cvelistv5 - cve-2017-1000085

cve-2017-1000085

Vulnerability from cvelistv5

Published

2017-10-04 01:00

Modified

2024-08-05 21:53

Severity ?

Summary

Subversion Plugin connects to a user-specified Subversion repository as part of form validation (e.g. to retrieve a list of tags). This functionality improperly checked permissions, allowing any user with Item/Build permission (but not Item/Configure) to connect to any web server or Subversion server and send credentials with a known ID, thereby possibly capturing them. Additionally, this functionality did not require POST requests be used, thereby allowing the above to be performed without direct access to Jenkins via Cross-Site Request Forgery attacks.

References

URL	Tags
cve@mitre.org	http://www.securityfocus.com/bid/99574	Third Party Advisory, VDB Entry
cve@mitre.org	https://jenkins.io/security/advisory/2017-07-10/	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/99574	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	https://jenkins.io/security/advisory/2017-07-10/	Vendor Advisory

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T21:53:06.882Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "99574",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/99574"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://jenkins.io/security/advisory/2017-07-10/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "dateAssigned": "2017-08-22T00:00:00",
      "datePublic": "2017-10-03T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Subversion Plugin connects to a user-specified Subversion repository as part of form validation (e.g. to retrieve a list of tags). This functionality improperly checked permissions, allowing any user with Item/Build permission (but not Item/Configure) to connect to any web server or Subversion server and send credentials with a known ID, thereby possibly capturing them. Additionally, this functionality did not require POST requests be used, thereby allowing the above to be performed without direct access to Jenkins via Cross-Site Request Forgery attacks."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-10-04T09:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "99574",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/99574"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://jenkins.io/security/advisory/2017-07-10/"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "DATE_ASSIGNED": "2017-08-22T17:29:33.308514",
          "ID": "CVE-2017-1000085",
          "REQUESTER": "ml@beckweb.net",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Subversion Plugin connects to a user-specified Subversion repository as part of form validation (e.g. to retrieve a list of tags). This functionality improperly checked permissions, allowing any user with Item/Build permission (but not Item/Configure) to connect to any web server or Subversion server and send credentials with a known ID, thereby possibly capturing them. Additionally, this functionality did not require POST requests be used, thereby allowing the above to be performed without direct access to Jenkins via Cross-Site Request Forgery attacks."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "99574",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/99574"
            },
            {
              "name": "https://jenkins.io/security/advisory/2017-07-10/",
              "refsource": "CONFIRM",
              "url": "https://jenkins.io/security/advisory/2017-07-10/"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2017-1000085",
    "datePublished": "2017-10-04T01:00:00",
    "dateReserved": "2017-07-13T00:00:00",
    "dateUpdated": "2024-08-05T21:53:06.882Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2017-1000085\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2017-10-05T01:29:03.540\",\"lastModified\":\"2024-11-21T03:04:07.380\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Subversion Plugin connects to a user-specified Subversion repository as part of form validation (e.g. to retrieve a list of tags). This functionality improperly checked permissions, allowing any user with Item/Build permission (but not Item/Configure) to connect to any web server or Subversion server and send credentials with a known ID, thereby possibly capturing them. Additionally, this functionality did not require POST requests be used, thereby allowing the above to be performed without direct access to Jenkins via Cross-Site Request Forgery attacks.\"},{\"lang\":\"es\",\"value\":\"El plugin Subversion conecta con un repositorio Subversion especificado por el usuario como parte de una validaci\u00f3n de formulario (por ejemplo, para recuperar una lista de etiquetas). La herramienta no comprueba correctamente los permisos, lo que permite que cualquier usuario con permisos Item/Build (pero no Item/Configure) se conecte a cualquier servidor web o servidor Subversion y env\u00ede credenciales con un ID conocido, pudiendo capturarlas en consecuencia. Adem\u00e1s, esta funcionalidad no necesita utilizar peticiones POST, lo que permite que se realice lo anterior sin tener acceso directo a Jenkins mediante ataques de tipo Cross-Site Request Forgery (CSRF).\"}],\"metrics\":{\"cvssMetricV30\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N\",\"baseScore\":6.5,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"REQUIRED\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":2.8,\"impactScore\":3.6}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:N/C:P/I:N/A:N\",\"baseScore\":4.3,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":8.6,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":true}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-352\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:jenkins:subversion:*:*:*:*:*:jenkins:*:*\",\"versionEndIncluding\":\"2.8\",\"matchCriteriaId\":\"9DB3B3E5-3597-47C3-94F9-679392CAF0B1\"}]}]}],\"references\":[{\"url\":\"http://www.securityfocus.com/bid/99574\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://jenkins.io/security/advisory/2017-07-10/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/99574\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://jenkins.io/security/advisory/2017-07-10/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]}]}}"
  }
}

fkie_cve-2017-1000085

Vulnerability from fkie_nvd

Published

2017-10-05 01:29

Modified

2024-11-21 03:04

Severity ?

6.5 (Medium) - CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

Summary

References

URL	Tags
cve@mitre.org	http://www.securityfocus.com/bid/99574	Third Party Advisory, VDB Entry
cve@mitre.org	https://jenkins.io/security/advisory/2017-07-10/	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/99574	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	https://jenkins.io/security/advisory/2017-07-10/	Vendor Advisory

Impacted products

	Vendor	Product	Version
	jenkins	subversion	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:jenkins:subversion:*:*:*:*:*:jenkins:*:*",
              "matchCriteriaId": "9DB3B3E5-3597-47C3-94F9-679392CAF0B1",
              "versionEndIncluding": "2.8",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Subversion Plugin connects to a user-specified Subversion repository as part of form validation (e.g. to retrieve a list of tags). This functionality improperly checked permissions, allowing any user with Item/Build permission (but not Item/Configure) to connect to any web server or Subversion server and send credentials with a known ID, thereby possibly capturing them. Additionally, this functionality did not require POST requests be used, thereby allowing the above to be performed without direct access to Jenkins via Cross-Site Request Forgery attacks."
    },
    {
      "lang": "es",
      "value": "El plugin Subversion conecta con un repositorio Subversion especificado por el usuario como parte de una validaci\u00f3n de formulario (por ejemplo, para recuperar una lista de etiquetas). La herramienta no comprueba correctamente los permisos, lo que permite que cualquier usuario con permisos Item/Build (pero no Item/Configure) se conecte a cualquier servidor web o servidor Subversion y env\u00ede credenciales con un ID conocido, pudiendo capturarlas en consecuencia. Adem\u00e1s, esta funcionalidad no necesita utilizar peticiones POST, lo que permite que se realice lo anterior sin tener acceso directo a Jenkins mediante ataques de tipo Cross-Site Request Forgery (CSRF)."
    }
  ],
  "id": "CVE-2017-1000085",
  "lastModified": "2024-11-21T03:04:07.380",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 4.3,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 6.5,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "REQUIRED",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
          "version": "3.0"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2017-10-05T01:29:03.540",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/99574"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://jenkins.io/security/advisory/2017-07-10/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/99574"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://jenkins.io/security/advisory/2017-07-10/"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-352"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

rhba-2017_2642

Vulnerability from csaf_redhat

Published

2017-09-08 03:14

Modified

2024-11-22 11:21

Summary

Red Hat Bug Fix Advisory: OpenShift Container Platform 3.6.1 bug fix and enhancement update

Notes

Topic

Red Hat OpenShift Container Platform releases 3.6.1 are now available with updates to packages and images that fix several bugs and add various enhancements.

Details

Red Hat OpenShift Container Platform is the company's cloud computing Platform-as-a-Service (PaaS) solution designed for on-premise or private cloud deployments. This advisory contains the RPM packages for Red Hat OpenShift Container Platform 3.6.1. See the following advisory for the container images for this release: https://access.redhat.com/errata/RHEA-2017:2644 This update fixes the following bugs: * When the atomic-openshift-node service got restarted, all processes in its control group are terminated, including the glusterfs-mounted points. Each glusterfs volume in OpenShift corresponds to one mounted point. If all mounting points are lost, so are all of the volumes. Set the control group mode to terminate only the main process and leave the remaining glusterfs mounting points untouched. When the atomic-openshift-node service is restarted, no glusterfs mounting point is terminated. (BZ#1423640) * A route can front up to four services that handle the requests. The load balancing strategy governs which endpoint gets each request. When round-robin is chosen, the portion of the requests that each service handles is governed by the weight assigned to the service. Each endpoint in the service gets a fraction of the service's requests. (BZ#1473736) * When fluentd was reading from the journald and the output buffer queue wass full, the fluentd log was filled up with KubeClient messages. This is a bug in the fluentd filter_kubernetes_metadata plug-in. Ignore fluentd log messages from Kubeclient::Common::WatchNotice. (BZ#1476731) * Previously, the Copy Service Labels link in the Create Route form did not correctly copy the labels from the service to the new route. It has been fixed to copy the selected service's labels. (BZ#1477933) * Permissions on directories injected as a build input via the image source input mechanism have user-only access permissions. Therefore, the resulting application image cannot access the content when run as a random user ID. With this bug fix, the directories will be injected with group permissions, which will allow the user access to the container. (BZ#1479130) * Kibana nodejs runtime was not the same as the version distributed by Elastic. With this bug fix, the versioning is updated. (BZ#1479928) * Previously, the ScaleIO volume plug-in was missing in OpenShift Container Platform. With this bug fix, it is now fully enabled. (BZ#1482273) * Namespaces that use reserved names and were not created by infrastructure components should be blocked, as they will cause the upgrade to fail. (BZ#1484958) This update includes the following enhancement: * There is now the ability to set reference policy with `oc import-image`. Set reference policy using the `--reference-policy` flag when invoking `oc import-image`. When importing all tags (using the `--all` flag), all tags will get passed to reference policy, including overwriting the already present one. (BZ#1420976) All OpenShift Container Platform 3.6 users are advised to upgrade to these updated packages and images.

This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://access.redhat.com/security/updates/classification/",
      "text": "Important"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "Red Hat OpenShift Container Platform releases 3.6.1 are now available with updates to packages and images that fix several bugs and add various enhancements.",
        "title": "Topic"
      },
      {
        "category": "general",
        "text": "Red Hat OpenShift Container Platform is the company\u0027s cloud computing Platform-as-a-Service (PaaS) solution designed for on-premise or private cloud deployments.\n\nThis advisory contains the RPM packages for Red Hat OpenShift Container Platform 3.6.1. See the following advisory for the container images for this release:\n\nhttps://access.redhat.com/errata/RHEA-2017:2644\n\nThis update fixes the following bugs:\n\n* When the atomic-openshift-node service got restarted, all processes in its control group are terminated, including the glusterfs-mounted points. Each glusterfs volume in OpenShift corresponds to one mounted point. If all mounting points are lost, so are all of the volumes. Set the control group mode to terminate only the main process and leave the remaining glusterfs mounting points untouched. When the atomic-openshift-node service is restarted, no glusterfs mounting point is terminated.\n(BZ#1423640)\n\n* A route can front up to four services that handle the requests. The load balancing strategy governs which endpoint gets each request. When round-robin is chosen, the portion of the requests that each\nservice handles is governed by the weight assigned to the service. Each endpoint in the service gets a fraction of the service\u0027s requests. (BZ#1473736)\n\n* When fluentd was reading from the journald and the output buffer queue wass full, the fluentd log was filled up with KubeClient messages. This is a bug in the fluentd filter_kubernetes_metadata plug-in. Ignore fluentd log messages from Kubeclient::Common::WatchNotice. (BZ#1476731)\n\n* Previously, the Copy Service Labels link in the Create Route form did not correctly copy the labels from the service to the new route. It has been fixed to copy the selected service\u0027s labels.\n(BZ#1477933)\n\n* Permissions on directories injected as a build input via the image source input mechanism have user-only access permissions. Therefore, the resulting application image cannot access the content when run as a random user ID. With this bug fix, the directories will be injected with group permissions, which will allow the user access to the container. (BZ#1479130)\n\n* Kibana nodejs runtime was not the same as the version distributed by Elastic. With this bug fix, the versioning is updated. (BZ#1479928)\n\n* Previously, the ScaleIO volume plug-in was missing in OpenShift Container Platform. With this bug fix, it is now fully enabled. (BZ#1482273)\n\n* Namespaces that use reserved names and were not created by infrastructure components should be blocked, as they will cause the upgrade to fail. (BZ#1484958)\n\nThis update includes the following enhancement:\n\n* There is now the ability to set reference policy with `oc import-image`. Set reference policy using the `--reference-policy` flag when invoking `oc import-image`. When importing all tags (using the `--all` flag), all tags will get passed to reference policy, including overwriting the already present one. (BZ#1420976)\n\nAll OpenShift Container Platform 3.6 users are advised to upgrade to these updated packages and images.",
        "title": "Details"
      },
      {
        "category": "legal_disclaimer",
        "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
        "title": "Terms of Use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://access.redhat.com/security/team/contact/",
      "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
      "name": "Red Hat Product Security",
      "namespace": "https://www.redhat.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "https://access.redhat.com/errata/RHBA-2017:2642",
        "url": "https://access.redhat.com/errata/RHBA-2017:2642"
      },
      {
        "category": "external",
        "summary": "1420976",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1420976"
      },
      {
        "category": "external",
        "summary": "1423640",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1423640"
      },
      {
        "category": "external",
        "summary": "1473736",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1473736"
      },
      {
        "category": "external",
        "summary": "1476731",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1476731"
      },
      {
        "category": "external",
        "summary": "1477223",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1477223"
      },
      {
        "category": "external",
        "summary": "1477933",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1477933"
      },
      {
        "category": "external",
        "summary": "1479130",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1479130"
      },
      {
        "category": "external",
        "summary": "1479928",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1479928"
      },
      {
        "category": "external",
        "summary": "1481251",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1481251"
      },
      {
        "category": "external",
        "summary": "1482273",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1482273"
      },
      {
        "category": "external",
        "summary": "1484958",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1484958"
      },
      {
        "category": "self",
        "summary": "Canonical URL",
        "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2017/rhba-2017_2642.json"
      }
    ],
    "title": "Red Hat Bug Fix Advisory: OpenShift Container Platform 3.6.1 bug fix and enhancement update",
    "tracking": {
      "current_release_date": "2024-11-22T11:21:43+00:00",
      "generator": {
        "date": "2024-11-22T11:21:43+00:00",
        "engine": {
          "name": "Red Hat SDEngine",
          "version": "4.2.1"
        }
      },
      "id": "RHBA-2017:2642",
      "initial_release_date": "2017-09-08T03:14:52+00:00",
      "revision_history": [
        {
          "date": "2017-09-08T03:14:52+00:00",
          "number": "1",
          "summary": "Initial version"
        },
        {
          "date": "2017-09-08T03:14:52+00:00",
          "number": "2",
          "summary": "Last updated version"
        },
        {
          "date": "2024-11-22T11:21:43+00:00",
          "number": "3",
          "summary": "Last generated version"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Red Hat OpenShift Container Platform 3.6",
                "product": {
                  "name": "Red Hat OpenShift Container Platform 3.6",
                  "product_id": "7Server-RH7-RHOSE-3.6",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:openshift:3.6::el7"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "Red Hat OpenShift Enterprise"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "atomic-openshift-federation-services-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
                "product": {
                  "name": "atomic-openshift-federation-services-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
                  "product_id": "atomic-openshift-federation-services-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/atomic-openshift-federation-services@3.6.173.0.21-1.git.0.f95b0e7.el7?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "atomic-openshift-master-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
                "product": {
                  "name": "atomic-openshift-master-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
                  "product_id": "atomic-openshift-master-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/atomic-openshift-master@3.6.173.0.21-1.git.0.f95b0e7.el7?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tuned-profiles-atomic-openshift-node-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
                "product": {
                  "name": "tuned-profiles-atomic-openshift-node-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
                  "product_id": "tuned-profiles-atomic-openshift-node-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tuned-profiles-atomic-openshift-node@3.6.173.0.21-1.git.0.f95b0e7.el7?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "atomic-openshift-dockerregistry-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
                "product": {
                  "name": "atomic-openshift-dockerregistry-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
                  "product_id": "atomic-openshift-dockerregistry-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/atomic-openshift-dockerregistry@3.6.173.0.21-1.git.0.f95b0e7.el7?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "atomic-openshift-service-catalog-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
                "product": {
                  "name": "atomic-openshift-service-catalog-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
                  "product_id": "atomic-openshift-service-catalog-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/atomic-openshift-service-catalog@3.6.173.0.21-1.git.0.f95b0e7.el7?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "atomic-openshift-pod-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
                "product": {
                  "name": "atomic-openshift-pod-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
                  "product_id": "atomic-openshift-pod-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/atomic-openshift-pod@3.6.173.0.21-1.git.0.f95b0e7.el7?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "atomic-openshift-node-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
                "product": {
                  "name": "atomic-openshift-node-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
                  "product_id": "atomic-openshift-node-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/atomic-openshift-node@3.6.173.0.21-1.git.0.f95b0e7.el7?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "atomic-openshift-sdn-ovs-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
                "product": {
                  "name": "atomic-openshift-sdn-ovs-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
                  "product_id": "atomic-openshift-sdn-ovs-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/atomic-openshift-sdn-ovs@3.6.173.0.21-1.git.0.f95b0e7.el7?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "atomic-openshift-clients-redistributable-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
                "product": {
                  "name": "atomic-openshift-clients-redistributable-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
                  "product_id": "atomic-openshift-clients-redistributable-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/atomic-openshift-clients-redistributable@3.6.173.0.21-1.git.0.f95b0e7.el7?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "atomic-openshift-tests-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
                "product": {
                  "name": "atomic-openshift-tests-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
                  "product_id": "atomic-openshift-tests-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/atomic-openshift-tests@3.6.173.0.21-1.git.0.f95b0e7.el7?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "atomic-openshift-cluster-capacity-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
                "product": {
                  "name": "atomic-openshift-cluster-capacity-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
                  "product_id": "atomic-openshift-cluster-capacity-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/atomic-openshift-cluster-capacity@3.6.173.0.21-1.git.0.f95b0e7.el7?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "atomic-openshift-clients-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
                "product": {
                  "name": "atomic-openshift-clients-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
                  "product_id": "atomic-openshift-clients-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/atomic-openshift-clients@3.6.173.0.21-1.git.0.f95b0e7.el7?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "atomic-openshift-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
                "product": {
                  "name": "atomic-openshift-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
                  "product_id": "atomic-openshift-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/atomic-openshift@3.6.173.0.21-1.git.0.f95b0e7.el7?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "kibana-0:4.6.4-3.el7.x86_64",
                "product": {
                  "name": "kibana-0:4.6.4-3.el7.x86_64",
                  "product_id": "kibana-0:4.6.4-3.el7.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kibana@4.6.4-3.el7?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "kibana-debuginfo-0:4.6.4-3.el7.x86_64",
                "product": {
                  "name": "kibana-debuginfo-0:4.6.4-3.el7.x86_64",
                  "product_id": "kibana-debuginfo-0:4.6.4-3.el7.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kibana-debuginfo@4.6.4-3.el7?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "rubygem-cool.io-0:1.5.1-1.el7.x86_64",
                "product": {
                  "name": "rubygem-cool.io-0:1.5.1-1.el7.x86_64",
                  "product_id": "rubygem-cool.io-0:1.5.1-1.el7.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/rubygem-cool.io@1.5.1-1.el7?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "rubygem-cool.io-debuginfo-0:1.5.1-1.el7.x86_64",
                "product": {
                  "name": "rubygem-cool.io-debuginfo-0:1.5.1-1.el7.x86_64",
                  "product_id": "rubygem-cool.io-debuginfo-0:1.5.1-1.el7.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/rubygem-cool.io-debuginfo@1.5.1-1.el7?arch=x86_64"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "x86_64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "atomic-openshift-excluder-0:3.6.173.0.21-1.git.0.f95b0e7.el7.noarch",
                "product": {
                  "name": "atomic-openshift-excluder-0:3.6.173.0.21-1.git.0.f95b0e7.el7.noarch",
                  "product_id": "atomic-openshift-excluder-0:3.6.173.0.21-1.git.0.f95b0e7.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/atomic-openshift-excluder@3.6.173.0.21-1.git.0.f95b0e7.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "atomic-openshift-docker-excluder-0:3.6.173.0.21-1.git.0.f95b0e7.el7.noarch",
                "product": {
                  "name": "atomic-openshift-docker-excluder-0:3.6.173.0.21-1.git.0.f95b0e7.el7.noarch",
                  "product_id": "atomic-openshift-docker-excluder-0:3.6.173.0.21-1.git.0.f95b0e7.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/atomic-openshift-docker-excluder@3.6.173.0.21-1.git.0.f95b0e7.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "fluentd-0:0.12.39-2.el7.noarch",
                "product": {
                  "name": "fluentd-0:0.12.39-2.el7.noarch",
                  "product_id": "fluentd-0:0.12.39-2.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/fluentd@0.12.39-2.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "fluentd-doc-0:0.12.39-2.el7.noarch",
                "product": {
                  "name": "fluentd-doc-0:0.12.39-2.el7.noarch",
                  "product_id": "fluentd-doc-0:0.12.39-2.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/fluentd-doc@0.12.39-2.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jenkins-2-plugins-0:3.7.1502412812-1.el7.noarch",
                "product": {
                  "name": "jenkins-2-plugins-0:3.7.1502412812-1.el7.noarch",
                  "product_id": "jenkins-2-plugins-0:3.7.1502412812-1.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jenkins-2-plugins@3.7.1502412812-1.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "rubygem-cool.io-doc-0:1.5.1-1.el7.noarch",
                "product": {
                  "name": "rubygem-cool.io-doc-0:1.5.1-1.el7.noarch",
                  "product_id": "rubygem-cool.io-doc-0:1.5.1-1.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/rubygem-cool.io-doc@1.5.1-1.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "rubygem-excon-0:0.58.0-1.el7.noarch",
                "product": {
                  "name": "rubygem-excon-0:0.58.0-1.el7.noarch",
                  "product_id": "rubygem-excon-0:0.58.0-1.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/rubygem-excon@0.58.0-1.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "rubygem-excon-doc-0:0.58.0-1.el7.noarch",
                "product": {
                  "name": "rubygem-excon-doc-0:0.58.0-1.el7.noarch",
                  "product_id": "rubygem-excon-doc-0:0.58.0-1.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/rubygem-excon-doc@0.58.0-1.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "rubygem-faraday-doc-0:0.13.0-1.el7.noarch",
                "product": {
                  "name": "rubygem-faraday-doc-0:0.13.0-1.el7.noarch",
                  "product_id": "rubygem-faraday-doc-0:0.13.0-1.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/rubygem-faraday-doc@0.13.0-1.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "rubygem-faraday-0:0.13.0-1.el7.noarch",
                "product": {
                  "name": "rubygem-faraday-0:0.13.0-1.el7.noarch",
                  "product_id": "rubygem-faraday-0:0.13.0-1.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/rubygem-faraday@0.13.0-1.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "rubygem-fluent-plugin-kubernetes_metadata_filter-0:0.29.0-1.el7.noarch",
                "product": {
                  "name": "rubygem-fluent-plugin-kubernetes_metadata_filter-0:0.29.0-1.el7.noarch",
                  "product_id": "rubygem-fluent-plugin-kubernetes_metadata_filter-0:0.29.0-1.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/rubygem-fluent-plugin-kubernetes_metadata_filter@0.29.0-1.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "rubygem-fluent-plugin-kubernetes_metadata_filter-doc-0:0.29.0-1.el7.noarch",
                "product": {
                  "name": "rubygem-fluent-plugin-kubernetes_metadata_filter-doc-0:0.29.0-1.el7.noarch",
                  "product_id": "rubygem-fluent-plugin-kubernetes_metadata_filter-doc-0:0.29.0-1.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/rubygem-fluent-plugin-kubernetes_metadata_filter-doc@0.29.0-1.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "rubygem-fluent-plugin-viaq_data_model-0:0.0.5-1.el7.noarch",
                "product": {
                  "name": "rubygem-fluent-plugin-viaq_data_model-0:0.0.5-1.el7.noarch",
                  "product_id": "rubygem-fluent-plugin-viaq_data_model-0:0.0.5-1.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/rubygem-fluent-plugin-viaq_data_model@0.0.5-1.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "rubygem-fluent-plugin-viaq_data_model-doc-0:0.0.5-1.el7.noarch",
                "product": {
                  "name": "rubygem-fluent-plugin-viaq_data_model-doc-0:0.0.5-1.el7.noarch",
                  "product_id": "rubygem-fluent-plugin-viaq_data_model-doc-0:0.0.5-1.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/rubygem-fluent-plugin-viaq_data_model-doc@0.0.5-1.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "rubygem-i18n-doc-0:0.8.6-1.el7.noarch",
                "product": {
                  "name": "rubygem-i18n-doc-0:0.8.6-1.el7.noarch",
                  "product_id": "rubygem-i18n-doc-0:0.8.6-1.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/rubygem-i18n-doc@0.8.6-1.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "rubygem-i18n-0:0.8.6-1.el7.noarch",
                "product": {
                  "name": "rubygem-i18n-0:0.8.6-1.el7.noarch",
                  "product_id": "rubygem-i18n-0:0.8.6-1.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/rubygem-i18n@0.8.6-1.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "rubygem-systemd-journal-doc-0:1.3.0-1.el7.noarch",
                "product": {
                  "name": "rubygem-systemd-journal-doc-0:1.3.0-1.el7.noarch",
                  "product_id": "rubygem-systemd-journal-doc-0:1.3.0-1.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/rubygem-systemd-journal-doc@1.3.0-1.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "rubygem-systemd-journal-0:1.3.0-1.el7.noarch",
                "product": {
                  "name": "rubygem-systemd-journal-0:1.3.0-1.el7.noarch",
                  "product_id": "rubygem-systemd-journal-0:1.3.0-1.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/rubygem-systemd-journal@1.3.0-1.el7?arch=noarch"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "noarch"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "atomic-openshift-0:3.6.173.0.21-1.git.0.f95b0e7.el7.src",
                "product": {
                  "name": "atomic-openshift-0:3.6.173.0.21-1.git.0.f95b0e7.el7.src",
                  "product_id": "atomic-openshift-0:3.6.173.0.21-1.git.0.f95b0e7.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/atomic-openshift@3.6.173.0.21-1.git.0.f95b0e7.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "fluentd-0:0.12.39-2.el7.src",
                "product": {
                  "name": "fluentd-0:0.12.39-2.el7.src",
                  "product_id": "fluentd-0:0.12.39-2.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/fluentd@0.12.39-2.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jenkins-2-plugins-0:3.7.1502412812-1.el7.src",
                "product": {
                  "name": "jenkins-2-plugins-0:3.7.1502412812-1.el7.src",
                  "product_id": "jenkins-2-plugins-0:3.7.1502412812-1.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jenkins-2-plugins@3.7.1502412812-1.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "kibana-0:4.6.4-3.el7.src",
                "product": {
                  "name": "kibana-0:4.6.4-3.el7.src",
                  "product_id": "kibana-0:4.6.4-3.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kibana@4.6.4-3.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "rubygem-cool.io-0:1.5.1-1.el7.src",
                "product": {
                  "name": "rubygem-cool.io-0:1.5.1-1.el7.src",
                  "product_id": "rubygem-cool.io-0:1.5.1-1.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/rubygem-cool.io@1.5.1-1.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "rubygem-excon-0:0.58.0-1.el7.src",
                "product": {
                  "name": "rubygem-excon-0:0.58.0-1.el7.src",
                  "product_id": "rubygem-excon-0:0.58.0-1.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/rubygem-excon@0.58.0-1.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "rubygem-faraday-0:0.13.0-1.el7.src",
                "product": {
                  "name": "rubygem-faraday-0:0.13.0-1.el7.src",
                  "product_id": "rubygem-faraday-0:0.13.0-1.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/rubygem-faraday@0.13.0-1.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "rubygem-fluent-plugin-kubernetes_metadata_filter-0:0.29.0-1.el7.src",
                "product": {
                  "name": "rubygem-fluent-plugin-kubernetes_metadata_filter-0:0.29.0-1.el7.src",
                  "product_id": "rubygem-fluent-plugin-kubernetes_metadata_filter-0:0.29.0-1.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/rubygem-fluent-plugin-kubernetes_metadata_filter@0.29.0-1.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "rubygem-fluent-plugin-viaq_data_model-0:0.0.5-1.el7.src",
                "product": {
                  "name": "rubygem-fluent-plugin-viaq_data_model-0:0.0.5-1.el7.src",
                  "product_id": "rubygem-fluent-plugin-viaq_data_model-0:0.0.5-1.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/rubygem-fluent-plugin-viaq_data_model@0.0.5-1.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "rubygem-i18n-0:0.8.6-1.el7.src",
                "product": {
                  "name": "rubygem-i18n-0:0.8.6-1.el7.src",
                  "product_id": "rubygem-i18n-0:0.8.6-1.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/rubygem-i18n@0.8.6-1.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "rubygem-systemd-journal-0:1.3.0-1.el7.src",
                "product": {
                  "name": "rubygem-systemd-journal-0:1.3.0-1.el7.src",
                  "product_id": "rubygem-systemd-journal-0:1.3.0-1.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/rubygem-systemd-journal@1.3.0-1.el7?arch=src"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "src"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "atomic-openshift-0:3.6.173.0.21-1.git.0.f95b0e7.el7.src as a component of Red Hat OpenShift Container Platform 3.6",
          "product_id": "7Server-RH7-RHOSE-3.6:atomic-openshift-0:3.6.173.0.21-1.git.0.f95b0e7.el7.src"
        },
        "product_reference": "atomic-openshift-0:3.6.173.0.21-1.git.0.f95b0e7.el7.src",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "atomic-openshift-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.6",
          "product_id": "7Server-RH7-RHOSE-3.6:atomic-openshift-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64"
        },
        "product_reference": "atomic-openshift-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "atomic-openshift-clients-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.6",
          "product_id": "7Server-RH7-RHOSE-3.6:atomic-openshift-clients-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64"
        },
        "product_reference": "atomic-openshift-clients-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "atomic-openshift-clients-redistributable-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.6",
          "product_id": "7Server-RH7-RHOSE-3.6:atomic-openshift-clients-redistributable-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64"
        },
        "product_reference": "atomic-openshift-clients-redistributable-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "atomic-openshift-cluster-capacity-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.6",
          "product_id": "7Server-RH7-RHOSE-3.6:atomic-openshift-cluster-capacity-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64"
        },
        "product_reference": "atomic-openshift-cluster-capacity-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "atomic-openshift-docker-excluder-0:3.6.173.0.21-1.git.0.f95b0e7.el7.noarch as a component of Red Hat OpenShift Container Platform 3.6",
          "product_id": "7Server-RH7-RHOSE-3.6:atomic-openshift-docker-excluder-0:3.6.173.0.21-1.git.0.f95b0e7.el7.noarch"
        },
        "product_reference": "atomic-openshift-docker-excluder-0:3.6.173.0.21-1.git.0.f95b0e7.el7.noarch",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "atomic-openshift-dockerregistry-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.6",
          "product_id": "7Server-RH7-RHOSE-3.6:atomic-openshift-dockerregistry-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64"
        },
        "product_reference": "atomic-openshift-dockerregistry-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "atomic-openshift-excluder-0:3.6.173.0.21-1.git.0.f95b0e7.el7.noarch as a component of Red Hat OpenShift Container Platform 3.6",
          "product_id": "7Server-RH7-RHOSE-3.6:atomic-openshift-excluder-0:3.6.173.0.21-1.git.0.f95b0e7.el7.noarch"
        },
        "product_reference": "atomic-openshift-excluder-0:3.6.173.0.21-1.git.0.f95b0e7.el7.noarch",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "atomic-openshift-federation-services-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.6",
          "product_id": "7Server-RH7-RHOSE-3.6:atomic-openshift-federation-services-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64"
        },
        "product_reference": "atomic-openshift-federation-services-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "atomic-openshift-master-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.6",
          "product_id": "7Server-RH7-RHOSE-3.6:atomic-openshift-master-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64"
        },
        "product_reference": "atomic-openshift-master-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "atomic-openshift-node-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.6",
          "product_id": "7Server-RH7-RHOSE-3.6:atomic-openshift-node-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64"
        },
        "product_reference": "atomic-openshift-node-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "atomic-openshift-pod-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.6",
          "product_id": "7Server-RH7-RHOSE-3.6:atomic-openshift-pod-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64"
        },
        "product_reference": "atomic-openshift-pod-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "atomic-openshift-sdn-ovs-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.6",
          "product_id": "7Server-RH7-RHOSE-3.6:atomic-openshift-sdn-ovs-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64"
        },
        "product_reference": "atomic-openshift-sdn-ovs-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "atomic-openshift-service-catalog-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.6",
          "product_id": "7Server-RH7-RHOSE-3.6:atomic-openshift-service-catalog-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64"
        },
        "product_reference": "atomic-openshift-service-catalog-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "atomic-openshift-tests-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.6",
          "product_id": "7Server-RH7-RHOSE-3.6:atomic-openshift-tests-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64"
        },
        "product_reference": "atomic-openshift-tests-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "fluentd-0:0.12.39-2.el7.noarch as a component of Red Hat OpenShift Container Platform 3.6",
          "product_id": "7Server-RH7-RHOSE-3.6:fluentd-0:0.12.39-2.el7.noarch"
        },
        "product_reference": "fluentd-0:0.12.39-2.el7.noarch",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "fluentd-0:0.12.39-2.el7.src as a component of Red Hat OpenShift Container Platform 3.6",
          "product_id": "7Server-RH7-RHOSE-3.6:fluentd-0:0.12.39-2.el7.src"
        },
        "product_reference": "fluentd-0:0.12.39-2.el7.src",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "fluentd-doc-0:0.12.39-2.el7.noarch as a component of Red Hat OpenShift Container Platform 3.6",
          "product_id": "7Server-RH7-RHOSE-3.6:fluentd-doc-0:0.12.39-2.el7.noarch"
        },
        "product_reference": "fluentd-doc-0:0.12.39-2.el7.noarch",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jenkins-2-plugins-0:3.7.1502412812-1.el7.noarch as a component of Red Hat OpenShift Container Platform 3.6",
          "product_id": "7Server-RH7-RHOSE-3.6:jenkins-2-plugins-0:3.7.1502412812-1.el7.noarch"
        },
        "product_reference": "jenkins-2-plugins-0:3.7.1502412812-1.el7.noarch",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jenkins-2-plugins-0:3.7.1502412812-1.el7.src as a component of Red Hat OpenShift Container Platform 3.6",
          "product_id": "7Server-RH7-RHOSE-3.6:jenkins-2-plugins-0:3.7.1502412812-1.el7.src"
        },
        "product_reference": "jenkins-2-plugins-0:3.7.1502412812-1.el7.src",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kibana-0:4.6.4-3.el7.src as a component of Red Hat OpenShift Container Platform 3.6",
          "product_id": "7Server-RH7-RHOSE-3.6:kibana-0:4.6.4-3.el7.src"
        },
        "product_reference": "kibana-0:4.6.4-3.el7.src",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kibana-0:4.6.4-3.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.6",
          "product_id": "7Server-RH7-RHOSE-3.6:kibana-0:4.6.4-3.el7.x86_64"
        },
        "product_reference": "kibana-0:4.6.4-3.el7.x86_64",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kibana-debuginfo-0:4.6.4-3.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.6",
          "product_id": "7Server-RH7-RHOSE-3.6:kibana-debuginfo-0:4.6.4-3.el7.x86_64"
        },
        "product_reference": "kibana-debuginfo-0:4.6.4-3.el7.x86_64",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rubygem-cool.io-0:1.5.1-1.el7.src as a component of Red Hat OpenShift Container Platform 3.6",
          "product_id": "7Server-RH7-RHOSE-3.6:rubygem-cool.io-0:1.5.1-1.el7.src"
        },
        "product_reference": "rubygem-cool.io-0:1.5.1-1.el7.src",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rubygem-cool.io-0:1.5.1-1.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.6",
          "product_id": "7Server-RH7-RHOSE-3.6:rubygem-cool.io-0:1.5.1-1.el7.x86_64"
        },
        "product_reference": "rubygem-cool.io-0:1.5.1-1.el7.x86_64",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rubygem-cool.io-debuginfo-0:1.5.1-1.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.6",
          "product_id": "7Server-RH7-RHOSE-3.6:rubygem-cool.io-debuginfo-0:1.5.1-1.el7.x86_64"
        },
        "product_reference": "rubygem-cool.io-debuginfo-0:1.5.1-1.el7.x86_64",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rubygem-cool.io-doc-0:1.5.1-1.el7.noarch as a component of Red Hat OpenShift Container Platform 3.6",
          "product_id": "7Server-RH7-RHOSE-3.6:rubygem-cool.io-doc-0:1.5.1-1.el7.noarch"
        },
        "product_reference": "rubygem-cool.io-doc-0:1.5.1-1.el7.noarch",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rubygem-excon-0:0.58.0-1.el7.noarch as a component of Red Hat OpenShift Container Platform 3.6",
          "product_id": "7Server-RH7-RHOSE-3.6:rubygem-excon-0:0.58.0-1.el7.noarch"
        },
        "product_reference": "rubygem-excon-0:0.58.0-1.el7.noarch",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rubygem-excon-0:0.58.0-1.el7.src as a component of Red Hat OpenShift Container Platform 3.6",
          "product_id": "7Server-RH7-RHOSE-3.6:rubygem-excon-0:0.58.0-1.el7.src"
        },
        "product_reference": "rubygem-excon-0:0.58.0-1.el7.src",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rubygem-excon-doc-0:0.58.0-1.el7.noarch as a component of Red Hat OpenShift Container Platform 3.6",
          "product_id": "7Server-RH7-RHOSE-3.6:rubygem-excon-doc-0:0.58.0-1.el7.noarch"
        },
        "product_reference": "rubygem-excon-doc-0:0.58.0-1.el7.noarch",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rubygem-faraday-0:0.13.0-1.el7.noarch as a component of Red Hat OpenShift Container Platform 3.6",
          "product_id": "7Server-RH7-RHOSE-3.6:rubygem-faraday-0:0.13.0-1.el7.noarch"
        },
        "product_reference": "rubygem-faraday-0:0.13.0-1.el7.noarch",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rubygem-faraday-0:0.13.0-1.el7.src as a component of Red Hat OpenShift Container Platform 3.6",
          "product_id": "7Server-RH7-RHOSE-3.6:rubygem-faraday-0:0.13.0-1.el7.src"
        },
        "product_reference": "rubygem-faraday-0:0.13.0-1.el7.src",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rubygem-faraday-doc-0:0.13.0-1.el7.noarch as a component of Red Hat OpenShift Container Platform 3.6",
          "product_id": "7Server-RH7-RHOSE-3.6:rubygem-faraday-doc-0:0.13.0-1.el7.noarch"
        },
        "product_reference": "rubygem-faraday-doc-0:0.13.0-1.el7.noarch",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rubygem-fluent-plugin-kubernetes_metadata_filter-0:0.29.0-1.el7.noarch as a component of Red Hat OpenShift Container Platform 3.6",
          "product_id": "7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-kubernetes_metadata_filter-0:0.29.0-1.el7.noarch"
        },
        "product_reference": "rubygem-fluent-plugin-kubernetes_metadata_filter-0:0.29.0-1.el7.noarch",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rubygem-fluent-plugin-kubernetes_metadata_filter-0:0.29.0-1.el7.src as a component of Red Hat OpenShift Container Platform 3.6",
          "product_id": "7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-kubernetes_metadata_filter-0:0.29.0-1.el7.src"
        },
        "product_reference": "rubygem-fluent-plugin-kubernetes_metadata_filter-0:0.29.0-1.el7.src",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rubygem-fluent-plugin-kubernetes_metadata_filter-doc-0:0.29.0-1.el7.noarch as a component of Red Hat OpenShift Container Platform 3.6",
          "product_id": "7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-kubernetes_metadata_filter-doc-0:0.29.0-1.el7.noarch"
        },
        "product_reference": "rubygem-fluent-plugin-kubernetes_metadata_filter-doc-0:0.29.0-1.el7.noarch",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rubygem-fluent-plugin-viaq_data_model-0:0.0.5-1.el7.noarch as a component of Red Hat OpenShift Container Platform 3.6",
          "product_id": "7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-viaq_data_model-0:0.0.5-1.el7.noarch"
        },
        "product_reference": "rubygem-fluent-plugin-viaq_data_model-0:0.0.5-1.el7.noarch",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rubygem-fluent-plugin-viaq_data_model-0:0.0.5-1.el7.src as a component of Red Hat OpenShift Container Platform 3.6",
          "product_id": "7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-viaq_data_model-0:0.0.5-1.el7.src"
        },
        "product_reference": "rubygem-fluent-plugin-viaq_data_model-0:0.0.5-1.el7.src",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rubygem-fluent-plugin-viaq_data_model-doc-0:0.0.5-1.el7.noarch as a component of Red Hat OpenShift Container Platform 3.6",
          "product_id": "7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-viaq_data_model-doc-0:0.0.5-1.el7.noarch"
        },
        "product_reference": "rubygem-fluent-plugin-viaq_data_model-doc-0:0.0.5-1.el7.noarch",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rubygem-i18n-0:0.8.6-1.el7.noarch as a component of Red Hat OpenShift Container Platform 3.6",
          "product_id": "7Server-RH7-RHOSE-3.6:rubygem-i18n-0:0.8.6-1.el7.noarch"
        },
        "product_reference": "rubygem-i18n-0:0.8.6-1.el7.noarch",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rubygem-i18n-0:0.8.6-1.el7.src as a component of Red Hat OpenShift Container Platform 3.6",
          "product_id": "7Server-RH7-RHOSE-3.6:rubygem-i18n-0:0.8.6-1.el7.src"
        },
        "product_reference": "rubygem-i18n-0:0.8.6-1.el7.src",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rubygem-i18n-doc-0:0.8.6-1.el7.noarch as a component of Red Hat OpenShift Container Platform 3.6",
          "product_id": "7Server-RH7-RHOSE-3.6:rubygem-i18n-doc-0:0.8.6-1.el7.noarch"
        },
        "product_reference": "rubygem-i18n-doc-0:0.8.6-1.el7.noarch",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rubygem-systemd-journal-0:1.3.0-1.el7.noarch as a component of Red Hat OpenShift Container Platform 3.6",
          "product_id": "7Server-RH7-RHOSE-3.6:rubygem-systemd-journal-0:1.3.0-1.el7.noarch"
        },
        "product_reference": "rubygem-systemd-journal-0:1.3.0-1.el7.noarch",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rubygem-systemd-journal-0:1.3.0-1.el7.src as a component of Red Hat OpenShift Container Platform 3.6",
          "product_id": "7Server-RH7-RHOSE-3.6:rubygem-systemd-journal-0:1.3.0-1.el7.src"
        },
        "product_reference": "rubygem-systemd-journal-0:1.3.0-1.el7.src",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rubygem-systemd-journal-doc-0:1.3.0-1.el7.noarch as a component of Red Hat OpenShift Container Platform 3.6",
          "product_id": "7Server-RH7-RHOSE-3.6:rubygem-systemd-journal-doc-0:1.3.0-1.el7.noarch"
        },
        "product_reference": "rubygem-systemd-journal-doc-0:1.3.0-1.el7.noarch",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tuned-profiles-atomic-openshift-node-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.6",
          "product_id": "7Server-RH7-RHOSE-3.6:tuned-profiles-atomic-openshift-node-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64"
        },
        "product_reference": "tuned-profiles-atomic-openshift-node-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.6"
      }
    ]
  },
  "vulnerabilities": [
    {
      "acknowledgments": [
        {
          "names": [
            "the Jenkins project"
          ]
        },
        {
          "names": [
            "Jesse Glick"
          ],
          "organization": "CloudBees",
          "summary": "Acknowledged by upstream."
        }
      ],
      "cve": "CVE-2017-1000085",
      "cwe": {
        "id": "CWE-352",
        "name": "Cross-Site Request Forgery (CSRF)"
      },
      "discovery_date": "2017-07-07T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1471046"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "Subversion Plugin improperly checked permissions, requiring just Item/Build instead of Item/Configure when used. This allows a user to specify an attacker-controlled Subversion server which can then be used to collect credentials used by the Subversion plugin.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "jenkins-plugin-subversion: CSRF vulnerability and insufficient permission checks allow capturing credentials (SECURITY-303)",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This issue affects the versions of jenkins-plugin-subversion as shipped with Red Hat OpenShift Enterprise 3. Red Hat Product Security has rated this issue as having Low security impact. A future update may address this issue. For additional information, refer to the Issue Severity Classification: https://access.redhat.com/security/updates/classification/.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "7Server-RH7-RHOSE-3.6:atomic-openshift-0:3.6.173.0.21-1.git.0.f95b0e7.el7.src",
          "7Server-RH7-RHOSE-3.6:atomic-openshift-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
          "7Server-RH7-RHOSE-3.6:atomic-openshift-clients-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
          "7Server-RH7-RHOSE-3.6:atomic-openshift-clients-redistributable-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
          "7Server-RH7-RHOSE-3.6:atomic-openshift-cluster-capacity-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
          "7Server-RH7-RHOSE-3.6:atomic-openshift-docker-excluder-0:3.6.173.0.21-1.git.0.f95b0e7.el7.noarch",
          "7Server-RH7-RHOSE-3.6:atomic-openshift-dockerregistry-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
          "7Server-RH7-RHOSE-3.6:atomic-openshift-excluder-0:3.6.173.0.21-1.git.0.f95b0e7.el7.noarch",
          "7Server-RH7-RHOSE-3.6:atomic-openshift-federation-services-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
          "7Server-RH7-RHOSE-3.6:atomic-openshift-master-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
          "7Server-RH7-RHOSE-3.6:atomic-openshift-node-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
          "7Server-RH7-RHOSE-3.6:atomic-openshift-pod-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
          "7Server-RH7-RHOSE-3.6:atomic-openshift-sdn-ovs-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
          "7Server-RH7-RHOSE-3.6:atomic-openshift-service-catalog-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
          "7Server-RH7-RHOSE-3.6:atomic-openshift-tests-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
          "7Server-RH7-RHOSE-3.6:fluentd-0:0.12.39-2.el7.noarch",
          "7Server-RH7-RHOSE-3.6:fluentd-0:0.12.39-2.el7.src",
          "7Server-RH7-RHOSE-3.6:fluentd-doc-0:0.12.39-2.el7.noarch",
          "7Server-RH7-RHOSE-3.6:jenkins-2-plugins-0:3.7.1502412812-1.el7.noarch",
          "7Server-RH7-RHOSE-3.6:jenkins-2-plugins-0:3.7.1502412812-1.el7.src",
          "7Server-RH7-RHOSE-3.6:kibana-0:4.6.4-3.el7.src",
          "7Server-RH7-RHOSE-3.6:kibana-0:4.6.4-3.el7.x86_64",
          "7Server-RH7-RHOSE-3.6:kibana-debuginfo-0:4.6.4-3.el7.x86_64",
          "7Server-RH7-RHOSE-3.6:rubygem-cool.io-0:1.5.1-1.el7.src",
          "7Server-RH7-RHOSE-3.6:rubygem-cool.io-0:1.5.1-1.el7.x86_64",
          "7Server-RH7-RHOSE-3.6:rubygem-cool.io-debuginfo-0:1.5.1-1.el7.x86_64",
          "7Server-RH7-RHOSE-3.6:rubygem-cool.io-doc-0:1.5.1-1.el7.noarch",
          "7Server-RH7-RHOSE-3.6:rubygem-excon-0:0.58.0-1.el7.noarch",
          "7Server-RH7-RHOSE-3.6:rubygem-excon-0:0.58.0-1.el7.src",
          "7Server-RH7-RHOSE-3.6:rubygem-excon-doc-0:0.58.0-1.el7.noarch",
          "7Server-RH7-RHOSE-3.6:rubygem-faraday-0:0.13.0-1.el7.noarch",
          "7Server-RH7-RHOSE-3.6:rubygem-faraday-0:0.13.0-1.el7.src",
          "7Server-RH7-RHOSE-3.6:rubygem-faraday-doc-0:0.13.0-1.el7.noarch",
          "7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-kubernetes_metadata_filter-0:0.29.0-1.el7.noarch",
          "7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-kubernetes_metadata_filter-0:0.29.0-1.el7.src",
          "7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-kubernetes_metadata_filter-doc-0:0.29.0-1.el7.noarch",
          "7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-viaq_data_model-0:0.0.5-1.el7.noarch",
          "7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-viaq_data_model-0:0.0.5-1.el7.src",
          "7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-viaq_data_model-doc-0:0.0.5-1.el7.noarch",
          "7Server-RH7-RHOSE-3.6:rubygem-i18n-0:0.8.6-1.el7.noarch",
          "7Server-RH7-RHOSE-3.6:rubygem-i18n-0:0.8.6-1.el7.src",
          "7Server-RH7-RHOSE-3.6:rubygem-i18n-doc-0:0.8.6-1.el7.noarch",
          "7Server-RH7-RHOSE-3.6:rubygem-systemd-journal-0:1.3.0-1.el7.noarch",
          "7Server-RH7-RHOSE-3.6:rubygem-systemd-journal-0:1.3.0-1.el7.src",
          "7Server-RH7-RHOSE-3.6:rubygem-systemd-journal-doc-0:1.3.0-1.el7.noarch",
          "7Server-RH7-RHOSE-3.6:tuned-profiles-atomic-openshift-node-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2017-1000085"
        },
        {
          "category": "external",
          "summary": "RHBZ#1471046",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1471046"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2017-1000085",
          "url": "https://www.cve.org/CVERecord?id=CVE-2017-1000085"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-1000085",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-1000085"
        },
        {
          "category": "external",
          "summary": "https://jenkins.io/security/advisory/2017-07-10/",
          "url": "https://jenkins.io/security/advisory/2017-07-10/"
        }
      ],
      "release_date": "2017-07-10T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2017-09-08T03:14:52+00:00",
          "details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor OpenShift Container Platform 3.5, see the following documentation, which will be updated shortly for release 3.5.5.31, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/3.5/release_notes/ocp_3_5_release_notes.html\n\nFor OpenShift Container Platform 3.4, see the following documentation, which will be updated shortly for release 3.4.1.44, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/3.4/release_notes/ocp_3_4_release_notes.html\n\nThis update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/articles/11258.",
          "product_ids": [
            "7Server-RH7-RHOSE-3.6:atomic-openshift-0:3.6.173.0.21-1.git.0.f95b0e7.el7.src",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-clients-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-clients-redistributable-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-cluster-capacity-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-docker-excluder-0:3.6.173.0.21-1.git.0.f95b0e7.el7.noarch",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-dockerregistry-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-excluder-0:3.6.173.0.21-1.git.0.f95b0e7.el7.noarch",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-federation-services-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-master-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-node-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-pod-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-sdn-ovs-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-service-catalog-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-tests-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:fluentd-0:0.12.39-2.el7.noarch",
            "7Server-RH7-RHOSE-3.6:fluentd-0:0.12.39-2.el7.src",
            "7Server-RH7-RHOSE-3.6:fluentd-doc-0:0.12.39-2.el7.noarch",
            "7Server-RH7-RHOSE-3.6:jenkins-2-plugins-0:3.7.1502412812-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:jenkins-2-plugins-0:3.7.1502412812-1.el7.src",
            "7Server-RH7-RHOSE-3.6:kibana-0:4.6.4-3.el7.src",
            "7Server-RH7-RHOSE-3.6:kibana-0:4.6.4-3.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:kibana-debuginfo-0:4.6.4-3.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:rubygem-cool.io-0:1.5.1-1.el7.src",
            "7Server-RH7-RHOSE-3.6:rubygem-cool.io-0:1.5.1-1.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:rubygem-cool.io-debuginfo-0:1.5.1-1.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:rubygem-cool.io-doc-0:1.5.1-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:rubygem-excon-0:0.58.0-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:rubygem-excon-0:0.58.0-1.el7.src",
            "7Server-RH7-RHOSE-3.6:rubygem-excon-doc-0:0.58.0-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:rubygem-faraday-0:0.13.0-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:rubygem-faraday-0:0.13.0-1.el7.src",
            "7Server-RH7-RHOSE-3.6:rubygem-faraday-doc-0:0.13.0-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-kubernetes_metadata_filter-0:0.29.0-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-kubernetes_metadata_filter-0:0.29.0-1.el7.src",
            "7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-kubernetes_metadata_filter-doc-0:0.29.0-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-viaq_data_model-0:0.0.5-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-viaq_data_model-0:0.0.5-1.el7.src",
            "7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-viaq_data_model-doc-0:0.0.5-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:rubygem-i18n-0:0.8.6-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:rubygem-i18n-0:0.8.6-1.el7.src",
            "7Server-RH7-RHOSE-3.6:rubygem-i18n-doc-0:0.8.6-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:rubygem-systemd-journal-0:1.3.0-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:rubygem-systemd-journal-0:1.3.0-1.el7.src",
            "7Server-RH7-RHOSE-3.6:rubygem-systemd-journal-doc-0:1.3.0-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:tuned-profiles-atomic-openshift-node-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHBA-2017:2642"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 3.1,
            "baseSeverity": "LOW",
            "confidentialityImpact": "LOW",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N",
            "version": "3.0"
          },
          "products": [
            "7Server-RH7-RHOSE-3.6:atomic-openshift-0:3.6.173.0.21-1.git.0.f95b0e7.el7.src",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-clients-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-clients-redistributable-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-cluster-capacity-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-docker-excluder-0:3.6.173.0.21-1.git.0.f95b0e7.el7.noarch",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-dockerregistry-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-excluder-0:3.6.173.0.21-1.git.0.f95b0e7.el7.noarch",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-federation-services-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-master-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-node-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-pod-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-sdn-ovs-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-service-catalog-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-tests-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:fluentd-0:0.12.39-2.el7.noarch",
            "7Server-RH7-RHOSE-3.6:fluentd-0:0.12.39-2.el7.src",
            "7Server-RH7-RHOSE-3.6:fluentd-doc-0:0.12.39-2.el7.noarch",
            "7Server-RH7-RHOSE-3.6:jenkins-2-plugins-0:3.7.1502412812-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:jenkins-2-plugins-0:3.7.1502412812-1.el7.src",
            "7Server-RH7-RHOSE-3.6:kibana-0:4.6.4-3.el7.src",
            "7Server-RH7-RHOSE-3.6:kibana-0:4.6.4-3.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:kibana-debuginfo-0:4.6.4-3.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:rubygem-cool.io-0:1.5.1-1.el7.src",
            "7Server-RH7-RHOSE-3.6:rubygem-cool.io-0:1.5.1-1.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:rubygem-cool.io-debuginfo-0:1.5.1-1.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:rubygem-cool.io-doc-0:1.5.1-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:rubygem-excon-0:0.58.0-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:rubygem-excon-0:0.58.0-1.el7.src",
            "7Server-RH7-RHOSE-3.6:rubygem-excon-doc-0:0.58.0-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:rubygem-faraday-0:0.13.0-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:rubygem-faraday-0:0.13.0-1.el7.src",
            "7Server-RH7-RHOSE-3.6:rubygem-faraday-doc-0:0.13.0-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-kubernetes_metadata_filter-0:0.29.0-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-kubernetes_metadata_filter-0:0.29.0-1.el7.src",
            "7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-kubernetes_metadata_filter-doc-0:0.29.0-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-viaq_data_model-0:0.0.5-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-viaq_data_model-0:0.0.5-1.el7.src",
            "7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-viaq_data_model-doc-0:0.0.5-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:rubygem-i18n-0:0.8.6-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:rubygem-i18n-0:0.8.6-1.el7.src",
            "7Server-RH7-RHOSE-3.6:rubygem-i18n-doc-0:0.8.6-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:rubygem-systemd-journal-0:1.3.0-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:rubygem-systemd-journal-0:1.3.0-1.el7.src",
            "7Server-RH7-RHOSE-3.6:rubygem-systemd-journal-doc-0:1.3.0-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:tuned-profiles-atomic-openshift-node-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Low"
        }
      ],
      "title": "jenkins-plugin-subversion: CSRF vulnerability and insufficient permission checks allow capturing credentials (SECURITY-303)"
    },
    {
      "acknowledgments": [
        {
          "names": [
            "the Jenkins project"
          ]
        }
      ],
      "cve": "CVE-2017-1000089",
      "cwe": {
        "id": "CWE-287",
        "name": "Improper Authentication"
      },
      "discovery_date": "2017-07-07T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1471050"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "The jenkins-plugin-pipeline-build-step fails to check permissions correctly allowing attackers with access to it to specify the triggering of any other project in Jenkins. This potentially gives an attacker access to projects they should not have access to.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "jenkins-plugin-pipeline-build-step: Missing check of Item/Build permission (SECURITY-433)",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This issue affects the versions of jenkins-plugin-pipeline-build-step as shipped with Red Hat OpenShift Enterprise 3. Red Hat Product Security has rated this issue as having Low security impact. A future update may address this issue. For additional information, refer to the Issue Severity Classification: https://access.redhat.com/security/updates/classification/.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "7Server-RH7-RHOSE-3.6:atomic-openshift-0:3.6.173.0.21-1.git.0.f95b0e7.el7.src",
          "7Server-RH7-RHOSE-3.6:atomic-openshift-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
          "7Server-RH7-RHOSE-3.6:atomic-openshift-clients-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
          "7Server-RH7-RHOSE-3.6:atomic-openshift-clients-redistributable-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
          "7Server-RH7-RHOSE-3.6:atomic-openshift-cluster-capacity-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
          "7Server-RH7-RHOSE-3.6:atomic-openshift-docker-excluder-0:3.6.173.0.21-1.git.0.f95b0e7.el7.noarch",
          "7Server-RH7-RHOSE-3.6:atomic-openshift-dockerregistry-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
          "7Server-RH7-RHOSE-3.6:atomic-openshift-excluder-0:3.6.173.0.21-1.git.0.f95b0e7.el7.noarch",
          "7Server-RH7-RHOSE-3.6:atomic-openshift-federation-services-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
          "7Server-RH7-RHOSE-3.6:atomic-openshift-master-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
          "7Server-RH7-RHOSE-3.6:atomic-openshift-node-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
          "7Server-RH7-RHOSE-3.6:atomic-openshift-pod-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
          "7Server-RH7-RHOSE-3.6:atomic-openshift-sdn-ovs-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
          "7Server-RH7-RHOSE-3.6:atomic-openshift-service-catalog-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
          "7Server-RH7-RHOSE-3.6:atomic-openshift-tests-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
          "7Server-RH7-RHOSE-3.6:fluentd-0:0.12.39-2.el7.noarch",
          "7Server-RH7-RHOSE-3.6:fluentd-0:0.12.39-2.el7.src",
          "7Server-RH7-RHOSE-3.6:fluentd-doc-0:0.12.39-2.el7.noarch",
          "7Server-RH7-RHOSE-3.6:jenkins-2-plugins-0:3.7.1502412812-1.el7.noarch",
          "7Server-RH7-RHOSE-3.6:jenkins-2-plugins-0:3.7.1502412812-1.el7.src",
          "7Server-RH7-RHOSE-3.6:kibana-0:4.6.4-3.el7.src",
          "7Server-RH7-RHOSE-3.6:kibana-0:4.6.4-3.el7.x86_64",
          "7Server-RH7-RHOSE-3.6:kibana-debuginfo-0:4.6.4-3.el7.x86_64",
          "7Server-RH7-RHOSE-3.6:rubygem-cool.io-0:1.5.1-1.el7.src",
          "7Server-RH7-RHOSE-3.6:rubygem-cool.io-0:1.5.1-1.el7.x86_64",
          "7Server-RH7-RHOSE-3.6:rubygem-cool.io-debuginfo-0:1.5.1-1.el7.x86_64",
          "7Server-RH7-RHOSE-3.6:rubygem-cool.io-doc-0:1.5.1-1.el7.noarch",
          "7Server-RH7-RHOSE-3.6:rubygem-excon-0:0.58.0-1.el7.noarch",
          "7Server-RH7-RHOSE-3.6:rubygem-excon-0:0.58.0-1.el7.src",
          "7Server-RH7-RHOSE-3.6:rubygem-excon-doc-0:0.58.0-1.el7.noarch",
          "7Server-RH7-RHOSE-3.6:rubygem-faraday-0:0.13.0-1.el7.noarch",
          "7Server-RH7-RHOSE-3.6:rubygem-faraday-0:0.13.0-1.el7.src",
          "7Server-RH7-RHOSE-3.6:rubygem-faraday-doc-0:0.13.0-1.el7.noarch",
          "7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-kubernetes_metadata_filter-0:0.29.0-1.el7.noarch",
          "7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-kubernetes_metadata_filter-0:0.29.0-1.el7.src",
          "7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-kubernetes_metadata_filter-doc-0:0.29.0-1.el7.noarch",
          "7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-viaq_data_model-0:0.0.5-1.el7.noarch",
          "7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-viaq_data_model-0:0.0.5-1.el7.src",
          "7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-viaq_data_model-doc-0:0.0.5-1.el7.noarch",
          "7Server-RH7-RHOSE-3.6:rubygem-i18n-0:0.8.6-1.el7.noarch",
          "7Server-RH7-RHOSE-3.6:rubygem-i18n-0:0.8.6-1.el7.src",
          "7Server-RH7-RHOSE-3.6:rubygem-i18n-doc-0:0.8.6-1.el7.noarch",
          "7Server-RH7-RHOSE-3.6:rubygem-systemd-journal-0:1.3.0-1.el7.noarch",
          "7Server-RH7-RHOSE-3.6:rubygem-systemd-journal-0:1.3.0-1.el7.src",
          "7Server-RH7-RHOSE-3.6:rubygem-systemd-journal-doc-0:1.3.0-1.el7.noarch",
          "7Server-RH7-RHOSE-3.6:tuned-profiles-atomic-openshift-node-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2017-1000089"
        },
        {
          "category": "external",
          "summary": "RHBZ#1471050",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1471050"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2017-1000089",
          "url": "https://www.cve.org/CVERecord?id=CVE-2017-1000089"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-1000089",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-1000089"
        },
        {
          "category": "external",
          "summary": "https://jenkins.io/security/advisory/2017-07-10/",
          "url": "https://jenkins.io/security/advisory/2017-07-10/"
        }
      ],
      "release_date": "2017-07-10T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2017-09-08T03:14:52+00:00",
          "details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor OpenShift Container Platform 3.5, see the following documentation, which will be updated shortly for release 3.5.5.31, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/3.5/release_notes/ocp_3_5_release_notes.html\n\nFor OpenShift Container Platform 3.4, see the following documentation, which will be updated shortly for release 3.4.1.44, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/3.4/release_notes/ocp_3_4_release_notes.html\n\nThis update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/articles/11258.",
          "product_ids": [
            "7Server-RH7-RHOSE-3.6:atomic-openshift-0:3.6.173.0.21-1.git.0.f95b0e7.el7.src",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-clients-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-clients-redistributable-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-cluster-capacity-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-docker-excluder-0:3.6.173.0.21-1.git.0.f95b0e7.el7.noarch",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-dockerregistry-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-excluder-0:3.6.173.0.21-1.git.0.f95b0e7.el7.noarch",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-federation-services-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-master-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-node-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-pod-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-sdn-ovs-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-service-catalog-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-tests-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:fluentd-0:0.12.39-2.el7.noarch",
            "7Server-RH7-RHOSE-3.6:fluentd-0:0.12.39-2.el7.src",
            "7Server-RH7-RHOSE-3.6:fluentd-doc-0:0.12.39-2.el7.noarch",
            "7Server-RH7-RHOSE-3.6:jenkins-2-plugins-0:3.7.1502412812-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:jenkins-2-plugins-0:3.7.1502412812-1.el7.src",
            "7Server-RH7-RHOSE-3.6:kibana-0:4.6.4-3.el7.src",
            "7Server-RH7-RHOSE-3.6:kibana-0:4.6.4-3.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:kibana-debuginfo-0:4.6.4-3.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:rubygem-cool.io-0:1.5.1-1.el7.src",
            "7Server-RH7-RHOSE-3.6:rubygem-cool.io-0:1.5.1-1.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:rubygem-cool.io-debuginfo-0:1.5.1-1.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:rubygem-cool.io-doc-0:1.5.1-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:rubygem-excon-0:0.58.0-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:rubygem-excon-0:0.58.0-1.el7.src",
            "7Server-RH7-RHOSE-3.6:rubygem-excon-doc-0:0.58.0-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:rubygem-faraday-0:0.13.0-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:rubygem-faraday-0:0.13.0-1.el7.src",
            "7Server-RH7-RHOSE-3.6:rubygem-faraday-doc-0:0.13.0-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-kubernetes_metadata_filter-0:0.29.0-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-kubernetes_metadata_filter-0:0.29.0-1.el7.src",
            "7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-kubernetes_metadata_filter-doc-0:0.29.0-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-viaq_data_model-0:0.0.5-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-viaq_data_model-0:0.0.5-1.el7.src",
            "7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-viaq_data_model-doc-0:0.0.5-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:rubygem-i18n-0:0.8.6-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:rubygem-i18n-0:0.8.6-1.el7.src",
            "7Server-RH7-RHOSE-3.6:rubygem-i18n-doc-0:0.8.6-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:rubygem-systemd-journal-0:1.3.0-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:rubygem-systemd-journal-0:1.3.0-1.el7.src",
            "7Server-RH7-RHOSE-3.6:rubygem-systemd-journal-doc-0:1.3.0-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:tuned-profiles-atomic-openshift-node-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHBA-2017:2642"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 3.7,
            "baseSeverity": "LOW",
            "confidentialityImpact": "NONE",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N",
            "version": "3.0"
          },
          "products": [
            "7Server-RH7-RHOSE-3.6:atomic-openshift-0:3.6.173.0.21-1.git.0.f95b0e7.el7.src",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-clients-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-clients-redistributable-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-cluster-capacity-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-docker-excluder-0:3.6.173.0.21-1.git.0.f95b0e7.el7.noarch",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-dockerregistry-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-excluder-0:3.6.173.0.21-1.git.0.f95b0e7.el7.noarch",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-federation-services-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-master-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-node-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-pod-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-sdn-ovs-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-service-catalog-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-tests-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:fluentd-0:0.12.39-2.el7.noarch",
            "7Server-RH7-RHOSE-3.6:fluentd-0:0.12.39-2.el7.src",
            "7Server-RH7-RHOSE-3.6:fluentd-doc-0:0.12.39-2.el7.noarch",
            "7Server-RH7-RHOSE-3.6:jenkins-2-plugins-0:3.7.1502412812-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:jenkins-2-plugins-0:3.7.1502412812-1.el7.src",
            "7Server-RH7-RHOSE-3.6:kibana-0:4.6.4-3.el7.src",
            "7Server-RH7-RHOSE-3.6:kibana-0:4.6.4-3.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:kibana-debuginfo-0:4.6.4-3.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:rubygem-cool.io-0:1.5.1-1.el7.src",
            "7Server-RH7-RHOSE-3.6:rubygem-cool.io-0:1.5.1-1.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:rubygem-cool.io-debuginfo-0:1.5.1-1.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:rubygem-cool.io-doc-0:1.5.1-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:rubygem-excon-0:0.58.0-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:rubygem-excon-0:0.58.0-1.el7.src",
            "7Server-RH7-RHOSE-3.6:rubygem-excon-doc-0:0.58.0-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:rubygem-faraday-0:0.13.0-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:rubygem-faraday-0:0.13.0-1.el7.src",
            "7Server-RH7-RHOSE-3.6:rubygem-faraday-doc-0:0.13.0-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-kubernetes_metadata_filter-0:0.29.0-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-kubernetes_metadata_filter-0:0.29.0-1.el7.src",
            "7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-kubernetes_metadata_filter-doc-0:0.29.0-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-viaq_data_model-0:0.0.5-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-viaq_data_model-0:0.0.5-1.el7.src",
            "7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-viaq_data_model-doc-0:0.0.5-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:rubygem-i18n-0:0.8.6-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:rubygem-i18n-0:0.8.6-1.el7.src",
            "7Server-RH7-RHOSE-3.6:rubygem-i18n-doc-0:0.8.6-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:rubygem-systemd-journal-0:1.3.0-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:rubygem-systemd-journal-0:1.3.0-1.el7.src",
            "7Server-RH7-RHOSE-3.6:rubygem-systemd-journal-doc-0:1.3.0-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:tuned-profiles-atomic-openshift-node-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Low"
        }
      ],
      "title": "jenkins-plugin-pipeline-build-step: Missing check of Item/Build permission (SECURITY-433)"
    },
    {
      "acknowledgments": [
        {
          "names": [
            "the Jenkins project"
          ]
        },
        {
          "names": [
            "Jesse Glick"
          ],
          "organization": "CloudBees",
          "summary": "Acknowledged by upstream."
        }
      ],
      "cve": "CVE-2017-1000092",
      "cwe": {
        "id": "CWE-352",
        "name": "Cross-Site Request Forgery (CSRF)"
      },
      "discovery_date": "2017-07-07T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1471053"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "The Git Plugin can leak credentials (username and password) used to access a git repo if an attacker-supplied URL is provided to the plugin. To supply the URL to the plugin, the attacker would need to guess a username/password ID and then trick a developer into following a specific URL.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "jenkins-plugin-git: CSRF vulnerability allows capturing credentials (SECURITY-528)",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This issue affects the versions of jenkins-plugin-git as shipped with Red Hat OpenShift Enterprise 3. Red Hat Product Security has rated this issue as having Low security impact. A future update may address this issue. For additional information, refer to the Issue Severity Classification: https://access.redhat.com/security/updates/classification/.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "7Server-RH7-RHOSE-3.6:atomic-openshift-0:3.6.173.0.21-1.git.0.f95b0e7.el7.src",
          "7Server-RH7-RHOSE-3.6:atomic-openshift-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
          "7Server-RH7-RHOSE-3.6:atomic-openshift-clients-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
          "7Server-RH7-RHOSE-3.6:atomic-openshift-clients-redistributable-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
          "7Server-RH7-RHOSE-3.6:atomic-openshift-cluster-capacity-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
          "7Server-RH7-RHOSE-3.6:atomic-openshift-docker-excluder-0:3.6.173.0.21-1.git.0.f95b0e7.el7.noarch",
          "7Server-RH7-RHOSE-3.6:atomic-openshift-dockerregistry-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
          "7Server-RH7-RHOSE-3.6:atomic-openshift-excluder-0:3.6.173.0.21-1.git.0.f95b0e7.el7.noarch",
          "7Server-RH7-RHOSE-3.6:atomic-openshift-federation-services-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
          "7Server-RH7-RHOSE-3.6:atomic-openshift-master-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
          "7Server-RH7-RHOSE-3.6:atomic-openshift-node-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
          "7Server-RH7-RHOSE-3.6:atomic-openshift-pod-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
          "7Server-RH7-RHOSE-3.6:atomic-openshift-sdn-ovs-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
          "7Server-RH7-RHOSE-3.6:atomic-openshift-service-catalog-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
          "7Server-RH7-RHOSE-3.6:atomic-openshift-tests-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
          "7Server-RH7-RHOSE-3.6:fluentd-0:0.12.39-2.el7.noarch",
          "7Server-RH7-RHOSE-3.6:fluentd-0:0.12.39-2.el7.src",
          "7Server-RH7-RHOSE-3.6:fluentd-doc-0:0.12.39-2.el7.noarch",
          "7Server-RH7-RHOSE-3.6:jenkins-2-plugins-0:3.7.1502412812-1.el7.noarch",
          "7Server-RH7-RHOSE-3.6:jenkins-2-plugins-0:3.7.1502412812-1.el7.src",
          "7Server-RH7-RHOSE-3.6:kibana-0:4.6.4-3.el7.src",
          "7Server-RH7-RHOSE-3.6:kibana-0:4.6.4-3.el7.x86_64",
          "7Server-RH7-RHOSE-3.6:kibana-debuginfo-0:4.6.4-3.el7.x86_64",
          "7Server-RH7-RHOSE-3.6:rubygem-cool.io-0:1.5.1-1.el7.src",
          "7Server-RH7-RHOSE-3.6:rubygem-cool.io-0:1.5.1-1.el7.x86_64",
          "7Server-RH7-RHOSE-3.6:rubygem-cool.io-debuginfo-0:1.5.1-1.el7.x86_64",
          "7Server-RH7-RHOSE-3.6:rubygem-cool.io-doc-0:1.5.1-1.el7.noarch",
          "7Server-RH7-RHOSE-3.6:rubygem-excon-0:0.58.0-1.el7.noarch",
          "7Server-RH7-RHOSE-3.6:rubygem-excon-0:0.58.0-1.el7.src",
          "7Server-RH7-RHOSE-3.6:rubygem-excon-doc-0:0.58.0-1.el7.noarch",
          "7Server-RH7-RHOSE-3.6:rubygem-faraday-0:0.13.0-1.el7.noarch",
          "7Server-RH7-RHOSE-3.6:rubygem-faraday-0:0.13.0-1.el7.src",
          "7Server-RH7-RHOSE-3.6:rubygem-faraday-doc-0:0.13.0-1.el7.noarch",
          "7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-kubernetes_metadata_filter-0:0.29.0-1.el7.noarch",
          "7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-kubernetes_metadata_filter-0:0.29.0-1.el7.src",
          "7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-kubernetes_metadata_filter-doc-0:0.29.0-1.el7.noarch",
          "7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-viaq_data_model-0:0.0.5-1.el7.noarch",
          "7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-viaq_data_model-0:0.0.5-1.el7.src",
          "7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-viaq_data_model-doc-0:0.0.5-1.el7.noarch",
          "7Server-RH7-RHOSE-3.6:rubygem-i18n-0:0.8.6-1.el7.noarch",
          "7Server-RH7-RHOSE-3.6:rubygem-i18n-0:0.8.6-1.el7.src",
          "7Server-RH7-RHOSE-3.6:rubygem-i18n-doc-0:0.8.6-1.el7.noarch",
          "7Server-RH7-RHOSE-3.6:rubygem-systemd-journal-0:1.3.0-1.el7.noarch",
          "7Server-RH7-RHOSE-3.6:rubygem-systemd-journal-0:1.3.0-1.el7.src",
          "7Server-RH7-RHOSE-3.6:rubygem-systemd-journal-doc-0:1.3.0-1.el7.noarch",
          "7Server-RH7-RHOSE-3.6:tuned-profiles-atomic-openshift-node-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2017-1000092"
        },
        {
          "category": "external",
          "summary": "RHBZ#1471053",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1471053"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2017-1000092",
          "url": "https://www.cve.org/CVERecord?id=CVE-2017-1000092"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-1000092",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-1000092"
        },
        {
          "category": "external",
          "summary": "https://jenkins.io/security/advisory/2017-07-10/",
          "url": "https://jenkins.io/security/advisory/2017-07-10/"
        }
      ],
      "release_date": "2017-07-10T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2017-09-08T03:14:52+00:00",
          "details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor OpenShift Container Platform 3.5, see the following documentation, which will be updated shortly for release 3.5.5.31, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/3.5/release_notes/ocp_3_5_release_notes.html\n\nFor OpenShift Container Platform 3.4, see the following documentation, which will be updated shortly for release 3.4.1.44, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/3.4/release_notes/ocp_3_4_release_notes.html\n\nThis update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/articles/11258.",
          "product_ids": [
            "7Server-RH7-RHOSE-3.6:atomic-openshift-0:3.6.173.0.21-1.git.0.f95b0e7.el7.src",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-clients-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-clients-redistributable-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-cluster-capacity-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-docker-excluder-0:3.6.173.0.21-1.git.0.f95b0e7.el7.noarch",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-dockerregistry-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-excluder-0:3.6.173.0.21-1.git.0.f95b0e7.el7.noarch",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-federation-services-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-master-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-node-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-pod-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-sdn-ovs-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-service-catalog-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-tests-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:fluentd-0:0.12.39-2.el7.noarch",
            "7Server-RH7-RHOSE-3.6:fluentd-0:0.12.39-2.el7.src",
            "7Server-RH7-RHOSE-3.6:fluentd-doc-0:0.12.39-2.el7.noarch",
            "7Server-RH7-RHOSE-3.6:jenkins-2-plugins-0:3.7.1502412812-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:jenkins-2-plugins-0:3.7.1502412812-1.el7.src",
            "7Server-RH7-RHOSE-3.6:kibana-0:4.6.4-3.el7.src",
            "7Server-RH7-RHOSE-3.6:kibana-0:4.6.4-3.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:kibana-debuginfo-0:4.6.4-3.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:rubygem-cool.io-0:1.5.1-1.el7.src",
            "7Server-RH7-RHOSE-3.6:rubygem-cool.io-0:1.5.1-1.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:rubygem-cool.io-debuginfo-0:1.5.1-1.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:rubygem-cool.io-doc-0:1.5.1-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:rubygem-excon-0:0.58.0-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:rubygem-excon-0:0.58.0-1.el7.src",
            "7Server-RH7-RHOSE-3.6:rubygem-excon-doc-0:0.58.0-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:rubygem-faraday-0:0.13.0-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:rubygem-faraday-0:0.13.0-1.el7.src",
            "7Server-RH7-RHOSE-3.6:rubygem-faraday-doc-0:0.13.0-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-kubernetes_metadata_filter-0:0.29.0-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-kubernetes_metadata_filter-0:0.29.0-1.el7.src",
            "7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-kubernetes_metadata_filter-doc-0:0.29.0-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-viaq_data_model-0:0.0.5-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-viaq_data_model-0:0.0.5-1.el7.src",
            "7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-viaq_data_model-doc-0:0.0.5-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:rubygem-i18n-0:0.8.6-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:rubygem-i18n-0:0.8.6-1.el7.src",
            "7Server-RH7-RHOSE-3.6:rubygem-i18n-doc-0:0.8.6-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:rubygem-systemd-journal-0:1.3.0-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:rubygem-systemd-journal-0:1.3.0-1.el7.src",
            "7Server-RH7-RHOSE-3.6:rubygem-systemd-journal-doc-0:1.3.0-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:tuned-profiles-atomic-openshift-node-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHBA-2017:2642"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 3.1,
            "baseSeverity": "LOW",
            "confidentialityImpact": "LOW",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N",
            "version": "3.0"
          },
          "products": [
            "7Server-RH7-RHOSE-3.6:atomic-openshift-0:3.6.173.0.21-1.git.0.f95b0e7.el7.src",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-clients-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-clients-redistributable-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-cluster-capacity-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-docker-excluder-0:3.6.173.0.21-1.git.0.f95b0e7.el7.noarch",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-dockerregistry-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-excluder-0:3.6.173.0.21-1.git.0.f95b0e7.el7.noarch",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-federation-services-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-master-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-node-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-pod-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-sdn-ovs-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-service-catalog-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-tests-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:fluentd-0:0.12.39-2.el7.noarch",
            "7Server-RH7-RHOSE-3.6:fluentd-0:0.12.39-2.el7.src",
            "7Server-RH7-RHOSE-3.6:fluentd-doc-0:0.12.39-2.el7.noarch",
            "7Server-RH7-RHOSE-3.6:jenkins-2-plugins-0:3.7.1502412812-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:jenkins-2-plugins-0:3.7.1502412812-1.el7.src",
            "7Server-RH7-RHOSE-3.6:kibana-0:4.6.4-3.el7.src",
            "7Server-RH7-RHOSE-3.6:kibana-0:4.6.4-3.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:kibana-debuginfo-0:4.6.4-3.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:rubygem-cool.io-0:1.5.1-1.el7.src",
            "7Server-RH7-RHOSE-3.6:rubygem-cool.io-0:1.5.1-1.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:rubygem-cool.io-debuginfo-0:1.5.1-1.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:rubygem-cool.io-doc-0:1.5.1-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:rubygem-excon-0:0.58.0-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:rubygem-excon-0:0.58.0-1.el7.src",
            "7Server-RH7-RHOSE-3.6:rubygem-excon-doc-0:0.58.0-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:rubygem-faraday-0:0.13.0-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:rubygem-faraday-0:0.13.0-1.el7.src",
            "7Server-RH7-RHOSE-3.6:rubygem-faraday-doc-0:0.13.0-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-kubernetes_metadata_filter-0:0.29.0-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-kubernetes_metadata_filter-0:0.29.0-1.el7.src",
            "7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-kubernetes_metadata_filter-doc-0:0.29.0-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-viaq_data_model-0:0.0.5-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-viaq_data_model-0:0.0.5-1.el7.src",
            "7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-viaq_data_model-doc-0:0.0.5-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:rubygem-i18n-0:0.8.6-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:rubygem-i18n-0:0.8.6-1.el7.src",
            "7Server-RH7-RHOSE-3.6:rubygem-i18n-doc-0:0.8.6-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:rubygem-systemd-journal-0:1.3.0-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:rubygem-systemd-journal-0:1.3.0-1.el7.src",
            "7Server-RH7-RHOSE-3.6:rubygem-systemd-journal-doc-0:1.3.0-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:tuned-profiles-atomic-openshift-node-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Low"
        }
      ],
      "title": "jenkins-plugin-git: CSRF vulnerability allows capturing credentials (SECURITY-528)"
    },
    {
      "acknowledgments": [
        {
          "names": [
            "the Jenkins project"
          ]
        },
        {
          "names": [
            "Green",
            "Simon St John"
          ],
          "summary": "Acknowledged by upstream."
        }
      ],
      "cve": "CVE-2017-1000096",
      "cwe": {
        "id": "CWE-184",
        "name": "Incomplete List of Disallowed Inputs"
      },
      "discovery_date": "2017-07-07T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1471064"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "The jenkins-plugin-script-security has incomplete sandbox protection which allows attackers to execute arbitrary code via constructors, instance variable initializers, and instance initializers in Pipeline scripts. Exploitation of this requires the attacker to have permission to configure Pipelines in Jenkins or be a trusted committers to repositories containing Jenkinsfiles and for that Jenkins instance to be hosting other projects as well that the attacker should not have access to.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "jenkins-plugin-workflow-cps: Arbitrary code execution due to incomplete sandbox protection (SECURITY-551)",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This issue affects the versions of jenkins-plugin-workflow-cps  as shipped with Red Hat OpenShift Enterprise 3. However, this flaw is of low impact under the supported scenarios in OpenShift Enterprise 3. A future update may address this issue.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "7Server-RH7-RHOSE-3.6:atomic-openshift-0:3.6.173.0.21-1.git.0.f95b0e7.el7.src",
          "7Server-RH7-RHOSE-3.6:atomic-openshift-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
          "7Server-RH7-RHOSE-3.6:atomic-openshift-clients-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
          "7Server-RH7-RHOSE-3.6:atomic-openshift-clients-redistributable-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
          "7Server-RH7-RHOSE-3.6:atomic-openshift-cluster-capacity-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
          "7Server-RH7-RHOSE-3.6:atomic-openshift-docker-excluder-0:3.6.173.0.21-1.git.0.f95b0e7.el7.noarch",
          "7Server-RH7-RHOSE-3.6:atomic-openshift-dockerregistry-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
          "7Server-RH7-RHOSE-3.6:atomic-openshift-excluder-0:3.6.173.0.21-1.git.0.f95b0e7.el7.noarch",
          "7Server-RH7-RHOSE-3.6:atomic-openshift-federation-services-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
          "7Server-RH7-RHOSE-3.6:atomic-openshift-master-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
          "7Server-RH7-RHOSE-3.6:atomic-openshift-node-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
          "7Server-RH7-RHOSE-3.6:atomic-openshift-pod-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
          "7Server-RH7-RHOSE-3.6:atomic-openshift-sdn-ovs-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
          "7Server-RH7-RHOSE-3.6:atomic-openshift-service-catalog-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
          "7Server-RH7-RHOSE-3.6:atomic-openshift-tests-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
          "7Server-RH7-RHOSE-3.6:fluentd-0:0.12.39-2.el7.noarch",
          "7Server-RH7-RHOSE-3.6:fluentd-0:0.12.39-2.el7.src",
          "7Server-RH7-RHOSE-3.6:fluentd-doc-0:0.12.39-2.el7.noarch",
          "7Server-RH7-RHOSE-3.6:jenkins-2-plugins-0:3.7.1502412812-1.el7.noarch",
          "7Server-RH7-RHOSE-3.6:jenkins-2-plugins-0:3.7.1502412812-1.el7.src",
          "7Server-RH7-RHOSE-3.6:kibana-0:4.6.4-3.el7.src",
          "7Server-RH7-RHOSE-3.6:kibana-0:4.6.4-3.el7.x86_64",
          "7Server-RH7-RHOSE-3.6:kibana-debuginfo-0:4.6.4-3.el7.x86_64",
          "7Server-RH7-RHOSE-3.6:rubygem-cool.io-0:1.5.1-1.el7.src",
          "7Server-RH7-RHOSE-3.6:rubygem-cool.io-0:1.5.1-1.el7.x86_64",
          "7Server-RH7-RHOSE-3.6:rubygem-cool.io-debuginfo-0:1.5.1-1.el7.x86_64",
          "7Server-RH7-RHOSE-3.6:rubygem-cool.io-doc-0:1.5.1-1.el7.noarch",
          "7Server-RH7-RHOSE-3.6:rubygem-excon-0:0.58.0-1.el7.noarch",
          "7Server-RH7-RHOSE-3.6:rubygem-excon-0:0.58.0-1.el7.src",
          "7Server-RH7-RHOSE-3.6:rubygem-excon-doc-0:0.58.0-1.el7.noarch",
          "7Server-RH7-RHOSE-3.6:rubygem-faraday-0:0.13.0-1.el7.noarch",
          "7Server-RH7-RHOSE-3.6:rubygem-faraday-0:0.13.0-1.el7.src",
          "7Server-RH7-RHOSE-3.6:rubygem-faraday-doc-0:0.13.0-1.el7.noarch",
          "7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-kubernetes_metadata_filter-0:0.29.0-1.el7.noarch",
          "7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-kubernetes_metadata_filter-0:0.29.0-1.el7.src",
          "7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-kubernetes_metadata_filter-doc-0:0.29.0-1.el7.noarch",
          "7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-viaq_data_model-0:0.0.5-1.el7.noarch",
          "7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-viaq_data_model-0:0.0.5-1.el7.src",
          "7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-viaq_data_model-doc-0:0.0.5-1.el7.noarch",
          "7Server-RH7-RHOSE-3.6:rubygem-i18n-0:0.8.6-1.el7.noarch",
          "7Server-RH7-RHOSE-3.6:rubygem-i18n-0:0.8.6-1.el7.src",
          "7Server-RH7-RHOSE-3.6:rubygem-i18n-doc-0:0.8.6-1.el7.noarch",
          "7Server-RH7-RHOSE-3.6:rubygem-systemd-journal-0:1.3.0-1.el7.noarch",
          "7Server-RH7-RHOSE-3.6:rubygem-systemd-journal-0:1.3.0-1.el7.src",
          "7Server-RH7-RHOSE-3.6:rubygem-systemd-journal-doc-0:1.3.0-1.el7.noarch",
          "7Server-RH7-RHOSE-3.6:tuned-profiles-atomic-openshift-node-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2017-1000096"
        },
        {
          "category": "external",
          "summary": "RHBZ#1471064",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1471064"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2017-1000096",
          "url": "https://www.cve.org/CVERecord?id=CVE-2017-1000096"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-1000096",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-1000096"
        },
        {
          "category": "external",
          "summary": "https://jenkins.io/security/advisory/2017-07-10/",
          "url": "https://jenkins.io/security/advisory/2017-07-10/"
        }
      ],
      "release_date": "2017-07-10T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2017-09-08T03:14:52+00:00",
          "details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor OpenShift Container Platform 3.5, see the following documentation, which will be updated shortly for release 3.5.5.31, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/3.5/release_notes/ocp_3_5_release_notes.html\n\nFor OpenShift Container Platform 3.4, see the following documentation, which will be updated shortly for release 3.4.1.44, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/3.4/release_notes/ocp_3_4_release_notes.html\n\nThis update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/articles/11258.",
          "product_ids": [
            "7Server-RH7-RHOSE-3.6:atomic-openshift-0:3.6.173.0.21-1.git.0.f95b0e7.el7.src",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-clients-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-clients-redistributable-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-cluster-capacity-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-docker-excluder-0:3.6.173.0.21-1.git.0.f95b0e7.el7.noarch",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-dockerregistry-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-excluder-0:3.6.173.0.21-1.git.0.f95b0e7.el7.noarch",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-federation-services-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-master-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-node-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-pod-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-sdn-ovs-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-service-catalog-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-tests-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:fluentd-0:0.12.39-2.el7.noarch",
            "7Server-RH7-RHOSE-3.6:fluentd-0:0.12.39-2.el7.src",
            "7Server-RH7-RHOSE-3.6:fluentd-doc-0:0.12.39-2.el7.noarch",
            "7Server-RH7-RHOSE-3.6:jenkins-2-plugins-0:3.7.1502412812-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:jenkins-2-plugins-0:3.7.1502412812-1.el7.src",
            "7Server-RH7-RHOSE-3.6:kibana-0:4.6.4-3.el7.src",
            "7Server-RH7-RHOSE-3.6:kibana-0:4.6.4-3.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:kibana-debuginfo-0:4.6.4-3.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:rubygem-cool.io-0:1.5.1-1.el7.src",
            "7Server-RH7-RHOSE-3.6:rubygem-cool.io-0:1.5.1-1.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:rubygem-cool.io-debuginfo-0:1.5.1-1.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:rubygem-cool.io-doc-0:1.5.1-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:rubygem-excon-0:0.58.0-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:rubygem-excon-0:0.58.0-1.el7.src",
            "7Server-RH7-RHOSE-3.6:rubygem-excon-doc-0:0.58.0-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:rubygem-faraday-0:0.13.0-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:rubygem-faraday-0:0.13.0-1.el7.src",
            "7Server-RH7-RHOSE-3.6:rubygem-faraday-doc-0:0.13.0-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-kubernetes_metadata_filter-0:0.29.0-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-kubernetes_metadata_filter-0:0.29.0-1.el7.src",
            "7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-kubernetes_metadata_filter-doc-0:0.29.0-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-viaq_data_model-0:0.0.5-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-viaq_data_model-0:0.0.5-1.el7.src",
            "7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-viaq_data_model-doc-0:0.0.5-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:rubygem-i18n-0:0.8.6-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:rubygem-i18n-0:0.8.6-1.el7.src",
            "7Server-RH7-RHOSE-3.6:rubygem-i18n-doc-0:0.8.6-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:rubygem-systemd-journal-0:1.3.0-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:rubygem-systemd-journal-0:1.3.0-1.el7.src",
            "7Server-RH7-RHOSE-3.6:rubygem-systemd-journal-doc-0:1.3.0-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:tuned-profiles-atomic-openshift-node-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHBA-2017:2642"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "7Server-RH7-RHOSE-3.6:atomic-openshift-0:3.6.173.0.21-1.git.0.f95b0e7.el7.src",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-clients-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-clients-redistributable-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-cluster-capacity-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-docker-excluder-0:3.6.173.0.21-1.git.0.f95b0e7.el7.noarch",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-dockerregistry-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-excluder-0:3.6.173.0.21-1.git.0.f95b0e7.el7.noarch",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-federation-services-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-master-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-node-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-pod-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-sdn-ovs-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-service-catalog-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-tests-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:fluentd-0:0.12.39-2.el7.noarch",
            "7Server-RH7-RHOSE-3.6:fluentd-0:0.12.39-2.el7.src",
            "7Server-RH7-RHOSE-3.6:fluentd-doc-0:0.12.39-2.el7.noarch",
            "7Server-RH7-RHOSE-3.6:jenkins-2-plugins-0:3.7.1502412812-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:jenkins-2-plugins-0:3.7.1502412812-1.el7.src",
            "7Server-RH7-RHOSE-3.6:kibana-0:4.6.4-3.el7.src",
            "7Server-RH7-RHOSE-3.6:kibana-0:4.6.4-3.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:kibana-debuginfo-0:4.6.4-3.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:rubygem-cool.io-0:1.5.1-1.el7.src",
            "7Server-RH7-RHOSE-3.6:rubygem-cool.io-0:1.5.1-1.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:rubygem-cool.io-debuginfo-0:1.5.1-1.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:rubygem-cool.io-doc-0:1.5.1-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:rubygem-excon-0:0.58.0-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:rubygem-excon-0:0.58.0-1.el7.src",
            "7Server-RH7-RHOSE-3.6:rubygem-excon-doc-0:0.58.0-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:rubygem-faraday-0:0.13.0-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:rubygem-faraday-0:0.13.0-1.el7.src",
            "7Server-RH7-RHOSE-3.6:rubygem-faraday-doc-0:0.13.0-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-kubernetes_metadata_filter-0:0.29.0-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-kubernetes_metadata_filter-0:0.29.0-1.el7.src",
            "7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-kubernetes_metadata_filter-doc-0:0.29.0-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-viaq_data_model-0:0.0.5-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-viaq_data_model-0:0.0.5-1.el7.src",
            "7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-viaq_data_model-doc-0:0.0.5-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:rubygem-i18n-0:0.8.6-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:rubygem-i18n-0:0.8.6-1.el7.src",
            "7Server-RH7-RHOSE-3.6:rubygem-i18n-doc-0:0.8.6-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:rubygem-systemd-journal-0:1.3.0-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:rubygem-systemd-journal-0:1.3.0-1.el7.src",
            "7Server-RH7-RHOSE-3.6:rubygem-systemd-journal-doc-0:1.3.0-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:tuned-profiles-atomic-openshift-node-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "jenkins-plugin-workflow-cps: Arbitrary code execution due to incomplete sandbox protection (SECURITY-551)"
    }
  ]
}

rhba-2017:2642

Vulnerability from csaf_redhat

Published

2017-09-08 03:14

Modified

2024-11-22 11:21

Summary

Red Hat Bug Fix Advisory: OpenShift Container Platform 3.6.1 bug fix and enhancement update

Notes

Topic

Red Hat OpenShift Container Platform releases 3.6.1 are now available with updates to packages and images that fix several bugs and add various enhancements.

Details

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://access.redhat.com/security/updates/classification/",
      "text": "Important"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "Red Hat OpenShift Container Platform releases 3.6.1 are now available with updates to packages and images that fix several bugs and add various enhancements.",
        "title": "Topic"
      },
      {
        "category": "general",
        "text": "Red Hat OpenShift Container Platform is the company\u0027s cloud computing Platform-as-a-Service (PaaS) solution designed for on-premise or private cloud deployments.\n\nThis advisory contains the RPM packages for Red Hat OpenShift Container Platform 3.6.1. See the following advisory for the container images for this release:\n\nhttps://access.redhat.com/errata/RHEA-2017:2644\n\nThis update fixes the following bugs:\n\n* When the atomic-openshift-node service got restarted, all processes in its control group are terminated, including the glusterfs-mounted points. Each glusterfs volume in OpenShift corresponds to one mounted point. If all mounting points are lost, so are all of the volumes. Set the control group mode to terminate only the main process and leave the remaining glusterfs mounting points untouched. When the atomic-openshift-node service is restarted, no glusterfs mounting point is terminated.\n(BZ#1423640)\n\n* A route can front up to four services that handle the requests. The load balancing strategy governs which endpoint gets each request. When round-robin is chosen, the portion of the requests that each\nservice handles is governed by the weight assigned to the service. Each endpoint in the service gets a fraction of the service\u0027s requests. (BZ#1473736)\n\n* When fluentd was reading from the journald and the output buffer queue wass full, the fluentd log was filled up with KubeClient messages. This is a bug in the fluentd filter_kubernetes_metadata plug-in. Ignore fluentd log messages from Kubeclient::Common::WatchNotice. (BZ#1476731)\n\n* Previously, the Copy Service Labels link in the Create Route form did not correctly copy the labels from the service to the new route. It has been fixed to copy the selected service\u0027s labels.\n(BZ#1477933)\n\n* Permissions on directories injected as a build input via the image source input mechanism have user-only access permissions. Therefore, the resulting application image cannot access the content when run as a random user ID. With this bug fix, the directories will be injected with group permissions, which will allow the user access to the container. (BZ#1479130)\n\n* Kibana nodejs runtime was not the same as the version distributed by Elastic. With this bug fix, the versioning is updated. (BZ#1479928)\n\n* Previously, the ScaleIO volume plug-in was missing in OpenShift Container Platform. With this bug fix, it is now fully enabled. (BZ#1482273)\n\n* Namespaces that use reserved names and were not created by infrastructure components should be blocked, as they will cause the upgrade to fail. (BZ#1484958)\n\nThis update includes the following enhancement:\n\n* There is now the ability to set reference policy with `oc import-image`. Set reference policy using the `--reference-policy` flag when invoking `oc import-image`. When importing all tags (using the `--all` flag), all tags will get passed to reference policy, including overwriting the already present one. (BZ#1420976)\n\nAll OpenShift Container Platform 3.6 users are advised to upgrade to these updated packages and images.",
        "title": "Details"
      },
      {
        "category": "legal_disclaimer",
        "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
        "title": "Terms of Use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://access.redhat.com/security/team/contact/",
      "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
      "name": "Red Hat Product Security",
      "namespace": "https://www.redhat.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "https://access.redhat.com/errata/RHBA-2017:2642",
        "url": "https://access.redhat.com/errata/RHBA-2017:2642"
      },
      {
        "category": "external",
        "summary": "1420976",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1420976"
      },
      {
        "category": "external",
        "summary": "1423640",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1423640"
      },
      {
        "category": "external",
        "summary": "1473736",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1473736"
      },
      {
        "category": "external",
        "summary": "1476731",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1476731"
      },
      {
        "category": "external",
        "summary": "1477223",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1477223"
      },
      {
        "category": "external",
        "summary": "1477933",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1477933"
      },
      {
        "category": "external",
        "summary": "1479130",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1479130"
      },
      {
        "category": "external",
        "summary": "1479928",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1479928"
      },
      {
        "category": "external",
        "summary": "1481251",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1481251"
      },
      {
        "category": "external",
        "summary": "1482273",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1482273"
      },
      {
        "category": "external",
        "summary": "1484958",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1484958"
      },
      {
        "category": "self",
        "summary": "Canonical URL",
        "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2017/rhba-2017_2642.json"
      }
    ],
    "title": "Red Hat Bug Fix Advisory: OpenShift Container Platform 3.6.1 bug fix and enhancement update",
    "tracking": {
      "current_release_date": "2024-11-22T11:21:43+00:00",
      "generator": {
        "date": "2024-11-22T11:21:43+00:00",
        "engine": {
          "name": "Red Hat SDEngine",
          "version": "4.2.1"
        }
      },
      "id": "RHBA-2017:2642",
      "initial_release_date": "2017-09-08T03:14:52+00:00",
      "revision_history": [
        {
          "date": "2017-09-08T03:14:52+00:00",
          "number": "1",
          "summary": "Initial version"
        },
        {
          "date": "2017-09-08T03:14:52+00:00",
          "number": "2",
          "summary": "Last updated version"
        },
        {
          "date": "2024-11-22T11:21:43+00:00",
          "number": "3",
          "summary": "Last generated version"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Red Hat OpenShift Container Platform 3.6",
                "product": {
                  "name": "Red Hat OpenShift Container Platform 3.6",
                  "product_id": "7Server-RH7-RHOSE-3.6",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:openshift:3.6::el7"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "Red Hat OpenShift Enterprise"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "atomic-openshift-federation-services-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
                "product": {
                  "name": "atomic-openshift-federation-services-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
                  "product_id": "atomic-openshift-federation-services-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/atomic-openshift-federation-services@3.6.173.0.21-1.git.0.f95b0e7.el7?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "atomic-openshift-master-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
                "product": {
                  "name": "atomic-openshift-master-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
                  "product_id": "atomic-openshift-master-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/atomic-openshift-master@3.6.173.0.21-1.git.0.f95b0e7.el7?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tuned-profiles-atomic-openshift-node-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
                "product": {
                  "name": "tuned-profiles-atomic-openshift-node-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
                  "product_id": "tuned-profiles-atomic-openshift-node-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tuned-profiles-atomic-openshift-node@3.6.173.0.21-1.git.0.f95b0e7.el7?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "atomic-openshift-dockerregistry-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
                "product": {
                  "name": "atomic-openshift-dockerregistry-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
                  "product_id": "atomic-openshift-dockerregistry-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/atomic-openshift-dockerregistry@3.6.173.0.21-1.git.0.f95b0e7.el7?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "atomic-openshift-service-catalog-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
                "product": {
                  "name": "atomic-openshift-service-catalog-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
                  "product_id": "atomic-openshift-service-catalog-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/atomic-openshift-service-catalog@3.6.173.0.21-1.git.0.f95b0e7.el7?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "atomic-openshift-pod-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
                "product": {
                  "name": "atomic-openshift-pod-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
                  "product_id": "atomic-openshift-pod-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/atomic-openshift-pod@3.6.173.0.21-1.git.0.f95b0e7.el7?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "atomic-openshift-node-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
                "product": {
                  "name": "atomic-openshift-node-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
                  "product_id": "atomic-openshift-node-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/atomic-openshift-node@3.6.173.0.21-1.git.0.f95b0e7.el7?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "atomic-openshift-sdn-ovs-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
                "product": {
                  "name": "atomic-openshift-sdn-ovs-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
                  "product_id": "atomic-openshift-sdn-ovs-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/atomic-openshift-sdn-ovs@3.6.173.0.21-1.git.0.f95b0e7.el7?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "atomic-openshift-clients-redistributable-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
                "product": {
                  "name": "atomic-openshift-clients-redistributable-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
                  "product_id": "atomic-openshift-clients-redistributable-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/atomic-openshift-clients-redistributable@3.6.173.0.21-1.git.0.f95b0e7.el7?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "atomic-openshift-tests-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
                "product": {
                  "name": "atomic-openshift-tests-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
                  "product_id": "atomic-openshift-tests-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/atomic-openshift-tests@3.6.173.0.21-1.git.0.f95b0e7.el7?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "atomic-openshift-cluster-capacity-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
                "product": {
                  "name": "atomic-openshift-cluster-capacity-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
                  "product_id": "atomic-openshift-cluster-capacity-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/atomic-openshift-cluster-capacity@3.6.173.0.21-1.git.0.f95b0e7.el7?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "atomic-openshift-clients-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
                "product": {
                  "name": "atomic-openshift-clients-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
                  "product_id": "atomic-openshift-clients-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/atomic-openshift-clients@3.6.173.0.21-1.git.0.f95b0e7.el7?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "atomic-openshift-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
                "product": {
                  "name": "atomic-openshift-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
                  "product_id": "atomic-openshift-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/atomic-openshift@3.6.173.0.21-1.git.0.f95b0e7.el7?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "kibana-0:4.6.4-3.el7.x86_64",
                "product": {
                  "name": "kibana-0:4.6.4-3.el7.x86_64",
                  "product_id": "kibana-0:4.6.4-3.el7.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kibana@4.6.4-3.el7?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "kibana-debuginfo-0:4.6.4-3.el7.x86_64",
                "product": {
                  "name": "kibana-debuginfo-0:4.6.4-3.el7.x86_64",
                  "product_id": "kibana-debuginfo-0:4.6.4-3.el7.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kibana-debuginfo@4.6.4-3.el7?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "rubygem-cool.io-0:1.5.1-1.el7.x86_64",
                "product": {
                  "name": "rubygem-cool.io-0:1.5.1-1.el7.x86_64",
                  "product_id": "rubygem-cool.io-0:1.5.1-1.el7.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/rubygem-cool.io@1.5.1-1.el7?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "rubygem-cool.io-debuginfo-0:1.5.1-1.el7.x86_64",
                "product": {
                  "name": "rubygem-cool.io-debuginfo-0:1.5.1-1.el7.x86_64",
                  "product_id": "rubygem-cool.io-debuginfo-0:1.5.1-1.el7.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/rubygem-cool.io-debuginfo@1.5.1-1.el7?arch=x86_64"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "x86_64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "atomic-openshift-excluder-0:3.6.173.0.21-1.git.0.f95b0e7.el7.noarch",
                "product": {
                  "name": "atomic-openshift-excluder-0:3.6.173.0.21-1.git.0.f95b0e7.el7.noarch",
                  "product_id": "atomic-openshift-excluder-0:3.6.173.0.21-1.git.0.f95b0e7.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/atomic-openshift-excluder@3.6.173.0.21-1.git.0.f95b0e7.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "atomic-openshift-docker-excluder-0:3.6.173.0.21-1.git.0.f95b0e7.el7.noarch",
                "product": {
                  "name": "atomic-openshift-docker-excluder-0:3.6.173.0.21-1.git.0.f95b0e7.el7.noarch",
                  "product_id": "atomic-openshift-docker-excluder-0:3.6.173.0.21-1.git.0.f95b0e7.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/atomic-openshift-docker-excluder@3.6.173.0.21-1.git.0.f95b0e7.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "fluentd-0:0.12.39-2.el7.noarch",
                "product": {
                  "name": "fluentd-0:0.12.39-2.el7.noarch",
                  "product_id": "fluentd-0:0.12.39-2.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/fluentd@0.12.39-2.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "fluentd-doc-0:0.12.39-2.el7.noarch",
                "product": {
                  "name": "fluentd-doc-0:0.12.39-2.el7.noarch",
                  "product_id": "fluentd-doc-0:0.12.39-2.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/fluentd-doc@0.12.39-2.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jenkins-2-plugins-0:3.7.1502412812-1.el7.noarch",
                "product": {
                  "name": "jenkins-2-plugins-0:3.7.1502412812-1.el7.noarch",
                  "product_id": "jenkins-2-plugins-0:3.7.1502412812-1.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jenkins-2-plugins@3.7.1502412812-1.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "rubygem-cool.io-doc-0:1.5.1-1.el7.noarch",
                "product": {
                  "name": "rubygem-cool.io-doc-0:1.5.1-1.el7.noarch",
                  "product_id": "rubygem-cool.io-doc-0:1.5.1-1.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/rubygem-cool.io-doc@1.5.1-1.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "rubygem-excon-0:0.58.0-1.el7.noarch",
                "product": {
                  "name": "rubygem-excon-0:0.58.0-1.el7.noarch",
                  "product_id": "rubygem-excon-0:0.58.0-1.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/rubygem-excon@0.58.0-1.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "rubygem-excon-doc-0:0.58.0-1.el7.noarch",
                "product": {
                  "name": "rubygem-excon-doc-0:0.58.0-1.el7.noarch",
                  "product_id": "rubygem-excon-doc-0:0.58.0-1.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/rubygem-excon-doc@0.58.0-1.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "rubygem-faraday-doc-0:0.13.0-1.el7.noarch",
                "product": {
                  "name": "rubygem-faraday-doc-0:0.13.0-1.el7.noarch",
                  "product_id": "rubygem-faraday-doc-0:0.13.0-1.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/rubygem-faraday-doc@0.13.0-1.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "rubygem-faraday-0:0.13.0-1.el7.noarch",
                "product": {
                  "name": "rubygem-faraday-0:0.13.0-1.el7.noarch",
                  "product_id": "rubygem-faraday-0:0.13.0-1.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/rubygem-faraday@0.13.0-1.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "rubygem-fluent-plugin-kubernetes_metadata_filter-0:0.29.0-1.el7.noarch",
                "product": {
                  "name": "rubygem-fluent-plugin-kubernetes_metadata_filter-0:0.29.0-1.el7.noarch",
                  "product_id": "rubygem-fluent-plugin-kubernetes_metadata_filter-0:0.29.0-1.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/rubygem-fluent-plugin-kubernetes_metadata_filter@0.29.0-1.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "rubygem-fluent-plugin-kubernetes_metadata_filter-doc-0:0.29.0-1.el7.noarch",
                "product": {
                  "name": "rubygem-fluent-plugin-kubernetes_metadata_filter-doc-0:0.29.0-1.el7.noarch",
                  "product_id": "rubygem-fluent-plugin-kubernetes_metadata_filter-doc-0:0.29.0-1.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/rubygem-fluent-plugin-kubernetes_metadata_filter-doc@0.29.0-1.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "rubygem-fluent-plugin-viaq_data_model-0:0.0.5-1.el7.noarch",
                "product": {
                  "name": "rubygem-fluent-plugin-viaq_data_model-0:0.0.5-1.el7.noarch",
                  "product_id": "rubygem-fluent-plugin-viaq_data_model-0:0.0.5-1.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/rubygem-fluent-plugin-viaq_data_model@0.0.5-1.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "rubygem-fluent-plugin-viaq_data_model-doc-0:0.0.5-1.el7.noarch",
                "product": {
                  "name": "rubygem-fluent-plugin-viaq_data_model-doc-0:0.0.5-1.el7.noarch",
                  "product_id": "rubygem-fluent-plugin-viaq_data_model-doc-0:0.0.5-1.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/rubygem-fluent-plugin-viaq_data_model-doc@0.0.5-1.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "rubygem-i18n-doc-0:0.8.6-1.el7.noarch",
                "product": {
                  "name": "rubygem-i18n-doc-0:0.8.6-1.el7.noarch",
                  "product_id": "rubygem-i18n-doc-0:0.8.6-1.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/rubygem-i18n-doc@0.8.6-1.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "rubygem-i18n-0:0.8.6-1.el7.noarch",
                "product": {
                  "name": "rubygem-i18n-0:0.8.6-1.el7.noarch",
                  "product_id": "rubygem-i18n-0:0.8.6-1.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/rubygem-i18n@0.8.6-1.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "rubygem-systemd-journal-doc-0:1.3.0-1.el7.noarch",
                "product": {
                  "name": "rubygem-systemd-journal-doc-0:1.3.0-1.el7.noarch",
                  "product_id": "rubygem-systemd-journal-doc-0:1.3.0-1.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/rubygem-systemd-journal-doc@1.3.0-1.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "rubygem-systemd-journal-0:1.3.0-1.el7.noarch",
                "product": {
                  "name": "rubygem-systemd-journal-0:1.3.0-1.el7.noarch",
                  "product_id": "rubygem-systemd-journal-0:1.3.0-1.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/rubygem-systemd-journal@1.3.0-1.el7?arch=noarch"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "noarch"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "atomic-openshift-0:3.6.173.0.21-1.git.0.f95b0e7.el7.src",
                "product": {
                  "name": "atomic-openshift-0:3.6.173.0.21-1.git.0.f95b0e7.el7.src",
                  "product_id": "atomic-openshift-0:3.6.173.0.21-1.git.0.f95b0e7.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/atomic-openshift@3.6.173.0.21-1.git.0.f95b0e7.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "fluentd-0:0.12.39-2.el7.src",
                "product": {
                  "name": "fluentd-0:0.12.39-2.el7.src",
                  "product_id": "fluentd-0:0.12.39-2.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/fluentd@0.12.39-2.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jenkins-2-plugins-0:3.7.1502412812-1.el7.src",
                "product": {
                  "name": "jenkins-2-plugins-0:3.7.1502412812-1.el7.src",
                  "product_id": "jenkins-2-plugins-0:3.7.1502412812-1.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jenkins-2-plugins@3.7.1502412812-1.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "kibana-0:4.6.4-3.el7.src",
                "product": {
                  "name": "kibana-0:4.6.4-3.el7.src",
                  "product_id": "kibana-0:4.6.4-3.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kibana@4.6.4-3.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "rubygem-cool.io-0:1.5.1-1.el7.src",
                "product": {
                  "name": "rubygem-cool.io-0:1.5.1-1.el7.src",
                  "product_id": "rubygem-cool.io-0:1.5.1-1.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/rubygem-cool.io@1.5.1-1.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "rubygem-excon-0:0.58.0-1.el7.src",
                "product": {
                  "name": "rubygem-excon-0:0.58.0-1.el7.src",
                  "product_id": "rubygem-excon-0:0.58.0-1.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/rubygem-excon@0.58.0-1.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "rubygem-faraday-0:0.13.0-1.el7.src",
                "product": {
                  "name": "rubygem-faraday-0:0.13.0-1.el7.src",
                  "product_id": "rubygem-faraday-0:0.13.0-1.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/rubygem-faraday@0.13.0-1.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "rubygem-fluent-plugin-kubernetes_metadata_filter-0:0.29.0-1.el7.src",
                "product": {
                  "name": "rubygem-fluent-plugin-kubernetes_metadata_filter-0:0.29.0-1.el7.src",
                  "product_id": "rubygem-fluent-plugin-kubernetes_metadata_filter-0:0.29.0-1.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/rubygem-fluent-plugin-kubernetes_metadata_filter@0.29.0-1.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "rubygem-fluent-plugin-viaq_data_model-0:0.0.5-1.el7.src",
                "product": {
                  "name": "rubygem-fluent-plugin-viaq_data_model-0:0.0.5-1.el7.src",
                  "product_id": "rubygem-fluent-plugin-viaq_data_model-0:0.0.5-1.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/rubygem-fluent-plugin-viaq_data_model@0.0.5-1.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "rubygem-i18n-0:0.8.6-1.el7.src",
                "product": {
                  "name": "rubygem-i18n-0:0.8.6-1.el7.src",
                  "product_id": "rubygem-i18n-0:0.8.6-1.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/rubygem-i18n@0.8.6-1.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "rubygem-systemd-journal-0:1.3.0-1.el7.src",
                "product": {
                  "name": "rubygem-systemd-journal-0:1.3.0-1.el7.src",
                  "product_id": "rubygem-systemd-journal-0:1.3.0-1.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/rubygem-systemd-journal@1.3.0-1.el7?arch=src"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "src"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "atomic-openshift-0:3.6.173.0.21-1.git.0.f95b0e7.el7.src as a component of Red Hat OpenShift Container Platform 3.6",
          "product_id": "7Server-RH7-RHOSE-3.6:atomic-openshift-0:3.6.173.0.21-1.git.0.f95b0e7.el7.src"
        },
        "product_reference": "atomic-openshift-0:3.6.173.0.21-1.git.0.f95b0e7.el7.src",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "atomic-openshift-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.6",
          "product_id": "7Server-RH7-RHOSE-3.6:atomic-openshift-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64"
        },
        "product_reference": "atomic-openshift-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "atomic-openshift-clients-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.6",
          "product_id": "7Server-RH7-RHOSE-3.6:atomic-openshift-clients-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64"
        },
        "product_reference": "atomic-openshift-clients-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "atomic-openshift-clients-redistributable-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.6",
          "product_id": "7Server-RH7-RHOSE-3.6:atomic-openshift-clients-redistributable-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64"
        },
        "product_reference": "atomic-openshift-clients-redistributable-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "atomic-openshift-cluster-capacity-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.6",
          "product_id": "7Server-RH7-RHOSE-3.6:atomic-openshift-cluster-capacity-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64"
        },
        "product_reference": "atomic-openshift-cluster-capacity-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "atomic-openshift-docker-excluder-0:3.6.173.0.21-1.git.0.f95b0e7.el7.noarch as a component of Red Hat OpenShift Container Platform 3.6",
          "product_id": "7Server-RH7-RHOSE-3.6:atomic-openshift-docker-excluder-0:3.6.173.0.21-1.git.0.f95b0e7.el7.noarch"
        },
        "product_reference": "atomic-openshift-docker-excluder-0:3.6.173.0.21-1.git.0.f95b0e7.el7.noarch",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "atomic-openshift-dockerregistry-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.6",
          "product_id": "7Server-RH7-RHOSE-3.6:atomic-openshift-dockerregistry-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64"
        },
        "product_reference": "atomic-openshift-dockerregistry-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "atomic-openshift-excluder-0:3.6.173.0.21-1.git.0.f95b0e7.el7.noarch as a component of Red Hat OpenShift Container Platform 3.6",
          "product_id": "7Server-RH7-RHOSE-3.6:atomic-openshift-excluder-0:3.6.173.0.21-1.git.0.f95b0e7.el7.noarch"
        },
        "product_reference": "atomic-openshift-excluder-0:3.6.173.0.21-1.git.0.f95b0e7.el7.noarch",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "atomic-openshift-federation-services-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.6",
          "product_id": "7Server-RH7-RHOSE-3.6:atomic-openshift-federation-services-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64"
        },
        "product_reference": "atomic-openshift-federation-services-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "atomic-openshift-master-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.6",
          "product_id": "7Server-RH7-RHOSE-3.6:atomic-openshift-master-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64"
        },
        "product_reference": "atomic-openshift-master-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "atomic-openshift-node-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.6",
          "product_id": "7Server-RH7-RHOSE-3.6:atomic-openshift-node-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64"
        },
        "product_reference": "atomic-openshift-node-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "atomic-openshift-pod-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.6",
          "product_id": "7Server-RH7-RHOSE-3.6:atomic-openshift-pod-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64"
        },
        "product_reference": "atomic-openshift-pod-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "atomic-openshift-sdn-ovs-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.6",
          "product_id": "7Server-RH7-RHOSE-3.6:atomic-openshift-sdn-ovs-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64"
        },
        "product_reference": "atomic-openshift-sdn-ovs-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "atomic-openshift-service-catalog-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.6",
          "product_id": "7Server-RH7-RHOSE-3.6:atomic-openshift-service-catalog-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64"
        },
        "product_reference": "atomic-openshift-service-catalog-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "atomic-openshift-tests-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.6",
          "product_id": "7Server-RH7-RHOSE-3.6:atomic-openshift-tests-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64"
        },
        "product_reference": "atomic-openshift-tests-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "fluentd-0:0.12.39-2.el7.noarch as a component of Red Hat OpenShift Container Platform 3.6",
          "product_id": "7Server-RH7-RHOSE-3.6:fluentd-0:0.12.39-2.el7.noarch"
        },
        "product_reference": "fluentd-0:0.12.39-2.el7.noarch",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "fluentd-0:0.12.39-2.el7.src as a component of Red Hat OpenShift Container Platform 3.6",
          "product_id": "7Server-RH7-RHOSE-3.6:fluentd-0:0.12.39-2.el7.src"
        },
        "product_reference": "fluentd-0:0.12.39-2.el7.src",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "fluentd-doc-0:0.12.39-2.el7.noarch as a component of Red Hat OpenShift Container Platform 3.6",
          "product_id": "7Server-RH7-RHOSE-3.6:fluentd-doc-0:0.12.39-2.el7.noarch"
        },
        "product_reference": "fluentd-doc-0:0.12.39-2.el7.noarch",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jenkins-2-plugins-0:3.7.1502412812-1.el7.noarch as a component of Red Hat OpenShift Container Platform 3.6",
          "product_id": "7Server-RH7-RHOSE-3.6:jenkins-2-plugins-0:3.7.1502412812-1.el7.noarch"
        },
        "product_reference": "jenkins-2-plugins-0:3.7.1502412812-1.el7.noarch",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jenkins-2-plugins-0:3.7.1502412812-1.el7.src as a component of Red Hat OpenShift Container Platform 3.6",
          "product_id": "7Server-RH7-RHOSE-3.6:jenkins-2-plugins-0:3.7.1502412812-1.el7.src"
        },
        "product_reference": "jenkins-2-plugins-0:3.7.1502412812-1.el7.src",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kibana-0:4.6.4-3.el7.src as a component of Red Hat OpenShift Container Platform 3.6",
          "product_id": "7Server-RH7-RHOSE-3.6:kibana-0:4.6.4-3.el7.src"
        },
        "product_reference": "kibana-0:4.6.4-3.el7.src",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kibana-0:4.6.4-3.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.6",
          "product_id": "7Server-RH7-RHOSE-3.6:kibana-0:4.6.4-3.el7.x86_64"
        },
        "product_reference": "kibana-0:4.6.4-3.el7.x86_64",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kibana-debuginfo-0:4.6.4-3.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.6",
          "product_id": "7Server-RH7-RHOSE-3.6:kibana-debuginfo-0:4.6.4-3.el7.x86_64"
        },
        "product_reference": "kibana-debuginfo-0:4.6.4-3.el7.x86_64",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rubygem-cool.io-0:1.5.1-1.el7.src as a component of Red Hat OpenShift Container Platform 3.6",
          "product_id": "7Server-RH7-RHOSE-3.6:rubygem-cool.io-0:1.5.1-1.el7.src"
        },
        "product_reference": "rubygem-cool.io-0:1.5.1-1.el7.src",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rubygem-cool.io-0:1.5.1-1.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.6",
          "product_id": "7Server-RH7-RHOSE-3.6:rubygem-cool.io-0:1.5.1-1.el7.x86_64"
        },
        "product_reference": "rubygem-cool.io-0:1.5.1-1.el7.x86_64",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rubygem-cool.io-debuginfo-0:1.5.1-1.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.6",
          "product_id": "7Server-RH7-RHOSE-3.6:rubygem-cool.io-debuginfo-0:1.5.1-1.el7.x86_64"
        },
        "product_reference": "rubygem-cool.io-debuginfo-0:1.5.1-1.el7.x86_64",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rubygem-cool.io-doc-0:1.5.1-1.el7.noarch as a component of Red Hat OpenShift Container Platform 3.6",
          "product_id": "7Server-RH7-RHOSE-3.6:rubygem-cool.io-doc-0:1.5.1-1.el7.noarch"
        },
        "product_reference": "rubygem-cool.io-doc-0:1.5.1-1.el7.noarch",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rubygem-excon-0:0.58.0-1.el7.noarch as a component of Red Hat OpenShift Container Platform 3.6",
          "product_id": "7Server-RH7-RHOSE-3.6:rubygem-excon-0:0.58.0-1.el7.noarch"
        },
        "product_reference": "rubygem-excon-0:0.58.0-1.el7.noarch",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rubygem-excon-0:0.58.0-1.el7.src as a component of Red Hat OpenShift Container Platform 3.6",
          "product_id": "7Server-RH7-RHOSE-3.6:rubygem-excon-0:0.58.0-1.el7.src"
        },
        "product_reference": "rubygem-excon-0:0.58.0-1.el7.src",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rubygem-excon-doc-0:0.58.0-1.el7.noarch as a component of Red Hat OpenShift Container Platform 3.6",
          "product_id": "7Server-RH7-RHOSE-3.6:rubygem-excon-doc-0:0.58.0-1.el7.noarch"
        },
        "product_reference": "rubygem-excon-doc-0:0.58.0-1.el7.noarch",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rubygem-faraday-0:0.13.0-1.el7.noarch as a component of Red Hat OpenShift Container Platform 3.6",
          "product_id": "7Server-RH7-RHOSE-3.6:rubygem-faraday-0:0.13.0-1.el7.noarch"
        },
        "product_reference": "rubygem-faraday-0:0.13.0-1.el7.noarch",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rubygem-faraday-0:0.13.0-1.el7.src as a component of Red Hat OpenShift Container Platform 3.6",
          "product_id": "7Server-RH7-RHOSE-3.6:rubygem-faraday-0:0.13.0-1.el7.src"
        },
        "product_reference": "rubygem-faraday-0:0.13.0-1.el7.src",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rubygem-faraday-doc-0:0.13.0-1.el7.noarch as a component of Red Hat OpenShift Container Platform 3.6",
          "product_id": "7Server-RH7-RHOSE-3.6:rubygem-faraday-doc-0:0.13.0-1.el7.noarch"
        },
        "product_reference": "rubygem-faraday-doc-0:0.13.0-1.el7.noarch",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rubygem-fluent-plugin-kubernetes_metadata_filter-0:0.29.0-1.el7.noarch as a component of Red Hat OpenShift Container Platform 3.6",
          "product_id": "7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-kubernetes_metadata_filter-0:0.29.0-1.el7.noarch"
        },
        "product_reference": "rubygem-fluent-plugin-kubernetes_metadata_filter-0:0.29.0-1.el7.noarch",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rubygem-fluent-plugin-kubernetes_metadata_filter-0:0.29.0-1.el7.src as a component of Red Hat OpenShift Container Platform 3.6",
          "product_id": "7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-kubernetes_metadata_filter-0:0.29.0-1.el7.src"
        },
        "product_reference": "rubygem-fluent-plugin-kubernetes_metadata_filter-0:0.29.0-1.el7.src",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rubygem-fluent-plugin-kubernetes_metadata_filter-doc-0:0.29.0-1.el7.noarch as a component of Red Hat OpenShift Container Platform 3.6",
          "product_id": "7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-kubernetes_metadata_filter-doc-0:0.29.0-1.el7.noarch"
        },
        "product_reference": "rubygem-fluent-plugin-kubernetes_metadata_filter-doc-0:0.29.0-1.el7.noarch",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rubygem-fluent-plugin-viaq_data_model-0:0.0.5-1.el7.noarch as a component of Red Hat OpenShift Container Platform 3.6",
          "product_id": "7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-viaq_data_model-0:0.0.5-1.el7.noarch"
        },
        "product_reference": "rubygem-fluent-plugin-viaq_data_model-0:0.0.5-1.el7.noarch",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rubygem-fluent-plugin-viaq_data_model-0:0.0.5-1.el7.src as a component of Red Hat OpenShift Container Platform 3.6",
          "product_id": "7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-viaq_data_model-0:0.0.5-1.el7.src"
        },
        "product_reference": "rubygem-fluent-plugin-viaq_data_model-0:0.0.5-1.el7.src",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rubygem-fluent-plugin-viaq_data_model-doc-0:0.0.5-1.el7.noarch as a component of Red Hat OpenShift Container Platform 3.6",
          "product_id": "7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-viaq_data_model-doc-0:0.0.5-1.el7.noarch"
        },
        "product_reference": "rubygem-fluent-plugin-viaq_data_model-doc-0:0.0.5-1.el7.noarch",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rubygem-i18n-0:0.8.6-1.el7.noarch as a component of Red Hat OpenShift Container Platform 3.6",
          "product_id": "7Server-RH7-RHOSE-3.6:rubygem-i18n-0:0.8.6-1.el7.noarch"
        },
        "product_reference": "rubygem-i18n-0:0.8.6-1.el7.noarch",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rubygem-i18n-0:0.8.6-1.el7.src as a component of Red Hat OpenShift Container Platform 3.6",
          "product_id": "7Server-RH7-RHOSE-3.6:rubygem-i18n-0:0.8.6-1.el7.src"
        },
        "product_reference": "rubygem-i18n-0:0.8.6-1.el7.src",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rubygem-i18n-doc-0:0.8.6-1.el7.noarch as a component of Red Hat OpenShift Container Platform 3.6",
          "product_id": "7Server-RH7-RHOSE-3.6:rubygem-i18n-doc-0:0.8.6-1.el7.noarch"
        },
        "product_reference": "rubygem-i18n-doc-0:0.8.6-1.el7.noarch",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rubygem-systemd-journal-0:1.3.0-1.el7.noarch as a component of Red Hat OpenShift Container Platform 3.6",
          "product_id": "7Server-RH7-RHOSE-3.6:rubygem-systemd-journal-0:1.3.0-1.el7.noarch"
        },
        "product_reference": "rubygem-systemd-journal-0:1.3.0-1.el7.noarch",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rubygem-systemd-journal-0:1.3.0-1.el7.src as a component of Red Hat OpenShift Container Platform 3.6",
          "product_id": "7Server-RH7-RHOSE-3.6:rubygem-systemd-journal-0:1.3.0-1.el7.src"
        },
        "product_reference": "rubygem-systemd-journal-0:1.3.0-1.el7.src",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rubygem-systemd-journal-doc-0:1.3.0-1.el7.noarch as a component of Red Hat OpenShift Container Platform 3.6",
          "product_id": "7Server-RH7-RHOSE-3.6:rubygem-systemd-journal-doc-0:1.3.0-1.el7.noarch"
        },
        "product_reference": "rubygem-systemd-journal-doc-0:1.3.0-1.el7.noarch",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tuned-profiles-atomic-openshift-node-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.6",
          "product_id": "7Server-RH7-RHOSE-3.6:tuned-profiles-atomic-openshift-node-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64"
        },
        "product_reference": "tuned-profiles-atomic-openshift-node-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.6"
      }
    ]
  },
  "vulnerabilities": [
    {
      "acknowledgments": [
        {
          "names": [
            "the Jenkins project"
          ]
        },
        {
          "names": [
            "Jesse Glick"
          ],
          "organization": "CloudBees",
          "summary": "Acknowledged by upstream."
        }
      ],
      "cve": "CVE-2017-1000085",
      "cwe": {
        "id": "CWE-352",
        "name": "Cross-Site Request Forgery (CSRF)"
      },
      "discovery_date": "2017-07-07T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1471046"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "Subversion Plugin improperly checked permissions, requiring just Item/Build instead of Item/Configure when used. This allows a user to specify an attacker-controlled Subversion server which can then be used to collect credentials used by the Subversion plugin.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "jenkins-plugin-subversion: CSRF vulnerability and insufficient permission checks allow capturing credentials (SECURITY-303)",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This issue affects the versions of jenkins-plugin-subversion as shipped with Red Hat OpenShift Enterprise 3. Red Hat Product Security has rated this issue as having Low security impact. A future update may address this issue. For additional information, refer to the Issue Severity Classification: https://access.redhat.com/security/updates/classification/.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "7Server-RH7-RHOSE-3.6:atomic-openshift-0:3.6.173.0.21-1.git.0.f95b0e7.el7.src",
          "7Server-RH7-RHOSE-3.6:atomic-openshift-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
          "7Server-RH7-RHOSE-3.6:atomic-openshift-clients-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
          "7Server-RH7-RHOSE-3.6:atomic-openshift-clients-redistributable-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
          "7Server-RH7-RHOSE-3.6:atomic-openshift-cluster-capacity-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
          "7Server-RH7-RHOSE-3.6:atomic-openshift-docker-excluder-0:3.6.173.0.21-1.git.0.f95b0e7.el7.noarch",
          "7Server-RH7-RHOSE-3.6:atomic-openshift-dockerregistry-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
          "7Server-RH7-RHOSE-3.6:atomic-openshift-excluder-0:3.6.173.0.21-1.git.0.f95b0e7.el7.noarch",
          "7Server-RH7-RHOSE-3.6:atomic-openshift-federation-services-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
          "7Server-RH7-RHOSE-3.6:atomic-openshift-master-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
          "7Server-RH7-RHOSE-3.6:atomic-openshift-node-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
          "7Server-RH7-RHOSE-3.6:atomic-openshift-pod-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
          "7Server-RH7-RHOSE-3.6:atomic-openshift-sdn-ovs-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
          "7Server-RH7-RHOSE-3.6:atomic-openshift-service-catalog-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
          "7Server-RH7-RHOSE-3.6:atomic-openshift-tests-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
          "7Server-RH7-RHOSE-3.6:fluentd-0:0.12.39-2.el7.noarch",
          "7Server-RH7-RHOSE-3.6:fluentd-0:0.12.39-2.el7.src",
          "7Server-RH7-RHOSE-3.6:fluentd-doc-0:0.12.39-2.el7.noarch",
          "7Server-RH7-RHOSE-3.6:jenkins-2-plugins-0:3.7.1502412812-1.el7.noarch",
          "7Server-RH7-RHOSE-3.6:jenkins-2-plugins-0:3.7.1502412812-1.el7.src",
          "7Server-RH7-RHOSE-3.6:kibana-0:4.6.4-3.el7.src",
          "7Server-RH7-RHOSE-3.6:kibana-0:4.6.4-3.el7.x86_64",
          "7Server-RH7-RHOSE-3.6:kibana-debuginfo-0:4.6.4-3.el7.x86_64",
          "7Server-RH7-RHOSE-3.6:rubygem-cool.io-0:1.5.1-1.el7.src",
          "7Server-RH7-RHOSE-3.6:rubygem-cool.io-0:1.5.1-1.el7.x86_64",
          "7Server-RH7-RHOSE-3.6:rubygem-cool.io-debuginfo-0:1.5.1-1.el7.x86_64",
          "7Server-RH7-RHOSE-3.6:rubygem-cool.io-doc-0:1.5.1-1.el7.noarch",
          "7Server-RH7-RHOSE-3.6:rubygem-excon-0:0.58.0-1.el7.noarch",
          "7Server-RH7-RHOSE-3.6:rubygem-excon-0:0.58.0-1.el7.src",
          "7Server-RH7-RHOSE-3.6:rubygem-excon-doc-0:0.58.0-1.el7.noarch",
          "7Server-RH7-RHOSE-3.6:rubygem-faraday-0:0.13.0-1.el7.noarch",
          "7Server-RH7-RHOSE-3.6:rubygem-faraday-0:0.13.0-1.el7.src",
          "7Server-RH7-RHOSE-3.6:rubygem-faraday-doc-0:0.13.0-1.el7.noarch",
          "7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-kubernetes_metadata_filter-0:0.29.0-1.el7.noarch",
          "7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-kubernetes_metadata_filter-0:0.29.0-1.el7.src",
          "7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-kubernetes_metadata_filter-doc-0:0.29.0-1.el7.noarch",
          "7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-viaq_data_model-0:0.0.5-1.el7.noarch",
          "7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-viaq_data_model-0:0.0.5-1.el7.src",
          "7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-viaq_data_model-doc-0:0.0.5-1.el7.noarch",
          "7Server-RH7-RHOSE-3.6:rubygem-i18n-0:0.8.6-1.el7.noarch",
          "7Server-RH7-RHOSE-3.6:rubygem-i18n-0:0.8.6-1.el7.src",
          "7Server-RH7-RHOSE-3.6:rubygem-i18n-doc-0:0.8.6-1.el7.noarch",
          "7Server-RH7-RHOSE-3.6:rubygem-systemd-journal-0:1.3.0-1.el7.noarch",
          "7Server-RH7-RHOSE-3.6:rubygem-systemd-journal-0:1.3.0-1.el7.src",
          "7Server-RH7-RHOSE-3.6:rubygem-systemd-journal-doc-0:1.3.0-1.el7.noarch",
          "7Server-RH7-RHOSE-3.6:tuned-profiles-atomic-openshift-node-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2017-1000085"
        },
        {
          "category": "external",
          "summary": "RHBZ#1471046",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1471046"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2017-1000085",
          "url": "https://www.cve.org/CVERecord?id=CVE-2017-1000085"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-1000085",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-1000085"
        },
        {
          "category": "external",
          "summary": "https://jenkins.io/security/advisory/2017-07-10/",
          "url": "https://jenkins.io/security/advisory/2017-07-10/"
        }
      ],
      "release_date": "2017-07-10T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2017-09-08T03:14:52+00:00",
          "details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor OpenShift Container Platform 3.5, see the following documentation, which will be updated shortly for release 3.5.5.31, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/3.5/release_notes/ocp_3_5_release_notes.html\n\nFor OpenShift Container Platform 3.4, see the following documentation, which will be updated shortly for release 3.4.1.44, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/3.4/release_notes/ocp_3_4_release_notes.html\n\nThis update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/articles/11258.",
          "product_ids": [
            "7Server-RH7-RHOSE-3.6:atomic-openshift-0:3.6.173.0.21-1.git.0.f95b0e7.el7.src",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-clients-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-clients-redistributable-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-cluster-capacity-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-docker-excluder-0:3.6.173.0.21-1.git.0.f95b0e7.el7.noarch",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-dockerregistry-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-excluder-0:3.6.173.0.21-1.git.0.f95b0e7.el7.noarch",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-federation-services-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-master-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-node-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-pod-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-sdn-ovs-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-service-catalog-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-tests-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:fluentd-0:0.12.39-2.el7.noarch",
            "7Server-RH7-RHOSE-3.6:fluentd-0:0.12.39-2.el7.src",
            "7Server-RH7-RHOSE-3.6:fluentd-doc-0:0.12.39-2.el7.noarch",
            "7Server-RH7-RHOSE-3.6:jenkins-2-plugins-0:3.7.1502412812-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:jenkins-2-plugins-0:3.7.1502412812-1.el7.src",
            "7Server-RH7-RHOSE-3.6:kibana-0:4.6.4-3.el7.src",
            "7Server-RH7-RHOSE-3.6:kibana-0:4.6.4-3.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:kibana-debuginfo-0:4.6.4-3.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:rubygem-cool.io-0:1.5.1-1.el7.src",
            "7Server-RH7-RHOSE-3.6:rubygem-cool.io-0:1.5.1-1.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:rubygem-cool.io-debuginfo-0:1.5.1-1.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:rubygem-cool.io-doc-0:1.5.1-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:rubygem-excon-0:0.58.0-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:rubygem-excon-0:0.58.0-1.el7.src",
            "7Server-RH7-RHOSE-3.6:rubygem-excon-doc-0:0.58.0-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:rubygem-faraday-0:0.13.0-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:rubygem-faraday-0:0.13.0-1.el7.src",
            "7Server-RH7-RHOSE-3.6:rubygem-faraday-doc-0:0.13.0-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-kubernetes_metadata_filter-0:0.29.0-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-kubernetes_metadata_filter-0:0.29.0-1.el7.src",
            "7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-kubernetes_metadata_filter-doc-0:0.29.0-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-viaq_data_model-0:0.0.5-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-viaq_data_model-0:0.0.5-1.el7.src",
            "7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-viaq_data_model-doc-0:0.0.5-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:rubygem-i18n-0:0.8.6-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:rubygem-i18n-0:0.8.6-1.el7.src",
            "7Server-RH7-RHOSE-3.6:rubygem-i18n-doc-0:0.8.6-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:rubygem-systemd-journal-0:1.3.0-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:rubygem-systemd-journal-0:1.3.0-1.el7.src",
            "7Server-RH7-RHOSE-3.6:rubygem-systemd-journal-doc-0:1.3.0-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:tuned-profiles-atomic-openshift-node-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHBA-2017:2642"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 3.1,
            "baseSeverity": "LOW",
            "confidentialityImpact": "LOW",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N",
            "version": "3.0"
          },
          "products": [
            "7Server-RH7-RHOSE-3.6:atomic-openshift-0:3.6.173.0.21-1.git.0.f95b0e7.el7.src",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-clients-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-clients-redistributable-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-cluster-capacity-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-docker-excluder-0:3.6.173.0.21-1.git.0.f95b0e7.el7.noarch",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-dockerregistry-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-excluder-0:3.6.173.0.21-1.git.0.f95b0e7.el7.noarch",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-federation-services-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-master-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-node-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-pod-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-sdn-ovs-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-service-catalog-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-tests-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:fluentd-0:0.12.39-2.el7.noarch",
            "7Server-RH7-RHOSE-3.6:fluentd-0:0.12.39-2.el7.src",
            "7Server-RH7-RHOSE-3.6:fluentd-doc-0:0.12.39-2.el7.noarch",
            "7Server-RH7-RHOSE-3.6:jenkins-2-plugins-0:3.7.1502412812-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:jenkins-2-plugins-0:3.7.1502412812-1.el7.src",
            "7Server-RH7-RHOSE-3.6:kibana-0:4.6.4-3.el7.src",
            "7Server-RH7-RHOSE-3.6:kibana-0:4.6.4-3.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:kibana-debuginfo-0:4.6.4-3.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:rubygem-cool.io-0:1.5.1-1.el7.src",
            "7Server-RH7-RHOSE-3.6:rubygem-cool.io-0:1.5.1-1.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:rubygem-cool.io-debuginfo-0:1.5.1-1.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:rubygem-cool.io-doc-0:1.5.1-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:rubygem-excon-0:0.58.0-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:rubygem-excon-0:0.58.0-1.el7.src",
            "7Server-RH7-RHOSE-3.6:rubygem-excon-doc-0:0.58.0-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:rubygem-faraday-0:0.13.0-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:rubygem-faraday-0:0.13.0-1.el7.src",
            "7Server-RH7-RHOSE-3.6:rubygem-faraday-doc-0:0.13.0-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-kubernetes_metadata_filter-0:0.29.0-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-kubernetes_metadata_filter-0:0.29.0-1.el7.src",
            "7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-kubernetes_metadata_filter-doc-0:0.29.0-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-viaq_data_model-0:0.0.5-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-viaq_data_model-0:0.0.5-1.el7.src",
            "7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-viaq_data_model-doc-0:0.0.5-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:rubygem-i18n-0:0.8.6-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:rubygem-i18n-0:0.8.6-1.el7.src",
            "7Server-RH7-RHOSE-3.6:rubygem-i18n-doc-0:0.8.6-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:rubygem-systemd-journal-0:1.3.0-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:rubygem-systemd-journal-0:1.3.0-1.el7.src",
            "7Server-RH7-RHOSE-3.6:rubygem-systemd-journal-doc-0:1.3.0-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:tuned-profiles-atomic-openshift-node-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Low"
        }
      ],
      "title": "jenkins-plugin-subversion: CSRF vulnerability and insufficient permission checks allow capturing credentials (SECURITY-303)"
    },
    {
      "acknowledgments": [
        {
          "names": [
            "the Jenkins project"
          ]
        }
      ],
      "cve": "CVE-2017-1000089",
      "cwe": {
        "id": "CWE-287",
        "name": "Improper Authentication"
      },
      "discovery_date": "2017-07-07T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1471050"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "The jenkins-plugin-pipeline-build-step fails to check permissions correctly allowing attackers with access to it to specify the triggering of any other project in Jenkins. This potentially gives an attacker access to projects they should not have access to.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "jenkins-plugin-pipeline-build-step: Missing check of Item/Build permission (SECURITY-433)",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This issue affects the versions of jenkins-plugin-pipeline-build-step as shipped with Red Hat OpenShift Enterprise 3. Red Hat Product Security has rated this issue as having Low security impact. A future update may address this issue. For additional information, refer to the Issue Severity Classification: https://access.redhat.com/security/updates/classification/.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "7Server-RH7-RHOSE-3.6:atomic-openshift-0:3.6.173.0.21-1.git.0.f95b0e7.el7.src",
          "7Server-RH7-RHOSE-3.6:atomic-openshift-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
          "7Server-RH7-RHOSE-3.6:atomic-openshift-clients-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
          "7Server-RH7-RHOSE-3.6:atomic-openshift-clients-redistributable-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
          "7Server-RH7-RHOSE-3.6:atomic-openshift-cluster-capacity-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
          "7Server-RH7-RHOSE-3.6:atomic-openshift-docker-excluder-0:3.6.173.0.21-1.git.0.f95b0e7.el7.noarch",
          "7Server-RH7-RHOSE-3.6:atomic-openshift-dockerregistry-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
          "7Server-RH7-RHOSE-3.6:atomic-openshift-excluder-0:3.6.173.0.21-1.git.0.f95b0e7.el7.noarch",
          "7Server-RH7-RHOSE-3.6:atomic-openshift-federation-services-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
          "7Server-RH7-RHOSE-3.6:atomic-openshift-master-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
          "7Server-RH7-RHOSE-3.6:atomic-openshift-node-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
          "7Server-RH7-RHOSE-3.6:atomic-openshift-pod-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
          "7Server-RH7-RHOSE-3.6:atomic-openshift-sdn-ovs-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
          "7Server-RH7-RHOSE-3.6:atomic-openshift-service-catalog-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
          "7Server-RH7-RHOSE-3.6:atomic-openshift-tests-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
          "7Server-RH7-RHOSE-3.6:fluentd-0:0.12.39-2.el7.noarch",
          "7Server-RH7-RHOSE-3.6:fluentd-0:0.12.39-2.el7.src",
          "7Server-RH7-RHOSE-3.6:fluentd-doc-0:0.12.39-2.el7.noarch",
          "7Server-RH7-RHOSE-3.6:jenkins-2-plugins-0:3.7.1502412812-1.el7.noarch",
          "7Server-RH7-RHOSE-3.6:jenkins-2-plugins-0:3.7.1502412812-1.el7.src",
          "7Server-RH7-RHOSE-3.6:kibana-0:4.6.4-3.el7.src",
          "7Server-RH7-RHOSE-3.6:kibana-0:4.6.4-3.el7.x86_64",
          "7Server-RH7-RHOSE-3.6:kibana-debuginfo-0:4.6.4-3.el7.x86_64",
          "7Server-RH7-RHOSE-3.6:rubygem-cool.io-0:1.5.1-1.el7.src",
          "7Server-RH7-RHOSE-3.6:rubygem-cool.io-0:1.5.1-1.el7.x86_64",
          "7Server-RH7-RHOSE-3.6:rubygem-cool.io-debuginfo-0:1.5.1-1.el7.x86_64",
          "7Server-RH7-RHOSE-3.6:rubygem-cool.io-doc-0:1.5.1-1.el7.noarch",
          "7Server-RH7-RHOSE-3.6:rubygem-excon-0:0.58.0-1.el7.noarch",
          "7Server-RH7-RHOSE-3.6:rubygem-excon-0:0.58.0-1.el7.src",
          "7Server-RH7-RHOSE-3.6:rubygem-excon-doc-0:0.58.0-1.el7.noarch",
          "7Server-RH7-RHOSE-3.6:rubygem-faraday-0:0.13.0-1.el7.noarch",
          "7Server-RH7-RHOSE-3.6:rubygem-faraday-0:0.13.0-1.el7.src",
          "7Server-RH7-RHOSE-3.6:rubygem-faraday-doc-0:0.13.0-1.el7.noarch",
          "7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-kubernetes_metadata_filter-0:0.29.0-1.el7.noarch",
          "7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-kubernetes_metadata_filter-0:0.29.0-1.el7.src",
          "7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-kubernetes_metadata_filter-doc-0:0.29.0-1.el7.noarch",
          "7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-viaq_data_model-0:0.0.5-1.el7.noarch",
          "7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-viaq_data_model-0:0.0.5-1.el7.src",
          "7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-viaq_data_model-doc-0:0.0.5-1.el7.noarch",
          "7Server-RH7-RHOSE-3.6:rubygem-i18n-0:0.8.6-1.el7.noarch",
          "7Server-RH7-RHOSE-3.6:rubygem-i18n-0:0.8.6-1.el7.src",
          "7Server-RH7-RHOSE-3.6:rubygem-i18n-doc-0:0.8.6-1.el7.noarch",
          "7Server-RH7-RHOSE-3.6:rubygem-systemd-journal-0:1.3.0-1.el7.noarch",
          "7Server-RH7-RHOSE-3.6:rubygem-systemd-journal-0:1.3.0-1.el7.src",
          "7Server-RH7-RHOSE-3.6:rubygem-systemd-journal-doc-0:1.3.0-1.el7.noarch",
          "7Server-RH7-RHOSE-3.6:tuned-profiles-atomic-openshift-node-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2017-1000089"
        },
        {
          "category": "external",
          "summary": "RHBZ#1471050",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1471050"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2017-1000089",
          "url": "https://www.cve.org/CVERecord?id=CVE-2017-1000089"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-1000089",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-1000089"
        },
        {
          "category": "external",
          "summary": "https://jenkins.io/security/advisory/2017-07-10/",
          "url": "https://jenkins.io/security/advisory/2017-07-10/"
        }
      ],
      "release_date": "2017-07-10T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2017-09-08T03:14:52+00:00",
          "details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor OpenShift Container Platform 3.5, see the following documentation, which will be updated shortly for release 3.5.5.31, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/3.5/release_notes/ocp_3_5_release_notes.html\n\nFor OpenShift Container Platform 3.4, see the following documentation, which will be updated shortly for release 3.4.1.44, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/3.4/release_notes/ocp_3_4_release_notes.html\n\nThis update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/articles/11258.",
          "product_ids": [
            "7Server-RH7-RHOSE-3.6:atomic-openshift-0:3.6.173.0.21-1.git.0.f95b0e7.el7.src",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-clients-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-clients-redistributable-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-cluster-capacity-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-docker-excluder-0:3.6.173.0.21-1.git.0.f95b0e7.el7.noarch",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-dockerregistry-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-excluder-0:3.6.173.0.21-1.git.0.f95b0e7.el7.noarch",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-federation-services-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-master-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-node-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-pod-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-sdn-ovs-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-service-catalog-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-tests-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:fluentd-0:0.12.39-2.el7.noarch",
            "7Server-RH7-RHOSE-3.6:fluentd-0:0.12.39-2.el7.src",
            "7Server-RH7-RHOSE-3.6:fluentd-doc-0:0.12.39-2.el7.noarch",
            "7Server-RH7-RHOSE-3.6:jenkins-2-plugins-0:3.7.1502412812-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:jenkins-2-plugins-0:3.7.1502412812-1.el7.src",
            "7Server-RH7-RHOSE-3.6:kibana-0:4.6.4-3.el7.src",
            "7Server-RH7-RHOSE-3.6:kibana-0:4.6.4-3.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:kibana-debuginfo-0:4.6.4-3.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:rubygem-cool.io-0:1.5.1-1.el7.src",
            "7Server-RH7-RHOSE-3.6:rubygem-cool.io-0:1.5.1-1.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:rubygem-cool.io-debuginfo-0:1.5.1-1.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:rubygem-cool.io-doc-0:1.5.1-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:rubygem-excon-0:0.58.0-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:rubygem-excon-0:0.58.0-1.el7.src",
            "7Server-RH7-RHOSE-3.6:rubygem-excon-doc-0:0.58.0-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:rubygem-faraday-0:0.13.0-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:rubygem-faraday-0:0.13.0-1.el7.src",
            "7Server-RH7-RHOSE-3.6:rubygem-faraday-doc-0:0.13.0-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-kubernetes_metadata_filter-0:0.29.0-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-kubernetes_metadata_filter-0:0.29.0-1.el7.src",
            "7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-kubernetes_metadata_filter-doc-0:0.29.0-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-viaq_data_model-0:0.0.5-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-viaq_data_model-0:0.0.5-1.el7.src",
            "7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-viaq_data_model-doc-0:0.0.5-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:rubygem-i18n-0:0.8.6-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:rubygem-i18n-0:0.8.6-1.el7.src",
            "7Server-RH7-RHOSE-3.6:rubygem-i18n-doc-0:0.8.6-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:rubygem-systemd-journal-0:1.3.0-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:rubygem-systemd-journal-0:1.3.0-1.el7.src",
            "7Server-RH7-RHOSE-3.6:rubygem-systemd-journal-doc-0:1.3.0-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:tuned-profiles-atomic-openshift-node-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHBA-2017:2642"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 3.7,
            "baseSeverity": "LOW",
            "confidentialityImpact": "NONE",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N",
            "version": "3.0"
          },
          "products": [
            "7Server-RH7-RHOSE-3.6:atomic-openshift-0:3.6.173.0.21-1.git.0.f95b0e7.el7.src",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-clients-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-clients-redistributable-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-cluster-capacity-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-docker-excluder-0:3.6.173.0.21-1.git.0.f95b0e7.el7.noarch",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-dockerregistry-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-excluder-0:3.6.173.0.21-1.git.0.f95b0e7.el7.noarch",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-federation-services-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-master-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-node-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-pod-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-sdn-ovs-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-service-catalog-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-tests-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:fluentd-0:0.12.39-2.el7.noarch",
            "7Server-RH7-RHOSE-3.6:fluentd-0:0.12.39-2.el7.src",
            "7Server-RH7-RHOSE-3.6:fluentd-doc-0:0.12.39-2.el7.noarch",
            "7Server-RH7-RHOSE-3.6:jenkins-2-plugins-0:3.7.1502412812-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:jenkins-2-plugins-0:3.7.1502412812-1.el7.src",
            "7Server-RH7-RHOSE-3.6:kibana-0:4.6.4-3.el7.src",
            "7Server-RH7-RHOSE-3.6:kibana-0:4.6.4-3.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:kibana-debuginfo-0:4.6.4-3.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:rubygem-cool.io-0:1.5.1-1.el7.src",
            "7Server-RH7-RHOSE-3.6:rubygem-cool.io-0:1.5.1-1.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:rubygem-cool.io-debuginfo-0:1.5.1-1.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:rubygem-cool.io-doc-0:1.5.1-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:rubygem-excon-0:0.58.0-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:rubygem-excon-0:0.58.0-1.el7.src",
            "7Server-RH7-RHOSE-3.6:rubygem-excon-doc-0:0.58.0-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:rubygem-faraday-0:0.13.0-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:rubygem-faraday-0:0.13.0-1.el7.src",
            "7Server-RH7-RHOSE-3.6:rubygem-faraday-doc-0:0.13.0-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-kubernetes_metadata_filter-0:0.29.0-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-kubernetes_metadata_filter-0:0.29.0-1.el7.src",
            "7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-kubernetes_metadata_filter-doc-0:0.29.0-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-viaq_data_model-0:0.0.5-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-viaq_data_model-0:0.0.5-1.el7.src",
            "7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-viaq_data_model-doc-0:0.0.5-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:rubygem-i18n-0:0.8.6-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:rubygem-i18n-0:0.8.6-1.el7.src",
            "7Server-RH7-RHOSE-3.6:rubygem-i18n-doc-0:0.8.6-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:rubygem-systemd-journal-0:1.3.0-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:rubygem-systemd-journal-0:1.3.0-1.el7.src",
            "7Server-RH7-RHOSE-3.6:rubygem-systemd-journal-doc-0:1.3.0-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:tuned-profiles-atomic-openshift-node-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Low"
        }
      ],
      "title": "jenkins-plugin-pipeline-build-step: Missing check of Item/Build permission (SECURITY-433)"
    },
    {
      "acknowledgments": [
        {
          "names": [
            "the Jenkins project"
          ]
        },
        {
          "names": [
            "Jesse Glick"
          ],
          "organization": "CloudBees",
          "summary": "Acknowledged by upstream."
        }
      ],
      "cve": "CVE-2017-1000092",
      "cwe": {
        "id": "CWE-352",
        "name": "Cross-Site Request Forgery (CSRF)"
      },
      "discovery_date": "2017-07-07T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1471053"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "The Git Plugin can leak credentials (username and password) used to access a git repo if an attacker-supplied URL is provided to the plugin. To supply the URL to the plugin, the attacker would need to guess a username/password ID and then trick a developer into following a specific URL.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "jenkins-plugin-git: CSRF vulnerability allows capturing credentials (SECURITY-528)",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This issue affects the versions of jenkins-plugin-git as shipped with Red Hat OpenShift Enterprise 3. Red Hat Product Security has rated this issue as having Low security impact. A future update may address this issue. For additional information, refer to the Issue Severity Classification: https://access.redhat.com/security/updates/classification/.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "7Server-RH7-RHOSE-3.6:atomic-openshift-0:3.6.173.0.21-1.git.0.f95b0e7.el7.src",
          "7Server-RH7-RHOSE-3.6:atomic-openshift-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
          "7Server-RH7-RHOSE-3.6:atomic-openshift-clients-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
          "7Server-RH7-RHOSE-3.6:atomic-openshift-clients-redistributable-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
          "7Server-RH7-RHOSE-3.6:atomic-openshift-cluster-capacity-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
          "7Server-RH7-RHOSE-3.6:atomic-openshift-docker-excluder-0:3.6.173.0.21-1.git.0.f95b0e7.el7.noarch",
          "7Server-RH7-RHOSE-3.6:atomic-openshift-dockerregistry-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
          "7Server-RH7-RHOSE-3.6:atomic-openshift-excluder-0:3.6.173.0.21-1.git.0.f95b0e7.el7.noarch",
          "7Server-RH7-RHOSE-3.6:atomic-openshift-federation-services-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
          "7Server-RH7-RHOSE-3.6:atomic-openshift-master-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
          "7Server-RH7-RHOSE-3.6:atomic-openshift-node-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
          "7Server-RH7-RHOSE-3.6:atomic-openshift-pod-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
          "7Server-RH7-RHOSE-3.6:atomic-openshift-sdn-ovs-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
          "7Server-RH7-RHOSE-3.6:atomic-openshift-service-catalog-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
          "7Server-RH7-RHOSE-3.6:atomic-openshift-tests-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
          "7Server-RH7-RHOSE-3.6:fluentd-0:0.12.39-2.el7.noarch",
          "7Server-RH7-RHOSE-3.6:fluentd-0:0.12.39-2.el7.src",
          "7Server-RH7-RHOSE-3.6:fluentd-doc-0:0.12.39-2.el7.noarch",
          "7Server-RH7-RHOSE-3.6:jenkins-2-plugins-0:3.7.1502412812-1.el7.noarch",
          "7Server-RH7-RHOSE-3.6:jenkins-2-plugins-0:3.7.1502412812-1.el7.src",
          "7Server-RH7-RHOSE-3.6:kibana-0:4.6.4-3.el7.src",
          "7Server-RH7-RHOSE-3.6:kibana-0:4.6.4-3.el7.x86_64",
          "7Server-RH7-RHOSE-3.6:kibana-debuginfo-0:4.6.4-3.el7.x86_64",
          "7Server-RH7-RHOSE-3.6:rubygem-cool.io-0:1.5.1-1.el7.src",
          "7Server-RH7-RHOSE-3.6:rubygem-cool.io-0:1.5.1-1.el7.x86_64",
          "7Server-RH7-RHOSE-3.6:rubygem-cool.io-debuginfo-0:1.5.1-1.el7.x86_64",
          "7Server-RH7-RHOSE-3.6:rubygem-cool.io-doc-0:1.5.1-1.el7.noarch",
          "7Server-RH7-RHOSE-3.6:rubygem-excon-0:0.58.0-1.el7.noarch",
          "7Server-RH7-RHOSE-3.6:rubygem-excon-0:0.58.0-1.el7.src",
          "7Server-RH7-RHOSE-3.6:rubygem-excon-doc-0:0.58.0-1.el7.noarch",
          "7Server-RH7-RHOSE-3.6:rubygem-faraday-0:0.13.0-1.el7.noarch",
          "7Server-RH7-RHOSE-3.6:rubygem-faraday-0:0.13.0-1.el7.src",
          "7Server-RH7-RHOSE-3.6:rubygem-faraday-doc-0:0.13.0-1.el7.noarch",
          "7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-kubernetes_metadata_filter-0:0.29.0-1.el7.noarch",
          "7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-kubernetes_metadata_filter-0:0.29.0-1.el7.src",
          "7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-kubernetes_metadata_filter-doc-0:0.29.0-1.el7.noarch",
          "7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-viaq_data_model-0:0.0.5-1.el7.noarch",
          "7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-viaq_data_model-0:0.0.5-1.el7.src",
          "7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-viaq_data_model-doc-0:0.0.5-1.el7.noarch",
          "7Server-RH7-RHOSE-3.6:rubygem-i18n-0:0.8.6-1.el7.noarch",
          "7Server-RH7-RHOSE-3.6:rubygem-i18n-0:0.8.6-1.el7.src",
          "7Server-RH7-RHOSE-3.6:rubygem-i18n-doc-0:0.8.6-1.el7.noarch",
          "7Server-RH7-RHOSE-3.6:rubygem-systemd-journal-0:1.3.0-1.el7.noarch",
          "7Server-RH7-RHOSE-3.6:rubygem-systemd-journal-0:1.3.0-1.el7.src",
          "7Server-RH7-RHOSE-3.6:rubygem-systemd-journal-doc-0:1.3.0-1.el7.noarch",
          "7Server-RH7-RHOSE-3.6:tuned-profiles-atomic-openshift-node-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2017-1000092"
        },
        {
          "category": "external",
          "summary": "RHBZ#1471053",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1471053"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2017-1000092",
          "url": "https://www.cve.org/CVERecord?id=CVE-2017-1000092"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-1000092",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-1000092"
        },
        {
          "category": "external",
          "summary": "https://jenkins.io/security/advisory/2017-07-10/",
          "url": "https://jenkins.io/security/advisory/2017-07-10/"
        }
      ],
      "release_date": "2017-07-10T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2017-09-08T03:14:52+00:00",
          "details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor OpenShift Container Platform 3.5, see the following documentation, which will be updated shortly for release 3.5.5.31, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/3.5/release_notes/ocp_3_5_release_notes.html\n\nFor OpenShift Container Platform 3.4, see the following documentation, which will be updated shortly for release 3.4.1.44, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/3.4/release_notes/ocp_3_4_release_notes.html\n\nThis update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/articles/11258.",
          "product_ids": [
            "7Server-RH7-RHOSE-3.6:atomic-openshift-0:3.6.173.0.21-1.git.0.f95b0e7.el7.src",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-clients-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-clients-redistributable-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-cluster-capacity-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-docker-excluder-0:3.6.173.0.21-1.git.0.f95b0e7.el7.noarch",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-dockerregistry-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-excluder-0:3.6.173.0.21-1.git.0.f95b0e7.el7.noarch",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-federation-services-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-master-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-node-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-pod-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-sdn-ovs-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-service-catalog-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-tests-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:fluentd-0:0.12.39-2.el7.noarch",
            "7Server-RH7-RHOSE-3.6:fluentd-0:0.12.39-2.el7.src",
            "7Server-RH7-RHOSE-3.6:fluentd-doc-0:0.12.39-2.el7.noarch",
            "7Server-RH7-RHOSE-3.6:jenkins-2-plugins-0:3.7.1502412812-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:jenkins-2-plugins-0:3.7.1502412812-1.el7.src",
            "7Server-RH7-RHOSE-3.6:kibana-0:4.6.4-3.el7.src",
            "7Server-RH7-RHOSE-3.6:kibana-0:4.6.4-3.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:kibana-debuginfo-0:4.6.4-3.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:rubygem-cool.io-0:1.5.1-1.el7.src",
            "7Server-RH7-RHOSE-3.6:rubygem-cool.io-0:1.5.1-1.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:rubygem-cool.io-debuginfo-0:1.5.1-1.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:rubygem-cool.io-doc-0:1.5.1-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:rubygem-excon-0:0.58.0-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:rubygem-excon-0:0.58.0-1.el7.src",
            "7Server-RH7-RHOSE-3.6:rubygem-excon-doc-0:0.58.0-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:rubygem-faraday-0:0.13.0-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:rubygem-faraday-0:0.13.0-1.el7.src",
            "7Server-RH7-RHOSE-3.6:rubygem-faraday-doc-0:0.13.0-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-kubernetes_metadata_filter-0:0.29.0-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-kubernetes_metadata_filter-0:0.29.0-1.el7.src",
            "7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-kubernetes_metadata_filter-doc-0:0.29.0-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-viaq_data_model-0:0.0.5-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-viaq_data_model-0:0.0.5-1.el7.src",
            "7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-viaq_data_model-doc-0:0.0.5-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:rubygem-i18n-0:0.8.6-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:rubygem-i18n-0:0.8.6-1.el7.src",
            "7Server-RH7-RHOSE-3.6:rubygem-i18n-doc-0:0.8.6-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:rubygem-systemd-journal-0:1.3.0-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:rubygem-systemd-journal-0:1.3.0-1.el7.src",
            "7Server-RH7-RHOSE-3.6:rubygem-systemd-journal-doc-0:1.3.0-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:tuned-profiles-atomic-openshift-node-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHBA-2017:2642"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 3.1,
            "baseSeverity": "LOW",
            "confidentialityImpact": "LOW",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N",
            "version": "3.0"
          },
          "products": [
            "7Server-RH7-RHOSE-3.6:atomic-openshift-0:3.6.173.0.21-1.git.0.f95b0e7.el7.src",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-clients-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-clients-redistributable-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-cluster-capacity-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-docker-excluder-0:3.6.173.0.21-1.git.0.f95b0e7.el7.noarch",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-dockerregistry-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-excluder-0:3.6.173.0.21-1.git.0.f95b0e7.el7.noarch",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-federation-services-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-master-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-node-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-pod-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-sdn-ovs-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-service-catalog-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-tests-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:fluentd-0:0.12.39-2.el7.noarch",
            "7Server-RH7-RHOSE-3.6:fluentd-0:0.12.39-2.el7.src",
            "7Server-RH7-RHOSE-3.6:fluentd-doc-0:0.12.39-2.el7.noarch",
            "7Server-RH7-RHOSE-3.6:jenkins-2-plugins-0:3.7.1502412812-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:jenkins-2-plugins-0:3.7.1502412812-1.el7.src",
            "7Server-RH7-RHOSE-3.6:kibana-0:4.6.4-3.el7.src",
            "7Server-RH7-RHOSE-3.6:kibana-0:4.6.4-3.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:kibana-debuginfo-0:4.6.4-3.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:rubygem-cool.io-0:1.5.1-1.el7.src",
            "7Server-RH7-RHOSE-3.6:rubygem-cool.io-0:1.5.1-1.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:rubygem-cool.io-debuginfo-0:1.5.1-1.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:rubygem-cool.io-doc-0:1.5.1-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:rubygem-excon-0:0.58.0-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:rubygem-excon-0:0.58.0-1.el7.src",
            "7Server-RH7-RHOSE-3.6:rubygem-excon-doc-0:0.58.0-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:rubygem-faraday-0:0.13.0-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:rubygem-faraday-0:0.13.0-1.el7.src",
            "7Server-RH7-RHOSE-3.6:rubygem-faraday-doc-0:0.13.0-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-kubernetes_metadata_filter-0:0.29.0-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-kubernetes_metadata_filter-0:0.29.0-1.el7.src",
            "7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-kubernetes_metadata_filter-doc-0:0.29.0-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-viaq_data_model-0:0.0.5-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-viaq_data_model-0:0.0.5-1.el7.src",
            "7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-viaq_data_model-doc-0:0.0.5-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:rubygem-i18n-0:0.8.6-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:rubygem-i18n-0:0.8.6-1.el7.src",
            "7Server-RH7-RHOSE-3.6:rubygem-i18n-doc-0:0.8.6-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:rubygem-systemd-journal-0:1.3.0-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:rubygem-systemd-journal-0:1.3.0-1.el7.src",
            "7Server-RH7-RHOSE-3.6:rubygem-systemd-journal-doc-0:1.3.0-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:tuned-profiles-atomic-openshift-node-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Low"
        }
      ],
      "title": "jenkins-plugin-git: CSRF vulnerability allows capturing credentials (SECURITY-528)"
    },
    {
      "acknowledgments": [
        {
          "names": [
            "the Jenkins project"
          ]
        },
        {
          "names": [
            "Green",
            "Simon St John"
          ],
          "summary": "Acknowledged by upstream."
        }
      ],
      "cve": "CVE-2017-1000096",
      "cwe": {
        "id": "CWE-184",
        "name": "Incomplete List of Disallowed Inputs"
      },
      "discovery_date": "2017-07-07T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1471064"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "The jenkins-plugin-script-security has incomplete sandbox protection which allows attackers to execute arbitrary code via constructors, instance variable initializers, and instance initializers in Pipeline scripts. Exploitation of this requires the attacker to have permission to configure Pipelines in Jenkins or be a trusted committers to repositories containing Jenkinsfiles and for that Jenkins instance to be hosting other projects as well that the attacker should not have access to.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "jenkins-plugin-workflow-cps: Arbitrary code execution due to incomplete sandbox protection (SECURITY-551)",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This issue affects the versions of jenkins-plugin-workflow-cps  as shipped with Red Hat OpenShift Enterprise 3. However, this flaw is of low impact under the supported scenarios in OpenShift Enterprise 3. A future update may address this issue.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "7Server-RH7-RHOSE-3.6:atomic-openshift-0:3.6.173.0.21-1.git.0.f95b0e7.el7.src",
          "7Server-RH7-RHOSE-3.6:atomic-openshift-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
          "7Server-RH7-RHOSE-3.6:atomic-openshift-clients-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
          "7Server-RH7-RHOSE-3.6:atomic-openshift-clients-redistributable-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
          "7Server-RH7-RHOSE-3.6:atomic-openshift-cluster-capacity-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
          "7Server-RH7-RHOSE-3.6:atomic-openshift-docker-excluder-0:3.6.173.0.21-1.git.0.f95b0e7.el7.noarch",
          "7Server-RH7-RHOSE-3.6:atomic-openshift-dockerregistry-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
          "7Server-RH7-RHOSE-3.6:atomic-openshift-excluder-0:3.6.173.0.21-1.git.0.f95b0e7.el7.noarch",
          "7Server-RH7-RHOSE-3.6:atomic-openshift-federation-services-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
          "7Server-RH7-RHOSE-3.6:atomic-openshift-master-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
          "7Server-RH7-RHOSE-3.6:atomic-openshift-node-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
          "7Server-RH7-RHOSE-3.6:atomic-openshift-pod-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
          "7Server-RH7-RHOSE-3.6:atomic-openshift-sdn-ovs-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
          "7Server-RH7-RHOSE-3.6:atomic-openshift-service-catalog-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
          "7Server-RH7-RHOSE-3.6:atomic-openshift-tests-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
          "7Server-RH7-RHOSE-3.6:fluentd-0:0.12.39-2.el7.noarch",
          "7Server-RH7-RHOSE-3.6:fluentd-0:0.12.39-2.el7.src",
          "7Server-RH7-RHOSE-3.6:fluentd-doc-0:0.12.39-2.el7.noarch",
          "7Server-RH7-RHOSE-3.6:jenkins-2-plugins-0:3.7.1502412812-1.el7.noarch",
          "7Server-RH7-RHOSE-3.6:jenkins-2-plugins-0:3.7.1502412812-1.el7.src",
          "7Server-RH7-RHOSE-3.6:kibana-0:4.6.4-3.el7.src",
          "7Server-RH7-RHOSE-3.6:kibana-0:4.6.4-3.el7.x86_64",
          "7Server-RH7-RHOSE-3.6:kibana-debuginfo-0:4.6.4-3.el7.x86_64",
          "7Server-RH7-RHOSE-3.6:rubygem-cool.io-0:1.5.1-1.el7.src",
          "7Server-RH7-RHOSE-3.6:rubygem-cool.io-0:1.5.1-1.el7.x86_64",
          "7Server-RH7-RHOSE-3.6:rubygem-cool.io-debuginfo-0:1.5.1-1.el7.x86_64",
          "7Server-RH7-RHOSE-3.6:rubygem-cool.io-doc-0:1.5.1-1.el7.noarch",
          "7Server-RH7-RHOSE-3.6:rubygem-excon-0:0.58.0-1.el7.noarch",
          "7Server-RH7-RHOSE-3.6:rubygem-excon-0:0.58.0-1.el7.src",
          "7Server-RH7-RHOSE-3.6:rubygem-excon-doc-0:0.58.0-1.el7.noarch",
          "7Server-RH7-RHOSE-3.6:rubygem-faraday-0:0.13.0-1.el7.noarch",
          "7Server-RH7-RHOSE-3.6:rubygem-faraday-0:0.13.0-1.el7.src",
          "7Server-RH7-RHOSE-3.6:rubygem-faraday-doc-0:0.13.0-1.el7.noarch",
          "7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-kubernetes_metadata_filter-0:0.29.0-1.el7.noarch",
          "7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-kubernetes_metadata_filter-0:0.29.0-1.el7.src",
          "7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-kubernetes_metadata_filter-doc-0:0.29.0-1.el7.noarch",
          "7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-viaq_data_model-0:0.0.5-1.el7.noarch",
          "7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-viaq_data_model-0:0.0.5-1.el7.src",
          "7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-viaq_data_model-doc-0:0.0.5-1.el7.noarch",
          "7Server-RH7-RHOSE-3.6:rubygem-i18n-0:0.8.6-1.el7.noarch",
          "7Server-RH7-RHOSE-3.6:rubygem-i18n-0:0.8.6-1.el7.src",
          "7Server-RH7-RHOSE-3.6:rubygem-i18n-doc-0:0.8.6-1.el7.noarch",
          "7Server-RH7-RHOSE-3.6:rubygem-systemd-journal-0:1.3.0-1.el7.noarch",
          "7Server-RH7-RHOSE-3.6:rubygem-systemd-journal-0:1.3.0-1.el7.src",
          "7Server-RH7-RHOSE-3.6:rubygem-systemd-journal-doc-0:1.3.0-1.el7.noarch",
          "7Server-RH7-RHOSE-3.6:tuned-profiles-atomic-openshift-node-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2017-1000096"
        },
        {
          "category": "external",
          "summary": "RHBZ#1471064",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1471064"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2017-1000096",
          "url": "https://www.cve.org/CVERecord?id=CVE-2017-1000096"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-1000096",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-1000096"
        },
        {
          "category": "external",
          "summary": "https://jenkins.io/security/advisory/2017-07-10/",
          "url": "https://jenkins.io/security/advisory/2017-07-10/"
        }
      ],
      "release_date": "2017-07-10T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2017-09-08T03:14:52+00:00",
          "details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor OpenShift Container Platform 3.5, see the following documentation, which will be updated shortly for release 3.5.5.31, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/3.5/release_notes/ocp_3_5_release_notes.html\n\nFor OpenShift Container Platform 3.4, see the following documentation, which will be updated shortly for release 3.4.1.44, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/3.4/release_notes/ocp_3_4_release_notes.html\n\nThis update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/articles/11258.",
          "product_ids": [
            "7Server-RH7-RHOSE-3.6:atomic-openshift-0:3.6.173.0.21-1.git.0.f95b0e7.el7.src",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-clients-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-clients-redistributable-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-cluster-capacity-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-docker-excluder-0:3.6.173.0.21-1.git.0.f95b0e7.el7.noarch",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-dockerregistry-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-excluder-0:3.6.173.0.21-1.git.0.f95b0e7.el7.noarch",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-federation-services-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-master-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-node-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-pod-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-sdn-ovs-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-service-catalog-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-tests-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:fluentd-0:0.12.39-2.el7.noarch",
            "7Server-RH7-RHOSE-3.6:fluentd-0:0.12.39-2.el7.src",
            "7Server-RH7-RHOSE-3.6:fluentd-doc-0:0.12.39-2.el7.noarch",
            "7Server-RH7-RHOSE-3.6:jenkins-2-plugins-0:3.7.1502412812-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:jenkins-2-plugins-0:3.7.1502412812-1.el7.src",
            "7Server-RH7-RHOSE-3.6:kibana-0:4.6.4-3.el7.src",
            "7Server-RH7-RHOSE-3.6:kibana-0:4.6.4-3.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:kibana-debuginfo-0:4.6.4-3.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:rubygem-cool.io-0:1.5.1-1.el7.src",
            "7Server-RH7-RHOSE-3.6:rubygem-cool.io-0:1.5.1-1.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:rubygem-cool.io-debuginfo-0:1.5.1-1.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:rubygem-cool.io-doc-0:1.5.1-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:rubygem-excon-0:0.58.0-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:rubygem-excon-0:0.58.0-1.el7.src",
            "7Server-RH7-RHOSE-3.6:rubygem-excon-doc-0:0.58.0-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:rubygem-faraday-0:0.13.0-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:rubygem-faraday-0:0.13.0-1.el7.src",
            "7Server-RH7-RHOSE-3.6:rubygem-faraday-doc-0:0.13.0-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-kubernetes_metadata_filter-0:0.29.0-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-kubernetes_metadata_filter-0:0.29.0-1.el7.src",
            "7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-kubernetes_metadata_filter-doc-0:0.29.0-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-viaq_data_model-0:0.0.5-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-viaq_data_model-0:0.0.5-1.el7.src",
            "7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-viaq_data_model-doc-0:0.0.5-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:rubygem-i18n-0:0.8.6-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:rubygem-i18n-0:0.8.6-1.el7.src",
            "7Server-RH7-RHOSE-3.6:rubygem-i18n-doc-0:0.8.6-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:rubygem-systemd-journal-0:1.3.0-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:rubygem-systemd-journal-0:1.3.0-1.el7.src",
            "7Server-RH7-RHOSE-3.6:rubygem-systemd-journal-doc-0:1.3.0-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:tuned-profiles-atomic-openshift-node-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHBA-2017:2642"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "7Server-RH7-RHOSE-3.6:atomic-openshift-0:3.6.173.0.21-1.git.0.f95b0e7.el7.src",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-clients-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-clients-redistributable-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-cluster-capacity-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-docker-excluder-0:3.6.173.0.21-1.git.0.f95b0e7.el7.noarch",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-dockerregistry-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-excluder-0:3.6.173.0.21-1.git.0.f95b0e7.el7.noarch",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-federation-services-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-master-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-node-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-pod-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-sdn-ovs-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-service-catalog-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-tests-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:fluentd-0:0.12.39-2.el7.noarch",
            "7Server-RH7-RHOSE-3.6:fluentd-0:0.12.39-2.el7.src",
            "7Server-RH7-RHOSE-3.6:fluentd-doc-0:0.12.39-2.el7.noarch",
            "7Server-RH7-RHOSE-3.6:jenkins-2-plugins-0:3.7.1502412812-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:jenkins-2-plugins-0:3.7.1502412812-1.el7.src",
            "7Server-RH7-RHOSE-3.6:kibana-0:4.6.4-3.el7.src",
            "7Server-RH7-RHOSE-3.6:kibana-0:4.6.4-3.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:kibana-debuginfo-0:4.6.4-3.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:rubygem-cool.io-0:1.5.1-1.el7.src",
            "7Server-RH7-RHOSE-3.6:rubygem-cool.io-0:1.5.1-1.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:rubygem-cool.io-debuginfo-0:1.5.1-1.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:rubygem-cool.io-doc-0:1.5.1-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:rubygem-excon-0:0.58.0-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:rubygem-excon-0:0.58.0-1.el7.src",
            "7Server-RH7-RHOSE-3.6:rubygem-excon-doc-0:0.58.0-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:rubygem-faraday-0:0.13.0-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:rubygem-faraday-0:0.13.0-1.el7.src",
            "7Server-RH7-RHOSE-3.6:rubygem-faraday-doc-0:0.13.0-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-kubernetes_metadata_filter-0:0.29.0-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-kubernetes_metadata_filter-0:0.29.0-1.el7.src",
            "7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-kubernetes_metadata_filter-doc-0:0.29.0-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-viaq_data_model-0:0.0.5-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-viaq_data_model-0:0.0.5-1.el7.src",
            "7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-viaq_data_model-doc-0:0.0.5-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:rubygem-i18n-0:0.8.6-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:rubygem-i18n-0:0.8.6-1.el7.src",
            "7Server-RH7-RHOSE-3.6:rubygem-i18n-doc-0:0.8.6-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:rubygem-systemd-journal-0:1.3.0-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:rubygem-systemd-journal-0:1.3.0-1.el7.src",
            "7Server-RH7-RHOSE-3.6:rubygem-systemd-journal-doc-0:1.3.0-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:tuned-profiles-atomic-openshift-node-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "jenkins-plugin-workflow-cps: Arbitrary code execution due to incomplete sandbox protection (SECURITY-551)"
    }
  ]
}

RHBA-2017:2642

Vulnerability from csaf_redhat

Published

2017-09-08 03:14

Modified

2024-11-22 11:21

Summary

Red Hat Bug Fix Advisory: OpenShift Container Platform 3.6.1 bug fix and enhancement update

Notes

Topic

Red Hat OpenShift Container Platform releases 3.6.1 are now available with updates to packages and images that fix several bugs and add various enhancements.

Details

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://access.redhat.com/security/updates/classification/",
      "text": "Important"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "Red Hat OpenShift Container Platform releases 3.6.1 are now available with updates to packages and images that fix several bugs and add various enhancements.",
        "title": "Topic"
      },
      {
        "category": "general",
        "text": "Red Hat OpenShift Container Platform is the company\u0027s cloud computing Platform-as-a-Service (PaaS) solution designed for on-premise or private cloud deployments.\n\nThis advisory contains the RPM packages for Red Hat OpenShift Container Platform 3.6.1. See the following advisory for the container images for this release:\n\nhttps://access.redhat.com/errata/RHEA-2017:2644\n\nThis update fixes the following bugs:\n\n* When the atomic-openshift-node service got restarted, all processes in its control group are terminated, including the glusterfs-mounted points. Each glusterfs volume in OpenShift corresponds to one mounted point. If all mounting points are lost, so are all of the volumes. Set the control group mode to terminate only the main process and leave the remaining glusterfs mounting points untouched. When the atomic-openshift-node service is restarted, no glusterfs mounting point is terminated.\n(BZ#1423640)\n\n* A route can front up to four services that handle the requests. The load balancing strategy governs which endpoint gets each request. When round-robin is chosen, the portion of the requests that each\nservice handles is governed by the weight assigned to the service. Each endpoint in the service gets a fraction of the service\u0027s requests. (BZ#1473736)\n\n* When fluentd was reading from the journald and the output buffer queue wass full, the fluentd log was filled up with KubeClient messages. This is a bug in the fluentd filter_kubernetes_metadata plug-in. Ignore fluentd log messages from Kubeclient::Common::WatchNotice. (BZ#1476731)\n\n* Previously, the Copy Service Labels link in the Create Route form did not correctly copy the labels from the service to the new route. It has been fixed to copy the selected service\u0027s labels.\n(BZ#1477933)\n\n* Permissions on directories injected as a build input via the image source input mechanism have user-only access permissions. Therefore, the resulting application image cannot access the content when run as a random user ID. With this bug fix, the directories will be injected with group permissions, which will allow the user access to the container. (BZ#1479130)\n\n* Kibana nodejs runtime was not the same as the version distributed by Elastic. With this bug fix, the versioning is updated. (BZ#1479928)\n\n* Previously, the ScaleIO volume plug-in was missing in OpenShift Container Platform. With this bug fix, it is now fully enabled. (BZ#1482273)\n\n* Namespaces that use reserved names and were not created by infrastructure components should be blocked, as they will cause the upgrade to fail. (BZ#1484958)\n\nThis update includes the following enhancement:\n\n* There is now the ability to set reference policy with `oc import-image`. Set reference policy using the `--reference-policy` flag when invoking `oc import-image`. When importing all tags (using the `--all` flag), all tags will get passed to reference policy, including overwriting the already present one. (BZ#1420976)\n\nAll OpenShift Container Platform 3.6 users are advised to upgrade to these updated packages and images.",
        "title": "Details"
      },
      {
        "category": "legal_disclaimer",
        "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
        "title": "Terms of Use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://access.redhat.com/security/team/contact/",
      "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
      "name": "Red Hat Product Security",
      "namespace": "https://www.redhat.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "https://access.redhat.com/errata/RHBA-2017:2642",
        "url": "https://access.redhat.com/errata/RHBA-2017:2642"
      },
      {
        "category": "external",
        "summary": "1420976",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1420976"
      },
      {
        "category": "external",
        "summary": "1423640",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1423640"
      },
      {
        "category": "external",
        "summary": "1473736",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1473736"
      },
      {
        "category": "external",
        "summary": "1476731",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1476731"
      },
      {
        "category": "external",
        "summary": "1477223",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1477223"
      },
      {
        "category": "external",
        "summary": "1477933",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1477933"
      },
      {
        "category": "external",
        "summary": "1479130",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1479130"
      },
      {
        "category": "external",
        "summary": "1479928",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1479928"
      },
      {
        "category": "external",
        "summary": "1481251",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1481251"
      },
      {
        "category": "external",
        "summary": "1482273",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1482273"
      },
      {
        "category": "external",
        "summary": "1484958",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1484958"
      },
      {
        "category": "self",
        "summary": "Canonical URL",
        "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2017/rhba-2017_2642.json"
      }
    ],
    "title": "Red Hat Bug Fix Advisory: OpenShift Container Platform 3.6.1 bug fix and enhancement update",
    "tracking": {
      "current_release_date": "2024-11-22T11:21:43+00:00",
      "generator": {
        "date": "2024-11-22T11:21:43+00:00",
        "engine": {
          "name": "Red Hat SDEngine",
          "version": "4.2.1"
        }
      },
      "id": "RHBA-2017:2642",
      "initial_release_date": "2017-09-08T03:14:52+00:00",
      "revision_history": [
        {
          "date": "2017-09-08T03:14:52+00:00",
          "number": "1",
          "summary": "Initial version"
        },
        {
          "date": "2017-09-08T03:14:52+00:00",
          "number": "2",
          "summary": "Last updated version"
        },
        {
          "date": "2024-11-22T11:21:43+00:00",
          "number": "3",
          "summary": "Last generated version"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Red Hat OpenShift Container Platform 3.6",
                "product": {
                  "name": "Red Hat OpenShift Container Platform 3.6",
                  "product_id": "7Server-RH7-RHOSE-3.6",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:openshift:3.6::el7"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "Red Hat OpenShift Enterprise"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "atomic-openshift-federation-services-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
                "product": {
                  "name": "atomic-openshift-federation-services-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
                  "product_id": "atomic-openshift-federation-services-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/atomic-openshift-federation-services@3.6.173.0.21-1.git.0.f95b0e7.el7?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "atomic-openshift-master-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
                "product": {
                  "name": "atomic-openshift-master-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
                  "product_id": "atomic-openshift-master-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/atomic-openshift-master@3.6.173.0.21-1.git.0.f95b0e7.el7?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tuned-profiles-atomic-openshift-node-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
                "product": {
                  "name": "tuned-profiles-atomic-openshift-node-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
                  "product_id": "tuned-profiles-atomic-openshift-node-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tuned-profiles-atomic-openshift-node@3.6.173.0.21-1.git.0.f95b0e7.el7?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "atomic-openshift-dockerregistry-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
                "product": {
                  "name": "atomic-openshift-dockerregistry-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
                  "product_id": "atomic-openshift-dockerregistry-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/atomic-openshift-dockerregistry@3.6.173.0.21-1.git.0.f95b0e7.el7?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "atomic-openshift-service-catalog-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
                "product": {
                  "name": "atomic-openshift-service-catalog-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
                  "product_id": "atomic-openshift-service-catalog-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/atomic-openshift-service-catalog@3.6.173.0.21-1.git.0.f95b0e7.el7?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "atomic-openshift-pod-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
                "product": {
                  "name": "atomic-openshift-pod-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
                  "product_id": "atomic-openshift-pod-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/atomic-openshift-pod@3.6.173.0.21-1.git.0.f95b0e7.el7?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "atomic-openshift-node-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
                "product": {
                  "name": "atomic-openshift-node-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
                  "product_id": "atomic-openshift-node-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/atomic-openshift-node@3.6.173.0.21-1.git.0.f95b0e7.el7?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "atomic-openshift-sdn-ovs-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
                "product": {
                  "name": "atomic-openshift-sdn-ovs-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
                  "product_id": "atomic-openshift-sdn-ovs-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/atomic-openshift-sdn-ovs@3.6.173.0.21-1.git.0.f95b0e7.el7?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "atomic-openshift-clients-redistributable-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
                "product": {
                  "name": "atomic-openshift-clients-redistributable-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
                  "product_id": "atomic-openshift-clients-redistributable-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/atomic-openshift-clients-redistributable@3.6.173.0.21-1.git.0.f95b0e7.el7?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "atomic-openshift-tests-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
                "product": {
                  "name": "atomic-openshift-tests-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
                  "product_id": "atomic-openshift-tests-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/atomic-openshift-tests@3.6.173.0.21-1.git.0.f95b0e7.el7?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "atomic-openshift-cluster-capacity-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
                "product": {
                  "name": "atomic-openshift-cluster-capacity-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
                  "product_id": "atomic-openshift-cluster-capacity-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/atomic-openshift-cluster-capacity@3.6.173.0.21-1.git.0.f95b0e7.el7?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "atomic-openshift-clients-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
                "product": {
                  "name": "atomic-openshift-clients-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
                  "product_id": "atomic-openshift-clients-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/atomic-openshift-clients@3.6.173.0.21-1.git.0.f95b0e7.el7?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "atomic-openshift-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
                "product": {
                  "name": "atomic-openshift-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
                  "product_id": "atomic-openshift-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/atomic-openshift@3.6.173.0.21-1.git.0.f95b0e7.el7?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "kibana-0:4.6.4-3.el7.x86_64",
                "product": {
                  "name": "kibana-0:4.6.4-3.el7.x86_64",
                  "product_id": "kibana-0:4.6.4-3.el7.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kibana@4.6.4-3.el7?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "kibana-debuginfo-0:4.6.4-3.el7.x86_64",
                "product": {
                  "name": "kibana-debuginfo-0:4.6.4-3.el7.x86_64",
                  "product_id": "kibana-debuginfo-0:4.6.4-3.el7.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kibana-debuginfo@4.6.4-3.el7?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "rubygem-cool.io-0:1.5.1-1.el7.x86_64",
                "product": {
                  "name": "rubygem-cool.io-0:1.5.1-1.el7.x86_64",
                  "product_id": "rubygem-cool.io-0:1.5.1-1.el7.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/rubygem-cool.io@1.5.1-1.el7?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "rubygem-cool.io-debuginfo-0:1.5.1-1.el7.x86_64",
                "product": {
                  "name": "rubygem-cool.io-debuginfo-0:1.5.1-1.el7.x86_64",
                  "product_id": "rubygem-cool.io-debuginfo-0:1.5.1-1.el7.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/rubygem-cool.io-debuginfo@1.5.1-1.el7?arch=x86_64"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "x86_64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "atomic-openshift-excluder-0:3.6.173.0.21-1.git.0.f95b0e7.el7.noarch",
                "product": {
                  "name": "atomic-openshift-excluder-0:3.6.173.0.21-1.git.0.f95b0e7.el7.noarch",
                  "product_id": "atomic-openshift-excluder-0:3.6.173.0.21-1.git.0.f95b0e7.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/atomic-openshift-excluder@3.6.173.0.21-1.git.0.f95b0e7.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "atomic-openshift-docker-excluder-0:3.6.173.0.21-1.git.0.f95b0e7.el7.noarch",
                "product": {
                  "name": "atomic-openshift-docker-excluder-0:3.6.173.0.21-1.git.0.f95b0e7.el7.noarch",
                  "product_id": "atomic-openshift-docker-excluder-0:3.6.173.0.21-1.git.0.f95b0e7.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/atomic-openshift-docker-excluder@3.6.173.0.21-1.git.0.f95b0e7.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "fluentd-0:0.12.39-2.el7.noarch",
                "product": {
                  "name": "fluentd-0:0.12.39-2.el7.noarch",
                  "product_id": "fluentd-0:0.12.39-2.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/fluentd@0.12.39-2.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "fluentd-doc-0:0.12.39-2.el7.noarch",
                "product": {
                  "name": "fluentd-doc-0:0.12.39-2.el7.noarch",
                  "product_id": "fluentd-doc-0:0.12.39-2.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/fluentd-doc@0.12.39-2.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jenkins-2-plugins-0:3.7.1502412812-1.el7.noarch",
                "product": {
                  "name": "jenkins-2-plugins-0:3.7.1502412812-1.el7.noarch",
                  "product_id": "jenkins-2-plugins-0:3.7.1502412812-1.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jenkins-2-plugins@3.7.1502412812-1.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "rubygem-cool.io-doc-0:1.5.1-1.el7.noarch",
                "product": {
                  "name": "rubygem-cool.io-doc-0:1.5.1-1.el7.noarch",
                  "product_id": "rubygem-cool.io-doc-0:1.5.1-1.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/rubygem-cool.io-doc@1.5.1-1.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "rubygem-excon-0:0.58.0-1.el7.noarch",
                "product": {
                  "name": "rubygem-excon-0:0.58.0-1.el7.noarch",
                  "product_id": "rubygem-excon-0:0.58.0-1.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/rubygem-excon@0.58.0-1.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "rubygem-excon-doc-0:0.58.0-1.el7.noarch",
                "product": {
                  "name": "rubygem-excon-doc-0:0.58.0-1.el7.noarch",
                  "product_id": "rubygem-excon-doc-0:0.58.0-1.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/rubygem-excon-doc@0.58.0-1.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "rubygem-faraday-doc-0:0.13.0-1.el7.noarch",
                "product": {
                  "name": "rubygem-faraday-doc-0:0.13.0-1.el7.noarch",
                  "product_id": "rubygem-faraday-doc-0:0.13.0-1.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/rubygem-faraday-doc@0.13.0-1.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "rubygem-faraday-0:0.13.0-1.el7.noarch",
                "product": {
                  "name": "rubygem-faraday-0:0.13.0-1.el7.noarch",
                  "product_id": "rubygem-faraday-0:0.13.0-1.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/rubygem-faraday@0.13.0-1.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "rubygem-fluent-plugin-kubernetes_metadata_filter-0:0.29.0-1.el7.noarch",
                "product": {
                  "name": "rubygem-fluent-plugin-kubernetes_metadata_filter-0:0.29.0-1.el7.noarch",
                  "product_id": "rubygem-fluent-plugin-kubernetes_metadata_filter-0:0.29.0-1.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/rubygem-fluent-plugin-kubernetes_metadata_filter@0.29.0-1.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "rubygem-fluent-plugin-kubernetes_metadata_filter-doc-0:0.29.0-1.el7.noarch",
                "product": {
                  "name": "rubygem-fluent-plugin-kubernetes_metadata_filter-doc-0:0.29.0-1.el7.noarch",
                  "product_id": "rubygem-fluent-plugin-kubernetes_metadata_filter-doc-0:0.29.0-1.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/rubygem-fluent-plugin-kubernetes_metadata_filter-doc@0.29.0-1.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "rubygem-fluent-plugin-viaq_data_model-0:0.0.5-1.el7.noarch",
                "product": {
                  "name": "rubygem-fluent-plugin-viaq_data_model-0:0.0.5-1.el7.noarch",
                  "product_id": "rubygem-fluent-plugin-viaq_data_model-0:0.0.5-1.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/rubygem-fluent-plugin-viaq_data_model@0.0.5-1.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "rubygem-fluent-plugin-viaq_data_model-doc-0:0.0.5-1.el7.noarch",
                "product": {
                  "name": "rubygem-fluent-plugin-viaq_data_model-doc-0:0.0.5-1.el7.noarch",
                  "product_id": "rubygem-fluent-plugin-viaq_data_model-doc-0:0.0.5-1.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/rubygem-fluent-plugin-viaq_data_model-doc@0.0.5-1.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "rubygem-i18n-doc-0:0.8.6-1.el7.noarch",
                "product": {
                  "name": "rubygem-i18n-doc-0:0.8.6-1.el7.noarch",
                  "product_id": "rubygem-i18n-doc-0:0.8.6-1.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/rubygem-i18n-doc@0.8.6-1.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "rubygem-i18n-0:0.8.6-1.el7.noarch",
                "product": {
                  "name": "rubygem-i18n-0:0.8.6-1.el7.noarch",
                  "product_id": "rubygem-i18n-0:0.8.6-1.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/rubygem-i18n@0.8.6-1.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "rubygem-systemd-journal-doc-0:1.3.0-1.el7.noarch",
                "product": {
                  "name": "rubygem-systemd-journal-doc-0:1.3.0-1.el7.noarch",
                  "product_id": "rubygem-systemd-journal-doc-0:1.3.0-1.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/rubygem-systemd-journal-doc@1.3.0-1.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "rubygem-systemd-journal-0:1.3.0-1.el7.noarch",
                "product": {
                  "name": "rubygem-systemd-journal-0:1.3.0-1.el7.noarch",
                  "product_id": "rubygem-systemd-journal-0:1.3.0-1.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/rubygem-systemd-journal@1.3.0-1.el7?arch=noarch"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "noarch"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "atomic-openshift-0:3.6.173.0.21-1.git.0.f95b0e7.el7.src",
                "product": {
                  "name": "atomic-openshift-0:3.6.173.0.21-1.git.0.f95b0e7.el7.src",
                  "product_id": "atomic-openshift-0:3.6.173.0.21-1.git.0.f95b0e7.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/atomic-openshift@3.6.173.0.21-1.git.0.f95b0e7.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "fluentd-0:0.12.39-2.el7.src",
                "product": {
                  "name": "fluentd-0:0.12.39-2.el7.src",
                  "product_id": "fluentd-0:0.12.39-2.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/fluentd@0.12.39-2.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jenkins-2-plugins-0:3.7.1502412812-1.el7.src",
                "product": {
                  "name": "jenkins-2-plugins-0:3.7.1502412812-1.el7.src",
                  "product_id": "jenkins-2-plugins-0:3.7.1502412812-1.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jenkins-2-plugins@3.7.1502412812-1.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "kibana-0:4.6.4-3.el7.src",
                "product": {
                  "name": "kibana-0:4.6.4-3.el7.src",
                  "product_id": "kibana-0:4.6.4-3.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/kibana@4.6.4-3.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "rubygem-cool.io-0:1.5.1-1.el7.src",
                "product": {
                  "name": "rubygem-cool.io-0:1.5.1-1.el7.src",
                  "product_id": "rubygem-cool.io-0:1.5.1-1.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/rubygem-cool.io@1.5.1-1.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "rubygem-excon-0:0.58.0-1.el7.src",
                "product": {
                  "name": "rubygem-excon-0:0.58.0-1.el7.src",
                  "product_id": "rubygem-excon-0:0.58.0-1.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/rubygem-excon@0.58.0-1.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "rubygem-faraday-0:0.13.0-1.el7.src",
                "product": {
                  "name": "rubygem-faraday-0:0.13.0-1.el7.src",
                  "product_id": "rubygem-faraday-0:0.13.0-1.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/rubygem-faraday@0.13.0-1.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "rubygem-fluent-plugin-kubernetes_metadata_filter-0:0.29.0-1.el7.src",
                "product": {
                  "name": "rubygem-fluent-plugin-kubernetes_metadata_filter-0:0.29.0-1.el7.src",
                  "product_id": "rubygem-fluent-plugin-kubernetes_metadata_filter-0:0.29.0-1.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/rubygem-fluent-plugin-kubernetes_metadata_filter@0.29.0-1.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "rubygem-fluent-plugin-viaq_data_model-0:0.0.5-1.el7.src",
                "product": {
                  "name": "rubygem-fluent-plugin-viaq_data_model-0:0.0.5-1.el7.src",
                  "product_id": "rubygem-fluent-plugin-viaq_data_model-0:0.0.5-1.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/rubygem-fluent-plugin-viaq_data_model@0.0.5-1.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "rubygem-i18n-0:0.8.6-1.el7.src",
                "product": {
                  "name": "rubygem-i18n-0:0.8.6-1.el7.src",
                  "product_id": "rubygem-i18n-0:0.8.6-1.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/rubygem-i18n@0.8.6-1.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "rubygem-systemd-journal-0:1.3.0-1.el7.src",
                "product": {
                  "name": "rubygem-systemd-journal-0:1.3.0-1.el7.src",
                  "product_id": "rubygem-systemd-journal-0:1.3.0-1.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/rubygem-systemd-journal@1.3.0-1.el7?arch=src"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "src"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "atomic-openshift-0:3.6.173.0.21-1.git.0.f95b0e7.el7.src as a component of Red Hat OpenShift Container Platform 3.6",
          "product_id": "7Server-RH7-RHOSE-3.6:atomic-openshift-0:3.6.173.0.21-1.git.0.f95b0e7.el7.src"
        },
        "product_reference": "atomic-openshift-0:3.6.173.0.21-1.git.0.f95b0e7.el7.src",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "atomic-openshift-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.6",
          "product_id": "7Server-RH7-RHOSE-3.6:atomic-openshift-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64"
        },
        "product_reference": "atomic-openshift-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "atomic-openshift-clients-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.6",
          "product_id": "7Server-RH7-RHOSE-3.6:atomic-openshift-clients-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64"
        },
        "product_reference": "atomic-openshift-clients-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "atomic-openshift-clients-redistributable-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.6",
          "product_id": "7Server-RH7-RHOSE-3.6:atomic-openshift-clients-redistributable-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64"
        },
        "product_reference": "atomic-openshift-clients-redistributable-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "atomic-openshift-cluster-capacity-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.6",
          "product_id": "7Server-RH7-RHOSE-3.6:atomic-openshift-cluster-capacity-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64"
        },
        "product_reference": "atomic-openshift-cluster-capacity-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "atomic-openshift-docker-excluder-0:3.6.173.0.21-1.git.0.f95b0e7.el7.noarch as a component of Red Hat OpenShift Container Platform 3.6",
          "product_id": "7Server-RH7-RHOSE-3.6:atomic-openshift-docker-excluder-0:3.6.173.0.21-1.git.0.f95b0e7.el7.noarch"
        },
        "product_reference": "atomic-openshift-docker-excluder-0:3.6.173.0.21-1.git.0.f95b0e7.el7.noarch",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "atomic-openshift-dockerregistry-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.6",
          "product_id": "7Server-RH7-RHOSE-3.6:atomic-openshift-dockerregistry-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64"
        },
        "product_reference": "atomic-openshift-dockerregistry-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "atomic-openshift-excluder-0:3.6.173.0.21-1.git.0.f95b0e7.el7.noarch as a component of Red Hat OpenShift Container Platform 3.6",
          "product_id": "7Server-RH7-RHOSE-3.6:atomic-openshift-excluder-0:3.6.173.0.21-1.git.0.f95b0e7.el7.noarch"
        },
        "product_reference": "atomic-openshift-excluder-0:3.6.173.0.21-1.git.0.f95b0e7.el7.noarch",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "atomic-openshift-federation-services-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.6",
          "product_id": "7Server-RH7-RHOSE-3.6:atomic-openshift-federation-services-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64"
        },
        "product_reference": "atomic-openshift-federation-services-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "atomic-openshift-master-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.6",
          "product_id": "7Server-RH7-RHOSE-3.6:atomic-openshift-master-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64"
        },
        "product_reference": "atomic-openshift-master-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "atomic-openshift-node-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.6",
          "product_id": "7Server-RH7-RHOSE-3.6:atomic-openshift-node-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64"
        },
        "product_reference": "atomic-openshift-node-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "atomic-openshift-pod-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.6",
          "product_id": "7Server-RH7-RHOSE-3.6:atomic-openshift-pod-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64"
        },
        "product_reference": "atomic-openshift-pod-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "atomic-openshift-sdn-ovs-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.6",
          "product_id": "7Server-RH7-RHOSE-3.6:atomic-openshift-sdn-ovs-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64"
        },
        "product_reference": "atomic-openshift-sdn-ovs-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "atomic-openshift-service-catalog-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.6",
          "product_id": "7Server-RH7-RHOSE-3.6:atomic-openshift-service-catalog-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64"
        },
        "product_reference": "atomic-openshift-service-catalog-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "atomic-openshift-tests-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.6",
          "product_id": "7Server-RH7-RHOSE-3.6:atomic-openshift-tests-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64"
        },
        "product_reference": "atomic-openshift-tests-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "fluentd-0:0.12.39-2.el7.noarch as a component of Red Hat OpenShift Container Platform 3.6",
          "product_id": "7Server-RH7-RHOSE-3.6:fluentd-0:0.12.39-2.el7.noarch"
        },
        "product_reference": "fluentd-0:0.12.39-2.el7.noarch",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "fluentd-0:0.12.39-2.el7.src as a component of Red Hat OpenShift Container Platform 3.6",
          "product_id": "7Server-RH7-RHOSE-3.6:fluentd-0:0.12.39-2.el7.src"
        },
        "product_reference": "fluentd-0:0.12.39-2.el7.src",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "fluentd-doc-0:0.12.39-2.el7.noarch as a component of Red Hat OpenShift Container Platform 3.6",
          "product_id": "7Server-RH7-RHOSE-3.6:fluentd-doc-0:0.12.39-2.el7.noarch"
        },
        "product_reference": "fluentd-doc-0:0.12.39-2.el7.noarch",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jenkins-2-plugins-0:3.7.1502412812-1.el7.noarch as a component of Red Hat OpenShift Container Platform 3.6",
          "product_id": "7Server-RH7-RHOSE-3.6:jenkins-2-plugins-0:3.7.1502412812-1.el7.noarch"
        },
        "product_reference": "jenkins-2-plugins-0:3.7.1502412812-1.el7.noarch",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jenkins-2-plugins-0:3.7.1502412812-1.el7.src as a component of Red Hat OpenShift Container Platform 3.6",
          "product_id": "7Server-RH7-RHOSE-3.6:jenkins-2-plugins-0:3.7.1502412812-1.el7.src"
        },
        "product_reference": "jenkins-2-plugins-0:3.7.1502412812-1.el7.src",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kibana-0:4.6.4-3.el7.src as a component of Red Hat OpenShift Container Platform 3.6",
          "product_id": "7Server-RH7-RHOSE-3.6:kibana-0:4.6.4-3.el7.src"
        },
        "product_reference": "kibana-0:4.6.4-3.el7.src",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kibana-0:4.6.4-3.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.6",
          "product_id": "7Server-RH7-RHOSE-3.6:kibana-0:4.6.4-3.el7.x86_64"
        },
        "product_reference": "kibana-0:4.6.4-3.el7.x86_64",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kibana-debuginfo-0:4.6.4-3.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.6",
          "product_id": "7Server-RH7-RHOSE-3.6:kibana-debuginfo-0:4.6.4-3.el7.x86_64"
        },
        "product_reference": "kibana-debuginfo-0:4.6.4-3.el7.x86_64",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rubygem-cool.io-0:1.5.1-1.el7.src as a component of Red Hat OpenShift Container Platform 3.6",
          "product_id": "7Server-RH7-RHOSE-3.6:rubygem-cool.io-0:1.5.1-1.el7.src"
        },
        "product_reference": "rubygem-cool.io-0:1.5.1-1.el7.src",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rubygem-cool.io-0:1.5.1-1.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.6",
          "product_id": "7Server-RH7-RHOSE-3.6:rubygem-cool.io-0:1.5.1-1.el7.x86_64"
        },
        "product_reference": "rubygem-cool.io-0:1.5.1-1.el7.x86_64",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rubygem-cool.io-debuginfo-0:1.5.1-1.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.6",
          "product_id": "7Server-RH7-RHOSE-3.6:rubygem-cool.io-debuginfo-0:1.5.1-1.el7.x86_64"
        },
        "product_reference": "rubygem-cool.io-debuginfo-0:1.5.1-1.el7.x86_64",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rubygem-cool.io-doc-0:1.5.1-1.el7.noarch as a component of Red Hat OpenShift Container Platform 3.6",
          "product_id": "7Server-RH7-RHOSE-3.6:rubygem-cool.io-doc-0:1.5.1-1.el7.noarch"
        },
        "product_reference": "rubygem-cool.io-doc-0:1.5.1-1.el7.noarch",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rubygem-excon-0:0.58.0-1.el7.noarch as a component of Red Hat OpenShift Container Platform 3.6",
          "product_id": "7Server-RH7-RHOSE-3.6:rubygem-excon-0:0.58.0-1.el7.noarch"
        },
        "product_reference": "rubygem-excon-0:0.58.0-1.el7.noarch",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rubygem-excon-0:0.58.0-1.el7.src as a component of Red Hat OpenShift Container Platform 3.6",
          "product_id": "7Server-RH7-RHOSE-3.6:rubygem-excon-0:0.58.0-1.el7.src"
        },
        "product_reference": "rubygem-excon-0:0.58.0-1.el7.src",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rubygem-excon-doc-0:0.58.0-1.el7.noarch as a component of Red Hat OpenShift Container Platform 3.6",
          "product_id": "7Server-RH7-RHOSE-3.6:rubygem-excon-doc-0:0.58.0-1.el7.noarch"
        },
        "product_reference": "rubygem-excon-doc-0:0.58.0-1.el7.noarch",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rubygem-faraday-0:0.13.0-1.el7.noarch as a component of Red Hat OpenShift Container Platform 3.6",
          "product_id": "7Server-RH7-RHOSE-3.6:rubygem-faraday-0:0.13.0-1.el7.noarch"
        },
        "product_reference": "rubygem-faraday-0:0.13.0-1.el7.noarch",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rubygem-faraday-0:0.13.0-1.el7.src as a component of Red Hat OpenShift Container Platform 3.6",
          "product_id": "7Server-RH7-RHOSE-3.6:rubygem-faraday-0:0.13.0-1.el7.src"
        },
        "product_reference": "rubygem-faraday-0:0.13.0-1.el7.src",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rubygem-faraday-doc-0:0.13.0-1.el7.noarch as a component of Red Hat OpenShift Container Platform 3.6",
          "product_id": "7Server-RH7-RHOSE-3.6:rubygem-faraday-doc-0:0.13.0-1.el7.noarch"
        },
        "product_reference": "rubygem-faraday-doc-0:0.13.0-1.el7.noarch",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rubygem-fluent-plugin-kubernetes_metadata_filter-0:0.29.0-1.el7.noarch as a component of Red Hat OpenShift Container Platform 3.6",
          "product_id": "7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-kubernetes_metadata_filter-0:0.29.0-1.el7.noarch"
        },
        "product_reference": "rubygem-fluent-plugin-kubernetes_metadata_filter-0:0.29.0-1.el7.noarch",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rubygem-fluent-plugin-kubernetes_metadata_filter-0:0.29.0-1.el7.src as a component of Red Hat OpenShift Container Platform 3.6",
          "product_id": "7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-kubernetes_metadata_filter-0:0.29.0-1.el7.src"
        },
        "product_reference": "rubygem-fluent-plugin-kubernetes_metadata_filter-0:0.29.0-1.el7.src",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rubygem-fluent-plugin-kubernetes_metadata_filter-doc-0:0.29.0-1.el7.noarch as a component of Red Hat OpenShift Container Platform 3.6",
          "product_id": "7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-kubernetes_metadata_filter-doc-0:0.29.0-1.el7.noarch"
        },
        "product_reference": "rubygem-fluent-plugin-kubernetes_metadata_filter-doc-0:0.29.0-1.el7.noarch",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rubygem-fluent-plugin-viaq_data_model-0:0.0.5-1.el7.noarch as a component of Red Hat OpenShift Container Platform 3.6",
          "product_id": "7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-viaq_data_model-0:0.0.5-1.el7.noarch"
        },
        "product_reference": "rubygem-fluent-plugin-viaq_data_model-0:0.0.5-1.el7.noarch",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rubygem-fluent-plugin-viaq_data_model-0:0.0.5-1.el7.src as a component of Red Hat OpenShift Container Platform 3.6",
          "product_id": "7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-viaq_data_model-0:0.0.5-1.el7.src"
        },
        "product_reference": "rubygem-fluent-plugin-viaq_data_model-0:0.0.5-1.el7.src",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rubygem-fluent-plugin-viaq_data_model-doc-0:0.0.5-1.el7.noarch as a component of Red Hat OpenShift Container Platform 3.6",
          "product_id": "7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-viaq_data_model-doc-0:0.0.5-1.el7.noarch"
        },
        "product_reference": "rubygem-fluent-plugin-viaq_data_model-doc-0:0.0.5-1.el7.noarch",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rubygem-i18n-0:0.8.6-1.el7.noarch as a component of Red Hat OpenShift Container Platform 3.6",
          "product_id": "7Server-RH7-RHOSE-3.6:rubygem-i18n-0:0.8.6-1.el7.noarch"
        },
        "product_reference": "rubygem-i18n-0:0.8.6-1.el7.noarch",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rubygem-i18n-0:0.8.6-1.el7.src as a component of Red Hat OpenShift Container Platform 3.6",
          "product_id": "7Server-RH7-RHOSE-3.6:rubygem-i18n-0:0.8.6-1.el7.src"
        },
        "product_reference": "rubygem-i18n-0:0.8.6-1.el7.src",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rubygem-i18n-doc-0:0.8.6-1.el7.noarch as a component of Red Hat OpenShift Container Platform 3.6",
          "product_id": "7Server-RH7-RHOSE-3.6:rubygem-i18n-doc-0:0.8.6-1.el7.noarch"
        },
        "product_reference": "rubygem-i18n-doc-0:0.8.6-1.el7.noarch",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rubygem-systemd-journal-0:1.3.0-1.el7.noarch as a component of Red Hat OpenShift Container Platform 3.6",
          "product_id": "7Server-RH7-RHOSE-3.6:rubygem-systemd-journal-0:1.3.0-1.el7.noarch"
        },
        "product_reference": "rubygem-systemd-journal-0:1.3.0-1.el7.noarch",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rubygem-systemd-journal-0:1.3.0-1.el7.src as a component of Red Hat OpenShift Container Platform 3.6",
          "product_id": "7Server-RH7-RHOSE-3.6:rubygem-systemd-journal-0:1.3.0-1.el7.src"
        },
        "product_reference": "rubygem-systemd-journal-0:1.3.0-1.el7.src",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rubygem-systemd-journal-doc-0:1.3.0-1.el7.noarch as a component of Red Hat OpenShift Container Platform 3.6",
          "product_id": "7Server-RH7-RHOSE-3.6:rubygem-systemd-journal-doc-0:1.3.0-1.el7.noarch"
        },
        "product_reference": "rubygem-systemd-journal-doc-0:1.3.0-1.el7.noarch",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tuned-profiles-atomic-openshift-node-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64 as a component of Red Hat OpenShift Container Platform 3.6",
          "product_id": "7Server-RH7-RHOSE-3.6:tuned-profiles-atomic-openshift-node-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64"
        },
        "product_reference": "tuned-profiles-atomic-openshift-node-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
        "relates_to_product_reference": "7Server-RH7-RHOSE-3.6"
      }
    ]
  },
  "vulnerabilities": [
    {
      "acknowledgments": [
        {
          "names": [
            "the Jenkins project"
          ]
        },
        {
          "names": [
            "Jesse Glick"
          ],
          "organization": "CloudBees",
          "summary": "Acknowledged by upstream."
        }
      ],
      "cve": "CVE-2017-1000085",
      "cwe": {
        "id": "CWE-352",
        "name": "Cross-Site Request Forgery (CSRF)"
      },
      "discovery_date": "2017-07-07T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1471046"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "Subversion Plugin improperly checked permissions, requiring just Item/Build instead of Item/Configure when used. This allows a user to specify an attacker-controlled Subversion server which can then be used to collect credentials used by the Subversion plugin.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "jenkins-plugin-subversion: CSRF vulnerability and insufficient permission checks allow capturing credentials (SECURITY-303)",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This issue affects the versions of jenkins-plugin-subversion as shipped with Red Hat OpenShift Enterprise 3. Red Hat Product Security has rated this issue as having Low security impact. A future update may address this issue. For additional information, refer to the Issue Severity Classification: https://access.redhat.com/security/updates/classification/.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "7Server-RH7-RHOSE-3.6:atomic-openshift-0:3.6.173.0.21-1.git.0.f95b0e7.el7.src",
          "7Server-RH7-RHOSE-3.6:atomic-openshift-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
          "7Server-RH7-RHOSE-3.6:atomic-openshift-clients-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
          "7Server-RH7-RHOSE-3.6:atomic-openshift-clients-redistributable-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
          "7Server-RH7-RHOSE-3.6:atomic-openshift-cluster-capacity-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
          "7Server-RH7-RHOSE-3.6:atomic-openshift-docker-excluder-0:3.6.173.0.21-1.git.0.f95b0e7.el7.noarch",
          "7Server-RH7-RHOSE-3.6:atomic-openshift-dockerregistry-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
          "7Server-RH7-RHOSE-3.6:atomic-openshift-excluder-0:3.6.173.0.21-1.git.0.f95b0e7.el7.noarch",
          "7Server-RH7-RHOSE-3.6:atomic-openshift-federation-services-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
          "7Server-RH7-RHOSE-3.6:atomic-openshift-master-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
          "7Server-RH7-RHOSE-3.6:atomic-openshift-node-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
          "7Server-RH7-RHOSE-3.6:atomic-openshift-pod-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
          "7Server-RH7-RHOSE-3.6:atomic-openshift-sdn-ovs-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
          "7Server-RH7-RHOSE-3.6:atomic-openshift-service-catalog-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
          "7Server-RH7-RHOSE-3.6:atomic-openshift-tests-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
          "7Server-RH7-RHOSE-3.6:fluentd-0:0.12.39-2.el7.noarch",
          "7Server-RH7-RHOSE-3.6:fluentd-0:0.12.39-2.el7.src",
          "7Server-RH7-RHOSE-3.6:fluentd-doc-0:0.12.39-2.el7.noarch",
          "7Server-RH7-RHOSE-3.6:jenkins-2-plugins-0:3.7.1502412812-1.el7.noarch",
          "7Server-RH7-RHOSE-3.6:jenkins-2-plugins-0:3.7.1502412812-1.el7.src",
          "7Server-RH7-RHOSE-3.6:kibana-0:4.6.4-3.el7.src",
          "7Server-RH7-RHOSE-3.6:kibana-0:4.6.4-3.el7.x86_64",
          "7Server-RH7-RHOSE-3.6:kibana-debuginfo-0:4.6.4-3.el7.x86_64",
          "7Server-RH7-RHOSE-3.6:rubygem-cool.io-0:1.5.1-1.el7.src",
          "7Server-RH7-RHOSE-3.6:rubygem-cool.io-0:1.5.1-1.el7.x86_64",
          "7Server-RH7-RHOSE-3.6:rubygem-cool.io-debuginfo-0:1.5.1-1.el7.x86_64",
          "7Server-RH7-RHOSE-3.6:rubygem-cool.io-doc-0:1.5.1-1.el7.noarch",
          "7Server-RH7-RHOSE-3.6:rubygem-excon-0:0.58.0-1.el7.noarch",
          "7Server-RH7-RHOSE-3.6:rubygem-excon-0:0.58.0-1.el7.src",
          "7Server-RH7-RHOSE-3.6:rubygem-excon-doc-0:0.58.0-1.el7.noarch",
          "7Server-RH7-RHOSE-3.6:rubygem-faraday-0:0.13.0-1.el7.noarch",
          "7Server-RH7-RHOSE-3.6:rubygem-faraday-0:0.13.0-1.el7.src",
          "7Server-RH7-RHOSE-3.6:rubygem-faraday-doc-0:0.13.0-1.el7.noarch",
          "7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-kubernetes_metadata_filter-0:0.29.0-1.el7.noarch",
          "7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-kubernetes_metadata_filter-0:0.29.0-1.el7.src",
          "7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-kubernetes_metadata_filter-doc-0:0.29.0-1.el7.noarch",
          "7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-viaq_data_model-0:0.0.5-1.el7.noarch",
          "7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-viaq_data_model-0:0.0.5-1.el7.src",
          "7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-viaq_data_model-doc-0:0.0.5-1.el7.noarch",
          "7Server-RH7-RHOSE-3.6:rubygem-i18n-0:0.8.6-1.el7.noarch",
          "7Server-RH7-RHOSE-3.6:rubygem-i18n-0:0.8.6-1.el7.src",
          "7Server-RH7-RHOSE-3.6:rubygem-i18n-doc-0:0.8.6-1.el7.noarch",
          "7Server-RH7-RHOSE-3.6:rubygem-systemd-journal-0:1.3.0-1.el7.noarch",
          "7Server-RH7-RHOSE-3.6:rubygem-systemd-journal-0:1.3.0-1.el7.src",
          "7Server-RH7-RHOSE-3.6:rubygem-systemd-journal-doc-0:1.3.0-1.el7.noarch",
          "7Server-RH7-RHOSE-3.6:tuned-profiles-atomic-openshift-node-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2017-1000085"
        },
        {
          "category": "external",
          "summary": "RHBZ#1471046",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1471046"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2017-1000085",
          "url": "https://www.cve.org/CVERecord?id=CVE-2017-1000085"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-1000085",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-1000085"
        },
        {
          "category": "external",
          "summary": "https://jenkins.io/security/advisory/2017-07-10/",
          "url": "https://jenkins.io/security/advisory/2017-07-10/"
        }
      ],
      "release_date": "2017-07-10T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2017-09-08T03:14:52+00:00",
          "details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor OpenShift Container Platform 3.5, see the following documentation, which will be updated shortly for release 3.5.5.31, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/3.5/release_notes/ocp_3_5_release_notes.html\n\nFor OpenShift Container Platform 3.4, see the following documentation, which will be updated shortly for release 3.4.1.44, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/3.4/release_notes/ocp_3_4_release_notes.html\n\nThis update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/articles/11258.",
          "product_ids": [
            "7Server-RH7-RHOSE-3.6:atomic-openshift-0:3.6.173.0.21-1.git.0.f95b0e7.el7.src",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-clients-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-clients-redistributable-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-cluster-capacity-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-docker-excluder-0:3.6.173.0.21-1.git.0.f95b0e7.el7.noarch",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-dockerregistry-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-excluder-0:3.6.173.0.21-1.git.0.f95b0e7.el7.noarch",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-federation-services-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-master-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-node-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-pod-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-sdn-ovs-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-service-catalog-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-tests-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:fluentd-0:0.12.39-2.el7.noarch",
            "7Server-RH7-RHOSE-3.6:fluentd-0:0.12.39-2.el7.src",
            "7Server-RH7-RHOSE-3.6:fluentd-doc-0:0.12.39-2.el7.noarch",
            "7Server-RH7-RHOSE-3.6:jenkins-2-plugins-0:3.7.1502412812-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:jenkins-2-plugins-0:3.7.1502412812-1.el7.src",
            "7Server-RH7-RHOSE-3.6:kibana-0:4.6.4-3.el7.src",
            "7Server-RH7-RHOSE-3.6:kibana-0:4.6.4-3.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:kibana-debuginfo-0:4.6.4-3.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:rubygem-cool.io-0:1.5.1-1.el7.src",
            "7Server-RH7-RHOSE-3.6:rubygem-cool.io-0:1.5.1-1.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:rubygem-cool.io-debuginfo-0:1.5.1-1.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:rubygem-cool.io-doc-0:1.5.1-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:rubygem-excon-0:0.58.0-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:rubygem-excon-0:0.58.0-1.el7.src",
            "7Server-RH7-RHOSE-3.6:rubygem-excon-doc-0:0.58.0-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:rubygem-faraday-0:0.13.0-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:rubygem-faraday-0:0.13.0-1.el7.src",
            "7Server-RH7-RHOSE-3.6:rubygem-faraday-doc-0:0.13.0-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-kubernetes_metadata_filter-0:0.29.0-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-kubernetes_metadata_filter-0:0.29.0-1.el7.src",
            "7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-kubernetes_metadata_filter-doc-0:0.29.0-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-viaq_data_model-0:0.0.5-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-viaq_data_model-0:0.0.5-1.el7.src",
            "7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-viaq_data_model-doc-0:0.0.5-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:rubygem-i18n-0:0.8.6-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:rubygem-i18n-0:0.8.6-1.el7.src",
            "7Server-RH7-RHOSE-3.6:rubygem-i18n-doc-0:0.8.6-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:rubygem-systemd-journal-0:1.3.0-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:rubygem-systemd-journal-0:1.3.0-1.el7.src",
            "7Server-RH7-RHOSE-3.6:rubygem-systemd-journal-doc-0:1.3.0-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:tuned-profiles-atomic-openshift-node-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHBA-2017:2642"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 3.1,
            "baseSeverity": "LOW",
            "confidentialityImpact": "LOW",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N",
            "version": "3.0"
          },
          "products": [
            "7Server-RH7-RHOSE-3.6:atomic-openshift-0:3.6.173.0.21-1.git.0.f95b0e7.el7.src",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-clients-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-clients-redistributable-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-cluster-capacity-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-docker-excluder-0:3.6.173.0.21-1.git.0.f95b0e7.el7.noarch",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-dockerregistry-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-excluder-0:3.6.173.0.21-1.git.0.f95b0e7.el7.noarch",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-federation-services-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-master-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-node-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-pod-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-sdn-ovs-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-service-catalog-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-tests-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:fluentd-0:0.12.39-2.el7.noarch",
            "7Server-RH7-RHOSE-3.6:fluentd-0:0.12.39-2.el7.src",
            "7Server-RH7-RHOSE-3.6:fluentd-doc-0:0.12.39-2.el7.noarch",
            "7Server-RH7-RHOSE-3.6:jenkins-2-plugins-0:3.7.1502412812-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:jenkins-2-plugins-0:3.7.1502412812-1.el7.src",
            "7Server-RH7-RHOSE-3.6:kibana-0:4.6.4-3.el7.src",
            "7Server-RH7-RHOSE-3.6:kibana-0:4.6.4-3.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:kibana-debuginfo-0:4.6.4-3.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:rubygem-cool.io-0:1.5.1-1.el7.src",
            "7Server-RH7-RHOSE-3.6:rubygem-cool.io-0:1.5.1-1.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:rubygem-cool.io-debuginfo-0:1.5.1-1.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:rubygem-cool.io-doc-0:1.5.1-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:rubygem-excon-0:0.58.0-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:rubygem-excon-0:0.58.0-1.el7.src",
            "7Server-RH7-RHOSE-3.6:rubygem-excon-doc-0:0.58.0-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:rubygem-faraday-0:0.13.0-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:rubygem-faraday-0:0.13.0-1.el7.src",
            "7Server-RH7-RHOSE-3.6:rubygem-faraday-doc-0:0.13.0-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-kubernetes_metadata_filter-0:0.29.0-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-kubernetes_metadata_filter-0:0.29.0-1.el7.src",
            "7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-kubernetes_metadata_filter-doc-0:0.29.0-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-viaq_data_model-0:0.0.5-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-viaq_data_model-0:0.0.5-1.el7.src",
            "7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-viaq_data_model-doc-0:0.0.5-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:rubygem-i18n-0:0.8.6-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:rubygem-i18n-0:0.8.6-1.el7.src",
            "7Server-RH7-RHOSE-3.6:rubygem-i18n-doc-0:0.8.6-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:rubygem-systemd-journal-0:1.3.0-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:rubygem-systemd-journal-0:1.3.0-1.el7.src",
            "7Server-RH7-RHOSE-3.6:rubygem-systemd-journal-doc-0:1.3.0-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:tuned-profiles-atomic-openshift-node-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Low"
        }
      ],
      "title": "jenkins-plugin-subversion: CSRF vulnerability and insufficient permission checks allow capturing credentials (SECURITY-303)"
    },
    {
      "acknowledgments": [
        {
          "names": [
            "the Jenkins project"
          ]
        }
      ],
      "cve": "CVE-2017-1000089",
      "cwe": {
        "id": "CWE-287",
        "name": "Improper Authentication"
      },
      "discovery_date": "2017-07-07T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1471050"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "The jenkins-plugin-pipeline-build-step fails to check permissions correctly allowing attackers with access to it to specify the triggering of any other project in Jenkins. This potentially gives an attacker access to projects they should not have access to.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "jenkins-plugin-pipeline-build-step: Missing check of Item/Build permission (SECURITY-433)",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This issue affects the versions of jenkins-plugin-pipeline-build-step as shipped with Red Hat OpenShift Enterprise 3. Red Hat Product Security has rated this issue as having Low security impact. A future update may address this issue. For additional information, refer to the Issue Severity Classification: https://access.redhat.com/security/updates/classification/.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "7Server-RH7-RHOSE-3.6:atomic-openshift-0:3.6.173.0.21-1.git.0.f95b0e7.el7.src",
          "7Server-RH7-RHOSE-3.6:atomic-openshift-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
          "7Server-RH7-RHOSE-3.6:atomic-openshift-clients-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
          "7Server-RH7-RHOSE-3.6:atomic-openshift-clients-redistributable-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
          "7Server-RH7-RHOSE-3.6:atomic-openshift-cluster-capacity-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
          "7Server-RH7-RHOSE-3.6:atomic-openshift-docker-excluder-0:3.6.173.0.21-1.git.0.f95b0e7.el7.noarch",
          "7Server-RH7-RHOSE-3.6:atomic-openshift-dockerregistry-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
          "7Server-RH7-RHOSE-3.6:atomic-openshift-excluder-0:3.6.173.0.21-1.git.0.f95b0e7.el7.noarch",
          "7Server-RH7-RHOSE-3.6:atomic-openshift-federation-services-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
          "7Server-RH7-RHOSE-3.6:atomic-openshift-master-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
          "7Server-RH7-RHOSE-3.6:atomic-openshift-node-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
          "7Server-RH7-RHOSE-3.6:atomic-openshift-pod-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
          "7Server-RH7-RHOSE-3.6:atomic-openshift-sdn-ovs-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
          "7Server-RH7-RHOSE-3.6:atomic-openshift-service-catalog-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
          "7Server-RH7-RHOSE-3.6:atomic-openshift-tests-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
          "7Server-RH7-RHOSE-3.6:fluentd-0:0.12.39-2.el7.noarch",
          "7Server-RH7-RHOSE-3.6:fluentd-0:0.12.39-2.el7.src",
          "7Server-RH7-RHOSE-3.6:fluentd-doc-0:0.12.39-2.el7.noarch",
          "7Server-RH7-RHOSE-3.6:jenkins-2-plugins-0:3.7.1502412812-1.el7.noarch",
          "7Server-RH7-RHOSE-3.6:jenkins-2-plugins-0:3.7.1502412812-1.el7.src",
          "7Server-RH7-RHOSE-3.6:kibana-0:4.6.4-3.el7.src",
          "7Server-RH7-RHOSE-3.6:kibana-0:4.6.4-3.el7.x86_64",
          "7Server-RH7-RHOSE-3.6:kibana-debuginfo-0:4.6.4-3.el7.x86_64",
          "7Server-RH7-RHOSE-3.6:rubygem-cool.io-0:1.5.1-1.el7.src",
          "7Server-RH7-RHOSE-3.6:rubygem-cool.io-0:1.5.1-1.el7.x86_64",
          "7Server-RH7-RHOSE-3.6:rubygem-cool.io-debuginfo-0:1.5.1-1.el7.x86_64",
          "7Server-RH7-RHOSE-3.6:rubygem-cool.io-doc-0:1.5.1-1.el7.noarch",
          "7Server-RH7-RHOSE-3.6:rubygem-excon-0:0.58.0-1.el7.noarch",
          "7Server-RH7-RHOSE-3.6:rubygem-excon-0:0.58.0-1.el7.src",
          "7Server-RH7-RHOSE-3.6:rubygem-excon-doc-0:0.58.0-1.el7.noarch",
          "7Server-RH7-RHOSE-3.6:rubygem-faraday-0:0.13.0-1.el7.noarch",
          "7Server-RH7-RHOSE-3.6:rubygem-faraday-0:0.13.0-1.el7.src",
          "7Server-RH7-RHOSE-3.6:rubygem-faraday-doc-0:0.13.0-1.el7.noarch",
          "7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-kubernetes_metadata_filter-0:0.29.0-1.el7.noarch",
          "7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-kubernetes_metadata_filter-0:0.29.0-1.el7.src",
          "7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-kubernetes_metadata_filter-doc-0:0.29.0-1.el7.noarch",
          "7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-viaq_data_model-0:0.0.5-1.el7.noarch",
          "7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-viaq_data_model-0:0.0.5-1.el7.src",
          "7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-viaq_data_model-doc-0:0.0.5-1.el7.noarch",
          "7Server-RH7-RHOSE-3.6:rubygem-i18n-0:0.8.6-1.el7.noarch",
          "7Server-RH7-RHOSE-3.6:rubygem-i18n-0:0.8.6-1.el7.src",
          "7Server-RH7-RHOSE-3.6:rubygem-i18n-doc-0:0.8.6-1.el7.noarch",
          "7Server-RH7-RHOSE-3.6:rubygem-systemd-journal-0:1.3.0-1.el7.noarch",
          "7Server-RH7-RHOSE-3.6:rubygem-systemd-journal-0:1.3.0-1.el7.src",
          "7Server-RH7-RHOSE-3.6:rubygem-systemd-journal-doc-0:1.3.0-1.el7.noarch",
          "7Server-RH7-RHOSE-3.6:tuned-profiles-atomic-openshift-node-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2017-1000089"
        },
        {
          "category": "external",
          "summary": "RHBZ#1471050",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1471050"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2017-1000089",
          "url": "https://www.cve.org/CVERecord?id=CVE-2017-1000089"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-1000089",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-1000089"
        },
        {
          "category": "external",
          "summary": "https://jenkins.io/security/advisory/2017-07-10/",
          "url": "https://jenkins.io/security/advisory/2017-07-10/"
        }
      ],
      "release_date": "2017-07-10T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2017-09-08T03:14:52+00:00",
          "details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor OpenShift Container Platform 3.5, see the following documentation, which will be updated shortly for release 3.5.5.31, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/3.5/release_notes/ocp_3_5_release_notes.html\n\nFor OpenShift Container Platform 3.4, see the following documentation, which will be updated shortly for release 3.4.1.44, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/3.4/release_notes/ocp_3_4_release_notes.html\n\nThis update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/articles/11258.",
          "product_ids": [
            "7Server-RH7-RHOSE-3.6:atomic-openshift-0:3.6.173.0.21-1.git.0.f95b0e7.el7.src",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-clients-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-clients-redistributable-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-cluster-capacity-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-docker-excluder-0:3.6.173.0.21-1.git.0.f95b0e7.el7.noarch",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-dockerregistry-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-excluder-0:3.6.173.0.21-1.git.0.f95b0e7.el7.noarch",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-federation-services-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-master-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-node-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-pod-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-sdn-ovs-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-service-catalog-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-tests-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:fluentd-0:0.12.39-2.el7.noarch",
            "7Server-RH7-RHOSE-3.6:fluentd-0:0.12.39-2.el7.src",
            "7Server-RH7-RHOSE-3.6:fluentd-doc-0:0.12.39-2.el7.noarch",
            "7Server-RH7-RHOSE-3.6:jenkins-2-plugins-0:3.7.1502412812-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:jenkins-2-plugins-0:3.7.1502412812-1.el7.src",
            "7Server-RH7-RHOSE-3.6:kibana-0:4.6.4-3.el7.src",
            "7Server-RH7-RHOSE-3.6:kibana-0:4.6.4-3.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:kibana-debuginfo-0:4.6.4-3.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:rubygem-cool.io-0:1.5.1-1.el7.src",
            "7Server-RH7-RHOSE-3.6:rubygem-cool.io-0:1.5.1-1.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:rubygem-cool.io-debuginfo-0:1.5.1-1.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:rubygem-cool.io-doc-0:1.5.1-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:rubygem-excon-0:0.58.0-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:rubygem-excon-0:0.58.0-1.el7.src",
            "7Server-RH7-RHOSE-3.6:rubygem-excon-doc-0:0.58.0-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:rubygem-faraday-0:0.13.0-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:rubygem-faraday-0:0.13.0-1.el7.src",
            "7Server-RH7-RHOSE-3.6:rubygem-faraday-doc-0:0.13.0-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-kubernetes_metadata_filter-0:0.29.0-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-kubernetes_metadata_filter-0:0.29.0-1.el7.src",
            "7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-kubernetes_metadata_filter-doc-0:0.29.0-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-viaq_data_model-0:0.0.5-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-viaq_data_model-0:0.0.5-1.el7.src",
            "7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-viaq_data_model-doc-0:0.0.5-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:rubygem-i18n-0:0.8.6-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:rubygem-i18n-0:0.8.6-1.el7.src",
            "7Server-RH7-RHOSE-3.6:rubygem-i18n-doc-0:0.8.6-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:rubygem-systemd-journal-0:1.3.0-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:rubygem-systemd-journal-0:1.3.0-1.el7.src",
            "7Server-RH7-RHOSE-3.6:rubygem-systemd-journal-doc-0:1.3.0-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:tuned-profiles-atomic-openshift-node-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHBA-2017:2642"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 3.7,
            "baseSeverity": "LOW",
            "confidentialityImpact": "NONE",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N",
            "version": "3.0"
          },
          "products": [
            "7Server-RH7-RHOSE-3.6:atomic-openshift-0:3.6.173.0.21-1.git.0.f95b0e7.el7.src",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-clients-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-clients-redistributable-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-cluster-capacity-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-docker-excluder-0:3.6.173.0.21-1.git.0.f95b0e7.el7.noarch",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-dockerregistry-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-excluder-0:3.6.173.0.21-1.git.0.f95b0e7.el7.noarch",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-federation-services-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-master-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-node-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-pod-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-sdn-ovs-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-service-catalog-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-tests-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:fluentd-0:0.12.39-2.el7.noarch",
            "7Server-RH7-RHOSE-3.6:fluentd-0:0.12.39-2.el7.src",
            "7Server-RH7-RHOSE-3.6:fluentd-doc-0:0.12.39-2.el7.noarch",
            "7Server-RH7-RHOSE-3.6:jenkins-2-plugins-0:3.7.1502412812-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:jenkins-2-plugins-0:3.7.1502412812-1.el7.src",
            "7Server-RH7-RHOSE-3.6:kibana-0:4.6.4-3.el7.src",
            "7Server-RH7-RHOSE-3.6:kibana-0:4.6.4-3.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:kibana-debuginfo-0:4.6.4-3.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:rubygem-cool.io-0:1.5.1-1.el7.src",
            "7Server-RH7-RHOSE-3.6:rubygem-cool.io-0:1.5.1-1.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:rubygem-cool.io-debuginfo-0:1.5.1-1.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:rubygem-cool.io-doc-0:1.5.1-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:rubygem-excon-0:0.58.0-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:rubygem-excon-0:0.58.0-1.el7.src",
            "7Server-RH7-RHOSE-3.6:rubygem-excon-doc-0:0.58.0-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:rubygem-faraday-0:0.13.0-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:rubygem-faraday-0:0.13.0-1.el7.src",
            "7Server-RH7-RHOSE-3.6:rubygem-faraday-doc-0:0.13.0-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-kubernetes_metadata_filter-0:0.29.0-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-kubernetes_metadata_filter-0:0.29.0-1.el7.src",
            "7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-kubernetes_metadata_filter-doc-0:0.29.0-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-viaq_data_model-0:0.0.5-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-viaq_data_model-0:0.0.5-1.el7.src",
            "7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-viaq_data_model-doc-0:0.0.5-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:rubygem-i18n-0:0.8.6-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:rubygem-i18n-0:0.8.6-1.el7.src",
            "7Server-RH7-RHOSE-3.6:rubygem-i18n-doc-0:0.8.6-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:rubygem-systemd-journal-0:1.3.0-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:rubygem-systemd-journal-0:1.3.0-1.el7.src",
            "7Server-RH7-RHOSE-3.6:rubygem-systemd-journal-doc-0:1.3.0-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:tuned-profiles-atomic-openshift-node-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Low"
        }
      ],
      "title": "jenkins-plugin-pipeline-build-step: Missing check of Item/Build permission (SECURITY-433)"
    },
    {
      "acknowledgments": [
        {
          "names": [
            "the Jenkins project"
          ]
        },
        {
          "names": [
            "Jesse Glick"
          ],
          "organization": "CloudBees",
          "summary": "Acknowledged by upstream."
        }
      ],
      "cve": "CVE-2017-1000092",
      "cwe": {
        "id": "CWE-352",
        "name": "Cross-Site Request Forgery (CSRF)"
      },
      "discovery_date": "2017-07-07T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1471053"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "The Git Plugin can leak credentials (username and password) used to access a git repo if an attacker-supplied URL is provided to the plugin. To supply the URL to the plugin, the attacker would need to guess a username/password ID and then trick a developer into following a specific URL.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "jenkins-plugin-git: CSRF vulnerability allows capturing credentials (SECURITY-528)",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This issue affects the versions of jenkins-plugin-git as shipped with Red Hat OpenShift Enterprise 3. Red Hat Product Security has rated this issue as having Low security impact. A future update may address this issue. For additional information, refer to the Issue Severity Classification: https://access.redhat.com/security/updates/classification/.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "7Server-RH7-RHOSE-3.6:atomic-openshift-0:3.6.173.0.21-1.git.0.f95b0e7.el7.src",
          "7Server-RH7-RHOSE-3.6:atomic-openshift-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
          "7Server-RH7-RHOSE-3.6:atomic-openshift-clients-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
          "7Server-RH7-RHOSE-3.6:atomic-openshift-clients-redistributable-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
          "7Server-RH7-RHOSE-3.6:atomic-openshift-cluster-capacity-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
          "7Server-RH7-RHOSE-3.6:atomic-openshift-docker-excluder-0:3.6.173.0.21-1.git.0.f95b0e7.el7.noarch",
          "7Server-RH7-RHOSE-3.6:atomic-openshift-dockerregistry-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
          "7Server-RH7-RHOSE-3.6:atomic-openshift-excluder-0:3.6.173.0.21-1.git.0.f95b0e7.el7.noarch",
          "7Server-RH7-RHOSE-3.6:atomic-openshift-federation-services-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
          "7Server-RH7-RHOSE-3.6:atomic-openshift-master-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
          "7Server-RH7-RHOSE-3.6:atomic-openshift-node-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
          "7Server-RH7-RHOSE-3.6:atomic-openshift-pod-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
          "7Server-RH7-RHOSE-3.6:atomic-openshift-sdn-ovs-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
          "7Server-RH7-RHOSE-3.6:atomic-openshift-service-catalog-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
          "7Server-RH7-RHOSE-3.6:atomic-openshift-tests-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
          "7Server-RH7-RHOSE-3.6:fluentd-0:0.12.39-2.el7.noarch",
          "7Server-RH7-RHOSE-3.6:fluentd-0:0.12.39-2.el7.src",
          "7Server-RH7-RHOSE-3.6:fluentd-doc-0:0.12.39-2.el7.noarch",
          "7Server-RH7-RHOSE-3.6:jenkins-2-plugins-0:3.7.1502412812-1.el7.noarch",
          "7Server-RH7-RHOSE-3.6:jenkins-2-plugins-0:3.7.1502412812-1.el7.src",
          "7Server-RH7-RHOSE-3.6:kibana-0:4.6.4-3.el7.src",
          "7Server-RH7-RHOSE-3.6:kibana-0:4.6.4-3.el7.x86_64",
          "7Server-RH7-RHOSE-3.6:kibana-debuginfo-0:4.6.4-3.el7.x86_64",
          "7Server-RH7-RHOSE-3.6:rubygem-cool.io-0:1.5.1-1.el7.src",
          "7Server-RH7-RHOSE-3.6:rubygem-cool.io-0:1.5.1-1.el7.x86_64",
          "7Server-RH7-RHOSE-3.6:rubygem-cool.io-debuginfo-0:1.5.1-1.el7.x86_64",
          "7Server-RH7-RHOSE-3.6:rubygem-cool.io-doc-0:1.5.1-1.el7.noarch",
          "7Server-RH7-RHOSE-3.6:rubygem-excon-0:0.58.0-1.el7.noarch",
          "7Server-RH7-RHOSE-3.6:rubygem-excon-0:0.58.0-1.el7.src",
          "7Server-RH7-RHOSE-3.6:rubygem-excon-doc-0:0.58.0-1.el7.noarch",
          "7Server-RH7-RHOSE-3.6:rubygem-faraday-0:0.13.0-1.el7.noarch",
          "7Server-RH7-RHOSE-3.6:rubygem-faraday-0:0.13.0-1.el7.src",
          "7Server-RH7-RHOSE-3.6:rubygem-faraday-doc-0:0.13.0-1.el7.noarch",
          "7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-kubernetes_metadata_filter-0:0.29.0-1.el7.noarch",
          "7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-kubernetes_metadata_filter-0:0.29.0-1.el7.src",
          "7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-kubernetes_metadata_filter-doc-0:0.29.0-1.el7.noarch",
          "7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-viaq_data_model-0:0.0.5-1.el7.noarch",
          "7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-viaq_data_model-0:0.0.5-1.el7.src",
          "7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-viaq_data_model-doc-0:0.0.5-1.el7.noarch",
          "7Server-RH7-RHOSE-3.6:rubygem-i18n-0:0.8.6-1.el7.noarch",
          "7Server-RH7-RHOSE-3.6:rubygem-i18n-0:0.8.6-1.el7.src",
          "7Server-RH7-RHOSE-3.6:rubygem-i18n-doc-0:0.8.6-1.el7.noarch",
          "7Server-RH7-RHOSE-3.6:rubygem-systemd-journal-0:1.3.0-1.el7.noarch",
          "7Server-RH7-RHOSE-3.6:rubygem-systemd-journal-0:1.3.0-1.el7.src",
          "7Server-RH7-RHOSE-3.6:rubygem-systemd-journal-doc-0:1.3.0-1.el7.noarch",
          "7Server-RH7-RHOSE-3.6:tuned-profiles-atomic-openshift-node-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2017-1000092"
        },
        {
          "category": "external",
          "summary": "RHBZ#1471053",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1471053"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2017-1000092",
          "url": "https://www.cve.org/CVERecord?id=CVE-2017-1000092"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-1000092",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-1000092"
        },
        {
          "category": "external",
          "summary": "https://jenkins.io/security/advisory/2017-07-10/",
          "url": "https://jenkins.io/security/advisory/2017-07-10/"
        }
      ],
      "release_date": "2017-07-10T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2017-09-08T03:14:52+00:00",
          "details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor OpenShift Container Platform 3.5, see the following documentation, which will be updated shortly for release 3.5.5.31, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/3.5/release_notes/ocp_3_5_release_notes.html\n\nFor OpenShift Container Platform 3.4, see the following documentation, which will be updated shortly for release 3.4.1.44, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/3.4/release_notes/ocp_3_4_release_notes.html\n\nThis update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/articles/11258.",
          "product_ids": [
            "7Server-RH7-RHOSE-3.6:atomic-openshift-0:3.6.173.0.21-1.git.0.f95b0e7.el7.src",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-clients-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-clients-redistributable-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-cluster-capacity-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-docker-excluder-0:3.6.173.0.21-1.git.0.f95b0e7.el7.noarch",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-dockerregistry-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-excluder-0:3.6.173.0.21-1.git.0.f95b0e7.el7.noarch",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-federation-services-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-master-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-node-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-pod-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-sdn-ovs-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-service-catalog-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-tests-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:fluentd-0:0.12.39-2.el7.noarch",
            "7Server-RH7-RHOSE-3.6:fluentd-0:0.12.39-2.el7.src",
            "7Server-RH7-RHOSE-3.6:fluentd-doc-0:0.12.39-2.el7.noarch",
            "7Server-RH7-RHOSE-3.6:jenkins-2-plugins-0:3.7.1502412812-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:jenkins-2-plugins-0:3.7.1502412812-1.el7.src",
            "7Server-RH7-RHOSE-3.6:kibana-0:4.6.4-3.el7.src",
            "7Server-RH7-RHOSE-3.6:kibana-0:4.6.4-3.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:kibana-debuginfo-0:4.6.4-3.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:rubygem-cool.io-0:1.5.1-1.el7.src",
            "7Server-RH7-RHOSE-3.6:rubygem-cool.io-0:1.5.1-1.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:rubygem-cool.io-debuginfo-0:1.5.1-1.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:rubygem-cool.io-doc-0:1.5.1-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:rubygem-excon-0:0.58.0-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:rubygem-excon-0:0.58.0-1.el7.src",
            "7Server-RH7-RHOSE-3.6:rubygem-excon-doc-0:0.58.0-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:rubygem-faraday-0:0.13.0-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:rubygem-faraday-0:0.13.0-1.el7.src",
            "7Server-RH7-RHOSE-3.6:rubygem-faraday-doc-0:0.13.0-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-kubernetes_metadata_filter-0:0.29.0-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-kubernetes_metadata_filter-0:0.29.0-1.el7.src",
            "7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-kubernetes_metadata_filter-doc-0:0.29.0-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-viaq_data_model-0:0.0.5-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-viaq_data_model-0:0.0.5-1.el7.src",
            "7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-viaq_data_model-doc-0:0.0.5-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:rubygem-i18n-0:0.8.6-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:rubygem-i18n-0:0.8.6-1.el7.src",
            "7Server-RH7-RHOSE-3.6:rubygem-i18n-doc-0:0.8.6-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:rubygem-systemd-journal-0:1.3.0-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:rubygem-systemd-journal-0:1.3.0-1.el7.src",
            "7Server-RH7-RHOSE-3.6:rubygem-systemd-journal-doc-0:1.3.0-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:tuned-profiles-atomic-openshift-node-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHBA-2017:2642"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 3.1,
            "baseSeverity": "LOW",
            "confidentialityImpact": "LOW",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N",
            "version": "3.0"
          },
          "products": [
            "7Server-RH7-RHOSE-3.6:atomic-openshift-0:3.6.173.0.21-1.git.0.f95b0e7.el7.src",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-clients-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-clients-redistributable-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-cluster-capacity-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-docker-excluder-0:3.6.173.0.21-1.git.0.f95b0e7.el7.noarch",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-dockerregistry-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-excluder-0:3.6.173.0.21-1.git.0.f95b0e7.el7.noarch",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-federation-services-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-master-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-node-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-pod-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-sdn-ovs-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-service-catalog-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-tests-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:fluentd-0:0.12.39-2.el7.noarch",
            "7Server-RH7-RHOSE-3.6:fluentd-0:0.12.39-2.el7.src",
            "7Server-RH7-RHOSE-3.6:fluentd-doc-0:0.12.39-2.el7.noarch",
            "7Server-RH7-RHOSE-3.6:jenkins-2-plugins-0:3.7.1502412812-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:jenkins-2-plugins-0:3.7.1502412812-1.el7.src",
            "7Server-RH7-RHOSE-3.6:kibana-0:4.6.4-3.el7.src",
            "7Server-RH7-RHOSE-3.6:kibana-0:4.6.4-3.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:kibana-debuginfo-0:4.6.4-3.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:rubygem-cool.io-0:1.5.1-1.el7.src",
            "7Server-RH7-RHOSE-3.6:rubygem-cool.io-0:1.5.1-1.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:rubygem-cool.io-debuginfo-0:1.5.1-1.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:rubygem-cool.io-doc-0:1.5.1-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:rubygem-excon-0:0.58.0-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:rubygem-excon-0:0.58.0-1.el7.src",
            "7Server-RH7-RHOSE-3.6:rubygem-excon-doc-0:0.58.0-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:rubygem-faraday-0:0.13.0-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:rubygem-faraday-0:0.13.0-1.el7.src",
            "7Server-RH7-RHOSE-3.6:rubygem-faraday-doc-0:0.13.0-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-kubernetes_metadata_filter-0:0.29.0-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-kubernetes_metadata_filter-0:0.29.0-1.el7.src",
            "7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-kubernetes_metadata_filter-doc-0:0.29.0-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-viaq_data_model-0:0.0.5-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-viaq_data_model-0:0.0.5-1.el7.src",
            "7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-viaq_data_model-doc-0:0.0.5-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:rubygem-i18n-0:0.8.6-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:rubygem-i18n-0:0.8.6-1.el7.src",
            "7Server-RH7-RHOSE-3.6:rubygem-i18n-doc-0:0.8.6-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:rubygem-systemd-journal-0:1.3.0-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:rubygem-systemd-journal-0:1.3.0-1.el7.src",
            "7Server-RH7-RHOSE-3.6:rubygem-systemd-journal-doc-0:1.3.0-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:tuned-profiles-atomic-openshift-node-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Low"
        }
      ],
      "title": "jenkins-plugin-git: CSRF vulnerability allows capturing credentials (SECURITY-528)"
    },
    {
      "acknowledgments": [
        {
          "names": [
            "the Jenkins project"
          ]
        },
        {
          "names": [
            "Green",
            "Simon St John"
          ],
          "summary": "Acknowledged by upstream."
        }
      ],
      "cve": "CVE-2017-1000096",
      "cwe": {
        "id": "CWE-184",
        "name": "Incomplete List of Disallowed Inputs"
      },
      "discovery_date": "2017-07-07T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1471064"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "The jenkins-plugin-script-security has incomplete sandbox protection which allows attackers to execute arbitrary code via constructors, instance variable initializers, and instance initializers in Pipeline scripts. Exploitation of this requires the attacker to have permission to configure Pipelines in Jenkins or be a trusted committers to repositories containing Jenkinsfiles and for that Jenkins instance to be hosting other projects as well that the attacker should not have access to.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "jenkins-plugin-workflow-cps: Arbitrary code execution due to incomplete sandbox protection (SECURITY-551)",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This issue affects the versions of jenkins-plugin-workflow-cps  as shipped with Red Hat OpenShift Enterprise 3. However, this flaw is of low impact under the supported scenarios in OpenShift Enterprise 3. A future update may address this issue.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "7Server-RH7-RHOSE-3.6:atomic-openshift-0:3.6.173.0.21-1.git.0.f95b0e7.el7.src",
          "7Server-RH7-RHOSE-3.6:atomic-openshift-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
          "7Server-RH7-RHOSE-3.6:atomic-openshift-clients-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
          "7Server-RH7-RHOSE-3.6:atomic-openshift-clients-redistributable-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
          "7Server-RH7-RHOSE-3.6:atomic-openshift-cluster-capacity-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
          "7Server-RH7-RHOSE-3.6:atomic-openshift-docker-excluder-0:3.6.173.0.21-1.git.0.f95b0e7.el7.noarch",
          "7Server-RH7-RHOSE-3.6:atomic-openshift-dockerregistry-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
          "7Server-RH7-RHOSE-3.6:atomic-openshift-excluder-0:3.6.173.0.21-1.git.0.f95b0e7.el7.noarch",
          "7Server-RH7-RHOSE-3.6:atomic-openshift-federation-services-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
          "7Server-RH7-RHOSE-3.6:atomic-openshift-master-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
          "7Server-RH7-RHOSE-3.6:atomic-openshift-node-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
          "7Server-RH7-RHOSE-3.6:atomic-openshift-pod-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
          "7Server-RH7-RHOSE-3.6:atomic-openshift-sdn-ovs-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
          "7Server-RH7-RHOSE-3.6:atomic-openshift-service-catalog-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
          "7Server-RH7-RHOSE-3.6:atomic-openshift-tests-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
          "7Server-RH7-RHOSE-3.6:fluentd-0:0.12.39-2.el7.noarch",
          "7Server-RH7-RHOSE-3.6:fluentd-0:0.12.39-2.el7.src",
          "7Server-RH7-RHOSE-3.6:fluentd-doc-0:0.12.39-2.el7.noarch",
          "7Server-RH7-RHOSE-3.6:jenkins-2-plugins-0:3.7.1502412812-1.el7.noarch",
          "7Server-RH7-RHOSE-3.6:jenkins-2-plugins-0:3.7.1502412812-1.el7.src",
          "7Server-RH7-RHOSE-3.6:kibana-0:4.6.4-3.el7.src",
          "7Server-RH7-RHOSE-3.6:kibana-0:4.6.4-3.el7.x86_64",
          "7Server-RH7-RHOSE-3.6:kibana-debuginfo-0:4.6.4-3.el7.x86_64",
          "7Server-RH7-RHOSE-3.6:rubygem-cool.io-0:1.5.1-1.el7.src",
          "7Server-RH7-RHOSE-3.6:rubygem-cool.io-0:1.5.1-1.el7.x86_64",
          "7Server-RH7-RHOSE-3.6:rubygem-cool.io-debuginfo-0:1.5.1-1.el7.x86_64",
          "7Server-RH7-RHOSE-3.6:rubygem-cool.io-doc-0:1.5.1-1.el7.noarch",
          "7Server-RH7-RHOSE-3.6:rubygem-excon-0:0.58.0-1.el7.noarch",
          "7Server-RH7-RHOSE-3.6:rubygem-excon-0:0.58.0-1.el7.src",
          "7Server-RH7-RHOSE-3.6:rubygem-excon-doc-0:0.58.0-1.el7.noarch",
          "7Server-RH7-RHOSE-3.6:rubygem-faraday-0:0.13.0-1.el7.noarch",
          "7Server-RH7-RHOSE-3.6:rubygem-faraday-0:0.13.0-1.el7.src",
          "7Server-RH7-RHOSE-3.6:rubygem-faraday-doc-0:0.13.0-1.el7.noarch",
          "7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-kubernetes_metadata_filter-0:0.29.0-1.el7.noarch",
          "7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-kubernetes_metadata_filter-0:0.29.0-1.el7.src",
          "7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-kubernetes_metadata_filter-doc-0:0.29.0-1.el7.noarch",
          "7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-viaq_data_model-0:0.0.5-1.el7.noarch",
          "7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-viaq_data_model-0:0.0.5-1.el7.src",
          "7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-viaq_data_model-doc-0:0.0.5-1.el7.noarch",
          "7Server-RH7-RHOSE-3.6:rubygem-i18n-0:0.8.6-1.el7.noarch",
          "7Server-RH7-RHOSE-3.6:rubygem-i18n-0:0.8.6-1.el7.src",
          "7Server-RH7-RHOSE-3.6:rubygem-i18n-doc-0:0.8.6-1.el7.noarch",
          "7Server-RH7-RHOSE-3.6:rubygem-systemd-journal-0:1.3.0-1.el7.noarch",
          "7Server-RH7-RHOSE-3.6:rubygem-systemd-journal-0:1.3.0-1.el7.src",
          "7Server-RH7-RHOSE-3.6:rubygem-systemd-journal-doc-0:1.3.0-1.el7.noarch",
          "7Server-RH7-RHOSE-3.6:tuned-profiles-atomic-openshift-node-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2017-1000096"
        },
        {
          "category": "external",
          "summary": "RHBZ#1471064",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1471064"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2017-1000096",
          "url": "https://www.cve.org/CVERecord?id=CVE-2017-1000096"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-1000096",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-1000096"
        },
        {
          "category": "external",
          "summary": "https://jenkins.io/security/advisory/2017-07-10/",
          "url": "https://jenkins.io/security/advisory/2017-07-10/"
        }
      ],
      "release_date": "2017-07-10T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2017-09-08T03:14:52+00:00",
          "details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor OpenShift Container Platform 3.5, see the following documentation, which will be updated shortly for release 3.5.5.31, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/3.5/release_notes/ocp_3_5_release_notes.html\n\nFor OpenShift Container Platform 3.4, see the following documentation, which will be updated shortly for release 3.4.1.44, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/3.4/release_notes/ocp_3_4_release_notes.html\n\nThis update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/articles/11258.",
          "product_ids": [
            "7Server-RH7-RHOSE-3.6:atomic-openshift-0:3.6.173.0.21-1.git.0.f95b0e7.el7.src",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-clients-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-clients-redistributable-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-cluster-capacity-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-docker-excluder-0:3.6.173.0.21-1.git.0.f95b0e7.el7.noarch",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-dockerregistry-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-excluder-0:3.6.173.0.21-1.git.0.f95b0e7.el7.noarch",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-federation-services-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-master-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-node-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-pod-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-sdn-ovs-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-service-catalog-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-tests-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:fluentd-0:0.12.39-2.el7.noarch",
            "7Server-RH7-RHOSE-3.6:fluentd-0:0.12.39-2.el7.src",
            "7Server-RH7-RHOSE-3.6:fluentd-doc-0:0.12.39-2.el7.noarch",
            "7Server-RH7-RHOSE-3.6:jenkins-2-plugins-0:3.7.1502412812-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:jenkins-2-plugins-0:3.7.1502412812-1.el7.src",
            "7Server-RH7-RHOSE-3.6:kibana-0:4.6.4-3.el7.src",
            "7Server-RH7-RHOSE-3.6:kibana-0:4.6.4-3.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:kibana-debuginfo-0:4.6.4-3.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:rubygem-cool.io-0:1.5.1-1.el7.src",
            "7Server-RH7-RHOSE-3.6:rubygem-cool.io-0:1.5.1-1.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:rubygem-cool.io-debuginfo-0:1.5.1-1.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:rubygem-cool.io-doc-0:1.5.1-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:rubygem-excon-0:0.58.0-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:rubygem-excon-0:0.58.0-1.el7.src",
            "7Server-RH7-RHOSE-3.6:rubygem-excon-doc-0:0.58.0-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:rubygem-faraday-0:0.13.0-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:rubygem-faraday-0:0.13.0-1.el7.src",
            "7Server-RH7-RHOSE-3.6:rubygem-faraday-doc-0:0.13.0-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-kubernetes_metadata_filter-0:0.29.0-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-kubernetes_metadata_filter-0:0.29.0-1.el7.src",
            "7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-kubernetes_metadata_filter-doc-0:0.29.0-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-viaq_data_model-0:0.0.5-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-viaq_data_model-0:0.0.5-1.el7.src",
            "7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-viaq_data_model-doc-0:0.0.5-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:rubygem-i18n-0:0.8.6-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:rubygem-i18n-0:0.8.6-1.el7.src",
            "7Server-RH7-RHOSE-3.6:rubygem-i18n-doc-0:0.8.6-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:rubygem-systemd-journal-0:1.3.0-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:rubygem-systemd-journal-0:1.3.0-1.el7.src",
            "7Server-RH7-RHOSE-3.6:rubygem-systemd-journal-doc-0:1.3.0-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:tuned-profiles-atomic-openshift-node-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHBA-2017:2642"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "7Server-RH7-RHOSE-3.6:atomic-openshift-0:3.6.173.0.21-1.git.0.f95b0e7.el7.src",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-clients-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-clients-redistributable-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-cluster-capacity-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-docker-excluder-0:3.6.173.0.21-1.git.0.f95b0e7.el7.noarch",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-dockerregistry-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-excluder-0:3.6.173.0.21-1.git.0.f95b0e7.el7.noarch",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-federation-services-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-master-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-node-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-pod-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-sdn-ovs-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-service-catalog-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:atomic-openshift-tests-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:fluentd-0:0.12.39-2.el7.noarch",
            "7Server-RH7-RHOSE-3.6:fluentd-0:0.12.39-2.el7.src",
            "7Server-RH7-RHOSE-3.6:fluentd-doc-0:0.12.39-2.el7.noarch",
            "7Server-RH7-RHOSE-3.6:jenkins-2-plugins-0:3.7.1502412812-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:jenkins-2-plugins-0:3.7.1502412812-1.el7.src",
            "7Server-RH7-RHOSE-3.6:kibana-0:4.6.4-3.el7.src",
            "7Server-RH7-RHOSE-3.6:kibana-0:4.6.4-3.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:kibana-debuginfo-0:4.6.4-3.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:rubygem-cool.io-0:1.5.1-1.el7.src",
            "7Server-RH7-RHOSE-3.6:rubygem-cool.io-0:1.5.1-1.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:rubygem-cool.io-debuginfo-0:1.5.1-1.el7.x86_64",
            "7Server-RH7-RHOSE-3.6:rubygem-cool.io-doc-0:1.5.1-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:rubygem-excon-0:0.58.0-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:rubygem-excon-0:0.58.0-1.el7.src",
            "7Server-RH7-RHOSE-3.6:rubygem-excon-doc-0:0.58.0-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:rubygem-faraday-0:0.13.0-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:rubygem-faraday-0:0.13.0-1.el7.src",
            "7Server-RH7-RHOSE-3.6:rubygem-faraday-doc-0:0.13.0-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-kubernetes_metadata_filter-0:0.29.0-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-kubernetes_metadata_filter-0:0.29.0-1.el7.src",
            "7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-kubernetes_metadata_filter-doc-0:0.29.0-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-viaq_data_model-0:0.0.5-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-viaq_data_model-0:0.0.5-1.el7.src",
            "7Server-RH7-RHOSE-3.6:rubygem-fluent-plugin-viaq_data_model-doc-0:0.0.5-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:rubygem-i18n-0:0.8.6-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:rubygem-i18n-0:0.8.6-1.el7.src",
            "7Server-RH7-RHOSE-3.6:rubygem-i18n-doc-0:0.8.6-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:rubygem-systemd-journal-0:1.3.0-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:rubygem-systemd-journal-0:1.3.0-1.el7.src",
            "7Server-RH7-RHOSE-3.6:rubygem-systemd-journal-doc-0:1.3.0-1.el7.noarch",
            "7Server-RH7-RHOSE-3.6:tuned-profiles-atomic-openshift-node-0:3.6.173.0.21-1.git.0.f95b0e7.el7.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "jenkins-plugin-workflow-cps: Arbitrary code execution due to incomplete sandbox protection (SECURITY-551)"
    }
  ]
}

ghsa-hrwc-pqfm-g6qf

Vulnerability from github

Published

2022-05-17 00:29

Modified

2022-12-12 19:10

Severity ?

6.5 (Medium) - CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

Summary

Jenkins Subversion Plugin Cross-Site Request Forgery vulnerability

Details

Show details on source website

JSON

To clipboard

{
  "affected": [
    {
      "package": {
        "ecosystem": "Maven",
        "name": "org.jenkins-ci.plugins:subversion"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "2.9"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2017-1000085"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-352"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2022-12-12T19:10:15Z",
    "nvd_published_at": "2017-10-05T01:29:00Z",
    "severity": "MODERATE"
  },
  "details": "Subversion Plugin connects to a user-specified Subversion repository as part of form validation (e.g. to retrieve a list of tags). This functionality improperly checked permissions, allowing any user with Item/Build permission (but not Item/Configure) to connect to any web server or Subversion server and send credentials with a known ID, thereby possibly capturing them. Additionally, this functionality did not require POST requests be used, thereby allowing the above to be performed without direct access to Jenkins via Cross-Site Request Forgery attacks. As of version 2.9, this functionality properly checks permissions and is only available via POST.",
  "id": "GHSA-hrwc-pqfm-g6qf",
  "modified": "2022-12-12T19:10:15Z",
  "published": "2022-05-17T00:29:00Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-1000085"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/jenkinsci/subversion-plugin"
    },
    {
      "type": "WEB",
      "url": "https://jenkins.io/security/advisory/2017-07-10"
    },
    {
      "type": "WEB",
      "url": "https://web.archive.org/web/20171119065136/http://www.securityfocus.com/bid/99574"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ],
  "summary": "Jenkins Subversion Plugin Cross-Site Request Forgery vulnerability"
}

gsd-2017-1000085

Vulnerability from gsd

Modified

2023-12-13 01:21

Details

Aliases

CVE-2017-1000085

Aliases

CVE-2017-1000085

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2017-1000085",
    "description": "Subversion Plugin connects to a user-specified Subversion repository as part of form validation (e.g. to retrieve a list of tags). This functionality improperly checked permissions, allowing any user with Item/Build permission (but not Item/Configure) to connect to any web server or Subversion server and send credentials with a known ID, thereby possibly capturing them. Additionally, this functionality did not require POST requests be used, thereby allowing the above to be performed without direct access to Jenkins via Cross-Site Request Forgery attacks.",
    "id": "GSD-2017-1000085",
    "references": [
      "https://access.redhat.com/errata/RHBA-2017:2642"
    ]
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2017-1000085"
      ],
      "details": "Subversion Plugin connects to a user-specified Subversion repository as part of form validation (e.g. to retrieve a list of tags). This functionality improperly checked permissions, allowing any user with Item/Build permission (but not Item/Configure) to connect to any web server or Subversion server and send credentials with a known ID, thereby possibly capturing them. Additionally, this functionality did not require POST requests be used, thereby allowing the above to be performed without direct access to Jenkins via Cross-Site Request Forgery attacks.",
      "id": "GSD-2017-1000085",
      "modified": "2023-12-13T01:21:02.420093Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "cve@mitre.org",
        "DATE_ASSIGNED": "2017-08-22T17:29:33.308514",
        "ID": "CVE-2017-1000085",
        "REQUESTER": "ml@beckweb.net",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "Subversion Plugin connects to a user-specified Subversion repository as part of form validation (e.g. to retrieve a list of tags). This functionality improperly checked permissions, allowing any user with Item/Build permission (but not Item/Configure) to connect to any web server or Subversion server and send credentials with a known ID, thereby possibly capturing them. Additionally, this functionality did not require POST requests be used, thereby allowing the above to be performed without direct access to Jenkins via Cross-Site Request Forgery attacks."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "99574",
            "refsource": "BID",
            "url": "http://www.securityfocus.com/bid/99574"
          },
          {
            "name": "https://jenkins.io/security/advisory/2017-07-10/",
            "refsource": "CONFIRM",
            "url": "https://jenkins.io/security/advisory/2017-07-10/"
          }
        ]
      }
    },
    "gitlab.com": {
      "advisories": [
        {
          "affected_range": "(,2.8]",
          "affected_versions": "All versions up to 2.8",
          "cvss_v2": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
          "cvss_v3": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
          "cwe_ids": [
            "CWE-1035",
            "CWE-352",
            "CWE-937"
          ],
          "date": "2017-11-02",
          "description": "Subversion Plugin connects to a user-specified Subversion repository as part of form validation. This functionality improperly checked permissions, allowing any user with `Item/Build` permission (but not `Item/Configure`) to connect to any web server or Subversion server and send credentials with a known ID, thereby possibly capturing them. Additionally, this functionality did not require POST requests be used, thereby allowing the above to be performed without direct access to Jenkins via Cross-Site Request Forgery attacks.",
          "fixed_versions": [
            "2.9"
          ],
          "identifier": "CVE-2017-1000085",
          "identifiers": [
            "CVE-2017-1000085"
          ],
          "not_impacted": "All versions after 2.8",
          "package_slug": "maven/org.jenkins-ci.plugins/subversion",
          "pubdate": "2017-10-05",
          "solution": "Upgrade to version 2.9 or above.",
          "title": "Cross-Site Request Forgery (CSRF)",
          "urls": [
            "https://nvd.nist.gov/vuln/detail/CVE-2017-1000085",
            "http://www.securityfocus.com/bid/99574",
            "https://jenkins.io/security/advisory/2017-07-10/"
          ],
          "uuid": "0bdfc568-6f81-4ceb-9fb4-46fb314d59cd"
        }
      ]
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:jenkins:subversion:*:*:*:*:*:jenkins:*:*",
                "cpe_name": [],
                "versionEndIncluding": "2.8",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2017-1000085"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "Subversion Plugin connects to a user-specified Subversion repository as part of form validation (e.g. to retrieve a list of tags). This functionality improperly checked permissions, allowing any user with Item/Build permission (but not Item/Configure) to connect to any web server or Subversion server and send credentials with a known ID, thereby possibly capturing them. Additionally, this functionality did not require POST requests be used, thereby allowing the above to be performed without direct access to Jenkins via Cross-Site Request Forgery attacks."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-352"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://jenkins.io/security/advisory/2017-07-10/",
              "refsource": "CONFIRM",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "https://jenkins.io/security/advisory/2017-07-10/"
            },
            {
              "name": "99574",
              "refsource": "BID",
              "tags": [
                "Third Party Advisory",
                "VDB Entry"
              ],
              "url": "http://www.securityfocus.com/bid/99574"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "NONE",
            "baseScore": 4.3,
            "confidentialityImpact": "PARTIAL",
            "integrityImpact": "NONE",
            "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
            "version": "2.0"
          },
          "exploitabilityScore": 8.6,
          "impactScore": 2.9,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "MEDIUM",
          "userInteractionRequired": true
        },
        "baseMetricV3": {
          "cvssV3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
            "version": "3.0"
          },
          "exploitabilityScore": 2.8,
          "impactScore": 3.6
        }
      },
      "lastModifiedDate": "2017-11-02T16:06Z",
      "publishedDate": "2017-10-05T01:29Z"
    }
  }
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

cve-2017-1000085

Vulnerability from cvelistv5

fkie_cve-2017-1000085

Vulnerability from fkie_nvd

rhba-2017_2642

Vulnerability from csaf_redhat

rhba-2017:2642

Vulnerability from csaf_redhat

RHBA-2017:2642

Vulnerability from csaf_redhat

ghsa-hrwc-pqfm-g6qf

Vulnerability from github

gsd-2017-1000085

Vulnerability from gsd

Tags

Sightings

Nomenclature