rhsa-2020_4298
Vulnerability from csaf_redhat
Published
2020-10-27 16:22
Modified
2020-10-28 00:41
Summary
Red Hat Security Advisory: OpenShift Container Platform 4.6.1 image security update
Notes
Topic
An update is now available for Red Hat OpenShift Container Platform 4.6.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat OpenShift Container Platform is Red Hat's cloud computing
Kubernetes application platform solution designed for on-premise or private
cloud deployments.
Security Fix(es):
* golang.org/x/crypto: Processing of crafted ssh-ed25519 public keys allows for panic (CVE-2020-9283)
* SSL/TLS: CBC padding timing attack (lucky-13) (CVE-2013-0169)
* grafana: XSS vulnerability via a column style on the "Dashboard > Table Panel" screen (CVE-2018-18624)
* js-jquery: prototype pollution in object's prototype leading to denial of service or remote code execution or property injection (CVE-2019-11358)
* npm-serialize-javascript: XSS via unsafe characters in serialized regular expressions (CVE-2019-16769)
* kibana: Prototype pollution in TSVB could result in arbitrary code execution (ESA-2020-06) (CVE-2020-7013)
* nodejs-minimist: prototype pollution allows adding or modifying properties of Object.prototype using a constructor or __proto__ payload (CVE-2020-7598)
* npmjs-websocket-extensions: ReDoS vulnerability in Sec-WebSocket-Extensions parser (CVE-2020-7662)
* nodejs-lodash: prototype pollution in zipObjectDeep function (CVE-2020-8203)
* jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method (CVE-2020-11022)
* jQuery: passing HTML containing <option> elements to manipulation methods could result in untrusted code execution (CVE-2020-11023)
* grafana: stored XSS (CVE-2020-11110)
* grafana: XSS annotation popup vulnerability (CVE-2020-12052)
* grafana: XSS via column.title or cellLinkTooltip (CVE-2020-12245)
* nodejs-elliptic: improper encoding checks allows a certain degree of signature malleability in ECDSA signatures (CVE-2020-13822)
* golang.org/x/text: possibility to trigger an infinite loop in encoding/unicode could lead to crash (CVE-2020-14040)
* nodejs-ajv: prototype pollution via crafted JSON schema in ajv.validate function (CVE-2020-15366)
* openshift/console: text injection on error page via crafted url (CVE-2020-10715)
* kibana: X-Frame-Option not set by default might lead to clickjacking (CVE-2020-10743)
* openshift: restricted SCC allows pods to craft custom network packets (CVE-2020-14336)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_vex",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 2023 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update is now available for Red Hat OpenShift Container Platform 4.6.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat OpenShift Container Platform is Red Hat\u0027s cloud computing\nKubernetes application platform solution designed for on-premise or private\ncloud deployments.\n\nSecurity Fix(es):\n\n* golang.org/x/crypto: Processing of crafted ssh-ed25519 public keys allows for panic (CVE-2020-9283)\n\n* SSL/TLS: CBC padding timing attack (lucky-13) (CVE-2013-0169)\n\n* grafana: XSS vulnerability via a column style on the \"Dashboard \u003e Table Panel\" screen (CVE-2018-18624)\n\n* js-jquery: prototype pollution in object\u0027s prototype leading to denial of service or remote code execution or property injection (CVE-2019-11358)\n\n* npm-serialize-javascript: XSS via unsafe characters in serialized regular expressions (CVE-2019-16769)\n\n* kibana: Prototype pollution in TSVB could result in arbitrary code execution (ESA-2020-06) (CVE-2020-7013)\n\n* nodejs-minimist: prototype pollution allows adding or modifying properties of Object.prototype using a constructor or __proto__ payload (CVE-2020-7598)\n\n* npmjs-websocket-extensions: ReDoS vulnerability in Sec-WebSocket-Extensions parser (CVE-2020-7662)\n\n* nodejs-lodash: prototype pollution in zipObjectDeep function (CVE-2020-8203)\n\n* jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method (CVE-2020-11022)\n\n* jQuery: passing HTML containing \u003coption\u003e elements to manipulation methods could result in untrusted code execution (CVE-2020-11023)\n\n* grafana: stored XSS (CVE-2020-11110)\n\n* grafana: XSS annotation popup vulnerability (CVE-2020-12052)\n\n* grafana: XSS via column.title or cellLinkTooltip (CVE-2020-12245)\n\n* nodejs-elliptic: improper encoding checks allows a certain degree of signature malleability in ECDSA signatures (CVE-2020-13822)\n\n* golang.org/x/text: possibility to trigger an infinite loop in encoding/unicode could lead to crash (CVE-2020-14040)\n\n* nodejs-ajv: prototype pollution via crafted JSON schema in ajv.validate function (CVE-2020-15366)\n\n* openshift/console: text injection on error page via crafted url (CVE-2020-10715)\n\n* kibana: X-Frame-Option not set by default might lead to clickjacking (CVE-2020-10743)\n\n* openshift: restricted SCC allows pods to craft custom network packets (CVE-2020-14336)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat offerings.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2020:4298",
"url": "https://access.redhat.com/errata/RHSA-2020:4298"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/data/csaf/v2/advisories/2020/rhsa-2020_4298.json"
}
],
"title": "Red Hat Security Advisory: OpenShift Container Platform 4.6.1 image security update",
"tracking": {
"current_release_date": "2020-10-28T00:41:00Z",
"generator": {
"date": "2023-07-01T04:17:00Z",
"engine": {
"name": "Red Hat SDEngine",
"version": "3.18.0"
}
},
"id": "RHSA-2020:4298",
"initial_release_date": "2020-10-27T16:22:00Z",
"revision_history": [
{
"date": "2020-10-28T00:41:00Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat OpenShift Container Platform 4.6",
"product": {
"name": "Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift:4.6::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenShift Enterprise"
},
{
"category": "product_version",
"name": "openshift4/ose-ansible-operator:v4.6.0-202010200139.p0",
"product": {
"name": "openshift4/ose-ansible-operator:v4.6.0-202010200139.p0",
"product_id": "openshift4/ose-ansible-operator:v4.6.0-202010200139.p0"
}
},
{
"category": "product_version",
"name": "openshift4/ose-aws-machine-controllers:v4.6.0-202010061132.p0",
"product": {
"name": "openshift4/ose-aws-machine-controllers:v4.6.0-202010061132.p0",
"product_id": "openshift4/ose-aws-machine-controllers:v4.6.0-202010061132.p0"
}
},
{
"category": "product_version",
"name": "openshift4/ose-azure-machine-controllers:v4.6.0-202010061132.p0",
"product": {
"name": "openshift4/ose-azure-machine-controllers:v4.6.0-202010061132.p0",
"product_id": "openshift4/ose-azure-machine-controllers:v4.6.0-202010061132.p0"
}
},
{
"category": "product_version",
"name": "openshift4/ose-baremetal-machine-controllers:v4.6.0-202010061132.p0",
"product": {
"name": "openshift4/ose-baremetal-machine-controllers:v4.6.0-202010061132.p0",
"product_id": "openshift4/ose-baremetal-machine-controllers:v4.6.0-202010061132.p0"
}
},
{
"category": "product_version",
"name": "openshift4/ose-baremetal-rhel8-operator:v4.6.0-202010061132.p0",
"product": {
"name": "openshift4/ose-baremetal-rhel8-operator:v4.6.0-202010061132.p0",
"product_id": "openshift4/ose-baremetal-rhel8-operator:v4.6.0-202010061132.p0"
}
},
{
"category": "product_version",
"name": "openshift4/ose-baremetal-runtimecfg-rhel8:v4.6.0-202010061132.p0",
"product": {
"name": "openshift4/ose-baremetal-runtimecfg-rhel8:v4.6.0-202010061132.p0",
"product_id": "openshift4/ose-baremetal-runtimecfg-rhel8:v4.6.0-202010061132.p0"
}
},
{
"category": "product_version",
"name": "openshift4/ose-cli-artifacts:v4.6.0-202010080605.p0",
"product": {
"name": "openshift4/ose-cli-artifacts:v4.6.0-202010080605.p0",
"product_id": "openshift4/ose-cli-artifacts:v4.6.0-202010080605.p0"
}
},
{
"category": "product_version",
"name": "openshift4/ose-cli:v4.6.0-202010080605.p0",
"product": {
"name": "openshift4/ose-cli:v4.6.0-202010080605.p0",
"product_id": "openshift4/ose-cli:v4.6.0-202010080605.p0"
}
},
{
"category": "product_version",
"name": "openshift4/ose-cloud-credential-operator:v4.6.0-202010061132.p0",
"product": {
"name": "openshift4/ose-cloud-credential-operator:v4.6.0-202010061132.p0",
"product_id": "openshift4/ose-cloud-credential-operator:v4.6.0-202010061132.p0"
}
},
{
"category": "product_version",
"name": "openshift4/ose-cluster-authentication-operator:v4.6.0-202010061132.p0",
"product": {
"name": "openshift4/ose-cluster-authentication-operator:v4.6.0-202010061132.p0",
"product_id": "openshift4/ose-cluster-authentication-operator:v4.6.0-202010061132.p0"
}
},
{
"category": "product_version",
"name": "openshift4/ose-cluster-autoscaler-operator:v4.6.0-202010061132.p0",
"product": {
"name": "openshift4/ose-cluster-autoscaler-operator:v4.6.0-202010061132.p0",
"product_id": "openshift4/ose-cluster-autoscaler-operator:v4.6.0-202010061132.p0"
}
},
{
"category": "product_version",
"name": "openshift4/ose-cluster-autoscaler:v4.6.0-202009291152.p0",
"product": {
"name": "openshift4/ose-cluster-autoscaler:v4.6.0-202009291152.p0",
"product_id": "openshift4/ose-cluster-autoscaler:v4.6.0-202009291152.p0"
}
},
{
"category": "product_version",
"name": "openshift4/ose-cluster-capacity:v4.6.0-202010200139.p0",
"product": {
"name": "openshift4/ose-cluster-capacity:v4.6.0-202010200139.p0",
"product_id": "openshift4/ose-cluster-capacity:v4.6.0-202010200139.p0"
}
},
{
"category": "product_version",
"name": "openshift4/ose-cluster-config-operator:v4.6.0-202010061132.p0",
"product": {
"name": "openshift4/ose-cluster-config-operator:v4.6.0-202010061132.p0",
"product_id": "openshift4/ose-cluster-config-operator:v4.6.0-202010061132.p0"
}
},
{
"category": "product_version",
"name": "openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator:v4.6.0-202010061132.p0",
"product": {
"name": "openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator:v4.6.0-202010061132.p0",
"product_id": "openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator:v4.6.0-202010061132.p0"
}
},
{
"category": "product_version",
"name": "openshift4/ose-cluster-dns-operator:v4.6.0-202010061132.p0",
"product": {
"name": "openshift4/ose-cluster-dns-operator:v4.6.0-202010061132.p0",
"product_id": "openshift4/ose-cluster-dns-operator:v4.6.0-202010061132.p0"
}
},
{
"category": "product_version",
"name": "openshift4/ose-cluster-etcd-rhel8-operator:v4.6.0-202010062159.p0",
"product": {
"name": "openshift4/ose-cluster-etcd-rhel8-operator:v4.6.0-202010062159.p0",
"product_id": "openshift4/ose-cluster-etcd-rhel8-operator:v4.6.0-202010062159.p0"
}
},
{
"category": "product_version",
"name": "openshift4/ose-cluster-image-registry-operator:v4.6.0-202010061132.p0",
"product": {
"name": "openshift4/ose-cluster-image-registry-operator:v4.6.0-202010061132.p0",
"product_id": "openshift4/ose-cluster-image-registry-operator:v4.6.0-202010061132.p0"
}
},
{
"category": "product_version",
"name": "openshift4/ose-cluster-kube-apiserver-operator:v4.6.0-202010090300.p0",
"product": {
"name": "openshift4/ose-cluster-kube-apiserver-operator:v4.6.0-202010090300.p0",
"product_id": "openshift4/ose-cluster-kube-apiserver-operator:v4.6.0-202010090300.p0"
}
},
{
"category": "product_version",
"name": "openshift4/ose-cluster-kube-controller-manager-operator:v4.6.0-202010081538.p0",
"product": {
"name": "openshift4/ose-cluster-kube-controller-manager-operator:v4.6.0-202010081538.p0",
"product_id": "openshift4/ose-cluster-kube-controller-manager-operator:v4.6.0-202010081538.p0"
}
},
{
"category": "product_version",
"name": "openshift4/ose-cluster-kube-descheduler-operator:v4.6.0-202010200139.p0",
"product": {
"name": "openshift4/ose-cluster-kube-descheduler-operator:v4.6.0-202010200139.p0",
"product_id": "openshift4/ose-cluster-kube-descheduler-operator:v4.6.0-202010200139.p0"
}
},
{
"category": "product_version",
"name": "openshift4/ose-cluster-kube-descheduler-rhel8-operator:v4.6.0-202010200139.p0",
"product": {
"name": "openshift4/ose-cluster-kube-descheduler-rhel8-operator:v4.6.0-202010200139.p0",
"product_id": "openshift4/ose-cluster-kube-descheduler-rhel8-operator:v4.6.0-202010200139.p0"
}
},
{
"category": "product_version",
"name": "openshift4/ose-cluster-kube-scheduler-operator:v4.6.0-202010061132.p0",
"product": {
"name": "openshift4/ose-cluster-kube-scheduler-operator:v4.6.0-202010061132.p0",
"product_id": "openshift4/ose-cluster-kube-scheduler-operator:v4.6.0-202010061132.p0"
}
},
{
"category": "product_version",
"name": "openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator:v4.6.0-202010061132.p0",
"product": {
"name": "openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator:v4.6.0-202010061132.p0",
"product_id": "openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator:v4.6.0-202010061132.p0"
}
},
{
"category": "product_version",
"name": "openshift4/ose-cluster-machine-approver:v4.6.0-202010061132.p0",
"product": {
"name": "openshift4/ose-cluster-machine-approver:v4.6.0-202010061132.p0",
"product_id": "openshift4/ose-cluster-machine-approver:v4.6.0-202010061132.p0"
}
},
{
"category": "product_version",
"name": "openshift4/ose-cluster-openshift-apiserver-operator:v4.6.0-202010061132.p0",
"product": {
"name": "openshift4/ose-cluster-openshift-apiserver-operator:v4.6.0-202010061132.p0",
"product_id": "openshift4/ose-cluster-openshift-apiserver-operator:v4.6.0-202010061132.p0"
}
},
{
"category": "product_version",
"name": "openshift4/ose-cluster-openshift-controller-manager-operator:v4.6.0-202010061132.p0",
"product": {
"name": "openshift4/ose-cluster-openshift-controller-manager-operator:v4.6.0-202010061132.p0",
"product_id": "openshift4/ose-cluster-openshift-controller-manager-operator:v4.6.0-202010061132.p0"
}
},
{
"category": "product_version",
"name": "openshift4/ose-cluster-policy-controller-rhel8:v4.6.0-202010061132.p0",
"product": {
"name": "openshift4/ose-cluster-policy-controller-rhel8:v4.6.0-202010061132.p0",
"product_id": "openshift4/ose-cluster-policy-controller-rhel8:v4.6.0-202010061132.p0"
}
},
{
"category": "product_version",
"name": "openshift4/ose-cluster-samples-operator:v4.6.0-202009290409.p0",
"product": {
"name": "openshift4/ose-cluster-samples-operator:v4.6.0-202009290409.p0",
"product_id": "openshift4/ose-cluster-samples-operator:v4.6.0-202009290409.p0"
}
},
{
"category": "product_version",
"name": "openshift4/ose-cluster-storage-operator:v4.6.0-202010061132.p0",
"product": {
"name": "openshift4/ose-cluster-storage-operator:v4.6.0-202010061132.p0",
"product_id": "openshift4/ose-cluster-storage-operator:v4.6.0-202010061132.p0"
}
},
{
"category": "product_version",
"name": "openshift4/ose-console-operator:v4.6.0-202010061132.p0",
"product": {
"name": "openshift4/ose-console-operator:v4.6.0-202010061132.p0",
"product_id": "openshift4/ose-console-operator:v4.6.0-202010061132.p0"
}
},
{
"category": "product_version",
"name": "openshift4/ose-console:v4.6.0-202010100121.p0",
"product": {
"name": "openshift4/ose-console:v4.6.0-202010100121.p0",
"product_id": "openshift4/ose-console:v4.6.0-202010100121.p0"
}
},
{
"category": "product_version",
"name": "openshift4/ose-coredns:v4.6.0-202010061132.p0",
"product": {
"name": "openshift4/ose-coredns:v4.6.0-202010061132.p0",
"product_id": "openshift4/ose-coredns:v4.6.0-202010061132.p0"
}
},
{
"category": "product_version",
"name": "openshift4/ose-csi-external-attacher-rhel8:v4.6.0-202010061132.p0",
"product": {
"name": "openshift4/ose-csi-external-attacher-rhel8:v4.6.0-202010061132.p0",
"product_id": "openshift4/ose-csi-external-attacher-rhel8:v4.6.0-202010061132.p0"
}
},
{
"category": "product_version",
"name": "openshift4/ose-csi-external-attacher:v4.6.0-202010061132.p0",
"product": {
"name": "openshift4/ose-csi-external-attacher:v4.6.0-202010061132.p0",
"product_id": "openshift4/ose-csi-external-attacher:v4.6.0-202010061132.p0"
}
},
{
"category": "product_version",
"name": "openshift4/ose-csi-external-provisioner-rhel8:v4.6.0-202010061132.p0",
"product": {
"name": "openshift4/ose-csi-external-provisioner-rhel8:v4.6.0-202010061132.p0",
"product_id": "openshift4/ose-csi-external-provisioner-rhel8:v4.6.0-202010061132.p0"
}
},
{
"category": "product_version",
"name": "openshift4/ose-csi-external-provisioner:v4.6.0-202010061132.p0",
"product": {
"name": "openshift4/ose-csi-external-provisioner:v4.6.0-202010061132.p0",
"product_id": "openshift4/ose-csi-external-provisioner:v4.6.0-202010061132.p0"
}
},
{
"category": "product_version",
"name": "openshift4/ose-csi-external-resizer-rhel8:v4.6.0-202010061132.p0",
"product": {
"name": "openshift4/ose-csi-external-resizer-rhel8:v4.6.0-202010061132.p0",
"product_id": "openshift4/ose-csi-external-resizer-rhel8:v4.6.0-202010061132.p0"
}
},
{
"category": "product_version",
"name": "openshift4/ose-csi-external-resizer:v4.6.0-202010061132.p0",
"product": {
"name": "openshift4/ose-csi-external-resizer:v4.6.0-202010061132.p0",
"product_id": "openshift4/ose-csi-external-resizer:v4.6.0-202010061132.p0"
}
},
{
"category": "product_version",
"name": "openshift4/ose-csi-external-snapshotter-rhel8:v4.6.0-202010061132.p0",
"product": {
"name": "openshift4/ose-csi-external-snapshotter-rhel8:v4.6.0-202010061132.p0",
"product_id": "openshift4/ose-csi-external-snapshotter-rhel8:v4.6.0-202010061132.p0"
}
},
{
"category": "product_version",
"name": "openshift4/ose-csi-external-snapshotter:v4.6.0-202010061132.p0",
"product": {
"name": "openshift4/ose-csi-external-snapshotter:v4.6.0-202010061132.p0",
"product_id": "openshift4/ose-csi-external-snapshotter:v4.6.0-202010061132.p0"
}
},
{
"category": "product_version",
"name": "openshift4/ose-csi-livenessprobe-rhel8:v4.6.0-202010061132.p0",
"product": {
"name": "openshift4/ose-csi-livenessprobe-rhel8:v4.6.0-202010061132.p0",
"product_id": "openshift4/ose-csi-livenessprobe-rhel8:v4.6.0-202010061132.p0"
}
},
{
"category": "product_version",
"name": "openshift4/ose-csi-livenessprobe:v4.6.0-202010061132.p0",
"product": {
"name": "openshift4/ose-csi-livenessprobe:v4.6.0-202010061132.p0",
"product_id": "openshift4/ose-csi-livenessprobe:v4.6.0-202010061132.p0"
}
},
{
"category": "product_version",
"name": "openshift4/ose-csi-node-driver-registrar-rhel8:v4.6.0-202010061132.p0",
"product": {
"name": "openshift4/ose-csi-node-driver-registrar-rhel8:v4.6.0-202010061132.p0",
"product_id": "openshift4/ose-csi-node-driver-registrar-rhel8:v4.6.0-202010061132.p0"
}
},
{
"category": "product_version",
"name": "openshift4/ose-csi-node-driver-registrar:v4.6.0-202010061132.p0",
"product": {
"name": "openshift4/ose-csi-node-driver-registrar:v4.6.0-202010061132.p0",
"product_id": "openshift4/ose-csi-node-driver-registrar:v4.6.0-202010061132.p0"
}
},
{
"category": "product_version",
"name": "openshift4/ose-csi-snapshot-controller-rhel8:v4.6.0-202010061132.p0",
"product": {
"name": "openshift4/ose-csi-snapshot-controller-rhel8:v4.6.0-202010061132.p0",
"product_id": "openshift4/ose-csi-snapshot-controller-rhel8:v4.6.0-202010061132.p0"
}
},
{
"category": "product_version",
"name": "openshift4/ose-csi-snapshot-controller:v4.6.0-202010061132.p0",
"product": {
"name": "openshift4/ose-csi-snapshot-controller:v4.6.0-202010061132.p0",
"product_id": "openshift4/ose-csi-snapshot-controller:v4.6.0-202010061132.p0"
}
},
{
"category": "product_version",
"name": "openshift4/ose-descheduler:v4.6.0-202010200139.p0",
"product": {
"name": "openshift4/ose-descheduler:v4.6.0-202010200139.p0",
"product_id": "openshift4/ose-descheduler:v4.6.0-202010200139.p0"
}
},
{
"category": "product_version",
"name": "openshift4/ose-docker-builder:v4.6.0-202010120952.p0",
"product": {
"name": "openshift4/ose-docker-builder:v4.6.0-202010120952.p0",
"product_id": "openshift4/ose-docker-builder:v4.6.0-202010120952.p0"
}
},
{
"category": "product_version",
"name": "openshift4/ose-docker-registry:v4.6.0-202010061132.p0",
"product": {
"name": "openshift4/ose-docker-registry:v4.6.0-202010061132.p0",
"product_id": "openshift4/ose-docker-registry:v4.6.0-202010061132.p0"
}
},
{
"category": "product_version",
"name": "openshift4/ose-elasticsearch-operator:v4.6.0-202010200139.p0",
"product": {
"name": "openshift4/ose-elasticsearch-operator:v4.6.0-202010200139.p0",
"product_id": "openshift4/ose-elasticsearch-operator:v4.6.0-202010200139.p0"
}
},
{
"category": "product_version",
"name": "openshift4/ose-etcd:v4.6.0-202010061132.p0",
"product": {
"name": "openshift4/ose-etcd:v4.6.0-202010061132.p0",
"product_id": "openshift4/ose-etcd:v4.6.0-202010061132.p0"
}
},
{
"category": "product_version",
"name": "openshift4/ose-gcp-machine-controllers-rhel8:v4.6.0-202010061132.p0",
"product": {
"name": "openshift4/ose-gcp-machine-controllers-rhel8:v4.6.0-202010061132.p0",
"product_id": "openshift4/ose-gcp-machine-controllers-rhel8:v4.6.0-202010061132.p0"
}
},
{
"category": "product_version",
"name": "openshift4/ose-grafana:v4.6.0-202010061132.p0",
"product": {
"name": "openshift4/ose-grafana:v4.6.0-202010061132.p0",
"product_id": "openshift4/ose-grafana:v4.6.0-202010061132.p0"
}
},
{
"category": "product_version",
"name": "openshift4/ose-hyperkube:v4.6.0-202010081843.p0",
"product": {
"name": "openshift4/ose-hyperkube:v4.6.0-202010081843.p0",
"product_id": "openshift4/ose-hyperkube:v4.6.0-202010081843.p0"
}
},
{
"category": "product_version",
"name": "openshift4/ose-installer:v4.6.0-202010081843.p0",
"product": {
"name": "openshift4/ose-installer:v4.6.0-202010081843.p0",
"product_id": "openshift4/ose-installer:v4.6.0-202010081843.p0"
}
},
{
"category": "product_version",
"name": "openshift4/ose-kube-rbac-proxy:v4.6.0-202010061132.p0",
"product": {
"name": "openshift4/ose-kube-rbac-proxy:v4.6.0-202010061132.p0",
"product_id": "openshift4/ose-kube-rbac-proxy:v4.6.0-202010061132.p0"
}
},
{
"category": "product_version",
"name": "openshift4/ose-kube-storage-version-migrator-rhel8:v4.6.0-202010061132.p0",
"product": {
"name": "openshift4/ose-kube-storage-version-migrator-rhel8:v4.6.0-202010061132.p0",
"product_id": "openshift4/ose-kube-storage-version-migrator-rhel8:v4.6.0-202010061132.p0"
}
},
{
"category": "product_version",
"name": "openshift4/ose-local-storage-diskmaker:v4.6.0-202010200139.p0",
"product": {
"name": "openshift4/ose-local-storage-diskmaker:v4.6.0-202010200139.p0",
"product_id": "openshift4/ose-local-storage-diskmaker:v4.6.0-202010200139.p0"
}
},
{
"category": "product_version",
"name": "openshift4/ose-local-storage-static-provisioner:v4.6.0-202010061132.p0",
"product": {
"name": "openshift4/ose-local-storage-static-provisioner:v4.6.0-202010061132.p0",
"product_id": "openshift4/ose-local-storage-static-provisioner:v4.6.0-202010061132.p0"
}
},
{
"category": "product_version",
"name": "openshift4/ose-logging-kibana6:v4.6.0-202010200139.p0",
"product": {
"name": "openshift4/ose-logging-kibana6:v4.6.0-202010200139.p0",
"product_id": "openshift4/ose-logging-kibana6:v4.6.0-202010200139.p0"
}
},
{
"category": "product_version",
"name": "openshift4/ose-machine-config-operator:v4.6.0-202010220220.p0",
"product": {
"name": "openshift4/ose-machine-config-operator:v4.6.0-202010220220.p0",
"product_id": "openshift4/ose-machine-config-operator:v4.6.0-202010220220.p0"
}
},
{
"category": "product_version",
"name": "openshift4/ose-mdns-publisher-rhel8:v4.6.0-202010061132.p0",
"product": {
"name": "openshift4/ose-mdns-publisher-rhel8:v4.6.0-202010061132.p0",
"product_id": "openshift4/ose-mdns-publisher-rhel8:v4.6.0-202010061132.p0"
}
},
{
"category": "product_version",
"name": "openshift4/ose-metering-presto:v4.6.0-202010200139.p0",
"product": {
"name": "openshift4/ose-metering-presto:v4.6.0-202010200139.p0",
"product_id": "openshift4/ose-metering-presto:v4.6.0-202010200139.p0"
}
},
{
"category": "product_version",
"name": "openshift4/ose-metering-reporting-operator:v4.6.0-202010200139.p0",
"product": {
"name": "openshift4/ose-metering-reporting-operator:v4.6.0-202010200139.p0",
"product_id": "openshift4/ose-metering-reporting-operator:v4.6.0-202010200139.p0"
}
},
{
"category": "product_version",
"name": "openshift4/ose-multus-admission-controller:v4.6.0-202010061132.p0",
"product": {
"name": "openshift4/ose-multus-admission-controller:v4.6.0-202010061132.p0",
"product_id": "openshift4/ose-multus-admission-controller:v4.6.0-202010061132.p0"
}
},
{
"category": "product_version",
"name": "openshift4/ose-multus-cni:v4.6.0-202010061132.p0",
"product": {
"name": "openshift4/ose-multus-cni:v4.6.0-202010061132.p0",
"product_id": "openshift4/ose-multus-cni:v4.6.0-202010061132.p0"
}
},
{
"category": "product_version",
"name": "openshift4/ose-multus-route-override-cni-rhel8:v4.6.0-202010012244.p0",
"product": {
"name": "openshift4/ose-multus-route-override-cni-rhel8:v4.6.0-202010012244.p0",
"product_id": "openshift4/ose-multus-route-override-cni-rhel8:v4.6.0-202010012244.p0"
}
},
{
"category": "product_version",
"name": "openshift4/ose-multus-whereabouts-ipam-cni-rhel8:v4.6.0-202010011936.p0",
"product": {
"name": "openshift4/ose-multus-whereabouts-ipam-cni-rhel8:v4.6.0-202010011936.p0",
"product_id": "openshift4/ose-multus-whereabouts-ipam-cni-rhel8:v4.6.0-202010011936.p0"
}
},
{
"category": "product_version",
"name": "openshift4/ose-network-metrics-daemon-rhel8:v4.6.0-202010061132.p0",
"product": {
"name": "openshift4/ose-network-metrics-daemon-rhel8:v4.6.0-202010061132.p0",
"product_id": "openshift4/ose-network-metrics-daemon-rhel8:v4.6.0-202010061132.p0"
}
},
{
"category": "product_version",
"name": "openshift4/ose-oauth-apiserver-rhel8:v4.6.0-202010061132.p0",
"product": {
"name": "openshift4/ose-oauth-apiserver-rhel8:v4.6.0-202010061132.p0",
"product_id": "openshift4/ose-oauth-apiserver-rhel8:v4.6.0-202010061132.p0"
}
},
{
"category": "product_version",
"name": "openshift4/ose-oauth-proxy:v4.6.0-202010010929.p0",
"product": {
"name": "openshift4/ose-oauth-proxy:v4.6.0-202010010929.p0",
"product_id": "openshift4/ose-oauth-proxy:v4.6.0-202010010929.p0"
}
},
{
"category": "product_version",
"name": "openshift4/ose-openshift-apiserver-rhel8:v4.6.0-202010061132.p0",
"product": {
"name": "openshift4/ose-openshift-apiserver-rhel8:v4.6.0-202010061132.p0",
"product_id": "openshift4/ose-openshift-apiserver-rhel8:v4.6.0-202010061132.p0"
}
},
{
"category": "product_version",
"name": "openshift4/ose-openshift-controller-manager-rhel8:v4.6.0-202010061132.p0",
"product": {
"name": "openshift4/ose-openshift-controller-manager-rhel8:v4.6.0-202010061132.p0",
"product_id": "openshift4/ose-openshift-controller-manager-rhel8:v4.6.0-202010061132.p0"
}
},
{
"category": "product_version",
"name": "openshift4/ose-operator-lifecycle-manager:v4.6.0-202010130555.p0",
"product": {
"name": "openshift4/ose-operator-lifecycle-manager:v4.6.0-202010130555.p0",
"product_id": "openshift4/ose-operator-lifecycle-manager:v4.6.0-202010130555.p0"
}
},
{
"category": "product_version",
"name": "openshift4/ose-operator-marketplace:v4.6.0-202010081538.p0",
"product": {
"name": "openshift4/ose-operator-marketplace:v4.6.0-202010081538.p0",
"product_id": "openshift4/ose-operator-marketplace:v4.6.0-202010081538.p0"
}
},
{
"category": "product_version",
"name": "openshift4/ose-operator-registry:v4.6.0-202010061132.p0",
"product": {
"name": "openshift4/ose-operator-registry:v4.6.0-202010061132.p0",
"product_id": "openshift4/ose-operator-registry:v4.6.0-202010061132.p0"
}
},
{
"category": "product_version",
"name": "openshift4/ose-prometheus:v4.6.0-202009290409.p0",
"product": {
"name": "openshift4/ose-prometheus:v4.6.0-202009290409.p0",
"product_id": "openshift4/ose-prometheus:v4.6.0-202009290409.p0"
}
},
{
"category": "product_version",
"name": "openshift4/ose-ptp-operator:v4.6.0-202010200139.p0",
"product": {
"name": "openshift4/ose-ptp-operator:v4.6.0-202010200139.p0",
"product_id": "openshift4/ose-ptp-operator:v4.6.0-202010200139.p0"
}
},
{
"category": "product_version",
"name": "openshift4/ose-ptp:v4.6.0-202010200139.p0",
"product": {
"name": "openshift4/ose-ptp:v4.6.0-202010200139.p0",
"product_id": "openshift4/ose-ptp:v4.6.0-202010200139.p0"
}
},
{
"category": "product_version",
"name": "openshift4/ose-service-ca-operator:v4.6.0-202010061132.p0",
"product": {
"name": "openshift4/ose-service-ca-operator:v4.6.0-202010061132.p0",
"product_id": "openshift4/ose-service-ca-operator:v4.6.0-202010061132.p0"
}
},
{
"category": "product_version",
"name": "openshift4/ose-sriov-dp-admission-controller:v4.6.0-202010200139.p0",
"product": {
"name": "openshift4/ose-sriov-dp-admission-controller:v4.6.0-202010200139.p0",
"product_id": "openshift4/ose-sriov-dp-admission-controller:v4.6.0-202010200139.p0"
}
},
{
"category": "product_version",
"name": "openshift4/ose-sriov-network-config-daemon:v4.6.0-202010200139.p0",
"product": {
"name": "openshift4/ose-sriov-network-config-daemon:v4.6.0-202010200139.p0",
"product_id": "openshift4/ose-sriov-network-config-daemon:v4.6.0-202010200139.p0"
}
},
{
"category": "product_version",
"name": "openshift4/ose-sriov-network-device-plugin:v4.6.0-202010200139.p0",
"product": {
"name": "openshift4/ose-sriov-network-device-plugin:v4.6.0-202010200139.p0",
"product_id": "openshift4/ose-sriov-network-device-plugin:v4.6.0-202010200139.p0"
}
},
{
"category": "product_version",
"name": "openshift4/ose-sriov-network-webhook:v4.6.0-202010200139.p0",
"product": {
"name": "openshift4/ose-sriov-network-webhook:v4.6.0-202010200139.p0",
"product_id": "openshift4/ose-sriov-network-webhook:v4.6.0-202010200139.p0"
}
},
{
"category": "product_version",
"name": "openshift4/ose-tests:v4.6.0-202010120952.p0",
"product": {
"name": "openshift4/ose-tests:v4.6.0-202010120952.p0",
"product_id": "openshift4/ose-tests:v4.6.0-202010120952.p0"
}
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-ansible-operator:v4.6.0-202010200139.p0 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-ansible-operator:v4.6.0-202010200139.p0"
},
"product_reference": "openshift4/ose-ansible-operator:v4.6.0-202010200139.p0",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-aws-machine-controllers:v4.6.0-202010061132.p0 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-aws-machine-controllers:v4.6.0-202010061132.p0"
},
"product_reference": "openshift4/ose-aws-machine-controllers:v4.6.0-202010061132.p0",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-azure-machine-controllers:v4.6.0-202010061132.p0 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-azure-machine-controllers:v4.6.0-202010061132.p0"
},
"product_reference": "openshift4/ose-azure-machine-controllers:v4.6.0-202010061132.p0",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-baremetal-machine-controllers:v4.6.0-202010061132.p0 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers:v4.6.0-202010061132.p0"
},
"product_reference": "openshift4/ose-baremetal-machine-controllers:v4.6.0-202010061132.p0",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-baremetal-rhel8-operator:v4.6.0-202010061132.p0 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator:v4.6.0-202010061132.p0"
},
"product_reference": "openshift4/ose-baremetal-rhel8-operator:v4.6.0-202010061132.p0",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-baremetal-runtimecfg-rhel8:v4.6.0-202010061132.p0 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8:v4.6.0-202010061132.p0"
},
"product_reference": "openshift4/ose-baremetal-runtimecfg-rhel8:v4.6.0-202010061132.p0",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cli-artifacts:v4.6.0-202010080605.p0 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-cli-artifacts:v4.6.0-202010080605.p0"
},
"product_reference": "openshift4/ose-cli-artifacts:v4.6.0-202010080605.p0",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cli:v4.6.0-202010080605.p0 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-cli:v4.6.0-202010080605.p0"
},
"product_reference": "openshift4/ose-cli:v4.6.0-202010080605.p0",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cloud-credential-operator:v4.6.0-202010061132.p0 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator:v4.6.0-202010061132.p0"
},
"product_reference": "openshift4/ose-cloud-credential-operator:v4.6.0-202010061132.p0",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cluster-authentication-operator:v4.6.0-202010061132.p0 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator:v4.6.0-202010061132.p0"
},
"product_reference": "openshift4/ose-cluster-authentication-operator:v4.6.0-202010061132.p0",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cluster-autoscaler-operator:v4.6.0-202010061132.p0 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator:v4.6.0-202010061132.p0"
},
"product_reference": "openshift4/ose-cluster-autoscaler-operator:v4.6.0-202010061132.p0",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cluster-autoscaler:v4.6.0-202009291152.p0 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler:v4.6.0-202009291152.p0"
},
"product_reference": "openshift4/ose-cluster-autoscaler:v4.6.0-202009291152.p0",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cluster-capacity:v4.6.0-202010200139.p0 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-cluster-capacity:v4.6.0-202010200139.p0"
},
"product_reference": "openshift4/ose-cluster-capacity:v4.6.0-202010200139.p0",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cluster-config-operator:v4.6.0-202010061132.p0 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator:v4.6.0-202010061132.p0"
},
"product_reference": "openshift4/ose-cluster-config-operator:v4.6.0-202010061132.p0",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator:v4.6.0-202010061132.p0 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator:v4.6.0-202010061132.p0"
},
"product_reference": "openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator:v4.6.0-202010061132.p0",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cluster-dns-operator:v4.6.0-202010061132.p0 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator:v4.6.0-202010061132.p0"
},
"product_reference": "openshift4/ose-cluster-dns-operator:v4.6.0-202010061132.p0",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cluster-etcd-rhel8-operator:v4.6.0-202010062159.p0 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator:v4.6.0-202010062159.p0"
},
"product_reference": "openshift4/ose-cluster-etcd-rhel8-operator:v4.6.0-202010062159.p0",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cluster-image-registry-operator:v4.6.0-202010061132.p0 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator:v4.6.0-202010061132.p0"
},
"product_reference": "openshift4/ose-cluster-image-registry-operator:v4.6.0-202010061132.p0",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cluster-kube-apiserver-operator:v4.6.0-202010090300.p0 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator:v4.6.0-202010090300.p0"
},
"product_reference": "openshift4/ose-cluster-kube-apiserver-operator:v4.6.0-202010090300.p0",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cluster-kube-controller-manager-operator:v4.6.0-202010081538.p0 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator:v4.6.0-202010081538.p0"
},
"product_reference": "openshift4/ose-cluster-kube-controller-manager-operator:v4.6.0-202010081538.p0",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cluster-kube-descheduler-operator:v4.6.0-202010200139.p0 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator:v4.6.0-202010200139.p0"
},
"product_reference": "openshift4/ose-cluster-kube-descheduler-operator:v4.6.0-202010200139.p0",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cluster-kube-descheduler-rhel8-operator:v4.6.0-202010200139.p0 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator:v4.6.0-202010200139.p0"
},
"product_reference": "openshift4/ose-cluster-kube-descheduler-rhel8-operator:v4.6.0-202010200139.p0",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cluster-kube-scheduler-operator:v4.6.0-202010061132.p0 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator:v4.6.0-202010061132.p0"
},
"product_reference": "openshift4/ose-cluster-kube-scheduler-operator:v4.6.0-202010061132.p0",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator:v4.6.0-202010061132.p0 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator:v4.6.0-202010061132.p0"
},
"product_reference": "openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator:v4.6.0-202010061132.p0",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cluster-machine-approver:v4.6.0-202010061132.p0 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver:v4.6.0-202010061132.p0"
},
"product_reference": "openshift4/ose-cluster-machine-approver:v4.6.0-202010061132.p0",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cluster-openshift-apiserver-operator:v4.6.0-202010061132.p0 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator:v4.6.0-202010061132.p0"
},
"product_reference": "openshift4/ose-cluster-openshift-apiserver-operator:v4.6.0-202010061132.p0",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cluster-openshift-controller-manager-operator:v4.6.0-202010061132.p0 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator:v4.6.0-202010061132.p0"
},
"product_reference": "openshift4/ose-cluster-openshift-controller-manager-operator:v4.6.0-202010061132.p0",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cluster-policy-controller-rhel8:v4.6.0-202010061132.p0 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8:v4.6.0-202010061132.p0"
},
"product_reference": "openshift4/ose-cluster-policy-controller-rhel8:v4.6.0-202010061132.p0",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cluster-samples-operator:v4.6.0-202009290409.p0 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator:v4.6.0-202009290409.p0"
},
"product_reference": "openshift4/ose-cluster-samples-operator:v4.6.0-202009290409.p0",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cluster-storage-operator:v4.6.0-202010061132.p0 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator:v4.6.0-202010061132.p0"
},
"product_reference": "openshift4/ose-cluster-storage-operator:v4.6.0-202010061132.p0",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-console-operator:v4.6.0-202010061132.p0 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-console-operator:v4.6.0-202010061132.p0"
},
"product_reference": "openshift4/ose-console-operator:v4.6.0-202010061132.p0",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-console:v4.6.0-202010100121.p0 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-console:v4.6.0-202010100121.p0"
},
"product_reference": "openshift4/ose-console:v4.6.0-202010100121.p0",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-coredns:v4.6.0-202010061132.p0 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-coredns:v4.6.0-202010061132.p0"
},
"product_reference": "openshift4/ose-coredns:v4.6.0-202010061132.p0",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-csi-external-attacher-rhel8:v4.6.0-202010061132.p0 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8:v4.6.0-202010061132.p0"
},
"product_reference": "openshift4/ose-csi-external-attacher-rhel8:v4.6.0-202010061132.p0",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-csi-external-attacher:v4.6.0-202010061132.p0 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher:v4.6.0-202010061132.p0"
},
"product_reference": "openshift4/ose-csi-external-attacher:v4.6.0-202010061132.p0",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-csi-external-provisioner-rhel8:v4.6.0-202010061132.p0 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8:v4.6.0-202010061132.p0"
},
"product_reference": "openshift4/ose-csi-external-provisioner-rhel8:v4.6.0-202010061132.p0",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-csi-external-provisioner:v4.6.0-202010061132.p0 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner:v4.6.0-202010061132.p0"
},
"product_reference": "openshift4/ose-csi-external-provisioner:v4.6.0-202010061132.p0",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-csi-external-resizer-rhel8:v4.6.0-202010061132.p0 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8:v4.6.0-202010061132.p0"
},
"product_reference": "openshift4/ose-csi-external-resizer-rhel8:v4.6.0-202010061132.p0",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-csi-external-resizer:v4.6.0-202010061132.p0 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer:v4.6.0-202010061132.p0"
},
"product_reference": "openshift4/ose-csi-external-resizer:v4.6.0-202010061132.p0",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-csi-external-snapshotter-rhel8:v4.6.0-202010061132.p0 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8:v4.6.0-202010061132.p0"
},
"product_reference": "openshift4/ose-csi-external-snapshotter-rhel8:v4.6.0-202010061132.p0",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-csi-external-snapshotter:v4.6.0-202010061132.p0 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter:v4.6.0-202010061132.p0"
},
"product_reference": "openshift4/ose-csi-external-snapshotter:v4.6.0-202010061132.p0",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-csi-livenessprobe-rhel8:v4.6.0-202010061132.p0 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8:v4.6.0-202010061132.p0"
},
"product_reference": "openshift4/ose-csi-livenessprobe-rhel8:v4.6.0-202010061132.p0",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-csi-livenessprobe:v4.6.0-202010061132.p0 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe:v4.6.0-202010061132.p0"
},
"product_reference": "openshift4/ose-csi-livenessprobe:v4.6.0-202010061132.p0",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-csi-node-driver-registrar-rhel8:v4.6.0-202010061132.p0 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8:v4.6.0-202010061132.p0"
},
"product_reference": "openshift4/ose-csi-node-driver-registrar-rhel8:v4.6.0-202010061132.p0",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-csi-node-driver-registrar:v4.6.0-202010061132.p0 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar:v4.6.0-202010061132.p0"
},
"product_reference": "openshift4/ose-csi-node-driver-registrar:v4.6.0-202010061132.p0",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-csi-snapshot-controller-rhel8:v4.6.0-202010061132.p0 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8:v4.6.0-202010061132.p0"
},
"product_reference": "openshift4/ose-csi-snapshot-controller-rhel8:v4.6.0-202010061132.p0",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-csi-snapshot-controller:v4.6.0-202010061132.p0 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller:v4.6.0-202010061132.p0"
},
"product_reference": "openshift4/ose-csi-snapshot-controller:v4.6.0-202010061132.p0",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-descheduler:v4.6.0-202010200139.p0 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-descheduler:v4.6.0-202010200139.p0"
},
"product_reference": "openshift4/ose-descheduler:v4.6.0-202010200139.p0",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-docker-builder:v4.6.0-202010120952.p0 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-docker-builder:v4.6.0-202010120952.p0"
},
"product_reference": "openshift4/ose-docker-builder:v4.6.0-202010120952.p0",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-docker-registry:v4.6.0-202010061132.p0 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-docker-registry:v4.6.0-202010061132.p0"
},
"product_reference": "openshift4/ose-docker-registry:v4.6.0-202010061132.p0",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-elasticsearch-operator:v4.6.0-202010200139.p0 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator:v4.6.0-202010200139.p0"
},
"product_reference": "openshift4/ose-elasticsearch-operator:v4.6.0-202010200139.p0",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-etcd:v4.6.0-202010061132.p0 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-etcd:v4.6.0-202010061132.p0"
},
"product_reference": "openshift4/ose-etcd:v4.6.0-202010061132.p0",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-gcp-machine-controllers-rhel8:v4.6.0-202010061132.p0 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8:v4.6.0-202010061132.p0"
},
"product_reference": "openshift4/ose-gcp-machine-controllers-rhel8:v4.6.0-202010061132.p0",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-grafana:v4.6.0-202010061132.p0 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-grafana:v4.6.0-202010061132.p0"
},
"product_reference": "openshift4/ose-grafana:v4.6.0-202010061132.p0",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-hyperkube:v4.6.0-202010081843.p0 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-hyperkube:v4.6.0-202010081843.p0"
},
"product_reference": "openshift4/ose-hyperkube:v4.6.0-202010081843.p0",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-installer:v4.6.0-202010081843.p0 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-installer:v4.6.0-202010081843.p0"
},
"product_reference": "openshift4/ose-installer:v4.6.0-202010081843.p0",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-kube-rbac-proxy:v4.6.0-202010061132.p0 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy:v4.6.0-202010061132.p0"
},
"product_reference": "openshift4/ose-kube-rbac-proxy:v4.6.0-202010061132.p0",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-kube-storage-version-migrator-rhel8:v4.6.0-202010061132.p0 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8:v4.6.0-202010061132.p0"
},
"product_reference": "openshift4/ose-kube-storage-version-migrator-rhel8:v4.6.0-202010061132.p0",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-local-storage-diskmaker:v4.6.0-202010200139.p0 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker:v4.6.0-202010200139.p0"
},
"product_reference": "openshift4/ose-local-storage-diskmaker:v4.6.0-202010200139.p0",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-local-storage-static-provisioner:v4.6.0-202010061132.p0 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner:v4.6.0-202010061132.p0"
},
"product_reference": "openshift4/ose-local-storage-static-provisioner:v4.6.0-202010061132.p0",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-logging-kibana6:v4.6.0-202010200139.p0 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-logging-kibana6:v4.6.0-202010200139.p0"
},
"product_reference": "openshift4/ose-logging-kibana6:v4.6.0-202010200139.p0",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-machine-config-operator:v4.6.0-202010220220.p0 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-machine-config-operator:v4.6.0-202010220220.p0"
},
"product_reference": "openshift4/ose-machine-config-operator:v4.6.0-202010220220.p0",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-mdns-publisher-rhel8:v4.6.0-202010061132.p0 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8:v4.6.0-202010061132.p0"
},
"product_reference": "openshift4/ose-mdns-publisher-rhel8:v4.6.0-202010061132.p0",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-metering-presto:v4.6.0-202010200139.p0 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-metering-presto:v4.6.0-202010200139.p0"
},
"product_reference": "openshift4/ose-metering-presto:v4.6.0-202010200139.p0",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-metering-reporting-operator:v4.6.0-202010200139.p0 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-metering-reporting-operator:v4.6.0-202010200139.p0"
},
"product_reference": "openshift4/ose-metering-reporting-operator:v4.6.0-202010200139.p0",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-multus-admission-controller:v4.6.0-202010061132.p0 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller:v4.6.0-202010061132.p0"
},
"product_reference": "openshift4/ose-multus-admission-controller:v4.6.0-202010061132.p0",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-multus-cni:v4.6.0-202010061132.p0 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-multus-cni:v4.6.0-202010061132.p0"
},
"product_reference": "openshift4/ose-multus-cni:v4.6.0-202010061132.p0",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-multus-route-override-cni-rhel8:v4.6.0-202010012244.p0 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8:v4.6.0-202010012244.p0"
},
"product_reference": "openshift4/ose-multus-route-override-cni-rhel8:v4.6.0-202010012244.p0",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-multus-whereabouts-ipam-cni-rhel8:v4.6.0-202010011936.p0 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8:v4.6.0-202010011936.p0"
},
"product_reference": "openshift4/ose-multus-whereabouts-ipam-cni-rhel8:v4.6.0-202010011936.p0",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-network-metrics-daemon-rhel8:v4.6.0-202010061132.p0 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8:v4.6.0-202010061132.p0"
},
"product_reference": "openshift4/ose-network-metrics-daemon-rhel8:v4.6.0-202010061132.p0",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-oauth-apiserver-rhel8:v4.6.0-202010061132.p0 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8:v4.6.0-202010061132.p0"
},
"product_reference": "openshift4/ose-oauth-apiserver-rhel8:v4.6.0-202010061132.p0",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-oauth-proxy:v4.6.0-202010010929.p0 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-oauth-proxy:v4.6.0-202010010929.p0"
},
"product_reference": "openshift4/ose-oauth-proxy:v4.6.0-202010010929.p0",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-openshift-apiserver-rhel8:v4.6.0-202010061132.p0 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8:v4.6.0-202010061132.p0"
},
"product_reference": "openshift4/ose-openshift-apiserver-rhel8:v4.6.0-202010061132.p0",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-openshift-controller-manager-rhel8:v4.6.0-202010061132.p0 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8:v4.6.0-202010061132.p0"
},
"product_reference": "openshift4/ose-openshift-controller-manager-rhel8:v4.6.0-202010061132.p0",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-operator-lifecycle-manager:v4.6.0-202010130555.p0 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager:v4.6.0-202010130555.p0"
},
"product_reference": "openshift4/ose-operator-lifecycle-manager:v4.6.0-202010130555.p0",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-operator-marketplace:v4.6.0-202010081538.p0 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-operator-marketplace:v4.6.0-202010081538.p0"
},
"product_reference": "openshift4/ose-operator-marketplace:v4.6.0-202010081538.p0",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-operator-registry:v4.6.0-202010061132.p0 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-operator-registry:v4.6.0-202010061132.p0"
},
"product_reference": "openshift4/ose-operator-registry:v4.6.0-202010061132.p0",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-prometheus:v4.6.0-202009290409.p0 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-prometheus:v4.6.0-202009290409.p0"
},
"product_reference": "openshift4/ose-prometheus:v4.6.0-202009290409.p0",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-ptp-operator:v4.6.0-202010200139.p0 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-ptp-operator:v4.6.0-202010200139.p0"
},
"product_reference": "openshift4/ose-ptp-operator:v4.6.0-202010200139.p0",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-ptp:v4.6.0-202010200139.p0 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-ptp:v4.6.0-202010200139.p0"
},
"product_reference": "openshift4/ose-ptp:v4.6.0-202010200139.p0",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-service-ca-operator:v4.6.0-202010061132.p0 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-service-ca-operator:v4.6.0-202010061132.p0"
},
"product_reference": "openshift4/ose-service-ca-operator:v4.6.0-202010061132.p0",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-sriov-dp-admission-controller:v4.6.0-202010200139.p0 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller:v4.6.0-202010200139.p0"
},
"product_reference": "openshift4/ose-sriov-dp-admission-controller:v4.6.0-202010200139.p0",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-sriov-network-config-daemon:v4.6.0-202010200139.p0 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon:v4.6.0-202010200139.p0"
},
"product_reference": "openshift4/ose-sriov-network-config-daemon:v4.6.0-202010200139.p0",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-sriov-network-device-plugin:v4.6.0-202010200139.p0 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin:v4.6.0-202010200139.p0"
},
"product_reference": "openshift4/ose-sriov-network-device-plugin:v4.6.0-202010200139.p0",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-sriov-network-webhook:v4.6.0-202010200139.p0 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook:v4.6.0-202010200139.p0"
},
"product_reference": "openshift4/ose-sriov-network-webhook:v4.6.0-202010200139.p0",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-tests:v4.6.0-202010120952.p0 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-tests:v4.6.0-202010120952.p0"
},
"product_reference": "openshift4/ose-tests:v4.6.0-202010120952.p0",
"relates_to_product_reference": "8Base-RHOSE-4.6"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2013-0169",
"discovery_date": "2013-02-04T00:00:00Z",
"flags": [
{
"label": "component_not_present",
"product_ids": [
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-aws-machine-controllers:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-azure-machine-controllers:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cli-artifacts:v4.6.0-202010080605.p0",
"8Base-RHOSE-4.6:openshift4/ose-cli:v4.6.0-202010080605.p0",
"8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler:v4.6.0-202009291152.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator:v4.6.0-202010062159.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator:v4.6.0-202010090300.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator:v4.6.0-202010081538.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator:v4.6.0-202009290409.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-console-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-console:v4.6.0-202010100121.p0",
"8Base-RHOSE-4.6:openshift4/ose-coredns:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-descheduler:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-docker-builder:v4.6.0-202010120952.p0",
"8Base-RHOSE-4.6:openshift4/ose-docker-registry:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-etcd:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-grafana:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-hyperkube:v4.6.0-202010081843.p0",
"8Base-RHOSE-4.6:openshift4/ose-installer:v4.6.0-202010081843.p0",
"8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-machine-config-operator:v4.6.0-202010220220.p0",
"8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-metering-presto:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-metering-reporting-operator:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-multus-cni:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8:v4.6.0-202010012244.p0",
"8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8:v4.6.0-202010011936.p0",
"8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-oauth-proxy:v4.6.0-202010010929.p0",
"8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager:v4.6.0-202010130555.p0",
"8Base-RHOSE-4.6:openshift4/ose-operator-marketplace:v4.6.0-202010081538.p0",
"8Base-RHOSE-4.6:openshift4/ose-operator-registry:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-prometheus:v4.6.0-202009290409.p0",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-ptp:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-service-ca-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-tests:v4.6.0-202010120952.p0"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla",
"text": "https://bugzilla.redhat.com/show_bug.cgi?id=907589"
}
],
"notes": [
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
},
{
"category": "description",
"text": "The TLS protocol 1.1 and 1.2 and the DTLS protocol 1.0 and 1.2, as used in OpenSSL, OpenJDK, PolarSSL, and other products, do not properly consider timing side-channel attacks on a MAC check requirement during the processing of malformed CBC padding, which allows remote attackers to conduct distinguishing attacks and plaintext-recovery attacks via statistical analysis of timing data for crafted packets, aka the \"Lucky Thirteen\" issue.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "CBC padding timing attack (lucky-13)",
"title": "Vulnerability summary"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy:v4.6.0-202010061132.p0"
],
"known_not_affected": [
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-aws-machine-controllers:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-azure-machine-controllers:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cli-artifacts:v4.6.0-202010080605.p0",
"8Base-RHOSE-4.6:openshift4/ose-cli:v4.6.0-202010080605.p0",
"8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler:v4.6.0-202009291152.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator:v4.6.0-202010062159.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator:v4.6.0-202010090300.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator:v4.6.0-202010081538.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator:v4.6.0-202009290409.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-console-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-console:v4.6.0-202010100121.p0",
"8Base-RHOSE-4.6:openshift4/ose-coredns:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-descheduler:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-docker-builder:v4.6.0-202010120952.p0",
"8Base-RHOSE-4.6:openshift4/ose-docker-registry:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-etcd:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-grafana:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-hyperkube:v4.6.0-202010081843.p0",
"8Base-RHOSE-4.6:openshift4/ose-installer:v4.6.0-202010081843.p0",
"8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-machine-config-operator:v4.6.0-202010220220.p0",
"8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-metering-presto:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-metering-reporting-operator:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-multus-cni:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8:v4.6.0-202010012244.p0",
"8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8:v4.6.0-202010011936.p0",
"8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-oauth-proxy:v4.6.0-202010010929.p0",
"8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager:v4.6.0-202010130555.p0",
"8Base-RHOSE-4.6:openshift4/ose-operator-marketplace:v4.6.0-202010081538.p0",
"8Base-RHOSE-4.6:openshift4/ose-operator-registry:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-prometheus:v4.6.0-202009290409.p0",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-ptp:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-service-ca-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-tests:v4.6.0-202010120952.p0"
]
},
"references": [
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2013-0169",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-0169"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-0169",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2013-0169"
},
{
"category": "external",
"summary": "http://www.isg.rhul.ac.uk/tls/",
"url": "http://www.isg.rhul.ac.uk/tls/"
},
{
"category": "external",
"summary": "http://www.openssl.org/news/secadv_20130205.txt",
"url": "http://www.openssl.org/news/secadv_20130205.txt"
},
{
"category": "external",
"summary": "https://polarssl.org/tech-updates/releases/polarssl-1.2.5-released",
"url": "https://polarssl.org/tech-updates/releases/polarssl-1.2.5-released"
},
{
"category": "external",
"summary": "CVE-2013-0169",
"url": "https://access.redhat.com/security/cve/CVE-2013-0169"
},
{
"category": "external",
"summary": "bz#907589: CBC padding timing attack (lucky-13)",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=907589"
}
],
"release_date": "2013-02-04T00:00:00Z",
"remediations": [
{
"category": "vendor_fix",
"details": "For OpenShift Container Platform 4.6 see the following documentation, which\nwill be updated shortly for this release, for important instructions on how\nto upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.6/release_notes/ocp-4-6-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.6/updating/updating-cluster-cli.html.",
"product_ids": [
"8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy:v4.6.0-202010061132.p0"
],
"url": "https://access.redhat.com/errata/RHSA-2020:4298"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 5.1,
"collateralDamagePotential": "NOT_DEFINED",
"confidentialityImpact": "PARTIAL",
"confidentialityRequirement": "NOT_DEFINED",
"environmentalScore": 0.0,
"exploitability": "NOT_DEFINED",
"integrityImpact": "PARTIAL",
"integrityRequirement": "NOT_DEFINED",
"remediationLevel": "NOT_DEFINED",
"reportConfidence": "NOT_DEFINED",
"targetDistribution": "NOT_DEFINED",
"temporalScore": 0.0,
"vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy:v4.6.0-202010061132.p0"
]
}
],
"threats": [
{
"category": "impact",
"date": "2013-02-04T00:00:00Z",
"details": "Moderate"
}
],
"title": "CBC padding timing attack (lucky-13)"
},
{
"cve": "CVE-2018-18624",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2020-06-24T00:00:00Z",
"flags": [
{
"label": "component_not_present",
"product_ids": [
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-aws-machine-controllers:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-azure-machine-controllers:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cli-artifacts:v4.6.0-202010080605.p0",
"8Base-RHOSE-4.6:openshift4/ose-cli:v4.6.0-202010080605.p0",
"8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler:v4.6.0-202009291152.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator:v4.6.0-202010062159.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator:v4.6.0-202010090300.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator:v4.6.0-202010081538.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator:v4.6.0-202009290409.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-console-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-console:v4.6.0-202010100121.p0",
"8Base-RHOSE-4.6:openshift4/ose-coredns:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-descheduler:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-docker-builder:v4.6.0-202010120952.p0",
"8Base-RHOSE-4.6:openshift4/ose-docker-registry:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-etcd:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-hyperkube:v4.6.0-202010081843.p0",
"8Base-RHOSE-4.6:openshift4/ose-installer:v4.6.0-202010081843.p0",
"8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-machine-config-operator:v4.6.0-202010220220.p0",
"8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-metering-presto:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-metering-reporting-operator:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-multus-cni:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8:v4.6.0-202010012244.p0",
"8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8:v4.6.0-202010011936.p0",
"8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-oauth-proxy:v4.6.0-202010010929.p0",
"8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager:v4.6.0-202010130555.p0",
"8Base-RHOSE-4.6:openshift4/ose-operator-marketplace:v4.6.0-202010081538.p0",
"8Base-RHOSE-4.6:openshift4/ose-operator-registry:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-prometheus:v4.6.0-202009290409.p0",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-ptp:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-service-ca-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-tests:v4.6.0-202010120952.p0"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla",
"text": "https://bugzilla.redhat.com/show_bug.cgi?id=1850572"
}
],
"notes": [
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
},
{
"category": "description",
"text": "A flaw was found in grafana. An incomplete fix for CVE-2018-12099 allows for a XSS via a column style on the \"Dashboard \u003e Table Panel\" screen.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "grafana: XSS vulnerability via a column style on the \"Dashboard \u003e Table Panel\" screen",
"title": "Vulnerability summary"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-4.6:openshift4/ose-grafana:v4.6.0-202010061132.p0"
],
"known_not_affected": [
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-aws-machine-controllers:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-azure-machine-controllers:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cli-artifacts:v4.6.0-202010080605.p0",
"8Base-RHOSE-4.6:openshift4/ose-cli:v4.6.0-202010080605.p0",
"8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler:v4.6.0-202009291152.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator:v4.6.0-202010062159.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator:v4.6.0-202010090300.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator:v4.6.0-202010081538.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator:v4.6.0-202009290409.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-console-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-console:v4.6.0-202010100121.p0",
"8Base-RHOSE-4.6:openshift4/ose-coredns:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-descheduler:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-docker-builder:v4.6.0-202010120952.p0",
"8Base-RHOSE-4.6:openshift4/ose-docker-registry:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-etcd:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-hyperkube:v4.6.0-202010081843.p0",
"8Base-RHOSE-4.6:openshift4/ose-installer:v4.6.0-202010081843.p0",
"8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-machine-config-operator:v4.6.0-202010220220.p0",
"8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-metering-presto:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-metering-reporting-operator:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-multus-cni:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8:v4.6.0-202010012244.p0",
"8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8:v4.6.0-202010011936.p0",
"8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-oauth-proxy:v4.6.0-202010010929.p0",
"8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager:v4.6.0-202010130555.p0",
"8Base-RHOSE-4.6:openshift4/ose-operator-marketplace:v4.6.0-202010081538.p0",
"8Base-RHOSE-4.6:openshift4/ose-operator-registry:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-prometheus:v4.6.0-202009290409.p0",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-ptp:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-service-ca-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-tests:v4.6.0-202010120952.p0"
]
},
"references": [
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-18624",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-18624"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-18624",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-18624"
},
{
"category": "external",
"summary": "https://security.netapp.com/advisory/ntap-20200608-0008/",
"url": "https://security.netapp.com/advisory/ntap-20200608-0008/"
},
{
"category": "external",
"summary": "CVE-2018-18624",
"url": "https://access.redhat.com/security/cve/CVE-2018-18624"
},
{
"category": "external",
"summary": "bz#1850572: CVE-2018-18624 grafana: XSS vulnerability via a column style on the \"Dashboard \u003e Table Panel\" screen",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1850572"
}
],
"release_date": "2020-06-02T00:00:00Z",
"remediations": [
{
"category": "vendor_fix",
"details": "For OpenShift Container Platform 4.6 see the following documentation, which\nwill be updated shortly for this release, for important instructions on how\nto upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.6/release_notes/ocp-4-6-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.6/updating/updating-cluster-cli.html.",
"product_ids": [
"8Base-RHOSE-4.6:openshift4/ose-grafana:v4.6.0-202010061132.p0"
],
"url": "https://access.redhat.com/errata/RHSA-2020:4298"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"8Base-RHOSE-4.6:openshift4/ose-grafana:v4.6.0-202010061132.p0"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-06-24T00:00:00Z",
"details": "Moderate"
}
],
"title": "CVE-2018-18624 grafana: XSS vulnerability via a column style on the \"Dashboard \u003e Table Panel\" screen"
},
{
"cve": "CVE-2019-11358",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2019-03-28T00:00:00Z",
"flags": [
{
"label": "component_not_present",
"product_ids": [
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-aws-machine-controllers:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-azure-machine-controllers:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cli-artifacts:v4.6.0-202010080605.p0",
"8Base-RHOSE-4.6:openshift4/ose-cli:v4.6.0-202010080605.p0",
"8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler:v4.6.0-202009291152.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator:v4.6.0-202010062159.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator:v4.6.0-202010090300.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator:v4.6.0-202010081538.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator:v4.6.0-202009290409.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-console-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-console:v4.6.0-202010100121.p0",
"8Base-RHOSE-4.6:openshift4/ose-coredns:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-descheduler:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-docker-builder:v4.6.0-202010120952.p0",
"8Base-RHOSE-4.6:openshift4/ose-docker-registry:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-etcd:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-grafana:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-hyperkube:v4.6.0-202010081843.p0",
"8Base-RHOSE-4.6:openshift4/ose-installer:v4.6.0-202010081843.p0",
"8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-machine-config-operator:v4.6.0-202010220220.p0",
"8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-metering-presto:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-metering-reporting-operator:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-multus-cni:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8:v4.6.0-202010012244.p0",
"8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8:v4.6.0-202010011936.p0",
"8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-oauth-proxy:v4.6.0-202010010929.p0",
"8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager:v4.6.0-202010130555.p0",
"8Base-RHOSE-4.6:openshift4/ose-operator-marketplace:v4.6.0-202010081538.p0",
"8Base-RHOSE-4.6:openshift4/ose-operator-registry:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-ptp:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-service-ca-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-tests:v4.6.0-202010120952.p0"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla",
"text": "https://bugzilla.redhat.com/show_bug.cgi?id=1701972"
}
],
"notes": [
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
},
{
"category": "description",
"text": "A Prototype Pollution vulnerability was found in jquery. Untrusted JSON passed to the `extend` function could lead to modifying objects up the prototype chain, including the global Object. A crafted JSON object passed to a vulnerable method could lead to denial of service or data injection, with various consequences.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jquery: Prototype pollution in object\u0027s prototype leading to denial of service, remote code execution, or property injection",
"title": "Vulnerability summary"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-4.6:openshift4/ose-prometheus:v4.6.0-202009290409.p0"
],
"known_not_affected": [
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-aws-machine-controllers:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-azure-machine-controllers:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cli-artifacts:v4.6.0-202010080605.p0",
"8Base-RHOSE-4.6:openshift4/ose-cli:v4.6.0-202010080605.p0",
"8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler:v4.6.0-202009291152.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator:v4.6.0-202010062159.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator:v4.6.0-202010090300.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator:v4.6.0-202010081538.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator:v4.6.0-202009290409.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-console-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-console:v4.6.0-202010100121.p0",
"8Base-RHOSE-4.6:openshift4/ose-coredns:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-descheduler:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-docker-builder:v4.6.0-202010120952.p0",
"8Base-RHOSE-4.6:openshift4/ose-docker-registry:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-etcd:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-grafana:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-hyperkube:v4.6.0-202010081843.p0",
"8Base-RHOSE-4.6:openshift4/ose-installer:v4.6.0-202010081843.p0",
"8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-machine-config-operator:v4.6.0-202010220220.p0",
"8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-metering-presto:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-metering-reporting-operator:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-multus-cni:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8:v4.6.0-202010012244.p0",
"8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8:v4.6.0-202010011936.p0",
"8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-oauth-proxy:v4.6.0-202010010929.p0",
"8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager:v4.6.0-202010130555.p0",
"8Base-RHOSE-4.6:openshift4/ose-operator-marketplace:v4.6.0-202010081538.p0",
"8Base-RHOSE-4.6:openshift4/ose-operator-registry:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-ptp:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-service-ca-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-tests:v4.6.0-202010120952.p0"
]
},
"references": [
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-11358",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11358"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-11358",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-11358"
},
{
"category": "external",
"summary": "https://blog.jquery.com/2019/04/10/jquery-3-4-0-released/",
"url": "https://blog.jquery.com/2019/04/10/jquery-3-4-0-released/"
},
{
"category": "external",
"summary": "https://www.drupal.org/sa-core-2019-006",
"url": "https://www.drupal.org/sa-core-2019-006"
},
{
"category": "external",
"summary": "CVE-2019-11358",
"url": "https://access.redhat.com/security/cve/CVE-2019-11358"
},
{
"category": "external",
"summary": "bz#1701972: CVE-2019-11358 jquery: Prototype pollution in object\u0027s prototype leading to denial of service, remote code execution, or property injection",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1701972"
}
],
"release_date": "2019-03-27T00:00:00Z",
"remediations": [
{
"category": "vendor_fix",
"details": "For OpenShift Container Platform 4.6 see the following documentation, which\nwill be updated shortly for this release, for important instructions on how\nto upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.6/release_notes/ocp-4-6-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.6/updating/updating-cluster-cli.html.",
"product_ids": [
"8Base-RHOSE-4.6:openshift4/ose-prometheus:v4.6.0-202009290409.p0"
],
"url": "https://access.redhat.com/errata/RHSA-2020:4298"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.0"
},
"products": [
"8Base-RHOSE-4.6:openshift4/ose-prometheus:v4.6.0-202009290409.p0"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-03-28T00:00:00Z",
"details": "Moderate"
}
],
"title": "CVE-2019-11358 jquery: Prototype pollution in object\u0027s prototype leading to denial of service, remote code execution, or property injection"
},
{
"cve": "CVE-2019-16769",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2020-06-17T00:00:00Z",
"flags": [
{
"label": "component_not_present",
"product_ids": [
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-aws-machine-controllers:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-azure-machine-controllers:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cli-artifacts:v4.6.0-202010080605.p0",
"8Base-RHOSE-4.6:openshift4/ose-cli:v4.6.0-202010080605.p0",
"8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler:v4.6.0-202009291152.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator:v4.6.0-202010062159.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator:v4.6.0-202010090300.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator:v4.6.0-202010081538.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator:v4.6.0-202009290409.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-console-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-console:v4.6.0-202010100121.p0",
"8Base-RHOSE-4.6:openshift4/ose-coredns:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-descheduler:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-docker-builder:v4.6.0-202010120952.p0",
"8Base-RHOSE-4.6:openshift4/ose-docker-registry:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-etcd:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-hyperkube:v4.6.0-202010081843.p0",
"8Base-RHOSE-4.6:openshift4/ose-installer:v4.6.0-202010081843.p0",
"8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-machine-config-operator:v4.6.0-202010220220.p0",
"8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-metering-presto:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-metering-reporting-operator:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-multus-cni:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8:v4.6.0-202010012244.p0",
"8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8:v4.6.0-202010011936.p0",
"8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-oauth-proxy:v4.6.0-202010010929.p0",
"8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager:v4.6.0-202010130555.p0",
"8Base-RHOSE-4.6:openshift4/ose-operator-marketplace:v4.6.0-202010081538.p0",
"8Base-RHOSE-4.6:openshift4/ose-operator-registry:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-prometheus:v4.6.0-202009290409.p0",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-ptp:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-service-ca-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-tests:v4.6.0-202010120952.p0"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla",
"text": "https://bugzilla.redhat.com/show_bug.cgi?id=1848092"
}
],
"notes": [
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
},
{
"category": "description",
"text": "A XSS flaw was found in npm-serialize-javascript. It does not properly mitigate against unsafe characters in serialized regular expressions. This vulnerability is not affected on Node.js environment since Node.js\u0027s implementation of RegExp.prototype.toString() backslash-escapes all forward slashes in regular expressions. If serialized data of regular expression objects are used in an environment other than Node.js, it is affected by this vulnerability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "npm-serialize-javascript: XSS via unsafe characters in serialized regular expressions",
"title": "Vulnerability summary"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-4.6:openshift4/ose-grafana:v4.6.0-202010061132.p0"
],
"known_not_affected": [
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-aws-machine-controllers:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-azure-machine-controllers:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cli-artifacts:v4.6.0-202010080605.p0",
"8Base-RHOSE-4.6:openshift4/ose-cli:v4.6.0-202010080605.p0",
"8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler:v4.6.0-202009291152.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator:v4.6.0-202010062159.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator:v4.6.0-202010090300.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator:v4.6.0-202010081538.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator:v4.6.0-202009290409.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-console-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-console:v4.6.0-202010100121.p0",
"8Base-RHOSE-4.6:openshift4/ose-coredns:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-descheduler:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-docker-builder:v4.6.0-202010120952.p0",
"8Base-RHOSE-4.6:openshift4/ose-docker-registry:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-etcd:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-hyperkube:v4.6.0-202010081843.p0",
"8Base-RHOSE-4.6:openshift4/ose-installer:v4.6.0-202010081843.p0",
"8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-machine-config-operator:v4.6.0-202010220220.p0",
"8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-metering-presto:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-metering-reporting-operator:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-multus-cni:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8:v4.6.0-202010012244.p0",
"8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8:v4.6.0-202010011936.p0",
"8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-oauth-proxy:v4.6.0-202010010929.p0",
"8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager:v4.6.0-202010130555.p0",
"8Base-RHOSE-4.6:openshift4/ose-operator-marketplace:v4.6.0-202010081538.p0",
"8Base-RHOSE-4.6:openshift4/ose-operator-registry:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-prometheus:v4.6.0-202009290409.p0",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-ptp:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-service-ca-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-tests:v4.6.0-202010120952.p0"
]
},
"references": [
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-16769",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-16769"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-16769",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-16769"
},
{
"category": "external",
"summary": "CVE-2019-16769",
"url": "https://access.redhat.com/security/cve/CVE-2019-16769"
},
{
"category": "external",
"summary": "bz#1848092: CVE-2019-16769 npm-serialize-javascript: XSS via unsafe characters in serialized regular expressions",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1848092"
}
],
"release_date": "2020-05-04T00:00:00Z",
"remediations": [
{
"category": "vendor_fix",
"details": "For OpenShift Container Platform 4.6 see the following documentation, which\nwill be updated shortly for this release, for important instructions on how\nto upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.6/release_notes/ocp-4-6-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.6/updating/updating-cluster-cli.html.",
"product_ids": [
"8Base-RHOSE-4.6:openshift4/ose-grafana:v4.6.0-202010061132.p0"
],
"url": "https://access.redhat.com/errata/RHSA-2020:4298"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"8Base-RHOSE-4.6:openshift4/ose-grafana:v4.6.0-202010061132.p0"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-06-17T00:00:00Z",
"details": "Moderate"
}
],
"title": "CVE-2019-16769 npm-serialize-javascript: XSS via unsafe characters in serialized regular expressions"
},
{
"cve": "CVE-2020-7013",
"cwe": {
"id": "CWE-94",
"name": "Improper Control of Generation of Code (\u0027Code Injection\u0027)"
},
"discovery_date": "2020-06-19T00:00:00Z",
"flags": [
{
"label": "component_not_present",
"product_ids": [
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-aws-machine-controllers:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-azure-machine-controllers:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cli-artifacts:v4.6.0-202010080605.p0",
"8Base-RHOSE-4.6:openshift4/ose-cli:v4.6.0-202010080605.p0",
"8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler:v4.6.0-202009291152.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator:v4.6.0-202010062159.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator:v4.6.0-202010090300.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator:v4.6.0-202010081538.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator:v4.6.0-202009290409.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-console-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-console:v4.6.0-202010100121.p0",
"8Base-RHOSE-4.6:openshift4/ose-coredns:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-descheduler:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-docker-builder:v4.6.0-202010120952.p0",
"8Base-RHOSE-4.6:openshift4/ose-docker-registry:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-etcd:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-grafana:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-hyperkube:v4.6.0-202010081843.p0",
"8Base-RHOSE-4.6:openshift4/ose-installer:v4.6.0-202010081843.p0",
"8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-machine-config-operator:v4.6.0-202010220220.p0",
"8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-metering-presto:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-metering-reporting-operator:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-multus-cni:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8:v4.6.0-202010012244.p0",
"8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8:v4.6.0-202010011936.p0",
"8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-oauth-proxy:v4.6.0-202010010929.p0",
"8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager:v4.6.0-202010130555.p0",
"8Base-RHOSE-4.6:openshift4/ose-operator-marketplace:v4.6.0-202010081538.p0",
"8Base-RHOSE-4.6:openshift4/ose-operator-registry:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-prometheus:v4.6.0-202009290409.p0",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-ptp:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-service-ca-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-tests:v4.6.0-202010120952.p0"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla",
"text": "https://bugzilla.redhat.com/show_bug.cgi?id=1849044"
}
],
"notes": [
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
},
{
"category": "description",
"text": "Kibana versions before 6.8.9 and 7.7.0 contain a prototype pollution flaw in TSVB. An authenticated attacker with privileges to create TSVB visualizations could insert data that would cause Kibana to execute arbitrary code. This could possibly lead to an attacker executing code with the permissions of the Kibana process on the host system.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kibana: Prototype pollution in TSVB could result in arbitrary code execution (ESA-2020-06)",
"title": "Vulnerability summary"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6:v4.6.0-202010200139.p0"
],
"known_not_affected": [
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-aws-machine-controllers:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-azure-machine-controllers:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cli-artifacts:v4.6.0-202010080605.p0",
"8Base-RHOSE-4.6:openshift4/ose-cli:v4.6.0-202010080605.p0",
"8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler:v4.6.0-202009291152.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator:v4.6.0-202010062159.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator:v4.6.0-202010090300.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator:v4.6.0-202010081538.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator:v4.6.0-202009290409.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-console-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-console:v4.6.0-202010100121.p0",
"8Base-RHOSE-4.6:openshift4/ose-coredns:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-descheduler:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-docker-builder:v4.6.0-202010120952.p0",
"8Base-RHOSE-4.6:openshift4/ose-docker-registry:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-etcd:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-grafana:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-hyperkube:v4.6.0-202010081843.p0",
"8Base-RHOSE-4.6:openshift4/ose-installer:v4.6.0-202010081843.p0",
"8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-machine-config-operator:v4.6.0-202010220220.p0",
"8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-metering-presto:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-metering-reporting-operator:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-multus-cni:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8:v4.6.0-202010012244.p0",
"8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8:v4.6.0-202010011936.p0",
"8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-oauth-proxy:v4.6.0-202010010929.p0",
"8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager:v4.6.0-202010130555.p0",
"8Base-RHOSE-4.6:openshift4/ose-operator-marketplace:v4.6.0-202010081538.p0",
"8Base-RHOSE-4.6:openshift4/ose-operator-registry:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-prometheus:v4.6.0-202009290409.p0",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-ptp:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-service-ca-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-tests:v4.6.0-202010120952.p0"
]
},
"references": [
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-7013",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-7013"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-7013",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-7013"
},
{
"category": "external",
"summary": "https://discuss.elastic.co/t/elastic-stack-6-8-9-and-7-7-0-security-update/235571",
"url": "https://discuss.elastic.co/t/elastic-stack-6-8-9-and-7-7-0-security-update/235571"
},
{
"category": "external",
"summary": "CVE-2020-7013",
"url": "https://access.redhat.com/security/cve/CVE-2020-7013"
},
{
"category": "external",
"summary": "bz#1849044: CVE-2020-7013 kibana: Prototype pollution in TSVB could result in arbitrary code execution (ESA-2020-06)",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1849044"
}
],
"release_date": "2020-06-03T00:00:00Z",
"remediations": [
{
"category": "vendor_fix",
"details": "For OpenShift Container Platform 4.6 see the following documentation, which\nwill be updated shortly for this release, for important instructions on how\nto upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.6/release_notes/ocp-4-6-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.6/updating/updating-cluster-cli.html.",
"product_ids": [
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6:v4.6.0-202010200139.p0"
],
"url": "https://access.redhat.com/errata/RHSA-2020:4298"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6:v4.6.0-202010200139.p0"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-06-19T00:00:00Z",
"details": "Moderate"
}
],
"title": "CVE-2020-7013 kibana: Prototype pollution in TSVB could result in arbitrary code execution (ESA-2020-06)"
},
{
"cve": "CVE-2020-7598",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2020-03-11T00:00:00Z",
"flags": [
{
"label": "component_not_present",
"product_ids": [
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-aws-machine-controllers:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-azure-machine-controllers:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cli-artifacts:v4.6.0-202010080605.p0",
"8Base-RHOSE-4.6:openshift4/ose-cli:v4.6.0-202010080605.p0",
"8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler:v4.6.0-202009291152.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator:v4.6.0-202010062159.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator:v4.6.0-202010090300.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator:v4.6.0-202010081538.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator:v4.6.0-202009290409.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-console-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-coredns:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-descheduler:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-docker-builder:v4.6.0-202010120952.p0",
"8Base-RHOSE-4.6:openshift4/ose-docker-registry:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-etcd:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-grafana:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-hyperkube:v4.6.0-202010081843.p0",
"8Base-RHOSE-4.6:openshift4/ose-installer:v4.6.0-202010081843.p0",
"8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-machine-config-operator:v4.6.0-202010220220.p0",
"8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-metering-presto:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-metering-reporting-operator:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-multus-cni:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8:v4.6.0-202010012244.p0",
"8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8:v4.6.0-202010011936.p0",
"8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-oauth-proxy:v4.6.0-202010010929.p0",
"8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager:v4.6.0-202010130555.p0",
"8Base-RHOSE-4.6:openshift4/ose-operator-marketplace:v4.6.0-202010081538.p0",
"8Base-RHOSE-4.6:openshift4/ose-operator-registry:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-ptp:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-service-ca-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-tests:v4.6.0-202010120952.p0"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla",
"text": "https://bugzilla.redhat.com/show_bug.cgi?id=1813344"
}
],
"notes": [
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
},
{
"category": "description",
"text": "A flaw was found in nodejs-minimist, where it was tricked into adding or modifying properties of the Object.prototype using a \"constructor\" or \"__proto__\" payload. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "nodejs-minimist: prototype pollution allows adding or modifying properties of Object.prototype using a constructor or __proto__ payload",
"title": "Vulnerability summary"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-4.6:openshift4/ose-console:v4.6.0-202010100121.p0",
"8Base-RHOSE-4.6:openshift4/ose-prometheus:v4.6.0-202009290409.p0"
],
"known_not_affected": [
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-aws-machine-controllers:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-azure-machine-controllers:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cli-artifacts:v4.6.0-202010080605.p0",
"8Base-RHOSE-4.6:openshift4/ose-cli:v4.6.0-202010080605.p0",
"8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler:v4.6.0-202009291152.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator:v4.6.0-202010062159.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator:v4.6.0-202010090300.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator:v4.6.0-202010081538.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator:v4.6.0-202009290409.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-console-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-coredns:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-descheduler:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-docker-builder:v4.6.0-202010120952.p0",
"8Base-RHOSE-4.6:openshift4/ose-docker-registry:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-etcd:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-grafana:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-hyperkube:v4.6.0-202010081843.p0",
"8Base-RHOSE-4.6:openshift4/ose-installer:v4.6.0-202010081843.p0",
"8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-machine-config-operator:v4.6.0-202010220220.p0",
"8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-metering-presto:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-metering-reporting-operator:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-multus-cni:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8:v4.6.0-202010012244.p0",
"8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8:v4.6.0-202010011936.p0",
"8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-oauth-proxy:v4.6.0-202010010929.p0",
"8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager:v4.6.0-202010130555.p0",
"8Base-RHOSE-4.6:openshift4/ose-operator-marketplace:v4.6.0-202010081538.p0",
"8Base-RHOSE-4.6:openshift4/ose-operator-registry:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-ptp:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-service-ca-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-tests:v4.6.0-202010120952.p0"
]
},
"references": [
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-7598",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-7598"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-7598",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-7598"
},
{
"category": "external",
"summary": "https://snyk.io/vuln/SNYK-JS-MINIMIST-559764",
"url": "https://snyk.io/vuln/SNYK-JS-MINIMIST-559764"
},
{
"category": "external",
"summary": "CVE-2020-7598",
"url": "https://access.redhat.com/security/cve/CVE-2020-7598"
},
{
"category": "external",
"summary": "bz#1813344: CVE-2020-7598 nodejs-minimist: prototype pollution allows adding or modifying properties of Object.prototype using a constructor or __proto__ payload",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1813344"
}
],
"release_date": "2020-03-10T00:00:00Z",
"remediations": [
{
"category": "vendor_fix",
"details": "For OpenShift Container Platform 4.6 see the following documentation, which\nwill be updated shortly for this release, for important instructions on how\nto upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.6/release_notes/ocp-4-6-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.6/updating/updating-cluster-cli.html.",
"product_ids": [
"8Base-RHOSE-4.6:openshift4/ose-console:v4.6.0-202010100121.p0",
"8Base-RHOSE-4.6:openshift4/ose-prometheus:v4.6.0-202009290409.p0"
],
"url": "https://access.redhat.com/errata/RHSA-2020:4298"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"8Base-RHOSE-4.6:openshift4/ose-console:v4.6.0-202010100121.p0",
"8Base-RHOSE-4.6:openshift4/ose-prometheus:v4.6.0-202009290409.p0"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-03-11T00:00:00Z",
"details": "Moderate"
}
],
"title": "CVE-2020-7598 nodejs-minimist: prototype pollution allows adding or modifying properties of Object.prototype using a constructor or __proto__ payload"
},
{
"cve": "CVE-2020-7662",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2020-06-02T00:00:00Z",
"flags": [
{
"label": "component_not_present",
"product_ids": [
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-aws-machine-controllers:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-azure-machine-controllers:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cli-artifacts:v4.6.0-202010080605.p0",
"8Base-RHOSE-4.6:openshift4/ose-cli:v4.6.0-202010080605.p0",
"8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler:v4.6.0-202009291152.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator:v4.6.0-202010062159.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator:v4.6.0-202010090300.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator:v4.6.0-202010081538.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator:v4.6.0-202009290409.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-console-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-console:v4.6.0-202010100121.p0",
"8Base-RHOSE-4.6:openshift4/ose-coredns:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-descheduler:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-docker-builder:v4.6.0-202010120952.p0",
"8Base-RHOSE-4.6:openshift4/ose-docker-registry:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-etcd:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-hyperkube:v4.6.0-202010081843.p0",
"8Base-RHOSE-4.6:openshift4/ose-installer:v4.6.0-202010081843.p0",
"8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-machine-config-operator:v4.6.0-202010220220.p0",
"8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-metering-presto:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-metering-reporting-operator:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-multus-cni:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8:v4.6.0-202010012244.p0",
"8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8:v4.6.0-202010011936.p0",
"8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-oauth-proxy:v4.6.0-202010010929.p0",
"8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager:v4.6.0-202010130555.p0",
"8Base-RHOSE-4.6:openshift4/ose-operator-marketplace:v4.6.0-202010081538.p0",
"8Base-RHOSE-4.6:openshift4/ose-operator-registry:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-prometheus:v4.6.0-202009290409.p0",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-ptp:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-service-ca-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-tests:v4.6.0-202010120952.p0"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla",
"text": "https://bugzilla.redhat.com/show_bug.cgi?id=1845982"
}
],
"notes": [
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
},
{
"category": "description",
"text": "websocket-extensions npm module prior to 0.1.4 allows Denial of Service (DoS) via Regex Backtracking. The extension parser may take quadratic time when parsing a header containing an unclosed string parameter value whose content is a repeating two-byte sequence of a backslash and some other character. This could be abused by an attacker to conduct Regex Denial Of Service (ReDoS) on a single-threaded server by providing a malicious payload with the Sec-WebSocket-Extensions header.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "npmjs-websocket-extensions: ReDoS vulnerability in Sec-WebSocket-Extensions parser",
"title": "Vulnerability summary"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-4.6:openshift4/ose-grafana:v4.6.0-202010061132.p0"
],
"known_not_affected": [
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-aws-machine-controllers:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-azure-machine-controllers:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cli-artifacts:v4.6.0-202010080605.p0",
"8Base-RHOSE-4.6:openshift4/ose-cli:v4.6.0-202010080605.p0",
"8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler:v4.6.0-202009291152.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator:v4.6.0-202010062159.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator:v4.6.0-202010090300.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator:v4.6.0-202010081538.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator:v4.6.0-202009290409.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-console-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-console:v4.6.0-202010100121.p0",
"8Base-RHOSE-4.6:openshift4/ose-coredns:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-descheduler:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-docker-builder:v4.6.0-202010120952.p0",
"8Base-RHOSE-4.6:openshift4/ose-docker-registry:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-etcd:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-hyperkube:v4.6.0-202010081843.p0",
"8Base-RHOSE-4.6:openshift4/ose-installer:v4.6.0-202010081843.p0",
"8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-machine-config-operator:v4.6.0-202010220220.p0",
"8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-metering-presto:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-metering-reporting-operator:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-multus-cni:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8:v4.6.0-202010012244.p0",
"8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8:v4.6.0-202010011936.p0",
"8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-oauth-proxy:v4.6.0-202010010929.p0",
"8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager:v4.6.0-202010130555.p0",
"8Base-RHOSE-4.6:openshift4/ose-operator-marketplace:v4.6.0-202010081538.p0",
"8Base-RHOSE-4.6:openshift4/ose-operator-registry:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-prometheus:v4.6.0-202009290409.p0",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-ptp:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-service-ca-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-tests:v4.6.0-202010120952.p0"
]
},
"references": [
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-7662",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-7662"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-7662",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-7662"
},
{
"category": "external",
"summary": "https://github.com/faye/websocket-extensions-node/security/advisories/GHSA-g78m-2chm-r7qv",
"url": "https://github.com/faye/websocket-extensions-node/security/advisories/GHSA-g78m-2chm-r7qv"
},
{
"category": "external",
"summary": "CVE-2020-7662",
"url": "https://access.redhat.com/security/cve/CVE-2020-7662"
},
{
"category": "external",
"summary": "bz#1845982: CVE-2020-7662 npmjs-websocket-extensions: ReDoS vulnerability in Sec-WebSocket-Extensions parser",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1845982"
}
],
"release_date": "2020-06-02T00:00:00Z",
"remediations": [
{
"category": "vendor_fix",
"details": "For OpenShift Container Platform 4.6 see the following documentation, which\nwill be updated shortly for this release, for important instructions on how\nto upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.6/release_notes/ocp-4-6-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.6/updating/updating-cluster-cli.html.",
"product_ids": [
"8Base-RHOSE-4.6:openshift4/ose-grafana:v4.6.0-202010061132.p0"
],
"url": "https://access.redhat.com/errata/RHSA-2020:4298"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RHOSE-4.6:openshift4/ose-grafana:v4.6.0-202010061132.p0"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-06-02T00:00:00Z",
"details": "Moderate"
}
],
"title": "CVE-2020-7662 npmjs-websocket-extensions: ReDoS vulnerability in Sec-WebSocket-Extensions parser"
},
{
"cve": "CVE-2020-8203",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2020-07-15T00:00:00Z",
"flags": [
{
"label": "component_not_present",
"product_ids": [
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-aws-machine-controllers:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-azure-machine-controllers:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cli-artifacts:v4.6.0-202010080605.p0",
"8Base-RHOSE-4.6:openshift4/ose-cli:v4.6.0-202010080605.p0",
"8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler:v4.6.0-202009291152.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator:v4.6.0-202010062159.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator:v4.6.0-202010090300.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator:v4.6.0-202010081538.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator:v4.6.0-202009290409.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-console-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-console:v4.6.0-202010100121.p0",
"8Base-RHOSE-4.6:openshift4/ose-coredns:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-descheduler:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-docker-builder:v4.6.0-202010120952.p0",
"8Base-RHOSE-4.6:openshift4/ose-docker-registry:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-etcd:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-grafana:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-hyperkube:v4.6.0-202010081843.p0",
"8Base-RHOSE-4.6:openshift4/ose-installer:v4.6.0-202010081843.p0",
"8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-machine-config-operator:v4.6.0-202010220220.p0",
"8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-metering-reporting-operator:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-multus-cni:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8:v4.6.0-202010012244.p0",
"8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8:v4.6.0-202010011936.p0",
"8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-oauth-proxy:v4.6.0-202010010929.p0",
"8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager:v4.6.0-202010130555.p0",
"8Base-RHOSE-4.6:openshift4/ose-operator-marketplace:v4.6.0-202010081538.p0",
"8Base-RHOSE-4.6:openshift4/ose-operator-registry:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-prometheus:v4.6.0-202009290409.p0",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-ptp:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-service-ca-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-tests:v4.6.0-202010120952.p0"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla",
"text": "https://bugzilla.redhat.com/show_bug.cgi?id=1857412"
}
],
"notes": [
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
},
{
"category": "description",
"text": "A flaw was found in nodejs-lodash in versions 4.17.15 and earlier. A prototype pollution attack is possible which can lead to arbitrary code execution. The primary threat from this vulnerability is to data integrity and system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "nodejs-lodash: prototype pollution in zipObjectDeep function",
"title": "Vulnerability summary"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-4.6:openshift4/ose-metering-presto:v4.6.0-202010200139.p0"
],
"known_not_affected": [
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-aws-machine-controllers:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-azure-machine-controllers:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cli-artifacts:v4.6.0-202010080605.p0",
"8Base-RHOSE-4.6:openshift4/ose-cli:v4.6.0-202010080605.p0",
"8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler:v4.6.0-202009291152.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator:v4.6.0-202010062159.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator:v4.6.0-202010090300.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator:v4.6.0-202010081538.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator:v4.6.0-202009290409.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-console-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-console:v4.6.0-202010100121.p0",
"8Base-RHOSE-4.6:openshift4/ose-coredns:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-descheduler:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-docker-builder:v4.6.0-202010120952.p0",
"8Base-RHOSE-4.6:openshift4/ose-docker-registry:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-etcd:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-grafana:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-hyperkube:v4.6.0-202010081843.p0",
"8Base-RHOSE-4.6:openshift4/ose-installer:v4.6.0-202010081843.p0",
"8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-machine-config-operator:v4.6.0-202010220220.p0",
"8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-metering-reporting-operator:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-multus-cni:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8:v4.6.0-202010012244.p0",
"8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8:v4.6.0-202010011936.p0",
"8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-oauth-proxy:v4.6.0-202010010929.p0",
"8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager:v4.6.0-202010130555.p0",
"8Base-RHOSE-4.6:openshift4/ose-operator-marketplace:v4.6.0-202010081538.p0",
"8Base-RHOSE-4.6:openshift4/ose-operator-registry:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-prometheus:v4.6.0-202009290409.p0",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-ptp:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-service-ca-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-tests:v4.6.0-202010120952.p0"
]
},
"references": [
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-8203",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-8203"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-8203",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-8203"
},
{
"category": "external",
"summary": "https://hackerone.com/reports/712065",
"url": "https://hackerone.com/reports/712065"
},
{
"category": "external",
"summary": "https://www.npmjs.com/advisories/1523",
"url": "https://www.npmjs.com/advisories/1523"
},
{
"category": "external",
"summary": "CVE-2020-8203",
"url": "https://access.redhat.com/security/cve/CVE-2020-8203"
},
{
"category": "external",
"summary": "bz#1857412: CVE-2020-8203 nodejs-lodash: prototype pollution in zipObjectDeep function",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1857412"
}
],
"release_date": "2020-04-27T00:00:00Z",
"remediations": [
{
"category": "vendor_fix",
"details": "For OpenShift Container Platform 4.6 see the following documentation, which\nwill be updated shortly for this release, for important instructions on how\nto upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.6/release_notes/ocp-4-6-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.6/updating/updating-cluster-cli.html.",
"product_ids": [
"8Base-RHOSE-4.6:openshift4/ose-metering-presto:v4.6.0-202010200139.p0"
],
"url": "https://access.redhat.com/errata/RHSA-2020:4298"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-RHOSE-4.6:openshift4/ose-metering-presto:v4.6.0-202010200139.p0"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-07-15T00:00:00Z",
"details": "Moderate"
}
],
"title": "CVE-2020-8203 nodejs-lodash: prototype pollution in zipObjectDeep function"
},
{
"acknowledgments": [
{
"names": [
"the Kubernetes Product Security Committee"
]
},
{
"names": [
"Wouter ter Maat"
],
"organization": "Offensi",
"summary": "Acknowledged by upstream."
}
],
"cve": "CVE-2020-8559",
"cwe": {
"id": "CWE-601",
"name": "URL Redirection to Untrusted Site (\u0027Open Redirect\u0027)"
},
"discovery_date": "2020-06-26T00:00:00Z",
"flags": [
{
"label": "component_not_present",
"product_ids": [
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-aws-machine-controllers:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-azure-machine-controllers:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cli-artifacts:v4.6.0-202010080605.p0",
"8Base-RHOSE-4.6:openshift4/ose-cli:v4.6.0-202010080605.p0",
"8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler:v4.6.0-202009291152.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator:v4.6.0-202010062159.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator:v4.6.0-202010090300.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator:v4.6.0-202010081538.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator:v4.6.0-202009290409.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-console-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-console:v4.6.0-202010100121.p0",
"8Base-RHOSE-4.6:openshift4/ose-coredns:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-descheduler:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-docker-builder:v4.6.0-202010120952.p0",
"8Base-RHOSE-4.6:openshift4/ose-docker-registry:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-etcd:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-grafana:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-installer:v4.6.0-202010081843.p0",
"8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-machine-config-operator:v4.6.0-202010220220.p0",
"8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-metering-presto:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-metering-reporting-operator:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-multus-cni:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8:v4.6.0-202010012244.p0",
"8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8:v4.6.0-202010011936.p0",
"8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-oauth-proxy:v4.6.0-202010010929.p0",
"8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager:v4.6.0-202010130555.p0",
"8Base-RHOSE-4.6:openshift4/ose-operator-marketplace:v4.6.0-202010081538.p0",
"8Base-RHOSE-4.6:openshift4/ose-operator-registry:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-prometheus:v4.6.0-202009290409.p0",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-ptp:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-service-ca-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-tests:v4.6.0-202010120952.p0"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla",
"text": "https://bugzilla.redhat.com/show_bug.cgi?id=1851422"
}
],
"notes": [
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
},
{
"category": "description",
"text": "A flaw was found in the Kubernetes API server, where it allows an attacker to escalate their privileges from a compromised node. This flaw allows an attacker who can intercept requests on a compromised node, to redirect those requests, along with their credentials, to perform actions on other endpoints that trust those credentials (including other clusters), allowing for escalation of privileges. The highest threat from this vulnerability is to confidentiality, integrity, and system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kubernetes: compromised node could escalate to cluster level privileges",
"title": "Vulnerability summary"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-4.6:openshift4/ose-hyperkube:v4.6.0-202010081843.p0"
],
"known_not_affected": [
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-aws-machine-controllers:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-azure-machine-controllers:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cli-artifacts:v4.6.0-202010080605.p0",
"8Base-RHOSE-4.6:openshift4/ose-cli:v4.6.0-202010080605.p0",
"8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler:v4.6.0-202009291152.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator:v4.6.0-202010062159.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator:v4.6.0-202010090300.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator:v4.6.0-202010081538.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator:v4.6.0-202009290409.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-console-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-console:v4.6.0-202010100121.p0",
"8Base-RHOSE-4.6:openshift4/ose-coredns:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-descheduler:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-docker-builder:v4.6.0-202010120952.p0",
"8Base-RHOSE-4.6:openshift4/ose-docker-registry:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-etcd:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-grafana:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-installer:v4.6.0-202010081843.p0",
"8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-machine-config-operator:v4.6.0-202010220220.p0",
"8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-metering-presto:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-metering-reporting-operator:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-multus-cni:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8:v4.6.0-202010012244.p0",
"8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8:v4.6.0-202010011936.p0",
"8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-oauth-proxy:v4.6.0-202010010929.p0",
"8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager:v4.6.0-202010130555.p0",
"8Base-RHOSE-4.6:openshift4/ose-operator-marketplace:v4.6.0-202010081538.p0",
"8Base-RHOSE-4.6:openshift4/ose-operator-registry:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-prometheus:v4.6.0-202009290409.p0",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-ptp:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-service-ca-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-tests:v4.6.0-202010120952.p0"
]
},
"references": [
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-8559",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-8559"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-8559",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-8559"
},
{
"category": "external",
"summary": "https://groups.google.com/g/kubernetes-security-announce/c/JAIGG5yNROs",
"url": "https://groups.google.com/g/kubernetes-security-announce/c/JAIGG5yNROs"
},
{
"category": "external",
"summary": "CVE-2020-8559",
"url": "https://access.redhat.com/security/cve/CVE-2020-8559"
},
{
"category": "external",
"summary": "bz#1851422: CVE-2020-8559 kubernetes: compromised node could escalate to cluster level privileges",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1851422"
}
],
"release_date": "2020-07-15T00:00:00Z",
"remediations": [
{
"category": "vendor_fix",
"details": "For OpenShift Container Platform 4.6 see the following documentation, which\nwill be updated shortly for this release, for important instructions on how\nto upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.6/release_notes/ocp-4-6-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.6/updating/updating-cluster-cli.html.",
"product_ids": [
"8Base-RHOSE-4.6:openshift4/ose-hyperkube:v4.6.0-202010081843.p0"
],
"url": "https://access.redhat.com/errata/RHSA-2020:4298"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-RHOSE-4.6:openshift4/ose-hyperkube:v4.6.0-202010081843.p0"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-06-26T00:00:00Z",
"details": "Moderate"
}
],
"title": "CVE-2020-8559 kubernetes: compromised node could escalate to cluster level privileges"
},
{
"cve": "CVE-2020-9283",
"cwe": {
"id": "CWE-130",
"name": "Improper Handling of Length Parameter Inconsistency"
},
"discovery_date": "2020-02-19T00:00:00Z",
"flags": [
{
"label": "component_not_present",
"product_ids": [
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-aws-machine-controllers:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-azure-machine-controllers:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cli-artifacts:v4.6.0-202010080605.p0",
"8Base-RHOSE-4.6:openshift4/ose-cli:v4.6.0-202010080605.p0",
"8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler:v4.6.0-202009291152.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator:v4.6.0-202010062159.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator:v4.6.0-202010090300.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator:v4.6.0-202010081538.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator:v4.6.0-202009290409.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-console-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-console:v4.6.0-202010100121.p0",
"8Base-RHOSE-4.6:openshift4/ose-coredns:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-descheduler:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-docker-builder:v4.6.0-202010120952.p0",
"8Base-RHOSE-4.6:openshift4/ose-docker-registry:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-etcd:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-grafana:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-hyperkube:v4.6.0-202010081843.p0",
"8Base-RHOSE-4.6:openshift4/ose-installer:v4.6.0-202010081843.p0",
"8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-machine-config-operator:v4.6.0-202010220220.p0",
"8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-metering-presto:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-metering-reporting-operator:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-multus-cni:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8:v4.6.0-202010012244.p0",
"8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8:v4.6.0-202010011936.p0",
"8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-oauth-proxy:v4.6.0-202010010929.p0",
"8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager:v4.6.0-202010130555.p0",
"8Base-RHOSE-4.6:openshift4/ose-operator-marketplace:v4.6.0-202010081538.p0",
"8Base-RHOSE-4.6:openshift4/ose-operator-registry:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-prometheus:v4.6.0-202009290409.p0",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-ptp:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-service-ca-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-tests:v4.6.0-202010120952.p0"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla",
"text": "https://bugzilla.redhat.com/show_bug.cgi?id=1804533"
}
],
"notes": [
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
},
{
"category": "description",
"text": "A denial of service vulnerability was found in the SSH package of the golang.org/x/crypto library. An attacker could exploit this flaw by supplying crafted SSH ed25519 keys to cause a crash in applications that use this package as either an SSH client or server.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang.org/x/crypto: Processing of crafted ssh-ed25519 public keys allows for panic",
"title": "Vulnerability summary"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator:v4.6.0-202010200139.p0"
],
"known_not_affected": [
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-aws-machine-controllers:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-azure-machine-controllers:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cli-artifacts:v4.6.0-202010080605.p0",
"8Base-RHOSE-4.6:openshift4/ose-cli:v4.6.0-202010080605.p0",
"8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler:v4.6.0-202009291152.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator:v4.6.0-202010062159.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator:v4.6.0-202010090300.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator:v4.6.0-202010081538.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator:v4.6.0-202009290409.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-console-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-console:v4.6.0-202010100121.p0",
"8Base-RHOSE-4.6:openshift4/ose-coredns:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-descheduler:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-docker-builder:v4.6.0-202010120952.p0",
"8Base-RHOSE-4.6:openshift4/ose-docker-registry:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-etcd:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-grafana:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-hyperkube:v4.6.0-202010081843.p0",
"8Base-RHOSE-4.6:openshift4/ose-installer:v4.6.0-202010081843.p0",
"8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-machine-config-operator:v4.6.0-202010220220.p0",
"8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-metering-presto:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-metering-reporting-operator:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-multus-cni:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8:v4.6.0-202010012244.p0",
"8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8:v4.6.0-202010011936.p0",
"8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-oauth-proxy:v4.6.0-202010010929.p0",
"8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager:v4.6.0-202010130555.p0",
"8Base-RHOSE-4.6:openshift4/ose-operator-marketplace:v4.6.0-202010081538.p0",
"8Base-RHOSE-4.6:openshift4/ose-operator-registry:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-prometheus:v4.6.0-202009290409.p0",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-ptp:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-service-ca-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-tests:v4.6.0-202010120952.p0"
]
},
"references": [
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-9283",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-9283"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-9283",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-9283"
},
{
"category": "external",
"summary": "https://groups.google.com/forum/#!topic/golang-announce/3L45YRc91SY",
"url": "https://groups.google.com/forum/#!topic/golang-announce/3L45YRc91SY"
},
{
"category": "external",
"summary": "CVE-2020-9283",
"url": "https://access.redhat.com/security/cve/CVE-2020-9283"
},
{
"category": "external",
"summary": "bz#1804533: CVE-2020-9283 golang.org/x/crypto: Processing of crafted ssh-ed25519 public keys allows for panic",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1804533"
}
],
"release_date": "2020-02-21T00:00:00Z",
"remediations": [
{
"category": "vendor_fix",
"details": "For OpenShift Container Platform 4.6 see the following documentation, which\nwill be updated shortly for this release, for important instructions on how\nto upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.6/release_notes/ocp-4-6-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.6/updating/updating-cluster-cli.html.",
"product_ids": [
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator:v4.6.0-202010200139.p0"
],
"url": "https://access.redhat.com/errata/RHSA-2020:4298"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator:v4.6.0-202010200139.p0"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-02-19T00:00:00Z",
"details": "Important"
}
],
"title": "CVE-2020-9283 golang.org/x/crypto: Processing of crafted ssh-ed25519 public keys allows for panic"
},
{
"cve": "CVE-2020-10715",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2019-10-18T00:00:00Z",
"flags": [
{
"label": "component_not_present",
"product_ids": [
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-aws-machine-controllers:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-azure-machine-controllers:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cli-artifacts:v4.6.0-202010080605.p0",
"8Base-RHOSE-4.6:openshift4/ose-cli:v4.6.0-202010080605.p0",
"8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler:v4.6.0-202009291152.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator:v4.6.0-202010062159.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator:v4.6.0-202010090300.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator:v4.6.0-202010081538.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator:v4.6.0-202009290409.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-console-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-coredns:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-descheduler:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-docker-builder:v4.6.0-202010120952.p0",
"8Base-RHOSE-4.6:openshift4/ose-docker-registry:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-etcd:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-grafana:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-hyperkube:v4.6.0-202010081843.p0",
"8Base-RHOSE-4.6:openshift4/ose-installer:v4.6.0-202010081843.p0",
"8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-machine-config-operator:v4.6.0-202010220220.p0",
"8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-metering-presto:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-metering-reporting-operator:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-multus-cni:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8:v4.6.0-202010012244.p0",
"8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8:v4.6.0-202010011936.p0",
"8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-oauth-proxy:v4.6.0-202010010929.p0",
"8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager:v4.6.0-202010130555.p0",
"8Base-RHOSE-4.6:openshift4/ose-operator-marketplace:v4.6.0-202010081538.p0",
"8Base-RHOSE-4.6:openshift4/ose-operator-registry:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-prometheus:v4.6.0-202009290409.p0",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-ptp:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-service-ca-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-tests:v4.6.0-202010120952.p0"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla",
"text": "https://bugzilla.redhat.com/show_bug.cgi?id=1767665"
}
],
"notes": [
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
},
{
"category": "description",
"text": "A content spoofing vulnerability was found in the openshift/console. This flaw allows an attacker to craft a URL and inject arbitrary text onto the error page that appears to be from the OpenShift instance. This attack could potentially convince a user that the inserted text is legitimate.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "openshift/console: text injection on error page via crafted url",
"title": "Vulnerability summary"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-4.6:openshift4/ose-console:v4.6.0-202010100121.p0"
],
"known_not_affected": [
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-aws-machine-controllers:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-azure-machine-controllers:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cli-artifacts:v4.6.0-202010080605.p0",
"8Base-RHOSE-4.6:openshift4/ose-cli:v4.6.0-202010080605.p0",
"8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler:v4.6.0-202009291152.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator:v4.6.0-202010062159.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator:v4.6.0-202010090300.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator:v4.6.0-202010081538.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator:v4.6.0-202009290409.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-console-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-coredns:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-descheduler:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-docker-builder:v4.6.0-202010120952.p0",
"8Base-RHOSE-4.6:openshift4/ose-docker-registry:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-etcd:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-grafana:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-hyperkube:v4.6.0-202010081843.p0",
"8Base-RHOSE-4.6:openshift4/ose-installer:v4.6.0-202010081843.p0",
"8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-machine-config-operator:v4.6.0-202010220220.p0",
"8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-metering-presto:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-metering-reporting-operator:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-multus-cni:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8:v4.6.0-202010012244.p0",
"8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8:v4.6.0-202010011936.p0",
"8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-oauth-proxy:v4.6.0-202010010929.p0",
"8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager:v4.6.0-202010130555.p0",
"8Base-RHOSE-4.6:openshift4/ose-operator-marketplace:v4.6.0-202010081538.p0",
"8Base-RHOSE-4.6:openshift4/ose-operator-registry:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-prometheus:v4.6.0-202009290409.p0",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-ptp:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-service-ca-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-tests:v4.6.0-202010120952.p0"
]
},
"references": [
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-10715",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-10715"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-10715",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-10715"
},
{
"category": "external",
"summary": "CVE-2020-10715",
"url": "https://access.redhat.com/security/cve/CVE-2020-10715"
},
{
"category": "external",
"summary": "bz#1767665: CVE-2020-10715 openshift/console: text injection on error page via crafted url",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1767665"
}
],
"release_date": "2020-07-27T00:00:00Z",
"remediations": [
{
"category": "vendor_fix",
"details": "For OpenShift Container Platform 4.6 see the following documentation, which\nwill be updated shortly for this release, for important instructions on how\nto upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.6/release_notes/ocp-4-6-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.6/updating/updating-cluster-cli.html.",
"product_ids": [
"8Base-RHOSE-4.6:openshift4/ose-console:v4.6.0-202010100121.p0"
],
"url": "https://access.redhat.com/errata/RHSA-2020:4298"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.1,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N",
"version": "3.0"
},
"products": [
"8Base-RHOSE-4.6:openshift4/ose-console:v4.6.0-202010100121.p0"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-10-18T00:00:00Z",
"details": "Low"
}
],
"title": "CVE-2020-10715 openshift/console: text injection on error page via crafted url"
},
{
"cve": "CVE-2020-10743",
"cwe": {
"id": "CWE-358",
"name": "Improperly Implemented Security Check for Standard"
},
"discovery_date": "2020-05-05T00:00:00Z",
"flags": [
{
"label": "component_not_present",
"product_ids": [
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-aws-machine-controllers:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-azure-machine-controllers:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cli-artifacts:v4.6.0-202010080605.p0",
"8Base-RHOSE-4.6:openshift4/ose-cli:v4.6.0-202010080605.p0",
"8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler:v4.6.0-202009291152.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator:v4.6.0-202010062159.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator:v4.6.0-202010090300.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator:v4.6.0-202010081538.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator:v4.6.0-202009290409.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-console-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-console:v4.6.0-202010100121.p0",
"8Base-RHOSE-4.6:openshift4/ose-coredns:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-descheduler:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-docker-builder:v4.6.0-202010120952.p0",
"8Base-RHOSE-4.6:openshift4/ose-docker-registry:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-etcd:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-grafana:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-hyperkube:v4.6.0-202010081843.p0",
"8Base-RHOSE-4.6:openshift4/ose-installer:v4.6.0-202010081843.p0",
"8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-machine-config-operator:v4.6.0-202010220220.p0",
"8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-metering-presto:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-metering-reporting-operator:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-multus-cni:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8:v4.6.0-202010012244.p0",
"8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8:v4.6.0-202010011936.p0",
"8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-oauth-proxy:v4.6.0-202010010929.p0",
"8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager:v4.6.0-202010130555.p0",
"8Base-RHOSE-4.6:openshift4/ose-operator-marketplace:v4.6.0-202010081538.p0",
"8Base-RHOSE-4.6:openshift4/ose-operator-registry:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-prometheus:v4.6.0-202009290409.p0",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-ptp:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-service-ca-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-tests:v4.6.0-202010120952.p0"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla",
"text": "https://bugzilla.redhat.com/show_bug.cgi?id=1834550"
}
],
"notes": [
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
},
{
"category": "description",
"text": "It was discovered that OpenShift Container Platform\u0027s (OCP) distribution of Kibana could open in an iframe, which made it possible to intercept and manipulate requests. This flaw allows an attacker to trick a user into performing arbitrary actions in OCP\u0027s distribution of Kibana, such as clickjacking.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kibana: X-Frame-Option not set by default might lead to clickjacking",
"title": "Vulnerability summary"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6:v4.6.0-202010200139.p0"
],
"known_not_affected": [
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-aws-machine-controllers:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-azure-machine-controllers:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cli-artifacts:v4.6.0-202010080605.p0",
"8Base-RHOSE-4.6:openshift4/ose-cli:v4.6.0-202010080605.p0",
"8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler:v4.6.0-202009291152.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator:v4.6.0-202010062159.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator:v4.6.0-202010090300.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator:v4.6.0-202010081538.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator:v4.6.0-202009290409.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-console-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-console:v4.6.0-202010100121.p0",
"8Base-RHOSE-4.6:openshift4/ose-coredns:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-descheduler:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-docker-builder:v4.6.0-202010120952.p0",
"8Base-RHOSE-4.6:openshift4/ose-docker-registry:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-etcd:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-grafana:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-hyperkube:v4.6.0-202010081843.p0",
"8Base-RHOSE-4.6:openshift4/ose-installer:v4.6.0-202010081843.p0",
"8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-machine-config-operator:v4.6.0-202010220220.p0",
"8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-metering-presto:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-metering-reporting-operator:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-multus-cni:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8:v4.6.0-202010012244.p0",
"8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8:v4.6.0-202010011936.p0",
"8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-oauth-proxy:v4.6.0-202010010929.p0",
"8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager:v4.6.0-202010130555.p0",
"8Base-RHOSE-4.6:openshift4/ose-operator-marketplace:v4.6.0-202010081538.p0",
"8Base-RHOSE-4.6:openshift4/ose-operator-registry:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-prometheus:v4.6.0-202009290409.p0",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-ptp:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-service-ca-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-tests:v4.6.0-202010120952.p0"
]
},
"references": [
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-10743",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-10743"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-10743",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-10743"
},
{
"category": "external",
"summary": "CVE-2020-10743",
"url": "https://access.redhat.com/security/cve/CVE-2020-10743"
},
{
"category": "external",
"summary": "bz#1834550: CVE-2020-10743 kibana: X-Frame-Option not set by default might lead to clickjacking",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1834550"
}
],
"release_date": "2020-01-27T00:00:00Z",
"remediations": [
{
"category": "vendor_fix",
"details": "For OpenShift Container Platform 4.6 see the following documentation, which\nwill be updated shortly for this release, for important instructions on how\nto upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.6/release_notes/ocp-4-6-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.6/updating/updating-cluster-cli.html.",
"product_ids": [
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6:v4.6.0-202010200139.p0"
],
"url": "https://access.redhat.com/errata/RHSA-2020:4298"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.1,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6:v4.6.0-202010200139.p0"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-05-05T00:00:00Z",
"details": "Low"
}
],
"title": "CVE-2020-10743 kibana: X-Frame-Option not set by default might lead to clickjacking"
},
{
"cve": "CVE-2020-11022",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2020-04-23T00:00:00Z",
"flags": [
{
"label": "component_not_present",
"product_ids": [
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-aws-machine-controllers:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-azure-machine-controllers:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cli-artifacts:v4.6.0-202010080605.p0",
"8Base-RHOSE-4.6:openshift4/ose-cli:v4.6.0-202010080605.p0",
"8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler:v4.6.0-202009291152.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator:v4.6.0-202010062159.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator:v4.6.0-202010090300.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator:v4.6.0-202010081538.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator:v4.6.0-202009290409.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-console-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-console:v4.6.0-202010100121.p0",
"8Base-RHOSE-4.6:openshift4/ose-coredns:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-descheduler:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-docker-builder:v4.6.0-202010120952.p0",
"8Base-RHOSE-4.6:openshift4/ose-docker-registry:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-etcd:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-hyperkube:v4.6.0-202010081843.p0",
"8Base-RHOSE-4.6:openshift4/ose-installer:v4.6.0-202010081843.p0",
"8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-machine-config-operator:v4.6.0-202010220220.p0",
"8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-metering-presto:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-metering-reporting-operator:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-multus-cni:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8:v4.6.0-202010012244.p0",
"8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8:v4.6.0-202010011936.p0",
"8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-oauth-proxy:v4.6.0-202010010929.p0",
"8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager:v4.6.0-202010130555.p0",
"8Base-RHOSE-4.6:openshift4/ose-operator-marketplace:v4.6.0-202010081538.p0",
"8Base-RHOSE-4.6:openshift4/ose-operator-registry:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-ptp:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-service-ca-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-tests:v4.6.0-202010120952.p0"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla",
"text": "https://bugzilla.redhat.com/show_bug.cgi?id=1828406"
}
],
"notes": [
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
},
{
"category": "description",
"text": "A Cross-site scripting (XSS) vulnerability exists in JQuery. This flaw allows an attacker with the ability to supply input to the \u2018HTML\u2019 function to inject Javascript into the page where that input is rendered, and have it delivered by the browser.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method",
"title": "Vulnerability summary"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-4.6:openshift4/ose-grafana:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-prometheus:v4.6.0-202009290409.p0"
],
"known_not_affected": [
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-aws-machine-controllers:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-azure-machine-controllers:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cli-artifacts:v4.6.0-202010080605.p0",
"8Base-RHOSE-4.6:openshift4/ose-cli:v4.6.0-202010080605.p0",
"8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler:v4.6.0-202009291152.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator:v4.6.0-202010062159.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator:v4.6.0-202010090300.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator:v4.6.0-202010081538.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator:v4.6.0-202009290409.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-console-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-console:v4.6.0-202010100121.p0",
"8Base-RHOSE-4.6:openshift4/ose-coredns:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-descheduler:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-docker-builder:v4.6.0-202010120952.p0",
"8Base-RHOSE-4.6:openshift4/ose-docker-registry:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-etcd:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-hyperkube:v4.6.0-202010081843.p0",
"8Base-RHOSE-4.6:openshift4/ose-installer:v4.6.0-202010081843.p0",
"8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-machine-config-operator:v4.6.0-202010220220.p0",
"8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-metering-presto:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-metering-reporting-operator:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-multus-cni:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8:v4.6.0-202010012244.p0",
"8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8:v4.6.0-202010011936.p0",
"8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-oauth-proxy:v4.6.0-202010010929.p0",
"8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager:v4.6.0-202010130555.p0",
"8Base-RHOSE-4.6:openshift4/ose-operator-marketplace:v4.6.0-202010081538.p0",
"8Base-RHOSE-4.6:openshift4/ose-operator-registry:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-ptp:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-service-ca-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-tests:v4.6.0-202010120952.p0"
]
},
"references": [
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-11022",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11022"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-11022",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-11022"
},
{
"category": "external",
"summary": "https://github.com/advisories/GHSA-gxr4-xjj5-5px2",
"url": "https://github.com/advisories/GHSA-gxr4-xjj5-5px2"
},
{
"category": "external",
"summary": "CVE-2020-11022",
"url": "https://access.redhat.com/security/cve/CVE-2020-11022"
},
{
"category": "external",
"summary": "bz#1828406: CVE-2020-11022 jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1828406"
}
],
"release_date": "2020-04-23T00:00:00Z",
"remediations": [
{
"category": "vendor_fix",
"details": "For OpenShift Container Platform 4.6 see the following documentation, which\nwill be updated shortly for this release, for important instructions on how\nto upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.6/release_notes/ocp-4-6-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.6/updating/updating-cluster-cli.html.",
"product_ids": [
"8Base-RHOSE-4.6:openshift4/ose-grafana:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-prometheus:v4.6.0-202009290409.p0"
],
"url": "https://access.redhat.com/errata/RHSA-2020:4298"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"8Base-RHOSE-4.6:openshift4/ose-grafana:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-prometheus:v4.6.0-202009290409.p0"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-04-23T00:00:00Z",
"details": "Moderate"
}
],
"title": "CVE-2020-11022 jquery: Cross-site scripting due to improper injQuery.htmlPrefilter method"
},
{
"cve": "CVE-2020-11023",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2020-06-23T00:00:00Z",
"flags": [
{
"label": "component_not_present",
"product_ids": [
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-aws-machine-controllers:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-azure-machine-controllers:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cli-artifacts:v4.6.0-202010080605.p0",
"8Base-RHOSE-4.6:openshift4/ose-cli:v4.6.0-202010080605.p0",
"8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler:v4.6.0-202009291152.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator:v4.6.0-202010062159.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator:v4.6.0-202010090300.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator:v4.6.0-202010081538.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator:v4.6.0-202009290409.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-console-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-console:v4.6.0-202010100121.p0",
"8Base-RHOSE-4.6:openshift4/ose-coredns:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-descheduler:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-docker-builder:v4.6.0-202010120952.p0",
"8Base-RHOSE-4.6:openshift4/ose-docker-registry:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-etcd:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-hyperkube:v4.6.0-202010081843.p0",
"8Base-RHOSE-4.6:openshift4/ose-installer:v4.6.0-202010081843.p0",
"8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-machine-config-operator:v4.6.0-202010220220.p0",
"8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-metering-presto:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-metering-reporting-operator:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-multus-cni:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8:v4.6.0-202010012244.p0",
"8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8:v4.6.0-202010011936.p0",
"8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-oauth-proxy:v4.6.0-202010010929.p0",
"8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager:v4.6.0-202010130555.p0",
"8Base-RHOSE-4.6:openshift4/ose-operator-marketplace:v4.6.0-202010081538.p0",
"8Base-RHOSE-4.6:openshift4/ose-operator-registry:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-ptp:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-service-ca-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-tests:v4.6.0-202010120952.p0"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla",
"text": "https://bugzilla.redhat.com/show_bug.cgi?id=1850004"
}
],
"notes": [
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
},
{
"category": "description",
"text": "A flaw was found in jQuery. HTML containing \u003coption\u003e elements from untrusted sources are passed, even after sanitizing, to one of jQuery\u0027s DOM manipulation methods, which may execute untrusted code. The highest threat from this vulnerability is to data confidentiality and integrity.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Untrusted code execution via \u003coption\u003e tag in HTML passed to DOM manipulation methods",
"title": "Vulnerability summary"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-4.6:openshift4/ose-grafana:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-prometheus:v4.6.0-202009290409.p0"
],
"known_not_affected": [
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-aws-machine-controllers:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-azure-machine-controllers:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cli-artifacts:v4.6.0-202010080605.p0",
"8Base-RHOSE-4.6:openshift4/ose-cli:v4.6.0-202010080605.p0",
"8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler:v4.6.0-202009291152.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator:v4.6.0-202010062159.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator:v4.6.0-202010090300.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator:v4.6.0-202010081538.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator:v4.6.0-202009290409.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-console-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-console:v4.6.0-202010100121.p0",
"8Base-RHOSE-4.6:openshift4/ose-coredns:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-descheduler:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-docker-builder:v4.6.0-202010120952.p0",
"8Base-RHOSE-4.6:openshift4/ose-docker-registry:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-etcd:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-hyperkube:v4.6.0-202010081843.p0",
"8Base-RHOSE-4.6:openshift4/ose-installer:v4.6.0-202010081843.p0",
"8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-machine-config-operator:v4.6.0-202010220220.p0",
"8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-metering-presto:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-metering-reporting-operator:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-multus-cni:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8:v4.6.0-202010012244.p0",
"8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8:v4.6.0-202010011936.p0",
"8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-oauth-proxy:v4.6.0-202010010929.p0",
"8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager:v4.6.0-202010130555.p0",
"8Base-RHOSE-4.6:openshift4/ose-operator-marketplace:v4.6.0-202010081538.p0",
"8Base-RHOSE-4.6:openshift4/ose-operator-registry:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-ptp:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-service-ca-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-tests:v4.6.0-202010120952.p0"
]
},
"references": [
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-11023",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11023"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-11023",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-11023"
},
{
"category": "external",
"summary": "https://blog.jquery.com/2020/04/10/jquery-3-5-0-released/",
"url": "https://blog.jquery.com/2020/04/10/jquery-3-5-0-released/"
},
{
"category": "external",
"summary": "CVE-2020-11023",
"url": "https://access.redhat.com/security/cve/CVE-2020-11023"
},
{
"category": "external",
"summary": "bz#1850004: Untrusted code execution via \u003coption\u003e tag in HTML passed to DOM manipulation methods",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1850004"
}
],
"release_date": "2020-04-29T00:00:00Z",
"remediations": [
{
"category": "vendor_fix",
"details": "For OpenShift Container Platform 4.6 see the following documentation, which\nwill be updated shortly for this release, for important instructions on how\nto upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.6/release_notes/ocp-4-6-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.6/updating/updating-cluster-cli.html.",
"product_ids": [
"8Base-RHOSE-4.6:openshift4/ose-grafana:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-prometheus:v4.6.0-202009290409.p0"
],
"url": "https://access.redhat.com/errata/RHSA-2020:4298"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"8Base-RHOSE-4.6:openshift4/ose-grafana:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-prometheus:v4.6.0-202009290409.p0"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-06-23T00:00:00Z",
"details": "Moderate"
}
],
"title": "Untrusted code execution via \u003coption\u003e tag in HTML passed to DOM manipulation methods"
},
{
"cve": "CVE-2020-11110",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2020-07-27T00:00:00Z",
"flags": [
{
"label": "component_not_present",
"product_ids": [
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-aws-machine-controllers:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-azure-machine-controllers:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cli-artifacts:v4.6.0-202010080605.p0",
"8Base-RHOSE-4.6:openshift4/ose-cli:v4.6.0-202010080605.p0",
"8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler:v4.6.0-202009291152.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator:v4.6.0-202010062159.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator:v4.6.0-202010090300.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator:v4.6.0-202010081538.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator:v4.6.0-202009290409.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-console-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-console:v4.6.0-202010100121.p0",
"8Base-RHOSE-4.6:openshift4/ose-coredns:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-descheduler:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-docker-builder:v4.6.0-202010120952.p0",
"8Base-RHOSE-4.6:openshift4/ose-docker-registry:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-etcd:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-hyperkube:v4.6.0-202010081843.p0",
"8Base-RHOSE-4.6:openshift4/ose-installer:v4.6.0-202010081843.p0",
"8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-machine-config-operator:v4.6.0-202010220220.p0",
"8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-metering-presto:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-metering-reporting-operator:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-multus-cni:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8:v4.6.0-202010012244.p0",
"8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8:v4.6.0-202010011936.p0",
"8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-oauth-proxy:v4.6.0-202010010929.p0",
"8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager:v4.6.0-202010130555.p0",
"8Base-RHOSE-4.6:openshift4/ose-operator-marketplace:v4.6.0-202010081538.p0",
"8Base-RHOSE-4.6:openshift4/ose-operator-registry:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-prometheus:v4.6.0-202009290409.p0",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-ptp:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-service-ca-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-tests:v4.6.0-202010120952.p0"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla",
"text": "https://bugzilla.redhat.com/show_bug.cgi?id=1861044"
}
],
"notes": [
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
},
{
"category": "description",
"text": "A flaw was found in grafana. The lack of URL sanitizing allows for stored XSS.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "grafana: stored XSS",
"title": "Vulnerability summary"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-4.6:openshift4/ose-grafana:v4.6.0-202010061132.p0"
],
"known_not_affected": [
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-aws-machine-controllers:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-azure-machine-controllers:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cli-artifacts:v4.6.0-202010080605.p0",
"8Base-RHOSE-4.6:openshift4/ose-cli:v4.6.0-202010080605.p0",
"8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler:v4.6.0-202009291152.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator:v4.6.0-202010062159.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator:v4.6.0-202010090300.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator:v4.6.0-202010081538.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator:v4.6.0-202009290409.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-console-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-console:v4.6.0-202010100121.p0",
"8Base-RHOSE-4.6:openshift4/ose-coredns:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-descheduler:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-docker-builder:v4.6.0-202010120952.p0",
"8Base-RHOSE-4.6:openshift4/ose-docker-registry:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-etcd:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-hyperkube:v4.6.0-202010081843.p0",
"8Base-RHOSE-4.6:openshift4/ose-installer:v4.6.0-202010081843.p0",
"8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-machine-config-operator:v4.6.0-202010220220.p0",
"8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-metering-presto:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-metering-reporting-operator:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-multus-cni:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8:v4.6.0-202010012244.p0",
"8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8:v4.6.0-202010011936.p0",
"8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-oauth-proxy:v4.6.0-202010010929.p0",
"8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager:v4.6.0-202010130555.p0",
"8Base-RHOSE-4.6:openshift4/ose-operator-marketplace:v4.6.0-202010081538.p0",
"8Base-RHOSE-4.6:openshift4/ose-operator-registry:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-prometheus:v4.6.0-202009290409.p0",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-ptp:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-service-ca-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-tests:v4.6.0-202010120952.p0"
]
},
"references": [
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-11110",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11110"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-11110",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-11110"
},
{
"category": "external",
"summary": "CVE-2020-11110",
"url": "https://access.redhat.com/security/cve/CVE-2020-11110"
},
{
"category": "external",
"summary": "bz#1861044: CVE-2020-11110 grafana: stored XSS",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1861044"
}
],
"release_date": "2020-04-01T00:00:00Z",
"remediations": [
{
"category": "vendor_fix",
"details": "For OpenShift Container Platform 4.6 see the following documentation, which\nwill be updated shortly for this release, for important instructions on how\nto upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.6/release_notes/ocp-4-6-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.6/updating/updating-cluster-cli.html.",
"product_ids": [
"8Base-RHOSE-4.6:openshift4/ose-grafana:v4.6.0-202010061132.p0"
],
"url": "https://access.redhat.com/errata/RHSA-2020:4298"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"8Base-RHOSE-4.6:openshift4/ose-grafana:v4.6.0-202010061132.p0"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-07-27T00:00:00Z",
"details": "Moderate"
}
],
"title": "CVE-2020-11110 grafana: stored XSS"
},
{
"cve": "CVE-2020-12052",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2020-06-17T00:00:00Z",
"flags": [
{
"label": "component_not_present",
"product_ids": [
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-aws-machine-controllers:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-azure-machine-controllers:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cli-artifacts:v4.6.0-202010080605.p0",
"8Base-RHOSE-4.6:openshift4/ose-cli:v4.6.0-202010080605.p0",
"8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler:v4.6.0-202009291152.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator:v4.6.0-202010062159.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator:v4.6.0-202010090300.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator:v4.6.0-202010081538.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator:v4.6.0-202009290409.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-console-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-console:v4.6.0-202010100121.p0",
"8Base-RHOSE-4.6:openshift4/ose-coredns:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-descheduler:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-docker-builder:v4.6.0-202010120952.p0",
"8Base-RHOSE-4.6:openshift4/ose-docker-registry:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-etcd:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-hyperkube:v4.6.0-202010081843.p0",
"8Base-RHOSE-4.6:openshift4/ose-installer:v4.6.0-202010081843.p0",
"8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-machine-config-operator:v4.6.0-202010220220.p0",
"8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-metering-presto:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-metering-reporting-operator:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-multus-cni:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8:v4.6.0-202010012244.p0",
"8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8:v4.6.0-202010011936.p0",
"8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-oauth-proxy:v4.6.0-202010010929.p0",
"8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager:v4.6.0-202010130555.p0",
"8Base-RHOSE-4.6:openshift4/ose-operator-marketplace:v4.6.0-202010081538.p0",
"8Base-RHOSE-4.6:openshift4/ose-operator-registry:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-prometheus:v4.6.0-202009290409.p0",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-ptp:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-service-ca-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-tests:v4.6.0-202010120952.p0"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla",
"text": "https://bugzilla.redhat.com/show_bug.cgi?id=1848089"
}
],
"notes": [
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
},
{
"category": "description",
"text": "A flaw was found in grafana. The software is vulnerable to an annotation popup XSS.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "grafana: XSS annotation popup vulnerability",
"title": "Vulnerability summary"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-4.6:openshift4/ose-grafana:v4.6.0-202010061132.p0"
],
"known_not_affected": [
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-aws-machine-controllers:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-azure-machine-controllers:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cli-artifacts:v4.6.0-202010080605.p0",
"8Base-RHOSE-4.6:openshift4/ose-cli:v4.6.0-202010080605.p0",
"8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler:v4.6.0-202009291152.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator:v4.6.0-202010062159.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator:v4.6.0-202010090300.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator:v4.6.0-202010081538.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator:v4.6.0-202009290409.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-console-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-console:v4.6.0-202010100121.p0",
"8Base-RHOSE-4.6:openshift4/ose-coredns:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-descheduler:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-docker-builder:v4.6.0-202010120952.p0",
"8Base-RHOSE-4.6:openshift4/ose-docker-registry:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-etcd:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-hyperkube:v4.6.0-202010081843.p0",
"8Base-RHOSE-4.6:openshift4/ose-installer:v4.6.0-202010081843.p0",
"8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-machine-config-operator:v4.6.0-202010220220.p0",
"8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-metering-presto:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-metering-reporting-operator:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-multus-cni:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8:v4.6.0-202010012244.p0",
"8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8:v4.6.0-202010011936.p0",
"8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-oauth-proxy:v4.6.0-202010010929.p0",
"8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager:v4.6.0-202010130555.p0",
"8Base-RHOSE-4.6:openshift4/ose-operator-marketplace:v4.6.0-202010081538.p0",
"8Base-RHOSE-4.6:openshift4/ose-operator-registry:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-prometheus:v4.6.0-202009290409.p0",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-ptp:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-service-ca-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-tests:v4.6.0-202010120952.p0"
]
},
"references": [
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-12052",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-12052"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-12052",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-12052"
},
{
"category": "external",
"summary": "CVE-2020-12052",
"url": "https://access.redhat.com/security/cve/CVE-2020-12052"
},
{
"category": "external",
"summary": "bz#1848089: CVE-2020-12052 grafana: XSS annotation popup vulnerability",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1848089"
}
],
"release_date": "2020-04-27T00:00:00Z",
"remediations": [
{
"category": "vendor_fix",
"details": "For OpenShift Container Platform 4.6 see the following documentation, which\nwill be updated shortly for this release, for important instructions on how\nto upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.6/release_notes/ocp-4-6-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.6/updating/updating-cluster-cli.html.",
"product_ids": [
"8Base-RHOSE-4.6:openshift4/ose-grafana:v4.6.0-202010061132.p0"
],
"url": "https://access.redhat.com/errata/RHSA-2020:4298"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"8Base-RHOSE-4.6:openshift4/ose-grafana:v4.6.0-202010061132.p0"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-06-17T00:00:00Z",
"details": "Moderate"
}
],
"title": "CVE-2020-12052 grafana: XSS annotation popup vulnerability"
},
{
"cve": "CVE-2020-12245",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2020-04-25T00:00:00Z",
"flags": [
{
"label": "component_not_present",
"product_ids": [
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-aws-machine-controllers:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-azure-machine-controllers:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cli-artifacts:v4.6.0-202010080605.p0",
"8Base-RHOSE-4.6:openshift4/ose-cli:v4.6.0-202010080605.p0",
"8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler:v4.6.0-202009291152.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator:v4.6.0-202010062159.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator:v4.6.0-202010090300.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator:v4.6.0-202010081538.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator:v4.6.0-202009290409.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-console-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-console:v4.6.0-202010100121.p0",
"8Base-RHOSE-4.6:openshift4/ose-coredns:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-descheduler:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-docker-builder:v4.6.0-202010120952.p0",
"8Base-RHOSE-4.6:openshift4/ose-docker-registry:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-etcd:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-hyperkube:v4.6.0-202010081843.p0",
"8Base-RHOSE-4.6:openshift4/ose-installer:v4.6.0-202010081843.p0",
"8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-machine-config-operator:v4.6.0-202010220220.p0",
"8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-metering-presto:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-metering-reporting-operator:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-multus-cni:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8:v4.6.0-202010012244.p0",
"8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8:v4.6.0-202010011936.p0",
"8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-oauth-proxy:v4.6.0-202010010929.p0",
"8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager:v4.6.0-202010130555.p0",
"8Base-RHOSE-4.6:openshift4/ose-operator-marketplace:v4.6.0-202010081538.p0",
"8Base-RHOSE-4.6:openshift4/ose-operator-registry:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-prometheus:v4.6.0-202009290409.p0",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-ptp:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-service-ca-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-tests:v4.6.0-202010120952.p0"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla",
"text": "https://bugzilla.redhat.com/show_bug.cgi?id=1848643"
}
],
"notes": [
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
},
{
"category": "description",
"text": "A flaw was found in grafana. A XSS is possible in table-panel via column.title or cellLinkTooltip.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "grafana: XSS via column.title or cellLinkTooltip",
"title": "Vulnerability summary"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-4.6:openshift4/ose-grafana:v4.6.0-202010061132.p0"
],
"known_not_affected": [
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-aws-machine-controllers:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-azure-machine-controllers:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cli-artifacts:v4.6.0-202010080605.p0",
"8Base-RHOSE-4.6:openshift4/ose-cli:v4.6.0-202010080605.p0",
"8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler:v4.6.0-202009291152.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator:v4.6.0-202010062159.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator:v4.6.0-202010090300.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator:v4.6.0-202010081538.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator:v4.6.0-202009290409.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-console-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-console:v4.6.0-202010100121.p0",
"8Base-RHOSE-4.6:openshift4/ose-coredns:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-descheduler:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-docker-builder:v4.6.0-202010120952.p0",
"8Base-RHOSE-4.6:openshift4/ose-docker-registry:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-etcd:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-hyperkube:v4.6.0-202010081843.p0",
"8Base-RHOSE-4.6:openshift4/ose-installer:v4.6.0-202010081843.p0",
"8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-machine-config-operator:v4.6.0-202010220220.p0",
"8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-metering-presto:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-metering-reporting-operator:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-multus-cni:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8:v4.6.0-202010012244.p0",
"8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8:v4.6.0-202010011936.p0",
"8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-oauth-proxy:v4.6.0-202010010929.p0",
"8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager:v4.6.0-202010130555.p0",
"8Base-RHOSE-4.6:openshift4/ose-operator-marketplace:v4.6.0-202010081538.p0",
"8Base-RHOSE-4.6:openshift4/ose-operator-registry:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-prometheus:v4.6.0-202009290409.p0",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-ptp:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-service-ca-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-tests:v4.6.0-202010120952.p0"
]
},
"references": [
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-12245",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-12245"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-12245",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-12245"
},
{
"category": "external",
"summary": "CVE-2020-12245",
"url": "https://access.redhat.com/security/cve/CVE-2020-12245"
},
{
"category": "external",
"summary": "bz#1848643: CVE-2020-12245 grafana: XSS via column.title or cellLinkTooltip",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1848643"
}
],
"release_date": "2020-04-23T00:00:00Z",
"remediations": [
{
"category": "vendor_fix",
"details": "For OpenShift Container Platform 4.6 see the following documentation, which\nwill be updated shortly for this release, for important instructions on how\nto upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.6/release_notes/ocp-4-6-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.6/updating/updating-cluster-cli.html.",
"product_ids": [
"8Base-RHOSE-4.6:openshift4/ose-grafana:v4.6.0-202010061132.p0"
],
"url": "https://access.redhat.com/errata/RHSA-2020:4298"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"8Base-RHOSE-4.6:openshift4/ose-grafana:v4.6.0-202010061132.p0"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-04-25T00:00:00Z",
"details": "Moderate"
}
],
"title": "CVE-2020-12245 grafana: XSS via column.title or cellLinkTooltip"
},
{
"cve": "CVE-2020-13822",
"cwe": {
"id": "CWE-190",
"name": "Integer Overflow or Wraparound"
},
"discovery_date": "2020-06-04T00:00:00Z",
"flags": [
{
"label": "component_not_present",
"product_ids": [
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-aws-machine-controllers:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-azure-machine-controllers:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cli-artifacts:v4.6.0-202010080605.p0",
"8Base-RHOSE-4.6:openshift4/ose-cli:v4.6.0-202010080605.p0",
"8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler:v4.6.0-202009291152.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator:v4.6.0-202010062159.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator:v4.6.0-202010090300.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator:v4.6.0-202010081538.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator:v4.6.0-202009290409.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-console-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-console:v4.6.0-202010100121.p0",
"8Base-RHOSE-4.6:openshift4/ose-coredns:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-descheduler:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-docker-builder:v4.6.0-202010120952.p0",
"8Base-RHOSE-4.6:openshift4/ose-docker-registry:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-etcd:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-hyperkube:v4.6.0-202010081843.p0",
"8Base-RHOSE-4.6:openshift4/ose-installer:v4.6.0-202010081843.p0",
"8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-machine-config-operator:v4.6.0-202010220220.p0",
"8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-metering-presto:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-metering-reporting-operator:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-multus-cni:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8:v4.6.0-202010012244.p0",
"8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8:v4.6.0-202010011936.p0",
"8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-oauth-proxy:v4.6.0-202010010929.p0",
"8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager:v4.6.0-202010130555.p0",
"8Base-RHOSE-4.6:openshift4/ose-operator-marketplace:v4.6.0-202010081538.p0",
"8Base-RHOSE-4.6:openshift4/ose-operator-registry:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-ptp:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-service-ca-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-tests:v4.6.0-202010120952.p0"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla",
"text": "https://bugzilla.redhat.com/show_bug.cgi?id=1848647"
}
],
"notes": [
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
},
{
"category": "description",
"text": "The Elliptic for Node.js allows ECDSA signature malleability via variations in encoding, leading \u0027\\0\u0027 bytes, or integer overflows. This could conceivably have a security-relevant impact if an application relied on a single canonical signature.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "nodejs-elliptic: improper encoding checks allows a certain degree of signature malleability in ECDSA signatures",
"title": "Vulnerability summary"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-4.6:openshift4/ose-grafana:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-prometheus:v4.6.0-202009290409.p0"
],
"known_not_affected": [
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-aws-machine-controllers:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-azure-machine-controllers:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cli-artifacts:v4.6.0-202010080605.p0",
"8Base-RHOSE-4.6:openshift4/ose-cli:v4.6.0-202010080605.p0",
"8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler:v4.6.0-202009291152.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator:v4.6.0-202010062159.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator:v4.6.0-202010090300.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator:v4.6.0-202010081538.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator:v4.6.0-202009290409.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-console-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-console:v4.6.0-202010100121.p0",
"8Base-RHOSE-4.6:openshift4/ose-coredns:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-descheduler:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-docker-builder:v4.6.0-202010120952.p0",
"8Base-RHOSE-4.6:openshift4/ose-docker-registry:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-etcd:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-hyperkube:v4.6.0-202010081843.p0",
"8Base-RHOSE-4.6:openshift4/ose-installer:v4.6.0-202010081843.p0",
"8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-machine-config-operator:v4.6.0-202010220220.p0",
"8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-metering-presto:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-metering-reporting-operator:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-multus-cni:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8:v4.6.0-202010012244.p0",
"8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8:v4.6.0-202010011936.p0",
"8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-oauth-proxy:v4.6.0-202010010929.p0",
"8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager:v4.6.0-202010130555.p0",
"8Base-RHOSE-4.6:openshift4/ose-operator-marketplace:v4.6.0-202010081538.p0",
"8Base-RHOSE-4.6:openshift4/ose-operator-registry:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-ptp:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-service-ca-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-tests:v4.6.0-202010120952.p0"
]
},
"references": [
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-13822",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-13822"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-13822",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-13822"
},
{
"category": "external",
"summary": "https://snyk.io/vuln/SNYK-JS-ELLIPTIC-571484",
"url": "https://snyk.io/vuln/SNYK-JS-ELLIPTIC-571484"
},
{
"category": "external",
"summary": "CVE-2020-13822",
"url": "https://access.redhat.com/security/cve/CVE-2020-13822"
},
{
"category": "external",
"summary": "bz#1848647: CVE-2020-13822 nodejs-elliptic: improper encoding checks allows a certain degree of signature malleability in ECDSA signatures",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1848647"
}
],
"release_date": "2020-06-01T00:00:00Z",
"remediations": [
{
"category": "vendor_fix",
"details": "For OpenShift Container Platform 4.6 see the following documentation, which\nwill be updated shortly for this release, for important instructions on how\nto upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.6/release_notes/ocp-4-6-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.6/updating/updating-cluster-cli.html.",
"product_ids": [
"8Base-RHOSE-4.6:openshift4/ose-grafana:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-prometheus:v4.6.0-202009290409.p0"
],
"url": "https://access.redhat.com/errata/RHSA-2020:4298"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:L",
"version": "3.1"
},
"products": [
"8Base-RHOSE-4.6:openshift4/ose-grafana:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-prometheus:v4.6.0-202009290409.p0"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-06-04T00:00:00Z",
"details": "Moderate"
}
],
"title": "CVE-2020-13822 nodejs-elliptic: improper encoding checks allows a certain degree of signature malleability in ECDSA signatures"
},
{
"cve": "CVE-2020-14040",
"cwe": {
"id": "CWE-835",
"name": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)"
},
"discovery_date": "2020-06-17T00:00:00Z",
"flags": [
{
"label": "component_not_present",
"product_ids": [
"8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-grafana:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-machine-config-operator:v4.6.0-202010220220.p0",
"8Base-RHOSE-4.6:openshift4/ose-metering-presto:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-prometheus:v4.6.0-202009290409.p0",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-ptp:v4.6.0-202010200139.p0"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla",
"text": "https://bugzilla.redhat.com/show_bug.cgi?id=1853652"
}
],
"notes": [
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
},
{
"category": "description",
"text": "A denial of service vulnerability was found in the golang.org/x/text library. A library or application must use one of the vulnerable functions, such as unicode.Transform, transform.String, or transform.Byte, to be susceptible to this vulnerability. If an attacker is able to supply specific characters or strings to the vulnerable application, there is the potential to cause an infinite loop to occur using more memory, resulting in a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang.org/x/text: possibility to trigger an infinite loop in encoding/unicode could lead to crash",
"title": "Vulnerability summary"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-aws-machine-controllers:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-azure-machine-controllers:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cli-artifacts:v4.6.0-202010080605.p0",
"8Base-RHOSE-4.6:openshift4/ose-cli:v4.6.0-202010080605.p0",
"8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler:v4.6.0-202009291152.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator:v4.6.0-202010062159.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator:v4.6.0-202010090300.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator:v4.6.0-202010081538.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator:v4.6.0-202009290409.p0",
"8Base-RHOSE-4.6:openshift4/ose-console-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-console:v4.6.0-202010100121.p0",
"8Base-RHOSE-4.6:openshift4/ose-coredns:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-descheduler:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-docker-builder:v4.6.0-202010120952.p0",
"8Base-RHOSE-4.6:openshift4/ose-docker-registry:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-etcd:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-hyperkube:v4.6.0-202010081843.p0",
"8Base-RHOSE-4.6:openshift4/ose-installer:v4.6.0-202010081843.p0",
"8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-metering-reporting-operator:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-multus-cni:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8:v4.6.0-202010012244.p0",
"8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8:v4.6.0-202010011936.p0",
"8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-oauth-proxy:v4.6.0-202010010929.p0",
"8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager:v4.6.0-202010130555.p0",
"8Base-RHOSE-4.6:openshift4/ose-operator-marketplace:v4.6.0-202010081538.p0",
"8Base-RHOSE-4.6:openshift4/ose-operator-registry:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-service-ca-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-tests:v4.6.0-202010120952.p0"
],
"known_not_affected": [
"8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-grafana:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-machine-config-operator:v4.6.0-202010220220.p0",
"8Base-RHOSE-4.6:openshift4/ose-metering-presto:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-prometheus:v4.6.0-202009290409.p0",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-ptp:v4.6.0-202010200139.p0"
]
},
"references": [
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-14040",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14040"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-14040",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-14040"
},
{
"category": "external",
"summary": "https://github.com/golang/go/issues/39491",
"url": "https://github.com/golang/go/issues/39491"
},
{
"category": "external",
"summary": "https://groups.google.com/forum/#!topic/golang-announce/bXVeAmGOqz0",
"url": "https://groups.google.com/forum/#!topic/golang-announce/bXVeAmGOqz0"
},
{
"category": "external",
"summary": "CVE-2020-14040",
"url": "https://access.redhat.com/security/cve/CVE-2020-14040"
},
{
"category": "external",
"summary": "bz#1853652: CVE-2020-14040 golang.org/x/text: possibility to trigger an infinite loop in encoding/unicode could lead to crash",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1853652"
}
],
"release_date": "2020-06-17T00:00:00Z",
"remediations": [
{
"category": "vendor_fix",
"details": "For OpenShift Container Platform 4.6 see the following documentation, which\nwill be updated shortly for this release, for important instructions on how\nto upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.6/release_notes/ocp-4-6-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.6/updating/updating-cluster-cli.html.",
"product_ids": [
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-aws-machine-controllers:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-azure-machine-controllers:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cli-artifacts:v4.6.0-202010080605.p0",
"8Base-RHOSE-4.6:openshift4/ose-cli:v4.6.0-202010080605.p0",
"8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler:v4.6.0-202009291152.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator:v4.6.0-202010062159.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator:v4.6.0-202010090300.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator:v4.6.0-202010081538.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator:v4.6.0-202009290409.p0",
"8Base-RHOSE-4.6:openshift4/ose-console-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-console:v4.6.0-202010100121.p0",
"8Base-RHOSE-4.6:openshift4/ose-coredns:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-descheduler:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-docker-builder:v4.6.0-202010120952.p0",
"8Base-RHOSE-4.6:openshift4/ose-docker-registry:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-etcd:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-hyperkube:v4.6.0-202010081843.p0",
"8Base-RHOSE-4.6:openshift4/ose-installer:v4.6.0-202010081843.p0",
"8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-metering-reporting-operator:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-multus-cni:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8:v4.6.0-202010012244.p0",
"8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8:v4.6.0-202010011936.p0",
"8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-oauth-proxy:v4.6.0-202010010929.p0",
"8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager:v4.6.0-202010130555.p0",
"8Base-RHOSE-4.6:openshift4/ose-operator-marketplace:v4.6.0-202010081538.p0",
"8Base-RHOSE-4.6:openshift4/ose-operator-registry:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-service-ca-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-tests:v4.6.0-202010120952.p0"
],
"url": "https://access.redhat.com/errata/RHSA-2020:4298"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-aws-machine-controllers:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-azure-machine-controllers:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cli-artifacts:v4.6.0-202010080605.p0",
"8Base-RHOSE-4.6:openshift4/ose-cli:v4.6.0-202010080605.p0",
"8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler:v4.6.0-202009291152.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator:v4.6.0-202010062159.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator:v4.6.0-202010090300.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator:v4.6.0-202010081538.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator:v4.6.0-202009290409.p0",
"8Base-RHOSE-4.6:openshift4/ose-console-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-console:v4.6.0-202010100121.p0",
"8Base-RHOSE-4.6:openshift4/ose-coredns:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-descheduler:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-docker-builder:v4.6.0-202010120952.p0",
"8Base-RHOSE-4.6:openshift4/ose-docker-registry:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-etcd:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-hyperkube:v4.6.0-202010081843.p0",
"8Base-RHOSE-4.6:openshift4/ose-installer:v4.6.0-202010081843.p0",
"8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-metering-reporting-operator:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-multus-cni:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8:v4.6.0-202010012244.p0",
"8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8:v4.6.0-202010011936.p0",
"8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-oauth-proxy:v4.6.0-202010010929.p0",
"8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager:v4.6.0-202010130555.p0",
"8Base-RHOSE-4.6:openshift4/ose-operator-marketplace:v4.6.0-202010081538.p0",
"8Base-RHOSE-4.6:openshift4/ose-operator-registry:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-service-ca-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-tests:v4.6.0-202010120952.p0"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-06-17T00:00:00Z",
"details": "Moderate"
}
],
"title": "CVE-2020-14040 golang.org/x/text: possibility to trigger an infinite loop in encoding/unicode could lead to crash"
},
{
"acknowledgments": [
{
"names": [
"Yuval Kashtan"
],
"organization": "Red Hat",
"summary": "This issue was discovered by Red Hat."
}
],
"cve": "CVE-2020-14336",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2020-06-25T00:00:00Z",
"flags": [
{
"label": "component_not_present",
"product_ids": [
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-aws-machine-controllers:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-azure-machine-controllers:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cli-artifacts:v4.6.0-202010080605.p0",
"8Base-RHOSE-4.6:openshift4/ose-cli:v4.6.0-202010080605.p0",
"8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler:v4.6.0-202009291152.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator:v4.6.0-202010062159.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator:v4.6.0-202010090300.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator:v4.6.0-202010081538.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator:v4.6.0-202009290409.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-console-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-console:v4.6.0-202010100121.p0",
"8Base-RHOSE-4.6:openshift4/ose-coredns:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-descheduler:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-docker-builder:v4.6.0-202010120952.p0",
"8Base-RHOSE-4.6:openshift4/ose-docker-registry:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-etcd:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-grafana:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-hyperkube:v4.6.0-202010081843.p0",
"8Base-RHOSE-4.6:openshift4/ose-installer:v4.6.0-202010081843.p0",
"8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-metering-presto:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-metering-reporting-operator:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-multus-cni:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8:v4.6.0-202010012244.p0",
"8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8:v4.6.0-202010011936.p0",
"8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-oauth-proxy:v4.6.0-202010010929.p0",
"8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager:v4.6.0-202010130555.p0",
"8Base-RHOSE-4.6:openshift4/ose-operator-marketplace:v4.6.0-202010081538.p0",
"8Base-RHOSE-4.6:openshift4/ose-operator-registry:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-prometheus:v4.6.0-202009290409.p0",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-ptp:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-service-ca-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-tests:v4.6.0-202010120952.p0"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla",
"text": "https://bugzilla.redhat.com/show_bug.cgi?id=1858981"
}
],
"notes": [
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
},
{
"category": "description",
"text": "A flaw was found in the Restricted Security Context Constraints (SCC), where it allows pods to craft custom network packets. This flaw allows an attacker to cause a denial of service attack on an OpenShift Container Platform cluster if they can deploy pods. The highest threat from this vulnerability is to system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "openshift: restricted SCC allows pods to craft custom network packets",
"title": "Vulnerability summary"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-4.6:openshift4/ose-machine-config-operator:v4.6.0-202010220220.p0"
],
"known_not_affected": [
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-aws-machine-controllers:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-azure-machine-controllers:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cli-artifacts:v4.6.0-202010080605.p0",
"8Base-RHOSE-4.6:openshift4/ose-cli:v4.6.0-202010080605.p0",
"8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler:v4.6.0-202009291152.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator:v4.6.0-202010062159.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator:v4.6.0-202010090300.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator:v4.6.0-202010081538.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator:v4.6.0-202009290409.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-console-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-console:v4.6.0-202010100121.p0",
"8Base-RHOSE-4.6:openshift4/ose-coredns:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-descheduler:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-docker-builder:v4.6.0-202010120952.p0",
"8Base-RHOSE-4.6:openshift4/ose-docker-registry:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-etcd:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-grafana:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-hyperkube:v4.6.0-202010081843.p0",
"8Base-RHOSE-4.6:openshift4/ose-installer:v4.6.0-202010081843.p0",
"8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-metering-presto:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-metering-reporting-operator:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-multus-cni:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8:v4.6.0-202010012244.p0",
"8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8:v4.6.0-202010011936.p0",
"8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-oauth-proxy:v4.6.0-202010010929.p0",
"8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager:v4.6.0-202010130555.p0",
"8Base-RHOSE-4.6:openshift4/ose-operator-marketplace:v4.6.0-202010081538.p0",
"8Base-RHOSE-4.6:openshift4/ose-operator-registry:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-prometheus:v4.6.0-202009290409.p0",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-ptp:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-service-ca-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-tests:v4.6.0-202010120952.p0"
]
},
"references": [
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-14336",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14336"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-14336",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-14336"
},
{
"category": "external",
"summary": "CVE-2020-14336",
"url": "https://access.redhat.com/security/cve/CVE-2020-14336"
},
{
"category": "external",
"summary": "bz#1858981: CVE-2020-14336 openshift: restricted SCC allows pods to craft custom network packets",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1858981"
}
],
"release_date": "2020-07-13T00:00:00Z",
"remediations": [
{
"category": "vendor_fix",
"details": "For OpenShift Container Platform 4.6 see the following documentation, which\nwill be updated shortly for this release, for important instructions on how\nto upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.6/release_notes/ocp-4-6-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.6/updating/updating-cluster-cli.html.",
"product_ids": [
"8Base-RHOSE-4.6:openshift4/ose-machine-config-operator:v4.6.0-202010220220.p0"
],
"url": "https://access.redhat.com/errata/RHSA-2020:4298"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 3.1,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"8Base-RHOSE-4.6:openshift4/ose-machine-config-operator:v4.6.0-202010220220.p0"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-06-25T00:00:00Z",
"details": "Low"
}
],
"title": "CVE-2020-14336 openshift: restricted SCC allows pods to craft custom network packets"
},
{
"cve": "CVE-2020-15366",
"cwe": {
"id": "CWE-471",
"name": "Modification of Assumed-Immutable Data (MAID)"
},
"discovery_date": "2020-07-15T00:00:00Z",
"flags": [
{
"label": "component_not_present",
"product_ids": [
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-aws-machine-controllers:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-azure-machine-controllers:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cli-artifacts:v4.6.0-202010080605.p0",
"8Base-RHOSE-4.6:openshift4/ose-cli:v4.6.0-202010080605.p0",
"8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler:v4.6.0-202009291152.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator:v4.6.0-202010062159.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator:v4.6.0-202010090300.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator:v4.6.0-202010081538.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator:v4.6.0-202009290409.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-console-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-coredns:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-descheduler:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-docker-builder:v4.6.0-202010120952.p0",
"8Base-RHOSE-4.6:openshift4/ose-docker-registry:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-etcd:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-grafana:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-hyperkube:v4.6.0-202010081843.p0",
"8Base-RHOSE-4.6:openshift4/ose-installer:v4.6.0-202010081843.p0",
"8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-machine-config-operator:v4.6.0-202010220220.p0",
"8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-metering-presto:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-metering-reporting-operator:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-multus-cni:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8:v4.6.0-202010012244.p0",
"8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8:v4.6.0-202010011936.p0",
"8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-oauth-proxy:v4.6.0-202010010929.p0",
"8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager:v4.6.0-202010130555.p0",
"8Base-RHOSE-4.6:openshift4/ose-operator-marketplace:v4.6.0-202010081538.p0",
"8Base-RHOSE-4.6:openshift4/ose-operator-registry:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-ptp:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-service-ca-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-tests:v4.6.0-202010120952.p0"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla",
"text": "https://bugzilla.redhat.com/show_bug.cgi?id=1857977"
}
],
"notes": [
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
},
{
"category": "description",
"text": "A flaw was found in nodejs-ajv. A carefully crafted JSON schema could be provided that allows execution of other code by prototype pollution. While untrusted schemas are recommended against, the worst case of an untrusted schema should be a denial of service, not execution of code.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "nodejs-ajv: prototype pollution via crafted JSON schema in ajv.validate function",
"title": "Vulnerability summary"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-4.6:openshift4/ose-console:v4.6.0-202010100121.p0",
"8Base-RHOSE-4.6:openshift4/ose-prometheus:v4.6.0-202009290409.p0"
],
"known_not_affected": [
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-aws-machine-controllers:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-azure-machine-controllers:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-machine-controllers:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-rhel8-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-baremetal-runtimecfg-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cli-artifacts:v4.6.0-202010080605.p0",
"8Base-RHOSE-4.6:openshift4/ose-cli:v4.6.0-202010080605.p0",
"8Base-RHOSE-4.6:openshift4/ose-cloud-credential-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-authentication-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-autoscaler:v4.6.0-202009291152.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-config-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-csi-snapshot-controller-rhel8-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-dns-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-etcd-rhel8-operator:v4.6.0-202010062159.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-image-registry-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-apiserver-operator:v4.6.0-202010090300.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-controller-manager-operator:v4.6.0-202010081538.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-scheduler-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-storage-version-migrator-rhel8-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-machine-approver:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-apiserver-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-openshift-controller-manager-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-policy-controller-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-samples-operator:v4.6.0-202009290409.p0",
"8Base-RHOSE-4.6:openshift4/ose-cluster-storage-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-console-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-coredns:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-attacher:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-provisioner:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-resizer:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-external-snapshotter:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-livenessprobe:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-node-driver-registrar:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-csi-snapshot-controller:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-descheduler:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-docker-builder:v4.6.0-202010120952.p0",
"8Base-RHOSE-4.6:openshift4/ose-docker-registry:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-etcd:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-gcp-machine-controllers-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-grafana:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-hyperkube:v4.6.0-202010081843.p0",
"8Base-RHOSE-4.6:openshift4/ose-installer:v4.6.0-202010081843.p0",
"8Base-RHOSE-4.6:openshift4/ose-kube-rbac-proxy:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-kube-storage-version-migrator-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-machine-config-operator:v4.6.0-202010220220.p0",
"8Base-RHOSE-4.6:openshift4/ose-mdns-publisher-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-metering-presto:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-metering-reporting-operator:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-multus-admission-controller:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-multus-cni:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-multus-route-override-cni-rhel8:v4.6.0-202010012244.p0",
"8Base-RHOSE-4.6:openshift4/ose-multus-whereabouts-ipam-cni-rhel8:v4.6.0-202010011936.p0",
"8Base-RHOSE-4.6:openshift4/ose-network-metrics-daemon-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-oauth-apiserver-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-oauth-proxy:v4.6.0-202010010929.p0",
"8Base-RHOSE-4.6:openshift4/ose-openshift-apiserver-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-openshift-controller-manager-rhel8:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-operator-lifecycle-manager:v4.6.0-202010130555.p0",
"8Base-RHOSE-4.6:openshift4/ose-operator-marketplace:v4.6.0-202010081538.p0",
"8Base-RHOSE-4.6:openshift4/ose-operator-registry:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-ptp:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-service-ca-operator:v4.6.0-202010061132.p0",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook:v4.6.0-202010200139.p0",
"8Base-RHOSE-4.6:openshift4/ose-tests:v4.6.0-202010120952.p0"
]
},
"references": [
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-15366",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-15366"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-15366",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-15366"
},
{
"category": "external",
"summary": "https://snyk.io/vuln/SNYK-JS-AJV-584908",
"url": "https://snyk.io/vuln/SNYK-JS-AJV-584908"
},
{
"category": "external",
"summary": "CVE-2020-15366",
"url": "https://access.redhat.com/security/cve/CVE-2020-15366"
},
{
"category": "external",
"summary": "bz#1857977: CVE-2020-15366 nodejs-ajv: prototype pollution via crafted JSON schema in ajv.validate function",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1857977"
}
],
"release_date": "2020-07-04T00:00:00Z",
"remediations": [
{
"category": "vendor_fix",
"details": "For OpenShift Container Platform 4.6 see the following documentation, which\nwill be updated shortly for this release, for important instructions on how\nto upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.6/release_notes/ocp-4-6-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.6/updating/updating-cluster-cli.html.",
"product_ids": [
"8Base-RHOSE-4.6:openshift4/ose-console:v4.6.0-202010100121.p0",
"8Base-RHOSE-4.6:openshift4/ose-prometheus:v4.6.0-202009290409.p0"
],
"url": "https://access.redhat.com/errata/RHSA-2020:4298"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"8Base-RHOSE-4.6:openshift4/ose-console:v4.6.0-202010100121.p0",
"8Base-RHOSE-4.6:openshift4/ose-prometheus:v4.6.0-202009290409.p0"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-07-15T00:00:00Z",
"details": "Moderate"
}
],
"title": "CVE-2020-15366 nodejs-ajv: prototype pollution via crafted JSON schema in ajv.validate function"
}
]
}
Loading...