Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2020-2099 (GCVE-0-2020-2099)
Vulnerability from cvelistv5 – Published: 2020-01-29 15:15 – Updated: 2024-08-04 07:01
VLAI
EPSS
Summary
Jenkins 2.213 and earlier, LTS 2.204.1 and earlier improperly reuses encryption key parameters in the Inbound TCP Agent Protocol/3, allowing unauthorized attackers with knowledge of agent names to obtain the connection secrets for those agents, which can be used to connect to Jenkins, impersonating those agents.
Severity
No CVSS data available.
Assigner
References
6 references
| URL | Tags |
|---|---|
| https://jenkins.io/security/advisory/2020-01-29/#… | x_refsource_CONFIRM |
| http://www.openwall.com/lists/oss-security/2020/01/29/1 | mailing-listx_refsource_MLIST |
| https://access.redhat.com/errata/RHSA-2020:0681 | vendor-advisoryx_refsource_REDHAT |
| https://access.redhat.com/errata/RHSA-2020:0683 | vendor-advisoryx_refsource_REDHAT |
| https://access.redhat.com/errata/RHBA-2020:0402 | vendor-advisoryx_refsource_REDHAT |
| https://access.redhat.com/errata/RHBA-2020:0675 | vendor-advisoryx_refsource_REDHAT |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Jenkins project | Jenkins |
Affected:
unspecified , ≤ 2.213
(custom)
Affected: unspecified , ≤ LTS 2.204.1 (custom) |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T07:01:39.729Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://jenkins.io/security/advisory/2020-01-29/#SECURITY-1682"
},
{
"name": "[oss-security] 20200129 Multiple vulnerabilities in Jenkins and Jenkins plugins",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2020/01/29/1"
},
{
"name": "RHSA-2020:0681",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2020:0681"
},
{
"name": "RHSA-2020:0683",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2020:0683"
},
{
"name": "RHBA-2020:0402",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHBA-2020:0402"
},
{
"name": "RHBA-2020:0675",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHBA-2020:0675"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Jenkins",
"vendor": "Jenkins project",
"versions": [
{
"lessThanOrEqual": "2.213",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "LTS 2.204.1",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Jenkins 2.213 and earlier, LTS 2.204.1 and earlier improperly reuses encryption key parameters in the Inbound TCP Agent Protocol/3, allowing unauthorized attackers with knowledge of agent names to obtain the connection secrets for those agents, which can be used to connect to Jenkins, impersonating those agents."
}
],
"providerMetadata": {
"dateUpdated": "2023-10-24T16:04:53.193Z",
"orgId": "39769cd5-e6e2-4dc8-927e-97b3aa056f5b",
"shortName": "jenkins"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://jenkins.io/security/advisory/2020-01-29/#SECURITY-1682"
},
{
"name": "[oss-security] 20200129 Multiple vulnerabilities in Jenkins and Jenkins plugins",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2020/01/29/1"
},
{
"name": "RHSA-2020:0681",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2020:0681"
},
{
"name": "RHSA-2020:0683",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2020:0683"
},
{
"name": "RHBA-2020:0402",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHBA-2020:0402"
},
{
"name": "RHBA-2020:0675",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHBA-2020:0675"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "jenkinsci-cert@googlegroups.com",
"ID": "CVE-2020-2099",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Jenkins",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "2.213"
},
{
"version_affected": "\u003c=",
"version_value": "LTS 2.204.1"
}
]
}
}
]
},
"vendor_name": "Jenkins project"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Jenkins 2.213 and earlier, LTS 2.204.1 and earlier improperly reuses encryption key parameters in the Inbound TCP Agent Protocol/3, allowing unauthorized attackers with knowledge of agent names to obtain the connection secrets for those agents, which can be used to connect to Jenkins, impersonating those agents."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-323: Reusing a Nonce, Key Pair in Encryption"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://jenkins.io/security/advisory/2020-01-29/#SECURITY-1682",
"refsource": "CONFIRM",
"url": "https://jenkins.io/security/advisory/2020-01-29/#SECURITY-1682"
},
{
"name": "[oss-security] 20200129 Multiple vulnerabilities in Jenkins and Jenkins plugins",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2020/01/29/1"
},
{
"name": "RHSA-2020:0681",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2020:0681"
},
{
"name": "RHSA-2020:0683",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2020:0683"
},
{
"name": "RHBA-2020:0402",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHBA-2020:0402"
},
{
"name": "RHBA-2020:0675",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHBA-2020:0675"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "39769cd5-e6e2-4dc8-927e-97b3aa056f5b",
"assignerShortName": "jenkins",
"cveId": "CVE-2020-2099",
"datePublished": "2020-01-29T15:15:27.000Z",
"dateReserved": "2019-12-05T00:00:00.000Z",
"dateUpdated": "2024-08-04T07:01:39.729Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2020-2099",
"date": "2026-05-29",
"epss": "0.00643",
"percentile": "0.70975"
},
"fkie_nvd": {
"configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:jenkins:jenkins:*:*:*:*:lts:*:*:*\", \"versionEndIncluding\": \"2.204.1\", \"matchCriteriaId\": \"EAACE161-BE2D-4BB8-9795-3D76F19433C1\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:jenkins:jenkins:*:*:*:*:-:*:*:*\", \"versionEndIncluding\": \"2.218\", \"matchCriteriaId\": \"F0F83033-6C48-4AF2-BB2A-157A09D79538\"}]}]}]",
"descriptions": "[{\"lang\": \"en\", \"value\": \"Jenkins 2.213 and earlier, LTS 2.204.1 and earlier improperly reuses encryption key parameters in the Inbound TCP Agent Protocol/3, allowing unauthorized attackers with knowledge of agent names to obtain the connection secrets for those agents, which can be used to connect to Jenkins, impersonating those agents.\"}, {\"lang\": \"es\", \"value\": \"Jenkins versiones 2.213 y anteriores, versiones LTS 2.204.1 y anteriores, reutilizan inapropiadamente los par\\u00e1metros de clave de cifrado en el Inbound TCP Agent Protocol/3, permitiendo a atacantes no autorizados con conocimiento de los nombres de los agentes obtener los secretos de conexi\\u00f3n para esos agentes, que pueden ser usados para conectar con Jenkins , haci\\u00e9ndose pasar por esos agentes.\"}]",
"id": "CVE-2020-2099",
"lastModified": "2024-11-21T05:24:37.080",
"metrics": "{\"cvssMetricV31\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L\", \"baseScore\": 8.6, \"baseSeverity\": \"HIGH\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"LOW\", \"availabilityImpact\": \"LOW\"}, \"exploitabilityScore\": 3.9, \"impactScore\": 4.7}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:L/Au:N/C:P/I:P/A:P\", \"baseScore\": 7.5, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"LOW\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"PARTIAL\", \"integrityImpact\": \"PARTIAL\", \"availabilityImpact\": \"PARTIAL\"}, \"baseSeverity\": \"HIGH\", \"exploitabilityScore\": 10.0, \"impactScore\": 6.4, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
"published": "2020-01-29T16:15:12.037",
"references": "[{\"url\": \"http://www.openwall.com/lists/oss-security/2020/01/29/1\", \"source\": \"jenkinsci-cert@googlegroups.com\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"https://access.redhat.com/errata/RHBA-2020:0402\", \"source\": \"jenkinsci-cert@googlegroups.com\"}, {\"url\": \"https://access.redhat.com/errata/RHBA-2020:0675\", \"source\": \"jenkinsci-cert@googlegroups.com\"}, {\"url\": \"https://access.redhat.com/errata/RHSA-2020:0681\", \"source\": \"jenkinsci-cert@googlegroups.com\"}, {\"url\": \"https://access.redhat.com/errata/RHSA-2020:0683\", \"source\": \"jenkinsci-cert@googlegroups.com\"}, {\"url\": \"https://jenkins.io/security/advisory/2020-01-29/#SECURITY-1682\", \"source\": \"jenkinsci-cert@googlegroups.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2020/01/29/1\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"https://access.redhat.com/errata/RHBA-2020:0402\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://access.redhat.com/errata/RHBA-2020:0675\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://access.redhat.com/errata/RHSA-2020:0681\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://access.redhat.com/errata/RHSA-2020:0683\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://jenkins.io/security/advisory/2020-01-29/#SECURITY-1682\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}]",
"sourceIdentifier": "jenkinsci-cert@googlegroups.com",
"vulnStatus": "Modified",
"weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-330\"}]}]"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2020-2099\",\"sourceIdentifier\":\"jenkinsci-cert@googlegroups.com\",\"published\":\"2020-01-29T16:15:12.037\",\"lastModified\":\"2024-11-21T05:24:37.080\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Jenkins 2.213 and earlier, LTS 2.204.1 and earlier improperly reuses encryption key parameters in the Inbound TCP Agent Protocol/3, allowing unauthorized attackers with knowledge of agent names to obtain the connection secrets for those agents, which can be used to connect to Jenkins, impersonating those agents.\"},{\"lang\":\"es\",\"value\":\"Jenkins versiones 2.213 y anteriores, versiones LTS 2.204.1 y anteriores, reutilizan inapropiadamente los par\u00e1metros de clave de cifrado en el Inbound TCP Agent Protocol/3, permitiendo a atacantes no autorizados con conocimiento de los nombres de los agentes obtener los secretos de conexi\u00f3n para esos agentes, que pueden ser usados para conectar con Jenkins , haci\u00e9ndose pasar por esos agentes.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L\",\"baseScore\":8.6,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"LOW\",\"availabilityImpact\":\"LOW\"},\"exploitabilityScore\":3.9,\"impactScore\":4.7}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:P/I:P/A:P\",\"baseScore\":7.5,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":10.0,\"impactScore\":6.4,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-330\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:jenkins:jenkins:*:*:*:*:lts:*:*:*\",\"versionEndIncluding\":\"2.204.1\",\"matchCriteriaId\":\"EAACE161-BE2D-4BB8-9795-3D76F19433C1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:jenkins:jenkins:*:*:*:*:-:*:*:*\",\"versionEndIncluding\":\"2.218\",\"matchCriteriaId\":\"F0F83033-6C48-4AF2-BB2A-157A09D79538\"}]}]}],\"references\":[{\"url\":\"http://www.openwall.com/lists/oss-security/2020/01/29/1\",\"source\":\"jenkinsci-cert@googlegroups.com\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHBA-2020:0402\",\"source\":\"jenkinsci-cert@googlegroups.com\"},{\"url\":\"https://access.redhat.com/errata/RHBA-2020:0675\",\"source\":\"jenkinsci-cert@googlegroups.com\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2020:0681\",\"source\":\"jenkinsci-cert@googlegroups.com\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2020:0683\",\"source\":\"jenkinsci-cert@googlegroups.com\"},{\"url\":\"https://jenkins.io/security/advisory/2020-01-29/#SECURITY-1682\",\"source\":\"jenkinsci-cert@googlegroups.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2020/01/29/1\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHBA-2020:0402\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://access.redhat.com/errata/RHBA-2020:0675\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2020:0681\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2020:0683\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://jenkins.io/security/advisory/2020-01-29/#SECURITY-1682\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]}]}}"
}
}
bit-jenkins-2020-2099
Vulnerability from bitnami_vulndb
Published
2024-03-06 11:07
Modified
2025-04-03 14:40
Summary
Details
Jenkins 2.213 and earlier, LTS 2.204.1 and earlier improperly reuses encryption key parameters in the Inbound TCP Agent Protocol/3, allowing unauthorized attackers with knowledge of agent names to obtain the connection secrets for those agents, which can be used to connect to Jenkins, impersonating those agents.
{
"affected": [
{
"package": {
"ecosystem": "Bitnami",
"name": "jenkins",
"purl": "pkg:bitnami/jenkins"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "2.218.1"
}
],
"type": "SEMVER"
}
],
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L",
"type": "CVSS_V3"
}
]
}
],
"aliases": [
"CVE-2020-2099"
],
"database_specific": {
"cpes": [
"cpe:2.3:a:jenkins:jenkins:*:*:*:*:-:*:*:*",
"cpe:2.3:a:jenkins:jenkins:*:*:*:*:lts:*:*:*"
],
"severity": "High"
},
"details": "Jenkins 2.213 and earlier, LTS 2.204.1 and earlier improperly reuses encryption key parameters in the Inbound TCP Agent Protocol/3, allowing unauthorized attackers with knowledge of agent names to obtain the connection secrets for those agents, which can be used to connect to Jenkins, impersonating those agents.",
"id": "BIT-jenkins-2020-2099",
"modified": "2025-04-03T14:40:37.652Z",
"published": "2024-03-06T11:07:09.967Z",
"references": [
{
"type": "WEB",
"url": "http://www.openwall.com/lists/oss-security/2020/01/29/1"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHBA-2020:0402"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHBA-2020:0675"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2020:0681"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2020:0683"
},
{
"type": "WEB",
"url": "https://jenkins.io/security/advisory/2020-01-29/#SECURITY-1682"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-2099"
}
],
"schema_version": "1.5.0"
}
Title
CloudBees Jenkins存在未明漏洞
Description
CloudBees Jenkins是美国CloudBees公司的一套基于Java开发的持续集成工具。该产品主要用于监控持续的软件版本发布/测试项目和一些定时执行的任务。
Jenkins中存在安全漏洞。该漏洞是源于网络系统或产品中缺少身份验证、访问控制、权限管理等安全措施。攻击者可利用该漏了解代理名称,以获取这些代理的连接秘密,这些秘密可用于连接到Jenkins。 ,冒充代理商。
Severity
高
Patch Name
CloudBees Jenkins存在未明漏洞的补丁
Patch Description
CloudBees Jenkins是美国CloudBees公司的一套基于Java开发的持续集成工具。该产品主要用于监控持续的软件版本发布/测试项目和一些定时执行的任务。
Jenkins中存在安全漏洞。该漏洞是源于网络系统或产品中缺少身份验证、访问控制、权限管理等安全措施。攻击者可利用该漏了解代理名称,以获取这些代理的连接秘密,这些秘密可用于连接到Jenkins,冒充代理商。目前,供应商发布了安全公告及相关补丁信息,修复了此漏洞。
Formal description
目前厂商已发布升级补丁以修复漏洞,补丁获取链接: https://jenkins.io/security/advisory/2020-01-29/
Reference
http://www.openwall.com/lists/oss-security/2020/01/29/1
Impacted products
| Name | ['CloudBees Jenkins <=2.213', 'CloudBees Jenkins LTS <=2.204.1'] |
|---|
{
"cves": {
"cve": {
"cveNumber": "CVE-2020-2099",
"cveUrl": "https://nvd.nist.gov/vuln/detail/CVE-2020-2099"
}
},
"description": "CloudBees Jenkins\u662f\u7f8e\u56fdCloudBees\u516c\u53f8\u7684\u4e00\u5957\u57fa\u4e8eJava\u5f00\u53d1\u7684\u6301\u7eed\u96c6\u6210\u5de5\u5177\u3002\u8be5\u4ea7\u54c1\u4e3b\u8981\u7528\u4e8e\u76d1\u63a7\u6301\u7eed\u7684\u8f6f\u4ef6\u7248\u672c\u53d1\u5e03/\u6d4b\u8bd5\u9879\u76ee\u548c\u4e00\u4e9b\u5b9a\u65f6\u6267\u884c\u7684\u4efb\u52a1\u3002\n\nJenkins\u4e2d\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\u3002\u8be5\u6f0f\u6d1e\u662f\u6e90\u4e8e\u7f51\u7edc\u7cfb\u7edf\u6216\u4ea7\u54c1\u4e2d\u7f3a\u5c11\u8eab\u4efd\u9a8c\u8bc1\u3001\u8bbf\u95ee\u63a7\u5236\u3001\u6743\u9650\u7ba1\u7406\u7b49\u5b89\u5168\u63aa\u65bd\u3002\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u4e86\u89e3\u4ee3\u7406\u540d\u79f0\uff0c\u4ee5\u83b7\u53d6\u8fd9\u4e9b\u4ee3\u7406\u7684\u8fde\u63a5\u79d8\u5bc6\uff0c\u8fd9\u4e9b\u79d8\u5bc6\u53ef\u7528\u4e8e\u8fde\u63a5\u5230Jenkins\u3002 \uff0c\u5192\u5145\u4ee3\u7406\u5546\u3002",
"formalWay": "\u76ee\u524d\u5382\u5546\u5df2\u53d1\u5e03\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u6f0f\u6d1e\uff0c\u8865\u4e01\u83b7\u53d6\u94fe\u63a5\uff1a\r\nhttps://jenkins.io/security/advisory/2020-01-29/",
"isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
"number": "CNVD-2020-17200",
"openTime": "2020-03-16",
"patchDescription": "CloudBees Jenkins\u662f\u7f8e\u56fdCloudBees\u516c\u53f8\u7684\u4e00\u5957\u57fa\u4e8eJava\u5f00\u53d1\u7684\u6301\u7eed\u96c6\u6210\u5de5\u5177\u3002\u8be5\u4ea7\u54c1\u4e3b\u8981\u7528\u4e8e\u76d1\u63a7\u6301\u7eed\u7684\u8f6f\u4ef6\u7248\u672c\u53d1\u5e03/\u6d4b\u8bd5\u9879\u76ee\u548c\u4e00\u4e9b\u5b9a\u65f6\u6267\u884c\u7684\u4efb\u52a1\u3002\r\n\r\nJenkins\u4e2d\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\u3002\u8be5\u6f0f\u6d1e\u662f\u6e90\u4e8e\u7f51\u7edc\u7cfb\u7edf\u6216\u4ea7\u54c1\u4e2d\u7f3a\u5c11\u8eab\u4efd\u9a8c\u8bc1\u3001\u8bbf\u95ee\u63a7\u5236\u3001\u6743\u9650\u7ba1\u7406\u7b49\u5b89\u5168\u63aa\u65bd\u3002\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u4e86\u89e3\u4ee3\u7406\u540d\u79f0\uff0c\u4ee5\u83b7\u53d6\u8fd9\u4e9b\u4ee3\u7406\u7684\u8fde\u63a5\u79d8\u5bc6\uff0c\u8fd9\u4e9b\u79d8\u5bc6\u53ef\u7528\u4e8e\u8fde\u63a5\u5230Jenkins\uff0c\u5192\u5145\u4ee3\u7406\u5546\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
"patchName": "CloudBees Jenkins\u5b58\u5728\u672a\u660e\u6f0f\u6d1e\u7684\u8865\u4e01",
"products": {
"product": [
"CloudBees Jenkins \u003c=2.213",
"CloudBees Jenkins LTS \u003c=2.204.1"
]
},
"referenceLink": "http://www.openwall.com/lists/oss-security/2020/01/29/1",
"serverity": "\u9ad8",
"submitTime": "2020-02-14",
"title": "CloudBees Jenkins\u5b58\u5728\u672a\u660e\u6f0f\u6d1e"
}
FKIE_CVE-2020-2099
Vulnerability from fkie_nvd - Published: 2020-01-29 16:15 - Updated: 2024-11-21 05:24
Severity
Summary
Jenkins 2.213 and earlier, LTS 2.204.1 and earlier improperly reuses encryption key parameters in the Inbound TCP Agent Protocol/3, allowing unauthorized attackers with knowledge of agent names to obtain the connection secrets for those agents, which can be used to connect to Jenkins, impersonating those agents.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:jenkins:jenkins:*:*:*:*:lts:*:*:*",
"matchCriteriaId": "EAACE161-BE2D-4BB8-9795-3D76F19433C1",
"versionEndIncluding": "2.204.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:jenkins:jenkins:*:*:*:*:-:*:*:*",
"matchCriteriaId": "F0F83033-6C48-4AF2-BB2A-157A09D79538",
"versionEndIncluding": "2.218",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Jenkins 2.213 and earlier, LTS 2.204.1 and earlier improperly reuses encryption key parameters in the Inbound TCP Agent Protocol/3, allowing unauthorized attackers with knowledge of agent names to obtain the connection secrets for those agents, which can be used to connect to Jenkins, impersonating those agents."
},
{
"lang": "es",
"value": "Jenkins versiones 2.213 y anteriores, versiones LTS 2.204.1 y anteriores, reutilizan inapropiadamente los par\u00e1metros de clave de cifrado en el Inbound TCP Agent Protocol/3, permitiendo a atacantes no autorizados con conocimiento de los nombres de los agentes obtener los secretos de conexi\u00f3n para esos agentes, que pueden ser usados para conectar con Jenkins , haci\u00e9ndose pasar por esos agentes."
}
],
"id": "CVE-2020-2099",
"lastModified": "2024-11-21T05:24:37.080",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 4.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-01-29T16:15:12.037",
"references": [
{
"source": "jenkinsci-cert@googlegroups.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2020/01/29/1"
},
{
"source": "jenkinsci-cert@googlegroups.com",
"url": "https://access.redhat.com/errata/RHBA-2020:0402"
},
{
"source": "jenkinsci-cert@googlegroups.com",
"url": "https://access.redhat.com/errata/RHBA-2020:0675"
},
{
"source": "jenkinsci-cert@googlegroups.com",
"url": "https://access.redhat.com/errata/RHSA-2020:0681"
},
{
"source": "jenkinsci-cert@googlegroups.com",
"url": "https://access.redhat.com/errata/RHSA-2020:0683"
},
{
"source": "jenkinsci-cert@googlegroups.com",
"tags": [
"Vendor Advisory"
],
"url": "https://jenkins.io/security/advisory/2020-01-29/#SECURITY-1682"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2020/01/29/1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://access.redhat.com/errata/RHBA-2020:0402"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://access.redhat.com/errata/RHBA-2020:0675"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://access.redhat.com/errata/RHSA-2020:0681"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://access.redhat.com/errata/RHSA-2020:0683"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://jenkins.io/security/advisory/2020-01-29/#SECURITY-1682"
}
],
"sourceIdentifier": "jenkinsci-cert@googlegroups.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-330"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
GHSA-QP4F-2W67-C8HW
Vulnerability from github – Published: 2022-05-24 17:07 – Updated: 2022-12-16 22:56
VLAI
Summary
Inbound TCP Agent Protocol/3 authentication bypass in Jenkins
Details
Jenkins 2.213 and earlier, LTS 2.204.1 and earlier includes support for the Inbound TCP Agent Protocol/3 for communication between controller and agents. While this protocol has been deprecated in 2018 and was recently removed from Jenkins in 2.214, it could still easily be enabled in Jenkins LTS 2.204.1, 2.213, and older.
This protocol incorrectly reuses encryption parameters which allow an unauthenticated remote attacker to determine the connection secret. This secret can then be used to connect attacker-controlled Jenkins agents to the Jenkins controller.
Jenkins 2.204.2 no longer allows for the use of Inbound TCP Agent Protocol/3 by default. The system property jenkins.slaves.JnlpSlaveAgentProtocol3.ALLOW_UNSAFE can be set to true to allow enabling the Inbound TCP Agent Protocol/3 in Jenkins 2.204.2, but doing so is strongly discouraged.
Inbound TCP Agent Protocol/3 was removed completely from Jenkins 2.214 and will not be part of Jenkins LTS after the end of the 2.204.x line.
Severity
8.6 (High)
{
"affected": [
{
"package": {
"ecosystem": "Maven",
"name": "org.jenkins-ci.main:jenkins-core"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "2.204.2"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "Maven",
"name": "org.jenkins-ci.main:jenkins-core"
},
"ranges": [
{
"events": [
{
"introduced": "2.205"
},
{
"fixed": "2.214"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2020-2099"
],
"database_specific": {
"cwe_ids": [
"CWE-323",
"CWE-330"
],
"github_reviewed": true,
"github_reviewed_at": "2022-12-16T22:56:05Z",
"nvd_published_at": "2020-01-29T16:15:00Z",
"severity": "HIGH"
},
"details": "Jenkins 2.213 and earlier, LTS 2.204.1 and earlier includes support for the Inbound TCP Agent Protocol/3 for communication between controller and agents. While [this protocol has been deprecated in 2018](https://www.jenkins.io/changelog-old/#v2.128) and was recently removed from Jenkins in 2.214, it could still easily be enabled in Jenkins LTS 2.204.1, 2.213, and older.\n\nThis protocol incorrectly reuses encryption parameters which allow an unauthenticated remote attacker to determine the connection secret. This secret can then be used to connect attacker-controlled Jenkins agents to the Jenkins controller.\n\nJenkins 2.204.2 no longer allows for the use of Inbound TCP Agent Protocol/3 by default. The system property `jenkins.slaves.JnlpSlaveAgentProtocol3.ALLOW_UNSAFE` can be set to `true` to allow enabling the Inbound TCP Agent Protocol/3 in Jenkins 2.204.2, but doing so is strongly discouraged.\n\nInbound TCP Agent Protocol/3 was removed completely from Jenkins 2.214 and will not be part of Jenkins LTS after the end of the 2.204.x line.",
"id": "GHSA-qp4f-2w67-c8hw",
"modified": "2022-12-16T22:56:05Z",
"published": "2022-05-24T17:07:40Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-2099"
},
{
"type": "WEB",
"url": "https://github.com/jenkinsci/jenkins/commit/5054bc6e12e1022993d719f66e289ab1d22ae854"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHBA-2020:0402"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHBA-2020:0675"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2020:0681"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2020:0683"
},
{
"type": "PACKAGE",
"url": "https://github.com/jenkinsci/jenkins"
},
{
"type": "WEB",
"url": "https://jenkins.io/security/advisory/2020-01-29/#SECURITY-1682"
},
{
"type": "WEB",
"url": "http://www.openwall.com/lists/oss-security/2020/01/29/1"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L",
"type": "CVSS_V3"
}
],
"summary": "Inbound TCP Agent Protocol/3 authentication bypass in Jenkins"
}
GSD-2020-2099
Vulnerability from gsd - Updated: 2023-12-13 01:21Details
Jenkins 2.213 and earlier, LTS 2.204.1 and earlier improperly reuses encryption key parameters in the Inbound TCP Agent Protocol/3, allowing unauthorized attackers with knowledge of agent names to obtain the connection secrets for those agents, which can be used to connect to Jenkins, impersonating those agents.
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2020-2099",
"description": "Jenkins 2.213 and earlier, LTS 2.204.1 and earlier improperly reuses encryption key parameters in the Inbound TCP Agent Protocol/3, allowing unauthorized attackers with knowledge of agent names to obtain the connection secrets for those agents, which can be used to connect to Jenkins, impersonating those agents.",
"id": "GSD-2020-2099",
"references": [
"https://access.redhat.com/errata/RHBA-2020:0675",
"https://access.redhat.com/errata/RHBA-2020:0402"
]
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2020-2099"
],
"details": "Jenkins 2.213 and earlier, LTS 2.204.1 and earlier improperly reuses encryption key parameters in the Inbound TCP Agent Protocol/3, allowing unauthorized attackers with knowledge of agent names to obtain the connection secrets for those agents, which can be used to connect to Jenkins, impersonating those agents.",
"id": "GSD-2020-2099",
"modified": "2023-12-13T01:21:51.141834Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "jenkinsci-cert@googlegroups.com",
"ID": "CVE-2020-2099",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Jenkins",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_name": "unspecified",
"version_value": "2.213"
}
]
}
}
]
},
"vendor_name": "Jenkins project"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Jenkins 2.213 and earlier, LTS 2.204.1 and earlier improperly reuses encryption key parameters in the Inbound TCP Agent Protocol/3, allowing unauthorized attackers with knowledge of agent names to obtain the connection secrets for those agents, which can be used to connect to Jenkins, impersonating those agents."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://jenkins.io/security/advisory/2020-01-29/#SECURITY-1682",
"refsource": "MISC",
"url": "https://jenkins.io/security/advisory/2020-01-29/#SECURITY-1682"
},
{
"name": "http://www.openwall.com/lists/oss-security/2020/01/29/1",
"refsource": "MISC",
"url": "http://www.openwall.com/lists/oss-security/2020/01/29/1"
},
{
"name": "https://access.redhat.com/errata/RHSA-2020:0681",
"refsource": "MISC",
"url": "https://access.redhat.com/errata/RHSA-2020:0681"
},
{
"name": "https://access.redhat.com/errata/RHSA-2020:0683",
"refsource": "MISC",
"url": "https://access.redhat.com/errata/RHSA-2020:0683"
},
{
"name": "https://access.redhat.com/errata/RHBA-2020:0402",
"refsource": "MISC",
"url": "https://access.redhat.com/errata/RHBA-2020:0402"
},
{
"name": "https://access.redhat.com/errata/RHBA-2020:0675",
"refsource": "MISC",
"url": "https://access.redhat.com/errata/RHBA-2020:0675"
}
]
}
},
"gitlab.com": {
"advisories": [
{
"affected_range": "(,2.218]",
"affected_versions": "All versions up to 2.218",
"cvss_v2": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"cvss_v3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L",
"cwe_ids": [
"CWE-1035",
"CWE-330",
"CWE-937"
],
"date": "2020-03-17",
"description": "Jenkins improperly reuses encryption key parameters in the Inbound TCP Agent Protocol/3, allowing unauthorized attackers with knowledge of agent names to obtain the connection secrets for those agents, which can be used to connect to Jenkins, impersonating those agents.",
"fixed_versions": [
"2.219"
],
"identifier": "CVE-2020-2099",
"identifiers": [
"CVE-2020-2099"
],
"not_impacted": "All versions after 2.218",
"package_slug": "maven/org.jenkins-ci.main/jenkins-core",
"pubdate": "2020-01-29",
"solution": "Upgrade to version 2.219 or above.",
"title": "Use of Insufficiently Random Values",
"urls": [
"https://nvd.nist.gov/vuln/detail/CVE-2020-2099",
"https://jenkins.io/security/advisory/2020-01-29/#SECURITY-1682"
],
"uuid": "13d690a1-75dd-448a-90d8-2451ed3a68b6"
}
]
},
"nvd.nist.gov": {
"configurations": {
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:jenkins:jenkins:*:*:*:*:-:*:*:*",
"cpe_name": [],
"versionEndIncluding": "2.218",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:jenkins:jenkins:*:*:*:*:lts:*:*:*",
"cpe_name": [],
"versionEndIncluding": "2.204.1",
"vulnerable": true
}
],
"operator": "OR"
}
]
},
"cve": {
"CVE_data_meta": {
"ASSIGNER": "jenkinsci-cert@googlegroups.com",
"ID": "CVE-2020-2099"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "en",
"value": "Jenkins 2.213 and earlier, LTS 2.204.1 and earlier improperly reuses encryption key parameters in the Inbound TCP Agent Protocol/3, allowing unauthorized attackers with knowledge of agent names to obtain the connection secrets for those agents, which can be used to connect to Jenkins, impersonating those agents."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "en",
"value": "CWE-330"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://jenkins.io/security/advisory/2020-01-29/#SECURITY-1682",
"refsource": "CONFIRM",
"tags": [
"Vendor Advisory"
],
"url": "https://jenkins.io/security/advisory/2020-01-29/#SECURITY-1682"
},
{
"name": "[oss-security] 20200129 Multiple vulnerabilities in Jenkins and Jenkins plugins",
"refsource": "MLIST",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2020/01/29/1"
},
{
"name": "RHBA-2020:0675",
"refsource": "REDHAT",
"tags": [],
"url": "https://access.redhat.com/errata/RHBA-2020:0675"
},
{
"name": "RHBA-2020:0402",
"refsource": "REDHAT",
"tags": [],
"url": "https://access.redhat.com/errata/RHBA-2020:0402"
},
{
"name": "RHSA-2020:0681",
"refsource": "REDHAT",
"tags": [],
"url": "https://access.redhat.com/errata/RHSA-2020:0681"
},
{
"name": "RHSA-2020:0683",
"refsource": "REDHAT",
"tags": [],
"url": "https://access.redhat.com/errata/RHSA-2020:0683"
}
]
}
},
"impact": {
"baseMetricV2": {
"acInsufInfo": false,
"cvssV2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"userInteractionRequired": false
},
"baseMetricV3": {
"cvssV3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 4.7
}
},
"lastModifiedDate": "2023-10-25T18:16Z",
"publishedDate": "2020-01-29T16:15Z"
}
}
}
RHBA-2020:0402
Vulnerability from csaf_redhat - Published: 2020-02-19 19:55 - Updated: 2026-05-14 18:25Summary
Red Hat Bug Fix Advisory: OpenShift Container Platform 3.11 bug fix update
Severity
Important
Notes
Topic: Red Hat OpenShift Container Platform release 3.11.170 is now available with
updates to packages and images that fix several bugs.
Details: Red Hat OpenShift Container Platform is Red Hat's cloud computing
Kubernetes application platform solution designed for on-premise or private
cloud deployments.
This advisory contains the RPM packages for Red Hat OpenShift Container
Platform 3.11.170. See the following advisory for the container images for
this release:
https://access.redhat.com/errata/RHBA-2020:0403
This release fixes the following bugs:
* The Cluster Monitoring Operator playbook would reset the CMO ConfigMap every time it was executed, and manual changes to the ConfigMap were lost. Now, etcd monitoring can be configured with Ansible and changes made to the ConfigMap are now persistent when the playbook is executed. (BZ#1703032)
* Prometheeus metrics for ElasticSearch were unavailable to users because the authentication class was instantiated multiple times and without the correct configuration. Now, SAR configuration has been added to the authentication_backend and the multi-tenant plugin executes SARs and allows access to metrics. (BZ#1728856)
* The installer was picking the incorrect version of etcd, reverting to an older package version. Now, the install has been updated to use etcd v3.2.26. (BZ#1744900)
* Redirection for ConfigMap was incorrect, leading to the console page instead of the ConfigMap details page. Now, the navigateResourceURL filter has been supplied with the namespace in the ConfigMap list page. Redirects will apply to the details page of the selected ConfigMap. (BZ#1782695)
* Unexpected iptables rules were saved on the first master host. This was due to the cockpit role operations performed after openshift_sdn roles. Now, the cockpit role runs before the openshift_sdn role and unnecessary sdn rules are not saved during installation. (BZ#1783764)
* Due to an incorrect statement in the heketi-template.yml.j2 template,the HEKETI_LVMWRAPPER environment variable was only included in deployments where Gluster runs on an external cluster, and not in the case where Gluster wass deployed on OpenShift in containers. The environment variable wass needed to specify a wrapper for LVM commands so that the commands can be run on the container node, outside the container. The missing variable results in less stability of the LVM configuration. Now, the statement in the heketi-template.yml.j2 template has been corrected and the HEKETI_LVMWRAPPER environment variable is now configured in the DeploymentConfig for the Heketi container. (BZ#1791667)
All OpenShift Container Platform 3.11 users are advised to upgrade to these
updated packages and images.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A Prototype Pollution vulnerability was found in jquery. Untrusted JSON passed to the `extend` function could lead to modifying objects up the prototype chain, including the global Object. A crafted JSON object passed to a vulnerable method could lead to denial of service or data injection, with various consequences.
5.6 (Medium)
Affected products
Fixed
87 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.170-1.git.1.91db82e.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.170-1.git.1.91db82e.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.170-1.git.0.00cac56.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.170-1.git.0.00cac56.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.170-1.git.0.00cac56.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.170-1.git.0.00cac56.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.170-1.git.1.55fab05.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.170-1.git.1.55fab05.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.170-1.git.0.00cac56.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.170-1.git.0.00cac56.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.170-1.git.0.00cac56.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.170-1.git.0.00cac56.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.170-1.git.0.00cac56.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.170-1.git.0.00cac56.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.170-1.git.0.00cac56.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.170-1.git.0.00cac56.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.170-1.git.0.00cac56.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.170-1.git.0.00cac56.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.170-1.git.0.00cac56.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.170-1.git.0.00cac56.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.170-1.git.0.00cac56.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.170-1.git.0.00cac56.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.170-1.git.0.00cac56.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.170-1.git.0.00cac56.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.170-1.git.0.00cac56.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.170-1.git.1.51473b7.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.170-1.git.1.227bc98.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:jenkins-0:2.204.2.1580891656-1.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:jenkins-0:2.204.2.1580891656-1.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1579107288-1.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1579107288-1.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.170-2.git.5.8802564.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.170-2.git.5.8802564.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.170-2.git.5.8802564.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.170-2.git.5.8802564.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.170-2.git.5.8802564.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.170-2.git.5.8802564.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-kuryr-0:3.11.170-1.git.1.7265da1.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-kuryr-cni-0:3.11.170-1.git.1.7265da1.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-kuryr-common-0:3.11.170-1.git.1.7265da1.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-kuryr-controller-0:3.11.170-1.git.1.7265da1.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:prometheus-0:3.11.170-1.git.1.227bc98.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:prometheus-0:3.11.170-1.git.1.227bc98.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.170-1.git.1.51473b7.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.170-1.git.1.51473b7.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:python2-kuryr-kubernetes-0:3.11.170-1.git.1.7265da1.el7.noarch | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
A flaw was found in Jenkins. Encryption key parameters are improperly reused in the Inbound TCP Agent Protocol/3 allowing unauthorized attackers with knowledge of agent names to obtain the connection secrets for those agents. The highest threat from this vulnerability is to data confidentiality.
8.6 (High)
Affected products
Fixed
87 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.170-1.git.1.91db82e.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.170-1.git.1.91db82e.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.170-1.git.0.00cac56.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.170-1.git.0.00cac56.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.170-1.git.0.00cac56.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.170-1.git.0.00cac56.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.170-1.git.1.55fab05.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.170-1.git.1.55fab05.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.170-1.git.0.00cac56.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.170-1.git.0.00cac56.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.170-1.git.0.00cac56.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.170-1.git.0.00cac56.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.170-1.git.0.00cac56.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.170-1.git.0.00cac56.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.170-1.git.0.00cac56.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.170-1.git.0.00cac56.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.170-1.git.0.00cac56.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.170-1.git.0.00cac56.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.170-1.git.0.00cac56.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.170-1.git.0.00cac56.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.170-1.git.0.00cac56.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.170-1.git.0.00cac56.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.170-1.git.0.00cac56.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.170-1.git.0.00cac56.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.170-1.git.0.00cac56.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.170-1.git.1.51473b7.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.170-1.git.1.227bc98.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:jenkins-0:2.204.2.1580891656-1.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:jenkins-0:2.204.2.1580891656-1.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1579107288-1.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1579107288-1.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.170-2.git.5.8802564.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.170-2.git.5.8802564.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.170-2.git.5.8802564.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.170-2.git.5.8802564.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.170-2.git.5.8802564.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.170-2.git.5.8802564.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-kuryr-0:3.11.170-1.git.1.7265da1.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-kuryr-cni-0:3.11.170-1.git.1.7265da1.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-kuryr-common-0:3.11.170-1.git.1.7265da1.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-kuryr-controller-0:3.11.170-1.git.1.7265da1.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:prometheus-0:3.11.170-1.git.1.227bc98.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:prometheus-0:3.11.170-1.git.1.227bc98.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.170-1.git.1.51473b7.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.170-1.git.1.51473b7.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:python2-kuryr-kubernetes-0:3.11.170-1.git.1.7265da1.el7.noarch | — |
Vendor Fix
fix
|
Threats
Impact
Important
Jenkins 2.218 and earlier, LTS 2.204.1 and earlier was vulnerable to a UDP amplification reflection denial of service attack on port 33848.
5.8 (Medium)
Affected products
Fixed
87 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.170-1.git.1.91db82e.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.170-1.git.1.91db82e.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.170-1.git.0.00cac56.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.170-1.git.0.00cac56.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.170-1.git.0.00cac56.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.170-1.git.0.00cac56.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.170-1.git.1.55fab05.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.170-1.git.1.55fab05.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.170-1.git.0.00cac56.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.170-1.git.0.00cac56.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.170-1.git.0.00cac56.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.170-1.git.0.00cac56.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.170-1.git.0.00cac56.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.170-1.git.0.00cac56.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.170-1.git.0.00cac56.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.170-1.git.0.00cac56.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.170-1.git.0.00cac56.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.170-1.git.0.00cac56.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.170-1.git.0.00cac56.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.170-1.git.0.00cac56.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.170-1.git.0.00cac56.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.170-1.git.0.00cac56.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.170-1.git.0.00cac56.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.170-1.git.0.00cac56.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.170-1.git.0.00cac56.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.170-1.git.1.51473b7.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.170-1.git.1.227bc98.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:jenkins-0:2.204.2.1580891656-1.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:jenkins-0:2.204.2.1580891656-1.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1579107288-1.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1579107288-1.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.170-2.git.5.8802564.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.170-2.git.5.8802564.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.170-2.git.5.8802564.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.170-2.git.5.8802564.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.170-2.git.5.8802564.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.170-2.git.5.8802564.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-kuryr-0:3.11.170-1.git.1.7265da1.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-kuryr-cni-0:3.11.170-1.git.1.7265da1.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-kuryr-common-0:3.11.170-1.git.1.7265da1.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-kuryr-controller-0:3.11.170-1.git.1.7265da1.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:prometheus-0:3.11.170-1.git.1.227bc98.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:prometheus-0:3.11.170-1.git.1.227bc98.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.170-1.git.1.51473b7.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.170-1.git.1.51473b7.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:python2-kuryr-kubernetes-0:3.11.170-1.git.1.7265da1.el7.noarch | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
Jenkins 2.218 and earlier, LTS 2.204.1 and earlier did not use a constant-time comparison function for validating connection secrets, which could potentially allow an attacker to use a timing attack to obtain this secret.
5.3 (Medium)
Affected products
Fixed
87 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.170-1.git.1.91db82e.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.170-1.git.1.91db82e.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.170-1.git.0.00cac56.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.170-1.git.0.00cac56.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.170-1.git.0.00cac56.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.170-1.git.0.00cac56.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.170-1.git.1.55fab05.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.170-1.git.1.55fab05.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.170-1.git.0.00cac56.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.170-1.git.0.00cac56.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.170-1.git.0.00cac56.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.170-1.git.0.00cac56.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.170-1.git.0.00cac56.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.170-1.git.0.00cac56.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.170-1.git.0.00cac56.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.170-1.git.0.00cac56.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.170-1.git.0.00cac56.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.170-1.git.0.00cac56.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.170-1.git.0.00cac56.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.170-1.git.0.00cac56.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.170-1.git.0.00cac56.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.170-1.git.0.00cac56.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.170-1.git.0.00cac56.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.170-1.git.0.00cac56.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.170-1.git.0.00cac56.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.170-1.git.1.51473b7.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.170-1.git.1.227bc98.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:jenkins-0:2.204.2.1580891656-1.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:jenkins-0:2.204.2.1580891656-1.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1579107288-1.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1579107288-1.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.170-2.git.5.8802564.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.170-2.git.5.8802564.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.170-2.git.5.8802564.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.170-2.git.5.8802564.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.170-2.git.5.8802564.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.170-2.git.5.8802564.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-kuryr-0:3.11.170-1.git.1.7265da1.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-kuryr-cni-0:3.11.170-1.git.1.7265da1.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-kuryr-common-0:3.11.170-1.git.1.7265da1.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-kuryr-controller-0:3.11.170-1.git.1.7265da1.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:prometheus-0:3.11.170-1.git.1.227bc98.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:prometheus-0:3.11.170-1.git.1.227bc98.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.170-1.git.1.51473b7.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.170-1.git.1.51473b7.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:python2-kuryr-kubernetes-0:3.11.170-1.git.1.7265da1.el7.noarch | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
Jenkins 2.218 and earlier, LTS 2.204.1 and earlier used a non-constant time comparison function when validating an HMAC.
5.3 (Medium)
Affected products
Fixed
87 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.170-1.git.1.91db82e.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.170-1.git.1.91db82e.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.170-1.git.0.00cac56.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.170-1.git.0.00cac56.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.170-1.git.0.00cac56.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.170-1.git.0.00cac56.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.170-1.git.1.55fab05.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.170-1.git.1.55fab05.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.170-1.git.0.00cac56.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.170-1.git.0.00cac56.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.170-1.git.0.00cac56.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.170-1.git.0.00cac56.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.170-1.git.0.00cac56.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.170-1.git.0.00cac56.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.170-1.git.0.00cac56.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.170-1.git.0.00cac56.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.170-1.git.0.00cac56.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.170-1.git.0.00cac56.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.170-1.git.0.00cac56.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.170-1.git.0.00cac56.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.170-1.git.0.00cac56.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.170-1.git.0.00cac56.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.170-1.git.0.00cac56.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.170-1.git.0.00cac56.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.170-1.git.0.00cac56.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.170-1.git.1.51473b7.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.170-1.git.1.227bc98.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:jenkins-0:2.204.2.1580891656-1.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:jenkins-0:2.204.2.1580891656-1.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1579107288-1.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1579107288-1.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.170-2.git.5.8802564.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.170-2.git.5.8802564.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.170-2.git.5.8802564.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.170-2.git.5.8802564.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.170-2.git.5.8802564.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.170-2.git.5.8802564.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-kuryr-0:3.11.170-1.git.1.7265da1.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-kuryr-cni-0:3.11.170-1.git.1.7265da1.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-kuryr-common-0:3.11.170-1.git.1.7265da1.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-kuryr-controller-0:3.11.170-1.git.1.7265da1.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:prometheus-0:3.11.170-1.git.1.227bc98.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:prometheus-0:3.11.170-1.git.1.227bc98.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.170-1.git.1.51473b7.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.170-1.git.1.51473b7.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:python2-kuryr-kubernetes-0:3.11.170-1.git.1.7265da1.el7.noarch | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
Jenkins 2.218 and earlier, LTS 2.204.1 and earlier exposed session identifiers on a user's detail object in the whoAmI diagnostic page.
4.4 (Medium)
Affected products
Fixed
87 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.170-1.git.1.91db82e.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.170-1.git.1.91db82e.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.170-1.git.0.00cac56.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.170-1.git.0.00cac56.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.170-1.git.0.00cac56.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.170-1.git.0.00cac56.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.170-1.git.1.55fab05.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.170-1.git.1.55fab05.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.170-1.git.0.00cac56.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.170-1.git.0.00cac56.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.170-1.git.0.00cac56.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.170-1.git.0.00cac56.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.170-1.git.0.00cac56.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.170-1.git.0.00cac56.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.170-1.git.0.00cac56.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.170-1.git.0.00cac56.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.170-1.git.0.00cac56.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.170-1.git.0.00cac56.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.170-1.git.0.00cac56.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.170-1.git.0.00cac56.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.170-1.git.0.00cac56.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.170-1.git.0.00cac56.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.170-1.git.0.00cac56.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.170-1.git.0.00cac56.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.170-1.git.0.00cac56.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.170-1.git.1.51473b7.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.170-1.git.1.227bc98.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:jenkins-0:2.204.2.1580891656-1.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:jenkins-0:2.204.2.1580891656-1.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1579107288-1.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1579107288-1.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.170-2.git.5.8802564.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.170-2.git.5.8802564.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.170-2.git.5.8802564.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.170-2.git.5.8802564.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.170-2.git.5.8802564.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.170-2.git.5.8802564.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-kuryr-0:3.11.170-1.git.1.7265da1.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-kuryr-cni-0:3.11.170-1.git.1.7265da1.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-kuryr-common-0:3.11.170-1.git.1.7265da1.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-kuryr-controller-0:3.11.170-1.git.1.7265da1.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:prometheus-0:3.11.170-1.git.1.227bc98.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:prometheus-0:3.11.170-1.git.1.227bc98.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.170-1.git.1.51473b7.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.170-1.git.1.51473b7.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:python2-kuryr-kubernetes-0:3.11.170-1.git.1.7265da1.el7.noarch | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
Jenkins 2.218 and earlier, LTS 2.204.1 and earlier allowed users with Overall/Read access to view a JVM memory usage chart.
4.3 (Medium)
Affected products
Fixed
87 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.170-1.git.1.91db82e.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.170-1.git.1.91db82e.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.170-1.git.0.00cac56.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.170-1.git.0.00cac56.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.170-1.git.0.00cac56.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.170-1.git.0.00cac56.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.170-1.git.1.55fab05.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.170-1.git.1.55fab05.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.170-1.git.0.00cac56.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.170-1.git.0.00cac56.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.170-1.git.0.00cac56.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.170-1.git.0.00cac56.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.170-1.git.0.00cac56.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.170-1.git.0.00cac56.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.170-1.git.0.00cac56.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.170-1.git.0.00cac56.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.170-1.git.0.00cac56.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.170-1.git.0.00cac56.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.170-1.git.0.00cac56.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.170-1.git.0.00cac56.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.170-1.git.0.00cac56.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.170-1.git.0.00cac56.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.170-1.git.0.00cac56.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.170-1.git.0.00cac56.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.170-1.git.0.00cac56.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.170-1.git.1.51473b7.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.170-1.git.1.227bc98.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:jenkins-0:2.204.2.1580891656-1.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:jenkins-0:2.204.2.1580891656-1.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1579107288-1.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1579107288-1.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.170-2.git.5.8802564.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.170-2.git.5.8802564.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.170-2.git.5.8802564.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.170-2.git.5.8802564.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.170-2.git.5.8802564.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.170-2.git.5.8802564.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-kuryr-0:3.11.170-1.git.1.7265da1.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-kuryr-cni-0:3.11.170-1.git.1.7265da1.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-kuryr-common-0:3.11.170-1.git.1.7265da1.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-kuryr-controller-0:3.11.170-1.git.1.7265da1.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:prometheus-0:3.11.170-1.git.1.227bc98.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:prometheus-0:3.11.170-1.git.1.227bc98.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.170-1.git.1.51473b7.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.170-1.git.1.51473b7.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:python2-kuryr-kubernetes-0:3.11.170-1.git.1.7265da1.el7.noarch | — |
Vendor Fix
fix
|
Threats
Impact
Low
REST API endpoints in Jenkins 2.218 and earlier, LTS 2.204.1 and earlier were vulnerable to clickjacking attacks.
CWE-1021 - Improper Restriction of Rendered UI Layers or FramesAffected products
Fixed
87 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.170-1.git.1.91db82e.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.170-1.git.1.91db82e.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.170-1.git.0.00cac56.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.170-1.git.0.00cac56.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.170-1.git.0.00cac56.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.170-1.git.0.00cac56.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.170-1.git.1.55fab05.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.170-1.git.1.55fab05.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.170-1.git.0.00cac56.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.170-1.git.0.00cac56.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.170-1.git.0.00cac56.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.170-1.git.0.00cac56.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.170-1.git.0.00cac56.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.170-1.git.0.00cac56.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.170-1.git.0.00cac56.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.170-1.git.0.00cac56.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.170-1.git.0.00cac56.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.170-1.git.0.00cac56.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.170-1.git.0.00cac56.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.170-1.git.0.00cac56.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.170-1.git.0.00cac56.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.170-1.git.0.00cac56.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.170-1.git.0.00cac56.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.170-1.git.0.00cac56.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.170-1.git.0.00cac56.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.170-1.git.1.51473b7.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.170-1.git.1.227bc98.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:jenkins-0:2.204.2.1580891656-1.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:jenkins-0:2.204.2.1580891656-1.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1579107288-1.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1579107288-1.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.170-2.git.5.8802564.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.170-2.git.5.8802564.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.170-2.git.5.8802564.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.170-2.git.5.8802564.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.170-2.git.5.8802564.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.170-2.git.5.8802564.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-kuryr-0:3.11.170-1.git.1.7265da1.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-kuryr-cni-0:3.11.170-1.git.1.7265da1.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-kuryr-common-0:3.11.170-1.git.1.7265da1.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-kuryr-controller-0:3.11.170-1.git.1.7265da1.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:prometheus-0:3.11.170-1.git.1.227bc98.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:prometheus-0:3.11.170-1.git.1.227bc98.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.170-1.git.1.51473b7.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.170-1.git.1.51473b7.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:python2-kuryr-kubernetes-0:3.11.170-1.git.1.7265da1.el7.noarch | — |
Vendor Fix
fix
|
Threats
Impact
Low
References
49 references
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Red Hat OpenShift Container Platform release 3.11.170 is now available with\nupdates to packages and images that fix several bugs.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat OpenShift Container Platform is Red Hat\u0027s cloud computing\nKubernetes application platform solution designed for on-premise or private\ncloud deployments.\n\nThis advisory contains the RPM packages for Red Hat OpenShift Container\nPlatform 3.11.170. See the following advisory for the container images for\nthis release:\n\nhttps://access.redhat.com/errata/RHBA-2020:0403\n\nThis release fixes the following bugs:\n\n* The Cluster Monitoring Operator playbook would reset the CMO ConfigMap every time it was executed, and manual changes to the ConfigMap were lost. Now, etcd monitoring can be configured with Ansible and changes made to the ConfigMap are now persistent when the playbook is executed. (BZ#1703032)\n\n* Prometheeus metrics for ElasticSearch were unavailable to users because the authentication class was instantiated multiple times and without the correct configuration. Now, SAR configuration has been added to the authentication_backend and the multi-tenant plugin executes SARs and allows access to metrics. (BZ#1728856)\n\n* The installer was picking the incorrect version of etcd, reverting to an older package version. Now, the install has been updated to use etcd v3.2.26. (BZ#1744900)\n\n* Redirection for ConfigMap was incorrect, leading to the console page instead of the ConfigMap details page. Now, the navigateResourceURL filter has been supplied with the namespace in the ConfigMap list page. Redirects will apply to the details page of the selected ConfigMap. (BZ#1782695)\n\n* Unexpected iptables rules were saved on the first master host. This was due to the cockpit role operations performed after openshift_sdn roles. Now, the cockpit role runs before the openshift_sdn role and unnecessary sdn rules are not saved during installation. (BZ#1783764)\n\n* Due to an incorrect statement in the heketi-template.yml.j2 template,the HEKETI_LVMWRAPPER environment variable was only included in deployments where Gluster runs on an external cluster, and not in the case where Gluster wass deployed on OpenShift in containers. The environment variable wass needed to specify a wrapper for LVM commands so that the commands can be run on the container node, outside the container. The missing variable results in less stability of the LVM configuration. Now, the statement in the heketi-template.yml.j2 template has been corrected and the HEKETI_LVMWRAPPER environment variable is now configured in the DeploymentConfig for the Heketi container. (BZ#1791667)\n\nAll OpenShift Container Platform 3.11 users are advised to upgrade to these\nupdated packages and images.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHBA-2020:0402",
"url": "https://access.redhat.com/errata/RHBA-2020:0402"
},
{
"category": "external",
"summary": "1670380",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1670380"
},
{
"category": "external",
"summary": "1670587",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1670587"
},
{
"category": "external",
"summary": "1728856",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1728856"
},
{
"category": "external",
"summary": "1744900",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1744900"
},
{
"category": "external",
"summary": "1749765",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1749765"
},
{
"category": "external",
"summary": "1757314",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1757314"
},
{
"category": "external",
"summary": "1757938",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1757938"
},
{
"category": "external",
"summary": "1782695",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1782695"
},
{
"category": "external",
"summary": "1783764",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1783764"
},
{
"category": "external",
"summary": "1791667",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1791667"
},
{
"category": "external",
"summary": "1793628",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1793628"
},
{
"category": "external",
"summary": "1795930",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1795930"
},
{
"category": "external",
"summary": "1798365",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1798365"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2020/rhba-2020_0402.json"
}
],
"title": "Red Hat Bug Fix Advisory: OpenShift Container Platform 3.11 bug fix update",
"tracking": {
"current_release_date": "2026-05-14T18:25:12+00:00",
"generator": {
"date": "2026-05-14T18:25:12+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.8.0"
}
},
"id": "RHBA-2020:0402",
"initial_release_date": "2020-02-19T19:55:22+00:00",
"revision_history": [
{
"date": "2020-02-19T19:55:22+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2020-02-19T19:55:22+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-05-14T18:25:12+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat OpenShift Container Platform 3.11",
"product": {
"name": "Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift:3.11::el7"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenShift Enterprise"
},
{
"branches": [
{
"category": "product_version",
"name": "jenkins-2-plugins-0:3.11.1579107288-1.el7.noarch",
"product": {
"name": "jenkins-2-plugins-0:3.11.1579107288-1.el7.noarch",
"product_id": "jenkins-2-plugins-0:3.11.1579107288-1.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jenkins-2-plugins@3.11.1579107288-1.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "openshift-kuryr-cni-0:3.11.170-1.git.1.7265da1.el7.noarch",
"product": {
"name": "openshift-kuryr-cni-0:3.11.170-1.git.1.7265da1.el7.noarch",
"product_id": "openshift-kuryr-cni-0:3.11.170-1.git.1.7265da1.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-kuryr-cni@3.11.170-1.git.1.7265da1.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "openshift-kuryr-common-0:3.11.170-1.git.1.7265da1.el7.noarch",
"product": {
"name": "openshift-kuryr-common-0:3.11.170-1.git.1.7265da1.el7.noarch",
"product_id": "openshift-kuryr-common-0:3.11.170-1.git.1.7265da1.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-kuryr-common@3.11.170-1.git.1.7265da1.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "openshift-kuryr-controller-0:3.11.170-1.git.1.7265da1.el7.noarch",
"product": {
"name": "openshift-kuryr-controller-0:3.11.170-1.git.1.7265da1.el7.noarch",
"product_id": "openshift-kuryr-controller-0:3.11.170-1.git.1.7265da1.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-kuryr-controller@3.11.170-1.git.1.7265da1.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "python2-kuryr-kubernetes-0:3.11.170-1.git.1.7265da1.el7.noarch",
"product": {
"name": "python2-kuryr-kubernetes-0:3.11.170-1.git.1.7265da1.el7.noarch",
"product_id": "python2-kuryr-kubernetes-0:3.11.170-1.git.1.7265da1.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python2-kuryr-kubernetes@3.11.170-1.git.1.7265da1.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "atomic-openshift-docker-excluder-0:3.11.170-1.git.0.00cac56.el7.noarch",
"product": {
"name": "atomic-openshift-docker-excluder-0:3.11.170-1.git.0.00cac56.el7.noarch",
"product_id": "atomic-openshift-docker-excluder-0:3.11.170-1.git.0.00cac56.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/atomic-openshift-docker-excluder@3.11.170-1.git.0.00cac56.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "atomic-openshift-excluder-0:3.11.170-1.git.0.00cac56.el7.noarch",
"product": {
"name": "atomic-openshift-excluder-0:3.11.170-1.git.0.00cac56.el7.noarch",
"product_id": "atomic-openshift-excluder-0:3.11.170-1.git.0.00cac56.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/atomic-openshift-excluder@3.11.170-1.git.0.00cac56.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jenkins-0:2.204.2.1580891656-1.el7.noarch",
"product": {
"name": "jenkins-0:2.204.2.1580891656-1.el7.noarch",
"product_id": "jenkins-0:2.204.2.1580891656-1.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jenkins@2.204.2.1580891656-1.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "openshift-ansible-0:3.11.170-2.git.5.8802564.el7.noarch",
"product": {
"name": "openshift-ansible-0:3.11.170-2.git.5.8802564.el7.noarch",
"product_id": "openshift-ansible-0:3.11.170-2.git.5.8802564.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-ansible@3.11.170-2.git.5.8802564.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "openshift-ansible-docs-0:3.11.170-2.git.5.8802564.el7.noarch",
"product": {
"name": "openshift-ansible-docs-0:3.11.170-2.git.5.8802564.el7.noarch",
"product_id": "openshift-ansible-docs-0:3.11.170-2.git.5.8802564.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-ansible-docs@3.11.170-2.git.5.8802564.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "openshift-ansible-playbooks-0:3.11.170-2.git.5.8802564.el7.noarch",
"product": {
"name": "openshift-ansible-playbooks-0:3.11.170-2.git.5.8802564.el7.noarch",
"product_id": "openshift-ansible-playbooks-0:3.11.170-2.git.5.8802564.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-ansible-playbooks@3.11.170-2.git.5.8802564.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "openshift-ansible-roles-0:3.11.170-2.git.5.8802564.el7.noarch",
"product": {
"name": "openshift-ansible-roles-0:3.11.170-2.git.5.8802564.el7.noarch",
"product_id": "openshift-ansible-roles-0:3.11.170-2.git.5.8802564.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-ansible-roles@3.11.170-2.git.5.8802564.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "openshift-ansible-test-0:3.11.170-2.git.5.8802564.el7.noarch",
"product": {
"name": "openshift-ansible-test-0:3.11.170-2.git.5.8802564.el7.noarch",
"product_id": "openshift-ansible-test-0:3.11.170-2.git.5.8802564.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-ansible-test@3.11.170-2.git.5.8802564.el7?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "jenkins-2-plugins-0:3.11.1579107288-1.el7.src",
"product": {
"name": "jenkins-2-plugins-0:3.11.1579107288-1.el7.src",
"product_id": "jenkins-2-plugins-0:3.11.1579107288-1.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jenkins-2-plugins@3.11.1579107288-1.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.src",
"product": {
"name": "atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.src",
"product_id": "atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/atomic-openshift-metrics-server@3.11.170-1.git.1.357f177.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.src",
"product": {
"name": "atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.src",
"product_id": "atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/atomic-enterprise-service-catalog@3.11.170-1.git.1.91db82e.el7?arch=src\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.src",
"product": {
"name": "atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.src",
"product_id": "atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/atomic-openshift-cluster-autoscaler@3.11.170-1.git.1.0a0df6a.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.src",
"product": {
"name": "atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.src",
"product_id": "atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/atomic-openshift-web-console@3.11.170-1.git.1.3d64e8b.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.src",
"product": {
"name": "openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.src",
"product_id": "openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-enterprise-cluster-capacity@3.11.170-1.git.1.661684b.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.src",
"product": {
"name": "golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.src",
"product_id": "golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-github-openshift-oauth-proxy@3.11.170-1.git.1.b49be83.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "atomic-openshift-dockerregistry-0:3.11.170-1.git.1.55fab05.el7.src",
"product": {
"name": "atomic-openshift-dockerregistry-0:3.11.170-1.git.1.55fab05.el7.src",
"product_id": "atomic-openshift-dockerregistry-0:3.11.170-1.git.1.55fab05.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/atomic-openshift-dockerregistry@3.11.170-1.git.1.55fab05.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "golang-github-prometheus-prometheus-0:3.11.170-1.git.1.227bc98.el7.src",
"product": {
"name": "golang-github-prometheus-prometheus-0:3.11.170-1.git.1.227bc98.el7.src",
"product_id": "golang-github-prometheus-prometheus-0:3.11.170-1.git.1.227bc98.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-github-prometheus-prometheus@3.11.170-1.git.1.227bc98.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.src",
"product": {
"name": "atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.src",
"product_id": "atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/atomic-openshift-service-idler@3.11.170-1.git.1.8328979.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.src",
"product": {
"name": "atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.src",
"product_id": "atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/atomic-openshift-descheduler@3.11.170-1.git.1.9ad83f2.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "golang-github-prometheus-node_exporter-0:3.11.170-1.git.1.51473b7.el7.src",
"product": {
"name": "golang-github-prometheus-node_exporter-0:3.11.170-1.git.1.51473b7.el7.src",
"product_id": "golang-github-prometheus-node_exporter-0:3.11.170-1.git.1.51473b7.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-github-prometheus-node_exporter@3.11.170-1.git.1.51473b7.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.src",
"product": {
"name": "atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.src",
"product_id": "atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/atomic-openshift-node-problem-detector@3.11.170-1.git.1.b1f90a6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.src",
"product": {
"name": "openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.src",
"product_id": "openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-enterprise-autoheal@3.11.170-1.git.1.dfe6c52.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "golang-github-prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.src",
"product": {
"name": "golang-github-prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.src",
"product_id": "golang-github-prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-github-prometheus-alertmanager@3.11.170-1.git.1.61d7960.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "openshift-kuryr-0:3.11.170-1.git.1.7265da1.el7.src",
"product": {
"name": "openshift-kuryr-0:3.11.170-1.git.1.7265da1.el7.src",
"product_id": "openshift-kuryr-0:3.11.170-1.git.1.7265da1.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-kuryr@3.11.170-1.git.1.7265da1.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.src",
"product": {
"name": "atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.src",
"product_id": "atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/atomic-openshift@3.11.170-1.git.0.00cac56.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jenkins-0:2.204.2.1580891656-1.el7.src",
"product": {
"name": "jenkins-0:2.204.2.1580891656-1.el7.src",
"product_id": "jenkins-0:2.204.2.1580891656-1.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jenkins@2.204.2.1580891656-1.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "openshift-ansible-0:3.11.170-2.git.5.8802564.el7.src",
"product": {
"name": "openshift-ansible-0:3.11.170-2.git.5.8802564.el7.src",
"product_id": "openshift-ansible-0:3.11.170-2.git.5.8802564.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-ansible@3.11.170-2.git.5.8802564.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.src",
"product": {
"name": "cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.src",
"product_id": "cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cri-o@1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.ppc64le",
"product": {
"name": "atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.ppc64le",
"product_id": "atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/atomic-openshift-metrics-server@3.11.170-1.git.1.357f177.el7?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.ppc64le",
"product": {
"name": "atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.ppc64le",
"product_id": "atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/atomic-enterprise-service-catalog@3.11.170-1.git.1.91db82e.el7?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "atomic-enterprise-service-catalog-svcat-1:3.11.170-1.git.1.91db82e.el7.ppc64le",
"product": {
"name": "atomic-enterprise-service-catalog-svcat-1:3.11.170-1.git.1.91db82e.el7.ppc64le",
"product_id": "atomic-enterprise-service-catalog-svcat-1:3.11.170-1.git.1.91db82e.el7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/atomic-enterprise-service-catalog-svcat@3.11.170-1.git.1.91db82e.el7?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.ppc64le",
"product": {
"name": "atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.ppc64le",
"product_id": "atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/atomic-openshift-cluster-autoscaler@3.11.170-1.git.1.0a0df6a.el7?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.ppc64le",
"product": {
"name": "atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.ppc64le",
"product_id": "atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/atomic-openshift-web-console@3.11.170-1.git.1.3d64e8b.el7?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.ppc64le",
"product": {
"name": "openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.ppc64le",
"product_id": "openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-enterprise-cluster-capacity@3.11.170-1.git.1.661684b.el7?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.ppc64le",
"product": {
"name": "golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.ppc64le",
"product_id": "golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-github-openshift-oauth-proxy@3.11.170-1.git.1.b49be83.el7?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "prometheus-0:3.11.170-1.git.1.227bc98.el7.ppc64le",
"product": {
"name": "prometheus-0:3.11.170-1.git.1.227bc98.el7.ppc64le",
"product_id": "prometheus-0:3.11.170-1.git.1.227bc98.el7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/prometheus@3.11.170-1.git.1.227bc98.el7?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.ppc64le",
"product": {
"name": "atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.ppc64le",
"product_id": "atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/atomic-openshift-service-idler@3.11.170-1.git.1.8328979.el7?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.ppc64le",
"product": {
"name": "atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.ppc64le",
"product_id": "atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/atomic-openshift-descheduler@3.11.170-1.git.1.9ad83f2.el7?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "prometheus-node-exporter-0:3.11.170-1.git.1.51473b7.el7.ppc64le",
"product": {
"name": "prometheus-node-exporter-0:3.11.170-1.git.1.51473b7.el7.ppc64le",
"product_id": "prometheus-node-exporter-0:3.11.170-1.git.1.51473b7.el7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/prometheus-node-exporter@3.11.170-1.git.1.51473b7.el7?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.ppc64le",
"product": {
"name": "atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.ppc64le",
"product_id": "atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/atomic-openshift-node-problem-detector@3.11.170-1.git.1.b1f90a6.el7?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.ppc64le",
"product": {
"name": "openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.ppc64le",
"product_id": "openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-enterprise-autoheal@3.11.170-1.git.1.dfe6c52.el7?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.ppc64le",
"product": {
"name": "prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.ppc64le",
"product_id": "prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/prometheus-alertmanager@3.11.170-1.git.1.61d7960.el7?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"product": {
"name": "atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"product_id": "atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/atomic-openshift@3.11.170-1.git.0.00cac56.el7?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "atomic-openshift-clients-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"product": {
"name": "atomic-openshift-clients-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"product_id": "atomic-openshift-clients-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/atomic-openshift-clients@3.11.170-1.git.0.00cac56.el7?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "atomic-openshift-hyperkube-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"product": {
"name": "atomic-openshift-hyperkube-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"product_id": "atomic-openshift-hyperkube-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/atomic-openshift-hyperkube@3.11.170-1.git.0.00cac56.el7?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "atomic-openshift-hypershift-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"product": {
"name": "atomic-openshift-hypershift-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"product_id": "atomic-openshift-hypershift-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/atomic-openshift-hypershift@3.11.170-1.git.0.00cac56.el7?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "atomic-openshift-master-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"product": {
"name": "atomic-openshift-master-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"product_id": "atomic-openshift-master-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/atomic-openshift-master@3.11.170-1.git.0.00cac56.el7?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "atomic-openshift-node-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"product": {
"name": "atomic-openshift-node-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"product_id": "atomic-openshift-node-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/atomic-openshift-node@3.11.170-1.git.0.00cac56.el7?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "atomic-openshift-pod-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"product": {
"name": "atomic-openshift-pod-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"product_id": "atomic-openshift-pod-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/atomic-openshift-pod@3.11.170-1.git.0.00cac56.el7?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "atomic-openshift-sdn-ovs-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"product": {
"name": "atomic-openshift-sdn-ovs-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"product_id": "atomic-openshift-sdn-ovs-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/atomic-openshift-sdn-ovs@3.11.170-1.git.0.00cac56.el7?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "atomic-openshift-template-service-broker-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"product": {
"name": "atomic-openshift-template-service-broker-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"product_id": "atomic-openshift-template-service-broker-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/atomic-openshift-template-service-broker@3.11.170-1.git.0.00cac56.el7?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "atomic-openshift-tests-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"product": {
"name": "atomic-openshift-tests-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"product_id": "atomic-openshift-tests-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/atomic-openshift-tests@3.11.170-1.git.0.00cac56.el7?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.ppc64le",
"product": {
"name": "cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.ppc64le",
"product_id": "cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cri-o@1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "cri-o-debuginfo-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.ppc64le",
"product": {
"name": "cri-o-debuginfo-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.ppc64le",
"product_id": "cri-o-debuginfo-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cri-o-debuginfo@1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7?arch=ppc64le"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.x86_64",
"product": {
"name": "atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.x86_64",
"product_id": "atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/atomic-openshift-metrics-server@3.11.170-1.git.1.357f177.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.x86_64",
"product": {
"name": "atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.x86_64",
"product_id": "atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/atomic-enterprise-service-catalog@3.11.170-1.git.1.91db82e.el7?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "atomic-enterprise-service-catalog-svcat-1:3.11.170-1.git.1.91db82e.el7.x86_64",
"product": {
"name": "atomic-enterprise-service-catalog-svcat-1:3.11.170-1.git.1.91db82e.el7.x86_64",
"product_id": "atomic-enterprise-service-catalog-svcat-1:3.11.170-1.git.1.91db82e.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/atomic-enterprise-service-catalog-svcat@3.11.170-1.git.1.91db82e.el7?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.x86_64",
"product": {
"name": "atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.x86_64",
"product_id": "atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/atomic-openshift-cluster-autoscaler@3.11.170-1.git.1.0a0df6a.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.x86_64",
"product": {
"name": "atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.x86_64",
"product_id": "atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/atomic-openshift-web-console@3.11.170-1.git.1.3d64e8b.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.x86_64",
"product": {
"name": "openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.x86_64",
"product_id": "openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-enterprise-cluster-capacity@3.11.170-1.git.1.661684b.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.x86_64",
"product": {
"name": "golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.x86_64",
"product_id": "golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-github-openshift-oauth-proxy@3.11.170-1.git.1.b49be83.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "atomic-openshift-dockerregistry-0:3.11.170-1.git.1.55fab05.el7.x86_64",
"product": {
"name": "atomic-openshift-dockerregistry-0:3.11.170-1.git.1.55fab05.el7.x86_64",
"product_id": "atomic-openshift-dockerregistry-0:3.11.170-1.git.1.55fab05.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/atomic-openshift-dockerregistry@3.11.170-1.git.1.55fab05.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "prometheus-0:3.11.170-1.git.1.227bc98.el7.x86_64",
"product": {
"name": "prometheus-0:3.11.170-1.git.1.227bc98.el7.x86_64",
"product_id": "prometheus-0:3.11.170-1.git.1.227bc98.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/prometheus@3.11.170-1.git.1.227bc98.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.x86_64",
"product": {
"name": "atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.x86_64",
"product_id": "atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/atomic-openshift-service-idler@3.11.170-1.git.1.8328979.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.x86_64",
"product": {
"name": "atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.x86_64",
"product_id": "atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/atomic-openshift-descheduler@3.11.170-1.git.1.9ad83f2.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "prometheus-node-exporter-0:3.11.170-1.git.1.51473b7.el7.x86_64",
"product": {
"name": "prometheus-node-exporter-0:3.11.170-1.git.1.51473b7.el7.x86_64",
"product_id": "prometheus-node-exporter-0:3.11.170-1.git.1.51473b7.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/prometheus-node-exporter@3.11.170-1.git.1.51473b7.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.x86_64",
"product": {
"name": "atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.x86_64",
"product_id": "atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/atomic-openshift-node-problem-detector@3.11.170-1.git.1.b1f90a6.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.x86_64",
"product": {
"name": "openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.x86_64",
"product_id": "openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-enterprise-autoheal@3.11.170-1.git.1.dfe6c52.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.x86_64",
"product": {
"name": "prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.x86_64",
"product_id": "prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/prometheus-alertmanager@3.11.170-1.git.1.61d7960.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"product": {
"name": "atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"product_id": "atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/atomic-openshift@3.11.170-1.git.0.00cac56.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "atomic-openshift-clients-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"product": {
"name": "atomic-openshift-clients-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"product_id": "atomic-openshift-clients-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/atomic-openshift-clients@3.11.170-1.git.0.00cac56.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "atomic-openshift-clients-redistributable-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"product": {
"name": "atomic-openshift-clients-redistributable-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"product_id": "atomic-openshift-clients-redistributable-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/atomic-openshift-clients-redistributable@3.11.170-1.git.0.00cac56.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "atomic-openshift-hyperkube-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"product": {
"name": "atomic-openshift-hyperkube-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"product_id": "atomic-openshift-hyperkube-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/atomic-openshift-hyperkube@3.11.170-1.git.0.00cac56.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "atomic-openshift-hypershift-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"product": {
"name": "atomic-openshift-hypershift-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"product_id": "atomic-openshift-hypershift-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/atomic-openshift-hypershift@3.11.170-1.git.0.00cac56.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "atomic-openshift-master-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"product": {
"name": "atomic-openshift-master-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"product_id": "atomic-openshift-master-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/atomic-openshift-master@3.11.170-1.git.0.00cac56.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "atomic-openshift-node-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"product": {
"name": "atomic-openshift-node-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"product_id": "atomic-openshift-node-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/atomic-openshift-node@3.11.170-1.git.0.00cac56.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "atomic-openshift-pod-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"product": {
"name": "atomic-openshift-pod-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"product_id": "atomic-openshift-pod-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/atomic-openshift-pod@3.11.170-1.git.0.00cac56.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "atomic-openshift-sdn-ovs-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"product": {
"name": "atomic-openshift-sdn-ovs-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"product_id": "atomic-openshift-sdn-ovs-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/atomic-openshift-sdn-ovs@3.11.170-1.git.0.00cac56.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "atomic-openshift-template-service-broker-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"product": {
"name": "atomic-openshift-template-service-broker-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"product_id": "atomic-openshift-template-service-broker-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/atomic-openshift-template-service-broker@3.11.170-1.git.0.00cac56.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "atomic-openshift-tests-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"product": {
"name": "atomic-openshift-tests-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"product_id": "atomic-openshift-tests-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/atomic-openshift-tests@3.11.170-1.git.0.00cac56.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.x86_64",
"product": {
"name": "cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.x86_64",
"product_id": "cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cri-o@1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "cri-o-debuginfo-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.x86_64",
"product": {
"name": "cri-o-debuginfo-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.x86_64",
"product_id": "cri-o-debuginfo-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cri-o-debuginfo@1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.ppc64le"
},
"product_reference": "atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.ppc64le",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.src as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.src"
},
"product_reference": "atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.src",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.x86_64"
},
"product_reference": "atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.x86_64",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "atomic-enterprise-service-catalog-svcat-1:3.11.170-1.git.1.91db82e.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.170-1.git.1.91db82e.el7.ppc64le"
},
"product_reference": "atomic-enterprise-service-catalog-svcat-1:3.11.170-1.git.1.91db82e.el7.ppc64le",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "atomic-enterprise-service-catalog-svcat-1:3.11.170-1.git.1.91db82e.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.170-1.git.1.91db82e.el7.x86_64"
},
"product_reference": "atomic-enterprise-service-catalog-svcat-1:3.11.170-1.git.1.91db82e.el7.x86_64",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.ppc64le"
},
"product_reference": "atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.src as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.src"
},
"product_reference": "atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.src",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.x86_64"
},
"product_reference": "atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "atomic-openshift-clients-0:3.11.170-1.git.0.00cac56.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.170-1.git.0.00cac56.el7.ppc64le"
},
"product_reference": "atomic-openshift-clients-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "atomic-openshift-clients-0:3.11.170-1.git.0.00cac56.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.170-1.git.0.00cac56.el7.x86_64"
},
"product_reference": "atomic-openshift-clients-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "atomic-openshift-clients-redistributable-0:3.11.170-1.git.0.00cac56.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.170-1.git.0.00cac56.el7.x86_64"
},
"product_reference": "atomic-openshift-clients-redistributable-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.ppc64le"
},
"product_reference": "atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.ppc64le",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.src as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.src"
},
"product_reference": "atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.src",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.x86_64"
},
"product_reference": "atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.x86_64",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.ppc64le"
},
"product_reference": "atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.ppc64le",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.src as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.src"
},
"product_reference": "atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.src",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.x86_64"
},
"product_reference": "atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.x86_64",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "atomic-openshift-docker-excluder-0:3.11.170-1.git.0.00cac56.el7.noarch as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.170-1.git.0.00cac56.el7.noarch"
},
"product_reference": "atomic-openshift-docker-excluder-0:3.11.170-1.git.0.00cac56.el7.noarch",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "atomic-openshift-dockerregistry-0:3.11.170-1.git.1.55fab05.el7.src as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.170-1.git.1.55fab05.el7.src"
},
"product_reference": "atomic-openshift-dockerregistry-0:3.11.170-1.git.1.55fab05.el7.src",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "atomic-openshift-dockerregistry-0:3.11.170-1.git.1.55fab05.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.170-1.git.1.55fab05.el7.x86_64"
},
"product_reference": "atomic-openshift-dockerregistry-0:3.11.170-1.git.1.55fab05.el7.x86_64",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "atomic-openshift-excluder-0:3.11.170-1.git.0.00cac56.el7.noarch as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.170-1.git.0.00cac56.el7.noarch"
},
"product_reference": "atomic-openshift-excluder-0:3.11.170-1.git.0.00cac56.el7.noarch",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "atomic-openshift-hyperkube-0:3.11.170-1.git.0.00cac56.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.170-1.git.0.00cac56.el7.ppc64le"
},
"product_reference": "atomic-openshift-hyperkube-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "atomic-openshift-hyperkube-0:3.11.170-1.git.0.00cac56.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.170-1.git.0.00cac56.el7.x86_64"
},
"product_reference": "atomic-openshift-hyperkube-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "atomic-openshift-hypershift-0:3.11.170-1.git.0.00cac56.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.170-1.git.0.00cac56.el7.ppc64le"
},
"product_reference": "atomic-openshift-hypershift-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "atomic-openshift-hypershift-0:3.11.170-1.git.0.00cac56.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.170-1.git.0.00cac56.el7.x86_64"
},
"product_reference": "atomic-openshift-hypershift-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "atomic-openshift-master-0:3.11.170-1.git.0.00cac56.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.170-1.git.0.00cac56.el7.ppc64le"
},
"product_reference": "atomic-openshift-master-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "atomic-openshift-master-0:3.11.170-1.git.0.00cac56.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.170-1.git.0.00cac56.el7.x86_64"
},
"product_reference": "atomic-openshift-master-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.ppc64le"
},
"product_reference": "atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.ppc64le",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.src as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.src"
},
"product_reference": "atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.src",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.x86_64"
},
"product_reference": "atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.x86_64",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "atomic-openshift-node-0:3.11.170-1.git.0.00cac56.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.170-1.git.0.00cac56.el7.ppc64le"
},
"product_reference": "atomic-openshift-node-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "atomic-openshift-node-0:3.11.170-1.git.0.00cac56.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.170-1.git.0.00cac56.el7.x86_64"
},
"product_reference": "atomic-openshift-node-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.ppc64le"
},
"product_reference": "atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.ppc64le",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.src as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.src"
},
"product_reference": "atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.src",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.x86_64"
},
"product_reference": "atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.x86_64",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "atomic-openshift-pod-0:3.11.170-1.git.0.00cac56.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.170-1.git.0.00cac56.el7.ppc64le"
},
"product_reference": "atomic-openshift-pod-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "atomic-openshift-pod-0:3.11.170-1.git.0.00cac56.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.170-1.git.0.00cac56.el7.x86_64"
},
"product_reference": "atomic-openshift-pod-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "atomic-openshift-sdn-ovs-0:3.11.170-1.git.0.00cac56.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.170-1.git.0.00cac56.el7.ppc64le"
},
"product_reference": "atomic-openshift-sdn-ovs-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "atomic-openshift-sdn-ovs-0:3.11.170-1.git.0.00cac56.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.170-1.git.0.00cac56.el7.x86_64"
},
"product_reference": "atomic-openshift-sdn-ovs-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.ppc64le"
},
"product_reference": "atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.ppc64le",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.src as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.src"
},
"product_reference": "atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.src",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.x86_64"
},
"product_reference": "atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.x86_64",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "atomic-openshift-template-service-broker-0:3.11.170-1.git.0.00cac56.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.170-1.git.0.00cac56.el7.ppc64le"
},
"product_reference": "atomic-openshift-template-service-broker-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "atomic-openshift-template-service-broker-0:3.11.170-1.git.0.00cac56.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.170-1.git.0.00cac56.el7.x86_64"
},
"product_reference": "atomic-openshift-template-service-broker-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "atomic-openshift-tests-0:3.11.170-1.git.0.00cac56.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.170-1.git.0.00cac56.el7.ppc64le"
},
"product_reference": "atomic-openshift-tests-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "atomic-openshift-tests-0:3.11.170-1.git.0.00cac56.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.170-1.git.0.00cac56.el7.x86_64"
},
"product_reference": "atomic-openshift-tests-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.ppc64le"
},
"product_reference": "atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.ppc64le",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.src as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.src"
},
"product_reference": "atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.src",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.x86_64"
},
"product_reference": "atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.x86_64",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.ppc64le"
},
"product_reference": "cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.ppc64le",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.src as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.src"
},
"product_reference": "cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.src",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.x86_64"
},
"product_reference": "cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.x86_64",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cri-o-debuginfo-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.ppc64le"
},
"product_reference": "cri-o-debuginfo-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.ppc64le",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cri-o-debuginfo-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.x86_64"
},
"product_reference": "cri-o-debuginfo-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.x86_64",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.ppc64le"
},
"product_reference": "golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.ppc64le",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.src as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.src"
},
"product_reference": "golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.src",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.x86_64"
},
"product_reference": "golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.x86_64",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.src as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.src"
},
"product_reference": "golang-github-prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.src",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-node_exporter-0:3.11.170-1.git.1.51473b7.el7.src as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.170-1.git.1.51473b7.el7.src"
},
"product_reference": "golang-github-prometheus-node_exporter-0:3.11.170-1.git.1.51473b7.el7.src",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-prometheus-0:3.11.170-1.git.1.227bc98.el7.src as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.170-1.git.1.227bc98.el7.src"
},
"product_reference": "golang-github-prometheus-prometheus-0:3.11.170-1.git.1.227bc98.el7.src",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jenkins-0:2.204.2.1580891656-1.el7.noarch as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:jenkins-0:2.204.2.1580891656-1.el7.noarch"
},
"product_reference": "jenkins-0:2.204.2.1580891656-1.el7.noarch",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jenkins-0:2.204.2.1580891656-1.el7.src as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:jenkins-0:2.204.2.1580891656-1.el7.src"
},
"product_reference": "jenkins-0:2.204.2.1580891656-1.el7.src",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jenkins-2-plugins-0:3.11.1579107288-1.el7.noarch as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1579107288-1.el7.noarch"
},
"product_reference": "jenkins-2-plugins-0:3.11.1579107288-1.el7.noarch",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jenkins-2-plugins-0:3.11.1579107288-1.el7.src as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1579107288-1.el7.src"
},
"product_reference": "jenkins-2-plugins-0:3.11.1579107288-1.el7.src",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-ansible-0:3.11.170-2.git.5.8802564.el7.noarch as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.170-2.git.5.8802564.el7.noarch"
},
"product_reference": "openshift-ansible-0:3.11.170-2.git.5.8802564.el7.noarch",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-ansible-0:3.11.170-2.git.5.8802564.el7.src as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.170-2.git.5.8802564.el7.src"
},
"product_reference": "openshift-ansible-0:3.11.170-2.git.5.8802564.el7.src",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-ansible-docs-0:3.11.170-2.git.5.8802564.el7.noarch as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.170-2.git.5.8802564.el7.noarch"
},
"product_reference": "openshift-ansible-docs-0:3.11.170-2.git.5.8802564.el7.noarch",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-ansible-playbooks-0:3.11.170-2.git.5.8802564.el7.noarch as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.170-2.git.5.8802564.el7.noarch"
},
"product_reference": "openshift-ansible-playbooks-0:3.11.170-2.git.5.8802564.el7.noarch",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-ansible-roles-0:3.11.170-2.git.5.8802564.el7.noarch as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.170-2.git.5.8802564.el7.noarch"
},
"product_reference": "openshift-ansible-roles-0:3.11.170-2.git.5.8802564.el7.noarch",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-ansible-test-0:3.11.170-2.git.5.8802564.el7.noarch as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.170-2.git.5.8802564.el7.noarch"
},
"product_reference": "openshift-ansible-test-0:3.11.170-2.git.5.8802564.el7.noarch",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.ppc64le"
},
"product_reference": "openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.ppc64le",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.src as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.src"
},
"product_reference": "openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.src",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.x86_64"
},
"product_reference": "openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.x86_64",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.ppc64le"
},
"product_reference": "openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.ppc64le",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.src as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.src"
},
"product_reference": "openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.src",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.x86_64"
},
"product_reference": "openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.x86_64",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-kuryr-0:3.11.170-1.git.1.7265da1.el7.src as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:openshift-kuryr-0:3.11.170-1.git.1.7265da1.el7.src"
},
"product_reference": "openshift-kuryr-0:3.11.170-1.git.1.7265da1.el7.src",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-kuryr-cni-0:3.11.170-1.git.1.7265da1.el7.noarch as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:openshift-kuryr-cni-0:3.11.170-1.git.1.7265da1.el7.noarch"
},
"product_reference": "openshift-kuryr-cni-0:3.11.170-1.git.1.7265da1.el7.noarch",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-kuryr-common-0:3.11.170-1.git.1.7265da1.el7.noarch as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:openshift-kuryr-common-0:3.11.170-1.git.1.7265da1.el7.noarch"
},
"product_reference": "openshift-kuryr-common-0:3.11.170-1.git.1.7265da1.el7.noarch",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-kuryr-controller-0:3.11.170-1.git.1.7265da1.el7.noarch as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:openshift-kuryr-controller-0:3.11.170-1.git.1.7265da1.el7.noarch"
},
"product_reference": "openshift-kuryr-controller-0:3.11.170-1.git.1.7265da1.el7.noarch",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "prometheus-0:3.11.170-1.git.1.227bc98.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.170-1.git.1.227bc98.el7.ppc64le"
},
"product_reference": "prometheus-0:3.11.170-1.git.1.227bc98.el7.ppc64le",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "prometheus-0:3.11.170-1.git.1.227bc98.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.170-1.git.1.227bc98.el7.x86_64"
},
"product_reference": "prometheus-0:3.11.170-1.git.1.227bc98.el7.x86_64",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.ppc64le"
},
"product_reference": "prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.ppc64le",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.x86_64"
},
"product_reference": "prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.x86_64",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "prometheus-node-exporter-0:3.11.170-1.git.1.51473b7.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.170-1.git.1.51473b7.el7.ppc64le"
},
"product_reference": "prometheus-node-exporter-0:3.11.170-1.git.1.51473b7.el7.ppc64le",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "prometheus-node-exporter-0:3.11.170-1.git.1.51473b7.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.170-1.git.1.51473b7.el7.x86_64"
},
"product_reference": "prometheus-node-exporter-0:3.11.170-1.git.1.51473b7.el7.x86_64",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python2-kuryr-kubernetes-0:3.11.170-1.git.1.7265da1.el7.noarch as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:python2-kuryr-kubernetes-0:3.11.170-1.git.1.7265da1.el7.noarch"
},
"product_reference": "python2-kuryr-kubernetes-0:3.11.170-1.git.1.7265da1.el7.noarch",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2019-11358",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2019-03-28T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1701972"
}
],
"notes": [
{
"category": "description",
"text": "A Prototype Pollution vulnerability was found in jquery. Untrusted JSON passed to the `extend` function could lead to modifying objects up the prototype chain, including the global Object. A crafted JSON object passed to a vulnerable method could lead to denial of service or data injection, with various consequences.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jquery: Prototype pollution in object\u0027s prototype leading to denial of service, remote code execution, or property injection",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Virtualization 4.2 EUS contains the affected version of bootstrap in the packages ovirt-js-dependencies and ovirt-engine-dashboard. These packages are deprecated in Red Hat Virtualization 4.3.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.170-1.git.1.91db82e.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.170-1.git.1.91db82e.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.170-1.git.0.00cac56.el7.noarch",
"7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.170-1.git.1.55fab05.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.170-1.git.1.55fab05.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.170-1.git.0.00cac56.el7.noarch",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.x86_64",
"7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.src",
"7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.x86_64",
"7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.x86_64",
"7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.src",
"7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.x86_64",
"7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.src",
"7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.170-1.git.1.51473b7.el7.src",
"7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.170-1.git.1.227bc98.el7.src",
"7Server-RH7-RHOSE-3.11:jenkins-0:2.204.2.1580891656-1.el7.noarch",
"7Server-RH7-RHOSE-3.11:jenkins-0:2.204.2.1580891656-1.el7.src",
"7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1579107288-1.el7.noarch",
"7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1579107288-1.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.170-2.git.5.8802564.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.x86_64",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.x86_64",
"7Server-RH7-RHOSE-3.11:openshift-kuryr-0:3.11.170-1.git.1.7265da1.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-kuryr-cni-0:3.11.170-1.git.1.7265da1.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-kuryr-common-0:3.11.170-1.git.1.7265da1.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-kuryr-controller-0:3.11.170-1.git.1.7265da1.el7.noarch",
"7Server-RH7-RHOSE-3.11:prometheus-0:3.11.170-1.git.1.227bc98.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:prometheus-0:3.11.170-1.git.1.227bc98.el7.x86_64",
"7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.x86_64",
"7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.170-1.git.1.51473b7.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.170-1.git.1.51473b7.el7.x86_64",
"7Server-RH7-RHOSE-3.11:python2-kuryr-kubernetes-0:3.11.170-1.git.1.7265da1.el7.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-11358"
},
{
"category": "external",
"summary": "RHBZ#1701972",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1701972"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-11358",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11358"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-11358",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-11358"
},
{
"category": "external",
"summary": "https://blog.jquery.com/2019/04/10/jquery-3-4-0-released/",
"url": "https://blog.jquery.com/2019/04/10/jquery-3-4-0-released/"
},
{
"category": "external",
"summary": "https://www.drupal.org/sa-core-2019-006",
"url": "https://www.drupal.org/sa-core-2019-006"
}
],
"release_date": "2019-03-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-02-19T19:55:22+00:00",
"details": "Before applying this update, ensure all previously released errata relevant\nto your system is applied.\n\nSee the following documentation, which will be updated shortly for release\n3.11.170, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/3.11/release_notes/ocp_3_11_release_notes.html\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/articles/11258.",
"product_ids": [
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.170-1.git.1.91db82e.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.170-1.git.1.91db82e.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.170-1.git.0.00cac56.el7.noarch",
"7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.170-1.git.1.55fab05.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.170-1.git.1.55fab05.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.170-1.git.0.00cac56.el7.noarch",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.x86_64",
"7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.src",
"7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.x86_64",
"7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.x86_64",
"7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.src",
"7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.x86_64",
"7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.src",
"7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.170-1.git.1.51473b7.el7.src",
"7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.170-1.git.1.227bc98.el7.src",
"7Server-RH7-RHOSE-3.11:jenkins-0:2.204.2.1580891656-1.el7.noarch",
"7Server-RH7-RHOSE-3.11:jenkins-0:2.204.2.1580891656-1.el7.src",
"7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1579107288-1.el7.noarch",
"7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1579107288-1.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.170-2.git.5.8802564.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.x86_64",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.x86_64",
"7Server-RH7-RHOSE-3.11:openshift-kuryr-0:3.11.170-1.git.1.7265da1.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-kuryr-cni-0:3.11.170-1.git.1.7265da1.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-kuryr-common-0:3.11.170-1.git.1.7265da1.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-kuryr-controller-0:3.11.170-1.git.1.7265da1.el7.noarch",
"7Server-RH7-RHOSE-3.11:prometheus-0:3.11.170-1.git.1.227bc98.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:prometheus-0:3.11.170-1.git.1.227bc98.el7.x86_64",
"7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.x86_64",
"7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.170-1.git.1.51473b7.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.170-1.git.1.51473b7.el7.x86_64",
"7Server-RH7-RHOSE-3.11:python2-kuryr-kubernetes-0:3.11.170-1.git.1.7265da1.el7.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHBA-2020:0402"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.0"
},
"products": [
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.170-1.git.1.91db82e.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.170-1.git.1.91db82e.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.170-1.git.0.00cac56.el7.noarch",
"7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.170-1.git.1.55fab05.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.170-1.git.1.55fab05.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.170-1.git.0.00cac56.el7.noarch",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.x86_64",
"7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.src",
"7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.x86_64",
"7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.x86_64",
"7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.src",
"7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.x86_64",
"7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.src",
"7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.170-1.git.1.51473b7.el7.src",
"7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.170-1.git.1.227bc98.el7.src",
"7Server-RH7-RHOSE-3.11:jenkins-0:2.204.2.1580891656-1.el7.noarch",
"7Server-RH7-RHOSE-3.11:jenkins-0:2.204.2.1580891656-1.el7.src",
"7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1579107288-1.el7.noarch",
"7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1579107288-1.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.170-2.git.5.8802564.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.x86_64",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.x86_64",
"7Server-RH7-RHOSE-3.11:openshift-kuryr-0:3.11.170-1.git.1.7265da1.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-kuryr-cni-0:3.11.170-1.git.1.7265da1.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-kuryr-common-0:3.11.170-1.git.1.7265da1.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-kuryr-controller-0:3.11.170-1.git.1.7265da1.el7.noarch",
"7Server-RH7-RHOSE-3.11:prometheus-0:3.11.170-1.git.1.227bc98.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:prometheus-0:3.11.170-1.git.1.227bc98.el7.x86_64",
"7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.x86_64",
"7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.170-1.git.1.51473b7.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.170-1.git.1.51473b7.el7.x86_64",
"7Server-RH7-RHOSE-3.11:python2-kuryr-kubernetes-0:3.11.170-1.git.1.7265da1.el7.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jquery: Prototype pollution in object\u0027s prototype leading to denial of service, remote code execution, or property injection"
},
{
"cve": "CVE-2020-2099",
"cwe": {
"id": "CWE-305",
"name": "Authentication Bypass by Primary Weakness"
},
"discovery_date": "2020-01-29T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1797080"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Jenkins. Encryption key parameters are improperly reused in the Inbound TCP Agent Protocol/3 allowing unauthorized attackers with knowledge of agent names to obtain the connection secrets for those agents. The highest threat from this vulnerability is to data confidentiality.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jenkins: Inbound TCP Agent Protocol/3 authentication bypass",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.170-1.git.1.91db82e.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.170-1.git.1.91db82e.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.170-1.git.0.00cac56.el7.noarch",
"7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.170-1.git.1.55fab05.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.170-1.git.1.55fab05.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.170-1.git.0.00cac56.el7.noarch",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.x86_64",
"7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.src",
"7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.x86_64",
"7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.x86_64",
"7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.src",
"7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.x86_64",
"7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.src",
"7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.170-1.git.1.51473b7.el7.src",
"7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.170-1.git.1.227bc98.el7.src",
"7Server-RH7-RHOSE-3.11:jenkins-0:2.204.2.1580891656-1.el7.noarch",
"7Server-RH7-RHOSE-3.11:jenkins-0:2.204.2.1580891656-1.el7.src",
"7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1579107288-1.el7.noarch",
"7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1579107288-1.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.170-2.git.5.8802564.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.x86_64",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.x86_64",
"7Server-RH7-RHOSE-3.11:openshift-kuryr-0:3.11.170-1.git.1.7265da1.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-kuryr-cni-0:3.11.170-1.git.1.7265da1.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-kuryr-common-0:3.11.170-1.git.1.7265da1.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-kuryr-controller-0:3.11.170-1.git.1.7265da1.el7.noarch",
"7Server-RH7-RHOSE-3.11:prometheus-0:3.11.170-1.git.1.227bc98.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:prometheus-0:3.11.170-1.git.1.227bc98.el7.x86_64",
"7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.x86_64",
"7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.170-1.git.1.51473b7.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.170-1.git.1.51473b7.el7.x86_64",
"7Server-RH7-RHOSE-3.11:python2-kuryr-kubernetes-0:3.11.170-1.git.1.7265da1.el7.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-2099"
},
{
"category": "external",
"summary": "RHBZ#1797080",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1797080"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-2099",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2099"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-2099",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-2099"
}
],
"release_date": "2020-01-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-02-19T19:55:22+00:00",
"details": "Before applying this update, ensure all previously released errata relevant\nto your system is applied.\n\nSee the following documentation, which will be updated shortly for release\n3.11.170, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/3.11/release_notes/ocp_3_11_release_notes.html\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/articles/11258.",
"product_ids": [
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.170-1.git.1.91db82e.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.170-1.git.1.91db82e.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.170-1.git.0.00cac56.el7.noarch",
"7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.170-1.git.1.55fab05.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.170-1.git.1.55fab05.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.170-1.git.0.00cac56.el7.noarch",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.x86_64",
"7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.src",
"7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.x86_64",
"7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.x86_64",
"7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.src",
"7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.x86_64",
"7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.src",
"7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.170-1.git.1.51473b7.el7.src",
"7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.170-1.git.1.227bc98.el7.src",
"7Server-RH7-RHOSE-3.11:jenkins-0:2.204.2.1580891656-1.el7.noarch",
"7Server-RH7-RHOSE-3.11:jenkins-0:2.204.2.1580891656-1.el7.src",
"7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1579107288-1.el7.noarch",
"7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1579107288-1.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.170-2.git.5.8802564.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.x86_64",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.x86_64",
"7Server-RH7-RHOSE-3.11:openshift-kuryr-0:3.11.170-1.git.1.7265da1.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-kuryr-cni-0:3.11.170-1.git.1.7265da1.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-kuryr-common-0:3.11.170-1.git.1.7265da1.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-kuryr-controller-0:3.11.170-1.git.1.7265da1.el7.noarch",
"7Server-RH7-RHOSE-3.11:prometheus-0:3.11.170-1.git.1.227bc98.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:prometheus-0:3.11.170-1.git.1.227bc98.el7.x86_64",
"7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.x86_64",
"7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.170-1.git.1.51473b7.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.170-1.git.1.51473b7.el7.x86_64",
"7Server-RH7-RHOSE-3.11:python2-kuryr-kubernetes-0:3.11.170-1.git.1.7265da1.el7.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHBA-2020:0402"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L",
"version": "3.1"
},
"products": [
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.170-1.git.1.91db82e.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.170-1.git.1.91db82e.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.170-1.git.0.00cac56.el7.noarch",
"7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.170-1.git.1.55fab05.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.170-1.git.1.55fab05.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.170-1.git.0.00cac56.el7.noarch",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.x86_64",
"7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.src",
"7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.x86_64",
"7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.x86_64",
"7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.src",
"7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.x86_64",
"7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.src",
"7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.170-1.git.1.51473b7.el7.src",
"7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.170-1.git.1.227bc98.el7.src",
"7Server-RH7-RHOSE-3.11:jenkins-0:2.204.2.1580891656-1.el7.noarch",
"7Server-RH7-RHOSE-3.11:jenkins-0:2.204.2.1580891656-1.el7.src",
"7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1579107288-1.el7.noarch",
"7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1579107288-1.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.170-2.git.5.8802564.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.x86_64",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.x86_64",
"7Server-RH7-RHOSE-3.11:openshift-kuryr-0:3.11.170-1.git.1.7265da1.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-kuryr-cni-0:3.11.170-1.git.1.7265da1.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-kuryr-common-0:3.11.170-1.git.1.7265da1.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-kuryr-controller-0:3.11.170-1.git.1.7265da1.el7.noarch",
"7Server-RH7-RHOSE-3.11:prometheus-0:3.11.170-1.git.1.227bc98.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:prometheus-0:3.11.170-1.git.1.227bc98.el7.x86_64",
"7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.x86_64",
"7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.170-1.git.1.51473b7.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.170-1.git.1.51473b7.el7.x86_64",
"7Server-RH7-RHOSE-3.11:python2-kuryr-kubernetes-0:3.11.170-1.git.1.7265da1.el7.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "jenkins: Inbound TCP Agent Protocol/3 authentication bypass"
},
{
"cve": "CVE-2020-2100",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2020-01-29T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1797087"
}
],
"notes": [
{
"category": "description",
"text": "Jenkins 2.218 and earlier, LTS 2.204.1 and earlier was vulnerable to a UDP amplification reflection denial of service attack on port 33848.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jenkins: UDP multicast/broadcast service amplification reflection attack",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.170-1.git.1.91db82e.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.170-1.git.1.91db82e.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.170-1.git.0.00cac56.el7.noarch",
"7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.170-1.git.1.55fab05.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.170-1.git.1.55fab05.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.170-1.git.0.00cac56.el7.noarch",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.x86_64",
"7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.src",
"7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.x86_64",
"7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.x86_64",
"7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.src",
"7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.x86_64",
"7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.src",
"7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.170-1.git.1.51473b7.el7.src",
"7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.170-1.git.1.227bc98.el7.src",
"7Server-RH7-RHOSE-3.11:jenkins-0:2.204.2.1580891656-1.el7.noarch",
"7Server-RH7-RHOSE-3.11:jenkins-0:2.204.2.1580891656-1.el7.src",
"7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1579107288-1.el7.noarch",
"7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1579107288-1.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.170-2.git.5.8802564.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.x86_64",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.x86_64",
"7Server-RH7-RHOSE-3.11:openshift-kuryr-0:3.11.170-1.git.1.7265da1.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-kuryr-cni-0:3.11.170-1.git.1.7265da1.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-kuryr-common-0:3.11.170-1.git.1.7265da1.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-kuryr-controller-0:3.11.170-1.git.1.7265da1.el7.noarch",
"7Server-RH7-RHOSE-3.11:prometheus-0:3.11.170-1.git.1.227bc98.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:prometheus-0:3.11.170-1.git.1.227bc98.el7.x86_64",
"7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.x86_64",
"7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.170-1.git.1.51473b7.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.170-1.git.1.51473b7.el7.x86_64",
"7Server-RH7-RHOSE-3.11:python2-kuryr-kubernetes-0:3.11.170-1.git.1.7265da1.el7.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-2100"
},
{
"category": "external",
"summary": "RHBZ#1797087",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1797087"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-2100",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2100"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-2100",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-2100"
}
],
"release_date": "2020-01-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-02-19T19:55:22+00:00",
"details": "Before applying this update, ensure all previously released errata relevant\nto your system is applied.\n\nSee the following documentation, which will be updated shortly for release\n3.11.170, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/3.11/release_notes/ocp_3_11_release_notes.html\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/articles/11258.",
"product_ids": [
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.170-1.git.1.91db82e.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.170-1.git.1.91db82e.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.170-1.git.0.00cac56.el7.noarch",
"7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.170-1.git.1.55fab05.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.170-1.git.1.55fab05.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.170-1.git.0.00cac56.el7.noarch",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.x86_64",
"7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.src",
"7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.x86_64",
"7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.x86_64",
"7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.src",
"7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.x86_64",
"7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.src",
"7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.170-1.git.1.51473b7.el7.src",
"7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.170-1.git.1.227bc98.el7.src",
"7Server-RH7-RHOSE-3.11:jenkins-0:2.204.2.1580891656-1.el7.noarch",
"7Server-RH7-RHOSE-3.11:jenkins-0:2.204.2.1580891656-1.el7.src",
"7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1579107288-1.el7.noarch",
"7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1579107288-1.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.170-2.git.5.8802564.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.x86_64",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.x86_64",
"7Server-RH7-RHOSE-3.11:openshift-kuryr-0:3.11.170-1.git.1.7265da1.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-kuryr-cni-0:3.11.170-1.git.1.7265da1.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-kuryr-common-0:3.11.170-1.git.1.7265da1.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-kuryr-controller-0:3.11.170-1.git.1.7265da1.el7.noarch",
"7Server-RH7-RHOSE-3.11:prometheus-0:3.11.170-1.git.1.227bc98.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:prometheus-0:3.11.170-1.git.1.227bc98.el7.x86_64",
"7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.x86_64",
"7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.170-1.git.1.51473b7.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.170-1.git.1.51473b7.el7.x86_64",
"7Server-RH7-RHOSE-3.11:python2-kuryr-kubernetes-0:3.11.170-1.git.1.7265da1.el7.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHBA-2020:0402"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.170-1.git.1.91db82e.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.170-1.git.1.91db82e.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.170-1.git.0.00cac56.el7.noarch",
"7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.170-1.git.1.55fab05.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.170-1.git.1.55fab05.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.170-1.git.0.00cac56.el7.noarch",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.x86_64",
"7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.src",
"7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.x86_64",
"7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.x86_64",
"7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.src",
"7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.x86_64",
"7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.src",
"7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.170-1.git.1.51473b7.el7.src",
"7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.170-1.git.1.227bc98.el7.src",
"7Server-RH7-RHOSE-3.11:jenkins-0:2.204.2.1580891656-1.el7.noarch",
"7Server-RH7-RHOSE-3.11:jenkins-0:2.204.2.1580891656-1.el7.src",
"7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1579107288-1.el7.noarch",
"7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1579107288-1.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.170-2.git.5.8802564.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.x86_64",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.x86_64",
"7Server-RH7-RHOSE-3.11:openshift-kuryr-0:3.11.170-1.git.1.7265da1.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-kuryr-cni-0:3.11.170-1.git.1.7265da1.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-kuryr-common-0:3.11.170-1.git.1.7265da1.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-kuryr-controller-0:3.11.170-1.git.1.7265da1.el7.noarch",
"7Server-RH7-RHOSE-3.11:prometheus-0:3.11.170-1.git.1.227bc98.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:prometheus-0:3.11.170-1.git.1.227bc98.el7.x86_64",
"7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.x86_64",
"7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.170-1.git.1.51473b7.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.170-1.git.1.51473b7.el7.x86_64",
"7Server-RH7-RHOSE-3.11:python2-kuryr-kubernetes-0:3.11.170-1.git.1.7265da1.el7.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jenkins: UDP multicast/broadcast service amplification reflection attack"
},
{
"cve": "CVE-2020-2101",
"cwe": {
"id": "CWE-385",
"name": "Covert Timing Channel"
},
"discovery_date": "2020-01-29T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1797084"
}
],
"notes": [
{
"category": "description",
"text": "Jenkins 2.218 and earlier, LTS 2.204.1 and earlier did not use a constant-time comparison function for validating connection secrets, which could potentially allow an attacker to use a timing attack to obtain this secret.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jenkins: Non-constant time comparison of inbound TCP agent connection secret",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.170-1.git.1.91db82e.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.170-1.git.1.91db82e.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.170-1.git.0.00cac56.el7.noarch",
"7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.170-1.git.1.55fab05.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.170-1.git.1.55fab05.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.170-1.git.0.00cac56.el7.noarch",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.x86_64",
"7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.src",
"7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.x86_64",
"7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.x86_64",
"7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.src",
"7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.x86_64",
"7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.src",
"7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.170-1.git.1.51473b7.el7.src",
"7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.170-1.git.1.227bc98.el7.src",
"7Server-RH7-RHOSE-3.11:jenkins-0:2.204.2.1580891656-1.el7.noarch",
"7Server-RH7-RHOSE-3.11:jenkins-0:2.204.2.1580891656-1.el7.src",
"7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1579107288-1.el7.noarch",
"7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1579107288-1.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.170-2.git.5.8802564.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.x86_64",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.x86_64",
"7Server-RH7-RHOSE-3.11:openshift-kuryr-0:3.11.170-1.git.1.7265da1.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-kuryr-cni-0:3.11.170-1.git.1.7265da1.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-kuryr-common-0:3.11.170-1.git.1.7265da1.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-kuryr-controller-0:3.11.170-1.git.1.7265da1.el7.noarch",
"7Server-RH7-RHOSE-3.11:prometheus-0:3.11.170-1.git.1.227bc98.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:prometheus-0:3.11.170-1.git.1.227bc98.el7.x86_64",
"7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.x86_64",
"7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.170-1.git.1.51473b7.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.170-1.git.1.51473b7.el7.x86_64",
"7Server-RH7-RHOSE-3.11:python2-kuryr-kubernetes-0:3.11.170-1.git.1.7265da1.el7.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-2101"
},
{
"category": "external",
"summary": "RHBZ#1797084",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1797084"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-2101",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2101"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-2101",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-2101"
}
],
"release_date": "2020-01-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-02-19T19:55:22+00:00",
"details": "Before applying this update, ensure all previously released errata relevant\nto your system is applied.\n\nSee the following documentation, which will be updated shortly for release\n3.11.170, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/3.11/release_notes/ocp_3_11_release_notes.html\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/articles/11258.",
"product_ids": [
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.170-1.git.1.91db82e.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.170-1.git.1.91db82e.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.170-1.git.0.00cac56.el7.noarch",
"7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.170-1.git.1.55fab05.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.170-1.git.1.55fab05.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.170-1.git.0.00cac56.el7.noarch",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.x86_64",
"7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.src",
"7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.x86_64",
"7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.x86_64",
"7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.src",
"7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.x86_64",
"7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.src",
"7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.170-1.git.1.51473b7.el7.src",
"7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.170-1.git.1.227bc98.el7.src",
"7Server-RH7-RHOSE-3.11:jenkins-0:2.204.2.1580891656-1.el7.noarch",
"7Server-RH7-RHOSE-3.11:jenkins-0:2.204.2.1580891656-1.el7.src",
"7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1579107288-1.el7.noarch",
"7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1579107288-1.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.170-2.git.5.8802564.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.x86_64",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.x86_64",
"7Server-RH7-RHOSE-3.11:openshift-kuryr-0:3.11.170-1.git.1.7265da1.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-kuryr-cni-0:3.11.170-1.git.1.7265da1.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-kuryr-common-0:3.11.170-1.git.1.7265da1.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-kuryr-controller-0:3.11.170-1.git.1.7265da1.el7.noarch",
"7Server-RH7-RHOSE-3.11:prometheus-0:3.11.170-1.git.1.227bc98.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:prometheus-0:3.11.170-1.git.1.227bc98.el7.x86_64",
"7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.x86_64",
"7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.170-1.git.1.51473b7.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.170-1.git.1.51473b7.el7.x86_64",
"7Server-RH7-RHOSE-3.11:python2-kuryr-kubernetes-0:3.11.170-1.git.1.7265da1.el7.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHBA-2020:0402"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.170-1.git.1.91db82e.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.170-1.git.1.91db82e.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.170-1.git.0.00cac56.el7.noarch",
"7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.170-1.git.1.55fab05.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.170-1.git.1.55fab05.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.170-1.git.0.00cac56.el7.noarch",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.x86_64",
"7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.src",
"7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.x86_64",
"7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.x86_64",
"7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.src",
"7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.x86_64",
"7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.src",
"7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.170-1.git.1.51473b7.el7.src",
"7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.170-1.git.1.227bc98.el7.src",
"7Server-RH7-RHOSE-3.11:jenkins-0:2.204.2.1580891656-1.el7.noarch",
"7Server-RH7-RHOSE-3.11:jenkins-0:2.204.2.1580891656-1.el7.src",
"7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1579107288-1.el7.noarch",
"7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1579107288-1.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.170-2.git.5.8802564.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.x86_64",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.x86_64",
"7Server-RH7-RHOSE-3.11:openshift-kuryr-0:3.11.170-1.git.1.7265da1.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-kuryr-cni-0:3.11.170-1.git.1.7265da1.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-kuryr-common-0:3.11.170-1.git.1.7265da1.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-kuryr-controller-0:3.11.170-1.git.1.7265da1.el7.noarch",
"7Server-RH7-RHOSE-3.11:prometheus-0:3.11.170-1.git.1.227bc98.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:prometheus-0:3.11.170-1.git.1.227bc98.el7.x86_64",
"7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.x86_64",
"7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.170-1.git.1.51473b7.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.170-1.git.1.51473b7.el7.x86_64",
"7Server-RH7-RHOSE-3.11:python2-kuryr-kubernetes-0:3.11.170-1.git.1.7265da1.el7.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jenkins: Non-constant time comparison of inbound TCP agent connection secret"
},
{
"cve": "CVE-2020-2102",
"cwe": {
"id": "CWE-385",
"name": "Covert Timing Channel"
},
"discovery_date": "2020-01-29T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1797071"
}
],
"notes": [
{
"category": "description",
"text": "Jenkins 2.218 and earlier, LTS 2.204.1 and earlier used a non-constant time comparison function when validating an HMAC.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jenkins: Non-constant time HMAC comparison",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.170-1.git.1.91db82e.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.170-1.git.1.91db82e.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.170-1.git.0.00cac56.el7.noarch",
"7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.170-1.git.1.55fab05.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.170-1.git.1.55fab05.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.170-1.git.0.00cac56.el7.noarch",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.x86_64",
"7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.src",
"7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.x86_64",
"7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.x86_64",
"7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.src",
"7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.x86_64",
"7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.src",
"7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.170-1.git.1.51473b7.el7.src",
"7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.170-1.git.1.227bc98.el7.src",
"7Server-RH7-RHOSE-3.11:jenkins-0:2.204.2.1580891656-1.el7.noarch",
"7Server-RH7-RHOSE-3.11:jenkins-0:2.204.2.1580891656-1.el7.src",
"7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1579107288-1.el7.noarch",
"7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1579107288-1.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.170-2.git.5.8802564.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.x86_64",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.x86_64",
"7Server-RH7-RHOSE-3.11:openshift-kuryr-0:3.11.170-1.git.1.7265da1.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-kuryr-cni-0:3.11.170-1.git.1.7265da1.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-kuryr-common-0:3.11.170-1.git.1.7265da1.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-kuryr-controller-0:3.11.170-1.git.1.7265da1.el7.noarch",
"7Server-RH7-RHOSE-3.11:prometheus-0:3.11.170-1.git.1.227bc98.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:prometheus-0:3.11.170-1.git.1.227bc98.el7.x86_64",
"7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.x86_64",
"7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.170-1.git.1.51473b7.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.170-1.git.1.51473b7.el7.x86_64",
"7Server-RH7-RHOSE-3.11:python2-kuryr-kubernetes-0:3.11.170-1.git.1.7265da1.el7.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-2102"
},
{
"category": "external",
"summary": "RHBZ#1797071",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1797071"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-2102",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2102"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-2102",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-2102"
}
],
"release_date": "2020-01-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-02-19T19:55:22+00:00",
"details": "Before applying this update, ensure all previously released errata relevant\nto your system is applied.\n\nSee the following documentation, which will be updated shortly for release\n3.11.170, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/3.11/release_notes/ocp_3_11_release_notes.html\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/articles/11258.",
"product_ids": [
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.170-1.git.1.91db82e.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.170-1.git.1.91db82e.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.170-1.git.0.00cac56.el7.noarch",
"7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.170-1.git.1.55fab05.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.170-1.git.1.55fab05.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.170-1.git.0.00cac56.el7.noarch",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.x86_64",
"7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.src",
"7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.x86_64",
"7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.x86_64",
"7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.src",
"7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.x86_64",
"7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.src",
"7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.170-1.git.1.51473b7.el7.src",
"7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.170-1.git.1.227bc98.el7.src",
"7Server-RH7-RHOSE-3.11:jenkins-0:2.204.2.1580891656-1.el7.noarch",
"7Server-RH7-RHOSE-3.11:jenkins-0:2.204.2.1580891656-1.el7.src",
"7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1579107288-1.el7.noarch",
"7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1579107288-1.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.170-2.git.5.8802564.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.x86_64",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.x86_64",
"7Server-RH7-RHOSE-3.11:openshift-kuryr-0:3.11.170-1.git.1.7265da1.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-kuryr-cni-0:3.11.170-1.git.1.7265da1.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-kuryr-common-0:3.11.170-1.git.1.7265da1.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-kuryr-controller-0:3.11.170-1.git.1.7265da1.el7.noarch",
"7Server-RH7-RHOSE-3.11:prometheus-0:3.11.170-1.git.1.227bc98.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:prometheus-0:3.11.170-1.git.1.227bc98.el7.x86_64",
"7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.x86_64",
"7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.170-1.git.1.51473b7.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.170-1.git.1.51473b7.el7.x86_64",
"7Server-RH7-RHOSE-3.11:python2-kuryr-kubernetes-0:3.11.170-1.git.1.7265da1.el7.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHBA-2020:0402"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.170-1.git.1.91db82e.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.170-1.git.1.91db82e.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.170-1.git.0.00cac56.el7.noarch",
"7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.170-1.git.1.55fab05.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.170-1.git.1.55fab05.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.170-1.git.0.00cac56.el7.noarch",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.x86_64",
"7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.src",
"7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.x86_64",
"7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.x86_64",
"7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.src",
"7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.x86_64",
"7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.src",
"7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.170-1.git.1.51473b7.el7.src",
"7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.170-1.git.1.227bc98.el7.src",
"7Server-RH7-RHOSE-3.11:jenkins-0:2.204.2.1580891656-1.el7.noarch",
"7Server-RH7-RHOSE-3.11:jenkins-0:2.204.2.1580891656-1.el7.src",
"7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1579107288-1.el7.noarch",
"7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1579107288-1.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.170-2.git.5.8802564.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.x86_64",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.x86_64",
"7Server-RH7-RHOSE-3.11:openshift-kuryr-0:3.11.170-1.git.1.7265da1.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-kuryr-cni-0:3.11.170-1.git.1.7265da1.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-kuryr-common-0:3.11.170-1.git.1.7265da1.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-kuryr-controller-0:3.11.170-1.git.1.7265da1.el7.noarch",
"7Server-RH7-RHOSE-3.11:prometheus-0:3.11.170-1.git.1.227bc98.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:prometheus-0:3.11.170-1.git.1.227bc98.el7.x86_64",
"7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.x86_64",
"7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.170-1.git.1.51473b7.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.170-1.git.1.51473b7.el7.x86_64",
"7Server-RH7-RHOSE-3.11:python2-kuryr-kubernetes-0:3.11.170-1.git.1.7265da1.el7.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jenkins: Non-constant time HMAC comparison"
},
{
"cve": "CVE-2020-2103",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"discovery_date": "2020-01-29T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1797062"
}
],
"notes": [
{
"category": "description",
"text": "Jenkins 2.218 and earlier, LTS 2.204.1 and earlier exposed session identifiers on a user\u0027s detail object in the whoAmI diagnostic page.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jenkins: Exposed session identifiers on user detail object in the whoAmI diagnostic page",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.170-1.git.1.91db82e.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.170-1.git.1.91db82e.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.170-1.git.0.00cac56.el7.noarch",
"7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.170-1.git.1.55fab05.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.170-1.git.1.55fab05.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.170-1.git.0.00cac56.el7.noarch",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.x86_64",
"7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.src",
"7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.x86_64",
"7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.x86_64",
"7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.src",
"7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.x86_64",
"7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.src",
"7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.170-1.git.1.51473b7.el7.src",
"7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.170-1.git.1.227bc98.el7.src",
"7Server-RH7-RHOSE-3.11:jenkins-0:2.204.2.1580891656-1.el7.noarch",
"7Server-RH7-RHOSE-3.11:jenkins-0:2.204.2.1580891656-1.el7.src",
"7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1579107288-1.el7.noarch",
"7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1579107288-1.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.170-2.git.5.8802564.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.x86_64",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.x86_64",
"7Server-RH7-RHOSE-3.11:openshift-kuryr-0:3.11.170-1.git.1.7265da1.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-kuryr-cni-0:3.11.170-1.git.1.7265da1.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-kuryr-common-0:3.11.170-1.git.1.7265da1.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-kuryr-controller-0:3.11.170-1.git.1.7265da1.el7.noarch",
"7Server-RH7-RHOSE-3.11:prometheus-0:3.11.170-1.git.1.227bc98.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:prometheus-0:3.11.170-1.git.1.227bc98.el7.x86_64",
"7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.x86_64",
"7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.170-1.git.1.51473b7.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.170-1.git.1.51473b7.el7.x86_64",
"7Server-RH7-RHOSE-3.11:python2-kuryr-kubernetes-0:3.11.170-1.git.1.7265da1.el7.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-2103"
},
{
"category": "external",
"summary": "RHBZ#1797062",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1797062"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-2103",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2103"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-2103",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-2103"
}
],
"release_date": "2020-01-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-02-19T19:55:22+00:00",
"details": "Before applying this update, ensure all previously released errata relevant\nto your system is applied.\n\nSee the following documentation, which will be updated shortly for release\n3.11.170, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/3.11/release_notes/ocp_3_11_release_notes.html\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/articles/11258.",
"product_ids": [
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.170-1.git.1.91db82e.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.170-1.git.1.91db82e.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.170-1.git.0.00cac56.el7.noarch",
"7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.170-1.git.1.55fab05.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.170-1.git.1.55fab05.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.170-1.git.0.00cac56.el7.noarch",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.x86_64",
"7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.src",
"7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.x86_64",
"7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.x86_64",
"7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.src",
"7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.x86_64",
"7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.src",
"7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.170-1.git.1.51473b7.el7.src",
"7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.170-1.git.1.227bc98.el7.src",
"7Server-RH7-RHOSE-3.11:jenkins-0:2.204.2.1580891656-1.el7.noarch",
"7Server-RH7-RHOSE-3.11:jenkins-0:2.204.2.1580891656-1.el7.src",
"7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1579107288-1.el7.noarch",
"7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1579107288-1.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.170-2.git.5.8802564.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.x86_64",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.x86_64",
"7Server-RH7-RHOSE-3.11:openshift-kuryr-0:3.11.170-1.git.1.7265da1.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-kuryr-cni-0:3.11.170-1.git.1.7265da1.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-kuryr-common-0:3.11.170-1.git.1.7265da1.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-kuryr-controller-0:3.11.170-1.git.1.7265da1.el7.noarch",
"7Server-RH7-RHOSE-3.11:prometheus-0:3.11.170-1.git.1.227bc98.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:prometheus-0:3.11.170-1.git.1.227bc98.el7.x86_64",
"7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.x86_64",
"7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.170-1.git.1.51473b7.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.170-1.git.1.51473b7.el7.x86_64",
"7Server-RH7-RHOSE-3.11:python2-kuryr-kubernetes-0:3.11.170-1.git.1.7265da1.el7.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHBA-2020:0402"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.170-1.git.1.91db82e.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.170-1.git.1.91db82e.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.170-1.git.0.00cac56.el7.noarch",
"7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.170-1.git.1.55fab05.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.170-1.git.1.55fab05.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.170-1.git.0.00cac56.el7.noarch",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.x86_64",
"7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.src",
"7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.x86_64",
"7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.x86_64",
"7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.src",
"7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.x86_64",
"7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.src",
"7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.170-1.git.1.51473b7.el7.src",
"7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.170-1.git.1.227bc98.el7.src",
"7Server-RH7-RHOSE-3.11:jenkins-0:2.204.2.1580891656-1.el7.noarch",
"7Server-RH7-RHOSE-3.11:jenkins-0:2.204.2.1580891656-1.el7.src",
"7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1579107288-1.el7.noarch",
"7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1579107288-1.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.170-2.git.5.8802564.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.x86_64",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.x86_64",
"7Server-RH7-RHOSE-3.11:openshift-kuryr-0:3.11.170-1.git.1.7265da1.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-kuryr-cni-0:3.11.170-1.git.1.7265da1.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-kuryr-common-0:3.11.170-1.git.1.7265da1.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-kuryr-controller-0:3.11.170-1.git.1.7265da1.el7.noarch",
"7Server-RH7-RHOSE-3.11:prometheus-0:3.11.170-1.git.1.227bc98.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:prometheus-0:3.11.170-1.git.1.227bc98.el7.x86_64",
"7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.x86_64",
"7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.170-1.git.1.51473b7.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.170-1.git.1.51473b7.el7.x86_64",
"7Server-RH7-RHOSE-3.11:python2-kuryr-kubernetes-0:3.11.170-1.git.1.7265da1.el7.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jenkins: Exposed session identifiers on user detail object in the whoAmI diagnostic page"
},
{
"cve": "CVE-2020-2104",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"discovery_date": "2020-01-29T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1797065"
}
],
"notes": [
{
"category": "description",
"text": "Jenkins 2.218 and earlier, LTS 2.204.1 and earlier allowed users with Overall/Read access to view a JVM memory usage chart.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jenkins: Memory usage graphs accessible to anyone with Overall/Read",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.170-1.git.1.91db82e.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.170-1.git.1.91db82e.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.170-1.git.0.00cac56.el7.noarch",
"7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.170-1.git.1.55fab05.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.170-1.git.1.55fab05.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.170-1.git.0.00cac56.el7.noarch",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.x86_64",
"7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.src",
"7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.x86_64",
"7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.x86_64",
"7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.src",
"7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.x86_64",
"7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.src",
"7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.170-1.git.1.51473b7.el7.src",
"7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.170-1.git.1.227bc98.el7.src",
"7Server-RH7-RHOSE-3.11:jenkins-0:2.204.2.1580891656-1.el7.noarch",
"7Server-RH7-RHOSE-3.11:jenkins-0:2.204.2.1580891656-1.el7.src",
"7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1579107288-1.el7.noarch",
"7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1579107288-1.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.170-2.git.5.8802564.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.x86_64",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.x86_64",
"7Server-RH7-RHOSE-3.11:openshift-kuryr-0:3.11.170-1.git.1.7265da1.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-kuryr-cni-0:3.11.170-1.git.1.7265da1.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-kuryr-common-0:3.11.170-1.git.1.7265da1.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-kuryr-controller-0:3.11.170-1.git.1.7265da1.el7.noarch",
"7Server-RH7-RHOSE-3.11:prometheus-0:3.11.170-1.git.1.227bc98.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:prometheus-0:3.11.170-1.git.1.227bc98.el7.x86_64",
"7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.x86_64",
"7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.170-1.git.1.51473b7.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.170-1.git.1.51473b7.el7.x86_64",
"7Server-RH7-RHOSE-3.11:python2-kuryr-kubernetes-0:3.11.170-1.git.1.7265da1.el7.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-2104"
},
{
"category": "external",
"summary": "RHBZ#1797065",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1797065"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-2104",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2104"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-2104",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-2104"
}
],
"release_date": "2020-01-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-02-19T19:55:22+00:00",
"details": "Before applying this update, ensure all previously released errata relevant\nto your system is applied.\n\nSee the following documentation, which will be updated shortly for release\n3.11.170, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/3.11/release_notes/ocp_3_11_release_notes.html\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/articles/11258.",
"product_ids": [
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.170-1.git.1.91db82e.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.170-1.git.1.91db82e.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.170-1.git.0.00cac56.el7.noarch",
"7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.170-1.git.1.55fab05.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.170-1.git.1.55fab05.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.170-1.git.0.00cac56.el7.noarch",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.x86_64",
"7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.src",
"7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.x86_64",
"7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.x86_64",
"7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.src",
"7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.x86_64",
"7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.src",
"7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.170-1.git.1.51473b7.el7.src",
"7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.170-1.git.1.227bc98.el7.src",
"7Server-RH7-RHOSE-3.11:jenkins-0:2.204.2.1580891656-1.el7.noarch",
"7Server-RH7-RHOSE-3.11:jenkins-0:2.204.2.1580891656-1.el7.src",
"7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1579107288-1.el7.noarch",
"7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1579107288-1.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.170-2.git.5.8802564.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.x86_64",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.x86_64",
"7Server-RH7-RHOSE-3.11:openshift-kuryr-0:3.11.170-1.git.1.7265da1.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-kuryr-cni-0:3.11.170-1.git.1.7265da1.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-kuryr-common-0:3.11.170-1.git.1.7265da1.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-kuryr-controller-0:3.11.170-1.git.1.7265da1.el7.noarch",
"7Server-RH7-RHOSE-3.11:prometheus-0:3.11.170-1.git.1.227bc98.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:prometheus-0:3.11.170-1.git.1.227bc98.el7.x86_64",
"7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.x86_64",
"7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.170-1.git.1.51473b7.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.170-1.git.1.51473b7.el7.x86_64",
"7Server-RH7-RHOSE-3.11:python2-kuryr-kubernetes-0:3.11.170-1.git.1.7265da1.el7.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHBA-2020:0402"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.170-1.git.1.91db82e.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.170-1.git.1.91db82e.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.170-1.git.0.00cac56.el7.noarch",
"7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.170-1.git.1.55fab05.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.170-1.git.1.55fab05.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.170-1.git.0.00cac56.el7.noarch",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.x86_64",
"7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.src",
"7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.x86_64",
"7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.x86_64",
"7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.src",
"7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.x86_64",
"7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.src",
"7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.170-1.git.1.51473b7.el7.src",
"7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.170-1.git.1.227bc98.el7.src",
"7Server-RH7-RHOSE-3.11:jenkins-0:2.204.2.1580891656-1.el7.noarch",
"7Server-RH7-RHOSE-3.11:jenkins-0:2.204.2.1580891656-1.el7.src",
"7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1579107288-1.el7.noarch",
"7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1579107288-1.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.170-2.git.5.8802564.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.x86_64",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.x86_64",
"7Server-RH7-RHOSE-3.11:openshift-kuryr-0:3.11.170-1.git.1.7265da1.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-kuryr-cni-0:3.11.170-1.git.1.7265da1.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-kuryr-common-0:3.11.170-1.git.1.7265da1.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-kuryr-controller-0:3.11.170-1.git.1.7265da1.el7.noarch",
"7Server-RH7-RHOSE-3.11:prometheus-0:3.11.170-1.git.1.227bc98.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:prometheus-0:3.11.170-1.git.1.227bc98.el7.x86_64",
"7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.x86_64",
"7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.170-1.git.1.51473b7.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.170-1.git.1.51473b7.el7.x86_64",
"7Server-RH7-RHOSE-3.11:python2-kuryr-kubernetes-0:3.11.170-1.git.1.7265da1.el7.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "jenkins: Memory usage graphs accessible to anyone with Overall/Read"
},
{
"cve": "CVE-2020-2105",
"cwe": {
"id": "CWE-1021",
"name": "Improper Restriction of Rendered UI Layers or Frames"
},
"discovery_date": "2020-01-29T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1797068"
}
],
"notes": [
{
"category": "description",
"text": "REST API endpoints in Jenkins 2.218 and earlier, LTS 2.204.1 and earlier were vulnerable to clickjacking attacks.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jenkins: REST APIs vulnerable to clickjacking",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.170-1.git.1.91db82e.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.170-1.git.1.91db82e.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.170-1.git.0.00cac56.el7.noarch",
"7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.170-1.git.1.55fab05.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.170-1.git.1.55fab05.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.170-1.git.0.00cac56.el7.noarch",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.x86_64",
"7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.src",
"7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.x86_64",
"7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.x86_64",
"7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.src",
"7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.x86_64",
"7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.src",
"7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.170-1.git.1.51473b7.el7.src",
"7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.170-1.git.1.227bc98.el7.src",
"7Server-RH7-RHOSE-3.11:jenkins-0:2.204.2.1580891656-1.el7.noarch",
"7Server-RH7-RHOSE-3.11:jenkins-0:2.204.2.1580891656-1.el7.src",
"7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1579107288-1.el7.noarch",
"7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1579107288-1.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.170-2.git.5.8802564.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.x86_64",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.x86_64",
"7Server-RH7-RHOSE-3.11:openshift-kuryr-0:3.11.170-1.git.1.7265da1.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-kuryr-cni-0:3.11.170-1.git.1.7265da1.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-kuryr-common-0:3.11.170-1.git.1.7265da1.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-kuryr-controller-0:3.11.170-1.git.1.7265da1.el7.noarch",
"7Server-RH7-RHOSE-3.11:prometheus-0:3.11.170-1.git.1.227bc98.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:prometheus-0:3.11.170-1.git.1.227bc98.el7.x86_64",
"7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.x86_64",
"7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.170-1.git.1.51473b7.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.170-1.git.1.51473b7.el7.x86_64",
"7Server-RH7-RHOSE-3.11:python2-kuryr-kubernetes-0:3.11.170-1.git.1.7265da1.el7.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-2105"
},
{
"category": "external",
"summary": "RHBZ#1797068",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1797068"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-2105",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2105"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-2105",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-2105"
}
],
"release_date": "2020-01-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-02-19T19:55:22+00:00",
"details": "Before applying this update, ensure all previously released errata relevant\nto your system is applied.\n\nSee the following documentation, which will be updated shortly for release\n3.11.170, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/3.11/release_notes/ocp_3_11_release_notes.html\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/articles/11258.",
"product_ids": [
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.170-1.git.1.91db82e.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.170-1.git.1.91db82e.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.170-1.git.0.00cac56.el7.noarch",
"7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.170-1.git.1.55fab05.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.170-1.git.1.55fab05.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.170-1.git.0.00cac56.el7.noarch",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.x86_64",
"7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.src",
"7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.x86_64",
"7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.x86_64",
"7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.src",
"7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.x86_64",
"7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.src",
"7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.170-1.git.1.51473b7.el7.src",
"7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.170-1.git.1.227bc98.el7.src",
"7Server-RH7-RHOSE-3.11:jenkins-0:2.204.2.1580891656-1.el7.noarch",
"7Server-RH7-RHOSE-3.11:jenkins-0:2.204.2.1580891656-1.el7.src",
"7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1579107288-1.el7.noarch",
"7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1579107288-1.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.170-2.git.5.8802564.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.x86_64",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.x86_64",
"7Server-RH7-RHOSE-3.11:openshift-kuryr-0:3.11.170-1.git.1.7265da1.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-kuryr-cni-0:3.11.170-1.git.1.7265da1.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-kuryr-common-0:3.11.170-1.git.1.7265da1.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-kuryr-controller-0:3.11.170-1.git.1.7265da1.el7.noarch",
"7Server-RH7-RHOSE-3.11:prometheus-0:3.11.170-1.git.1.227bc98.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:prometheus-0:3.11.170-1.git.1.227bc98.el7.x86_64",
"7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.x86_64",
"7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.170-1.git.1.51473b7.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.170-1.git.1.51473b7.el7.x86_64",
"7Server-RH7-RHOSE-3.11:python2-kuryr-kubernetes-0:3.11.170-1.git.1.7265da1.el7.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHBA-2020:0402"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.1,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.170-1.git.1.91db82e.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.170-1.git.1.91db82e.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.170-1.git.0.00cac56.el7.noarch",
"7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.170-1.git.1.55fab05.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.170-1.git.1.55fab05.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.170-1.git.0.00cac56.el7.noarch",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.x86_64",
"7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.src",
"7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.x86_64",
"7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.x86_64",
"7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.src",
"7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.x86_64",
"7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.src",
"7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.170-1.git.1.51473b7.el7.src",
"7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.170-1.git.1.227bc98.el7.src",
"7Server-RH7-RHOSE-3.11:jenkins-0:2.204.2.1580891656-1.el7.noarch",
"7Server-RH7-RHOSE-3.11:jenkins-0:2.204.2.1580891656-1.el7.src",
"7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1579107288-1.el7.noarch",
"7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1579107288-1.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.170-2.git.5.8802564.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.x86_64",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.x86_64",
"7Server-RH7-RHOSE-3.11:openshift-kuryr-0:3.11.170-1.git.1.7265da1.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-kuryr-cni-0:3.11.170-1.git.1.7265da1.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-kuryr-common-0:3.11.170-1.git.1.7265da1.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-kuryr-controller-0:3.11.170-1.git.1.7265da1.el7.noarch",
"7Server-RH7-RHOSE-3.11:prometheus-0:3.11.170-1.git.1.227bc98.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:prometheus-0:3.11.170-1.git.1.227bc98.el7.x86_64",
"7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.x86_64",
"7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.170-1.git.1.51473b7.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.170-1.git.1.51473b7.el7.x86_64",
"7Server-RH7-RHOSE-3.11:python2-kuryr-kubernetes-0:3.11.170-1.git.1.7265da1.el7.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "jenkins: REST APIs vulnerable to clickjacking"
}
]
}
RHBA-2020:0675
Vulnerability from csaf_redhat - Published: 2020-03-10 22:10 - Updated: 2026-04-27 21:10Summary
Red Hat Bug Fix Advisory: OpenShift Container Platform 4.3.5 packages update
Severity
Important
Notes
Topic: Red Hat OpenShift Container Platform release 4.3.5 is now available with
updates to packages and images that fix several bugs.
Details: Red Hat OpenShift Container Platform is Red Hat's cloud computing
Kubernetes application platform solution designed for on-premise or private
cloud deployments.
This advisory contains the RPM packages for Red Hat OpenShift Container
Platform 4.3.5. See the following advisory for the container images for
this release:
https://access.redhat.com/errata/RHBA-2020:0676
All OpenShift Container Platform 4.3 users are advised to upgrade to these
updated packages and images.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in Jenkins. Encryption key parameters are improperly reused in the Inbound TCP Agent Protocol/3 allowing unauthorized attackers with knowledge of agent names to obtain the connection secrets for those agents. The highest threat from this vulnerability is to data confidentiality.
8.6 (High)
Affected products
Fixed
2 products
Known not affected
60 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-1:4.3.5-202003020117.git.0.4eb885c.el7.src | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-1:4.3.5-202003020117.git.0.4eb885c.el7.x86_64 | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-svcat-1:4.3.5-202003020117.git.0.4eb885c.el7.x86_64 | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:atomic-openshift-service-idler-0:4.3.5-202003020117.git.13.3ac2b0e.el7.src | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:atomic-openshift-service-idler-0:4.3.5-202003020117.git.13.3ac2b0e.el7.x86_64 | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:cri-tools-0:1.17.0-1.el7.src | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:cri-tools-0:1.17.0-1.el7.x86_64 | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:cri-tools-debuginfo-0:1.17.0-1.el7.x86_64 | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:jenkins-2-plugins-0:4.3.1583445947-1.el7.noarch | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:jenkins-2-plugins-0:4.3.1583445947-1.el7.src | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:openshift-0:4.3.5-202002280657.git.0.b3bfb5a.el7.src | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:openshift-ansible-0:4.3.5-202002280657.git.1.e4f02b3.el7.noarch | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:openshift-ansible-0:4.3.5-202002280657.git.1.e4f02b3.el7.src | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:openshift-ansible-test-0:4.3.5-202002280657.git.1.e4f02b3.el7.noarch | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el7.src | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el7.x86_64 | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:openshift-clients-redistributable-0:4.3.5-202002280657.git.1.55a9334.el7.x86_64 | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:openshift-hyperkube-0:4.3.5-202002280657.git.0.b3bfb5a.el7.x86_64 | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:ovn2.12-0:2.12.0-32.el7fdn.src | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:ovn2.12-0:2.12.0-32.el7fdn.x86_64 | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:ovn2.12-central-0:2.12.0-32.el7fdn.x86_64 | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:ovn2.12-debuginfo-0:2.12.0-32.el7fdn.x86_64 | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:ovn2.12-host-0:2.12.0-32.el7fdn.x86_64 | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:ovn2.12-vtep-0:2.12.0-32.el7fdn.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:buildah-0:1.11.6-4.el8.src | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:buildah-0:1.11.6-4.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:buildah-debuginfo-0:1.11.6-4.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:buildah-debugsource-0:1.11.6-4.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:buildah-tests-0:1.11.6-4.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:buildah-tests-debuginfo-0:1.11.6-4.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:containers-common-1:0.1.40-4.rhaos.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:cri-o-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.src | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:cri-o-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:cri-o-debuginfo-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:cri-o-debugsource-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:cri-tools-0:1.17.0-2.el8.src | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:cri-tools-0:1.17.0-2.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:cri-tools-debuginfo-0:1.17.0-2.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:cri-tools-debugsource-0:1.17.0-2.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:machine-config-daemon-0:4.3.5-202003020117.git.0.61e0e48.el8.src | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:machine-config-daemon-0:4.3.5-202003020117.git.0.61e0e48.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:openshift-0:4.3.5-202002280657.git.0.b3bfb5a.el8.src | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el8.src | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:openshift-clients-redistributable-0:4.3.5-202002280657.git.1.55a9334.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:openshift-hyperkube-0:4.3.5-202002280657.git.0.b3bfb5a.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:openshift-kuryr-0:4.3.5-202003020117.git.0.237579a.el8.src | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:openshift-kuryr-cni-0:4.3.5-202003020117.git.0.237579a.el8.noarch | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:openshift-kuryr-common-0:4.3.5-202003020117.git.0.237579a.el8.noarch | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:openshift-kuryr-controller-0:4.3.5-202003020117.git.0.237579a.el8.noarch | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:python3-kuryr-kubernetes-0:4.3.5-202003020117.git.0.237579a.el8.noarch | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:runc-0:1.0.0-65.rc10.rhaos4.3.el8.src | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:runc-0:1.0.0-65.rc10.rhaos4.3.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:runc-debuginfo-0:1.0.0-65.rc10.rhaos4.3.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:runc-debugsource-0:1.0.0-65.rc10.rhaos4.3.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:skopeo-1:0.1.40-4.rhaos.el8.src | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:skopeo-1:0.1.40-4.rhaos.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:skopeo-debuginfo-1:0.1.40-4.rhaos.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:skopeo-debugsource-1:0.1.40-4.rhaos.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:skopeo-tests-1:0.1.40-4.rhaos.el8.x86_64 | — |
Threats
Impact
Important
Jenkins 2.218 and earlier, LTS 2.204.1 and earlier was vulnerable to a UDP amplification reflection denial of service attack on port 33848.
5.8 (Medium)
Affected products
Fixed
2 products
Known not affected
60 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-1:4.3.5-202003020117.git.0.4eb885c.el7.src | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-1:4.3.5-202003020117.git.0.4eb885c.el7.x86_64 | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-svcat-1:4.3.5-202003020117.git.0.4eb885c.el7.x86_64 | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:atomic-openshift-service-idler-0:4.3.5-202003020117.git.13.3ac2b0e.el7.src | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:atomic-openshift-service-idler-0:4.3.5-202003020117.git.13.3ac2b0e.el7.x86_64 | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:cri-tools-0:1.17.0-1.el7.src | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:cri-tools-0:1.17.0-1.el7.x86_64 | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:cri-tools-debuginfo-0:1.17.0-1.el7.x86_64 | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:jenkins-2-plugins-0:4.3.1583445947-1.el7.noarch | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:jenkins-2-plugins-0:4.3.1583445947-1.el7.src | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:openshift-0:4.3.5-202002280657.git.0.b3bfb5a.el7.src | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:openshift-ansible-0:4.3.5-202002280657.git.1.e4f02b3.el7.noarch | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:openshift-ansible-0:4.3.5-202002280657.git.1.e4f02b3.el7.src | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:openshift-ansible-test-0:4.3.5-202002280657.git.1.e4f02b3.el7.noarch | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el7.src | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el7.x86_64 | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:openshift-clients-redistributable-0:4.3.5-202002280657.git.1.55a9334.el7.x86_64 | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:openshift-hyperkube-0:4.3.5-202002280657.git.0.b3bfb5a.el7.x86_64 | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:ovn2.12-0:2.12.0-32.el7fdn.src | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:ovn2.12-0:2.12.0-32.el7fdn.x86_64 | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:ovn2.12-central-0:2.12.0-32.el7fdn.x86_64 | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:ovn2.12-debuginfo-0:2.12.0-32.el7fdn.x86_64 | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:ovn2.12-host-0:2.12.0-32.el7fdn.x86_64 | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:ovn2.12-vtep-0:2.12.0-32.el7fdn.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:buildah-0:1.11.6-4.el8.src | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:buildah-0:1.11.6-4.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:buildah-debuginfo-0:1.11.6-4.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:buildah-debugsource-0:1.11.6-4.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:buildah-tests-0:1.11.6-4.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:buildah-tests-debuginfo-0:1.11.6-4.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:containers-common-1:0.1.40-4.rhaos.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:cri-o-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.src | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:cri-o-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:cri-o-debuginfo-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:cri-o-debugsource-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:cri-tools-0:1.17.0-2.el8.src | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:cri-tools-0:1.17.0-2.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:cri-tools-debuginfo-0:1.17.0-2.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:cri-tools-debugsource-0:1.17.0-2.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:machine-config-daemon-0:4.3.5-202003020117.git.0.61e0e48.el8.src | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:machine-config-daemon-0:4.3.5-202003020117.git.0.61e0e48.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:openshift-0:4.3.5-202002280657.git.0.b3bfb5a.el8.src | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el8.src | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:openshift-clients-redistributable-0:4.3.5-202002280657.git.1.55a9334.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:openshift-hyperkube-0:4.3.5-202002280657.git.0.b3bfb5a.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:openshift-kuryr-0:4.3.5-202003020117.git.0.237579a.el8.src | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:openshift-kuryr-cni-0:4.3.5-202003020117.git.0.237579a.el8.noarch | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:openshift-kuryr-common-0:4.3.5-202003020117.git.0.237579a.el8.noarch | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:openshift-kuryr-controller-0:4.3.5-202003020117.git.0.237579a.el8.noarch | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:python3-kuryr-kubernetes-0:4.3.5-202003020117.git.0.237579a.el8.noarch | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:runc-0:1.0.0-65.rc10.rhaos4.3.el8.src | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:runc-0:1.0.0-65.rc10.rhaos4.3.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:runc-debuginfo-0:1.0.0-65.rc10.rhaos4.3.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:runc-debugsource-0:1.0.0-65.rc10.rhaos4.3.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:skopeo-1:0.1.40-4.rhaos.el8.src | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:skopeo-1:0.1.40-4.rhaos.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:skopeo-debuginfo-1:0.1.40-4.rhaos.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:skopeo-debugsource-1:0.1.40-4.rhaos.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:skopeo-tests-1:0.1.40-4.rhaos.el8.x86_64 | — |
Threats
Impact
Moderate
Jenkins 2.218 and earlier, LTS 2.204.1 and earlier did not use a constant-time comparison function for validating connection secrets, which could potentially allow an attacker to use a timing attack to obtain this secret.
5.3 (Medium)
Affected products
Fixed
2 products
Known not affected
60 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-1:4.3.5-202003020117.git.0.4eb885c.el7.src | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-1:4.3.5-202003020117.git.0.4eb885c.el7.x86_64 | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-svcat-1:4.3.5-202003020117.git.0.4eb885c.el7.x86_64 | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:atomic-openshift-service-idler-0:4.3.5-202003020117.git.13.3ac2b0e.el7.src | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:atomic-openshift-service-idler-0:4.3.5-202003020117.git.13.3ac2b0e.el7.x86_64 | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:cri-tools-0:1.17.0-1.el7.src | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:cri-tools-0:1.17.0-1.el7.x86_64 | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:cri-tools-debuginfo-0:1.17.0-1.el7.x86_64 | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:jenkins-2-plugins-0:4.3.1583445947-1.el7.noarch | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:jenkins-2-plugins-0:4.3.1583445947-1.el7.src | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:openshift-0:4.3.5-202002280657.git.0.b3bfb5a.el7.src | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:openshift-ansible-0:4.3.5-202002280657.git.1.e4f02b3.el7.noarch | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:openshift-ansible-0:4.3.5-202002280657.git.1.e4f02b3.el7.src | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:openshift-ansible-test-0:4.3.5-202002280657.git.1.e4f02b3.el7.noarch | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el7.src | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el7.x86_64 | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:openshift-clients-redistributable-0:4.3.5-202002280657.git.1.55a9334.el7.x86_64 | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:openshift-hyperkube-0:4.3.5-202002280657.git.0.b3bfb5a.el7.x86_64 | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:ovn2.12-0:2.12.0-32.el7fdn.src | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:ovn2.12-0:2.12.0-32.el7fdn.x86_64 | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:ovn2.12-central-0:2.12.0-32.el7fdn.x86_64 | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:ovn2.12-debuginfo-0:2.12.0-32.el7fdn.x86_64 | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:ovn2.12-host-0:2.12.0-32.el7fdn.x86_64 | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:ovn2.12-vtep-0:2.12.0-32.el7fdn.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:buildah-0:1.11.6-4.el8.src | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:buildah-0:1.11.6-4.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:buildah-debuginfo-0:1.11.6-4.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:buildah-debugsource-0:1.11.6-4.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:buildah-tests-0:1.11.6-4.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:buildah-tests-debuginfo-0:1.11.6-4.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:containers-common-1:0.1.40-4.rhaos.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:cri-o-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.src | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:cri-o-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:cri-o-debuginfo-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:cri-o-debugsource-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:cri-tools-0:1.17.0-2.el8.src | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:cri-tools-0:1.17.0-2.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:cri-tools-debuginfo-0:1.17.0-2.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:cri-tools-debugsource-0:1.17.0-2.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:machine-config-daemon-0:4.3.5-202003020117.git.0.61e0e48.el8.src | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:machine-config-daemon-0:4.3.5-202003020117.git.0.61e0e48.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:openshift-0:4.3.5-202002280657.git.0.b3bfb5a.el8.src | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el8.src | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:openshift-clients-redistributable-0:4.3.5-202002280657.git.1.55a9334.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:openshift-hyperkube-0:4.3.5-202002280657.git.0.b3bfb5a.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:openshift-kuryr-0:4.3.5-202003020117.git.0.237579a.el8.src | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:openshift-kuryr-cni-0:4.3.5-202003020117.git.0.237579a.el8.noarch | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:openshift-kuryr-common-0:4.3.5-202003020117.git.0.237579a.el8.noarch | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:openshift-kuryr-controller-0:4.3.5-202003020117.git.0.237579a.el8.noarch | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:python3-kuryr-kubernetes-0:4.3.5-202003020117.git.0.237579a.el8.noarch | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:runc-0:1.0.0-65.rc10.rhaos4.3.el8.src | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:runc-0:1.0.0-65.rc10.rhaos4.3.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:runc-debuginfo-0:1.0.0-65.rc10.rhaos4.3.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:runc-debugsource-0:1.0.0-65.rc10.rhaos4.3.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:skopeo-1:0.1.40-4.rhaos.el8.src | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:skopeo-1:0.1.40-4.rhaos.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:skopeo-debuginfo-1:0.1.40-4.rhaos.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:skopeo-debugsource-1:0.1.40-4.rhaos.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:skopeo-tests-1:0.1.40-4.rhaos.el8.x86_64 | — |
Threats
Impact
Moderate
Jenkins 2.218 and earlier, LTS 2.204.1 and earlier used a non-constant time comparison function when validating an HMAC.
5.3 (Medium)
Affected products
Fixed
2 products
Known not affected
60 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-1:4.3.5-202003020117.git.0.4eb885c.el7.src | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-1:4.3.5-202003020117.git.0.4eb885c.el7.x86_64 | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-svcat-1:4.3.5-202003020117.git.0.4eb885c.el7.x86_64 | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:atomic-openshift-service-idler-0:4.3.5-202003020117.git.13.3ac2b0e.el7.src | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:atomic-openshift-service-idler-0:4.3.5-202003020117.git.13.3ac2b0e.el7.x86_64 | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:cri-tools-0:1.17.0-1.el7.src | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:cri-tools-0:1.17.0-1.el7.x86_64 | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:cri-tools-debuginfo-0:1.17.0-1.el7.x86_64 | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:jenkins-2-plugins-0:4.3.1583445947-1.el7.noarch | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:jenkins-2-plugins-0:4.3.1583445947-1.el7.src | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:openshift-0:4.3.5-202002280657.git.0.b3bfb5a.el7.src | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:openshift-ansible-0:4.3.5-202002280657.git.1.e4f02b3.el7.noarch | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:openshift-ansible-0:4.3.5-202002280657.git.1.e4f02b3.el7.src | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:openshift-ansible-test-0:4.3.5-202002280657.git.1.e4f02b3.el7.noarch | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el7.src | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el7.x86_64 | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:openshift-clients-redistributable-0:4.3.5-202002280657.git.1.55a9334.el7.x86_64 | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:openshift-hyperkube-0:4.3.5-202002280657.git.0.b3bfb5a.el7.x86_64 | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:ovn2.12-0:2.12.0-32.el7fdn.src | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:ovn2.12-0:2.12.0-32.el7fdn.x86_64 | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:ovn2.12-central-0:2.12.0-32.el7fdn.x86_64 | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:ovn2.12-debuginfo-0:2.12.0-32.el7fdn.x86_64 | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:ovn2.12-host-0:2.12.0-32.el7fdn.x86_64 | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:ovn2.12-vtep-0:2.12.0-32.el7fdn.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:buildah-0:1.11.6-4.el8.src | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:buildah-0:1.11.6-4.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:buildah-debuginfo-0:1.11.6-4.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:buildah-debugsource-0:1.11.6-4.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:buildah-tests-0:1.11.6-4.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:buildah-tests-debuginfo-0:1.11.6-4.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:containers-common-1:0.1.40-4.rhaos.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:cri-o-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.src | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:cri-o-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:cri-o-debuginfo-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:cri-o-debugsource-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:cri-tools-0:1.17.0-2.el8.src | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:cri-tools-0:1.17.0-2.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:cri-tools-debuginfo-0:1.17.0-2.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:cri-tools-debugsource-0:1.17.0-2.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:machine-config-daemon-0:4.3.5-202003020117.git.0.61e0e48.el8.src | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:machine-config-daemon-0:4.3.5-202003020117.git.0.61e0e48.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:openshift-0:4.3.5-202002280657.git.0.b3bfb5a.el8.src | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el8.src | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:openshift-clients-redistributable-0:4.3.5-202002280657.git.1.55a9334.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:openshift-hyperkube-0:4.3.5-202002280657.git.0.b3bfb5a.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:openshift-kuryr-0:4.3.5-202003020117.git.0.237579a.el8.src | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:openshift-kuryr-cni-0:4.3.5-202003020117.git.0.237579a.el8.noarch | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:openshift-kuryr-common-0:4.3.5-202003020117.git.0.237579a.el8.noarch | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:openshift-kuryr-controller-0:4.3.5-202003020117.git.0.237579a.el8.noarch | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:python3-kuryr-kubernetes-0:4.3.5-202003020117.git.0.237579a.el8.noarch | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:runc-0:1.0.0-65.rc10.rhaos4.3.el8.src | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:runc-0:1.0.0-65.rc10.rhaos4.3.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:runc-debuginfo-0:1.0.0-65.rc10.rhaos4.3.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:runc-debugsource-0:1.0.0-65.rc10.rhaos4.3.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:skopeo-1:0.1.40-4.rhaos.el8.src | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:skopeo-1:0.1.40-4.rhaos.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:skopeo-debuginfo-1:0.1.40-4.rhaos.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:skopeo-debugsource-1:0.1.40-4.rhaos.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:skopeo-tests-1:0.1.40-4.rhaos.el8.x86_64 | — |
Threats
Impact
Moderate
Jenkins 2.218 and earlier, LTS 2.204.1 and earlier exposed session identifiers on a user's detail object in the whoAmI diagnostic page.
4.4 (Medium)
Affected products
Fixed
2 products
Known not affected
60 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-1:4.3.5-202003020117.git.0.4eb885c.el7.src | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-1:4.3.5-202003020117.git.0.4eb885c.el7.x86_64 | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-svcat-1:4.3.5-202003020117.git.0.4eb885c.el7.x86_64 | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:atomic-openshift-service-idler-0:4.3.5-202003020117.git.13.3ac2b0e.el7.src | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:atomic-openshift-service-idler-0:4.3.5-202003020117.git.13.3ac2b0e.el7.x86_64 | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:cri-tools-0:1.17.0-1.el7.src | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:cri-tools-0:1.17.0-1.el7.x86_64 | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:cri-tools-debuginfo-0:1.17.0-1.el7.x86_64 | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:jenkins-2-plugins-0:4.3.1583445947-1.el7.noarch | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:jenkins-2-plugins-0:4.3.1583445947-1.el7.src | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:openshift-0:4.3.5-202002280657.git.0.b3bfb5a.el7.src | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:openshift-ansible-0:4.3.5-202002280657.git.1.e4f02b3.el7.noarch | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:openshift-ansible-0:4.3.5-202002280657.git.1.e4f02b3.el7.src | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:openshift-ansible-test-0:4.3.5-202002280657.git.1.e4f02b3.el7.noarch | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el7.src | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el7.x86_64 | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:openshift-clients-redistributable-0:4.3.5-202002280657.git.1.55a9334.el7.x86_64 | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:openshift-hyperkube-0:4.3.5-202002280657.git.0.b3bfb5a.el7.x86_64 | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:ovn2.12-0:2.12.0-32.el7fdn.src | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:ovn2.12-0:2.12.0-32.el7fdn.x86_64 | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:ovn2.12-central-0:2.12.0-32.el7fdn.x86_64 | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:ovn2.12-debuginfo-0:2.12.0-32.el7fdn.x86_64 | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:ovn2.12-host-0:2.12.0-32.el7fdn.x86_64 | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:ovn2.12-vtep-0:2.12.0-32.el7fdn.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:buildah-0:1.11.6-4.el8.src | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:buildah-0:1.11.6-4.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:buildah-debuginfo-0:1.11.6-4.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:buildah-debugsource-0:1.11.6-4.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:buildah-tests-0:1.11.6-4.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:buildah-tests-debuginfo-0:1.11.6-4.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:containers-common-1:0.1.40-4.rhaos.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:cri-o-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.src | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:cri-o-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:cri-o-debuginfo-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:cri-o-debugsource-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:cri-tools-0:1.17.0-2.el8.src | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:cri-tools-0:1.17.0-2.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:cri-tools-debuginfo-0:1.17.0-2.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:cri-tools-debugsource-0:1.17.0-2.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:machine-config-daemon-0:4.3.5-202003020117.git.0.61e0e48.el8.src | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:machine-config-daemon-0:4.3.5-202003020117.git.0.61e0e48.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:openshift-0:4.3.5-202002280657.git.0.b3bfb5a.el8.src | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el8.src | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:openshift-clients-redistributable-0:4.3.5-202002280657.git.1.55a9334.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:openshift-hyperkube-0:4.3.5-202002280657.git.0.b3bfb5a.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:openshift-kuryr-0:4.3.5-202003020117.git.0.237579a.el8.src | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:openshift-kuryr-cni-0:4.3.5-202003020117.git.0.237579a.el8.noarch | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:openshift-kuryr-common-0:4.3.5-202003020117.git.0.237579a.el8.noarch | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:openshift-kuryr-controller-0:4.3.5-202003020117.git.0.237579a.el8.noarch | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:python3-kuryr-kubernetes-0:4.3.5-202003020117.git.0.237579a.el8.noarch | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:runc-0:1.0.0-65.rc10.rhaos4.3.el8.src | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:runc-0:1.0.0-65.rc10.rhaos4.3.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:runc-debuginfo-0:1.0.0-65.rc10.rhaos4.3.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:runc-debugsource-0:1.0.0-65.rc10.rhaos4.3.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:skopeo-1:0.1.40-4.rhaos.el8.src | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:skopeo-1:0.1.40-4.rhaos.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:skopeo-debuginfo-1:0.1.40-4.rhaos.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:skopeo-debugsource-1:0.1.40-4.rhaos.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:skopeo-tests-1:0.1.40-4.rhaos.el8.x86_64 | — |
Threats
Impact
Moderate
Jenkins 2.218 and earlier, LTS 2.204.1 and earlier allowed users with Overall/Read access to view a JVM memory usage chart.
4.3 (Medium)
Affected products
Fixed
2 products
Known not affected
60 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-1:4.3.5-202003020117.git.0.4eb885c.el7.src | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-1:4.3.5-202003020117.git.0.4eb885c.el7.x86_64 | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-svcat-1:4.3.5-202003020117.git.0.4eb885c.el7.x86_64 | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:atomic-openshift-service-idler-0:4.3.5-202003020117.git.13.3ac2b0e.el7.src | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:atomic-openshift-service-idler-0:4.3.5-202003020117.git.13.3ac2b0e.el7.x86_64 | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:cri-tools-0:1.17.0-1.el7.src | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:cri-tools-0:1.17.0-1.el7.x86_64 | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:cri-tools-debuginfo-0:1.17.0-1.el7.x86_64 | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:jenkins-2-plugins-0:4.3.1583445947-1.el7.noarch | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:jenkins-2-plugins-0:4.3.1583445947-1.el7.src | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:openshift-0:4.3.5-202002280657.git.0.b3bfb5a.el7.src | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:openshift-ansible-0:4.3.5-202002280657.git.1.e4f02b3.el7.noarch | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:openshift-ansible-0:4.3.5-202002280657.git.1.e4f02b3.el7.src | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:openshift-ansible-test-0:4.3.5-202002280657.git.1.e4f02b3.el7.noarch | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el7.src | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el7.x86_64 | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:openshift-clients-redistributable-0:4.3.5-202002280657.git.1.55a9334.el7.x86_64 | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:openshift-hyperkube-0:4.3.5-202002280657.git.0.b3bfb5a.el7.x86_64 | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:ovn2.12-0:2.12.0-32.el7fdn.src | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:ovn2.12-0:2.12.0-32.el7fdn.x86_64 | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:ovn2.12-central-0:2.12.0-32.el7fdn.x86_64 | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:ovn2.12-debuginfo-0:2.12.0-32.el7fdn.x86_64 | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:ovn2.12-host-0:2.12.0-32.el7fdn.x86_64 | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:ovn2.12-vtep-0:2.12.0-32.el7fdn.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:buildah-0:1.11.6-4.el8.src | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:buildah-0:1.11.6-4.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:buildah-debuginfo-0:1.11.6-4.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:buildah-debugsource-0:1.11.6-4.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:buildah-tests-0:1.11.6-4.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:buildah-tests-debuginfo-0:1.11.6-4.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:containers-common-1:0.1.40-4.rhaos.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:cri-o-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.src | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:cri-o-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:cri-o-debuginfo-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:cri-o-debugsource-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:cri-tools-0:1.17.0-2.el8.src | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:cri-tools-0:1.17.0-2.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:cri-tools-debuginfo-0:1.17.0-2.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:cri-tools-debugsource-0:1.17.0-2.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:machine-config-daemon-0:4.3.5-202003020117.git.0.61e0e48.el8.src | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:machine-config-daemon-0:4.3.5-202003020117.git.0.61e0e48.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:openshift-0:4.3.5-202002280657.git.0.b3bfb5a.el8.src | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el8.src | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:openshift-clients-redistributable-0:4.3.5-202002280657.git.1.55a9334.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:openshift-hyperkube-0:4.3.5-202002280657.git.0.b3bfb5a.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:openshift-kuryr-0:4.3.5-202003020117.git.0.237579a.el8.src | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:openshift-kuryr-cni-0:4.3.5-202003020117.git.0.237579a.el8.noarch | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:openshift-kuryr-common-0:4.3.5-202003020117.git.0.237579a.el8.noarch | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:openshift-kuryr-controller-0:4.3.5-202003020117.git.0.237579a.el8.noarch | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:python3-kuryr-kubernetes-0:4.3.5-202003020117.git.0.237579a.el8.noarch | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:runc-0:1.0.0-65.rc10.rhaos4.3.el8.src | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:runc-0:1.0.0-65.rc10.rhaos4.3.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:runc-debuginfo-0:1.0.0-65.rc10.rhaos4.3.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:runc-debugsource-0:1.0.0-65.rc10.rhaos4.3.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:skopeo-1:0.1.40-4.rhaos.el8.src | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:skopeo-1:0.1.40-4.rhaos.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:skopeo-debuginfo-1:0.1.40-4.rhaos.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:skopeo-debugsource-1:0.1.40-4.rhaos.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:skopeo-tests-1:0.1.40-4.rhaos.el8.x86_64 | — |
Threats
Impact
Low
REST API endpoints in Jenkins 2.218 and earlier, LTS 2.204.1 and earlier were vulnerable to clickjacking attacks.
CWE-1021 - Improper Restriction of Rendered UI Layers or FramesAffected products
Fixed
2 products
Known not affected
60 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-1:4.3.5-202003020117.git.0.4eb885c.el7.src | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-1:4.3.5-202003020117.git.0.4eb885c.el7.x86_64 | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-svcat-1:4.3.5-202003020117.git.0.4eb885c.el7.x86_64 | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:atomic-openshift-service-idler-0:4.3.5-202003020117.git.13.3ac2b0e.el7.src | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:atomic-openshift-service-idler-0:4.3.5-202003020117.git.13.3ac2b0e.el7.x86_64 | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:cri-tools-0:1.17.0-1.el7.src | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:cri-tools-0:1.17.0-1.el7.x86_64 | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:cri-tools-debuginfo-0:1.17.0-1.el7.x86_64 | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:jenkins-2-plugins-0:4.3.1583445947-1.el7.noarch | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:jenkins-2-plugins-0:4.3.1583445947-1.el7.src | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:openshift-0:4.3.5-202002280657.git.0.b3bfb5a.el7.src | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:openshift-ansible-0:4.3.5-202002280657.git.1.e4f02b3.el7.noarch | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:openshift-ansible-0:4.3.5-202002280657.git.1.e4f02b3.el7.src | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:openshift-ansible-test-0:4.3.5-202002280657.git.1.e4f02b3.el7.noarch | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el7.src | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el7.x86_64 | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:openshift-clients-redistributable-0:4.3.5-202002280657.git.1.55a9334.el7.x86_64 | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:openshift-hyperkube-0:4.3.5-202002280657.git.0.b3bfb5a.el7.x86_64 | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:ovn2.12-0:2.12.0-32.el7fdn.src | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:ovn2.12-0:2.12.0-32.el7fdn.x86_64 | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:ovn2.12-central-0:2.12.0-32.el7fdn.x86_64 | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:ovn2.12-debuginfo-0:2.12.0-32.el7fdn.x86_64 | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:ovn2.12-host-0:2.12.0-32.el7fdn.x86_64 | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:ovn2.12-vtep-0:2.12.0-32.el7fdn.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:buildah-0:1.11.6-4.el8.src | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:buildah-0:1.11.6-4.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:buildah-debuginfo-0:1.11.6-4.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:buildah-debugsource-0:1.11.6-4.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:buildah-tests-0:1.11.6-4.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:buildah-tests-debuginfo-0:1.11.6-4.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:containers-common-1:0.1.40-4.rhaos.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:cri-o-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.src | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:cri-o-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:cri-o-debuginfo-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:cri-o-debugsource-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:cri-tools-0:1.17.0-2.el8.src | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:cri-tools-0:1.17.0-2.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:cri-tools-debuginfo-0:1.17.0-2.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:cri-tools-debugsource-0:1.17.0-2.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:machine-config-daemon-0:4.3.5-202003020117.git.0.61e0e48.el8.src | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:machine-config-daemon-0:4.3.5-202003020117.git.0.61e0e48.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:openshift-0:4.3.5-202002280657.git.0.b3bfb5a.el8.src | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el8.src | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:openshift-clients-redistributable-0:4.3.5-202002280657.git.1.55a9334.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:openshift-hyperkube-0:4.3.5-202002280657.git.0.b3bfb5a.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:openshift-kuryr-0:4.3.5-202003020117.git.0.237579a.el8.src | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:openshift-kuryr-cni-0:4.3.5-202003020117.git.0.237579a.el8.noarch | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:openshift-kuryr-common-0:4.3.5-202003020117.git.0.237579a.el8.noarch | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:openshift-kuryr-controller-0:4.3.5-202003020117.git.0.237579a.el8.noarch | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:python3-kuryr-kubernetes-0:4.3.5-202003020117.git.0.237579a.el8.noarch | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:runc-0:1.0.0-65.rc10.rhaos4.3.el8.src | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:runc-0:1.0.0-65.rc10.rhaos4.3.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:runc-debuginfo-0:1.0.0-65.rc10.rhaos4.3.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:runc-debugsource-0:1.0.0-65.rc10.rhaos4.3.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:skopeo-1:0.1.40-4.rhaos.el8.src | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:skopeo-1:0.1.40-4.rhaos.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:skopeo-debuginfo-1:0.1.40-4.rhaos.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:skopeo-debugsource-1:0.1.40-4.rhaos.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:skopeo-tests-1:0.1.40-4.rhaos.el8.x86_64 | — |
Threats
Impact
Low
References
31 references
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Red Hat OpenShift Container Platform release 4.3.5 is now available with\nupdates to packages and images that fix several bugs.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat OpenShift Container Platform is Red Hat\u0027s cloud computing\nKubernetes application platform solution designed for on-premise or private\ncloud deployments.\n\nThis advisory contains the RPM packages for Red Hat OpenShift Container\nPlatform 4.3.5. See the following advisory for the container images for\nthis release:\n\nhttps://access.redhat.com/errata/RHBA-2020:0676\n\nAll OpenShift Container Platform 4.3 users are advised to upgrade to these\nupdated packages and images.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHBA-2020:0675",
"url": "https://access.redhat.com/errata/RHBA-2020:0675"
},
{
"category": "external",
"summary": "1804814",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1804814"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2020/rhba-2020_0675.json"
}
],
"title": "Red Hat Bug Fix Advisory: OpenShift Container Platform 4.3.5 packages update",
"tracking": {
"current_release_date": "2026-04-27T21:10:02+00:00",
"generator": {
"date": "2026-04-27T21:10:02+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.7.5"
}
},
"id": "RHBA-2020:0675",
"initial_release_date": "2020-03-10T22:10:58+00:00",
"revision_history": [
{
"date": "2020-03-10T22:10:58+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2020-03-10T22:10:58+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-04-27T21:10:02+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat OpenShift Container Platform 4.3",
"product": {
"name": "Red Hat OpenShift Container Platform 4.3",
"product_id": "7Server-RH7-RHOSE-4.3",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift:4.3::el7"
}
}
},
{
"category": "product_name",
"name": "Red Hat OpenShift Container Platform 4.3",
"product": {
"name": "Red Hat OpenShift Container Platform 4.3",
"product_id": "8Base-RHOSE-4.3",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift:4.3::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenShift Enterprise"
},
{
"branches": [
{
"category": "product_version",
"name": "cri-tools-0:1.17.0-1.el7.x86_64",
"product": {
"name": "cri-tools-0:1.17.0-1.el7.x86_64",
"product_id": "cri-tools-0:1.17.0-1.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cri-tools@1.17.0-1.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "cri-tools-debuginfo-0:1.17.0-1.el7.x86_64",
"product": {
"name": "cri-tools-debuginfo-0:1.17.0-1.el7.x86_64",
"product_id": "cri-tools-debuginfo-0:1.17.0-1.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cri-tools-debuginfo@1.17.0-1.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "openshift-hyperkube-0:4.3.5-202002280657.git.0.b3bfb5a.el7.x86_64",
"product": {
"name": "openshift-hyperkube-0:4.3.5-202002280657.git.0.b3bfb5a.el7.x86_64",
"product_id": "openshift-hyperkube-0:4.3.5-202002280657.git.0.b3bfb5a.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-hyperkube@4.3.5-202002280657.git.0.b3bfb5a.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el7.x86_64",
"product": {
"name": "openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el7.x86_64",
"product_id": "openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-clients@4.3.5-202002280657.git.1.55a9334.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "openshift-clients-redistributable-0:4.3.5-202002280657.git.1.55a9334.el7.x86_64",
"product": {
"name": "openshift-clients-redistributable-0:4.3.5-202002280657.git.1.55a9334.el7.x86_64",
"product_id": "openshift-clients-redistributable-0:4.3.5-202002280657.git.1.55a9334.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-clients-redistributable@4.3.5-202002280657.git.1.55a9334.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "atomic-openshift-service-idler-0:4.3.5-202003020117.git.13.3ac2b0e.el7.x86_64",
"product": {
"name": "atomic-openshift-service-idler-0:4.3.5-202003020117.git.13.3ac2b0e.el7.x86_64",
"product_id": "atomic-openshift-service-idler-0:4.3.5-202003020117.git.13.3ac2b0e.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/atomic-openshift-service-idler@4.3.5-202003020117.git.13.3ac2b0e.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "atomic-enterprise-service-catalog-1:4.3.5-202003020117.git.0.4eb885c.el7.x86_64",
"product": {
"name": "atomic-enterprise-service-catalog-1:4.3.5-202003020117.git.0.4eb885c.el7.x86_64",
"product_id": "atomic-enterprise-service-catalog-1:4.3.5-202003020117.git.0.4eb885c.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/atomic-enterprise-service-catalog@4.3.5-202003020117.git.0.4eb885c.el7?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "atomic-enterprise-service-catalog-svcat-1:4.3.5-202003020117.git.0.4eb885c.el7.x86_64",
"product": {
"name": "atomic-enterprise-service-catalog-svcat-1:4.3.5-202003020117.git.0.4eb885c.el7.x86_64",
"product_id": "atomic-enterprise-service-catalog-svcat-1:4.3.5-202003020117.git.0.4eb885c.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/atomic-enterprise-service-catalog-svcat@4.3.5-202003020117.git.0.4eb885c.el7?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "ovn2.12-0:2.12.0-32.el7fdn.x86_64",
"product": {
"name": "ovn2.12-0:2.12.0-32.el7fdn.x86_64",
"product_id": "ovn2.12-0:2.12.0-32.el7fdn.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ovn2.12@2.12.0-32.el7fdn?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "ovn2.12-central-0:2.12.0-32.el7fdn.x86_64",
"product": {
"name": "ovn2.12-central-0:2.12.0-32.el7fdn.x86_64",
"product_id": "ovn2.12-central-0:2.12.0-32.el7fdn.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ovn2.12-central@2.12.0-32.el7fdn?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "ovn2.12-host-0:2.12.0-32.el7fdn.x86_64",
"product": {
"name": "ovn2.12-host-0:2.12.0-32.el7fdn.x86_64",
"product_id": "ovn2.12-host-0:2.12.0-32.el7fdn.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ovn2.12-host@2.12.0-32.el7fdn?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "ovn2.12-vtep-0:2.12.0-32.el7fdn.x86_64",
"product": {
"name": "ovn2.12-vtep-0:2.12.0-32.el7fdn.x86_64",
"product_id": "ovn2.12-vtep-0:2.12.0-32.el7fdn.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ovn2.12-vtep@2.12.0-32.el7fdn?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "ovn2.12-debuginfo-0:2.12.0-32.el7fdn.x86_64",
"product": {
"name": "ovn2.12-debuginfo-0:2.12.0-32.el7fdn.x86_64",
"product_id": "ovn2.12-debuginfo-0:2.12.0-32.el7fdn.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ovn2.12-debuginfo@2.12.0-32.el7fdn?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "runc-0:1.0.0-65.rc10.rhaos4.3.el8.x86_64",
"product": {
"name": "runc-0:1.0.0-65.rc10.rhaos4.3.el8.x86_64",
"product_id": "runc-0:1.0.0-65.rc10.rhaos4.3.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/runc@1.0.0-65.rc10.rhaos4.3.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "runc-debugsource-0:1.0.0-65.rc10.rhaos4.3.el8.x86_64",
"product": {
"name": "runc-debugsource-0:1.0.0-65.rc10.rhaos4.3.el8.x86_64",
"product_id": "runc-debugsource-0:1.0.0-65.rc10.rhaos4.3.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/runc-debugsource@1.0.0-65.rc10.rhaos4.3.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "runc-debuginfo-0:1.0.0-65.rc10.rhaos4.3.el8.x86_64",
"product": {
"name": "runc-debuginfo-0:1.0.0-65.rc10.rhaos4.3.el8.x86_64",
"product_id": "runc-debuginfo-0:1.0.0-65.rc10.rhaos4.3.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/runc-debuginfo@1.0.0-65.rc10.rhaos4.3.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "cri-tools-0:1.17.0-2.el8.x86_64",
"product": {
"name": "cri-tools-0:1.17.0-2.el8.x86_64",
"product_id": "cri-tools-0:1.17.0-2.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cri-tools@1.17.0-2.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "cri-tools-debugsource-0:1.17.0-2.el8.x86_64",
"product": {
"name": "cri-tools-debugsource-0:1.17.0-2.el8.x86_64",
"product_id": "cri-tools-debugsource-0:1.17.0-2.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cri-tools-debugsource@1.17.0-2.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "cri-tools-debuginfo-0:1.17.0-2.el8.x86_64",
"product": {
"name": "cri-tools-debuginfo-0:1.17.0-2.el8.x86_64",
"product_id": "cri-tools-debuginfo-0:1.17.0-2.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cri-tools-debuginfo@1.17.0-2.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "containers-common-1:0.1.40-4.rhaos.el8.x86_64",
"product": {
"name": "containers-common-1:0.1.40-4.rhaos.el8.x86_64",
"product_id": "containers-common-1:0.1.40-4.rhaos.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/containers-common@0.1.40-4.rhaos.el8?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "skopeo-1:0.1.40-4.rhaos.el8.x86_64",
"product": {
"name": "skopeo-1:0.1.40-4.rhaos.el8.x86_64",
"product_id": "skopeo-1:0.1.40-4.rhaos.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/skopeo@0.1.40-4.rhaos.el8?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "skopeo-tests-1:0.1.40-4.rhaos.el8.x86_64",
"product": {
"name": "skopeo-tests-1:0.1.40-4.rhaos.el8.x86_64",
"product_id": "skopeo-tests-1:0.1.40-4.rhaos.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/skopeo-tests@0.1.40-4.rhaos.el8?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "skopeo-debugsource-1:0.1.40-4.rhaos.el8.x86_64",
"product": {
"name": "skopeo-debugsource-1:0.1.40-4.rhaos.el8.x86_64",
"product_id": "skopeo-debugsource-1:0.1.40-4.rhaos.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/skopeo-debugsource@0.1.40-4.rhaos.el8?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "skopeo-debuginfo-1:0.1.40-4.rhaos.el8.x86_64",
"product": {
"name": "skopeo-debuginfo-1:0.1.40-4.rhaos.el8.x86_64",
"product_id": "skopeo-debuginfo-1:0.1.40-4.rhaos.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/skopeo-debuginfo@0.1.40-4.rhaos.el8?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "cri-o-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.x86_64",
"product": {
"name": "cri-o-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.x86_64",
"product_id": "cri-o-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cri-o@1.16.3-22.dev.rhaos4.3.git11c04e3.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "cri-o-debugsource-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.x86_64",
"product": {
"name": "cri-o-debugsource-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.x86_64",
"product_id": "cri-o-debugsource-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cri-o-debugsource@1.16.3-22.dev.rhaos4.3.git11c04e3.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "cri-o-debuginfo-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.x86_64",
"product": {
"name": "cri-o-debuginfo-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.x86_64",
"product_id": "cri-o-debuginfo-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cri-o-debuginfo@1.16.3-22.dev.rhaos4.3.git11c04e3.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "buildah-0:1.11.6-4.el8.x86_64",
"product": {
"name": "buildah-0:1.11.6-4.el8.x86_64",
"product_id": "buildah-0:1.11.6-4.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/buildah@1.11.6-4.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "buildah-tests-0:1.11.6-4.el8.x86_64",
"product": {
"name": "buildah-tests-0:1.11.6-4.el8.x86_64",
"product_id": "buildah-tests-0:1.11.6-4.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/buildah-tests@1.11.6-4.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "buildah-debugsource-0:1.11.6-4.el8.x86_64",
"product": {
"name": "buildah-debugsource-0:1.11.6-4.el8.x86_64",
"product_id": "buildah-debugsource-0:1.11.6-4.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/buildah-debugsource@1.11.6-4.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "buildah-debuginfo-0:1.11.6-4.el8.x86_64",
"product": {
"name": "buildah-debuginfo-0:1.11.6-4.el8.x86_64",
"product_id": "buildah-debuginfo-0:1.11.6-4.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/buildah-debuginfo@1.11.6-4.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "buildah-tests-debuginfo-0:1.11.6-4.el8.x86_64",
"product": {
"name": "buildah-tests-debuginfo-0:1.11.6-4.el8.x86_64",
"product_id": "buildah-tests-debuginfo-0:1.11.6-4.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/buildah-tests-debuginfo@1.11.6-4.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "openshift-hyperkube-0:4.3.5-202002280657.git.0.b3bfb5a.el8.x86_64",
"product": {
"name": "openshift-hyperkube-0:4.3.5-202002280657.git.0.b3bfb5a.el8.x86_64",
"product_id": "openshift-hyperkube-0:4.3.5-202002280657.git.0.b3bfb5a.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-hyperkube@4.3.5-202002280657.git.0.b3bfb5a.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el8.x86_64",
"product": {
"name": "openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el8.x86_64",
"product_id": "openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-clients@4.3.5-202002280657.git.1.55a9334.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "openshift-clients-redistributable-0:4.3.5-202002280657.git.1.55a9334.el8.x86_64",
"product": {
"name": "openshift-clients-redistributable-0:4.3.5-202002280657.git.1.55a9334.el8.x86_64",
"product_id": "openshift-clients-redistributable-0:4.3.5-202002280657.git.1.55a9334.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-clients-redistributable@4.3.5-202002280657.git.1.55a9334.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "machine-config-daemon-0:4.3.5-202003020117.git.0.61e0e48.el8.x86_64",
"product": {
"name": "machine-config-daemon-0:4.3.5-202003020117.git.0.61e0e48.el8.x86_64",
"product_id": "machine-config-daemon-0:4.3.5-202003020117.git.0.61e0e48.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/machine-config-daemon@4.3.5-202003020117.git.0.61e0e48.el8?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "cri-tools-0:1.17.0-1.el7.src",
"product": {
"name": "cri-tools-0:1.17.0-1.el7.src",
"product_id": "cri-tools-0:1.17.0-1.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cri-tools@1.17.0-1.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "openshift-0:4.3.5-202002280657.git.0.b3bfb5a.el7.src",
"product": {
"name": "openshift-0:4.3.5-202002280657.git.0.b3bfb5a.el7.src",
"product_id": "openshift-0:4.3.5-202002280657.git.0.b3bfb5a.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift@4.3.5-202002280657.git.0.b3bfb5a.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el7.src",
"product": {
"name": "openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el7.src",
"product_id": "openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-clients@4.3.5-202002280657.git.1.55a9334.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "openshift-ansible-0:4.3.5-202002280657.git.1.e4f02b3.el7.src",
"product": {
"name": "openshift-ansible-0:4.3.5-202002280657.git.1.e4f02b3.el7.src",
"product_id": "openshift-ansible-0:4.3.5-202002280657.git.1.e4f02b3.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-ansible@4.3.5-202002280657.git.1.e4f02b3.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "atomic-openshift-service-idler-0:4.3.5-202003020117.git.13.3ac2b0e.el7.src",
"product": {
"name": "atomic-openshift-service-idler-0:4.3.5-202003020117.git.13.3ac2b0e.el7.src",
"product_id": "atomic-openshift-service-idler-0:4.3.5-202003020117.git.13.3ac2b0e.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/atomic-openshift-service-idler@4.3.5-202003020117.git.13.3ac2b0e.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "atomic-enterprise-service-catalog-1:4.3.5-202003020117.git.0.4eb885c.el7.src",
"product": {
"name": "atomic-enterprise-service-catalog-1:4.3.5-202003020117.git.0.4eb885c.el7.src",
"product_id": "atomic-enterprise-service-catalog-1:4.3.5-202003020117.git.0.4eb885c.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/atomic-enterprise-service-catalog@4.3.5-202003020117.git.0.4eb885c.el7?arch=src\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "ovn2.12-0:2.12.0-32.el7fdn.src",
"product": {
"name": "ovn2.12-0:2.12.0-32.el7fdn.src",
"product_id": "ovn2.12-0:2.12.0-32.el7fdn.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ovn2.12@2.12.0-32.el7fdn?arch=src"
}
}
},
{
"category": "product_version",
"name": "jenkins-2-plugins-0:4.3.1583445947-1.el7.src",
"product": {
"name": "jenkins-2-plugins-0:4.3.1583445947-1.el7.src",
"product_id": "jenkins-2-plugins-0:4.3.1583445947-1.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jenkins-2-plugins@4.3.1583445947-1.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jenkins-0:2.204.2.1583446818-1.el7.src",
"product": {
"name": "jenkins-0:2.204.2.1583446818-1.el7.src",
"product_id": "jenkins-0:2.204.2.1583446818-1.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jenkins@2.204.2.1583446818-1.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "runc-0:1.0.0-65.rc10.rhaos4.3.el8.src",
"product": {
"name": "runc-0:1.0.0-65.rc10.rhaos4.3.el8.src",
"product_id": "runc-0:1.0.0-65.rc10.rhaos4.3.el8.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/runc@1.0.0-65.rc10.rhaos4.3.el8?arch=src"
}
}
},
{
"category": "product_version",
"name": "cri-tools-0:1.17.0-2.el8.src",
"product": {
"name": "cri-tools-0:1.17.0-2.el8.src",
"product_id": "cri-tools-0:1.17.0-2.el8.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cri-tools@1.17.0-2.el8?arch=src"
}
}
},
{
"category": "product_version",
"name": "skopeo-1:0.1.40-4.rhaos.el8.src",
"product": {
"name": "skopeo-1:0.1.40-4.rhaos.el8.src",
"product_id": "skopeo-1:0.1.40-4.rhaos.el8.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/skopeo@0.1.40-4.rhaos.el8?arch=src\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "cri-o-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.src",
"product": {
"name": "cri-o-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.src",
"product_id": "cri-o-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cri-o@1.16.3-22.dev.rhaos4.3.git11c04e3.el8?arch=src"
}
}
},
{
"category": "product_version",
"name": "buildah-0:1.11.6-4.el8.src",
"product": {
"name": "buildah-0:1.11.6-4.el8.src",
"product_id": "buildah-0:1.11.6-4.el8.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/buildah@1.11.6-4.el8?arch=src"
}
}
},
{
"category": "product_version",
"name": "openshift-0:4.3.5-202002280657.git.0.b3bfb5a.el8.src",
"product": {
"name": "openshift-0:4.3.5-202002280657.git.0.b3bfb5a.el8.src",
"product_id": "openshift-0:4.3.5-202002280657.git.0.b3bfb5a.el8.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift@4.3.5-202002280657.git.0.b3bfb5a.el8?arch=src"
}
}
},
{
"category": "product_version",
"name": "openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el8.src",
"product": {
"name": "openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el8.src",
"product_id": "openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el8.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-clients@4.3.5-202002280657.git.1.55a9334.el8?arch=src"
}
}
},
{
"category": "product_version",
"name": "machine-config-daemon-0:4.3.5-202003020117.git.0.61e0e48.el8.src",
"product": {
"name": "machine-config-daemon-0:4.3.5-202003020117.git.0.61e0e48.el8.src",
"product_id": "machine-config-daemon-0:4.3.5-202003020117.git.0.61e0e48.el8.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/machine-config-daemon@4.3.5-202003020117.git.0.61e0e48.el8?arch=src"
}
}
},
{
"category": "product_version",
"name": "openshift-kuryr-0:4.3.5-202003020117.git.0.237579a.el8.src",
"product": {
"name": "openshift-kuryr-0:4.3.5-202003020117.git.0.237579a.el8.src",
"product_id": "openshift-kuryr-0:4.3.5-202003020117.git.0.237579a.el8.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-kuryr@4.3.5-202003020117.git.0.237579a.el8?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-ansible-0:4.3.5-202002280657.git.1.e4f02b3.el7.noarch",
"product": {
"name": "openshift-ansible-0:4.3.5-202002280657.git.1.e4f02b3.el7.noarch",
"product_id": "openshift-ansible-0:4.3.5-202002280657.git.1.e4f02b3.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-ansible@4.3.5-202002280657.git.1.e4f02b3.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "openshift-ansible-test-0:4.3.5-202002280657.git.1.e4f02b3.el7.noarch",
"product": {
"name": "openshift-ansible-test-0:4.3.5-202002280657.git.1.e4f02b3.el7.noarch",
"product_id": "openshift-ansible-test-0:4.3.5-202002280657.git.1.e4f02b3.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-ansible-test@4.3.5-202002280657.git.1.e4f02b3.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jenkins-2-plugins-0:4.3.1583445947-1.el7.noarch",
"product": {
"name": "jenkins-2-plugins-0:4.3.1583445947-1.el7.noarch",
"product_id": "jenkins-2-plugins-0:4.3.1583445947-1.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jenkins-2-plugins@4.3.1583445947-1.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jenkins-0:2.204.2.1583446818-1.el7.noarch",
"product": {
"name": "jenkins-0:2.204.2.1583446818-1.el7.noarch",
"product_id": "jenkins-0:2.204.2.1583446818-1.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jenkins@2.204.2.1583446818-1.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "openshift-kuryr-cni-0:4.3.5-202003020117.git.0.237579a.el8.noarch",
"product": {
"name": "openshift-kuryr-cni-0:4.3.5-202003020117.git.0.237579a.el8.noarch",
"product_id": "openshift-kuryr-cni-0:4.3.5-202003020117.git.0.237579a.el8.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-kuryr-cni@4.3.5-202003020117.git.0.237579a.el8?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "openshift-kuryr-common-0:4.3.5-202003020117.git.0.237579a.el8.noarch",
"product": {
"name": "openshift-kuryr-common-0:4.3.5-202003020117.git.0.237579a.el8.noarch",
"product_id": "openshift-kuryr-common-0:4.3.5-202003020117.git.0.237579a.el8.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-kuryr-common@4.3.5-202003020117.git.0.237579a.el8?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "openshift-kuryr-controller-0:4.3.5-202003020117.git.0.237579a.el8.noarch",
"product": {
"name": "openshift-kuryr-controller-0:4.3.5-202003020117.git.0.237579a.el8.noarch",
"product_id": "openshift-kuryr-controller-0:4.3.5-202003020117.git.0.237579a.el8.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-kuryr-controller@4.3.5-202003020117.git.0.237579a.el8?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "python3-kuryr-kubernetes-0:4.3.5-202003020117.git.0.237579a.el8.noarch",
"product": {
"name": "python3-kuryr-kubernetes-0:4.3.5-202003020117.git.0.237579a.el8.noarch",
"product_id": "python3-kuryr-kubernetes-0:4.3.5-202003020117.git.0.237579a.el8.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-kuryr-kubernetes@4.3.5-202003020117.git.0.237579a.el8?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "atomic-enterprise-service-catalog-1:4.3.5-202003020117.git.0.4eb885c.el7.src as a component of Red Hat OpenShift Container Platform 4.3",
"product_id": "7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-1:4.3.5-202003020117.git.0.4eb885c.el7.src"
},
"product_reference": "atomic-enterprise-service-catalog-1:4.3.5-202003020117.git.0.4eb885c.el7.src",
"relates_to_product_reference": "7Server-RH7-RHOSE-4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "atomic-enterprise-service-catalog-1:4.3.5-202003020117.git.0.4eb885c.el7.x86_64 as a component of Red Hat OpenShift Container Platform 4.3",
"product_id": "7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-1:4.3.5-202003020117.git.0.4eb885c.el7.x86_64"
},
"product_reference": "atomic-enterprise-service-catalog-1:4.3.5-202003020117.git.0.4eb885c.el7.x86_64",
"relates_to_product_reference": "7Server-RH7-RHOSE-4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "atomic-enterprise-service-catalog-svcat-1:4.3.5-202003020117.git.0.4eb885c.el7.x86_64 as a component of Red Hat OpenShift Container Platform 4.3",
"product_id": "7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-svcat-1:4.3.5-202003020117.git.0.4eb885c.el7.x86_64"
},
"product_reference": "atomic-enterprise-service-catalog-svcat-1:4.3.5-202003020117.git.0.4eb885c.el7.x86_64",
"relates_to_product_reference": "7Server-RH7-RHOSE-4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "atomic-openshift-service-idler-0:4.3.5-202003020117.git.13.3ac2b0e.el7.src as a component of Red Hat OpenShift Container Platform 4.3",
"product_id": "7Server-RH7-RHOSE-4.3:atomic-openshift-service-idler-0:4.3.5-202003020117.git.13.3ac2b0e.el7.src"
},
"product_reference": "atomic-openshift-service-idler-0:4.3.5-202003020117.git.13.3ac2b0e.el7.src",
"relates_to_product_reference": "7Server-RH7-RHOSE-4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "atomic-openshift-service-idler-0:4.3.5-202003020117.git.13.3ac2b0e.el7.x86_64 as a component of Red Hat OpenShift Container Platform 4.3",
"product_id": "7Server-RH7-RHOSE-4.3:atomic-openshift-service-idler-0:4.3.5-202003020117.git.13.3ac2b0e.el7.x86_64"
},
"product_reference": "atomic-openshift-service-idler-0:4.3.5-202003020117.git.13.3ac2b0e.el7.x86_64",
"relates_to_product_reference": "7Server-RH7-RHOSE-4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cri-tools-0:1.17.0-1.el7.src as a component of Red Hat OpenShift Container Platform 4.3",
"product_id": "7Server-RH7-RHOSE-4.3:cri-tools-0:1.17.0-1.el7.src"
},
"product_reference": "cri-tools-0:1.17.0-1.el7.src",
"relates_to_product_reference": "7Server-RH7-RHOSE-4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cri-tools-0:1.17.0-1.el7.x86_64 as a component of Red Hat OpenShift Container Platform 4.3",
"product_id": "7Server-RH7-RHOSE-4.3:cri-tools-0:1.17.0-1.el7.x86_64"
},
"product_reference": "cri-tools-0:1.17.0-1.el7.x86_64",
"relates_to_product_reference": "7Server-RH7-RHOSE-4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cri-tools-debuginfo-0:1.17.0-1.el7.x86_64 as a component of Red Hat OpenShift Container Platform 4.3",
"product_id": "7Server-RH7-RHOSE-4.3:cri-tools-debuginfo-0:1.17.0-1.el7.x86_64"
},
"product_reference": "cri-tools-debuginfo-0:1.17.0-1.el7.x86_64",
"relates_to_product_reference": "7Server-RH7-RHOSE-4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jenkins-0:2.204.2.1583446818-1.el7.noarch as a component of Red Hat OpenShift Container Platform 4.3",
"product_id": "7Server-RH7-RHOSE-4.3:jenkins-0:2.204.2.1583446818-1.el7.noarch"
},
"product_reference": "jenkins-0:2.204.2.1583446818-1.el7.noarch",
"relates_to_product_reference": "7Server-RH7-RHOSE-4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jenkins-0:2.204.2.1583446818-1.el7.src as a component of Red Hat OpenShift Container Platform 4.3",
"product_id": "7Server-RH7-RHOSE-4.3:jenkins-0:2.204.2.1583446818-1.el7.src"
},
"product_reference": "jenkins-0:2.204.2.1583446818-1.el7.src",
"relates_to_product_reference": "7Server-RH7-RHOSE-4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jenkins-2-plugins-0:4.3.1583445947-1.el7.noarch as a component of Red Hat OpenShift Container Platform 4.3",
"product_id": "7Server-RH7-RHOSE-4.3:jenkins-2-plugins-0:4.3.1583445947-1.el7.noarch"
},
"product_reference": "jenkins-2-plugins-0:4.3.1583445947-1.el7.noarch",
"relates_to_product_reference": "7Server-RH7-RHOSE-4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jenkins-2-plugins-0:4.3.1583445947-1.el7.src as a component of Red Hat OpenShift Container Platform 4.3",
"product_id": "7Server-RH7-RHOSE-4.3:jenkins-2-plugins-0:4.3.1583445947-1.el7.src"
},
"product_reference": "jenkins-2-plugins-0:4.3.1583445947-1.el7.src",
"relates_to_product_reference": "7Server-RH7-RHOSE-4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-0:4.3.5-202002280657.git.0.b3bfb5a.el7.src as a component of Red Hat OpenShift Container Platform 4.3",
"product_id": "7Server-RH7-RHOSE-4.3:openshift-0:4.3.5-202002280657.git.0.b3bfb5a.el7.src"
},
"product_reference": "openshift-0:4.3.5-202002280657.git.0.b3bfb5a.el7.src",
"relates_to_product_reference": "7Server-RH7-RHOSE-4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-ansible-0:4.3.5-202002280657.git.1.e4f02b3.el7.noarch as a component of Red Hat OpenShift Container Platform 4.3",
"product_id": "7Server-RH7-RHOSE-4.3:openshift-ansible-0:4.3.5-202002280657.git.1.e4f02b3.el7.noarch"
},
"product_reference": "openshift-ansible-0:4.3.5-202002280657.git.1.e4f02b3.el7.noarch",
"relates_to_product_reference": "7Server-RH7-RHOSE-4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-ansible-0:4.3.5-202002280657.git.1.e4f02b3.el7.src as a component of Red Hat OpenShift Container Platform 4.3",
"product_id": "7Server-RH7-RHOSE-4.3:openshift-ansible-0:4.3.5-202002280657.git.1.e4f02b3.el7.src"
},
"product_reference": "openshift-ansible-0:4.3.5-202002280657.git.1.e4f02b3.el7.src",
"relates_to_product_reference": "7Server-RH7-RHOSE-4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-ansible-test-0:4.3.5-202002280657.git.1.e4f02b3.el7.noarch as a component of Red Hat OpenShift Container Platform 4.3",
"product_id": "7Server-RH7-RHOSE-4.3:openshift-ansible-test-0:4.3.5-202002280657.git.1.e4f02b3.el7.noarch"
},
"product_reference": "openshift-ansible-test-0:4.3.5-202002280657.git.1.e4f02b3.el7.noarch",
"relates_to_product_reference": "7Server-RH7-RHOSE-4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el7.src as a component of Red Hat OpenShift Container Platform 4.3",
"product_id": "7Server-RH7-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el7.src"
},
"product_reference": "openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el7.src",
"relates_to_product_reference": "7Server-RH7-RHOSE-4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el7.x86_64 as a component of Red Hat OpenShift Container Platform 4.3",
"product_id": "7Server-RH7-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el7.x86_64"
},
"product_reference": "openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el7.x86_64",
"relates_to_product_reference": "7Server-RH7-RHOSE-4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-clients-redistributable-0:4.3.5-202002280657.git.1.55a9334.el7.x86_64 as a component of Red Hat OpenShift Container Platform 4.3",
"product_id": "7Server-RH7-RHOSE-4.3:openshift-clients-redistributable-0:4.3.5-202002280657.git.1.55a9334.el7.x86_64"
},
"product_reference": "openshift-clients-redistributable-0:4.3.5-202002280657.git.1.55a9334.el7.x86_64",
"relates_to_product_reference": "7Server-RH7-RHOSE-4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-hyperkube-0:4.3.5-202002280657.git.0.b3bfb5a.el7.x86_64 as a component of Red Hat OpenShift Container Platform 4.3",
"product_id": "7Server-RH7-RHOSE-4.3:openshift-hyperkube-0:4.3.5-202002280657.git.0.b3bfb5a.el7.x86_64"
},
"product_reference": "openshift-hyperkube-0:4.3.5-202002280657.git.0.b3bfb5a.el7.x86_64",
"relates_to_product_reference": "7Server-RH7-RHOSE-4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ovn2.12-0:2.12.0-32.el7fdn.src as a component of Red Hat OpenShift Container Platform 4.3",
"product_id": "7Server-RH7-RHOSE-4.3:ovn2.12-0:2.12.0-32.el7fdn.src"
},
"product_reference": "ovn2.12-0:2.12.0-32.el7fdn.src",
"relates_to_product_reference": "7Server-RH7-RHOSE-4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ovn2.12-0:2.12.0-32.el7fdn.x86_64 as a component of Red Hat OpenShift Container Platform 4.3",
"product_id": "7Server-RH7-RHOSE-4.3:ovn2.12-0:2.12.0-32.el7fdn.x86_64"
},
"product_reference": "ovn2.12-0:2.12.0-32.el7fdn.x86_64",
"relates_to_product_reference": "7Server-RH7-RHOSE-4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ovn2.12-central-0:2.12.0-32.el7fdn.x86_64 as a component of Red Hat OpenShift Container Platform 4.3",
"product_id": "7Server-RH7-RHOSE-4.3:ovn2.12-central-0:2.12.0-32.el7fdn.x86_64"
},
"product_reference": "ovn2.12-central-0:2.12.0-32.el7fdn.x86_64",
"relates_to_product_reference": "7Server-RH7-RHOSE-4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ovn2.12-debuginfo-0:2.12.0-32.el7fdn.x86_64 as a component of Red Hat OpenShift Container Platform 4.3",
"product_id": "7Server-RH7-RHOSE-4.3:ovn2.12-debuginfo-0:2.12.0-32.el7fdn.x86_64"
},
"product_reference": "ovn2.12-debuginfo-0:2.12.0-32.el7fdn.x86_64",
"relates_to_product_reference": "7Server-RH7-RHOSE-4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ovn2.12-host-0:2.12.0-32.el7fdn.x86_64 as a component of Red Hat OpenShift Container Platform 4.3",
"product_id": "7Server-RH7-RHOSE-4.3:ovn2.12-host-0:2.12.0-32.el7fdn.x86_64"
},
"product_reference": "ovn2.12-host-0:2.12.0-32.el7fdn.x86_64",
"relates_to_product_reference": "7Server-RH7-RHOSE-4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ovn2.12-vtep-0:2.12.0-32.el7fdn.x86_64 as a component of Red Hat OpenShift Container Platform 4.3",
"product_id": "7Server-RH7-RHOSE-4.3:ovn2.12-vtep-0:2.12.0-32.el7fdn.x86_64"
},
"product_reference": "ovn2.12-vtep-0:2.12.0-32.el7fdn.x86_64",
"relates_to_product_reference": "7Server-RH7-RHOSE-4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "buildah-0:1.11.6-4.el8.src as a component of Red Hat OpenShift Container Platform 4.3",
"product_id": "8Base-RHOSE-4.3:buildah-0:1.11.6-4.el8.src"
},
"product_reference": "buildah-0:1.11.6-4.el8.src",
"relates_to_product_reference": "8Base-RHOSE-4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "buildah-0:1.11.6-4.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.3",
"product_id": "8Base-RHOSE-4.3:buildah-0:1.11.6-4.el8.x86_64"
},
"product_reference": "buildah-0:1.11.6-4.el8.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "buildah-debuginfo-0:1.11.6-4.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.3",
"product_id": "8Base-RHOSE-4.3:buildah-debuginfo-0:1.11.6-4.el8.x86_64"
},
"product_reference": "buildah-debuginfo-0:1.11.6-4.el8.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "buildah-debugsource-0:1.11.6-4.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.3",
"product_id": "8Base-RHOSE-4.3:buildah-debugsource-0:1.11.6-4.el8.x86_64"
},
"product_reference": "buildah-debugsource-0:1.11.6-4.el8.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "buildah-tests-0:1.11.6-4.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.3",
"product_id": "8Base-RHOSE-4.3:buildah-tests-0:1.11.6-4.el8.x86_64"
},
"product_reference": "buildah-tests-0:1.11.6-4.el8.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "buildah-tests-debuginfo-0:1.11.6-4.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.3",
"product_id": "8Base-RHOSE-4.3:buildah-tests-debuginfo-0:1.11.6-4.el8.x86_64"
},
"product_reference": "buildah-tests-debuginfo-0:1.11.6-4.el8.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "containers-common-1:0.1.40-4.rhaos.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.3",
"product_id": "8Base-RHOSE-4.3:containers-common-1:0.1.40-4.rhaos.el8.x86_64"
},
"product_reference": "containers-common-1:0.1.40-4.rhaos.el8.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cri-o-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.src as a component of Red Hat OpenShift Container Platform 4.3",
"product_id": "8Base-RHOSE-4.3:cri-o-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.src"
},
"product_reference": "cri-o-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.src",
"relates_to_product_reference": "8Base-RHOSE-4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cri-o-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.3",
"product_id": "8Base-RHOSE-4.3:cri-o-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.x86_64"
},
"product_reference": "cri-o-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cri-o-debuginfo-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.3",
"product_id": "8Base-RHOSE-4.3:cri-o-debuginfo-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.x86_64"
},
"product_reference": "cri-o-debuginfo-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cri-o-debugsource-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.3",
"product_id": "8Base-RHOSE-4.3:cri-o-debugsource-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.x86_64"
},
"product_reference": "cri-o-debugsource-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cri-tools-0:1.17.0-2.el8.src as a component of Red Hat OpenShift Container Platform 4.3",
"product_id": "8Base-RHOSE-4.3:cri-tools-0:1.17.0-2.el8.src"
},
"product_reference": "cri-tools-0:1.17.0-2.el8.src",
"relates_to_product_reference": "8Base-RHOSE-4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cri-tools-0:1.17.0-2.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.3",
"product_id": "8Base-RHOSE-4.3:cri-tools-0:1.17.0-2.el8.x86_64"
},
"product_reference": "cri-tools-0:1.17.0-2.el8.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cri-tools-debuginfo-0:1.17.0-2.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.3",
"product_id": "8Base-RHOSE-4.3:cri-tools-debuginfo-0:1.17.0-2.el8.x86_64"
},
"product_reference": "cri-tools-debuginfo-0:1.17.0-2.el8.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cri-tools-debugsource-0:1.17.0-2.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.3",
"product_id": "8Base-RHOSE-4.3:cri-tools-debugsource-0:1.17.0-2.el8.x86_64"
},
"product_reference": "cri-tools-debugsource-0:1.17.0-2.el8.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "machine-config-daemon-0:4.3.5-202003020117.git.0.61e0e48.el8.src as a component of Red Hat OpenShift Container Platform 4.3",
"product_id": "8Base-RHOSE-4.3:machine-config-daemon-0:4.3.5-202003020117.git.0.61e0e48.el8.src"
},
"product_reference": "machine-config-daemon-0:4.3.5-202003020117.git.0.61e0e48.el8.src",
"relates_to_product_reference": "8Base-RHOSE-4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "machine-config-daemon-0:4.3.5-202003020117.git.0.61e0e48.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.3",
"product_id": "8Base-RHOSE-4.3:machine-config-daemon-0:4.3.5-202003020117.git.0.61e0e48.el8.x86_64"
},
"product_reference": "machine-config-daemon-0:4.3.5-202003020117.git.0.61e0e48.el8.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-0:4.3.5-202002280657.git.0.b3bfb5a.el8.src as a component of Red Hat OpenShift Container Platform 4.3",
"product_id": "8Base-RHOSE-4.3:openshift-0:4.3.5-202002280657.git.0.b3bfb5a.el8.src"
},
"product_reference": "openshift-0:4.3.5-202002280657.git.0.b3bfb5a.el8.src",
"relates_to_product_reference": "8Base-RHOSE-4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el8.src as a component of Red Hat OpenShift Container Platform 4.3",
"product_id": "8Base-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el8.src"
},
"product_reference": "openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el8.src",
"relates_to_product_reference": "8Base-RHOSE-4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.3",
"product_id": "8Base-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el8.x86_64"
},
"product_reference": "openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el8.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-clients-redistributable-0:4.3.5-202002280657.git.1.55a9334.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.3",
"product_id": "8Base-RHOSE-4.3:openshift-clients-redistributable-0:4.3.5-202002280657.git.1.55a9334.el8.x86_64"
},
"product_reference": "openshift-clients-redistributable-0:4.3.5-202002280657.git.1.55a9334.el8.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-hyperkube-0:4.3.5-202002280657.git.0.b3bfb5a.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.3",
"product_id": "8Base-RHOSE-4.3:openshift-hyperkube-0:4.3.5-202002280657.git.0.b3bfb5a.el8.x86_64"
},
"product_reference": "openshift-hyperkube-0:4.3.5-202002280657.git.0.b3bfb5a.el8.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-kuryr-0:4.3.5-202003020117.git.0.237579a.el8.src as a component of Red Hat OpenShift Container Platform 4.3",
"product_id": "8Base-RHOSE-4.3:openshift-kuryr-0:4.3.5-202003020117.git.0.237579a.el8.src"
},
"product_reference": "openshift-kuryr-0:4.3.5-202003020117.git.0.237579a.el8.src",
"relates_to_product_reference": "8Base-RHOSE-4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-kuryr-cni-0:4.3.5-202003020117.git.0.237579a.el8.noarch as a component of Red Hat OpenShift Container Platform 4.3",
"product_id": "8Base-RHOSE-4.3:openshift-kuryr-cni-0:4.3.5-202003020117.git.0.237579a.el8.noarch"
},
"product_reference": "openshift-kuryr-cni-0:4.3.5-202003020117.git.0.237579a.el8.noarch",
"relates_to_product_reference": "8Base-RHOSE-4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-kuryr-common-0:4.3.5-202003020117.git.0.237579a.el8.noarch as a component of Red Hat OpenShift Container Platform 4.3",
"product_id": "8Base-RHOSE-4.3:openshift-kuryr-common-0:4.3.5-202003020117.git.0.237579a.el8.noarch"
},
"product_reference": "openshift-kuryr-common-0:4.3.5-202003020117.git.0.237579a.el8.noarch",
"relates_to_product_reference": "8Base-RHOSE-4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-kuryr-controller-0:4.3.5-202003020117.git.0.237579a.el8.noarch as a component of Red Hat OpenShift Container Platform 4.3",
"product_id": "8Base-RHOSE-4.3:openshift-kuryr-controller-0:4.3.5-202003020117.git.0.237579a.el8.noarch"
},
"product_reference": "openshift-kuryr-controller-0:4.3.5-202003020117.git.0.237579a.el8.noarch",
"relates_to_product_reference": "8Base-RHOSE-4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-kuryr-kubernetes-0:4.3.5-202003020117.git.0.237579a.el8.noarch as a component of Red Hat OpenShift Container Platform 4.3",
"product_id": "8Base-RHOSE-4.3:python3-kuryr-kubernetes-0:4.3.5-202003020117.git.0.237579a.el8.noarch"
},
"product_reference": "python3-kuryr-kubernetes-0:4.3.5-202003020117.git.0.237579a.el8.noarch",
"relates_to_product_reference": "8Base-RHOSE-4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "runc-0:1.0.0-65.rc10.rhaos4.3.el8.src as a component of Red Hat OpenShift Container Platform 4.3",
"product_id": "8Base-RHOSE-4.3:runc-0:1.0.0-65.rc10.rhaos4.3.el8.src"
},
"product_reference": "runc-0:1.0.0-65.rc10.rhaos4.3.el8.src",
"relates_to_product_reference": "8Base-RHOSE-4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "runc-0:1.0.0-65.rc10.rhaos4.3.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.3",
"product_id": "8Base-RHOSE-4.3:runc-0:1.0.0-65.rc10.rhaos4.3.el8.x86_64"
},
"product_reference": "runc-0:1.0.0-65.rc10.rhaos4.3.el8.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "runc-debuginfo-0:1.0.0-65.rc10.rhaos4.3.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.3",
"product_id": "8Base-RHOSE-4.3:runc-debuginfo-0:1.0.0-65.rc10.rhaos4.3.el8.x86_64"
},
"product_reference": "runc-debuginfo-0:1.0.0-65.rc10.rhaos4.3.el8.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "runc-debugsource-0:1.0.0-65.rc10.rhaos4.3.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.3",
"product_id": "8Base-RHOSE-4.3:runc-debugsource-0:1.0.0-65.rc10.rhaos4.3.el8.x86_64"
},
"product_reference": "runc-debugsource-0:1.0.0-65.rc10.rhaos4.3.el8.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "skopeo-1:0.1.40-4.rhaos.el8.src as a component of Red Hat OpenShift Container Platform 4.3",
"product_id": "8Base-RHOSE-4.3:skopeo-1:0.1.40-4.rhaos.el8.src"
},
"product_reference": "skopeo-1:0.1.40-4.rhaos.el8.src",
"relates_to_product_reference": "8Base-RHOSE-4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "skopeo-1:0.1.40-4.rhaos.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.3",
"product_id": "8Base-RHOSE-4.3:skopeo-1:0.1.40-4.rhaos.el8.x86_64"
},
"product_reference": "skopeo-1:0.1.40-4.rhaos.el8.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "skopeo-debuginfo-1:0.1.40-4.rhaos.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.3",
"product_id": "8Base-RHOSE-4.3:skopeo-debuginfo-1:0.1.40-4.rhaos.el8.x86_64"
},
"product_reference": "skopeo-debuginfo-1:0.1.40-4.rhaos.el8.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "skopeo-debugsource-1:0.1.40-4.rhaos.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.3",
"product_id": "8Base-RHOSE-4.3:skopeo-debugsource-1:0.1.40-4.rhaos.el8.x86_64"
},
"product_reference": "skopeo-debugsource-1:0.1.40-4.rhaos.el8.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "skopeo-tests-1:0.1.40-4.rhaos.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.3",
"product_id": "8Base-RHOSE-4.3:skopeo-tests-1:0.1.40-4.rhaos.el8.x86_64"
},
"product_reference": "skopeo-tests-1:0.1.40-4.rhaos.el8.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.3"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2020-2099",
"cwe": {
"id": "CWE-305",
"name": "Authentication Bypass by Primary Weakness"
},
"discovery_date": "2020-01-29T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-1:4.3.5-202003020117.git.0.4eb885c.el7.src",
"7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-1:4.3.5-202003020117.git.0.4eb885c.el7.x86_64",
"7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-svcat-1:4.3.5-202003020117.git.0.4eb885c.el7.x86_64",
"7Server-RH7-RHOSE-4.3:atomic-openshift-service-idler-0:4.3.5-202003020117.git.13.3ac2b0e.el7.src",
"7Server-RH7-RHOSE-4.3:atomic-openshift-service-idler-0:4.3.5-202003020117.git.13.3ac2b0e.el7.x86_64",
"7Server-RH7-RHOSE-4.3:cri-tools-0:1.17.0-1.el7.src",
"7Server-RH7-RHOSE-4.3:cri-tools-0:1.17.0-1.el7.x86_64",
"7Server-RH7-RHOSE-4.3:cri-tools-debuginfo-0:1.17.0-1.el7.x86_64",
"7Server-RH7-RHOSE-4.3:jenkins-2-plugins-0:4.3.1583445947-1.el7.noarch",
"7Server-RH7-RHOSE-4.3:jenkins-2-plugins-0:4.3.1583445947-1.el7.src",
"7Server-RH7-RHOSE-4.3:openshift-0:4.3.5-202002280657.git.0.b3bfb5a.el7.src",
"7Server-RH7-RHOSE-4.3:openshift-ansible-0:4.3.5-202002280657.git.1.e4f02b3.el7.noarch",
"7Server-RH7-RHOSE-4.3:openshift-ansible-0:4.3.5-202002280657.git.1.e4f02b3.el7.src",
"7Server-RH7-RHOSE-4.3:openshift-ansible-test-0:4.3.5-202002280657.git.1.e4f02b3.el7.noarch",
"7Server-RH7-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el7.src",
"7Server-RH7-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el7.x86_64",
"7Server-RH7-RHOSE-4.3:openshift-clients-redistributable-0:4.3.5-202002280657.git.1.55a9334.el7.x86_64",
"7Server-RH7-RHOSE-4.3:openshift-hyperkube-0:4.3.5-202002280657.git.0.b3bfb5a.el7.x86_64",
"7Server-RH7-RHOSE-4.3:ovn2.12-0:2.12.0-32.el7fdn.src",
"7Server-RH7-RHOSE-4.3:ovn2.12-0:2.12.0-32.el7fdn.x86_64",
"7Server-RH7-RHOSE-4.3:ovn2.12-central-0:2.12.0-32.el7fdn.x86_64",
"7Server-RH7-RHOSE-4.3:ovn2.12-debuginfo-0:2.12.0-32.el7fdn.x86_64",
"7Server-RH7-RHOSE-4.3:ovn2.12-host-0:2.12.0-32.el7fdn.x86_64",
"7Server-RH7-RHOSE-4.3:ovn2.12-vtep-0:2.12.0-32.el7fdn.x86_64",
"8Base-RHOSE-4.3:buildah-0:1.11.6-4.el8.src",
"8Base-RHOSE-4.3:buildah-0:1.11.6-4.el8.x86_64",
"8Base-RHOSE-4.3:buildah-debuginfo-0:1.11.6-4.el8.x86_64",
"8Base-RHOSE-4.3:buildah-debugsource-0:1.11.6-4.el8.x86_64",
"8Base-RHOSE-4.3:buildah-tests-0:1.11.6-4.el8.x86_64",
"8Base-RHOSE-4.3:buildah-tests-debuginfo-0:1.11.6-4.el8.x86_64",
"8Base-RHOSE-4.3:containers-common-1:0.1.40-4.rhaos.el8.x86_64",
"8Base-RHOSE-4.3:cri-o-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.src",
"8Base-RHOSE-4.3:cri-o-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.x86_64",
"8Base-RHOSE-4.3:cri-o-debuginfo-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.x86_64",
"8Base-RHOSE-4.3:cri-o-debugsource-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.x86_64",
"8Base-RHOSE-4.3:cri-tools-0:1.17.0-2.el8.src",
"8Base-RHOSE-4.3:cri-tools-0:1.17.0-2.el8.x86_64",
"8Base-RHOSE-4.3:cri-tools-debuginfo-0:1.17.0-2.el8.x86_64",
"8Base-RHOSE-4.3:cri-tools-debugsource-0:1.17.0-2.el8.x86_64",
"8Base-RHOSE-4.3:machine-config-daemon-0:4.3.5-202003020117.git.0.61e0e48.el8.src",
"8Base-RHOSE-4.3:machine-config-daemon-0:4.3.5-202003020117.git.0.61e0e48.el8.x86_64",
"8Base-RHOSE-4.3:openshift-0:4.3.5-202002280657.git.0.b3bfb5a.el8.src",
"8Base-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el8.src",
"8Base-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el8.x86_64",
"8Base-RHOSE-4.3:openshift-clients-redistributable-0:4.3.5-202002280657.git.1.55a9334.el8.x86_64",
"8Base-RHOSE-4.3:openshift-hyperkube-0:4.3.5-202002280657.git.0.b3bfb5a.el8.x86_64",
"8Base-RHOSE-4.3:openshift-kuryr-0:4.3.5-202003020117.git.0.237579a.el8.src",
"8Base-RHOSE-4.3:openshift-kuryr-cni-0:4.3.5-202003020117.git.0.237579a.el8.noarch",
"8Base-RHOSE-4.3:openshift-kuryr-common-0:4.3.5-202003020117.git.0.237579a.el8.noarch",
"8Base-RHOSE-4.3:openshift-kuryr-controller-0:4.3.5-202003020117.git.0.237579a.el8.noarch",
"8Base-RHOSE-4.3:python3-kuryr-kubernetes-0:4.3.5-202003020117.git.0.237579a.el8.noarch",
"8Base-RHOSE-4.3:runc-0:1.0.0-65.rc10.rhaos4.3.el8.src",
"8Base-RHOSE-4.3:runc-0:1.0.0-65.rc10.rhaos4.3.el8.x86_64",
"8Base-RHOSE-4.3:runc-debuginfo-0:1.0.0-65.rc10.rhaos4.3.el8.x86_64",
"8Base-RHOSE-4.3:runc-debugsource-0:1.0.0-65.rc10.rhaos4.3.el8.x86_64",
"8Base-RHOSE-4.3:skopeo-1:0.1.40-4.rhaos.el8.src",
"8Base-RHOSE-4.3:skopeo-1:0.1.40-4.rhaos.el8.x86_64",
"8Base-RHOSE-4.3:skopeo-debuginfo-1:0.1.40-4.rhaos.el8.x86_64",
"8Base-RHOSE-4.3:skopeo-debugsource-1:0.1.40-4.rhaos.el8.x86_64",
"8Base-RHOSE-4.3:skopeo-tests-1:0.1.40-4.rhaos.el8.x86_64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1797080"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Jenkins. Encryption key parameters are improperly reused in the Inbound TCP Agent Protocol/3 allowing unauthorized attackers with knowledge of agent names to obtain the connection secrets for those agents. The highest threat from this vulnerability is to data confidentiality.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jenkins: Inbound TCP Agent Protocol/3 authentication bypass",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RH7-RHOSE-4.3:jenkins-0:2.204.2.1583446818-1.el7.noarch",
"7Server-RH7-RHOSE-4.3:jenkins-0:2.204.2.1583446818-1.el7.src"
],
"known_not_affected": [
"7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-1:4.3.5-202003020117.git.0.4eb885c.el7.src",
"7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-1:4.3.5-202003020117.git.0.4eb885c.el7.x86_64",
"7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-svcat-1:4.3.5-202003020117.git.0.4eb885c.el7.x86_64",
"7Server-RH7-RHOSE-4.3:atomic-openshift-service-idler-0:4.3.5-202003020117.git.13.3ac2b0e.el7.src",
"7Server-RH7-RHOSE-4.3:atomic-openshift-service-idler-0:4.3.5-202003020117.git.13.3ac2b0e.el7.x86_64",
"7Server-RH7-RHOSE-4.3:cri-tools-0:1.17.0-1.el7.src",
"7Server-RH7-RHOSE-4.3:cri-tools-0:1.17.0-1.el7.x86_64",
"7Server-RH7-RHOSE-4.3:cri-tools-debuginfo-0:1.17.0-1.el7.x86_64",
"7Server-RH7-RHOSE-4.3:jenkins-2-plugins-0:4.3.1583445947-1.el7.noarch",
"7Server-RH7-RHOSE-4.3:jenkins-2-plugins-0:4.3.1583445947-1.el7.src",
"7Server-RH7-RHOSE-4.3:openshift-0:4.3.5-202002280657.git.0.b3bfb5a.el7.src",
"7Server-RH7-RHOSE-4.3:openshift-ansible-0:4.3.5-202002280657.git.1.e4f02b3.el7.noarch",
"7Server-RH7-RHOSE-4.3:openshift-ansible-0:4.3.5-202002280657.git.1.e4f02b3.el7.src",
"7Server-RH7-RHOSE-4.3:openshift-ansible-test-0:4.3.5-202002280657.git.1.e4f02b3.el7.noarch",
"7Server-RH7-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el7.src",
"7Server-RH7-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el7.x86_64",
"7Server-RH7-RHOSE-4.3:openshift-clients-redistributable-0:4.3.5-202002280657.git.1.55a9334.el7.x86_64",
"7Server-RH7-RHOSE-4.3:openshift-hyperkube-0:4.3.5-202002280657.git.0.b3bfb5a.el7.x86_64",
"7Server-RH7-RHOSE-4.3:ovn2.12-0:2.12.0-32.el7fdn.src",
"7Server-RH7-RHOSE-4.3:ovn2.12-0:2.12.0-32.el7fdn.x86_64",
"7Server-RH7-RHOSE-4.3:ovn2.12-central-0:2.12.0-32.el7fdn.x86_64",
"7Server-RH7-RHOSE-4.3:ovn2.12-debuginfo-0:2.12.0-32.el7fdn.x86_64",
"7Server-RH7-RHOSE-4.3:ovn2.12-host-0:2.12.0-32.el7fdn.x86_64",
"7Server-RH7-RHOSE-4.3:ovn2.12-vtep-0:2.12.0-32.el7fdn.x86_64",
"8Base-RHOSE-4.3:buildah-0:1.11.6-4.el8.src",
"8Base-RHOSE-4.3:buildah-0:1.11.6-4.el8.x86_64",
"8Base-RHOSE-4.3:buildah-debuginfo-0:1.11.6-4.el8.x86_64",
"8Base-RHOSE-4.3:buildah-debugsource-0:1.11.6-4.el8.x86_64",
"8Base-RHOSE-4.3:buildah-tests-0:1.11.6-4.el8.x86_64",
"8Base-RHOSE-4.3:buildah-tests-debuginfo-0:1.11.6-4.el8.x86_64",
"8Base-RHOSE-4.3:containers-common-1:0.1.40-4.rhaos.el8.x86_64",
"8Base-RHOSE-4.3:cri-o-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.src",
"8Base-RHOSE-4.3:cri-o-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.x86_64",
"8Base-RHOSE-4.3:cri-o-debuginfo-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.x86_64",
"8Base-RHOSE-4.3:cri-o-debugsource-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.x86_64",
"8Base-RHOSE-4.3:cri-tools-0:1.17.0-2.el8.src",
"8Base-RHOSE-4.3:cri-tools-0:1.17.0-2.el8.x86_64",
"8Base-RHOSE-4.3:cri-tools-debuginfo-0:1.17.0-2.el8.x86_64",
"8Base-RHOSE-4.3:cri-tools-debugsource-0:1.17.0-2.el8.x86_64",
"8Base-RHOSE-4.3:machine-config-daemon-0:4.3.5-202003020117.git.0.61e0e48.el8.src",
"8Base-RHOSE-4.3:machine-config-daemon-0:4.3.5-202003020117.git.0.61e0e48.el8.x86_64",
"8Base-RHOSE-4.3:openshift-0:4.3.5-202002280657.git.0.b3bfb5a.el8.src",
"8Base-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el8.src",
"8Base-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el8.x86_64",
"8Base-RHOSE-4.3:openshift-clients-redistributable-0:4.3.5-202002280657.git.1.55a9334.el8.x86_64",
"8Base-RHOSE-4.3:openshift-hyperkube-0:4.3.5-202002280657.git.0.b3bfb5a.el8.x86_64",
"8Base-RHOSE-4.3:openshift-kuryr-0:4.3.5-202003020117.git.0.237579a.el8.src",
"8Base-RHOSE-4.3:openshift-kuryr-cni-0:4.3.5-202003020117.git.0.237579a.el8.noarch",
"8Base-RHOSE-4.3:openshift-kuryr-common-0:4.3.5-202003020117.git.0.237579a.el8.noarch",
"8Base-RHOSE-4.3:openshift-kuryr-controller-0:4.3.5-202003020117.git.0.237579a.el8.noarch",
"8Base-RHOSE-4.3:python3-kuryr-kubernetes-0:4.3.5-202003020117.git.0.237579a.el8.noarch",
"8Base-RHOSE-4.3:runc-0:1.0.0-65.rc10.rhaos4.3.el8.src",
"8Base-RHOSE-4.3:runc-0:1.0.0-65.rc10.rhaos4.3.el8.x86_64",
"8Base-RHOSE-4.3:runc-debuginfo-0:1.0.0-65.rc10.rhaos4.3.el8.x86_64",
"8Base-RHOSE-4.3:runc-debugsource-0:1.0.0-65.rc10.rhaos4.3.el8.x86_64",
"8Base-RHOSE-4.3:skopeo-1:0.1.40-4.rhaos.el8.src",
"8Base-RHOSE-4.3:skopeo-1:0.1.40-4.rhaos.el8.x86_64",
"8Base-RHOSE-4.3:skopeo-debuginfo-1:0.1.40-4.rhaos.el8.x86_64",
"8Base-RHOSE-4.3:skopeo-debugsource-1:0.1.40-4.rhaos.el8.x86_64",
"8Base-RHOSE-4.3:skopeo-tests-1:0.1.40-4.rhaos.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-2099"
},
{
"category": "external",
"summary": "RHBZ#1797080",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1797080"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-2099",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2099"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-2099",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-2099"
}
],
"release_date": "2020-01-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-03-10T22:10:58+00:00",
"details": "Before applying this update, ensure all previously released errata relevant\nto your system have been applied.\n\nFor OpenShift Container Platform 4.3 see the following documentation, which\nwill be updated shortly for release 4.3.5, for important instructions on\nhow to upgrade your cluster and fully apply this asynchronous errata\nupdate:\n\nhttps://docs.openshift.com/container-platform/4.3/release_notes/ocp-4-3-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.3/updating/updating-cluster-cli.html.",
"product_ids": [
"7Server-RH7-RHOSE-4.3:jenkins-0:2.204.2.1583446818-1.el7.noarch",
"7Server-RH7-RHOSE-4.3:jenkins-0:2.204.2.1583446818-1.el7.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHBA-2020:0675"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L",
"version": "3.1"
},
"products": [
"7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-1:4.3.5-202003020117.git.0.4eb885c.el7.src",
"7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-1:4.3.5-202003020117.git.0.4eb885c.el7.x86_64",
"7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-svcat-1:4.3.5-202003020117.git.0.4eb885c.el7.x86_64",
"7Server-RH7-RHOSE-4.3:atomic-openshift-service-idler-0:4.3.5-202003020117.git.13.3ac2b0e.el7.src",
"7Server-RH7-RHOSE-4.3:atomic-openshift-service-idler-0:4.3.5-202003020117.git.13.3ac2b0e.el7.x86_64",
"7Server-RH7-RHOSE-4.3:cri-tools-0:1.17.0-1.el7.src",
"7Server-RH7-RHOSE-4.3:cri-tools-0:1.17.0-1.el7.x86_64",
"7Server-RH7-RHOSE-4.3:cri-tools-debuginfo-0:1.17.0-1.el7.x86_64",
"7Server-RH7-RHOSE-4.3:jenkins-0:2.204.2.1583446818-1.el7.noarch",
"7Server-RH7-RHOSE-4.3:jenkins-0:2.204.2.1583446818-1.el7.src",
"7Server-RH7-RHOSE-4.3:jenkins-2-plugins-0:4.3.1583445947-1.el7.noarch",
"7Server-RH7-RHOSE-4.3:jenkins-2-plugins-0:4.3.1583445947-1.el7.src",
"7Server-RH7-RHOSE-4.3:openshift-0:4.3.5-202002280657.git.0.b3bfb5a.el7.src",
"7Server-RH7-RHOSE-4.3:openshift-ansible-0:4.3.5-202002280657.git.1.e4f02b3.el7.noarch",
"7Server-RH7-RHOSE-4.3:openshift-ansible-0:4.3.5-202002280657.git.1.e4f02b3.el7.src",
"7Server-RH7-RHOSE-4.3:openshift-ansible-test-0:4.3.5-202002280657.git.1.e4f02b3.el7.noarch",
"7Server-RH7-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el7.src",
"7Server-RH7-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el7.x86_64",
"7Server-RH7-RHOSE-4.3:openshift-clients-redistributable-0:4.3.5-202002280657.git.1.55a9334.el7.x86_64",
"7Server-RH7-RHOSE-4.3:openshift-hyperkube-0:4.3.5-202002280657.git.0.b3bfb5a.el7.x86_64",
"7Server-RH7-RHOSE-4.3:ovn2.12-0:2.12.0-32.el7fdn.src",
"7Server-RH7-RHOSE-4.3:ovn2.12-0:2.12.0-32.el7fdn.x86_64",
"7Server-RH7-RHOSE-4.3:ovn2.12-central-0:2.12.0-32.el7fdn.x86_64",
"7Server-RH7-RHOSE-4.3:ovn2.12-debuginfo-0:2.12.0-32.el7fdn.x86_64",
"7Server-RH7-RHOSE-4.3:ovn2.12-host-0:2.12.0-32.el7fdn.x86_64",
"7Server-RH7-RHOSE-4.3:ovn2.12-vtep-0:2.12.0-32.el7fdn.x86_64",
"8Base-RHOSE-4.3:buildah-0:1.11.6-4.el8.src",
"8Base-RHOSE-4.3:buildah-0:1.11.6-4.el8.x86_64",
"8Base-RHOSE-4.3:buildah-debuginfo-0:1.11.6-4.el8.x86_64",
"8Base-RHOSE-4.3:buildah-debugsource-0:1.11.6-4.el8.x86_64",
"8Base-RHOSE-4.3:buildah-tests-0:1.11.6-4.el8.x86_64",
"8Base-RHOSE-4.3:buildah-tests-debuginfo-0:1.11.6-4.el8.x86_64",
"8Base-RHOSE-4.3:containers-common-1:0.1.40-4.rhaos.el8.x86_64",
"8Base-RHOSE-4.3:cri-o-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.src",
"8Base-RHOSE-4.3:cri-o-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.x86_64",
"8Base-RHOSE-4.3:cri-o-debuginfo-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.x86_64",
"8Base-RHOSE-4.3:cri-o-debugsource-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.x86_64",
"8Base-RHOSE-4.3:cri-tools-0:1.17.0-2.el8.src",
"8Base-RHOSE-4.3:cri-tools-0:1.17.0-2.el8.x86_64",
"8Base-RHOSE-4.3:cri-tools-debuginfo-0:1.17.0-2.el8.x86_64",
"8Base-RHOSE-4.3:cri-tools-debugsource-0:1.17.0-2.el8.x86_64",
"8Base-RHOSE-4.3:machine-config-daemon-0:4.3.5-202003020117.git.0.61e0e48.el8.src",
"8Base-RHOSE-4.3:machine-config-daemon-0:4.3.5-202003020117.git.0.61e0e48.el8.x86_64",
"8Base-RHOSE-4.3:openshift-0:4.3.5-202002280657.git.0.b3bfb5a.el8.src",
"8Base-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el8.src",
"8Base-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el8.x86_64",
"8Base-RHOSE-4.3:openshift-clients-redistributable-0:4.3.5-202002280657.git.1.55a9334.el8.x86_64",
"8Base-RHOSE-4.3:openshift-hyperkube-0:4.3.5-202002280657.git.0.b3bfb5a.el8.x86_64",
"8Base-RHOSE-4.3:openshift-kuryr-0:4.3.5-202003020117.git.0.237579a.el8.src",
"8Base-RHOSE-4.3:openshift-kuryr-cni-0:4.3.5-202003020117.git.0.237579a.el8.noarch",
"8Base-RHOSE-4.3:openshift-kuryr-common-0:4.3.5-202003020117.git.0.237579a.el8.noarch",
"8Base-RHOSE-4.3:openshift-kuryr-controller-0:4.3.5-202003020117.git.0.237579a.el8.noarch",
"8Base-RHOSE-4.3:python3-kuryr-kubernetes-0:4.3.5-202003020117.git.0.237579a.el8.noarch",
"8Base-RHOSE-4.3:runc-0:1.0.0-65.rc10.rhaos4.3.el8.src",
"8Base-RHOSE-4.3:runc-0:1.0.0-65.rc10.rhaos4.3.el8.x86_64",
"8Base-RHOSE-4.3:runc-debuginfo-0:1.0.0-65.rc10.rhaos4.3.el8.x86_64",
"8Base-RHOSE-4.3:runc-debugsource-0:1.0.0-65.rc10.rhaos4.3.el8.x86_64",
"8Base-RHOSE-4.3:skopeo-1:0.1.40-4.rhaos.el8.src",
"8Base-RHOSE-4.3:skopeo-1:0.1.40-4.rhaos.el8.x86_64",
"8Base-RHOSE-4.3:skopeo-debuginfo-1:0.1.40-4.rhaos.el8.x86_64",
"8Base-RHOSE-4.3:skopeo-debugsource-1:0.1.40-4.rhaos.el8.x86_64",
"8Base-RHOSE-4.3:skopeo-tests-1:0.1.40-4.rhaos.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "jenkins: Inbound TCP Agent Protocol/3 authentication bypass"
},
{
"cve": "CVE-2020-2100",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2020-01-29T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-1:4.3.5-202003020117.git.0.4eb885c.el7.src",
"7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-1:4.3.5-202003020117.git.0.4eb885c.el7.x86_64",
"7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-svcat-1:4.3.5-202003020117.git.0.4eb885c.el7.x86_64",
"7Server-RH7-RHOSE-4.3:atomic-openshift-service-idler-0:4.3.5-202003020117.git.13.3ac2b0e.el7.src",
"7Server-RH7-RHOSE-4.3:atomic-openshift-service-idler-0:4.3.5-202003020117.git.13.3ac2b0e.el7.x86_64",
"7Server-RH7-RHOSE-4.3:cri-tools-0:1.17.0-1.el7.src",
"7Server-RH7-RHOSE-4.3:cri-tools-0:1.17.0-1.el7.x86_64",
"7Server-RH7-RHOSE-4.3:cri-tools-debuginfo-0:1.17.0-1.el7.x86_64",
"7Server-RH7-RHOSE-4.3:jenkins-2-plugins-0:4.3.1583445947-1.el7.noarch",
"7Server-RH7-RHOSE-4.3:jenkins-2-plugins-0:4.3.1583445947-1.el7.src",
"7Server-RH7-RHOSE-4.3:openshift-0:4.3.5-202002280657.git.0.b3bfb5a.el7.src",
"7Server-RH7-RHOSE-4.3:openshift-ansible-0:4.3.5-202002280657.git.1.e4f02b3.el7.noarch",
"7Server-RH7-RHOSE-4.3:openshift-ansible-0:4.3.5-202002280657.git.1.e4f02b3.el7.src",
"7Server-RH7-RHOSE-4.3:openshift-ansible-test-0:4.3.5-202002280657.git.1.e4f02b3.el7.noarch",
"7Server-RH7-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el7.src",
"7Server-RH7-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el7.x86_64",
"7Server-RH7-RHOSE-4.3:openshift-clients-redistributable-0:4.3.5-202002280657.git.1.55a9334.el7.x86_64",
"7Server-RH7-RHOSE-4.3:openshift-hyperkube-0:4.3.5-202002280657.git.0.b3bfb5a.el7.x86_64",
"7Server-RH7-RHOSE-4.3:ovn2.12-0:2.12.0-32.el7fdn.src",
"7Server-RH7-RHOSE-4.3:ovn2.12-0:2.12.0-32.el7fdn.x86_64",
"7Server-RH7-RHOSE-4.3:ovn2.12-central-0:2.12.0-32.el7fdn.x86_64",
"7Server-RH7-RHOSE-4.3:ovn2.12-debuginfo-0:2.12.0-32.el7fdn.x86_64",
"7Server-RH7-RHOSE-4.3:ovn2.12-host-0:2.12.0-32.el7fdn.x86_64",
"7Server-RH7-RHOSE-4.3:ovn2.12-vtep-0:2.12.0-32.el7fdn.x86_64",
"8Base-RHOSE-4.3:buildah-0:1.11.6-4.el8.src",
"8Base-RHOSE-4.3:buildah-0:1.11.6-4.el8.x86_64",
"8Base-RHOSE-4.3:buildah-debuginfo-0:1.11.6-4.el8.x86_64",
"8Base-RHOSE-4.3:buildah-debugsource-0:1.11.6-4.el8.x86_64",
"8Base-RHOSE-4.3:buildah-tests-0:1.11.6-4.el8.x86_64",
"8Base-RHOSE-4.3:buildah-tests-debuginfo-0:1.11.6-4.el8.x86_64",
"8Base-RHOSE-4.3:containers-common-1:0.1.40-4.rhaos.el8.x86_64",
"8Base-RHOSE-4.3:cri-o-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.src",
"8Base-RHOSE-4.3:cri-o-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.x86_64",
"8Base-RHOSE-4.3:cri-o-debuginfo-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.x86_64",
"8Base-RHOSE-4.3:cri-o-debugsource-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.x86_64",
"8Base-RHOSE-4.3:cri-tools-0:1.17.0-2.el8.src",
"8Base-RHOSE-4.3:cri-tools-0:1.17.0-2.el8.x86_64",
"8Base-RHOSE-4.3:cri-tools-debuginfo-0:1.17.0-2.el8.x86_64",
"8Base-RHOSE-4.3:cri-tools-debugsource-0:1.17.0-2.el8.x86_64",
"8Base-RHOSE-4.3:machine-config-daemon-0:4.3.5-202003020117.git.0.61e0e48.el8.src",
"8Base-RHOSE-4.3:machine-config-daemon-0:4.3.5-202003020117.git.0.61e0e48.el8.x86_64",
"8Base-RHOSE-4.3:openshift-0:4.3.5-202002280657.git.0.b3bfb5a.el8.src",
"8Base-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el8.src",
"8Base-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el8.x86_64",
"8Base-RHOSE-4.3:openshift-clients-redistributable-0:4.3.5-202002280657.git.1.55a9334.el8.x86_64",
"8Base-RHOSE-4.3:openshift-hyperkube-0:4.3.5-202002280657.git.0.b3bfb5a.el8.x86_64",
"8Base-RHOSE-4.3:openshift-kuryr-0:4.3.5-202003020117.git.0.237579a.el8.src",
"8Base-RHOSE-4.3:openshift-kuryr-cni-0:4.3.5-202003020117.git.0.237579a.el8.noarch",
"8Base-RHOSE-4.3:openshift-kuryr-common-0:4.3.5-202003020117.git.0.237579a.el8.noarch",
"8Base-RHOSE-4.3:openshift-kuryr-controller-0:4.3.5-202003020117.git.0.237579a.el8.noarch",
"8Base-RHOSE-4.3:python3-kuryr-kubernetes-0:4.3.5-202003020117.git.0.237579a.el8.noarch",
"8Base-RHOSE-4.3:runc-0:1.0.0-65.rc10.rhaos4.3.el8.src",
"8Base-RHOSE-4.3:runc-0:1.0.0-65.rc10.rhaos4.3.el8.x86_64",
"8Base-RHOSE-4.3:runc-debuginfo-0:1.0.0-65.rc10.rhaos4.3.el8.x86_64",
"8Base-RHOSE-4.3:runc-debugsource-0:1.0.0-65.rc10.rhaos4.3.el8.x86_64",
"8Base-RHOSE-4.3:skopeo-1:0.1.40-4.rhaos.el8.src",
"8Base-RHOSE-4.3:skopeo-1:0.1.40-4.rhaos.el8.x86_64",
"8Base-RHOSE-4.3:skopeo-debuginfo-1:0.1.40-4.rhaos.el8.x86_64",
"8Base-RHOSE-4.3:skopeo-debugsource-1:0.1.40-4.rhaos.el8.x86_64",
"8Base-RHOSE-4.3:skopeo-tests-1:0.1.40-4.rhaos.el8.x86_64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1797087"
}
],
"notes": [
{
"category": "description",
"text": "Jenkins 2.218 and earlier, LTS 2.204.1 and earlier was vulnerable to a UDP amplification reflection denial of service attack on port 33848.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jenkins: UDP multicast/broadcast service amplification reflection attack",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RH7-RHOSE-4.3:jenkins-0:2.204.2.1583446818-1.el7.noarch",
"7Server-RH7-RHOSE-4.3:jenkins-0:2.204.2.1583446818-1.el7.src"
],
"known_not_affected": [
"7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-1:4.3.5-202003020117.git.0.4eb885c.el7.src",
"7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-1:4.3.5-202003020117.git.0.4eb885c.el7.x86_64",
"7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-svcat-1:4.3.5-202003020117.git.0.4eb885c.el7.x86_64",
"7Server-RH7-RHOSE-4.3:atomic-openshift-service-idler-0:4.3.5-202003020117.git.13.3ac2b0e.el7.src",
"7Server-RH7-RHOSE-4.3:atomic-openshift-service-idler-0:4.3.5-202003020117.git.13.3ac2b0e.el7.x86_64",
"7Server-RH7-RHOSE-4.3:cri-tools-0:1.17.0-1.el7.src",
"7Server-RH7-RHOSE-4.3:cri-tools-0:1.17.0-1.el7.x86_64",
"7Server-RH7-RHOSE-4.3:cri-tools-debuginfo-0:1.17.0-1.el7.x86_64",
"7Server-RH7-RHOSE-4.3:jenkins-2-plugins-0:4.3.1583445947-1.el7.noarch",
"7Server-RH7-RHOSE-4.3:jenkins-2-plugins-0:4.3.1583445947-1.el7.src",
"7Server-RH7-RHOSE-4.3:openshift-0:4.3.5-202002280657.git.0.b3bfb5a.el7.src",
"7Server-RH7-RHOSE-4.3:openshift-ansible-0:4.3.5-202002280657.git.1.e4f02b3.el7.noarch",
"7Server-RH7-RHOSE-4.3:openshift-ansible-0:4.3.5-202002280657.git.1.e4f02b3.el7.src",
"7Server-RH7-RHOSE-4.3:openshift-ansible-test-0:4.3.5-202002280657.git.1.e4f02b3.el7.noarch",
"7Server-RH7-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el7.src",
"7Server-RH7-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el7.x86_64",
"7Server-RH7-RHOSE-4.3:openshift-clients-redistributable-0:4.3.5-202002280657.git.1.55a9334.el7.x86_64",
"7Server-RH7-RHOSE-4.3:openshift-hyperkube-0:4.3.5-202002280657.git.0.b3bfb5a.el7.x86_64",
"7Server-RH7-RHOSE-4.3:ovn2.12-0:2.12.0-32.el7fdn.src",
"7Server-RH7-RHOSE-4.3:ovn2.12-0:2.12.0-32.el7fdn.x86_64",
"7Server-RH7-RHOSE-4.3:ovn2.12-central-0:2.12.0-32.el7fdn.x86_64",
"7Server-RH7-RHOSE-4.3:ovn2.12-debuginfo-0:2.12.0-32.el7fdn.x86_64",
"7Server-RH7-RHOSE-4.3:ovn2.12-host-0:2.12.0-32.el7fdn.x86_64",
"7Server-RH7-RHOSE-4.3:ovn2.12-vtep-0:2.12.0-32.el7fdn.x86_64",
"8Base-RHOSE-4.3:buildah-0:1.11.6-4.el8.src",
"8Base-RHOSE-4.3:buildah-0:1.11.6-4.el8.x86_64",
"8Base-RHOSE-4.3:buildah-debuginfo-0:1.11.6-4.el8.x86_64",
"8Base-RHOSE-4.3:buildah-debugsource-0:1.11.6-4.el8.x86_64",
"8Base-RHOSE-4.3:buildah-tests-0:1.11.6-4.el8.x86_64",
"8Base-RHOSE-4.3:buildah-tests-debuginfo-0:1.11.6-4.el8.x86_64",
"8Base-RHOSE-4.3:containers-common-1:0.1.40-4.rhaos.el8.x86_64",
"8Base-RHOSE-4.3:cri-o-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.src",
"8Base-RHOSE-4.3:cri-o-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.x86_64",
"8Base-RHOSE-4.3:cri-o-debuginfo-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.x86_64",
"8Base-RHOSE-4.3:cri-o-debugsource-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.x86_64",
"8Base-RHOSE-4.3:cri-tools-0:1.17.0-2.el8.src",
"8Base-RHOSE-4.3:cri-tools-0:1.17.0-2.el8.x86_64",
"8Base-RHOSE-4.3:cri-tools-debuginfo-0:1.17.0-2.el8.x86_64",
"8Base-RHOSE-4.3:cri-tools-debugsource-0:1.17.0-2.el8.x86_64",
"8Base-RHOSE-4.3:machine-config-daemon-0:4.3.5-202003020117.git.0.61e0e48.el8.src",
"8Base-RHOSE-4.3:machine-config-daemon-0:4.3.5-202003020117.git.0.61e0e48.el8.x86_64",
"8Base-RHOSE-4.3:openshift-0:4.3.5-202002280657.git.0.b3bfb5a.el8.src",
"8Base-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el8.src",
"8Base-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el8.x86_64",
"8Base-RHOSE-4.3:openshift-clients-redistributable-0:4.3.5-202002280657.git.1.55a9334.el8.x86_64",
"8Base-RHOSE-4.3:openshift-hyperkube-0:4.3.5-202002280657.git.0.b3bfb5a.el8.x86_64",
"8Base-RHOSE-4.3:openshift-kuryr-0:4.3.5-202003020117.git.0.237579a.el8.src",
"8Base-RHOSE-4.3:openshift-kuryr-cni-0:4.3.5-202003020117.git.0.237579a.el8.noarch",
"8Base-RHOSE-4.3:openshift-kuryr-common-0:4.3.5-202003020117.git.0.237579a.el8.noarch",
"8Base-RHOSE-4.3:openshift-kuryr-controller-0:4.3.5-202003020117.git.0.237579a.el8.noarch",
"8Base-RHOSE-4.3:python3-kuryr-kubernetes-0:4.3.5-202003020117.git.0.237579a.el8.noarch",
"8Base-RHOSE-4.3:runc-0:1.0.0-65.rc10.rhaos4.3.el8.src",
"8Base-RHOSE-4.3:runc-0:1.0.0-65.rc10.rhaos4.3.el8.x86_64",
"8Base-RHOSE-4.3:runc-debuginfo-0:1.0.0-65.rc10.rhaos4.3.el8.x86_64",
"8Base-RHOSE-4.3:runc-debugsource-0:1.0.0-65.rc10.rhaos4.3.el8.x86_64",
"8Base-RHOSE-4.3:skopeo-1:0.1.40-4.rhaos.el8.src",
"8Base-RHOSE-4.3:skopeo-1:0.1.40-4.rhaos.el8.x86_64",
"8Base-RHOSE-4.3:skopeo-debuginfo-1:0.1.40-4.rhaos.el8.x86_64",
"8Base-RHOSE-4.3:skopeo-debugsource-1:0.1.40-4.rhaos.el8.x86_64",
"8Base-RHOSE-4.3:skopeo-tests-1:0.1.40-4.rhaos.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-2100"
},
{
"category": "external",
"summary": "RHBZ#1797087",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1797087"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-2100",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2100"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-2100",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-2100"
}
],
"release_date": "2020-01-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-03-10T22:10:58+00:00",
"details": "Before applying this update, ensure all previously released errata relevant\nto your system have been applied.\n\nFor OpenShift Container Platform 4.3 see the following documentation, which\nwill be updated shortly for release 4.3.5, for important instructions on\nhow to upgrade your cluster and fully apply this asynchronous errata\nupdate:\n\nhttps://docs.openshift.com/container-platform/4.3/release_notes/ocp-4-3-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.3/updating/updating-cluster-cli.html.",
"product_ids": [
"7Server-RH7-RHOSE-4.3:jenkins-0:2.204.2.1583446818-1.el7.noarch",
"7Server-RH7-RHOSE-4.3:jenkins-0:2.204.2.1583446818-1.el7.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHBA-2020:0675"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-1:4.3.5-202003020117.git.0.4eb885c.el7.src",
"7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-1:4.3.5-202003020117.git.0.4eb885c.el7.x86_64",
"7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-svcat-1:4.3.5-202003020117.git.0.4eb885c.el7.x86_64",
"7Server-RH7-RHOSE-4.3:atomic-openshift-service-idler-0:4.3.5-202003020117.git.13.3ac2b0e.el7.src",
"7Server-RH7-RHOSE-4.3:atomic-openshift-service-idler-0:4.3.5-202003020117.git.13.3ac2b0e.el7.x86_64",
"7Server-RH7-RHOSE-4.3:cri-tools-0:1.17.0-1.el7.src",
"7Server-RH7-RHOSE-4.3:cri-tools-0:1.17.0-1.el7.x86_64",
"7Server-RH7-RHOSE-4.3:cri-tools-debuginfo-0:1.17.0-1.el7.x86_64",
"7Server-RH7-RHOSE-4.3:jenkins-0:2.204.2.1583446818-1.el7.noarch",
"7Server-RH7-RHOSE-4.3:jenkins-0:2.204.2.1583446818-1.el7.src",
"7Server-RH7-RHOSE-4.3:jenkins-2-plugins-0:4.3.1583445947-1.el7.noarch",
"7Server-RH7-RHOSE-4.3:jenkins-2-plugins-0:4.3.1583445947-1.el7.src",
"7Server-RH7-RHOSE-4.3:openshift-0:4.3.5-202002280657.git.0.b3bfb5a.el7.src",
"7Server-RH7-RHOSE-4.3:openshift-ansible-0:4.3.5-202002280657.git.1.e4f02b3.el7.noarch",
"7Server-RH7-RHOSE-4.3:openshift-ansible-0:4.3.5-202002280657.git.1.e4f02b3.el7.src",
"7Server-RH7-RHOSE-4.3:openshift-ansible-test-0:4.3.5-202002280657.git.1.e4f02b3.el7.noarch",
"7Server-RH7-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el7.src",
"7Server-RH7-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el7.x86_64",
"7Server-RH7-RHOSE-4.3:openshift-clients-redistributable-0:4.3.5-202002280657.git.1.55a9334.el7.x86_64",
"7Server-RH7-RHOSE-4.3:openshift-hyperkube-0:4.3.5-202002280657.git.0.b3bfb5a.el7.x86_64",
"7Server-RH7-RHOSE-4.3:ovn2.12-0:2.12.0-32.el7fdn.src",
"7Server-RH7-RHOSE-4.3:ovn2.12-0:2.12.0-32.el7fdn.x86_64",
"7Server-RH7-RHOSE-4.3:ovn2.12-central-0:2.12.0-32.el7fdn.x86_64",
"7Server-RH7-RHOSE-4.3:ovn2.12-debuginfo-0:2.12.0-32.el7fdn.x86_64",
"7Server-RH7-RHOSE-4.3:ovn2.12-host-0:2.12.0-32.el7fdn.x86_64",
"7Server-RH7-RHOSE-4.3:ovn2.12-vtep-0:2.12.0-32.el7fdn.x86_64",
"8Base-RHOSE-4.3:buildah-0:1.11.6-4.el8.src",
"8Base-RHOSE-4.3:buildah-0:1.11.6-4.el8.x86_64",
"8Base-RHOSE-4.3:buildah-debuginfo-0:1.11.6-4.el8.x86_64",
"8Base-RHOSE-4.3:buildah-debugsource-0:1.11.6-4.el8.x86_64",
"8Base-RHOSE-4.3:buildah-tests-0:1.11.6-4.el8.x86_64",
"8Base-RHOSE-4.3:buildah-tests-debuginfo-0:1.11.6-4.el8.x86_64",
"8Base-RHOSE-4.3:containers-common-1:0.1.40-4.rhaos.el8.x86_64",
"8Base-RHOSE-4.3:cri-o-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.src",
"8Base-RHOSE-4.3:cri-o-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.x86_64",
"8Base-RHOSE-4.3:cri-o-debuginfo-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.x86_64",
"8Base-RHOSE-4.3:cri-o-debugsource-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.x86_64",
"8Base-RHOSE-4.3:cri-tools-0:1.17.0-2.el8.src",
"8Base-RHOSE-4.3:cri-tools-0:1.17.0-2.el8.x86_64",
"8Base-RHOSE-4.3:cri-tools-debuginfo-0:1.17.0-2.el8.x86_64",
"8Base-RHOSE-4.3:cri-tools-debugsource-0:1.17.0-2.el8.x86_64",
"8Base-RHOSE-4.3:machine-config-daemon-0:4.3.5-202003020117.git.0.61e0e48.el8.src",
"8Base-RHOSE-4.3:machine-config-daemon-0:4.3.5-202003020117.git.0.61e0e48.el8.x86_64",
"8Base-RHOSE-4.3:openshift-0:4.3.5-202002280657.git.0.b3bfb5a.el8.src",
"8Base-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el8.src",
"8Base-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el8.x86_64",
"8Base-RHOSE-4.3:openshift-clients-redistributable-0:4.3.5-202002280657.git.1.55a9334.el8.x86_64",
"8Base-RHOSE-4.3:openshift-hyperkube-0:4.3.5-202002280657.git.0.b3bfb5a.el8.x86_64",
"8Base-RHOSE-4.3:openshift-kuryr-0:4.3.5-202003020117.git.0.237579a.el8.src",
"8Base-RHOSE-4.3:openshift-kuryr-cni-0:4.3.5-202003020117.git.0.237579a.el8.noarch",
"8Base-RHOSE-4.3:openshift-kuryr-common-0:4.3.5-202003020117.git.0.237579a.el8.noarch",
"8Base-RHOSE-4.3:openshift-kuryr-controller-0:4.3.5-202003020117.git.0.237579a.el8.noarch",
"8Base-RHOSE-4.3:python3-kuryr-kubernetes-0:4.3.5-202003020117.git.0.237579a.el8.noarch",
"8Base-RHOSE-4.3:runc-0:1.0.0-65.rc10.rhaos4.3.el8.src",
"8Base-RHOSE-4.3:runc-0:1.0.0-65.rc10.rhaos4.3.el8.x86_64",
"8Base-RHOSE-4.3:runc-debuginfo-0:1.0.0-65.rc10.rhaos4.3.el8.x86_64",
"8Base-RHOSE-4.3:runc-debugsource-0:1.0.0-65.rc10.rhaos4.3.el8.x86_64",
"8Base-RHOSE-4.3:skopeo-1:0.1.40-4.rhaos.el8.src",
"8Base-RHOSE-4.3:skopeo-1:0.1.40-4.rhaos.el8.x86_64",
"8Base-RHOSE-4.3:skopeo-debuginfo-1:0.1.40-4.rhaos.el8.x86_64",
"8Base-RHOSE-4.3:skopeo-debugsource-1:0.1.40-4.rhaos.el8.x86_64",
"8Base-RHOSE-4.3:skopeo-tests-1:0.1.40-4.rhaos.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jenkins: UDP multicast/broadcast service amplification reflection attack"
},
{
"cve": "CVE-2020-2101",
"cwe": {
"id": "CWE-385",
"name": "Covert Timing Channel"
},
"discovery_date": "2020-01-29T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-1:4.3.5-202003020117.git.0.4eb885c.el7.src",
"7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-1:4.3.5-202003020117.git.0.4eb885c.el7.x86_64",
"7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-svcat-1:4.3.5-202003020117.git.0.4eb885c.el7.x86_64",
"7Server-RH7-RHOSE-4.3:atomic-openshift-service-idler-0:4.3.5-202003020117.git.13.3ac2b0e.el7.src",
"7Server-RH7-RHOSE-4.3:atomic-openshift-service-idler-0:4.3.5-202003020117.git.13.3ac2b0e.el7.x86_64",
"7Server-RH7-RHOSE-4.3:cri-tools-0:1.17.0-1.el7.src",
"7Server-RH7-RHOSE-4.3:cri-tools-0:1.17.0-1.el7.x86_64",
"7Server-RH7-RHOSE-4.3:cri-tools-debuginfo-0:1.17.0-1.el7.x86_64",
"7Server-RH7-RHOSE-4.3:jenkins-2-plugins-0:4.3.1583445947-1.el7.noarch",
"7Server-RH7-RHOSE-4.3:jenkins-2-plugins-0:4.3.1583445947-1.el7.src",
"7Server-RH7-RHOSE-4.3:openshift-0:4.3.5-202002280657.git.0.b3bfb5a.el7.src",
"7Server-RH7-RHOSE-4.3:openshift-ansible-0:4.3.5-202002280657.git.1.e4f02b3.el7.noarch",
"7Server-RH7-RHOSE-4.3:openshift-ansible-0:4.3.5-202002280657.git.1.e4f02b3.el7.src",
"7Server-RH7-RHOSE-4.3:openshift-ansible-test-0:4.3.5-202002280657.git.1.e4f02b3.el7.noarch",
"7Server-RH7-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el7.src",
"7Server-RH7-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el7.x86_64",
"7Server-RH7-RHOSE-4.3:openshift-clients-redistributable-0:4.3.5-202002280657.git.1.55a9334.el7.x86_64",
"7Server-RH7-RHOSE-4.3:openshift-hyperkube-0:4.3.5-202002280657.git.0.b3bfb5a.el7.x86_64",
"7Server-RH7-RHOSE-4.3:ovn2.12-0:2.12.0-32.el7fdn.src",
"7Server-RH7-RHOSE-4.3:ovn2.12-0:2.12.0-32.el7fdn.x86_64",
"7Server-RH7-RHOSE-4.3:ovn2.12-central-0:2.12.0-32.el7fdn.x86_64",
"7Server-RH7-RHOSE-4.3:ovn2.12-debuginfo-0:2.12.0-32.el7fdn.x86_64",
"7Server-RH7-RHOSE-4.3:ovn2.12-host-0:2.12.0-32.el7fdn.x86_64",
"7Server-RH7-RHOSE-4.3:ovn2.12-vtep-0:2.12.0-32.el7fdn.x86_64",
"8Base-RHOSE-4.3:buildah-0:1.11.6-4.el8.src",
"8Base-RHOSE-4.3:buildah-0:1.11.6-4.el8.x86_64",
"8Base-RHOSE-4.3:buildah-debuginfo-0:1.11.6-4.el8.x86_64",
"8Base-RHOSE-4.3:buildah-debugsource-0:1.11.6-4.el8.x86_64",
"8Base-RHOSE-4.3:buildah-tests-0:1.11.6-4.el8.x86_64",
"8Base-RHOSE-4.3:buildah-tests-debuginfo-0:1.11.6-4.el8.x86_64",
"8Base-RHOSE-4.3:containers-common-1:0.1.40-4.rhaos.el8.x86_64",
"8Base-RHOSE-4.3:cri-o-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.src",
"8Base-RHOSE-4.3:cri-o-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.x86_64",
"8Base-RHOSE-4.3:cri-o-debuginfo-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.x86_64",
"8Base-RHOSE-4.3:cri-o-debugsource-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.x86_64",
"8Base-RHOSE-4.3:cri-tools-0:1.17.0-2.el8.src",
"8Base-RHOSE-4.3:cri-tools-0:1.17.0-2.el8.x86_64",
"8Base-RHOSE-4.3:cri-tools-debuginfo-0:1.17.0-2.el8.x86_64",
"8Base-RHOSE-4.3:cri-tools-debugsource-0:1.17.0-2.el8.x86_64",
"8Base-RHOSE-4.3:machine-config-daemon-0:4.3.5-202003020117.git.0.61e0e48.el8.src",
"8Base-RHOSE-4.3:machine-config-daemon-0:4.3.5-202003020117.git.0.61e0e48.el8.x86_64",
"8Base-RHOSE-4.3:openshift-0:4.3.5-202002280657.git.0.b3bfb5a.el8.src",
"8Base-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el8.src",
"8Base-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el8.x86_64",
"8Base-RHOSE-4.3:openshift-clients-redistributable-0:4.3.5-202002280657.git.1.55a9334.el8.x86_64",
"8Base-RHOSE-4.3:openshift-hyperkube-0:4.3.5-202002280657.git.0.b3bfb5a.el8.x86_64",
"8Base-RHOSE-4.3:openshift-kuryr-0:4.3.5-202003020117.git.0.237579a.el8.src",
"8Base-RHOSE-4.3:openshift-kuryr-cni-0:4.3.5-202003020117.git.0.237579a.el8.noarch",
"8Base-RHOSE-4.3:openshift-kuryr-common-0:4.3.5-202003020117.git.0.237579a.el8.noarch",
"8Base-RHOSE-4.3:openshift-kuryr-controller-0:4.3.5-202003020117.git.0.237579a.el8.noarch",
"8Base-RHOSE-4.3:python3-kuryr-kubernetes-0:4.3.5-202003020117.git.0.237579a.el8.noarch",
"8Base-RHOSE-4.3:runc-0:1.0.0-65.rc10.rhaos4.3.el8.src",
"8Base-RHOSE-4.3:runc-0:1.0.0-65.rc10.rhaos4.3.el8.x86_64",
"8Base-RHOSE-4.3:runc-debuginfo-0:1.0.0-65.rc10.rhaos4.3.el8.x86_64",
"8Base-RHOSE-4.3:runc-debugsource-0:1.0.0-65.rc10.rhaos4.3.el8.x86_64",
"8Base-RHOSE-4.3:skopeo-1:0.1.40-4.rhaos.el8.src",
"8Base-RHOSE-4.3:skopeo-1:0.1.40-4.rhaos.el8.x86_64",
"8Base-RHOSE-4.3:skopeo-debuginfo-1:0.1.40-4.rhaos.el8.x86_64",
"8Base-RHOSE-4.3:skopeo-debugsource-1:0.1.40-4.rhaos.el8.x86_64",
"8Base-RHOSE-4.3:skopeo-tests-1:0.1.40-4.rhaos.el8.x86_64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1797084"
}
],
"notes": [
{
"category": "description",
"text": "Jenkins 2.218 and earlier, LTS 2.204.1 and earlier did not use a constant-time comparison function for validating connection secrets, which could potentially allow an attacker to use a timing attack to obtain this secret.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jenkins: Non-constant time comparison of inbound TCP agent connection secret",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RH7-RHOSE-4.3:jenkins-0:2.204.2.1583446818-1.el7.noarch",
"7Server-RH7-RHOSE-4.3:jenkins-0:2.204.2.1583446818-1.el7.src"
],
"known_not_affected": [
"7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-1:4.3.5-202003020117.git.0.4eb885c.el7.src",
"7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-1:4.3.5-202003020117.git.0.4eb885c.el7.x86_64",
"7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-svcat-1:4.3.5-202003020117.git.0.4eb885c.el7.x86_64",
"7Server-RH7-RHOSE-4.3:atomic-openshift-service-idler-0:4.3.5-202003020117.git.13.3ac2b0e.el7.src",
"7Server-RH7-RHOSE-4.3:atomic-openshift-service-idler-0:4.3.5-202003020117.git.13.3ac2b0e.el7.x86_64",
"7Server-RH7-RHOSE-4.3:cri-tools-0:1.17.0-1.el7.src",
"7Server-RH7-RHOSE-4.3:cri-tools-0:1.17.0-1.el7.x86_64",
"7Server-RH7-RHOSE-4.3:cri-tools-debuginfo-0:1.17.0-1.el7.x86_64",
"7Server-RH7-RHOSE-4.3:jenkins-2-plugins-0:4.3.1583445947-1.el7.noarch",
"7Server-RH7-RHOSE-4.3:jenkins-2-plugins-0:4.3.1583445947-1.el7.src",
"7Server-RH7-RHOSE-4.3:openshift-0:4.3.5-202002280657.git.0.b3bfb5a.el7.src",
"7Server-RH7-RHOSE-4.3:openshift-ansible-0:4.3.5-202002280657.git.1.e4f02b3.el7.noarch",
"7Server-RH7-RHOSE-4.3:openshift-ansible-0:4.3.5-202002280657.git.1.e4f02b3.el7.src",
"7Server-RH7-RHOSE-4.3:openshift-ansible-test-0:4.3.5-202002280657.git.1.e4f02b3.el7.noarch",
"7Server-RH7-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el7.src",
"7Server-RH7-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el7.x86_64",
"7Server-RH7-RHOSE-4.3:openshift-clients-redistributable-0:4.3.5-202002280657.git.1.55a9334.el7.x86_64",
"7Server-RH7-RHOSE-4.3:openshift-hyperkube-0:4.3.5-202002280657.git.0.b3bfb5a.el7.x86_64",
"7Server-RH7-RHOSE-4.3:ovn2.12-0:2.12.0-32.el7fdn.src",
"7Server-RH7-RHOSE-4.3:ovn2.12-0:2.12.0-32.el7fdn.x86_64",
"7Server-RH7-RHOSE-4.3:ovn2.12-central-0:2.12.0-32.el7fdn.x86_64",
"7Server-RH7-RHOSE-4.3:ovn2.12-debuginfo-0:2.12.0-32.el7fdn.x86_64",
"7Server-RH7-RHOSE-4.3:ovn2.12-host-0:2.12.0-32.el7fdn.x86_64",
"7Server-RH7-RHOSE-4.3:ovn2.12-vtep-0:2.12.0-32.el7fdn.x86_64",
"8Base-RHOSE-4.3:buildah-0:1.11.6-4.el8.src",
"8Base-RHOSE-4.3:buildah-0:1.11.6-4.el8.x86_64",
"8Base-RHOSE-4.3:buildah-debuginfo-0:1.11.6-4.el8.x86_64",
"8Base-RHOSE-4.3:buildah-debugsource-0:1.11.6-4.el8.x86_64",
"8Base-RHOSE-4.3:buildah-tests-0:1.11.6-4.el8.x86_64",
"8Base-RHOSE-4.3:buildah-tests-debuginfo-0:1.11.6-4.el8.x86_64",
"8Base-RHOSE-4.3:containers-common-1:0.1.40-4.rhaos.el8.x86_64",
"8Base-RHOSE-4.3:cri-o-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.src",
"8Base-RHOSE-4.3:cri-o-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.x86_64",
"8Base-RHOSE-4.3:cri-o-debuginfo-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.x86_64",
"8Base-RHOSE-4.3:cri-o-debugsource-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.x86_64",
"8Base-RHOSE-4.3:cri-tools-0:1.17.0-2.el8.src",
"8Base-RHOSE-4.3:cri-tools-0:1.17.0-2.el8.x86_64",
"8Base-RHOSE-4.3:cri-tools-debuginfo-0:1.17.0-2.el8.x86_64",
"8Base-RHOSE-4.3:cri-tools-debugsource-0:1.17.0-2.el8.x86_64",
"8Base-RHOSE-4.3:machine-config-daemon-0:4.3.5-202003020117.git.0.61e0e48.el8.src",
"8Base-RHOSE-4.3:machine-config-daemon-0:4.3.5-202003020117.git.0.61e0e48.el8.x86_64",
"8Base-RHOSE-4.3:openshift-0:4.3.5-202002280657.git.0.b3bfb5a.el8.src",
"8Base-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el8.src",
"8Base-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el8.x86_64",
"8Base-RHOSE-4.3:openshift-clients-redistributable-0:4.3.5-202002280657.git.1.55a9334.el8.x86_64",
"8Base-RHOSE-4.3:openshift-hyperkube-0:4.3.5-202002280657.git.0.b3bfb5a.el8.x86_64",
"8Base-RHOSE-4.3:openshift-kuryr-0:4.3.5-202003020117.git.0.237579a.el8.src",
"8Base-RHOSE-4.3:openshift-kuryr-cni-0:4.3.5-202003020117.git.0.237579a.el8.noarch",
"8Base-RHOSE-4.3:openshift-kuryr-common-0:4.3.5-202003020117.git.0.237579a.el8.noarch",
"8Base-RHOSE-4.3:openshift-kuryr-controller-0:4.3.5-202003020117.git.0.237579a.el8.noarch",
"8Base-RHOSE-4.3:python3-kuryr-kubernetes-0:4.3.5-202003020117.git.0.237579a.el8.noarch",
"8Base-RHOSE-4.3:runc-0:1.0.0-65.rc10.rhaos4.3.el8.src",
"8Base-RHOSE-4.3:runc-0:1.0.0-65.rc10.rhaos4.3.el8.x86_64",
"8Base-RHOSE-4.3:runc-debuginfo-0:1.0.0-65.rc10.rhaos4.3.el8.x86_64",
"8Base-RHOSE-4.3:runc-debugsource-0:1.0.0-65.rc10.rhaos4.3.el8.x86_64",
"8Base-RHOSE-4.3:skopeo-1:0.1.40-4.rhaos.el8.src",
"8Base-RHOSE-4.3:skopeo-1:0.1.40-4.rhaos.el8.x86_64",
"8Base-RHOSE-4.3:skopeo-debuginfo-1:0.1.40-4.rhaos.el8.x86_64",
"8Base-RHOSE-4.3:skopeo-debugsource-1:0.1.40-4.rhaos.el8.x86_64",
"8Base-RHOSE-4.3:skopeo-tests-1:0.1.40-4.rhaos.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-2101"
},
{
"category": "external",
"summary": "RHBZ#1797084",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1797084"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-2101",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2101"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-2101",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-2101"
}
],
"release_date": "2020-01-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-03-10T22:10:58+00:00",
"details": "Before applying this update, ensure all previously released errata relevant\nto your system have been applied.\n\nFor OpenShift Container Platform 4.3 see the following documentation, which\nwill be updated shortly for release 4.3.5, for important instructions on\nhow to upgrade your cluster and fully apply this asynchronous errata\nupdate:\n\nhttps://docs.openshift.com/container-platform/4.3/release_notes/ocp-4-3-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.3/updating/updating-cluster-cli.html.",
"product_ids": [
"7Server-RH7-RHOSE-4.3:jenkins-0:2.204.2.1583446818-1.el7.noarch",
"7Server-RH7-RHOSE-4.3:jenkins-0:2.204.2.1583446818-1.el7.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHBA-2020:0675"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-1:4.3.5-202003020117.git.0.4eb885c.el7.src",
"7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-1:4.3.5-202003020117.git.0.4eb885c.el7.x86_64",
"7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-svcat-1:4.3.5-202003020117.git.0.4eb885c.el7.x86_64",
"7Server-RH7-RHOSE-4.3:atomic-openshift-service-idler-0:4.3.5-202003020117.git.13.3ac2b0e.el7.src",
"7Server-RH7-RHOSE-4.3:atomic-openshift-service-idler-0:4.3.5-202003020117.git.13.3ac2b0e.el7.x86_64",
"7Server-RH7-RHOSE-4.3:cri-tools-0:1.17.0-1.el7.src",
"7Server-RH7-RHOSE-4.3:cri-tools-0:1.17.0-1.el7.x86_64",
"7Server-RH7-RHOSE-4.3:cri-tools-debuginfo-0:1.17.0-1.el7.x86_64",
"7Server-RH7-RHOSE-4.3:jenkins-0:2.204.2.1583446818-1.el7.noarch",
"7Server-RH7-RHOSE-4.3:jenkins-0:2.204.2.1583446818-1.el7.src",
"7Server-RH7-RHOSE-4.3:jenkins-2-plugins-0:4.3.1583445947-1.el7.noarch",
"7Server-RH7-RHOSE-4.3:jenkins-2-plugins-0:4.3.1583445947-1.el7.src",
"7Server-RH7-RHOSE-4.3:openshift-0:4.3.5-202002280657.git.0.b3bfb5a.el7.src",
"7Server-RH7-RHOSE-4.3:openshift-ansible-0:4.3.5-202002280657.git.1.e4f02b3.el7.noarch",
"7Server-RH7-RHOSE-4.3:openshift-ansible-0:4.3.5-202002280657.git.1.e4f02b3.el7.src",
"7Server-RH7-RHOSE-4.3:openshift-ansible-test-0:4.3.5-202002280657.git.1.e4f02b3.el7.noarch",
"7Server-RH7-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el7.src",
"7Server-RH7-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el7.x86_64",
"7Server-RH7-RHOSE-4.3:openshift-clients-redistributable-0:4.3.5-202002280657.git.1.55a9334.el7.x86_64",
"7Server-RH7-RHOSE-4.3:openshift-hyperkube-0:4.3.5-202002280657.git.0.b3bfb5a.el7.x86_64",
"7Server-RH7-RHOSE-4.3:ovn2.12-0:2.12.0-32.el7fdn.src",
"7Server-RH7-RHOSE-4.3:ovn2.12-0:2.12.0-32.el7fdn.x86_64",
"7Server-RH7-RHOSE-4.3:ovn2.12-central-0:2.12.0-32.el7fdn.x86_64",
"7Server-RH7-RHOSE-4.3:ovn2.12-debuginfo-0:2.12.0-32.el7fdn.x86_64",
"7Server-RH7-RHOSE-4.3:ovn2.12-host-0:2.12.0-32.el7fdn.x86_64",
"7Server-RH7-RHOSE-4.3:ovn2.12-vtep-0:2.12.0-32.el7fdn.x86_64",
"8Base-RHOSE-4.3:buildah-0:1.11.6-4.el8.src",
"8Base-RHOSE-4.3:buildah-0:1.11.6-4.el8.x86_64",
"8Base-RHOSE-4.3:buildah-debuginfo-0:1.11.6-4.el8.x86_64",
"8Base-RHOSE-4.3:buildah-debugsource-0:1.11.6-4.el8.x86_64",
"8Base-RHOSE-4.3:buildah-tests-0:1.11.6-4.el8.x86_64",
"8Base-RHOSE-4.3:buildah-tests-debuginfo-0:1.11.6-4.el8.x86_64",
"8Base-RHOSE-4.3:containers-common-1:0.1.40-4.rhaos.el8.x86_64",
"8Base-RHOSE-4.3:cri-o-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.src",
"8Base-RHOSE-4.3:cri-o-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.x86_64",
"8Base-RHOSE-4.3:cri-o-debuginfo-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.x86_64",
"8Base-RHOSE-4.3:cri-o-debugsource-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.x86_64",
"8Base-RHOSE-4.3:cri-tools-0:1.17.0-2.el8.src",
"8Base-RHOSE-4.3:cri-tools-0:1.17.0-2.el8.x86_64",
"8Base-RHOSE-4.3:cri-tools-debuginfo-0:1.17.0-2.el8.x86_64",
"8Base-RHOSE-4.3:cri-tools-debugsource-0:1.17.0-2.el8.x86_64",
"8Base-RHOSE-4.3:machine-config-daemon-0:4.3.5-202003020117.git.0.61e0e48.el8.src",
"8Base-RHOSE-4.3:machine-config-daemon-0:4.3.5-202003020117.git.0.61e0e48.el8.x86_64",
"8Base-RHOSE-4.3:openshift-0:4.3.5-202002280657.git.0.b3bfb5a.el8.src",
"8Base-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el8.src",
"8Base-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el8.x86_64",
"8Base-RHOSE-4.3:openshift-clients-redistributable-0:4.3.5-202002280657.git.1.55a9334.el8.x86_64",
"8Base-RHOSE-4.3:openshift-hyperkube-0:4.3.5-202002280657.git.0.b3bfb5a.el8.x86_64",
"8Base-RHOSE-4.3:openshift-kuryr-0:4.3.5-202003020117.git.0.237579a.el8.src",
"8Base-RHOSE-4.3:openshift-kuryr-cni-0:4.3.5-202003020117.git.0.237579a.el8.noarch",
"8Base-RHOSE-4.3:openshift-kuryr-common-0:4.3.5-202003020117.git.0.237579a.el8.noarch",
"8Base-RHOSE-4.3:openshift-kuryr-controller-0:4.3.5-202003020117.git.0.237579a.el8.noarch",
"8Base-RHOSE-4.3:python3-kuryr-kubernetes-0:4.3.5-202003020117.git.0.237579a.el8.noarch",
"8Base-RHOSE-4.3:runc-0:1.0.0-65.rc10.rhaos4.3.el8.src",
"8Base-RHOSE-4.3:runc-0:1.0.0-65.rc10.rhaos4.3.el8.x86_64",
"8Base-RHOSE-4.3:runc-debuginfo-0:1.0.0-65.rc10.rhaos4.3.el8.x86_64",
"8Base-RHOSE-4.3:runc-debugsource-0:1.0.0-65.rc10.rhaos4.3.el8.x86_64",
"8Base-RHOSE-4.3:skopeo-1:0.1.40-4.rhaos.el8.src",
"8Base-RHOSE-4.3:skopeo-1:0.1.40-4.rhaos.el8.x86_64",
"8Base-RHOSE-4.3:skopeo-debuginfo-1:0.1.40-4.rhaos.el8.x86_64",
"8Base-RHOSE-4.3:skopeo-debugsource-1:0.1.40-4.rhaos.el8.x86_64",
"8Base-RHOSE-4.3:skopeo-tests-1:0.1.40-4.rhaos.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jenkins: Non-constant time comparison of inbound TCP agent connection secret"
},
{
"cve": "CVE-2020-2102",
"cwe": {
"id": "CWE-385",
"name": "Covert Timing Channel"
},
"discovery_date": "2020-01-29T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-1:4.3.5-202003020117.git.0.4eb885c.el7.src",
"7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-1:4.3.5-202003020117.git.0.4eb885c.el7.x86_64",
"7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-svcat-1:4.3.5-202003020117.git.0.4eb885c.el7.x86_64",
"7Server-RH7-RHOSE-4.3:atomic-openshift-service-idler-0:4.3.5-202003020117.git.13.3ac2b0e.el7.src",
"7Server-RH7-RHOSE-4.3:atomic-openshift-service-idler-0:4.3.5-202003020117.git.13.3ac2b0e.el7.x86_64",
"7Server-RH7-RHOSE-4.3:cri-tools-0:1.17.0-1.el7.src",
"7Server-RH7-RHOSE-4.3:cri-tools-0:1.17.0-1.el7.x86_64",
"7Server-RH7-RHOSE-4.3:cri-tools-debuginfo-0:1.17.0-1.el7.x86_64",
"7Server-RH7-RHOSE-4.3:jenkins-2-plugins-0:4.3.1583445947-1.el7.noarch",
"7Server-RH7-RHOSE-4.3:jenkins-2-plugins-0:4.3.1583445947-1.el7.src",
"7Server-RH7-RHOSE-4.3:openshift-0:4.3.5-202002280657.git.0.b3bfb5a.el7.src",
"7Server-RH7-RHOSE-4.3:openshift-ansible-0:4.3.5-202002280657.git.1.e4f02b3.el7.noarch",
"7Server-RH7-RHOSE-4.3:openshift-ansible-0:4.3.5-202002280657.git.1.e4f02b3.el7.src",
"7Server-RH7-RHOSE-4.3:openshift-ansible-test-0:4.3.5-202002280657.git.1.e4f02b3.el7.noarch",
"7Server-RH7-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el7.src",
"7Server-RH7-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el7.x86_64",
"7Server-RH7-RHOSE-4.3:openshift-clients-redistributable-0:4.3.5-202002280657.git.1.55a9334.el7.x86_64",
"7Server-RH7-RHOSE-4.3:openshift-hyperkube-0:4.3.5-202002280657.git.0.b3bfb5a.el7.x86_64",
"7Server-RH7-RHOSE-4.3:ovn2.12-0:2.12.0-32.el7fdn.src",
"7Server-RH7-RHOSE-4.3:ovn2.12-0:2.12.0-32.el7fdn.x86_64",
"7Server-RH7-RHOSE-4.3:ovn2.12-central-0:2.12.0-32.el7fdn.x86_64",
"7Server-RH7-RHOSE-4.3:ovn2.12-debuginfo-0:2.12.0-32.el7fdn.x86_64",
"7Server-RH7-RHOSE-4.3:ovn2.12-host-0:2.12.0-32.el7fdn.x86_64",
"7Server-RH7-RHOSE-4.3:ovn2.12-vtep-0:2.12.0-32.el7fdn.x86_64",
"8Base-RHOSE-4.3:buildah-0:1.11.6-4.el8.src",
"8Base-RHOSE-4.3:buildah-0:1.11.6-4.el8.x86_64",
"8Base-RHOSE-4.3:buildah-debuginfo-0:1.11.6-4.el8.x86_64",
"8Base-RHOSE-4.3:buildah-debugsource-0:1.11.6-4.el8.x86_64",
"8Base-RHOSE-4.3:buildah-tests-0:1.11.6-4.el8.x86_64",
"8Base-RHOSE-4.3:buildah-tests-debuginfo-0:1.11.6-4.el8.x86_64",
"8Base-RHOSE-4.3:containers-common-1:0.1.40-4.rhaos.el8.x86_64",
"8Base-RHOSE-4.3:cri-o-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.src",
"8Base-RHOSE-4.3:cri-o-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.x86_64",
"8Base-RHOSE-4.3:cri-o-debuginfo-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.x86_64",
"8Base-RHOSE-4.3:cri-o-debugsource-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.x86_64",
"8Base-RHOSE-4.3:cri-tools-0:1.17.0-2.el8.src",
"8Base-RHOSE-4.3:cri-tools-0:1.17.0-2.el8.x86_64",
"8Base-RHOSE-4.3:cri-tools-debuginfo-0:1.17.0-2.el8.x86_64",
"8Base-RHOSE-4.3:cri-tools-debugsource-0:1.17.0-2.el8.x86_64",
"8Base-RHOSE-4.3:machine-config-daemon-0:4.3.5-202003020117.git.0.61e0e48.el8.src",
"8Base-RHOSE-4.3:machine-config-daemon-0:4.3.5-202003020117.git.0.61e0e48.el8.x86_64",
"8Base-RHOSE-4.3:openshift-0:4.3.5-202002280657.git.0.b3bfb5a.el8.src",
"8Base-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el8.src",
"8Base-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el8.x86_64",
"8Base-RHOSE-4.3:openshift-clients-redistributable-0:4.3.5-202002280657.git.1.55a9334.el8.x86_64",
"8Base-RHOSE-4.3:openshift-hyperkube-0:4.3.5-202002280657.git.0.b3bfb5a.el8.x86_64",
"8Base-RHOSE-4.3:openshift-kuryr-0:4.3.5-202003020117.git.0.237579a.el8.src",
"8Base-RHOSE-4.3:openshift-kuryr-cni-0:4.3.5-202003020117.git.0.237579a.el8.noarch",
"8Base-RHOSE-4.3:openshift-kuryr-common-0:4.3.5-202003020117.git.0.237579a.el8.noarch",
"8Base-RHOSE-4.3:openshift-kuryr-controller-0:4.3.5-202003020117.git.0.237579a.el8.noarch",
"8Base-RHOSE-4.3:python3-kuryr-kubernetes-0:4.3.5-202003020117.git.0.237579a.el8.noarch",
"8Base-RHOSE-4.3:runc-0:1.0.0-65.rc10.rhaos4.3.el8.src",
"8Base-RHOSE-4.3:runc-0:1.0.0-65.rc10.rhaos4.3.el8.x86_64",
"8Base-RHOSE-4.3:runc-debuginfo-0:1.0.0-65.rc10.rhaos4.3.el8.x86_64",
"8Base-RHOSE-4.3:runc-debugsource-0:1.0.0-65.rc10.rhaos4.3.el8.x86_64",
"8Base-RHOSE-4.3:skopeo-1:0.1.40-4.rhaos.el8.src",
"8Base-RHOSE-4.3:skopeo-1:0.1.40-4.rhaos.el8.x86_64",
"8Base-RHOSE-4.3:skopeo-debuginfo-1:0.1.40-4.rhaos.el8.x86_64",
"8Base-RHOSE-4.3:skopeo-debugsource-1:0.1.40-4.rhaos.el8.x86_64",
"8Base-RHOSE-4.3:skopeo-tests-1:0.1.40-4.rhaos.el8.x86_64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1797071"
}
],
"notes": [
{
"category": "description",
"text": "Jenkins 2.218 and earlier, LTS 2.204.1 and earlier used a non-constant time comparison function when validating an HMAC.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jenkins: Non-constant time HMAC comparison",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RH7-RHOSE-4.3:jenkins-0:2.204.2.1583446818-1.el7.noarch",
"7Server-RH7-RHOSE-4.3:jenkins-0:2.204.2.1583446818-1.el7.src"
],
"known_not_affected": [
"7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-1:4.3.5-202003020117.git.0.4eb885c.el7.src",
"7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-1:4.3.5-202003020117.git.0.4eb885c.el7.x86_64",
"7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-svcat-1:4.3.5-202003020117.git.0.4eb885c.el7.x86_64",
"7Server-RH7-RHOSE-4.3:atomic-openshift-service-idler-0:4.3.5-202003020117.git.13.3ac2b0e.el7.src",
"7Server-RH7-RHOSE-4.3:atomic-openshift-service-idler-0:4.3.5-202003020117.git.13.3ac2b0e.el7.x86_64",
"7Server-RH7-RHOSE-4.3:cri-tools-0:1.17.0-1.el7.src",
"7Server-RH7-RHOSE-4.3:cri-tools-0:1.17.0-1.el7.x86_64",
"7Server-RH7-RHOSE-4.3:cri-tools-debuginfo-0:1.17.0-1.el7.x86_64",
"7Server-RH7-RHOSE-4.3:jenkins-2-plugins-0:4.3.1583445947-1.el7.noarch",
"7Server-RH7-RHOSE-4.3:jenkins-2-plugins-0:4.3.1583445947-1.el7.src",
"7Server-RH7-RHOSE-4.3:openshift-0:4.3.5-202002280657.git.0.b3bfb5a.el7.src",
"7Server-RH7-RHOSE-4.3:openshift-ansible-0:4.3.5-202002280657.git.1.e4f02b3.el7.noarch",
"7Server-RH7-RHOSE-4.3:openshift-ansible-0:4.3.5-202002280657.git.1.e4f02b3.el7.src",
"7Server-RH7-RHOSE-4.3:openshift-ansible-test-0:4.3.5-202002280657.git.1.e4f02b3.el7.noarch",
"7Server-RH7-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el7.src",
"7Server-RH7-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el7.x86_64",
"7Server-RH7-RHOSE-4.3:openshift-clients-redistributable-0:4.3.5-202002280657.git.1.55a9334.el7.x86_64",
"7Server-RH7-RHOSE-4.3:openshift-hyperkube-0:4.3.5-202002280657.git.0.b3bfb5a.el7.x86_64",
"7Server-RH7-RHOSE-4.3:ovn2.12-0:2.12.0-32.el7fdn.src",
"7Server-RH7-RHOSE-4.3:ovn2.12-0:2.12.0-32.el7fdn.x86_64",
"7Server-RH7-RHOSE-4.3:ovn2.12-central-0:2.12.0-32.el7fdn.x86_64",
"7Server-RH7-RHOSE-4.3:ovn2.12-debuginfo-0:2.12.0-32.el7fdn.x86_64",
"7Server-RH7-RHOSE-4.3:ovn2.12-host-0:2.12.0-32.el7fdn.x86_64",
"7Server-RH7-RHOSE-4.3:ovn2.12-vtep-0:2.12.0-32.el7fdn.x86_64",
"8Base-RHOSE-4.3:buildah-0:1.11.6-4.el8.src",
"8Base-RHOSE-4.3:buildah-0:1.11.6-4.el8.x86_64",
"8Base-RHOSE-4.3:buildah-debuginfo-0:1.11.6-4.el8.x86_64",
"8Base-RHOSE-4.3:buildah-debugsource-0:1.11.6-4.el8.x86_64",
"8Base-RHOSE-4.3:buildah-tests-0:1.11.6-4.el8.x86_64",
"8Base-RHOSE-4.3:buildah-tests-debuginfo-0:1.11.6-4.el8.x86_64",
"8Base-RHOSE-4.3:containers-common-1:0.1.40-4.rhaos.el8.x86_64",
"8Base-RHOSE-4.3:cri-o-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.src",
"8Base-RHOSE-4.3:cri-o-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.x86_64",
"8Base-RHOSE-4.3:cri-o-debuginfo-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.x86_64",
"8Base-RHOSE-4.3:cri-o-debugsource-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.x86_64",
"8Base-RHOSE-4.3:cri-tools-0:1.17.0-2.el8.src",
"8Base-RHOSE-4.3:cri-tools-0:1.17.0-2.el8.x86_64",
"8Base-RHOSE-4.3:cri-tools-debuginfo-0:1.17.0-2.el8.x86_64",
"8Base-RHOSE-4.3:cri-tools-debugsource-0:1.17.0-2.el8.x86_64",
"8Base-RHOSE-4.3:machine-config-daemon-0:4.3.5-202003020117.git.0.61e0e48.el8.src",
"8Base-RHOSE-4.3:machine-config-daemon-0:4.3.5-202003020117.git.0.61e0e48.el8.x86_64",
"8Base-RHOSE-4.3:openshift-0:4.3.5-202002280657.git.0.b3bfb5a.el8.src",
"8Base-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el8.src",
"8Base-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el8.x86_64",
"8Base-RHOSE-4.3:openshift-clients-redistributable-0:4.3.5-202002280657.git.1.55a9334.el8.x86_64",
"8Base-RHOSE-4.3:openshift-hyperkube-0:4.3.5-202002280657.git.0.b3bfb5a.el8.x86_64",
"8Base-RHOSE-4.3:openshift-kuryr-0:4.3.5-202003020117.git.0.237579a.el8.src",
"8Base-RHOSE-4.3:openshift-kuryr-cni-0:4.3.5-202003020117.git.0.237579a.el8.noarch",
"8Base-RHOSE-4.3:openshift-kuryr-common-0:4.3.5-202003020117.git.0.237579a.el8.noarch",
"8Base-RHOSE-4.3:openshift-kuryr-controller-0:4.3.5-202003020117.git.0.237579a.el8.noarch",
"8Base-RHOSE-4.3:python3-kuryr-kubernetes-0:4.3.5-202003020117.git.0.237579a.el8.noarch",
"8Base-RHOSE-4.3:runc-0:1.0.0-65.rc10.rhaos4.3.el8.src",
"8Base-RHOSE-4.3:runc-0:1.0.0-65.rc10.rhaos4.3.el8.x86_64",
"8Base-RHOSE-4.3:runc-debuginfo-0:1.0.0-65.rc10.rhaos4.3.el8.x86_64",
"8Base-RHOSE-4.3:runc-debugsource-0:1.0.0-65.rc10.rhaos4.3.el8.x86_64",
"8Base-RHOSE-4.3:skopeo-1:0.1.40-4.rhaos.el8.src",
"8Base-RHOSE-4.3:skopeo-1:0.1.40-4.rhaos.el8.x86_64",
"8Base-RHOSE-4.3:skopeo-debuginfo-1:0.1.40-4.rhaos.el8.x86_64",
"8Base-RHOSE-4.3:skopeo-debugsource-1:0.1.40-4.rhaos.el8.x86_64",
"8Base-RHOSE-4.3:skopeo-tests-1:0.1.40-4.rhaos.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-2102"
},
{
"category": "external",
"summary": "RHBZ#1797071",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1797071"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-2102",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2102"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-2102",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-2102"
}
],
"release_date": "2020-01-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-03-10T22:10:58+00:00",
"details": "Before applying this update, ensure all previously released errata relevant\nto your system have been applied.\n\nFor OpenShift Container Platform 4.3 see the following documentation, which\nwill be updated shortly for release 4.3.5, for important instructions on\nhow to upgrade your cluster and fully apply this asynchronous errata\nupdate:\n\nhttps://docs.openshift.com/container-platform/4.3/release_notes/ocp-4-3-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.3/updating/updating-cluster-cli.html.",
"product_ids": [
"7Server-RH7-RHOSE-4.3:jenkins-0:2.204.2.1583446818-1.el7.noarch",
"7Server-RH7-RHOSE-4.3:jenkins-0:2.204.2.1583446818-1.el7.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHBA-2020:0675"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-1:4.3.5-202003020117.git.0.4eb885c.el7.src",
"7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-1:4.3.5-202003020117.git.0.4eb885c.el7.x86_64",
"7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-svcat-1:4.3.5-202003020117.git.0.4eb885c.el7.x86_64",
"7Server-RH7-RHOSE-4.3:atomic-openshift-service-idler-0:4.3.5-202003020117.git.13.3ac2b0e.el7.src",
"7Server-RH7-RHOSE-4.3:atomic-openshift-service-idler-0:4.3.5-202003020117.git.13.3ac2b0e.el7.x86_64",
"7Server-RH7-RHOSE-4.3:cri-tools-0:1.17.0-1.el7.src",
"7Server-RH7-RHOSE-4.3:cri-tools-0:1.17.0-1.el7.x86_64",
"7Server-RH7-RHOSE-4.3:cri-tools-debuginfo-0:1.17.0-1.el7.x86_64",
"7Server-RH7-RHOSE-4.3:jenkins-0:2.204.2.1583446818-1.el7.noarch",
"7Server-RH7-RHOSE-4.3:jenkins-0:2.204.2.1583446818-1.el7.src",
"7Server-RH7-RHOSE-4.3:jenkins-2-plugins-0:4.3.1583445947-1.el7.noarch",
"7Server-RH7-RHOSE-4.3:jenkins-2-plugins-0:4.3.1583445947-1.el7.src",
"7Server-RH7-RHOSE-4.3:openshift-0:4.3.5-202002280657.git.0.b3bfb5a.el7.src",
"7Server-RH7-RHOSE-4.3:openshift-ansible-0:4.3.5-202002280657.git.1.e4f02b3.el7.noarch",
"7Server-RH7-RHOSE-4.3:openshift-ansible-0:4.3.5-202002280657.git.1.e4f02b3.el7.src",
"7Server-RH7-RHOSE-4.3:openshift-ansible-test-0:4.3.5-202002280657.git.1.e4f02b3.el7.noarch",
"7Server-RH7-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el7.src",
"7Server-RH7-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el7.x86_64",
"7Server-RH7-RHOSE-4.3:openshift-clients-redistributable-0:4.3.5-202002280657.git.1.55a9334.el7.x86_64",
"7Server-RH7-RHOSE-4.3:openshift-hyperkube-0:4.3.5-202002280657.git.0.b3bfb5a.el7.x86_64",
"7Server-RH7-RHOSE-4.3:ovn2.12-0:2.12.0-32.el7fdn.src",
"7Server-RH7-RHOSE-4.3:ovn2.12-0:2.12.0-32.el7fdn.x86_64",
"7Server-RH7-RHOSE-4.3:ovn2.12-central-0:2.12.0-32.el7fdn.x86_64",
"7Server-RH7-RHOSE-4.3:ovn2.12-debuginfo-0:2.12.0-32.el7fdn.x86_64",
"7Server-RH7-RHOSE-4.3:ovn2.12-host-0:2.12.0-32.el7fdn.x86_64",
"7Server-RH7-RHOSE-4.3:ovn2.12-vtep-0:2.12.0-32.el7fdn.x86_64",
"8Base-RHOSE-4.3:buildah-0:1.11.6-4.el8.src",
"8Base-RHOSE-4.3:buildah-0:1.11.6-4.el8.x86_64",
"8Base-RHOSE-4.3:buildah-debuginfo-0:1.11.6-4.el8.x86_64",
"8Base-RHOSE-4.3:buildah-debugsource-0:1.11.6-4.el8.x86_64",
"8Base-RHOSE-4.3:buildah-tests-0:1.11.6-4.el8.x86_64",
"8Base-RHOSE-4.3:buildah-tests-debuginfo-0:1.11.6-4.el8.x86_64",
"8Base-RHOSE-4.3:containers-common-1:0.1.40-4.rhaos.el8.x86_64",
"8Base-RHOSE-4.3:cri-o-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.src",
"8Base-RHOSE-4.3:cri-o-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.x86_64",
"8Base-RHOSE-4.3:cri-o-debuginfo-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.x86_64",
"8Base-RHOSE-4.3:cri-o-debugsource-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.x86_64",
"8Base-RHOSE-4.3:cri-tools-0:1.17.0-2.el8.src",
"8Base-RHOSE-4.3:cri-tools-0:1.17.0-2.el8.x86_64",
"8Base-RHOSE-4.3:cri-tools-debuginfo-0:1.17.0-2.el8.x86_64",
"8Base-RHOSE-4.3:cri-tools-debugsource-0:1.17.0-2.el8.x86_64",
"8Base-RHOSE-4.3:machine-config-daemon-0:4.3.5-202003020117.git.0.61e0e48.el8.src",
"8Base-RHOSE-4.3:machine-config-daemon-0:4.3.5-202003020117.git.0.61e0e48.el8.x86_64",
"8Base-RHOSE-4.3:openshift-0:4.3.5-202002280657.git.0.b3bfb5a.el8.src",
"8Base-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el8.src",
"8Base-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el8.x86_64",
"8Base-RHOSE-4.3:openshift-clients-redistributable-0:4.3.5-202002280657.git.1.55a9334.el8.x86_64",
"8Base-RHOSE-4.3:openshift-hyperkube-0:4.3.5-202002280657.git.0.b3bfb5a.el8.x86_64",
"8Base-RHOSE-4.3:openshift-kuryr-0:4.3.5-202003020117.git.0.237579a.el8.src",
"8Base-RHOSE-4.3:openshift-kuryr-cni-0:4.3.5-202003020117.git.0.237579a.el8.noarch",
"8Base-RHOSE-4.3:openshift-kuryr-common-0:4.3.5-202003020117.git.0.237579a.el8.noarch",
"8Base-RHOSE-4.3:openshift-kuryr-controller-0:4.3.5-202003020117.git.0.237579a.el8.noarch",
"8Base-RHOSE-4.3:python3-kuryr-kubernetes-0:4.3.5-202003020117.git.0.237579a.el8.noarch",
"8Base-RHOSE-4.3:runc-0:1.0.0-65.rc10.rhaos4.3.el8.src",
"8Base-RHOSE-4.3:runc-0:1.0.0-65.rc10.rhaos4.3.el8.x86_64",
"8Base-RHOSE-4.3:runc-debuginfo-0:1.0.0-65.rc10.rhaos4.3.el8.x86_64",
"8Base-RHOSE-4.3:runc-debugsource-0:1.0.0-65.rc10.rhaos4.3.el8.x86_64",
"8Base-RHOSE-4.3:skopeo-1:0.1.40-4.rhaos.el8.src",
"8Base-RHOSE-4.3:skopeo-1:0.1.40-4.rhaos.el8.x86_64",
"8Base-RHOSE-4.3:skopeo-debuginfo-1:0.1.40-4.rhaos.el8.x86_64",
"8Base-RHOSE-4.3:skopeo-debugsource-1:0.1.40-4.rhaos.el8.x86_64",
"8Base-RHOSE-4.3:skopeo-tests-1:0.1.40-4.rhaos.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jenkins: Non-constant time HMAC comparison"
},
{
"cve": "CVE-2020-2103",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"discovery_date": "2020-01-29T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-1:4.3.5-202003020117.git.0.4eb885c.el7.src",
"7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-1:4.3.5-202003020117.git.0.4eb885c.el7.x86_64",
"7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-svcat-1:4.3.5-202003020117.git.0.4eb885c.el7.x86_64",
"7Server-RH7-RHOSE-4.3:atomic-openshift-service-idler-0:4.3.5-202003020117.git.13.3ac2b0e.el7.src",
"7Server-RH7-RHOSE-4.3:atomic-openshift-service-idler-0:4.3.5-202003020117.git.13.3ac2b0e.el7.x86_64",
"7Server-RH7-RHOSE-4.3:cri-tools-0:1.17.0-1.el7.src",
"7Server-RH7-RHOSE-4.3:cri-tools-0:1.17.0-1.el7.x86_64",
"7Server-RH7-RHOSE-4.3:cri-tools-debuginfo-0:1.17.0-1.el7.x86_64",
"7Server-RH7-RHOSE-4.3:jenkins-2-plugins-0:4.3.1583445947-1.el7.noarch",
"7Server-RH7-RHOSE-4.3:jenkins-2-plugins-0:4.3.1583445947-1.el7.src",
"7Server-RH7-RHOSE-4.3:openshift-0:4.3.5-202002280657.git.0.b3bfb5a.el7.src",
"7Server-RH7-RHOSE-4.3:openshift-ansible-0:4.3.5-202002280657.git.1.e4f02b3.el7.noarch",
"7Server-RH7-RHOSE-4.3:openshift-ansible-0:4.3.5-202002280657.git.1.e4f02b3.el7.src",
"7Server-RH7-RHOSE-4.3:openshift-ansible-test-0:4.3.5-202002280657.git.1.e4f02b3.el7.noarch",
"7Server-RH7-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el7.src",
"7Server-RH7-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el7.x86_64",
"7Server-RH7-RHOSE-4.3:openshift-clients-redistributable-0:4.3.5-202002280657.git.1.55a9334.el7.x86_64",
"7Server-RH7-RHOSE-4.3:openshift-hyperkube-0:4.3.5-202002280657.git.0.b3bfb5a.el7.x86_64",
"7Server-RH7-RHOSE-4.3:ovn2.12-0:2.12.0-32.el7fdn.src",
"7Server-RH7-RHOSE-4.3:ovn2.12-0:2.12.0-32.el7fdn.x86_64",
"7Server-RH7-RHOSE-4.3:ovn2.12-central-0:2.12.0-32.el7fdn.x86_64",
"7Server-RH7-RHOSE-4.3:ovn2.12-debuginfo-0:2.12.0-32.el7fdn.x86_64",
"7Server-RH7-RHOSE-4.3:ovn2.12-host-0:2.12.0-32.el7fdn.x86_64",
"7Server-RH7-RHOSE-4.3:ovn2.12-vtep-0:2.12.0-32.el7fdn.x86_64",
"8Base-RHOSE-4.3:buildah-0:1.11.6-4.el8.src",
"8Base-RHOSE-4.3:buildah-0:1.11.6-4.el8.x86_64",
"8Base-RHOSE-4.3:buildah-debuginfo-0:1.11.6-4.el8.x86_64",
"8Base-RHOSE-4.3:buildah-debugsource-0:1.11.6-4.el8.x86_64",
"8Base-RHOSE-4.3:buildah-tests-0:1.11.6-4.el8.x86_64",
"8Base-RHOSE-4.3:buildah-tests-debuginfo-0:1.11.6-4.el8.x86_64",
"8Base-RHOSE-4.3:containers-common-1:0.1.40-4.rhaos.el8.x86_64",
"8Base-RHOSE-4.3:cri-o-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.src",
"8Base-RHOSE-4.3:cri-o-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.x86_64",
"8Base-RHOSE-4.3:cri-o-debuginfo-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.x86_64",
"8Base-RHOSE-4.3:cri-o-debugsource-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.x86_64",
"8Base-RHOSE-4.3:cri-tools-0:1.17.0-2.el8.src",
"8Base-RHOSE-4.3:cri-tools-0:1.17.0-2.el8.x86_64",
"8Base-RHOSE-4.3:cri-tools-debuginfo-0:1.17.0-2.el8.x86_64",
"8Base-RHOSE-4.3:cri-tools-debugsource-0:1.17.0-2.el8.x86_64",
"8Base-RHOSE-4.3:machine-config-daemon-0:4.3.5-202003020117.git.0.61e0e48.el8.src",
"8Base-RHOSE-4.3:machine-config-daemon-0:4.3.5-202003020117.git.0.61e0e48.el8.x86_64",
"8Base-RHOSE-4.3:openshift-0:4.3.5-202002280657.git.0.b3bfb5a.el8.src",
"8Base-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el8.src",
"8Base-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el8.x86_64",
"8Base-RHOSE-4.3:openshift-clients-redistributable-0:4.3.5-202002280657.git.1.55a9334.el8.x86_64",
"8Base-RHOSE-4.3:openshift-hyperkube-0:4.3.5-202002280657.git.0.b3bfb5a.el8.x86_64",
"8Base-RHOSE-4.3:openshift-kuryr-0:4.3.5-202003020117.git.0.237579a.el8.src",
"8Base-RHOSE-4.3:openshift-kuryr-cni-0:4.3.5-202003020117.git.0.237579a.el8.noarch",
"8Base-RHOSE-4.3:openshift-kuryr-common-0:4.3.5-202003020117.git.0.237579a.el8.noarch",
"8Base-RHOSE-4.3:openshift-kuryr-controller-0:4.3.5-202003020117.git.0.237579a.el8.noarch",
"8Base-RHOSE-4.3:python3-kuryr-kubernetes-0:4.3.5-202003020117.git.0.237579a.el8.noarch",
"8Base-RHOSE-4.3:runc-0:1.0.0-65.rc10.rhaos4.3.el8.src",
"8Base-RHOSE-4.3:runc-0:1.0.0-65.rc10.rhaos4.3.el8.x86_64",
"8Base-RHOSE-4.3:runc-debuginfo-0:1.0.0-65.rc10.rhaos4.3.el8.x86_64",
"8Base-RHOSE-4.3:runc-debugsource-0:1.0.0-65.rc10.rhaos4.3.el8.x86_64",
"8Base-RHOSE-4.3:skopeo-1:0.1.40-4.rhaos.el8.src",
"8Base-RHOSE-4.3:skopeo-1:0.1.40-4.rhaos.el8.x86_64",
"8Base-RHOSE-4.3:skopeo-debuginfo-1:0.1.40-4.rhaos.el8.x86_64",
"8Base-RHOSE-4.3:skopeo-debugsource-1:0.1.40-4.rhaos.el8.x86_64",
"8Base-RHOSE-4.3:skopeo-tests-1:0.1.40-4.rhaos.el8.x86_64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1797062"
}
],
"notes": [
{
"category": "description",
"text": "Jenkins 2.218 and earlier, LTS 2.204.1 and earlier exposed session identifiers on a user\u0027s detail object in the whoAmI diagnostic page.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jenkins: Exposed session identifiers on user detail object in the whoAmI diagnostic page",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RH7-RHOSE-4.3:jenkins-0:2.204.2.1583446818-1.el7.noarch",
"7Server-RH7-RHOSE-4.3:jenkins-0:2.204.2.1583446818-1.el7.src"
],
"known_not_affected": [
"7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-1:4.3.5-202003020117.git.0.4eb885c.el7.src",
"7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-1:4.3.5-202003020117.git.0.4eb885c.el7.x86_64",
"7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-svcat-1:4.3.5-202003020117.git.0.4eb885c.el7.x86_64",
"7Server-RH7-RHOSE-4.3:atomic-openshift-service-idler-0:4.3.5-202003020117.git.13.3ac2b0e.el7.src",
"7Server-RH7-RHOSE-4.3:atomic-openshift-service-idler-0:4.3.5-202003020117.git.13.3ac2b0e.el7.x86_64",
"7Server-RH7-RHOSE-4.3:cri-tools-0:1.17.0-1.el7.src",
"7Server-RH7-RHOSE-4.3:cri-tools-0:1.17.0-1.el7.x86_64",
"7Server-RH7-RHOSE-4.3:cri-tools-debuginfo-0:1.17.0-1.el7.x86_64",
"7Server-RH7-RHOSE-4.3:jenkins-2-plugins-0:4.3.1583445947-1.el7.noarch",
"7Server-RH7-RHOSE-4.3:jenkins-2-plugins-0:4.3.1583445947-1.el7.src",
"7Server-RH7-RHOSE-4.3:openshift-0:4.3.5-202002280657.git.0.b3bfb5a.el7.src",
"7Server-RH7-RHOSE-4.3:openshift-ansible-0:4.3.5-202002280657.git.1.e4f02b3.el7.noarch",
"7Server-RH7-RHOSE-4.3:openshift-ansible-0:4.3.5-202002280657.git.1.e4f02b3.el7.src",
"7Server-RH7-RHOSE-4.3:openshift-ansible-test-0:4.3.5-202002280657.git.1.e4f02b3.el7.noarch",
"7Server-RH7-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el7.src",
"7Server-RH7-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el7.x86_64",
"7Server-RH7-RHOSE-4.3:openshift-clients-redistributable-0:4.3.5-202002280657.git.1.55a9334.el7.x86_64",
"7Server-RH7-RHOSE-4.3:openshift-hyperkube-0:4.3.5-202002280657.git.0.b3bfb5a.el7.x86_64",
"7Server-RH7-RHOSE-4.3:ovn2.12-0:2.12.0-32.el7fdn.src",
"7Server-RH7-RHOSE-4.3:ovn2.12-0:2.12.0-32.el7fdn.x86_64",
"7Server-RH7-RHOSE-4.3:ovn2.12-central-0:2.12.0-32.el7fdn.x86_64",
"7Server-RH7-RHOSE-4.3:ovn2.12-debuginfo-0:2.12.0-32.el7fdn.x86_64",
"7Server-RH7-RHOSE-4.3:ovn2.12-host-0:2.12.0-32.el7fdn.x86_64",
"7Server-RH7-RHOSE-4.3:ovn2.12-vtep-0:2.12.0-32.el7fdn.x86_64",
"8Base-RHOSE-4.3:buildah-0:1.11.6-4.el8.src",
"8Base-RHOSE-4.3:buildah-0:1.11.6-4.el8.x86_64",
"8Base-RHOSE-4.3:buildah-debuginfo-0:1.11.6-4.el8.x86_64",
"8Base-RHOSE-4.3:buildah-debugsource-0:1.11.6-4.el8.x86_64",
"8Base-RHOSE-4.3:buildah-tests-0:1.11.6-4.el8.x86_64",
"8Base-RHOSE-4.3:buildah-tests-debuginfo-0:1.11.6-4.el8.x86_64",
"8Base-RHOSE-4.3:containers-common-1:0.1.40-4.rhaos.el8.x86_64",
"8Base-RHOSE-4.3:cri-o-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.src",
"8Base-RHOSE-4.3:cri-o-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.x86_64",
"8Base-RHOSE-4.3:cri-o-debuginfo-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.x86_64",
"8Base-RHOSE-4.3:cri-o-debugsource-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.x86_64",
"8Base-RHOSE-4.3:cri-tools-0:1.17.0-2.el8.src",
"8Base-RHOSE-4.3:cri-tools-0:1.17.0-2.el8.x86_64",
"8Base-RHOSE-4.3:cri-tools-debuginfo-0:1.17.0-2.el8.x86_64",
"8Base-RHOSE-4.3:cri-tools-debugsource-0:1.17.0-2.el8.x86_64",
"8Base-RHOSE-4.3:machine-config-daemon-0:4.3.5-202003020117.git.0.61e0e48.el8.src",
"8Base-RHOSE-4.3:machine-config-daemon-0:4.3.5-202003020117.git.0.61e0e48.el8.x86_64",
"8Base-RHOSE-4.3:openshift-0:4.3.5-202002280657.git.0.b3bfb5a.el8.src",
"8Base-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el8.src",
"8Base-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el8.x86_64",
"8Base-RHOSE-4.3:openshift-clients-redistributable-0:4.3.5-202002280657.git.1.55a9334.el8.x86_64",
"8Base-RHOSE-4.3:openshift-hyperkube-0:4.3.5-202002280657.git.0.b3bfb5a.el8.x86_64",
"8Base-RHOSE-4.3:openshift-kuryr-0:4.3.5-202003020117.git.0.237579a.el8.src",
"8Base-RHOSE-4.3:openshift-kuryr-cni-0:4.3.5-202003020117.git.0.237579a.el8.noarch",
"8Base-RHOSE-4.3:openshift-kuryr-common-0:4.3.5-202003020117.git.0.237579a.el8.noarch",
"8Base-RHOSE-4.3:openshift-kuryr-controller-0:4.3.5-202003020117.git.0.237579a.el8.noarch",
"8Base-RHOSE-4.3:python3-kuryr-kubernetes-0:4.3.5-202003020117.git.0.237579a.el8.noarch",
"8Base-RHOSE-4.3:runc-0:1.0.0-65.rc10.rhaos4.3.el8.src",
"8Base-RHOSE-4.3:runc-0:1.0.0-65.rc10.rhaos4.3.el8.x86_64",
"8Base-RHOSE-4.3:runc-debuginfo-0:1.0.0-65.rc10.rhaos4.3.el8.x86_64",
"8Base-RHOSE-4.3:runc-debugsource-0:1.0.0-65.rc10.rhaos4.3.el8.x86_64",
"8Base-RHOSE-4.3:skopeo-1:0.1.40-4.rhaos.el8.src",
"8Base-RHOSE-4.3:skopeo-1:0.1.40-4.rhaos.el8.x86_64",
"8Base-RHOSE-4.3:skopeo-debuginfo-1:0.1.40-4.rhaos.el8.x86_64",
"8Base-RHOSE-4.3:skopeo-debugsource-1:0.1.40-4.rhaos.el8.x86_64",
"8Base-RHOSE-4.3:skopeo-tests-1:0.1.40-4.rhaos.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-2103"
},
{
"category": "external",
"summary": "RHBZ#1797062",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1797062"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-2103",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2103"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-2103",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-2103"
}
],
"release_date": "2020-01-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-03-10T22:10:58+00:00",
"details": "Before applying this update, ensure all previously released errata relevant\nto your system have been applied.\n\nFor OpenShift Container Platform 4.3 see the following documentation, which\nwill be updated shortly for release 4.3.5, for important instructions on\nhow to upgrade your cluster and fully apply this asynchronous errata\nupdate:\n\nhttps://docs.openshift.com/container-platform/4.3/release_notes/ocp-4-3-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.3/updating/updating-cluster-cli.html.",
"product_ids": [
"7Server-RH7-RHOSE-4.3:jenkins-0:2.204.2.1583446818-1.el7.noarch",
"7Server-RH7-RHOSE-4.3:jenkins-0:2.204.2.1583446818-1.el7.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHBA-2020:0675"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-1:4.3.5-202003020117.git.0.4eb885c.el7.src",
"7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-1:4.3.5-202003020117.git.0.4eb885c.el7.x86_64",
"7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-svcat-1:4.3.5-202003020117.git.0.4eb885c.el7.x86_64",
"7Server-RH7-RHOSE-4.3:atomic-openshift-service-idler-0:4.3.5-202003020117.git.13.3ac2b0e.el7.src",
"7Server-RH7-RHOSE-4.3:atomic-openshift-service-idler-0:4.3.5-202003020117.git.13.3ac2b0e.el7.x86_64",
"7Server-RH7-RHOSE-4.3:cri-tools-0:1.17.0-1.el7.src",
"7Server-RH7-RHOSE-4.3:cri-tools-0:1.17.0-1.el7.x86_64",
"7Server-RH7-RHOSE-4.3:cri-tools-debuginfo-0:1.17.0-1.el7.x86_64",
"7Server-RH7-RHOSE-4.3:jenkins-0:2.204.2.1583446818-1.el7.noarch",
"7Server-RH7-RHOSE-4.3:jenkins-0:2.204.2.1583446818-1.el7.src",
"7Server-RH7-RHOSE-4.3:jenkins-2-plugins-0:4.3.1583445947-1.el7.noarch",
"7Server-RH7-RHOSE-4.3:jenkins-2-plugins-0:4.3.1583445947-1.el7.src",
"7Server-RH7-RHOSE-4.3:openshift-0:4.3.5-202002280657.git.0.b3bfb5a.el7.src",
"7Server-RH7-RHOSE-4.3:openshift-ansible-0:4.3.5-202002280657.git.1.e4f02b3.el7.noarch",
"7Server-RH7-RHOSE-4.3:openshift-ansible-0:4.3.5-202002280657.git.1.e4f02b3.el7.src",
"7Server-RH7-RHOSE-4.3:openshift-ansible-test-0:4.3.5-202002280657.git.1.e4f02b3.el7.noarch",
"7Server-RH7-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el7.src",
"7Server-RH7-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el7.x86_64",
"7Server-RH7-RHOSE-4.3:openshift-clients-redistributable-0:4.3.5-202002280657.git.1.55a9334.el7.x86_64",
"7Server-RH7-RHOSE-4.3:openshift-hyperkube-0:4.3.5-202002280657.git.0.b3bfb5a.el7.x86_64",
"7Server-RH7-RHOSE-4.3:ovn2.12-0:2.12.0-32.el7fdn.src",
"7Server-RH7-RHOSE-4.3:ovn2.12-0:2.12.0-32.el7fdn.x86_64",
"7Server-RH7-RHOSE-4.3:ovn2.12-central-0:2.12.0-32.el7fdn.x86_64",
"7Server-RH7-RHOSE-4.3:ovn2.12-debuginfo-0:2.12.0-32.el7fdn.x86_64",
"7Server-RH7-RHOSE-4.3:ovn2.12-host-0:2.12.0-32.el7fdn.x86_64",
"7Server-RH7-RHOSE-4.3:ovn2.12-vtep-0:2.12.0-32.el7fdn.x86_64",
"8Base-RHOSE-4.3:buildah-0:1.11.6-4.el8.src",
"8Base-RHOSE-4.3:buildah-0:1.11.6-4.el8.x86_64",
"8Base-RHOSE-4.3:buildah-debuginfo-0:1.11.6-4.el8.x86_64",
"8Base-RHOSE-4.3:buildah-debugsource-0:1.11.6-4.el8.x86_64",
"8Base-RHOSE-4.3:buildah-tests-0:1.11.6-4.el8.x86_64",
"8Base-RHOSE-4.3:buildah-tests-debuginfo-0:1.11.6-4.el8.x86_64",
"8Base-RHOSE-4.3:containers-common-1:0.1.40-4.rhaos.el8.x86_64",
"8Base-RHOSE-4.3:cri-o-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.src",
"8Base-RHOSE-4.3:cri-o-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.x86_64",
"8Base-RHOSE-4.3:cri-o-debuginfo-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.x86_64",
"8Base-RHOSE-4.3:cri-o-debugsource-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.x86_64",
"8Base-RHOSE-4.3:cri-tools-0:1.17.0-2.el8.src",
"8Base-RHOSE-4.3:cri-tools-0:1.17.0-2.el8.x86_64",
"8Base-RHOSE-4.3:cri-tools-debuginfo-0:1.17.0-2.el8.x86_64",
"8Base-RHOSE-4.3:cri-tools-debugsource-0:1.17.0-2.el8.x86_64",
"8Base-RHOSE-4.3:machine-config-daemon-0:4.3.5-202003020117.git.0.61e0e48.el8.src",
"8Base-RHOSE-4.3:machine-config-daemon-0:4.3.5-202003020117.git.0.61e0e48.el8.x86_64",
"8Base-RHOSE-4.3:openshift-0:4.3.5-202002280657.git.0.b3bfb5a.el8.src",
"8Base-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el8.src",
"8Base-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el8.x86_64",
"8Base-RHOSE-4.3:openshift-clients-redistributable-0:4.3.5-202002280657.git.1.55a9334.el8.x86_64",
"8Base-RHOSE-4.3:openshift-hyperkube-0:4.3.5-202002280657.git.0.b3bfb5a.el8.x86_64",
"8Base-RHOSE-4.3:openshift-kuryr-0:4.3.5-202003020117.git.0.237579a.el8.src",
"8Base-RHOSE-4.3:openshift-kuryr-cni-0:4.3.5-202003020117.git.0.237579a.el8.noarch",
"8Base-RHOSE-4.3:openshift-kuryr-common-0:4.3.5-202003020117.git.0.237579a.el8.noarch",
"8Base-RHOSE-4.3:openshift-kuryr-controller-0:4.3.5-202003020117.git.0.237579a.el8.noarch",
"8Base-RHOSE-4.3:python3-kuryr-kubernetes-0:4.3.5-202003020117.git.0.237579a.el8.noarch",
"8Base-RHOSE-4.3:runc-0:1.0.0-65.rc10.rhaos4.3.el8.src",
"8Base-RHOSE-4.3:runc-0:1.0.0-65.rc10.rhaos4.3.el8.x86_64",
"8Base-RHOSE-4.3:runc-debuginfo-0:1.0.0-65.rc10.rhaos4.3.el8.x86_64",
"8Base-RHOSE-4.3:runc-debugsource-0:1.0.0-65.rc10.rhaos4.3.el8.x86_64",
"8Base-RHOSE-4.3:skopeo-1:0.1.40-4.rhaos.el8.src",
"8Base-RHOSE-4.3:skopeo-1:0.1.40-4.rhaos.el8.x86_64",
"8Base-RHOSE-4.3:skopeo-debuginfo-1:0.1.40-4.rhaos.el8.x86_64",
"8Base-RHOSE-4.3:skopeo-debugsource-1:0.1.40-4.rhaos.el8.x86_64",
"8Base-RHOSE-4.3:skopeo-tests-1:0.1.40-4.rhaos.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jenkins: Exposed session identifiers on user detail object in the whoAmI diagnostic page"
},
{
"cve": "CVE-2020-2104",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"discovery_date": "2020-01-29T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-1:4.3.5-202003020117.git.0.4eb885c.el7.src",
"7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-1:4.3.5-202003020117.git.0.4eb885c.el7.x86_64",
"7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-svcat-1:4.3.5-202003020117.git.0.4eb885c.el7.x86_64",
"7Server-RH7-RHOSE-4.3:atomic-openshift-service-idler-0:4.3.5-202003020117.git.13.3ac2b0e.el7.src",
"7Server-RH7-RHOSE-4.3:atomic-openshift-service-idler-0:4.3.5-202003020117.git.13.3ac2b0e.el7.x86_64",
"7Server-RH7-RHOSE-4.3:cri-tools-0:1.17.0-1.el7.src",
"7Server-RH7-RHOSE-4.3:cri-tools-0:1.17.0-1.el7.x86_64",
"7Server-RH7-RHOSE-4.3:cri-tools-debuginfo-0:1.17.0-1.el7.x86_64",
"7Server-RH7-RHOSE-4.3:jenkins-2-plugins-0:4.3.1583445947-1.el7.noarch",
"7Server-RH7-RHOSE-4.3:jenkins-2-plugins-0:4.3.1583445947-1.el7.src",
"7Server-RH7-RHOSE-4.3:openshift-0:4.3.5-202002280657.git.0.b3bfb5a.el7.src",
"7Server-RH7-RHOSE-4.3:openshift-ansible-0:4.3.5-202002280657.git.1.e4f02b3.el7.noarch",
"7Server-RH7-RHOSE-4.3:openshift-ansible-0:4.3.5-202002280657.git.1.e4f02b3.el7.src",
"7Server-RH7-RHOSE-4.3:openshift-ansible-test-0:4.3.5-202002280657.git.1.e4f02b3.el7.noarch",
"7Server-RH7-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el7.src",
"7Server-RH7-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el7.x86_64",
"7Server-RH7-RHOSE-4.3:openshift-clients-redistributable-0:4.3.5-202002280657.git.1.55a9334.el7.x86_64",
"7Server-RH7-RHOSE-4.3:openshift-hyperkube-0:4.3.5-202002280657.git.0.b3bfb5a.el7.x86_64",
"7Server-RH7-RHOSE-4.3:ovn2.12-0:2.12.0-32.el7fdn.src",
"7Server-RH7-RHOSE-4.3:ovn2.12-0:2.12.0-32.el7fdn.x86_64",
"7Server-RH7-RHOSE-4.3:ovn2.12-central-0:2.12.0-32.el7fdn.x86_64",
"7Server-RH7-RHOSE-4.3:ovn2.12-debuginfo-0:2.12.0-32.el7fdn.x86_64",
"7Server-RH7-RHOSE-4.3:ovn2.12-host-0:2.12.0-32.el7fdn.x86_64",
"7Server-RH7-RHOSE-4.3:ovn2.12-vtep-0:2.12.0-32.el7fdn.x86_64",
"8Base-RHOSE-4.3:buildah-0:1.11.6-4.el8.src",
"8Base-RHOSE-4.3:buildah-0:1.11.6-4.el8.x86_64",
"8Base-RHOSE-4.3:buildah-debuginfo-0:1.11.6-4.el8.x86_64",
"8Base-RHOSE-4.3:buildah-debugsource-0:1.11.6-4.el8.x86_64",
"8Base-RHOSE-4.3:buildah-tests-0:1.11.6-4.el8.x86_64",
"8Base-RHOSE-4.3:buildah-tests-debuginfo-0:1.11.6-4.el8.x86_64",
"8Base-RHOSE-4.3:containers-common-1:0.1.40-4.rhaos.el8.x86_64",
"8Base-RHOSE-4.3:cri-o-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.src",
"8Base-RHOSE-4.3:cri-o-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.x86_64",
"8Base-RHOSE-4.3:cri-o-debuginfo-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.x86_64",
"8Base-RHOSE-4.3:cri-o-debugsource-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.x86_64",
"8Base-RHOSE-4.3:cri-tools-0:1.17.0-2.el8.src",
"8Base-RHOSE-4.3:cri-tools-0:1.17.0-2.el8.x86_64",
"8Base-RHOSE-4.3:cri-tools-debuginfo-0:1.17.0-2.el8.x86_64",
"8Base-RHOSE-4.3:cri-tools-debugsource-0:1.17.0-2.el8.x86_64",
"8Base-RHOSE-4.3:machine-config-daemon-0:4.3.5-202003020117.git.0.61e0e48.el8.src",
"8Base-RHOSE-4.3:machine-config-daemon-0:4.3.5-202003020117.git.0.61e0e48.el8.x86_64",
"8Base-RHOSE-4.3:openshift-0:4.3.5-202002280657.git.0.b3bfb5a.el8.src",
"8Base-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el8.src",
"8Base-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el8.x86_64",
"8Base-RHOSE-4.3:openshift-clients-redistributable-0:4.3.5-202002280657.git.1.55a9334.el8.x86_64",
"8Base-RHOSE-4.3:openshift-hyperkube-0:4.3.5-202002280657.git.0.b3bfb5a.el8.x86_64",
"8Base-RHOSE-4.3:openshift-kuryr-0:4.3.5-202003020117.git.0.237579a.el8.src",
"8Base-RHOSE-4.3:openshift-kuryr-cni-0:4.3.5-202003020117.git.0.237579a.el8.noarch",
"8Base-RHOSE-4.3:openshift-kuryr-common-0:4.3.5-202003020117.git.0.237579a.el8.noarch",
"8Base-RHOSE-4.3:openshift-kuryr-controller-0:4.3.5-202003020117.git.0.237579a.el8.noarch",
"8Base-RHOSE-4.3:python3-kuryr-kubernetes-0:4.3.5-202003020117.git.0.237579a.el8.noarch",
"8Base-RHOSE-4.3:runc-0:1.0.0-65.rc10.rhaos4.3.el8.src",
"8Base-RHOSE-4.3:runc-0:1.0.0-65.rc10.rhaos4.3.el8.x86_64",
"8Base-RHOSE-4.3:runc-debuginfo-0:1.0.0-65.rc10.rhaos4.3.el8.x86_64",
"8Base-RHOSE-4.3:runc-debugsource-0:1.0.0-65.rc10.rhaos4.3.el8.x86_64",
"8Base-RHOSE-4.3:skopeo-1:0.1.40-4.rhaos.el8.src",
"8Base-RHOSE-4.3:skopeo-1:0.1.40-4.rhaos.el8.x86_64",
"8Base-RHOSE-4.3:skopeo-debuginfo-1:0.1.40-4.rhaos.el8.x86_64",
"8Base-RHOSE-4.3:skopeo-debugsource-1:0.1.40-4.rhaos.el8.x86_64",
"8Base-RHOSE-4.3:skopeo-tests-1:0.1.40-4.rhaos.el8.x86_64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1797065"
}
],
"notes": [
{
"category": "description",
"text": "Jenkins 2.218 and earlier, LTS 2.204.1 and earlier allowed users with Overall/Read access to view a JVM memory usage chart.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jenkins: Memory usage graphs accessible to anyone with Overall/Read",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RH7-RHOSE-4.3:jenkins-0:2.204.2.1583446818-1.el7.noarch",
"7Server-RH7-RHOSE-4.3:jenkins-0:2.204.2.1583446818-1.el7.src"
],
"known_not_affected": [
"7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-1:4.3.5-202003020117.git.0.4eb885c.el7.src",
"7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-1:4.3.5-202003020117.git.0.4eb885c.el7.x86_64",
"7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-svcat-1:4.3.5-202003020117.git.0.4eb885c.el7.x86_64",
"7Server-RH7-RHOSE-4.3:atomic-openshift-service-idler-0:4.3.5-202003020117.git.13.3ac2b0e.el7.src",
"7Server-RH7-RHOSE-4.3:atomic-openshift-service-idler-0:4.3.5-202003020117.git.13.3ac2b0e.el7.x86_64",
"7Server-RH7-RHOSE-4.3:cri-tools-0:1.17.0-1.el7.src",
"7Server-RH7-RHOSE-4.3:cri-tools-0:1.17.0-1.el7.x86_64",
"7Server-RH7-RHOSE-4.3:cri-tools-debuginfo-0:1.17.0-1.el7.x86_64",
"7Server-RH7-RHOSE-4.3:jenkins-2-plugins-0:4.3.1583445947-1.el7.noarch",
"7Server-RH7-RHOSE-4.3:jenkins-2-plugins-0:4.3.1583445947-1.el7.src",
"7Server-RH7-RHOSE-4.3:openshift-0:4.3.5-202002280657.git.0.b3bfb5a.el7.src",
"7Server-RH7-RHOSE-4.3:openshift-ansible-0:4.3.5-202002280657.git.1.e4f02b3.el7.noarch",
"7Server-RH7-RHOSE-4.3:openshift-ansible-0:4.3.5-202002280657.git.1.e4f02b3.el7.src",
"7Server-RH7-RHOSE-4.3:openshift-ansible-test-0:4.3.5-202002280657.git.1.e4f02b3.el7.noarch",
"7Server-RH7-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el7.src",
"7Server-RH7-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el7.x86_64",
"7Server-RH7-RHOSE-4.3:openshift-clients-redistributable-0:4.3.5-202002280657.git.1.55a9334.el7.x86_64",
"7Server-RH7-RHOSE-4.3:openshift-hyperkube-0:4.3.5-202002280657.git.0.b3bfb5a.el7.x86_64",
"7Server-RH7-RHOSE-4.3:ovn2.12-0:2.12.0-32.el7fdn.src",
"7Server-RH7-RHOSE-4.3:ovn2.12-0:2.12.0-32.el7fdn.x86_64",
"7Server-RH7-RHOSE-4.3:ovn2.12-central-0:2.12.0-32.el7fdn.x86_64",
"7Server-RH7-RHOSE-4.3:ovn2.12-debuginfo-0:2.12.0-32.el7fdn.x86_64",
"7Server-RH7-RHOSE-4.3:ovn2.12-host-0:2.12.0-32.el7fdn.x86_64",
"7Server-RH7-RHOSE-4.3:ovn2.12-vtep-0:2.12.0-32.el7fdn.x86_64",
"8Base-RHOSE-4.3:buildah-0:1.11.6-4.el8.src",
"8Base-RHOSE-4.3:buildah-0:1.11.6-4.el8.x86_64",
"8Base-RHOSE-4.3:buildah-debuginfo-0:1.11.6-4.el8.x86_64",
"8Base-RHOSE-4.3:buildah-debugsource-0:1.11.6-4.el8.x86_64",
"8Base-RHOSE-4.3:buildah-tests-0:1.11.6-4.el8.x86_64",
"8Base-RHOSE-4.3:buildah-tests-debuginfo-0:1.11.6-4.el8.x86_64",
"8Base-RHOSE-4.3:containers-common-1:0.1.40-4.rhaos.el8.x86_64",
"8Base-RHOSE-4.3:cri-o-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.src",
"8Base-RHOSE-4.3:cri-o-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.x86_64",
"8Base-RHOSE-4.3:cri-o-debuginfo-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.x86_64",
"8Base-RHOSE-4.3:cri-o-debugsource-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.x86_64",
"8Base-RHOSE-4.3:cri-tools-0:1.17.0-2.el8.src",
"8Base-RHOSE-4.3:cri-tools-0:1.17.0-2.el8.x86_64",
"8Base-RHOSE-4.3:cri-tools-debuginfo-0:1.17.0-2.el8.x86_64",
"8Base-RHOSE-4.3:cri-tools-debugsource-0:1.17.0-2.el8.x86_64",
"8Base-RHOSE-4.3:machine-config-daemon-0:4.3.5-202003020117.git.0.61e0e48.el8.src",
"8Base-RHOSE-4.3:machine-config-daemon-0:4.3.5-202003020117.git.0.61e0e48.el8.x86_64",
"8Base-RHOSE-4.3:openshift-0:4.3.5-202002280657.git.0.b3bfb5a.el8.src",
"8Base-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el8.src",
"8Base-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el8.x86_64",
"8Base-RHOSE-4.3:openshift-clients-redistributable-0:4.3.5-202002280657.git.1.55a9334.el8.x86_64",
"8Base-RHOSE-4.3:openshift-hyperkube-0:4.3.5-202002280657.git.0.b3bfb5a.el8.x86_64",
"8Base-RHOSE-4.3:openshift-kuryr-0:4.3.5-202003020117.git.0.237579a.el8.src",
"8Base-RHOSE-4.3:openshift-kuryr-cni-0:4.3.5-202003020117.git.0.237579a.el8.noarch",
"8Base-RHOSE-4.3:openshift-kuryr-common-0:4.3.5-202003020117.git.0.237579a.el8.noarch",
"8Base-RHOSE-4.3:openshift-kuryr-controller-0:4.3.5-202003020117.git.0.237579a.el8.noarch",
"8Base-RHOSE-4.3:python3-kuryr-kubernetes-0:4.3.5-202003020117.git.0.237579a.el8.noarch",
"8Base-RHOSE-4.3:runc-0:1.0.0-65.rc10.rhaos4.3.el8.src",
"8Base-RHOSE-4.3:runc-0:1.0.0-65.rc10.rhaos4.3.el8.x86_64",
"8Base-RHOSE-4.3:runc-debuginfo-0:1.0.0-65.rc10.rhaos4.3.el8.x86_64",
"8Base-RHOSE-4.3:runc-debugsource-0:1.0.0-65.rc10.rhaos4.3.el8.x86_64",
"8Base-RHOSE-4.3:skopeo-1:0.1.40-4.rhaos.el8.src",
"8Base-RHOSE-4.3:skopeo-1:0.1.40-4.rhaos.el8.x86_64",
"8Base-RHOSE-4.3:skopeo-debuginfo-1:0.1.40-4.rhaos.el8.x86_64",
"8Base-RHOSE-4.3:skopeo-debugsource-1:0.1.40-4.rhaos.el8.x86_64",
"8Base-RHOSE-4.3:skopeo-tests-1:0.1.40-4.rhaos.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-2104"
},
{
"category": "external",
"summary": "RHBZ#1797065",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1797065"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-2104",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2104"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-2104",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-2104"
}
],
"release_date": "2020-01-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-03-10T22:10:58+00:00",
"details": "Before applying this update, ensure all previously released errata relevant\nto your system have been applied.\n\nFor OpenShift Container Platform 4.3 see the following documentation, which\nwill be updated shortly for release 4.3.5, for important instructions on\nhow to upgrade your cluster and fully apply this asynchronous errata\nupdate:\n\nhttps://docs.openshift.com/container-platform/4.3/release_notes/ocp-4-3-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.3/updating/updating-cluster-cli.html.",
"product_ids": [
"7Server-RH7-RHOSE-4.3:jenkins-0:2.204.2.1583446818-1.el7.noarch",
"7Server-RH7-RHOSE-4.3:jenkins-0:2.204.2.1583446818-1.el7.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHBA-2020:0675"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-1:4.3.5-202003020117.git.0.4eb885c.el7.src",
"7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-1:4.3.5-202003020117.git.0.4eb885c.el7.x86_64",
"7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-svcat-1:4.3.5-202003020117.git.0.4eb885c.el7.x86_64",
"7Server-RH7-RHOSE-4.3:atomic-openshift-service-idler-0:4.3.5-202003020117.git.13.3ac2b0e.el7.src",
"7Server-RH7-RHOSE-4.3:atomic-openshift-service-idler-0:4.3.5-202003020117.git.13.3ac2b0e.el7.x86_64",
"7Server-RH7-RHOSE-4.3:cri-tools-0:1.17.0-1.el7.src",
"7Server-RH7-RHOSE-4.3:cri-tools-0:1.17.0-1.el7.x86_64",
"7Server-RH7-RHOSE-4.3:cri-tools-debuginfo-0:1.17.0-1.el7.x86_64",
"7Server-RH7-RHOSE-4.3:jenkins-0:2.204.2.1583446818-1.el7.noarch",
"7Server-RH7-RHOSE-4.3:jenkins-0:2.204.2.1583446818-1.el7.src",
"7Server-RH7-RHOSE-4.3:jenkins-2-plugins-0:4.3.1583445947-1.el7.noarch",
"7Server-RH7-RHOSE-4.3:jenkins-2-plugins-0:4.3.1583445947-1.el7.src",
"7Server-RH7-RHOSE-4.3:openshift-0:4.3.5-202002280657.git.0.b3bfb5a.el7.src",
"7Server-RH7-RHOSE-4.3:openshift-ansible-0:4.3.5-202002280657.git.1.e4f02b3.el7.noarch",
"7Server-RH7-RHOSE-4.3:openshift-ansible-0:4.3.5-202002280657.git.1.e4f02b3.el7.src",
"7Server-RH7-RHOSE-4.3:openshift-ansible-test-0:4.3.5-202002280657.git.1.e4f02b3.el7.noarch",
"7Server-RH7-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el7.src",
"7Server-RH7-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el7.x86_64",
"7Server-RH7-RHOSE-4.3:openshift-clients-redistributable-0:4.3.5-202002280657.git.1.55a9334.el7.x86_64",
"7Server-RH7-RHOSE-4.3:openshift-hyperkube-0:4.3.5-202002280657.git.0.b3bfb5a.el7.x86_64",
"7Server-RH7-RHOSE-4.3:ovn2.12-0:2.12.0-32.el7fdn.src",
"7Server-RH7-RHOSE-4.3:ovn2.12-0:2.12.0-32.el7fdn.x86_64",
"7Server-RH7-RHOSE-4.3:ovn2.12-central-0:2.12.0-32.el7fdn.x86_64",
"7Server-RH7-RHOSE-4.3:ovn2.12-debuginfo-0:2.12.0-32.el7fdn.x86_64",
"7Server-RH7-RHOSE-4.3:ovn2.12-host-0:2.12.0-32.el7fdn.x86_64",
"7Server-RH7-RHOSE-4.3:ovn2.12-vtep-0:2.12.0-32.el7fdn.x86_64",
"8Base-RHOSE-4.3:buildah-0:1.11.6-4.el8.src",
"8Base-RHOSE-4.3:buildah-0:1.11.6-4.el8.x86_64",
"8Base-RHOSE-4.3:buildah-debuginfo-0:1.11.6-4.el8.x86_64",
"8Base-RHOSE-4.3:buildah-debugsource-0:1.11.6-4.el8.x86_64",
"8Base-RHOSE-4.3:buildah-tests-0:1.11.6-4.el8.x86_64",
"8Base-RHOSE-4.3:buildah-tests-debuginfo-0:1.11.6-4.el8.x86_64",
"8Base-RHOSE-4.3:containers-common-1:0.1.40-4.rhaos.el8.x86_64",
"8Base-RHOSE-4.3:cri-o-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.src",
"8Base-RHOSE-4.3:cri-o-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.x86_64",
"8Base-RHOSE-4.3:cri-o-debuginfo-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.x86_64",
"8Base-RHOSE-4.3:cri-o-debugsource-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.x86_64",
"8Base-RHOSE-4.3:cri-tools-0:1.17.0-2.el8.src",
"8Base-RHOSE-4.3:cri-tools-0:1.17.0-2.el8.x86_64",
"8Base-RHOSE-4.3:cri-tools-debuginfo-0:1.17.0-2.el8.x86_64",
"8Base-RHOSE-4.3:cri-tools-debugsource-0:1.17.0-2.el8.x86_64",
"8Base-RHOSE-4.3:machine-config-daemon-0:4.3.5-202003020117.git.0.61e0e48.el8.src",
"8Base-RHOSE-4.3:machine-config-daemon-0:4.3.5-202003020117.git.0.61e0e48.el8.x86_64",
"8Base-RHOSE-4.3:openshift-0:4.3.5-202002280657.git.0.b3bfb5a.el8.src",
"8Base-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el8.src",
"8Base-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el8.x86_64",
"8Base-RHOSE-4.3:openshift-clients-redistributable-0:4.3.5-202002280657.git.1.55a9334.el8.x86_64",
"8Base-RHOSE-4.3:openshift-hyperkube-0:4.3.5-202002280657.git.0.b3bfb5a.el8.x86_64",
"8Base-RHOSE-4.3:openshift-kuryr-0:4.3.5-202003020117.git.0.237579a.el8.src",
"8Base-RHOSE-4.3:openshift-kuryr-cni-0:4.3.5-202003020117.git.0.237579a.el8.noarch",
"8Base-RHOSE-4.3:openshift-kuryr-common-0:4.3.5-202003020117.git.0.237579a.el8.noarch",
"8Base-RHOSE-4.3:openshift-kuryr-controller-0:4.3.5-202003020117.git.0.237579a.el8.noarch",
"8Base-RHOSE-4.3:python3-kuryr-kubernetes-0:4.3.5-202003020117.git.0.237579a.el8.noarch",
"8Base-RHOSE-4.3:runc-0:1.0.0-65.rc10.rhaos4.3.el8.src",
"8Base-RHOSE-4.3:runc-0:1.0.0-65.rc10.rhaos4.3.el8.x86_64",
"8Base-RHOSE-4.3:runc-debuginfo-0:1.0.0-65.rc10.rhaos4.3.el8.x86_64",
"8Base-RHOSE-4.3:runc-debugsource-0:1.0.0-65.rc10.rhaos4.3.el8.x86_64",
"8Base-RHOSE-4.3:skopeo-1:0.1.40-4.rhaos.el8.src",
"8Base-RHOSE-4.3:skopeo-1:0.1.40-4.rhaos.el8.x86_64",
"8Base-RHOSE-4.3:skopeo-debuginfo-1:0.1.40-4.rhaos.el8.x86_64",
"8Base-RHOSE-4.3:skopeo-debugsource-1:0.1.40-4.rhaos.el8.x86_64",
"8Base-RHOSE-4.3:skopeo-tests-1:0.1.40-4.rhaos.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "jenkins: Memory usage graphs accessible to anyone with Overall/Read"
},
{
"cve": "CVE-2020-2105",
"cwe": {
"id": "CWE-1021",
"name": "Improper Restriction of Rendered UI Layers or Frames"
},
"discovery_date": "2020-01-29T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-1:4.3.5-202003020117.git.0.4eb885c.el7.src",
"7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-1:4.3.5-202003020117.git.0.4eb885c.el7.x86_64",
"7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-svcat-1:4.3.5-202003020117.git.0.4eb885c.el7.x86_64",
"7Server-RH7-RHOSE-4.3:atomic-openshift-service-idler-0:4.3.5-202003020117.git.13.3ac2b0e.el7.src",
"7Server-RH7-RHOSE-4.3:atomic-openshift-service-idler-0:4.3.5-202003020117.git.13.3ac2b0e.el7.x86_64",
"7Server-RH7-RHOSE-4.3:cri-tools-0:1.17.0-1.el7.src",
"7Server-RH7-RHOSE-4.3:cri-tools-0:1.17.0-1.el7.x86_64",
"7Server-RH7-RHOSE-4.3:cri-tools-debuginfo-0:1.17.0-1.el7.x86_64",
"7Server-RH7-RHOSE-4.3:jenkins-2-plugins-0:4.3.1583445947-1.el7.noarch",
"7Server-RH7-RHOSE-4.3:jenkins-2-plugins-0:4.3.1583445947-1.el7.src",
"7Server-RH7-RHOSE-4.3:openshift-0:4.3.5-202002280657.git.0.b3bfb5a.el7.src",
"7Server-RH7-RHOSE-4.3:openshift-ansible-0:4.3.5-202002280657.git.1.e4f02b3.el7.noarch",
"7Server-RH7-RHOSE-4.3:openshift-ansible-0:4.3.5-202002280657.git.1.e4f02b3.el7.src",
"7Server-RH7-RHOSE-4.3:openshift-ansible-test-0:4.3.5-202002280657.git.1.e4f02b3.el7.noarch",
"7Server-RH7-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el7.src",
"7Server-RH7-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el7.x86_64",
"7Server-RH7-RHOSE-4.3:openshift-clients-redistributable-0:4.3.5-202002280657.git.1.55a9334.el7.x86_64",
"7Server-RH7-RHOSE-4.3:openshift-hyperkube-0:4.3.5-202002280657.git.0.b3bfb5a.el7.x86_64",
"7Server-RH7-RHOSE-4.3:ovn2.12-0:2.12.0-32.el7fdn.src",
"7Server-RH7-RHOSE-4.3:ovn2.12-0:2.12.0-32.el7fdn.x86_64",
"7Server-RH7-RHOSE-4.3:ovn2.12-central-0:2.12.0-32.el7fdn.x86_64",
"7Server-RH7-RHOSE-4.3:ovn2.12-debuginfo-0:2.12.0-32.el7fdn.x86_64",
"7Server-RH7-RHOSE-4.3:ovn2.12-host-0:2.12.0-32.el7fdn.x86_64",
"7Server-RH7-RHOSE-4.3:ovn2.12-vtep-0:2.12.0-32.el7fdn.x86_64",
"8Base-RHOSE-4.3:buildah-0:1.11.6-4.el8.src",
"8Base-RHOSE-4.3:buildah-0:1.11.6-4.el8.x86_64",
"8Base-RHOSE-4.3:buildah-debuginfo-0:1.11.6-4.el8.x86_64",
"8Base-RHOSE-4.3:buildah-debugsource-0:1.11.6-4.el8.x86_64",
"8Base-RHOSE-4.3:buildah-tests-0:1.11.6-4.el8.x86_64",
"8Base-RHOSE-4.3:buildah-tests-debuginfo-0:1.11.6-4.el8.x86_64",
"8Base-RHOSE-4.3:containers-common-1:0.1.40-4.rhaos.el8.x86_64",
"8Base-RHOSE-4.3:cri-o-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.src",
"8Base-RHOSE-4.3:cri-o-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.x86_64",
"8Base-RHOSE-4.3:cri-o-debuginfo-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.x86_64",
"8Base-RHOSE-4.3:cri-o-debugsource-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.x86_64",
"8Base-RHOSE-4.3:cri-tools-0:1.17.0-2.el8.src",
"8Base-RHOSE-4.3:cri-tools-0:1.17.0-2.el8.x86_64",
"8Base-RHOSE-4.3:cri-tools-debuginfo-0:1.17.0-2.el8.x86_64",
"8Base-RHOSE-4.3:cri-tools-debugsource-0:1.17.0-2.el8.x86_64",
"8Base-RHOSE-4.3:machine-config-daemon-0:4.3.5-202003020117.git.0.61e0e48.el8.src",
"8Base-RHOSE-4.3:machine-config-daemon-0:4.3.5-202003020117.git.0.61e0e48.el8.x86_64",
"8Base-RHOSE-4.3:openshift-0:4.3.5-202002280657.git.0.b3bfb5a.el8.src",
"8Base-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el8.src",
"8Base-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el8.x86_64",
"8Base-RHOSE-4.3:openshift-clients-redistributable-0:4.3.5-202002280657.git.1.55a9334.el8.x86_64",
"8Base-RHOSE-4.3:openshift-hyperkube-0:4.3.5-202002280657.git.0.b3bfb5a.el8.x86_64",
"8Base-RHOSE-4.3:openshift-kuryr-0:4.3.5-202003020117.git.0.237579a.el8.src",
"8Base-RHOSE-4.3:openshift-kuryr-cni-0:4.3.5-202003020117.git.0.237579a.el8.noarch",
"8Base-RHOSE-4.3:openshift-kuryr-common-0:4.3.5-202003020117.git.0.237579a.el8.noarch",
"8Base-RHOSE-4.3:openshift-kuryr-controller-0:4.3.5-202003020117.git.0.237579a.el8.noarch",
"8Base-RHOSE-4.3:python3-kuryr-kubernetes-0:4.3.5-202003020117.git.0.237579a.el8.noarch",
"8Base-RHOSE-4.3:runc-0:1.0.0-65.rc10.rhaos4.3.el8.src",
"8Base-RHOSE-4.3:runc-0:1.0.0-65.rc10.rhaos4.3.el8.x86_64",
"8Base-RHOSE-4.3:runc-debuginfo-0:1.0.0-65.rc10.rhaos4.3.el8.x86_64",
"8Base-RHOSE-4.3:runc-debugsource-0:1.0.0-65.rc10.rhaos4.3.el8.x86_64",
"8Base-RHOSE-4.3:skopeo-1:0.1.40-4.rhaos.el8.src",
"8Base-RHOSE-4.3:skopeo-1:0.1.40-4.rhaos.el8.x86_64",
"8Base-RHOSE-4.3:skopeo-debuginfo-1:0.1.40-4.rhaos.el8.x86_64",
"8Base-RHOSE-4.3:skopeo-debugsource-1:0.1.40-4.rhaos.el8.x86_64",
"8Base-RHOSE-4.3:skopeo-tests-1:0.1.40-4.rhaos.el8.x86_64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1797068"
}
],
"notes": [
{
"category": "description",
"text": "REST API endpoints in Jenkins 2.218 and earlier, LTS 2.204.1 and earlier were vulnerable to clickjacking attacks.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jenkins: REST APIs vulnerable to clickjacking",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RH7-RHOSE-4.3:jenkins-0:2.204.2.1583446818-1.el7.noarch",
"7Server-RH7-RHOSE-4.3:jenkins-0:2.204.2.1583446818-1.el7.src"
],
"known_not_affected": [
"7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-1:4.3.5-202003020117.git.0.4eb885c.el7.src",
"7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-1:4.3.5-202003020117.git.0.4eb885c.el7.x86_64",
"7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-svcat-1:4.3.5-202003020117.git.0.4eb885c.el7.x86_64",
"7Server-RH7-RHOSE-4.3:atomic-openshift-service-idler-0:4.3.5-202003020117.git.13.3ac2b0e.el7.src",
"7Server-RH7-RHOSE-4.3:atomic-openshift-service-idler-0:4.3.5-202003020117.git.13.3ac2b0e.el7.x86_64",
"7Server-RH7-RHOSE-4.3:cri-tools-0:1.17.0-1.el7.src",
"7Server-RH7-RHOSE-4.3:cri-tools-0:1.17.0-1.el7.x86_64",
"7Server-RH7-RHOSE-4.3:cri-tools-debuginfo-0:1.17.0-1.el7.x86_64",
"7Server-RH7-RHOSE-4.3:jenkins-2-plugins-0:4.3.1583445947-1.el7.noarch",
"7Server-RH7-RHOSE-4.3:jenkins-2-plugins-0:4.3.1583445947-1.el7.src",
"7Server-RH7-RHOSE-4.3:openshift-0:4.3.5-202002280657.git.0.b3bfb5a.el7.src",
"7Server-RH7-RHOSE-4.3:openshift-ansible-0:4.3.5-202002280657.git.1.e4f02b3.el7.noarch",
"7Server-RH7-RHOSE-4.3:openshift-ansible-0:4.3.5-202002280657.git.1.e4f02b3.el7.src",
"7Server-RH7-RHOSE-4.3:openshift-ansible-test-0:4.3.5-202002280657.git.1.e4f02b3.el7.noarch",
"7Server-RH7-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el7.src",
"7Server-RH7-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el7.x86_64",
"7Server-RH7-RHOSE-4.3:openshift-clients-redistributable-0:4.3.5-202002280657.git.1.55a9334.el7.x86_64",
"7Server-RH7-RHOSE-4.3:openshift-hyperkube-0:4.3.5-202002280657.git.0.b3bfb5a.el7.x86_64",
"7Server-RH7-RHOSE-4.3:ovn2.12-0:2.12.0-32.el7fdn.src",
"7Server-RH7-RHOSE-4.3:ovn2.12-0:2.12.0-32.el7fdn.x86_64",
"7Server-RH7-RHOSE-4.3:ovn2.12-central-0:2.12.0-32.el7fdn.x86_64",
"7Server-RH7-RHOSE-4.3:ovn2.12-debuginfo-0:2.12.0-32.el7fdn.x86_64",
"7Server-RH7-RHOSE-4.3:ovn2.12-host-0:2.12.0-32.el7fdn.x86_64",
"7Server-RH7-RHOSE-4.3:ovn2.12-vtep-0:2.12.0-32.el7fdn.x86_64",
"8Base-RHOSE-4.3:buildah-0:1.11.6-4.el8.src",
"8Base-RHOSE-4.3:buildah-0:1.11.6-4.el8.x86_64",
"8Base-RHOSE-4.3:buildah-debuginfo-0:1.11.6-4.el8.x86_64",
"8Base-RHOSE-4.3:buildah-debugsource-0:1.11.6-4.el8.x86_64",
"8Base-RHOSE-4.3:buildah-tests-0:1.11.6-4.el8.x86_64",
"8Base-RHOSE-4.3:buildah-tests-debuginfo-0:1.11.6-4.el8.x86_64",
"8Base-RHOSE-4.3:containers-common-1:0.1.40-4.rhaos.el8.x86_64",
"8Base-RHOSE-4.3:cri-o-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.src",
"8Base-RHOSE-4.3:cri-o-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.x86_64",
"8Base-RHOSE-4.3:cri-o-debuginfo-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.x86_64",
"8Base-RHOSE-4.3:cri-o-debugsource-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.x86_64",
"8Base-RHOSE-4.3:cri-tools-0:1.17.0-2.el8.src",
"8Base-RHOSE-4.3:cri-tools-0:1.17.0-2.el8.x86_64",
"8Base-RHOSE-4.3:cri-tools-debuginfo-0:1.17.0-2.el8.x86_64",
"8Base-RHOSE-4.3:cri-tools-debugsource-0:1.17.0-2.el8.x86_64",
"8Base-RHOSE-4.3:machine-config-daemon-0:4.3.5-202003020117.git.0.61e0e48.el8.src",
"8Base-RHOSE-4.3:machine-config-daemon-0:4.3.5-202003020117.git.0.61e0e48.el8.x86_64",
"8Base-RHOSE-4.3:openshift-0:4.3.5-202002280657.git.0.b3bfb5a.el8.src",
"8Base-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el8.src",
"8Base-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el8.x86_64",
"8Base-RHOSE-4.3:openshift-clients-redistributable-0:4.3.5-202002280657.git.1.55a9334.el8.x86_64",
"8Base-RHOSE-4.3:openshift-hyperkube-0:4.3.5-202002280657.git.0.b3bfb5a.el8.x86_64",
"8Base-RHOSE-4.3:openshift-kuryr-0:4.3.5-202003020117.git.0.237579a.el8.src",
"8Base-RHOSE-4.3:openshift-kuryr-cni-0:4.3.5-202003020117.git.0.237579a.el8.noarch",
"8Base-RHOSE-4.3:openshift-kuryr-common-0:4.3.5-202003020117.git.0.237579a.el8.noarch",
"8Base-RHOSE-4.3:openshift-kuryr-controller-0:4.3.5-202003020117.git.0.237579a.el8.noarch",
"8Base-RHOSE-4.3:python3-kuryr-kubernetes-0:4.3.5-202003020117.git.0.237579a.el8.noarch",
"8Base-RHOSE-4.3:runc-0:1.0.0-65.rc10.rhaos4.3.el8.src",
"8Base-RHOSE-4.3:runc-0:1.0.0-65.rc10.rhaos4.3.el8.x86_64",
"8Base-RHOSE-4.3:runc-debuginfo-0:1.0.0-65.rc10.rhaos4.3.el8.x86_64",
"8Base-RHOSE-4.3:runc-debugsource-0:1.0.0-65.rc10.rhaos4.3.el8.x86_64",
"8Base-RHOSE-4.3:skopeo-1:0.1.40-4.rhaos.el8.src",
"8Base-RHOSE-4.3:skopeo-1:0.1.40-4.rhaos.el8.x86_64",
"8Base-RHOSE-4.3:skopeo-debuginfo-1:0.1.40-4.rhaos.el8.x86_64",
"8Base-RHOSE-4.3:skopeo-debugsource-1:0.1.40-4.rhaos.el8.x86_64",
"8Base-RHOSE-4.3:skopeo-tests-1:0.1.40-4.rhaos.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-2105"
},
{
"category": "external",
"summary": "RHBZ#1797068",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1797068"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-2105",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2105"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-2105",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-2105"
}
],
"release_date": "2020-01-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-03-10T22:10:58+00:00",
"details": "Before applying this update, ensure all previously released errata relevant\nto your system have been applied.\n\nFor OpenShift Container Platform 4.3 see the following documentation, which\nwill be updated shortly for release 4.3.5, for important instructions on\nhow to upgrade your cluster and fully apply this asynchronous errata\nupdate:\n\nhttps://docs.openshift.com/container-platform/4.3/release_notes/ocp-4-3-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.3/updating/updating-cluster-cli.html.",
"product_ids": [
"7Server-RH7-RHOSE-4.3:jenkins-0:2.204.2.1583446818-1.el7.noarch",
"7Server-RH7-RHOSE-4.3:jenkins-0:2.204.2.1583446818-1.el7.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHBA-2020:0675"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.1,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-1:4.3.5-202003020117.git.0.4eb885c.el7.src",
"7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-1:4.3.5-202003020117.git.0.4eb885c.el7.x86_64",
"7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-svcat-1:4.3.5-202003020117.git.0.4eb885c.el7.x86_64",
"7Server-RH7-RHOSE-4.3:atomic-openshift-service-idler-0:4.3.5-202003020117.git.13.3ac2b0e.el7.src",
"7Server-RH7-RHOSE-4.3:atomic-openshift-service-idler-0:4.3.5-202003020117.git.13.3ac2b0e.el7.x86_64",
"7Server-RH7-RHOSE-4.3:cri-tools-0:1.17.0-1.el7.src",
"7Server-RH7-RHOSE-4.3:cri-tools-0:1.17.0-1.el7.x86_64",
"7Server-RH7-RHOSE-4.3:cri-tools-debuginfo-0:1.17.0-1.el7.x86_64",
"7Server-RH7-RHOSE-4.3:jenkins-0:2.204.2.1583446818-1.el7.noarch",
"7Server-RH7-RHOSE-4.3:jenkins-0:2.204.2.1583446818-1.el7.src",
"7Server-RH7-RHOSE-4.3:jenkins-2-plugins-0:4.3.1583445947-1.el7.noarch",
"7Server-RH7-RHOSE-4.3:jenkins-2-plugins-0:4.3.1583445947-1.el7.src",
"7Server-RH7-RHOSE-4.3:openshift-0:4.3.5-202002280657.git.0.b3bfb5a.el7.src",
"7Server-RH7-RHOSE-4.3:openshift-ansible-0:4.3.5-202002280657.git.1.e4f02b3.el7.noarch",
"7Server-RH7-RHOSE-4.3:openshift-ansible-0:4.3.5-202002280657.git.1.e4f02b3.el7.src",
"7Server-RH7-RHOSE-4.3:openshift-ansible-test-0:4.3.5-202002280657.git.1.e4f02b3.el7.noarch",
"7Server-RH7-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el7.src",
"7Server-RH7-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el7.x86_64",
"7Server-RH7-RHOSE-4.3:openshift-clients-redistributable-0:4.3.5-202002280657.git.1.55a9334.el7.x86_64",
"7Server-RH7-RHOSE-4.3:openshift-hyperkube-0:4.3.5-202002280657.git.0.b3bfb5a.el7.x86_64",
"7Server-RH7-RHOSE-4.3:ovn2.12-0:2.12.0-32.el7fdn.src",
"7Server-RH7-RHOSE-4.3:ovn2.12-0:2.12.0-32.el7fdn.x86_64",
"7Server-RH7-RHOSE-4.3:ovn2.12-central-0:2.12.0-32.el7fdn.x86_64",
"7Server-RH7-RHOSE-4.3:ovn2.12-debuginfo-0:2.12.0-32.el7fdn.x86_64",
"7Server-RH7-RHOSE-4.3:ovn2.12-host-0:2.12.0-32.el7fdn.x86_64",
"7Server-RH7-RHOSE-4.3:ovn2.12-vtep-0:2.12.0-32.el7fdn.x86_64",
"8Base-RHOSE-4.3:buildah-0:1.11.6-4.el8.src",
"8Base-RHOSE-4.3:buildah-0:1.11.6-4.el8.x86_64",
"8Base-RHOSE-4.3:buildah-debuginfo-0:1.11.6-4.el8.x86_64",
"8Base-RHOSE-4.3:buildah-debugsource-0:1.11.6-4.el8.x86_64",
"8Base-RHOSE-4.3:buildah-tests-0:1.11.6-4.el8.x86_64",
"8Base-RHOSE-4.3:buildah-tests-debuginfo-0:1.11.6-4.el8.x86_64",
"8Base-RHOSE-4.3:containers-common-1:0.1.40-4.rhaos.el8.x86_64",
"8Base-RHOSE-4.3:cri-o-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.src",
"8Base-RHOSE-4.3:cri-o-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.x86_64",
"8Base-RHOSE-4.3:cri-o-debuginfo-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.x86_64",
"8Base-RHOSE-4.3:cri-o-debugsource-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.x86_64",
"8Base-RHOSE-4.3:cri-tools-0:1.17.0-2.el8.src",
"8Base-RHOSE-4.3:cri-tools-0:1.17.0-2.el8.x86_64",
"8Base-RHOSE-4.3:cri-tools-debuginfo-0:1.17.0-2.el8.x86_64",
"8Base-RHOSE-4.3:cri-tools-debugsource-0:1.17.0-2.el8.x86_64",
"8Base-RHOSE-4.3:machine-config-daemon-0:4.3.5-202003020117.git.0.61e0e48.el8.src",
"8Base-RHOSE-4.3:machine-config-daemon-0:4.3.5-202003020117.git.0.61e0e48.el8.x86_64",
"8Base-RHOSE-4.3:openshift-0:4.3.5-202002280657.git.0.b3bfb5a.el8.src",
"8Base-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el8.src",
"8Base-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el8.x86_64",
"8Base-RHOSE-4.3:openshift-clients-redistributable-0:4.3.5-202002280657.git.1.55a9334.el8.x86_64",
"8Base-RHOSE-4.3:openshift-hyperkube-0:4.3.5-202002280657.git.0.b3bfb5a.el8.x86_64",
"8Base-RHOSE-4.3:openshift-kuryr-0:4.3.5-202003020117.git.0.237579a.el8.src",
"8Base-RHOSE-4.3:openshift-kuryr-cni-0:4.3.5-202003020117.git.0.237579a.el8.noarch",
"8Base-RHOSE-4.3:openshift-kuryr-common-0:4.3.5-202003020117.git.0.237579a.el8.noarch",
"8Base-RHOSE-4.3:openshift-kuryr-controller-0:4.3.5-202003020117.git.0.237579a.el8.noarch",
"8Base-RHOSE-4.3:python3-kuryr-kubernetes-0:4.3.5-202003020117.git.0.237579a.el8.noarch",
"8Base-RHOSE-4.3:runc-0:1.0.0-65.rc10.rhaos4.3.el8.src",
"8Base-RHOSE-4.3:runc-0:1.0.0-65.rc10.rhaos4.3.el8.x86_64",
"8Base-RHOSE-4.3:runc-debuginfo-0:1.0.0-65.rc10.rhaos4.3.el8.x86_64",
"8Base-RHOSE-4.3:runc-debugsource-0:1.0.0-65.rc10.rhaos4.3.el8.x86_64",
"8Base-RHOSE-4.3:skopeo-1:0.1.40-4.rhaos.el8.src",
"8Base-RHOSE-4.3:skopeo-1:0.1.40-4.rhaos.el8.x86_64",
"8Base-RHOSE-4.3:skopeo-debuginfo-1:0.1.40-4.rhaos.el8.x86_64",
"8Base-RHOSE-4.3:skopeo-debugsource-1:0.1.40-4.rhaos.el8.x86_64",
"8Base-RHOSE-4.3:skopeo-tests-1:0.1.40-4.rhaos.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "jenkins: REST APIs vulnerable to clickjacking"
}
]
}
RHBA-2020_0402
Vulnerability from csaf_redhat - Published: 2020-02-19 19:55 - Updated: 2024-11-22 14:24Summary
Red Hat Bug Fix Advisory: OpenShift Container Platform 3.11 bug fix update
Severity
Important
Notes
Topic: Red Hat OpenShift Container Platform release 3.11.170 is now available with
updates to packages and images that fix several bugs.
Details: Red Hat OpenShift Container Platform is Red Hat's cloud computing
Kubernetes application platform solution designed for on-premise or private
cloud deployments.
This advisory contains the RPM packages for Red Hat OpenShift Container
Platform 3.11.170. See the following advisory for the container images for
this release:
https://access.redhat.com/errata/RHBA-2020:0403
This release fixes the following bugs:
* The Cluster Monitoring Operator playbook would reset the CMO ConfigMap every time it was executed, and manual changes to the ConfigMap were lost. Now, etcd monitoring can be configured with Ansible and changes made to the ConfigMap are now persistent when the playbook is executed. (BZ#1703032)
* Prometheeus metrics for ElasticSearch were unavailable to users because the authentication class was instantiated multiple times and without the correct configuration. Now, SAR configuration has been added to the authentication_backend and the multi-tenant plugin executes SARs and allows access to metrics. (BZ#1728856)
* The installer was picking the incorrect version of etcd, reverting to an older package version. Now, the install has been updated to use etcd v3.2.26. (BZ#1744900)
* Redirection for ConfigMap was incorrect, leading to the console page instead of the ConfigMap details page. Now, the navigateResourceURL filter has been supplied with the namespace in the ConfigMap list page. Redirects will apply to the details page of the selected ConfigMap. (BZ#1782695)
* Unexpected iptables rules were saved on the first master host. This was due to the cockpit role operations performed after openshift_sdn roles. Now, the cockpit role runs before the openshift_sdn role and unnecessary sdn rules are not saved during installation. (BZ#1783764)
* Due to an incorrect statement in the heketi-template.yml.j2 template,the HEKETI_LVMWRAPPER environment variable was only included in deployments where Gluster runs on an external cluster, and not in the case where Gluster wass deployed on OpenShift in containers. The environment variable wass needed to specify a wrapper for LVM commands so that the commands can be run on the container node, outside the container. The missing variable results in less stability of the LVM configuration. Now, the statement in the heketi-template.yml.j2 template has been corrected and the HEKETI_LVMWRAPPER environment variable is now configured in the DeploymentConfig for the Heketi container. (BZ#1791667)
All OpenShift Container Platform 3.11 users are advised to upgrade to these
updated packages and images.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A Prototype Pollution vulnerability was found in jquery. Untrusted JSON passed to the `extend` function could lead to modifying objects up the prototype chain, including the global Object. A crafted JSON object passed to a vulnerable method could lead to denial of service or data injection, with various consequences.
5.6 (Medium)
Affected products
Fixed
87 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.170-1.git.1.91db82e.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.170-1.git.1.91db82e.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.170-1.git.0.00cac56.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.170-1.git.0.00cac56.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.170-1.git.0.00cac56.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.170-1.git.0.00cac56.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.170-1.git.1.55fab05.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.170-1.git.1.55fab05.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.170-1.git.0.00cac56.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.170-1.git.0.00cac56.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.170-1.git.0.00cac56.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.170-1.git.0.00cac56.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.170-1.git.0.00cac56.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.170-1.git.0.00cac56.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.170-1.git.0.00cac56.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.170-1.git.0.00cac56.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.170-1.git.0.00cac56.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.170-1.git.0.00cac56.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.170-1.git.0.00cac56.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.170-1.git.0.00cac56.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.170-1.git.0.00cac56.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.170-1.git.0.00cac56.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.170-1.git.0.00cac56.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.170-1.git.0.00cac56.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.170-1.git.0.00cac56.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.170-1.git.1.51473b7.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.170-1.git.1.227bc98.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:jenkins-0:2.204.2.1580891656-1.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:jenkins-0:2.204.2.1580891656-1.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1579107288-1.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1579107288-1.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.170-2.git.5.8802564.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.170-2.git.5.8802564.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.170-2.git.5.8802564.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.170-2.git.5.8802564.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.170-2.git.5.8802564.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.170-2.git.5.8802564.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-kuryr-0:3.11.170-1.git.1.7265da1.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-kuryr-cni-0:3.11.170-1.git.1.7265da1.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-kuryr-common-0:3.11.170-1.git.1.7265da1.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-kuryr-controller-0:3.11.170-1.git.1.7265da1.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:prometheus-0:3.11.170-1.git.1.227bc98.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:prometheus-0:3.11.170-1.git.1.227bc98.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.170-1.git.1.51473b7.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.170-1.git.1.51473b7.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:python2-kuryr-kubernetes-0:3.11.170-1.git.1.7265da1.el7.noarch | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
A flaw was found in Jenkins. Encryption key parameters are improperly reused in the Inbound TCP Agent Protocol/3 allowing unauthorized attackers with knowledge of agent names to obtain the connection secrets for those agents. The highest threat from this vulnerability is to data confidentiality.
8.6 (High)
Affected products
Fixed
87 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.170-1.git.1.91db82e.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.170-1.git.1.91db82e.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.170-1.git.0.00cac56.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.170-1.git.0.00cac56.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.170-1.git.0.00cac56.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.170-1.git.0.00cac56.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.170-1.git.1.55fab05.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.170-1.git.1.55fab05.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.170-1.git.0.00cac56.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.170-1.git.0.00cac56.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.170-1.git.0.00cac56.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.170-1.git.0.00cac56.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.170-1.git.0.00cac56.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.170-1.git.0.00cac56.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.170-1.git.0.00cac56.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.170-1.git.0.00cac56.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.170-1.git.0.00cac56.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.170-1.git.0.00cac56.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.170-1.git.0.00cac56.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.170-1.git.0.00cac56.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.170-1.git.0.00cac56.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.170-1.git.0.00cac56.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.170-1.git.0.00cac56.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.170-1.git.0.00cac56.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.170-1.git.0.00cac56.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.170-1.git.1.51473b7.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.170-1.git.1.227bc98.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:jenkins-0:2.204.2.1580891656-1.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:jenkins-0:2.204.2.1580891656-1.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1579107288-1.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1579107288-1.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.170-2.git.5.8802564.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.170-2.git.5.8802564.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.170-2.git.5.8802564.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.170-2.git.5.8802564.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.170-2.git.5.8802564.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.170-2.git.5.8802564.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-kuryr-0:3.11.170-1.git.1.7265da1.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-kuryr-cni-0:3.11.170-1.git.1.7265da1.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-kuryr-common-0:3.11.170-1.git.1.7265da1.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-kuryr-controller-0:3.11.170-1.git.1.7265da1.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:prometheus-0:3.11.170-1.git.1.227bc98.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:prometheus-0:3.11.170-1.git.1.227bc98.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.170-1.git.1.51473b7.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.170-1.git.1.51473b7.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:python2-kuryr-kubernetes-0:3.11.170-1.git.1.7265da1.el7.noarch | — |
Vendor Fix
fix
|
Threats
Impact
Important
Jenkins 2.218 and earlier, LTS 2.204.1 and earlier was vulnerable to a UDP amplification reflection denial of service attack on port 33848.
5.8 (Medium)
Affected products
Fixed
87 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.170-1.git.1.91db82e.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.170-1.git.1.91db82e.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.170-1.git.0.00cac56.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.170-1.git.0.00cac56.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.170-1.git.0.00cac56.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.170-1.git.0.00cac56.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.170-1.git.1.55fab05.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.170-1.git.1.55fab05.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.170-1.git.0.00cac56.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.170-1.git.0.00cac56.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.170-1.git.0.00cac56.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.170-1.git.0.00cac56.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.170-1.git.0.00cac56.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.170-1.git.0.00cac56.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.170-1.git.0.00cac56.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.170-1.git.0.00cac56.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.170-1.git.0.00cac56.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.170-1.git.0.00cac56.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.170-1.git.0.00cac56.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.170-1.git.0.00cac56.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.170-1.git.0.00cac56.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.170-1.git.0.00cac56.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.170-1.git.0.00cac56.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.170-1.git.0.00cac56.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.170-1.git.0.00cac56.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.170-1.git.1.51473b7.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.170-1.git.1.227bc98.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:jenkins-0:2.204.2.1580891656-1.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:jenkins-0:2.204.2.1580891656-1.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1579107288-1.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1579107288-1.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.170-2.git.5.8802564.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.170-2.git.5.8802564.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.170-2.git.5.8802564.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.170-2.git.5.8802564.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.170-2.git.5.8802564.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.170-2.git.5.8802564.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-kuryr-0:3.11.170-1.git.1.7265da1.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-kuryr-cni-0:3.11.170-1.git.1.7265da1.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-kuryr-common-0:3.11.170-1.git.1.7265da1.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-kuryr-controller-0:3.11.170-1.git.1.7265da1.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:prometheus-0:3.11.170-1.git.1.227bc98.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:prometheus-0:3.11.170-1.git.1.227bc98.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.170-1.git.1.51473b7.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.170-1.git.1.51473b7.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:python2-kuryr-kubernetes-0:3.11.170-1.git.1.7265da1.el7.noarch | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
Jenkins 2.218 and earlier, LTS 2.204.1 and earlier did not use a constant-time comparison function for validating connection secrets, which could potentially allow an attacker to use a timing attack to obtain this secret.
5.3 (Medium)
Affected products
Fixed
87 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.170-1.git.1.91db82e.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.170-1.git.1.91db82e.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.170-1.git.0.00cac56.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.170-1.git.0.00cac56.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.170-1.git.0.00cac56.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.170-1.git.0.00cac56.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.170-1.git.1.55fab05.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.170-1.git.1.55fab05.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.170-1.git.0.00cac56.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.170-1.git.0.00cac56.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.170-1.git.0.00cac56.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.170-1.git.0.00cac56.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.170-1.git.0.00cac56.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.170-1.git.0.00cac56.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.170-1.git.0.00cac56.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.170-1.git.0.00cac56.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.170-1.git.0.00cac56.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.170-1.git.0.00cac56.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.170-1.git.0.00cac56.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.170-1.git.0.00cac56.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.170-1.git.0.00cac56.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.170-1.git.0.00cac56.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.170-1.git.0.00cac56.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.170-1.git.0.00cac56.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.170-1.git.0.00cac56.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.170-1.git.1.51473b7.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.170-1.git.1.227bc98.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:jenkins-0:2.204.2.1580891656-1.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:jenkins-0:2.204.2.1580891656-1.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1579107288-1.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1579107288-1.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.170-2.git.5.8802564.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.170-2.git.5.8802564.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.170-2.git.5.8802564.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.170-2.git.5.8802564.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.170-2.git.5.8802564.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.170-2.git.5.8802564.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-kuryr-0:3.11.170-1.git.1.7265da1.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-kuryr-cni-0:3.11.170-1.git.1.7265da1.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-kuryr-common-0:3.11.170-1.git.1.7265da1.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-kuryr-controller-0:3.11.170-1.git.1.7265da1.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:prometheus-0:3.11.170-1.git.1.227bc98.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:prometheus-0:3.11.170-1.git.1.227bc98.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.170-1.git.1.51473b7.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.170-1.git.1.51473b7.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:python2-kuryr-kubernetes-0:3.11.170-1.git.1.7265da1.el7.noarch | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
Jenkins 2.218 and earlier, LTS 2.204.1 and earlier used a non-constant time comparison function when validating an HMAC.
5.3 (Medium)
Affected products
Fixed
87 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.170-1.git.1.91db82e.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.170-1.git.1.91db82e.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.170-1.git.0.00cac56.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.170-1.git.0.00cac56.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.170-1.git.0.00cac56.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.170-1.git.0.00cac56.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.170-1.git.1.55fab05.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.170-1.git.1.55fab05.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.170-1.git.0.00cac56.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.170-1.git.0.00cac56.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.170-1.git.0.00cac56.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.170-1.git.0.00cac56.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.170-1.git.0.00cac56.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.170-1.git.0.00cac56.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.170-1.git.0.00cac56.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.170-1.git.0.00cac56.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.170-1.git.0.00cac56.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.170-1.git.0.00cac56.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.170-1.git.0.00cac56.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.170-1.git.0.00cac56.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.170-1.git.0.00cac56.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.170-1.git.0.00cac56.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.170-1.git.0.00cac56.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.170-1.git.0.00cac56.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.170-1.git.0.00cac56.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.170-1.git.1.51473b7.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.170-1.git.1.227bc98.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:jenkins-0:2.204.2.1580891656-1.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:jenkins-0:2.204.2.1580891656-1.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1579107288-1.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1579107288-1.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.170-2.git.5.8802564.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.170-2.git.5.8802564.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.170-2.git.5.8802564.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.170-2.git.5.8802564.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.170-2.git.5.8802564.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.170-2.git.5.8802564.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-kuryr-0:3.11.170-1.git.1.7265da1.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-kuryr-cni-0:3.11.170-1.git.1.7265da1.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-kuryr-common-0:3.11.170-1.git.1.7265da1.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-kuryr-controller-0:3.11.170-1.git.1.7265da1.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:prometheus-0:3.11.170-1.git.1.227bc98.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:prometheus-0:3.11.170-1.git.1.227bc98.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.170-1.git.1.51473b7.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.170-1.git.1.51473b7.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:python2-kuryr-kubernetes-0:3.11.170-1.git.1.7265da1.el7.noarch | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
Jenkins 2.218 and earlier, LTS 2.204.1 and earlier exposed session identifiers on a user's detail object in the whoAmI diagnostic page.
4.4 (Medium)
Affected products
Fixed
87 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.170-1.git.1.91db82e.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.170-1.git.1.91db82e.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.170-1.git.0.00cac56.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.170-1.git.0.00cac56.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.170-1.git.0.00cac56.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.170-1.git.0.00cac56.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.170-1.git.1.55fab05.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.170-1.git.1.55fab05.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.170-1.git.0.00cac56.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.170-1.git.0.00cac56.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.170-1.git.0.00cac56.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.170-1.git.0.00cac56.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.170-1.git.0.00cac56.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.170-1.git.0.00cac56.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.170-1.git.0.00cac56.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.170-1.git.0.00cac56.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.170-1.git.0.00cac56.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.170-1.git.0.00cac56.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.170-1.git.0.00cac56.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.170-1.git.0.00cac56.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.170-1.git.0.00cac56.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.170-1.git.0.00cac56.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.170-1.git.0.00cac56.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.170-1.git.0.00cac56.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.170-1.git.0.00cac56.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.170-1.git.1.51473b7.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.170-1.git.1.227bc98.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:jenkins-0:2.204.2.1580891656-1.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:jenkins-0:2.204.2.1580891656-1.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1579107288-1.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1579107288-1.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.170-2.git.5.8802564.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.170-2.git.5.8802564.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.170-2.git.5.8802564.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.170-2.git.5.8802564.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.170-2.git.5.8802564.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.170-2.git.5.8802564.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-kuryr-0:3.11.170-1.git.1.7265da1.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-kuryr-cni-0:3.11.170-1.git.1.7265da1.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-kuryr-common-0:3.11.170-1.git.1.7265da1.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-kuryr-controller-0:3.11.170-1.git.1.7265da1.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:prometheus-0:3.11.170-1.git.1.227bc98.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:prometheus-0:3.11.170-1.git.1.227bc98.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.170-1.git.1.51473b7.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.170-1.git.1.51473b7.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:python2-kuryr-kubernetes-0:3.11.170-1.git.1.7265da1.el7.noarch | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
Jenkins 2.218 and earlier, LTS 2.204.1 and earlier allowed users with Overall/Read access to view a JVM memory usage chart.
4.3 (Medium)
Affected products
Fixed
87 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.170-1.git.1.91db82e.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.170-1.git.1.91db82e.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.170-1.git.0.00cac56.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.170-1.git.0.00cac56.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.170-1.git.0.00cac56.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.170-1.git.0.00cac56.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.170-1.git.1.55fab05.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.170-1.git.1.55fab05.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.170-1.git.0.00cac56.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.170-1.git.0.00cac56.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.170-1.git.0.00cac56.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.170-1.git.0.00cac56.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.170-1.git.0.00cac56.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.170-1.git.0.00cac56.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.170-1.git.0.00cac56.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.170-1.git.0.00cac56.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.170-1.git.0.00cac56.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.170-1.git.0.00cac56.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.170-1.git.0.00cac56.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.170-1.git.0.00cac56.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.170-1.git.0.00cac56.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.170-1.git.0.00cac56.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.170-1.git.0.00cac56.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.170-1.git.0.00cac56.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.170-1.git.0.00cac56.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.170-1.git.1.51473b7.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.170-1.git.1.227bc98.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:jenkins-0:2.204.2.1580891656-1.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:jenkins-0:2.204.2.1580891656-1.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1579107288-1.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1579107288-1.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.170-2.git.5.8802564.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.170-2.git.5.8802564.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.170-2.git.5.8802564.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.170-2.git.5.8802564.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.170-2.git.5.8802564.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.170-2.git.5.8802564.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-kuryr-0:3.11.170-1.git.1.7265da1.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-kuryr-cni-0:3.11.170-1.git.1.7265da1.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-kuryr-common-0:3.11.170-1.git.1.7265da1.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-kuryr-controller-0:3.11.170-1.git.1.7265da1.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:prometheus-0:3.11.170-1.git.1.227bc98.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:prometheus-0:3.11.170-1.git.1.227bc98.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.170-1.git.1.51473b7.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.170-1.git.1.51473b7.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:python2-kuryr-kubernetes-0:3.11.170-1.git.1.7265da1.el7.noarch | — |
Vendor Fix
fix
|
Threats
Impact
Low
REST API endpoints in Jenkins 2.218 and earlier, LTS 2.204.1 and earlier were vulnerable to clickjacking attacks.
CWE-227 - CWE-227Affected products
Fixed
87 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.170-1.git.1.91db82e.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.170-1.git.1.91db82e.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.170-1.git.0.00cac56.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.170-1.git.0.00cac56.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.170-1.git.0.00cac56.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.170-1.git.0.00cac56.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.170-1.git.1.55fab05.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.170-1.git.1.55fab05.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.170-1.git.0.00cac56.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.170-1.git.0.00cac56.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.170-1.git.0.00cac56.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.170-1.git.0.00cac56.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.170-1.git.0.00cac56.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.170-1.git.0.00cac56.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.170-1.git.0.00cac56.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.170-1.git.0.00cac56.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.170-1.git.0.00cac56.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.170-1.git.0.00cac56.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.170-1.git.0.00cac56.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.170-1.git.0.00cac56.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.170-1.git.0.00cac56.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.170-1.git.0.00cac56.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.170-1.git.0.00cac56.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.170-1.git.0.00cac56.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.170-1.git.0.00cac56.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.170-1.git.1.51473b7.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.170-1.git.1.227bc98.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:jenkins-0:2.204.2.1580891656-1.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:jenkins-0:2.204.2.1580891656-1.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1579107288-1.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1579107288-1.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.170-2.git.5.8802564.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.170-2.git.5.8802564.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.170-2.git.5.8802564.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.170-2.git.5.8802564.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.170-2.git.5.8802564.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.170-2.git.5.8802564.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-kuryr-0:3.11.170-1.git.1.7265da1.el7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-kuryr-cni-0:3.11.170-1.git.1.7265da1.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-kuryr-common-0:3.11.170-1.git.1.7265da1.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:openshift-kuryr-controller-0:3.11.170-1.git.1.7265da1.el7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:prometheus-0:3.11.170-1.git.1.227bc98.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:prometheus-0:3.11.170-1.git.1.227bc98.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.170-1.git.1.51473b7.el7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.170-1.git.1.51473b7.el7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RH7-RHOSE-3.11:python2-kuryr-kubernetes-0:3.11.170-1.git.1.7265da1.el7.noarch | — |
Vendor Fix
fix
|
Threats
Impact
Low
References
49 references
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Red Hat OpenShift Container Platform release 3.11.170 is now available with\nupdates to packages and images that fix several bugs.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat OpenShift Container Platform is Red Hat\u0027s cloud computing\nKubernetes application platform solution designed for on-premise or private\ncloud deployments.\n\nThis advisory contains the RPM packages for Red Hat OpenShift Container\nPlatform 3.11.170. See the following advisory for the container images for\nthis release:\n\nhttps://access.redhat.com/errata/RHBA-2020:0403\n\nThis release fixes the following bugs:\n\n* The Cluster Monitoring Operator playbook would reset the CMO ConfigMap every time it was executed, and manual changes to the ConfigMap were lost. Now, etcd monitoring can be configured with Ansible and changes made to the ConfigMap are now persistent when the playbook is executed. (BZ#1703032)\n\n* Prometheeus metrics for ElasticSearch were unavailable to users because the authentication class was instantiated multiple times and without the correct configuration. Now, SAR configuration has been added to the authentication_backend and the multi-tenant plugin executes SARs and allows access to metrics. (BZ#1728856)\n\n* The installer was picking the incorrect version of etcd, reverting to an older package version. Now, the install has been updated to use etcd v3.2.26. (BZ#1744900)\n\n* Redirection for ConfigMap was incorrect, leading to the console page instead of the ConfigMap details page. Now, the navigateResourceURL filter has been supplied with the namespace in the ConfigMap list page. Redirects will apply to the details page of the selected ConfigMap. (BZ#1782695)\n\n* Unexpected iptables rules were saved on the first master host. This was due to the cockpit role operations performed after openshift_sdn roles. Now, the cockpit role runs before the openshift_sdn role and unnecessary sdn rules are not saved during installation. (BZ#1783764)\n\n* Due to an incorrect statement in the heketi-template.yml.j2 template,the HEKETI_LVMWRAPPER environment variable was only included in deployments where Gluster runs on an external cluster, and not in the case where Gluster wass deployed on OpenShift in containers. The environment variable wass needed to specify a wrapper for LVM commands so that the commands can be run on the container node, outside the container. The missing variable results in less stability of the LVM configuration. Now, the statement in the heketi-template.yml.j2 template has been corrected and the HEKETI_LVMWRAPPER environment variable is now configured in the DeploymentConfig for the Heketi container. (BZ#1791667)\n\nAll OpenShift Container Platform 3.11 users are advised to upgrade to these\nupdated packages and images.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHBA-2020:0402",
"url": "https://access.redhat.com/errata/RHBA-2020:0402"
},
{
"category": "external",
"summary": "1670380",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1670380"
},
{
"category": "external",
"summary": "1670587",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1670587"
},
{
"category": "external",
"summary": "1728856",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1728856"
},
{
"category": "external",
"summary": "1744900",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1744900"
},
{
"category": "external",
"summary": "1749765",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1749765"
},
{
"category": "external",
"summary": "1757314",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1757314"
},
{
"category": "external",
"summary": "1757938",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1757938"
},
{
"category": "external",
"summary": "1782695",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1782695"
},
{
"category": "external",
"summary": "1783764",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1783764"
},
{
"category": "external",
"summary": "1791667",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1791667"
},
{
"category": "external",
"summary": "1793628",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1793628"
},
{
"category": "external",
"summary": "1795930",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1795930"
},
{
"category": "external",
"summary": "1798365",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1798365"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2020/rhba-2020_0402.json"
}
],
"title": "Red Hat Bug Fix Advisory: OpenShift Container Platform 3.11 bug fix update",
"tracking": {
"current_release_date": "2024-11-22T14:24:51+00:00",
"generator": {
"date": "2024-11-22T14:24:51+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.1"
}
},
"id": "RHBA-2020:0402",
"initial_release_date": "2020-02-19T19:55:22+00:00",
"revision_history": [
{
"date": "2020-02-19T19:55:22+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2020-02-19T19:55:22+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-22T14:24:51+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat OpenShift Container Platform 3.11",
"product": {
"name": "Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift:3.11::el7"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenShift Enterprise"
},
{
"branches": [
{
"category": "product_version",
"name": "jenkins-2-plugins-0:3.11.1579107288-1.el7.noarch",
"product": {
"name": "jenkins-2-plugins-0:3.11.1579107288-1.el7.noarch",
"product_id": "jenkins-2-plugins-0:3.11.1579107288-1.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jenkins-2-plugins@3.11.1579107288-1.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "openshift-kuryr-cni-0:3.11.170-1.git.1.7265da1.el7.noarch",
"product": {
"name": "openshift-kuryr-cni-0:3.11.170-1.git.1.7265da1.el7.noarch",
"product_id": "openshift-kuryr-cni-0:3.11.170-1.git.1.7265da1.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-kuryr-cni@3.11.170-1.git.1.7265da1.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "openshift-kuryr-common-0:3.11.170-1.git.1.7265da1.el7.noarch",
"product": {
"name": "openshift-kuryr-common-0:3.11.170-1.git.1.7265da1.el7.noarch",
"product_id": "openshift-kuryr-common-0:3.11.170-1.git.1.7265da1.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-kuryr-common@3.11.170-1.git.1.7265da1.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "openshift-kuryr-controller-0:3.11.170-1.git.1.7265da1.el7.noarch",
"product": {
"name": "openshift-kuryr-controller-0:3.11.170-1.git.1.7265da1.el7.noarch",
"product_id": "openshift-kuryr-controller-0:3.11.170-1.git.1.7265da1.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-kuryr-controller@3.11.170-1.git.1.7265da1.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "python2-kuryr-kubernetes-0:3.11.170-1.git.1.7265da1.el7.noarch",
"product": {
"name": "python2-kuryr-kubernetes-0:3.11.170-1.git.1.7265da1.el7.noarch",
"product_id": "python2-kuryr-kubernetes-0:3.11.170-1.git.1.7265da1.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python2-kuryr-kubernetes@3.11.170-1.git.1.7265da1.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "atomic-openshift-docker-excluder-0:3.11.170-1.git.0.00cac56.el7.noarch",
"product": {
"name": "atomic-openshift-docker-excluder-0:3.11.170-1.git.0.00cac56.el7.noarch",
"product_id": "atomic-openshift-docker-excluder-0:3.11.170-1.git.0.00cac56.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/atomic-openshift-docker-excluder@3.11.170-1.git.0.00cac56.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "atomic-openshift-excluder-0:3.11.170-1.git.0.00cac56.el7.noarch",
"product": {
"name": "atomic-openshift-excluder-0:3.11.170-1.git.0.00cac56.el7.noarch",
"product_id": "atomic-openshift-excluder-0:3.11.170-1.git.0.00cac56.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/atomic-openshift-excluder@3.11.170-1.git.0.00cac56.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jenkins-0:2.204.2.1580891656-1.el7.noarch",
"product": {
"name": "jenkins-0:2.204.2.1580891656-1.el7.noarch",
"product_id": "jenkins-0:2.204.2.1580891656-1.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jenkins@2.204.2.1580891656-1.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "openshift-ansible-0:3.11.170-2.git.5.8802564.el7.noarch",
"product": {
"name": "openshift-ansible-0:3.11.170-2.git.5.8802564.el7.noarch",
"product_id": "openshift-ansible-0:3.11.170-2.git.5.8802564.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-ansible@3.11.170-2.git.5.8802564.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "openshift-ansible-docs-0:3.11.170-2.git.5.8802564.el7.noarch",
"product": {
"name": "openshift-ansible-docs-0:3.11.170-2.git.5.8802564.el7.noarch",
"product_id": "openshift-ansible-docs-0:3.11.170-2.git.5.8802564.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-ansible-docs@3.11.170-2.git.5.8802564.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "openshift-ansible-playbooks-0:3.11.170-2.git.5.8802564.el7.noarch",
"product": {
"name": "openshift-ansible-playbooks-0:3.11.170-2.git.5.8802564.el7.noarch",
"product_id": "openshift-ansible-playbooks-0:3.11.170-2.git.5.8802564.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-ansible-playbooks@3.11.170-2.git.5.8802564.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "openshift-ansible-roles-0:3.11.170-2.git.5.8802564.el7.noarch",
"product": {
"name": "openshift-ansible-roles-0:3.11.170-2.git.5.8802564.el7.noarch",
"product_id": "openshift-ansible-roles-0:3.11.170-2.git.5.8802564.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-ansible-roles@3.11.170-2.git.5.8802564.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "openshift-ansible-test-0:3.11.170-2.git.5.8802564.el7.noarch",
"product": {
"name": "openshift-ansible-test-0:3.11.170-2.git.5.8802564.el7.noarch",
"product_id": "openshift-ansible-test-0:3.11.170-2.git.5.8802564.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-ansible-test@3.11.170-2.git.5.8802564.el7?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "jenkins-2-plugins-0:3.11.1579107288-1.el7.src",
"product": {
"name": "jenkins-2-plugins-0:3.11.1579107288-1.el7.src",
"product_id": "jenkins-2-plugins-0:3.11.1579107288-1.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jenkins-2-plugins@3.11.1579107288-1.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.src",
"product": {
"name": "atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.src",
"product_id": "atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/atomic-openshift-metrics-server@3.11.170-1.git.1.357f177.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.src",
"product": {
"name": "atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.src",
"product_id": "atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/atomic-enterprise-service-catalog@3.11.170-1.git.1.91db82e.el7?arch=src\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.src",
"product": {
"name": "atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.src",
"product_id": "atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/atomic-openshift-cluster-autoscaler@3.11.170-1.git.1.0a0df6a.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.src",
"product": {
"name": "atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.src",
"product_id": "atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/atomic-openshift-web-console@3.11.170-1.git.1.3d64e8b.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.src",
"product": {
"name": "openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.src",
"product_id": "openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-enterprise-cluster-capacity@3.11.170-1.git.1.661684b.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.src",
"product": {
"name": "golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.src",
"product_id": "golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-github-openshift-oauth-proxy@3.11.170-1.git.1.b49be83.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "atomic-openshift-dockerregistry-0:3.11.170-1.git.1.55fab05.el7.src",
"product": {
"name": "atomic-openshift-dockerregistry-0:3.11.170-1.git.1.55fab05.el7.src",
"product_id": "atomic-openshift-dockerregistry-0:3.11.170-1.git.1.55fab05.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/atomic-openshift-dockerregistry@3.11.170-1.git.1.55fab05.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "golang-github-prometheus-prometheus-0:3.11.170-1.git.1.227bc98.el7.src",
"product": {
"name": "golang-github-prometheus-prometheus-0:3.11.170-1.git.1.227bc98.el7.src",
"product_id": "golang-github-prometheus-prometheus-0:3.11.170-1.git.1.227bc98.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-github-prometheus-prometheus@3.11.170-1.git.1.227bc98.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.src",
"product": {
"name": "atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.src",
"product_id": "atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/atomic-openshift-service-idler@3.11.170-1.git.1.8328979.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.src",
"product": {
"name": "atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.src",
"product_id": "atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/atomic-openshift-descheduler@3.11.170-1.git.1.9ad83f2.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "golang-github-prometheus-node_exporter-0:3.11.170-1.git.1.51473b7.el7.src",
"product": {
"name": "golang-github-prometheus-node_exporter-0:3.11.170-1.git.1.51473b7.el7.src",
"product_id": "golang-github-prometheus-node_exporter-0:3.11.170-1.git.1.51473b7.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-github-prometheus-node_exporter@3.11.170-1.git.1.51473b7.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.src",
"product": {
"name": "atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.src",
"product_id": "atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/atomic-openshift-node-problem-detector@3.11.170-1.git.1.b1f90a6.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.src",
"product": {
"name": "openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.src",
"product_id": "openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-enterprise-autoheal@3.11.170-1.git.1.dfe6c52.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "golang-github-prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.src",
"product": {
"name": "golang-github-prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.src",
"product_id": "golang-github-prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-github-prometheus-alertmanager@3.11.170-1.git.1.61d7960.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "openshift-kuryr-0:3.11.170-1.git.1.7265da1.el7.src",
"product": {
"name": "openshift-kuryr-0:3.11.170-1.git.1.7265da1.el7.src",
"product_id": "openshift-kuryr-0:3.11.170-1.git.1.7265da1.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-kuryr@3.11.170-1.git.1.7265da1.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.src",
"product": {
"name": "atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.src",
"product_id": "atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/atomic-openshift@3.11.170-1.git.0.00cac56.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jenkins-0:2.204.2.1580891656-1.el7.src",
"product": {
"name": "jenkins-0:2.204.2.1580891656-1.el7.src",
"product_id": "jenkins-0:2.204.2.1580891656-1.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jenkins@2.204.2.1580891656-1.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "openshift-ansible-0:3.11.170-2.git.5.8802564.el7.src",
"product": {
"name": "openshift-ansible-0:3.11.170-2.git.5.8802564.el7.src",
"product_id": "openshift-ansible-0:3.11.170-2.git.5.8802564.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-ansible@3.11.170-2.git.5.8802564.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.src",
"product": {
"name": "cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.src",
"product_id": "cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cri-o@1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.ppc64le",
"product": {
"name": "atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.ppc64le",
"product_id": "atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/atomic-openshift-metrics-server@3.11.170-1.git.1.357f177.el7?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.ppc64le",
"product": {
"name": "atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.ppc64le",
"product_id": "atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/atomic-enterprise-service-catalog@3.11.170-1.git.1.91db82e.el7?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "atomic-enterprise-service-catalog-svcat-1:3.11.170-1.git.1.91db82e.el7.ppc64le",
"product": {
"name": "atomic-enterprise-service-catalog-svcat-1:3.11.170-1.git.1.91db82e.el7.ppc64le",
"product_id": "atomic-enterprise-service-catalog-svcat-1:3.11.170-1.git.1.91db82e.el7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/atomic-enterprise-service-catalog-svcat@3.11.170-1.git.1.91db82e.el7?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.ppc64le",
"product": {
"name": "atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.ppc64le",
"product_id": "atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/atomic-openshift-cluster-autoscaler@3.11.170-1.git.1.0a0df6a.el7?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.ppc64le",
"product": {
"name": "atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.ppc64le",
"product_id": "atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/atomic-openshift-web-console@3.11.170-1.git.1.3d64e8b.el7?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.ppc64le",
"product": {
"name": "openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.ppc64le",
"product_id": "openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-enterprise-cluster-capacity@3.11.170-1.git.1.661684b.el7?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.ppc64le",
"product": {
"name": "golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.ppc64le",
"product_id": "golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-github-openshift-oauth-proxy@3.11.170-1.git.1.b49be83.el7?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "prometheus-0:3.11.170-1.git.1.227bc98.el7.ppc64le",
"product": {
"name": "prometheus-0:3.11.170-1.git.1.227bc98.el7.ppc64le",
"product_id": "prometheus-0:3.11.170-1.git.1.227bc98.el7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/prometheus@3.11.170-1.git.1.227bc98.el7?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.ppc64le",
"product": {
"name": "atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.ppc64le",
"product_id": "atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/atomic-openshift-service-idler@3.11.170-1.git.1.8328979.el7?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.ppc64le",
"product": {
"name": "atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.ppc64le",
"product_id": "atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/atomic-openshift-descheduler@3.11.170-1.git.1.9ad83f2.el7?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "prometheus-node-exporter-0:3.11.170-1.git.1.51473b7.el7.ppc64le",
"product": {
"name": "prometheus-node-exporter-0:3.11.170-1.git.1.51473b7.el7.ppc64le",
"product_id": "prometheus-node-exporter-0:3.11.170-1.git.1.51473b7.el7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/prometheus-node-exporter@3.11.170-1.git.1.51473b7.el7?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.ppc64le",
"product": {
"name": "atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.ppc64le",
"product_id": "atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/atomic-openshift-node-problem-detector@3.11.170-1.git.1.b1f90a6.el7?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.ppc64le",
"product": {
"name": "openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.ppc64le",
"product_id": "openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-enterprise-autoheal@3.11.170-1.git.1.dfe6c52.el7?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.ppc64le",
"product": {
"name": "prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.ppc64le",
"product_id": "prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/prometheus-alertmanager@3.11.170-1.git.1.61d7960.el7?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"product": {
"name": "atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"product_id": "atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/atomic-openshift@3.11.170-1.git.0.00cac56.el7?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "atomic-openshift-clients-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"product": {
"name": "atomic-openshift-clients-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"product_id": "atomic-openshift-clients-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/atomic-openshift-clients@3.11.170-1.git.0.00cac56.el7?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "atomic-openshift-hyperkube-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"product": {
"name": "atomic-openshift-hyperkube-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"product_id": "atomic-openshift-hyperkube-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/atomic-openshift-hyperkube@3.11.170-1.git.0.00cac56.el7?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "atomic-openshift-hypershift-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"product": {
"name": "atomic-openshift-hypershift-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"product_id": "atomic-openshift-hypershift-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/atomic-openshift-hypershift@3.11.170-1.git.0.00cac56.el7?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "atomic-openshift-master-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"product": {
"name": "atomic-openshift-master-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"product_id": "atomic-openshift-master-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/atomic-openshift-master@3.11.170-1.git.0.00cac56.el7?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "atomic-openshift-node-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"product": {
"name": "atomic-openshift-node-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"product_id": "atomic-openshift-node-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/atomic-openshift-node@3.11.170-1.git.0.00cac56.el7?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "atomic-openshift-pod-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"product": {
"name": "atomic-openshift-pod-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"product_id": "atomic-openshift-pod-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/atomic-openshift-pod@3.11.170-1.git.0.00cac56.el7?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "atomic-openshift-sdn-ovs-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"product": {
"name": "atomic-openshift-sdn-ovs-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"product_id": "atomic-openshift-sdn-ovs-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/atomic-openshift-sdn-ovs@3.11.170-1.git.0.00cac56.el7?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "atomic-openshift-template-service-broker-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"product": {
"name": "atomic-openshift-template-service-broker-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"product_id": "atomic-openshift-template-service-broker-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/atomic-openshift-template-service-broker@3.11.170-1.git.0.00cac56.el7?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "atomic-openshift-tests-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"product": {
"name": "atomic-openshift-tests-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"product_id": "atomic-openshift-tests-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/atomic-openshift-tests@3.11.170-1.git.0.00cac56.el7?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.ppc64le",
"product": {
"name": "cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.ppc64le",
"product_id": "cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cri-o@1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "cri-o-debuginfo-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.ppc64le",
"product": {
"name": "cri-o-debuginfo-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.ppc64le",
"product_id": "cri-o-debuginfo-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cri-o-debuginfo@1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7?arch=ppc64le"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.x86_64",
"product": {
"name": "atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.x86_64",
"product_id": "atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/atomic-openshift-metrics-server@3.11.170-1.git.1.357f177.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.x86_64",
"product": {
"name": "atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.x86_64",
"product_id": "atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/atomic-enterprise-service-catalog@3.11.170-1.git.1.91db82e.el7?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "atomic-enterprise-service-catalog-svcat-1:3.11.170-1.git.1.91db82e.el7.x86_64",
"product": {
"name": "atomic-enterprise-service-catalog-svcat-1:3.11.170-1.git.1.91db82e.el7.x86_64",
"product_id": "atomic-enterprise-service-catalog-svcat-1:3.11.170-1.git.1.91db82e.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/atomic-enterprise-service-catalog-svcat@3.11.170-1.git.1.91db82e.el7?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.x86_64",
"product": {
"name": "atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.x86_64",
"product_id": "atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/atomic-openshift-cluster-autoscaler@3.11.170-1.git.1.0a0df6a.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.x86_64",
"product": {
"name": "atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.x86_64",
"product_id": "atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/atomic-openshift-web-console@3.11.170-1.git.1.3d64e8b.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.x86_64",
"product": {
"name": "openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.x86_64",
"product_id": "openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-enterprise-cluster-capacity@3.11.170-1.git.1.661684b.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.x86_64",
"product": {
"name": "golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.x86_64",
"product_id": "golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-github-openshift-oauth-proxy@3.11.170-1.git.1.b49be83.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "atomic-openshift-dockerregistry-0:3.11.170-1.git.1.55fab05.el7.x86_64",
"product": {
"name": "atomic-openshift-dockerregistry-0:3.11.170-1.git.1.55fab05.el7.x86_64",
"product_id": "atomic-openshift-dockerregistry-0:3.11.170-1.git.1.55fab05.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/atomic-openshift-dockerregistry@3.11.170-1.git.1.55fab05.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "prometheus-0:3.11.170-1.git.1.227bc98.el7.x86_64",
"product": {
"name": "prometheus-0:3.11.170-1.git.1.227bc98.el7.x86_64",
"product_id": "prometheus-0:3.11.170-1.git.1.227bc98.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/prometheus@3.11.170-1.git.1.227bc98.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.x86_64",
"product": {
"name": "atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.x86_64",
"product_id": "atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/atomic-openshift-service-idler@3.11.170-1.git.1.8328979.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.x86_64",
"product": {
"name": "atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.x86_64",
"product_id": "atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/atomic-openshift-descheduler@3.11.170-1.git.1.9ad83f2.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "prometheus-node-exporter-0:3.11.170-1.git.1.51473b7.el7.x86_64",
"product": {
"name": "prometheus-node-exporter-0:3.11.170-1.git.1.51473b7.el7.x86_64",
"product_id": "prometheus-node-exporter-0:3.11.170-1.git.1.51473b7.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/prometheus-node-exporter@3.11.170-1.git.1.51473b7.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.x86_64",
"product": {
"name": "atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.x86_64",
"product_id": "atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/atomic-openshift-node-problem-detector@3.11.170-1.git.1.b1f90a6.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.x86_64",
"product": {
"name": "openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.x86_64",
"product_id": "openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-enterprise-autoheal@3.11.170-1.git.1.dfe6c52.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.x86_64",
"product": {
"name": "prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.x86_64",
"product_id": "prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/prometheus-alertmanager@3.11.170-1.git.1.61d7960.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"product": {
"name": "atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"product_id": "atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/atomic-openshift@3.11.170-1.git.0.00cac56.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "atomic-openshift-clients-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"product": {
"name": "atomic-openshift-clients-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"product_id": "atomic-openshift-clients-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/atomic-openshift-clients@3.11.170-1.git.0.00cac56.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "atomic-openshift-clients-redistributable-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"product": {
"name": "atomic-openshift-clients-redistributable-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"product_id": "atomic-openshift-clients-redistributable-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/atomic-openshift-clients-redistributable@3.11.170-1.git.0.00cac56.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "atomic-openshift-hyperkube-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"product": {
"name": "atomic-openshift-hyperkube-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"product_id": "atomic-openshift-hyperkube-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/atomic-openshift-hyperkube@3.11.170-1.git.0.00cac56.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "atomic-openshift-hypershift-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"product": {
"name": "atomic-openshift-hypershift-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"product_id": "atomic-openshift-hypershift-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/atomic-openshift-hypershift@3.11.170-1.git.0.00cac56.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "atomic-openshift-master-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"product": {
"name": "atomic-openshift-master-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"product_id": "atomic-openshift-master-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/atomic-openshift-master@3.11.170-1.git.0.00cac56.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "atomic-openshift-node-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"product": {
"name": "atomic-openshift-node-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"product_id": "atomic-openshift-node-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/atomic-openshift-node@3.11.170-1.git.0.00cac56.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "atomic-openshift-pod-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"product": {
"name": "atomic-openshift-pod-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"product_id": "atomic-openshift-pod-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/atomic-openshift-pod@3.11.170-1.git.0.00cac56.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "atomic-openshift-sdn-ovs-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"product": {
"name": "atomic-openshift-sdn-ovs-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"product_id": "atomic-openshift-sdn-ovs-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/atomic-openshift-sdn-ovs@3.11.170-1.git.0.00cac56.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "atomic-openshift-template-service-broker-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"product": {
"name": "atomic-openshift-template-service-broker-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"product_id": "atomic-openshift-template-service-broker-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/atomic-openshift-template-service-broker@3.11.170-1.git.0.00cac56.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "atomic-openshift-tests-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"product": {
"name": "atomic-openshift-tests-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"product_id": "atomic-openshift-tests-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/atomic-openshift-tests@3.11.170-1.git.0.00cac56.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.x86_64",
"product": {
"name": "cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.x86_64",
"product_id": "cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cri-o@1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "cri-o-debuginfo-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.x86_64",
"product": {
"name": "cri-o-debuginfo-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.x86_64",
"product_id": "cri-o-debuginfo-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cri-o-debuginfo@1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.ppc64le"
},
"product_reference": "atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.ppc64le",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.src as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.src"
},
"product_reference": "atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.src",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.x86_64"
},
"product_reference": "atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.x86_64",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "atomic-enterprise-service-catalog-svcat-1:3.11.170-1.git.1.91db82e.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.170-1.git.1.91db82e.el7.ppc64le"
},
"product_reference": "atomic-enterprise-service-catalog-svcat-1:3.11.170-1.git.1.91db82e.el7.ppc64le",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "atomic-enterprise-service-catalog-svcat-1:3.11.170-1.git.1.91db82e.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.170-1.git.1.91db82e.el7.x86_64"
},
"product_reference": "atomic-enterprise-service-catalog-svcat-1:3.11.170-1.git.1.91db82e.el7.x86_64",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.ppc64le"
},
"product_reference": "atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.src as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.src"
},
"product_reference": "atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.src",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.x86_64"
},
"product_reference": "atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "atomic-openshift-clients-0:3.11.170-1.git.0.00cac56.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.170-1.git.0.00cac56.el7.ppc64le"
},
"product_reference": "atomic-openshift-clients-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "atomic-openshift-clients-0:3.11.170-1.git.0.00cac56.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.170-1.git.0.00cac56.el7.x86_64"
},
"product_reference": "atomic-openshift-clients-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "atomic-openshift-clients-redistributable-0:3.11.170-1.git.0.00cac56.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.170-1.git.0.00cac56.el7.x86_64"
},
"product_reference": "atomic-openshift-clients-redistributable-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.ppc64le"
},
"product_reference": "atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.ppc64le",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.src as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.src"
},
"product_reference": "atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.src",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.x86_64"
},
"product_reference": "atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.x86_64",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.ppc64le"
},
"product_reference": "atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.ppc64le",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.src as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.src"
},
"product_reference": "atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.src",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.x86_64"
},
"product_reference": "atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.x86_64",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "atomic-openshift-docker-excluder-0:3.11.170-1.git.0.00cac56.el7.noarch as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.170-1.git.0.00cac56.el7.noarch"
},
"product_reference": "atomic-openshift-docker-excluder-0:3.11.170-1.git.0.00cac56.el7.noarch",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "atomic-openshift-dockerregistry-0:3.11.170-1.git.1.55fab05.el7.src as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.170-1.git.1.55fab05.el7.src"
},
"product_reference": "atomic-openshift-dockerregistry-0:3.11.170-1.git.1.55fab05.el7.src",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "atomic-openshift-dockerregistry-0:3.11.170-1.git.1.55fab05.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.170-1.git.1.55fab05.el7.x86_64"
},
"product_reference": "atomic-openshift-dockerregistry-0:3.11.170-1.git.1.55fab05.el7.x86_64",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "atomic-openshift-excluder-0:3.11.170-1.git.0.00cac56.el7.noarch as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.170-1.git.0.00cac56.el7.noarch"
},
"product_reference": "atomic-openshift-excluder-0:3.11.170-1.git.0.00cac56.el7.noarch",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "atomic-openshift-hyperkube-0:3.11.170-1.git.0.00cac56.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.170-1.git.0.00cac56.el7.ppc64le"
},
"product_reference": "atomic-openshift-hyperkube-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "atomic-openshift-hyperkube-0:3.11.170-1.git.0.00cac56.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.170-1.git.0.00cac56.el7.x86_64"
},
"product_reference": "atomic-openshift-hyperkube-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "atomic-openshift-hypershift-0:3.11.170-1.git.0.00cac56.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.170-1.git.0.00cac56.el7.ppc64le"
},
"product_reference": "atomic-openshift-hypershift-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "atomic-openshift-hypershift-0:3.11.170-1.git.0.00cac56.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.170-1.git.0.00cac56.el7.x86_64"
},
"product_reference": "atomic-openshift-hypershift-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "atomic-openshift-master-0:3.11.170-1.git.0.00cac56.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.170-1.git.0.00cac56.el7.ppc64le"
},
"product_reference": "atomic-openshift-master-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "atomic-openshift-master-0:3.11.170-1.git.0.00cac56.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.170-1.git.0.00cac56.el7.x86_64"
},
"product_reference": "atomic-openshift-master-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.ppc64le"
},
"product_reference": "atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.ppc64le",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.src as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.src"
},
"product_reference": "atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.src",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.x86_64"
},
"product_reference": "atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.x86_64",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "atomic-openshift-node-0:3.11.170-1.git.0.00cac56.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.170-1.git.0.00cac56.el7.ppc64le"
},
"product_reference": "atomic-openshift-node-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "atomic-openshift-node-0:3.11.170-1.git.0.00cac56.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.170-1.git.0.00cac56.el7.x86_64"
},
"product_reference": "atomic-openshift-node-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.ppc64le"
},
"product_reference": "atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.ppc64le",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.src as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.src"
},
"product_reference": "atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.src",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.x86_64"
},
"product_reference": "atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.x86_64",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "atomic-openshift-pod-0:3.11.170-1.git.0.00cac56.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.170-1.git.0.00cac56.el7.ppc64le"
},
"product_reference": "atomic-openshift-pod-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "atomic-openshift-pod-0:3.11.170-1.git.0.00cac56.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.170-1.git.0.00cac56.el7.x86_64"
},
"product_reference": "atomic-openshift-pod-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "atomic-openshift-sdn-ovs-0:3.11.170-1.git.0.00cac56.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.170-1.git.0.00cac56.el7.ppc64le"
},
"product_reference": "atomic-openshift-sdn-ovs-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "atomic-openshift-sdn-ovs-0:3.11.170-1.git.0.00cac56.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.170-1.git.0.00cac56.el7.x86_64"
},
"product_reference": "atomic-openshift-sdn-ovs-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.ppc64le"
},
"product_reference": "atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.ppc64le",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.src as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.src"
},
"product_reference": "atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.src",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.x86_64"
},
"product_reference": "atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.x86_64",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "atomic-openshift-template-service-broker-0:3.11.170-1.git.0.00cac56.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.170-1.git.0.00cac56.el7.ppc64le"
},
"product_reference": "atomic-openshift-template-service-broker-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "atomic-openshift-template-service-broker-0:3.11.170-1.git.0.00cac56.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.170-1.git.0.00cac56.el7.x86_64"
},
"product_reference": "atomic-openshift-template-service-broker-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "atomic-openshift-tests-0:3.11.170-1.git.0.00cac56.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.170-1.git.0.00cac56.el7.ppc64le"
},
"product_reference": "atomic-openshift-tests-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "atomic-openshift-tests-0:3.11.170-1.git.0.00cac56.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.170-1.git.0.00cac56.el7.x86_64"
},
"product_reference": "atomic-openshift-tests-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.ppc64le"
},
"product_reference": "atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.ppc64le",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.src as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.src"
},
"product_reference": "atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.src",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.x86_64"
},
"product_reference": "atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.x86_64",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.ppc64le"
},
"product_reference": "cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.ppc64le",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.src as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.src"
},
"product_reference": "cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.src",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.x86_64"
},
"product_reference": "cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.x86_64",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cri-o-debuginfo-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.ppc64le"
},
"product_reference": "cri-o-debuginfo-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.ppc64le",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cri-o-debuginfo-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.x86_64"
},
"product_reference": "cri-o-debuginfo-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.x86_64",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.ppc64le"
},
"product_reference": "golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.ppc64le",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.src as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.src"
},
"product_reference": "golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.src",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.x86_64"
},
"product_reference": "golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.x86_64",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.src as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.src"
},
"product_reference": "golang-github-prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.src",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-node_exporter-0:3.11.170-1.git.1.51473b7.el7.src as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.170-1.git.1.51473b7.el7.src"
},
"product_reference": "golang-github-prometheus-node_exporter-0:3.11.170-1.git.1.51473b7.el7.src",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-prometheus-0:3.11.170-1.git.1.227bc98.el7.src as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.170-1.git.1.227bc98.el7.src"
},
"product_reference": "golang-github-prometheus-prometheus-0:3.11.170-1.git.1.227bc98.el7.src",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jenkins-0:2.204.2.1580891656-1.el7.noarch as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:jenkins-0:2.204.2.1580891656-1.el7.noarch"
},
"product_reference": "jenkins-0:2.204.2.1580891656-1.el7.noarch",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jenkins-0:2.204.2.1580891656-1.el7.src as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:jenkins-0:2.204.2.1580891656-1.el7.src"
},
"product_reference": "jenkins-0:2.204.2.1580891656-1.el7.src",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jenkins-2-plugins-0:3.11.1579107288-1.el7.noarch as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1579107288-1.el7.noarch"
},
"product_reference": "jenkins-2-plugins-0:3.11.1579107288-1.el7.noarch",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jenkins-2-plugins-0:3.11.1579107288-1.el7.src as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1579107288-1.el7.src"
},
"product_reference": "jenkins-2-plugins-0:3.11.1579107288-1.el7.src",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-ansible-0:3.11.170-2.git.5.8802564.el7.noarch as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.170-2.git.5.8802564.el7.noarch"
},
"product_reference": "openshift-ansible-0:3.11.170-2.git.5.8802564.el7.noarch",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-ansible-0:3.11.170-2.git.5.8802564.el7.src as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.170-2.git.5.8802564.el7.src"
},
"product_reference": "openshift-ansible-0:3.11.170-2.git.5.8802564.el7.src",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-ansible-docs-0:3.11.170-2.git.5.8802564.el7.noarch as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.170-2.git.5.8802564.el7.noarch"
},
"product_reference": "openshift-ansible-docs-0:3.11.170-2.git.5.8802564.el7.noarch",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-ansible-playbooks-0:3.11.170-2.git.5.8802564.el7.noarch as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.170-2.git.5.8802564.el7.noarch"
},
"product_reference": "openshift-ansible-playbooks-0:3.11.170-2.git.5.8802564.el7.noarch",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-ansible-roles-0:3.11.170-2.git.5.8802564.el7.noarch as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.170-2.git.5.8802564.el7.noarch"
},
"product_reference": "openshift-ansible-roles-0:3.11.170-2.git.5.8802564.el7.noarch",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-ansible-test-0:3.11.170-2.git.5.8802564.el7.noarch as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.170-2.git.5.8802564.el7.noarch"
},
"product_reference": "openshift-ansible-test-0:3.11.170-2.git.5.8802564.el7.noarch",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.ppc64le"
},
"product_reference": "openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.ppc64le",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.src as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.src"
},
"product_reference": "openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.src",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.x86_64"
},
"product_reference": "openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.x86_64",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.ppc64le"
},
"product_reference": "openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.ppc64le",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.src as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.src"
},
"product_reference": "openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.src",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.x86_64"
},
"product_reference": "openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.x86_64",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-kuryr-0:3.11.170-1.git.1.7265da1.el7.src as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:openshift-kuryr-0:3.11.170-1.git.1.7265da1.el7.src"
},
"product_reference": "openshift-kuryr-0:3.11.170-1.git.1.7265da1.el7.src",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-kuryr-cni-0:3.11.170-1.git.1.7265da1.el7.noarch as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:openshift-kuryr-cni-0:3.11.170-1.git.1.7265da1.el7.noarch"
},
"product_reference": "openshift-kuryr-cni-0:3.11.170-1.git.1.7265da1.el7.noarch",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-kuryr-common-0:3.11.170-1.git.1.7265da1.el7.noarch as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:openshift-kuryr-common-0:3.11.170-1.git.1.7265da1.el7.noarch"
},
"product_reference": "openshift-kuryr-common-0:3.11.170-1.git.1.7265da1.el7.noarch",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-kuryr-controller-0:3.11.170-1.git.1.7265da1.el7.noarch as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:openshift-kuryr-controller-0:3.11.170-1.git.1.7265da1.el7.noarch"
},
"product_reference": "openshift-kuryr-controller-0:3.11.170-1.git.1.7265da1.el7.noarch",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "prometheus-0:3.11.170-1.git.1.227bc98.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.170-1.git.1.227bc98.el7.ppc64le"
},
"product_reference": "prometheus-0:3.11.170-1.git.1.227bc98.el7.ppc64le",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "prometheus-0:3.11.170-1.git.1.227bc98.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:prometheus-0:3.11.170-1.git.1.227bc98.el7.x86_64"
},
"product_reference": "prometheus-0:3.11.170-1.git.1.227bc98.el7.x86_64",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.ppc64le"
},
"product_reference": "prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.ppc64le",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.x86_64"
},
"product_reference": "prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.x86_64",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "prometheus-node-exporter-0:3.11.170-1.git.1.51473b7.el7.ppc64le as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.170-1.git.1.51473b7.el7.ppc64le"
},
"product_reference": "prometheus-node-exporter-0:3.11.170-1.git.1.51473b7.el7.ppc64le",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "prometheus-node-exporter-0:3.11.170-1.git.1.51473b7.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.170-1.git.1.51473b7.el7.x86_64"
},
"product_reference": "prometheus-node-exporter-0:3.11.170-1.git.1.51473b7.el7.x86_64",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python2-kuryr-kubernetes-0:3.11.170-1.git.1.7265da1.el7.noarch as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:python2-kuryr-kubernetes-0:3.11.170-1.git.1.7265da1.el7.noarch"
},
"product_reference": "python2-kuryr-kubernetes-0:3.11.170-1.git.1.7265da1.el7.noarch",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2019-11358",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2019-03-28T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1701972"
}
],
"notes": [
{
"category": "description",
"text": "A Prototype Pollution vulnerability was found in jquery. Untrusted JSON passed to the `extend` function could lead to modifying objects up the prototype chain, including the global Object. A crafted JSON object passed to a vulnerable method could lead to denial of service or data injection, with various consequences.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jquery: Prototype pollution in object\u0027s prototype leading to denial of service, remote code execution, or property injection",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Virtualization 4.2 EUS contains the affected version of bootstrap in the packages ovirt-js-dependencies and ovirt-engine-dashboard. These packages are deprecated in Red Hat Virtualization 4.3.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.170-1.git.1.91db82e.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.170-1.git.1.91db82e.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.170-1.git.0.00cac56.el7.noarch",
"7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.170-1.git.1.55fab05.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.170-1.git.1.55fab05.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.170-1.git.0.00cac56.el7.noarch",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.x86_64",
"7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.src",
"7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.x86_64",
"7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.x86_64",
"7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.src",
"7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.x86_64",
"7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.src",
"7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.170-1.git.1.51473b7.el7.src",
"7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.170-1.git.1.227bc98.el7.src",
"7Server-RH7-RHOSE-3.11:jenkins-0:2.204.2.1580891656-1.el7.noarch",
"7Server-RH7-RHOSE-3.11:jenkins-0:2.204.2.1580891656-1.el7.src",
"7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1579107288-1.el7.noarch",
"7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1579107288-1.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.170-2.git.5.8802564.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.x86_64",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.x86_64",
"7Server-RH7-RHOSE-3.11:openshift-kuryr-0:3.11.170-1.git.1.7265da1.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-kuryr-cni-0:3.11.170-1.git.1.7265da1.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-kuryr-common-0:3.11.170-1.git.1.7265da1.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-kuryr-controller-0:3.11.170-1.git.1.7265da1.el7.noarch",
"7Server-RH7-RHOSE-3.11:prometheus-0:3.11.170-1.git.1.227bc98.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:prometheus-0:3.11.170-1.git.1.227bc98.el7.x86_64",
"7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.x86_64",
"7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.170-1.git.1.51473b7.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.170-1.git.1.51473b7.el7.x86_64",
"7Server-RH7-RHOSE-3.11:python2-kuryr-kubernetes-0:3.11.170-1.git.1.7265da1.el7.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-11358"
},
{
"category": "external",
"summary": "RHBZ#1701972",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1701972"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-11358",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11358"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-11358",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-11358"
},
{
"category": "external",
"summary": "https://blog.jquery.com/2019/04/10/jquery-3-4-0-released/",
"url": "https://blog.jquery.com/2019/04/10/jquery-3-4-0-released/"
},
{
"category": "external",
"summary": "https://www.drupal.org/sa-core-2019-006",
"url": "https://www.drupal.org/sa-core-2019-006"
}
],
"release_date": "2019-03-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-02-19T19:55:22+00:00",
"details": "Before applying this update, ensure all previously released errata relevant\nto your system is applied.\n\nSee the following documentation, which will be updated shortly for release\n3.11.170, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/3.11/release_notes/ocp_3_11_release_notes.html\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/articles/11258.",
"product_ids": [
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.170-1.git.1.91db82e.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.170-1.git.1.91db82e.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.170-1.git.0.00cac56.el7.noarch",
"7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.170-1.git.1.55fab05.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.170-1.git.1.55fab05.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.170-1.git.0.00cac56.el7.noarch",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.x86_64",
"7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.src",
"7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.x86_64",
"7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.x86_64",
"7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.src",
"7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.x86_64",
"7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.src",
"7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.170-1.git.1.51473b7.el7.src",
"7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.170-1.git.1.227bc98.el7.src",
"7Server-RH7-RHOSE-3.11:jenkins-0:2.204.2.1580891656-1.el7.noarch",
"7Server-RH7-RHOSE-3.11:jenkins-0:2.204.2.1580891656-1.el7.src",
"7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1579107288-1.el7.noarch",
"7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1579107288-1.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.170-2.git.5.8802564.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.x86_64",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.x86_64",
"7Server-RH7-RHOSE-3.11:openshift-kuryr-0:3.11.170-1.git.1.7265da1.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-kuryr-cni-0:3.11.170-1.git.1.7265da1.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-kuryr-common-0:3.11.170-1.git.1.7265da1.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-kuryr-controller-0:3.11.170-1.git.1.7265da1.el7.noarch",
"7Server-RH7-RHOSE-3.11:prometheus-0:3.11.170-1.git.1.227bc98.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:prometheus-0:3.11.170-1.git.1.227bc98.el7.x86_64",
"7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.x86_64",
"7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.170-1.git.1.51473b7.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.170-1.git.1.51473b7.el7.x86_64",
"7Server-RH7-RHOSE-3.11:python2-kuryr-kubernetes-0:3.11.170-1.git.1.7265da1.el7.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHBA-2020:0402"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.0"
},
"products": [
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.170-1.git.1.91db82e.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.170-1.git.1.91db82e.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.170-1.git.0.00cac56.el7.noarch",
"7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.170-1.git.1.55fab05.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.170-1.git.1.55fab05.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.170-1.git.0.00cac56.el7.noarch",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.x86_64",
"7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.src",
"7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.x86_64",
"7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.x86_64",
"7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.src",
"7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.x86_64",
"7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.src",
"7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.170-1.git.1.51473b7.el7.src",
"7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.170-1.git.1.227bc98.el7.src",
"7Server-RH7-RHOSE-3.11:jenkins-0:2.204.2.1580891656-1.el7.noarch",
"7Server-RH7-RHOSE-3.11:jenkins-0:2.204.2.1580891656-1.el7.src",
"7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1579107288-1.el7.noarch",
"7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1579107288-1.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.170-2.git.5.8802564.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.x86_64",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.x86_64",
"7Server-RH7-RHOSE-3.11:openshift-kuryr-0:3.11.170-1.git.1.7265da1.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-kuryr-cni-0:3.11.170-1.git.1.7265da1.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-kuryr-common-0:3.11.170-1.git.1.7265da1.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-kuryr-controller-0:3.11.170-1.git.1.7265da1.el7.noarch",
"7Server-RH7-RHOSE-3.11:prometheus-0:3.11.170-1.git.1.227bc98.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:prometheus-0:3.11.170-1.git.1.227bc98.el7.x86_64",
"7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.x86_64",
"7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.170-1.git.1.51473b7.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.170-1.git.1.51473b7.el7.x86_64",
"7Server-RH7-RHOSE-3.11:python2-kuryr-kubernetes-0:3.11.170-1.git.1.7265da1.el7.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jquery: Prototype pollution in object\u0027s prototype leading to denial of service, remote code execution, or property injection"
},
{
"cve": "CVE-2020-2099",
"cwe": {
"id": "CWE-305",
"name": "Authentication Bypass by Primary Weakness"
},
"discovery_date": "2020-01-29T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1797080"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Jenkins. Encryption key parameters are improperly reused in the Inbound TCP Agent Protocol/3 allowing unauthorized attackers with knowledge of agent names to obtain the connection secrets for those agents. The highest threat from this vulnerability is to data confidentiality.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jenkins: Inbound TCP Agent Protocol/3 authentication bypass",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.170-1.git.1.91db82e.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.170-1.git.1.91db82e.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.170-1.git.0.00cac56.el7.noarch",
"7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.170-1.git.1.55fab05.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.170-1.git.1.55fab05.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.170-1.git.0.00cac56.el7.noarch",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.x86_64",
"7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.src",
"7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.x86_64",
"7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.x86_64",
"7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.src",
"7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.x86_64",
"7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.src",
"7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.170-1.git.1.51473b7.el7.src",
"7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.170-1.git.1.227bc98.el7.src",
"7Server-RH7-RHOSE-3.11:jenkins-0:2.204.2.1580891656-1.el7.noarch",
"7Server-RH7-RHOSE-3.11:jenkins-0:2.204.2.1580891656-1.el7.src",
"7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1579107288-1.el7.noarch",
"7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1579107288-1.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.170-2.git.5.8802564.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.x86_64",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.x86_64",
"7Server-RH7-RHOSE-3.11:openshift-kuryr-0:3.11.170-1.git.1.7265da1.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-kuryr-cni-0:3.11.170-1.git.1.7265da1.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-kuryr-common-0:3.11.170-1.git.1.7265da1.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-kuryr-controller-0:3.11.170-1.git.1.7265da1.el7.noarch",
"7Server-RH7-RHOSE-3.11:prometheus-0:3.11.170-1.git.1.227bc98.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:prometheus-0:3.11.170-1.git.1.227bc98.el7.x86_64",
"7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.x86_64",
"7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.170-1.git.1.51473b7.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.170-1.git.1.51473b7.el7.x86_64",
"7Server-RH7-RHOSE-3.11:python2-kuryr-kubernetes-0:3.11.170-1.git.1.7265da1.el7.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-2099"
},
{
"category": "external",
"summary": "RHBZ#1797080",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1797080"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-2099",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2099"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-2099",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-2099"
}
],
"release_date": "2020-01-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-02-19T19:55:22+00:00",
"details": "Before applying this update, ensure all previously released errata relevant\nto your system is applied.\n\nSee the following documentation, which will be updated shortly for release\n3.11.170, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/3.11/release_notes/ocp_3_11_release_notes.html\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/articles/11258.",
"product_ids": [
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.170-1.git.1.91db82e.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.170-1.git.1.91db82e.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.170-1.git.0.00cac56.el7.noarch",
"7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.170-1.git.1.55fab05.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.170-1.git.1.55fab05.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.170-1.git.0.00cac56.el7.noarch",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.x86_64",
"7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.src",
"7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.x86_64",
"7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.x86_64",
"7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.src",
"7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.x86_64",
"7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.src",
"7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.170-1.git.1.51473b7.el7.src",
"7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.170-1.git.1.227bc98.el7.src",
"7Server-RH7-RHOSE-3.11:jenkins-0:2.204.2.1580891656-1.el7.noarch",
"7Server-RH7-RHOSE-3.11:jenkins-0:2.204.2.1580891656-1.el7.src",
"7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1579107288-1.el7.noarch",
"7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1579107288-1.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.170-2.git.5.8802564.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.x86_64",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.x86_64",
"7Server-RH7-RHOSE-3.11:openshift-kuryr-0:3.11.170-1.git.1.7265da1.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-kuryr-cni-0:3.11.170-1.git.1.7265da1.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-kuryr-common-0:3.11.170-1.git.1.7265da1.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-kuryr-controller-0:3.11.170-1.git.1.7265da1.el7.noarch",
"7Server-RH7-RHOSE-3.11:prometheus-0:3.11.170-1.git.1.227bc98.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:prometheus-0:3.11.170-1.git.1.227bc98.el7.x86_64",
"7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.x86_64",
"7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.170-1.git.1.51473b7.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.170-1.git.1.51473b7.el7.x86_64",
"7Server-RH7-RHOSE-3.11:python2-kuryr-kubernetes-0:3.11.170-1.git.1.7265da1.el7.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHBA-2020:0402"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L",
"version": "3.1"
},
"products": [
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.170-1.git.1.91db82e.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.170-1.git.1.91db82e.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.170-1.git.0.00cac56.el7.noarch",
"7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.170-1.git.1.55fab05.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.170-1.git.1.55fab05.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.170-1.git.0.00cac56.el7.noarch",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.x86_64",
"7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.src",
"7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.x86_64",
"7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.x86_64",
"7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.src",
"7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.x86_64",
"7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.src",
"7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.170-1.git.1.51473b7.el7.src",
"7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.170-1.git.1.227bc98.el7.src",
"7Server-RH7-RHOSE-3.11:jenkins-0:2.204.2.1580891656-1.el7.noarch",
"7Server-RH7-RHOSE-3.11:jenkins-0:2.204.2.1580891656-1.el7.src",
"7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1579107288-1.el7.noarch",
"7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1579107288-1.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.170-2.git.5.8802564.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.x86_64",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.x86_64",
"7Server-RH7-RHOSE-3.11:openshift-kuryr-0:3.11.170-1.git.1.7265da1.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-kuryr-cni-0:3.11.170-1.git.1.7265da1.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-kuryr-common-0:3.11.170-1.git.1.7265da1.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-kuryr-controller-0:3.11.170-1.git.1.7265da1.el7.noarch",
"7Server-RH7-RHOSE-3.11:prometheus-0:3.11.170-1.git.1.227bc98.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:prometheus-0:3.11.170-1.git.1.227bc98.el7.x86_64",
"7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.x86_64",
"7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.170-1.git.1.51473b7.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.170-1.git.1.51473b7.el7.x86_64",
"7Server-RH7-RHOSE-3.11:python2-kuryr-kubernetes-0:3.11.170-1.git.1.7265da1.el7.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "jenkins: Inbound TCP Agent Protocol/3 authentication bypass"
},
{
"cve": "CVE-2020-2100",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2020-01-29T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1797087"
}
],
"notes": [
{
"category": "description",
"text": "Jenkins 2.218 and earlier, LTS 2.204.1 and earlier was vulnerable to a UDP amplification reflection denial of service attack on port 33848.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jenkins: UDP multicast/broadcast service amplification reflection attack",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.170-1.git.1.91db82e.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.170-1.git.1.91db82e.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.170-1.git.0.00cac56.el7.noarch",
"7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.170-1.git.1.55fab05.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.170-1.git.1.55fab05.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.170-1.git.0.00cac56.el7.noarch",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.x86_64",
"7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.src",
"7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.x86_64",
"7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.x86_64",
"7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.src",
"7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.x86_64",
"7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.src",
"7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.170-1.git.1.51473b7.el7.src",
"7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.170-1.git.1.227bc98.el7.src",
"7Server-RH7-RHOSE-3.11:jenkins-0:2.204.2.1580891656-1.el7.noarch",
"7Server-RH7-RHOSE-3.11:jenkins-0:2.204.2.1580891656-1.el7.src",
"7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1579107288-1.el7.noarch",
"7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1579107288-1.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.170-2.git.5.8802564.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.x86_64",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.x86_64",
"7Server-RH7-RHOSE-3.11:openshift-kuryr-0:3.11.170-1.git.1.7265da1.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-kuryr-cni-0:3.11.170-1.git.1.7265da1.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-kuryr-common-0:3.11.170-1.git.1.7265da1.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-kuryr-controller-0:3.11.170-1.git.1.7265da1.el7.noarch",
"7Server-RH7-RHOSE-3.11:prometheus-0:3.11.170-1.git.1.227bc98.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:prometheus-0:3.11.170-1.git.1.227bc98.el7.x86_64",
"7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.x86_64",
"7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.170-1.git.1.51473b7.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.170-1.git.1.51473b7.el7.x86_64",
"7Server-RH7-RHOSE-3.11:python2-kuryr-kubernetes-0:3.11.170-1.git.1.7265da1.el7.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-2100"
},
{
"category": "external",
"summary": "RHBZ#1797087",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1797087"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-2100",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2100"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-2100",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-2100"
}
],
"release_date": "2020-01-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-02-19T19:55:22+00:00",
"details": "Before applying this update, ensure all previously released errata relevant\nto your system is applied.\n\nSee the following documentation, which will be updated shortly for release\n3.11.170, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/3.11/release_notes/ocp_3_11_release_notes.html\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/articles/11258.",
"product_ids": [
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.170-1.git.1.91db82e.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.170-1.git.1.91db82e.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.170-1.git.0.00cac56.el7.noarch",
"7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.170-1.git.1.55fab05.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.170-1.git.1.55fab05.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.170-1.git.0.00cac56.el7.noarch",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.x86_64",
"7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.src",
"7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.x86_64",
"7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.x86_64",
"7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.src",
"7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.x86_64",
"7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.src",
"7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.170-1.git.1.51473b7.el7.src",
"7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.170-1.git.1.227bc98.el7.src",
"7Server-RH7-RHOSE-3.11:jenkins-0:2.204.2.1580891656-1.el7.noarch",
"7Server-RH7-RHOSE-3.11:jenkins-0:2.204.2.1580891656-1.el7.src",
"7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1579107288-1.el7.noarch",
"7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1579107288-1.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.170-2.git.5.8802564.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.x86_64",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.x86_64",
"7Server-RH7-RHOSE-3.11:openshift-kuryr-0:3.11.170-1.git.1.7265da1.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-kuryr-cni-0:3.11.170-1.git.1.7265da1.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-kuryr-common-0:3.11.170-1.git.1.7265da1.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-kuryr-controller-0:3.11.170-1.git.1.7265da1.el7.noarch",
"7Server-RH7-RHOSE-3.11:prometheus-0:3.11.170-1.git.1.227bc98.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:prometheus-0:3.11.170-1.git.1.227bc98.el7.x86_64",
"7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.x86_64",
"7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.170-1.git.1.51473b7.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.170-1.git.1.51473b7.el7.x86_64",
"7Server-RH7-RHOSE-3.11:python2-kuryr-kubernetes-0:3.11.170-1.git.1.7265da1.el7.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHBA-2020:0402"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.170-1.git.1.91db82e.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.170-1.git.1.91db82e.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.170-1.git.0.00cac56.el7.noarch",
"7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.170-1.git.1.55fab05.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.170-1.git.1.55fab05.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.170-1.git.0.00cac56.el7.noarch",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.x86_64",
"7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.src",
"7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.x86_64",
"7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.x86_64",
"7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.src",
"7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.x86_64",
"7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.src",
"7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.170-1.git.1.51473b7.el7.src",
"7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.170-1.git.1.227bc98.el7.src",
"7Server-RH7-RHOSE-3.11:jenkins-0:2.204.2.1580891656-1.el7.noarch",
"7Server-RH7-RHOSE-3.11:jenkins-0:2.204.2.1580891656-1.el7.src",
"7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1579107288-1.el7.noarch",
"7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1579107288-1.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.170-2.git.5.8802564.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.x86_64",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.x86_64",
"7Server-RH7-RHOSE-3.11:openshift-kuryr-0:3.11.170-1.git.1.7265da1.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-kuryr-cni-0:3.11.170-1.git.1.7265da1.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-kuryr-common-0:3.11.170-1.git.1.7265da1.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-kuryr-controller-0:3.11.170-1.git.1.7265da1.el7.noarch",
"7Server-RH7-RHOSE-3.11:prometheus-0:3.11.170-1.git.1.227bc98.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:prometheus-0:3.11.170-1.git.1.227bc98.el7.x86_64",
"7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.x86_64",
"7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.170-1.git.1.51473b7.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.170-1.git.1.51473b7.el7.x86_64",
"7Server-RH7-RHOSE-3.11:python2-kuryr-kubernetes-0:3.11.170-1.git.1.7265da1.el7.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jenkins: UDP multicast/broadcast service amplification reflection attack"
},
{
"cve": "CVE-2020-2101",
"cwe": {
"id": "CWE-385",
"name": "Covert Timing Channel"
},
"discovery_date": "2020-01-29T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1797084"
}
],
"notes": [
{
"category": "description",
"text": "Jenkins 2.218 and earlier, LTS 2.204.1 and earlier did not use a constant-time comparison function for validating connection secrets, which could potentially allow an attacker to use a timing attack to obtain this secret.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jenkins: Non-constant time comparison of inbound TCP agent connection secret",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.170-1.git.1.91db82e.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.170-1.git.1.91db82e.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.170-1.git.0.00cac56.el7.noarch",
"7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.170-1.git.1.55fab05.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.170-1.git.1.55fab05.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.170-1.git.0.00cac56.el7.noarch",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.x86_64",
"7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.src",
"7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.x86_64",
"7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.x86_64",
"7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.src",
"7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.x86_64",
"7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.src",
"7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.170-1.git.1.51473b7.el7.src",
"7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.170-1.git.1.227bc98.el7.src",
"7Server-RH7-RHOSE-3.11:jenkins-0:2.204.2.1580891656-1.el7.noarch",
"7Server-RH7-RHOSE-3.11:jenkins-0:2.204.2.1580891656-1.el7.src",
"7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1579107288-1.el7.noarch",
"7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1579107288-1.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.170-2.git.5.8802564.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.x86_64",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.x86_64",
"7Server-RH7-RHOSE-3.11:openshift-kuryr-0:3.11.170-1.git.1.7265da1.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-kuryr-cni-0:3.11.170-1.git.1.7265da1.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-kuryr-common-0:3.11.170-1.git.1.7265da1.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-kuryr-controller-0:3.11.170-1.git.1.7265da1.el7.noarch",
"7Server-RH7-RHOSE-3.11:prometheus-0:3.11.170-1.git.1.227bc98.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:prometheus-0:3.11.170-1.git.1.227bc98.el7.x86_64",
"7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.x86_64",
"7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.170-1.git.1.51473b7.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.170-1.git.1.51473b7.el7.x86_64",
"7Server-RH7-RHOSE-3.11:python2-kuryr-kubernetes-0:3.11.170-1.git.1.7265da1.el7.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-2101"
},
{
"category": "external",
"summary": "RHBZ#1797084",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1797084"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-2101",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2101"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-2101",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-2101"
}
],
"release_date": "2020-01-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-02-19T19:55:22+00:00",
"details": "Before applying this update, ensure all previously released errata relevant\nto your system is applied.\n\nSee the following documentation, which will be updated shortly for release\n3.11.170, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/3.11/release_notes/ocp_3_11_release_notes.html\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/articles/11258.",
"product_ids": [
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.170-1.git.1.91db82e.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.170-1.git.1.91db82e.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.170-1.git.0.00cac56.el7.noarch",
"7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.170-1.git.1.55fab05.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.170-1.git.1.55fab05.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.170-1.git.0.00cac56.el7.noarch",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.x86_64",
"7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.src",
"7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.x86_64",
"7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.x86_64",
"7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.src",
"7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.x86_64",
"7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.src",
"7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.170-1.git.1.51473b7.el7.src",
"7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.170-1.git.1.227bc98.el7.src",
"7Server-RH7-RHOSE-3.11:jenkins-0:2.204.2.1580891656-1.el7.noarch",
"7Server-RH7-RHOSE-3.11:jenkins-0:2.204.2.1580891656-1.el7.src",
"7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1579107288-1.el7.noarch",
"7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1579107288-1.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.170-2.git.5.8802564.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.x86_64",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.x86_64",
"7Server-RH7-RHOSE-3.11:openshift-kuryr-0:3.11.170-1.git.1.7265da1.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-kuryr-cni-0:3.11.170-1.git.1.7265da1.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-kuryr-common-0:3.11.170-1.git.1.7265da1.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-kuryr-controller-0:3.11.170-1.git.1.7265da1.el7.noarch",
"7Server-RH7-RHOSE-3.11:prometheus-0:3.11.170-1.git.1.227bc98.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:prometheus-0:3.11.170-1.git.1.227bc98.el7.x86_64",
"7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.x86_64",
"7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.170-1.git.1.51473b7.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.170-1.git.1.51473b7.el7.x86_64",
"7Server-RH7-RHOSE-3.11:python2-kuryr-kubernetes-0:3.11.170-1.git.1.7265da1.el7.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHBA-2020:0402"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.170-1.git.1.91db82e.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.170-1.git.1.91db82e.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.170-1.git.0.00cac56.el7.noarch",
"7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.170-1.git.1.55fab05.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.170-1.git.1.55fab05.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.170-1.git.0.00cac56.el7.noarch",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.x86_64",
"7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.src",
"7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.x86_64",
"7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.x86_64",
"7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.src",
"7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.x86_64",
"7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.src",
"7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.170-1.git.1.51473b7.el7.src",
"7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.170-1.git.1.227bc98.el7.src",
"7Server-RH7-RHOSE-3.11:jenkins-0:2.204.2.1580891656-1.el7.noarch",
"7Server-RH7-RHOSE-3.11:jenkins-0:2.204.2.1580891656-1.el7.src",
"7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1579107288-1.el7.noarch",
"7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1579107288-1.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.170-2.git.5.8802564.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.x86_64",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.x86_64",
"7Server-RH7-RHOSE-3.11:openshift-kuryr-0:3.11.170-1.git.1.7265da1.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-kuryr-cni-0:3.11.170-1.git.1.7265da1.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-kuryr-common-0:3.11.170-1.git.1.7265da1.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-kuryr-controller-0:3.11.170-1.git.1.7265da1.el7.noarch",
"7Server-RH7-RHOSE-3.11:prometheus-0:3.11.170-1.git.1.227bc98.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:prometheus-0:3.11.170-1.git.1.227bc98.el7.x86_64",
"7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.x86_64",
"7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.170-1.git.1.51473b7.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.170-1.git.1.51473b7.el7.x86_64",
"7Server-RH7-RHOSE-3.11:python2-kuryr-kubernetes-0:3.11.170-1.git.1.7265da1.el7.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jenkins: Non-constant time comparison of inbound TCP agent connection secret"
},
{
"cve": "CVE-2020-2102",
"cwe": {
"id": "CWE-385",
"name": "Covert Timing Channel"
},
"discovery_date": "2020-01-29T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1797071"
}
],
"notes": [
{
"category": "description",
"text": "Jenkins 2.218 and earlier, LTS 2.204.1 and earlier used a non-constant time comparison function when validating an HMAC.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jenkins: Non-constant time HMAC comparison",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.170-1.git.1.91db82e.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.170-1.git.1.91db82e.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.170-1.git.0.00cac56.el7.noarch",
"7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.170-1.git.1.55fab05.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.170-1.git.1.55fab05.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.170-1.git.0.00cac56.el7.noarch",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.x86_64",
"7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.src",
"7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.x86_64",
"7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.x86_64",
"7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.src",
"7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.x86_64",
"7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.src",
"7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.170-1.git.1.51473b7.el7.src",
"7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.170-1.git.1.227bc98.el7.src",
"7Server-RH7-RHOSE-3.11:jenkins-0:2.204.2.1580891656-1.el7.noarch",
"7Server-RH7-RHOSE-3.11:jenkins-0:2.204.2.1580891656-1.el7.src",
"7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1579107288-1.el7.noarch",
"7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1579107288-1.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.170-2.git.5.8802564.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.x86_64",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.x86_64",
"7Server-RH7-RHOSE-3.11:openshift-kuryr-0:3.11.170-1.git.1.7265da1.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-kuryr-cni-0:3.11.170-1.git.1.7265da1.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-kuryr-common-0:3.11.170-1.git.1.7265da1.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-kuryr-controller-0:3.11.170-1.git.1.7265da1.el7.noarch",
"7Server-RH7-RHOSE-3.11:prometheus-0:3.11.170-1.git.1.227bc98.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:prometheus-0:3.11.170-1.git.1.227bc98.el7.x86_64",
"7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.x86_64",
"7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.170-1.git.1.51473b7.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.170-1.git.1.51473b7.el7.x86_64",
"7Server-RH7-RHOSE-3.11:python2-kuryr-kubernetes-0:3.11.170-1.git.1.7265da1.el7.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-2102"
},
{
"category": "external",
"summary": "RHBZ#1797071",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1797071"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-2102",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2102"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-2102",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-2102"
}
],
"release_date": "2020-01-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-02-19T19:55:22+00:00",
"details": "Before applying this update, ensure all previously released errata relevant\nto your system is applied.\n\nSee the following documentation, which will be updated shortly for release\n3.11.170, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/3.11/release_notes/ocp_3_11_release_notes.html\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/articles/11258.",
"product_ids": [
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.170-1.git.1.91db82e.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.170-1.git.1.91db82e.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.170-1.git.0.00cac56.el7.noarch",
"7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.170-1.git.1.55fab05.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.170-1.git.1.55fab05.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.170-1.git.0.00cac56.el7.noarch",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.x86_64",
"7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.src",
"7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.x86_64",
"7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.x86_64",
"7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.src",
"7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.x86_64",
"7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.src",
"7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.170-1.git.1.51473b7.el7.src",
"7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.170-1.git.1.227bc98.el7.src",
"7Server-RH7-RHOSE-3.11:jenkins-0:2.204.2.1580891656-1.el7.noarch",
"7Server-RH7-RHOSE-3.11:jenkins-0:2.204.2.1580891656-1.el7.src",
"7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1579107288-1.el7.noarch",
"7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1579107288-1.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.170-2.git.5.8802564.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.x86_64",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.x86_64",
"7Server-RH7-RHOSE-3.11:openshift-kuryr-0:3.11.170-1.git.1.7265da1.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-kuryr-cni-0:3.11.170-1.git.1.7265da1.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-kuryr-common-0:3.11.170-1.git.1.7265da1.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-kuryr-controller-0:3.11.170-1.git.1.7265da1.el7.noarch",
"7Server-RH7-RHOSE-3.11:prometheus-0:3.11.170-1.git.1.227bc98.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:prometheus-0:3.11.170-1.git.1.227bc98.el7.x86_64",
"7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.x86_64",
"7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.170-1.git.1.51473b7.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.170-1.git.1.51473b7.el7.x86_64",
"7Server-RH7-RHOSE-3.11:python2-kuryr-kubernetes-0:3.11.170-1.git.1.7265da1.el7.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHBA-2020:0402"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.170-1.git.1.91db82e.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.170-1.git.1.91db82e.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.170-1.git.0.00cac56.el7.noarch",
"7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.170-1.git.1.55fab05.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.170-1.git.1.55fab05.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.170-1.git.0.00cac56.el7.noarch",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.x86_64",
"7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.src",
"7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.x86_64",
"7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.x86_64",
"7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.src",
"7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.x86_64",
"7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.src",
"7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.170-1.git.1.51473b7.el7.src",
"7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.170-1.git.1.227bc98.el7.src",
"7Server-RH7-RHOSE-3.11:jenkins-0:2.204.2.1580891656-1.el7.noarch",
"7Server-RH7-RHOSE-3.11:jenkins-0:2.204.2.1580891656-1.el7.src",
"7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1579107288-1.el7.noarch",
"7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1579107288-1.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.170-2.git.5.8802564.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.x86_64",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.x86_64",
"7Server-RH7-RHOSE-3.11:openshift-kuryr-0:3.11.170-1.git.1.7265da1.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-kuryr-cni-0:3.11.170-1.git.1.7265da1.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-kuryr-common-0:3.11.170-1.git.1.7265da1.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-kuryr-controller-0:3.11.170-1.git.1.7265da1.el7.noarch",
"7Server-RH7-RHOSE-3.11:prometheus-0:3.11.170-1.git.1.227bc98.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:prometheus-0:3.11.170-1.git.1.227bc98.el7.x86_64",
"7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.x86_64",
"7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.170-1.git.1.51473b7.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.170-1.git.1.51473b7.el7.x86_64",
"7Server-RH7-RHOSE-3.11:python2-kuryr-kubernetes-0:3.11.170-1.git.1.7265da1.el7.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jenkins: Non-constant time HMAC comparison"
},
{
"cve": "CVE-2020-2103",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"discovery_date": "2020-01-29T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1797062"
}
],
"notes": [
{
"category": "description",
"text": "Jenkins 2.218 and earlier, LTS 2.204.1 and earlier exposed session identifiers on a user\u0027s detail object in the whoAmI diagnostic page.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jenkins: Exposed session identifiers on user detail object in the whoAmI diagnostic page",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.170-1.git.1.91db82e.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.170-1.git.1.91db82e.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.170-1.git.0.00cac56.el7.noarch",
"7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.170-1.git.1.55fab05.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.170-1.git.1.55fab05.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.170-1.git.0.00cac56.el7.noarch",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.x86_64",
"7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.src",
"7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.x86_64",
"7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.x86_64",
"7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.src",
"7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.x86_64",
"7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.src",
"7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.170-1.git.1.51473b7.el7.src",
"7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.170-1.git.1.227bc98.el7.src",
"7Server-RH7-RHOSE-3.11:jenkins-0:2.204.2.1580891656-1.el7.noarch",
"7Server-RH7-RHOSE-3.11:jenkins-0:2.204.2.1580891656-1.el7.src",
"7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1579107288-1.el7.noarch",
"7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1579107288-1.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.170-2.git.5.8802564.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.x86_64",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.x86_64",
"7Server-RH7-RHOSE-3.11:openshift-kuryr-0:3.11.170-1.git.1.7265da1.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-kuryr-cni-0:3.11.170-1.git.1.7265da1.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-kuryr-common-0:3.11.170-1.git.1.7265da1.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-kuryr-controller-0:3.11.170-1.git.1.7265da1.el7.noarch",
"7Server-RH7-RHOSE-3.11:prometheus-0:3.11.170-1.git.1.227bc98.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:prometheus-0:3.11.170-1.git.1.227bc98.el7.x86_64",
"7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.x86_64",
"7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.170-1.git.1.51473b7.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.170-1.git.1.51473b7.el7.x86_64",
"7Server-RH7-RHOSE-3.11:python2-kuryr-kubernetes-0:3.11.170-1.git.1.7265da1.el7.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-2103"
},
{
"category": "external",
"summary": "RHBZ#1797062",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1797062"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-2103",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2103"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-2103",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-2103"
}
],
"release_date": "2020-01-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-02-19T19:55:22+00:00",
"details": "Before applying this update, ensure all previously released errata relevant\nto your system is applied.\n\nSee the following documentation, which will be updated shortly for release\n3.11.170, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/3.11/release_notes/ocp_3_11_release_notes.html\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/articles/11258.",
"product_ids": [
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.170-1.git.1.91db82e.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.170-1.git.1.91db82e.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.170-1.git.0.00cac56.el7.noarch",
"7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.170-1.git.1.55fab05.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.170-1.git.1.55fab05.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.170-1.git.0.00cac56.el7.noarch",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.x86_64",
"7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.src",
"7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.x86_64",
"7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.x86_64",
"7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.src",
"7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.x86_64",
"7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.src",
"7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.170-1.git.1.51473b7.el7.src",
"7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.170-1.git.1.227bc98.el7.src",
"7Server-RH7-RHOSE-3.11:jenkins-0:2.204.2.1580891656-1.el7.noarch",
"7Server-RH7-RHOSE-3.11:jenkins-0:2.204.2.1580891656-1.el7.src",
"7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1579107288-1.el7.noarch",
"7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1579107288-1.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.170-2.git.5.8802564.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.x86_64",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.x86_64",
"7Server-RH7-RHOSE-3.11:openshift-kuryr-0:3.11.170-1.git.1.7265da1.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-kuryr-cni-0:3.11.170-1.git.1.7265da1.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-kuryr-common-0:3.11.170-1.git.1.7265da1.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-kuryr-controller-0:3.11.170-1.git.1.7265da1.el7.noarch",
"7Server-RH7-RHOSE-3.11:prometheus-0:3.11.170-1.git.1.227bc98.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:prometheus-0:3.11.170-1.git.1.227bc98.el7.x86_64",
"7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.x86_64",
"7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.170-1.git.1.51473b7.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.170-1.git.1.51473b7.el7.x86_64",
"7Server-RH7-RHOSE-3.11:python2-kuryr-kubernetes-0:3.11.170-1.git.1.7265da1.el7.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHBA-2020:0402"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.170-1.git.1.91db82e.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.170-1.git.1.91db82e.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.170-1.git.0.00cac56.el7.noarch",
"7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.170-1.git.1.55fab05.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.170-1.git.1.55fab05.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.170-1.git.0.00cac56.el7.noarch",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.x86_64",
"7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.src",
"7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.x86_64",
"7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.x86_64",
"7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.src",
"7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.x86_64",
"7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.src",
"7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.170-1.git.1.51473b7.el7.src",
"7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.170-1.git.1.227bc98.el7.src",
"7Server-RH7-RHOSE-3.11:jenkins-0:2.204.2.1580891656-1.el7.noarch",
"7Server-RH7-RHOSE-3.11:jenkins-0:2.204.2.1580891656-1.el7.src",
"7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1579107288-1.el7.noarch",
"7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1579107288-1.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.170-2.git.5.8802564.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.x86_64",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.x86_64",
"7Server-RH7-RHOSE-3.11:openshift-kuryr-0:3.11.170-1.git.1.7265da1.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-kuryr-cni-0:3.11.170-1.git.1.7265da1.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-kuryr-common-0:3.11.170-1.git.1.7265da1.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-kuryr-controller-0:3.11.170-1.git.1.7265da1.el7.noarch",
"7Server-RH7-RHOSE-3.11:prometheus-0:3.11.170-1.git.1.227bc98.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:prometheus-0:3.11.170-1.git.1.227bc98.el7.x86_64",
"7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.x86_64",
"7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.170-1.git.1.51473b7.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.170-1.git.1.51473b7.el7.x86_64",
"7Server-RH7-RHOSE-3.11:python2-kuryr-kubernetes-0:3.11.170-1.git.1.7265da1.el7.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jenkins: Exposed session identifiers on user detail object in the whoAmI diagnostic page"
},
{
"cve": "CVE-2020-2104",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"discovery_date": "2020-01-29T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1797065"
}
],
"notes": [
{
"category": "description",
"text": "Jenkins 2.218 and earlier, LTS 2.204.1 and earlier allowed users with Overall/Read access to view a JVM memory usage chart.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jenkins: Memory usage graphs accessible to anyone with Overall/Read",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.170-1.git.1.91db82e.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.170-1.git.1.91db82e.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.170-1.git.0.00cac56.el7.noarch",
"7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.170-1.git.1.55fab05.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.170-1.git.1.55fab05.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.170-1.git.0.00cac56.el7.noarch",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.x86_64",
"7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.src",
"7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.x86_64",
"7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.x86_64",
"7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.src",
"7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.x86_64",
"7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.src",
"7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.170-1.git.1.51473b7.el7.src",
"7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.170-1.git.1.227bc98.el7.src",
"7Server-RH7-RHOSE-3.11:jenkins-0:2.204.2.1580891656-1.el7.noarch",
"7Server-RH7-RHOSE-3.11:jenkins-0:2.204.2.1580891656-1.el7.src",
"7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1579107288-1.el7.noarch",
"7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1579107288-1.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.170-2.git.5.8802564.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.x86_64",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.x86_64",
"7Server-RH7-RHOSE-3.11:openshift-kuryr-0:3.11.170-1.git.1.7265da1.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-kuryr-cni-0:3.11.170-1.git.1.7265da1.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-kuryr-common-0:3.11.170-1.git.1.7265da1.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-kuryr-controller-0:3.11.170-1.git.1.7265da1.el7.noarch",
"7Server-RH7-RHOSE-3.11:prometheus-0:3.11.170-1.git.1.227bc98.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:prometheus-0:3.11.170-1.git.1.227bc98.el7.x86_64",
"7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.x86_64",
"7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.170-1.git.1.51473b7.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.170-1.git.1.51473b7.el7.x86_64",
"7Server-RH7-RHOSE-3.11:python2-kuryr-kubernetes-0:3.11.170-1.git.1.7265da1.el7.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-2104"
},
{
"category": "external",
"summary": "RHBZ#1797065",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1797065"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-2104",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2104"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-2104",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-2104"
}
],
"release_date": "2020-01-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-02-19T19:55:22+00:00",
"details": "Before applying this update, ensure all previously released errata relevant\nto your system is applied.\n\nSee the following documentation, which will be updated shortly for release\n3.11.170, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/3.11/release_notes/ocp_3_11_release_notes.html\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/articles/11258.",
"product_ids": [
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.170-1.git.1.91db82e.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.170-1.git.1.91db82e.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.170-1.git.0.00cac56.el7.noarch",
"7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.170-1.git.1.55fab05.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.170-1.git.1.55fab05.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.170-1.git.0.00cac56.el7.noarch",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.x86_64",
"7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.src",
"7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.x86_64",
"7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.x86_64",
"7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.src",
"7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.x86_64",
"7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.src",
"7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.170-1.git.1.51473b7.el7.src",
"7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.170-1.git.1.227bc98.el7.src",
"7Server-RH7-RHOSE-3.11:jenkins-0:2.204.2.1580891656-1.el7.noarch",
"7Server-RH7-RHOSE-3.11:jenkins-0:2.204.2.1580891656-1.el7.src",
"7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1579107288-1.el7.noarch",
"7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1579107288-1.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.170-2.git.5.8802564.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.x86_64",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.x86_64",
"7Server-RH7-RHOSE-3.11:openshift-kuryr-0:3.11.170-1.git.1.7265da1.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-kuryr-cni-0:3.11.170-1.git.1.7265da1.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-kuryr-common-0:3.11.170-1.git.1.7265da1.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-kuryr-controller-0:3.11.170-1.git.1.7265da1.el7.noarch",
"7Server-RH7-RHOSE-3.11:prometheus-0:3.11.170-1.git.1.227bc98.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:prometheus-0:3.11.170-1.git.1.227bc98.el7.x86_64",
"7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.x86_64",
"7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.170-1.git.1.51473b7.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.170-1.git.1.51473b7.el7.x86_64",
"7Server-RH7-RHOSE-3.11:python2-kuryr-kubernetes-0:3.11.170-1.git.1.7265da1.el7.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHBA-2020:0402"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.170-1.git.1.91db82e.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.170-1.git.1.91db82e.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.170-1.git.0.00cac56.el7.noarch",
"7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.170-1.git.1.55fab05.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.170-1.git.1.55fab05.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.170-1.git.0.00cac56.el7.noarch",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.x86_64",
"7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.src",
"7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.x86_64",
"7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.x86_64",
"7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.src",
"7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.x86_64",
"7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.src",
"7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.170-1.git.1.51473b7.el7.src",
"7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.170-1.git.1.227bc98.el7.src",
"7Server-RH7-RHOSE-3.11:jenkins-0:2.204.2.1580891656-1.el7.noarch",
"7Server-RH7-RHOSE-3.11:jenkins-0:2.204.2.1580891656-1.el7.src",
"7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1579107288-1.el7.noarch",
"7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1579107288-1.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.170-2.git.5.8802564.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.x86_64",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.x86_64",
"7Server-RH7-RHOSE-3.11:openshift-kuryr-0:3.11.170-1.git.1.7265da1.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-kuryr-cni-0:3.11.170-1.git.1.7265da1.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-kuryr-common-0:3.11.170-1.git.1.7265da1.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-kuryr-controller-0:3.11.170-1.git.1.7265da1.el7.noarch",
"7Server-RH7-RHOSE-3.11:prometheus-0:3.11.170-1.git.1.227bc98.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:prometheus-0:3.11.170-1.git.1.227bc98.el7.x86_64",
"7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.x86_64",
"7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.170-1.git.1.51473b7.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.170-1.git.1.51473b7.el7.x86_64",
"7Server-RH7-RHOSE-3.11:python2-kuryr-kubernetes-0:3.11.170-1.git.1.7265da1.el7.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "jenkins: Memory usage graphs accessible to anyone with Overall/Read"
},
{
"cve": "CVE-2020-2105",
"cwe": {
"id": "CWE-227",
"name": "CWE-227"
},
"discovery_date": "2020-01-29T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1797068"
}
],
"notes": [
{
"category": "description",
"text": "REST API endpoints in Jenkins 2.218 and earlier, LTS 2.204.1 and earlier were vulnerable to clickjacking attacks.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jenkins: REST APIs vulnerable to clickjacking",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.170-1.git.1.91db82e.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.170-1.git.1.91db82e.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.170-1.git.0.00cac56.el7.noarch",
"7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.170-1.git.1.55fab05.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.170-1.git.1.55fab05.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.170-1.git.0.00cac56.el7.noarch",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.x86_64",
"7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.src",
"7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.x86_64",
"7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.x86_64",
"7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.src",
"7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.x86_64",
"7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.src",
"7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.170-1.git.1.51473b7.el7.src",
"7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.170-1.git.1.227bc98.el7.src",
"7Server-RH7-RHOSE-3.11:jenkins-0:2.204.2.1580891656-1.el7.noarch",
"7Server-RH7-RHOSE-3.11:jenkins-0:2.204.2.1580891656-1.el7.src",
"7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1579107288-1.el7.noarch",
"7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1579107288-1.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.170-2.git.5.8802564.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.x86_64",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.x86_64",
"7Server-RH7-RHOSE-3.11:openshift-kuryr-0:3.11.170-1.git.1.7265da1.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-kuryr-cni-0:3.11.170-1.git.1.7265da1.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-kuryr-common-0:3.11.170-1.git.1.7265da1.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-kuryr-controller-0:3.11.170-1.git.1.7265da1.el7.noarch",
"7Server-RH7-RHOSE-3.11:prometheus-0:3.11.170-1.git.1.227bc98.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:prometheus-0:3.11.170-1.git.1.227bc98.el7.x86_64",
"7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.x86_64",
"7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.170-1.git.1.51473b7.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.170-1.git.1.51473b7.el7.x86_64",
"7Server-RH7-RHOSE-3.11:python2-kuryr-kubernetes-0:3.11.170-1.git.1.7265da1.el7.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-2105"
},
{
"category": "external",
"summary": "RHBZ#1797068",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1797068"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-2105",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2105"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-2105",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-2105"
}
],
"release_date": "2020-01-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-02-19T19:55:22+00:00",
"details": "Before applying this update, ensure all previously released errata relevant\nto your system is applied.\n\nSee the following documentation, which will be updated shortly for release\n3.11.170, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/3.11/release_notes/ocp_3_11_release_notes.html\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/articles/11258.",
"product_ids": [
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.170-1.git.1.91db82e.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.170-1.git.1.91db82e.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.170-1.git.0.00cac56.el7.noarch",
"7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.170-1.git.1.55fab05.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.170-1.git.1.55fab05.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.170-1.git.0.00cac56.el7.noarch",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.x86_64",
"7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.src",
"7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.x86_64",
"7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.x86_64",
"7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.src",
"7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.x86_64",
"7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.src",
"7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.170-1.git.1.51473b7.el7.src",
"7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.170-1.git.1.227bc98.el7.src",
"7Server-RH7-RHOSE-3.11:jenkins-0:2.204.2.1580891656-1.el7.noarch",
"7Server-RH7-RHOSE-3.11:jenkins-0:2.204.2.1580891656-1.el7.src",
"7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1579107288-1.el7.noarch",
"7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1579107288-1.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.170-2.git.5.8802564.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.x86_64",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.x86_64",
"7Server-RH7-RHOSE-3.11:openshift-kuryr-0:3.11.170-1.git.1.7265da1.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-kuryr-cni-0:3.11.170-1.git.1.7265da1.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-kuryr-common-0:3.11.170-1.git.1.7265da1.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-kuryr-controller-0:3.11.170-1.git.1.7265da1.el7.noarch",
"7Server-RH7-RHOSE-3.11:prometheus-0:3.11.170-1.git.1.227bc98.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:prometheus-0:3.11.170-1.git.1.227bc98.el7.x86_64",
"7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.x86_64",
"7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.170-1.git.1.51473b7.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.170-1.git.1.51473b7.el7.x86_64",
"7Server-RH7-RHOSE-3.11:python2-kuryr-kubernetes-0:3.11.170-1.git.1.7265da1.el7.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHBA-2020:0402"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.1,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.170-1.git.1.91db82e.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-enterprise-service-catalog-svcat-1:3.11.170-1.git.1.91db82e.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-clients-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-clients-redistributable-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-docker-excluder-0:3.11.170-1.git.0.00cac56.el7.noarch",
"7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.170-1.git.1.55fab05.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-dockerregistry-0:3.11.170-1.git.1.55fab05.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-excluder-0:3.11.170-1.git.0.00cac56.el7.noarch",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hyperkube-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-hypershift-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-master-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-pod-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-sdn-ovs-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-template-service-broker-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.170-1.git.0.00cac56.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-tests-0:3.11.170-1.git.0.00cac56.el7.x86_64",
"7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.src",
"7Server-RH7-RHOSE-3.11:atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7.x86_64",
"7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.src",
"7Server-RH7-RHOSE-3.11:cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.x86_64",
"7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:cri-o-debuginfo-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7.x86_64",
"7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.src",
"7Server-RH7-RHOSE-3.11:golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7.x86_64",
"7Server-RH7-RHOSE-3.11:golang-github-prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.src",
"7Server-RH7-RHOSE-3.11:golang-github-prometheus-node_exporter-0:3.11.170-1.git.1.51473b7.el7.src",
"7Server-RH7-RHOSE-3.11:golang-github-prometheus-prometheus-0:3.11.170-1.git.1.227bc98.el7.src",
"7Server-RH7-RHOSE-3.11:jenkins-0:2.204.2.1580891656-1.el7.noarch",
"7Server-RH7-RHOSE-3.11:jenkins-0:2.204.2.1580891656-1.el7.src",
"7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1579107288-1.el7.noarch",
"7Server-RH7-RHOSE-3.11:jenkins-2-plugins-0:3.11.1579107288-1.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-ansible-0:3.11.170-2.git.5.8802564.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-ansible-docs-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-ansible-playbooks-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-ansible-roles-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-ansible-test-0:3.11.170-2.git.5.8802564.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7.x86_64",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7.x86_64",
"7Server-RH7-RHOSE-3.11:openshift-kuryr-0:3.11.170-1.git.1.7265da1.el7.src",
"7Server-RH7-RHOSE-3.11:openshift-kuryr-cni-0:3.11.170-1.git.1.7265da1.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-kuryr-common-0:3.11.170-1.git.1.7265da1.el7.noarch",
"7Server-RH7-RHOSE-3.11:openshift-kuryr-controller-0:3.11.170-1.git.1.7265da1.el7.noarch",
"7Server-RH7-RHOSE-3.11:prometheus-0:3.11.170-1.git.1.227bc98.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:prometheus-0:3.11.170-1.git.1.227bc98.el7.x86_64",
"7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7.x86_64",
"7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.170-1.git.1.51473b7.el7.ppc64le",
"7Server-RH7-RHOSE-3.11:prometheus-node-exporter-0:3.11.170-1.git.1.51473b7.el7.x86_64",
"7Server-RH7-RHOSE-3.11:python2-kuryr-kubernetes-0:3.11.170-1.git.1.7265da1.el7.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "jenkins: REST APIs vulnerable to clickjacking"
}
]
}
RHBA-2020_0675
Vulnerability from csaf_redhat - Published: 2020-03-10 22:10 - Updated: 2024-11-22 14:24Summary
Red Hat Bug Fix Advisory: OpenShift Container Platform 4.3.5 packages update
Severity
Important
Notes
Topic: Red Hat OpenShift Container Platform release 4.3.5 is now available with
updates to packages and images that fix several bugs.
Details: Red Hat OpenShift Container Platform is Red Hat's cloud computing
Kubernetes application platform solution designed for on-premise or private
cloud deployments.
This advisory contains the RPM packages for Red Hat OpenShift Container
Platform 4.3.5. See the following advisory for the container images for
this release:
https://access.redhat.com/errata/RHBA-2020:0676
All OpenShift Container Platform 4.3 users are advised to upgrade to these
updated packages and images.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in Jenkins. Encryption key parameters are improperly reused in the Inbound TCP Agent Protocol/3 allowing unauthorized attackers with knowledge of agent names to obtain the connection secrets for those agents. The highest threat from this vulnerability is to data confidentiality.
8.6 (High)
Affected products
Fixed
2 products
Known not affected
60 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-1:4.3.5-202003020117.git.0.4eb885c.el7.src | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-1:4.3.5-202003020117.git.0.4eb885c.el7.x86_64 | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-svcat-1:4.3.5-202003020117.git.0.4eb885c.el7.x86_64 | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:atomic-openshift-service-idler-0:4.3.5-202003020117.git.13.3ac2b0e.el7.src | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:atomic-openshift-service-idler-0:4.3.5-202003020117.git.13.3ac2b0e.el7.x86_64 | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:cri-tools-0:1.17.0-1.el7.src | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:cri-tools-0:1.17.0-1.el7.x86_64 | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:cri-tools-debuginfo-0:1.17.0-1.el7.x86_64 | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:jenkins-2-plugins-0:4.3.1583445947-1.el7.noarch | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:jenkins-2-plugins-0:4.3.1583445947-1.el7.src | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:openshift-0:4.3.5-202002280657.git.0.b3bfb5a.el7.src | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:openshift-ansible-0:4.3.5-202002280657.git.1.e4f02b3.el7.noarch | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:openshift-ansible-0:4.3.5-202002280657.git.1.e4f02b3.el7.src | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:openshift-ansible-test-0:4.3.5-202002280657.git.1.e4f02b3.el7.noarch | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el7.src | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el7.x86_64 | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:openshift-clients-redistributable-0:4.3.5-202002280657.git.1.55a9334.el7.x86_64 | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:openshift-hyperkube-0:4.3.5-202002280657.git.0.b3bfb5a.el7.x86_64 | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:ovn2.12-0:2.12.0-32.el7fdn.src | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:ovn2.12-0:2.12.0-32.el7fdn.x86_64 | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:ovn2.12-central-0:2.12.0-32.el7fdn.x86_64 | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:ovn2.12-debuginfo-0:2.12.0-32.el7fdn.x86_64 | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:ovn2.12-host-0:2.12.0-32.el7fdn.x86_64 | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:ovn2.12-vtep-0:2.12.0-32.el7fdn.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:buildah-0:1.11.6-4.el8.src | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:buildah-0:1.11.6-4.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:buildah-debuginfo-0:1.11.6-4.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:buildah-debugsource-0:1.11.6-4.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:buildah-tests-0:1.11.6-4.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:buildah-tests-debuginfo-0:1.11.6-4.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:containers-common-1:0.1.40-4.rhaos.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:cri-o-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.src | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:cri-o-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:cri-o-debuginfo-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:cri-o-debugsource-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:cri-tools-0:1.17.0-2.el8.src | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:cri-tools-0:1.17.0-2.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:cri-tools-debuginfo-0:1.17.0-2.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:cri-tools-debugsource-0:1.17.0-2.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:machine-config-daemon-0:4.3.5-202003020117.git.0.61e0e48.el8.src | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:machine-config-daemon-0:4.3.5-202003020117.git.0.61e0e48.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:openshift-0:4.3.5-202002280657.git.0.b3bfb5a.el8.src | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el8.src | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:openshift-clients-redistributable-0:4.3.5-202002280657.git.1.55a9334.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:openshift-hyperkube-0:4.3.5-202002280657.git.0.b3bfb5a.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:openshift-kuryr-0:4.3.5-202003020117.git.0.237579a.el8.src | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:openshift-kuryr-cni-0:4.3.5-202003020117.git.0.237579a.el8.noarch | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:openshift-kuryr-common-0:4.3.5-202003020117.git.0.237579a.el8.noarch | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:openshift-kuryr-controller-0:4.3.5-202003020117.git.0.237579a.el8.noarch | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:python3-kuryr-kubernetes-0:4.3.5-202003020117.git.0.237579a.el8.noarch | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:runc-0:1.0.0-65.rc10.rhaos4.3.el8.src | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:runc-0:1.0.0-65.rc10.rhaos4.3.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:runc-debuginfo-0:1.0.0-65.rc10.rhaos4.3.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:runc-debugsource-0:1.0.0-65.rc10.rhaos4.3.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:skopeo-1:0.1.40-4.rhaos.el8.src | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:skopeo-1:0.1.40-4.rhaos.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:skopeo-debuginfo-1:0.1.40-4.rhaos.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:skopeo-debugsource-1:0.1.40-4.rhaos.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:skopeo-tests-1:0.1.40-4.rhaos.el8.x86_64 | — |
Threats
Impact
Important
Jenkins 2.218 and earlier, LTS 2.204.1 and earlier was vulnerable to a UDP amplification reflection denial of service attack on port 33848.
5.8 (Medium)
Affected products
Fixed
2 products
Known not affected
60 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-1:4.3.5-202003020117.git.0.4eb885c.el7.src | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-1:4.3.5-202003020117.git.0.4eb885c.el7.x86_64 | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-svcat-1:4.3.5-202003020117.git.0.4eb885c.el7.x86_64 | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:atomic-openshift-service-idler-0:4.3.5-202003020117.git.13.3ac2b0e.el7.src | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:atomic-openshift-service-idler-0:4.3.5-202003020117.git.13.3ac2b0e.el7.x86_64 | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:cri-tools-0:1.17.0-1.el7.src | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:cri-tools-0:1.17.0-1.el7.x86_64 | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:cri-tools-debuginfo-0:1.17.0-1.el7.x86_64 | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:jenkins-2-plugins-0:4.3.1583445947-1.el7.noarch | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:jenkins-2-plugins-0:4.3.1583445947-1.el7.src | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:openshift-0:4.3.5-202002280657.git.0.b3bfb5a.el7.src | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:openshift-ansible-0:4.3.5-202002280657.git.1.e4f02b3.el7.noarch | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:openshift-ansible-0:4.3.5-202002280657.git.1.e4f02b3.el7.src | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:openshift-ansible-test-0:4.3.5-202002280657.git.1.e4f02b3.el7.noarch | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el7.src | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el7.x86_64 | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:openshift-clients-redistributable-0:4.3.5-202002280657.git.1.55a9334.el7.x86_64 | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:openshift-hyperkube-0:4.3.5-202002280657.git.0.b3bfb5a.el7.x86_64 | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:ovn2.12-0:2.12.0-32.el7fdn.src | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:ovn2.12-0:2.12.0-32.el7fdn.x86_64 | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:ovn2.12-central-0:2.12.0-32.el7fdn.x86_64 | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:ovn2.12-debuginfo-0:2.12.0-32.el7fdn.x86_64 | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:ovn2.12-host-0:2.12.0-32.el7fdn.x86_64 | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:ovn2.12-vtep-0:2.12.0-32.el7fdn.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:buildah-0:1.11.6-4.el8.src | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:buildah-0:1.11.6-4.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:buildah-debuginfo-0:1.11.6-4.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:buildah-debugsource-0:1.11.6-4.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:buildah-tests-0:1.11.6-4.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:buildah-tests-debuginfo-0:1.11.6-4.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:containers-common-1:0.1.40-4.rhaos.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:cri-o-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.src | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:cri-o-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:cri-o-debuginfo-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:cri-o-debugsource-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:cri-tools-0:1.17.0-2.el8.src | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:cri-tools-0:1.17.0-2.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:cri-tools-debuginfo-0:1.17.0-2.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:cri-tools-debugsource-0:1.17.0-2.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:machine-config-daemon-0:4.3.5-202003020117.git.0.61e0e48.el8.src | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:machine-config-daemon-0:4.3.5-202003020117.git.0.61e0e48.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:openshift-0:4.3.5-202002280657.git.0.b3bfb5a.el8.src | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el8.src | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:openshift-clients-redistributable-0:4.3.5-202002280657.git.1.55a9334.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:openshift-hyperkube-0:4.3.5-202002280657.git.0.b3bfb5a.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:openshift-kuryr-0:4.3.5-202003020117.git.0.237579a.el8.src | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:openshift-kuryr-cni-0:4.3.5-202003020117.git.0.237579a.el8.noarch | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:openshift-kuryr-common-0:4.3.5-202003020117.git.0.237579a.el8.noarch | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:openshift-kuryr-controller-0:4.3.5-202003020117.git.0.237579a.el8.noarch | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:python3-kuryr-kubernetes-0:4.3.5-202003020117.git.0.237579a.el8.noarch | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:runc-0:1.0.0-65.rc10.rhaos4.3.el8.src | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:runc-0:1.0.0-65.rc10.rhaos4.3.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:runc-debuginfo-0:1.0.0-65.rc10.rhaos4.3.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:runc-debugsource-0:1.0.0-65.rc10.rhaos4.3.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:skopeo-1:0.1.40-4.rhaos.el8.src | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:skopeo-1:0.1.40-4.rhaos.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:skopeo-debuginfo-1:0.1.40-4.rhaos.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:skopeo-debugsource-1:0.1.40-4.rhaos.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:skopeo-tests-1:0.1.40-4.rhaos.el8.x86_64 | — |
Threats
Impact
Moderate
Jenkins 2.218 and earlier, LTS 2.204.1 and earlier did not use a constant-time comparison function for validating connection secrets, which could potentially allow an attacker to use a timing attack to obtain this secret.
5.3 (Medium)
Affected products
Fixed
2 products
Known not affected
60 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-1:4.3.5-202003020117.git.0.4eb885c.el7.src | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-1:4.3.5-202003020117.git.0.4eb885c.el7.x86_64 | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-svcat-1:4.3.5-202003020117.git.0.4eb885c.el7.x86_64 | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:atomic-openshift-service-idler-0:4.3.5-202003020117.git.13.3ac2b0e.el7.src | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:atomic-openshift-service-idler-0:4.3.5-202003020117.git.13.3ac2b0e.el7.x86_64 | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:cri-tools-0:1.17.0-1.el7.src | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:cri-tools-0:1.17.0-1.el7.x86_64 | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:cri-tools-debuginfo-0:1.17.0-1.el7.x86_64 | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:jenkins-2-plugins-0:4.3.1583445947-1.el7.noarch | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:jenkins-2-plugins-0:4.3.1583445947-1.el7.src | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:openshift-0:4.3.5-202002280657.git.0.b3bfb5a.el7.src | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:openshift-ansible-0:4.3.5-202002280657.git.1.e4f02b3.el7.noarch | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:openshift-ansible-0:4.3.5-202002280657.git.1.e4f02b3.el7.src | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:openshift-ansible-test-0:4.3.5-202002280657.git.1.e4f02b3.el7.noarch | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el7.src | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el7.x86_64 | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:openshift-clients-redistributable-0:4.3.5-202002280657.git.1.55a9334.el7.x86_64 | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:openshift-hyperkube-0:4.3.5-202002280657.git.0.b3bfb5a.el7.x86_64 | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:ovn2.12-0:2.12.0-32.el7fdn.src | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:ovn2.12-0:2.12.0-32.el7fdn.x86_64 | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:ovn2.12-central-0:2.12.0-32.el7fdn.x86_64 | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:ovn2.12-debuginfo-0:2.12.0-32.el7fdn.x86_64 | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:ovn2.12-host-0:2.12.0-32.el7fdn.x86_64 | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:ovn2.12-vtep-0:2.12.0-32.el7fdn.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:buildah-0:1.11.6-4.el8.src | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:buildah-0:1.11.6-4.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:buildah-debuginfo-0:1.11.6-4.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:buildah-debugsource-0:1.11.6-4.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:buildah-tests-0:1.11.6-4.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:buildah-tests-debuginfo-0:1.11.6-4.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:containers-common-1:0.1.40-4.rhaos.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:cri-o-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.src | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:cri-o-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:cri-o-debuginfo-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:cri-o-debugsource-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:cri-tools-0:1.17.0-2.el8.src | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:cri-tools-0:1.17.0-2.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:cri-tools-debuginfo-0:1.17.0-2.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:cri-tools-debugsource-0:1.17.0-2.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:machine-config-daemon-0:4.3.5-202003020117.git.0.61e0e48.el8.src | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:machine-config-daemon-0:4.3.5-202003020117.git.0.61e0e48.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:openshift-0:4.3.5-202002280657.git.0.b3bfb5a.el8.src | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el8.src | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:openshift-clients-redistributable-0:4.3.5-202002280657.git.1.55a9334.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:openshift-hyperkube-0:4.3.5-202002280657.git.0.b3bfb5a.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:openshift-kuryr-0:4.3.5-202003020117.git.0.237579a.el8.src | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:openshift-kuryr-cni-0:4.3.5-202003020117.git.0.237579a.el8.noarch | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:openshift-kuryr-common-0:4.3.5-202003020117.git.0.237579a.el8.noarch | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:openshift-kuryr-controller-0:4.3.5-202003020117.git.0.237579a.el8.noarch | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:python3-kuryr-kubernetes-0:4.3.5-202003020117.git.0.237579a.el8.noarch | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:runc-0:1.0.0-65.rc10.rhaos4.3.el8.src | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:runc-0:1.0.0-65.rc10.rhaos4.3.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:runc-debuginfo-0:1.0.0-65.rc10.rhaos4.3.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:runc-debugsource-0:1.0.0-65.rc10.rhaos4.3.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:skopeo-1:0.1.40-4.rhaos.el8.src | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:skopeo-1:0.1.40-4.rhaos.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:skopeo-debuginfo-1:0.1.40-4.rhaos.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:skopeo-debugsource-1:0.1.40-4.rhaos.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:skopeo-tests-1:0.1.40-4.rhaos.el8.x86_64 | — |
Threats
Impact
Moderate
Jenkins 2.218 and earlier, LTS 2.204.1 and earlier used a non-constant time comparison function when validating an HMAC.
5.3 (Medium)
Affected products
Fixed
2 products
Known not affected
60 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-1:4.3.5-202003020117.git.0.4eb885c.el7.src | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-1:4.3.5-202003020117.git.0.4eb885c.el7.x86_64 | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-svcat-1:4.3.5-202003020117.git.0.4eb885c.el7.x86_64 | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:atomic-openshift-service-idler-0:4.3.5-202003020117.git.13.3ac2b0e.el7.src | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:atomic-openshift-service-idler-0:4.3.5-202003020117.git.13.3ac2b0e.el7.x86_64 | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:cri-tools-0:1.17.0-1.el7.src | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:cri-tools-0:1.17.0-1.el7.x86_64 | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:cri-tools-debuginfo-0:1.17.0-1.el7.x86_64 | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:jenkins-2-plugins-0:4.3.1583445947-1.el7.noarch | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:jenkins-2-plugins-0:4.3.1583445947-1.el7.src | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:openshift-0:4.3.5-202002280657.git.0.b3bfb5a.el7.src | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:openshift-ansible-0:4.3.5-202002280657.git.1.e4f02b3.el7.noarch | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:openshift-ansible-0:4.3.5-202002280657.git.1.e4f02b3.el7.src | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:openshift-ansible-test-0:4.3.5-202002280657.git.1.e4f02b3.el7.noarch | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el7.src | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el7.x86_64 | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:openshift-clients-redistributable-0:4.3.5-202002280657.git.1.55a9334.el7.x86_64 | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:openshift-hyperkube-0:4.3.5-202002280657.git.0.b3bfb5a.el7.x86_64 | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:ovn2.12-0:2.12.0-32.el7fdn.src | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:ovn2.12-0:2.12.0-32.el7fdn.x86_64 | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:ovn2.12-central-0:2.12.0-32.el7fdn.x86_64 | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:ovn2.12-debuginfo-0:2.12.0-32.el7fdn.x86_64 | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:ovn2.12-host-0:2.12.0-32.el7fdn.x86_64 | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:ovn2.12-vtep-0:2.12.0-32.el7fdn.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:buildah-0:1.11.6-4.el8.src | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:buildah-0:1.11.6-4.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:buildah-debuginfo-0:1.11.6-4.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:buildah-debugsource-0:1.11.6-4.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:buildah-tests-0:1.11.6-4.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:buildah-tests-debuginfo-0:1.11.6-4.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:containers-common-1:0.1.40-4.rhaos.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:cri-o-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.src | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:cri-o-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:cri-o-debuginfo-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:cri-o-debugsource-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:cri-tools-0:1.17.0-2.el8.src | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:cri-tools-0:1.17.0-2.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:cri-tools-debuginfo-0:1.17.0-2.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:cri-tools-debugsource-0:1.17.0-2.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:machine-config-daemon-0:4.3.5-202003020117.git.0.61e0e48.el8.src | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:machine-config-daemon-0:4.3.5-202003020117.git.0.61e0e48.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:openshift-0:4.3.5-202002280657.git.0.b3bfb5a.el8.src | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el8.src | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:openshift-clients-redistributable-0:4.3.5-202002280657.git.1.55a9334.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:openshift-hyperkube-0:4.3.5-202002280657.git.0.b3bfb5a.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:openshift-kuryr-0:4.3.5-202003020117.git.0.237579a.el8.src | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:openshift-kuryr-cni-0:4.3.5-202003020117.git.0.237579a.el8.noarch | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:openshift-kuryr-common-0:4.3.5-202003020117.git.0.237579a.el8.noarch | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:openshift-kuryr-controller-0:4.3.5-202003020117.git.0.237579a.el8.noarch | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:python3-kuryr-kubernetes-0:4.3.5-202003020117.git.0.237579a.el8.noarch | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:runc-0:1.0.0-65.rc10.rhaos4.3.el8.src | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:runc-0:1.0.0-65.rc10.rhaos4.3.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:runc-debuginfo-0:1.0.0-65.rc10.rhaos4.3.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:runc-debugsource-0:1.0.0-65.rc10.rhaos4.3.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:skopeo-1:0.1.40-4.rhaos.el8.src | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:skopeo-1:0.1.40-4.rhaos.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:skopeo-debuginfo-1:0.1.40-4.rhaos.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:skopeo-debugsource-1:0.1.40-4.rhaos.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:skopeo-tests-1:0.1.40-4.rhaos.el8.x86_64 | — |
Threats
Impact
Moderate
Jenkins 2.218 and earlier, LTS 2.204.1 and earlier exposed session identifiers on a user's detail object in the whoAmI diagnostic page.
4.4 (Medium)
Affected products
Fixed
2 products
Known not affected
60 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-1:4.3.5-202003020117.git.0.4eb885c.el7.src | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-1:4.3.5-202003020117.git.0.4eb885c.el7.x86_64 | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-svcat-1:4.3.5-202003020117.git.0.4eb885c.el7.x86_64 | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:atomic-openshift-service-idler-0:4.3.5-202003020117.git.13.3ac2b0e.el7.src | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:atomic-openshift-service-idler-0:4.3.5-202003020117.git.13.3ac2b0e.el7.x86_64 | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:cri-tools-0:1.17.0-1.el7.src | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:cri-tools-0:1.17.0-1.el7.x86_64 | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:cri-tools-debuginfo-0:1.17.0-1.el7.x86_64 | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:jenkins-2-plugins-0:4.3.1583445947-1.el7.noarch | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:jenkins-2-plugins-0:4.3.1583445947-1.el7.src | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:openshift-0:4.3.5-202002280657.git.0.b3bfb5a.el7.src | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:openshift-ansible-0:4.3.5-202002280657.git.1.e4f02b3.el7.noarch | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:openshift-ansible-0:4.3.5-202002280657.git.1.e4f02b3.el7.src | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:openshift-ansible-test-0:4.3.5-202002280657.git.1.e4f02b3.el7.noarch | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el7.src | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el7.x86_64 | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:openshift-clients-redistributable-0:4.3.5-202002280657.git.1.55a9334.el7.x86_64 | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:openshift-hyperkube-0:4.3.5-202002280657.git.0.b3bfb5a.el7.x86_64 | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:ovn2.12-0:2.12.0-32.el7fdn.src | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:ovn2.12-0:2.12.0-32.el7fdn.x86_64 | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:ovn2.12-central-0:2.12.0-32.el7fdn.x86_64 | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:ovn2.12-debuginfo-0:2.12.0-32.el7fdn.x86_64 | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:ovn2.12-host-0:2.12.0-32.el7fdn.x86_64 | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:ovn2.12-vtep-0:2.12.0-32.el7fdn.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:buildah-0:1.11.6-4.el8.src | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:buildah-0:1.11.6-4.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:buildah-debuginfo-0:1.11.6-4.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:buildah-debugsource-0:1.11.6-4.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:buildah-tests-0:1.11.6-4.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:buildah-tests-debuginfo-0:1.11.6-4.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:containers-common-1:0.1.40-4.rhaos.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:cri-o-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.src | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:cri-o-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:cri-o-debuginfo-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:cri-o-debugsource-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:cri-tools-0:1.17.0-2.el8.src | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:cri-tools-0:1.17.0-2.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:cri-tools-debuginfo-0:1.17.0-2.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:cri-tools-debugsource-0:1.17.0-2.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:machine-config-daemon-0:4.3.5-202003020117.git.0.61e0e48.el8.src | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:machine-config-daemon-0:4.3.5-202003020117.git.0.61e0e48.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:openshift-0:4.3.5-202002280657.git.0.b3bfb5a.el8.src | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el8.src | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:openshift-clients-redistributable-0:4.3.5-202002280657.git.1.55a9334.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:openshift-hyperkube-0:4.3.5-202002280657.git.0.b3bfb5a.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:openshift-kuryr-0:4.3.5-202003020117.git.0.237579a.el8.src | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:openshift-kuryr-cni-0:4.3.5-202003020117.git.0.237579a.el8.noarch | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:openshift-kuryr-common-0:4.3.5-202003020117.git.0.237579a.el8.noarch | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:openshift-kuryr-controller-0:4.3.5-202003020117.git.0.237579a.el8.noarch | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:python3-kuryr-kubernetes-0:4.3.5-202003020117.git.0.237579a.el8.noarch | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:runc-0:1.0.0-65.rc10.rhaos4.3.el8.src | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:runc-0:1.0.0-65.rc10.rhaos4.3.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:runc-debuginfo-0:1.0.0-65.rc10.rhaos4.3.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:runc-debugsource-0:1.0.0-65.rc10.rhaos4.3.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:skopeo-1:0.1.40-4.rhaos.el8.src | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:skopeo-1:0.1.40-4.rhaos.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:skopeo-debuginfo-1:0.1.40-4.rhaos.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:skopeo-debugsource-1:0.1.40-4.rhaos.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:skopeo-tests-1:0.1.40-4.rhaos.el8.x86_64 | — |
Threats
Impact
Moderate
Jenkins 2.218 and earlier, LTS 2.204.1 and earlier allowed users with Overall/Read access to view a JVM memory usage chart.
4.3 (Medium)
Affected products
Fixed
2 products
Known not affected
60 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-1:4.3.5-202003020117.git.0.4eb885c.el7.src | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-1:4.3.5-202003020117.git.0.4eb885c.el7.x86_64 | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-svcat-1:4.3.5-202003020117.git.0.4eb885c.el7.x86_64 | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:atomic-openshift-service-idler-0:4.3.5-202003020117.git.13.3ac2b0e.el7.src | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:atomic-openshift-service-idler-0:4.3.5-202003020117.git.13.3ac2b0e.el7.x86_64 | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:cri-tools-0:1.17.0-1.el7.src | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:cri-tools-0:1.17.0-1.el7.x86_64 | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:cri-tools-debuginfo-0:1.17.0-1.el7.x86_64 | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:jenkins-2-plugins-0:4.3.1583445947-1.el7.noarch | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:jenkins-2-plugins-0:4.3.1583445947-1.el7.src | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:openshift-0:4.3.5-202002280657.git.0.b3bfb5a.el7.src | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:openshift-ansible-0:4.3.5-202002280657.git.1.e4f02b3.el7.noarch | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:openshift-ansible-0:4.3.5-202002280657.git.1.e4f02b3.el7.src | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:openshift-ansible-test-0:4.3.5-202002280657.git.1.e4f02b3.el7.noarch | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el7.src | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el7.x86_64 | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:openshift-clients-redistributable-0:4.3.5-202002280657.git.1.55a9334.el7.x86_64 | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:openshift-hyperkube-0:4.3.5-202002280657.git.0.b3bfb5a.el7.x86_64 | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:ovn2.12-0:2.12.0-32.el7fdn.src | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:ovn2.12-0:2.12.0-32.el7fdn.x86_64 | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:ovn2.12-central-0:2.12.0-32.el7fdn.x86_64 | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:ovn2.12-debuginfo-0:2.12.0-32.el7fdn.x86_64 | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:ovn2.12-host-0:2.12.0-32.el7fdn.x86_64 | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:ovn2.12-vtep-0:2.12.0-32.el7fdn.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:buildah-0:1.11.6-4.el8.src | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:buildah-0:1.11.6-4.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:buildah-debuginfo-0:1.11.6-4.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:buildah-debugsource-0:1.11.6-4.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:buildah-tests-0:1.11.6-4.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:buildah-tests-debuginfo-0:1.11.6-4.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:containers-common-1:0.1.40-4.rhaos.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:cri-o-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.src | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:cri-o-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:cri-o-debuginfo-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:cri-o-debugsource-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:cri-tools-0:1.17.0-2.el8.src | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:cri-tools-0:1.17.0-2.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:cri-tools-debuginfo-0:1.17.0-2.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:cri-tools-debugsource-0:1.17.0-2.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:machine-config-daemon-0:4.3.5-202003020117.git.0.61e0e48.el8.src | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:machine-config-daemon-0:4.3.5-202003020117.git.0.61e0e48.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:openshift-0:4.3.5-202002280657.git.0.b3bfb5a.el8.src | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el8.src | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:openshift-clients-redistributable-0:4.3.5-202002280657.git.1.55a9334.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:openshift-hyperkube-0:4.3.5-202002280657.git.0.b3bfb5a.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:openshift-kuryr-0:4.3.5-202003020117.git.0.237579a.el8.src | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:openshift-kuryr-cni-0:4.3.5-202003020117.git.0.237579a.el8.noarch | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:openshift-kuryr-common-0:4.3.5-202003020117.git.0.237579a.el8.noarch | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:openshift-kuryr-controller-0:4.3.5-202003020117.git.0.237579a.el8.noarch | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:python3-kuryr-kubernetes-0:4.3.5-202003020117.git.0.237579a.el8.noarch | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:runc-0:1.0.0-65.rc10.rhaos4.3.el8.src | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:runc-0:1.0.0-65.rc10.rhaos4.3.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:runc-debuginfo-0:1.0.0-65.rc10.rhaos4.3.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:runc-debugsource-0:1.0.0-65.rc10.rhaos4.3.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:skopeo-1:0.1.40-4.rhaos.el8.src | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:skopeo-1:0.1.40-4.rhaos.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:skopeo-debuginfo-1:0.1.40-4.rhaos.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:skopeo-debugsource-1:0.1.40-4.rhaos.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:skopeo-tests-1:0.1.40-4.rhaos.el8.x86_64 | — |
Threats
Impact
Low
REST API endpoints in Jenkins 2.218 and earlier, LTS 2.204.1 and earlier were vulnerable to clickjacking attacks.
CWE-227 - CWE-227Affected products
Fixed
2 products
Known not affected
60 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-1:4.3.5-202003020117.git.0.4eb885c.el7.src | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-1:4.3.5-202003020117.git.0.4eb885c.el7.x86_64 | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-svcat-1:4.3.5-202003020117.git.0.4eb885c.el7.x86_64 | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:atomic-openshift-service-idler-0:4.3.5-202003020117.git.13.3ac2b0e.el7.src | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:atomic-openshift-service-idler-0:4.3.5-202003020117.git.13.3ac2b0e.el7.x86_64 | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:cri-tools-0:1.17.0-1.el7.src | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:cri-tools-0:1.17.0-1.el7.x86_64 | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:cri-tools-debuginfo-0:1.17.0-1.el7.x86_64 | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:jenkins-2-plugins-0:4.3.1583445947-1.el7.noarch | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:jenkins-2-plugins-0:4.3.1583445947-1.el7.src | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:openshift-0:4.3.5-202002280657.git.0.b3bfb5a.el7.src | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:openshift-ansible-0:4.3.5-202002280657.git.1.e4f02b3.el7.noarch | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:openshift-ansible-0:4.3.5-202002280657.git.1.e4f02b3.el7.src | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:openshift-ansible-test-0:4.3.5-202002280657.git.1.e4f02b3.el7.noarch | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el7.src | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el7.x86_64 | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:openshift-clients-redistributable-0:4.3.5-202002280657.git.1.55a9334.el7.x86_64 | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:openshift-hyperkube-0:4.3.5-202002280657.git.0.b3bfb5a.el7.x86_64 | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:ovn2.12-0:2.12.0-32.el7fdn.src | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:ovn2.12-0:2.12.0-32.el7fdn.x86_64 | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:ovn2.12-central-0:2.12.0-32.el7fdn.x86_64 | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:ovn2.12-debuginfo-0:2.12.0-32.el7fdn.x86_64 | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:ovn2.12-host-0:2.12.0-32.el7fdn.x86_64 | — | ||
| Unresolved product id: 7Server-RH7-RHOSE-4.3:ovn2.12-vtep-0:2.12.0-32.el7fdn.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:buildah-0:1.11.6-4.el8.src | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:buildah-0:1.11.6-4.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:buildah-debuginfo-0:1.11.6-4.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:buildah-debugsource-0:1.11.6-4.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:buildah-tests-0:1.11.6-4.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:buildah-tests-debuginfo-0:1.11.6-4.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:containers-common-1:0.1.40-4.rhaos.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:cri-o-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.src | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:cri-o-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:cri-o-debuginfo-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:cri-o-debugsource-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:cri-tools-0:1.17.0-2.el8.src | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:cri-tools-0:1.17.0-2.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:cri-tools-debuginfo-0:1.17.0-2.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:cri-tools-debugsource-0:1.17.0-2.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:machine-config-daemon-0:4.3.5-202003020117.git.0.61e0e48.el8.src | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:machine-config-daemon-0:4.3.5-202003020117.git.0.61e0e48.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:openshift-0:4.3.5-202002280657.git.0.b3bfb5a.el8.src | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el8.src | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:openshift-clients-redistributable-0:4.3.5-202002280657.git.1.55a9334.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:openshift-hyperkube-0:4.3.5-202002280657.git.0.b3bfb5a.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:openshift-kuryr-0:4.3.5-202003020117.git.0.237579a.el8.src | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:openshift-kuryr-cni-0:4.3.5-202003020117.git.0.237579a.el8.noarch | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:openshift-kuryr-common-0:4.3.5-202003020117.git.0.237579a.el8.noarch | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:openshift-kuryr-controller-0:4.3.5-202003020117.git.0.237579a.el8.noarch | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:python3-kuryr-kubernetes-0:4.3.5-202003020117.git.0.237579a.el8.noarch | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:runc-0:1.0.0-65.rc10.rhaos4.3.el8.src | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:runc-0:1.0.0-65.rc10.rhaos4.3.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:runc-debuginfo-0:1.0.0-65.rc10.rhaos4.3.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:runc-debugsource-0:1.0.0-65.rc10.rhaos4.3.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:skopeo-1:0.1.40-4.rhaos.el8.src | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:skopeo-1:0.1.40-4.rhaos.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:skopeo-debuginfo-1:0.1.40-4.rhaos.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:skopeo-debugsource-1:0.1.40-4.rhaos.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.3:skopeo-tests-1:0.1.40-4.rhaos.el8.x86_64 | — |
Threats
Impact
Low
References
31 references
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Red Hat OpenShift Container Platform release 4.3.5 is now available with\nupdates to packages and images that fix several bugs.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat OpenShift Container Platform is Red Hat\u0027s cloud computing\nKubernetes application platform solution designed for on-premise or private\ncloud deployments.\n\nThis advisory contains the RPM packages for Red Hat OpenShift Container\nPlatform 4.3.5. See the following advisory for the container images for\nthis release:\n\nhttps://access.redhat.com/errata/RHBA-2020:0676\n\nAll OpenShift Container Platform 4.3 users are advised to upgrade to these\nupdated packages and images.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHBA-2020:0675",
"url": "https://access.redhat.com/errata/RHBA-2020:0675"
},
{
"category": "external",
"summary": "1804814",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1804814"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2020/rhba-2020_0675.json"
}
],
"title": "Red Hat Bug Fix Advisory: OpenShift Container Platform 4.3.5 packages update",
"tracking": {
"current_release_date": "2024-11-22T14:24:59+00:00",
"generator": {
"date": "2024-11-22T14:24:59+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.1"
}
},
"id": "RHBA-2020:0675",
"initial_release_date": "2020-03-10T22:10:58+00:00",
"revision_history": [
{
"date": "2020-03-10T22:10:58+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2020-03-10T22:10:58+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-22T14:24:59+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat OpenShift Container Platform 4.3",
"product": {
"name": "Red Hat OpenShift Container Platform 4.3",
"product_id": "7Server-RH7-RHOSE-4.3",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift:4.3::el7"
}
}
},
{
"category": "product_name",
"name": "Red Hat OpenShift Container Platform 4.3",
"product": {
"name": "Red Hat OpenShift Container Platform 4.3",
"product_id": "8Base-RHOSE-4.3",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift:4.3::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenShift Enterprise"
},
{
"branches": [
{
"category": "product_version",
"name": "cri-tools-0:1.17.0-1.el7.x86_64",
"product": {
"name": "cri-tools-0:1.17.0-1.el7.x86_64",
"product_id": "cri-tools-0:1.17.0-1.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cri-tools@1.17.0-1.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "cri-tools-debuginfo-0:1.17.0-1.el7.x86_64",
"product": {
"name": "cri-tools-debuginfo-0:1.17.0-1.el7.x86_64",
"product_id": "cri-tools-debuginfo-0:1.17.0-1.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cri-tools-debuginfo@1.17.0-1.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "openshift-hyperkube-0:4.3.5-202002280657.git.0.b3bfb5a.el7.x86_64",
"product": {
"name": "openshift-hyperkube-0:4.3.5-202002280657.git.0.b3bfb5a.el7.x86_64",
"product_id": "openshift-hyperkube-0:4.3.5-202002280657.git.0.b3bfb5a.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-hyperkube@4.3.5-202002280657.git.0.b3bfb5a.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el7.x86_64",
"product": {
"name": "openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el7.x86_64",
"product_id": "openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-clients@4.3.5-202002280657.git.1.55a9334.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "openshift-clients-redistributable-0:4.3.5-202002280657.git.1.55a9334.el7.x86_64",
"product": {
"name": "openshift-clients-redistributable-0:4.3.5-202002280657.git.1.55a9334.el7.x86_64",
"product_id": "openshift-clients-redistributable-0:4.3.5-202002280657.git.1.55a9334.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-clients-redistributable@4.3.5-202002280657.git.1.55a9334.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "atomic-openshift-service-idler-0:4.3.5-202003020117.git.13.3ac2b0e.el7.x86_64",
"product": {
"name": "atomic-openshift-service-idler-0:4.3.5-202003020117.git.13.3ac2b0e.el7.x86_64",
"product_id": "atomic-openshift-service-idler-0:4.3.5-202003020117.git.13.3ac2b0e.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/atomic-openshift-service-idler@4.3.5-202003020117.git.13.3ac2b0e.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "atomic-enterprise-service-catalog-1:4.3.5-202003020117.git.0.4eb885c.el7.x86_64",
"product": {
"name": "atomic-enterprise-service-catalog-1:4.3.5-202003020117.git.0.4eb885c.el7.x86_64",
"product_id": "atomic-enterprise-service-catalog-1:4.3.5-202003020117.git.0.4eb885c.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/atomic-enterprise-service-catalog@4.3.5-202003020117.git.0.4eb885c.el7?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "atomic-enterprise-service-catalog-svcat-1:4.3.5-202003020117.git.0.4eb885c.el7.x86_64",
"product": {
"name": "atomic-enterprise-service-catalog-svcat-1:4.3.5-202003020117.git.0.4eb885c.el7.x86_64",
"product_id": "atomic-enterprise-service-catalog-svcat-1:4.3.5-202003020117.git.0.4eb885c.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/atomic-enterprise-service-catalog-svcat@4.3.5-202003020117.git.0.4eb885c.el7?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "ovn2.12-0:2.12.0-32.el7fdn.x86_64",
"product": {
"name": "ovn2.12-0:2.12.0-32.el7fdn.x86_64",
"product_id": "ovn2.12-0:2.12.0-32.el7fdn.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ovn2.12@2.12.0-32.el7fdn?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "ovn2.12-central-0:2.12.0-32.el7fdn.x86_64",
"product": {
"name": "ovn2.12-central-0:2.12.0-32.el7fdn.x86_64",
"product_id": "ovn2.12-central-0:2.12.0-32.el7fdn.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ovn2.12-central@2.12.0-32.el7fdn?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "ovn2.12-host-0:2.12.0-32.el7fdn.x86_64",
"product": {
"name": "ovn2.12-host-0:2.12.0-32.el7fdn.x86_64",
"product_id": "ovn2.12-host-0:2.12.0-32.el7fdn.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ovn2.12-host@2.12.0-32.el7fdn?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "ovn2.12-vtep-0:2.12.0-32.el7fdn.x86_64",
"product": {
"name": "ovn2.12-vtep-0:2.12.0-32.el7fdn.x86_64",
"product_id": "ovn2.12-vtep-0:2.12.0-32.el7fdn.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ovn2.12-vtep@2.12.0-32.el7fdn?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "ovn2.12-debuginfo-0:2.12.0-32.el7fdn.x86_64",
"product": {
"name": "ovn2.12-debuginfo-0:2.12.0-32.el7fdn.x86_64",
"product_id": "ovn2.12-debuginfo-0:2.12.0-32.el7fdn.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ovn2.12-debuginfo@2.12.0-32.el7fdn?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "runc-0:1.0.0-65.rc10.rhaos4.3.el8.x86_64",
"product": {
"name": "runc-0:1.0.0-65.rc10.rhaos4.3.el8.x86_64",
"product_id": "runc-0:1.0.0-65.rc10.rhaos4.3.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/runc@1.0.0-65.rc10.rhaos4.3.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "runc-debugsource-0:1.0.0-65.rc10.rhaos4.3.el8.x86_64",
"product": {
"name": "runc-debugsource-0:1.0.0-65.rc10.rhaos4.3.el8.x86_64",
"product_id": "runc-debugsource-0:1.0.0-65.rc10.rhaos4.3.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/runc-debugsource@1.0.0-65.rc10.rhaos4.3.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "runc-debuginfo-0:1.0.0-65.rc10.rhaos4.3.el8.x86_64",
"product": {
"name": "runc-debuginfo-0:1.0.0-65.rc10.rhaos4.3.el8.x86_64",
"product_id": "runc-debuginfo-0:1.0.0-65.rc10.rhaos4.3.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/runc-debuginfo@1.0.0-65.rc10.rhaos4.3.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "cri-tools-0:1.17.0-2.el8.x86_64",
"product": {
"name": "cri-tools-0:1.17.0-2.el8.x86_64",
"product_id": "cri-tools-0:1.17.0-2.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cri-tools@1.17.0-2.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "cri-tools-debugsource-0:1.17.0-2.el8.x86_64",
"product": {
"name": "cri-tools-debugsource-0:1.17.0-2.el8.x86_64",
"product_id": "cri-tools-debugsource-0:1.17.0-2.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cri-tools-debugsource@1.17.0-2.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "cri-tools-debuginfo-0:1.17.0-2.el8.x86_64",
"product": {
"name": "cri-tools-debuginfo-0:1.17.0-2.el8.x86_64",
"product_id": "cri-tools-debuginfo-0:1.17.0-2.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cri-tools-debuginfo@1.17.0-2.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "containers-common-1:0.1.40-4.rhaos.el8.x86_64",
"product": {
"name": "containers-common-1:0.1.40-4.rhaos.el8.x86_64",
"product_id": "containers-common-1:0.1.40-4.rhaos.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/containers-common@0.1.40-4.rhaos.el8?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "skopeo-1:0.1.40-4.rhaos.el8.x86_64",
"product": {
"name": "skopeo-1:0.1.40-4.rhaos.el8.x86_64",
"product_id": "skopeo-1:0.1.40-4.rhaos.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/skopeo@0.1.40-4.rhaos.el8?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "skopeo-tests-1:0.1.40-4.rhaos.el8.x86_64",
"product": {
"name": "skopeo-tests-1:0.1.40-4.rhaos.el8.x86_64",
"product_id": "skopeo-tests-1:0.1.40-4.rhaos.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/skopeo-tests@0.1.40-4.rhaos.el8?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "skopeo-debugsource-1:0.1.40-4.rhaos.el8.x86_64",
"product": {
"name": "skopeo-debugsource-1:0.1.40-4.rhaos.el8.x86_64",
"product_id": "skopeo-debugsource-1:0.1.40-4.rhaos.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/skopeo-debugsource@0.1.40-4.rhaos.el8?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "skopeo-debuginfo-1:0.1.40-4.rhaos.el8.x86_64",
"product": {
"name": "skopeo-debuginfo-1:0.1.40-4.rhaos.el8.x86_64",
"product_id": "skopeo-debuginfo-1:0.1.40-4.rhaos.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/skopeo-debuginfo@0.1.40-4.rhaos.el8?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "cri-o-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.x86_64",
"product": {
"name": "cri-o-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.x86_64",
"product_id": "cri-o-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cri-o@1.16.3-22.dev.rhaos4.3.git11c04e3.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "cri-o-debugsource-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.x86_64",
"product": {
"name": "cri-o-debugsource-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.x86_64",
"product_id": "cri-o-debugsource-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cri-o-debugsource@1.16.3-22.dev.rhaos4.3.git11c04e3.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "cri-o-debuginfo-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.x86_64",
"product": {
"name": "cri-o-debuginfo-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.x86_64",
"product_id": "cri-o-debuginfo-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cri-o-debuginfo@1.16.3-22.dev.rhaos4.3.git11c04e3.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "buildah-0:1.11.6-4.el8.x86_64",
"product": {
"name": "buildah-0:1.11.6-4.el8.x86_64",
"product_id": "buildah-0:1.11.6-4.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/buildah@1.11.6-4.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "buildah-tests-0:1.11.6-4.el8.x86_64",
"product": {
"name": "buildah-tests-0:1.11.6-4.el8.x86_64",
"product_id": "buildah-tests-0:1.11.6-4.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/buildah-tests@1.11.6-4.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "buildah-debugsource-0:1.11.6-4.el8.x86_64",
"product": {
"name": "buildah-debugsource-0:1.11.6-4.el8.x86_64",
"product_id": "buildah-debugsource-0:1.11.6-4.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/buildah-debugsource@1.11.6-4.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "buildah-debuginfo-0:1.11.6-4.el8.x86_64",
"product": {
"name": "buildah-debuginfo-0:1.11.6-4.el8.x86_64",
"product_id": "buildah-debuginfo-0:1.11.6-4.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/buildah-debuginfo@1.11.6-4.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "buildah-tests-debuginfo-0:1.11.6-4.el8.x86_64",
"product": {
"name": "buildah-tests-debuginfo-0:1.11.6-4.el8.x86_64",
"product_id": "buildah-tests-debuginfo-0:1.11.6-4.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/buildah-tests-debuginfo@1.11.6-4.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "openshift-hyperkube-0:4.3.5-202002280657.git.0.b3bfb5a.el8.x86_64",
"product": {
"name": "openshift-hyperkube-0:4.3.5-202002280657.git.0.b3bfb5a.el8.x86_64",
"product_id": "openshift-hyperkube-0:4.3.5-202002280657.git.0.b3bfb5a.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-hyperkube@4.3.5-202002280657.git.0.b3bfb5a.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el8.x86_64",
"product": {
"name": "openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el8.x86_64",
"product_id": "openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-clients@4.3.5-202002280657.git.1.55a9334.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "openshift-clients-redistributable-0:4.3.5-202002280657.git.1.55a9334.el8.x86_64",
"product": {
"name": "openshift-clients-redistributable-0:4.3.5-202002280657.git.1.55a9334.el8.x86_64",
"product_id": "openshift-clients-redistributable-0:4.3.5-202002280657.git.1.55a9334.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-clients-redistributable@4.3.5-202002280657.git.1.55a9334.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "machine-config-daemon-0:4.3.5-202003020117.git.0.61e0e48.el8.x86_64",
"product": {
"name": "machine-config-daemon-0:4.3.5-202003020117.git.0.61e0e48.el8.x86_64",
"product_id": "machine-config-daemon-0:4.3.5-202003020117.git.0.61e0e48.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/machine-config-daemon@4.3.5-202003020117.git.0.61e0e48.el8?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "cri-tools-0:1.17.0-1.el7.src",
"product": {
"name": "cri-tools-0:1.17.0-1.el7.src",
"product_id": "cri-tools-0:1.17.0-1.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cri-tools@1.17.0-1.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "openshift-0:4.3.5-202002280657.git.0.b3bfb5a.el7.src",
"product": {
"name": "openshift-0:4.3.5-202002280657.git.0.b3bfb5a.el7.src",
"product_id": "openshift-0:4.3.5-202002280657.git.0.b3bfb5a.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift@4.3.5-202002280657.git.0.b3bfb5a.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el7.src",
"product": {
"name": "openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el7.src",
"product_id": "openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-clients@4.3.5-202002280657.git.1.55a9334.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "openshift-ansible-0:4.3.5-202002280657.git.1.e4f02b3.el7.src",
"product": {
"name": "openshift-ansible-0:4.3.5-202002280657.git.1.e4f02b3.el7.src",
"product_id": "openshift-ansible-0:4.3.5-202002280657.git.1.e4f02b3.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-ansible@4.3.5-202002280657.git.1.e4f02b3.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "atomic-openshift-service-idler-0:4.3.5-202003020117.git.13.3ac2b0e.el7.src",
"product": {
"name": "atomic-openshift-service-idler-0:4.3.5-202003020117.git.13.3ac2b0e.el7.src",
"product_id": "atomic-openshift-service-idler-0:4.3.5-202003020117.git.13.3ac2b0e.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/atomic-openshift-service-idler@4.3.5-202003020117.git.13.3ac2b0e.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "atomic-enterprise-service-catalog-1:4.3.5-202003020117.git.0.4eb885c.el7.src",
"product": {
"name": "atomic-enterprise-service-catalog-1:4.3.5-202003020117.git.0.4eb885c.el7.src",
"product_id": "atomic-enterprise-service-catalog-1:4.3.5-202003020117.git.0.4eb885c.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/atomic-enterprise-service-catalog@4.3.5-202003020117.git.0.4eb885c.el7?arch=src\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "ovn2.12-0:2.12.0-32.el7fdn.src",
"product": {
"name": "ovn2.12-0:2.12.0-32.el7fdn.src",
"product_id": "ovn2.12-0:2.12.0-32.el7fdn.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ovn2.12@2.12.0-32.el7fdn?arch=src"
}
}
},
{
"category": "product_version",
"name": "jenkins-2-plugins-0:4.3.1583445947-1.el7.src",
"product": {
"name": "jenkins-2-plugins-0:4.3.1583445947-1.el7.src",
"product_id": "jenkins-2-plugins-0:4.3.1583445947-1.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jenkins-2-plugins@4.3.1583445947-1.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jenkins-0:2.204.2.1583446818-1.el7.src",
"product": {
"name": "jenkins-0:2.204.2.1583446818-1.el7.src",
"product_id": "jenkins-0:2.204.2.1583446818-1.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jenkins@2.204.2.1583446818-1.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "runc-0:1.0.0-65.rc10.rhaos4.3.el8.src",
"product": {
"name": "runc-0:1.0.0-65.rc10.rhaos4.3.el8.src",
"product_id": "runc-0:1.0.0-65.rc10.rhaos4.3.el8.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/runc@1.0.0-65.rc10.rhaos4.3.el8?arch=src"
}
}
},
{
"category": "product_version",
"name": "cri-tools-0:1.17.0-2.el8.src",
"product": {
"name": "cri-tools-0:1.17.0-2.el8.src",
"product_id": "cri-tools-0:1.17.0-2.el8.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cri-tools@1.17.0-2.el8?arch=src"
}
}
},
{
"category": "product_version",
"name": "skopeo-1:0.1.40-4.rhaos.el8.src",
"product": {
"name": "skopeo-1:0.1.40-4.rhaos.el8.src",
"product_id": "skopeo-1:0.1.40-4.rhaos.el8.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/skopeo@0.1.40-4.rhaos.el8?arch=src\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "cri-o-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.src",
"product": {
"name": "cri-o-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.src",
"product_id": "cri-o-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cri-o@1.16.3-22.dev.rhaos4.3.git11c04e3.el8?arch=src"
}
}
},
{
"category": "product_version",
"name": "buildah-0:1.11.6-4.el8.src",
"product": {
"name": "buildah-0:1.11.6-4.el8.src",
"product_id": "buildah-0:1.11.6-4.el8.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/buildah@1.11.6-4.el8?arch=src"
}
}
},
{
"category": "product_version",
"name": "openshift-0:4.3.5-202002280657.git.0.b3bfb5a.el8.src",
"product": {
"name": "openshift-0:4.3.5-202002280657.git.0.b3bfb5a.el8.src",
"product_id": "openshift-0:4.3.5-202002280657.git.0.b3bfb5a.el8.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift@4.3.5-202002280657.git.0.b3bfb5a.el8?arch=src"
}
}
},
{
"category": "product_version",
"name": "openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el8.src",
"product": {
"name": "openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el8.src",
"product_id": "openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el8.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-clients@4.3.5-202002280657.git.1.55a9334.el8?arch=src"
}
}
},
{
"category": "product_version",
"name": "machine-config-daemon-0:4.3.5-202003020117.git.0.61e0e48.el8.src",
"product": {
"name": "machine-config-daemon-0:4.3.5-202003020117.git.0.61e0e48.el8.src",
"product_id": "machine-config-daemon-0:4.3.5-202003020117.git.0.61e0e48.el8.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/machine-config-daemon@4.3.5-202003020117.git.0.61e0e48.el8?arch=src"
}
}
},
{
"category": "product_version",
"name": "openshift-kuryr-0:4.3.5-202003020117.git.0.237579a.el8.src",
"product": {
"name": "openshift-kuryr-0:4.3.5-202003020117.git.0.237579a.el8.src",
"product_id": "openshift-kuryr-0:4.3.5-202003020117.git.0.237579a.el8.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-kuryr@4.3.5-202003020117.git.0.237579a.el8?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-ansible-0:4.3.5-202002280657.git.1.e4f02b3.el7.noarch",
"product": {
"name": "openshift-ansible-0:4.3.5-202002280657.git.1.e4f02b3.el7.noarch",
"product_id": "openshift-ansible-0:4.3.5-202002280657.git.1.e4f02b3.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-ansible@4.3.5-202002280657.git.1.e4f02b3.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "openshift-ansible-test-0:4.3.5-202002280657.git.1.e4f02b3.el7.noarch",
"product": {
"name": "openshift-ansible-test-0:4.3.5-202002280657.git.1.e4f02b3.el7.noarch",
"product_id": "openshift-ansible-test-0:4.3.5-202002280657.git.1.e4f02b3.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-ansible-test@4.3.5-202002280657.git.1.e4f02b3.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jenkins-2-plugins-0:4.3.1583445947-1.el7.noarch",
"product": {
"name": "jenkins-2-plugins-0:4.3.1583445947-1.el7.noarch",
"product_id": "jenkins-2-plugins-0:4.3.1583445947-1.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jenkins-2-plugins@4.3.1583445947-1.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jenkins-0:2.204.2.1583446818-1.el7.noarch",
"product": {
"name": "jenkins-0:2.204.2.1583446818-1.el7.noarch",
"product_id": "jenkins-0:2.204.2.1583446818-1.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jenkins@2.204.2.1583446818-1.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "openshift-kuryr-cni-0:4.3.5-202003020117.git.0.237579a.el8.noarch",
"product": {
"name": "openshift-kuryr-cni-0:4.3.5-202003020117.git.0.237579a.el8.noarch",
"product_id": "openshift-kuryr-cni-0:4.3.5-202003020117.git.0.237579a.el8.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-kuryr-cni@4.3.5-202003020117.git.0.237579a.el8?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "openshift-kuryr-common-0:4.3.5-202003020117.git.0.237579a.el8.noarch",
"product": {
"name": "openshift-kuryr-common-0:4.3.5-202003020117.git.0.237579a.el8.noarch",
"product_id": "openshift-kuryr-common-0:4.3.5-202003020117.git.0.237579a.el8.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-kuryr-common@4.3.5-202003020117.git.0.237579a.el8?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "openshift-kuryr-controller-0:4.3.5-202003020117.git.0.237579a.el8.noarch",
"product": {
"name": "openshift-kuryr-controller-0:4.3.5-202003020117.git.0.237579a.el8.noarch",
"product_id": "openshift-kuryr-controller-0:4.3.5-202003020117.git.0.237579a.el8.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-kuryr-controller@4.3.5-202003020117.git.0.237579a.el8?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "python3-kuryr-kubernetes-0:4.3.5-202003020117.git.0.237579a.el8.noarch",
"product": {
"name": "python3-kuryr-kubernetes-0:4.3.5-202003020117.git.0.237579a.el8.noarch",
"product_id": "python3-kuryr-kubernetes-0:4.3.5-202003020117.git.0.237579a.el8.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-kuryr-kubernetes@4.3.5-202003020117.git.0.237579a.el8?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "atomic-enterprise-service-catalog-1:4.3.5-202003020117.git.0.4eb885c.el7.src as a component of Red Hat OpenShift Container Platform 4.3",
"product_id": "7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-1:4.3.5-202003020117.git.0.4eb885c.el7.src"
},
"product_reference": "atomic-enterprise-service-catalog-1:4.3.5-202003020117.git.0.4eb885c.el7.src",
"relates_to_product_reference": "7Server-RH7-RHOSE-4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "atomic-enterprise-service-catalog-1:4.3.5-202003020117.git.0.4eb885c.el7.x86_64 as a component of Red Hat OpenShift Container Platform 4.3",
"product_id": "7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-1:4.3.5-202003020117.git.0.4eb885c.el7.x86_64"
},
"product_reference": "atomic-enterprise-service-catalog-1:4.3.5-202003020117.git.0.4eb885c.el7.x86_64",
"relates_to_product_reference": "7Server-RH7-RHOSE-4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "atomic-enterprise-service-catalog-svcat-1:4.3.5-202003020117.git.0.4eb885c.el7.x86_64 as a component of Red Hat OpenShift Container Platform 4.3",
"product_id": "7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-svcat-1:4.3.5-202003020117.git.0.4eb885c.el7.x86_64"
},
"product_reference": "atomic-enterprise-service-catalog-svcat-1:4.3.5-202003020117.git.0.4eb885c.el7.x86_64",
"relates_to_product_reference": "7Server-RH7-RHOSE-4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "atomic-openshift-service-idler-0:4.3.5-202003020117.git.13.3ac2b0e.el7.src as a component of Red Hat OpenShift Container Platform 4.3",
"product_id": "7Server-RH7-RHOSE-4.3:atomic-openshift-service-idler-0:4.3.5-202003020117.git.13.3ac2b0e.el7.src"
},
"product_reference": "atomic-openshift-service-idler-0:4.3.5-202003020117.git.13.3ac2b0e.el7.src",
"relates_to_product_reference": "7Server-RH7-RHOSE-4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "atomic-openshift-service-idler-0:4.3.5-202003020117.git.13.3ac2b0e.el7.x86_64 as a component of Red Hat OpenShift Container Platform 4.3",
"product_id": "7Server-RH7-RHOSE-4.3:atomic-openshift-service-idler-0:4.3.5-202003020117.git.13.3ac2b0e.el7.x86_64"
},
"product_reference": "atomic-openshift-service-idler-0:4.3.5-202003020117.git.13.3ac2b0e.el7.x86_64",
"relates_to_product_reference": "7Server-RH7-RHOSE-4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cri-tools-0:1.17.0-1.el7.src as a component of Red Hat OpenShift Container Platform 4.3",
"product_id": "7Server-RH7-RHOSE-4.3:cri-tools-0:1.17.0-1.el7.src"
},
"product_reference": "cri-tools-0:1.17.0-1.el7.src",
"relates_to_product_reference": "7Server-RH7-RHOSE-4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cri-tools-0:1.17.0-1.el7.x86_64 as a component of Red Hat OpenShift Container Platform 4.3",
"product_id": "7Server-RH7-RHOSE-4.3:cri-tools-0:1.17.0-1.el7.x86_64"
},
"product_reference": "cri-tools-0:1.17.0-1.el7.x86_64",
"relates_to_product_reference": "7Server-RH7-RHOSE-4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cri-tools-debuginfo-0:1.17.0-1.el7.x86_64 as a component of Red Hat OpenShift Container Platform 4.3",
"product_id": "7Server-RH7-RHOSE-4.3:cri-tools-debuginfo-0:1.17.0-1.el7.x86_64"
},
"product_reference": "cri-tools-debuginfo-0:1.17.0-1.el7.x86_64",
"relates_to_product_reference": "7Server-RH7-RHOSE-4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jenkins-0:2.204.2.1583446818-1.el7.noarch as a component of Red Hat OpenShift Container Platform 4.3",
"product_id": "7Server-RH7-RHOSE-4.3:jenkins-0:2.204.2.1583446818-1.el7.noarch"
},
"product_reference": "jenkins-0:2.204.2.1583446818-1.el7.noarch",
"relates_to_product_reference": "7Server-RH7-RHOSE-4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jenkins-0:2.204.2.1583446818-1.el7.src as a component of Red Hat OpenShift Container Platform 4.3",
"product_id": "7Server-RH7-RHOSE-4.3:jenkins-0:2.204.2.1583446818-1.el7.src"
},
"product_reference": "jenkins-0:2.204.2.1583446818-1.el7.src",
"relates_to_product_reference": "7Server-RH7-RHOSE-4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jenkins-2-plugins-0:4.3.1583445947-1.el7.noarch as a component of Red Hat OpenShift Container Platform 4.3",
"product_id": "7Server-RH7-RHOSE-4.3:jenkins-2-plugins-0:4.3.1583445947-1.el7.noarch"
},
"product_reference": "jenkins-2-plugins-0:4.3.1583445947-1.el7.noarch",
"relates_to_product_reference": "7Server-RH7-RHOSE-4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jenkins-2-plugins-0:4.3.1583445947-1.el7.src as a component of Red Hat OpenShift Container Platform 4.3",
"product_id": "7Server-RH7-RHOSE-4.3:jenkins-2-plugins-0:4.3.1583445947-1.el7.src"
},
"product_reference": "jenkins-2-plugins-0:4.3.1583445947-1.el7.src",
"relates_to_product_reference": "7Server-RH7-RHOSE-4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-0:4.3.5-202002280657.git.0.b3bfb5a.el7.src as a component of Red Hat OpenShift Container Platform 4.3",
"product_id": "7Server-RH7-RHOSE-4.3:openshift-0:4.3.5-202002280657.git.0.b3bfb5a.el7.src"
},
"product_reference": "openshift-0:4.3.5-202002280657.git.0.b3bfb5a.el7.src",
"relates_to_product_reference": "7Server-RH7-RHOSE-4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-ansible-0:4.3.5-202002280657.git.1.e4f02b3.el7.noarch as a component of Red Hat OpenShift Container Platform 4.3",
"product_id": "7Server-RH7-RHOSE-4.3:openshift-ansible-0:4.3.5-202002280657.git.1.e4f02b3.el7.noarch"
},
"product_reference": "openshift-ansible-0:4.3.5-202002280657.git.1.e4f02b3.el7.noarch",
"relates_to_product_reference": "7Server-RH7-RHOSE-4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-ansible-0:4.3.5-202002280657.git.1.e4f02b3.el7.src as a component of Red Hat OpenShift Container Platform 4.3",
"product_id": "7Server-RH7-RHOSE-4.3:openshift-ansible-0:4.3.5-202002280657.git.1.e4f02b3.el7.src"
},
"product_reference": "openshift-ansible-0:4.3.5-202002280657.git.1.e4f02b3.el7.src",
"relates_to_product_reference": "7Server-RH7-RHOSE-4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-ansible-test-0:4.3.5-202002280657.git.1.e4f02b3.el7.noarch as a component of Red Hat OpenShift Container Platform 4.3",
"product_id": "7Server-RH7-RHOSE-4.3:openshift-ansible-test-0:4.3.5-202002280657.git.1.e4f02b3.el7.noarch"
},
"product_reference": "openshift-ansible-test-0:4.3.5-202002280657.git.1.e4f02b3.el7.noarch",
"relates_to_product_reference": "7Server-RH7-RHOSE-4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el7.src as a component of Red Hat OpenShift Container Platform 4.3",
"product_id": "7Server-RH7-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el7.src"
},
"product_reference": "openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el7.src",
"relates_to_product_reference": "7Server-RH7-RHOSE-4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el7.x86_64 as a component of Red Hat OpenShift Container Platform 4.3",
"product_id": "7Server-RH7-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el7.x86_64"
},
"product_reference": "openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el7.x86_64",
"relates_to_product_reference": "7Server-RH7-RHOSE-4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-clients-redistributable-0:4.3.5-202002280657.git.1.55a9334.el7.x86_64 as a component of Red Hat OpenShift Container Platform 4.3",
"product_id": "7Server-RH7-RHOSE-4.3:openshift-clients-redistributable-0:4.3.5-202002280657.git.1.55a9334.el7.x86_64"
},
"product_reference": "openshift-clients-redistributable-0:4.3.5-202002280657.git.1.55a9334.el7.x86_64",
"relates_to_product_reference": "7Server-RH7-RHOSE-4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-hyperkube-0:4.3.5-202002280657.git.0.b3bfb5a.el7.x86_64 as a component of Red Hat OpenShift Container Platform 4.3",
"product_id": "7Server-RH7-RHOSE-4.3:openshift-hyperkube-0:4.3.5-202002280657.git.0.b3bfb5a.el7.x86_64"
},
"product_reference": "openshift-hyperkube-0:4.3.5-202002280657.git.0.b3bfb5a.el7.x86_64",
"relates_to_product_reference": "7Server-RH7-RHOSE-4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ovn2.12-0:2.12.0-32.el7fdn.src as a component of Red Hat OpenShift Container Platform 4.3",
"product_id": "7Server-RH7-RHOSE-4.3:ovn2.12-0:2.12.0-32.el7fdn.src"
},
"product_reference": "ovn2.12-0:2.12.0-32.el7fdn.src",
"relates_to_product_reference": "7Server-RH7-RHOSE-4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ovn2.12-0:2.12.0-32.el7fdn.x86_64 as a component of Red Hat OpenShift Container Platform 4.3",
"product_id": "7Server-RH7-RHOSE-4.3:ovn2.12-0:2.12.0-32.el7fdn.x86_64"
},
"product_reference": "ovn2.12-0:2.12.0-32.el7fdn.x86_64",
"relates_to_product_reference": "7Server-RH7-RHOSE-4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ovn2.12-central-0:2.12.0-32.el7fdn.x86_64 as a component of Red Hat OpenShift Container Platform 4.3",
"product_id": "7Server-RH7-RHOSE-4.3:ovn2.12-central-0:2.12.0-32.el7fdn.x86_64"
},
"product_reference": "ovn2.12-central-0:2.12.0-32.el7fdn.x86_64",
"relates_to_product_reference": "7Server-RH7-RHOSE-4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ovn2.12-debuginfo-0:2.12.0-32.el7fdn.x86_64 as a component of Red Hat OpenShift Container Platform 4.3",
"product_id": "7Server-RH7-RHOSE-4.3:ovn2.12-debuginfo-0:2.12.0-32.el7fdn.x86_64"
},
"product_reference": "ovn2.12-debuginfo-0:2.12.0-32.el7fdn.x86_64",
"relates_to_product_reference": "7Server-RH7-RHOSE-4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ovn2.12-host-0:2.12.0-32.el7fdn.x86_64 as a component of Red Hat OpenShift Container Platform 4.3",
"product_id": "7Server-RH7-RHOSE-4.3:ovn2.12-host-0:2.12.0-32.el7fdn.x86_64"
},
"product_reference": "ovn2.12-host-0:2.12.0-32.el7fdn.x86_64",
"relates_to_product_reference": "7Server-RH7-RHOSE-4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ovn2.12-vtep-0:2.12.0-32.el7fdn.x86_64 as a component of Red Hat OpenShift Container Platform 4.3",
"product_id": "7Server-RH7-RHOSE-4.3:ovn2.12-vtep-0:2.12.0-32.el7fdn.x86_64"
},
"product_reference": "ovn2.12-vtep-0:2.12.0-32.el7fdn.x86_64",
"relates_to_product_reference": "7Server-RH7-RHOSE-4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "buildah-0:1.11.6-4.el8.src as a component of Red Hat OpenShift Container Platform 4.3",
"product_id": "8Base-RHOSE-4.3:buildah-0:1.11.6-4.el8.src"
},
"product_reference": "buildah-0:1.11.6-4.el8.src",
"relates_to_product_reference": "8Base-RHOSE-4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "buildah-0:1.11.6-4.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.3",
"product_id": "8Base-RHOSE-4.3:buildah-0:1.11.6-4.el8.x86_64"
},
"product_reference": "buildah-0:1.11.6-4.el8.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "buildah-debuginfo-0:1.11.6-4.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.3",
"product_id": "8Base-RHOSE-4.3:buildah-debuginfo-0:1.11.6-4.el8.x86_64"
},
"product_reference": "buildah-debuginfo-0:1.11.6-4.el8.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "buildah-debugsource-0:1.11.6-4.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.3",
"product_id": "8Base-RHOSE-4.3:buildah-debugsource-0:1.11.6-4.el8.x86_64"
},
"product_reference": "buildah-debugsource-0:1.11.6-4.el8.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "buildah-tests-0:1.11.6-4.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.3",
"product_id": "8Base-RHOSE-4.3:buildah-tests-0:1.11.6-4.el8.x86_64"
},
"product_reference": "buildah-tests-0:1.11.6-4.el8.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "buildah-tests-debuginfo-0:1.11.6-4.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.3",
"product_id": "8Base-RHOSE-4.3:buildah-tests-debuginfo-0:1.11.6-4.el8.x86_64"
},
"product_reference": "buildah-tests-debuginfo-0:1.11.6-4.el8.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "containers-common-1:0.1.40-4.rhaos.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.3",
"product_id": "8Base-RHOSE-4.3:containers-common-1:0.1.40-4.rhaos.el8.x86_64"
},
"product_reference": "containers-common-1:0.1.40-4.rhaos.el8.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cri-o-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.src as a component of Red Hat OpenShift Container Platform 4.3",
"product_id": "8Base-RHOSE-4.3:cri-o-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.src"
},
"product_reference": "cri-o-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.src",
"relates_to_product_reference": "8Base-RHOSE-4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cri-o-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.3",
"product_id": "8Base-RHOSE-4.3:cri-o-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.x86_64"
},
"product_reference": "cri-o-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cri-o-debuginfo-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.3",
"product_id": "8Base-RHOSE-4.3:cri-o-debuginfo-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.x86_64"
},
"product_reference": "cri-o-debuginfo-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cri-o-debugsource-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.3",
"product_id": "8Base-RHOSE-4.3:cri-o-debugsource-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.x86_64"
},
"product_reference": "cri-o-debugsource-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cri-tools-0:1.17.0-2.el8.src as a component of Red Hat OpenShift Container Platform 4.3",
"product_id": "8Base-RHOSE-4.3:cri-tools-0:1.17.0-2.el8.src"
},
"product_reference": "cri-tools-0:1.17.0-2.el8.src",
"relates_to_product_reference": "8Base-RHOSE-4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cri-tools-0:1.17.0-2.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.3",
"product_id": "8Base-RHOSE-4.3:cri-tools-0:1.17.0-2.el8.x86_64"
},
"product_reference": "cri-tools-0:1.17.0-2.el8.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cri-tools-debuginfo-0:1.17.0-2.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.3",
"product_id": "8Base-RHOSE-4.3:cri-tools-debuginfo-0:1.17.0-2.el8.x86_64"
},
"product_reference": "cri-tools-debuginfo-0:1.17.0-2.el8.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cri-tools-debugsource-0:1.17.0-2.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.3",
"product_id": "8Base-RHOSE-4.3:cri-tools-debugsource-0:1.17.0-2.el8.x86_64"
},
"product_reference": "cri-tools-debugsource-0:1.17.0-2.el8.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "machine-config-daemon-0:4.3.5-202003020117.git.0.61e0e48.el8.src as a component of Red Hat OpenShift Container Platform 4.3",
"product_id": "8Base-RHOSE-4.3:machine-config-daemon-0:4.3.5-202003020117.git.0.61e0e48.el8.src"
},
"product_reference": "machine-config-daemon-0:4.3.5-202003020117.git.0.61e0e48.el8.src",
"relates_to_product_reference": "8Base-RHOSE-4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "machine-config-daemon-0:4.3.5-202003020117.git.0.61e0e48.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.3",
"product_id": "8Base-RHOSE-4.3:machine-config-daemon-0:4.3.5-202003020117.git.0.61e0e48.el8.x86_64"
},
"product_reference": "machine-config-daemon-0:4.3.5-202003020117.git.0.61e0e48.el8.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-0:4.3.5-202002280657.git.0.b3bfb5a.el8.src as a component of Red Hat OpenShift Container Platform 4.3",
"product_id": "8Base-RHOSE-4.3:openshift-0:4.3.5-202002280657.git.0.b3bfb5a.el8.src"
},
"product_reference": "openshift-0:4.3.5-202002280657.git.0.b3bfb5a.el8.src",
"relates_to_product_reference": "8Base-RHOSE-4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el8.src as a component of Red Hat OpenShift Container Platform 4.3",
"product_id": "8Base-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el8.src"
},
"product_reference": "openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el8.src",
"relates_to_product_reference": "8Base-RHOSE-4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.3",
"product_id": "8Base-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el8.x86_64"
},
"product_reference": "openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el8.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-clients-redistributable-0:4.3.5-202002280657.git.1.55a9334.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.3",
"product_id": "8Base-RHOSE-4.3:openshift-clients-redistributable-0:4.3.5-202002280657.git.1.55a9334.el8.x86_64"
},
"product_reference": "openshift-clients-redistributable-0:4.3.5-202002280657.git.1.55a9334.el8.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-hyperkube-0:4.3.5-202002280657.git.0.b3bfb5a.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.3",
"product_id": "8Base-RHOSE-4.3:openshift-hyperkube-0:4.3.5-202002280657.git.0.b3bfb5a.el8.x86_64"
},
"product_reference": "openshift-hyperkube-0:4.3.5-202002280657.git.0.b3bfb5a.el8.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-kuryr-0:4.3.5-202003020117.git.0.237579a.el8.src as a component of Red Hat OpenShift Container Platform 4.3",
"product_id": "8Base-RHOSE-4.3:openshift-kuryr-0:4.3.5-202003020117.git.0.237579a.el8.src"
},
"product_reference": "openshift-kuryr-0:4.3.5-202003020117.git.0.237579a.el8.src",
"relates_to_product_reference": "8Base-RHOSE-4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-kuryr-cni-0:4.3.5-202003020117.git.0.237579a.el8.noarch as a component of Red Hat OpenShift Container Platform 4.3",
"product_id": "8Base-RHOSE-4.3:openshift-kuryr-cni-0:4.3.5-202003020117.git.0.237579a.el8.noarch"
},
"product_reference": "openshift-kuryr-cni-0:4.3.5-202003020117.git.0.237579a.el8.noarch",
"relates_to_product_reference": "8Base-RHOSE-4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-kuryr-common-0:4.3.5-202003020117.git.0.237579a.el8.noarch as a component of Red Hat OpenShift Container Platform 4.3",
"product_id": "8Base-RHOSE-4.3:openshift-kuryr-common-0:4.3.5-202003020117.git.0.237579a.el8.noarch"
},
"product_reference": "openshift-kuryr-common-0:4.3.5-202003020117.git.0.237579a.el8.noarch",
"relates_to_product_reference": "8Base-RHOSE-4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-kuryr-controller-0:4.3.5-202003020117.git.0.237579a.el8.noarch as a component of Red Hat OpenShift Container Platform 4.3",
"product_id": "8Base-RHOSE-4.3:openshift-kuryr-controller-0:4.3.5-202003020117.git.0.237579a.el8.noarch"
},
"product_reference": "openshift-kuryr-controller-0:4.3.5-202003020117.git.0.237579a.el8.noarch",
"relates_to_product_reference": "8Base-RHOSE-4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-kuryr-kubernetes-0:4.3.5-202003020117.git.0.237579a.el8.noarch as a component of Red Hat OpenShift Container Platform 4.3",
"product_id": "8Base-RHOSE-4.3:python3-kuryr-kubernetes-0:4.3.5-202003020117.git.0.237579a.el8.noarch"
},
"product_reference": "python3-kuryr-kubernetes-0:4.3.5-202003020117.git.0.237579a.el8.noarch",
"relates_to_product_reference": "8Base-RHOSE-4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "runc-0:1.0.0-65.rc10.rhaos4.3.el8.src as a component of Red Hat OpenShift Container Platform 4.3",
"product_id": "8Base-RHOSE-4.3:runc-0:1.0.0-65.rc10.rhaos4.3.el8.src"
},
"product_reference": "runc-0:1.0.0-65.rc10.rhaos4.3.el8.src",
"relates_to_product_reference": "8Base-RHOSE-4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "runc-0:1.0.0-65.rc10.rhaos4.3.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.3",
"product_id": "8Base-RHOSE-4.3:runc-0:1.0.0-65.rc10.rhaos4.3.el8.x86_64"
},
"product_reference": "runc-0:1.0.0-65.rc10.rhaos4.3.el8.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "runc-debuginfo-0:1.0.0-65.rc10.rhaos4.3.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.3",
"product_id": "8Base-RHOSE-4.3:runc-debuginfo-0:1.0.0-65.rc10.rhaos4.3.el8.x86_64"
},
"product_reference": "runc-debuginfo-0:1.0.0-65.rc10.rhaos4.3.el8.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "runc-debugsource-0:1.0.0-65.rc10.rhaos4.3.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.3",
"product_id": "8Base-RHOSE-4.3:runc-debugsource-0:1.0.0-65.rc10.rhaos4.3.el8.x86_64"
},
"product_reference": "runc-debugsource-0:1.0.0-65.rc10.rhaos4.3.el8.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "skopeo-1:0.1.40-4.rhaos.el8.src as a component of Red Hat OpenShift Container Platform 4.3",
"product_id": "8Base-RHOSE-4.3:skopeo-1:0.1.40-4.rhaos.el8.src"
},
"product_reference": "skopeo-1:0.1.40-4.rhaos.el8.src",
"relates_to_product_reference": "8Base-RHOSE-4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "skopeo-1:0.1.40-4.rhaos.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.3",
"product_id": "8Base-RHOSE-4.3:skopeo-1:0.1.40-4.rhaos.el8.x86_64"
},
"product_reference": "skopeo-1:0.1.40-4.rhaos.el8.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "skopeo-debuginfo-1:0.1.40-4.rhaos.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.3",
"product_id": "8Base-RHOSE-4.3:skopeo-debuginfo-1:0.1.40-4.rhaos.el8.x86_64"
},
"product_reference": "skopeo-debuginfo-1:0.1.40-4.rhaos.el8.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "skopeo-debugsource-1:0.1.40-4.rhaos.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.3",
"product_id": "8Base-RHOSE-4.3:skopeo-debugsource-1:0.1.40-4.rhaos.el8.x86_64"
},
"product_reference": "skopeo-debugsource-1:0.1.40-4.rhaos.el8.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "skopeo-tests-1:0.1.40-4.rhaos.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.3",
"product_id": "8Base-RHOSE-4.3:skopeo-tests-1:0.1.40-4.rhaos.el8.x86_64"
},
"product_reference": "skopeo-tests-1:0.1.40-4.rhaos.el8.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.3"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2020-2099",
"cwe": {
"id": "CWE-305",
"name": "Authentication Bypass by Primary Weakness"
},
"discovery_date": "2020-01-29T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-1:4.3.5-202003020117.git.0.4eb885c.el7.src",
"7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-1:4.3.5-202003020117.git.0.4eb885c.el7.x86_64",
"7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-svcat-1:4.3.5-202003020117.git.0.4eb885c.el7.x86_64",
"7Server-RH7-RHOSE-4.3:atomic-openshift-service-idler-0:4.3.5-202003020117.git.13.3ac2b0e.el7.src",
"7Server-RH7-RHOSE-4.3:atomic-openshift-service-idler-0:4.3.5-202003020117.git.13.3ac2b0e.el7.x86_64",
"7Server-RH7-RHOSE-4.3:cri-tools-0:1.17.0-1.el7.src",
"7Server-RH7-RHOSE-4.3:cri-tools-0:1.17.0-1.el7.x86_64",
"7Server-RH7-RHOSE-4.3:cri-tools-debuginfo-0:1.17.0-1.el7.x86_64",
"7Server-RH7-RHOSE-4.3:jenkins-2-plugins-0:4.3.1583445947-1.el7.noarch",
"7Server-RH7-RHOSE-4.3:jenkins-2-plugins-0:4.3.1583445947-1.el7.src",
"7Server-RH7-RHOSE-4.3:openshift-0:4.3.5-202002280657.git.0.b3bfb5a.el7.src",
"7Server-RH7-RHOSE-4.3:openshift-ansible-0:4.3.5-202002280657.git.1.e4f02b3.el7.noarch",
"7Server-RH7-RHOSE-4.3:openshift-ansible-0:4.3.5-202002280657.git.1.e4f02b3.el7.src",
"7Server-RH7-RHOSE-4.3:openshift-ansible-test-0:4.3.5-202002280657.git.1.e4f02b3.el7.noarch",
"7Server-RH7-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el7.src",
"7Server-RH7-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el7.x86_64",
"7Server-RH7-RHOSE-4.3:openshift-clients-redistributable-0:4.3.5-202002280657.git.1.55a9334.el7.x86_64",
"7Server-RH7-RHOSE-4.3:openshift-hyperkube-0:4.3.5-202002280657.git.0.b3bfb5a.el7.x86_64",
"7Server-RH7-RHOSE-4.3:ovn2.12-0:2.12.0-32.el7fdn.src",
"7Server-RH7-RHOSE-4.3:ovn2.12-0:2.12.0-32.el7fdn.x86_64",
"7Server-RH7-RHOSE-4.3:ovn2.12-central-0:2.12.0-32.el7fdn.x86_64",
"7Server-RH7-RHOSE-4.3:ovn2.12-debuginfo-0:2.12.0-32.el7fdn.x86_64",
"7Server-RH7-RHOSE-4.3:ovn2.12-host-0:2.12.0-32.el7fdn.x86_64",
"7Server-RH7-RHOSE-4.3:ovn2.12-vtep-0:2.12.0-32.el7fdn.x86_64",
"8Base-RHOSE-4.3:buildah-0:1.11.6-4.el8.src",
"8Base-RHOSE-4.3:buildah-0:1.11.6-4.el8.x86_64",
"8Base-RHOSE-4.3:buildah-debuginfo-0:1.11.6-4.el8.x86_64",
"8Base-RHOSE-4.3:buildah-debugsource-0:1.11.6-4.el8.x86_64",
"8Base-RHOSE-4.3:buildah-tests-0:1.11.6-4.el8.x86_64",
"8Base-RHOSE-4.3:buildah-tests-debuginfo-0:1.11.6-4.el8.x86_64",
"8Base-RHOSE-4.3:containers-common-1:0.1.40-4.rhaos.el8.x86_64",
"8Base-RHOSE-4.3:cri-o-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.src",
"8Base-RHOSE-4.3:cri-o-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.x86_64",
"8Base-RHOSE-4.3:cri-o-debuginfo-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.x86_64",
"8Base-RHOSE-4.3:cri-o-debugsource-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.x86_64",
"8Base-RHOSE-4.3:cri-tools-0:1.17.0-2.el8.src",
"8Base-RHOSE-4.3:cri-tools-0:1.17.0-2.el8.x86_64",
"8Base-RHOSE-4.3:cri-tools-debuginfo-0:1.17.0-2.el8.x86_64",
"8Base-RHOSE-4.3:cri-tools-debugsource-0:1.17.0-2.el8.x86_64",
"8Base-RHOSE-4.3:machine-config-daemon-0:4.3.5-202003020117.git.0.61e0e48.el8.src",
"8Base-RHOSE-4.3:machine-config-daemon-0:4.3.5-202003020117.git.0.61e0e48.el8.x86_64",
"8Base-RHOSE-4.3:openshift-0:4.3.5-202002280657.git.0.b3bfb5a.el8.src",
"8Base-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el8.src",
"8Base-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el8.x86_64",
"8Base-RHOSE-4.3:openshift-clients-redistributable-0:4.3.5-202002280657.git.1.55a9334.el8.x86_64",
"8Base-RHOSE-4.3:openshift-hyperkube-0:4.3.5-202002280657.git.0.b3bfb5a.el8.x86_64",
"8Base-RHOSE-4.3:openshift-kuryr-0:4.3.5-202003020117.git.0.237579a.el8.src",
"8Base-RHOSE-4.3:openshift-kuryr-cni-0:4.3.5-202003020117.git.0.237579a.el8.noarch",
"8Base-RHOSE-4.3:openshift-kuryr-common-0:4.3.5-202003020117.git.0.237579a.el8.noarch",
"8Base-RHOSE-4.3:openshift-kuryr-controller-0:4.3.5-202003020117.git.0.237579a.el8.noarch",
"8Base-RHOSE-4.3:python3-kuryr-kubernetes-0:4.3.5-202003020117.git.0.237579a.el8.noarch",
"8Base-RHOSE-4.3:runc-0:1.0.0-65.rc10.rhaos4.3.el8.src",
"8Base-RHOSE-4.3:runc-0:1.0.0-65.rc10.rhaos4.3.el8.x86_64",
"8Base-RHOSE-4.3:runc-debuginfo-0:1.0.0-65.rc10.rhaos4.3.el8.x86_64",
"8Base-RHOSE-4.3:runc-debugsource-0:1.0.0-65.rc10.rhaos4.3.el8.x86_64",
"8Base-RHOSE-4.3:skopeo-1:0.1.40-4.rhaos.el8.src",
"8Base-RHOSE-4.3:skopeo-1:0.1.40-4.rhaos.el8.x86_64",
"8Base-RHOSE-4.3:skopeo-debuginfo-1:0.1.40-4.rhaos.el8.x86_64",
"8Base-RHOSE-4.3:skopeo-debugsource-1:0.1.40-4.rhaos.el8.x86_64",
"8Base-RHOSE-4.3:skopeo-tests-1:0.1.40-4.rhaos.el8.x86_64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1797080"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Jenkins. Encryption key parameters are improperly reused in the Inbound TCP Agent Protocol/3 allowing unauthorized attackers with knowledge of agent names to obtain the connection secrets for those agents. The highest threat from this vulnerability is to data confidentiality.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jenkins: Inbound TCP Agent Protocol/3 authentication bypass",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RH7-RHOSE-4.3:jenkins-0:2.204.2.1583446818-1.el7.noarch",
"7Server-RH7-RHOSE-4.3:jenkins-0:2.204.2.1583446818-1.el7.src"
],
"known_not_affected": [
"7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-1:4.3.5-202003020117.git.0.4eb885c.el7.src",
"7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-1:4.3.5-202003020117.git.0.4eb885c.el7.x86_64",
"7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-svcat-1:4.3.5-202003020117.git.0.4eb885c.el7.x86_64",
"7Server-RH7-RHOSE-4.3:atomic-openshift-service-idler-0:4.3.5-202003020117.git.13.3ac2b0e.el7.src",
"7Server-RH7-RHOSE-4.3:atomic-openshift-service-idler-0:4.3.5-202003020117.git.13.3ac2b0e.el7.x86_64",
"7Server-RH7-RHOSE-4.3:cri-tools-0:1.17.0-1.el7.src",
"7Server-RH7-RHOSE-4.3:cri-tools-0:1.17.0-1.el7.x86_64",
"7Server-RH7-RHOSE-4.3:cri-tools-debuginfo-0:1.17.0-1.el7.x86_64",
"7Server-RH7-RHOSE-4.3:jenkins-2-plugins-0:4.3.1583445947-1.el7.noarch",
"7Server-RH7-RHOSE-4.3:jenkins-2-plugins-0:4.3.1583445947-1.el7.src",
"7Server-RH7-RHOSE-4.3:openshift-0:4.3.5-202002280657.git.0.b3bfb5a.el7.src",
"7Server-RH7-RHOSE-4.3:openshift-ansible-0:4.3.5-202002280657.git.1.e4f02b3.el7.noarch",
"7Server-RH7-RHOSE-4.3:openshift-ansible-0:4.3.5-202002280657.git.1.e4f02b3.el7.src",
"7Server-RH7-RHOSE-4.3:openshift-ansible-test-0:4.3.5-202002280657.git.1.e4f02b3.el7.noarch",
"7Server-RH7-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el7.src",
"7Server-RH7-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el7.x86_64",
"7Server-RH7-RHOSE-4.3:openshift-clients-redistributable-0:4.3.5-202002280657.git.1.55a9334.el7.x86_64",
"7Server-RH7-RHOSE-4.3:openshift-hyperkube-0:4.3.5-202002280657.git.0.b3bfb5a.el7.x86_64",
"7Server-RH7-RHOSE-4.3:ovn2.12-0:2.12.0-32.el7fdn.src",
"7Server-RH7-RHOSE-4.3:ovn2.12-0:2.12.0-32.el7fdn.x86_64",
"7Server-RH7-RHOSE-4.3:ovn2.12-central-0:2.12.0-32.el7fdn.x86_64",
"7Server-RH7-RHOSE-4.3:ovn2.12-debuginfo-0:2.12.0-32.el7fdn.x86_64",
"7Server-RH7-RHOSE-4.3:ovn2.12-host-0:2.12.0-32.el7fdn.x86_64",
"7Server-RH7-RHOSE-4.3:ovn2.12-vtep-0:2.12.0-32.el7fdn.x86_64",
"8Base-RHOSE-4.3:buildah-0:1.11.6-4.el8.src",
"8Base-RHOSE-4.3:buildah-0:1.11.6-4.el8.x86_64",
"8Base-RHOSE-4.3:buildah-debuginfo-0:1.11.6-4.el8.x86_64",
"8Base-RHOSE-4.3:buildah-debugsource-0:1.11.6-4.el8.x86_64",
"8Base-RHOSE-4.3:buildah-tests-0:1.11.6-4.el8.x86_64",
"8Base-RHOSE-4.3:buildah-tests-debuginfo-0:1.11.6-4.el8.x86_64",
"8Base-RHOSE-4.3:containers-common-1:0.1.40-4.rhaos.el8.x86_64",
"8Base-RHOSE-4.3:cri-o-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.src",
"8Base-RHOSE-4.3:cri-o-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.x86_64",
"8Base-RHOSE-4.3:cri-o-debuginfo-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.x86_64",
"8Base-RHOSE-4.3:cri-o-debugsource-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.x86_64",
"8Base-RHOSE-4.3:cri-tools-0:1.17.0-2.el8.src",
"8Base-RHOSE-4.3:cri-tools-0:1.17.0-2.el8.x86_64",
"8Base-RHOSE-4.3:cri-tools-debuginfo-0:1.17.0-2.el8.x86_64",
"8Base-RHOSE-4.3:cri-tools-debugsource-0:1.17.0-2.el8.x86_64",
"8Base-RHOSE-4.3:machine-config-daemon-0:4.3.5-202003020117.git.0.61e0e48.el8.src",
"8Base-RHOSE-4.3:machine-config-daemon-0:4.3.5-202003020117.git.0.61e0e48.el8.x86_64",
"8Base-RHOSE-4.3:openshift-0:4.3.5-202002280657.git.0.b3bfb5a.el8.src",
"8Base-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el8.src",
"8Base-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el8.x86_64",
"8Base-RHOSE-4.3:openshift-clients-redistributable-0:4.3.5-202002280657.git.1.55a9334.el8.x86_64",
"8Base-RHOSE-4.3:openshift-hyperkube-0:4.3.5-202002280657.git.0.b3bfb5a.el8.x86_64",
"8Base-RHOSE-4.3:openshift-kuryr-0:4.3.5-202003020117.git.0.237579a.el8.src",
"8Base-RHOSE-4.3:openshift-kuryr-cni-0:4.3.5-202003020117.git.0.237579a.el8.noarch",
"8Base-RHOSE-4.3:openshift-kuryr-common-0:4.3.5-202003020117.git.0.237579a.el8.noarch",
"8Base-RHOSE-4.3:openshift-kuryr-controller-0:4.3.5-202003020117.git.0.237579a.el8.noarch",
"8Base-RHOSE-4.3:python3-kuryr-kubernetes-0:4.3.5-202003020117.git.0.237579a.el8.noarch",
"8Base-RHOSE-4.3:runc-0:1.0.0-65.rc10.rhaos4.3.el8.src",
"8Base-RHOSE-4.3:runc-0:1.0.0-65.rc10.rhaos4.3.el8.x86_64",
"8Base-RHOSE-4.3:runc-debuginfo-0:1.0.0-65.rc10.rhaos4.3.el8.x86_64",
"8Base-RHOSE-4.3:runc-debugsource-0:1.0.0-65.rc10.rhaos4.3.el8.x86_64",
"8Base-RHOSE-4.3:skopeo-1:0.1.40-4.rhaos.el8.src",
"8Base-RHOSE-4.3:skopeo-1:0.1.40-4.rhaos.el8.x86_64",
"8Base-RHOSE-4.3:skopeo-debuginfo-1:0.1.40-4.rhaos.el8.x86_64",
"8Base-RHOSE-4.3:skopeo-debugsource-1:0.1.40-4.rhaos.el8.x86_64",
"8Base-RHOSE-4.3:skopeo-tests-1:0.1.40-4.rhaos.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-2099"
},
{
"category": "external",
"summary": "RHBZ#1797080",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1797080"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-2099",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2099"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-2099",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-2099"
}
],
"release_date": "2020-01-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-03-10T22:10:58+00:00",
"details": "Before applying this update, ensure all previously released errata relevant\nto your system have been applied.\n\nFor OpenShift Container Platform 4.3 see the following documentation, which\nwill be updated shortly for release 4.3.5, for important instructions on\nhow to upgrade your cluster and fully apply this asynchronous errata\nupdate:\n\nhttps://docs.openshift.com/container-platform/4.3/release_notes/ocp-4-3-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.3/updating/updating-cluster-cli.html.",
"product_ids": [
"7Server-RH7-RHOSE-4.3:jenkins-0:2.204.2.1583446818-1.el7.noarch",
"7Server-RH7-RHOSE-4.3:jenkins-0:2.204.2.1583446818-1.el7.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHBA-2020:0675"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L",
"version": "3.1"
},
"products": [
"7Server-RH7-RHOSE-4.3:jenkins-0:2.204.2.1583446818-1.el7.noarch",
"7Server-RH7-RHOSE-4.3:jenkins-0:2.204.2.1583446818-1.el7.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "jenkins: Inbound TCP Agent Protocol/3 authentication bypass"
},
{
"cve": "CVE-2020-2100",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2020-01-29T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-1:4.3.5-202003020117.git.0.4eb885c.el7.src",
"7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-1:4.3.5-202003020117.git.0.4eb885c.el7.x86_64",
"7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-svcat-1:4.3.5-202003020117.git.0.4eb885c.el7.x86_64",
"7Server-RH7-RHOSE-4.3:atomic-openshift-service-idler-0:4.3.5-202003020117.git.13.3ac2b0e.el7.src",
"7Server-RH7-RHOSE-4.3:atomic-openshift-service-idler-0:4.3.5-202003020117.git.13.3ac2b0e.el7.x86_64",
"7Server-RH7-RHOSE-4.3:cri-tools-0:1.17.0-1.el7.src",
"7Server-RH7-RHOSE-4.3:cri-tools-0:1.17.0-1.el7.x86_64",
"7Server-RH7-RHOSE-4.3:cri-tools-debuginfo-0:1.17.0-1.el7.x86_64",
"7Server-RH7-RHOSE-4.3:jenkins-2-plugins-0:4.3.1583445947-1.el7.noarch",
"7Server-RH7-RHOSE-4.3:jenkins-2-plugins-0:4.3.1583445947-1.el7.src",
"7Server-RH7-RHOSE-4.3:openshift-0:4.3.5-202002280657.git.0.b3bfb5a.el7.src",
"7Server-RH7-RHOSE-4.3:openshift-ansible-0:4.3.5-202002280657.git.1.e4f02b3.el7.noarch",
"7Server-RH7-RHOSE-4.3:openshift-ansible-0:4.3.5-202002280657.git.1.e4f02b3.el7.src",
"7Server-RH7-RHOSE-4.3:openshift-ansible-test-0:4.3.5-202002280657.git.1.e4f02b3.el7.noarch",
"7Server-RH7-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el7.src",
"7Server-RH7-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el7.x86_64",
"7Server-RH7-RHOSE-4.3:openshift-clients-redistributable-0:4.3.5-202002280657.git.1.55a9334.el7.x86_64",
"7Server-RH7-RHOSE-4.3:openshift-hyperkube-0:4.3.5-202002280657.git.0.b3bfb5a.el7.x86_64",
"7Server-RH7-RHOSE-4.3:ovn2.12-0:2.12.0-32.el7fdn.src",
"7Server-RH7-RHOSE-4.3:ovn2.12-0:2.12.0-32.el7fdn.x86_64",
"7Server-RH7-RHOSE-4.3:ovn2.12-central-0:2.12.0-32.el7fdn.x86_64",
"7Server-RH7-RHOSE-4.3:ovn2.12-debuginfo-0:2.12.0-32.el7fdn.x86_64",
"7Server-RH7-RHOSE-4.3:ovn2.12-host-0:2.12.0-32.el7fdn.x86_64",
"7Server-RH7-RHOSE-4.3:ovn2.12-vtep-0:2.12.0-32.el7fdn.x86_64",
"8Base-RHOSE-4.3:buildah-0:1.11.6-4.el8.src",
"8Base-RHOSE-4.3:buildah-0:1.11.6-4.el8.x86_64",
"8Base-RHOSE-4.3:buildah-debuginfo-0:1.11.6-4.el8.x86_64",
"8Base-RHOSE-4.3:buildah-debugsource-0:1.11.6-4.el8.x86_64",
"8Base-RHOSE-4.3:buildah-tests-0:1.11.6-4.el8.x86_64",
"8Base-RHOSE-4.3:buildah-tests-debuginfo-0:1.11.6-4.el8.x86_64",
"8Base-RHOSE-4.3:containers-common-1:0.1.40-4.rhaos.el8.x86_64",
"8Base-RHOSE-4.3:cri-o-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.src",
"8Base-RHOSE-4.3:cri-o-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.x86_64",
"8Base-RHOSE-4.3:cri-o-debuginfo-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.x86_64",
"8Base-RHOSE-4.3:cri-o-debugsource-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.x86_64",
"8Base-RHOSE-4.3:cri-tools-0:1.17.0-2.el8.src",
"8Base-RHOSE-4.3:cri-tools-0:1.17.0-2.el8.x86_64",
"8Base-RHOSE-4.3:cri-tools-debuginfo-0:1.17.0-2.el8.x86_64",
"8Base-RHOSE-4.3:cri-tools-debugsource-0:1.17.0-2.el8.x86_64",
"8Base-RHOSE-4.3:machine-config-daemon-0:4.3.5-202003020117.git.0.61e0e48.el8.src",
"8Base-RHOSE-4.3:machine-config-daemon-0:4.3.5-202003020117.git.0.61e0e48.el8.x86_64",
"8Base-RHOSE-4.3:openshift-0:4.3.5-202002280657.git.0.b3bfb5a.el8.src",
"8Base-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el8.src",
"8Base-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el8.x86_64",
"8Base-RHOSE-4.3:openshift-clients-redistributable-0:4.3.5-202002280657.git.1.55a9334.el8.x86_64",
"8Base-RHOSE-4.3:openshift-hyperkube-0:4.3.5-202002280657.git.0.b3bfb5a.el8.x86_64",
"8Base-RHOSE-4.3:openshift-kuryr-0:4.3.5-202003020117.git.0.237579a.el8.src",
"8Base-RHOSE-4.3:openshift-kuryr-cni-0:4.3.5-202003020117.git.0.237579a.el8.noarch",
"8Base-RHOSE-4.3:openshift-kuryr-common-0:4.3.5-202003020117.git.0.237579a.el8.noarch",
"8Base-RHOSE-4.3:openshift-kuryr-controller-0:4.3.5-202003020117.git.0.237579a.el8.noarch",
"8Base-RHOSE-4.3:python3-kuryr-kubernetes-0:4.3.5-202003020117.git.0.237579a.el8.noarch",
"8Base-RHOSE-4.3:runc-0:1.0.0-65.rc10.rhaos4.3.el8.src",
"8Base-RHOSE-4.3:runc-0:1.0.0-65.rc10.rhaos4.3.el8.x86_64",
"8Base-RHOSE-4.3:runc-debuginfo-0:1.0.0-65.rc10.rhaos4.3.el8.x86_64",
"8Base-RHOSE-4.3:runc-debugsource-0:1.0.0-65.rc10.rhaos4.3.el8.x86_64",
"8Base-RHOSE-4.3:skopeo-1:0.1.40-4.rhaos.el8.src",
"8Base-RHOSE-4.3:skopeo-1:0.1.40-4.rhaos.el8.x86_64",
"8Base-RHOSE-4.3:skopeo-debuginfo-1:0.1.40-4.rhaos.el8.x86_64",
"8Base-RHOSE-4.3:skopeo-debugsource-1:0.1.40-4.rhaos.el8.x86_64",
"8Base-RHOSE-4.3:skopeo-tests-1:0.1.40-4.rhaos.el8.x86_64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1797087"
}
],
"notes": [
{
"category": "description",
"text": "Jenkins 2.218 and earlier, LTS 2.204.1 and earlier was vulnerable to a UDP amplification reflection denial of service attack on port 33848.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jenkins: UDP multicast/broadcast service amplification reflection attack",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RH7-RHOSE-4.3:jenkins-0:2.204.2.1583446818-1.el7.noarch",
"7Server-RH7-RHOSE-4.3:jenkins-0:2.204.2.1583446818-1.el7.src"
],
"known_not_affected": [
"7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-1:4.3.5-202003020117.git.0.4eb885c.el7.src",
"7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-1:4.3.5-202003020117.git.0.4eb885c.el7.x86_64",
"7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-svcat-1:4.3.5-202003020117.git.0.4eb885c.el7.x86_64",
"7Server-RH7-RHOSE-4.3:atomic-openshift-service-idler-0:4.3.5-202003020117.git.13.3ac2b0e.el7.src",
"7Server-RH7-RHOSE-4.3:atomic-openshift-service-idler-0:4.3.5-202003020117.git.13.3ac2b0e.el7.x86_64",
"7Server-RH7-RHOSE-4.3:cri-tools-0:1.17.0-1.el7.src",
"7Server-RH7-RHOSE-4.3:cri-tools-0:1.17.0-1.el7.x86_64",
"7Server-RH7-RHOSE-4.3:cri-tools-debuginfo-0:1.17.0-1.el7.x86_64",
"7Server-RH7-RHOSE-4.3:jenkins-2-plugins-0:4.3.1583445947-1.el7.noarch",
"7Server-RH7-RHOSE-4.3:jenkins-2-plugins-0:4.3.1583445947-1.el7.src",
"7Server-RH7-RHOSE-4.3:openshift-0:4.3.5-202002280657.git.0.b3bfb5a.el7.src",
"7Server-RH7-RHOSE-4.3:openshift-ansible-0:4.3.5-202002280657.git.1.e4f02b3.el7.noarch",
"7Server-RH7-RHOSE-4.3:openshift-ansible-0:4.3.5-202002280657.git.1.e4f02b3.el7.src",
"7Server-RH7-RHOSE-4.3:openshift-ansible-test-0:4.3.5-202002280657.git.1.e4f02b3.el7.noarch",
"7Server-RH7-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el7.src",
"7Server-RH7-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el7.x86_64",
"7Server-RH7-RHOSE-4.3:openshift-clients-redistributable-0:4.3.5-202002280657.git.1.55a9334.el7.x86_64",
"7Server-RH7-RHOSE-4.3:openshift-hyperkube-0:4.3.5-202002280657.git.0.b3bfb5a.el7.x86_64",
"7Server-RH7-RHOSE-4.3:ovn2.12-0:2.12.0-32.el7fdn.src",
"7Server-RH7-RHOSE-4.3:ovn2.12-0:2.12.0-32.el7fdn.x86_64",
"7Server-RH7-RHOSE-4.3:ovn2.12-central-0:2.12.0-32.el7fdn.x86_64",
"7Server-RH7-RHOSE-4.3:ovn2.12-debuginfo-0:2.12.0-32.el7fdn.x86_64",
"7Server-RH7-RHOSE-4.3:ovn2.12-host-0:2.12.0-32.el7fdn.x86_64",
"7Server-RH7-RHOSE-4.3:ovn2.12-vtep-0:2.12.0-32.el7fdn.x86_64",
"8Base-RHOSE-4.3:buildah-0:1.11.6-4.el8.src",
"8Base-RHOSE-4.3:buildah-0:1.11.6-4.el8.x86_64",
"8Base-RHOSE-4.3:buildah-debuginfo-0:1.11.6-4.el8.x86_64",
"8Base-RHOSE-4.3:buildah-debugsource-0:1.11.6-4.el8.x86_64",
"8Base-RHOSE-4.3:buildah-tests-0:1.11.6-4.el8.x86_64",
"8Base-RHOSE-4.3:buildah-tests-debuginfo-0:1.11.6-4.el8.x86_64",
"8Base-RHOSE-4.3:containers-common-1:0.1.40-4.rhaos.el8.x86_64",
"8Base-RHOSE-4.3:cri-o-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.src",
"8Base-RHOSE-4.3:cri-o-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.x86_64",
"8Base-RHOSE-4.3:cri-o-debuginfo-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.x86_64",
"8Base-RHOSE-4.3:cri-o-debugsource-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.x86_64",
"8Base-RHOSE-4.3:cri-tools-0:1.17.0-2.el8.src",
"8Base-RHOSE-4.3:cri-tools-0:1.17.0-2.el8.x86_64",
"8Base-RHOSE-4.3:cri-tools-debuginfo-0:1.17.0-2.el8.x86_64",
"8Base-RHOSE-4.3:cri-tools-debugsource-0:1.17.0-2.el8.x86_64",
"8Base-RHOSE-4.3:machine-config-daemon-0:4.3.5-202003020117.git.0.61e0e48.el8.src",
"8Base-RHOSE-4.3:machine-config-daemon-0:4.3.5-202003020117.git.0.61e0e48.el8.x86_64",
"8Base-RHOSE-4.3:openshift-0:4.3.5-202002280657.git.0.b3bfb5a.el8.src",
"8Base-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el8.src",
"8Base-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el8.x86_64",
"8Base-RHOSE-4.3:openshift-clients-redistributable-0:4.3.5-202002280657.git.1.55a9334.el8.x86_64",
"8Base-RHOSE-4.3:openshift-hyperkube-0:4.3.5-202002280657.git.0.b3bfb5a.el8.x86_64",
"8Base-RHOSE-4.3:openshift-kuryr-0:4.3.5-202003020117.git.0.237579a.el8.src",
"8Base-RHOSE-4.3:openshift-kuryr-cni-0:4.3.5-202003020117.git.0.237579a.el8.noarch",
"8Base-RHOSE-4.3:openshift-kuryr-common-0:4.3.5-202003020117.git.0.237579a.el8.noarch",
"8Base-RHOSE-4.3:openshift-kuryr-controller-0:4.3.5-202003020117.git.0.237579a.el8.noarch",
"8Base-RHOSE-4.3:python3-kuryr-kubernetes-0:4.3.5-202003020117.git.0.237579a.el8.noarch",
"8Base-RHOSE-4.3:runc-0:1.0.0-65.rc10.rhaos4.3.el8.src",
"8Base-RHOSE-4.3:runc-0:1.0.0-65.rc10.rhaos4.3.el8.x86_64",
"8Base-RHOSE-4.3:runc-debuginfo-0:1.0.0-65.rc10.rhaos4.3.el8.x86_64",
"8Base-RHOSE-4.3:runc-debugsource-0:1.0.0-65.rc10.rhaos4.3.el8.x86_64",
"8Base-RHOSE-4.3:skopeo-1:0.1.40-4.rhaos.el8.src",
"8Base-RHOSE-4.3:skopeo-1:0.1.40-4.rhaos.el8.x86_64",
"8Base-RHOSE-4.3:skopeo-debuginfo-1:0.1.40-4.rhaos.el8.x86_64",
"8Base-RHOSE-4.3:skopeo-debugsource-1:0.1.40-4.rhaos.el8.x86_64",
"8Base-RHOSE-4.3:skopeo-tests-1:0.1.40-4.rhaos.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-2100"
},
{
"category": "external",
"summary": "RHBZ#1797087",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1797087"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-2100",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2100"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-2100",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-2100"
}
],
"release_date": "2020-01-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-03-10T22:10:58+00:00",
"details": "Before applying this update, ensure all previously released errata relevant\nto your system have been applied.\n\nFor OpenShift Container Platform 4.3 see the following documentation, which\nwill be updated shortly for release 4.3.5, for important instructions on\nhow to upgrade your cluster and fully apply this asynchronous errata\nupdate:\n\nhttps://docs.openshift.com/container-platform/4.3/release_notes/ocp-4-3-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.3/updating/updating-cluster-cli.html.",
"product_ids": [
"7Server-RH7-RHOSE-4.3:jenkins-0:2.204.2.1583446818-1.el7.noarch",
"7Server-RH7-RHOSE-4.3:jenkins-0:2.204.2.1583446818-1.el7.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHBA-2020:0675"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"7Server-RH7-RHOSE-4.3:jenkins-0:2.204.2.1583446818-1.el7.noarch",
"7Server-RH7-RHOSE-4.3:jenkins-0:2.204.2.1583446818-1.el7.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jenkins: UDP multicast/broadcast service amplification reflection attack"
},
{
"cve": "CVE-2020-2101",
"cwe": {
"id": "CWE-385",
"name": "Covert Timing Channel"
},
"discovery_date": "2020-01-29T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-1:4.3.5-202003020117.git.0.4eb885c.el7.src",
"7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-1:4.3.5-202003020117.git.0.4eb885c.el7.x86_64",
"7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-svcat-1:4.3.5-202003020117.git.0.4eb885c.el7.x86_64",
"7Server-RH7-RHOSE-4.3:atomic-openshift-service-idler-0:4.3.5-202003020117.git.13.3ac2b0e.el7.src",
"7Server-RH7-RHOSE-4.3:atomic-openshift-service-idler-0:4.3.5-202003020117.git.13.3ac2b0e.el7.x86_64",
"7Server-RH7-RHOSE-4.3:cri-tools-0:1.17.0-1.el7.src",
"7Server-RH7-RHOSE-4.3:cri-tools-0:1.17.0-1.el7.x86_64",
"7Server-RH7-RHOSE-4.3:cri-tools-debuginfo-0:1.17.0-1.el7.x86_64",
"7Server-RH7-RHOSE-4.3:jenkins-2-plugins-0:4.3.1583445947-1.el7.noarch",
"7Server-RH7-RHOSE-4.3:jenkins-2-plugins-0:4.3.1583445947-1.el7.src",
"7Server-RH7-RHOSE-4.3:openshift-0:4.3.5-202002280657.git.0.b3bfb5a.el7.src",
"7Server-RH7-RHOSE-4.3:openshift-ansible-0:4.3.5-202002280657.git.1.e4f02b3.el7.noarch",
"7Server-RH7-RHOSE-4.3:openshift-ansible-0:4.3.5-202002280657.git.1.e4f02b3.el7.src",
"7Server-RH7-RHOSE-4.3:openshift-ansible-test-0:4.3.5-202002280657.git.1.e4f02b3.el7.noarch",
"7Server-RH7-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el7.src",
"7Server-RH7-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el7.x86_64",
"7Server-RH7-RHOSE-4.3:openshift-clients-redistributable-0:4.3.5-202002280657.git.1.55a9334.el7.x86_64",
"7Server-RH7-RHOSE-4.3:openshift-hyperkube-0:4.3.5-202002280657.git.0.b3bfb5a.el7.x86_64",
"7Server-RH7-RHOSE-4.3:ovn2.12-0:2.12.0-32.el7fdn.src",
"7Server-RH7-RHOSE-4.3:ovn2.12-0:2.12.0-32.el7fdn.x86_64",
"7Server-RH7-RHOSE-4.3:ovn2.12-central-0:2.12.0-32.el7fdn.x86_64",
"7Server-RH7-RHOSE-4.3:ovn2.12-debuginfo-0:2.12.0-32.el7fdn.x86_64",
"7Server-RH7-RHOSE-4.3:ovn2.12-host-0:2.12.0-32.el7fdn.x86_64",
"7Server-RH7-RHOSE-4.3:ovn2.12-vtep-0:2.12.0-32.el7fdn.x86_64",
"8Base-RHOSE-4.3:buildah-0:1.11.6-4.el8.src",
"8Base-RHOSE-4.3:buildah-0:1.11.6-4.el8.x86_64",
"8Base-RHOSE-4.3:buildah-debuginfo-0:1.11.6-4.el8.x86_64",
"8Base-RHOSE-4.3:buildah-debugsource-0:1.11.6-4.el8.x86_64",
"8Base-RHOSE-4.3:buildah-tests-0:1.11.6-4.el8.x86_64",
"8Base-RHOSE-4.3:buildah-tests-debuginfo-0:1.11.6-4.el8.x86_64",
"8Base-RHOSE-4.3:containers-common-1:0.1.40-4.rhaos.el8.x86_64",
"8Base-RHOSE-4.3:cri-o-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.src",
"8Base-RHOSE-4.3:cri-o-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.x86_64",
"8Base-RHOSE-4.3:cri-o-debuginfo-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.x86_64",
"8Base-RHOSE-4.3:cri-o-debugsource-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.x86_64",
"8Base-RHOSE-4.3:cri-tools-0:1.17.0-2.el8.src",
"8Base-RHOSE-4.3:cri-tools-0:1.17.0-2.el8.x86_64",
"8Base-RHOSE-4.3:cri-tools-debuginfo-0:1.17.0-2.el8.x86_64",
"8Base-RHOSE-4.3:cri-tools-debugsource-0:1.17.0-2.el8.x86_64",
"8Base-RHOSE-4.3:machine-config-daemon-0:4.3.5-202003020117.git.0.61e0e48.el8.src",
"8Base-RHOSE-4.3:machine-config-daemon-0:4.3.5-202003020117.git.0.61e0e48.el8.x86_64",
"8Base-RHOSE-4.3:openshift-0:4.3.5-202002280657.git.0.b3bfb5a.el8.src",
"8Base-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el8.src",
"8Base-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el8.x86_64",
"8Base-RHOSE-4.3:openshift-clients-redistributable-0:4.3.5-202002280657.git.1.55a9334.el8.x86_64",
"8Base-RHOSE-4.3:openshift-hyperkube-0:4.3.5-202002280657.git.0.b3bfb5a.el8.x86_64",
"8Base-RHOSE-4.3:openshift-kuryr-0:4.3.5-202003020117.git.0.237579a.el8.src",
"8Base-RHOSE-4.3:openshift-kuryr-cni-0:4.3.5-202003020117.git.0.237579a.el8.noarch",
"8Base-RHOSE-4.3:openshift-kuryr-common-0:4.3.5-202003020117.git.0.237579a.el8.noarch",
"8Base-RHOSE-4.3:openshift-kuryr-controller-0:4.3.5-202003020117.git.0.237579a.el8.noarch",
"8Base-RHOSE-4.3:python3-kuryr-kubernetes-0:4.3.5-202003020117.git.0.237579a.el8.noarch",
"8Base-RHOSE-4.3:runc-0:1.0.0-65.rc10.rhaos4.3.el8.src",
"8Base-RHOSE-4.3:runc-0:1.0.0-65.rc10.rhaos4.3.el8.x86_64",
"8Base-RHOSE-4.3:runc-debuginfo-0:1.0.0-65.rc10.rhaos4.3.el8.x86_64",
"8Base-RHOSE-4.3:runc-debugsource-0:1.0.0-65.rc10.rhaos4.3.el8.x86_64",
"8Base-RHOSE-4.3:skopeo-1:0.1.40-4.rhaos.el8.src",
"8Base-RHOSE-4.3:skopeo-1:0.1.40-4.rhaos.el8.x86_64",
"8Base-RHOSE-4.3:skopeo-debuginfo-1:0.1.40-4.rhaos.el8.x86_64",
"8Base-RHOSE-4.3:skopeo-debugsource-1:0.1.40-4.rhaos.el8.x86_64",
"8Base-RHOSE-4.3:skopeo-tests-1:0.1.40-4.rhaos.el8.x86_64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1797084"
}
],
"notes": [
{
"category": "description",
"text": "Jenkins 2.218 and earlier, LTS 2.204.1 and earlier did not use a constant-time comparison function for validating connection secrets, which could potentially allow an attacker to use a timing attack to obtain this secret.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jenkins: Non-constant time comparison of inbound TCP agent connection secret",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RH7-RHOSE-4.3:jenkins-0:2.204.2.1583446818-1.el7.noarch",
"7Server-RH7-RHOSE-4.3:jenkins-0:2.204.2.1583446818-1.el7.src"
],
"known_not_affected": [
"7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-1:4.3.5-202003020117.git.0.4eb885c.el7.src",
"7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-1:4.3.5-202003020117.git.0.4eb885c.el7.x86_64",
"7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-svcat-1:4.3.5-202003020117.git.0.4eb885c.el7.x86_64",
"7Server-RH7-RHOSE-4.3:atomic-openshift-service-idler-0:4.3.5-202003020117.git.13.3ac2b0e.el7.src",
"7Server-RH7-RHOSE-4.3:atomic-openshift-service-idler-0:4.3.5-202003020117.git.13.3ac2b0e.el7.x86_64",
"7Server-RH7-RHOSE-4.3:cri-tools-0:1.17.0-1.el7.src",
"7Server-RH7-RHOSE-4.3:cri-tools-0:1.17.0-1.el7.x86_64",
"7Server-RH7-RHOSE-4.3:cri-tools-debuginfo-0:1.17.0-1.el7.x86_64",
"7Server-RH7-RHOSE-4.3:jenkins-2-plugins-0:4.3.1583445947-1.el7.noarch",
"7Server-RH7-RHOSE-4.3:jenkins-2-plugins-0:4.3.1583445947-1.el7.src",
"7Server-RH7-RHOSE-4.3:openshift-0:4.3.5-202002280657.git.0.b3bfb5a.el7.src",
"7Server-RH7-RHOSE-4.3:openshift-ansible-0:4.3.5-202002280657.git.1.e4f02b3.el7.noarch",
"7Server-RH7-RHOSE-4.3:openshift-ansible-0:4.3.5-202002280657.git.1.e4f02b3.el7.src",
"7Server-RH7-RHOSE-4.3:openshift-ansible-test-0:4.3.5-202002280657.git.1.e4f02b3.el7.noarch",
"7Server-RH7-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el7.src",
"7Server-RH7-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el7.x86_64",
"7Server-RH7-RHOSE-4.3:openshift-clients-redistributable-0:4.3.5-202002280657.git.1.55a9334.el7.x86_64",
"7Server-RH7-RHOSE-4.3:openshift-hyperkube-0:4.3.5-202002280657.git.0.b3bfb5a.el7.x86_64",
"7Server-RH7-RHOSE-4.3:ovn2.12-0:2.12.0-32.el7fdn.src",
"7Server-RH7-RHOSE-4.3:ovn2.12-0:2.12.0-32.el7fdn.x86_64",
"7Server-RH7-RHOSE-4.3:ovn2.12-central-0:2.12.0-32.el7fdn.x86_64",
"7Server-RH7-RHOSE-4.3:ovn2.12-debuginfo-0:2.12.0-32.el7fdn.x86_64",
"7Server-RH7-RHOSE-4.3:ovn2.12-host-0:2.12.0-32.el7fdn.x86_64",
"7Server-RH7-RHOSE-4.3:ovn2.12-vtep-0:2.12.0-32.el7fdn.x86_64",
"8Base-RHOSE-4.3:buildah-0:1.11.6-4.el8.src",
"8Base-RHOSE-4.3:buildah-0:1.11.6-4.el8.x86_64",
"8Base-RHOSE-4.3:buildah-debuginfo-0:1.11.6-4.el8.x86_64",
"8Base-RHOSE-4.3:buildah-debugsource-0:1.11.6-4.el8.x86_64",
"8Base-RHOSE-4.3:buildah-tests-0:1.11.6-4.el8.x86_64",
"8Base-RHOSE-4.3:buildah-tests-debuginfo-0:1.11.6-4.el8.x86_64",
"8Base-RHOSE-4.3:containers-common-1:0.1.40-4.rhaos.el8.x86_64",
"8Base-RHOSE-4.3:cri-o-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.src",
"8Base-RHOSE-4.3:cri-o-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.x86_64",
"8Base-RHOSE-4.3:cri-o-debuginfo-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.x86_64",
"8Base-RHOSE-4.3:cri-o-debugsource-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.x86_64",
"8Base-RHOSE-4.3:cri-tools-0:1.17.0-2.el8.src",
"8Base-RHOSE-4.3:cri-tools-0:1.17.0-2.el8.x86_64",
"8Base-RHOSE-4.3:cri-tools-debuginfo-0:1.17.0-2.el8.x86_64",
"8Base-RHOSE-4.3:cri-tools-debugsource-0:1.17.0-2.el8.x86_64",
"8Base-RHOSE-4.3:machine-config-daemon-0:4.3.5-202003020117.git.0.61e0e48.el8.src",
"8Base-RHOSE-4.3:machine-config-daemon-0:4.3.5-202003020117.git.0.61e0e48.el8.x86_64",
"8Base-RHOSE-4.3:openshift-0:4.3.5-202002280657.git.0.b3bfb5a.el8.src",
"8Base-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el8.src",
"8Base-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el8.x86_64",
"8Base-RHOSE-4.3:openshift-clients-redistributable-0:4.3.5-202002280657.git.1.55a9334.el8.x86_64",
"8Base-RHOSE-4.3:openshift-hyperkube-0:4.3.5-202002280657.git.0.b3bfb5a.el8.x86_64",
"8Base-RHOSE-4.3:openshift-kuryr-0:4.3.5-202003020117.git.0.237579a.el8.src",
"8Base-RHOSE-4.3:openshift-kuryr-cni-0:4.3.5-202003020117.git.0.237579a.el8.noarch",
"8Base-RHOSE-4.3:openshift-kuryr-common-0:4.3.5-202003020117.git.0.237579a.el8.noarch",
"8Base-RHOSE-4.3:openshift-kuryr-controller-0:4.3.5-202003020117.git.0.237579a.el8.noarch",
"8Base-RHOSE-4.3:python3-kuryr-kubernetes-0:4.3.5-202003020117.git.0.237579a.el8.noarch",
"8Base-RHOSE-4.3:runc-0:1.0.0-65.rc10.rhaos4.3.el8.src",
"8Base-RHOSE-4.3:runc-0:1.0.0-65.rc10.rhaos4.3.el8.x86_64",
"8Base-RHOSE-4.3:runc-debuginfo-0:1.0.0-65.rc10.rhaos4.3.el8.x86_64",
"8Base-RHOSE-4.3:runc-debugsource-0:1.0.0-65.rc10.rhaos4.3.el8.x86_64",
"8Base-RHOSE-4.3:skopeo-1:0.1.40-4.rhaos.el8.src",
"8Base-RHOSE-4.3:skopeo-1:0.1.40-4.rhaos.el8.x86_64",
"8Base-RHOSE-4.3:skopeo-debuginfo-1:0.1.40-4.rhaos.el8.x86_64",
"8Base-RHOSE-4.3:skopeo-debugsource-1:0.1.40-4.rhaos.el8.x86_64",
"8Base-RHOSE-4.3:skopeo-tests-1:0.1.40-4.rhaos.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-2101"
},
{
"category": "external",
"summary": "RHBZ#1797084",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1797084"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-2101",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2101"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-2101",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-2101"
}
],
"release_date": "2020-01-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-03-10T22:10:58+00:00",
"details": "Before applying this update, ensure all previously released errata relevant\nto your system have been applied.\n\nFor OpenShift Container Platform 4.3 see the following documentation, which\nwill be updated shortly for release 4.3.5, for important instructions on\nhow to upgrade your cluster and fully apply this asynchronous errata\nupdate:\n\nhttps://docs.openshift.com/container-platform/4.3/release_notes/ocp-4-3-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.3/updating/updating-cluster-cli.html.",
"product_ids": [
"7Server-RH7-RHOSE-4.3:jenkins-0:2.204.2.1583446818-1.el7.noarch",
"7Server-RH7-RHOSE-4.3:jenkins-0:2.204.2.1583446818-1.el7.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHBA-2020:0675"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"7Server-RH7-RHOSE-4.3:jenkins-0:2.204.2.1583446818-1.el7.noarch",
"7Server-RH7-RHOSE-4.3:jenkins-0:2.204.2.1583446818-1.el7.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jenkins: Non-constant time comparison of inbound TCP agent connection secret"
},
{
"cve": "CVE-2020-2102",
"cwe": {
"id": "CWE-385",
"name": "Covert Timing Channel"
},
"discovery_date": "2020-01-29T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-1:4.3.5-202003020117.git.0.4eb885c.el7.src",
"7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-1:4.3.5-202003020117.git.0.4eb885c.el7.x86_64",
"7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-svcat-1:4.3.5-202003020117.git.0.4eb885c.el7.x86_64",
"7Server-RH7-RHOSE-4.3:atomic-openshift-service-idler-0:4.3.5-202003020117.git.13.3ac2b0e.el7.src",
"7Server-RH7-RHOSE-4.3:atomic-openshift-service-idler-0:4.3.5-202003020117.git.13.3ac2b0e.el7.x86_64",
"7Server-RH7-RHOSE-4.3:cri-tools-0:1.17.0-1.el7.src",
"7Server-RH7-RHOSE-4.3:cri-tools-0:1.17.0-1.el7.x86_64",
"7Server-RH7-RHOSE-4.3:cri-tools-debuginfo-0:1.17.0-1.el7.x86_64",
"7Server-RH7-RHOSE-4.3:jenkins-2-plugins-0:4.3.1583445947-1.el7.noarch",
"7Server-RH7-RHOSE-4.3:jenkins-2-plugins-0:4.3.1583445947-1.el7.src",
"7Server-RH7-RHOSE-4.3:openshift-0:4.3.5-202002280657.git.0.b3bfb5a.el7.src",
"7Server-RH7-RHOSE-4.3:openshift-ansible-0:4.3.5-202002280657.git.1.e4f02b3.el7.noarch",
"7Server-RH7-RHOSE-4.3:openshift-ansible-0:4.3.5-202002280657.git.1.e4f02b3.el7.src",
"7Server-RH7-RHOSE-4.3:openshift-ansible-test-0:4.3.5-202002280657.git.1.e4f02b3.el7.noarch",
"7Server-RH7-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el7.src",
"7Server-RH7-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el7.x86_64",
"7Server-RH7-RHOSE-4.3:openshift-clients-redistributable-0:4.3.5-202002280657.git.1.55a9334.el7.x86_64",
"7Server-RH7-RHOSE-4.3:openshift-hyperkube-0:4.3.5-202002280657.git.0.b3bfb5a.el7.x86_64",
"7Server-RH7-RHOSE-4.3:ovn2.12-0:2.12.0-32.el7fdn.src",
"7Server-RH7-RHOSE-4.3:ovn2.12-0:2.12.0-32.el7fdn.x86_64",
"7Server-RH7-RHOSE-4.3:ovn2.12-central-0:2.12.0-32.el7fdn.x86_64",
"7Server-RH7-RHOSE-4.3:ovn2.12-debuginfo-0:2.12.0-32.el7fdn.x86_64",
"7Server-RH7-RHOSE-4.3:ovn2.12-host-0:2.12.0-32.el7fdn.x86_64",
"7Server-RH7-RHOSE-4.3:ovn2.12-vtep-0:2.12.0-32.el7fdn.x86_64",
"8Base-RHOSE-4.3:buildah-0:1.11.6-4.el8.src",
"8Base-RHOSE-4.3:buildah-0:1.11.6-4.el8.x86_64",
"8Base-RHOSE-4.3:buildah-debuginfo-0:1.11.6-4.el8.x86_64",
"8Base-RHOSE-4.3:buildah-debugsource-0:1.11.6-4.el8.x86_64",
"8Base-RHOSE-4.3:buildah-tests-0:1.11.6-4.el8.x86_64",
"8Base-RHOSE-4.3:buildah-tests-debuginfo-0:1.11.6-4.el8.x86_64",
"8Base-RHOSE-4.3:containers-common-1:0.1.40-4.rhaos.el8.x86_64",
"8Base-RHOSE-4.3:cri-o-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.src",
"8Base-RHOSE-4.3:cri-o-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.x86_64",
"8Base-RHOSE-4.3:cri-o-debuginfo-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.x86_64",
"8Base-RHOSE-4.3:cri-o-debugsource-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.x86_64",
"8Base-RHOSE-4.3:cri-tools-0:1.17.0-2.el8.src",
"8Base-RHOSE-4.3:cri-tools-0:1.17.0-2.el8.x86_64",
"8Base-RHOSE-4.3:cri-tools-debuginfo-0:1.17.0-2.el8.x86_64",
"8Base-RHOSE-4.3:cri-tools-debugsource-0:1.17.0-2.el8.x86_64",
"8Base-RHOSE-4.3:machine-config-daemon-0:4.3.5-202003020117.git.0.61e0e48.el8.src",
"8Base-RHOSE-4.3:machine-config-daemon-0:4.3.5-202003020117.git.0.61e0e48.el8.x86_64",
"8Base-RHOSE-4.3:openshift-0:4.3.5-202002280657.git.0.b3bfb5a.el8.src",
"8Base-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el8.src",
"8Base-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el8.x86_64",
"8Base-RHOSE-4.3:openshift-clients-redistributable-0:4.3.5-202002280657.git.1.55a9334.el8.x86_64",
"8Base-RHOSE-4.3:openshift-hyperkube-0:4.3.5-202002280657.git.0.b3bfb5a.el8.x86_64",
"8Base-RHOSE-4.3:openshift-kuryr-0:4.3.5-202003020117.git.0.237579a.el8.src",
"8Base-RHOSE-4.3:openshift-kuryr-cni-0:4.3.5-202003020117.git.0.237579a.el8.noarch",
"8Base-RHOSE-4.3:openshift-kuryr-common-0:4.3.5-202003020117.git.0.237579a.el8.noarch",
"8Base-RHOSE-4.3:openshift-kuryr-controller-0:4.3.5-202003020117.git.0.237579a.el8.noarch",
"8Base-RHOSE-4.3:python3-kuryr-kubernetes-0:4.3.5-202003020117.git.0.237579a.el8.noarch",
"8Base-RHOSE-4.3:runc-0:1.0.0-65.rc10.rhaos4.3.el8.src",
"8Base-RHOSE-4.3:runc-0:1.0.0-65.rc10.rhaos4.3.el8.x86_64",
"8Base-RHOSE-4.3:runc-debuginfo-0:1.0.0-65.rc10.rhaos4.3.el8.x86_64",
"8Base-RHOSE-4.3:runc-debugsource-0:1.0.0-65.rc10.rhaos4.3.el8.x86_64",
"8Base-RHOSE-4.3:skopeo-1:0.1.40-4.rhaos.el8.src",
"8Base-RHOSE-4.3:skopeo-1:0.1.40-4.rhaos.el8.x86_64",
"8Base-RHOSE-4.3:skopeo-debuginfo-1:0.1.40-4.rhaos.el8.x86_64",
"8Base-RHOSE-4.3:skopeo-debugsource-1:0.1.40-4.rhaos.el8.x86_64",
"8Base-RHOSE-4.3:skopeo-tests-1:0.1.40-4.rhaos.el8.x86_64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1797071"
}
],
"notes": [
{
"category": "description",
"text": "Jenkins 2.218 and earlier, LTS 2.204.1 and earlier used a non-constant time comparison function when validating an HMAC.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jenkins: Non-constant time HMAC comparison",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RH7-RHOSE-4.3:jenkins-0:2.204.2.1583446818-1.el7.noarch",
"7Server-RH7-RHOSE-4.3:jenkins-0:2.204.2.1583446818-1.el7.src"
],
"known_not_affected": [
"7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-1:4.3.5-202003020117.git.0.4eb885c.el7.src",
"7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-1:4.3.5-202003020117.git.0.4eb885c.el7.x86_64",
"7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-svcat-1:4.3.5-202003020117.git.0.4eb885c.el7.x86_64",
"7Server-RH7-RHOSE-4.3:atomic-openshift-service-idler-0:4.3.5-202003020117.git.13.3ac2b0e.el7.src",
"7Server-RH7-RHOSE-4.3:atomic-openshift-service-idler-0:4.3.5-202003020117.git.13.3ac2b0e.el7.x86_64",
"7Server-RH7-RHOSE-4.3:cri-tools-0:1.17.0-1.el7.src",
"7Server-RH7-RHOSE-4.3:cri-tools-0:1.17.0-1.el7.x86_64",
"7Server-RH7-RHOSE-4.3:cri-tools-debuginfo-0:1.17.0-1.el7.x86_64",
"7Server-RH7-RHOSE-4.3:jenkins-2-plugins-0:4.3.1583445947-1.el7.noarch",
"7Server-RH7-RHOSE-4.3:jenkins-2-plugins-0:4.3.1583445947-1.el7.src",
"7Server-RH7-RHOSE-4.3:openshift-0:4.3.5-202002280657.git.0.b3bfb5a.el7.src",
"7Server-RH7-RHOSE-4.3:openshift-ansible-0:4.3.5-202002280657.git.1.e4f02b3.el7.noarch",
"7Server-RH7-RHOSE-4.3:openshift-ansible-0:4.3.5-202002280657.git.1.e4f02b3.el7.src",
"7Server-RH7-RHOSE-4.3:openshift-ansible-test-0:4.3.5-202002280657.git.1.e4f02b3.el7.noarch",
"7Server-RH7-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el7.src",
"7Server-RH7-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el7.x86_64",
"7Server-RH7-RHOSE-4.3:openshift-clients-redistributable-0:4.3.5-202002280657.git.1.55a9334.el7.x86_64",
"7Server-RH7-RHOSE-4.3:openshift-hyperkube-0:4.3.5-202002280657.git.0.b3bfb5a.el7.x86_64",
"7Server-RH7-RHOSE-4.3:ovn2.12-0:2.12.0-32.el7fdn.src",
"7Server-RH7-RHOSE-4.3:ovn2.12-0:2.12.0-32.el7fdn.x86_64",
"7Server-RH7-RHOSE-4.3:ovn2.12-central-0:2.12.0-32.el7fdn.x86_64",
"7Server-RH7-RHOSE-4.3:ovn2.12-debuginfo-0:2.12.0-32.el7fdn.x86_64",
"7Server-RH7-RHOSE-4.3:ovn2.12-host-0:2.12.0-32.el7fdn.x86_64",
"7Server-RH7-RHOSE-4.3:ovn2.12-vtep-0:2.12.0-32.el7fdn.x86_64",
"8Base-RHOSE-4.3:buildah-0:1.11.6-4.el8.src",
"8Base-RHOSE-4.3:buildah-0:1.11.6-4.el8.x86_64",
"8Base-RHOSE-4.3:buildah-debuginfo-0:1.11.6-4.el8.x86_64",
"8Base-RHOSE-4.3:buildah-debugsource-0:1.11.6-4.el8.x86_64",
"8Base-RHOSE-4.3:buildah-tests-0:1.11.6-4.el8.x86_64",
"8Base-RHOSE-4.3:buildah-tests-debuginfo-0:1.11.6-4.el8.x86_64",
"8Base-RHOSE-4.3:containers-common-1:0.1.40-4.rhaos.el8.x86_64",
"8Base-RHOSE-4.3:cri-o-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.src",
"8Base-RHOSE-4.3:cri-o-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.x86_64",
"8Base-RHOSE-4.3:cri-o-debuginfo-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.x86_64",
"8Base-RHOSE-4.3:cri-o-debugsource-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.x86_64",
"8Base-RHOSE-4.3:cri-tools-0:1.17.0-2.el8.src",
"8Base-RHOSE-4.3:cri-tools-0:1.17.0-2.el8.x86_64",
"8Base-RHOSE-4.3:cri-tools-debuginfo-0:1.17.0-2.el8.x86_64",
"8Base-RHOSE-4.3:cri-tools-debugsource-0:1.17.0-2.el8.x86_64",
"8Base-RHOSE-4.3:machine-config-daemon-0:4.3.5-202003020117.git.0.61e0e48.el8.src",
"8Base-RHOSE-4.3:machine-config-daemon-0:4.3.5-202003020117.git.0.61e0e48.el8.x86_64",
"8Base-RHOSE-4.3:openshift-0:4.3.5-202002280657.git.0.b3bfb5a.el8.src",
"8Base-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el8.src",
"8Base-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el8.x86_64",
"8Base-RHOSE-4.3:openshift-clients-redistributable-0:4.3.5-202002280657.git.1.55a9334.el8.x86_64",
"8Base-RHOSE-4.3:openshift-hyperkube-0:4.3.5-202002280657.git.0.b3bfb5a.el8.x86_64",
"8Base-RHOSE-4.3:openshift-kuryr-0:4.3.5-202003020117.git.0.237579a.el8.src",
"8Base-RHOSE-4.3:openshift-kuryr-cni-0:4.3.5-202003020117.git.0.237579a.el8.noarch",
"8Base-RHOSE-4.3:openshift-kuryr-common-0:4.3.5-202003020117.git.0.237579a.el8.noarch",
"8Base-RHOSE-4.3:openshift-kuryr-controller-0:4.3.5-202003020117.git.0.237579a.el8.noarch",
"8Base-RHOSE-4.3:python3-kuryr-kubernetes-0:4.3.5-202003020117.git.0.237579a.el8.noarch",
"8Base-RHOSE-4.3:runc-0:1.0.0-65.rc10.rhaos4.3.el8.src",
"8Base-RHOSE-4.3:runc-0:1.0.0-65.rc10.rhaos4.3.el8.x86_64",
"8Base-RHOSE-4.3:runc-debuginfo-0:1.0.0-65.rc10.rhaos4.3.el8.x86_64",
"8Base-RHOSE-4.3:runc-debugsource-0:1.0.0-65.rc10.rhaos4.3.el8.x86_64",
"8Base-RHOSE-4.3:skopeo-1:0.1.40-4.rhaos.el8.src",
"8Base-RHOSE-4.3:skopeo-1:0.1.40-4.rhaos.el8.x86_64",
"8Base-RHOSE-4.3:skopeo-debuginfo-1:0.1.40-4.rhaos.el8.x86_64",
"8Base-RHOSE-4.3:skopeo-debugsource-1:0.1.40-4.rhaos.el8.x86_64",
"8Base-RHOSE-4.3:skopeo-tests-1:0.1.40-4.rhaos.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-2102"
},
{
"category": "external",
"summary": "RHBZ#1797071",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1797071"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-2102",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2102"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-2102",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-2102"
}
],
"release_date": "2020-01-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-03-10T22:10:58+00:00",
"details": "Before applying this update, ensure all previously released errata relevant\nto your system have been applied.\n\nFor OpenShift Container Platform 4.3 see the following documentation, which\nwill be updated shortly for release 4.3.5, for important instructions on\nhow to upgrade your cluster and fully apply this asynchronous errata\nupdate:\n\nhttps://docs.openshift.com/container-platform/4.3/release_notes/ocp-4-3-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.3/updating/updating-cluster-cli.html.",
"product_ids": [
"7Server-RH7-RHOSE-4.3:jenkins-0:2.204.2.1583446818-1.el7.noarch",
"7Server-RH7-RHOSE-4.3:jenkins-0:2.204.2.1583446818-1.el7.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHBA-2020:0675"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"7Server-RH7-RHOSE-4.3:jenkins-0:2.204.2.1583446818-1.el7.noarch",
"7Server-RH7-RHOSE-4.3:jenkins-0:2.204.2.1583446818-1.el7.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jenkins: Non-constant time HMAC comparison"
},
{
"cve": "CVE-2020-2103",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"discovery_date": "2020-01-29T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-1:4.3.5-202003020117.git.0.4eb885c.el7.src",
"7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-1:4.3.5-202003020117.git.0.4eb885c.el7.x86_64",
"7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-svcat-1:4.3.5-202003020117.git.0.4eb885c.el7.x86_64",
"7Server-RH7-RHOSE-4.3:atomic-openshift-service-idler-0:4.3.5-202003020117.git.13.3ac2b0e.el7.src",
"7Server-RH7-RHOSE-4.3:atomic-openshift-service-idler-0:4.3.5-202003020117.git.13.3ac2b0e.el7.x86_64",
"7Server-RH7-RHOSE-4.3:cri-tools-0:1.17.0-1.el7.src",
"7Server-RH7-RHOSE-4.3:cri-tools-0:1.17.0-1.el7.x86_64",
"7Server-RH7-RHOSE-4.3:cri-tools-debuginfo-0:1.17.0-1.el7.x86_64",
"7Server-RH7-RHOSE-4.3:jenkins-2-plugins-0:4.3.1583445947-1.el7.noarch",
"7Server-RH7-RHOSE-4.3:jenkins-2-plugins-0:4.3.1583445947-1.el7.src",
"7Server-RH7-RHOSE-4.3:openshift-0:4.3.5-202002280657.git.0.b3bfb5a.el7.src",
"7Server-RH7-RHOSE-4.3:openshift-ansible-0:4.3.5-202002280657.git.1.e4f02b3.el7.noarch",
"7Server-RH7-RHOSE-4.3:openshift-ansible-0:4.3.5-202002280657.git.1.e4f02b3.el7.src",
"7Server-RH7-RHOSE-4.3:openshift-ansible-test-0:4.3.5-202002280657.git.1.e4f02b3.el7.noarch",
"7Server-RH7-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el7.src",
"7Server-RH7-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el7.x86_64",
"7Server-RH7-RHOSE-4.3:openshift-clients-redistributable-0:4.3.5-202002280657.git.1.55a9334.el7.x86_64",
"7Server-RH7-RHOSE-4.3:openshift-hyperkube-0:4.3.5-202002280657.git.0.b3bfb5a.el7.x86_64",
"7Server-RH7-RHOSE-4.3:ovn2.12-0:2.12.0-32.el7fdn.src",
"7Server-RH7-RHOSE-4.3:ovn2.12-0:2.12.0-32.el7fdn.x86_64",
"7Server-RH7-RHOSE-4.3:ovn2.12-central-0:2.12.0-32.el7fdn.x86_64",
"7Server-RH7-RHOSE-4.3:ovn2.12-debuginfo-0:2.12.0-32.el7fdn.x86_64",
"7Server-RH7-RHOSE-4.3:ovn2.12-host-0:2.12.0-32.el7fdn.x86_64",
"7Server-RH7-RHOSE-4.3:ovn2.12-vtep-0:2.12.0-32.el7fdn.x86_64",
"8Base-RHOSE-4.3:buildah-0:1.11.6-4.el8.src",
"8Base-RHOSE-4.3:buildah-0:1.11.6-4.el8.x86_64",
"8Base-RHOSE-4.3:buildah-debuginfo-0:1.11.6-4.el8.x86_64",
"8Base-RHOSE-4.3:buildah-debugsource-0:1.11.6-4.el8.x86_64",
"8Base-RHOSE-4.3:buildah-tests-0:1.11.6-4.el8.x86_64",
"8Base-RHOSE-4.3:buildah-tests-debuginfo-0:1.11.6-4.el8.x86_64",
"8Base-RHOSE-4.3:containers-common-1:0.1.40-4.rhaos.el8.x86_64",
"8Base-RHOSE-4.3:cri-o-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.src",
"8Base-RHOSE-4.3:cri-o-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.x86_64",
"8Base-RHOSE-4.3:cri-o-debuginfo-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.x86_64",
"8Base-RHOSE-4.3:cri-o-debugsource-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.x86_64",
"8Base-RHOSE-4.3:cri-tools-0:1.17.0-2.el8.src",
"8Base-RHOSE-4.3:cri-tools-0:1.17.0-2.el8.x86_64",
"8Base-RHOSE-4.3:cri-tools-debuginfo-0:1.17.0-2.el8.x86_64",
"8Base-RHOSE-4.3:cri-tools-debugsource-0:1.17.0-2.el8.x86_64",
"8Base-RHOSE-4.3:machine-config-daemon-0:4.3.5-202003020117.git.0.61e0e48.el8.src",
"8Base-RHOSE-4.3:machine-config-daemon-0:4.3.5-202003020117.git.0.61e0e48.el8.x86_64",
"8Base-RHOSE-4.3:openshift-0:4.3.5-202002280657.git.0.b3bfb5a.el8.src",
"8Base-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el8.src",
"8Base-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el8.x86_64",
"8Base-RHOSE-4.3:openshift-clients-redistributable-0:4.3.5-202002280657.git.1.55a9334.el8.x86_64",
"8Base-RHOSE-4.3:openshift-hyperkube-0:4.3.5-202002280657.git.0.b3bfb5a.el8.x86_64",
"8Base-RHOSE-4.3:openshift-kuryr-0:4.3.5-202003020117.git.0.237579a.el8.src",
"8Base-RHOSE-4.3:openshift-kuryr-cni-0:4.3.5-202003020117.git.0.237579a.el8.noarch",
"8Base-RHOSE-4.3:openshift-kuryr-common-0:4.3.5-202003020117.git.0.237579a.el8.noarch",
"8Base-RHOSE-4.3:openshift-kuryr-controller-0:4.3.5-202003020117.git.0.237579a.el8.noarch",
"8Base-RHOSE-4.3:python3-kuryr-kubernetes-0:4.3.5-202003020117.git.0.237579a.el8.noarch",
"8Base-RHOSE-4.3:runc-0:1.0.0-65.rc10.rhaos4.3.el8.src",
"8Base-RHOSE-4.3:runc-0:1.0.0-65.rc10.rhaos4.3.el8.x86_64",
"8Base-RHOSE-4.3:runc-debuginfo-0:1.0.0-65.rc10.rhaos4.3.el8.x86_64",
"8Base-RHOSE-4.3:runc-debugsource-0:1.0.0-65.rc10.rhaos4.3.el8.x86_64",
"8Base-RHOSE-4.3:skopeo-1:0.1.40-4.rhaos.el8.src",
"8Base-RHOSE-4.3:skopeo-1:0.1.40-4.rhaos.el8.x86_64",
"8Base-RHOSE-4.3:skopeo-debuginfo-1:0.1.40-4.rhaos.el8.x86_64",
"8Base-RHOSE-4.3:skopeo-debugsource-1:0.1.40-4.rhaos.el8.x86_64",
"8Base-RHOSE-4.3:skopeo-tests-1:0.1.40-4.rhaos.el8.x86_64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1797062"
}
],
"notes": [
{
"category": "description",
"text": "Jenkins 2.218 and earlier, LTS 2.204.1 and earlier exposed session identifiers on a user\u0027s detail object in the whoAmI diagnostic page.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jenkins: Exposed session identifiers on user detail object in the whoAmI diagnostic page",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RH7-RHOSE-4.3:jenkins-0:2.204.2.1583446818-1.el7.noarch",
"7Server-RH7-RHOSE-4.3:jenkins-0:2.204.2.1583446818-1.el7.src"
],
"known_not_affected": [
"7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-1:4.3.5-202003020117.git.0.4eb885c.el7.src",
"7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-1:4.3.5-202003020117.git.0.4eb885c.el7.x86_64",
"7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-svcat-1:4.3.5-202003020117.git.0.4eb885c.el7.x86_64",
"7Server-RH7-RHOSE-4.3:atomic-openshift-service-idler-0:4.3.5-202003020117.git.13.3ac2b0e.el7.src",
"7Server-RH7-RHOSE-4.3:atomic-openshift-service-idler-0:4.3.5-202003020117.git.13.3ac2b0e.el7.x86_64",
"7Server-RH7-RHOSE-4.3:cri-tools-0:1.17.0-1.el7.src",
"7Server-RH7-RHOSE-4.3:cri-tools-0:1.17.0-1.el7.x86_64",
"7Server-RH7-RHOSE-4.3:cri-tools-debuginfo-0:1.17.0-1.el7.x86_64",
"7Server-RH7-RHOSE-4.3:jenkins-2-plugins-0:4.3.1583445947-1.el7.noarch",
"7Server-RH7-RHOSE-4.3:jenkins-2-plugins-0:4.3.1583445947-1.el7.src",
"7Server-RH7-RHOSE-4.3:openshift-0:4.3.5-202002280657.git.0.b3bfb5a.el7.src",
"7Server-RH7-RHOSE-4.3:openshift-ansible-0:4.3.5-202002280657.git.1.e4f02b3.el7.noarch",
"7Server-RH7-RHOSE-4.3:openshift-ansible-0:4.3.5-202002280657.git.1.e4f02b3.el7.src",
"7Server-RH7-RHOSE-4.3:openshift-ansible-test-0:4.3.5-202002280657.git.1.e4f02b3.el7.noarch",
"7Server-RH7-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el7.src",
"7Server-RH7-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el7.x86_64",
"7Server-RH7-RHOSE-4.3:openshift-clients-redistributable-0:4.3.5-202002280657.git.1.55a9334.el7.x86_64",
"7Server-RH7-RHOSE-4.3:openshift-hyperkube-0:4.3.5-202002280657.git.0.b3bfb5a.el7.x86_64",
"7Server-RH7-RHOSE-4.3:ovn2.12-0:2.12.0-32.el7fdn.src",
"7Server-RH7-RHOSE-4.3:ovn2.12-0:2.12.0-32.el7fdn.x86_64",
"7Server-RH7-RHOSE-4.3:ovn2.12-central-0:2.12.0-32.el7fdn.x86_64",
"7Server-RH7-RHOSE-4.3:ovn2.12-debuginfo-0:2.12.0-32.el7fdn.x86_64",
"7Server-RH7-RHOSE-4.3:ovn2.12-host-0:2.12.0-32.el7fdn.x86_64",
"7Server-RH7-RHOSE-4.3:ovn2.12-vtep-0:2.12.0-32.el7fdn.x86_64",
"8Base-RHOSE-4.3:buildah-0:1.11.6-4.el8.src",
"8Base-RHOSE-4.3:buildah-0:1.11.6-4.el8.x86_64",
"8Base-RHOSE-4.3:buildah-debuginfo-0:1.11.6-4.el8.x86_64",
"8Base-RHOSE-4.3:buildah-debugsource-0:1.11.6-4.el8.x86_64",
"8Base-RHOSE-4.3:buildah-tests-0:1.11.6-4.el8.x86_64",
"8Base-RHOSE-4.3:buildah-tests-debuginfo-0:1.11.6-4.el8.x86_64",
"8Base-RHOSE-4.3:containers-common-1:0.1.40-4.rhaos.el8.x86_64",
"8Base-RHOSE-4.3:cri-o-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.src",
"8Base-RHOSE-4.3:cri-o-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.x86_64",
"8Base-RHOSE-4.3:cri-o-debuginfo-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.x86_64",
"8Base-RHOSE-4.3:cri-o-debugsource-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.x86_64",
"8Base-RHOSE-4.3:cri-tools-0:1.17.0-2.el8.src",
"8Base-RHOSE-4.3:cri-tools-0:1.17.0-2.el8.x86_64",
"8Base-RHOSE-4.3:cri-tools-debuginfo-0:1.17.0-2.el8.x86_64",
"8Base-RHOSE-4.3:cri-tools-debugsource-0:1.17.0-2.el8.x86_64",
"8Base-RHOSE-4.3:machine-config-daemon-0:4.3.5-202003020117.git.0.61e0e48.el8.src",
"8Base-RHOSE-4.3:machine-config-daemon-0:4.3.5-202003020117.git.0.61e0e48.el8.x86_64",
"8Base-RHOSE-4.3:openshift-0:4.3.5-202002280657.git.0.b3bfb5a.el8.src",
"8Base-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el8.src",
"8Base-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el8.x86_64",
"8Base-RHOSE-4.3:openshift-clients-redistributable-0:4.3.5-202002280657.git.1.55a9334.el8.x86_64",
"8Base-RHOSE-4.3:openshift-hyperkube-0:4.3.5-202002280657.git.0.b3bfb5a.el8.x86_64",
"8Base-RHOSE-4.3:openshift-kuryr-0:4.3.5-202003020117.git.0.237579a.el8.src",
"8Base-RHOSE-4.3:openshift-kuryr-cni-0:4.3.5-202003020117.git.0.237579a.el8.noarch",
"8Base-RHOSE-4.3:openshift-kuryr-common-0:4.3.5-202003020117.git.0.237579a.el8.noarch",
"8Base-RHOSE-4.3:openshift-kuryr-controller-0:4.3.5-202003020117.git.0.237579a.el8.noarch",
"8Base-RHOSE-4.3:python3-kuryr-kubernetes-0:4.3.5-202003020117.git.0.237579a.el8.noarch",
"8Base-RHOSE-4.3:runc-0:1.0.0-65.rc10.rhaos4.3.el8.src",
"8Base-RHOSE-4.3:runc-0:1.0.0-65.rc10.rhaos4.3.el8.x86_64",
"8Base-RHOSE-4.3:runc-debuginfo-0:1.0.0-65.rc10.rhaos4.3.el8.x86_64",
"8Base-RHOSE-4.3:runc-debugsource-0:1.0.0-65.rc10.rhaos4.3.el8.x86_64",
"8Base-RHOSE-4.3:skopeo-1:0.1.40-4.rhaos.el8.src",
"8Base-RHOSE-4.3:skopeo-1:0.1.40-4.rhaos.el8.x86_64",
"8Base-RHOSE-4.3:skopeo-debuginfo-1:0.1.40-4.rhaos.el8.x86_64",
"8Base-RHOSE-4.3:skopeo-debugsource-1:0.1.40-4.rhaos.el8.x86_64",
"8Base-RHOSE-4.3:skopeo-tests-1:0.1.40-4.rhaos.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-2103"
},
{
"category": "external",
"summary": "RHBZ#1797062",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1797062"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-2103",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2103"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-2103",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-2103"
}
],
"release_date": "2020-01-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-03-10T22:10:58+00:00",
"details": "Before applying this update, ensure all previously released errata relevant\nto your system have been applied.\n\nFor OpenShift Container Platform 4.3 see the following documentation, which\nwill be updated shortly for release 4.3.5, for important instructions on\nhow to upgrade your cluster and fully apply this asynchronous errata\nupdate:\n\nhttps://docs.openshift.com/container-platform/4.3/release_notes/ocp-4-3-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.3/updating/updating-cluster-cli.html.",
"product_ids": [
"7Server-RH7-RHOSE-4.3:jenkins-0:2.204.2.1583446818-1.el7.noarch",
"7Server-RH7-RHOSE-4.3:jenkins-0:2.204.2.1583446818-1.el7.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHBA-2020:0675"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"7Server-RH7-RHOSE-4.3:jenkins-0:2.204.2.1583446818-1.el7.noarch",
"7Server-RH7-RHOSE-4.3:jenkins-0:2.204.2.1583446818-1.el7.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jenkins: Exposed session identifiers on user detail object in the whoAmI diagnostic page"
},
{
"cve": "CVE-2020-2104",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"discovery_date": "2020-01-29T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-1:4.3.5-202003020117.git.0.4eb885c.el7.src",
"7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-1:4.3.5-202003020117.git.0.4eb885c.el7.x86_64",
"7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-svcat-1:4.3.5-202003020117.git.0.4eb885c.el7.x86_64",
"7Server-RH7-RHOSE-4.3:atomic-openshift-service-idler-0:4.3.5-202003020117.git.13.3ac2b0e.el7.src",
"7Server-RH7-RHOSE-4.3:atomic-openshift-service-idler-0:4.3.5-202003020117.git.13.3ac2b0e.el7.x86_64",
"7Server-RH7-RHOSE-4.3:cri-tools-0:1.17.0-1.el7.src",
"7Server-RH7-RHOSE-4.3:cri-tools-0:1.17.0-1.el7.x86_64",
"7Server-RH7-RHOSE-4.3:cri-tools-debuginfo-0:1.17.0-1.el7.x86_64",
"7Server-RH7-RHOSE-4.3:jenkins-2-plugins-0:4.3.1583445947-1.el7.noarch",
"7Server-RH7-RHOSE-4.3:jenkins-2-plugins-0:4.3.1583445947-1.el7.src",
"7Server-RH7-RHOSE-4.3:openshift-0:4.3.5-202002280657.git.0.b3bfb5a.el7.src",
"7Server-RH7-RHOSE-4.3:openshift-ansible-0:4.3.5-202002280657.git.1.e4f02b3.el7.noarch",
"7Server-RH7-RHOSE-4.3:openshift-ansible-0:4.3.5-202002280657.git.1.e4f02b3.el7.src",
"7Server-RH7-RHOSE-4.3:openshift-ansible-test-0:4.3.5-202002280657.git.1.e4f02b3.el7.noarch",
"7Server-RH7-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el7.src",
"7Server-RH7-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el7.x86_64",
"7Server-RH7-RHOSE-4.3:openshift-clients-redistributable-0:4.3.5-202002280657.git.1.55a9334.el7.x86_64",
"7Server-RH7-RHOSE-4.3:openshift-hyperkube-0:4.3.5-202002280657.git.0.b3bfb5a.el7.x86_64",
"7Server-RH7-RHOSE-4.3:ovn2.12-0:2.12.0-32.el7fdn.src",
"7Server-RH7-RHOSE-4.3:ovn2.12-0:2.12.0-32.el7fdn.x86_64",
"7Server-RH7-RHOSE-4.3:ovn2.12-central-0:2.12.0-32.el7fdn.x86_64",
"7Server-RH7-RHOSE-4.3:ovn2.12-debuginfo-0:2.12.0-32.el7fdn.x86_64",
"7Server-RH7-RHOSE-4.3:ovn2.12-host-0:2.12.0-32.el7fdn.x86_64",
"7Server-RH7-RHOSE-4.3:ovn2.12-vtep-0:2.12.0-32.el7fdn.x86_64",
"8Base-RHOSE-4.3:buildah-0:1.11.6-4.el8.src",
"8Base-RHOSE-4.3:buildah-0:1.11.6-4.el8.x86_64",
"8Base-RHOSE-4.3:buildah-debuginfo-0:1.11.6-4.el8.x86_64",
"8Base-RHOSE-4.3:buildah-debugsource-0:1.11.6-4.el8.x86_64",
"8Base-RHOSE-4.3:buildah-tests-0:1.11.6-4.el8.x86_64",
"8Base-RHOSE-4.3:buildah-tests-debuginfo-0:1.11.6-4.el8.x86_64",
"8Base-RHOSE-4.3:containers-common-1:0.1.40-4.rhaos.el8.x86_64",
"8Base-RHOSE-4.3:cri-o-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.src",
"8Base-RHOSE-4.3:cri-o-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.x86_64",
"8Base-RHOSE-4.3:cri-o-debuginfo-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.x86_64",
"8Base-RHOSE-4.3:cri-o-debugsource-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.x86_64",
"8Base-RHOSE-4.3:cri-tools-0:1.17.0-2.el8.src",
"8Base-RHOSE-4.3:cri-tools-0:1.17.0-2.el8.x86_64",
"8Base-RHOSE-4.3:cri-tools-debuginfo-0:1.17.0-2.el8.x86_64",
"8Base-RHOSE-4.3:cri-tools-debugsource-0:1.17.0-2.el8.x86_64",
"8Base-RHOSE-4.3:machine-config-daemon-0:4.3.5-202003020117.git.0.61e0e48.el8.src",
"8Base-RHOSE-4.3:machine-config-daemon-0:4.3.5-202003020117.git.0.61e0e48.el8.x86_64",
"8Base-RHOSE-4.3:openshift-0:4.3.5-202002280657.git.0.b3bfb5a.el8.src",
"8Base-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el8.src",
"8Base-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el8.x86_64",
"8Base-RHOSE-4.3:openshift-clients-redistributable-0:4.3.5-202002280657.git.1.55a9334.el8.x86_64",
"8Base-RHOSE-4.3:openshift-hyperkube-0:4.3.5-202002280657.git.0.b3bfb5a.el8.x86_64",
"8Base-RHOSE-4.3:openshift-kuryr-0:4.3.5-202003020117.git.0.237579a.el8.src",
"8Base-RHOSE-4.3:openshift-kuryr-cni-0:4.3.5-202003020117.git.0.237579a.el8.noarch",
"8Base-RHOSE-4.3:openshift-kuryr-common-0:4.3.5-202003020117.git.0.237579a.el8.noarch",
"8Base-RHOSE-4.3:openshift-kuryr-controller-0:4.3.5-202003020117.git.0.237579a.el8.noarch",
"8Base-RHOSE-4.3:python3-kuryr-kubernetes-0:4.3.5-202003020117.git.0.237579a.el8.noarch",
"8Base-RHOSE-4.3:runc-0:1.0.0-65.rc10.rhaos4.3.el8.src",
"8Base-RHOSE-4.3:runc-0:1.0.0-65.rc10.rhaos4.3.el8.x86_64",
"8Base-RHOSE-4.3:runc-debuginfo-0:1.0.0-65.rc10.rhaos4.3.el8.x86_64",
"8Base-RHOSE-4.3:runc-debugsource-0:1.0.0-65.rc10.rhaos4.3.el8.x86_64",
"8Base-RHOSE-4.3:skopeo-1:0.1.40-4.rhaos.el8.src",
"8Base-RHOSE-4.3:skopeo-1:0.1.40-4.rhaos.el8.x86_64",
"8Base-RHOSE-4.3:skopeo-debuginfo-1:0.1.40-4.rhaos.el8.x86_64",
"8Base-RHOSE-4.3:skopeo-debugsource-1:0.1.40-4.rhaos.el8.x86_64",
"8Base-RHOSE-4.3:skopeo-tests-1:0.1.40-4.rhaos.el8.x86_64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1797065"
}
],
"notes": [
{
"category": "description",
"text": "Jenkins 2.218 and earlier, LTS 2.204.1 and earlier allowed users with Overall/Read access to view a JVM memory usage chart.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jenkins: Memory usage graphs accessible to anyone with Overall/Read",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RH7-RHOSE-4.3:jenkins-0:2.204.2.1583446818-1.el7.noarch",
"7Server-RH7-RHOSE-4.3:jenkins-0:2.204.2.1583446818-1.el7.src"
],
"known_not_affected": [
"7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-1:4.3.5-202003020117.git.0.4eb885c.el7.src",
"7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-1:4.3.5-202003020117.git.0.4eb885c.el7.x86_64",
"7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-svcat-1:4.3.5-202003020117.git.0.4eb885c.el7.x86_64",
"7Server-RH7-RHOSE-4.3:atomic-openshift-service-idler-0:4.3.5-202003020117.git.13.3ac2b0e.el7.src",
"7Server-RH7-RHOSE-4.3:atomic-openshift-service-idler-0:4.3.5-202003020117.git.13.3ac2b0e.el7.x86_64",
"7Server-RH7-RHOSE-4.3:cri-tools-0:1.17.0-1.el7.src",
"7Server-RH7-RHOSE-4.3:cri-tools-0:1.17.0-1.el7.x86_64",
"7Server-RH7-RHOSE-4.3:cri-tools-debuginfo-0:1.17.0-1.el7.x86_64",
"7Server-RH7-RHOSE-4.3:jenkins-2-plugins-0:4.3.1583445947-1.el7.noarch",
"7Server-RH7-RHOSE-4.3:jenkins-2-plugins-0:4.3.1583445947-1.el7.src",
"7Server-RH7-RHOSE-4.3:openshift-0:4.3.5-202002280657.git.0.b3bfb5a.el7.src",
"7Server-RH7-RHOSE-4.3:openshift-ansible-0:4.3.5-202002280657.git.1.e4f02b3.el7.noarch",
"7Server-RH7-RHOSE-4.3:openshift-ansible-0:4.3.5-202002280657.git.1.e4f02b3.el7.src",
"7Server-RH7-RHOSE-4.3:openshift-ansible-test-0:4.3.5-202002280657.git.1.e4f02b3.el7.noarch",
"7Server-RH7-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el7.src",
"7Server-RH7-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el7.x86_64",
"7Server-RH7-RHOSE-4.3:openshift-clients-redistributable-0:4.3.5-202002280657.git.1.55a9334.el7.x86_64",
"7Server-RH7-RHOSE-4.3:openshift-hyperkube-0:4.3.5-202002280657.git.0.b3bfb5a.el7.x86_64",
"7Server-RH7-RHOSE-4.3:ovn2.12-0:2.12.0-32.el7fdn.src",
"7Server-RH7-RHOSE-4.3:ovn2.12-0:2.12.0-32.el7fdn.x86_64",
"7Server-RH7-RHOSE-4.3:ovn2.12-central-0:2.12.0-32.el7fdn.x86_64",
"7Server-RH7-RHOSE-4.3:ovn2.12-debuginfo-0:2.12.0-32.el7fdn.x86_64",
"7Server-RH7-RHOSE-4.3:ovn2.12-host-0:2.12.0-32.el7fdn.x86_64",
"7Server-RH7-RHOSE-4.3:ovn2.12-vtep-0:2.12.0-32.el7fdn.x86_64",
"8Base-RHOSE-4.3:buildah-0:1.11.6-4.el8.src",
"8Base-RHOSE-4.3:buildah-0:1.11.6-4.el8.x86_64",
"8Base-RHOSE-4.3:buildah-debuginfo-0:1.11.6-4.el8.x86_64",
"8Base-RHOSE-4.3:buildah-debugsource-0:1.11.6-4.el8.x86_64",
"8Base-RHOSE-4.3:buildah-tests-0:1.11.6-4.el8.x86_64",
"8Base-RHOSE-4.3:buildah-tests-debuginfo-0:1.11.6-4.el8.x86_64",
"8Base-RHOSE-4.3:containers-common-1:0.1.40-4.rhaos.el8.x86_64",
"8Base-RHOSE-4.3:cri-o-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.src",
"8Base-RHOSE-4.3:cri-o-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.x86_64",
"8Base-RHOSE-4.3:cri-o-debuginfo-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.x86_64",
"8Base-RHOSE-4.3:cri-o-debugsource-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.x86_64",
"8Base-RHOSE-4.3:cri-tools-0:1.17.0-2.el8.src",
"8Base-RHOSE-4.3:cri-tools-0:1.17.0-2.el8.x86_64",
"8Base-RHOSE-4.3:cri-tools-debuginfo-0:1.17.0-2.el8.x86_64",
"8Base-RHOSE-4.3:cri-tools-debugsource-0:1.17.0-2.el8.x86_64",
"8Base-RHOSE-4.3:machine-config-daemon-0:4.3.5-202003020117.git.0.61e0e48.el8.src",
"8Base-RHOSE-4.3:machine-config-daemon-0:4.3.5-202003020117.git.0.61e0e48.el8.x86_64",
"8Base-RHOSE-4.3:openshift-0:4.3.5-202002280657.git.0.b3bfb5a.el8.src",
"8Base-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el8.src",
"8Base-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el8.x86_64",
"8Base-RHOSE-4.3:openshift-clients-redistributable-0:4.3.5-202002280657.git.1.55a9334.el8.x86_64",
"8Base-RHOSE-4.3:openshift-hyperkube-0:4.3.5-202002280657.git.0.b3bfb5a.el8.x86_64",
"8Base-RHOSE-4.3:openshift-kuryr-0:4.3.5-202003020117.git.0.237579a.el8.src",
"8Base-RHOSE-4.3:openshift-kuryr-cni-0:4.3.5-202003020117.git.0.237579a.el8.noarch",
"8Base-RHOSE-4.3:openshift-kuryr-common-0:4.3.5-202003020117.git.0.237579a.el8.noarch",
"8Base-RHOSE-4.3:openshift-kuryr-controller-0:4.3.5-202003020117.git.0.237579a.el8.noarch",
"8Base-RHOSE-4.3:python3-kuryr-kubernetes-0:4.3.5-202003020117.git.0.237579a.el8.noarch",
"8Base-RHOSE-4.3:runc-0:1.0.0-65.rc10.rhaos4.3.el8.src",
"8Base-RHOSE-4.3:runc-0:1.0.0-65.rc10.rhaos4.3.el8.x86_64",
"8Base-RHOSE-4.3:runc-debuginfo-0:1.0.0-65.rc10.rhaos4.3.el8.x86_64",
"8Base-RHOSE-4.3:runc-debugsource-0:1.0.0-65.rc10.rhaos4.3.el8.x86_64",
"8Base-RHOSE-4.3:skopeo-1:0.1.40-4.rhaos.el8.src",
"8Base-RHOSE-4.3:skopeo-1:0.1.40-4.rhaos.el8.x86_64",
"8Base-RHOSE-4.3:skopeo-debuginfo-1:0.1.40-4.rhaos.el8.x86_64",
"8Base-RHOSE-4.3:skopeo-debugsource-1:0.1.40-4.rhaos.el8.x86_64",
"8Base-RHOSE-4.3:skopeo-tests-1:0.1.40-4.rhaos.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-2104"
},
{
"category": "external",
"summary": "RHBZ#1797065",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1797065"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-2104",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2104"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-2104",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-2104"
}
],
"release_date": "2020-01-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-03-10T22:10:58+00:00",
"details": "Before applying this update, ensure all previously released errata relevant\nto your system have been applied.\n\nFor OpenShift Container Platform 4.3 see the following documentation, which\nwill be updated shortly for release 4.3.5, for important instructions on\nhow to upgrade your cluster and fully apply this asynchronous errata\nupdate:\n\nhttps://docs.openshift.com/container-platform/4.3/release_notes/ocp-4-3-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.3/updating/updating-cluster-cli.html.",
"product_ids": [
"7Server-RH7-RHOSE-4.3:jenkins-0:2.204.2.1583446818-1.el7.noarch",
"7Server-RH7-RHOSE-4.3:jenkins-0:2.204.2.1583446818-1.el7.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHBA-2020:0675"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"7Server-RH7-RHOSE-4.3:jenkins-0:2.204.2.1583446818-1.el7.noarch",
"7Server-RH7-RHOSE-4.3:jenkins-0:2.204.2.1583446818-1.el7.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "jenkins: Memory usage graphs accessible to anyone with Overall/Read"
},
{
"cve": "CVE-2020-2105",
"cwe": {
"id": "CWE-227",
"name": "CWE-227"
},
"discovery_date": "2020-01-29T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-1:4.3.5-202003020117.git.0.4eb885c.el7.src",
"7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-1:4.3.5-202003020117.git.0.4eb885c.el7.x86_64",
"7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-svcat-1:4.3.5-202003020117.git.0.4eb885c.el7.x86_64",
"7Server-RH7-RHOSE-4.3:atomic-openshift-service-idler-0:4.3.5-202003020117.git.13.3ac2b0e.el7.src",
"7Server-RH7-RHOSE-4.3:atomic-openshift-service-idler-0:4.3.5-202003020117.git.13.3ac2b0e.el7.x86_64",
"7Server-RH7-RHOSE-4.3:cri-tools-0:1.17.0-1.el7.src",
"7Server-RH7-RHOSE-4.3:cri-tools-0:1.17.0-1.el7.x86_64",
"7Server-RH7-RHOSE-4.3:cri-tools-debuginfo-0:1.17.0-1.el7.x86_64",
"7Server-RH7-RHOSE-4.3:jenkins-2-plugins-0:4.3.1583445947-1.el7.noarch",
"7Server-RH7-RHOSE-4.3:jenkins-2-plugins-0:4.3.1583445947-1.el7.src",
"7Server-RH7-RHOSE-4.3:openshift-0:4.3.5-202002280657.git.0.b3bfb5a.el7.src",
"7Server-RH7-RHOSE-4.3:openshift-ansible-0:4.3.5-202002280657.git.1.e4f02b3.el7.noarch",
"7Server-RH7-RHOSE-4.3:openshift-ansible-0:4.3.5-202002280657.git.1.e4f02b3.el7.src",
"7Server-RH7-RHOSE-4.3:openshift-ansible-test-0:4.3.5-202002280657.git.1.e4f02b3.el7.noarch",
"7Server-RH7-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el7.src",
"7Server-RH7-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el7.x86_64",
"7Server-RH7-RHOSE-4.3:openshift-clients-redistributable-0:4.3.5-202002280657.git.1.55a9334.el7.x86_64",
"7Server-RH7-RHOSE-4.3:openshift-hyperkube-0:4.3.5-202002280657.git.0.b3bfb5a.el7.x86_64",
"7Server-RH7-RHOSE-4.3:ovn2.12-0:2.12.0-32.el7fdn.src",
"7Server-RH7-RHOSE-4.3:ovn2.12-0:2.12.0-32.el7fdn.x86_64",
"7Server-RH7-RHOSE-4.3:ovn2.12-central-0:2.12.0-32.el7fdn.x86_64",
"7Server-RH7-RHOSE-4.3:ovn2.12-debuginfo-0:2.12.0-32.el7fdn.x86_64",
"7Server-RH7-RHOSE-4.3:ovn2.12-host-0:2.12.0-32.el7fdn.x86_64",
"7Server-RH7-RHOSE-4.3:ovn2.12-vtep-0:2.12.0-32.el7fdn.x86_64",
"8Base-RHOSE-4.3:buildah-0:1.11.6-4.el8.src",
"8Base-RHOSE-4.3:buildah-0:1.11.6-4.el8.x86_64",
"8Base-RHOSE-4.3:buildah-debuginfo-0:1.11.6-4.el8.x86_64",
"8Base-RHOSE-4.3:buildah-debugsource-0:1.11.6-4.el8.x86_64",
"8Base-RHOSE-4.3:buildah-tests-0:1.11.6-4.el8.x86_64",
"8Base-RHOSE-4.3:buildah-tests-debuginfo-0:1.11.6-4.el8.x86_64",
"8Base-RHOSE-4.3:containers-common-1:0.1.40-4.rhaos.el8.x86_64",
"8Base-RHOSE-4.3:cri-o-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.src",
"8Base-RHOSE-4.3:cri-o-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.x86_64",
"8Base-RHOSE-4.3:cri-o-debuginfo-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.x86_64",
"8Base-RHOSE-4.3:cri-o-debugsource-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.x86_64",
"8Base-RHOSE-4.3:cri-tools-0:1.17.0-2.el8.src",
"8Base-RHOSE-4.3:cri-tools-0:1.17.0-2.el8.x86_64",
"8Base-RHOSE-4.3:cri-tools-debuginfo-0:1.17.0-2.el8.x86_64",
"8Base-RHOSE-4.3:cri-tools-debugsource-0:1.17.0-2.el8.x86_64",
"8Base-RHOSE-4.3:machine-config-daemon-0:4.3.5-202003020117.git.0.61e0e48.el8.src",
"8Base-RHOSE-4.3:machine-config-daemon-0:4.3.5-202003020117.git.0.61e0e48.el8.x86_64",
"8Base-RHOSE-4.3:openshift-0:4.3.5-202002280657.git.0.b3bfb5a.el8.src",
"8Base-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el8.src",
"8Base-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el8.x86_64",
"8Base-RHOSE-4.3:openshift-clients-redistributable-0:4.3.5-202002280657.git.1.55a9334.el8.x86_64",
"8Base-RHOSE-4.3:openshift-hyperkube-0:4.3.5-202002280657.git.0.b3bfb5a.el8.x86_64",
"8Base-RHOSE-4.3:openshift-kuryr-0:4.3.5-202003020117.git.0.237579a.el8.src",
"8Base-RHOSE-4.3:openshift-kuryr-cni-0:4.3.5-202003020117.git.0.237579a.el8.noarch",
"8Base-RHOSE-4.3:openshift-kuryr-common-0:4.3.5-202003020117.git.0.237579a.el8.noarch",
"8Base-RHOSE-4.3:openshift-kuryr-controller-0:4.3.5-202003020117.git.0.237579a.el8.noarch",
"8Base-RHOSE-4.3:python3-kuryr-kubernetes-0:4.3.5-202003020117.git.0.237579a.el8.noarch",
"8Base-RHOSE-4.3:runc-0:1.0.0-65.rc10.rhaos4.3.el8.src",
"8Base-RHOSE-4.3:runc-0:1.0.0-65.rc10.rhaos4.3.el8.x86_64",
"8Base-RHOSE-4.3:runc-debuginfo-0:1.0.0-65.rc10.rhaos4.3.el8.x86_64",
"8Base-RHOSE-4.3:runc-debugsource-0:1.0.0-65.rc10.rhaos4.3.el8.x86_64",
"8Base-RHOSE-4.3:skopeo-1:0.1.40-4.rhaos.el8.src",
"8Base-RHOSE-4.3:skopeo-1:0.1.40-4.rhaos.el8.x86_64",
"8Base-RHOSE-4.3:skopeo-debuginfo-1:0.1.40-4.rhaos.el8.x86_64",
"8Base-RHOSE-4.3:skopeo-debugsource-1:0.1.40-4.rhaos.el8.x86_64",
"8Base-RHOSE-4.3:skopeo-tests-1:0.1.40-4.rhaos.el8.x86_64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1797068"
}
],
"notes": [
{
"category": "description",
"text": "REST API endpoints in Jenkins 2.218 and earlier, LTS 2.204.1 and earlier were vulnerable to clickjacking attacks.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jenkins: REST APIs vulnerable to clickjacking",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RH7-RHOSE-4.3:jenkins-0:2.204.2.1583446818-1.el7.noarch",
"7Server-RH7-RHOSE-4.3:jenkins-0:2.204.2.1583446818-1.el7.src"
],
"known_not_affected": [
"7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-1:4.3.5-202003020117.git.0.4eb885c.el7.src",
"7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-1:4.3.5-202003020117.git.0.4eb885c.el7.x86_64",
"7Server-RH7-RHOSE-4.3:atomic-enterprise-service-catalog-svcat-1:4.3.5-202003020117.git.0.4eb885c.el7.x86_64",
"7Server-RH7-RHOSE-4.3:atomic-openshift-service-idler-0:4.3.5-202003020117.git.13.3ac2b0e.el7.src",
"7Server-RH7-RHOSE-4.3:atomic-openshift-service-idler-0:4.3.5-202003020117.git.13.3ac2b0e.el7.x86_64",
"7Server-RH7-RHOSE-4.3:cri-tools-0:1.17.0-1.el7.src",
"7Server-RH7-RHOSE-4.3:cri-tools-0:1.17.0-1.el7.x86_64",
"7Server-RH7-RHOSE-4.3:cri-tools-debuginfo-0:1.17.0-1.el7.x86_64",
"7Server-RH7-RHOSE-4.3:jenkins-2-plugins-0:4.3.1583445947-1.el7.noarch",
"7Server-RH7-RHOSE-4.3:jenkins-2-plugins-0:4.3.1583445947-1.el7.src",
"7Server-RH7-RHOSE-4.3:openshift-0:4.3.5-202002280657.git.0.b3bfb5a.el7.src",
"7Server-RH7-RHOSE-4.3:openshift-ansible-0:4.3.5-202002280657.git.1.e4f02b3.el7.noarch",
"7Server-RH7-RHOSE-4.3:openshift-ansible-0:4.3.5-202002280657.git.1.e4f02b3.el7.src",
"7Server-RH7-RHOSE-4.3:openshift-ansible-test-0:4.3.5-202002280657.git.1.e4f02b3.el7.noarch",
"7Server-RH7-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el7.src",
"7Server-RH7-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el7.x86_64",
"7Server-RH7-RHOSE-4.3:openshift-clients-redistributable-0:4.3.5-202002280657.git.1.55a9334.el7.x86_64",
"7Server-RH7-RHOSE-4.3:openshift-hyperkube-0:4.3.5-202002280657.git.0.b3bfb5a.el7.x86_64",
"7Server-RH7-RHOSE-4.3:ovn2.12-0:2.12.0-32.el7fdn.src",
"7Server-RH7-RHOSE-4.3:ovn2.12-0:2.12.0-32.el7fdn.x86_64",
"7Server-RH7-RHOSE-4.3:ovn2.12-central-0:2.12.0-32.el7fdn.x86_64",
"7Server-RH7-RHOSE-4.3:ovn2.12-debuginfo-0:2.12.0-32.el7fdn.x86_64",
"7Server-RH7-RHOSE-4.3:ovn2.12-host-0:2.12.0-32.el7fdn.x86_64",
"7Server-RH7-RHOSE-4.3:ovn2.12-vtep-0:2.12.0-32.el7fdn.x86_64",
"8Base-RHOSE-4.3:buildah-0:1.11.6-4.el8.src",
"8Base-RHOSE-4.3:buildah-0:1.11.6-4.el8.x86_64",
"8Base-RHOSE-4.3:buildah-debuginfo-0:1.11.6-4.el8.x86_64",
"8Base-RHOSE-4.3:buildah-debugsource-0:1.11.6-4.el8.x86_64",
"8Base-RHOSE-4.3:buildah-tests-0:1.11.6-4.el8.x86_64",
"8Base-RHOSE-4.3:buildah-tests-debuginfo-0:1.11.6-4.el8.x86_64",
"8Base-RHOSE-4.3:containers-common-1:0.1.40-4.rhaos.el8.x86_64",
"8Base-RHOSE-4.3:cri-o-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.src",
"8Base-RHOSE-4.3:cri-o-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.x86_64",
"8Base-RHOSE-4.3:cri-o-debuginfo-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.x86_64",
"8Base-RHOSE-4.3:cri-o-debugsource-0:1.16.3-22.dev.rhaos4.3.git11c04e3.el8.x86_64",
"8Base-RHOSE-4.3:cri-tools-0:1.17.0-2.el8.src",
"8Base-RHOSE-4.3:cri-tools-0:1.17.0-2.el8.x86_64",
"8Base-RHOSE-4.3:cri-tools-debuginfo-0:1.17.0-2.el8.x86_64",
"8Base-RHOSE-4.3:cri-tools-debugsource-0:1.17.0-2.el8.x86_64",
"8Base-RHOSE-4.3:machine-config-daemon-0:4.3.5-202003020117.git.0.61e0e48.el8.src",
"8Base-RHOSE-4.3:machine-config-daemon-0:4.3.5-202003020117.git.0.61e0e48.el8.x86_64",
"8Base-RHOSE-4.3:openshift-0:4.3.5-202002280657.git.0.b3bfb5a.el8.src",
"8Base-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el8.src",
"8Base-RHOSE-4.3:openshift-clients-0:4.3.5-202002280657.git.1.55a9334.el8.x86_64",
"8Base-RHOSE-4.3:openshift-clients-redistributable-0:4.3.5-202002280657.git.1.55a9334.el8.x86_64",
"8Base-RHOSE-4.3:openshift-hyperkube-0:4.3.5-202002280657.git.0.b3bfb5a.el8.x86_64",
"8Base-RHOSE-4.3:openshift-kuryr-0:4.3.5-202003020117.git.0.237579a.el8.src",
"8Base-RHOSE-4.3:openshift-kuryr-cni-0:4.3.5-202003020117.git.0.237579a.el8.noarch",
"8Base-RHOSE-4.3:openshift-kuryr-common-0:4.3.5-202003020117.git.0.237579a.el8.noarch",
"8Base-RHOSE-4.3:openshift-kuryr-controller-0:4.3.5-202003020117.git.0.237579a.el8.noarch",
"8Base-RHOSE-4.3:python3-kuryr-kubernetes-0:4.3.5-202003020117.git.0.237579a.el8.noarch",
"8Base-RHOSE-4.3:runc-0:1.0.0-65.rc10.rhaos4.3.el8.src",
"8Base-RHOSE-4.3:runc-0:1.0.0-65.rc10.rhaos4.3.el8.x86_64",
"8Base-RHOSE-4.3:runc-debuginfo-0:1.0.0-65.rc10.rhaos4.3.el8.x86_64",
"8Base-RHOSE-4.3:runc-debugsource-0:1.0.0-65.rc10.rhaos4.3.el8.x86_64",
"8Base-RHOSE-4.3:skopeo-1:0.1.40-4.rhaos.el8.src",
"8Base-RHOSE-4.3:skopeo-1:0.1.40-4.rhaos.el8.x86_64",
"8Base-RHOSE-4.3:skopeo-debuginfo-1:0.1.40-4.rhaos.el8.x86_64",
"8Base-RHOSE-4.3:skopeo-debugsource-1:0.1.40-4.rhaos.el8.x86_64",
"8Base-RHOSE-4.3:skopeo-tests-1:0.1.40-4.rhaos.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-2105"
},
{
"category": "external",
"summary": "RHBZ#1797068",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1797068"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-2105",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2105"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-2105",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-2105"
}
],
"release_date": "2020-01-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-03-10T22:10:58+00:00",
"details": "Before applying this update, ensure all previously released errata relevant\nto your system have been applied.\n\nFor OpenShift Container Platform 4.3 see the following documentation, which\nwill be updated shortly for release 4.3.5, for important instructions on\nhow to upgrade your cluster and fully apply this asynchronous errata\nupdate:\n\nhttps://docs.openshift.com/container-platform/4.3/release_notes/ocp-4-3-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.3/updating/updating-cluster-cli.html.",
"product_ids": [
"7Server-RH7-RHOSE-4.3:jenkins-0:2.204.2.1583446818-1.el7.noarch",
"7Server-RH7-RHOSE-4.3:jenkins-0:2.204.2.1583446818-1.el7.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHBA-2020:0675"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.1,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"7Server-RH7-RHOSE-4.3:jenkins-0:2.204.2.1583446818-1.el7.noarch",
"7Server-RH7-RHOSE-4.3:jenkins-0:2.204.2.1583446818-1.el7.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "jenkins: REST APIs vulnerable to clickjacking"
}
]
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…