label": "component_not_present",
"product_ids": [
"8Base-RHOSE-4.7:openshift4/egress-router-cni-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-aws-ebs-csi-driver-rhel8-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-aws-ebs-csi-driver-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-aws-machine-controllers:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-aws-pod-identity-webhook-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-azure-machine-controllers:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-baremetal-installer-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-baremetal-machine-controllers:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-baremetal-rhel8-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-baremetal-runtimecfg-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cli-artifacts:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cli:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cloud-credential-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-authentication-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-autoscaler-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-autoscaler:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-baremetal-operator-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-bootstrap:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-config-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-dns-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-etcd-rhel8-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-image-registry-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-ingress-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-kube-apiserver-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-kube-controller-manager-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-kube-scheduler-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-machine-approver:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-monitoring-operator:v4.7.0-202102172008.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-network-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-node-tuning-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-openshift-apiserver-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-openshift-controller-manager-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-policy-controller-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-samples-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-storage-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-update-keys:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-version-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-configmap-reloader:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-console-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-console:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-container-networking-plugins-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-coredns:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-driver-manila-rhel8-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-driver-manila-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-driver-nfs-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-external-attacher-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-external-attacher:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-external-provisioner-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-external-provisioner:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-external-resizer-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-external-resizer:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-external-snapshotter-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-external-snapshotter:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-livenessprobe-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-livenessprobe:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-node-driver-registrar-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-node-driver-registrar:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-snapshot-controller-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-snapshot-controller:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-snapshot-validation-webhook-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-deployer:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-docker-builder:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-docker-registry:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-etcd:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-gcp-machine-controllers-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-gcp-pd-csi-driver-operator-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-gcp-pd-csi-driver-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-grafana:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-haproxy-router:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-hello-openshift-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-hyperkube:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-insights-rhel8-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-installer-artifacts:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-installer:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-ironic-hardware-inventory-recorder-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-ironic-inspector-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-ironic-ipa-downloader-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-ironic-machine-os-downloader-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-ironic-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-ironic-static-ip-manager-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-jenkins-agent-base:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-jenkins-agent-maven:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-jenkins-agent-nodejs-12-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-jenkins:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-k8s-prometheus-adapter:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-keepalived-ipfailover:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-kube-proxy:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-kube-rbac-proxy:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-kube-state-metrics:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-kube-storage-version-migrator-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-kuryr-cni-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-kuryr-controller-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-libvirt-machine-controllers:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-local-storage-static-provisioner:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-machine-api-operator:v4.7.0-202102172008.p0",
"8Base-RHOSE-4.7:openshift4/ose-machine-config-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-mdns-publisher-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-multus-admission-controller:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-multus-cni:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-multus-networkpolicy-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-multus-route-override-cni-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-multus-whereabouts-ipam-cni-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-must-gather:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-network-metrics-daemon-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-oauth-apiserver-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-oauth-proxy:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-oauth-server-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-openshift-apiserver-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-openshift-controller-manager-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-openshift-state-metrics-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-openstack-cinder-csi-driver-rhel8-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-openstack-cinder-csi-driver-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-openstack-machine-controllers:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-operator-lifecycle-manager:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-operator-marketplace:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-ovirt-machine-controllers-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-ovn-kubernetes:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-pod:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-prom-label-proxy:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-prometheus-alertmanager:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-prometheus-config-reloader:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-prometheus-node-exporter:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-prometheus-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-prometheus:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-sdn-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-service-ca-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-telemeter:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-tests:v4.7.0-202102181036.p0",
"8Base-RHOSE-4.7:openshift4/ose-thanos-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-tools-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-vsphere-problem-detector-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ovirt-csi-driver-rhel7:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ovirt-csi-driver-rhel8-operator:v4.7.0-202102130115.p0"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla",
"text": "https://bugzilla.redhat.com/show_bug.cgi?id=1897635"
}
],
"notes": [
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
},
{
"category": "description",
"text": "A flaw was found in the math/big package of Go\u0027s standard library that causes a denial of service. Applications written in Go that use math/big via cryptographic packages, including crypto/rsa and crypto/x509, are vulnerable and can potentially cause panic via a crafted certificate chain. The highest threat from this vulnerability is to system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: math/big: panic during recursive division of very large numbers",
"title": "Vulnerability summary"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-4.7:openshift4/ose-operator-registry:v4.7.0-202102130115.p0"
],
"known_not_affected": [
"8Base-RHOSE-4.7:openshift4/egress-router-cni-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-aws-ebs-csi-driver-rhel8-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-aws-ebs-csi-driver-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-aws-machine-controllers:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-aws-pod-identity-webhook-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-azure-machine-controllers:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-baremetal-installer-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-baremetal-machine-controllers:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-baremetal-rhel8-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-baremetal-runtimecfg-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cli-artifacts:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cli:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cloud-credential-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-authentication-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-autoscaler-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-autoscaler:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-baremetal-operator-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-bootstrap:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-config-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-dns-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-etcd-rhel8-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-image-registry-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-ingress-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-kube-apiserver-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-kube-controller-manager-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-kube-scheduler-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-machine-approver:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-monitoring-operator:v4.7.0-202102172008.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-network-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-node-tuning-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-openshift-apiserver-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-openshift-controller-manager-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-policy-controller-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-samples-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-storage-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-update-keys:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-version-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-configmap-reloader:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-console-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-console:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-container-networking-plugins-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-coredns:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-driver-manila-rhel8-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-driver-manila-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-driver-nfs-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-external-attacher-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-external-attacher:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-external-provisioner-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-external-provisioner:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-external-resizer-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-external-resizer:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-external-snapshotter-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-external-snapshotter:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-livenessprobe-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-livenessprobe:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-node-driver-registrar-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-node-driver-registrar:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-snapshot-controller-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-snapshot-controller:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-snapshot-validation-webhook-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-deployer:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-docker-builder:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-docker-registry:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-etcd:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-gcp-machine-controllers-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-gcp-pd-csi-driver-operator-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-gcp-pd-csi-driver-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-grafana:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-haproxy-router:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-hello-openshift-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-hyperkube:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-insights-rhel8-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-installer-artifacts:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-installer:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-ironic-hardware-inventory-recorder-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-ironic-inspector-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-ironic-ipa-downloader-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-ironic-machine-os-downloader-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-ironic-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-ironic-static-ip-manager-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-jenkins-agent-base:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-jenkins-agent-maven:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-jenkins-agent-nodejs-12-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-jenkins:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-k8s-prometheus-adapter:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-keepalived-ipfailover:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-kube-proxy:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-kube-rbac-proxy:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-kube-state-metrics:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-kube-storage-version-migrator-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-kuryr-cni-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-kuryr-controller-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-libvirt-machine-controllers:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-local-storage-static-provisioner:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-machine-api-operator:v4.7.0-202102172008.p0",
"8Base-RHOSE-4.7:openshift4/ose-machine-config-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-mdns-publisher-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-multus-admission-controller:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-multus-cni:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-multus-networkpolicy-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-multus-route-override-cni-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-multus-whereabouts-ipam-cni-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-must-gather:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-network-metrics-daemon-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-oauth-apiserver-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-oauth-proxy:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-oauth-server-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-openshift-apiserver-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-openshift-controller-manager-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-openshift-state-metrics-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-openstack-cinder-csi-driver-rhel8-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-openstack-cinder-csi-driver-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-openstack-machine-controllers:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-operator-lifecycle-manager:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-operator-marketplace:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-ovirt-machine-controllers-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-ovn-kubernetes:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-pod:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-prom-label-proxy:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-prometheus-alertmanager:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-prometheus-config-reloader:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-prometheus-node-exporter:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-prometheus-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-prometheus:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-sdn-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-service-ca-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-telemeter:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-tests:v4.7.0-202102181036.p0",
"8Base-RHOSE-4.7:openshift4/ose-thanos-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-tools-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-vsphere-problem-detector-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ovirt-csi-driver-rhel7:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ovirt-csi-driver-rhel8-operator:v4.7.0-202102130115.p0"
]
},
"references": [
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-28362",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-28362"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-28362",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-28362"
},
{
"category": "external",
"summary": "CVE-2020-28362",
"url": "https://access.redhat.com/security/cve/CVE-2020-28362"
},
{
"category": "external",
"summary": "bz#1897635: CVE-2020-28362 golang: math/big: panic during recursive division of very large numbers",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1897635"
}
],
"release_date": "2020-11-12T00:00:00Z",
"remediations": [
{
"category": "vendor_fix",
"details": "For OpenShift Container Platform 4.7, see the following documentation, which\nwill be updated shortly for this release, for important instructions on how\nto upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.7/release_notes/ocp-4-7-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.7/updating/updating-cluster-cli.html.",
"product_ids": [
"8Base-RHOSE-4.7:openshift4/ose-operator-registry:v4.7.0-202102130115.p0"
],
"url": "https://access.redhat.com/errata/RHSA-2020:5633"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RHOSE-4.7:openshift4/ose-operator-registry:v4.7.0-202102130115.p0"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-11-12T00:00:00Z",
"details": "Moderate"
}
],
"title": "CVE-2020-28362 golang: math/big: panic during recursive division of very large numbers"
},
{
"cve": "CVE-2020-29652",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"discovery_date": "2020-12-17T00:00:00Z",
"flags": [
{
"label": "component_not_present",
"product_ids": [
"8Base-RHOSE-4.7:openshift4/egress-router-cni-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-aws-ebs-csi-driver-rhel8-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-aws-machine-controllers:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-aws-pod-identity-webhook-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-baremetal-machine-controllers:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-baremetal-rhel8-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-baremetal-runtimecfg-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cli-artifacts:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cli:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cloud-credential-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-authentication-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-autoscaler-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-autoscaler:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-baremetal-operator-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-bootstrap:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-config-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-dns-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-etcd-rhel8-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-image-registry-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-ingress-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-kube-apiserver-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-kube-controller-manager-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-kube-scheduler-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-machine-approver:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-monitoring-operator:v4.7.0-202102172008.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-network-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-node-tuning-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-openshift-apiserver-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-openshift-controller-manager-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-policy-controller-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-samples-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-storage-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-update-keys:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-version-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-configmap-reloader:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-console-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-console:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-container-networking-plugins-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-coredns:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-driver-manila-rhel8-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-driver-manila-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-driver-nfs-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-external-attacher-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-external-attacher:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-external-provisioner-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-external-provisioner:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-external-resizer-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-external-resizer:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-external-snapshotter-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-external-snapshotter:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-livenessprobe-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-livenessprobe:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-node-driver-registrar-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-node-driver-registrar:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-snapshot-controller-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-snapshot-controller:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-snapshot-validation-webhook-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-deployer:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-docker-builder:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-docker-registry:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-etcd:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-gcp-machine-controllers-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-gcp-pd-csi-driver-operator-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-gcp-pd-csi-driver-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-grafana:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-haproxy-router:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-hello-openshift-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-hyperkube:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-insights-rhel8-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-ironic-hardware-inventory-recorder-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-ironic-inspector-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-ironic-ipa-downloader-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-ironic-machine-os-downloader-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-ironic-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-ironic-static-ip-manager-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-jenkins-agent-base:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-jenkins-agent-maven:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-jenkins-agent-nodejs-12-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-jenkins:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-k8s-prometheus-adapter:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-keepalived-ipfailover:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-kube-proxy:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-kube-rbac-proxy:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-kube-state-metrics:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-kube-storage-version-migrator-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-kuryr-cni-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-kuryr-controller-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-libvirt-machine-controllers:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-local-storage-static-provisioner:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-machine-api-operator:v4.7.0-202102172008.p0",
"8Base-RHOSE-4.7:openshift4/ose-machine-config-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-mdns-publisher-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-multus-admission-controller:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-multus-cni:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-multus-networkpolicy-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-multus-route-override-cni-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-multus-whereabouts-ipam-cni-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-must-gather:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-network-metrics-daemon-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-oauth-apiserver-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-oauth-proxy:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-oauth-server-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-openshift-apiserver-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-openshift-controller-manager-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-openshift-state-metrics-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-openstack-cinder-csi-driver-rhel8-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-openstack-cinder-csi-driver-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-openstack-machine-controllers:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-operator-lifecycle-manager:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-operator-marketplace:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-operator-registry:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-ovirt-machine-controllers-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-ovn-kubernetes:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-pod:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-prom-label-proxy:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-prometheus-alertmanager:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-prometheus-config-reloader:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-prometheus-node-exporter:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-prometheus-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-prometheus:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-sdn-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-service-ca-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-telemeter:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-tests:v4.7.0-202102181036.p0",
"8Base-RHOSE-4.7:openshift4/ose-thanos-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-tools-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-vsphere-problem-detector-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ovirt-csi-driver-rhel7:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ovirt-csi-driver-rhel8-operator:v4.7.0-202102130115.p0"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla",
"text": "https://bugzilla.redhat.com/show_bug.cgi?id=1908883"
}
],
"notes": [
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
},
{
"category": "description",
"text": "A null pointer dereference vulnerability was found in golang. When using the library\u0027s ssh server without specifying an option for GSSAPIWithMICConfig, it is possible for an attacker to craft an ssh client connection using the `gssapi-with-mic` authentication method and cause the server to panic resulting in a denial of service. The highest threat from this vulnerability is to system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: crypto/ssh: crafted authentication request can lead to nil pointer dereference",
"title": "Vulnerability summary"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-4.7:openshift4/ose-aws-ebs-csi-driver-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-azure-machine-controllers:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-baremetal-installer-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-installer-artifacts:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-installer:v4.7.0-202102130115.p0"
],
"known_not_affected": [
"8Base-RHOSE-4.7:openshift4/egress-router-cni-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-aws-ebs-csi-driver-rhel8-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-aws-machine-controllers:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-aws-pod-identity-webhook-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-baremetal-machine-controllers:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-baremetal-rhel8-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-baremetal-runtimecfg-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cli-artifacts:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cli:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cloud-credential-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-authentication-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-autoscaler-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-autoscaler:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-baremetal-operator-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-bootstrap:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-config-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-dns-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-etcd-rhel8-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-image-registry-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-ingress-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-kube-apiserver-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-kube-controller-manager-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-kube-scheduler-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-machine-approver:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-monitoring-operator:v4.7.0-202102172008.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-network-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-node-tuning-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-openshift-apiserver-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-openshift-controller-manager-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-policy-controller-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-samples-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-storage-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-update-keys:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-version-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-configmap-reloader:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-console-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-console:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-container-networking-plugins-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-coredns:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-driver-manila-rhel8-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-driver-manila-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-driver-nfs-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-external-attacher-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-external-attacher:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-external-provisioner-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-external-provisioner:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-external-resizer-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-external-resizer:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-external-snapshotter-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-external-snapshotter:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-livenessprobe-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-livenessprobe:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-node-driver-registrar-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-node-driver-registrar:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-snapshot-controller-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-snapshot-controller:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-snapshot-validation-webhook-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-deployer:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-docker-builder:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-docker-registry:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-etcd:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-gcp-machine-controllers-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-gcp-pd-csi-driver-operator-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-gcp-pd-csi-driver-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-grafana:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-haproxy-router:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-hello-openshift-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-hyperkube:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-insights-rhel8-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-ironic-hardware-inventory-recorder-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-ironic-inspector-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-ironic-ipa-downloader-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-ironic-machine-os-downloader-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-ironic-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-ironic-static-ip-manager-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-jenkins-agent-base:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-jenkins-agent-maven:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-jenkins-agent-nodejs-12-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-jenkins:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-k8s-prometheus-adapter:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-keepalived-ipfailover:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-kube-proxy:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-kube-rbac-proxy:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-kube-state-metrics:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-kube-storage-version-migrator-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-kuryr-cni-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-kuryr-controller-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-libvirt-machine-controllers:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-local-storage-static-provisioner:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-machine-api-operator:v4.7.0-202102172008.p0",
"8Base-RHOSE-4.7:openshift4/ose-machine-config-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-mdns-publisher-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-multus-admission-controller:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-multus-cni:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-multus-networkpolicy-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-multus-route-override-cni-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-multus-whereabouts-ipam-cni-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-must-gather:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-network-metrics-daemon-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-oauth-apiserver-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-oauth-proxy:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-oauth-server-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-openshift-apiserver-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-openshift-controller-manager-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-openshift-state-metrics-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-openstack-cinder-csi-driver-rhel8-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-openstack-cinder-csi-driver-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-openstack-machine-controllers:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-operator-lifecycle-manager:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-operator-marketplace:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-operator-registry:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-ovirt-machine-controllers-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-ovn-kubernetes:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-pod:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-prom-label-proxy:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-prometheus-alertmanager:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-prometheus-config-reloader:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-prometheus-node-exporter:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-prometheus-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-prometheus:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-sdn-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-service-ca-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-telemeter:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-tests:v4.7.0-202102181036.p0",
"8Base-RHOSE-4.7:openshift4/ose-thanos-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-tools-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-vsphere-problem-detector-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ovirt-csi-driver-rhel7:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ovirt-csi-driver-rhel8-operator:v4.7.0-202102130115.p0"
]
},
"references": [
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-29652",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-29652"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-29652",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-29652"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/ouZIlBimOsE?pli=1",
"url": "https://groups.google.com/g/golang-announce/c/ouZIlBimOsE?pli=1"
},
{
"category": "external",
"summary": "CVE-2020-29652",
"url": "https://access.redhat.com/security/cve/CVE-2020-29652"
},
{
"category": "external",
"summary": "bz#1908883: CVE-2020-29652 golang: crypto/ssh: crafted authentication request can lead to nil pointer dereference",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1908883"
}
],
"release_date": "2020-12-16T00:00:00Z",
"remediations": [
{
"category": "vendor_fix",
"details": "For OpenShift Container Platform 4.7, see the following documentation, which\nwill be updated shortly for this release, for important instructions on how\nto upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.7/release_notes/ocp-4-7-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.7/updating/updating-cluster-cli.html.",
"product_ids": [
"8Base-RHOSE-4.7:openshift4/ose-aws-ebs-csi-driver-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-azure-machine-controllers:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-baremetal-installer-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-installer-artifacts:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-installer:v4.7.0-202102130115.p0"
],
"url": "https://access.redhat.com/errata/RHSA-2020:5633"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RHOSE-4.7:openshift4/ose-aws-ebs-csi-driver-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-azure-machine-controllers:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-baremetal-installer-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-installer-artifacts:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-installer:v4.7.0-202102130115.p0"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-12-17T00:00:00Z",
"details": "Important"
}
],
"title": "CVE-2020-29652 golang: crypto/ssh: crafted authentication request can lead to nil pointer dereference"
},
{
"cve": "CVE-2021-3121",
"cwe": {
"id": "CWE-129",
"name": "Improper Validation of Array Index"
},
"discovery_date": "2021-01-28T00:00:00Z",
"flags": [
{
"label": "component_not_present",
"product_ids": [
"8Base-RHOSE-4.7:openshift4/egress-router-cni-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-aws-ebs-csi-driver-rhel8-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-aws-ebs-csi-driver-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-aws-machine-controllers:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-aws-pod-identity-webhook-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-azure-machine-controllers:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-baremetal-installer-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-baremetal-machine-controllers:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-baremetal-rhel8-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-baremetal-runtimecfg-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cli-artifacts:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cli:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cloud-credential-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-authentication-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-autoscaler-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-autoscaler:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-baremetal-operator-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-bootstrap:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-config-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-dns-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-etcd-rhel8-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-image-registry-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-ingress-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-kube-apiserver-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-kube-controller-manager-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-kube-scheduler-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-machine-approver:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-monitoring-operator:v4.7.0-202102172008.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-network-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-openshift-apiserver-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-openshift-controller-manager-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-policy-controller-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-samples-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-storage-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-update-keys:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-version-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-configmap-reloader:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-console-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-console:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-container-networking-plugins-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-coredns:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-driver-manila-rhel8-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-driver-manila-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-driver-nfs-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-external-attacher-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-external-attacher:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-external-provisioner-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-external-provisioner:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-external-resizer-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-external-resizer:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-external-snapshotter-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-external-snapshotter:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-livenessprobe-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-livenessprobe:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-node-driver-registrar-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-node-driver-registrar:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-snapshot-controller-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-snapshot-controller:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-snapshot-validation-webhook-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-deployer:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-docker-builder:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-docker-registry:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-etcd:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-gcp-machine-controllers-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-gcp-pd-csi-driver-operator-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-gcp-pd-csi-driver-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-grafana:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-haproxy-router:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-hello-openshift-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-hyperkube:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-insights-rhel8-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-installer-artifacts:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-installer:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-ironic-hardware-inventory-recorder-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-ironic-inspector-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-ironic-ipa-downloader-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-ironic-machine-os-downloader-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-ironic-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-ironic-static-ip-manager-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-jenkins-agent-base:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-jenkins-agent-maven:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-jenkins-agent-nodejs-12-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-jenkins:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-k8s-prometheus-adapter:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-keepalived-ipfailover:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-kube-proxy:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-kube-rbac-proxy:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-kube-state-metrics:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-kube-storage-version-migrator-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-kuryr-cni-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-kuryr-controller-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-libvirt-machine-controllers:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-local-storage-static-provisioner:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-machine-api-operator:v4.7.0-202102172008.p0",
"8Base-RHOSE-4.7:openshift4/ose-machine-config-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-mdns-publisher-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-multus-admission-controller:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-multus-cni:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-multus-networkpolicy-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-multus-route-override-cni-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-multus-whereabouts-ipam-cni-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-must-gather:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-network-metrics-daemon-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-oauth-apiserver-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-oauth-proxy:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-oauth-server-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-openshift-apiserver-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-openshift-controller-manager-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-openshift-state-metrics-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-openstack-cinder-csi-driver-rhel8-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-openstack-cinder-csi-driver-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-openstack-machine-controllers:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-operator-lifecycle-manager:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-operator-marketplace:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-operator-registry:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-ovirt-machine-controllers-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-ovn-kubernetes:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-pod:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-prom-label-proxy:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-prometheus-alertmanager:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-prometheus-config-reloader:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-prometheus-node-exporter:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-prometheus-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-prometheus:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-sdn-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-service-ca-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-telemeter:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-tests:v4.7.0-202102181036.p0",
"8Base-RHOSE-4.7:openshift4/ose-thanos-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-tools-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-vsphere-problem-detector-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ovirt-csi-driver-rhel7:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ovirt-csi-driver-rhel8-operator:v4.7.0-202102130115.p0"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla",
"text": "https://bugzilla.redhat.com/show_bug.cgi?id=1921650"
}
],
"notes": [
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
},
{
"category": "description",
"text": "A flaw was found in github.com/gogo/protobuf before 1.3.2 that allows an out-of-bounds access when unmarshalling certain protobuf objects. This flaw allows a remote attacker to send crafted protobuf messages, causing panic and resulting in a denial of service. The highest threat from this vulnerability is to availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "gogo/protobuf: plugin/unmarshal/unmarshal.go lacks certain index validation",
"title": "Vulnerability summary"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-4.7:openshift4/ose-cluster-node-tuning-operator:v4.7.0-202102130115.p0"
],
"known_not_affected": [
"8Base-RHOSE-4.7:openshift4/egress-router-cni-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-aws-ebs-csi-driver-rhel8-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-aws-ebs-csi-driver-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-aws-machine-controllers:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-aws-pod-identity-webhook-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-azure-machine-controllers:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-baremetal-installer-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-baremetal-machine-controllers:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-baremetal-rhel8-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-baremetal-runtimecfg-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cli-artifacts:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cli:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cloud-credential-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-authentication-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-autoscaler-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-autoscaler:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-baremetal-operator-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-bootstrap:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-config-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-dns-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-etcd-rhel8-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-image-registry-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-ingress-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-kube-apiserver-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-kube-controller-manager-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-kube-scheduler-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-machine-approver:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-monitoring-operator:v4.7.0-202102172008.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-network-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-openshift-apiserver-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-openshift-controller-manager-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-policy-controller-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-samples-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-storage-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-update-keys:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-version-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-configmap-reloader:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-console-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-console:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-container-networking-plugins-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-coredns:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-driver-manila-rhel8-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-driver-manila-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-driver-nfs-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-external-attacher-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-external-attacher:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-external-provisioner-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-external-provisioner:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-external-resizer-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-external-resizer:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-external-snapshotter-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-external-snapshotter:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-livenessprobe-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-livenessprobe:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-node-driver-registrar-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-node-driver-registrar:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-snapshot-controller-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-snapshot-controller:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-snapshot-validation-webhook-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-deployer:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-docker-builder:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-docker-registry:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-etcd:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-gcp-machine-controllers-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-gcp-pd-csi-driver-operator-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-gcp-pd-csi-driver-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-grafana:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-haproxy-router:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-hello-openshift-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-hyperkube:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-insights-rhel8-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-installer-artifacts:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-installer:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-ironic-hardware-inventory-recorder-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-ironic-inspector-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-ironic-ipa-downloader-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-ironic-machine-os-downloader-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-ironic-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-ironic-static-ip-manager-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-jenkins-agent-base:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-jenkins-agent-maven:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-jenkins-agent-nodejs-12-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-jenkins:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-k8s-prometheus-adapter:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-keepalived-ipfailover:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-kube-proxy:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-kube-rbac-proxy:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-kube-state-metrics:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-kube-storage-version-migrator-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-kuryr-cni-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-kuryr-controller-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-libvirt-machine-controllers:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-local-storage-static-provisioner:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-machine-api-operator:v4.7.0-202102172008.p0",
"8Base-RHOSE-4.7:openshift4/ose-machine-config-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-mdns-publisher-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-multus-admission-controller:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-multus-cni:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-multus-networkpolicy-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-multus-route-override-cni-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-multus-whereabouts-ipam-cni-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-must-gather:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-network-metrics-daemon-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-oauth-apiserver-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-oauth-proxy:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-oauth-server-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-openshift-apiserver-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-openshift-controller-manager-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-openshift-state-metrics-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-openstack-cinder-csi-driver-rhel8-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-openstack-cinder-csi-driver-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-openstack-machine-controllers:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-operator-lifecycle-manager:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-operator-marketplace:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-operator-registry:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-ovirt-machine-controllers-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-ovn-kubernetes:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-pod:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-prom-label-proxy:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-prometheus-alertmanager:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-prometheus-config-reloader:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-prometheus-node-exporter:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-prometheus-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-prometheus:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-sdn-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-service-ca-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-telemeter:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-tests:v4.7.0-202102181036.p0",
"8Base-RHOSE-4.7:openshift4/ose-thanos-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-tools-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-vsphere-problem-detector-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ovirt-csi-driver-rhel7:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ovirt-csi-driver-rhel8-operator:v4.7.0-202102130115.p0"
]
},
"references": [
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-3121",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3121"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-3121",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-3121"
},
{
"category": "external",
"summary": "CVE-2021-3121",
"url": "https://access.redhat.com/security/cve/CVE-2021-3121"
},
{
"category": "external",
"summary": "bz#1921650: CVE-2021-3121 gogo/protobuf: plugin/unmarshal/unmarshal.go lacks certain index validation",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1921650"
}
],
"release_date": "2021-01-11T00:00:00Z",
"remediations": [
{
"category": "vendor_fix",
"details": "For OpenShift Container Platform 4.7, see the following documentation, which\nwill be updated shortly for this release, for important instructions on how\nto upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.7/release_notes/ocp-4-7-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.7/updating/updating-cluster-cli.html.",
"product_ids": [
"8Base-RHOSE-4.7:openshift4/ose-cluster-node-tuning-operator:v4.7.0-202102130115.p0"
],
"url": "https://access.redhat.com/errata/RHSA-2020:5633"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"8Base-RHOSE-4.7:openshift4/ose-cluster-node-tuning-operator:v4.7.0-202102130115.p0"
]
}
],
"threats": [
{
"category": "impact",
"date": "2021-01-28T00:00:00Z",
"details": "Important"
}
],
"title": "CVE-2021-3121 gogo/protobuf: plugin/unmarshal/unmarshal.go lacks certain index validation"
},
{
"cve": "CVE-2021-26539",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2021-02-08T00:00:00Z",
"flags": [
{
"label": "component_not_present",
"product_ids": [
"8Base-RHOSE-4.7:openshift4/egress-router-cni-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-aws-ebs-csi-driver-rhel8-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-aws-ebs-csi-driver-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-aws-machine-controllers:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-aws-pod-identity-webhook-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-azure-machine-controllers:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-baremetal-installer-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-baremetal-machine-controllers:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-baremetal-rhel8-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-baremetal-runtimecfg-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cli-artifacts:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cli:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cloud-credential-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-authentication-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-autoscaler-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-autoscaler:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-baremetal-operator-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-bootstrap:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-config-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-dns-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-etcd-rhel8-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-image-registry-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-ingress-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-kube-apiserver-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-kube-controller-manager-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-kube-scheduler-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-machine-approver:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-monitoring-operator:v4.7.0-202102172008.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-network-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-node-tuning-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-openshift-apiserver-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-openshift-controller-manager-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-policy-controller-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-samples-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-storage-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-update-keys:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-version-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-configmap-reloader:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-console-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-container-networking-plugins-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-coredns:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-driver-manila-rhel8-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-driver-manila-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-driver-nfs-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-external-attacher-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-external-attacher:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-external-provisioner-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-external-provisioner:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-external-resizer-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-external-resizer:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-external-snapshotter-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-external-snapshotter:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-livenessprobe-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-livenessprobe:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-node-driver-registrar-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-node-driver-registrar:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-snapshot-controller-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-snapshot-controller:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-snapshot-validation-webhook-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-deployer:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-docker-builder:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-docker-registry:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-etcd:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-gcp-machine-controllers-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-gcp-pd-csi-driver-operator-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-gcp-pd-csi-driver-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-grafana:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-haproxy-router:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-hello-openshift-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-hyperkube:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-insights-rhel8-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-installer-artifacts:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-installer:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-ironic-hardware-inventory-recorder-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-ironic-inspector-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-ironic-ipa-downloader-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-ironic-machine-os-downloader-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-ironic-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-ironic-static-ip-manager-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-jenkins-agent-base:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-jenkins-agent-maven:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-jenkins-agent-nodejs-12-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-jenkins:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-k8s-prometheus-adapter:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-keepalived-ipfailover:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-kube-proxy:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-kube-rbac-proxy:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-kube-state-metrics:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-kube-storage-version-migrator-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-kuryr-cni-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-kuryr-controller-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-libvirt-machine-controllers:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-local-storage-static-provisioner:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-machine-api-operator:v4.7.0-202102172008.p0",
"8Base-RHOSE-4.7:openshift4/ose-machine-config-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-mdns-publisher-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-multus-admission-controller:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-multus-cni:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-multus-networkpolicy-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-multus-route-override-cni-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-multus-whereabouts-ipam-cni-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-must-gather:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-network-metrics-daemon-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-oauth-apiserver-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-oauth-proxy:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-oauth-server-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-openshift-apiserver-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-openshift-controller-manager-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-openshift-state-metrics-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-openstack-cinder-csi-driver-rhel8-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-openstack-cinder-csi-driver-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-openstack-machine-controllers:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-operator-lifecycle-manager:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-operator-marketplace:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-operator-registry:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-ovirt-machine-controllers-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-ovn-kubernetes:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-pod:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-prom-label-proxy:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-prometheus-alertmanager:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-prometheus-config-reloader:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-prometheus-node-exporter:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-prometheus-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-prometheus:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-sdn-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-service-ca-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-telemeter:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-tests:v4.7.0-202102181036.p0",
"8Base-RHOSE-4.7:openshift4/ose-thanos-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-tools-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-vsphere-problem-detector-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ovirt-csi-driver-rhel7:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ovirt-csi-driver-rhel8-operator:v4.7.0-202102130115.p0"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla",
"text": "https://bugzilla.redhat.com/show_bug.cgi?id=1932362"
}
],
"notes": [
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
},
{
"category": "description",
"text": "Apostrophe Technologies sanitize-html before 2.3.1 does not properly handle internationalized domain name (IDN) which could allow an attacker to bypass hostname whitelist validation set by the \"allowedIframeHostnames\" option.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "sanitize-html: improper handling of internationalized domain name (IDN) can lead to bypass hostname whitelist validation",
"title": "Vulnerability summary"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-4.7:openshift4/ose-console:v4.7.0-202102130115.p0"
],
"known_not_affected": [
"8Base-RHOSE-4.7:openshift4/egress-router-cni-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-aws-ebs-csi-driver-rhel8-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-aws-ebs-csi-driver-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-aws-machine-controllers:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-aws-pod-identity-webhook-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-azure-machine-controllers:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-baremetal-installer-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-baremetal-machine-controllers:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-baremetal-rhel8-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-baremetal-runtimecfg-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cli-artifacts:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cli:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cloud-credential-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-authentication-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-autoscaler-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-autoscaler:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-baremetal-operator-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-bootstrap:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-config-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-dns-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-etcd-rhel8-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-image-registry-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-ingress-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-kube-apiserver-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-kube-controller-manager-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-kube-scheduler-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-machine-approver:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-monitoring-operator:v4.7.0-202102172008.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-network-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-node-tuning-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-openshift-apiserver-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-openshift-controller-manager-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-policy-controller-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-samples-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-storage-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-update-keys:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-version-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-configmap-reloader:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-console-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-container-networking-plugins-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-coredns:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-driver-manila-rhel8-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-driver-manila-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-driver-nfs-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-external-attacher-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-external-attacher:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-external-provisioner-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-external-provisioner:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-external-resizer-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-external-resizer:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-external-snapshotter-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-external-snapshotter:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-livenessprobe-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-livenessprobe:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-node-driver-registrar-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-node-driver-registrar:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-snapshot-controller-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-snapshot-controller:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-csi-snapshot-validation-webhook-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-deployer:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-docker-builder:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-docker-registry:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-etcd:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-gcp-machine-controllers-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-gcp-pd-csi-driver-operator-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-gcp-pd-csi-driver-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-grafana:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-haproxy-router:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-hello-openshift-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-hyperkube:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-insights-rhel8-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-installer-artifacts:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-installer:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-ironic-hardware-inventory-recorder-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-ironic-inspector-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-ironic-ipa-downloader-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-ironic-machine-os-downloader-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-ironic-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-ironic-static-ip-manager-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-jenkins-agent-base:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-jenkins-agent-maven:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-jenkins-agent-nodejs-12-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-jenkins:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-k8s-prometheus-adapter:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-keepalived-ipfailover:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-kube-proxy:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-kube-rbac-proxy:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-kube-state-metrics:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-kube-storage-version-migrator-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-kuryr-cni-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-kuryr-controller-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-libvirt-machine-controllers:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-local-storage-static-provisioner:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-machine-api-operator:v4.7.0-202102172008.p0",
"8Base-RHOSE-4.7:openshift4/ose-machine-config-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-mdns-publisher-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-multus-admission-controller:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-multus-cni:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-multus-networkpolicy-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-multus-route-override-cni-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-multus-whereabouts-ipam-cni-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-must-gather:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-network-metrics-daemon-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-oauth-apiserver-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-oauth-proxy:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-oauth-server-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-openshift-apiserver-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-openshift-controller-manager-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-openshift-state-metrics-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-openstack-cinder-csi-driver-rhel8-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-openstack-cinder-csi-driver-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-openstack-machine-controllers:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-operator-lifecycle-manager:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-operator-marketplace:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-operator-registry:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-ovirt-machine-controllers-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-ovn-kubernetes:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-pod:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-prom-label-proxy:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-prometheus-alertmanager:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-prometheus-config-reloader:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-prometheus-node-exporter:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-prometheus-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-prometheus:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-sdn-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-service-ca-operator:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-telemeter:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-tests:v4.7.0-202102181036.p0",
"8Base-RHOSE-4.7:openshift4/ose-thanos-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-tools-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ose-vsphere-problem-detector-rhel8:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ovirt-csi-driver-rhel7:v4.7.0-202102130115.p0",
"8Base-RHOSE-4.7:openshift4/ovirt-csi-driver-rhel8-operator:v4.7.0-202102130115.p0"
]
},
"references": [
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-26539",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-26539"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-26539",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-26539"
},
{
"category": "external",
"summary": "CVE-2021-26539",
"url": "https://access.redhat.com/security/cve/CVE-2021-26539"
},
{
"category": "external",
"summary": "bz#1932362: CVE-2021-26539 sanitize-html: improper handling of internationalized domain name (IDN) can lead to bypass hostname whitelist validation",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1932362"
}
],
"release_date": "2021-01-22T00:00:00Z",
"remediations": [
{
"category": "vendor_fix",
"details": "For OpenShift Container Platform 4.7, see the following documentation, which\nwill be updated shortly for this release, for important instructions on how\nto upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.7/release_notes/ocp-4-7-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.7/updating/updating-cluster-cli.html.",
"product_ids": [
"8Base-RHOSE-4.7:openshift4/ose-console:v4.7.0-202102130115.p0"
],
"url": "https://access.redhat.com/errata/RHSA-2020:5633"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"8Base-RHOSE-4.7:openshift4/ose-console:v4.7.0-202102130115.p0"
]
}
],
"threats": [
{
"category": "impact",
"date": "2021-02-08T00:00:00Z",
"details": "Moderate"
}
],
"title": "CVE-2021-26539 sanitize-html: improper handling of internationalized domain name (IDN) can lead to bypass hostname whitelist validation"
}
]
}
rhsa-2021_0100
Vulnerability from csaf_redhat
Published
2021-02-24 21:18
Modified
2024-09-14 00:42
Summary
Red Hat Security Advisory: OpenShift Container Platform 4.7 file-integrity-operator image security update
Notes
Topic
The file-integrity-operator image update is now available for OpenShift Container Platform 4.7.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
The file-integrity-operator image update is now available for OpenShift
Container Platform 4.7.
Security Fix(es):
* golang-github-gorilla-websocket: integer overflow leads to denial of service (CVE-2020-27813)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_vex",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "The file-integrity-operator image update is now available for OpenShift Container Platform 4.7.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "The file-integrity-operator image update is now available for OpenShift\nContainer Platform 4.7.\n\nSecurity Fix(es):\n\n* golang-github-gorilla-websocket: integer overflow leads to denial of service (CVE-2020-27813)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat offerings.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2021:0100",
"url": "https://access.redhat.com/errata/RHSA-2021:0100"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "1826301",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1826301"
},
{
"category": "external",
"summary": "1869293",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1869293"
},
{
"category": "external",
"summary": "1902111",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1902111"
},
{
"category": "external",
"summary": "1905011",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1905011"
},
{
"category": "external",
"summary": "1910050",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1910050"
},
{
"category": "external",
"summary": "1921692",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1921692"
},
{
"category": "external",
"summary": "1923096",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1923096"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/data/csaf/v2/advisories/2021/rhsa-2021_0100.json"
}
],
"title": "Red Hat Security Advisory: OpenShift Container Platform 4.7 file-integrity-operator image security update",
"tracking": {
"current_release_date": "2024-09-14T00:42:13+00:00",
"generator": {
"date": "2024-09-14T00:42:13+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "3.33.3"
}
},
"id": "RHSA-2021:0100",
"initial_release_date": "2021-02-24T21:18:36+00:00",
"revision_history": [
{
"date": "2021-02-24T21:18:36+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2021-02-24T21:18:36+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-09-14T00:42:13+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat OpenShift Container Platform 4.7",
"product": {
"name": "Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift:4.7::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenShift Enterprise"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift4/file-integrity-rhel8-operator@sha256:ac5a64da65708e76865e73fe347b7b6fd633d9759c4ccdc682aee5be953eef5b_amd64",
"product": {
"name": "openshift4/file-integrity-rhel8-operator@sha256:ac5a64da65708e76865e73fe347b7b6fd633d9759c4ccdc682aee5be953eef5b_amd64",
"product_id": "openshift4/file-integrity-rhel8-operator@sha256:ac5a64da65708e76865e73fe347b7b6fd633d9759c4ccdc682aee5be953eef5b_amd64",
"product_identification_helper": {
"purl": "pkg:oci/file-integrity-rhel8-operator@sha256:ac5a64da65708e76865e73fe347b7b6fd633d9759c4ccdc682aee5be953eef5b?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/file-integrity-rhel8-operator\u0026tag=v4.7.0-9"
}
}
},
{
"category": "product_version",
"name": "openshift4/file-integrity-rhel8-operator-metadata@sha256:4f5780175e840d6e068913b0d0d05a579b19baa4cfca726f0f68b6c9574cd527_amd64",
"product": {
"name": "openshift4/file-integrity-rhel8-operator-metadata@sha256:4f5780175e840d6e068913b0d0d05a579b19baa4cfca726f0f68b6c9574cd527_amd64",
"product_id": "openshift4/file-integrity-rhel8-operator-metadata@sha256:4f5780175e840d6e068913b0d0d05a579b19baa4cfca726f0f68b6c9574cd527_amd64",
"product_identification_helper": {
"purl": "pkg:oci/file-integrity-rhel8-operator-metadata@sha256:4f5780175e840d6e068913b0d0d05a579b19baa4cfca726f0f68b6c9574cd527?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/file-integrity-rhel8-operator-metadata\u0026tag=v4.7.0.9-1"
}
}
}
],
"category": "architecture",
"name": "amd64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/file-integrity-rhel8-operator-metadata@sha256:4f5780175e840d6e068913b0d0d05a579b19baa4cfca726f0f68b6c9574cd527_amd64 as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/file-integrity-rhel8-operator-metadata@sha256:4f5780175e840d6e068913b0d0d05a579b19baa4cfca726f0f68b6c9574cd527_amd64"
},
"product_reference": "openshift4/file-integrity-rhel8-operator-metadata@sha256:4f5780175e840d6e068913b0d0d05a579b19baa4cfca726f0f68b6c9574cd527_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/file-integrity-rhel8-operator@sha256:ac5a64da65708e76865e73fe347b7b6fd633d9759c4ccdc682aee5be953eef5b_amd64 as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/file-integrity-rhel8-operator@sha256:ac5a64da65708e76865e73fe347b7b6fd633d9759c4ccdc682aee5be953eef5b_amd64"
},
"product_reference": "openshift4/file-integrity-rhel8-operator@sha256:ac5a64da65708e76865e73fe347b7b6fd633d9759c4ccdc682aee5be953eef5b_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.7"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2020-27813",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2020-11-27T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHOSE-4.7:openshift4/file-integrity-rhel8-operator-metadata@sha256:4f5780175e840d6e068913b0d0d05a579b19baa4cfca726f0f68b6c9574cd527_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1902111"
}
],
"notes": [
{
"category": "description",
"text": "An integer overflow vulnerability exists with the length of websocket frames received via a websocket connection. An attacker could use this flaw to cause a denial of service attack on an HTTP Server allowing websocket connections.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang-github-gorilla-websocket: integer overflow leads to denial of service",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-4.7:openshift4/file-integrity-rhel8-operator@sha256:ac5a64da65708e76865e73fe347b7b6fd633d9759c4ccdc682aee5be953eef5b_amd64"
],
"known_not_affected": [
"8Base-RHOSE-4.7:openshift4/file-integrity-rhel8-operator-metadata@sha256:4f5780175e840d6e068913b0d0d05a579b19baa4cfca726f0f68b6c9574cd527_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-27813"
},
{
"category": "external",
"summary": "RHBZ#1902111",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1902111"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-27813",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-27813"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-27813",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-27813"
},
{
"category": "external",
"summary": "https://github.com/gorilla/websocket/security/advisories/GHSA-jf24-p9p9-4rjh",
"url": "https://github.com/gorilla/websocket/security/advisories/GHSA-jf24-p9p9-4rjh"
}
],
"release_date": "2019-08-25T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHOSE-4.7:openshift4/file-integrity-rhel8-operator@sha256:ac5a64da65708e76865e73fe347b7b6fd633d9759c4ccdc682aee5be953eef5b_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:0100"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RHOSE-4.7:openshift4/file-integrity-rhel8-operator@sha256:ac5a64da65708e76865e73fe347b7b6fd633d9759c4ccdc682aee5be953eef5b_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang-github-gorilla-websocket: integer overflow leads to denial of service"
}
]
}
rhsa-2021_1561
Vulnerability from csaf_redhat
Published
2021-05-24 17:14
Modified
2021-05-24 17:14
Summary
Red Hat Security Advisory: OpenShift Container Platform 4.7.12 bug fix and security update
Notes
Topic
Red Hat OpenShift Container Platform release 4.7.12 is now available with updates to packages and images that fix several bugs.
This release includes a security update for Red Hat OpenShift Container Platform 4.7.12.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat OpenShift Container Platform is Red Hat's cloud computing
Kubernetes application platform solution designed for on-premise or private
cloud deployments.
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
This advisory contains the container images for Red Hat OpenShift Container Platform 4.7.12. See the following advisory for the RPM packages for this release:
https://access.redhat.com/errata/RHSA-1562
Space precludes documenting all of the container images in this advisory. See the following Release Notes documentation, which will be updated shortly for this release, for details about these changes:
https://docs.openshift.com/container-platform/4.7/release_notes/ocp-4-7-release-notes.html
This update fixes the following bugs among others:
* Previously, the node-exporter daemonset's mountstats collector caused high memory usage on nodes with NFS mount points. By disabling the mountstats collector, this fix reduces memory usage. (BZ#1955469)
* A previous change to gophercloud/utils introduced a custom HTTP client that uses a self-signed certificate. But because this change removed settings from DefaultTransport, including those for proxy environment variables, this caused failures for installations that use both self-signed certificates and proxies. In this update, the custom HTTP client inherits settings from DefaultTransport, so now OCP can be installed with self-signed certificates and proxies. (BZ#1943500)
* Previously, bare metal deployments failed when large packet transfers between Ironic and the RAM disk resulted in connection failures. In this update, Ironic queries the RAM disk for information to work around the connection error, allowing deployments to succeed.(BZ#1958965)
* Previously, when an IPv6 cluster was started on nodes that had IPv4 addresses, kublet sometimes used the nodes' IPv4 IP addresses instead of their IPv6 IP addresses, which prevented host-network pods from reaching IPv6-only pods. This update changes the way node IP addresses are chosen. Now, all nodes have IPv6 addresses. (BZ#1942488)
* Previously, OVN changed the source IP addresses of hairpin traffic packets to the IP address of the load balancer, which sometimes blocked traffic when a network policy was in use. With this update, Kuryr opens traffic to the IP addresses of all services in a network policy's namespace, and hairpin traffic flows freely. (BZ#1959766)
Security Fix(es):
* golang-github-gorilla-websocket: integer overflow leads to denial of service (CVE-2020-27813)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
You may download the oc tool and use it to inspect release image metadata as follows:
(For x86_64 architecture)
$ oc adm release info quay.io/openshift-release-dev/ocp-release:4.7.12-x86_64
The image digest is sha256:2029c5779202293f23418d47a1a823c4e4c8539c1ab25e8bda30d48335b4892e
(For s390x architecture)
$ oc adm release info quay.io/openshift-release-dev/ocp-release:4.7.12-s390x
The image digest is sha256:5f4aa1beddcf61182b715bc6301bf39ca1d967225b1052e3e41e02464bd9989b
(For ppc64le architecture)
$ oc adm release info quay.io/openshift-release-dev/ocp-release:4.7.12-ppc64le
The image digest is sha256:44c395af371114178a0d2a06c9db60055608b3974bb0e4a58da930ce34c3bec9
All OpenShift Container Platform 4.7 users are advised to upgrade to these updated packages and images when they are available in the appropriate release channel. To check for available updates, use the OpenShift Console or the CLI oc command. Instructions for upgrading a cluster are available
at https://docs.openshift.com/container-platform/4.7/updating/updating-cluster-between-minor.html#understanding-upgrade-channels_updating-cluster-between-minor
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_vex",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 2023 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Red Hat OpenShift Container Platform release 4.7.12 is now available with updates to packages and images that fix several bugs.\n\nThis release includes a security update for Red Hat OpenShift Container Platform 4.7.12.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat OpenShift Container Platform is Red Hat\u0027s cloud computing\nKubernetes application platform solution designed for on-premise or private\ncloud deployments.\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nThis advisory contains the container images for Red Hat OpenShift Container Platform 4.7.12. See the following advisory for the RPM packages for this release:\n\nhttps://access.redhat.com/errata/RHSA-1562\n\nSpace precludes documenting all of the container images in this advisory. See the following Release Notes documentation, which will be updated shortly for this release, for details about these changes:\n\nhttps://docs.openshift.com/container-platform/4.7/release_notes/ocp-4-7-release-notes.html\n\nThis update fixes the following bugs among others:\n\n* Previously, the node-exporter daemonset\u0027s mountstats collector caused high memory usage on nodes with NFS mount points. By disabling the mountstats collector, this fix reduces memory usage. (BZ#1955469)\n\n* A previous change to gophercloud/utils introduced a custom HTTP client that uses a self-signed certificate. But because this change removed settings from DefaultTransport, including those for proxy environment variables, this caused failures for installations that use both self-signed certificates and proxies. In this update, the custom HTTP client inherits settings from DefaultTransport, so now OCP can be installed with self-signed certificates and proxies. (BZ#1943500)\n\n* Previously, bare metal deployments failed when large packet transfers between Ironic and the RAM disk resulted in connection failures. In this update, Ironic queries the RAM disk for information to work around the connection error, allowing deployments to succeed.(BZ#1958965)\n\n* Previously, when an IPv6 cluster was started on nodes that had IPv4 addresses, kublet sometimes used the nodes\u0027 IPv4 IP addresses instead of their IPv6 IP addresses, which prevented host-network pods from reaching IPv6-only pods. This update changes the way node IP addresses are chosen. Now, all nodes have IPv6 addresses. (BZ#1942488)\n\n* Previously, OVN changed the source IP addresses of hairpin traffic packets to the IP address of the load balancer, which sometimes blocked traffic when a network policy was in use. With this update, Kuryr opens traffic to the IP addresses of all services in a network policy\u0027s namespace, and hairpin traffic flows freely. (BZ#1959766)\n\nSecurity Fix(es):\n\n* golang-github-gorilla-websocket: integer overflow leads to denial of service (CVE-2020-27813)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nYou may download the oc tool and use it to inspect release image metadata as follows:\n\n(For x86_64 architecture)\n\n $ oc adm release info quay.io/openshift-release-dev/ocp-release:4.7.12-x86_64\n\nThe image digest is sha256:2029c5779202293f23418d47a1a823c4e4c8539c1ab25e8bda30d48335b4892e\n\n(For s390x architecture)\n\n $ oc adm release info quay.io/openshift-release-dev/ocp-release:4.7.12-s390x\n\nThe image digest is sha256:5f4aa1beddcf61182b715bc6301bf39ca1d967225b1052e3e41e02464bd9989b\n\n(For ppc64le architecture)\n\n $ oc adm release info quay.io/openshift-release-dev/ocp-release:4.7.12-ppc64le\n\nThe image digest is sha256:44c395af371114178a0d2a06c9db60055608b3974bb0e4a58da930ce34c3bec9\n\nAll OpenShift Container Platform 4.7 users are advised to upgrade to these updated packages and images when they are available in the appropriate release channel. To check for available updates, use the OpenShift Console or the CLI oc command. Instructions for upgrading a cluster are available\nat https://docs.openshift.com/container-platform/4.7/updating/updating-cluster-between-minor.html#understanding-upgrade-channels_updating-cluster-between-minor",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat offerings.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2021:1561",
"url": "https://access.redhat.com/errata/RHSA-2021:1561"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/data/csaf/v2/advisories/2021/rhsa-2021_1561.json"
}
],
"title": "Red Hat Security Advisory: OpenShift Container Platform 4.7.12 bug fix and security update",
"tracking": {
"current_release_date": "2021-05-24T17:14:00Z",
"generator": {
"date": "2023-07-01T04:51:00Z",
"engine": {
"name": "Red Hat SDEngine",
"version": "3.18.0"
}
},
"id": "RHSA-2021:1561",
"initial_release_date": "2021-05-24T17:14:00Z",
"revision_history": [
{
"date": "2021-05-24T17:14:00Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat OpenShift Container Platform 4.7",
"product": {
"name": "Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift:4.7::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenShift Enterprise"
},
{
"category": "product_version",
"name": "openshift4/driver-toolkit-rhel8:v4.7.0-202105141944.p0",
"product": {
"name": "openshift4/driver-toolkit-rhel8:v4.7.0-202105141944.p0",
"product_id": "openshift4/driver-toolkit-rhel8:v4.7.0-202105141944.p0"
}
},
{
"category": "product_version",
"name": "openshift4/ose-baremetal-installer-rhel8:v4.7.0-202105150002.p0",
"product": {
"name": "openshift4/ose-baremetal-installer-rhel8:v4.7.0-202105150002.p0",
"product_id": "openshift4/ose-baremetal-installer-rhel8:v4.7.0-202105150002.p0"
}
},
{
"category": "product_version",
"name": "openshift4/ose-cloud-credential-operator:v4.7.0-202105140655.p0",
"product": {
"name": "openshift4/ose-cloud-credential-operator:v4.7.0-202105140655.p0",
"product_id": "openshift4/ose-cloud-credential-operator:v4.7.0-202105140655.p0"
}
},
{
"category": "product_version",
"name": "openshift4/ose-cluster-authentication-operator:v4.7.0-202105150125.p0",
"product": {
"name": "openshift4/ose-cluster-authentication-operator:v4.7.0-202105150125.p0",
"product_id": "openshift4/ose-cluster-authentication-operator:v4.7.0-202105150125.p0"
}
},
{
"category": "product_version",
"name": "openshift4/ose-cluster-monitoring-operator:v4.7.0-202105151205.p0",
"product": {
"name": "openshift4/ose-cluster-monitoring-operator:v4.7.0-202105151205.p0",
"product_id": "openshift4/ose-cluster-monitoring-operator:v4.7.0-202105151205.p0"
}
},
{
"category": "product_version",
"name": "openshift4/ose-docker-builder:v4.7.0-202105142104.p0",
"product": {
"name": "openshift4/ose-docker-builder:v4.7.0-202105142104.p0",
"product_id": "openshift4/ose-docker-builder:v4.7.0-202105142104.p0"
}
},
{
"category": "product_version",
"name": "openshift4/ose-hello-openshift-rhel8:v4.7.0-202105141715.p0",
"product": {
"name": "openshift4/ose-hello-openshift-rhel8:v4.7.0-202105141715.p0",
"product_id": "openshift4/ose-hello-openshift-rhel8:v4.7.0-202105141715.p0"
}
},
{
"category": "product_version",
"name": "openshift4/ose-hyperkube:v4.7.0-202105160013.p0",
"product": {
"name": "openshift4/ose-hyperkube:v4.7.0-202105160013.p0",
"product_id": "openshift4/ose-hyperkube:v4.7.0-202105160013.p0"
}
},
{
"category": "product_version",
"name": "openshift4/ose-installer-artifacts:v4.7.0-202105150002.p0",
"product": {
"name": "openshift4/ose-installer-artifacts:v4.7.0-202105150002.p0",
"product_id": "openshift4/ose-installer-artifacts:v4.7.0-202105150002.p0"
}
},
{
"category": "product_version",
"name": "openshift4/ose-installer:v4.7.0-202105150002.p0",
"product": {
"name": "openshift4/ose-installer:v4.7.0-202105150002.p0",
"product_id": "openshift4/ose-installer:v4.7.0-202105150002.p0"
}
},
{
"category": "product_version",
"name": "openshift4/ose-ironic-rhel8:v4.7.0-202105140104.p0",
"product": {
"name": "openshift4/ose-ironic-rhel8:v4.7.0-202105140104.p0",
"product_id": "openshift4/ose-ironic-rhel8:v4.7.0-202105140104.p0"
}
},
{
"category": "product_version",
"name": "openshift4/ose-kuryr-cni-rhel8:v4.7.0-202105140104.p0",
"product": {
"name": "openshift4/ose-kuryr-cni-rhel8:v4.7.0-202105140104.p0",
"product_id": "openshift4/ose-kuryr-cni-rhel8:v4.7.0-202105140104.p0"
}
},
{
"category": "product_version",
"name": "openshift4/ose-kuryr-controller-rhel8:v4.7.0-202105140104.p0",
"product": {
"name": "openshift4/ose-kuryr-controller-rhel8:v4.7.0-202105140104.p0",
"product_id": "openshift4/ose-kuryr-controller-rhel8:v4.7.0-202105140104.p0"
}
},
{
"category": "product_version",
"name": "openshift4/ose-machine-api-operator:v4.7.0-202105160938.p0",
"product": {
"name": "openshift4/ose-machine-api-operator:v4.7.0-202105160938.p0",
"product_id": "openshift4/ose-machine-api-operator:v4.7.0-202105160938.p0"
}
},
{
"category": "product_version",
"name": "openshift4/ose-operator-lifecycle-manager:v4.7.0-202105141828.p0",
"product": {
"name": "openshift4/ose-operator-lifecycle-manager:v4.7.0-202105141828.p0",
"product_id": "openshift4/ose-operator-lifecycle-manager:v4.7.0-202105141828.p0"
}
},
{
"category": "product_version",
"name": "openshift4/ose-ovn-kubernetes:v4.7.0-202105140104.p0",
"product": {
"name": "openshift4/ose-ovn-kubernetes:v4.7.0-202105140104.p0",
"product_id": "openshift4/ose-ovn-kubernetes:v4.7.0-202105140104.p0"
}
},
{
"category": "product_version",
"name": "openshift4/ose-tests:v4.7.0-202105141715.p0",
"product": {
"name": "openshift4/ose-tests:v4.7.0-202105141715.p0",
"product_id": "openshift4/ose-tests:v4.7.0-202105141715.p0"
}
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/driver-toolkit-rhel8:v4.7.0-202105141944.p0 as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/driver-toolkit-rhel8:v4.7.0-202105141944.p0"
},
"product_reference": "openshift4/driver-toolkit-rhel8:v4.7.0-202105141944.p0",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-baremetal-installer-rhel8:v4.7.0-202105150002.p0 as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-baremetal-installer-rhel8:v4.7.0-202105150002.p0"
},
"product_reference": "openshift4/ose-baremetal-installer-rhel8:v4.7.0-202105150002.p0",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cloud-credential-operator:v4.7.0-202105140655.p0 as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-cloud-credential-operator:v4.7.0-202105140655.p0"
},
"product_reference": "openshift4/ose-cloud-credential-operator:v4.7.0-202105140655.p0",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cluster-authentication-operator:v4.7.0-202105150125.p0 as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-cluster-authentication-operator:v4.7.0-202105150125.p0"
},
"product_reference": "openshift4/ose-cluster-authentication-operator:v4.7.0-202105150125.p0",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cluster-monitoring-operator:v4.7.0-202105151205.p0 as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-cluster-monitoring-operator:v4.7.0-202105151205.p0"
},
"product_reference": "openshift4/ose-cluster-monitoring-operator:v4.7.0-202105151205.p0",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-docker-builder:v4.7.0-202105142104.p0 as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-docker-builder:v4.7.0-202105142104.p0"
},
"product_reference": "openshift4/ose-docker-builder:v4.7.0-202105142104.p0",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-hello-openshift-rhel8:v4.7.0-202105141715.p0 as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-hello-openshift-rhel8:v4.7.0-202105141715.p0"
},
"product_reference": "openshift4/ose-hello-openshift-rhel8:v4.7.0-202105141715.p0",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-hyperkube:v4.7.0-202105160013.p0 as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-hyperkube:v4.7.0-202105160013.p0"
},
"product_reference": "openshift4/ose-hyperkube:v4.7.0-202105160013.p0",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-installer-artifacts:v4.7.0-202105150002.p0 as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-installer-artifacts:v4.7.0-202105150002.p0"
},
"product_reference": "openshift4/ose-installer-artifacts:v4.7.0-202105150002.p0",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-installer:v4.7.0-202105150002.p0 as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-installer:v4.7.0-202105150002.p0"
},
"product_reference": "openshift4/ose-installer:v4.7.0-202105150002.p0",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-ironic-rhel8:v4.7.0-202105140104.p0 as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-ironic-rhel8:v4.7.0-202105140104.p0"
},
"product_reference": "openshift4/ose-ironic-rhel8:v4.7.0-202105140104.p0",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-kuryr-cni-rhel8:v4.7.0-202105140104.p0 as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-kuryr-cni-rhel8:v4.7.0-202105140104.p0"
},
"product_reference": "openshift4/ose-kuryr-cni-rhel8:v4.7.0-202105140104.p0",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-kuryr-controller-rhel8:v4.7.0-202105140104.p0 as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-kuryr-controller-rhel8:v4.7.0-202105140104.p0"
},
"product_reference": "openshift4/ose-kuryr-controller-rhel8:v4.7.0-202105140104.p0",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-machine-api-operator:v4.7.0-202105160938.p0 as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-machine-api-operator:v4.7.0-202105160938.p0"
},
"product_reference": "openshift4/ose-machine-api-operator:v4.7.0-202105160938.p0",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-operator-lifecycle-manager:v4.7.0-202105141828.p0 as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-operator-lifecycle-manager:v4.7.0-202105141828.p0"
},
"product_reference": "openshift4/ose-operator-lifecycle-manager:v4.7.0-202105141828.p0",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-ovn-kubernetes:v4.7.0-202105140104.p0 as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-ovn-kubernetes:v4.7.0-202105140104.p0"
},
"product_reference": "openshift4/ose-ovn-kubernetes:v4.7.0-202105140104.p0",
"relates_to_product_reference": "8Base-RHOSE-4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-tests:v4.7.0-202105141715.p0 as a component of Red Hat OpenShift Container Platform 4.7",
"product_id": "8Base-RHOSE-4.7:openshift4/ose-tests:v4.7.0-202105141715.p0"
},
"product_reference": "openshift4/ose-tests:v4.7.0-202105141715.p0",
"relates_to_product_reference": "8Base-RHOSE-4.7"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2020-27813",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2020-11-27T00:00:00Z",
"flags": [
{
"label": "component_not_present",
"product_ids": [
"8Base-RHOSE-4.7:openshift4/driver-toolkit-rhel8:v4.7.0-202105141944.p0",
"8Base-RHOSE-4.7:openshift4/ose-baremetal-installer-rhel8:v4.7.0-202105150002.p0",
"8Base-RHOSE-4.7:openshift4/ose-cloud-credential-operator:v4.7.0-202105140655.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-authentication-operator:v4.7.0-202105150125.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-monitoring-operator:v4.7.0-202105151205.p0",
"8Base-RHOSE-4.7:openshift4/ose-docker-builder:v4.7.0-202105142104.p0",
"8Base-RHOSE-4.7:openshift4/ose-hello-openshift-rhel8:v4.7.0-202105141715.p0",
"8Base-RHOSE-4.7:openshift4/ose-installer-artifacts:v4.7.0-202105150002.p0",
"8Base-RHOSE-4.7:openshift4/ose-installer:v4.7.0-202105150002.p0",
"8Base-RHOSE-4.7:openshift4/ose-ironic-rhel8:v4.7.0-202105140104.p0",
"8Base-RHOSE-4.7:openshift4/ose-kuryr-cni-rhel8:v4.7.0-202105140104.p0",
"8Base-RHOSE-4.7:openshift4/ose-kuryr-controller-rhel8:v4.7.0-202105140104.p0",
"8Base-RHOSE-4.7:openshift4/ose-machine-api-operator:v4.7.0-202105160938.p0",
"8Base-RHOSE-4.7:openshift4/ose-operator-lifecycle-manager:v4.7.0-202105141828.p0",
"8Base-RHOSE-4.7:openshift4/ose-ovn-kubernetes:v4.7.0-202105140104.p0",
"8Base-RHOSE-4.7:openshift4/ose-tests:v4.7.0-202105141715.p0"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla",
"text": "https://bugzilla.redhat.com/show_bug.cgi?id=1902111"
}
],
"notes": [
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
},
{
"category": "description",
"text": "An integer overflow vulnerability exists with the length of websocket frames received via a websocket connection. An attacker could use this flaw to cause a denial of service attack on an HTTP Server allowing websocket connections.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang-github-gorilla-websocket: integer overflow leads to denial of service",
"title": "Vulnerability summary"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-4.7:openshift4/ose-hyperkube:v4.7.0-202105160013.p0"
],
"known_not_affected": [
"8Base-RHOSE-4.7:openshift4/driver-toolkit-rhel8:v4.7.0-202105141944.p0",
"8Base-RHOSE-4.7:openshift4/ose-baremetal-installer-rhel8:v4.7.0-202105150002.p0",
"8Base-RHOSE-4.7:openshift4/ose-cloud-credential-operator:v4.7.0-202105140655.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-authentication-operator:v4.7.0-202105150125.p0",
"8Base-RHOSE-4.7:openshift4/ose-cluster-monitoring-operator:v4.7.0-202105151205.p0",
"8Base-RHOSE-4.7:openshift4/ose-docker-builder:v4.7.0-202105142104.p0",
"8Base-RHOSE-4.7:openshift4/ose-hello-openshift-rhel8:v4.7.0-202105141715.p0",
"8Base-RHOSE-4.7:openshift4/ose-installer-artifacts:v4.7.0-202105150002.p0",
"8Base-RHOSE-4.7:openshift4/ose-installer:v4.7.0-202105150002.p0",
"8Base-RHOSE-4.7:openshift4/ose-ironic-rhel8:v4.7.0-202105140104.p0",
"8Base-RHOSE-4.7:openshift4/ose-kuryr-cni-rhel8:v4.7.0-202105140104.p0",
"8Base-RHOSE-4.7:openshift4/ose-kuryr-controller-rhel8:v4.7.0-202105140104.p0",
"8Base-RHOSE-4.7:openshift4/ose-machine-api-operator:v4.7.0-202105160938.p0",
"8Base-RHOSE-4.7:openshift4/ose-operator-lifecycle-manager:v4.7.0-202105141828.p0",
"8Base-RHOSE-4.7:openshift4/ose-ovn-kubernetes:v4.7.0-202105140104.p0",
"8Base-RHOSE-4.7:openshift4/ose-tests:v4.7.0-202105141715.p0"
]
},
"references": [
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-27813",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-27813"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-27813",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-27813"
},
{
"category": "external",
"summary": "https://github.com/gorilla/websocket/security/advisories/GHSA-jf24-p9p9-4rjh",
"url": "https://github.com/gorilla/websocket/security/advisories/GHSA-jf24-p9p9-4rjh"
},
{
"category": "external",
"summary": "CVE-2020-27813",
"url": "https://access.redhat.com/security/cve/CVE-2020-27813"
},
{
"category": "external",
"summary": "bz#1902111: CVE-2020-27813 golang-github-gorilla-websocket: integer overflow leads to denial of service",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1902111"
}
],
"release_date": "2019-08-25T00:00:00Z",
"remediations": [
{
"category": "vendor_fix",
"details": "For OpenShift Container Platform 4.7 see the following documentation, which\nwill be updated shortly for this release, for important instructions on how\nto upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.7/release_notes/ocp-4-7-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.7/updating/updating-cluster-cli.html",
"product_ids": [
"8Base-RHOSE-4.7:openshift4/ose-hyperkube:v4.7.0-202105160013.p0"
],
"url": "https://access.redhat.com/errata/RHSA-2021:1561"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RHOSE-4.7:openshift4/ose-hyperkube:v4.7.0-202105160013.p0"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-11-27T00:00:00Z",
"details": "Moderate"
}
],
"title": "CVE-2020-27813 golang-github-gorilla-websocket: integer overflow leads to denial of service"
}
]
}
rhsa-2021_0799
Vulnerability from csaf_redhat
Published
2021-03-10 11:41
Modified
2024-09-18 04:27
Summary
Red Hat Security Advisory: OpenShift Virtualization 2.6.0 security and bug fix update
Notes
Topic
An update is now available for RHEL-8-CNV-2.6.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
OpenShift Virtualization is Red Hat's virtualization solution designed for Red Hat OpenShift Container Platform.
This advisory contains the following OpenShift Virtualization 2.6.0 images:
RHEL-8-CNV-2.6
==============
kubevirt-cpu-node-labeller-container-v2.6.0-5
kubevirt-cpu-model-nfd-plugin-container-v2.6.0-5
node-maintenance-operator-container-v2.6.0-13
kubevirt-vmware-container-v2.6.0-5
virtio-win-container-v2.6.0-5
kubevirt-kvm-info-nfd-plugin-container-v2.6.0-5
bridge-marker-container-v2.6.0-9
kubevirt-template-validator-container-v2.6.0-9
kubevirt-v2v-conversion-container-v2.6.0-6
kubemacpool-container-v2.6.0-13
kubevirt-ssp-operator-container-v2.6.0-40
hyperconverged-cluster-webhook-container-v2.6.0-73
hyperconverged-cluster-operator-container-v2.6.0-73
ovs-cni-plugin-container-v2.6.0-10
cnv-containernetworking-plugins-container-v2.6.0-10
ovs-cni-marker-container-v2.6.0-10
cluster-network-addons-operator-container-v2.6.0-16
hostpath-provisioner-container-v2.6.0-11
hostpath-provisioner-operator-container-v2.6.0-14
vm-import-virtv2v-container-v2.6.0-21
kubernetes-nmstate-handler-container-v2.6.0-19
vm-import-controller-container-v2.6.0-21
vm-import-operator-container-v2.6.0-21
virt-api-container-v2.6.0-111
virt-controller-container-v2.6.0-111
virt-handler-container-v2.6.0-111
virt-operator-container-v2.6.0-111
virt-launcher-container-v2.6.0-111
cnv-must-gather-container-v2.6.0-54
virt-cdi-importer-container-v2.6.0-24
virt-cdi-cloner-container-v2.6.0-24
virt-cdi-controller-container-v2.6.0-24
virt-cdi-uploadserver-container-v2.6.0-24
virt-cdi-apiserver-container-v2.6.0-24
virt-cdi-uploadproxy-container-v2.6.0-24
virt-cdi-operator-container-v2.6.0-24
hco-bundle-registry-container-v2.6.0-582
Security Fix(es):
* golang.org/x/crypto: Processing of crafted ssh-ed25519 public keys allows for panic (CVE-2020-9283)
* golang: crypto/ssh: crafted authentication request can lead to nil pointer dereference (CVE-2020-29652)
* gogo/protobuf: plugin/unmarshal/unmarshal.go lacks certain index validation (CVE-2021-3121)
* golang.org/x/text: possibility to trigger an infinite loop in encoding/unicode could lead to crash (CVE-2020-14040)
* golang: data race in certain net/http servers including ReverseProxy can lead to DoS (CVE-2020-15586)
* golang: ReadUvarint and ReadVarint can read an unlimited number of bytes from invalid inputs (CVE-2020-16845)
* jwt-go: access restriction bypass vulnerability (CVE-2020-26160)
* golang-github-gorilla-websocket: integer overflow leads to denial of service (CVE-2020-27813)
* golang: math/big: panic during recursive division of very large numbers (CVE-2020-28362)
* containernetworking-cni: Arbitrary path injection via type field in CNI configuration (CVE-2021-20206)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_vex",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update is now available for RHEL-8-CNV-2.6.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "OpenShift Virtualization is Red Hat\u0027s virtualization solution designed for Red Hat OpenShift Container Platform.\n\nThis advisory contains the following OpenShift Virtualization 2.6.0 images:\n\nRHEL-8-CNV-2.6\n==============\nkubevirt-cpu-node-labeller-container-v2.6.0-5\nkubevirt-cpu-model-nfd-plugin-container-v2.6.0-5\nnode-maintenance-operator-container-v2.6.0-13\nkubevirt-vmware-container-v2.6.0-5\nvirtio-win-container-v2.6.0-5\nkubevirt-kvm-info-nfd-plugin-container-v2.6.0-5\nbridge-marker-container-v2.6.0-9\nkubevirt-template-validator-container-v2.6.0-9\nkubevirt-v2v-conversion-container-v2.6.0-6\nkubemacpool-container-v2.6.0-13\nkubevirt-ssp-operator-container-v2.6.0-40\nhyperconverged-cluster-webhook-container-v2.6.0-73\nhyperconverged-cluster-operator-container-v2.6.0-73\novs-cni-plugin-container-v2.6.0-10\ncnv-containernetworking-plugins-container-v2.6.0-10\novs-cni-marker-container-v2.6.0-10\ncluster-network-addons-operator-container-v2.6.0-16\nhostpath-provisioner-container-v2.6.0-11\nhostpath-provisioner-operator-container-v2.6.0-14\nvm-import-virtv2v-container-v2.6.0-21\nkubernetes-nmstate-handler-container-v2.6.0-19\nvm-import-controller-container-v2.6.0-21\nvm-import-operator-container-v2.6.0-21\nvirt-api-container-v2.6.0-111\nvirt-controller-container-v2.6.0-111\nvirt-handler-container-v2.6.0-111\nvirt-operator-container-v2.6.0-111\nvirt-launcher-container-v2.6.0-111\ncnv-must-gather-container-v2.6.0-54\nvirt-cdi-importer-container-v2.6.0-24\nvirt-cdi-cloner-container-v2.6.0-24\nvirt-cdi-controller-container-v2.6.0-24\nvirt-cdi-uploadserver-container-v2.6.0-24\nvirt-cdi-apiserver-container-v2.6.0-24\nvirt-cdi-uploadproxy-container-v2.6.0-24\nvirt-cdi-operator-container-v2.6.0-24\nhco-bundle-registry-container-v2.6.0-582\n\nSecurity Fix(es):\n\n* golang.org/x/crypto: Processing of crafted ssh-ed25519 public keys allows for panic (CVE-2020-9283)\n\n* golang: crypto/ssh: crafted authentication request can lead to nil pointer dereference (CVE-2020-29652)\n\n* gogo/protobuf: plugin/unmarshal/unmarshal.go lacks certain index validation (CVE-2021-3121)\n\n* golang.org/x/text: possibility to trigger an infinite loop in encoding/unicode could lead to crash (CVE-2020-14040)\n\n* golang: data race in certain net/http servers including ReverseProxy can lead to DoS (CVE-2020-15586)\n\n* golang: ReadUvarint and ReadVarint can read an unlimited number of bytes from invalid inputs (CVE-2020-16845)\n\n* jwt-go: access restriction bypass vulnerability (CVE-2020-26160)\n\n* golang-github-gorilla-websocket: integer overflow leads to denial of service (CVE-2020-27813)\n\n* golang: math/big: panic during recursive division of very large numbers (CVE-2020-28362)\n\n* containernetworking-cni: Arbitrary path injection via type field in CNI configuration (CVE-2021-20206)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat offerings.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2021:0799",
"url": "https://access.redhat.com/errata/RHSA-2021:0799"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "1732329",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1732329"
},
{
"category": "external",
"summary": "1783192",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1783192"
},
{
"category": "external",
"summary": "1791753",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1791753"
},
{
"category": "external",
"summary": "1804533",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1804533"
},
{
"category": "external",
"summary": "1848954",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1848954"
},
{
"category": "external",
"summary": "1848956",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1848956"
},
{
"category": "external",
"summary": "1853652",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1853652"
},
{
"category": "external",
"summary": "1853911",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1853911"
},
{
"category": "external",
"summary": "1854098",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1854098"
},
{
"category": "external",
"summary": "1856347",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1856347"
},
{
"category": "external",
"summary": "1856953",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1856953"
},
{
"category": "external",
"summary": "1859235",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1859235"
},
{
"category": "external",
"summary": "1860714",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1860714"
},
{
"category": "external",
"summary": "1860992",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1860992"
},
{
"category": "external",
"summary": "1864577",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1864577"
},
{
"category": "external",
"summary": "1866593",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1866593"
},
{
"category": "external",
"summary": "1867099",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1867099"
},
{
"category": "external",
"summary": "1868817",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1868817"
},
{
"category": "external",
"summary": "1873771",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1873771"
},
{
"category": "external",
"summary": "1874812",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1874812"
},
{
"category": "external",
"summary": "1878499",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1878499"
},
{
"category": "external",
"summary": "1879108",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1879108"
},
{
"category": "external",
"summary": "1881874",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1881874"
},
{
"category": "external",
"summary": "1883232",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1883232"
},
{
"category": "external",
"summary": "1883371",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1883371"
},
{
"category": "external",
"summary": "1885153",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1885153"
},
{
"category": "external",
"summary": "1885418",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1885418"
},
{
"category": "external",
"summary": "1887398",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1887398"
},
{
"category": "external",
"summary": "1889295",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1889295"
},
{
"category": "external",
"summary": "1891285",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1891285"
},
{
"category": "external",
"summary": "1891440",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1891440"
},
{
"category": "external",
"summary": "1892227",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1892227"
},
{
"category": "external",
"summary": "1893278",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1893278"
},
{
"category": "external",
"summary": "1893646",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1893646"
},
{
"category": "external",
"summary": "1894428",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1894428"
},
{
"category": "external",
"summary": "1894824",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1894824"
},
{
"category": "external",
"summary": "1894897",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1894897"
},
{
"category": "external",
"summary": "1895414",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1895414"
},
{
"category": "external",
"summary": "1897635",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1897635"
},
{
"category": "external",
"summary": "1898072",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1898072"
},
{
"category": "external",
"summary": "1898840",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1898840"
},
{
"category": "external",
"summary": "1899558",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1899558"
},
{
"category": "external",
"summary": "1901480",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1901480"
},
{
"category": "external",
"summary": "1902046",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1902046"
},
{
"category": "external",
"summary": "1902111",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1902111"
},
{
"category": "external",
"summary": "1903014",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1903014"
},
{
"category": "external",
"summary": "1903585",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1903585"
},
{
"category": "external",
"summary": "1904797",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1904797"
},
{
"category": "external",
"summary": "1906199",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1906199"
},
{
"category": "external",
"summary": "1907151",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1907151"
},
{
"category": "external",
"summary": "1907352",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1907352"
},
{
"category": "external",
"summary": "1907691",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1907691"
},
{
"category": "external",
"summary": "1907988",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1907988"
},
{
"category": "external",
"summary": "1908363",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1908363"
},
{
"category": "external",
"summary": "1908421",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1908421"
},
{
"category": "external",
"summary": "1908883",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1908883"
},
{
"category": "external",
"summary": "1909458",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1909458"
},
{
"category": "external",
"summary": "1910857",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1910857"
},
{
"category": "external",
"summary": "1911118",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1911118"
},
{
"category": "external",
"summary": "1911396",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1911396"
},
{
"category": "external",
"summary": "1911662",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1911662"
},
{
"category": "external",
"summary": "1912908",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1912908"
},
{
"category": "external",
"summary": "1913248",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1913248"
},
{
"category": "external",
"summary": "1913320",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1913320"
},
{
"category": "external",
"summary": "1913717",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1913717"
},
{
"category": "external",
"summary": "1913756",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1913756"
},
{
"category": "external",
"summary": "1914177",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1914177"
},
{
"category": "external",
"summary": "1914608",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1914608"
},
{
"category": "external",
"summary": "1914947",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1914947"
},
{
"category": "external",
"summary": "1917908",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1917908"
},
{
"category": "external",
"summary": "1917963",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1917963"
},
{
"category": "external",
"summary": "1919391",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1919391"
},
{
"category": "external",
"summary": "1920576",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1920576"
},
{
"category": "external",
"summary": "1920610",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1920610"
},
{
"category": "external",
"summary": "1921650",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1921650"
},
{
"category": "external",
"summary": "1923979",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1923979"
},
{
"category": "external",
"summary": "1927373",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1927373"
},
{
"category": "external",
"summary": "1931376",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1931376"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/data/csaf/v2/advisories/2021/rhsa-2021_0799.json"
}
],
"title": "Red Hat Security Advisory: OpenShift Virtualization 2.6.0 security and bug fix update",
"tracking": {
"current_release_date": "2024-09-18T04:27:31+00:00",
"generator": {
"date": "2024-09-18T04:27:31+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "3.33.3"
}
},
"id": "RHSA-2021:0799",
"initial_release_date": "2021-03-10T11:41:12+00:00",
"revision_history": [
{
"date": "2021-03-10T11:41:12+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2021-03-10T11:41:12+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-09-18T04:27:31+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "CNV 2.6 for RHEL 8",
"product": {
"name": "CNV 2.6 for RHEL 8",
"product_id": "8Base-CNV-2.6",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:container_native_virtualization:2.6::el8"
}
}
}
],
"category": "product_family",
"name": "OpenShift Virtualization"
},
{
"branches": [
{
"category": "product_version",
"name": "container-native-virtualization/kubevirt-cpu-model-nfd-plugin@sha256:efb152ddc837945aad0163f96c9668cbb8271c2b14716b9fef5b798c27efbe48_amd64",
"product": {
"name": "container-native-virtualization/kubevirt-cpu-model-nfd-plugin@sha256:efb152ddc837945aad0163f96c9668cbb8271c2b14716b9fef5b798c27efbe48_amd64",
"product_id": "container-native-virtualization/kubevirt-cpu-model-nfd-plugin@sha256:efb152ddc837945aad0163f96c9668cbb8271c2b14716b9fef5b798c27efbe48_amd64",
"product_identification_helper": {
"purl": "pkg:oci/kubevirt-cpu-model-nfd-plugin@sha256:efb152ddc837945aad0163f96c9668cbb8271c2b14716b9fef5b798c27efbe48?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/kubevirt-cpu-model-nfd-plugin\u0026tag=v2.6.0-9"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/kubevirt-cpu-node-labeller@sha256:2b78b4854b18e53e388d2d30bf68803e39f8fbc9a0b3713885081af25abfb3f1_amd64",
"product": {
"name": "container-native-virtualization/kubevirt-cpu-node-labeller@sha256:2b78b4854b18e53e388d2d30bf68803e39f8fbc9a0b3713885081af25abfb3f1_amd64",
"product_id": "container-native-virtualization/kubevirt-cpu-node-labeller@sha256:2b78b4854b18e53e388d2d30bf68803e39f8fbc9a0b3713885081af25abfb3f1_amd64",
"product_identification_helper": {
"purl": "pkg:oci/kubevirt-cpu-node-labeller@sha256:2b78b4854b18e53e388d2d30bf68803e39f8fbc9a0b3713885081af25abfb3f1?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/kubevirt-cpu-node-labeller\u0026tag=v2.6.0-7"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/kubevirt-kvm-info-nfd-plugin@sha256:2dcf59515b784d6decf484c1d756d5ddf4b65a38e78800a76ef1dab51020e553_amd64",
"product": {
"name": "container-native-virtualization/kubevirt-kvm-info-nfd-plugin@sha256:2dcf59515b784d6decf484c1d756d5ddf4b65a38e78800a76ef1dab51020e553_amd64",
"product_id": "container-native-virtualization/kubevirt-kvm-info-nfd-plugin@sha256:2dcf59515b784d6decf484c1d756d5ddf4b65a38e78800a76ef1dab51020e553_amd64",
"product_identification_helper": {
"purl": "pkg:oci/kubevirt-kvm-info-nfd-plugin@sha256:2dcf59515b784d6decf484c1d756d5ddf4b65a38e78800a76ef1dab51020e553?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/kubevirt-kvm-info-nfd-plugin\u0026tag=v2.6.0-7"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/vm-import-controller-rhel8@sha256:ad9c84b90577d32229b803f7b8d014f39f517d0961de46de972fce3801fdfdc8_amd64",
"product": {
"name": "container-native-virtualization/vm-import-controller-rhel8@sha256:ad9c84b90577d32229b803f7b8d014f39f517d0961de46de972fce3801fdfdc8_amd64",
"product_id": "container-native-virtualization/vm-import-controller-rhel8@sha256:ad9c84b90577d32229b803f7b8d014f39f517d0961de46de972fce3801fdfdc8_amd64",
"product_identification_helper": {
"purl": "pkg:oci/vm-import-controller-rhel8@sha256:ad9c84b90577d32229b803f7b8d014f39f517d0961de46de972fce3801fdfdc8?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/vm-import-controller-rhel8\u0026tag=v2.6.0-25"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/vm-import-controller@sha256:ad9c84b90577d32229b803f7b8d014f39f517d0961de46de972fce3801fdfdc8_amd64",
"product": {
"name": "container-native-virtualization/vm-import-controller@sha256:ad9c84b90577d32229b803f7b8d014f39f517d0961de46de972fce3801fdfdc8_amd64",
"product_id": "container-native-virtualization/vm-import-controller@sha256:ad9c84b90577d32229b803f7b8d014f39f517d0961de46de972fce3801fdfdc8_amd64",
"product_identification_helper": {
"purl": "pkg:oci/vm-import-controller@sha256:ad9c84b90577d32229b803f7b8d014f39f517d0961de46de972fce3801fdfdc8?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/vm-import-controller\u0026tag=v2.6.0-25"
}
}
}
],
"category": "architecture",
"name": "amd64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/kubevirt-cpu-model-nfd-plugin@sha256:efb152ddc837945aad0163f96c9668cbb8271c2b14716b9fef5b798c27efbe48_amd64 as a component of CNV 2.6 for RHEL 8",
"product_id": "8Base-CNV-2.6:container-native-virtualization/kubevirt-cpu-model-nfd-plugin@sha256:efb152ddc837945aad0163f96c9668cbb8271c2b14716b9fef5b798c27efbe48_amd64"
},
"product_reference": "container-native-virtualization/kubevirt-cpu-model-nfd-plugin@sha256:efb152ddc837945aad0163f96c9668cbb8271c2b14716b9fef5b798c27efbe48_amd64",
"relates_to_product_reference": "8Base-CNV-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/kubevirt-cpu-node-labeller@sha256:2b78b4854b18e53e388d2d30bf68803e39f8fbc9a0b3713885081af25abfb3f1_amd64 as a component of CNV 2.6 for RHEL 8",
"product_id": "8Base-CNV-2.6:container-native-virtualization/kubevirt-cpu-node-labeller@sha256:2b78b4854b18e53e388d2d30bf68803e39f8fbc9a0b3713885081af25abfb3f1_amd64"
},
"product_reference": "container-native-virtualization/kubevirt-cpu-node-labeller@sha256:2b78b4854b18e53e388d2d30bf68803e39f8fbc9a0b3713885081af25abfb3f1_amd64",
"relates_to_product_reference": "8Base-CNV-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/kubevirt-kvm-info-nfd-plugin@sha256:2dcf59515b784d6decf484c1d756d5ddf4b65a38e78800a76ef1dab51020e553_amd64 as a component of CNV 2.6 for RHEL 8",
"product_id": "8Base-CNV-2.6:container-native-virtualization/kubevirt-kvm-info-nfd-plugin@sha256:2dcf59515b784d6decf484c1d756d5ddf4b65a38e78800a76ef1dab51020e553_amd64"
},
"product_reference": "container-native-virtualization/kubevirt-kvm-info-nfd-plugin@sha256:2dcf59515b784d6decf484c1d756d5ddf4b65a38e78800a76ef1dab51020e553_amd64",
"relates_to_product_reference": "8Base-CNV-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/vm-import-controller-rhel8@sha256:ad9c84b90577d32229b803f7b8d014f39f517d0961de46de972fce3801fdfdc8_amd64 as a component of CNV 2.6 for RHEL 8",
"product_id": "8Base-CNV-2.6:container-native-virtualization/vm-import-controller-rhel8@sha256:ad9c84b90577d32229b803f7b8d014f39f517d0961de46de972fce3801fdfdc8_amd64"
},
"product_reference": "container-native-virtualization/vm-import-controller-rhel8@sha256:ad9c84b90577d32229b803f7b8d014f39f517d0961de46de972fce3801fdfdc8_amd64",
"relates_to_product_reference": "8Base-CNV-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/vm-import-controller@sha256:ad9c84b90577d32229b803f7b8d014f39f517d0961de46de972fce3801fdfdc8_amd64 as a component of CNV 2.6 for RHEL 8",
"product_id": "8Base-CNV-2.6:container-native-virtualization/vm-import-controller@sha256:ad9c84b90577d32229b803f7b8d014f39f517d0961de46de972fce3801fdfdc8_amd64"
},
"product_reference": "container-native-virtualization/vm-import-controller@sha256:ad9c84b90577d32229b803f7b8d014f39f517d0961de46de972fce3801fdfdc8_amd64",
"relates_to_product_reference": "8Base-CNV-2.6"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2020-9283",
"cwe": {
"id": "CWE-130",
"name": "Improper Handling of Length Parameter Inconsistency"
},
"discovery_date": "2020-02-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1804533"
}
],
"notes": [
{
"category": "description",
"text": "A denial of service vulnerability was found in the SSH package of the golang.org/x/crypto library. An attacker could exploit this flaw by supplying crafted SSH ed25519 keys to cause a crash in applications that use this package as either an SSH client or server.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang.org/x/crypto: Processing of crafted ssh-ed25519 public keys allows for panic",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "OpenShift Container Platform uses the vulnerable library in a number of components but strictly as an SSH client. The severity of this vulnerability is reduced for clients as it requires connections to malicious SSH servers, with the maximum impact only a client crash. This vulnerability is rated Low for OpenShift Container Platform.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-CNV-2.6:container-native-virtualization/kubevirt-cpu-model-nfd-plugin@sha256:efb152ddc837945aad0163f96c9668cbb8271c2b14716b9fef5b798c27efbe48_amd64",
"8Base-CNV-2.6:container-native-virtualization/kubevirt-cpu-node-labeller@sha256:2b78b4854b18e53e388d2d30bf68803e39f8fbc9a0b3713885081af25abfb3f1_amd64",
"8Base-CNV-2.6:container-native-virtualization/kubevirt-kvm-info-nfd-plugin@sha256:2dcf59515b784d6decf484c1d756d5ddf4b65a38e78800a76ef1dab51020e553_amd64",
"8Base-CNV-2.6:container-native-virtualization/vm-import-controller-rhel8@sha256:ad9c84b90577d32229b803f7b8d014f39f517d0961de46de972fce3801fdfdc8_amd64",
"8Base-CNV-2.6:container-native-virtualization/vm-import-controller@sha256:ad9c84b90577d32229b803f7b8d014f39f517d0961de46de972fce3801fdfdc8_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-9283"
},
{
"category": "external",
"summary": "RHBZ#1804533",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1804533"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-9283",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-9283"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-9283",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-9283"
},
{
"category": "external",
"summary": "https://groups.google.com/forum/#!topic/golang-announce/3L45YRc91SY",
"url": "https://groups.google.com/forum/#!topic/golang-announce/3L45YRc91SY"
}
],
"release_date": "2020-02-21T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-CNV-2.6:container-native-virtualization/kubevirt-cpu-model-nfd-plugin@sha256:efb152ddc837945aad0163f96c9668cbb8271c2b14716b9fef5b798c27efbe48_amd64",
"8Base-CNV-2.6:container-native-virtualization/kubevirt-cpu-node-labeller@sha256:2b78b4854b18e53e388d2d30bf68803e39f8fbc9a0b3713885081af25abfb3f1_amd64",
"8Base-CNV-2.6:container-native-virtualization/kubevirt-kvm-info-nfd-plugin@sha256:2dcf59515b784d6decf484c1d756d5ddf4b65a38e78800a76ef1dab51020e553_amd64",
"8Base-CNV-2.6:container-native-virtualization/vm-import-controller-rhel8@sha256:ad9c84b90577d32229b803f7b8d014f39f517d0961de46de972fce3801fdfdc8_amd64",
"8Base-CNV-2.6:container-native-virtualization/vm-import-controller@sha256:ad9c84b90577d32229b803f7b8d014f39f517d0961de46de972fce3801fdfdc8_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:0799"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-CNV-2.6:container-native-virtualization/kubevirt-cpu-model-nfd-plugin@sha256:efb152ddc837945aad0163f96c9668cbb8271c2b14716b9fef5b798c27efbe48_amd64",
"8Base-CNV-2.6:container-native-virtualization/kubevirt-cpu-node-labeller@sha256:2b78b4854b18e53e388d2d30bf68803e39f8fbc9a0b3713885081af25abfb3f1_amd64",
"8Base-CNV-2.6:container-native-virtualization/kubevirt-kvm-info-nfd-plugin@sha256:2dcf59515b784d6decf484c1d756d5ddf4b65a38e78800a76ef1dab51020e553_amd64",
"8Base-CNV-2.6:container-native-virtualization/vm-import-controller-rhel8@sha256:ad9c84b90577d32229b803f7b8d014f39f517d0961de46de972fce3801fdfdc8_amd64",
"8Base-CNV-2.6:container-native-virtualization/vm-import-controller@sha256:ad9c84b90577d32229b803f7b8d014f39f517d0961de46de972fce3801fdfdc8_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang.org/x/crypto: Processing of crafted ssh-ed25519 public keys allows for panic"
},
{
"cve": "CVE-2020-14040",
"cwe": {
"id": "CWE-835",
"name": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)"
},
"discovery_date": "2020-06-17T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1853652"
}
],
"notes": [
{
"category": "description",
"text": "A denial of service vulnerability was found in the golang.org/x/text library. A library or application must use one of the vulnerable functions, such as unicode.Transform, transform.String, or transform.Byte, to be susceptible to this vulnerability. If an attacker is able to supply specific characters or strings to the vulnerable application, there is the potential to cause an infinite loop to occur using more memory, resulting in a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang.org/x/text: possibility to trigger an infinite loop in encoding/unicode could lead to crash",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "* OpenShift ServiceMesh (OSSM) 1.0 is Out Of Support Scope (OOSS) for Moderate and Low impact vulnerabilities. Jaeger was packaged with ServiceMesh in 1.0, and hence is also marked OOSS, but the Jaeger-Operator is a standalone product and is affected by this vulnerability.\n\n* Because Service Telemetry Framework does not directly use unicode.UTF16, no update will be provided at this time for STF\u0027s sg-core-container.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-CNV-2.6:container-native-virtualization/kubevirt-cpu-model-nfd-plugin@sha256:efb152ddc837945aad0163f96c9668cbb8271c2b14716b9fef5b798c27efbe48_amd64",
"8Base-CNV-2.6:container-native-virtualization/kubevirt-cpu-node-labeller@sha256:2b78b4854b18e53e388d2d30bf68803e39f8fbc9a0b3713885081af25abfb3f1_amd64",
"8Base-CNV-2.6:container-native-virtualization/kubevirt-kvm-info-nfd-plugin@sha256:2dcf59515b784d6decf484c1d756d5ddf4b65a38e78800a76ef1dab51020e553_amd64",
"8Base-CNV-2.6:container-native-virtualization/vm-import-controller-rhel8@sha256:ad9c84b90577d32229b803f7b8d014f39f517d0961de46de972fce3801fdfdc8_amd64",
"8Base-CNV-2.6:container-native-virtualization/vm-import-controller@sha256:ad9c84b90577d32229b803f7b8d014f39f517d0961de46de972fce3801fdfdc8_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-14040"
},
{
"category": "external",
"summary": "RHBZ#1853652",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1853652"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-14040",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14040"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-14040",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-14040"
},
{
"category": "external",
"summary": "https://github.com/golang/go/issues/39491",
"url": "https://github.com/golang/go/issues/39491"
},
{
"category": "external",
"summary": "https://groups.google.com/forum/#!topic/golang-announce/bXVeAmGOqz0",
"url": "https://groups.google.com/forum/#!topic/golang-announce/bXVeAmGOqz0"
}
],
"release_date": "2020-06-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-CNV-2.6:container-native-virtualization/kubevirt-cpu-model-nfd-plugin@sha256:efb152ddc837945aad0163f96c9668cbb8271c2b14716b9fef5b798c27efbe48_amd64",
"8Base-CNV-2.6:container-native-virtualization/kubevirt-cpu-node-labeller@sha256:2b78b4854b18e53e388d2d30bf68803e39f8fbc9a0b3713885081af25abfb3f1_amd64",
"8Base-CNV-2.6:container-native-virtualization/kubevirt-kvm-info-nfd-plugin@sha256:2dcf59515b784d6decf484c1d756d5ddf4b65a38e78800a76ef1dab51020e553_amd64",
"8Base-CNV-2.6:container-native-virtualization/vm-import-controller-rhel8@sha256:ad9c84b90577d32229b803f7b8d014f39f517d0961de46de972fce3801fdfdc8_amd64",
"8Base-CNV-2.6:container-native-virtualization/vm-import-controller@sha256:ad9c84b90577d32229b803f7b8d014f39f517d0961de46de972fce3801fdfdc8_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:0799"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-CNV-2.6:container-native-virtualization/kubevirt-cpu-model-nfd-plugin@sha256:efb152ddc837945aad0163f96c9668cbb8271c2b14716b9fef5b798c27efbe48_amd64",
"8Base-CNV-2.6:container-native-virtualization/kubevirt-cpu-node-labeller@sha256:2b78b4854b18e53e388d2d30bf68803e39f8fbc9a0b3713885081af25abfb3f1_amd64",
"8Base-CNV-2.6:container-native-virtualization/kubevirt-kvm-info-nfd-plugin@sha256:2dcf59515b784d6decf484c1d756d5ddf4b65a38e78800a76ef1dab51020e553_amd64",
"8Base-CNV-2.6:container-native-virtualization/vm-import-controller-rhel8@sha256:ad9c84b90577d32229b803f7b8d014f39f517d0961de46de972fce3801fdfdc8_amd64",
"8Base-CNV-2.6:container-native-virtualization/vm-import-controller@sha256:ad9c84b90577d32229b803f7b8d014f39f517d0961de46de972fce3801fdfdc8_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang.org/x/text: possibility to trigger an infinite loop in encoding/unicode could lead to crash"
},
{
"cve": "CVE-2020-15586",
"cwe": {
"id": "CWE-362",
"name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
},
"discovery_date": "2020-07-14T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1856953"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found Go\u0027s net/http package. Servers using ReverseProxy from net/http in the Go standard library are vulnerable to a data race that results in a denial of service. The highest threat from this vulnerability is to system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: data race in certain net/http servers including ReverseProxy can lead to DoS",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "OpenShift Container Platform (OCP) components are primarily written in Go, meaning that any component using the net/http package includes the vulnerable code. OCP server endpoints using ReverseProxy are protected by authentication, reducing the severity of this vulnerability to Low for OCP.\n\nSimilar to OCP, OpenShift ServiceMesh (OSSM), RedHat OpenShift Jaeger (RHOSJ) and OpenShift Virtualization are also primarily written in Go and are protected via authentication, reducing the severity of this vulnerability to Low.\n\nRed Hat Gluster Storage 3 and Red Hat Openshift Container Storage 4 components are built with the affected version of Go, however the vulnerable functionality is currently not used by these products and hence this issue has been rated as having a security impact of Low.\n\nRed Hat Ceph Storage 3 and 4 components are built with the affected version of Go, however the vulnerable functionality is currently not used by these products and hence this issue has been rated as having a security impact of Low.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-CNV-2.6:container-native-virtualization/kubevirt-cpu-model-nfd-plugin@sha256:efb152ddc837945aad0163f96c9668cbb8271c2b14716b9fef5b798c27efbe48_amd64",
"8Base-CNV-2.6:container-native-virtualization/kubevirt-cpu-node-labeller@sha256:2b78b4854b18e53e388d2d30bf68803e39f8fbc9a0b3713885081af25abfb3f1_amd64",
"8Base-CNV-2.6:container-native-virtualization/kubevirt-kvm-info-nfd-plugin@sha256:2dcf59515b784d6decf484c1d756d5ddf4b65a38e78800a76ef1dab51020e553_amd64",
"8Base-CNV-2.6:container-native-virtualization/vm-import-controller-rhel8@sha256:ad9c84b90577d32229b803f7b8d014f39f517d0961de46de972fce3801fdfdc8_amd64",
"8Base-CNV-2.6:container-native-virtualization/vm-import-controller@sha256:ad9c84b90577d32229b803f7b8d014f39f517d0961de46de972fce3801fdfdc8_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-15586"
},
{
"category": "external",
"summary": "RHBZ#1856953",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1856953"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-15586",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-15586"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-15586",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-15586"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/XZNfaiwgt2w/m/E6gHDs32AQAJ",
"url": "https://groups.google.com/g/golang-announce/c/XZNfaiwgt2w/m/E6gHDs32AQAJ"
}
],
"release_date": "2020-07-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-CNV-2.6:container-native-virtualization/kubevirt-cpu-model-nfd-plugin@sha256:efb152ddc837945aad0163f96c9668cbb8271c2b14716b9fef5b798c27efbe48_amd64",
"8Base-CNV-2.6:container-native-virtualization/kubevirt-cpu-node-labeller@sha256:2b78b4854b18e53e388d2d30bf68803e39f8fbc9a0b3713885081af25abfb3f1_amd64",
"8Base-CNV-2.6:container-native-virtualization/kubevirt-kvm-info-nfd-plugin@sha256:2dcf59515b784d6decf484c1d756d5ddf4b65a38e78800a76ef1dab51020e553_amd64",
"8Base-CNV-2.6:container-native-virtualization/vm-import-controller-rhel8@sha256:ad9c84b90577d32229b803f7b8d014f39f517d0961de46de972fce3801fdfdc8_amd64",
"8Base-CNV-2.6:container-native-virtualization/vm-import-controller@sha256:ad9c84b90577d32229b803f7b8d014f39f517d0961de46de972fce3801fdfdc8_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:0799"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-CNV-2.6:container-native-virtualization/kubevirt-cpu-model-nfd-plugin@sha256:efb152ddc837945aad0163f96c9668cbb8271c2b14716b9fef5b798c27efbe48_amd64",
"8Base-CNV-2.6:container-native-virtualization/kubevirt-cpu-node-labeller@sha256:2b78b4854b18e53e388d2d30bf68803e39f8fbc9a0b3713885081af25abfb3f1_amd64",
"8Base-CNV-2.6:container-native-virtualization/kubevirt-kvm-info-nfd-plugin@sha256:2dcf59515b784d6decf484c1d756d5ddf4b65a38e78800a76ef1dab51020e553_amd64",
"8Base-CNV-2.6:container-native-virtualization/vm-import-controller-rhel8@sha256:ad9c84b90577d32229b803f7b8d014f39f517d0961de46de972fce3801fdfdc8_amd64",
"8Base-CNV-2.6:container-native-virtualization/vm-import-controller@sha256:ad9c84b90577d32229b803f7b8d014f39f517d0961de46de972fce3801fdfdc8_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: data race in certain net/http servers including ReverseProxy can lead to DoS"
},
{
"cve": "CVE-2020-16845",
"cwe": {
"id": "CWE-835",
"name": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)"
},
"discovery_date": "2020-08-07T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1867099"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Go encoding/binary package. Certain invalid inputs to the ReadUvarint or the ReadVarint causes those functions to read an unlimited number of bytes from the ByteReader argument before returning an error. This flaw possibly leads to processing more input than expected. The highest threat from this vulnerability is to system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: ReadUvarint and ReadVarint can read an unlimited number of bytes from invalid inputs",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "OpenShift Container Platform (OCP), OpenShift ServiceMesh (OSSM), RedHat OpenShift Jaeger (RHOSJ) and OpenShift Virtualization components are primarily written in Go, meaning that any component using the encoding/binary package includes the vulnerable code. The affected components are behind OpenShift OAuth authentication, therefore the impact is low.\n\nRed Hat Gluster Storage 3, Red Hat OpenShift Container Storage 4 and Red Hat Ceph Storage (3 and 4) components are built with the affected version of Go, however the vulnerable functionality is currently not used by these products and hence this issue has been rated as having a security impact of Low.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-CNV-2.6:container-native-virtualization/kubevirt-cpu-model-nfd-plugin@sha256:efb152ddc837945aad0163f96c9668cbb8271c2b14716b9fef5b798c27efbe48_amd64",
"8Base-CNV-2.6:container-native-virtualization/kubevirt-cpu-node-labeller@sha256:2b78b4854b18e53e388d2d30bf68803e39f8fbc9a0b3713885081af25abfb3f1_amd64",
"8Base-CNV-2.6:container-native-virtualization/kubevirt-kvm-info-nfd-plugin@sha256:2dcf59515b784d6decf484c1d756d5ddf4b65a38e78800a76ef1dab51020e553_amd64",
"8Base-CNV-2.6:container-native-virtualization/vm-import-controller-rhel8@sha256:ad9c84b90577d32229b803f7b8d014f39f517d0961de46de972fce3801fdfdc8_amd64",
"8Base-CNV-2.6:container-native-virtualization/vm-import-controller@sha256:ad9c84b90577d32229b803f7b8d014f39f517d0961de46de972fce3801fdfdc8_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-16845"
},
{
"category": "external",
"summary": "RHBZ#1867099",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1867099"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-16845",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-16845"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-16845",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-16845"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/NyPIaucMgXo",
"url": "https://groups.google.com/g/golang-announce/c/NyPIaucMgXo"
}
],
"release_date": "2020-08-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-CNV-2.6:container-native-virtualization/kubevirt-cpu-model-nfd-plugin@sha256:efb152ddc837945aad0163f96c9668cbb8271c2b14716b9fef5b798c27efbe48_amd64",
"8Base-CNV-2.6:container-native-virtualization/kubevirt-cpu-node-labeller@sha256:2b78b4854b18e53e388d2d30bf68803e39f8fbc9a0b3713885081af25abfb3f1_amd64",
"8Base-CNV-2.6:container-native-virtualization/kubevirt-kvm-info-nfd-plugin@sha256:2dcf59515b784d6decf484c1d756d5ddf4b65a38e78800a76ef1dab51020e553_amd64",
"8Base-CNV-2.6:container-native-virtualization/vm-import-controller-rhel8@sha256:ad9c84b90577d32229b803f7b8d014f39f517d0961de46de972fce3801fdfdc8_amd64",
"8Base-CNV-2.6:container-native-virtualization/vm-import-controller@sha256:ad9c84b90577d32229b803f7b8d014f39f517d0961de46de972fce3801fdfdc8_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:0799"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-CNV-2.6:container-native-virtualization/kubevirt-cpu-model-nfd-plugin@sha256:efb152ddc837945aad0163f96c9668cbb8271c2b14716b9fef5b798c27efbe48_amd64",
"8Base-CNV-2.6:container-native-virtualization/kubevirt-cpu-node-labeller@sha256:2b78b4854b18e53e388d2d30bf68803e39f8fbc9a0b3713885081af25abfb3f1_amd64",
"8Base-CNV-2.6:container-native-virtualization/kubevirt-kvm-info-nfd-plugin@sha256:2dcf59515b784d6decf484c1d756d5ddf4b65a38e78800a76ef1dab51020e553_amd64",
"8Base-CNV-2.6:container-native-virtualization/vm-import-controller-rhel8@sha256:ad9c84b90577d32229b803f7b8d014f39f517d0961de46de972fce3801fdfdc8_amd64",
"8Base-CNV-2.6:container-native-virtualization/vm-import-controller@sha256:ad9c84b90577d32229b803f7b8d014f39f517d0961de46de972fce3801fdfdc8_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: ReadUvarint and ReadVarint can read an unlimited number of bytes from invalid inputs"
},
{
"cve": "CVE-2020-26160",
"cwe": {
"id": "CWE-284",
"name": "Improper Access Control"
},
"discovery_date": "2020-09-23T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1883371"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in jwt-go where it is vulnerable to Access Restriction Bypass if m[\"aud\"] happens to be []string{}, as allowed by the spec, the type assertion fails and the value of aud is \"\". This can cause audience verification to succeed even if the audiences being passed are incorrect if required is set to false.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jwt-go: access restriction bypass vulnerability",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The github.com/dgrijalva/jwt-go module is an indirect dependency of the k8s.io/client-go module pulled into Quay Bridge, and Setup operators via the Operator\u0027s SDK generated code. The k8s.io/client-go module does not use jwt-go in an unsafe way [1]. Red Hat Quay components have been marked as wontfix. This may be fixed in the future.\n\nSimilar to Quay, multiple OpenShift Container Platform (OCP) containers include jwt-go as a transient dependency due to go-autorest [1]. As such, those containers do not use jwt-go in an unsafe way. They have been marked wontfix at this time and may be fixed in a future update.\n\nSame as Quay and OpenShift Container Platform, components shipped with Red Hat OpenShift Container Storage 4 do not use jwt-go in an unsafe way and hence this issue has been rated as having a security impact of Low. A future update may address this issue.\n\nRed Hat Gluster Storage 3 shipped multi-cloud-object-gateway-cli as a technical preview and is not currently planned to be addressed in future updates, hence the multi-cloud-object-gateway-cli package will not be fixed.\n\n[1] https://github.com/Azure/go-autorest/issues/568#issuecomment-703804062",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-CNV-2.6:container-native-virtualization/kubevirt-cpu-model-nfd-plugin@sha256:efb152ddc837945aad0163f96c9668cbb8271c2b14716b9fef5b798c27efbe48_amd64",
"8Base-CNV-2.6:container-native-virtualization/kubevirt-cpu-node-labeller@sha256:2b78b4854b18e53e388d2d30bf68803e39f8fbc9a0b3713885081af25abfb3f1_amd64",
"8Base-CNV-2.6:container-native-virtualization/kubevirt-kvm-info-nfd-plugin@sha256:2dcf59515b784d6decf484c1d756d5ddf4b65a38e78800a76ef1dab51020e553_amd64",
"8Base-CNV-2.6:container-native-virtualization/vm-import-controller-rhel8@sha256:ad9c84b90577d32229b803f7b8d014f39f517d0961de46de972fce3801fdfdc8_amd64",
"8Base-CNV-2.6:container-native-virtualization/vm-import-controller@sha256:ad9c84b90577d32229b803f7b8d014f39f517d0961de46de972fce3801fdfdc8_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-26160"
},
{
"category": "external",
"summary": "RHBZ#1883371",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1883371"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-26160",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-26160"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-26160",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-26160"
},
{
"category": "external",
"summary": "https://snyk.io/vuln/SNYK-GOLANG-GITHUBCOMDGRIJALVAJWTGO-596515",
"url": "https://snyk.io/vuln/SNYK-GOLANG-GITHUBCOMDGRIJALVAJWTGO-596515"
}
],
"release_date": "2020-09-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-CNV-2.6:container-native-virtualization/kubevirt-cpu-model-nfd-plugin@sha256:efb152ddc837945aad0163f96c9668cbb8271c2b14716b9fef5b798c27efbe48_amd64",
"8Base-CNV-2.6:container-native-virtualization/kubevirt-cpu-node-labeller@sha256:2b78b4854b18e53e388d2d30bf68803e39f8fbc9a0b3713885081af25abfb3f1_amd64",
"8Base-CNV-2.6:container-native-virtualization/kubevirt-kvm-info-nfd-plugin@sha256:2dcf59515b784d6decf484c1d756d5ddf4b65a38e78800a76ef1dab51020e553_amd64",
"8Base-CNV-2.6:container-native-virtualization/vm-import-controller-rhel8@sha256:ad9c84b90577d32229b803f7b8d014f39f517d0961de46de972fce3801fdfdc8_amd64",
"8Base-CNV-2.6:container-native-virtualization/vm-import-controller@sha256:ad9c84b90577d32229b803f7b8d014f39f517d0961de46de972fce3801fdfdc8_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:0799"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"8Base-CNV-2.6:container-native-virtualization/kubevirt-cpu-model-nfd-plugin@sha256:efb152ddc837945aad0163f96c9668cbb8271c2b14716b9fef5b798c27efbe48_amd64",
"8Base-CNV-2.6:container-native-virtualization/kubevirt-cpu-node-labeller@sha256:2b78b4854b18e53e388d2d30bf68803e39f8fbc9a0b3713885081af25abfb3f1_amd64",
"8Base-CNV-2.6:container-native-virtualization/kubevirt-kvm-info-nfd-plugin@sha256:2dcf59515b784d6decf484c1d756d5ddf4b65a38e78800a76ef1dab51020e553_amd64",
"8Base-CNV-2.6:container-native-virtualization/vm-import-controller-rhel8@sha256:ad9c84b90577d32229b803f7b8d014f39f517d0961de46de972fce3801fdfdc8_amd64",
"8Base-CNV-2.6:container-native-virtualization/vm-import-controller@sha256:ad9c84b90577d32229b803f7b8d014f39f517d0961de46de972fce3801fdfdc8_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jwt-go: access restriction bypass vulnerability"
},
{
"cve": "CVE-2020-27813",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2020-11-27T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1902111"
}
],
"notes": [
{
"category": "description",
"text": "An integer overflow vulnerability exists with the length of websocket frames received via a websocket connection. An attacker could use this flaw to cause a denial of service attack on an HTTP Server allowing websocket connections.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang-github-gorilla-websocket: integer overflow leads to denial of service",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-CNV-2.6:container-native-virtualization/kubevirt-cpu-model-nfd-plugin@sha256:efb152ddc837945aad0163f96c9668cbb8271c2b14716b9fef5b798c27efbe48_amd64",
"8Base-CNV-2.6:container-native-virtualization/kubevirt-cpu-node-labeller@sha256:2b78b4854b18e53e388d2d30bf68803e39f8fbc9a0b3713885081af25abfb3f1_amd64",
"8Base-CNV-2.6:container-native-virtualization/kubevirt-kvm-info-nfd-plugin@sha256:2dcf59515b784d6decf484c1d756d5ddf4b65a38e78800a76ef1dab51020e553_amd64",
"8Base-CNV-2.6:container-native-virtualization/vm-import-controller-rhel8@sha256:ad9c84b90577d32229b803f7b8d014f39f517d0961de46de972fce3801fdfdc8_amd64",
"8Base-CNV-2.6:container-native-virtualization/vm-import-controller@sha256:ad9c84b90577d32229b803f7b8d014f39f517d0961de46de972fce3801fdfdc8_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-27813"
},
{
"category": "external",
"summary": "RHBZ#1902111",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1902111"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-27813",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-27813"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-27813",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-27813"
},
{
"category": "external",
"summary": "https://github.com/gorilla/websocket/security/advisories/GHSA-jf24-p9p9-4rjh",
"url": "https://github.com/gorilla/websocket/security/advisories/GHSA-jf24-p9p9-4rjh"
}
],
"release_date": "2019-08-25T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-CNV-2.6:container-native-virtualization/kubevirt-cpu-model-nfd-plugin@sha256:efb152ddc837945aad0163f96c9668cbb8271c2b14716b9fef5b798c27efbe48_amd64",
"8Base-CNV-2.6:container-native-virtualization/kubevirt-cpu-node-labeller@sha256:2b78b4854b18e53e388d2d30bf68803e39f8fbc9a0b3713885081af25abfb3f1_amd64",
"8Base-CNV-2.6:container-native-virtualization/kubevirt-kvm-info-nfd-plugin@sha256:2dcf59515b784d6decf484c1d756d5ddf4b65a38e78800a76ef1dab51020e553_amd64",
"8Base-CNV-2.6:container-native-virtualization/vm-import-controller-rhel8@sha256:ad9c84b90577d32229b803f7b8d014f39f517d0961de46de972fce3801fdfdc8_amd64",
"8Base-CNV-2.6:container-native-virtualization/vm-import-controller@sha256:ad9c84b90577d32229b803f7b8d014f39f517d0961de46de972fce3801fdfdc8_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:0799"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-CNV-2.6:container-native-virtualization/kubevirt-cpu-model-nfd-plugin@sha256:efb152ddc837945aad0163f96c9668cbb8271c2b14716b9fef5b798c27efbe48_amd64",
"8Base-CNV-2.6:container-native-virtualization/kubevirt-cpu-node-labeller@sha256:2b78b4854b18e53e388d2d30bf68803e39f8fbc9a0b3713885081af25abfb3f1_amd64",
"8Base-CNV-2.6:container-native-virtualization/kubevirt-kvm-info-nfd-plugin@sha256:2dcf59515b784d6decf484c1d756d5ddf4b65a38e78800a76ef1dab51020e553_amd64",
"8Base-CNV-2.6:container-native-virtualization/vm-import-controller-rhel8@sha256:ad9c84b90577d32229b803f7b8d014f39f517d0961de46de972fce3801fdfdc8_amd64",
"8Base-CNV-2.6:container-native-virtualization/vm-import-controller@sha256:ad9c84b90577d32229b803f7b8d014f39f517d0961de46de972fce3801fdfdc8_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang-github-gorilla-websocket: integer overflow leads to denial of service"
},
{
"cve": "CVE-2020-28362",
"cwe": {
"id": "CWE-295",
"name": "Improper Certificate Validation"
},
"discovery_date": "2020-11-12T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1897635"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the math/big package of Go\u0027s standard library that causes a denial of service. Applications written in Go that use math/big via cryptographic packages, including crypto/rsa and crypto/x509, are vulnerable and can potentially cause panic via a crafted certificate chain. The highest threat from this vulnerability is to system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: math/big: panic during recursive division of very large numbers",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "OpenShift ServiceMesh (OSSM) 1.1 is Out Of Support Scope (OOSS) for Moderate and Low impact vulnerabilities because it is now in the Maintenance Phase of the support.\nOpenshift Virtualization 1 (formerly Container Native Virtualization) is Out Of Support Scope (OOSS) for Moderate and Low impact vulnerabilities.\n\nRed Hat Gluster Storage 3 shipped multi-cloud-object-gateway-cli and noobaa-operator container as a technical preview and is not currently planned to be addressed in future updates.\n\nOpenShift Container Platform (OCP) 4.5 and earlier are built with Go versions earlier than 1.14, which are not affected by this vulnerability. OCP 4.6 is built with Go 1.15 and is affected.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-CNV-2.6:container-native-virtualization/kubevirt-cpu-model-nfd-plugin@sha256:efb152ddc837945aad0163f96c9668cbb8271c2b14716b9fef5b798c27efbe48_amd64",
"8Base-CNV-2.6:container-native-virtualization/kubevirt-cpu-node-labeller@sha256:2b78b4854b18e53e388d2d30bf68803e39f8fbc9a0b3713885081af25abfb3f1_amd64",
"8Base-CNV-2.6:container-native-virtualization/kubevirt-kvm-info-nfd-plugin@sha256:2dcf59515b784d6decf484c1d756d5ddf4b65a38e78800a76ef1dab51020e553_amd64",
"8Base-CNV-2.6:container-native-virtualization/vm-import-controller-rhel8@sha256:ad9c84b90577d32229b803f7b8d014f39f517d0961de46de972fce3801fdfdc8_amd64",
"8Base-CNV-2.6:container-native-virtualization/vm-import-controller@sha256:ad9c84b90577d32229b803f7b8d014f39f517d0961de46de972fce3801fdfdc8_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-28362"
},
{
"category": "external",
"summary": "RHBZ#1897635",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1897635"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-28362",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-28362"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-28362",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-28362"
}
],
"release_date": "2020-11-12T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-CNV-2.6:container-native-virtualization/kubevirt-cpu-model-nfd-plugin@sha256:efb152ddc837945aad0163f96c9668cbb8271c2b14716b9fef5b798c27efbe48_amd64",
"8Base-CNV-2.6:container-native-virtualization/kubevirt-cpu-node-labeller@sha256:2b78b4854b18e53e388d2d30bf68803e39f8fbc9a0b3713885081af25abfb3f1_amd64",
"8Base-CNV-2.6:container-native-virtualization/kubevirt-kvm-info-nfd-plugin@sha256:2dcf59515b784d6decf484c1d756d5ddf4b65a38e78800a76ef1dab51020e553_amd64",
"8Base-CNV-2.6:container-native-virtualization/vm-import-controller-rhel8@sha256:ad9c84b90577d32229b803f7b8d014f39f517d0961de46de972fce3801fdfdc8_amd64",
"8Base-CNV-2.6:container-native-virtualization/vm-import-controller@sha256:ad9c84b90577d32229b803f7b8d014f39f517d0961de46de972fce3801fdfdc8_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:0799"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-CNV-2.6:container-native-virtualization/kubevirt-cpu-model-nfd-plugin@sha256:efb152ddc837945aad0163f96c9668cbb8271c2b14716b9fef5b798c27efbe48_amd64",
"8Base-CNV-2.6:container-native-virtualization/kubevirt-cpu-node-labeller@sha256:2b78b4854b18e53e388d2d30bf68803e39f8fbc9a0b3713885081af25abfb3f1_amd64",
"8Base-CNV-2.6:container-native-virtualization/kubevirt-kvm-info-nfd-plugin@sha256:2dcf59515b784d6decf484c1d756d5ddf4b65a38e78800a76ef1dab51020e553_amd64",
"8Base-CNV-2.6:container-native-virtualization/vm-import-controller-rhel8@sha256:ad9c84b90577d32229b803f7b8d014f39f517d0961de46de972fce3801fdfdc8_amd64",
"8Base-CNV-2.6:container-native-virtualization/vm-import-controller@sha256:ad9c84b90577d32229b803f7b8d014f39f517d0961de46de972fce3801fdfdc8_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: math/big: panic during recursive division of very large numbers"
},
{
"cve": "CVE-2020-29652",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"discovery_date": "2020-12-17T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1908883"
}
],
"notes": [
{
"category": "description",
"text": "A null pointer dereference vulnerability was found in golang. When using the library\u0027s ssh server without specifying an option for GSSAPIWithMICConfig, it is possible for an attacker to craft an ssh client connection using the `gssapi-with-mic` authentication method and cause the server to panic resulting in a denial of service. The highest threat from this vulnerability is to system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: crypto/ssh: crafted authentication request can lead to nil pointer dereference",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "A large number of products include the affected package, but do not make use of the vulnerable SSH server code. Accordingly, the flaw itself is rated as \"Important\", but these products themselves all have a \"Low\" severity rating.\n\nAdditionally, a number of products include golang.org/x/crypto (or even golang.org/x/crypto/ssh/terminal) but not specifically golang.org/x/crypto/ssh/server.go in the final build. As this would result in a very large number of entries of not affected products, only products which include the ssh server code (golang.org/x/crypto/ssh/server.go) have been represented here. \n\nRed Hat Enterprise Linux 8 container-tools:rhel8/containernetworking-plugins is not affected because although it uses some functionality from golang.org/x/crypto, it does not use or import anything from golang.org/x/crypto/ssh/*.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-CNV-2.6:container-native-virtualization/kubevirt-cpu-model-nfd-plugin@sha256:efb152ddc837945aad0163f96c9668cbb8271c2b14716b9fef5b798c27efbe48_amd64",
"8Base-CNV-2.6:container-native-virtualization/kubevirt-cpu-node-labeller@sha256:2b78b4854b18e53e388d2d30bf68803e39f8fbc9a0b3713885081af25abfb3f1_amd64",
"8Base-CNV-2.6:container-native-virtualization/kubevirt-kvm-info-nfd-plugin@sha256:2dcf59515b784d6decf484c1d756d5ddf4b65a38e78800a76ef1dab51020e553_amd64",
"8Base-CNV-2.6:container-native-virtualization/vm-import-controller-rhel8@sha256:ad9c84b90577d32229b803f7b8d014f39f517d0961de46de972fce3801fdfdc8_amd64",
"8Base-CNV-2.6:container-native-virtualization/vm-import-controller@sha256:ad9c84b90577d32229b803f7b8d014f39f517d0961de46de972fce3801fdfdc8_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-29652"
},
{
"category": "external",
"summary": "RHBZ#1908883",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1908883"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-29652",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-29652"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-29652",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-29652"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/ouZIlBimOsE?pli=1",
"url": "https://groups.google.com/g/golang-announce/c/ouZIlBimOsE?pli=1"
}
],
"release_date": "2020-12-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-CNV-2.6:container-native-virtualization/kubevirt-cpu-model-nfd-plugin@sha256:efb152ddc837945aad0163f96c9668cbb8271c2b14716b9fef5b798c27efbe48_amd64",
"8Base-CNV-2.6:container-native-virtualization/kubevirt-cpu-node-labeller@sha256:2b78b4854b18e53e388d2d30bf68803e39f8fbc9a0b3713885081af25abfb3f1_amd64",
"8Base-CNV-2.6:container-native-virtualization/kubevirt-kvm-info-nfd-plugin@sha256:2dcf59515b784d6decf484c1d756d5ddf4b65a38e78800a76ef1dab51020e553_amd64",
"8Base-CNV-2.6:container-native-virtualization/vm-import-controller-rhel8@sha256:ad9c84b90577d32229b803f7b8d014f39f517d0961de46de972fce3801fdfdc8_amd64",
"8Base-CNV-2.6:container-native-virtualization/vm-import-controller@sha256:ad9c84b90577d32229b803f7b8d014f39f517d0961de46de972fce3801fdfdc8_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:0799"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-CNV-2.6:container-native-virtualization/kubevirt-cpu-model-nfd-plugin@sha256:efb152ddc837945aad0163f96c9668cbb8271c2b14716b9fef5b798c27efbe48_amd64",
"8Base-CNV-2.6:container-native-virtualization/kubevirt-cpu-node-labeller@sha256:2b78b4854b18e53e388d2d30bf68803e39f8fbc9a0b3713885081af25abfb3f1_amd64",
"8Base-CNV-2.6:container-native-virtualization/kubevirt-kvm-info-nfd-plugin@sha256:2dcf59515b784d6decf484c1d756d5ddf4b65a38e78800a76ef1dab51020e553_amd64",
"8Base-CNV-2.6:container-native-virtualization/vm-import-controller-rhel8@sha256:ad9c84b90577d32229b803f7b8d014f39f517d0961de46de972fce3801fdfdc8_amd64",
"8Base-CNV-2.6:container-native-virtualization/vm-import-controller@sha256:ad9c84b90577d32229b803f7b8d014f39f517d0961de46de972fce3801fdfdc8_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang: crypto/ssh: crafted authentication request can lead to nil pointer dereference"
},
{
"cve": "CVE-2021-3121",
"cwe": {
"id": "CWE-129",
"name": "Improper Validation of Array Index"
},
"discovery_date": "2021-01-28T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1921650"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in github.com/gogo/protobuf before 1.3.2 that allows an out-of-bounds access when unmarshalling certain protobuf objects. This flaw allows a remote attacker to send crafted protobuf messages, causing panic and resulting in a denial of service. The highest threat from this vulnerability is to availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "gogo/protobuf: plugin/unmarshal/unmarshal.go lacks certain index validation",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "OpenShift Container Platform (OCP), OpenShift ServiceMesh (OSSM) and Red Hat OpenShift Jaeger (RHOSJ) all include code generated by github.com/gogo/protobuf to parse protobuf messages. However, no component is known to accept protobuf messages from unauthenticated sources, hence this vulnerability is rated Moderate for OCP, OSSM and RHOSJ.\n\nOpenShift Virtualization includes code generated by github.com/gogo/protobuf to parse protobuf messages. However, no component of OpenShift Virtualization is known to accept protobuf messages from unauthenticated sources, hence this vulnerability is rated Moderate.\n\nRed Hat Advanced Cluster Management for Kubernetes (RHACM) includes code generated by github.com/gogo/protobuf to parse protobuf messages. However, no RHACM component is accepting protobuf messages from unauthenticated sources and are used with a limited scope, hence this vulnerability is rated Moderate for RHACM.\n\nRed Hat Cluster Application Migration (CAM) includes code generated by github.com/gogo/protobuf to parse protobuf messages. However, no CAM component is known to accept protobuf messages from unauthenticated sources, hence this vulnerability is rated Moderate for CAM.\n\nCryostat-2 is affected as it does ship gogo/protobuf library with it\u0027s distribution but the only use for Protobuf would be the Kubernetes/OpenShift API server the operator communicates with and it should be authenticated hence it is affected with Moderate impact.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-CNV-2.6:container-native-virtualization/kubevirt-cpu-model-nfd-plugin@sha256:efb152ddc837945aad0163f96c9668cbb8271c2b14716b9fef5b798c27efbe48_amd64",
"8Base-CNV-2.6:container-native-virtualization/kubevirt-cpu-node-labeller@sha256:2b78b4854b18e53e388d2d30bf68803e39f8fbc9a0b3713885081af25abfb3f1_amd64",
"8Base-CNV-2.6:container-native-virtualization/kubevirt-kvm-info-nfd-plugin@sha256:2dcf59515b784d6decf484c1d756d5ddf4b65a38e78800a76ef1dab51020e553_amd64",
"8Base-CNV-2.6:container-native-virtualization/vm-import-controller-rhel8@sha256:ad9c84b90577d32229b803f7b8d014f39f517d0961de46de972fce3801fdfdc8_amd64",
"8Base-CNV-2.6:container-native-virtualization/vm-import-controller@sha256:ad9c84b90577d32229b803f7b8d014f39f517d0961de46de972fce3801fdfdc8_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-3121"
},
{
"category": "external",
"summary": "RHBZ#1921650",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1921650"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-3121",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3121"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-3121",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-3121"
}
],
"release_date": "2021-01-11T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-CNV-2.6:container-native-virtualization/kubevirt-cpu-model-nfd-plugin@sha256:efb152ddc837945aad0163f96c9668cbb8271c2b14716b9fef5b798c27efbe48_amd64",
"8Base-CNV-2.6:container-native-virtualization/kubevirt-cpu-node-labeller@sha256:2b78b4854b18e53e388d2d30bf68803e39f8fbc9a0b3713885081af25abfb3f1_amd64",
"8Base-CNV-2.6:container-native-virtualization/kubevirt-kvm-info-nfd-plugin@sha256:2dcf59515b784d6decf484c1d756d5ddf4b65a38e78800a76ef1dab51020e553_amd64",
"8Base-CNV-2.6:container-native-virtualization/vm-import-controller-rhel8@sha256:ad9c84b90577d32229b803f7b8d014f39f517d0961de46de972fce3801fdfdc8_amd64",
"8Base-CNV-2.6:container-native-virtualization/vm-import-controller@sha256:ad9c84b90577d32229b803f7b8d014f39f517d0961de46de972fce3801fdfdc8_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:0799"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"8Base-CNV-2.6:container-native-virtualization/kubevirt-cpu-model-nfd-plugin@sha256:efb152ddc837945aad0163f96c9668cbb8271c2b14716b9fef5b798c27efbe48_amd64",
"8Base-CNV-2.6:container-native-virtualization/kubevirt-cpu-node-labeller@sha256:2b78b4854b18e53e388d2d30bf68803e39f8fbc9a0b3713885081af25abfb3f1_amd64",
"8Base-CNV-2.6:container-native-virtualization/kubevirt-kvm-info-nfd-plugin@sha256:2dcf59515b784d6decf484c1d756d5ddf4b65a38e78800a76ef1dab51020e553_amd64",
"8Base-CNV-2.6:container-native-virtualization/vm-import-controller-rhel8@sha256:ad9c84b90577d32229b803f7b8d014f39f517d0961de46de972fce3801fdfdc8_amd64",
"8Base-CNV-2.6:container-native-virtualization/vm-import-controller@sha256:ad9c84b90577d32229b803f7b8d014f39f517d0961de46de972fce3801fdfdc8_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "gogo/protobuf: plugin/unmarshal/unmarshal.go lacks certain index validation"
},
{
"acknowledgments": [
{
"names": [
"Casey Callendrello"
],
"organization": "Red Hat",
"summary": "This issue was discovered by Red Hat."
}
],
"cve": "CVE-2021-20206",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"discovery_date": "2021-01-22T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1919391"
}
],
"notes": [
{
"category": "description",
"text": "An improper limitation of path name flaw was found in containernetworking/cni. When specifying the plugin to load in the `type` field in the network configuration, it is possible to use special elements such as \"../\" separators to reference binaries elsewhere on the system. This flaw allows an attacker to execute other existing binaries other than the cni plugins/types, such as `reboot`. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "containernetworking-cni: Arbitrary path injection via type field in CNI configuration",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "OpenShift ServiceMesh (OSSM) does package a vulnerable version of containernetworking/cni, however, the NetworkDefinitionAttachment is defined in code and cannot be easily changed except through a user who has access to the operator namespace such as cluster-admin. As such, for OSSM, the impact is Low.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-CNV-2.6:container-native-virtualization/kubevirt-cpu-model-nfd-plugin@sha256:efb152ddc837945aad0163f96c9668cbb8271c2b14716b9fef5b798c27efbe48_amd64",
"8Base-CNV-2.6:container-native-virtualization/kubevirt-cpu-node-labeller@sha256:2b78b4854b18e53e388d2d30bf68803e39f8fbc9a0b3713885081af25abfb3f1_amd64",
"8Base-CNV-2.6:container-native-virtualization/kubevirt-kvm-info-nfd-plugin@sha256:2dcf59515b784d6decf484c1d756d5ddf4b65a38e78800a76ef1dab51020e553_amd64",
"8Base-CNV-2.6:container-native-virtualization/vm-import-controller-rhel8@sha256:ad9c84b90577d32229b803f7b8d014f39f517d0961de46de972fce3801fdfdc8_amd64",
"8Base-CNV-2.6:container-native-virtualization/vm-import-controller@sha256:ad9c84b90577d32229b803f7b8d014f39f517d0961de46de972fce3801fdfdc8_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-20206"
},
{
"category": "external",
"summary": "RHBZ#1919391",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1919391"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-20206",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20206"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-20206",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-20206"
}
],
"release_date": "2021-02-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-CNV-2.6:container-native-virtualization/kubevirt-cpu-model-nfd-plugin@sha256:efb152ddc837945aad0163f96c9668cbb8271c2b14716b9fef5b798c27efbe48_amd64",
"8Base-CNV-2.6:container-native-virtualization/kubevirt-cpu-node-labeller@sha256:2b78b4854b18e53e388d2d30bf68803e39f8fbc9a0b3713885081af25abfb3f1_amd64",
"8Base-CNV-2.6:container-native-virtualization/kubevirt-kvm-info-nfd-plugin@sha256:2dcf59515b784d6decf484c1d756d5ddf4b65a38e78800a76ef1dab51020e553_amd64",
"8Base-CNV-2.6:container-native-virtualization/vm-import-controller-rhel8@sha256:ad9c84b90577d32229b803f7b8d014f39f517d0961de46de972fce3801fdfdc8_amd64",
"8Base-CNV-2.6:container-native-virtualization/vm-import-controller@sha256:ad9c84b90577d32229b803f7b8d014f39f517d0961de46de972fce3801fdfdc8_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:0799"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-CNV-2.6:container-native-virtualization/kubevirt-cpu-model-nfd-plugin@sha256:efb152ddc837945aad0163f96c9668cbb8271c2b14716b9fef5b798c27efbe48_amd64",
"8Base-CNV-2.6:container-native-virtualization/kubevirt-cpu-node-labeller@sha256:2b78b4854b18e53e388d2d30bf68803e39f8fbc9a0b3713885081af25abfb3f1_amd64",
"8Base-CNV-2.6:container-native-virtualization/kubevirt-kvm-info-nfd-plugin@sha256:2dcf59515b784d6decf484c1d756d5ddf4b65a38e78800a76ef1dab51020e553_amd64",
"8Base-CNV-2.6:container-native-virtualization/vm-import-controller-rhel8@sha256:ad9c84b90577d32229b803f7b8d014f39f517d0961de46de972fce3801fdfdc8_amd64",
"8Base-CNV-2.6:container-native-virtualization/vm-import-controller@sha256:ad9c84b90577d32229b803f7b8d014f39f517d0961de46de972fce3801fdfdc8_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "containernetworking-cni: Arbitrary path injection via type field in CNI configuration"
}
]
}
rhsa-2021_0833
Vulnerability from csaf_redhat
Published
2021-03-25 09:52
Modified
2024-09-14 00:42
Summary
Red Hat Security Advisory: OpenShift Container Platform 3.11.404 security and bug fix update
Notes
Topic
Red Hat OpenShift Container Platform release 3.11.404 is now available with
updates to packages and images that fix several bugs and add enhancements.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat OpenShift Container Platform is Red Hat's cloud computing
Kubernetes application platform solution designed for on-premise or private
cloud deployments.
This advisory contains the RPM packages for Red Hat OpenShift Container
Platform 3.11.404. See the following advisory for the container images for
this release:
https://access.redhat.com/errata/RHBA-2021:0832
This release fixes the following bugs:
* Previously, node upgrade playbooks scoped all nodes instead of just the nodes that are filtered by the `openshift_upgrade_nodes_label`. As a result, nodes that were not intended to be upgraded had yum excluders disabled but not reenabled. With this release, the initialization of the variable for filtering nodes to upgrade is moved to earlier in the play, and preconfiguration is scoped to the filtered list of nodes. As a result, only the nodes that are intended for upgrade have yum excluders disabled. (BZ#1917013)
* Previously, node-based facts, such as `l_kubelet_node_name`, were set late in the upgrade cycle, causing the fact to be undefined when referenced. With this release, node-based fact initialization happens earlier in the upgrade cycle so that facts are set prior to being referenced. (BZ#1933090)
* Previously, a bug fix in Ansible 2.9.10 changed the behavior of `delegate_to` for plays using `connection: local` with `hosts: localhost`. This change caused tasks that are intended for remote hosts to be executed locally. With this release, `connection: local` is removed for the affected play, and tasks intended for remote hosts are executed on the remote host. (BZ#1934136)
Security Fix(es):
* golang-github-gorilla-websocket: integer overflow leads to denial of service (CVE-2020-27813)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_vex",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Red Hat OpenShift Container Platform release 3.11.404 is now available with\nupdates to packages and images that fix several bugs and add enhancements.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat OpenShift Container Platform is Red Hat\u0027s cloud computing\nKubernetes application platform solution designed for on-premise or private\ncloud deployments.\n\nThis advisory contains the RPM packages for Red Hat OpenShift Container\nPlatform 3.11.404. See the following advisory for the container images for\nthis release:\n\nhttps://access.redhat.com/errata/RHBA-2021:0832\n\nThis release fixes the following bugs:\n\n* Previously, node upgrade playbooks scoped all nodes instead of just the nodes that are filtered by the `openshift_upgrade_nodes_label`. As a result, nodes that were not intended to be upgraded had yum excluders disabled but not reenabled. With this release, the initialization of the variable for filtering nodes to upgrade is moved to earlier in the play, and preconfiguration is scoped to the filtered list of nodes. As a result, only the nodes that are intended for upgrade have yum excluders disabled. (BZ#1917013)\n\n* Previously, node-based facts, such as `l_kubelet_node_name`, were set late in the upgrade cycle, causing the fact to be undefined when referenced. With this release, node-based fact initialization happens earlier in the upgrade cycle so that facts are set prior to being referenced. (BZ#1933090)\n\n* Previously, a bug fix in Ansible 2.9.10 changed the behavior of `delegate_to` for plays using `connection: local` with `hosts: localhost`. This change caused tasks that are intended for remote hosts to be executed locally. With this release, `connection: local` is removed for the affected play, and tasks intended for remote hosts are executed on the remote host. (BZ#1934136)\n\nSecurity Fix(es):\n\n* golang-github-gorilla-websocket: integer overflow leads to denial of service (CVE-2020-27813)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat offerings.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2021:0833",
"url": "https://access.redhat.com/errata/RHSA-2021:0833"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "1902111",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1902111"
},
{
"category": "external",
"summary": "1917013",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1917013"
},
{
"category": "external",
"summary": "1933090",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1933090"
},
{
"category": "external",
"summary": "1934136",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1934136"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/data/csaf/v2/advisories/2021/rhsa-2021_0833.json"
}
],
"title": "Red Hat Security Advisory: OpenShift Container Platform 3.11.404 security and bug fix update",
"tracking": {
"current_release_date": "2024-09-14T00:42:22+00:00",
"generator": {
"date": "2024-09-14T00:42:22+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "3.33.3"
}
},
"id": "RHSA-2021:0833",
"initial_release_date": "2021-03-25T09:52:18+00:00",
"revision_history": [
{
"date": "2021-03-25T09:52:18+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2021-03-25T09:52:18+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-09-14T00:42:22+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat OpenShift Container Platform 3.11",
"product": {
"name": "Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift:3.11::el7"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenShift Enterprise"
},
{
"branches": [
{
"category": "product_version",
"name": "atomic-openshift-metrics-server-0:3.11.404-1.git.53.b9081b6.el7.src",
"product": {
"name": "atomic-openshift-metrics-server-0:3.11.404-1.git.53.b9081b6.el7.src",
"product_id": "atomic-openshift-metrics-server-0:3.11.404-1.git.53.b9081b6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/atomic-openshift-metrics-server@3.11.404-1.git.53.b9081b6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "atomic-enterprise-service-catalog-1:3.11.404-1.git.1675.3094ee9.el7.src",
"product": {
"name": "atomic-enterprise-service-catalog-1:3.11.404-1.git.1675.3094ee9.el7.src",
"product_id": "atomic-enterprise-service-catalog-1:3.11.404-1.git.1675.3094ee9.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/atomic-enterprise-service-catalog@3.11.404-1.git.1675.3094ee9.el7?arch=src\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "atomic-openshift-descheduler-0:3.11.404-1.git.299.2bfbb2f.el7.src",
"product": {
"name": "atomic-openshift-descheduler-0:3.11.404-1.git.299.2bfbb2f.el7.src",
"product_id": "atomic-openshift-descheduler-0:3.11.404-1.git.299.2bfbb2f.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/atomic-openshift-descheduler@3.11.404-1.git.299.2bfbb2f.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "atomic-openshift-service-idler-0:3.11.404-1.git.15.6c64591.el7.src",
"product": {
"name": "atomic-openshift-service-idler-0:3.11.404-1.git.15.6c64591.el7.src",
"product_id": "atomic-openshift-service-idler-0:3.11.404-1.git.15.6c64591.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/atomic-openshift-service-idler@3.11.404-1.git.15.6c64591.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "openshift-enterprise-autoheal-0:3.11.404-1.git.218.c348621.el7.src",
"product": {
"name": "openshift-enterprise-autoheal-0:3.11.404-1.git.218.c348621.el7.src",
"product_id": "openshift-enterprise-autoheal-0:3.11.404-1.git.218.c348621.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-enterprise-autoheal@3.11.404-1.git.218.c348621.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "atomic-openshift-dockerregistry-0:3.11.404-1.git.481.5000e2c.el7.src",
"product": {
"name": "atomic-openshift-dockerregistry-0:3.11.404-1.git.481.5000e2c.el7.src",
"product_id": "atomic-openshift-dockerregistry-0:3.11.404-1.git.481.5000e2c.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/atomic-openshift-dockerregistry@3.11.404-1.git.481.5000e2c.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "atomic-openshift-cluster-autoscaler-0:3.11.404-1.git.0.2c258fe.el7.src",
"product": {
"name": "atomic-openshift-cluster-autoscaler-0:3.11.404-1.git.0.2c258fe.el7.src",
"product_id": "atomic-openshift-cluster-autoscaler-0:3.11.404-1.git.0.2c258fe.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/atomic-openshift-cluster-autoscaler@3.11.404-1.git.0.2c258fe.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "golang-github-prometheus-node_exporter-0:3.11.404-1.git.1062.611825d.el7.src",
"product": {
"name": "golang-github-prometheus-node_exporter-0:3.11.404-1.git.1062.611825d.el7.src",
"product_id": "golang-github-prometheus-node_exporter-0:3.11.404-1.git.1062.611825d.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-github-prometheus-node_exporter@3.11.404-1.git.1062.611825d.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "golang-github-openshift-oauth-proxy-0:3.11.404-1.git.439.06870e9.el7.src",
"product": {
"name": "golang-github-openshift-oauth-proxy-0:3.11.404-1.git.439.06870e9.el7.src",
"product_id": "golang-github-openshift-oauth-proxy-0:3.11.404-1.git.439.06870e9.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-github-openshift-oauth-proxy@3.11.404-1.git.439.06870e9.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "openshift-enterprise-cluster-capacity-0:3.11.404-1.git.379.e6e2a1d.el7.src",
"product": {
"name": "openshift-enterprise-cluster-capacity-0:3.11.404-1.git.379.e6e2a1d.el7.src",
"product_id": "openshift-enterprise-cluster-capacity-0:3.11.404-1.git.379.e6e2a1d.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-enterprise-cluster-capacity@3.11.404-1.git.379.e6e2a1d.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "golang-github-prometheus-prometheus-0:3.11.404-1.git.5026.5f1d705.el7.src",
"product": {
"name": "golang-github-prometheus-prometheus-0:3.11.404-1.git.5026.5f1d705.el7.src",
"product_id": "golang-github-prometheus-prometheus-0:3.11.404-1.git.5026.5f1d705.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-github-prometheus-prometheus@3.11.404-1.git.5026.5f1d705.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "golang-github-prometheus-alertmanager-0:3.11.404-1.git.0.2817295.el7.src",
"product": {
"name": "golang-github-prometheus-alertmanager-0:3.11.404-1.git.0.2817295.el7.src",
"product_id": "golang-github-prometheus-alertmanager-0:3.11.404-1.git.0.2817295.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-github-prometheus-alertmanager@3.11.404-1.git.0.2817295.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "atomic-openshift-web-console-0:3.11.404-1.git.677.0e37db7.el7.src",
"product": {
"name": "atomic-openshift-web-console-0:3.11.404-1.git.677.0e37db7.el7.src",
"product_id": "atomic-openshift-web-console-0:3.11.404-1.git.677.0e37db7.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/atomic-openshift-web-console@3.11.404-1.git.677.0e37db7.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "openshift-kuryr-0:3.11.404-1.git.1494.91fb403.el7.src",
"product": {
"name": "openshift-kuryr-0:3.11.404-1.git.1494.91fb403.el7.src",
"product_id": "openshift-kuryr-0:3.11.404-1.git.1494.91fb403.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-kuryr@3.11.404-1.git.1494.91fb403.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "atomic-openshift-0:3.11.404-1.git.0.dd58619.el7.src",
"product": {
"name": "atomic-openshift-0:3.11.404-1.git.0.dd58619.el7.src",
"product_id": "atomic-openshift-0:3.11.404-1.git.0.dd58619.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/atomic-openshift@3.11.404-1.git.0.dd58619.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "openshift-ansible-0:3.11.404-1.git.0.d161108.el7.src",
"product": {
"name": "openshift-ansible-0:3.11.404-1.git.0.d161108.el7.src",
"product_id": "openshift-ansible-0:3.11.404-1.git.0.d161108.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-ansible@3.11.404-1.git.0.d161108.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "atomic-openshift-node-problem-detector-0:3.11.400-1.git.263.930aa57.el7.src",
"product": {
"name": "atomic-openshift-node-problem-detector-0:3.11.400-1.git.263.930aa57.el7.src",
"product_id": "atomic-openshift-node-problem-detector-0:3.11.400-1.git.263.930aa57.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/atomic-openshift-node-problem-detector@3.11.400-1.git.263.930aa57.el7?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "atomic-openshift-metrics-server-0:3.11.404-1.git.53.b9081b6.el7.x86_64",
"product": {
"name": "atomic-openshift-metrics-server-0:3.11.404-1.git.53.b9081b6.el7.x86_64",
"product_id": "atomic-openshift-metrics-server-0:3.11.404-1.git.53.b9081b6.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/atomic-openshift-metrics-server@3.11.404-1.git.53.b9081b6.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "atomic-enterprise-service-catalog-1:3.11.404-1.git.1675.3094ee9.el7.x86_64",
"product": {
"name": "atomic-enterprise-service-catalog-1:3.11.404-1.git.1675.3094ee9.el7.x86_64",
"product_id": "atomic-enterprise-service-catalog-1:3.11.404-1.git.1675.3094ee9.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/atomic-enterprise-service-catalog@3.11.404-1.git.1675.3094ee9.el7?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "atomic-enterprise-service-catalog-svcat-1:3.11.404-1.git.1675.3094ee9.el7.x86_64",
"product": {
"name": "atomic-enterprise-service-catalog-svcat-1:3.11.404-1.git.1675.3094ee9.el7.x86_64",
"product_id": "atomic-enterprise-service-catalog-svcat-1:3.11.404-1.git.1675.3094ee9.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/atomic-enterprise-service-catalog-svcat@3.11.404-1.git.1675.3094ee9.el7?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "atomic-openshift-descheduler-0:3.11.404-1.git.299.2bfbb2f.el7.x86_64",
"product": {
"name": "atomic-openshift-descheduler-0:3.11.404-1.git.299.2bfbb2f.el7.x86_64",
"product_id": "atomic-openshift-descheduler-0:3.11.404-1.git.299.2bfbb2f.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/atomic-openshift-descheduler@3.11.404-1.git.299.2bfbb2f.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "atomic-openshift-service-idler-0:3.11.404-1.git.15.6c64591.el7.x86_64",
"product": {
"name": "atomic-openshift-service-idler-0:3.11.404-1.git.15.6c64591.el7.x86_64",
"product_id": "atomic-openshift-service-idler-0:3.11.404-1.git.15.6c64591.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/atomic-openshift-service-idler@3.11.404-1.git.15.6c64591.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "openshift-enterprise-autoheal-0:3.11.404-1.git.218.c348621.el7.x86_64",
"product": {
"name": "openshift-enterprise-autoheal-0:3.11.404-1.git.218.c348621.el7.x86_64",
"product_id": "openshift-enterprise-autoheal-0:3.11.404-1.git.218.c348621.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-enterprise-autoheal@3.11.404-1.git.218.c348621.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "atomic-openshift-dockerregistry-0:3.11.404-1.git.481.5000e2c.el7.x86_64",
"product": {
"name": "atomic-openshift-dockerregistry-0:3.11.404-1.git.481.5000e2c.el7.x86_64",
"product_id": "atomic-openshift-dockerregistry-0:3.11.404-1.git.481.5000e2c.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/atomic-openshift-dockerregistry@3.11.404-1.git.481.5000e2c.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "atomic-openshift-cluster-autoscaler-0:3.11.404-1.git.0.2c258fe.el7.x86_64",
"product": {
"name": "atomic-openshift-cluster-autoscaler-0:3.11.404-1.git.0.2c258fe.el7.x86_64",
"product_id": "atomic-openshift-cluster-autoscaler-0:3.11.404-1.git.0.2c258fe.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/atomic-openshift-cluster-autoscaler@3.11.404-1.git.0.2c258fe.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "prometheus-node-exporter-0:3.11.404-1.git.1062.611825d.el7.x86_64",
"product": {
"name": "prometheus-node-exporter-0:3.11.404-1.git.1062.611825d.el7.x86_64",
"product_id": "prometheus-node-exporter-0:3.11.404-1.git.1062.611825d.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/prometheus-node-exporter@3.11.404-1.git.1062.611825d.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "golang-github-openshift-oauth-proxy-0:3.11.404-1.git.439.06870e9.el7.x86_64",
"product": {
"name": "golang-github-openshift-oauth-proxy-0:3.11.404-1.git.439.06870e9.el7.x86_64",
"product_id": "golang-github-openshift-oauth-proxy-0:3.11.404-1.git.439.06870e9.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-github-openshift-oauth-proxy@3.11.404-1.git.439.06870e9.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "openshift-enterprise-cluster-capacity-0:3.11.404-1.git.379.e6e2a1d.el7.x86_64",
"product": {
"name": "openshift-enterprise-cluster-capacity-0:3.11.404-1.git.379.e6e2a1d.el7.x86_64",
"product_id": "openshift-enterprise-cluster-capacity-0:3.11.404-1.git.379.e6e2a1d.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-enterprise-cluster-capacity@3.11.404-1.git.379.e6e2a1d.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "prometheus-0:3.11.404-1.git.5026.5f1d705.el7.x86_64",
"product": {
"name": "prometheus-0:3.11.404-1.git.5026.5f1d705.el7.x86_64",
"product_id": "prometheus-0:3.11.404-1.git.5026.5f1d705.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/prometheus@3.11.404-1.git.5026.5f1d705.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "prometheus-alertmanager-0:3.11.404-1.git.0.2817295.el7.x86_64",
"product": {
"name": "prometheus-alertmanager-0:3.11.404-1.git.0.2817295.el7.x86_64",
"product_id": "prometheus-alertmanager-0:3.11.404-1.git.0.2817295.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/prometheus-alertmanager@3.11.404-1.git.0.2817295.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "atomic-openshift-web-console-0:3.11.404-1.git.677.0e37db7.el7.x86_64",
"product": {
"name": "atomic-openshift-web-console-0:3.11.404-1.git.677.0e37db7.el7.x86_64",
"product_id": "atomic-openshift-web-console-0:3.11.404-1.git.677.0e37db7.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/atomic-openshift-web-console@3.11.404-1.git.677.0e37db7.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "atomic-openshift-0:3.11.404-1.git.0.dd58619.el7.x86_64",
"product": {
"name": "atomic-openshift-0:3.11.404-1.git.0.dd58619.el7.x86_64",
"product_id": "atomic-openshift-0:3.11.404-1.git.0.dd58619.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/atomic-openshift@3.11.404-1.git.0.dd58619.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "atomic-openshift-clients-0:3.11.404-1.git.0.dd58619.el7.x86_64",
"product": {
"name": "atomic-openshift-clients-0:3.11.404-1.git.0.dd58619.el7.x86_64",
"product_id": "atomic-openshift-clients-0:3.11.404-1.git.0.dd58619.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/atomic-openshift-clients@3.11.404-1.git.0.dd58619.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "atomic-openshift-clients-redistributable-0:3.11.404-1.git.0.dd58619.el7.x86_64",
"product": {
"name": "atomic-openshift-clients-redistributable-0:3.11.404-1.git.0.dd58619.el7.x86_64",
"product_id": "atomic-openshift-clients-redistributable-0:3.11.404-1.git.0.dd58619.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/atomic-openshift-clients-redistributable@3.11.404-1.git.0.dd58619.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "atomic-openshift-hyperkube-0:3.11.404-1.git.0.dd58619.el7.x86_64",
"product": {
"name": "atomic-openshift-hyperkube-0:3.11.404-1.git.0.dd58619.el7.x86_64",
"product_id": "atomic-openshift-hyperkube-0:3.11.404-1.git.0.dd58619.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/atomic-openshift-hyperkube@3.11.404-1.git.0.dd58619.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "atomic-openshift-hypershift-0:3.11.404-1.git.0.dd58619.el7.x86_64",
"product": {
"name": "atomic-openshift-hypershift-0:3.11.404-1.git.0.dd58619.el7.x86_64",
"product_id": "atomic-openshift-hypershift-0:3.11.404-1.git.0.dd58619.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/atomic-openshift-hypershift@3.11.404-1.git.0.dd58619.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "atomic-openshift-master-0:3.11.404-1.git.0.dd58619.el7.x86_64",
"product": {
"name": "atomic-openshift-master-0:3.11.404-1.git.0.dd58619.el7.x86_64",
"product_id": "atomic-openshift-master-0:3.11.404-1.git.0.dd58619.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/atomic-openshift-master@3.11.404-1.git.0.dd58619.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "atomic-openshift-node-0:3.11.404-1.git.0.dd58619.el7.x86_64",
"product": {
"name": "atomic-openshift-node-0:3.11.404-1.git.0.dd58619.el7.x86_64",
"product_id": "atomic-openshift-node-0:3.11.404-1.git.0.dd58619.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/atomic-openshift-node@3.11.404-1.git.0.dd58619.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "atomic-openshift-pod-0:3.11.404-1.git.0.dd58619.el7.x86_64",
"product": {
"name": "atomic-openshift-pod-0:3.11.404-1.git.0.dd58619.el7.x86_64",
"product_id": "atomic-openshift-pod-0:3.11.404-1.git.0.dd58619.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/atomic-openshift-pod@3.11.404-1.git.0.dd58619.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "atomic-openshift-sdn-ovs-0:3.11.404-1.git.0.dd58619.el7.x86_64",
"product": {
"name": "atomic-openshift-sdn-ovs-0:3.11.404-1.git.0.dd58619.el7.x86_64",
"product_id": "atomic-openshift-sdn-ovs-0:3.11.404-1.git.0.dd58619.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/atomic-openshift-sdn-ovs@3.11.404-1.git.0.dd58619.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "atomic-openshift-template-service-broker-0:3.11.404-1.git.0.dd58619.el7.x86_64",
"product": {
"name": "atomic-openshift-template-service-broker-0:3.11.404-1.git.0.dd58619.el7.x86_64",
"product_id": "atomic-openshift-template-service-broker-0:3.11.404-1.git.0.dd58619.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/atomic-openshift-template-service-broker@3.11.404-1.git.0.dd58619.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "atomic-openshift-tests-0:3.11.404-1.git.0.dd58619.el7.x86_64",
"product": {
"name": "atomic-openshift-tests-0:3.11.404-1.git.0.dd58619.el7.x86_64",
"product_id": "atomic-openshift-tests-0:3.11.404-1.git.0.dd58619.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/atomic-openshift-tests@3.11.404-1.git.0.dd58619.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "atomic-openshift-node-problem-detector-0:3.11.400-1.git.263.930aa57.el7.x86_64",
"product": {
"name": "atomic-openshift-node-problem-detector-0:3.11.400-1.git.263.930aa57.el7.x86_64",
"product_id": "atomic-openshift-node-problem-detector-0:3.11.400-1.git.263.930aa57.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/atomic-openshift-node-problem-detector@3.11.400-1.git.263.930aa57.el7?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "atomic-openshift-metrics-server-0:3.11.404-1.git.53.b9081b6.el7.ppc64le",
"product": {
"name": "atomic-openshift-metrics-server-0:3.11.404-1.git.53.b9081b6.el7.ppc64le",
"product_id": "atomic-openshift-metrics-server-0:3.11.404-1.git.53.b9081b6.el7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/atomic-openshift-metrics-server@3.11.404-1.git.53.b9081b6.el7?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "atomic-enterprise-service-catalog-1:3.11.404-1.git.1675.3094ee9.el7.ppc64le",
"product": {
"name": "atomic-enterprise-service-catalog-1:3.11.404-1.git.1675.3094ee9.el7.ppc64le",
"product_id": "atomic-enterprise-service-catalog-1:3.11.404-1.git.1675.3094ee9.el7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/atomic-enterprise-service-catalog@3.11.404-1.git.1675.3094ee9.el7?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "atomic-enterprise-service-catalog-svcat-1:3.11.404-1.git.1675.3094ee9.el7.ppc64le",
"product": {
"name": "atomic-enterprise-service-catalog-svcat-1:3.11.404-1.git.1675.3094ee9.el7.ppc64le",
"product_id": "atomic-enterprise-service-catalog-svcat-1:3.11.404-1.git.1675.3094ee9.el7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/atomic-enterprise-service-catalog-svcat@3.11.404-1.git.1675.3094ee9.el7?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "atomic-openshift-descheduler-0:3.11.404-1.git.299.2bfbb2f.el7.ppc64le",
"product": {
"name": "atomic-openshift-descheduler-0:3.11.404-1.git.299.2bfbb2f.el7.ppc64le",
"product_id": "atomic-openshift-descheduler-0:3.11.404-1.git.299.2bfbb2f.el7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/atomic-openshift-descheduler@3.11.404-1.git.299.2bfbb2f.el7?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "atomic-openshift-service-idler-0:3.11.404-1.git.15.6c64591.el7.ppc64le",
"product": {
"name": "atomic-openshift-service-idler-0:3.11.404-1.git.15.6c64591.el7.ppc64le",
"product_id": "atomic-openshift-service-idler-0:3.11.404-1.git.15.6c64591.el7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/atomic-openshift-service-idler@3.11.404-1.git.15.6c64591.el7?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "openshift-enterprise-autoheal-0:3.11.404-1.git.218.c348621.el7.ppc64le",
"product": {
"name": "openshift-enterprise-autoheal-0:3.11.404-1.git.218.c348621.el7.ppc64le",
"product_id": "openshift-enterprise-autoheal-0:3.11.404-1.git.218.c348621.el7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-enterprise-autoheal@3.11.404-1.git.218.c348621.el7?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "atomic-openshift-cluster-autoscaler-0:3.11.404-1.git.0.2c258fe.el7.ppc64le",
"product": {
"name": "atomic-openshift-cluster-autoscaler-0:3.11.404-1.git.0.2c258fe.el7.ppc64le",
"product_id": "atomic-openshift-cluster-autoscaler-0:3.11.404-1.git.0.2c258fe.el7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/atomic-openshift-cluster-autoscaler@3.11.404-1.git.0.2c258fe.el7?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "prometheus-node-exporter-0:3.11.404-1.git.1062.611825d.el7.ppc64le",
"product": {
"name": "prometheus-node-exporter-0:3.11.404-1.git.1062.611825d.el7.ppc64le",
"product_id": "prometheus-node-exporter-0:3.11.404-1.git.1062.611825d.el7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/prometheus-node-exporter@3.11.404-1.git.1062.611825d.el7?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "golang-github-openshift-oauth-proxy-0:3.11.404-1.git.439.06870e9.el7.ppc64le",
"product": {
"name": "golang-github-openshift-oauth-proxy-0:3.11.404-1.git.439.06870e9.el7.ppc64le",
"product_id": "golang-github-openshift-oauth-proxy-0:3.11.404-1.git.439.06870e9.el7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-github-openshift-oauth-proxy@3.11.404-1.git.439.06870e9.el7?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "openshift-enterprise-cluster-capacity-0:3.11.404-1.git.379.e6e2a1d.el7.ppc64le",
"product": {
"name": "openshift-enterprise-cluster-capacity-0:3.11.404-1.git.379.e6e2a1d.el7.ppc64le",
"product_id": "openshift-enterprise-cluster-capacity-0:3.11.404-1.git.379.e6e2a1d.el7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-enterprise-cluster-capacity@3.11.404-1.git.379.e6e2a1d.el7?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "prometheus-0:3.11.404-1.git.5026.5f1d705.el7.ppc64le",
"product": {
"name": "prometheus-0:3.11.404-1.git.5026.5f1d705.el7.ppc64le",
"product_id": "prometheus-0:3.11.404-1.git.5026.5f1d705.el7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/prometheus@3.11.404-1.git.5026.5f1d705.el7?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "prometheus-alertmanager-0:3.11.404-1.git.0.2817295.el7.ppc64le",
"product": {
"name": "prometheus-alertmanager-0:3.11.404-1.git.0.2817295.el7.ppc64le",
"product_id": "prometheus-alertmanager-0:3.11.404-1.git.0.2817295.el7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/prometheus-alertmanager@3.11.404-1.git.0.2817295.el7?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "atomic-openshift-web-console-0:3.11.404-1.git.677.0e37db7.el7.ppc64le",
"product": {
"name": "atomic-openshift-web-console-0:3.11.404-1.git.677.0e37db7.el7.ppc64le",
"product_id": "atomic-openshift-web-console-0:3.11.404-1.git.677.0e37db7.el7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/atomic-openshift-web-console@3.11.404-1.git.677.0e37db7.el7?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "atomic-openshift-0:3.11.404-1.git.0.dd58619.el7.ppc64le",
"product": {
"name": "atomic-openshift-0:3.11.404-1.git.0.dd58619.el7.ppc64le",
"product_id": "atomic-openshift-0:3.11.404-1.git.0.dd58619.el7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/atomic-openshift@3.11.404-1.git.0.dd58619.el7?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "atomic-openshift-clients-0:3.11.404-1.git.0.dd58619.el7.ppc64le",
"product": {
"name": "atomic-openshift-clients-0:3.11.404-1.git.0.dd58619.el7.ppc64le",
"product_id": "atomic-openshift-clients-0:3.11.404-1.git.0.dd58619.el7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/atomic-openshift-clients@3.11.404-1.git.0.dd58619.el7?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "atomic-openshift-hyperkube-0:3.11.404-1.git.0.dd58619.el7.ppc64le",
"product": {
"name": "atomic-openshift-hyperkube-0:3.11.404-1.git.0.dd58619.el7.ppc64le",
"product_id": "atomic-openshift-hyperkube-0:3.11.404-1.git.0.dd58619.el7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/atomic-openshift-hyperkube@3.11.404-1.git.0.dd58619.el7?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "atomic-openshift-hypershift-0:3.11.404-1.git.0.dd58619.el7.ppc64le",
"product": {
"name": "atomic-openshift-hypershift-0:3.11.404-1.git.0.dd58619.el7.ppc64le",
"product_id": "atomic-openshift-hypershift-0:3.11.404-1.git.0.dd58619.el7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/atomic-openshift-hypershift@3.11.404-1.git.0.dd58619.el7?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "atomic-openshift-master-0:3.11.404-1.git.0.dd58619.el7.ppc64le",
"product": {
"name": "atomic-openshift-master-0:3.11.404-1.git.0.dd58619.el7.ppc64le",
"product_id": "atomic-openshift-master-0:3.11.404-1.git.0.dd58619.el7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/atomic-openshift-master@3.11.404-1.git.0.dd58619.el7?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "atomic-openshift-node-0:3.11.404-1.git.0.dd58619.el7.ppc64le",
"product": {
"name": "atomic-openshift-node-0:3.11.404-1.git.0.dd58619.el7.ppc64le",
"product_id": "atomic-openshift-node-0:3.11.404-1.git.0.dd58619.el7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/atomic-openshift-node@3.11.404-1.git.0.dd58619.el7?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "atomic-openshift-pod-0:3.11.404-1.git.0.dd58619.el7.ppc64le",
"product": {
"name": "atomic-openshift-pod-0:3.11.404-1.git.0.dd58619.el7.ppc64le",
"product_id": "atomic-openshift-pod-0:3.11.404-1.git.0.dd58619.el7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/atomic-openshift-pod@3.11.404-1.git.0.dd58619.el7?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "atomic-openshift-sdn-ovs-0:3.11.404-1.git.0.dd58619.el7.ppc64le",
"product": {
"name": "atomic-openshift-sdn-ovs-0:3.11.404-1.git.0.dd58619.el7.ppc64le",
"product_id": "atomic-openshift-sdn-ovs-0:3.11.404-1.git.0.dd58619.el7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/atomic-openshift-sdn-ovs@3.11.404-1.git.0.dd58619.el7?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "atomic-openshift-template-service-broker-0:3.11.404-1.git.0.dd58619.el7.ppc64le",
"product": {
"name": "atomic-openshift-template-service-broker-0:3.11.404-1.git.0.dd58619.el7.ppc64le",
"product_id": "atomic-openshift-template-service-broker-0:3.11.404-1.git.0.dd58619.el7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/atomic-openshift-template-service-broker@3.11.404-1.git.0.dd58619.el7?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "atomic-openshift-tests-0:3.11.404-1.git.0.dd58619.el7.ppc64le",
"product": {
"name": "atomic-openshift-tests-0:3.11.404-1.git.0.dd58619.el7.ppc64le",
"product_id": "atomic-openshift-tests-0:3.11.404-1.git.0.dd58619.el7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/atomic-openshift-tests@3.11.404-1.git.0.dd58619.el7?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "atomic-openshift-node-problem-detector-0:3.11.400-1.git.263.930aa57.el7.ppc64le",
"product": {
"name": "atomic-openshift-node-problem-detector-0:3.11.400-1.git.263.930aa57.el7.ppc64le",
"product_id": "atomic-openshift-node-problem-detector-0:3.11.400-1.git.263.930aa57.el7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/atomic-openshift-node-problem-detector@3.11.400-1.git.263.930aa57.el7?arch=ppc64le"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-kuryr-cni-0:3.11.404-1.git.1494.91fb403.el7.noarch",
"product": {
"name": "openshift-kuryr-cni-0:3.11.404-1.git.1494.91fb403.el7.noarch",
"product_id": "openshift-kuryr-cni-0:3.11.404-1.git.1494.91fb403.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-kuryr-cni@3.11.404-1.git.1494.91fb403.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "openshift-kuryr-common-0:3.11.404-1.git.1494.91fb403.el7.noarch",
"product": {
"name": "openshift-kuryr-common-0:3.11.404-1.git.1494.91fb403.el7.noarch",
"product_id": "openshift-kuryr-common-0:3.11.404-1.git.1494.91fb403.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-kuryr-common@3.11.404-1.git.1494.91fb403.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "openshift-kuryr-controller-0:3.11.404-1.git.1494.91fb403.el7.noarch",
"product": {
"name": "openshift-kuryr-controller-0:3.11.404-1.git.1494.91fb403.el7.noarch",
"product_id": "openshift-kuryr-controller-0:3.11.404-1.git.1494.91fb403.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-kuryr-controller@3.11.404-1.git.1494.91fb403.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "python2-kuryr-kubernetes-0:3.11.404-1.git.1494.91fb403.el7.noarch",
"product": {
"name": "python2-kuryr-kubernetes-0:3.11.404-1.git.1494.91fb403.el7.noarch",
"product_id": "python2-kuryr-kubernetes-0:3.11.404-1.git.1494.91fb403.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python2-kuryr-kubernetes@3.11.404-1.git.1494.91fb403.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "atomic-openshift-docker-excluder-0:3.11.404-1.git.0.dd58619.el7.noarch",
"product": {
"name": "atomic-openshift-docker-excluder-0:3.11.404-1.git.0.dd58619.el7.noarch",
"product_id": "atomic-openshift-docker-excluder-0:3.11.404-1.git.0.dd58619.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/atomic-openshift-docker-excluder@3.11.404-1.git.0.dd58619.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "atomic-openshift-excluder-0:3.11.404-1.git.0.dd58619.el7.noarch",
"product": {
"name": "atomic-openshift-excluder-0:3.11.404-1.git.0.dd58619.el7.noarch",
"product_id": "atomic-openshift-excluder-0:3.11.404-1.git.0.dd58619.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/atomic-openshift-excluder@3.11.404-1.git.0.dd58619.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "openshift-ansible-0:3.11.404-1.git.0.d161108.el7.noarch",
"product": {
"name": "openshift-ansible-0:3.11.404-1.git.0.d161108.el7.noarch",
"product_id": "openshift-ansible-0:3.11.404-1.git.0.d161108.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-ansible@3.11.404-1.git.0.d161108.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "openshift-ansible-docs-0:3.11.404-1.git.0.d161108.el7.noarch",
"product": {
"name": "openshift-ansible-docs-0:3.11.404-1.git.0.d161108.el7.noarch",
"product_id": "openshift-ansible-docs-0:3.11.404-1.git.0.d161108.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-ansible-docs@3.11.404-1.git.0.d161108.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "openshift-ansible-playbooks-0:3.11.404-1.git.0.d161108.el7.noarch",
"product": {
"name": "openshift-ansible-playbooks-0:3.11.404-1.git.0.d161108.el7.noarch",
"product_id": "openshift-ansible-playbooks-0:3.11.404-1.git.0.d161108.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-ansible-playbooks@3.11.404-1.git.0.d161108.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "openshift-ansible-roles-0:3.11.404-1.git.0.d161108.el7.noarch",
"product": {
"name": "openshift-ansible-roles-0:3.11.404-1.git.0.d161108.el7.noarch",
"product_id": "openshift-ansible-roles-0:3.11.404-1.git.0.d161108.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-ansible-roles@3.11.404-1.git.0.d161108.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "openshift-ansible-test-0:3.11.404-1.git.0.d161108.el7.noarch",
"product": {
"name": "openshift-ansible-test-0:3.11.404-1.git.0.d161108.el7.noarch",
"product_id": "openshift-ansible-test-0:3.11.404-1.git.0.d161108.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-ansible-test@3.11.404-1.git.0.d161108.el7?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "atomic-enterprise-service-catalog-1:3.11.404-1.git.1675.3094ee9.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.404-1.git.1675.3094ee9.el7.ppc64le"
},
"product_reference": "atomic-enterprise-service-catalog-1:3.11.404-1.git.1675.3094ee9.el7.ppc64le",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "atomic-enterprise-service-catalog-1:3.11.404-1.git.1675.3094ee9.el7.src as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.404-1.git.1675.3094ee9.el7.src"
},
"product_reference": "atomic-enterprise-service-catalog-1:3.11.404-1.git.1675.3094ee9.el7.src",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "atomic-enterprise-service-catalog-1:3.11.404-1.git.1675.3094ee9.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.404-1.git.1675.3094ee9.el7.x86_64"
},
"product_reference": "atomic-enterprise-service-catalog-1:3.11.404-1.git.1675.3094ee9.el7.x86_64",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "atomic-enterprise-service-catalog-svcat-1:3.11.404-1.git.1675.3094ee9.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.404-1.git.1675.3094ee9.el7.ppc64le"
},
"product_reference": "atomic-enterprise-service-catalog-svcat-1:3.11.404-1.git.1675.3094ee9.el7.ppc64le",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "atomic-enterprise-service-catalog-svcat-1:3.11.404-1.git.1675.3094ee9.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.404-1.git.1675.3094ee9.el7.x86_64"
},
"product_reference": "atomic-enterprise-service-catalog-svcat-1:3.11.404-1.git.1675.3094ee9.el7.x86_64",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "atomic-openshift-0:3.11.404-1.git.0.dd58619.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.404-1.git.0.dd58619.el7.ppc64le"
},
"product_reference": "atomic-openshift-0:3.11.404-1.git.0.dd58619.el7.ppc64le",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "atomic-openshift-0:3.11.404-1.git.0.dd58619.el7.src as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.404-1.git.0.dd58619.el7.src"
},
"product_reference": "atomic-openshift-0:3.11.404-1.git.0.dd58619.el7.src",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "atomic-openshift-0:3.11.404-1.git.0.dd58619.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.404-1.git.0.dd58619.el7.x86_64"
},
"product_reference": "atomic-openshift-0:3.11.404-1.git.0.dd58619.el7.x86_64",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "atomic-openshift-clients-0:3.11.404-1.git.0.dd58619.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.404-1.git.0.dd58619.el7.ppc64le"
},
"product_reference": "atomic-openshift-clients-0:3.11.404-1.git.0.dd58619.el7.ppc64le",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "atomic-openshift-clients-0:3.11.404-1.git.0.dd58619.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.404-1.git.0.dd58619.el7.x86_64"
},
"product_reference": "atomic-openshift-clients-0:3.11.404-1.git.0.dd58619.el7.x86_64",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "atomic-openshift-clients-redistributable-0:3.11.404-1.git.0.dd58619.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.404-1.git.0.dd58619.el7.x86_64"
},
"product_reference": "atomic-openshift-clients-redistributable-0:3.11.404-1.git.0.dd58619.el7.x86_64",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "atomic-openshift-cluster-autoscaler-0:3.11.404-1.git.0.2c258fe.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.404-1.git.0.2c258fe.el7.ppc64le"
},
"product_reference": "atomic-openshift-cluster-autoscaler-0:3.11.404-1.git.0.2c258fe.el7.ppc64le",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "atomic-openshift-cluster-autoscaler-0:3.11.404-1.git.0.2c258fe.el7.src as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.404-1.git.0.2c258fe.el7.src"
},
"product_reference": "atomic-openshift-cluster-autoscaler-0:3.11.404-1.git.0.2c258fe.el7.src",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "atomic-openshift-cluster-autoscaler-0:3.11.404-1.git.0.2c258fe.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.404-1.git.0.2c258fe.el7.x86_64"
},
"product_reference": "atomic-openshift-cluster-autoscaler-0:3.11.404-1.git.0.2c258fe.el7.x86_64",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "atomic-openshift-descheduler-0:3.11.404-1.git.299.2bfbb2f.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.404-1.git.299.2bfbb2f.el7.ppc64le"
},
"product_reference": "atomic-openshift-descheduler-0:3.11.404-1.git.299.2bfbb2f.el7.ppc64le",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "atomic-openshift-descheduler-0:3.11.404-1.git.299.2bfbb2f.el7.src as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.404-1.git.299.2bfbb2f.el7.src"
},
"product_reference": "atomic-openshift-descheduler-0:3.11.404-1.git.299.2bfbb2f.el7.src",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "atomic-openshift-descheduler-0:3.11.404-1.git.299.2bfbb2f.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.404-1.git.299.2bfbb2f.el7.x86_64"
},
"product_reference": "atomic-openshift-descheduler-0:3.11.404-1.git.299.2bfbb2f.el7.x86_64",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "atomic-openshift-docker-excluder-0:3.11.404-1.git.0.dd58619.el7.noarch as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.404-1.git.0.dd58619.el7.noarch"
},
"product_reference": "atomic-openshift-docker-excluder-0:3.11.404-1.git.0.dd58619.el7.noarch",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "atomic-openshift-dockerregistry-0:3.11.404-1.git.481.5000e2c.el7.src as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.404-1.git.481.5000e2c.el7.src"
},
"product_reference": "atomic-openshift-dockerregistry-0:3.11.404-1.git.481.5000e2c.el7.src",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "atomic-openshift-dockerregistry-0:3.11.404-1.git.481.5000e2c.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.404-1.git.481.5000e2c.el7.x86_64"
},
"product_reference": "atomic-openshift-dockerregistry-0:3.11.404-1.git.481.5000e2c.el7.x86_64",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "atomic-openshift-excluder-0:3.11.404-1.git.0.dd58619.el7.noarch as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.404-1.git.0.dd58619.el7.noarch"
},
"product_reference": "atomic-openshift-excluder-0:3.11.404-1.git.0.dd58619.el7.noarch",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "atomic-openshift-hyperkube-0:3.11.404-1.git.0.dd58619.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.404-1.git.0.dd58619.el7.ppc64le"
},
"product_reference": "atomic-openshift-hyperkube-0:3.11.404-1.git.0.dd58619.el7.ppc64le",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "atomic-openshift-hyperkube-0:3.11.404-1.git.0.dd58619.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.404-1.git.0.dd58619.el7.x86_64"
},
"product_reference": "atomic-openshift-hyperkube-0:3.11.404-1.git.0.dd58619.el7.x86_64",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "atomic-openshift-hypershift-0:3.11.404-1.git.0.dd58619.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.404-1.git.0.dd58619.el7.ppc64le"
},
"product_reference": "atomic-openshift-hypershift-0:3.11.404-1.git.0.dd58619.el7.ppc64le",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "atomic-openshift-hypershift-0:3.11.404-1.git.0.dd58619.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.404-1.git.0.dd58619.el7.x86_64"
},
"product_reference": "atomic-openshift-hypershift-0:3.11.404-1.git.0.dd58619.el7.x86_64",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "atomic-openshift-master-0:3.11.404-1.git.0.dd58619.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.404-1.git.0.dd58619.el7.ppc64le"
},
"product_reference": "atomic-openshift-master-0:3.11.404-1.git.0.dd58619.el7.ppc64le",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "atomic-openshift-master-0:3.11.404-1.git.0.dd58619.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.404-1.git.0.dd58619.el7.x86_64"
},
"product_reference": "atomic-openshift-master-0:3.11.404-1.git.0.dd58619.el7.x86_64",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "atomic-openshift-metrics-server-0:3.11.404-1.git.53.b9081b6.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.404-1.git.53.b9081b6.el7.ppc64le"
},
"product_reference": "atomic-openshift-metrics-server-0:3.11.404-1.git.53.b9081b6.el7.ppc64le",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "atomic-openshift-metrics-server-0:3.11.404-1.git.53.b9081b6.el7.src as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.404-1.git.53.b9081b6.el7.src"
},
"product_reference": "atomic-openshift-metrics-server-0:3.11.404-1.git.53.b9081b6.el7.src",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "atomic-openshift-metrics-server-0:3.11.404-1.git.53.b9081b6.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.404-1.git.53.b9081b6.el7.x86_64"
},
"product_reference": "atomic-openshift-metrics-server-0:3.11.404-1.git.53.b9081b6.el7.x86_64",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "atomic-openshift-node-0:3.11.404-1.git.0.dd58619.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.404-1.git.0.dd58619.el7.ppc64le"
},
"product_reference": "atomic-openshift-node-0:3.11.404-1.git.0.dd58619.el7.ppc64le",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "atomic-openshift-node-0:3.11.404-1.git.0.dd58619.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.404-1.git.0.dd58619.el7.x86_64"
},
"product_reference": "atomic-openshift-node-0:3.11.404-1.git.0.dd58619.el7.x86_64",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "atomic-openshift-node-problem-detector-0:3.11.400-1.git.263.930aa57.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.400-1.git.263.930aa57.el7.ppc64le"
},
"product_reference": "atomic-openshift-node-problem-detector-0:3.11.400-1.git.263.930aa57.el7.ppc64le",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "atomic-openshift-node-problem-detector-0:3.11.400-1.git.263.930aa57.el7.src as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.400-1.git.263.930aa57.el7.src"
},
"product_reference": "atomic-openshift-node-problem-detector-0:3.11.400-1.git.263.930aa57.el7.src",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "atomic-openshift-node-problem-detector-0:3.11.400-1.git.263.930aa57.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.400-1.git.263.930aa57.el7.x86_64"
},
"product_reference": "atomic-openshift-node-problem-detector-0:3.11.400-1.git.263.930aa57.el7.x86_64",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "atomic-openshift-pod-0:3.11.404-1.git.0.dd58619.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.404-1.git.0.dd58619.el7.ppc64le"
},
"product_reference": "atomic-openshift-pod-0:3.11.404-1.git.0.dd58619.el7.ppc64le",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "atomic-openshift-pod-0:3.11.404-1.git.0.dd58619.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.404-1.git.0.dd58619.el7.x86_64"
},
"product_reference": "atomic-openshift-pod-0:3.11.404-1.git.0.dd58619.el7.x86_64",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "atomic-openshift-sdn-ovs-0:3.11.404-1.git.0.dd58619.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.404-1.git.0.dd58619.el7.ppc64le"
},
"product_reference": "atomic-openshift-sdn-ovs-0:3.11.404-1.git.0.dd58619.el7.ppc64le",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "atomic-openshift-sdn-ovs-0:3.11.404-1.git.0.dd58619.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.404-1.git.0.dd58619.el7.x86_64"
},
"product_reference": "atomic-openshift-sdn-ovs-0:3.11.404-1.git.0.dd58619.el7.x86_64",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "atomic-openshift-service-idler-0:3.11.404-1.git.15.6c64591.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.404-1.git.15.6c64591.el7.ppc64le"
},
"product_reference": "atomic-openshift-service-idler-0:3.11.404-1.git.15.6c64591.el7.ppc64le",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "atomic-openshift-service-idler-0:3.11.404-1.git.15.6c64591.el7.src as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.404-1.git.15.6c64591.el7.src"
},
"product_reference": "atomic-openshift-service-idler-0:3.11.404-1.git.15.6c64591.el7.src",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "atomic-openshift-service-idler-0:3.11.404-1.git.15.6c64591.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.404-1.git.15.6c64591.el7.x86_64"
},
"product_reference": "atomic-openshift-service-idler-0:3.11.404-1.git.15.6c64591.el7.x86_64",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "atomic-openshift-template-service-broker-0:3.11.404-1.git.0.dd58619.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.404-1.git.0.dd58619.el7.ppc64le"
},
"product_reference": "atomic-openshift-template-service-broker-0:3.11.404-1.git.0.dd58619.el7.ppc64le",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "atomic-openshift-template-service-broker-0:3.11.404-1.git.0.dd58619.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.404-1.git.0.dd58619.el7.x86_64"
},
"product_reference": "atomic-openshift-template-service-broker-0:3.11.404-1.git.0.dd58619.el7.x86_64",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "atomic-openshift-tests-0:3.11.404-1.git.0.dd58619.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.404-1.git.0.dd58619.el7.ppc64le"
},
"product_reference": "atomic-openshift-tests-0:3.11.404-1.git.0.dd58619.el7.ppc64le",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "atomic-openshift-tests-0:3.11.404-1.git.0.dd58619.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.404-1.git.0.dd58619.el7.x86_64"
},
"product_reference": "atomic-openshift-tests-0:3.11.404-1.git.0.dd58619.el7.x86_64",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "atomic-openshift-web-console-0:3.11.404-1.git.677.0e37db7.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.404-1.git.677.0e37db7.el7.ppc64le"
},
"product_reference": "atomic-openshift-web-console-0:3.11.404-1.git.677.0e37db7.el7.ppc64le",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "atomic-openshift-web-console-0:3.11.404-1.git.677.0e37db7.el7.src as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.404-1.git.677.0e37db7.el7.src"
},
"product_reference": "atomic-openshift-web-console-0:3.11.404-1.git.677.0e37db7.el7.src",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "atomic-openshift-web-console-0:3.11.404-1.git.677.0e37db7.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.404-1.git.677.0e37db7.el7.x86_64"
},
"product_reference": "atomic-openshift-web-console-0:3.11.404-1.git.677.0e37db7.el7.x86_64",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-openshift-oauth-proxy-0:3.11.404-1.git.439.06870e9.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.404-1.git.439.06870e9.el7.ppc64le"
},
"product_reference": "golang-github-openshift-oauth-proxy-0:3.11.404-1.git.439.06870e9.el7.ppc64le",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-openshift-oauth-proxy-0:3.11.404-1.git.439.06870e9.el7.src as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.404-1.git.439.06870e9.el7.src"
},
"product_reference": "golang-github-openshift-oauth-proxy-0:3.11.404-1.git.439.06870e9.el7.src",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-openshift-oauth-proxy-0:3.11.404-1.git.439.06870e9.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.404-1.git.439.06870e9.el7.x86_64"
},
"product_reference": "golang-github-openshift-oauth-proxy-0:3.11.404-1.git.439.06870e9.el7.x86_64",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-alertmanager-0:3.11.404-1.git.0.2817295.el7.src as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.404-1.git.0.2817295.el7.src"
},
"product_reference": "golang-github-prometheus-alertmanager-0:3.11.404-1.git.0.2817295.el7.src",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-node_exporter-0:3.11.404-1.git.1062.611825d.el7.src as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.404-1.git.1062.611825d.el7.src"
},
"product_reference": "golang-github-prometheus-node_exporter-0:3.11.404-1.git.1062.611825d.el7.src",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-prometheus-0:3.11.404-1.git.5026.5f1d705.el7.src as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.404-1.git.5026.5f1d705.el7.src"
},
"product_reference": "golang-github-prometheus-prometheus-0:3.11.404-1.git.5026.5f1d705.el7.src",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-ansible-0:3.11.404-1.git.0.d161108.el7.noarch as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.404-1.git.0.d161108.el7.noarch"
},
"product_reference": "openshift-ansible-0:3.11.404-1.git.0.d161108.el7.noarch",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-ansible-0:3.11.404-1.git.0.d161108.el7.src as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.404-1.git.0.d161108.el7.src"
},
"product_reference": "openshift-ansible-0:3.11.404-1.git.0.d161108.el7.src",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-ansible-docs-0:3.11.404-1.git.0.d161108.el7.noarch as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.404-1.git.0.d161108.el7.noarch"
},
"product_reference": "openshift-ansible-docs-0:3.11.404-1.git.0.d161108.el7.noarch",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-ansible-playbooks-0:3.11.404-1.git.0.d161108.el7.noarch as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.404-1.git.0.d161108.el7.noarch"
},
"product_reference": "openshift-ansible-playbooks-0:3.11.404-1.git.0.d161108.el7.noarch",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-ansible-roles-0:3.11.404-1.git.0.d161108.el7.noarch as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.404-1.git.0.d161108.el7.noarch"
},
"product_reference": "openshift-ansible-roles-0:3.11.404-1.git.0.d161108.el7.noarch",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-ansible-test-0:3.11.404-1.git.0.d161108.el7.noarch as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.404-1.git.0.d161108.el7.noarch"
},
"product_reference": "openshift-ansible-test-0:3.11.404-1.git.0.d161108.el7.noarch",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-enterprise-autoheal-0:3.11.404-1.git.218.c348621.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.404-1.git.218.c348621.el7.ppc64le"
},
"product_reference": "openshift-enterprise-autoheal-0:3.11.404-1.git.218.c348621.el7.ppc64le",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-enterprise-autoheal-0:3.11.404-1.git.218.c348621.el7.src as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.404-1.git.218.c348621.el7.src"
},
"product_reference": "openshift-enterprise-autoheal-0:3.11.404-1.git.218.c348621.el7.src",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-enterprise-autoheal-0:3.11.404-1.git.218.c348621.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.404-1.git.218.c348621.el7.x86_64"
},
"product_reference": "openshift-enterprise-autoheal-0:3.11.404-1.git.218.c348621.el7.x86_64",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-enterprise-cluster-capacity-0:3.11.404-1.git.379.e6e2a1d.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.404-1.git.379.e6e2a1d.el7.ppc64le"
},
"product_reference": "openshift-enterprise-cluster-capacity-0:3.11.404-1.git.379.e6e2a1d.el7.ppc64le",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-enterprise-cluster-capacity-0:3.11.404-1.git.379.e6e2a1d.el7.src as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.404-1.git.379.e6e2a1d.el7.src"
},
"product_reference": "openshift-enterprise-cluster-capacity-0:3.11.404-1.git.379.e6e2a1d.el7.src",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-enterprise-cluster-capacity-0:3.11.404-1.git.379.e6e2a1d.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.404-1.git.379.e6e2a1d.el7.x86_64"
},
"product_reference": "openshift-enterprise-cluster-capacity-0:3.11.404-1.git.379.e6e2a1d.el7.x86_64",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-kuryr-0:3.11.404-1.git.1494.91fb403.el7.src as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:openshift-kuryr-0:3.11.404-1.git.1494.91fb403.el7.src"
},
"product_reference": "openshift-kuryr-0:3.11.404-1.git.1494.91fb403.el7.src",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-kuryr-cni-0:3.11.404-1.git.1494.91fb403.el7.noarch as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:openshift-kuryr-cni-0:3.11.404-1.git.1494.91fb403.el7.noarch"
},
"product_reference": "openshift-kuryr-cni-0:3.11.404-1.git.1494.91fb403.el7.noarch",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-kuryr-common-0:3.11.404-1.git.1494.91fb403.el7.noarch as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:openshift-kuryr-common-0:3.11.404-1.git.1494.91fb403.el7.noarch"
},
"product_reference": "openshift-kuryr-common-0:3.11.404-1.git.1494.91fb403.el7.noarch",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-kuryr-controller-0:3.11.404-1.git.1494.91fb403.el7.noarch as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:openshift-kuryr-controller-0:3.11.404-1.git.1494.91fb403.el7.noarch"
},
"product_reference": "openshift-kuryr-controller-0:3.11.404-1.git.1494.91fb403.el7.noarch",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "prometheus-0:3.11.404-1.git.5026.5f1d705.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.404-1.git.5026.5f1d705.el7.ppc64le"
},
"product_reference": "prometheus-0:3.11.404-1.git.5026.5f1d705.el7.ppc64le",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "prometheus-0:3.11.404-1.git.5026.5f1d705.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.404-1.git.5026.5f1d705.el7.x86_64"
},
"product_reference": "prometheus-0:3.11.404-1.git.5026.5f1d705.el7.x86_64",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "prometheus-alertmanager-0:3.11.404-1.git.0.2817295.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.404-1.git.0.2817295.el7.ppc64le"
},
"product_reference": "prometheus-alertmanager-0:3.11.404-1.git.0.2817295.el7.ppc64le",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "prometheus-alertmanager-0:3.11.404-1.git.0.2817295.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.404-1.git.0.2817295.el7.x86_64"
},
"product_reference": "prometheus-alertmanager-0:3.11.404-1.git.0.2817295.el7.x86_64",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "prometheus-node-exporter-0:3.11.404-1.git.1062.611825d.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.404-1.git.1062.611825d.el7.ppc64le"
},
"product_reference": "prometheus-node-exporter-0:3.11.404-1.git.1062.611825d.el7.ppc64le",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "prometheus-node-exporter-0:3.11.404-1.git.1062.611825d.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.404-1.git.1062.611825d.el7.x86_64"
},
"product_reference": "prometheus-node-exporter-0:3.11.404-1.git.1062.611825d.el7.x86_64",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python2-kuryr-kubernetes-0:3.11.404-1.git.1494.91fb403.el7.noarch as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:python2-kuryr-kubernetes-0:3.11.404-1.git.1494.91fb403.el7.noarch"
},
"product_reference": "python2-kuryr-kubernetes-0:3.11.404-1.git.1494.91fb403.el7.noarch",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2020-27813",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2020-11-27T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.404-1.git.1675.3094ee9.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.404-1.git.1675.3094ee9.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.404-1.git.1675.3094ee9.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.404-1.git.1675.3094ee9.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.404-1.git.1675.3094ee9.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.404-1.git.0.dd58619.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.404-1.git.0.dd58619.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.404-1.git.0.dd58619.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.404-1.git.0.dd58619.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.404-1.git.0.dd58619.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.404-1.git.0.dd58619.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.404-1.git.299.2bfbb2f.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.404-1.git.299.2bfbb2f.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.404-1.git.299.2bfbb2f.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.404-1.git.0.dd58619.el7.noarch",
"7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.404-1.git.481.5000e2c.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.404-1.git.481.5000e2c.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.404-1.git.0.dd58619.el7.noarch",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.404-1.git.0.dd58619.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.404-1.git.0.dd58619.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.404-1.git.0.dd58619.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.404-1.git.0.dd58619.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.404-1.git.0.dd58619.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.404-1.git.0.dd58619.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.404-1.git.53.b9081b6.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.404-1.git.53.b9081b6.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.404-1.git.53.b9081b6.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.404-1.git.0.dd58619.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.404-1.git.0.dd58619.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.400-1.git.263.930aa57.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.400-1.git.263.930aa57.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.400-1.git.263.930aa57.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.404-1.git.0.dd58619.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.404-1.git.0.dd58619.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.404-1.git.0.dd58619.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.404-1.git.0.dd58619.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.404-1.git.15.6c64591.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.404-1.git.15.6c64591.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.404-1.git.15.6c64591.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.404-1.git.0.dd58619.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.404-1.git.0.dd58619.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.404-1.git.0.dd58619.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.404-1.git.0.dd58619.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.404-1.git.677.0e37db7.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.404-1.git.677.0e37db7.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.404-1.git.677.0e37db7.el7.x86_64",
"7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.404-1.git.439.06870e9.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.404-1.git.439.06870e9.el7.src",
"7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.404-1.git.439.06870e9.el7.x86_64",
"7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.404-1.git.0.2817295.el7.src",
"7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.404-1.git.1062.611825d.el7.src",
"7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.404-1.git.5026.5f1d705.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.404-1.git.0.d161108.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.404-1.git.0.d161108.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.404-1.git.0.d161108.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.404-1.git.0.d161108.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.404-1.git.0.d161108.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.404-1.git.0.d161108.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.404-1.git.218.c348621.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.404-1.git.218.c348621.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.404-1.git.218.c348621.el7.x86_64",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.404-1.git.379.e6e2a1d.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.404-1.git.379.e6e2a1d.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.404-1.git.379.e6e2a1d.el7.x86_64",
"7Server-RH7-RHOSE-3.11:openshift-kuryr-0:3.11.404-1.git.1494.91fb403.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-kuryr-cni-0:3.11.404-1.git.1494.91fb403.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-kuryr-common-0:3.11.404-1.git.1494.91fb403.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-kuryr-controller-0:3.11.404-1.git.1494.91fb403.el7.noarch",
"7Server-RH7-RHOSE-3.11:prometheus-0:3.11.404-1.git.5026.5f1d705.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:prometheus-0:3.11.404-1.git.5026.5f1d705.el7.x86_64",
"7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.404-1.git.0.2817295.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.404-1.git.0.2817295.el7.x86_64",
"7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.404-1.git.1062.611825d.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.404-1.git.1062.611825d.el7.x86_64",
"7Server-RH7-RHOSE-3.11:python2-kuryr-kubernetes-0:3.11.404-1.git.1494.91fb403.el7.noarch"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1902111"
}
],
"notes": [
{
"category": "description",
"text": "An integer overflow vulnerability exists with the length of websocket frames received via a websocket connection. An attacker could use this flaw to cause a denial of service attack on an HTTP Server allowing websocket connections.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang-github-gorilla-websocket: integer overflow leads to denial of service",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.404-1.git.0.2c258fe.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.404-1.git.0.2c258fe.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.404-1.git.0.2c258fe.el7.x86_64"
],
"known_not_affected": [
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.404-1.git.1675.3094ee9.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.404-1.git.1675.3094ee9.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.404-1.git.1675.3094ee9.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.404-1.git.1675.3094ee9.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.404-1.git.1675.3094ee9.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.404-1.git.0.dd58619.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.404-1.git.0.dd58619.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.404-1.git.0.dd58619.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.404-1.git.0.dd58619.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.404-1.git.0.dd58619.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.404-1.git.0.dd58619.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.404-1.git.299.2bfbb2f.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.404-1.git.299.2bfbb2f.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.404-1.git.299.2bfbb2f.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.404-1.git.0.dd58619.el7.noarch",
"7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.404-1.git.481.5000e2c.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.404-1.git.481.5000e2c.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.404-1.git.0.dd58619.el7.noarch",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.404-1.git.0.dd58619.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.404-1.git.0.dd58619.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.404-1.git.0.dd58619.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.404-1.git.0.dd58619.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.404-1.git.0.dd58619.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.404-1.git.0.dd58619.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.404-1.git.53.b9081b6.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.404-1.git.53.b9081b6.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.404-1.git.53.b9081b6.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.404-1.git.0.dd58619.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.404-1.git.0.dd58619.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.400-1.git.263.930aa57.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.400-1.git.263.930aa57.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.400-1.git.263.930aa57.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.404-1.git.0.dd58619.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.404-1.git.0.dd58619.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.404-1.git.0.dd58619.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.404-1.git.0.dd58619.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.404-1.git.15.6c64591.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.404-1.git.15.6c64591.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.404-1.git.15.6c64591.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.404-1.git.0.dd58619.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.404-1.git.0.dd58619.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.404-1.git.0.dd58619.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.404-1.git.0.dd58619.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.404-1.git.677.0e37db7.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.404-1.git.677.0e37db7.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.404-1.git.677.0e37db7.el7.x86_64",
"7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.404-1.git.439.06870e9.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.404-1.git.439.06870e9.el7.src",
"7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.404-1.git.439.06870e9.el7.x86_64",
"7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.404-1.git.0.2817295.el7.src",
"7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.404-1.git.1062.611825d.el7.src",
"7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.404-1.git.5026.5f1d705.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.404-1.git.0.d161108.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.404-1.git.0.d161108.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.404-1.git.0.d161108.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.404-1.git.0.d161108.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.404-1.git.0.d161108.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.404-1.git.0.d161108.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.404-1.git.218.c348621.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.404-1.git.218.c348621.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.404-1.git.218.c348621.el7.x86_64",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.404-1.git.379.e6e2a1d.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.404-1.git.379.e6e2a1d.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.404-1.git.379.e6e2a1d.el7.x86_64",
"7Server-RH7-RHOSE-3.11:openshift-kuryr-0:3.11.404-1.git.1494.91fb403.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-kuryr-cni-0:3.11.404-1.git.1494.91fb403.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-kuryr-common-0:3.11.404-1.git.1494.91fb403.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-kuryr-controller-0:3.11.404-1.git.1494.91fb403.el7.noarch",
"7Server-RH7-RHOSE-3.11:prometheus-0:3.11.404-1.git.5026.5f1d705.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:prometheus-0:3.11.404-1.git.5026.5f1d705.el7.x86_64",
"7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.404-1.git.0.2817295.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.404-1.git.0.2817295.el7.x86_64",
"7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.404-1.git.1062.611825d.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.404-1.git.1062.611825d.el7.x86_64",
"7Server-RH7-RHOSE-3.11:python2-kuryr-kubernetes-0:3.11.404-1.git.1494.91fb403.el7.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-27813"
},
{
"category": "external",
"summary": "RHBZ#1902111",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1902111"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-27813",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-27813"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-27813",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-27813"
},
{
"category": "external",
"summary": "https://github.com/gorilla/websocket/security/advisories/GHSA-jf24-p9p9-4rjh",
"url": "https://github.com/gorilla/websocket/security/advisories/GHSA-jf24-p9p9-4rjh"
}
],
"release_date": "2019-08-25T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "See the following documentation, which will be updated shortly for release\n3.11.404, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/3.11/release_notes/ocp_3_11_release_notes.html\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/articles/11258.",
"product_ids": [
"7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.404-1.git.0.2c258fe.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.404-1.git.0.2c258fe.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.404-1.git.0.2c258fe.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:0833"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.404-1.git.0.2c258fe.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.404-1.git.0.2c258fe.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.404-1.git.0.2c258fe.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang-github-gorilla-websocket: integer overflow leads to denial of service"
}
]
}
rhsa-2021_2920
Vulnerability from csaf_redhat
Published
2021-07-28 14:11
Modified
2024-09-18 04:19
Summary
Red Hat Security Advisory: OpenShift Virtualization 4.8.0 Images
Notes
Topic
Red Hat OpenShift Virtualization release 4.8.0 is now available with updates to packages and images that fix several bugs and add enhancements.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
OpenShift Virtualization is Red Hat's virtualization solution designed for Red Hat OpenShift Container Platform.
This advisory contains the following OpenShift Virtualization 4.8.0 images:
RHEL-8-CNV-4.8
==============
kubevirt-template-validator-container-v4.8.0-9
kubevirt-ssp-operator-container-v4.8.0-41
virt-cdi-uploadserver-container-v4.8.0-25
cnv-must-gather-container-v4.8.0-50
virt-cdi-uploadproxy-container-v4.8.0-25
virt-cdi-cloner-container-v4.8.0-25
virt-cdi-apiserver-container-v4.8.0-25
kubevirt-v2v-conversion-container-v4.8.0-10
hostpath-provisioner-operator-container-v4.8.0-17
hyperconverged-cluster-webhook-container-v4.8.0-62
hyperconverged-cluster-operator-container-v4.8.0-62
virt-cdi-operator-container-v4.8.0-25
virt-cdi-importer-container-v4.8.0-25
virt-cdi-controller-container-v4.8.0-25
cnv-containernetworking-plugins-container-v4.8.0-14
kubemacpool-container-v4.8.0-22
ovs-cni-plugin-container-v4.8.0-17
ovs-cni-marker-container-v4.8.0-17
bridge-marker-container-v4.8.0-17
cluster-network-addons-operator-container-v4.8.0-28
kubernetes-nmstate-handler-container-v4.8.0-21
virtio-win-container-v4.8.0-9
kubevirt-vmware-container-v4.8.0-11
hostpath-provisioner-container-v4.8.0-14
node-maintenance-operator-container-v4.8.0-19
virt-launcher-container-v4.8.0-67
vm-import-virtv2v-container-v4.8.0-18
vm-import-controller-container-v4.8.0-18
vm-import-operator-container-v4.8.0-18
virt-handler-container-v4.8.0-67
virt-api-container-v4.8.0-67
virt-controller-container-v4.8.0-67
virt-operator-container-v4.8.0-67
hco-bundle-registry-container-v4.8.0-451
Security Fix(es):
* golang: crypto/ssh: crafted authentication request can lead to nil pointer dereference (CVE-2020-29652)
* gogo/protobuf: plugin/unmarshal/unmarshal.go lacks certain index validation (CVE-2021-3121)
* golang-github-gorilla-websocket: integer overflow leads to denial of service (CVE-2020-27813)
* golang: crypto/elliptic: incorrect operations on the P-224 curve (CVE-2021-3114)
* ulikunitz/xz: Infinite loop in readUvarint allows for denial of service (CVE-2021-29482)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_vex",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Red Hat OpenShift Virtualization release 4.8.0 is now available with updates to packages and images that fix several bugs and add enhancements.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "OpenShift Virtualization is Red Hat\u0027s virtualization solution designed for Red Hat OpenShift Container Platform.\n\nThis advisory contains the following OpenShift Virtualization 4.8.0 images:\n\nRHEL-8-CNV-4.8\n==============\n\nkubevirt-template-validator-container-v4.8.0-9\nkubevirt-ssp-operator-container-v4.8.0-41\nvirt-cdi-uploadserver-container-v4.8.0-25\ncnv-must-gather-container-v4.8.0-50\nvirt-cdi-uploadproxy-container-v4.8.0-25\nvirt-cdi-cloner-container-v4.8.0-25\nvirt-cdi-apiserver-container-v4.8.0-25\nkubevirt-v2v-conversion-container-v4.8.0-10\nhostpath-provisioner-operator-container-v4.8.0-17\nhyperconverged-cluster-webhook-container-v4.8.0-62\nhyperconverged-cluster-operator-container-v4.8.0-62\nvirt-cdi-operator-container-v4.8.0-25\nvirt-cdi-importer-container-v4.8.0-25\nvirt-cdi-controller-container-v4.8.0-25\ncnv-containernetworking-plugins-container-v4.8.0-14\nkubemacpool-container-v4.8.0-22\novs-cni-plugin-container-v4.8.0-17\novs-cni-marker-container-v4.8.0-17\nbridge-marker-container-v4.8.0-17\ncluster-network-addons-operator-container-v4.8.0-28\nkubernetes-nmstate-handler-container-v4.8.0-21\nvirtio-win-container-v4.8.0-9\nkubevirt-vmware-container-v4.8.0-11\nhostpath-provisioner-container-v4.8.0-14\nnode-maintenance-operator-container-v4.8.0-19\nvirt-launcher-container-v4.8.0-67\nvm-import-virtv2v-container-v4.8.0-18\nvm-import-controller-container-v4.8.0-18\nvm-import-operator-container-v4.8.0-18\nvirt-handler-container-v4.8.0-67\nvirt-api-container-v4.8.0-67\nvirt-controller-container-v4.8.0-67\nvirt-operator-container-v4.8.0-67\nhco-bundle-registry-container-v4.8.0-451\n\nSecurity Fix(es):\n\n* golang: crypto/ssh: crafted authentication request can lead to nil pointer dereference (CVE-2020-29652)\n\n* gogo/protobuf: plugin/unmarshal/unmarshal.go lacks certain index validation (CVE-2021-3121)\n\n* golang-github-gorilla-websocket: integer overflow leads to denial of service (CVE-2020-27813)\n\n* golang: crypto/elliptic: incorrect operations on the P-224 curve (CVE-2021-3114)\n\n* ulikunitz/xz: Infinite loop in readUvarint allows for denial of service (CVE-2021-29482)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat offerings.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2021:2920",
"url": "https://access.redhat.com/errata/RHSA-2021:2920"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "1663162",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1663162"
},
{
"category": "external",
"summary": "1731819",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1731819"
},
{
"category": "external",
"summary": "1827793",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1827793"
},
{
"category": "external",
"summary": "1860671",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1860671"
},
{
"category": "external",
"summary": "1862701",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1862701"
},
{
"category": "external",
"summary": "1862997",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1862997"
},
{
"category": "external",
"summary": "1868099",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1868099"
},
{
"category": "external",
"summary": "1868359",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1868359"
},
{
"category": "external",
"summary": "1873555",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1873555"
},
{
"category": "external",
"summary": "1893790",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1893790"
},
{
"category": "external",
"summary": "1896387",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1896387"
},
{
"category": "external",
"summary": "1896795",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1896795"
},
{
"category": "external",
"summary": "1896797",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1896797"
},
{
"category": "external",
"summary": "1898999",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1898999"
},
{
"category": "external",
"summary": "1900273",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1900273"
},
{
"category": "external",
"summary": "1901335",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1901335"
},
{
"category": "external",
"summary": "1901859",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1901859"
},
{
"category": "external",
"summary": "1902111",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1902111"
},
{
"category": "external",
"summary": "1903667",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1903667"
},
{
"category": "external",
"summary": "1903679",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1903679"
},
{
"category": "external",
"summary": "1907707",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1907707"
},
{
"category": "external",
"summary": "1908883",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1908883"
},
{
"category": "external",
"summary": "1911590",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1911590"
},
{
"category": "external",
"summary": "1915474",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1915474"
},
{
"category": "external",
"summary": "1917380",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1917380"
},
{
"category": "external",
"summary": "1918750",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1918750"
},
{
"category": "external",
"summary": "1921280",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1921280"
},
{
"category": "external",
"summary": "1921650",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1921650"
},
{
"category": "external",
"summary": "1923243",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1923243"
},
{
"category": "external",
"summary": "1923251",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1923251"
},
{
"category": "external",
"summary": "1924479",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1924479"
},
{
"category": "external",
"summary": "1926019",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1926019"
},
{
"category": "external",
"summary": "1926746",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1926746"
},
{
"category": "external",
"summary": "1926986",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1926986"
},
{
"category": "external",
"summary": "1927473",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1927473"
},
{
"category": "external",
"summary": "1927853",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1927853"
},
{
"category": "external",
"summary": "1927886",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1927886"
},
{
"category": "external",
"summary": "1929351",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1929351"
},
{
"category": "external",
"summary": "1931519",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1931519"
},
{
"category": "external",
"summary": "1932672",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1932672"
},
{
"category": "external",
"summary": "1936432",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1936432"
},
{
"category": "external",
"summary": "1936926",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1936926"
},
{
"category": "external",
"summary": "1936932",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1936932"
},
{
"category": "external",
"summary": "1937307",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1937307"
},
{
"category": "external",
"summary": "1937873",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1937873"
},
{
"category": "external",
"summary": "1937920",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1937920"
},
{
"category": "external",
"summary": "1938241",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1938241"
},
{
"category": "external",
"summary": "1939987",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1939987"
},
{
"category": "external",
"summary": "1941811",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1941811"
},
{
"category": "external",
"summary": "1942424",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1942424"
},
{
"category": "external",
"summary": "1943217",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1943217"
},
{
"category": "external",
"summary": "1944379",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1944379"
},
{
"category": "external",
"summary": "1945522",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1945522"
},
{
"category": "external",
"summary": "1945606",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1945606"
},
{
"category": "external",
"summary": "1945608",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1945608"
},
{
"category": "external",
"summary": "1946100",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1946100"
},
{
"category": "external",
"summary": "1949392",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1949392"
},
{
"category": "external",
"summary": "1949795",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1949795"
},
{
"category": "external",
"summary": "1950776",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1950776"
},
{
"category": "external",
"summary": "1951551",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1951551"
},
{
"category": "external",
"summary": "1952033",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1952033"
},
{
"category": "external",
"summary": "1952034",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1952034"
},
{
"category": "external",
"summary": "1952036",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1952036"
},
{
"category": "external",
"summary": "1952041",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1952041"
},
{
"category": "external",
"summary": "1952052",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1952052"
},
{
"category": "external",
"summary": "1952619",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1952619"
},
{
"category": "external",
"summary": "1953604",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1953604"
},
{
"category": "external",
"summary": "1953796",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1953796"
},
{
"category": "external",
"summary": "1953999",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1953999"
},
{
"category": "external",
"summary": "1954017",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1954017"
},
{
"category": "external",
"summary": "1954368",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1954368"
},
{
"category": "external",
"summary": "1954470",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1954470"
},
{
"category": "external",
"summary": "1954486",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1954486"
},
{
"category": "external",
"summary": "1954498",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1954498"
},
{
"category": "external",
"summary": "1954663",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1954663"
},
{
"category": "external",
"summary": "1954667",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1954667"
},
{
"category": "external",
"summary": "1956245",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1956245"
},
{
"category": "external",
"summary": "1956304",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1956304"
},
{
"category": "external",
"summary": "1956792",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1956792"
},
{
"category": "external",
"summary": "1957423",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1957423"
},
{
"category": "external",
"summary": "1957521",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1957521"
},
{
"category": "external",
"summary": "1958108",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1958108"
},
{
"category": "external",
"summary": "1958862",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1958862"
},
{
"category": "external",
"summary": "1961222",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1961222"
},
{
"category": "external",
"summary": "1961227",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1961227"
},
{
"category": "external",
"summary": "1962135",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1962135"
},
{
"category": "external",
"summary": "1962604",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1962604"
},
{
"category": "external",
"summary": "1964483",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1964483"
},
{
"category": "external",
"summary": "1964583",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1964583"
},
{
"category": "external",
"summary": "1965390",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1965390"
},
{
"category": "external",
"summary": "1967526",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1967526"
},
{
"category": "external",
"summary": "1967771",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1967771"
},
{
"category": "external",
"summary": "1968196",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1968196"
},
{
"category": "external",
"summary": "1969272",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1969272"
},
{
"category": "external",
"summary": "1969894",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1969894"
},
{
"category": "external",
"summary": "1969912",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1969912"
},
{
"category": "external",
"summary": "1972895",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1972895"
},
{
"category": "external",
"summary": "1974297",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1974297"
},
{
"category": "external",
"summary": "1977179",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1977179"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/data/csaf/v2/advisories/2021/rhsa-2021_2920.json"
}
],
"title": "Red Hat Security Advisory: OpenShift Virtualization 4.8.0 Images",
"tracking": {
"current_release_date": "2024-09-18T04:19:15+00:00",
"generator": {
"date": "2024-09-18T04:19:15+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "3.33.3"
}
},
"id": "RHSA-2021:2920",
"initial_release_date": "2021-07-28T14:11:53+00:00",
"revision_history": [
{
"date": "2021-07-28T14:11:53+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2021-07-28T14:11:53+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-09-18T04:19:15+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "CNV 4.8 for RHEL 8",
"product": {
"name": "CNV 4.8 for RHEL 8",
"product_id": "8Base-CNV-4.8",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:container_native_virtualization:4.8::el8"
}
}
}
],
"category": "product_family",
"name": "OpenShift Virtualization"
},
{
"branches": [
{
"category": "product_version",
"name": "container-native-virtualization/kubernetes-nmstate-handler-rhel8@sha256:3824ad38c9096358a7a901d1a790de5748fa84cb4c755751abe41f924d091d14_amd64",
"product": {
"name": "container-native-virtualization/kubernetes-nmstate-handler-rhel8@sha256:3824ad38c9096358a7a901d1a790de5748fa84cb4c755751abe41f924d091d14_amd64",
"product_id": "container-native-virtualization/kubernetes-nmstate-handler-rhel8@sha256:3824ad38c9096358a7a901d1a790de5748fa84cb4c755751abe41f924d091d14_amd64",
"product_identification_helper": {
"purl": "pkg:oci/kubernetes-nmstate-handler-rhel8@sha256:3824ad38c9096358a7a901d1a790de5748fa84cb4c755751abe41f924d091d14?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/kubernetes-nmstate-handler-rhel8\u0026tag=v4.8.0-21"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/kubevirt-v2v-conversion@sha256:2f445fac142b49317c7fb819031f2022618274f4fc0cc8e49431afa26bbf5d28_amd64",
"product": {
"name": "container-native-virtualization/kubevirt-v2v-conversion@sha256:2f445fac142b49317c7fb819031f2022618274f4fc0cc8e49431afa26bbf5d28_amd64",
"product_id": "container-native-virtualization/kubevirt-v2v-conversion@sha256:2f445fac142b49317c7fb819031f2022618274f4fc0cc8e49431afa26bbf5d28_amd64",
"product_identification_helper": {
"purl": "pkg:oci/kubevirt-v2v-conversion@sha256:2f445fac142b49317c7fb819031f2022618274f4fc0cc8e49431afa26bbf5d28?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/kubevirt-v2v-conversion\u0026tag=v4.8.0-10"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/kubevirt-vmware@sha256:f0c0f709a55956c330158c5312261b80b954adf9bb2c6c9507406127175eb8c1_amd64",
"product": {
"name": "container-native-virtualization/kubevirt-vmware@sha256:f0c0f709a55956c330158c5312261b80b954adf9bb2c6c9507406127175eb8c1_amd64",
"product_id": "container-native-virtualization/kubevirt-vmware@sha256:f0c0f709a55956c330158c5312261b80b954adf9bb2c6c9507406127175eb8c1_amd64",
"product_identification_helper": {
"purl": "pkg:oci/kubevirt-vmware@sha256:f0c0f709a55956c330158c5312261b80b954adf9bb2c6c9507406127175eb8c1?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/kubevirt-vmware\u0026tag=v4.8.0-11"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/node-maintenance-operator@sha256:a987c89b87c05a96dacabc78bccfb4526536207f0da31383776dba0b77dfad75_amd64",
"product": {
"name": "container-native-virtualization/node-maintenance-operator@sha256:a987c89b87c05a96dacabc78bccfb4526536207f0da31383776dba0b77dfad75_amd64",
"product_id": "container-native-virtualization/node-maintenance-operator@sha256:a987c89b87c05a96dacabc78bccfb4526536207f0da31383776dba0b77dfad75_amd64",
"product_identification_helper": {
"purl": "pkg:oci/node-maintenance-operator@sha256:a987c89b87c05a96dacabc78bccfb4526536207f0da31383776dba0b77dfad75?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/node-maintenance-operator\u0026tag=v4.8.0-19"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/vm-import-controller@sha256:cf7a32623aa1cb88571f9ad762f323d91e02aa851d9e80ebe1d7c6a930fe4f7d_amd64",
"product": {
"name": "container-native-virtualization/vm-import-controller@sha256:cf7a32623aa1cb88571f9ad762f323d91e02aa851d9e80ebe1d7c6a930fe4f7d_amd64",
"product_id": "container-native-virtualization/vm-import-controller@sha256:cf7a32623aa1cb88571f9ad762f323d91e02aa851d9e80ebe1d7c6a930fe4f7d_amd64",
"product_identification_helper": {
"purl": "pkg:oci/vm-import-controller@sha256:cf7a32623aa1cb88571f9ad762f323d91e02aa851d9e80ebe1d7c6a930fe4f7d?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/vm-import-controller\u0026tag=v4.8.0-18"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/vm-import-controller-rhel8@sha256:cf7a32623aa1cb88571f9ad762f323d91e02aa851d9e80ebe1d7c6a930fe4f7d_amd64",
"product": {
"name": "container-native-virtualization/vm-import-controller-rhel8@sha256:cf7a32623aa1cb88571f9ad762f323d91e02aa851d9e80ebe1d7c6a930fe4f7d_amd64",
"product_id": "container-native-virtualization/vm-import-controller-rhel8@sha256:cf7a32623aa1cb88571f9ad762f323d91e02aa851d9e80ebe1d7c6a930fe4f7d_amd64",
"product_identification_helper": {
"purl": "pkg:oci/vm-import-controller-rhel8@sha256:cf7a32623aa1cb88571f9ad762f323d91e02aa851d9e80ebe1d7c6a930fe4f7d?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/vm-import-controller-rhel8\u0026tag=v4.8.0-18"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/vm-import-operator-rhel8@sha256:d5f101aa6d75dc70af48b74ab8e18b381f6956cb24fb79beaefecd0940233ae6_amd64",
"product": {
"name": "container-native-virtualization/vm-import-operator-rhel8@sha256:d5f101aa6d75dc70af48b74ab8e18b381f6956cb24fb79beaefecd0940233ae6_amd64",
"product_id": "container-native-virtualization/vm-import-operator-rhel8@sha256:d5f101aa6d75dc70af48b74ab8e18b381f6956cb24fb79beaefecd0940233ae6_amd64",
"product_identification_helper": {
"purl": "pkg:oci/vm-import-operator-rhel8@sha256:d5f101aa6d75dc70af48b74ab8e18b381f6956cb24fb79beaefecd0940233ae6?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/vm-import-operator-rhel8\u0026tag=v4.8.0-18"
}
}
},
{
"category": "product_version",
"name": "container-native-virtualization/vm-import-virtv2v-rhel8@sha256:fdd5a557c189674f9c222154fa38892b4f647b36804b79276b3d39ebfe40527d_amd64",
"product": {
"name": "container-native-virtualization/vm-import-virtv2v-rhel8@sha256:fdd5a557c189674f9c222154fa38892b4f647b36804b79276b3d39ebfe40527d_amd64",
"product_id": "container-native-virtualization/vm-import-virtv2v-rhel8@sha256:fdd5a557c189674f9c222154fa38892b4f647b36804b79276b3d39ebfe40527d_amd64",
"product_identification_helper": {
"purl": "pkg:oci/vm-import-virtv2v-rhel8@sha256:fdd5a557c189674f9c222154fa38892b4f647b36804b79276b3d39ebfe40527d?arch=amd64\u0026repository_url=registry.redhat.io/container-native-virtualization/vm-import-virtv2v-rhel8\u0026tag=v4.8.0-18"
}
}
}
],
"category": "architecture",
"name": "amd64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/kubernetes-nmstate-handler-rhel8@sha256:3824ad38c9096358a7a901d1a790de5748fa84cb4c755751abe41f924d091d14_amd64 as a component of CNV 4.8 for RHEL 8",
"product_id": "8Base-CNV-4.8:container-native-virtualization/kubernetes-nmstate-handler-rhel8@sha256:3824ad38c9096358a7a901d1a790de5748fa84cb4c755751abe41f924d091d14_amd64"
},
"product_reference": "container-native-virtualization/kubernetes-nmstate-handler-rhel8@sha256:3824ad38c9096358a7a901d1a790de5748fa84cb4c755751abe41f924d091d14_amd64",
"relates_to_product_reference": "8Base-CNV-4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/kubevirt-v2v-conversion@sha256:2f445fac142b49317c7fb819031f2022618274f4fc0cc8e49431afa26bbf5d28_amd64 as a component of CNV 4.8 for RHEL 8",
"product_id": "8Base-CNV-4.8:container-native-virtualization/kubevirt-v2v-conversion@sha256:2f445fac142b49317c7fb819031f2022618274f4fc0cc8e49431afa26bbf5d28_amd64"
},
"product_reference": "container-native-virtualization/kubevirt-v2v-conversion@sha256:2f445fac142b49317c7fb819031f2022618274f4fc0cc8e49431afa26bbf5d28_amd64",
"relates_to_product_reference": "8Base-CNV-4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/kubevirt-vmware@sha256:f0c0f709a55956c330158c5312261b80b954adf9bb2c6c9507406127175eb8c1_amd64 as a component of CNV 4.8 for RHEL 8",
"product_id": "8Base-CNV-4.8:container-native-virtualization/kubevirt-vmware@sha256:f0c0f709a55956c330158c5312261b80b954adf9bb2c6c9507406127175eb8c1_amd64"
},
"product_reference": "container-native-virtualization/kubevirt-vmware@sha256:f0c0f709a55956c330158c5312261b80b954adf9bb2c6c9507406127175eb8c1_amd64",
"relates_to_product_reference": "8Base-CNV-4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/node-maintenance-operator@sha256:a987c89b87c05a96dacabc78bccfb4526536207f0da31383776dba0b77dfad75_amd64 as a component of CNV 4.8 for RHEL 8",
"product_id": "8Base-CNV-4.8:container-native-virtualization/node-maintenance-operator@sha256:a987c89b87c05a96dacabc78bccfb4526536207f0da31383776dba0b77dfad75_amd64"
},
"product_reference": "container-native-virtualization/node-maintenance-operator@sha256:a987c89b87c05a96dacabc78bccfb4526536207f0da31383776dba0b77dfad75_amd64",
"relates_to_product_reference": "8Base-CNV-4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/vm-import-controller-rhel8@sha256:cf7a32623aa1cb88571f9ad762f323d91e02aa851d9e80ebe1d7c6a930fe4f7d_amd64 as a component of CNV 4.8 for RHEL 8",
"product_id": "8Base-CNV-4.8:container-native-virtualization/vm-import-controller-rhel8@sha256:cf7a32623aa1cb88571f9ad762f323d91e02aa851d9e80ebe1d7c6a930fe4f7d_amd64"
},
"product_reference": "container-native-virtualization/vm-import-controller-rhel8@sha256:cf7a32623aa1cb88571f9ad762f323d91e02aa851d9e80ebe1d7c6a930fe4f7d_amd64",
"relates_to_product_reference": "8Base-CNV-4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/vm-import-controller@sha256:cf7a32623aa1cb88571f9ad762f323d91e02aa851d9e80ebe1d7c6a930fe4f7d_amd64 as a component of CNV 4.8 for RHEL 8",
"product_id": "8Base-CNV-4.8:container-native-virtualization/vm-import-controller@sha256:cf7a32623aa1cb88571f9ad762f323d91e02aa851d9e80ebe1d7c6a930fe4f7d_amd64"
},
"product_reference": "container-native-virtualization/vm-import-controller@sha256:cf7a32623aa1cb88571f9ad762f323d91e02aa851d9e80ebe1d7c6a930fe4f7d_amd64",
"relates_to_product_reference": "8Base-CNV-4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/vm-import-operator-rhel8@sha256:d5f101aa6d75dc70af48b74ab8e18b381f6956cb24fb79beaefecd0940233ae6_amd64 as a component of CNV 4.8 for RHEL 8",
"product_id": "8Base-CNV-4.8:container-native-virtualization/vm-import-operator-rhel8@sha256:d5f101aa6d75dc70af48b74ab8e18b381f6956cb24fb79beaefecd0940233ae6_amd64"
},
"product_reference": "container-native-virtualization/vm-import-operator-rhel8@sha256:d5f101aa6d75dc70af48b74ab8e18b381f6956cb24fb79beaefecd0940233ae6_amd64",
"relates_to_product_reference": "8Base-CNV-4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-native-virtualization/vm-import-virtv2v-rhel8@sha256:fdd5a557c189674f9c222154fa38892b4f647b36804b79276b3d39ebfe40527d_amd64 as a component of CNV 4.8 for RHEL 8",
"product_id": "8Base-CNV-4.8:container-native-virtualization/vm-import-virtv2v-rhel8@sha256:fdd5a557c189674f9c222154fa38892b4f647b36804b79276b3d39ebfe40527d_amd64"
},
"product_reference": "container-native-virtualization/vm-import-virtv2v-rhel8@sha256:fdd5a557c189674f9c222154fa38892b4f647b36804b79276b3d39ebfe40527d_amd64",
"relates_to_product_reference": "8Base-CNV-4.8"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2020-27813",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2020-11-27T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1902111"
}
],
"notes": [
{
"category": "description",
"text": "An integer overflow vulnerability exists with the length of websocket frames received via a websocket connection. An attacker could use this flaw to cause a denial of service attack on an HTTP Server allowing websocket connections.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang-github-gorilla-websocket: integer overflow leads to denial of service",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-CNV-4.8:container-native-virtualization/kubernetes-nmstate-handler-rhel8@sha256:3824ad38c9096358a7a901d1a790de5748fa84cb4c755751abe41f924d091d14_amd64",
"8Base-CNV-4.8:container-native-virtualization/kubevirt-v2v-conversion@sha256:2f445fac142b49317c7fb819031f2022618274f4fc0cc8e49431afa26bbf5d28_amd64",
"8Base-CNV-4.8:container-native-virtualization/kubevirt-vmware@sha256:f0c0f709a55956c330158c5312261b80b954adf9bb2c6c9507406127175eb8c1_amd64",
"8Base-CNV-4.8:container-native-virtualization/node-maintenance-operator@sha256:a987c89b87c05a96dacabc78bccfb4526536207f0da31383776dba0b77dfad75_amd64",
"8Base-CNV-4.8:container-native-virtualization/vm-import-controller-rhel8@sha256:cf7a32623aa1cb88571f9ad762f323d91e02aa851d9e80ebe1d7c6a930fe4f7d_amd64",
"8Base-CNV-4.8:container-native-virtualization/vm-import-controller@sha256:cf7a32623aa1cb88571f9ad762f323d91e02aa851d9e80ebe1d7c6a930fe4f7d_amd64",
"8Base-CNV-4.8:container-native-virtualization/vm-import-operator-rhel8@sha256:d5f101aa6d75dc70af48b74ab8e18b381f6956cb24fb79beaefecd0940233ae6_amd64",
"8Base-CNV-4.8:container-native-virtualization/vm-import-virtv2v-rhel8@sha256:fdd5a557c189674f9c222154fa38892b4f647b36804b79276b3d39ebfe40527d_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-27813"
},
{
"category": "external",
"summary": "RHBZ#1902111",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1902111"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-27813",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-27813"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-27813",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-27813"
},
{
"category": "external",
"summary": "https://github.com/gorilla/websocket/security/advisories/GHSA-jf24-p9p9-4rjh",
"url": "https://github.com/gorilla/websocket/security/advisories/GHSA-jf24-p9p9-4rjh"
}
],
"release_date": "2019-08-25T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-CNV-4.8:container-native-virtualization/kubernetes-nmstate-handler-rhel8@sha256:3824ad38c9096358a7a901d1a790de5748fa84cb4c755751abe41f924d091d14_amd64",
"8Base-CNV-4.8:container-native-virtualization/kubevirt-v2v-conversion@sha256:2f445fac142b49317c7fb819031f2022618274f4fc0cc8e49431afa26bbf5d28_amd64",
"8Base-CNV-4.8:container-native-virtualization/kubevirt-vmware@sha256:f0c0f709a55956c330158c5312261b80b954adf9bb2c6c9507406127175eb8c1_amd64",
"8Base-CNV-4.8:container-native-virtualization/node-maintenance-operator@sha256:a987c89b87c05a96dacabc78bccfb4526536207f0da31383776dba0b77dfad75_amd64",
"8Base-CNV-4.8:container-native-virtualization/vm-import-controller-rhel8@sha256:cf7a32623aa1cb88571f9ad762f323d91e02aa851d9e80ebe1d7c6a930fe4f7d_amd64",
"8Base-CNV-4.8:container-native-virtualization/vm-import-controller@sha256:cf7a32623aa1cb88571f9ad762f323d91e02aa851d9e80ebe1d7c6a930fe4f7d_amd64",
"8Base-CNV-4.8:container-native-virtualization/vm-import-operator-rhel8@sha256:d5f101aa6d75dc70af48b74ab8e18b381f6956cb24fb79beaefecd0940233ae6_amd64",
"8Base-CNV-4.8:container-native-virtualization/vm-import-virtv2v-rhel8@sha256:fdd5a557c189674f9c222154fa38892b4f647b36804b79276b3d39ebfe40527d_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:2920"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-CNV-4.8:container-native-virtualization/kubernetes-nmstate-handler-rhel8@sha256:3824ad38c9096358a7a901d1a790de5748fa84cb4c755751abe41f924d091d14_amd64",
"8Base-CNV-4.8:container-native-virtualization/kubevirt-v2v-conversion@sha256:2f445fac142b49317c7fb819031f2022618274f4fc0cc8e49431afa26bbf5d28_amd64",
"8Base-CNV-4.8:container-native-virtualization/kubevirt-vmware@sha256:f0c0f709a55956c330158c5312261b80b954adf9bb2c6c9507406127175eb8c1_amd64",
"8Base-CNV-4.8:container-native-virtualization/node-maintenance-operator@sha256:a987c89b87c05a96dacabc78bccfb4526536207f0da31383776dba0b77dfad75_amd64",
"8Base-CNV-4.8:container-native-virtualization/vm-import-controller-rhel8@sha256:cf7a32623aa1cb88571f9ad762f323d91e02aa851d9e80ebe1d7c6a930fe4f7d_amd64",
"8Base-CNV-4.8:container-native-virtualization/vm-import-controller@sha256:cf7a32623aa1cb88571f9ad762f323d91e02aa851d9e80ebe1d7c6a930fe4f7d_amd64",
"8Base-CNV-4.8:container-native-virtualization/vm-import-operator-rhel8@sha256:d5f101aa6d75dc70af48b74ab8e18b381f6956cb24fb79beaefecd0940233ae6_amd64",
"8Base-CNV-4.8:container-native-virtualization/vm-import-virtv2v-rhel8@sha256:fdd5a557c189674f9c222154fa38892b4f647b36804b79276b3d39ebfe40527d_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang-github-gorilla-websocket: integer overflow leads to denial of service"
},
{
"cve": "CVE-2020-29652",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"discovery_date": "2020-12-17T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1908883"
}
],
"notes": [
{
"category": "description",
"text": "A null pointer dereference vulnerability was found in golang. When using the library\u0027s ssh server without specifying an option for GSSAPIWithMICConfig, it is possible for an attacker to craft an ssh client connection using the `gssapi-with-mic` authentication method and cause the server to panic resulting in a denial of service. The highest threat from this vulnerability is to system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: crypto/ssh: crafted authentication request can lead to nil pointer dereference",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "A large number of products include the affected package, but do not make use of the vulnerable SSH server code. Accordingly, the flaw itself is rated as \"Important\", but these products themselves all have a \"Low\" severity rating.\n\nAdditionally, a number of products include golang.org/x/crypto (or even golang.org/x/crypto/ssh/terminal) but not specifically golang.org/x/crypto/ssh/server.go in the final build. As this would result in a very large number of entries of not affected products, only products which include the ssh server code (golang.org/x/crypto/ssh/server.go) have been represented here. \n\nRed Hat Enterprise Linux 8 container-tools:rhel8/containernetworking-plugins is not affected because although it uses some functionality from golang.org/x/crypto, it does not use or import anything from golang.org/x/crypto/ssh/*.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-CNV-4.8:container-native-virtualization/kubernetes-nmstate-handler-rhel8@sha256:3824ad38c9096358a7a901d1a790de5748fa84cb4c755751abe41f924d091d14_amd64",
"8Base-CNV-4.8:container-native-virtualization/kubevirt-v2v-conversion@sha256:2f445fac142b49317c7fb819031f2022618274f4fc0cc8e49431afa26bbf5d28_amd64",
"8Base-CNV-4.8:container-native-virtualization/kubevirt-vmware@sha256:f0c0f709a55956c330158c5312261b80b954adf9bb2c6c9507406127175eb8c1_amd64",
"8Base-CNV-4.8:container-native-virtualization/node-maintenance-operator@sha256:a987c89b87c05a96dacabc78bccfb4526536207f0da31383776dba0b77dfad75_amd64",
"8Base-CNV-4.8:container-native-virtualization/vm-import-controller-rhel8@sha256:cf7a32623aa1cb88571f9ad762f323d91e02aa851d9e80ebe1d7c6a930fe4f7d_amd64",
"8Base-CNV-4.8:container-native-virtualization/vm-import-controller@sha256:cf7a32623aa1cb88571f9ad762f323d91e02aa851d9e80ebe1d7c6a930fe4f7d_amd64",
"8Base-CNV-4.8:container-native-virtualization/vm-import-operator-rhel8@sha256:d5f101aa6d75dc70af48b74ab8e18b381f6956cb24fb79beaefecd0940233ae6_amd64",
"8Base-CNV-4.8:container-native-virtualization/vm-import-virtv2v-rhel8@sha256:fdd5a557c189674f9c222154fa38892b4f647b36804b79276b3d39ebfe40527d_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-29652"
},
{
"category": "external",
"summary": "RHBZ#1908883",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1908883"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-29652",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-29652"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-29652",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-29652"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/ouZIlBimOsE?pli=1",
"url": "https://groups.google.com/g/golang-announce/c/ouZIlBimOsE?pli=1"
}
],
"release_date": "2020-12-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-CNV-4.8:container-native-virtualization/kubernetes-nmstate-handler-rhel8@sha256:3824ad38c9096358a7a901d1a790de5748fa84cb4c755751abe41f924d091d14_amd64",
"8Base-CNV-4.8:container-native-virtualization/kubevirt-v2v-conversion@sha256:2f445fac142b49317c7fb819031f2022618274f4fc0cc8e49431afa26bbf5d28_amd64",
"8Base-CNV-4.8:container-native-virtualization/kubevirt-vmware@sha256:f0c0f709a55956c330158c5312261b80b954adf9bb2c6c9507406127175eb8c1_amd64",
"8Base-CNV-4.8:container-native-virtualization/node-maintenance-operator@sha256:a987c89b87c05a96dacabc78bccfb4526536207f0da31383776dba0b77dfad75_amd64",
"8Base-CNV-4.8:container-native-virtualization/vm-import-controller-rhel8@sha256:cf7a32623aa1cb88571f9ad762f323d91e02aa851d9e80ebe1d7c6a930fe4f7d_amd64",
"8Base-CNV-4.8:container-native-virtualization/vm-import-controller@sha256:cf7a32623aa1cb88571f9ad762f323d91e02aa851d9e80ebe1d7c6a930fe4f7d_amd64",
"8Base-CNV-4.8:container-native-virtualization/vm-import-operator-rhel8@sha256:d5f101aa6d75dc70af48b74ab8e18b381f6956cb24fb79beaefecd0940233ae6_amd64",
"8Base-CNV-4.8:container-native-virtualization/vm-import-virtv2v-rhel8@sha256:fdd5a557c189674f9c222154fa38892b4f647b36804b79276b3d39ebfe40527d_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:2920"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-CNV-4.8:container-native-virtualization/kubernetes-nmstate-handler-rhel8@sha256:3824ad38c9096358a7a901d1a790de5748fa84cb4c755751abe41f924d091d14_amd64",
"8Base-CNV-4.8:container-native-virtualization/kubevirt-v2v-conversion@sha256:2f445fac142b49317c7fb819031f2022618274f4fc0cc8e49431afa26bbf5d28_amd64",
"8Base-CNV-4.8:container-native-virtualization/kubevirt-vmware@sha256:f0c0f709a55956c330158c5312261b80b954adf9bb2c6c9507406127175eb8c1_amd64",
"8Base-CNV-4.8:container-native-virtualization/node-maintenance-operator@sha256:a987c89b87c05a96dacabc78bccfb4526536207f0da31383776dba0b77dfad75_amd64",
"8Base-CNV-4.8:container-native-virtualization/vm-import-controller-rhel8@sha256:cf7a32623aa1cb88571f9ad762f323d91e02aa851d9e80ebe1d7c6a930fe4f7d_amd64",
"8Base-CNV-4.8:container-native-virtualization/vm-import-controller@sha256:cf7a32623aa1cb88571f9ad762f323d91e02aa851d9e80ebe1d7c6a930fe4f7d_amd64",
"8Base-CNV-4.8:container-native-virtualization/vm-import-operator-rhel8@sha256:d5f101aa6d75dc70af48b74ab8e18b381f6956cb24fb79beaefecd0940233ae6_amd64",
"8Base-CNV-4.8:container-native-virtualization/vm-import-virtv2v-rhel8@sha256:fdd5a557c189674f9c222154fa38892b4f647b36804b79276b3d39ebfe40527d_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang: crypto/ssh: crafted authentication request can lead to nil pointer dereference"
},
{
"cve": "CVE-2021-3114",
"cwe": {
"id": "CWE-682",
"name": "Incorrect Calculation"
},
"discovery_date": "2021-01-21T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1918750"
}
],
"notes": [
{
"category": "description",
"text": "A flaw detected in golang: crypto/elliptic, in which P-224 keys as generated can return incorrect inputs, reducing the strength of the cryptography. The highest threat from this vulnerability is confidentiality and integrity.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: crypto/elliptic: incorrect operations on the P-224 curve",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "OpenShift ServiceMesh (OSSM) 1.1 is Out Of Support Scope (OOSS) for Moderate and Low impact vulnerabilities because it is now in the Maintenance Phase of the support.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-CNV-4.8:container-native-virtualization/kubernetes-nmstate-handler-rhel8@sha256:3824ad38c9096358a7a901d1a790de5748fa84cb4c755751abe41f924d091d14_amd64",
"8Base-CNV-4.8:container-native-virtualization/kubevirt-v2v-conversion@sha256:2f445fac142b49317c7fb819031f2022618274f4fc0cc8e49431afa26bbf5d28_amd64",
"8Base-CNV-4.8:container-native-virtualization/kubevirt-vmware@sha256:f0c0f709a55956c330158c5312261b80b954adf9bb2c6c9507406127175eb8c1_amd64",
"8Base-CNV-4.8:container-native-virtualization/node-maintenance-operator@sha256:a987c89b87c05a96dacabc78bccfb4526536207f0da31383776dba0b77dfad75_amd64",
"8Base-CNV-4.8:container-native-virtualization/vm-import-controller-rhel8@sha256:cf7a32623aa1cb88571f9ad762f323d91e02aa851d9e80ebe1d7c6a930fe4f7d_amd64",
"8Base-CNV-4.8:container-native-virtualization/vm-import-controller@sha256:cf7a32623aa1cb88571f9ad762f323d91e02aa851d9e80ebe1d7c6a930fe4f7d_amd64",
"8Base-CNV-4.8:container-native-virtualization/vm-import-operator-rhel8@sha256:d5f101aa6d75dc70af48b74ab8e18b381f6956cb24fb79beaefecd0940233ae6_amd64",
"8Base-CNV-4.8:container-native-virtualization/vm-import-virtv2v-rhel8@sha256:fdd5a557c189674f9c222154fa38892b4f647b36804b79276b3d39ebfe40527d_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-3114"
},
{
"category": "external",
"summary": "RHBZ#1918750",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1918750"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-3114",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3114"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-3114",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-3114"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/mperVMGa98w",
"url": "https://groups.google.com/g/golang-announce/c/mperVMGa98w"
}
],
"release_date": "2021-01-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-CNV-4.8:container-native-virtualization/kubernetes-nmstate-handler-rhel8@sha256:3824ad38c9096358a7a901d1a790de5748fa84cb4c755751abe41f924d091d14_amd64",
"8Base-CNV-4.8:container-native-virtualization/kubevirt-v2v-conversion@sha256:2f445fac142b49317c7fb819031f2022618274f4fc0cc8e49431afa26bbf5d28_amd64",
"8Base-CNV-4.8:container-native-virtualization/kubevirt-vmware@sha256:f0c0f709a55956c330158c5312261b80b954adf9bb2c6c9507406127175eb8c1_amd64",
"8Base-CNV-4.8:container-native-virtualization/node-maintenance-operator@sha256:a987c89b87c05a96dacabc78bccfb4526536207f0da31383776dba0b77dfad75_amd64",
"8Base-CNV-4.8:container-native-virtualization/vm-import-controller-rhel8@sha256:cf7a32623aa1cb88571f9ad762f323d91e02aa851d9e80ebe1d7c6a930fe4f7d_amd64",
"8Base-CNV-4.8:container-native-virtualization/vm-import-controller@sha256:cf7a32623aa1cb88571f9ad762f323d91e02aa851d9e80ebe1d7c6a930fe4f7d_amd64",
"8Base-CNV-4.8:container-native-virtualization/vm-import-operator-rhel8@sha256:d5f101aa6d75dc70af48b74ab8e18b381f6956cb24fb79beaefecd0940233ae6_amd64",
"8Base-CNV-4.8:container-native-virtualization/vm-import-virtv2v-rhel8@sha256:fdd5a557c189674f9c222154fa38892b4f647b36804b79276b3d39ebfe40527d_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:2920"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"8Base-CNV-4.8:container-native-virtualization/kubernetes-nmstate-handler-rhel8@sha256:3824ad38c9096358a7a901d1a790de5748fa84cb4c755751abe41f924d091d14_amd64",
"8Base-CNV-4.8:container-native-virtualization/kubevirt-v2v-conversion@sha256:2f445fac142b49317c7fb819031f2022618274f4fc0cc8e49431afa26bbf5d28_amd64",
"8Base-CNV-4.8:container-native-virtualization/kubevirt-vmware@sha256:f0c0f709a55956c330158c5312261b80b954adf9bb2c6c9507406127175eb8c1_amd64",
"8Base-CNV-4.8:container-native-virtualization/node-maintenance-operator@sha256:a987c89b87c05a96dacabc78bccfb4526536207f0da31383776dba0b77dfad75_amd64",
"8Base-CNV-4.8:container-native-virtualization/vm-import-controller-rhel8@sha256:cf7a32623aa1cb88571f9ad762f323d91e02aa851d9e80ebe1d7c6a930fe4f7d_amd64",
"8Base-CNV-4.8:container-native-virtualization/vm-import-controller@sha256:cf7a32623aa1cb88571f9ad762f323d91e02aa851d9e80ebe1d7c6a930fe4f7d_amd64",
"8Base-CNV-4.8:container-native-virtualization/vm-import-operator-rhel8@sha256:d5f101aa6d75dc70af48b74ab8e18b381f6956cb24fb79beaefecd0940233ae6_amd64",
"8Base-CNV-4.8:container-native-virtualization/vm-import-virtv2v-rhel8@sha256:fdd5a557c189674f9c222154fa38892b4f647b36804b79276b3d39ebfe40527d_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: crypto/elliptic: incorrect operations on the P-224 curve"
},
{
"cve": "CVE-2021-3121",
"cwe": {
"id": "CWE-129",
"name": "Improper Validation of Array Index"
},
"discovery_date": "2021-01-28T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1921650"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in github.com/gogo/protobuf before 1.3.2 that allows an out-of-bounds access when unmarshalling certain protobuf objects. This flaw allows a remote attacker to send crafted protobuf messages, causing panic and resulting in a denial of service. The highest threat from this vulnerability is to availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "gogo/protobuf: plugin/unmarshal/unmarshal.go lacks certain index validation",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "OpenShift Container Platform (OCP), OpenShift ServiceMesh (OSSM) and Red Hat OpenShift Jaeger (RHOSJ) all include code generated by github.com/gogo/protobuf to parse protobuf messages. However, no component is known to accept protobuf messages from unauthenticated sources, hence this vulnerability is rated Moderate for OCP, OSSM and RHOSJ.\n\nOpenShift Virtualization includes code generated by github.com/gogo/protobuf to parse protobuf messages. However, no component of OpenShift Virtualization is known to accept protobuf messages from unauthenticated sources, hence this vulnerability is rated Moderate.\n\nRed Hat Advanced Cluster Management for Kubernetes (RHACM) includes code generated by github.com/gogo/protobuf to parse protobuf messages. However, no RHACM component is accepting protobuf messages from unauthenticated sources and are used with a limited scope, hence this vulnerability is rated Moderate for RHACM.\n\nRed Hat Cluster Application Migration (CAM) includes code generated by github.com/gogo/protobuf to parse protobuf messages. However, no CAM component is known to accept protobuf messages from unauthenticated sources, hence this vulnerability is rated Moderate for CAM.\n\nCryostat-2 is affected as it does ship gogo/protobuf library with it\u0027s distribution but the only use for Protobuf would be the Kubernetes/OpenShift API server the operator communicates with and it should be authenticated hence it is affected with Moderate impact.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-CNV-4.8:container-native-virtualization/kubernetes-nmstate-handler-rhel8@sha256:3824ad38c9096358a7a901d1a790de5748fa84cb4c755751abe41f924d091d14_amd64",
"8Base-CNV-4.8:container-native-virtualization/kubevirt-v2v-conversion@sha256:2f445fac142b49317c7fb819031f2022618274f4fc0cc8e49431afa26bbf5d28_amd64",
"8Base-CNV-4.8:container-native-virtualization/kubevirt-vmware@sha256:f0c0f709a55956c330158c5312261b80b954adf9bb2c6c9507406127175eb8c1_amd64",
"8Base-CNV-4.8:container-native-virtualization/node-maintenance-operator@sha256:a987c89b87c05a96dacabc78bccfb4526536207f0da31383776dba0b77dfad75_amd64",
"8Base-CNV-4.8:container-native-virtualization/vm-import-controller-rhel8@sha256:cf7a32623aa1cb88571f9ad762f323d91e02aa851d9e80ebe1d7c6a930fe4f7d_amd64",
"8Base-CNV-4.8:container-native-virtualization/vm-import-controller@sha256:cf7a32623aa1cb88571f9ad762f323d91e02aa851d9e80ebe1d7c6a930fe4f7d_amd64",
"8Base-CNV-4.8:container-native-virtualization/vm-import-operator-rhel8@sha256:d5f101aa6d75dc70af48b74ab8e18b381f6956cb24fb79beaefecd0940233ae6_amd64",
"8Base-CNV-4.8:container-native-virtualization/vm-import-virtv2v-rhel8@sha256:fdd5a557c189674f9c222154fa38892b4f647b36804b79276b3d39ebfe40527d_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-3121"
},
{
"category": "external",
"summary": "RHBZ#1921650",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1921650"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-3121",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3121"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-3121",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-3121"
}
],
"release_date": "2021-01-11T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-CNV-4.8:container-native-virtualization/kubernetes-nmstate-handler-rhel8@sha256:3824ad38c9096358a7a901d1a790de5748fa84cb4c755751abe41f924d091d14_amd64",
"8Base-CNV-4.8:container-native-virtualization/kubevirt-v2v-conversion@sha256:2f445fac142b49317c7fb819031f2022618274f4fc0cc8e49431afa26bbf5d28_amd64",
"8Base-CNV-4.8:container-native-virtualization/kubevirt-vmware@sha256:f0c0f709a55956c330158c5312261b80b954adf9bb2c6c9507406127175eb8c1_amd64",
"8Base-CNV-4.8:container-native-virtualization/node-maintenance-operator@sha256:a987c89b87c05a96dacabc78bccfb4526536207f0da31383776dba0b77dfad75_amd64",
"8Base-CNV-4.8:container-native-virtualization/vm-import-controller-rhel8@sha256:cf7a32623aa1cb88571f9ad762f323d91e02aa851d9e80ebe1d7c6a930fe4f7d_amd64",
"8Base-CNV-4.8:container-native-virtualization/vm-import-controller@sha256:cf7a32623aa1cb88571f9ad762f323d91e02aa851d9e80ebe1d7c6a930fe4f7d_amd64",
"8Base-CNV-4.8:container-native-virtualization/vm-import-operator-rhel8@sha256:d5f101aa6d75dc70af48b74ab8e18b381f6956cb24fb79beaefecd0940233ae6_amd64",
"8Base-CNV-4.8:container-native-virtualization/vm-import-virtv2v-rhel8@sha256:fdd5a557c189674f9c222154fa38892b4f647b36804b79276b3d39ebfe40527d_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:2920"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"8Base-CNV-4.8:container-native-virtualization/kubernetes-nmstate-handler-rhel8@sha256:3824ad38c9096358a7a901d1a790de5748fa84cb4c755751abe41f924d091d14_amd64",
"8Base-CNV-4.8:container-native-virtualization/kubevirt-v2v-conversion@sha256:2f445fac142b49317c7fb819031f2022618274f4fc0cc8e49431afa26bbf5d28_amd64",
"8Base-CNV-4.8:container-native-virtualization/kubevirt-vmware@sha256:f0c0f709a55956c330158c5312261b80b954adf9bb2c6c9507406127175eb8c1_amd64",
"8Base-CNV-4.8:container-native-virtualization/node-maintenance-operator@sha256:a987c89b87c05a96dacabc78bccfb4526536207f0da31383776dba0b77dfad75_amd64",
"8Base-CNV-4.8:container-native-virtualization/vm-import-controller-rhel8@sha256:cf7a32623aa1cb88571f9ad762f323d91e02aa851d9e80ebe1d7c6a930fe4f7d_amd64",
"8Base-CNV-4.8:container-native-virtualization/vm-import-controller@sha256:cf7a32623aa1cb88571f9ad762f323d91e02aa851d9e80ebe1d7c6a930fe4f7d_amd64",
"8Base-CNV-4.8:container-native-virtualization/vm-import-operator-rhel8@sha256:d5f101aa6d75dc70af48b74ab8e18b381f6956cb24fb79beaefecd0940233ae6_amd64",
"8Base-CNV-4.8:container-native-virtualization/vm-import-virtv2v-rhel8@sha256:fdd5a557c189674f9c222154fa38892b4f647b36804b79276b3d39ebfe40527d_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "gogo/protobuf: plugin/unmarshal/unmarshal.go lacks certain index validation"
},
{
"cve": "CVE-2021-29482",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2021-04-28T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1954368"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in github.com/ulikunitz/xz. The function readUvarint may not terminate a loop what could lead to denial of service (DoS).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "ulikunitz/xz: Infinite loop in readUvarint allows for denial of service",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "In OpenShift Container Platform (OCP), OpenShift ServiceMesh (OSSM) and Red Hat Advanced Cluster Management for Kubernetes (RHACM) the affected components are behind OpenShift OAuth authentication, therefore the impact is low.\nIn OCP before 4.7 the buildah, skopeo and podman packages include vulnerable version of github.com/ulikunitz/xz, but these OCP releases are already in the Maintenance Phase of the support, hence affected components are marked as wontfix. This may be fixed in the future.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-CNV-4.8:container-native-virtualization/kubernetes-nmstate-handler-rhel8@sha256:3824ad38c9096358a7a901d1a790de5748fa84cb4c755751abe41f924d091d14_amd64",
"8Base-CNV-4.8:container-native-virtualization/kubevirt-v2v-conversion@sha256:2f445fac142b49317c7fb819031f2022618274f4fc0cc8e49431afa26bbf5d28_amd64",
"8Base-CNV-4.8:container-native-virtualization/kubevirt-vmware@sha256:f0c0f709a55956c330158c5312261b80b954adf9bb2c6c9507406127175eb8c1_amd64",
"8Base-CNV-4.8:container-native-virtualization/node-maintenance-operator@sha256:a987c89b87c05a96dacabc78bccfb4526536207f0da31383776dba0b77dfad75_amd64",
"8Base-CNV-4.8:container-native-virtualization/vm-import-controller-rhel8@sha256:cf7a32623aa1cb88571f9ad762f323d91e02aa851d9e80ebe1d7c6a930fe4f7d_amd64",
"8Base-CNV-4.8:container-native-virtualization/vm-import-controller@sha256:cf7a32623aa1cb88571f9ad762f323d91e02aa851d9e80ebe1d7c6a930fe4f7d_amd64",
"8Base-CNV-4.8:container-native-virtualization/vm-import-operator-rhel8@sha256:d5f101aa6d75dc70af48b74ab8e18b381f6956cb24fb79beaefecd0940233ae6_amd64",
"8Base-CNV-4.8:container-native-virtualization/vm-import-virtv2v-rhel8@sha256:fdd5a557c189674f9c222154fa38892b4f647b36804b79276b3d39ebfe40527d_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-29482"
},
{
"category": "external",
"summary": "RHBZ#1954368",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1954368"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-29482",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-29482"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-29482",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-29482"
}
],
"release_date": "2020-08-19T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-CNV-4.8:container-native-virtualization/kubernetes-nmstate-handler-rhel8@sha256:3824ad38c9096358a7a901d1a790de5748fa84cb4c755751abe41f924d091d14_amd64",
"8Base-CNV-4.8:container-native-virtualization/kubevirt-v2v-conversion@sha256:2f445fac142b49317c7fb819031f2022618274f4fc0cc8e49431afa26bbf5d28_amd64",
"8Base-CNV-4.8:container-native-virtualization/kubevirt-vmware@sha256:f0c0f709a55956c330158c5312261b80b954adf9bb2c6c9507406127175eb8c1_amd64",
"8Base-CNV-4.8:container-native-virtualization/node-maintenance-operator@sha256:a987c89b87c05a96dacabc78bccfb4526536207f0da31383776dba0b77dfad75_amd64",
"8Base-CNV-4.8:container-native-virtualization/vm-import-controller-rhel8@sha256:cf7a32623aa1cb88571f9ad762f323d91e02aa851d9e80ebe1d7c6a930fe4f7d_amd64",
"8Base-CNV-4.8:container-native-virtualization/vm-import-controller@sha256:cf7a32623aa1cb88571f9ad762f323d91e02aa851d9e80ebe1d7c6a930fe4f7d_amd64",
"8Base-CNV-4.8:container-native-virtualization/vm-import-operator-rhel8@sha256:d5f101aa6d75dc70af48b74ab8e18b381f6956cb24fb79beaefecd0940233ae6_amd64",
"8Base-CNV-4.8:container-native-virtualization/vm-import-virtv2v-rhel8@sha256:fdd5a557c189674f9c222154fa38892b4f647b36804b79276b3d39ebfe40527d_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:2920"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-CNV-4.8:container-native-virtualization/kubernetes-nmstate-handler-rhel8@sha256:3824ad38c9096358a7a901d1a790de5748fa84cb4c755751abe41f924d091d14_amd64",
"8Base-CNV-4.8:container-native-virtualization/kubevirt-v2v-conversion@sha256:2f445fac142b49317c7fb819031f2022618274f4fc0cc8e49431afa26bbf5d28_amd64",
"8Base-CNV-4.8:container-native-virtualization/kubevirt-vmware@sha256:f0c0f709a55956c330158c5312261b80b954adf9bb2c6c9507406127175eb8c1_amd64",
"8Base-CNV-4.8:container-native-virtualization/node-maintenance-operator@sha256:a987c89b87c05a96dacabc78bccfb4526536207f0da31383776dba0b77dfad75_amd64",
"8Base-CNV-4.8:container-native-virtualization/vm-import-controller-rhel8@sha256:cf7a32623aa1cb88571f9ad762f323d91e02aa851d9e80ebe1d7c6a930fe4f7d_amd64",
"8Base-CNV-4.8:container-native-virtualization/vm-import-controller@sha256:cf7a32623aa1cb88571f9ad762f323d91e02aa851d9e80ebe1d7c6a930fe4f7d_amd64",
"8Base-CNV-4.8:container-native-virtualization/vm-import-operator-rhel8@sha256:d5f101aa6d75dc70af48b74ab8e18b381f6956cb24fb79beaefecd0940233ae6_amd64",
"8Base-CNV-4.8:container-native-virtualization/vm-import-virtv2v-rhel8@sha256:fdd5a557c189674f9c222154fa38892b4f647b36804b79276b3d39ebfe40527d_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "ulikunitz/xz: Infinite loop in readUvarint allows for denial of service"
}
]
}
rhsa-2021_0190
Vulnerability from csaf_redhat
Published
2021-01-19 13:53
Modified
2021-01-19 13:53
Summary
Red Hat Security Advisory: OpenShift Container Platform 4.6 compliance-operator security and bug fix update
Notes
Topic
An update for compliance-content-container, ose-compliance-openscap-container, ose-compliance-operator-container, and ose-compliance-operator-metadata-container is now available for Red Hat OpenShift Container Platform 4.6.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments.
The compliance-operator image updates are now available for OpenShift Container Platform 4.6.
Security Fix(es):
* golang-github-gorilla-websocket: integer overflow leads to denial of service (CVE-2020-27813)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Bug Fix(es):
* Aggregator pod tries to parse ConfigMaps without results (BZ#1899479)
* The compliancesuite object returns error with ocp4-cis tailored profile (BZ#1902251)
* The compliancesuite does not trigger when there are multiple rhcos4 profiles added in scansettingbinding object (BZ#1902634)
* [OCP v46] Not all remediations get applied through machineConfig although the status of all rules shows Applied in ComplianceRemediations object (BZ#1907414)
* The profile parser pod deployment and associated profiles should get removed after upgrade the compliance operator (BZ#1908991)
* Applying the "rhcos4-moderate" compliance profile leads to Ignition error "something else exists at that path" (BZ#1909081)
* [OCP v46] Always update the default profilebundles on Compliance operator startup (BZ#1909122)
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_vex",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 2023 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for compliance-content-container, ose-compliance-openscap-container, ose-compliance-operator-container, and ose-compliance-operator-metadata-container is now available for Red Hat OpenShift Container Platform 4.6.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat OpenShift Container Platform is Red Hat\u0027s cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments.\nThe compliance-operator image updates are now available for OpenShift Container Platform 4.6.\n\nSecurity Fix(es):\n\n* golang-github-gorilla-websocket: integer overflow leads to denial of service (CVE-2020-27813)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nBug Fix(es):\n\n* Aggregator pod tries to parse ConfigMaps without results (BZ#1899479)\n\n* The compliancesuite object returns error with ocp4-cis tailored profile (BZ#1902251)\n\n* The compliancesuite does not trigger when there are multiple rhcos4 profiles added in scansettingbinding object (BZ#1902634)\n\n* [OCP v46] Not all remediations get applied through machineConfig although the status of all rules shows Applied in ComplianceRemediations object (BZ#1907414)\n\n* The profile parser pod deployment and associated profiles should get removed after upgrade the compliance operator (BZ#1908991)\n\n* Applying the \"rhcos4-moderate\" compliance profile leads to Ignition error \"something else exists at that path\" (BZ#1909081)\n\n* [OCP v46] Always update the default profilebundles on Compliance operator startup (BZ#1909122)",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat offerings.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2021:0190",
"url": "https://access.redhat.com/errata/RHSA-2021:0190"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/data/csaf/v2/advisories/2021/rhsa-2021_0190.json"
}
],
"title": "Red Hat Security Advisory: OpenShift Container Platform 4.6 compliance-operator security and bug fix update",
"tracking": {
"current_release_date": "2021-01-19T13:53:00Z",
"generator": {
"date": "2023-07-01T04:30:00Z",
"engine": {
"name": "Red Hat SDEngine",
"version": "3.18.0"
}
},
"id": "RHSA-2021:0190",
"initial_release_date": "2021-01-19T13:53:00Z",
"revision_history": [
{
"date": "2021-01-19T13:53:00Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat OpenShift Container Platform 4.6",
"product": {
"name": "Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift:4.6::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenShift Enterprise"
},
{
"category": "product_version",
"name": "openshift4/compliance-content-rhel8:v4.6.0-20",
"product": {
"name": "openshift4/compliance-content-rhel8:v4.6.0-20",
"product_id": "openshift4/compliance-content-rhel8:v4.6.0-20"
}
},
{
"category": "product_version",
"name": "openshift4/compliance-openscap-rhel8:v4.6.0.scap1.3.4-7",
"product": {
"name": "openshift4/compliance-openscap-rhel8:v4.6.0.scap1.3.4-7",
"product_id": "openshift4/compliance-openscap-rhel8:v4.6.0.scap1.3.4-7"
}
},
{
"category": "product_version",
"name": "openshift4/compliance-rhel8-operator-metadata:v4.6.0.97-1",
"product": {
"name": "openshift4/compliance-rhel8-operator-metadata:v4.6.0.97-1",
"product_id": "openshift4/compliance-rhel8-operator-metadata:v4.6.0.97-1"
}
},
{
"category": "product_version",
"name": "openshift4/compliance-rhel8-operator:v4.6.0-97",
"product": {
"name": "openshift4/compliance-rhel8-operator:v4.6.0-97",
"product_id": "openshift4/compliance-rhel8-operator:v4.6.0-97"
}
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/compliance-content-rhel8:v4.6.0-20 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/compliance-content-rhel8:v4.6.0-20"
},
"product_reference": "openshift4/compliance-content-rhel8:v4.6.0-20",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/compliance-openscap-rhel8:v4.6.0.scap1.3.4-7 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/compliance-openscap-rhel8:v4.6.0.scap1.3.4-7"
},
"product_reference": "openshift4/compliance-openscap-rhel8:v4.6.0.scap1.3.4-7",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/compliance-rhel8-operator-metadata:v4.6.0.97-1 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/compliance-rhel8-operator-metadata:v4.6.0.97-1"
},
"product_reference": "openshift4/compliance-rhel8-operator-metadata:v4.6.0.97-1",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/compliance-rhel8-operator:v4.6.0-97 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/compliance-rhel8-operator:v4.6.0-97"
},
"product_reference": "openshift4/compliance-rhel8-operator:v4.6.0-97",
"relates_to_product_reference": "8Base-RHOSE-4.6"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2020-27813",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2020-11-27T00:00:00Z",
"flags": [
{
"label": "component_not_present",
"product_ids": [
"8Base-RHOSE-4.6:openshift4/compliance-content-rhel8:v4.6.0-20",
"8Base-RHOSE-4.6:openshift4/compliance-openscap-rhel8:v4.6.0.scap1.3.4-7"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla",
"text": "https://bugzilla.redhat.com/show_bug.cgi?id=1902111"
}
],
"notes": [
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
},
{
"category": "description",
"text": "An integer overflow vulnerability exists with the length of websocket frames received via a websocket connection. An attacker could use this flaw to cause a denial of service attack on an HTTP Server allowing websocket connections.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang-github-gorilla-websocket: integer overflow leads to denial of service",
"title": "Vulnerability summary"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-4.6:openshift4/compliance-rhel8-operator-metadata:v4.6.0.97-1",
"8Base-RHOSE-4.6:openshift4/compliance-rhel8-operator:v4.6.0-97"
],
"known_not_affected": [
"8Base-RHOSE-4.6:openshift4/compliance-content-rhel8:v4.6.0-20",
"8Base-RHOSE-4.6:openshift4/compliance-openscap-rhel8:v4.6.0.scap1.3.4-7"
]
},
"references": [
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-27813",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-27813"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-27813",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-27813"
},
{
"category": "external",
"summary": "https://github.com/gorilla/websocket/security/advisories/GHSA-jf24-p9p9-4rjh",
"url": "https://github.com/gorilla/websocket/security/advisories/GHSA-jf24-p9p9-4rjh"
},
{
"category": "external",
"summary": "CVE-2020-27813",
"url": "https://access.redhat.com/security/cve/CVE-2020-27813"
},
{
"category": "external",
"summary": "bz#1902111: CVE-2020-27813 golang-github-gorilla-websocket: integer overflow leads to denial of service",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1902111"
}
],
"release_date": "2019-08-25T00:00:00Z",
"remediations": [
{
"category": "vendor_fix",
"details": "For OpenShift Container Platform 4.6 see the following documentation, which\nwill be updated shortly for this release, for important instructions on how\nto upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.6/release_notes/ocp-4-6-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.6/updating/updating-cluster-cli.html.",
"product_ids": [
"8Base-RHOSE-4.6:openshift4/compliance-rhel8-operator-metadata:v4.6.0.97-1",
"8Base-RHOSE-4.6:openshift4/compliance-rhel8-operator:v4.6.0-97"
],
"url": "https://access.redhat.com/errata/RHSA-2021:0190"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RHOSE-4.6:openshift4/compliance-rhel8-operator-metadata:v4.6.0.97-1",
"8Base-RHOSE-4.6:openshift4/compliance-rhel8-operator:v4.6.0-97"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-11-27T00:00:00Z",
"details": "Moderate"
}
],
"title": "CVE-2020-27813 golang-github-gorilla-websocket: integer overflow leads to denial of service"
}
]
}
ghsa-3xh2-74w9-5vxm
Vulnerability from github
Published
2021-05-18 21:08
Modified
2023-02-09 19:37
Severity
Summary
Integer overflow in github.com/gorilla/websocket
Details
An integer overflow vulnerability exists with the length of websocket frames received via a websocket connection. An attacker would use this flaw to cause a denial of service attack on an HTTP Server allowing websocket connections.
{
"affected": [
{
"package": {
"ecosystem": "Go",
"name": "github.com/gorilla/websocket"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.4.1"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2020-27813"
],
"database_specific": {
"cwe_ids": [
"CWE-190",
"CWE-400"
],
"github_reviewed": true,
"github_reviewed_at": "2021-05-18T20:56:17Z",
"nvd_published_at": "2020-12-02T01:15:12Z",
"severity": "HIGH"
},
"details": "An integer overflow vulnerability exists with the length of websocket frames received via a websocket connection. An attacker would use this flaw to cause a denial of service attack on an HTTP Server allowing websocket connections.",
"id": "GHSA-3xh2-74w9-5vxm",
"modified": "2023-02-09T19:37:02Z",
"published": "2021-05-18T21:08:02Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/gorilla/websocket/security/advisories/GHSA-jf24-p9p9-4rjh"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-27813"
},
{
"type": "WEB",
"url": "https://github.com/gorilla/websocket/pull/537"
},
{
"type": "WEB",
"url": "https://github.com/gorilla/websocket/commit/5b740c29263eb386f33f265561c8262522f19d37"
},
{
"type": "WEB",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1902111"
},
{
"type": "PACKAGE",
"url": "https://github.com/gorilla/websocket"
},
{
"type": "WEB",
"url": "https://lists.debian.org/debian-lts-announce/2021/01/msg00008.html"
},
{
"type": "WEB",
"url": "https://pkg.go.dev/vuln/GO-2020-0019"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
],
"summary": "Integer overflow in github.com/gorilla/websocket"
}
gsd-2020-27813
Vulnerability from gsd
Modified
2023-12-13 01:22
Details
An integer overflow vulnerability exists with the length of websocket frames received via a websocket connection. An attacker would use this flaw to cause a denial of service attack on an HTTP Server allowing websocket connections.
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2020-27813",
"description": "An integer overflow vulnerability exists with the length of websocket frames received via a websocket connection. An attacker would use this flaw to cause a denial of service attack on an HTTP Server allowing websocket connections.",
"id": "GSD-2020-27813",
"references": [
"https://access.redhat.com/errata/RHSA-2021:2920",
"https://access.redhat.com/errata/RHSA-2021:1561",
"https://access.redhat.com/errata/RHSA-2021:0833",
"https://access.redhat.com/errata/RHSA-2021:0799",
"https://access.redhat.com/errata/RHSA-2021:0190",
"https://access.redhat.com/errata/RHSA-2021:0187",
"https://access.redhat.com/errata/RHSA-2021:0100",
"https://access.redhat.com/errata/RHSA-2020:5633",
"https://access.redhat.com/errata/RHSA-2020:5364"
]
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2020-27813"
],
"details": "An integer overflow vulnerability exists with the length of websocket frames received via a websocket connection. An attacker would use this flaw to cause a denial of service attack on an HTTP Server allowing websocket connections.",
"id": "GSD-2020-27813",
"modified": "2023-12-13T01:22:11.088774Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2020-27813",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "golang-github-gorilla-websocket",
"version": {
"version_data": [
{
"version_value": "github.com/gorilla/websocket v1.4.1"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An integer overflow vulnerability exists with the length of websocket frames received via a websocket connection. An attacker would use this flaw to cause a denial of service attack on an HTTP Server allowing websocket connections."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-190-\u003eCWE-400"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1902111",
"refsource": "MISC",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1902111"
},
{
"name": "https://github.com/gorilla/websocket/security/advisories/GHSA-jf24-p9p9-4rjh",
"refsource": "MISC",
"url": "https://github.com/gorilla/websocket/security/advisories/GHSA-jf24-p9p9-4rjh"
},
{
"name": "[debian-lts-announce] 20210106 [SECURITY] [DLA 2520-1] golang-websocket security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2021/01/msg00008.html"
},
{
"name": "[debian-lts-announce] 20230513 [SECURITY] [DLA 3420-1] golang-websocket security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2023/05/msg00012.html"
}
]
}
},
"gitlab.com": {
"advisories": [
{
"affected_range": "\u003cv1.4.1",
"affected_versions": "All versions before 1.4.1",
"cvss_v2": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"cvss_v3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"cwe_ids": [
"CWE-1035",
"CWE-190",
"CWE-400",
"CWE-937"
],
"date": "2021-02-25",
"description": "An integer overflow vulnerability exists with the length of websocket frames received via a websocket connection. An attacker would use this flaw to cause a denial of service attack on an HTTP Server allowing websocket connections.",
"fixed_versions": [
"v1.4.1"
],
"identifier": "CVE-2020-27813",
"identifiers": [
"CVE-2020-27813",
"GHSA-jf24-p9p9-4rjh"
],
"not_impacted": "All versions starting from 1.4.1",
"package_slug": "go/github.com/gorilla/websocket",
"pubdate": "2020-12-02",
"solution": "Upgrade to version 1.4.1 or above.",
"title": "Integer Overflow or Wraparound",
"urls": [
"https://nvd.nist.gov/vuln/detail/CVE-2020-27813",
"https://bugzilla.redhat.com/show_bug.cgi?id=1902111"
],
"uuid": "cb3d04d8-7c79-4a28-bcf8-b195de046732",
"versions": [
{
"commit": {
"sha": "c3e18be99d19e6b3e8f1559eea2c161a665c4b6b",
"tags": [
"v1.4.1"
],
"timestamp": "20190825012011"
},
"number": "v1.4.1"
}
]
}
]
},
"nvd.nist.gov": {
"configurations": {
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:gorillatoolkit:websocket:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "1.4.1",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
},
"cve": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2020-27813"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "en",
"value": "An integer overflow vulnerability exists with the length of websocket frames received via a websocket connection. An attacker would use this flaw to cause a denial of service attack on an HTTP Server allowing websocket connections."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "en",
"value": "CWE-190"
},
{
"lang": "en",
"value": "CWE-400"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1902111",
"refsource": "MISC",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1902111"
},
{
"name": "https://github.com/gorilla/websocket/security/advisories/GHSA-jf24-p9p9-4rjh",
"refsource": "MISC",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/gorilla/websocket/security/advisories/GHSA-jf24-p9p9-4rjh"
},
{
"name": "[debian-lts-announce] 20210106 [SECURITY] [DLA 2520-1] golang-websocket security update",
"refsource": "MLIST",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2021/01/msg00008.html"
},
{
"name": "[debian-lts-announce] 20230513 [SECURITY] [DLA 3420-1] golang-websocket security update",
"refsource": "MLIST",
"tags": [],
"url": "https://lists.debian.org/debian-lts-announce/2023/05/msg00012.html"
}
]
}
},
"impact": {
"baseMetricV2": {
"acInsufInfo": false,
"cvssV2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"userInteractionRequired": false
},
"baseMetricV3": {
"cvssV3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
},
"lastModifiedDate": "2023-05-14T01:15Z",
"publishedDate": "2020-12-02T01:15Z"
}
}
}
Loading...